]>
Commit | Line | Data |
---|---|---|
4f2271d5 SL |
1 | /* |
2 | * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | * A set of tests demonstrating uses cases for CAVS/ACVP testing. | |
12 | * | |
13 | * For examples of testing KDF's, Digests, KeyAgreement & DRBG's refer to | |
14 | * providers/fips/self_test_kats.c | |
15 | */ | |
16 | ||
f8e74747 | 17 | #include <string.h> |
4f2271d5 SL |
18 | #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */ |
19 | #include <openssl/core_names.h> | |
20 | #include <openssl/evp.h> | |
21 | #include <openssl/ec.h> | |
22 | #include <openssl/dh.h> | |
23 | #include <openssl/dsa.h> | |
24 | #include <openssl/rsa.h> | |
25 | #include <openssl/param_build.h> | |
26 | #include <openssl/provider.h> | |
f8e74747 | 27 | #include <openssl/self_test.h> |
4f2271d5 SL |
28 | #include "testutil.h" |
29 | #include "testutil/output.h" | |
30 | #include "acvp_test.inc" | |
31 | #include "internal/nelem.h" | |
32 | ||
4f2271d5 SL |
33 | typedef enum OPTION_choice { |
34 | OPT_ERR = -1, | |
35 | OPT_EOF = 0, | |
36 | OPT_CONFIG_FILE, | |
37 | OPT_TEST_ENUM | |
38 | } OPTION_CHOICE; | |
39 | ||
f8e74747 SL |
40 | typedef struct st_args { |
41 | int enable; | |
42 | int called; | |
43 | } SELF_TEST_ARGS; | |
44 | ||
45 | static OSSL_PROVIDER *prov_null = NULL; | |
46 | static OPENSSL_CTX *libctx = NULL; | |
47 | static SELF_TEST_ARGS self_test_args = { 0 }; | |
48 | static OSSL_CALLBACK self_test_events; | |
49 | ||
4f2271d5 SL |
50 | const OPTIONS *test_get_options(void) |
51 | { | |
52 | static const OPTIONS test_options[] = { | |
53 | OPT_TEST_OPTIONS_DEFAULT_USAGE, | |
54 | { "config", OPT_CONFIG_FILE, '<', | |
55 | "The configuration file to use for the libctx" }, | |
56 | { NULL } | |
57 | }; | |
58 | return test_options; | |
59 | } | |
60 | ||
61 | #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \ | |
62 | || !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_RSA) | |
63 | static int pkey_get_bn_bytes(EVP_PKEY *pkey, const char *name, | |
64 | unsigned char **out, size_t *out_len) | |
65 | { | |
66 | unsigned char *buf = NULL; | |
67 | BIGNUM *bn = NULL; | |
68 | int sz; | |
69 | ||
70 | if (!EVP_PKEY_get_bn_param(pkey, name, &bn)) | |
71 | goto err; | |
72 | sz = BN_num_bytes(bn); | |
73 | buf = OPENSSL_zalloc(sz); | |
74 | if (buf == NULL) | |
75 | goto err; | |
76 | if (!BN_bn2binpad(bn, buf, sz)) | |
77 | goto err; | |
78 | ||
79 | *out_len = sz; | |
80 | *out = buf; | |
81 | BN_free(bn); | |
82 | return 1; | |
83 | err: | |
84 | OPENSSL_free(buf); | |
85 | BN_free(bn); | |
86 | return 0; | |
87 | } | |
88 | #endif | |
89 | ||
90 | #if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DSA) \ | |
91 | || !defined(OPENSSL_NO_RSA) | |
92 | static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name, | |
93 | const unsigned char *msg, size_t msg_len, | |
94 | unsigned char **sig_out, size_t *sig_out_len) | |
95 | { | |
96 | int ret = 0; | |
97 | EVP_MD_CTX *md_ctx = NULL; | |
98 | unsigned char *sig = NULL; | |
99 | size_t sig_len; | |
100 | size_t sz = EVP_PKEY_size(pkey); | |
101 | ||
102 | if (!TEST_ptr(sig = OPENSSL_malloc(sz)) | |
103 | || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) | |
0ab18e79 SL |
104 | || !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL, |
105 | digest_name, libctx, NULL, | |
106 | pkey), 1) | |
4f2271d5 SL |
107 | || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0)) |
108 | goto err; | |
109 | *sig_out = sig; | |
110 | *sig_out_len = sig_len; | |
111 | sig = NULL; | |
112 | ret = 1; | |
113 | err: | |
114 | OPENSSL_free(sig); | |
115 | EVP_MD_CTX_free(md_ctx); | |
116 | return ret; | |
117 | } | |
118 | #endif | |
119 | ||
120 | #ifndef OPENSSL_NO_EC | |
121 | static int ecdsa_keygen_test(int id) | |
122 | { | |
123 | int ret = 0; | |
124 | EVP_PKEY_CTX *ctx = NULL; | |
125 | EVP_PKEY *pkey = NULL; | |
126 | unsigned char *priv = NULL; | |
127 | unsigned char *pubx = NULL, *puby = NULL; | |
128 | size_t priv_len = 0, pubx_len = 0, puby_len = 0; | |
129 | const struct ecdsa_keygen_st *tst = &ecdsa_keygen_data[id]; | |
130 | ||
f8e74747 SL |
131 | self_test_args.called = 0; |
132 | self_test_args.enable = 1; | |
4f2271d5 SL |
133 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) |
134 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
11a1b341 | 135 | || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx, tst->curve_name)) |
4f2271d5 | 136 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0) |
f8e74747 | 137 | || !TEST_int_eq(self_test_args.called, 3) |
4f2271d5 SL |
138 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv, |
139 | &priv_len)) | |
140 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_X, &pubx, | |
141 | &pubx_len)) | |
142 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_Y, &puby, | |
143 | &puby_len))) | |
144 | goto err; | |
145 | ||
146 | test_output_memory("qy", puby, puby_len); | |
147 | test_output_memory("qx", pubx, pubx_len); | |
148 | test_output_memory("d", priv, priv_len); | |
149 | ret = 1; | |
150 | err: | |
f8e74747 SL |
151 | self_test_args.enable = 0; |
152 | self_test_args.called = 0; | |
4f2271d5 SL |
153 | OPENSSL_clear_free(priv, priv_len); |
154 | OPENSSL_free(pubx); | |
155 | OPENSSL_free(puby); | |
156 | EVP_PKEY_free(pkey); | |
157 | EVP_PKEY_CTX_free(ctx); | |
158 | return ret; | |
159 | } | |
160 | ||
161 | static int ecdsa_create_pkey(EVP_PKEY **pkey, const char *curve_name, | |
162 | const unsigned char *pub, size_t pub_len, | |
163 | int expected) | |
164 | { | |
165 | int ret = 0; | |
166 | EVP_PKEY_CTX *ctx = NULL; | |
167 | OSSL_PARAM_BLD *bld = NULL; | |
168 | OSSL_PARAM *params = NULL; | |
169 | ||
170 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
171 | || (curve_name != NULL | |
172 | && !TEST_true(OSSL_PARAM_BLD_push_utf8_string( | |
11a1b341 | 173 | bld, OSSL_PKEY_PARAM_GROUP_NAME, curve_name, 0) > 0)) |
4f2271d5 SL |
174 | || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, |
175 | OSSL_PKEY_PARAM_PUB_KEY, | |
176 | pub, pub_len) > 0) | |
177 | || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
178 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) | |
179 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
180 | || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), expected)) | |
181 | goto err; | |
182 | ||
183 | ret = 1; | |
184 | err: | |
185 | OSSL_PARAM_BLD_free_params(params); | |
186 | OSSL_PARAM_BLD_free(bld); | |
187 | EVP_PKEY_CTX_free(ctx); | |
188 | return ret; | |
189 | } | |
190 | ||
191 | static int ecdsa_pub_verify_test(int id) | |
192 | { | |
193 | const struct ecdsa_pub_verify_st *tst = &ecdsa_pv_data[id]; | |
194 | ||
195 | int ret = 0; | |
196 | EVP_PKEY_CTX *key_ctx = NULL; | |
197 | EVP_PKEY *pkey = NULL; | |
198 | ||
199 | if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name, | |
200 | tst->pub, tst->pub_len, tst->pass))) | |
201 | goto err; | |
202 | ||
203 | if (tst->pass) { | |
204 | if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
205 | || !TEST_int_eq(EVP_PKEY_public_check(key_ctx), tst->pass)) | |
206 | goto err; | |
207 | } | |
208 | ret = 1; | |
209 | err: | |
210 | EVP_PKEY_free(pkey); | |
211 | EVP_PKEY_CTX_free(key_ctx); | |
212 | return ret; | |
213 | } | |
214 | ||
215 | /* Extract r and s from a ecdsa signature */ | |
216 | static int get_ecdsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len, | |
217 | unsigned char **r, unsigned char **s, | |
218 | size_t *rlen, size_t *slen) | |
219 | { | |
220 | int ret = 0; | |
221 | unsigned char *rbuf = NULL, *sbuf = NULL; | |
222 | size_t r1_len, s1_len; | |
223 | const BIGNUM *r1, *s1; | |
224 | ECDSA_SIG *sign = d2i_ECDSA_SIG(NULL, &sig, sig_len); | |
225 | ||
226 | if (sign == NULL) | |
227 | return 0; | |
228 | r1 = ECDSA_SIG_get0_r(sign); | |
229 | s1 = ECDSA_SIG_get0_s(sign); | |
230 | if (r1 == NULL || s1 == NULL) | |
231 | return 0; | |
232 | ||
233 | r1_len = BN_num_bytes(r1); | |
234 | s1_len = BN_num_bytes(s1); | |
235 | rbuf = OPENSSL_zalloc(r1_len); | |
236 | sbuf = OPENSSL_zalloc(s1_len); | |
237 | if (rbuf == NULL || sbuf == NULL) | |
238 | goto err; | |
239 | if (BN_bn2binpad(r1, rbuf, r1_len) <= 0) | |
240 | goto err; | |
241 | if (BN_bn2binpad(s1, sbuf, s1_len) <= 0) | |
242 | goto err; | |
243 | *r = rbuf; | |
244 | *s = sbuf; | |
245 | *rlen = r1_len; | |
246 | *slen = s1_len; | |
247 | ret = 1; | |
248 | err: | |
249 | if (ret == 0) { | |
250 | OPENSSL_free(rbuf); | |
251 | OPENSSL_free(sbuf); | |
252 | } | |
253 | ECDSA_SIG_free(sign); | |
254 | return ret; | |
255 | } | |
256 | ||
257 | static int ecdsa_siggen_test(int id) | |
258 | { | |
259 | int ret = 0; | |
260 | EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; | |
261 | EVP_PKEY *pkey = NULL; | |
262 | size_t sig_len = 0, rlen = 0, slen = 0; | |
263 | unsigned char *sig = NULL; | |
264 | unsigned char *r = NULL, *s = NULL; | |
265 | const struct ecdsa_siggen_st *tst = &ecdsa_siggen_data[id]; | |
266 | ||
267 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL)) | |
268 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
11a1b341 | 269 | || !TEST_true(EVP_PKEY_CTX_set_group_name(ctx, tst->curve_name)) |
4f2271d5 SL |
270 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)) |
271 | goto err; | |
272 | ||
273 | if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len, | |
274 | &sig, &sig_len)) | |
275 | || !TEST_true(get_ecdsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen))) | |
276 | goto err; | |
277 | test_output_memory("r", r, rlen); | |
278 | test_output_memory("s", s, slen); | |
279 | ret = 1; | |
280 | err: | |
281 | OPENSSL_free(r); | |
282 | OPENSSL_free(s); | |
283 | OPENSSL_free(sig); | |
284 | EVP_PKEY_free(pkey); | |
285 | EVP_PKEY_CTX_free(key_ctx); | |
286 | EVP_PKEY_CTX_free(ctx); | |
287 | return ret; | |
288 | } | |
289 | ||
290 | static int ecdsa_sigver_test(int id) | |
291 | { | |
292 | int ret = 0; | |
293 | EVP_MD_CTX *md_ctx = NULL; | |
294 | EVP_PKEY *pkey = NULL; | |
295 | ECDSA_SIG *sign = NULL; | |
296 | size_t sig_len; | |
297 | unsigned char *sig = NULL; | |
298 | BIGNUM *rbn = NULL, *sbn = NULL; | |
299 | const struct ecdsa_sigver_st *tst = &ecdsa_sigver_data[id]; | |
300 | ||
301 | if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name, | |
302 | tst->pub, tst->pub_len, 1))) | |
303 | goto err; | |
304 | ||
305 | if (!TEST_ptr(sign = ECDSA_SIG_new()) | |
306 | || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL)) | |
307 | || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL)) | |
308 | || !TEST_true(ECDSA_SIG_set0(sign, rbn, sbn))) | |
309 | goto err; | |
310 | rbn = sbn = NULL; | |
311 | ||
312 | ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0) | |
313 | && TEST_ptr(md_ctx = EVP_MD_CTX_new()) | |
0ab18e79 SL |
314 | && TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL, |
315 | tst->digest_alg, | |
316 | libctx, NULL, pkey) | |
4f2271d5 SL |
317 | && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len, |
318 | tst->msg, tst->msg_len), tst->pass)); | |
319 | err: | |
320 | BN_free(rbn); | |
321 | BN_free(sbn); | |
322 | OPENSSL_free(sig); | |
323 | ECDSA_SIG_free(sign); | |
324 | EVP_PKEY_free(pkey); | |
325 | EVP_MD_CTX_free(md_ctx); | |
326 | return ret; | |
327 | ||
328 | } | |
329 | #endif /* OPENSSL_NO_EC */ | |
330 | ||
331 | #ifndef OPENSSL_NO_DSA | |
332 | static int pkey_get_octet_bytes(EVP_PKEY *pkey, const char *name, | |
333 | unsigned char **out, size_t *out_len) | |
334 | { | |
335 | size_t len = 0; | |
336 | unsigned char *buf = NULL; | |
337 | ||
338 | if (!EVP_PKEY_get_octet_string_param(pkey, name, NULL, 0, &len)) | |
339 | goto err; | |
340 | ||
341 | buf = OPENSSL_zalloc(len); | |
342 | if (buf == NULL) | |
343 | goto err; | |
344 | ||
345 | if (!EVP_PKEY_get_octet_string_param(pkey, name, buf, len, out_len)) | |
346 | goto err; | |
347 | *out = buf; | |
348 | return 1; | |
349 | err: | |
350 | OPENSSL_free(buf); | |
351 | return 0; | |
352 | } | |
353 | ||
354 | static EVP_PKEY *dsa_paramgen(int L, int N) | |
355 | { | |
356 | EVP_PKEY_CTX *paramgen_ctx = NULL; | |
357 | EVP_PKEY *param_key = NULL; | |
358 | ||
359 | if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) | |
360 | || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx)) | |
361 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, L)) | |
362 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, N)) | |
363 | || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, ¶m_key))) | |
364 | return NULL; | |
365 | EVP_PKEY_CTX_free(paramgen_ctx); | |
366 | return param_key; | |
367 | } | |
368 | ||
369 | static EVP_PKEY *dsa_keygen(int L, int N) | |
370 | { | |
371 | EVP_PKEY *param_key = NULL, *key = NULL; | |
372 | EVP_PKEY_CTX *keygen_ctx = NULL; | |
373 | ||
374 | if (!TEST_ptr(param_key = dsa_paramgen(L, N)) | |
375 | || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key, | |
376 | NULL)) | |
377 | || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0) | |
378 | || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0)) | |
379 | goto err; | |
380 | err: | |
381 | EVP_PKEY_free(param_key); | |
382 | EVP_PKEY_CTX_free(keygen_ctx); | |
383 | return key; | |
384 | } | |
385 | ||
386 | static int dsa_keygen_test(int id) | |
387 | { | |
388 | int ret = 0, i; | |
389 | EVP_PKEY_CTX *paramgen_ctx = NULL, *keygen_ctx = NULL; | |
390 | EVP_PKEY *param_key = NULL, *key = NULL; | |
391 | unsigned char *priv = NULL, *pub = NULL; | |
392 | size_t priv_len = 0, pub_len = 0; | |
393 | const struct dsa_paramgen_st *tst = &dsa_keygen_data[id]; | |
394 | ||
395 | if (!TEST_ptr(param_key = dsa_paramgen(tst->L, tst->N)) | |
396 | || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key, | |
397 | NULL)) | |
398 | || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0)) | |
399 | goto err; | |
400 | for (i = 0; i < 2; ++i) { | |
401 | if (!TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0) | |
402 | || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PRIV_KEY, | |
403 | &priv, &priv_len)) | |
404 | || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PUB_KEY, | |
405 | &pub, &pub_len))) | |
406 | goto err; | |
407 | test_output_memory("y", pub, pub_len); | |
408 | test_output_memory("x", priv, priv_len); | |
409 | EVP_PKEY_free(key); | |
410 | OPENSSL_clear_free(priv, priv_len); | |
411 | OPENSSL_free(pub); | |
412 | key = NULL; | |
413 | pub = priv = NULL; | |
414 | } | |
415 | ret = 1; | |
416 | err: | |
417 | OPENSSL_clear_free(priv, priv_len); | |
418 | OPENSSL_free(pub); | |
419 | EVP_PKEY_free(param_key); | |
420 | EVP_PKEY_free(key); | |
421 | EVP_PKEY_CTX_free(keygen_ctx); | |
422 | EVP_PKEY_CTX_free(paramgen_ctx); | |
423 | return ret; | |
424 | } | |
425 | ||
426 | static int dsa_paramgen_test(int id) | |
427 | { | |
428 | int ret = 0, counter = 0; | |
429 | EVP_PKEY_CTX *paramgen_ctx = NULL; | |
430 | EVP_PKEY *param_key = NULL; | |
431 | unsigned char *p = NULL, *q = NULL, *seed = NULL; | |
432 | size_t plen = 0, qlen = 0, seedlen = 0; | |
433 | const struct dsa_paramgen_st *tst = &dsa_paramgen_data[id]; | |
434 | ||
435 | if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) | |
436 | || !TEST_true(EVP_PKEY_paramgen_init(paramgen_ctx)) | |
437 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, tst->L)) | |
438 | || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, tst->N)) | |
439 | || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, ¶m_key)) | |
440 | || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_P, | |
441 | &p, &plen)) | |
442 | || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_Q, | |
443 | &q, &qlen)) | |
444 | || !TEST_true(pkey_get_octet_bytes(param_key, OSSL_PKEY_PARAM_FFC_SEED, | |
445 | &seed, &seedlen)) | |
446 | || !TEST_true(EVP_PKEY_get_int_param(param_key, | |
447 | OSSL_PKEY_PARAM_FFC_PCOUNTER, | |
448 | &counter))) | |
449 | goto err; | |
450 | ||
451 | test_output_memory("p", p, plen); | |
452 | test_output_memory("q", q, qlen); | |
453 | test_output_memory("domainSeed", seed, seedlen); | |
454 | test_printf_stderr("%s: %d\n", "counter", counter); | |
455 | ret = 1; | |
456 | err: | |
457 | OPENSSL_free(p); | |
458 | OPENSSL_free(q); | |
459 | OPENSSL_free(seed); | |
460 | EVP_PKEY_free(param_key); | |
461 | EVP_PKEY_CTX_free(paramgen_ctx); | |
462 | return ret; | |
463 | } | |
464 | ||
465 | static int dsa_create_pkey(EVP_PKEY **pkey, | |
466 | const unsigned char *p, size_t p_len, | |
467 | const unsigned char *q, size_t q_len, | |
468 | const unsigned char *g, size_t g_len, | |
469 | const unsigned char *seed, size_t seed_len, | |
470 | int counter, | |
471 | const char *validate_type, | |
472 | const unsigned char *pub, size_t pub_len, | |
473 | BN_CTX *bn_ctx) | |
474 | { | |
475 | int ret = 0; | |
476 | EVP_PKEY_CTX *ctx = NULL; | |
477 | OSSL_PARAM_BLD *bld = NULL; | |
478 | OSSL_PARAM *params = NULL; | |
479 | BIGNUM *p_bn = NULL, *q_bn = NULL, *g_bn = NULL, *pub_bn = NULL; | |
480 | ||
481 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
482 | || !TEST_ptr(p_bn = BN_CTX_get(bn_ctx)) | |
483 | || !TEST_ptr(BN_bin2bn(p, p_len, p_bn)) | |
484 | || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, | |
485 | OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE, | |
486 | validate_type, 0)) | |
487 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p_bn)) | |
488 | || !TEST_ptr(q_bn = BN_CTX_get(bn_ctx)) | |
489 | || !TEST_ptr(BN_bin2bn(q, q_len, q_bn)) | |
490 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q_bn))) | |
491 | goto err; | |
492 | ||
493 | if (g != NULL) { | |
494 | if (!TEST_ptr(g_bn = BN_CTX_get(bn_ctx)) | |
495 | || !TEST_ptr(BN_bin2bn(g, g_len, g_bn)) | |
496 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, | |
497 | OSSL_PKEY_PARAM_FFC_G, g_bn))) | |
498 | goto err; | |
499 | } | |
500 | if (seed != NULL) { | |
501 | if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, | |
502 | OSSL_PKEY_PARAM_FFC_SEED, seed, seed_len))) | |
503 | goto err; | |
504 | } | |
505 | if (counter != -1) { | |
506 | if (!TEST_true(OSSL_PARAM_BLD_push_int(bld, | |
507 | OSSL_PKEY_PARAM_FFC_PCOUNTER, | |
508 | counter))) | |
509 | goto err; | |
510 | } | |
511 | if (pub != NULL) { | |
512 | if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx)) | |
513 | || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn)) | |
514 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, | |
515 | OSSL_PKEY_PARAM_PUB_KEY, | |
516 | pub_bn))) | |
517 | goto err; | |
518 | } | |
519 | if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
520 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL)) | |
521 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
522 | || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params))) | |
523 | goto err; | |
524 | ||
525 | ret = 1; | |
526 | err: | |
527 | OSSL_PARAM_BLD_free_params(params); | |
528 | OSSL_PARAM_BLD_free(bld); | |
529 | EVP_PKEY_CTX_free(ctx); | |
530 | return ret; | |
531 | } | |
532 | ||
533 | static int dsa_pqver_test(int id) | |
534 | { | |
535 | int ret = 0; | |
536 | BN_CTX *bn_ctx = NULL; | |
537 | EVP_PKEY_CTX *key_ctx = NULL; | |
538 | EVP_PKEY *param_key = NULL; | |
539 | const struct dsa_pqver_st *tst = &dsa_pqver_data[id]; | |
540 | ||
541 | if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx)) | |
542 | || !TEST_true(dsa_create_pkey(¶m_key, tst->p, tst->p_len, | |
543 | tst->q, tst->q_len, NULL, 0, | |
544 | tst->seed, tst->seed_len, tst->counter, | |
545 | OSSL_FFC_PARAM_VALIDATE_PQ, | |
546 | NULL, 0, | |
547 | bn_ctx)) | |
548 | || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key, | |
549 | NULL)) | |
550 | || !TEST_int_eq(EVP_PKEY_param_check(key_ctx), tst->pass)) | |
551 | goto err; | |
552 | ||
553 | ret = 1; | |
554 | err: | |
555 | BN_CTX_free(bn_ctx); | |
556 | EVP_PKEY_free(param_key); | |
557 | EVP_PKEY_CTX_free(key_ctx); | |
558 | return ret; | |
559 | } | |
560 | ||
561 | /* Extract r and s from a dsa signature */ | |
562 | static int get_dsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len, | |
563 | unsigned char **r, unsigned char **s, | |
564 | size_t *r_len, size_t *s_len) | |
565 | { | |
566 | int ret = 0; | |
567 | unsigned char *rbuf = NULL, *sbuf = NULL; | |
568 | size_t r1_len, s1_len; | |
569 | const BIGNUM *r1, *s1; | |
570 | DSA_SIG *sign = d2i_DSA_SIG(NULL, &sig, sig_len); | |
571 | ||
572 | if (sign == NULL) | |
573 | return 0; | |
574 | DSA_SIG_get0(sign, &r1, &s1); | |
575 | if (r1 == NULL || s1 == NULL) | |
576 | return 0; | |
577 | ||
578 | r1_len = BN_num_bytes(r1); | |
579 | s1_len = BN_num_bytes(s1); | |
580 | rbuf = OPENSSL_zalloc(r1_len); | |
581 | sbuf = OPENSSL_zalloc(s1_len); | |
582 | if (rbuf == NULL || sbuf == NULL) | |
583 | goto err; | |
584 | if (BN_bn2binpad(r1, rbuf, r1_len) <= 0) | |
585 | goto err; | |
586 | if (BN_bn2binpad(s1, sbuf, s1_len) <= 0) | |
587 | goto err; | |
588 | *r = rbuf; | |
589 | *s = sbuf; | |
590 | *r_len = r1_len; | |
591 | *s_len = s1_len; | |
592 | ret = 1; | |
593 | err: | |
594 | if (ret == 0) { | |
595 | OPENSSL_free(rbuf); | |
596 | OPENSSL_free(sbuf); | |
597 | } | |
598 | DSA_SIG_free(sign); | |
599 | return ret; | |
600 | } | |
601 | ||
602 | static int dsa_siggen_test(int id) | |
603 | { | |
604 | int ret = 0; | |
605 | EVP_PKEY *pkey = NULL; | |
606 | unsigned char *sig = NULL, *r = NULL, *s = NULL; | |
607 | size_t sig_len = 0, rlen = 0, slen = 0; | |
608 | const struct dsa_siggen_st *tst = &dsa_siggen_data[id]; | |
609 | ||
610 | if (!TEST_ptr(pkey = dsa_keygen(tst->L, tst->N))) | |
611 | goto err; | |
612 | ||
613 | if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len, | |
614 | &sig, &sig_len)) | |
615 | || !TEST_true(get_dsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen))) | |
616 | goto err; | |
617 | test_output_memory("r", r, rlen); | |
618 | test_output_memory("s", s, slen); | |
619 | ret = 1; | |
620 | err: | |
621 | OPENSSL_free(r); | |
622 | OPENSSL_free(s); | |
623 | OPENSSL_free(sig); | |
624 | EVP_PKEY_free(pkey); | |
625 | return ret; | |
626 | } | |
627 | ||
628 | static int dsa_sigver_test(int id) | |
629 | { | |
630 | int ret = 0; | |
631 | EVP_PKEY_CTX *ctx = NULL; | |
632 | EVP_PKEY *pkey = NULL; | |
633 | DSA_SIG *sign = NULL; | |
634 | size_t sig_len; | |
635 | unsigned char *sig = NULL; | |
636 | BIGNUM *rbn = NULL, *sbn = NULL; | |
637 | EVP_MD *md = NULL; | |
638 | unsigned char digest[EVP_MAX_MD_SIZE]; | |
639 | unsigned int digest_len; | |
640 | BN_CTX *bn_ctx = NULL; | |
641 | const struct dsa_sigver_st *tst = &dsa_sigver_data[id]; | |
642 | ||
643 | if (!TEST_ptr(bn_ctx = BN_CTX_new()) | |
644 | || !TEST_true(dsa_create_pkey(&pkey, tst->p, tst->p_len, | |
645 | tst->q, tst->q_len, tst->g, tst->g_len, | |
646 | NULL, 0, 0, "", tst->pub, tst->pub_len, | |
647 | bn_ctx))) | |
648 | goto err; | |
649 | ||
650 | if (!TEST_ptr(sign = DSA_SIG_new()) | |
651 | || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL)) | |
652 | || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL)) | |
653 | || !TEST_true(DSA_SIG_set0(sign, rbn, sbn))) | |
654 | goto err; | |
655 | rbn = sbn = NULL; | |
656 | ||
657 | if (!TEST_ptr(md = EVP_MD_fetch(libctx, tst->digest_alg, "")) | |
658 | || !TEST_true(EVP_Digest(tst->msg, tst->msg_len, | |
659 | digest, &digest_len, md, NULL))) | |
660 | goto err; | |
661 | ||
662 | if (!TEST_int_gt((sig_len = i2d_DSA_SIG(sign, &sig)), 0) | |
663 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
664 | || !TEST_int_gt(EVP_PKEY_verify_init(ctx), 0) | |
665 | || !TEST_int_eq(EVP_PKEY_verify(ctx, sig, sig_len, digest, digest_len), | |
666 | tst->pass)) | |
667 | goto err; | |
668 | ret = 1; | |
669 | err: | |
670 | EVP_PKEY_CTX_free(ctx); | |
671 | OPENSSL_free(sig); | |
672 | EVP_MD_free(md); | |
673 | DSA_SIG_free(sign); | |
674 | EVP_PKEY_free(pkey); | |
675 | BN_free(rbn); | |
676 | BN_free(sbn); | |
677 | BN_CTX_free(bn_ctx); | |
678 | return ret; | |
679 | } | |
680 | #endif /* OPENSSL_NO_DSA */ | |
681 | ||
682 | ||
683 | /* cipher encrypt/decrypt */ | |
684 | static int cipher_enc(const char *alg, | |
685 | const unsigned char *pt, size_t pt_len, | |
686 | const unsigned char *key, size_t key_len, | |
687 | const unsigned char *iv, size_t iv_len, | |
688 | const unsigned char *ct, size_t ct_len, | |
689 | int enc) | |
690 | { | |
691 | int ret = 0, out_len = 0, len = 0; | |
692 | EVP_CIPHER_CTX *ctx = NULL; | |
693 | EVP_CIPHER *cipher = NULL; | |
694 | unsigned char out[256] = { 0 }; | |
695 | ||
696 | TEST_note("%s : %s", alg, enc ? "encrypt" : "decrypt"); | |
697 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
698 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, "")) | |
699 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc)) | |
700 | || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
701 | || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len)) | |
702 | || !TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len))) | |
703 | goto err; | |
704 | out_len += len; | |
705 | if (!TEST_mem_eq(out, out_len, ct, ct_len)) | |
706 | goto err; | |
707 | ret = 1; | |
708 | err: | |
709 | EVP_CIPHER_free(cipher); | |
710 | EVP_CIPHER_CTX_free(ctx); | |
711 | return ret; | |
712 | } | |
713 | ||
714 | static int cipher_enc_dec_test(int id) | |
715 | { | |
716 | const struct cipher_st *tst = &cipher_enc_data[id]; | |
717 | const int enc = 1; | |
718 | ||
719 | return TEST_true(cipher_enc(tst->alg, tst->pt, tst->pt_len, | |
720 | tst->key, tst->key_len, | |
721 | tst->iv, tst->iv_len, | |
722 | tst->ct, tst->ct_len, enc)) | |
723 | && TEST_true(cipher_enc(tst->alg, tst->ct, tst->ct_len, | |
724 | tst->key, tst->key_len, | |
725 | tst->iv, tst->iv_len, | |
726 | tst->pt, tst->pt_len, !enc)); | |
727 | } | |
728 | ||
729 | static int aes_ccm_enc_dec(const char *alg, | |
730 | const unsigned char *pt, size_t pt_len, | |
731 | const unsigned char *key, size_t key_len, | |
732 | const unsigned char *iv, size_t iv_len, | |
733 | const unsigned char *aad, size_t aad_len, | |
734 | const unsigned char *ct, size_t ct_len, | |
735 | const unsigned char *tag, size_t tag_len, | |
736 | int enc, int pass) | |
737 | { | |
738 | int ret = 0; | |
739 | EVP_CIPHER_CTX *ctx; | |
740 | EVP_CIPHER *cipher = NULL; | |
741 | int out_len, len; | |
742 | unsigned char out[1024]; | |
743 | ||
744 | TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt", | |
745 | pass ? "pass" : "fail"); | |
746 | ||
747 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
748 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, "")) | |
749 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) | |
750 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, | |
751 | NULL)) | |
752 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, | |
753 | enc ? NULL : (void *)tag)) | |
754 | || !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) | |
755 | || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
756 | || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, NULL, pt_len)) | |
757 | || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len)) | |
758 | || !TEST_int_eq(EVP_CipherUpdate(ctx, out, &len, pt, pt_len), pass)) | |
759 | goto err; | |
760 | ||
761 | if (!pass) { | |
762 | ret = 1; | |
763 | goto err; | |
764 | } | |
765 | if (!TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len))) | |
766 | goto err; | |
767 | if (enc) { | |
768 | out_len += len; | |
769 | if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, | |
770 | tag_len, out + out_len)) | |
771 | || !TEST_mem_eq(out, out_len, ct, ct_len) | |
772 | || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len)) | |
773 | goto err; | |
774 | } else { | |
775 | if (!TEST_mem_eq(out, out_len + len, ct, ct_len)) | |
776 | goto err; | |
777 | } | |
778 | ||
779 | ret = 1; | |
780 | err: | |
781 | EVP_CIPHER_free(cipher); | |
782 | EVP_CIPHER_CTX_free(ctx); | |
783 | return ret; | |
784 | } | |
785 | ||
786 | static int aes_ccm_enc_dec_test(int id) | |
787 | { | |
788 | const struct cipher_ccm_st *tst = &aes_ccm_enc_data[id]; | |
789 | ||
790 | /* The tag is on the end of the cipher text */ | |
791 | const size_t tag_len = tst->ct_len - tst->pt_len; | |
792 | const size_t ct_len = tst->ct_len - tag_len; | |
793 | const unsigned char *tag = tst->ct + ct_len; | |
794 | const int enc = 1; | |
795 | const int pass = 1; | |
796 | ||
797 | if (ct_len < 1) | |
798 | return 0; | |
799 | ||
800 | return aes_ccm_enc_dec(tst->alg, tst->pt, tst->pt_len, | |
801 | tst->key, tst->key_len, | |
802 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
803 | tst->ct, ct_len, tag, tag_len, enc, pass) | |
804 | && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len, | |
805 | tst->key, tst->key_len, | |
806 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
807 | tst->pt, tst->pt_len, tag, tag_len, !enc, pass) | |
808 | /* test that it fails if the tag is incorrect */ | |
809 | && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len, | |
810 | tst->key, tst->key_len, | |
811 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
812 | tst->pt, tst->pt_len, | |
813 | tag - 1, tag_len, !enc, !pass); | |
814 | } | |
815 | ||
816 | static int aes_gcm_enc_dec(const char *alg, | |
817 | const unsigned char *pt, size_t pt_len, | |
818 | const unsigned char *key, size_t key_len, | |
819 | const unsigned char *iv, size_t iv_len, | |
820 | const unsigned char *aad, size_t aad_len, | |
821 | const unsigned char *ct, size_t ct_len, | |
822 | const unsigned char *tag, size_t tag_len, | |
823 | int enc, int pass) | |
824 | { | |
825 | int ret = 0; | |
826 | EVP_CIPHER_CTX *ctx; | |
827 | EVP_CIPHER *cipher = NULL; | |
828 | int out_len, len; | |
829 | unsigned char out[1024]; | |
830 | ||
831 | TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt", | |
832 | pass ? "pass" : "fail"); | |
833 | ||
834 | if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()) | |
835 | || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, "")) | |
836 | || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) | |
837 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len, | |
838 | NULL))) | |
839 | goto err; | |
840 | ||
841 | if (!enc) { | |
842 | if (!TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len, | |
843 | (void *)tag))) | |
844 | goto err; | |
845 | } | |
846 | /* | |
847 | * TODO(3.0): The IV should not be set outside the boundary as it is now. | |
848 | * It needs to be fed in via a dummy entropy source for this test. | |
849 | */ | |
850 | if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) | |
851 | || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0)) | |
852 | || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len)) | |
853 | || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len))) | |
854 | goto err; | |
855 | ||
856 | if (!TEST_int_eq(EVP_CipherFinal_ex(ctx, out + len, &out_len), pass)) | |
857 | goto err; | |
858 | if (!pass) { | |
859 | ret = 1; | |
860 | goto err; | |
861 | } | |
862 | out_len += len; | |
863 | if (enc) { | |
864 | if (!TEST_mem_eq(out, out_len, ct, ct_len) | |
865 | || !TEST_true(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, | |
866 | tag_len, out + out_len)) | |
867 | || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len)) | |
868 | goto err; | |
869 | } else { | |
870 | if (!TEST_mem_eq(out, out_len, ct, ct_len)) | |
871 | goto err; | |
872 | } | |
873 | ||
874 | ret = 1; | |
875 | err: | |
876 | EVP_CIPHER_free(cipher); | |
877 | EVP_CIPHER_CTX_free(ctx); | |
878 | return ret; | |
879 | } | |
880 | ||
881 | static int aes_gcm_enc_dec_test(int id) | |
882 | { | |
883 | const struct cipher_gcm_st *tst = &aes_gcm_enc_data[id]; | |
884 | int enc = 1; | |
885 | int pass = 1; | |
886 | ||
887 | return aes_gcm_enc_dec(tst->alg, tst->pt, tst->pt_len, | |
888 | tst->key, tst->key_len, | |
889 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
890 | tst->ct, tst->ct_len, tst->tag, tst->tag_len, | |
891 | enc, pass) | |
892 | && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len, | |
893 | tst->key, tst->key_len, | |
894 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
895 | tst->pt, tst->pt_len, tst->tag, tst->tag_len, | |
896 | !enc, pass) | |
897 | /* Fail if incorrect tag passed to decrypt */ | |
898 | && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len, | |
899 | tst->key, tst->key_len, | |
900 | tst->iv, tst->iv_len, tst->aad, tst->aad_len, | |
901 | tst->pt, tst->pt_len, tst->aad, tst->tag_len, | |
902 | !enc, !pass); | |
903 | } | |
904 | ||
905 | #ifndef OPENSSL_NO_DH | |
906 | static int dh_create_pkey(EVP_PKEY **pkey, const char *group_name, | |
907 | const unsigned char *pub, size_t pub_len, | |
908 | const unsigned char *priv, size_t priv_len, | |
909 | BN_CTX *bn_ctx, int pass) | |
910 | { | |
911 | int ret = 0; | |
912 | EVP_PKEY_CTX *ctx = NULL; | |
913 | OSSL_PARAM_BLD *bld = NULL; | |
914 | OSSL_PARAM *params = NULL; | |
915 | BIGNUM *pub_bn = NULL, *priv_bn = NULL; | |
916 | ||
917 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
918 | || (group_name != NULL | |
919 | && !TEST_int_gt(OSSL_PARAM_BLD_push_utf8_string( | |
023b188c | 920 | bld, OSSL_PKEY_PARAM_GROUP_NAME, |
4f2271d5 SL |
921 | group_name, 0), 0))) |
922 | goto err; | |
923 | ||
924 | if (pub != NULL) { | |
925 | if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx)) | |
926 | || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn)) | |
927 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, | |
928 | pub_bn))) | |
929 | goto err; | |
930 | } | |
931 | if (priv != NULL) { | |
932 | if (!TEST_ptr(priv_bn = BN_CTX_get(bn_ctx)) | |
933 | || !TEST_ptr(BN_bin2bn(priv, priv_len, priv_bn)) | |
934 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, | |
935 | priv_bn))) | |
936 | goto err; | |
937 | } | |
938 | ||
939 | if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
940 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL)) | |
941 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
942 | || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, params), pass)) | |
943 | goto err; | |
944 | ||
945 | ret = 1; | |
946 | err: | |
947 | OSSL_PARAM_BLD_free_params(params); | |
948 | OSSL_PARAM_BLD_free(bld); | |
949 | EVP_PKEY_CTX_free(ctx); | |
950 | return ret; | |
951 | } | |
952 | ||
953 | static int dh_safe_prime_keygen_test(int id) | |
954 | { | |
955 | int ret = 0; | |
956 | EVP_PKEY_CTX *ctx = NULL; | |
957 | EVP_PKEY *pkey = NULL; | |
958 | unsigned char *priv = NULL; | |
959 | unsigned char *pub = NULL; | |
960 | size_t priv_len = 0, pub_len = 0; | |
961 | OSSL_PARAM params[2]; | |
962 | const struct dh_safe_prime_keygen_st *tst = &dh_safe_prime_keygen_data[id]; | |
963 | ||
023b188c | 964 | params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, |
4f2271d5 SL |
965 | (char *)tst->group_name, 0); |
966 | params[1] = OSSL_PARAM_construct_end(); | |
967 | ||
968 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL)) | |
969 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
970 | || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params)) | |
971 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0) | |
972 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY, | |
973 | &priv, &priv_len)) | |
974 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PUB_KEY, | |
975 | &pub, &pub_len))) | |
976 | goto err; | |
977 | ||
978 | test_output_memory("x", priv, priv_len); | |
979 | test_output_memory("y", pub, pub_len); | |
980 | ret = 1; | |
981 | err: | |
982 | OPENSSL_clear_free(priv, priv_len); | |
983 | OPENSSL_free(pub); | |
984 | EVP_PKEY_free(pkey); | |
985 | EVP_PKEY_CTX_free(ctx); | |
986 | return ret; | |
987 | } | |
988 | ||
989 | static int dh_safe_prime_keyver_test(int id) | |
990 | { | |
991 | int ret = 0; | |
992 | BN_CTX *bn_ctx = NULL; | |
993 | EVP_PKEY_CTX *key_ctx = NULL; | |
994 | EVP_PKEY *pkey = NULL; | |
995 | const struct dh_safe_prime_keyver_st *tst = &dh_safe_prime_keyver_data[id]; | |
996 | ||
997 | if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx)) | |
998 | || !TEST_true(dh_create_pkey(&pkey, tst->group_name, | |
999 | tst->pub, tst->pub_len, | |
1000 | tst->priv, tst->priv_len, bn_ctx, 1)) | |
1001 | || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
1002 | || !TEST_int_eq(EVP_PKEY_check(key_ctx), tst->pass)) | |
1003 | goto err; | |
1004 | ||
1005 | ret = 1; | |
1006 | err: | |
1007 | EVP_PKEY_free(pkey); | |
1008 | EVP_PKEY_CTX_free(key_ctx); | |
1009 | BN_CTX_free(bn_ctx); | |
1010 | return ret; | |
1011 | } | |
1012 | #endif /* OPENSSL_NO_DH */ | |
1013 | ||
1014 | ||
1015 | #ifndef OPENSSL_NO_RSA | |
1016 | static EVP_PKEY *rsa_keygen(int bits) | |
1017 | { | |
1018 | EVP_PKEY *key = NULL; | |
1019 | EVP_PKEY_CTX *keygen_ctx = NULL; | |
1020 | ||
1021 | if (!TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) | |
1022 | || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0) | |
1023 | || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(keygen_ctx, bits)) | |
1024 | || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0)) | |
1025 | goto err; | |
1026 | err: | |
1027 | EVP_PKEY_CTX_free(keygen_ctx); | |
1028 | return key; | |
1029 | } | |
1030 | ||
1031 | static int rsa_create_pkey(EVP_PKEY **pkey, | |
1032 | const unsigned char *n, size_t n_len, | |
1033 | const unsigned char *e, size_t e_len, | |
1034 | const unsigned char *d, size_t d_len, | |
1035 | BN_CTX *bn_ctx) | |
1036 | { | |
1037 | int ret = 0; | |
1038 | EVP_PKEY_CTX *ctx = NULL; | |
1039 | OSSL_PARAM_BLD *bld = NULL; | |
1040 | OSSL_PARAM *params = NULL; | |
1041 | BIGNUM *e_bn = NULL, *d_bn = NULL, *n_bn = NULL; | |
1042 | ||
1043 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
1044 | || !TEST_ptr(n_bn = BN_CTX_get(bn_ctx)) | |
1045 | || !TEST_ptr(BN_bin2bn(n, n_len, n_bn)) | |
1046 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n_bn))) | |
1047 | goto err; | |
1048 | ||
1049 | if (e != NULL) { | |
1050 | if (!TEST_ptr(e_bn = BN_CTX_get(bn_ctx)) | |
1051 | || !TEST_ptr(BN_bin2bn(e, e_len, e_bn)) | |
1052 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, | |
1053 | e_bn))) | |
1054 | goto err; | |
1055 | } | |
1056 | if (d != NULL) { | |
1057 | if (!TEST_ptr(d_bn = BN_CTX_get(bn_ctx)) | |
1058 | || !TEST_ptr(BN_bin2bn(d, d_len, d_bn)) | |
1059 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, | |
1060 | d_bn))) | |
1061 | goto err; | |
1062 | } | |
1063 | if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) | |
1064 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) | |
1065 | || !TEST_true(EVP_PKEY_key_fromdata_init(ctx)) | |
1066 | || !TEST_true(EVP_PKEY_fromdata(ctx, pkey, params))) | |
1067 | goto err; | |
1068 | ||
1069 | ret = 1; | |
1070 | err: | |
1071 | OSSL_PARAM_BLD_free_params(params); | |
1072 | OSSL_PARAM_BLD_free(bld); | |
1073 | EVP_PKEY_CTX_free(ctx); | |
1074 | return ret; | |
1075 | } | |
1076 | ||
1077 | static int rsa_keygen_test(int id) | |
1078 | { | |
1079 | int ret = 0; | |
1080 | EVP_PKEY_CTX *ctx = NULL; | |
1081 | EVP_PKEY *pkey = NULL; | |
1082 | BIGNUM *e_bn = NULL; | |
1083 | BIGNUM *xp1_bn = NULL, *xp2_bn = NULL, *xp_bn = NULL; | |
1084 | BIGNUM *xq1_bn = NULL, *xq2_bn = NULL, *xq_bn = NULL; | |
1085 | unsigned char *n = NULL, *d = NULL; | |
1086 | unsigned char *p = NULL, *p1 = NULL, *p2 = NULL; | |
1087 | unsigned char *q = NULL, *q1 = NULL, *q2 = NULL; | |
1088 | size_t n_len = 0, d_len = 0; | |
1089 | size_t p_len = 0, p1_len = 0, p2_len = 0; | |
1090 | size_t q_len = 0, q1_len = 0, q2_len = 0; | |
1091 | OSSL_PARAM_BLD *bld = NULL; | |
1092 | OSSL_PARAM *params = NULL; | |
1093 | const struct rsa_keygen_st *tst = &rsa_keygen_data[id]; | |
1094 | ||
1095 | if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) | |
1096 | || !TEST_ptr(xp1_bn = BN_bin2bn(tst->xp1, tst->xp1_len, NULL)) | |
1097 | || !TEST_ptr(xp2_bn = BN_bin2bn(tst->xp2, tst->xp2_len, NULL)) | |
1098 | || !TEST_ptr(xp_bn = BN_bin2bn(tst->xp, tst->xp_len, NULL)) | |
1099 | || !TEST_ptr(xq1_bn = BN_bin2bn(tst->xq1, tst->xq1_len, NULL)) | |
1100 | || !TEST_ptr(xq2_bn = BN_bin2bn(tst->xq2, tst->xq2_len, NULL)) | |
1101 | || !TEST_ptr(xq_bn = BN_bin2bn(tst->xq, tst->xq_len, NULL)) | |
1102 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP1, | |
1103 | xp1_bn)) | |
1104 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP2, | |
1105 | xp2_bn)) | |
1106 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP, | |
1107 | xp_bn)) | |
1108 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ1, | |
1109 | xq1_bn)) | |
1110 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ2, | |
1111 | xq2_bn)) | |
1112 | || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ, | |
1113 | xq_bn)) | |
1114 | || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) | |
1115 | goto err; | |
1116 | ||
1117 | if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)) | |
1118 | || !TEST_ptr(e_bn = BN_bin2bn(tst->e, tst->e_len, NULL)) | |
1119 | || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) | |
1120 | || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params)) | |
1121 | || !TEST_true(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, tst->mod)) | |
3786d748 | 1122 | || !TEST_true(EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e_bn)) |
4f2271d5 SL |
1123 | || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0) |
1124 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P1, | |
1125 | &p1, &p1_len)) | |
1126 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P2, | |
1127 | &p2, &p2_len)) | |
1128 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q1, | |
1129 | &q1, &q1_len)) | |
1130 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q2, | |
1131 | &q2, &q2_len)) | |
1132 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, | |
1133 | &p, &p_len)) | |
1134 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, | |
1135 | &q, &q_len)) | |
1136 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, | |
1137 | &n, &n_len)) | |
1138 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_D, | |
1139 | &d, &d_len))) | |
1140 | goto err; | |
1141 | ||
1142 | if (!TEST_mem_eq(tst->p1, tst->p1_len, p1, p1_len) | |
1143 | || !TEST_mem_eq(tst->p2, tst->p2_len, p2, p2_len) | |
1144 | || !TEST_mem_eq(tst->p, tst->p_len, p, p_len) | |
1145 | || !TEST_mem_eq(tst->q1, tst->q1_len, q1, q1_len) | |
1146 | || !TEST_mem_eq(tst->q2, tst->q2_len, q2, q2_len) | |
1147 | || !TEST_mem_eq(tst->q, tst->q_len, q, q_len) | |
1148 | || !TEST_mem_eq(tst->n, tst->n_len, n, n_len) | |
1149 | || !TEST_mem_eq(tst->d, tst->d_len, d, d_len)) | |
1150 | goto err; | |
1151 | ||
1152 | test_output_memory("p1", p1, p1_len); | |
1153 | test_output_memory("p2", p2, p2_len); | |
1154 | test_output_memory("p", p, p_len); | |
1155 | test_output_memory("q1", q1, q1_len); | |
1156 | test_output_memory("q2", q2, q2_len); | |
1157 | test_output_memory("q", q, q_len); | |
1158 | test_output_memory("n", n, n_len); | |
1159 | test_output_memory("d", d, d_len); | |
1160 | ret = 1; | |
1161 | err: | |
1162 | BN_free(xp1_bn); | |
1163 | BN_free(xp2_bn); | |
1164 | BN_free(xp_bn); | |
1165 | BN_free(xq1_bn); | |
1166 | BN_free(xq2_bn); | |
1167 | BN_free(xq_bn); | |
1168 | BN_free(e_bn); | |
1169 | OPENSSL_free(p1); | |
1170 | OPENSSL_free(p2); | |
1171 | OPENSSL_free(q1); | |
1172 | OPENSSL_free(q2); | |
1173 | OPENSSL_free(p); | |
1174 | OPENSSL_free(q); | |
1175 | OPENSSL_free(n); | |
1176 | OPENSSL_free(d); | |
1177 | EVP_PKEY_free(pkey); | |
1178 | EVP_PKEY_CTX_free(ctx); | |
1179 | OSSL_PARAM_BLD_free_params(params); | |
1180 | OSSL_PARAM_BLD_free(bld); | |
1181 | return ret; | |
1182 | } | |
1183 | ||
1184 | static int rsa_siggen_test(int id) | |
1185 | { | |
1186 | int ret = 0; | |
1187 | EVP_PKEY *pkey = NULL; | |
1188 | unsigned char *sig = NULL, *n = NULL, *e = NULL; | |
1189 | size_t sig_len = 0, n_len = 0, e_len = 0; | |
1190 | OSSL_PARAM params[4], *p; | |
1191 | const struct rsa_siggen_st *tst = &rsa_siggen_data[id]; | |
1192 | ||
1193 | TEST_note("RSA %s signature generation", tst->sig_pad_mode); | |
1194 | ||
1195 | p = params; | |
1196 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, | |
1197 | (char *)tst->sig_pad_mode, 0); | |
1198 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, | |
1199 | (char *)tst->digest_alg, 0); | |
1200 | if (tst->pss_salt_len >= 0) { | |
1201 | int salt_len = tst->pss_salt_len; | |
1202 | ||
1203 | *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, | |
1204 | &salt_len); | |
1205 | } | |
1206 | *p++ = OSSL_PARAM_construct_end(); | |
1207 | ||
1208 | if (!TEST_ptr(pkey = rsa_keygen(tst->mod)) | |
1209 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len)) | |
1210 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len)) | |
1211 | || !TEST_true(sig_gen(pkey, params, tst->digest_alg, | |
1212 | tst->msg, tst->msg_len, | |
1213 | &sig, &sig_len))) | |
1214 | goto err; | |
1215 | test_output_memory("n", n, n_len); | |
1216 | test_output_memory("e", e, e_len); | |
1217 | test_output_memory("sig", sig, sig_len); | |
1218 | ret = 1; | |
1219 | err: | |
1220 | OPENSSL_free(n); | |
1221 | OPENSSL_free(e); | |
1222 | OPENSSL_free(sig); | |
1223 | EVP_PKEY_free(pkey); | |
1224 | return ret; | |
1225 | } | |
1226 | ||
1227 | static int rsa_sigver_test(int id) | |
1228 | { | |
1229 | int ret = 0; | |
1230 | EVP_PKEY_CTX *pkey_ctx = NULL; | |
1231 | EVP_PKEY *pkey = NULL; | |
1232 | EVP_MD_CTX *md_ctx = NULL; | |
1233 | BN_CTX *bn_ctx = NULL; | |
1234 | OSSL_PARAM params[4], *p; | |
1235 | const struct rsa_sigver_st *tst = &rsa_sigver_data[id]; | |
1236 | ||
1237 | TEST_note("RSA %s Signature Verify : expected to %s ", tst->sig_pad_mode, | |
1238 | tst->pass == PASS ? "pass" : "fail"); | |
1239 | ||
1240 | p = params; | |
1241 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE, | |
1242 | (char *)tst->sig_pad_mode, 0); | |
1243 | *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST, | |
1244 | (char *)tst->digest_alg, 0); | |
1245 | if (tst->pss_salt_len >= 0) { | |
1246 | int salt_len = tst->pss_salt_len; | |
1247 | ||
1248 | *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN, | |
1249 | &salt_len); | |
1250 | } | |
1251 | *p++ = OSSL_PARAM_construct_end(); | |
1252 | ||
1253 | if (!TEST_ptr(bn_ctx = BN_CTX_new()) | |
1254 | || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len, | |
1255 | tst->e, tst->e_len, NULL, 0, bn_ctx)) | |
1256 | || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) | |
0ab18e79 SL |
1257 | || !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx, |
1258 | tst->digest_alg, | |
1259 | libctx, NULL, pkey) | |
4f2271d5 SL |
1260 | || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params)) |
1261 | || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len, | |
1262 | tst->msg, tst->msg_len), tst->pass))) | |
1263 | goto err; | |
1264 | ret = 1; | |
1265 | err: | |
1266 | EVP_PKEY_free(pkey); | |
1267 | BN_CTX_free(bn_ctx); | |
1268 | EVP_MD_CTX_free(md_ctx); | |
1269 | return ret; | |
1270 | } | |
1271 | ||
1272 | static int rsa_decryption_primitive_test(int id) | |
1273 | { | |
1274 | int ret = 0; | |
1275 | EVP_PKEY_CTX *ctx = NULL; | |
1276 | EVP_PKEY *pkey = NULL; | |
1277 | unsigned char pt[2048]; | |
1278 | size_t pt_len = sizeof(pt); | |
1279 | unsigned char *n = NULL, *e = NULL; | |
1280 | size_t n_len = 0, e_len = 0; | |
1281 | BN_CTX *bn_ctx = NULL; | |
1282 | const struct rsa_decrypt_prim_st *tst = &rsa_decrypt_prim_data[id]; | |
1283 | ||
1284 | if (!TEST_ptr(pkey = rsa_keygen(2048)) | |
1285 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len)) | |
1286 | || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len)) | |
1287 | || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, "")) | |
1288 | || !TEST_int_gt(EVP_PKEY_decrypt_init(ctx), 0) | |
1289 | || !TEST_int_gt(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), 0)) | |
1290 | goto err; | |
1291 | ||
1292 | test_output_memory("n", n, n_len); | |
1293 | test_output_memory("e", e, e_len); | |
1294 | if (!EVP_PKEY_decrypt(ctx, pt, &pt_len, tst->ct, tst->ct_len)) | |
1295 | TEST_note("Decryption Failed"); | |
1296 | else | |
1297 | test_output_memory("pt", pt, pt_len); | |
1298 | ret = 1; | |
1299 | err: | |
1300 | OPENSSL_free(n); | |
1301 | OPENSSL_free(e); | |
1302 | EVP_PKEY_CTX_free(ctx); | |
1303 | EVP_PKEY_free(pkey); | |
1304 | BN_CTX_free(bn_ctx); | |
1305 | return ret; | |
1306 | } | |
1307 | #endif /* OPENSSL_NO_RSA */ | |
1308 | ||
f8e74747 SL |
1309 | static int self_test_events(const OSSL_PARAM params[], void *varg) |
1310 | { | |
1311 | SELF_TEST_ARGS *args = varg; | |
1312 | const OSSL_PARAM *p = NULL; | |
1313 | const char *phase = NULL, *type = NULL, *desc = NULL; | |
1314 | int ret = 0; | |
1315 | ||
1316 | if (!args->enable) | |
1317 | return 1; | |
1318 | ||
1319 | args->called++; | |
1320 | p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_PHASE); | |
1321 | if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) | |
1322 | goto err; | |
1323 | phase = (const char *)p->data; | |
1324 | ||
1325 | p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_DESC); | |
1326 | if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) | |
1327 | goto err; | |
1328 | desc = (const char *)p->data; | |
1329 | ||
1330 | p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_TYPE); | |
1331 | if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) | |
1332 | goto err; | |
1333 | type = (const char *)p->data; | |
1334 | ||
1335 | BIO_printf(bio_out, "%s %s %s\n", phase, desc, type); | |
1336 | ret = 1; | |
1337 | err: | |
1338 | return ret; | |
1339 | } | |
4f2271d5 | 1340 | |
254b5dca P |
1341 | static int drbg_test(int id) |
1342 | { | |
1343 | OSSL_PARAM params[3]; | |
1344 | EVP_RAND *rand = NULL; | |
1345 | EVP_RAND_CTX *ctx = NULL, *parent = NULL; | |
1346 | unsigned char returned_bits[64]; | |
1347 | const size_t returned_bits_len = sizeof(returned_bits); | |
1348 | unsigned int strength = 256; | |
1349 | const struct drbg_st *tst = &drbg_data[id]; | |
1350 | int res = 0; | |
1351 | ||
1352 | /* Create the seed source */ | |
1353 | if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, "TEST-RAND", "-fips")) | |
1354 | || !TEST_ptr(parent = EVP_RAND_CTX_new(rand, NULL))) | |
1355 | goto err; | |
1356 | EVP_RAND_free(rand); | |
1357 | rand = NULL; | |
1358 | ||
1359 | params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength); | |
1360 | params[1] = OSSL_PARAM_construct_end(); | |
1361 | if (!TEST_true(EVP_RAND_set_ctx_params(parent, params))) | |
1362 | goto err; | |
1363 | ||
1364 | /* Get the DRBG */ | |
1365 | if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, tst->drbg_name, "")) | |
1366 | || !TEST_ptr(ctx = EVP_RAND_CTX_new(rand, parent))) | |
1367 | goto err; | |
1368 | ||
1369 | /* Set the DRBG up */ | |
1370 | params[0] = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF, | |
1371 | (int *)&tst->use_df); | |
1372 | params[1] = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER, | |
1373 | (char *)tst->cipher, 0); | |
1374 | params[2] = OSSL_PARAM_construct_end(); | |
1375 | if (!TEST_true(EVP_RAND_set_ctx_params(ctx, params))) | |
1376 | goto err; | |
1377 | ||
1378 | /* Feed in the entropy and nonce */ | |
1379 | params[0] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY, | |
1380 | (void *)tst->entropy_input, | |
1381 | tst->entropy_input_len); | |
1382 | params[1] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE, | |
1383 | (void *)tst->nonce, | |
1384 | tst->nonce_len); | |
1385 | params[2] = OSSL_PARAM_construct_end(); | |
1386 | if (!TEST_true(EVP_RAND_set_ctx_params(parent, params))) | |
1387 | goto err; | |
1388 | ||
1389 | /* | |
1390 | * Run the test | |
1391 | * A NULL personalisation string defaults to the built in so something | |
1392 | * non-NULL is needed if there is no personalisation string | |
1393 | */ | |
1394 | if (!TEST_true(EVP_RAND_instantiate(ctx, 0, 0, (void *)"", 0)) | |
1395 | || !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len, | |
1396 | 0, 0, NULL, 0)) | |
1397 | || !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len, | |
1398 | 0, 0, NULL, 0))) | |
1399 | goto err; | |
1400 | ||
1401 | test_output_memory("returned bits", returned_bits, returned_bits_len); | |
1402 | ||
1403 | /* Clean up */ | |
1404 | if (!TEST_true(EVP_RAND_uninstantiate(ctx)) | |
1405 | || !TEST_true(EVP_RAND_uninstantiate(parent))) | |
1406 | goto err; | |
1407 | ||
1408 | /* Verify the output */ | |
1409 | if (!TEST_mem_eq(returned_bits, returned_bits_len, | |
1410 | tst->returned_bits, tst->returned_bits_len)) | |
1411 | goto err; | |
1412 | res = 1; | |
1413 | err: | |
1414 | EVP_RAND_CTX_free(ctx); | |
1415 | EVP_RAND_CTX_free(parent); | |
1416 | EVP_RAND_free(rand); | |
1417 | return res; | |
1418 | } | |
1419 | ||
4f2271d5 SL |
1420 | int setup_tests(void) |
1421 | { | |
1422 | char *config_file = NULL; | |
1423 | ||
1424 | OPTION_CHOICE o; | |
1425 | ||
1426 | while ((o = opt_next()) != OPT_EOF) { | |
1427 | switch (o) { | |
1428 | case OPT_CONFIG_FILE: | |
1429 | config_file = opt_arg(); | |
1430 | break; | |
1431 | case OPT_TEST_CASES: | |
1432 | break; | |
1433 | default: | |
1434 | case OPT_ERR: | |
1435 | return 0; | |
1436 | } | |
1437 | } | |
1438 | ||
1439 | prov_null = OSSL_PROVIDER_load(NULL, "null"); | |
1440 | if (prov_null == NULL) { | |
1441 | opt_printf_stderr("Failed to load null provider into default libctx\n"); | |
1442 | return 0; | |
1443 | } | |
1444 | ||
1445 | libctx = OPENSSL_CTX_new(); | |
1446 | if (libctx == NULL | |
1447 | || !OPENSSL_CTX_load_config(libctx, config_file)) { | |
1448 | opt_printf_stderr("Failed to load config\n"); | |
1449 | return 0; | |
1450 | } | |
f8e74747 | 1451 | OSSL_SELF_TEST_set_callback(libctx, self_test_events, &self_test_args); |
4f2271d5 SL |
1452 | |
1453 | ADD_ALL_TESTS(cipher_enc_dec_test, OSSL_NELEM(cipher_enc_data)); | |
1454 | ADD_ALL_TESTS(aes_ccm_enc_dec_test, OSSL_NELEM(aes_ccm_enc_data)); | |
1455 | ADD_ALL_TESTS(aes_gcm_enc_dec_test, OSSL_NELEM(aes_gcm_enc_data)); | |
1456 | ||
1457 | #ifndef OPENSSL_NO_RSA | |
1458 | ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data)); | |
1459 | ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data)); | |
1460 | ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data)); | |
1461 | ADD_ALL_TESTS(rsa_decryption_primitive_test, | |
1462 | OSSL_NELEM(rsa_decrypt_prim_data)); | |
1463 | #endif /* OPENSSL_NO_RSA */ | |
1464 | ||
1465 | #ifndef OPENSSL_NO_DH | |
1466 | ADD_ALL_TESTS(dh_safe_prime_keygen_test, | |
1467 | OSSL_NELEM(dh_safe_prime_keygen_data)); | |
1468 | ADD_ALL_TESTS(dh_safe_prime_keyver_test, | |
1469 | OSSL_NELEM(dh_safe_prime_keyver_data)); | |
1470 | #endif /* OPENSSL_NO_DH */ | |
1471 | ||
1472 | #ifndef OPENSSL_NO_DSA | |
1473 | ADD_ALL_TESTS(dsa_keygen_test, OSSL_NELEM(dsa_keygen_data)); | |
1474 | ADD_ALL_TESTS(dsa_paramgen_test, OSSL_NELEM(dsa_paramgen_data)); | |
1475 | ADD_ALL_TESTS(dsa_pqver_test, OSSL_NELEM(dsa_pqver_data)); | |
1476 | ADD_ALL_TESTS(dsa_siggen_test, OSSL_NELEM(dsa_siggen_data)); | |
1477 | ADD_ALL_TESTS(dsa_sigver_test, OSSL_NELEM(dsa_sigver_data)); | |
1478 | #endif /* OPENSSL_NO_DSA */ | |
1479 | ||
1480 | #ifndef OPENSSL_NO_EC | |
1481 | ADD_ALL_TESTS(ecdsa_keygen_test, OSSL_NELEM(ecdsa_keygen_data)); | |
1482 | ADD_ALL_TESTS(ecdsa_pub_verify_test, OSSL_NELEM(ecdsa_pv_data)); | |
1483 | ADD_ALL_TESTS(ecdsa_siggen_test, OSSL_NELEM(ecdsa_siggen_data)); | |
1484 | ADD_ALL_TESTS(ecdsa_sigver_test, OSSL_NELEM(ecdsa_sigver_data)); | |
1485 | #endif /* OPENSSL_NO_EC */ | |
254b5dca P |
1486 | |
1487 | ADD_ALL_TESTS(drbg_test, OSSL_NELEM(drbg_data)); | |
4f2271d5 SL |
1488 | return 1; |
1489 | } | |
1490 | ||
1491 | void cleanup_tests(void) | |
1492 | { | |
1493 | OSSL_PROVIDER_unload(prov_null); | |
1494 | OPENSSL_CTX_free(libctx); | |
1495 | } |