]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/dsatest.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Swap to FIPS186-2 DSA generation outside of the FIPS module
[thirdparty/openssl.git] / test / dsatest.c
1 /*
2 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 /*
11 * DSA low level APIs are deprecated for public use, but still ok for
12 * internal use.
13 */
14 #include "internal/deprecated.h"
15
16 #include <stdio.h>
17 #include <stdlib.h>
18 #include <string.h>
19 #include <sys/types.h>
20 #include <sys/stat.h>
21
22 #include <openssl/crypto.h>
23 #include <openssl/rand.h>
24 #include <openssl/bn.h>
25 #include <openssl/dsa.h>
26 #include <openssl/evp.h>
27 #include <openssl/core_names.h>
28
29 #include "testutil.h"
30 #include "internal/nelem.h"
31
32 #ifndef OPENSSL_NO_DSA
33 static int dsa_cb(int p, int n, BN_GENCB *arg);
34
35 static int dsa_test(void)
36 {
37 BN_GENCB *cb;
38 DSA *dsa = NULL;
39 int counter, ret = 0, i, j;
40 unsigned char buf[256];
41 unsigned long h;
42 unsigned char sig[256];
43 unsigned int siglen;
44 const BIGNUM *p = NULL, *q = NULL, *g = NULL;
45 /*
46 * seed, out_p, out_q, out_g are taken from the updated Appendix 5 to FIPS
47 * PUB 186 and also appear in Appendix 5 to FIPS PIB 186-1
48 */
49 static unsigned char seed[20] = {
50 0xd5, 0x01, 0x4e, 0x4b, 0x60, 0xef, 0x2b, 0xa8,
51 0xb6, 0x21, 0x1b, 0x40, 0x62, 0xba, 0x32, 0x24,
52 0xe0, 0x42, 0x7d, 0xd3,
53 };
54 static unsigned char out_p[] = {
55 0x8d, 0xf2, 0xa4, 0x94, 0x49, 0x22, 0x76, 0xaa,
56 0x3d, 0x25, 0x75, 0x9b, 0xb0, 0x68, 0x69, 0xcb,
57 0xea, 0xc0, 0xd8, 0x3a, 0xfb, 0x8d, 0x0c, 0xf7,
58 0xcb, 0xb8, 0x32, 0x4f, 0x0d, 0x78, 0x82, 0xe5,
59 0xd0, 0x76, 0x2f, 0xc5, 0xb7, 0x21, 0x0e, 0xaf,
60 0xc2, 0xe9, 0xad, 0xac, 0x32, 0xab, 0x7a, 0xac,
61 0x49, 0x69, 0x3d, 0xfb, 0xf8, 0x37, 0x24, 0xc2,
62 0xec, 0x07, 0x36, 0xee, 0x31, 0xc8, 0x02, 0x91,
63 };
64 static unsigned char out_q[] = {
65 0xc7, 0x73, 0x21, 0x8c, 0x73, 0x7e, 0xc8, 0xee,
66 0x99, 0x3b, 0x4f, 0x2d, 0xed, 0x30, 0xf4, 0x8e,
67 0xda, 0xce, 0x91, 0x5f,
68 };
69 static unsigned char out_g[] = {
70 0x62, 0x6d, 0x02, 0x78, 0x39, 0xea, 0x0a, 0x13,
71 0x41, 0x31, 0x63, 0xa5, 0x5b, 0x4c, 0xb5, 0x00,
72 0x29, 0x9d, 0x55, 0x22, 0x95, 0x6c, 0xef, 0xcb,
73 0x3b, 0xff, 0x10, 0xf3, 0x99, 0xce, 0x2c, 0x2e,
74 0x71, 0xcb, 0x9d, 0xe5, 0xfa, 0x24, 0xba, 0xbf,
75 0x58, 0xe5, 0xb7, 0x95, 0x21, 0x92, 0x5c, 0x9c,
76 0xc4, 0x2e, 0x9f, 0x6f, 0x46, 0x4b, 0x08, 0x8c,
77 0xc5, 0x72, 0xaf, 0x53, 0xe6, 0xd7, 0x88, 0x02,
78 };
79 static const unsigned char str1[] = "12345678901234567890";
80
81 if (!TEST_ptr(cb = BN_GENCB_new()))
82 goto end;
83
84 BN_GENCB_set(cb, dsa_cb, NULL);
85 if (!TEST_ptr(dsa = DSA_new())
86 || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20,
87 &counter, &h, cb)))
88 goto end;
89
90 if (!TEST_int_eq(counter, 105))
91 goto end;
92 if (!TEST_int_eq(h, 2))
93 goto end;
94
95 DSA_get0_pqg(dsa, &p, &q, &g);
96 i = BN_bn2bin(q, buf);
97 j = sizeof(out_q);
98 if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i))
99 goto end;
100
101 i = BN_bn2bin(p, buf);
102 j = sizeof(out_p);
103 if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i))
104 goto end;
105
106 i = BN_bn2bin(g, buf);
107 j = sizeof(out_g);
108 if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i))
109 goto end;
110
111 DSA_generate_key(dsa);
112 DSA_sign(0, str1, 20, sig, &siglen, dsa);
113 if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa)))
114 ret = 1;
115
116 end:
117 DSA_free(dsa);
118 BN_GENCB_free(cb);
119 return ret;
120 }
121
122 static int dsa_cb(int p, int n, BN_GENCB *arg)
123 {
124 static int ok = 0, num = 0;
125
126 if (p == 0)
127 num++;
128 if (p == 2)
129 ok++;
130
131 if (!ok && (p == 0) && (num > 1)) {
132 TEST_error("dsa_cb error");
133 return 0;
134 }
135 return 1;
136 }
137
138 # define P 0
139 # define Q 1
140 # define G 2
141 # define SEED 3
142 # define PCOUNT 4
143 # define GINDEX 5
144 # define HCOUNT 6
145 # define GROUP 7
146
147 static int dsa_keygen_test(void)
148 {
149 int ret = 0;
150 EVP_PKEY *param_key = NULL, *key = NULL;
151 EVP_PKEY_CTX *pg_ctx = NULL, *kg_ctx = NULL;
152 BIGNUM *p_in = NULL, *q_in = NULL, *g_in = NULL;
153 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL;
154 int gindex_out = 0, pcount_out = 0, hcount_out = 0;
155 unsigned char seed_out[32];
156 char group_out[32];
157 size_t len = 0;
158 const OSSL_PARAM *settables = NULL;
159 static const unsigned char seed_data[] = {
160 0xa6, 0xf5, 0x28, 0x8c, 0x50, 0x77, 0xa5, 0x68,
161 0x6d, 0x3a, 0xf5, 0xf1, 0xc6, 0x4c, 0xdc, 0x35,
162 0x95, 0x26, 0x3f, 0x03, 0xdc, 0x00, 0x3f, 0x44,
163 0x7b, 0x2a, 0xc7, 0x29
164 };
165 static const unsigned char expected_p[]= {
166 0xdb, 0x47, 0x07, 0xaf, 0xf0, 0x06, 0x49, 0x55,
167 0xc9, 0xbb, 0x09, 0x41, 0xb8, 0xdb, 0x1f, 0xbc,
168 0xa8, 0xed, 0x12, 0x06, 0x7f, 0x88, 0x49, 0xb8,
169 0xc9, 0x12, 0x87, 0x21, 0xbb, 0x08, 0x6c, 0xbd,
170 0xf1, 0x89, 0xef, 0x84, 0xd9, 0x7a, 0x93, 0xe8,
171 0x45, 0x40, 0x81, 0xec, 0x37, 0x27, 0x1a, 0xa4,
172 0x22, 0x51, 0x99, 0xf0, 0xde, 0x04, 0xdb, 0xea,
173 0xa1, 0xf9, 0x37, 0x83, 0x80, 0x96, 0x36, 0x53,
174 0xf6, 0xae, 0x14, 0x73, 0x33, 0x0f, 0xdf, 0x0b,
175 0xf9, 0x2f, 0x08, 0x46, 0x31, 0xf9, 0x66, 0xcd,
176 0x5a, 0xeb, 0x6c, 0xf3, 0xbb, 0x74, 0xf3, 0x88,
177 0xf0, 0x31, 0x5c, 0xa4, 0xc8, 0x0f, 0x86, 0xf3,
178 0x0f, 0x9f, 0xc0, 0x8c, 0x57, 0xe4, 0x7f, 0x95,
179 0xb3, 0x62, 0xc8, 0x4e, 0xae, 0xf3, 0xd8, 0x14,
180 0xcc, 0x47, 0xc2, 0x4b, 0x4f, 0xef, 0xaf, 0xcd,
181 0xcf, 0xb2, 0xbb, 0xe8, 0xbe, 0x08, 0xca, 0x15,
182 0x90, 0x59, 0x35, 0xef, 0x35, 0x1c, 0xfe, 0xeb,
183 0x33, 0x2e, 0x25, 0x22, 0x57, 0x9c, 0x55, 0x23,
184 0x0c, 0x6f, 0xed, 0x7c, 0xb6, 0xc7, 0x36, 0x0b,
185 0xcb, 0x2b, 0x6a, 0x21, 0xa1, 0x1d, 0x55, 0x77,
186 0xd9, 0x91, 0xcd, 0xc1, 0xcd, 0x3d, 0x82, 0x16,
187 0x9c, 0xa0, 0x13, 0xa5, 0x83, 0x55, 0x3a, 0x73,
188 0x7e, 0x2c, 0x44, 0x3e, 0x70, 0x2e, 0x50, 0x91,
189 0x6e, 0xca, 0x3b, 0xef, 0xff, 0x85, 0x35, 0x70,
190 0xff, 0x61, 0x0c, 0xb1, 0xb2, 0xb7, 0x94, 0x6f,
191 0x65, 0xa4, 0x57, 0x62, 0xef, 0x21, 0x83, 0x0f,
192 0x3e, 0x71, 0xae, 0x7d, 0xe4, 0xad, 0xfb, 0xe3,
193 0xdd, 0xd6, 0x03, 0xda, 0x9a, 0xd8, 0x8f, 0x2d,
194 0xbb, 0x90, 0x87, 0xf8, 0xdb, 0xdc, 0xec, 0x71,
195 0xf2, 0xdb, 0x0b, 0x8e, 0xfc, 0x1a, 0x7e, 0x79,
196 0xb1, 0x1b, 0x0d, 0xfc, 0x70, 0xec, 0x85, 0xc2,
197 0xc5, 0xba, 0xb9, 0x69, 0x3f, 0x88, 0xbc, 0xcb
198 };
199 static const unsigned char expected_q[]= {
200 0x99, 0xb6, 0xa0, 0xee, 0xb3, 0xa6, 0x99, 0x1a,
201 0xb6, 0x67, 0x8d, 0xc1, 0x2b, 0x9b, 0xce, 0x2b,
202 0x01, 0x72, 0x5a, 0x65, 0x76, 0x3d, 0x93, 0x69,
203 0xe2, 0x56, 0xae, 0xd7
204 };
205 static const unsigned char expected_g[]= {
206 0x63, 0xf8, 0xb6, 0xee, 0x2a, 0x27, 0xaf, 0x4f,
207 0x4c, 0xf6, 0x08, 0x28, 0x87, 0x4a, 0xe7, 0x1f,
208 0x45, 0x46, 0x27, 0x52, 0x3b, 0x7f, 0x6f, 0xd2,
209 0x29, 0xcb, 0xe8, 0x11, 0x19, 0x25, 0x35, 0x76,
210 0x99, 0xcb, 0x4f, 0x1b, 0xe0, 0xed, 0x32, 0x9e,
211 0x05, 0xb5, 0xbe, 0xd7, 0xf6, 0x5a, 0xb2, 0xf6,
212 0x0e, 0x0c, 0x7e, 0xf5, 0xe1, 0x05, 0xfe, 0xda,
213 0xaf, 0x0f, 0x27, 0x1e, 0x40, 0x2a, 0xf7, 0xa7,
214 0x23, 0x49, 0x2c, 0xd9, 0x1b, 0x0a, 0xbe, 0xff,
215 0xc7, 0x7c, 0x7d, 0x60, 0xca, 0xa3, 0x19, 0xc3,
216 0xb7, 0xe4, 0x43, 0xb0, 0xf5, 0x75, 0x44, 0x90,
217 0x46, 0x47, 0xb1, 0xa6, 0x48, 0x0b, 0x21, 0x8e,
218 0xee, 0x75, 0xe6, 0x3d, 0xa7, 0xd3, 0x7b, 0x31,
219 0xd1, 0xd2, 0x9d, 0xe2, 0x8a, 0xfc, 0x57, 0xfd,
220 0x8a, 0x10, 0x31, 0xeb, 0x87, 0x36, 0x3f, 0x65,
221 0x72, 0x23, 0x2c, 0xd3, 0xd6, 0x17, 0xa5, 0x62,
222 0x58, 0x65, 0x57, 0x6a, 0xd4, 0xa8, 0xfe, 0xec,
223 0x57, 0x76, 0x0c, 0xb1, 0x4c, 0x93, 0xed, 0xb0,
224 0xb4, 0xf9, 0x45, 0xb3, 0x3e, 0xdd, 0x47, 0xf1,
225 0xfb, 0x7d, 0x25, 0x79, 0x3d, 0xfc, 0xa7, 0x39,
226 0x90, 0x68, 0x6a, 0x6b, 0xae, 0xf2, 0x6e, 0x64,
227 0x8c, 0xfb, 0xb8, 0xdd, 0x76, 0x4e, 0x4a, 0x69,
228 0x8c, 0x97, 0x15, 0x77, 0xb2, 0x67, 0xdc, 0xeb,
229 0x4a, 0x40, 0x6b, 0xb9, 0x47, 0x8f, 0xa6, 0xab,
230 0x6e, 0x98, 0xc0, 0x97, 0x9a, 0x0c, 0xea, 0x00,
231 0xfd, 0x56, 0x1a, 0x74, 0x9a, 0x32, 0x6b, 0xfe,
232 0xbd, 0xdf, 0x6c, 0x82, 0x54, 0x53, 0x4d, 0x70,
233 0x65, 0xe3, 0x8b, 0x37, 0xb8, 0xe4, 0x70, 0x08,
234 0xb7, 0x3b, 0x30, 0x27, 0xaf, 0x1c, 0x77, 0xf3,
235 0x62, 0xd4, 0x9a, 0x59, 0xba, 0xd1, 0x6e, 0x89,
236 0x5c, 0x34, 0x9a, 0xa1, 0xb7, 0x4f, 0x7d, 0x8c,
237 0xdc, 0xbc, 0x74, 0x25, 0x5e, 0xbf, 0x77, 0x46
238 };
239 int expected_c = 1316;
240 int expected_h = 2;
241
242 if (!TEST_ptr(p_in = BN_bin2bn(expected_p, sizeof(expected_p), NULL))
243 || !TEST_ptr(q_in = BN_bin2bn(expected_q, sizeof(expected_q), NULL))
244 || !TEST_ptr(g_in = BN_bin2bn(expected_g, sizeof(expected_g), NULL)))
245 goto end;
246 if (!TEST_ptr(pg_ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
247 || !TEST_int_gt(EVP_PKEY_paramgen_init(pg_ctx), 0)
248 || !TEST_ptr_null(EVP_PKEY_CTX_gettable_params(pg_ctx))
249 || !TEST_ptr(settables = EVP_PKEY_CTX_settable_params(pg_ctx))
250 || !TEST_ptr(OSSL_PARAM_locate_const(settables,
251 OSSL_PKEY_PARAM_FFC_PBITS))
252 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_type(pg_ctx, "fips186_4"))
253 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(pg_ctx, 2048))
254 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(pg_ctx, 224))
255 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_seed(pg_ctx, seed_data,
256 sizeof(seed_data)))
257 || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_md_props(pg_ctx, "SHA256",
258 ""))
259 || !TEST_int_gt(EVP_PKEY_gen(pg_ctx, &param_key), 0)
260 || !TEST_ptr(kg_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param_key, NULL))
261 || !TEST_int_gt(EVP_PKEY_keygen_init(kg_ctx), 0)
262 || !TEST_int_gt(EVP_PKEY_gen(kg_ctx, &key), 0))
263 goto end;
264
265 if (!TEST_true(EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_FFC_P, &p_out))
266 || !TEST_BN_eq(p_in, p_out)
267 || !TEST_true(EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_FFC_Q, &q_out))
268 || !TEST_BN_eq(q_in, q_out)
269 || !TEST_true(EVP_PKEY_get_bn_param(key, OSSL_PKEY_PARAM_FFC_G, &g_out))
270 || !TEST_BN_eq(g_in, g_out)
271 || !TEST_true(EVP_PKEY_get_octet_string_param(
272 key, OSSL_PKEY_PARAM_FFC_SEED, seed_out,
273 sizeof(seed_out), &len))
274 || !TEST_mem_eq(seed_out, len, seed_data, sizeof(seed_data))
275 || !TEST_true(EVP_PKEY_get_int_param(key, OSSL_PKEY_PARAM_FFC_GINDEX,
276 &gindex_out))
277 || !TEST_int_eq(gindex_out, -1)
278 || !TEST_true(EVP_PKEY_get_int_param(key, OSSL_PKEY_PARAM_FFC_H,
279 &hcount_out))
280 || !TEST_int_eq(hcount_out, expected_h)
281 || !TEST_true(EVP_PKEY_get_int_param(key,
282 OSSL_PKEY_PARAM_FFC_PCOUNTER,
283 &pcount_out))
284 || !TEST_int_eq(pcount_out, expected_c)
285 || !TEST_false(EVP_PKEY_get_utf8_string_param(key,
286 OSSL_PKEY_PARAM_GROUP_NAME,
287 group_out,
288 sizeof(group_out), &len)))
289 goto end;
290 ret = 1;
291 end:
292 BN_free(p_in);
293 BN_free(q_in);
294 BN_free(g_in);
295 BN_free(p_out);
296 BN_free(q_out);
297 BN_free(g_out);
298 EVP_PKEY_free(param_key);
299 EVP_PKEY_free(key);
300 EVP_PKEY_CTX_free(kg_ctx);
301 EVP_PKEY_CTX_free(pg_ctx);
302 return ret;
303 }
304
305 #endif /* OPENSSL_NO_DSA */
306
307 int setup_tests(void)
308 {
309 #ifndef OPENSSL_NO_DSA
310 ADD_TEST(dsa_test);
311 ADD_TEST(dsa_keygen_test);
312 #endif
313 return 1;
314 }
A mirror of the official openssl repository