]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/evp_extra_test.c
projects / thirdparty / openssl.git / blob
? search:


724a1441adecaa7b8a8aa98cf0ee1eb6ab29768a
[thirdparty/openssl.git] / test / evp_extra_test.c
1 /*
2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <string.h>
13 #include <openssl/bio.h>
14 #include <openssl/crypto.h>
15 #include <openssl/err.h>
16 #include <openssl/evp.h>
17 #include <openssl/rsa.h>
18 #include <openssl/x509.h>
19 #include <openssl/pem.h>
20 #include <openssl/kdf.h>
21 #include <openssl/provider.h>
22 #include "testutil.h"
23 #include "internal/nelem.h"
24 #include "internal/evp_int.h"
25
26 /*
27 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
28 * should never use this key anywhere but in an example.
29 */
30 static const unsigned char kExampleRSAKeyDER[] = {
31 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
32 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
33 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
34 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
35 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
36 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
37 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
38 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
39 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
40 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
41 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
42 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
43 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
44 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
45 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
46 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
47 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
48 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
49 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
50 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
51 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
52 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
53 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
54 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
55 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
56 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
57 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
58 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
59 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
60 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
61 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
62 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
63 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
64 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
65 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
66 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
67 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
68 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
69 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
70 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
71 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
72 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
73 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
74 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
75 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
76 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
77 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
78 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
79 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
80 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
81 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
82 };
83
84 /*
85 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
86 * components are not correct.
87 */
88 static const unsigned char kExampleBadRSAKeyDER[] = {
89 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
90 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
91 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
92 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
93 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
94 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
95 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
96 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
97 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
98 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
99 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
100 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
101 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
102 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
103 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
104 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
105 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
106 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
107 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
108 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
109 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
110 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
111 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
112 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
113 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
114 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
115 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
116 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
117 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
118 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
119 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
120 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
121 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
122 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
123 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
124 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
125 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
126 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
127 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
128 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
129 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
130 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
131 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
132 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
133 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
134 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
135 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
136 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
137 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
138 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
139 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
140 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
141 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
142 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
143 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
144 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
145 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
146 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
147 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
148 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
149 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
150 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
151 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
152 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
153 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
154 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
155 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
156 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
157 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
158 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
159 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
160 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
161 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
162 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
163 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
164 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
165 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
166 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
167 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
168 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
169 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
170 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
171 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
172 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
173 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
174 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
175 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
176 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
177 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
178 };
179
180 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
181
182 static const unsigned char kSignature[] = {
183 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
184 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
185 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
186 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
187 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
188 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
189 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
190 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
191 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
192 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
193 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
194 };
195
196 /*
197 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
198 * PrivateKeyInfo.
199 */
200 static const unsigned char kExampleRSAKeyPKCS8[] = {
201 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
202 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
203 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
204 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
205 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
206 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
207 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
208 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
209 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
210 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
211 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
212 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
213 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
214 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
215 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
216 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
217 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
218 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
219 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
220 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
221 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
222 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
223 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
224 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
225 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
226 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
227 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
228 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
229 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
230 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
231 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
232 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
233 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
234 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
235 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
236 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
237 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
238 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
239 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
240 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
241 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
242 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
243 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
244 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
245 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
246 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
247 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
248 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
249 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
250 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
251 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
252 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
253 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
254 };
255
256 #ifndef OPENSSL_NO_EC
257 /*
258 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
259 * structure.
260 */
261 static const unsigned char kExampleECKeyDER[] = {
262 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
263 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
264 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
265 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
266 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
267 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
268 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
269 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
270 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
271 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
272 0xc1,
273 };
274
275 /*
276 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
277 * structure. The private key is equal to the order and will fail to import
278 */
279 static const unsigned char kExampleBadECKeyDER[] = {
280 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
281 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
282 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
283 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
284 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
285 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
286 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
287 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
288 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
289 };
290
291 /* prime256v1 */
292 static const unsigned char kExampleECPubKeyDER[] = {
293 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
294 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
295 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
296 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
297 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
298 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
299 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
300 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
301 };
302
303 /*
304 * kExampleBadECKeyDER is a sample EC public key with a wrong OID
305 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
306 */
307 static const unsigned char kExampleBadECPubKeyDER[] = {
308 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
309 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
310 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
311 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
312 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
313 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
314 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
315 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
316 };
317
318 static const unsigned char pExampleECParamDER[] = {
319 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
320 };
321 #endif
322
323 typedef struct APK_DATA_st {
324 const unsigned char *kder;
325 size_t size;
326 int evptype;
327 int check;
328 int pub_check;
329 int param_check;
330 int type; /* 0 for private, 1 for public, 2 for params */
331 } APK_DATA;
332
333 static APK_DATA keydata[] = {
334 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
335 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
336 #ifndef OPENSSL_NO_EC
337 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
338 #endif
339 };
340
341 static APK_DATA keycheckdata[] = {
342 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
343 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
344 0, -2, -2, 0},
345 #ifndef OPENSSL_NO_EC
346 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
347 /* group is also associated in our pub key */
348 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
349 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
350 #endif
351 };
352
353 static EVP_PKEY *load_example_rsa_key(void)
354 {
355 EVP_PKEY *ret = NULL;
356 const unsigned char *derp = kExampleRSAKeyDER;
357 EVP_PKEY *pkey = NULL;
358 RSA *rsa = NULL;
359
360 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
361 return NULL;
362
363 if (!TEST_ptr(pkey = EVP_PKEY_new())
364 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
365 goto end;
366
367 ret = pkey;
368 pkey = NULL;
369
370 end:
371 EVP_PKEY_free(pkey);
372 RSA_free(rsa);
373
374 return ret;
375 }
376
377 static int test_EVP_Enveloped(void)
378 {
379 int ret = 0;
380 EVP_CIPHER_CTX *ctx = NULL;
381 EVP_PKEY *keypair = NULL;
382 unsigned char *kek = NULL;
383 unsigned char iv[EVP_MAX_IV_LENGTH];
384 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
385 int len, kek_len, ciphertext_len, plaintext_len;
386 unsigned char ciphertext[32], plaintext[16];
387 const EVP_CIPHER *type = EVP_aes_256_cbc();
388
389 if (!TEST_ptr(keypair = load_example_rsa_key())
390 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
391 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
392 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
393 &keypair, 1))
394 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
395 msg, sizeof(msg)))
396 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
397 &len)))
398 goto err;
399
400 ciphertext_len += len;
401
402 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
403 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
404 ciphertext, ciphertext_len))
405 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
406 goto err;
407
408 plaintext_len += len;
409 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
410 goto err;
411
412 ret = 1;
413 err:
414 OPENSSL_free(kek);
415 EVP_PKEY_free(keypair);
416 EVP_CIPHER_CTX_free(ctx);
417 return ret;
418 }
419
420
421 static int test_EVP_DigestSignInit(void)
422 {
423 int ret = 0;
424 EVP_PKEY *pkey = NULL;
425 unsigned char *sig = NULL;
426 size_t sig_len = 0;
427 EVP_MD_CTX *md_ctx, *md_ctx_verify = NULL;
428
429 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
430 || !TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())
431 || !TEST_ptr(pkey = load_example_rsa_key()))
432 goto out;
433
434 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
435 || !TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
436 goto out;
437
438 /* Determine the size of the signature. */
439 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
440 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
441 goto out;
442
443 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
444 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
445 goto out;
446
447 /* Ensure that the signature round-trips. */
448 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
449 NULL, pkey))
450 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify,
451 kMsg, sizeof(kMsg)))
452 || !TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
453 goto out;
454
455 ret = 1;
456
457 out:
458 EVP_MD_CTX_free(md_ctx);
459 EVP_MD_CTX_free(md_ctx_verify);
460 EVP_PKEY_free(pkey);
461 OPENSSL_free(sig);
462
463 return ret;
464 }
465
466 static int test_EVP_DigestVerifyInit(void)
467 {
468 int ret = 0;
469 EVP_PKEY *pkey = NULL;
470 EVP_MD_CTX *md_ctx = NULL;
471
472 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
473 || !TEST_ptr(pkey = load_example_rsa_key()))
474 goto out;
475
476 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
477 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
478 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
479 sizeof(kSignature))))
480 goto out;
481 ret = 1;
482
483 out:
484 EVP_MD_CTX_free(md_ctx);
485 EVP_PKEY_free(pkey);
486 return ret;
487 }
488
489 static int test_d2i_AutoPrivateKey(int i)
490 {
491 int ret = 0;
492 const unsigned char *p;
493 EVP_PKEY *pkey = NULL;
494 const APK_DATA *ak = &keydata[i];
495 const unsigned char *input = ak->kder;
496 size_t input_len = ak->size;
497 int expected_id = ak->evptype;
498
499 p = input;
500 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
501 || !TEST_ptr_eq(p, input + input_len)
502 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
503 goto done;
504
505 ret = 1;
506
507 done:
508 EVP_PKEY_free(pkey);
509 return ret;
510 }
511
512 #ifndef OPENSSL_NO_EC
513
514 static const unsigned char ec_public_sect163k1_validxy[] = {
515 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
516 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
517 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
518 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
519 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
520 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
521 };
522
523 static const unsigned char ec_public_sect163k1_badx[] = {
524 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
525 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
526 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
527 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
528 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
529 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
530 };
531
532 static const unsigned char ec_public_sect163k1_bady[] = {
533 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
534 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
535 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
536 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
537 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
538 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
539 };
540
541 static struct ec_der_pub_keys_st {
542 const unsigned char *der;
543 size_t len;
544 int valid;
545 } ec_der_pub_keys[] = {
546 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
547 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
548 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
549 };
550
551 /*
552 * Tests the range of the decoded EC char2 public point.
553 * See ec_GF2m_simple_oct2point().
554 */
555 static int test_invalide_ec_char2_pub_range_decode(int id)
556 {
557 int ret = 0;
558 BIO *bio = NULL;
559 EC_KEY *eckey = NULL;
560
561 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
562 ec_der_pub_keys[id].len)))
563 goto err;
564 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
565 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
566 || TEST_ptr_null(eckey);
567 err:
568 EC_KEY_free(eckey);
569 BIO_free(bio);
570 return ret;
571 }
572
573 /* Tests loading a bad key in PKCS8 format */
574 static int test_EVP_PKCS82PKEY(void)
575 {
576 int ret = 0;
577 const unsigned char *derp = kExampleBadECKeyDER;
578 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
579 EVP_PKEY *pkey = NULL;
580
581 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
582 sizeof(kExampleBadECKeyDER))))
583 goto done;
584
585 if (!TEST_ptr_eq(derp,
586 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
587 goto done;
588
589 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
590 goto done;
591
592 ret = 1;
593
594 done:
595 PKCS8_PRIV_KEY_INFO_free(p8inf);
596 EVP_PKEY_free(pkey);
597
598 return ret;
599 }
600 #endif
601
602 #ifndef OPENSSL_NO_SM2
603
604 static int test_EVP_SM2_verify(void)
605 {
606 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
607 const char *pubkey =
608 "-----BEGIN PUBLIC KEY-----\n"
609 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
610 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
611 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
612 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
613 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
614 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
615 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
616 "-----END PUBLIC KEY-----\n";
617
618 const char *msg = "message digest";
619 const char *id = "ALICE123@YAHOO.COM";
620
621 const uint8_t signature[] = {
622 0x30, 0x44, 0x02, 0x20,
623
624 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
625 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
626 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
627
628 0x02, 0x20,
629
630 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
631 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
632 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
633 };
634
635 int rc = 0;
636 BIO *bio = NULL;
637 EVP_PKEY *pkey = NULL;
638 EVP_MD_CTX *mctx = NULL;
639 EVP_PKEY_CTX *pctx = NULL;
640
641 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
642 if (!TEST_true(bio != NULL))
643 goto done;
644
645 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
646 if (!TEST_true(pkey != NULL))
647 goto done;
648
649 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
650 goto done;
651
652 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
653 goto done;
654
655 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
656 goto done;
657
658 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
659 strlen(id)), 0))
660 goto done;
661
662 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
663
664 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
665 goto done;
666
667 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
668 goto done;
669
670 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
671 goto done;
672 rc = 1;
673
674 done:
675 BIO_free(bio);
676 EVP_PKEY_free(pkey);
677 EVP_PKEY_CTX_free(pctx);
678 EVP_MD_CTX_free(mctx);
679 return rc;
680 }
681
682 static int test_EVP_SM2(void)
683 {
684 int ret = 0;
685 EVP_PKEY *pkey = NULL;
686 EVP_PKEY *params = NULL;
687 EVP_PKEY_CTX *pctx = NULL;
688 EVP_PKEY_CTX *kctx = NULL;
689 EVP_PKEY_CTX *sctx = NULL;
690 size_t sig_len = 0;
691 unsigned char *sig = NULL;
692 EVP_MD_CTX *md_ctx = NULL;
693 EVP_MD_CTX *md_ctx_verify = NULL;
694 EVP_PKEY_CTX *cctx = NULL;
695
696 uint8_t ciphertext[128];
697 size_t ctext_len = sizeof(ciphertext);
698
699 uint8_t plaintext[8];
700 size_t ptext_len = sizeof(plaintext);
701
702 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
703
704 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
705 if (!TEST_ptr(pctx))
706 goto done;
707
708 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
709 goto done;
710
711 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
712 goto done;
713
714 if (!TEST_true(EVP_PKEY_paramgen(pctx, &params)))
715 goto done;
716
717 kctx = EVP_PKEY_CTX_new(params, NULL);
718 if (!TEST_ptr(kctx))
719 goto done;
720
721 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
722 goto done;
723
724 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
725 goto done;
726
727 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
728 goto done;
729
730 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
731 goto done;
732
733 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
734 goto done;
735
736 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
737 goto done;
738
739 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
740 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
741
742 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
743 goto done;
744
745 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
746 goto done;
747
748 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
749 goto done;
750
751 /* Determine the size of the signature. */
752 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
753 goto done;
754
755 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
756 goto done;
757
758 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
759 goto done;
760
761 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
762 goto done;
763
764 /* Ensure that the signature round-trips. */
765
766 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
767 goto done;
768
769 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
770 goto done;
771
772 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
773 goto done;
774
775 /* now check encryption/decryption */
776
777 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
778 goto done;
779
780 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
781 goto done;
782
783 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
784 goto done;
785
786 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
787 goto done;
788
789 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
790 goto done;
791
792 if (!TEST_true(ptext_len == sizeof(kMsg)))
793 goto done;
794
795 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
796 goto done;
797
798 ret = 1;
799 done:
800 EVP_PKEY_CTX_free(pctx);
801 EVP_PKEY_CTX_free(kctx);
802 EVP_PKEY_CTX_free(sctx);
803 EVP_PKEY_CTX_free(cctx);
804 EVP_PKEY_free(pkey);
805 EVP_PKEY_free(params);
806 EVP_MD_CTX_free(md_ctx);
807 EVP_MD_CTX_free(md_ctx_verify);
808 OPENSSL_free(sig);
809 return ret;
810 }
811
812 #endif
813
814 static struct keys_st {
815 int type;
816 char *priv;
817 char *pub;
818 } keys[] = {
819 {
820 EVP_PKEY_HMAC, "0123456789", NULL
821 }, {
822 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
823 }, {
824 EVP_PKEY_SIPHASH, "0123456789012345", NULL
825 },
826 #ifndef OPENSSL_NO_EC
827 {
828 EVP_PKEY_X25519, "01234567890123456789012345678901",
829 "abcdefghijklmnopqrstuvwxyzabcdef"
830 }, {
831 EVP_PKEY_ED25519, "01234567890123456789012345678901",
832 "abcdefghijklmnopqrstuvwxyzabcdef"
833 }, {
834 EVP_PKEY_X448,
835 "01234567890123456789012345678901234567890123456789012345",
836 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
837 }, {
838 EVP_PKEY_ED448,
839 "012345678901234567890123456789012345678901234567890123456",
840 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
841 }
842 #endif
843 };
844
845 static int test_set_get_raw_keys_int(int tst, int pub)
846 {
847 int ret = 0;
848 unsigned char buf[80];
849 unsigned char *in;
850 size_t inlen, len = 0;
851 EVP_PKEY *pkey;
852
853 /* Check if this algorithm supports public keys */
854 if (keys[tst].pub == NULL)
855 return 1;
856
857 memset(buf, 0, sizeof(buf));
858
859 if (pub) {
860 inlen = strlen(keys[tst].pub);
861 in = (unsigned char *)keys[tst].pub;
862 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
863 NULL,
864 in,
865 inlen);
866 } else {
867 inlen = strlen(keys[tst].priv);
868 in = (unsigned char *)keys[tst].priv;
869 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
870 NULL,
871 in,
872 inlen);
873 }
874
875 if (!TEST_ptr(pkey)
876 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
877 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
878 || !TEST_true(len == inlen)
879 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
880 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
881 || !TEST_mem_eq(in, inlen, buf, len))
882 goto done;
883
884 ret = 1;
885 done:
886 EVP_PKEY_free(pkey);
887 return ret;
888 }
889
890 static int test_set_get_raw_keys(int tst)
891 {
892 return test_set_get_raw_keys_int(tst, 0)
893 && test_set_get_raw_keys_int(tst, 1);
894 }
895
896 static int pkey_custom_check(EVP_PKEY *pkey)
897 {
898 return 0xbeef;
899 }
900
901 static int pkey_custom_pub_check(EVP_PKEY *pkey)
902 {
903 return 0xbeef;
904 }
905
906 static int pkey_custom_param_check(EVP_PKEY *pkey)
907 {
908 return 0xbeef;
909 }
910
911 static EVP_PKEY_METHOD *custom_pmeth;
912
913 static int test_EVP_PKEY_check(int i)
914 {
915 int ret = 0;
916 const unsigned char *p;
917 EVP_PKEY *pkey = NULL;
918 #ifndef OPENSSL_NO_EC
919 EC_KEY *eckey = NULL;
920 #endif
921 EVP_PKEY_CTX *ctx = NULL;
922 EVP_PKEY_CTX *ctx2 = NULL;
923 const APK_DATA *ak = &keycheckdata[i];
924 const unsigned char *input = ak->kder;
925 size_t input_len = ak->size;
926 int expected_id = ak->evptype;
927 int expected_check = ak->check;
928 int expected_pub_check = ak->pub_check;
929 int expected_param_check = ak->param_check;
930 int type = ak->type;
931 BIO *pubkey = NULL;
932
933 p = input;
934
935 switch (type) {
936 case 0:
937 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
938 || !TEST_ptr_eq(p, input + input_len)
939 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
940 goto done;
941 break;
942 #ifndef OPENSSL_NO_EC
943 case 1:
944 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
945 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
946 || !TEST_ptr(pkey = EVP_PKEY_new())
947 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
948 goto done;
949 break;
950 case 2:
951 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
952 || !TEST_ptr_eq(p, input + input_len)
953 || !TEST_ptr(pkey = EVP_PKEY_new())
954 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
955 goto done;
956 break;
957 #endif
958 default:
959 return 0;
960 }
961
962 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
963 goto done;
964
965 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
966 goto done;
967
968 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
969 goto done;
970
971 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
972 goto done;
973
974 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
975 /* assign the pkey directly, as an internal test */
976 EVP_PKEY_up_ref(pkey);
977 ctx2->pkey = pkey;
978
979 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
980 goto done;
981
982 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
983 goto done;
984
985 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
986 goto done;
987
988 ret = 1;
989
990 done:
991 EVP_PKEY_CTX_free(ctx);
992 EVP_PKEY_CTX_free(ctx2);
993 EVP_PKEY_free(pkey);
994 BIO_free(pubkey);
995 return ret;
996 }
997
998 static int test_HKDF(void)
999 {
1000 EVP_PKEY_CTX *pctx;
1001 unsigned char out[20];
1002 size_t outlen;
1003 int i, ret = 0;
1004 unsigned char salt[] = "0123456789";
1005 unsigned char key[] = "012345678901234567890123456789";
1006 unsigned char info[] = "infostring";
1007 const unsigned char expected[] = {
1008 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1009 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1010 };
1011 size_t expectedlen = sizeof(expected);
1012
1013 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1014 goto done;
1015
1016 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1017 for (i = 0; i < 2; i++) {
1018 outlen = sizeof(out);
1019 memset(out, 0, outlen);
1020
1021 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1022 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1023 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1024 sizeof(salt) - 1), 0)
1025 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1026 sizeof(key) - 1), 0)
1027 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1028 sizeof(info) - 1), 0)
1029 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1030 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1031 goto done;
1032 }
1033
1034 ret = 1;
1035
1036 done:
1037 EVP_PKEY_CTX_free(pctx);
1038
1039 return ret;
1040 }
1041
1042 #ifndef OPENSSL_NO_EC
1043 static int test_X509_PUBKEY_inplace(void)
1044 {
1045 int ret = 0;
1046 X509_PUBKEY *xp = NULL;
1047 const unsigned char *p = kExampleECPubKeyDER;
1048 size_t input_len = sizeof(kExampleECPubKeyDER);
1049
1050 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1051 goto done;
1052
1053 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1054 goto done;
1055
1056 p = kExampleBadECPubKeyDER;
1057 input_len = sizeof(kExampleBadECPubKeyDER);
1058
1059 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1060 goto done;
1061
1062 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1063 goto done;
1064
1065 ret = 1;
1066
1067 done:
1068 X509_PUBKEY_free(xp);
1069 return ret;
1070 }
1071 #endif
1072
1073
1074 static int calculate_digest(const EVP_MD *md, const char *msg, size_t len,
1075 const unsigned char *exptd)
1076 {
1077 unsigned char out[SHA256_DIGEST_LENGTH];
1078 EVP_MD_CTX *ctx;
1079 int ret = 0;
1080
1081 if (!TEST_ptr(ctx = EVP_MD_CTX_new())
1082 || !TEST_true(EVP_DigestInit_ex(ctx, md, NULL))
1083 || !TEST_true(EVP_DigestUpdate(ctx, msg, len))
1084 || !TEST_true(EVP_DigestFinal_ex(ctx, out, NULL))
1085 || !TEST_mem_eq(out, SHA256_DIGEST_LENGTH, exptd,
1086 SHA256_DIGEST_LENGTH)
1087 || !TEST_true(md == EVP_MD_CTX_md(ctx)))
1088 goto err;
1089
1090 ret = 1;
1091 err:
1092 EVP_MD_CTX_free(ctx);
1093 return ret;
1094 }
1095 /*
1096 * Test EVP_MD_fetch()
1097 *
1098 * Test 0: Test with the default OPENSSL_CTX
1099 * Test 1: Test with an explicit OPENSSL_CTX
1100 * Test 2: Explicit OPENSSL_CTX with explicit load of default provider
1101 * Test 3: Explicit OPENSSL_CTX with explicit load of default and fips provider
1102 * Test 4: Explicit OPENSSL_CTX with explicit load of fips provider
1103 */
1104 static int test_EVP_MD_fetch(int tst)
1105 {
1106 OPENSSL_CTX *ctx = NULL;
1107 EVP_MD *md = NULL;
1108 OSSL_PROVIDER *defltprov = NULL, *fipsprov = NULL;
1109 int ret = 0;
1110 const char testmsg[] = "Hello world";
1111 const unsigned char exptd[] = {
1112 0x27, 0x51, 0x8b, 0xa9, 0x68, 0x30, 0x11, 0xf6, 0xb3, 0x96, 0x07, 0x2c,
1113 0x05, 0xf6, 0x65, 0x6d, 0x04, 0xf5, 0xfb, 0xc3, 0x78, 0x7c, 0xf9, 0x24,
1114 0x90, 0xec, 0x60, 0x6e, 0x50, 0x92, 0xe3, 0x26
1115 };
1116
1117 if (tst > 0) {
1118 ctx = OPENSSL_CTX_new();
1119 if (!TEST_ptr(ctx))
1120 goto err;
1121
1122 if (tst == 2 || tst == 3) {
1123 defltprov = OSSL_PROVIDER_load(ctx, "default");
1124 if (!TEST_ptr(defltprov))
1125 goto err;
1126 }
1127 if (tst == 3 || tst == 4) {
1128 fipsprov = OSSL_PROVIDER_load(ctx, "fips");
1129 if (!TEST_ptr(fipsprov))
1130 goto err;
1131 }
1132 }
1133
1134 /* Implicit fetching of the MD should produce the expected result */
1135 if (!TEST_true(calculate_digest(EVP_sha256(), testmsg, sizeof(testmsg),
1136 exptd))
1137 || !TEST_int_eq(EVP_MD_size(EVP_sha256()), SHA256_DIGEST_LENGTH)
1138 || !TEST_int_eq(EVP_MD_block_size(EVP_sha256()), SHA256_CBLOCK))
1139 goto err;
1140
1141 /*
1142 * Test that without specifying any properties we can get a sha256 md from a
1143 * provider.
1144 */
1145 if (!TEST_ptr(md = EVP_MD_fetch(ctx, "SHA256", NULL))
1146 || !TEST_ptr(md)
1147 || !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
1148 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg), exptd))
1149 || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
1150 || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
1151 goto err;
1152
1153 /* Also test EVP_MD_upref() while we're doing this */
1154 if (!TEST_true(EVP_MD_upref(md)))
1155 goto err;
1156 /* Ref count should now be 2. Release both */
1157 EVP_MD_meth_free(md);
1158 EVP_MD_meth_free(md);
1159 md = NULL;
1160
1161 /*
1162 * In tests 0 - 2 we've only loaded the default provider so explicitly
1163 * asking for a non-default implementation should fail. In tests 3 and 4 we
1164 * have the FIPS provider loaded so we should succeed in that case.
1165 */
1166 md = EVP_MD_fetch(ctx, "SHA256", "default=no");
1167 if (tst == 3 || tst == 4) {
1168 if (!TEST_ptr(md)
1169 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg),
1170 exptd)))
1171 goto err;
1172 } else {
1173 if (!TEST_ptr_null(md))
1174 goto err;
1175 }
1176
1177 EVP_MD_meth_free(md);
1178 md = NULL;
1179
1180 /*
1181 * Explicitly asking for the default implementation should succeeed except
1182 * in test 4 where the default provider is not loaded.
1183 */
1184 md = EVP_MD_fetch(ctx, "SHA256", "default=yes");
1185 if (tst != 4) {
1186 if (!TEST_ptr(md)
1187 || !TEST_int_eq(EVP_MD_nid(md), NID_sha256)
1188 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg),
1189 exptd))
1190 || !TEST_int_eq(EVP_MD_size(md), SHA256_DIGEST_LENGTH)
1191 || !TEST_int_eq(EVP_MD_block_size(md), SHA256_CBLOCK))
1192 goto err;
1193 } else {
1194 if (!TEST_ptr_null(md))
1195 goto err;
1196 }
1197
1198 EVP_MD_meth_free(md);
1199 md = NULL;
1200
1201 /*
1202 * Explicitly asking for a fips implementation should succeed if we have
1203 * the FIPS provider loaded and fail otherwise
1204 */
1205 md = EVP_MD_fetch(ctx, "SHA256", "fips=yes");
1206 if (tst == 3 || tst == 4) {
1207 if (!TEST_ptr(md)
1208 || !TEST_true(calculate_digest(md, testmsg, sizeof(testmsg),
1209 exptd)))
1210 goto err;
1211 } else {
1212 if (!TEST_ptr_null(md))
1213 goto err;
1214 }
1215
1216
1217 ret = 1;
1218
1219 err:
1220 EVP_MD_meth_free(md);
1221 OSSL_PROVIDER_unload(defltprov);
1222 OSSL_PROVIDER_unload(fipsprov);
1223 OPENSSL_CTX_free(ctx);
1224 return ret;
1225 }
1226
1227 int setup_tests(void)
1228 {
1229 ADD_TEST(test_EVP_DigestSignInit);
1230 ADD_TEST(test_EVP_DigestVerifyInit);
1231 ADD_TEST(test_EVP_Enveloped);
1232 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1233 #ifndef OPENSSL_NO_EC
1234 ADD_TEST(test_EVP_PKCS82PKEY);
1235 #endif
1236 #ifndef OPENSSL_NO_SM2
1237 ADD_TEST(test_EVP_SM2);
1238 ADD_TEST(test_EVP_SM2_verify);
1239 #endif
1240 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1241 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1242 if (!TEST_ptr(custom_pmeth))
1243 return 0;
1244 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1245 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1246 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1247 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1248 return 0;
1249 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1250 ADD_TEST(test_HKDF);
1251 #ifndef OPENSSL_NO_EC
1252 ADD_TEST(test_X509_PUBKEY_inplace);
1253 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1254 OSSL_NELEM(ec_der_pub_keys));
1255 #endif
1256 #ifdef NO_FIPS_MODULE
1257 ADD_ALL_TESTS(test_EVP_MD_fetch, 3);
1258 #else
1259 ADD_ALL_TESTS(test_EVP_MD_fetch, 5);
1260 #endif
1261 return 1;
1262 }
A mirror of the official openssl repository