1 /* 2 * Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <string.h> /* memset */ 11 #include <openssl/evp.h> 12 #include <openssl/pem.h> 13 #include <openssl/encoder.h> 14 #include <openssl/provider.h> 15 #include <openssl/param_build.h> 16 #include <openssl/core_names.h> 17 #include <openssl/sha.h> 18 #include "crypto/ecx.h" 19 #include "crypto/evp.h" /* For the internal API */ 20 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */ 21 #include "internal/nelem.h" 22 #include "testutil.h" 23 24 static char *datadir = NULL; 25 26 /* 27 * Do not change the order of the following defines unless you also 28 * update the for loop bounds used inside test_print_key_using_encoder() and 29 * test_print_key_using_encoder_public(). 30 */ 31 #define PRIV_TEXT 0 32 #define PRIV_PEM 1 33 #define PRIV_DER 2 34 #define PUB_TEXT 3 35 #define PUB_PEM 4 36 #define PUB_DER 5 37 38 static void stripcr(char *buf, size_t *len) 39 { 40 size_t i; 41 char *curr, *writ; 42 43 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) { 44 if (*curr == '\r') { 45 (*len)--; 46 continue; 47 } 48 if (curr != writ) 49 *writ = *curr; 50 writ++; 51 } 52 } 53 54 static int compare_with_file(const char *alg, int type, BIO *membio) 55 { 56 char filename[80]; 57 BIO *file = NULL; 58 char buf[4096]; 59 char *memdata, *fullfile = NULL; 60 const char *suffix; 61 size_t readbytes; 62 int ret = 0; 63 int len; 64 size_t slen; 65 66 switch (type) { 67 case PRIV_TEXT: 68 suffix = "priv.txt"; 69 break; 70 71 case PRIV_PEM: 72 suffix = "priv.pem"; 73 break; 74 75 case PRIV_DER: 76 suffix = "priv.der"; 77 break; 78 79 case PUB_TEXT: 80 suffix = "pub.txt"; 81 break; 82 83 case PUB_PEM: 84 suffix = "pub.pem"; 85 break; 86 87 case PUB_DER: 88 suffix = "pub.der"; 89 break; 90 91 default: 92 TEST_error("Invalid file type"); 93 goto err; 94 } 95 96 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix); 97 fullfile = test_mk_file_path(datadir, filename); 98 if (!TEST_ptr(fullfile)) 99 goto err; 100 101 file = BIO_new_file(fullfile, "rb"); 102 if (!TEST_ptr(file)) 103 goto err; 104 105 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes)) 106 || !TEST_true(BIO_eof(file)) 107 || !TEST_size_t_lt(readbytes, sizeof(buf))) 108 goto err; 109 110 len = BIO_get_mem_data(membio, &memdata); 111 if (!TEST_int_gt(len, 0)) 112 goto err; 113 114 slen = len; 115 if (type != PRIV_DER && type != PUB_DER) { 116 stripcr(memdata, &slen); 117 stripcr(buf, &readbytes); 118 } 119 120 if (!TEST_mem_eq(memdata, slen, buf, readbytes)) 121 goto err; 122 123 ret = 1; 124 err: 125 OPENSSL_free(fullfile); 126 (void)BIO_reset(membio); 127 BIO_free(file); 128 return ret; 129 } 130 131 static int pass_cb(char *buf, int size, int rwflag, void *u) 132 { 133 return 0; 134 } 135 136 static int pass_cb_error(char *buf, int size, int rwflag, void *u) 137 { 138 return -1; 139 } 140 141 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk) 142 { 143 BIO *membio = BIO_new(BIO_s_mem()); 144 int ret = 0; 145 146 if (!TEST_ptr(membio)) 147 goto err; 148 149 if (/* Output Encrypted private key in PEM form */ 150 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(), 151 (unsigned char *)"pass", 4, 152 NULL, NULL)) 153 /* Output zero-length passphrase encrypted private key in PEM form */ 154 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk, 155 EVP_aes_256_cbc(), 156 (const char *)~0, 0, 157 NULL, NULL)) 158 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk, 159 EVP_aes_256_cbc(), 160 NULL, 0, NULL, "")) 161 || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk, 162 EVP_aes_256_cbc(), 163 NULL, 0, pass_cb, NULL)) 164 || !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk, 165 EVP_aes_256_cbc(), 166 NULL, 0, pass_cb_error, 167 NULL)) 168 #ifndef OPENSSL_NO_DES 169 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid( 170 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, 171 (const char *)~0, 0, NULL, NULL)) 172 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid( 173 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0, 174 NULL, "")) 175 || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid( 176 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0, 177 pass_cb, NULL)) 178 || !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid( 179 bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0, 180 pass_cb_error, NULL)) 181 #endif 182 /* Private key in text form */ 183 || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0) 184 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio)) 185 /* Public key in PEM form */ 186 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk)) 187 || !TEST_true(compare_with_file(alg, PUB_PEM, membio)) 188 /* Unencrypted private key in PEM form */ 189 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk, 190 NULL, NULL, 0, NULL, NULL)) 191 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)) 192 /* NULL key */ 193 || !TEST_false(PEM_write_bio_PrivateKey(membio, NULL, 194 NULL, NULL, 0, NULL, NULL)) 195 || !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL, 196 NULL, NULL, 0, NULL, NULL))) 197 goto err; 198 199 ret = 1; 200 err: 201 BIO_free(membio); 202 return ret; 203 } 204 205 static int test_print_key_type_using_encoder(const char *alg, int type, 206 const EVP_PKEY *pk) 207 { 208 const char *output_type, *output_structure; 209 int selection; 210 OSSL_ENCODER_CTX *ctx = NULL; 211 BIO *membio = BIO_new(BIO_s_mem()); 212 int ret = 0; 213 214 switch (type) { 215 case PRIV_TEXT: 216 output_type = "TEXT"; 217 output_structure = NULL; 218 selection = OSSL_KEYMGMT_SELECT_KEYPAIR 219 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; 220 break; 221 222 case PRIV_PEM: 223 output_type = "PEM"; 224 output_structure = "PrivateKeyInfo"; 225 selection = OSSL_KEYMGMT_SELECT_KEYPAIR 226 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; 227 break; 228 229 case PRIV_DER: 230 output_type = "DER"; 231 output_structure = "PrivateKeyInfo"; 232 selection = OSSL_KEYMGMT_SELECT_KEYPAIR 233 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; 234 break; 235 236 case PUB_TEXT: 237 output_type = "TEXT"; 238 output_structure = NULL; 239 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY 240 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; 241 break; 242 243 case PUB_PEM: 244 output_type = "PEM"; 245 output_structure = "SubjectPublicKeyInfo"; 246 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY 247 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; 248 break; 249 250 case PUB_DER: 251 output_type = "DER"; 252 output_structure = "SubjectPublicKeyInfo"; 253 selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY 254 | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; 255 break; 256 257 default: 258 TEST_error("Invalid encoding type"); 259 goto err; 260 } 261 262 if (!TEST_ptr(membio)) 263 goto err; 264 265 /* Make a context, it's valid for several prints */ 266 TEST_note("Setting up a OSSL_ENCODER context with passphrase"); 267 if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection, 268 output_type, 269 output_structure, 270 NULL)) 271 /* Check that this operation is supported */ 272 || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0)) 273 goto err; 274 275 /* Use no cipher. This should give us an unencrypted PEM */ 276 TEST_note("Testing with no encryption"); 277 if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio)) 278 || !TEST_true(compare_with_file(alg, type, membio))) 279 goto err; 280 281 if (type == PRIV_PEM) { 282 /* Set a passphrase to be used later */ 283 if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx, 284 (unsigned char *)"pass", 285 4))) 286 goto err; 287 288 /* Use a valid cipher name */ 289 TEST_note("Displaying PEM encrypted with AES-256-CBC"); 290 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL)) 291 || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out))) 292 goto err; 293 294 /* Use an invalid cipher name, which should generate no output */ 295 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO"); 296 if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL)) 297 || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out))) 298 goto err; 299 300 /* Clear the cipher. This should give us an unencrypted PEM again */ 301 TEST_note("Testing with encryption cleared (no encryption)"); 302 if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL)) 303 || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio)) 304 || !TEST_true(compare_with_file(alg, type, membio))) 305 goto err; 306 } 307 ret = 1; 308 err: 309 BIO_free(membio); 310 OSSL_ENCODER_CTX_free(ctx); 311 return ret; 312 } 313 314 static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk) 315 { 316 int i; 317 int ret = 1; 318 319 for (i = PRIV_TEXT; i <= PUB_DER; i++) 320 ret = ret && test_print_key_type_using_encoder(alg, i, pk); 321 322 return ret; 323 } 324 325 #ifndef OPENSSL_NO_EC 326 static int test_print_key_using_encoder_public(const char *alg, 327 const EVP_PKEY *pk) 328 { 329 int i; 330 int ret = 1; 331 332 for (i = PUB_TEXT; i <= PUB_DER; i++) 333 ret = ret && test_print_key_type_using_encoder(alg, i, pk); 334 335 return ret; 336 } 337 #endif 338 339 /* Array indexes used in test_fromdata_rsa */ 340 #define N 0 341 #define E 1 342 #define D 2 343 #define P 3 344 #define Q 4 345 #define DP 5 346 #define DQ 6 347 #define QINV 7 348 349 static int test_fromdata_rsa(void) 350 { 351 int ret = 0, i; 352 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; 353 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL; 354 /* 355 * 32-bit RSA key, extracted from this command, 356 * executed with OpenSSL 1.0.2: 357 * 358 * openssl genrsa 32 | openssl rsa -text 359 */ 360 static unsigned long key_numbers[] = { 361 0xbc747fc5, /* N */ 362 0x10001, /* E */ 363 0x7b133399, /* D */ 364 0xe963, /* P */ 365 0xceb7, /* Q */ 366 0x8599, /* DP */ 367 0xbd87, /* DQ */ 368 0xcc3b, /* QINV */ 369 }; 370 OSSL_PARAM fromdata_params[] = { 371 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]), 372 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]), 373 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]), 374 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]), 375 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]), 376 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]), 377 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]), 378 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]), 379 OSSL_PARAM_END 380 }; 381 BIGNUM *bn = BN_new(); 382 BIGNUM *bn_from = BN_new(); 383 384 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))) 385 goto err; 386 387 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 388 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 389 fromdata_params), 1)) 390 goto err; 391 392 for (;;) { 393 ret = 0; 394 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32) 395 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8) 396 || !TEST_int_eq(EVP_PKEY_get_size(pk), 4) 397 || !TEST_false(EVP_PKEY_missing_parameters(pk))) 398 goto err; 399 400 EVP_PKEY_CTX_free(key_ctx); 401 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))) 402 goto err; 403 404 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0) 405 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0) 406 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0) 407 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0)) 408 goto err; 409 410 /* EVP_PKEY_copy_parameters() should fail for RSA */ 411 if (!TEST_ptr(copy_pk = EVP_PKEY_new()) 412 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk))) 413 goto err; 414 EVP_PKEY_free(copy_pk); 415 copy_pk = NULL; 416 417 ret = test_print_key_using_pem("RSA", pk) 418 && test_print_key_using_encoder("RSA", pk); 419 420 if (!ret || dup_pk != NULL) 421 break; 422 423 if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk))) 424 goto err; 425 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1); 426 EVP_PKEY_free(pk); 427 pk = dup_pk; 428 if (!ret) 429 goto err; 430 } 431 err: 432 /* for better diagnostics always compare key params */ 433 for (i = 0; fromdata_params[i].key != NULL; ++i) { 434 if (!TEST_true(BN_set_word(bn_from, key_numbers[i])) 435 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn)) 436 || !TEST_BN_eq(bn, bn_from)) 437 ret = 0; 438 } 439 BN_free(bn_from); 440 BN_free(bn); 441 EVP_PKEY_free(pk); 442 EVP_PKEY_free(copy_pk); 443 EVP_PKEY_CTX_free(key_ctx); 444 EVP_PKEY_CTX_free(ctx); 445 446 return ret; 447 } 448 449 static int test_evp_pkey_get_bn_param_large(void) 450 { 451 int ret = 0; 452 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; 453 EVP_PKEY *pk = NULL; 454 OSSL_PARAM_BLD *bld = NULL; 455 OSSL_PARAM *fromdata_params = NULL; 456 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL; 457 /* 458 * The buffer size chosen here for n_data larger than the buffer used 459 * internally in EVP_PKEY_get_bn_param. 460 */ 461 static unsigned char n_data[2050]; 462 static const unsigned char e_data[] = { 463 0x1, 0x00, 0x01 464 }; 465 static const unsigned char d_data[]= { 466 0x99, 0x33, 0x13, 0x7b 467 }; 468 469 /* N is a large buffer */ 470 memset(n_data, 0xCE, sizeof(n_data)); 471 472 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) 473 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL)) 474 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL)) 475 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL)) 476 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n)) 477 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e)) 478 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d)) 479 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)) 480 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)) 481 || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 482 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 483 fromdata_params), 1) 484 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")) 485 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out)) 486 || !TEST_BN_eq(n, n_out)) 487 goto err; 488 ret = 1; 489 err: 490 BN_free(n_out); 491 BN_free(n); 492 BN_free(e); 493 BN_free(d); 494 EVP_PKEY_free(pk); 495 EVP_PKEY_CTX_free(key_ctx); 496 EVP_PKEY_CTX_free(ctx); 497 OSSL_PARAM_free(fromdata_params); 498 OSSL_PARAM_BLD_free(bld); 499 return ret; 500 } 501 502 503 #ifndef OPENSSL_NO_DH 504 static int test_fromdata_dh_named_group(void) 505 { 506 int ret = 0; 507 int gindex = 0, pcounter = 0, hindex = 0; 508 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; 509 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL; 510 size_t len; 511 BIGNUM *pub = NULL, *priv = NULL; 512 BIGNUM *pub_out = NULL, *priv_out = NULL; 513 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL; 514 OSSL_PARAM *fromdata_params = NULL; 515 OSSL_PARAM_BLD *bld = NULL; 516 char name_out[80]; 517 unsigned char seed_out[32]; 518 519 /* 520 * DH key data was generated using the following: 521 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048 522 * -pkeyopt priv_len:224 -text 523 */ 524 static const unsigned char priv_data[] = { 525 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d, 526 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa, 527 0x87, 0xe8, 0xa9, 0x7b, 528 }; 529 static const unsigned char pub_data[] = { 530 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 531 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 532 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 533 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 534 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 535 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 536 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 537 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 538 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 539 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 540 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 541 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 542 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 543 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 544 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 545 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 546 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 547 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 548 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 549 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 550 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 551 0xcf, 0x33, 0x42, 0x83, 0x42 552 }; 553 static const char group_name[] = "ffdhe2048"; 554 static const long priv_len = 224; 555 556 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) 557 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL)) 558 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL)) 559 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, 560 OSSL_PKEY_PARAM_GROUP_NAME, 561 group_name, 0)) 562 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN, 563 priv_len)) 564 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub)) 565 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) 566 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) 567 goto err; 568 569 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL))) 570 goto err; 571 572 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 573 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 574 fromdata_params), 1)) 575 goto err; 576 577 /* 578 * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that 579 * it behaves as expected with regards to string length and terminating 580 * NUL byte. 581 */ 582 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, 583 OSSL_PKEY_PARAM_GROUP_NAME, 584 NULL, sizeof(name_out), 585 &len)) 586 || !TEST_size_t_eq(len, sizeof(group_name) - 1) 587 /* Just enough space to hold the group name and a terminating NUL */ 588 || !TEST_true(EVP_PKEY_get_utf8_string_param(pk, 589 OSSL_PKEY_PARAM_GROUP_NAME, 590 name_out, 591 sizeof(group_name), 592 &len)) 593 || !TEST_size_t_eq(len, sizeof(group_name) - 1) 594 /* Too small buffer to hold the terminating NUL byte */ 595 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk, 596 OSSL_PKEY_PARAM_GROUP_NAME, 597 name_out, 598 sizeof(group_name) - 1, 599 &len)) 600 /* Too small buffer to hold the whole group name, even! */ 601 || !TEST_false(EVP_PKEY_get_utf8_string_param(pk, 602 OSSL_PKEY_PARAM_GROUP_NAME, 603 name_out, 604 sizeof(group_name) - 2, 605 &len))) 606 goto err; 607 608 for (;;) { 609 ret = 0; 610 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048) 611 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112) 612 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256) 613 || !TEST_false(EVP_PKEY_missing_parameters(pk))) 614 goto err; 615 616 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, 617 OSSL_PKEY_PARAM_GROUP_NAME, 618 name_out, 619 sizeof(name_out), 620 &len)) 621 || !TEST_str_eq(name_out, group_name) 622 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY, 623 &pub_out)) 624 625 || !TEST_BN_eq(pub, pub_out) 626 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY, 627 &priv_out)) 628 || !TEST_BN_eq(priv, priv_out) 629 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p)) 630 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p) 631 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q)) 632 || !TEST_ptr(q) 633 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g)) 634 || !TEST_BN_eq(&ossl_bignum_const_2, g) 635 || !TEST_false(EVP_PKEY_get_bn_param(pk, 636 OSSL_PKEY_PARAM_FFC_COFACTOR, 637 &j)) 638 || !TEST_ptr_null(j) 639 || !TEST_false(EVP_PKEY_get_octet_string_param(pk, 640 OSSL_PKEY_PARAM_FFC_SEED, 641 seed_out, 642 sizeof(seed_out), 643 &len)) 644 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX, 645 &gindex)) 646 || !TEST_int_eq(gindex, -1) 647 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, 648 &hindex)) 649 || !TEST_int_eq(hindex, 0) 650 || !TEST_true(EVP_PKEY_get_int_param(pk, 651 OSSL_PKEY_PARAM_FFC_PCOUNTER, 652 &pcounter)) 653 || !TEST_int_eq(pcounter, -1)) 654 goto err; 655 BN_free(p); 656 p = NULL; 657 BN_free(q); 658 q = NULL; 659 BN_free(g); 660 g = NULL; 661 BN_free(j); 662 j = NULL; 663 BN_free(pub_out); 664 pub_out = NULL; 665 BN_free(priv_out); 666 priv_out = NULL; 667 668 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))) 669 goto err; 670 671 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0) 672 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0) 673 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0) 674 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0)) 675 goto err; 676 EVP_PKEY_CTX_free(key_ctx); 677 key_ctx = NULL; 678 679 if (!TEST_ptr(copy_pk = EVP_PKEY_new()) 680 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk))) 681 goto err; 682 EVP_PKEY_free(copy_pk); 683 copy_pk = NULL; 684 685 ret = test_print_key_using_pem("DH", pk) 686 && test_print_key_using_encoder("DH", pk); 687 688 if (!ret || dup_pk != NULL) 689 break; 690 691 if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk))) 692 goto err; 693 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1); 694 EVP_PKEY_free(pk); 695 pk = dup_pk; 696 if (!ret) 697 goto err; 698 } 699 err: 700 BN_free(p); 701 BN_free(q); 702 BN_free(g); 703 BN_free(j); 704 BN_free(pub); 705 BN_free(priv); 706 BN_free(pub_out); 707 BN_free(priv_out); 708 EVP_PKEY_free(copy_pk); 709 EVP_PKEY_free(pk); 710 EVP_PKEY_CTX_free(ctx); 711 EVP_PKEY_CTX_free(key_ctx); 712 OSSL_PARAM_free(fromdata_params); 713 OSSL_PARAM_BLD_free(bld); 714 715 return ret; 716 } 717 718 static int test_fromdata_dh_fips186_4(void) 719 { 720 int ret = 0; 721 int gindex = 0, pcounter = 0, hindex = 0; 722 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; 723 EVP_PKEY *pk = NULL, *dup_pk = NULL; 724 size_t len; 725 BIGNUM *pub = NULL, *priv = NULL; 726 BIGNUM *pub_out = NULL, *priv_out = NULL; 727 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL; 728 OSSL_PARAM_BLD *bld = NULL; 729 OSSL_PARAM *fromdata_params = NULL; 730 char name_out[80]; 731 unsigned char seed_out[32]; 732 733 /* 734 * DH key data was generated using the following: 735 * openssl genpkey -algorithm DH 736 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text 737 */ 738 static const unsigned char priv_data[] = { 739 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d, 740 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa, 741 0x87, 0xe8, 0xa9, 0x7b, 742 }; 743 static const unsigned char pub_data[] = { 744 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82, 745 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33, 746 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64, 747 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9, 748 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa, 749 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d, 750 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e, 751 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57, 752 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5, 753 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a, 754 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb, 755 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22, 756 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c, 757 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82, 758 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14, 759 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e, 760 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc, 761 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1, 762 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1, 763 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8, 764 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf, 765 0x33, 0x42, 0x83, 0x42 766 }; 767 static const char group_name[] = "ffdhe2048"; 768 static const long priv_len = 224; 769 770 771 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) 772 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL)) 773 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL)) 774 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, 775 OSSL_PKEY_PARAM_GROUP_NAME, 776 group_name, 0)) 777 || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN, 778 priv_len)) 779 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub)) 780 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) 781 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) 782 goto err; 783 784 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL))) 785 goto err; 786 787 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 788 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 789 fromdata_params), 1)) 790 goto err; 791 792 for (;;) { 793 ret = 0; 794 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048) 795 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112) 796 || !TEST_int_eq(EVP_PKEY_get_size(pk), 256) 797 || !TEST_false(EVP_PKEY_missing_parameters(pk))) 798 goto err; 799 800 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, 801 OSSL_PKEY_PARAM_GROUP_NAME, 802 name_out, 803 sizeof(name_out), 804 &len)) 805 || !TEST_str_eq(name_out, group_name) 806 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY, 807 &pub_out)) 808 || !TEST_BN_eq(pub, pub_out) 809 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY, 810 &priv_out)) 811 || !TEST_BN_eq(priv, priv_out) 812 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p)) 813 || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p) 814 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q)) 815 || !TEST_ptr(q) 816 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g)) 817 || !TEST_BN_eq(&ossl_bignum_const_2, g) 818 || !TEST_false(EVP_PKEY_get_bn_param(pk, 819 OSSL_PKEY_PARAM_FFC_COFACTOR, 820 &j)) 821 || !TEST_ptr_null(j) 822 || !TEST_false(EVP_PKEY_get_octet_string_param(pk, 823 OSSL_PKEY_PARAM_FFC_SEED, 824 seed_out, 825 sizeof(seed_out), 826 &len)) 827 || !TEST_true(EVP_PKEY_get_int_param(pk, 828 OSSL_PKEY_PARAM_FFC_GINDEX, 829 &gindex)) 830 || !TEST_int_eq(gindex, -1) 831 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, 832 &hindex)) 833 || !TEST_int_eq(hindex, 0) 834 || !TEST_true(EVP_PKEY_get_int_param(pk, 835 OSSL_PKEY_PARAM_FFC_PCOUNTER, 836 &pcounter)) 837 || !TEST_int_eq(pcounter, -1)) 838 goto err; 839 BN_free(p); 840 p = NULL; 841 BN_free(q); 842 q = NULL; 843 BN_free(g); 844 g = NULL; 845 BN_free(j); 846 j = NULL; 847 BN_free(pub_out); 848 pub_out = NULL; 849 BN_free(priv_out); 850 priv_out = NULL; 851 852 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))) 853 goto err; 854 855 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0) 856 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0) 857 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0) 858 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0)) 859 goto err; 860 EVP_PKEY_CTX_free(key_ctx); 861 key_ctx = NULL; 862 863 ret = test_print_key_using_pem("DH", pk) 864 && test_print_key_using_encoder("DH", pk); 865 866 if (!ret || dup_pk != NULL) 867 break; 868 869 if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk))) 870 goto err; 871 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1); 872 EVP_PKEY_free(pk); 873 pk = dup_pk; 874 if (!ret) 875 goto err; 876 } 877 err: 878 BN_free(p); 879 BN_free(q); 880 BN_free(g); 881 BN_free(j); 882 BN_free(pub); 883 BN_free(priv); 884 BN_free(pub_out); 885 BN_free(priv_out); 886 EVP_PKEY_free(pk); 887 EVP_PKEY_CTX_free(ctx); 888 EVP_PKEY_CTX_free(key_ctx); 889 OSSL_PARAM_free(fromdata_params); 890 OSSL_PARAM_BLD_free(bld); 891 892 return ret; 893 } 894 895 #endif 896 897 898 899 #ifndef OPENSSL_NO_EC 900 /* Array indexes used in test_fromdata_ecx */ 901 # define PRIV_KEY 0 902 # define PUB_KEY 1 903 904 # define X25519_IDX 0 905 # define X448_IDX 1 906 # define ED25519_IDX 2 907 # define ED448_IDX 3 908 909 /* 910 * tst uses indexes 0 ... (3 * 4 - 1) 911 * For the 4 ECX key types (X25519_IDX..ED448_IDX) 912 * 0..3 = public + private key. 913 * 4..7 = private key (This will generate the public key from the private key) 914 * 8..11 = public key 915 */ 916 static int test_fromdata_ecx(int tst) 917 { 918 int ret = 0; 919 EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL; 920 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL; 921 const char *alg = NULL; 922 size_t len; 923 unsigned char out_pub[ED448_KEYLEN]; 924 unsigned char out_priv[ED448_KEYLEN]; 925 OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END }; 926 927 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */ 928 static unsigned char key_numbers[4][2][ED448_KEYLEN] = { 929 /* X25519: Keys from RFC 7748 6.1 */ 930 { 931 /* Private Key */ 932 { 933 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16, 934 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87, 935 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9, 936 0x2c, 0x2a 937 }, 938 /* Public Key */ 939 { 940 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b, 941 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d, 942 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b, 943 0x4e, 0x6a 944 } 945 }, 946 /* X448: Keys from RFC 7748 6.2 */ 947 { 948 /* Private Key */ 949 { 950 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf, 951 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba, 952 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9, 953 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91, 954 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2, 955 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b 956 }, 957 /* Public Key */ 958 { 959 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22, 960 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8, 961 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5, 962 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4, 963 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f, 964 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0 965 } 966 }, 967 /* ED25519: Keys from RFC 8032 */ 968 { 969 /* Private Key */ 970 { 971 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84, 972 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69, 973 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae, 974 0x7f, 0x60 975 }, 976 /* Public Key */ 977 { 978 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b, 979 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3, 980 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07, 981 0x51, 0x1a 982 } 983 }, 984 /* ED448: Keys from RFC 8032 */ 985 { 986 /* Private Key */ 987 { 988 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32, 989 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34, 990 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3, 991 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e, 992 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e, 993 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b 994 }, 995 /* Public Key */ 996 { 997 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7, 998 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24, 999 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9, 1000 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06, 1001 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa, 1002 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80 1003 } 1004 } 1005 }; 1006 OSSL_PARAM x25519_fromdata_params[] = { 1007 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 1008 key_numbers[X25519_IDX][PRIV_KEY], 1009 X25519_KEYLEN), 1010 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, 1011 key_numbers[X25519_IDX][PUB_KEY], 1012 X25519_KEYLEN), 1013 OSSL_PARAM_END 1014 }; 1015 OSSL_PARAM x448_fromdata_params[] = { 1016 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 1017 key_numbers[X448_IDX][PRIV_KEY], 1018 X448_KEYLEN), 1019 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, 1020 key_numbers[X448_IDX][PUB_KEY], 1021 X448_KEYLEN), 1022 OSSL_PARAM_END 1023 }; 1024 OSSL_PARAM ed25519_fromdata_params[] = { 1025 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 1026 key_numbers[ED25519_IDX][PRIV_KEY], 1027 ED25519_KEYLEN), 1028 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, 1029 key_numbers[ED25519_IDX][PUB_KEY], 1030 ED25519_KEYLEN), 1031 OSSL_PARAM_END 1032 }; 1033 OSSL_PARAM ed448_fromdata_params[] = { 1034 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY, 1035 key_numbers[ED448_IDX][PRIV_KEY], 1036 ED448_KEYLEN), 1037 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY, 1038 key_numbers[ED448_IDX][PUB_KEY], 1039 ED448_KEYLEN), 1040 OSSL_PARAM_END 1041 }; 1042 OSSL_PARAM *fromdata_params = NULL; 1043 int bits = 0, security_bits = 0, size = 0; 1044 OSSL_PARAM *orig_fromdata_params = NULL; 1045 1046 switch (tst & 3) { 1047 case X25519_IDX: 1048 fromdata_params = x25519_fromdata_params; 1049 bits = X25519_BITS; 1050 security_bits = X25519_SECURITY_BITS; 1051 size = X25519_KEYLEN; 1052 alg = "X25519"; 1053 break; 1054 1055 case X448_IDX: 1056 fromdata_params = x448_fromdata_params; 1057 bits = X448_BITS; 1058 security_bits = X448_SECURITY_BITS; 1059 size = X448_KEYLEN; 1060 alg = "X448"; 1061 break; 1062 1063 case ED25519_IDX: 1064 fromdata_params = ed25519_fromdata_params; 1065 bits = ED25519_BITS; 1066 security_bits = ED25519_SECURITY_BITS; 1067 size = ED25519_SIGSIZE; 1068 alg = "ED25519"; 1069 break; 1070 1071 case ED448_IDX: 1072 fromdata_params = ed448_fromdata_params; 1073 bits = ED448_BITS; 1074 security_bits = ED448_SECURITY_BITS; 1075 size = ED448_SIGSIZE; 1076 alg = "ED448"; 1077 break; 1078 default: 1079 goto err; 1080 } 1081 1082 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL); 1083 if (!TEST_ptr(ctx)) 1084 goto err; 1085 1086 orig_fromdata_params = fromdata_params; 1087 if (tst > 7) { 1088 /* public key only */ 1089 fromdata_params++; 1090 } else if (tst > 3) { 1091 /* private key only */ 1092 params[0] = fromdata_params[0]; 1093 params[1] = fromdata_params[2]; 1094 fromdata_params = params; 1095 } 1096 1097 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 1098 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 1099 fromdata_params), 1)) 1100 goto err; 1101 1102 for (;;) { 1103 ret = 0; 1104 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits) 1105 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits) 1106 || !TEST_int_eq(EVP_PKEY_get_size(pk), size) 1107 || !TEST_false(EVP_PKEY_missing_parameters(pk))) 1108 goto err; 1109 1110 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL))) 1111 goto err; 1112 if (tst <= 7) { 1113 if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0)) 1114 goto err; 1115 if (!TEST_true(EVP_PKEY_get_octet_string_param( 1116 pk, orig_fromdata_params[PRIV_KEY].key, 1117 out_priv, sizeof(out_priv), &len)) 1118 || !TEST_mem_eq(out_priv, len, 1119 orig_fromdata_params[PRIV_KEY].data, 1120 orig_fromdata_params[PRIV_KEY].data_size) 1121 || !TEST_true(EVP_PKEY_get_octet_string_param( 1122 pk, orig_fromdata_params[PUB_KEY].key, 1123 out_pub, sizeof(out_pub), &len)) 1124 || !TEST_mem_eq(out_pub, len, 1125 orig_fromdata_params[PUB_KEY].data, 1126 orig_fromdata_params[PUB_KEY].data_size)) 1127 goto err; 1128 } else { 1129 /* The private key check should fail if there is only a public key */ 1130 if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0) 1131 || !TEST_int_le(EVP_PKEY_private_check(ctx2), 0) 1132 || !TEST_int_le(EVP_PKEY_check(ctx2), 0)) 1133 goto err; 1134 } 1135 EVP_PKEY_CTX_free(ctx2); 1136 ctx2 = NULL; 1137 1138 if (!TEST_ptr(copy_pk = EVP_PKEY_new()) 1139 /* This should succeed because there are no parameters to copy */ 1140 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk))) 1141 goto err; 1142 if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, copy_pk, NULL)) 1143 /* This should fail because copy_pk has no pubkey */ 1144 || !TEST_int_le(EVP_PKEY_public_check(ctx2), 0)) 1145 goto err; 1146 EVP_PKEY_CTX_free(ctx2); 1147 ctx2 = NULL; 1148 EVP_PKEY_free(copy_pk); 1149 copy_pk = NULL; 1150 1151 if (tst > 7) 1152 ret = test_print_key_using_encoder_public(alg, pk); 1153 else 1154 ret = test_print_key_using_pem(alg, pk) 1155 && test_print_key_using_encoder(alg, pk); 1156 1157 if (!ret || dup_pk != NULL) 1158 break; 1159 1160 if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk))) 1161 goto err; 1162 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1); 1163 EVP_PKEY_free(pk); 1164 pk = dup_pk; 1165 if (!ret) 1166 goto err; 1167 } 1168 1169 err: 1170 EVP_PKEY_free(pk); 1171 EVP_PKEY_free(copy_pk); 1172 EVP_PKEY_CTX_free(ctx); 1173 EVP_PKEY_CTX_free(ctx2); 1174 1175 return ret; 1176 } 1177 1178 static int test_fromdata_ec(void) 1179 { 1180 int ret = 0; 1181 EVP_PKEY_CTX *ctx = NULL; 1182 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL; 1183 OSSL_PARAM_BLD *bld = NULL; 1184 BIGNUM *ec_priv_bn = NULL; 1185 BIGNUM *bn_priv = NULL; 1186 OSSL_PARAM *fromdata_params = NULL; 1187 const char *alg = "EC"; 1188 const char *curve = "prime256v1"; 1189 const char bad_curve[] = "nonexistent-curve"; 1190 OSSL_PARAM nokey_params[2] = { 1191 OSSL_PARAM_END, 1192 OSSL_PARAM_END 1193 }; 1194 /* UNCOMPRESSED FORMAT */ 1195 static const unsigned char ec_pub_keydata[] = { 1196 POINT_CONVERSION_UNCOMPRESSED, 1197 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63, 1198 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d, 1199 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73, 1200 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2, 1201 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f, 1202 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d, 1203 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf, 1204 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29 1205 }; 1206 /* SAME BUT COMPRESSED FORMAT */ 1207 static const unsigned char ec_pub_keydata_compressed[] = { 1208 POINT_CONVERSION_COMPRESSED+1, 1209 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63, 1210 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d, 1211 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73, 1212 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2 1213 }; 1214 static const unsigned char ec_priv_keydata[] = { 1215 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03, 1216 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59, 1217 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e, 1218 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad 1219 }; 1220 unsigned char out_pub[sizeof(ec_pub_keydata)]; 1221 char out_curve_name[80]; 1222 const OSSL_PARAM *gettable = NULL; 1223 size_t len; 1224 EC_GROUP *group = NULL; 1225 BIGNUM *group_a = NULL; 1226 BIGNUM *group_b = NULL; 1227 BIGNUM *group_p = NULL; 1228 BIGNUM *a = NULL; 1229 BIGNUM *b = NULL; 1230 BIGNUM *p = NULL; 1231 1232 1233 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())) 1234 goto err; 1235 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata, 1236 sizeof(ec_priv_keydata), NULL))) 1237 goto err; 1238 1239 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME, 1240 curve, 0) <= 0) 1241 goto err; 1242 /* 1243 * We intentionally provide the input point in compressed format, 1244 * and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`. 1245 * 1246 * Later on we check what format is used when exporting the 1247 * `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed 1248 * format. 1249 */ 1250 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY, 1251 ec_pub_keydata_compressed, 1252 sizeof(ec_pub_keydata_compressed)) <= 0) 1253 goto err; 1254 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0) 1255 goto err; 1256 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) 1257 goto err; 1258 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL); 1259 if (!TEST_ptr(ctx)) 1260 goto err; 1261 1262 /* try importing parameters with bad curve first */ 1263 nokey_params[0] = 1264 OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, 1265 (char *)bad_curve, sizeof(bad_curve)); 1266 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 1267 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS, 1268 nokey_params), 0) 1269 || !TEST_ptr_null(pk)) 1270 goto err; 1271 1272 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 1273 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 1274 fromdata_params), 1)) 1275 goto err; 1276 1277 for (;;) { 1278 ret = 0; 1279 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256) 1280 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128) 1281 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2) 1282 || !TEST_false(EVP_PKEY_missing_parameters(pk))) 1283 goto err; 1284 1285 if (!TEST_ptr(copy_pk = EVP_PKEY_new()) 1286 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk))) 1287 goto err; 1288 EVP_PKEY_free(copy_pk); 1289 copy_pk = NULL; 1290 1291 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk)) 1292 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, 1293 OSSL_PKEY_PARAM_GROUP_NAME)) 1294 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, 1295 OSSL_PKEY_PARAM_PUB_KEY)) 1296 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, 1297 OSSL_PKEY_PARAM_PRIV_KEY))) 1298 goto err; 1299 1300 if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve))) 1301 || !TEST_ptr(group_p = BN_new()) 1302 || !TEST_ptr(group_a = BN_new()) 1303 || !TEST_ptr(group_b = BN_new()) 1304 || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL))) 1305 goto err; 1306 1307 if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a)) 1308 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b)) 1309 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p))) 1310 goto err; 1311 1312 if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a) 1313 || !TEST_BN_eq(group_b, b)) 1314 goto err; 1315 1316 EC_GROUP_free(group); 1317 group = NULL; 1318 BN_free(group_p); 1319 group_p = NULL; 1320 BN_free(group_a); 1321 group_a = NULL; 1322 BN_free(group_b); 1323 group_b = NULL; 1324 1325 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME, 1326 out_curve_name, 1327 sizeof(out_curve_name), 1328 &len) 1329 || !TEST_str_eq(out_curve_name, curve) 1330 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY, 1331 out_pub, sizeof(out_pub), &len) 1332 1333 /* 1334 * Our providers use uncompressed format by default if 1335 * `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not 1336 * explicitly set, irrespective of the format used for the 1337 * input point given as a param to create this key. 1338 */ 1339 || !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED) 1340 || !TEST_mem_eq(out_pub + 1, len - 1, 1341 ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1) 1342 1343 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY, 1344 &bn_priv)) 1345 || !TEST_BN_eq(ec_priv_bn, bn_priv)) 1346 goto err; 1347 BN_free(bn_priv); 1348 bn_priv = NULL; 1349 1350 ret = test_print_key_using_pem(alg, pk) 1351 && test_print_key_using_encoder(alg, pk); 1352 1353 if (!ret || dup_pk != NULL) 1354 break; 1355 1356 if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk))) 1357 goto err; 1358 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1); 1359 EVP_PKEY_free(pk); 1360 pk = dup_pk; 1361 if (!ret) 1362 goto err; 1363 } 1364 1365 err: 1366 EC_GROUP_free(group); 1367 BN_free(group_a); 1368 BN_free(group_b); 1369 BN_free(group_p); 1370 BN_free(a); 1371 BN_free(b); 1372 BN_free(p); 1373 BN_free(bn_priv); 1374 BN_free(ec_priv_bn); 1375 OSSL_PARAM_free(fromdata_params); 1376 OSSL_PARAM_BLD_free(bld); 1377 EVP_PKEY_free(pk); 1378 EVP_PKEY_free(copy_pk); 1379 EVP_PKEY_CTX_free(ctx); 1380 return ret; 1381 } 1382 1383 static int test_ec_dup_no_operation(void) 1384 { 1385 int ret = 0; 1386 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL; 1387 EVP_PKEY *param = NULL, *pkey = NULL; 1388 1389 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) 1390 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0) 1391 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, 1392 NID_X9_62_prime256v1), 0) 1393 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0) 1394 || !TEST_ptr(param)) 1395 goto err; 1396 1397 EVP_PKEY_CTX_free(pctx); 1398 pctx = NULL; 1399 1400 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL)) 1401 || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx)) 1402 || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0) 1403 || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0)) 1404 goto err; 1405 ret = 1; 1406 err: 1407 EVP_PKEY_free(pkey); 1408 EVP_PKEY_free(param); 1409 EVP_PKEY_CTX_free(ctx); 1410 EVP_PKEY_CTX_free(kctx); 1411 EVP_PKEY_CTX_free(pctx); 1412 return ret; 1413 } 1414 1415 /* Test that keygen doesn't support EVP_PKEY_CTX_dup */ 1416 static int test_ec_dup_keygen_operation(void) 1417 { 1418 int ret = 0; 1419 EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL; 1420 EVP_PKEY *param = NULL, *pkey = NULL; 1421 1422 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) 1423 || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0) 1424 || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, 1425 NID_X9_62_prime256v1), 0) 1426 || !TEST_int_gt(EVP_PKEY_paramgen(pctx, ¶m), 0) 1427 || !TEST_ptr(param)) 1428 goto err; 1429 1430 EVP_PKEY_CTX_free(pctx); 1431 pctx = NULL; 1432 1433 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL)) 1434 || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0) 1435 || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx))) 1436 goto err; 1437 ret = 1; 1438 err: 1439 EVP_PKEY_free(pkey); 1440 EVP_PKEY_free(param); 1441 EVP_PKEY_CTX_free(ctx); 1442 EVP_PKEY_CTX_free(kctx); 1443 EVP_PKEY_CTX_free(pctx); 1444 return ret; 1445 } 1446 1447 #endif /* OPENSSL_NO_EC */ 1448 1449 #ifndef OPENSSL_NO_DSA 1450 static int test_fromdata_dsa_fips186_4(void) 1451 { 1452 int ret = 0; 1453 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL; 1454 EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL; 1455 BIGNUM *pub = NULL, *priv = NULL; 1456 BIGNUM *p = NULL, *q = NULL, *g = NULL; 1457 BIGNUM *pub_out = NULL, *priv_out = NULL; 1458 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL; 1459 int gindex_out = 0, pcounter_out = 0, hindex_out = 0; 1460 char name_out[80]; 1461 unsigned char seed_out[32]; 1462 size_t len; 1463 OSSL_PARAM_BLD *bld = NULL; 1464 OSSL_PARAM *fromdata_params = NULL; 1465 1466 /* 1467 * DSA parameter data was generated using the following: 1468 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \ 1469 * -pkeyopt qbits:256 -pkeyopt type:0 \ 1470 * -pkeyopt gindex:1 -out dsa_params.pem -text 1471 */ 1472 static const unsigned char p_data[] = { 1473 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b, 1474 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21, 1475 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8, 1476 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7, 1477 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc, 1478 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4, 1479 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23, 1480 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64, 1481 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e, 1482 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73, 1483 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a, 1484 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6, 1485 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde, 1486 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd, 1487 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c, 1488 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71, 1489 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18, 1490 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56, 1491 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85, 1492 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c, 1493 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79, 1494 0x7c, 0xfe, 0xaf, 0x6a, 0x05 1495 }; 1496 static const unsigned char q_data[] = { 1497 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04, 1498 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40, 1499 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7 1500 }; 1501 static const unsigned char g_data[] = { 1502 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b, 1503 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b, 1504 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4, 1505 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6, 1506 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa, 1507 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57, 1508 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72, 1509 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c, 1510 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60, 1511 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1, 1512 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35, 1513 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e, 1514 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05, 1515 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25, 1516 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb, 1517 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a, 1518 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25, 1519 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0, 1520 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd, 1521 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53, 1522 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62, 1523 0x02, 0x6f, 0x96, 0x36 1524 }; 1525 static const unsigned char seed_data[] = { 1526 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62, 1527 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04, 1528 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84 1529 }; 1530 const int gindex = 1; 1531 const int pcounter = 53; 1532 /* 1533 * The keypair was generated using 1534 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \ 1535 * -pkeyopt gindex:1 \ 1536 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text 1537 */ 1538 static const unsigned char priv_data[] = { 1539 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73, 1540 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8, 1541 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90 1542 }; 1543 static const unsigned char pub_data[] = { 1544 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29, 1545 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80, 1546 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02, 1547 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73, 1548 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf, 1549 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda, 1550 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda, 1551 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47, 1552 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08, 1553 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1, 1554 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2, 1555 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b, 1556 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b, 1557 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3, 1558 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05, 1559 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4, 1560 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27, 1561 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6, 1562 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49, 1563 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a, 1564 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60, 1565 0x48, 0xd1, 0x8a, 0xbd 1566 }; 1567 1568 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) 1569 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL)) 1570 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL)) 1571 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL)) 1572 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL)) 1573 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL)) 1574 1575 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p)) 1576 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q)) 1577 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g)) 1578 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, 1579 OSSL_PKEY_PARAM_FFC_SEED, 1580 seed_data, 1581 sizeof(seed_data))) 1582 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX, 1583 gindex)) 1584 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, 1585 OSSL_PKEY_PARAM_FFC_PCOUNTER, 1586 pcounter)) 1587 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, 1588 pub)) 1589 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, 1590 priv)) 1591 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) 1592 goto err; 1593 1594 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))) 1595 goto err; 1596 1597 if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1) 1598 || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR, 1599 fromdata_params), 1)) 1600 goto err; 1601 1602 for (;;) { 1603 ret = 0; 1604 if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048) 1605 || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112) 1606 || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data))) 1607 || !TEST_false(EVP_PKEY_missing_parameters(pk))) 1608 goto err; 1609 1610 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, 1611 OSSL_PKEY_PARAM_GROUP_NAME, 1612 name_out, 1613 sizeof(name_out), 1614 &len)) 1615 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY, 1616 &pub_out)) 1617 || !TEST_BN_eq(pub, pub_out) 1618 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY, 1619 &priv_out)) 1620 || !TEST_BN_eq(priv, priv_out) 1621 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, 1622 &p_out)) 1623 || !TEST_BN_eq(p, p_out) 1624 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, 1625 &q_out)) 1626 || !TEST_BN_eq(q, q_out) 1627 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, 1628 &g_out)) 1629 || !TEST_BN_eq(g, g_out) 1630 || !TEST_false(EVP_PKEY_get_bn_param(pk, 1631 OSSL_PKEY_PARAM_FFC_COFACTOR, 1632 &j_out)) 1633 || !TEST_ptr_null(j_out) 1634 || !TEST_true(EVP_PKEY_get_octet_string_param(pk, 1635 OSSL_PKEY_PARAM_FFC_SEED, 1636 seed_out, 1637 sizeof(seed_out), 1638 &len)) 1639 || !TEST_true(EVP_PKEY_get_int_param(pk, 1640 OSSL_PKEY_PARAM_FFC_GINDEX, 1641 &gindex_out)) 1642 || !TEST_int_eq(gindex, gindex_out) 1643 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, 1644 &hindex_out)) 1645 || !TEST_int_eq(hindex_out, 0) 1646 || !TEST_true(EVP_PKEY_get_int_param(pk, 1647 OSSL_PKEY_PARAM_FFC_PCOUNTER, 1648 &pcounter_out)) 1649 || !TEST_int_eq(pcounter, pcounter_out)) 1650 goto err; 1651 BN_free(p_out); 1652 p_out = NULL; 1653 BN_free(q_out); 1654 q_out = NULL; 1655 BN_free(g_out); 1656 g_out = NULL; 1657 BN_free(j_out); 1658 j_out = NULL; 1659 BN_free(pub_out); 1660 pub_out = NULL; 1661 BN_free(priv_out); 1662 priv_out = NULL; 1663 1664 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))) 1665 goto err; 1666 1667 if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0) 1668 || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0) 1669 || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0) 1670 || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0)) 1671 goto err; 1672 EVP_PKEY_CTX_free(key_ctx); 1673 key_ctx = NULL; 1674 1675 if (!TEST_ptr(copy_pk = EVP_PKEY_new()) 1676 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk))) 1677 goto err; 1678 EVP_PKEY_free(copy_pk); 1679 copy_pk = NULL; 1680 1681 ret = test_print_key_using_pem("DSA", pk) 1682 && test_print_key_using_encoder("DSA", pk); 1683 1684 if (!ret || dup_pk != NULL) 1685 break; 1686 1687 if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk))) 1688 goto err; 1689 ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1); 1690 EVP_PKEY_free(pk); 1691 pk = dup_pk; 1692 if (!ret) 1693 goto err; 1694 } 1695 1696 err: 1697 OSSL_PARAM_free(fromdata_params); 1698 OSSL_PARAM_BLD_free(bld); 1699 BN_free(p); 1700 BN_free(q); 1701 BN_free(g); 1702 BN_free(pub); 1703 BN_free(priv); 1704 BN_free(p_out); 1705 BN_free(q_out); 1706 BN_free(g_out); 1707 BN_free(pub_out); 1708 BN_free(priv_out); 1709 BN_free(j_out); 1710 EVP_PKEY_free(pk); 1711 EVP_PKEY_free(copy_pk); 1712 EVP_PKEY_CTX_free(ctx); 1713 EVP_PKEY_CTX_free(key_ctx); 1714 1715 return ret; 1716 } 1717 1718 static int test_check_dsa(void) 1719 { 1720 int ret = 0; 1721 EVP_PKEY_CTX *ctx = NULL; 1722 1723 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)) 1724 || !TEST_int_le(EVP_PKEY_check(ctx), 0) 1725 || !TEST_int_le(EVP_PKEY_public_check(ctx), 0) 1726 || !TEST_int_le(EVP_PKEY_private_check(ctx), 0) 1727 || !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0)) 1728 goto err; 1729 1730 ret = 1; 1731 err: 1732 EVP_PKEY_CTX_free(ctx); 1733 1734 return ret; 1735 } 1736 #endif /* OPENSSL_NO_DSA */ 1737 1738 1739 static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key, 1740 size_t keylen, char *salt) 1741 { 1742 OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5); 1743 OSSL_PARAM *p = params; 1744 1745 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0); 1746 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, 1747 salt, strlen(salt)); 1748 *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, 1749 (unsigned char *)key, keylen); 1750 *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE, 1751 "EXTRACT_ONLY", 0); 1752 *p = OSSL_PARAM_construct_end(); 1753 1754 return params; 1755 } 1756 1757 /* Test that EVP_PKEY_CTX_dup() fails gracefully for a KDF */ 1758 static int test_evp_pkey_ctx_dup_kdf_fail(void) 1759 { 1760 int ret = 0; 1761 size_t len = 0; 1762 EVP_PKEY_CTX *pctx = NULL, *dctx = NULL; 1763 OSSL_PARAM *params = NULL; 1764 1765 if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6, 1766 "salt"))) 1767 goto err; 1768 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL))) 1769 goto err; 1770 if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1)) 1771 goto err; 1772 if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1) 1773 || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)) 1774 goto err; 1775 if (!TEST_ptr_null(dctx = EVP_PKEY_CTX_dup(pctx))) 1776 goto err; 1777 ret = 1; 1778 err: 1779 OPENSSL_free(params); 1780 EVP_PKEY_CTX_free(dctx); 1781 EVP_PKEY_CTX_free(pctx); 1782 return ret; 1783 } 1784 1785 int setup_tests(void) 1786 { 1787 if (!test_skip_common_options()) { 1788 TEST_error("Error parsing test options\n"); 1789 return 0; 1790 } 1791 1792 if (!TEST_ptr(datadir = test_get_argument(0))) 1793 return 0; 1794 1795 ADD_TEST(test_evp_pkey_ctx_dup_kdf_fail); 1796 ADD_TEST(test_evp_pkey_get_bn_param_large); 1797 ADD_TEST(test_fromdata_rsa); 1798 #ifndef OPENSSL_NO_DH 1799 ADD_TEST(test_fromdata_dh_fips186_4); 1800 ADD_TEST(test_fromdata_dh_named_group); 1801 #endif 1802 #ifndef OPENSSL_NO_DSA 1803 ADD_TEST(test_check_dsa); 1804 ADD_TEST(test_fromdata_dsa_fips186_4); 1805 #endif 1806 #ifndef OPENSSL_NO_EC 1807 ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3); 1808 ADD_TEST(test_fromdata_ec); 1809 ADD_TEST(test_ec_dup_no_operation); 1810 ADD_TEST(test_ec_dup_keygen_operation); 1811 #endif 1812 return 1; 1813 } 1814