xref: /freebsd/crypto/openssl/test/keymgmt_internal_test.c (revision 53120fbb68952b7d620c2c0e1cf05c5017fc1b27)
1 /*
2  * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 /*
11  * RSA low level APIs are deprecated for public use, but still ok for
12  * internal use.
13  */
14 #include "internal/deprecated.h"
15 
16 #include <string.h>
17 
18 #include <openssl/bio.h>
19 #include <openssl/bn.h>
20 #include <openssl/rsa.h>
21 #include <openssl/evp.h>
22 #include <openssl/pem.h>
23 #include <openssl/provider.h>
24 #include <openssl/core_names.h>
25 #include "internal/core.h"
26 #include "internal/nelem.h"
27 #include "crypto/evp.h"          /* For the internal API */
28 #include "testutil.h"
29 
30 typedef struct {
31     OSSL_LIB_CTX *ctx1;
32     OSSL_PROVIDER *prov1;
33     OSSL_LIB_CTX *ctx2;
34     OSSL_PROVIDER *prov2;
35 } FIXTURE;
36 
37 /* Collected arguments */
38 static const char *cert_filename = NULL;
39 
40 static void tear_down(FIXTURE *fixture)
41 {
42     if (fixture != NULL) {
43         OSSL_PROVIDER_unload(fixture->prov1);
44         OSSL_PROVIDER_unload(fixture->prov2);
45         OSSL_LIB_CTX_free(fixture->ctx1);
46         OSSL_LIB_CTX_free(fixture->ctx2);
47         OPENSSL_free(fixture);
48     }
49 }
50 
51 static FIXTURE *set_up(const char *testcase_name)
52 {
53     FIXTURE *fixture;
54 
55     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))
56         || !TEST_ptr(fixture->ctx1 = OSSL_LIB_CTX_new())
57         || !TEST_ptr(fixture->prov1 = OSSL_PROVIDER_load(fixture->ctx1,
58                                                          "default"))
59         || !TEST_ptr(fixture->ctx2 = OSSL_LIB_CTX_new())
60         || !TEST_ptr(fixture->prov2 = OSSL_PROVIDER_load(fixture->ctx2,
61                                                          "default"))) {
62         tear_down(fixture);
63         return NULL;
64     }
65     return fixture;
66 }
67 
68 /* Array indexes */
69 #define N       0
70 #define E       1
71 #define D       2
72 #define P       3
73 #define Q       4
74 #define F3      5                /* Extra factor */
75 #define DP      6
76 #define DQ      7
77 #define E3      8                /* Extra exponent */
78 #define QINV    9
79 #define C2      10               /* Extra coefficient */
80 
81 /*
82  * We have to do this because OSSL_PARAM_get_ulong() can't handle params
83  * holding data that isn't exactly sizeof(uint32_t) or sizeof(uint64_t),
84  * and because the other end deals with BIGNUM, the resulting param might
85  * be any size.  In this particular test, we know that the expected data
86  * fits within an unsigned long, and we want to get the data in that form
87  * to make testing of values easier.
88  */
89 static int get_ulong_via_BN(const OSSL_PARAM *p, unsigned long *goal)
90 {
91     BIGNUM *n = NULL;
92     int ret = 1;                 /* Ever so hopeful */
93 
94     if (!TEST_true(OSSL_PARAM_get_BN(p, &n))
95         || !TEST_int_ge(BN_bn2nativepad(n, (unsigned char *)goal, sizeof(*goal)), 0))
96         ret = 0;
97     BN_free(n);
98     return ret;
99 }
100 
101 static int export_cb(const OSSL_PARAM *params, void *arg)
102 {
103     unsigned long *keydata = arg;
104     const OSSL_PARAM *p = NULL;
105 
106     if (keydata == NULL)
107         return 0;
108 
109     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_N))
110         || !TEST_true(get_ulong_via_BN(p, &keydata[N]))
111         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_E))
112         || !TEST_true(get_ulong_via_BN(p, &keydata[E]))
113         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_D))
114         || !TEST_true(get_ulong_via_BN(p, &keydata[D])))
115         return 0;
116 
117     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR1))
118         || !TEST_true(get_ulong_via_BN(p, &keydata[P]))
119         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR2))
120         || !TEST_true(get_ulong_via_BN(p, &keydata[Q]))
121         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR3))
122         || !TEST_true(get_ulong_via_BN(p, &keydata[F3])))
123         return 0;
124 
125     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT1))
126         || !TEST_true(get_ulong_via_BN(p, &keydata[DP]))
127         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT2))
128         || !TEST_true(get_ulong_via_BN(p, &keydata[DQ]))
129         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT3))
130         || !TEST_true(get_ulong_via_BN(p, &keydata[E3])))
131         return 0;
132 
133     if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT1))
134         || !TEST_true(get_ulong_via_BN(p, &keydata[QINV]))
135         || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT2))
136         || !TEST_true(get_ulong_via_BN(p, &keydata[C2])))
137         return 0;
138 
139     return 1;
140 }
141 
142 static int test_pass_rsa(FIXTURE *fixture)
143 {
144     size_t i;
145     int ret = 0;
146     RSA *rsa = NULL;
147     BIGNUM *bn1 = NULL, *bn2 = NULL, *bn3 = NULL;
148     EVP_PKEY *pk = NULL, *dup_pk = NULL;
149     EVP_KEYMGMT *km = NULL, *km1 = NULL, *km2 = NULL, *km3 = NULL;
150     void *provkey = NULL, *provkey2 = NULL;
151     BIGNUM *bn_primes[1] = { NULL };
152     BIGNUM *bn_exps[1] = { NULL };
153     BIGNUM *bn_coeffs[1] = { NULL };
154     /*
155      * 32-bit RSA key, extracted from this command,
156      * executed with OpenSSL 1.0.2:
157      * An extra factor was added just for testing purposes.
158      *
159      * openssl genrsa 32 | openssl rsa -text
160      */
161     static BN_ULONG expected[] = {
162         0xbc747fc5,              /* N */
163         0x10001,                 /* E */
164         0x7b133399,              /* D */
165         0xe963,                  /* P */
166         0xceb7,                  /* Q */
167         1,                       /* F3 */
168         0x8599,                  /* DP */
169         0xbd87,                  /* DQ */
170         2,                       /* E3 */
171         0xcc3b,                  /* QINV */
172         3,                       /* C3 */
173         0                        /* Extra, should remain zero */
174     };
175     static unsigned long keydata[OSSL_NELEM(expected)] = { 0, };
176 
177     if (!TEST_ptr(rsa = RSA_new()))
178         goto err;
179 
180     if (!TEST_ptr(bn1 = BN_new())
181         || !TEST_true(BN_set_word(bn1, expected[N]))
182         || !TEST_ptr(bn2 = BN_new())
183         || !TEST_true(BN_set_word(bn2, expected[E]))
184         || !TEST_ptr(bn3 = BN_new())
185         || !TEST_true(BN_set_word(bn3, expected[D]))
186         || !TEST_true(RSA_set0_key(rsa, bn1, bn2, bn3)))
187         goto err;
188 
189     if (!TEST_ptr(bn1 = BN_new())
190         || !TEST_true(BN_set_word(bn1, expected[P]))
191         || !TEST_ptr(bn2 = BN_new())
192         || !TEST_true(BN_set_word(bn2, expected[Q]))
193         || !TEST_true(RSA_set0_factors(rsa, bn1, bn2)))
194         goto err;
195 
196     if (!TEST_ptr(bn1 = BN_new())
197         || !TEST_true(BN_set_word(bn1, expected[DP]))
198         || !TEST_ptr(bn2 = BN_new())
199         || !TEST_true(BN_set_word(bn2, expected[DQ]))
200         || !TEST_ptr(bn3 = BN_new())
201         || !TEST_true(BN_set_word(bn3, expected[QINV]))
202         || !TEST_true(RSA_set0_crt_params(rsa, bn1, bn2, bn3)))
203         goto err;
204     bn1 = bn2 = bn3 = NULL;
205 
206     if (!TEST_ptr(bn_primes[0] = BN_new())
207         || !TEST_true(BN_set_word(bn_primes[0], expected[F3]))
208         || !TEST_ptr(bn_exps[0] = BN_new())
209         || !TEST_true(BN_set_word(bn_exps[0], expected[E3]))
210         || !TEST_ptr(bn_coeffs[0] = BN_new())
211         || !TEST_true(BN_set_word(bn_coeffs[0], expected[C2]))
212         || !TEST_true(RSA_set0_multi_prime_params(rsa, bn_primes, bn_exps,
213                                                   bn_coeffs, 1)))
214         goto err;
215 
216     if (!TEST_ptr(pk = EVP_PKEY_new())
217         || !TEST_true(EVP_PKEY_assign_RSA(pk, rsa)))
218         goto err;
219     rsa = NULL;
220 
221     if (!TEST_ptr(km1 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA", NULL))
222         || !TEST_ptr(km2 = EVP_KEYMGMT_fetch(fixture->ctx2, "RSA", NULL))
223         || !TEST_ptr(km3 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA-PSS", NULL))
224         || !TEST_ptr_ne(km1, km2))
225         goto err;
226 
227     while (dup_pk == NULL) {
228         ret = 0;
229         km = km3;
230         /* Check that we can't export an RSA key into an RSA-PSS keymanager */
231         if (!TEST_ptr_null(provkey2 = evp_pkey_export_to_provider(pk, NULL,
232                                                                   &km,
233                                                                   NULL)))
234             goto err;
235 
236         if (!TEST_ptr(provkey = evp_pkey_export_to_provider(pk, NULL, &km1,
237                                                             NULL))
238             || !TEST_true(evp_keymgmt_export(km2, provkey,
239                                              OSSL_KEYMGMT_SELECT_KEYPAIR,
240                                              &export_cb, keydata)))
241             goto err;
242 
243         /*
244          * At this point, the hope is that keydata will have all the numbers
245          * from the key.
246          */
247 
248         for (i = 0; i < OSSL_NELEM(expected); i++) {
249             int rv = TEST_int_eq(expected[i], keydata[i]);
250 
251             if (!rv)
252                 TEST_info("i = %zu", i);
253             else
254                 ret++;
255         }
256 
257         ret = (ret == OSSL_NELEM(expected));
258         if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
259             goto err;
260 
261         ret = TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
262         EVP_PKEY_free(pk);
263         pk = dup_pk;
264         if (!ret)
265             goto err;
266     }
267 
268  err:
269     RSA_free(rsa);
270     BN_free(bn1);
271     BN_free(bn2);
272     BN_free(bn3);
273     EVP_PKEY_free(pk);
274     EVP_KEYMGMT_free(km1);
275     EVP_KEYMGMT_free(km2);
276     EVP_KEYMGMT_free(km3);
277 
278     return ret;
279 }
280 
281 static int (*tests[])(FIXTURE *) = {
282     test_pass_rsa
283 };
284 
285 static int test_pass_key(int n)
286 {
287     SETUP_TEST_FIXTURE(FIXTURE, set_up);
288     EXECUTE_TEST(tests[n], tear_down);
289     return result;
290 }
291 
292 static int test_evp_pkey_export_to_provider(int n)
293 {
294     OSSL_LIB_CTX *libctx = NULL;
295     OSSL_PROVIDER *prov = NULL;
296     X509 *cert = NULL;
297     BIO *bio = NULL;
298     X509_PUBKEY *pubkey = NULL;
299     EVP_KEYMGMT *keymgmt = NULL;
300     EVP_PKEY *pkey = NULL;
301     void *keydata = NULL;
302     int ret = 0;
303 
304     if (!TEST_ptr(libctx = OSSL_LIB_CTX_new())
305          || !TEST_ptr(prov = OSSL_PROVIDER_load(libctx, "default")))
306         goto end;
307 
308     if ((bio = BIO_new_file(cert_filename, "r")) == NULL) {
309         TEST_error("Couldn't open '%s' for reading\n", cert_filename);
310         TEST_openssl_errors();
311         goto end;
312     }
313 
314     if ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) {
315         TEST_error("'%s' doesn't appear to be a X.509 certificate in PEM format\n",
316                    cert_filename);
317         TEST_openssl_errors();
318         goto end;
319     }
320 
321     pubkey = X509_get_X509_PUBKEY(cert);
322     pkey = X509_PUBKEY_get0(pubkey);
323 
324     if (n == 0) {
325         if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
326                                                             NULL, NULL)))
327             goto end;
328     } else if (n == 1) {
329         if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
330                                                             &keymgmt, NULL)))
331             goto end;
332     } else {
333         keymgmt = EVP_KEYMGMT_fetch(libctx, "RSA", NULL);
334 
335         if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
336                                                             &keymgmt, NULL)))
337             goto end;
338     }
339 
340     ret = 1;
341  end:
342     BIO_free(bio);
343     X509_free(cert);
344     EVP_KEYMGMT_free(keymgmt);
345     OSSL_PROVIDER_unload(prov);
346     OSSL_LIB_CTX_free(libctx);
347     return ret;
348 }
349 
350 int setup_tests(void)
351 {
352     if (!TEST_ptr(cert_filename = test_get_argument(0)))
353         return 0;
354 
355     ADD_ALL_TESTS(test_pass_key, 1);
356     ADD_ALL_TESTS(test_evp_pkey_export_to_provider, 3);
357     return 1;
358 }
359