1 /*
2 * Copyright 2021-2025 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stddef.h>
11 #include <string.h>
12 #include <openssl/provider.h>
13 #include <openssl/params.h>
14 #include <openssl/core_names.h>
15 #include <openssl/evp.h>
16 #include <openssl/store.h>
17 #include <openssl/ui.h>
18 #include "testutil.h"
19 #include "fake_rsaprov.h"
20
21 static OSSL_LIB_CTX *libctx = NULL;
22 extern int key_deleted; /* From fake_rsaprov.c */
23
24 /* Fetch SIGNATURE method using a libctx and propq */
fetch_sig(OSSL_LIB_CTX * ctx,const char * alg,const char * propq,OSSL_PROVIDER * expected_prov)25 static int fetch_sig(OSSL_LIB_CTX *ctx, const char *alg, const char *propq,
26 OSSL_PROVIDER *expected_prov)
27 {
28 OSSL_PROVIDER *prov;
29 EVP_SIGNATURE *sig = EVP_SIGNATURE_fetch(ctx, "RSA", propq);
30 int ret = 0;
31
32 if (!TEST_ptr(sig))
33 return 0;
34
35 if (!TEST_ptr(prov = EVP_SIGNATURE_get0_provider(sig)))
36 goto end;
37
38 if (!TEST_ptr_eq(prov, expected_prov)) {
39 TEST_info("Fetched provider: %s, Expected provider: %s",
40 OSSL_PROVIDER_get0_name(prov),
41 OSSL_PROVIDER_get0_name(expected_prov));
42 goto end;
43 }
44
45 ret = 1;
46 end:
47 EVP_SIGNATURE_free(sig);
48 return ret;
49 }
50
51
test_pkey_sig(void)52 static int test_pkey_sig(void)
53 {
54 OSSL_PROVIDER *deflt = NULL;
55 OSSL_PROVIDER *fake_rsa = NULL;
56 int i, ret = 0;
57 EVP_PKEY *pkey = NULL;
58 EVP_PKEY_CTX *ctx = NULL;
59
60 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
61 return 0;
62
63 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
64 goto end;
65
66 /* Do a direct fetch to see it works */
67 if (!TEST_true(fetch_sig(libctx, "RSA", "provider=fake-rsa", fake_rsa))
68 || !TEST_true(fetch_sig(libctx, "RSA", "?provider=fake-rsa", fake_rsa)))
69 goto end;
70
71 /* Construct a pkey using precise propq to use our provider */
72 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
73 "provider=fake-rsa"))
74 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
75 || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, NULL))
76 || !TEST_ptr(pkey))
77 goto end;
78
79 EVP_PKEY_CTX_free(ctx);
80 ctx = NULL;
81
82 /* try exercising signature_init ops a few times */
83 for (i = 0; i < 3; i++) {
84 size_t siglen;
85
86 /*
87 * Create a signing context for our pkey with optional propq.
88 * The sign init should pick both keymgmt and signature from
89 * fake-rsa as the key is not exportable.
90 */
91 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey,
92 "?provider=default")))
93 goto end;
94
95 /*
96 * If this picks the wrong signature without realizing it
97 * we can get a segfault or some internal error. At least watch
98 * whether fake-rsa sign_init is exercised by calling sign.
99 */
100 if (!TEST_int_eq(EVP_PKEY_sign_init(ctx), 1))
101 goto end;
102
103 if (!TEST_int_eq(EVP_PKEY_sign(ctx, NULL, &siglen, NULL, 0), 1)
104 || !TEST_size_t_eq(siglen, 256))
105 goto end;
106
107 EVP_PKEY_CTX_free(ctx);
108 ctx = NULL;
109 }
110
111 ret = 1;
112
113 end:
114 fake_rsa_finish(fake_rsa);
115 OSSL_PROVIDER_unload(deflt);
116 EVP_PKEY_CTX_free(ctx);
117 EVP_PKEY_free(pkey);
118 return ret;
119 }
120
test_alternative_keygen_init(void)121 static int test_alternative_keygen_init(void)
122 {
123 EVP_PKEY_CTX *ctx = NULL;
124 OSSL_PROVIDER *deflt = NULL;
125 OSSL_PROVIDER *fake_rsa = NULL;
126 const OSSL_PROVIDER *provider;
127 const char *provname;
128 int ret = 0;
129
130 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
131 goto end;
132
133 /* first try without the fake RSA provider loaded */
134 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL)))
135 goto end;
136
137 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0))
138 goto end;
139
140 if (!TEST_ptr(provider = EVP_PKEY_CTX_get0_provider(ctx)))
141 goto end;
142
143 if (!TEST_ptr(provname = OSSL_PROVIDER_get0_name(provider)))
144 goto end;
145
146 if (!TEST_str_eq(provname, "default"))
147 goto end;
148
149 EVP_PKEY_CTX_free(ctx);
150 ctx = NULL;
151
152 /* now load fake RSA and try again */
153 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
154 return 0;
155
156 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
157 "?provider=fake-rsa")))
158 goto end;
159
160 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0))
161 goto end;
162
163 if (!TEST_ptr(provider = EVP_PKEY_CTX_get0_provider(ctx)))
164 goto end;
165
166 if (!TEST_ptr(provname = OSSL_PROVIDER_get0_name(provider)))
167 goto end;
168
169 if (!TEST_str_eq(provname, "fake-rsa"))
170 goto end;
171
172 ret = 1;
173
174 end:
175 fake_rsa_finish(fake_rsa);
176 OSSL_PROVIDER_unload(deflt);
177 EVP_PKEY_CTX_free(ctx);
178 return ret;
179 }
180
test_pkey_eq(void)181 static int test_pkey_eq(void)
182 {
183 OSSL_PROVIDER *deflt = NULL;
184 OSSL_PROVIDER *fake_rsa = NULL;
185 EVP_PKEY *pkey_fake = NULL;
186 EVP_PKEY *pkey_dflt = NULL;
187 EVP_PKEY_CTX *ctx = NULL;
188 OSSL_PARAM *params = NULL;
189 int ret = 0;
190
191 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
192 return 0;
193
194 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
195 goto end;
196
197 /* Construct a public key for fake-rsa */
198 if (!TEST_ptr(params = fake_rsa_key_params(0))
199 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
200 "provider=fake-rsa"))
201 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
202 || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
203 params))
204 || !TEST_ptr(pkey_fake))
205 goto end;
206
207 EVP_PKEY_CTX_free(ctx);
208 ctx = NULL;
209 OSSL_PARAM_free(params);
210 params = NULL;
211
212 /* Construct a public key for default */
213 if (!TEST_ptr(params = fake_rsa_key_params(0))
214 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
215 "provider=default"))
216 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
217 || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_dflt, EVP_PKEY_PUBLIC_KEY,
218 params))
219 || !TEST_ptr(pkey_dflt))
220 goto end;
221
222 EVP_PKEY_CTX_free(ctx);
223 ctx = NULL;
224 OSSL_PARAM_free(params);
225 params = NULL;
226
227 /* now test for equality */
228 if (!TEST_int_eq(EVP_PKEY_eq(pkey_fake, pkey_dflt), 1))
229 goto end;
230
231 ret = 1;
232 end:
233 fake_rsa_finish(fake_rsa);
234 OSSL_PROVIDER_unload(deflt);
235 EVP_PKEY_CTX_free(ctx);
236 EVP_PKEY_free(pkey_fake);
237 EVP_PKEY_free(pkey_dflt);
238 OSSL_PARAM_free(params);
239 return ret;
240 }
241
test_pkey_can_sign(void)242 static int test_pkey_can_sign(void)
243 {
244 OSSL_PROVIDER *fake_rsa = NULL;
245 EVP_PKEY *pkey_fake = NULL;
246 EVP_PKEY_CTX *ctx = NULL;
247 OSSL_PARAM *params = NULL;
248 int ret = 0;
249
250 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
251 return 0;
252
253 /*
254 * Ensure other tests did not forget to reset fake_rsa_query_operation_name
255 * to its default value: 0
256 */
257 if (!TEST_int_eq(fake_rsa_query_operation_name, 0))
258 goto end;
259
260 if (!TEST_ptr(params = fake_rsa_key_params(0))
261 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
262 "provider=fake-rsa"))
263 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
264 || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
265 params))
266 || !TEST_true(EVP_PKEY_can_sign(pkey_fake))
267 || !TEST_ptr(pkey_fake))
268 goto end;
269
270 EVP_PKEY_CTX_free(ctx);
271 ctx = NULL;
272 EVP_PKEY_free(pkey_fake);
273 pkey_fake = NULL;
274 OSSL_PARAM_free(params);
275 params = NULL;
276
277 /*
278 * Documented behavior for OSSL_FUNC_keymgmt_query_operation_name()
279 * allows it to return NULL, in which case the fallback should be to use
280 * EVP_KEYMGMT_get0_name(). That is exactly the thing we are testing here.
281 */
282 fake_rsa_query_operation_name = 1;
283
284 if (!TEST_ptr(params = fake_rsa_key_params(0))
285 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
286 "provider=fake-rsa"))
287 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
288 || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY,
289 params))
290 || !TEST_true(EVP_PKEY_can_sign(pkey_fake))
291 || !TEST_ptr(pkey_fake))
292 goto end;
293
294 EVP_PKEY_CTX_free(ctx);
295 ctx = NULL;
296 EVP_PKEY_free(pkey_fake);
297 pkey_fake = NULL;
298 OSSL_PARAM_free(params);
299 params = NULL;
300
301 ret = 1;
302 end:
303
304 EVP_PKEY_CTX_free(ctx);
305 EVP_PKEY_free(pkey_fake);
306 OSSL_PARAM_free(params);
307 fake_rsa_query_operation_name = 0;
308
309 fake_rsa_finish(fake_rsa);
310 return ret;
311 }
312
test_pkey_store(int idx)313 static int test_pkey_store(int idx)
314 {
315 OSSL_PROVIDER *deflt = NULL;
316 OSSL_PROVIDER *fake_rsa = NULL;
317 int ret = 0;
318 EVP_PKEY *pkey = NULL;
319 OSSL_STORE_LOADER *loader = NULL;
320 OSSL_STORE_CTX *ctx = NULL;
321 OSSL_STORE_INFO *info;
322 const char *propq = idx == 0 ? "?provider=fake-rsa"
323 : "?provider=default";
324
325 /* It's important to load the default provider first for this test */
326 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
327 goto end;
328
329 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
330 goto end;
331
332 if (!TEST_ptr(loader = OSSL_STORE_LOADER_fetch(libctx, "fake_rsa",
333 propq)))
334 goto end;
335
336 OSSL_STORE_LOADER_free(loader);
337
338 if (!TEST_ptr(ctx = OSSL_STORE_open_ex("fake_rsa:test", libctx, propq,
339 NULL, NULL, NULL, NULL, NULL)))
340 goto end;
341
342 while (!OSSL_STORE_eof(ctx)
343 && (info = OSSL_STORE_load(ctx)) != NULL
344 && pkey == NULL) {
345 if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY)
346 pkey = OSSL_STORE_INFO_get1_PKEY(info);
347 OSSL_STORE_INFO_free(info);
348 info = NULL;
349 }
350
351 if (!TEST_ptr(pkey) || !TEST_int_eq(EVP_PKEY_is_a(pkey, "RSA"), 1))
352 goto end;
353
354 ret = 1;
355
356 end:
357 fake_rsa_finish(fake_rsa);
358 OSSL_PROVIDER_unload(deflt);
359 OSSL_STORE_close(ctx);
360 EVP_PKEY_free(pkey);
361 return ret;
362 }
363
test_pkey_delete(void)364 static int test_pkey_delete(void)
365 {
366 OSSL_PROVIDER *deflt = NULL;
367 OSSL_PROVIDER *fake_rsa = NULL;
368 int ret = 0;
369 EVP_PKEY *pkey = NULL;
370 OSSL_STORE_LOADER *loader = NULL;
371 OSSL_STORE_CTX *ctx = NULL;
372 OSSL_STORE_INFO *info;
373 const char *propq = "?provider=fake-rsa";
374
375 /* It's important to load the default provider first for this test */
376 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
377 goto end;
378
379 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
380 goto end;
381
382 if (!TEST_ptr(loader = OSSL_STORE_LOADER_fetch(libctx, "fake_rsa",
383 propq)))
384 goto end;
385
386 OSSL_STORE_LOADER_free(loader);
387
388 /* First iteration: load key, check it, delete it */
389 if (!TEST_ptr(ctx = OSSL_STORE_open_ex("fake_rsa:test", libctx, propq,
390 NULL, NULL, NULL, NULL, NULL)))
391 goto end;
392
393 while (!OSSL_STORE_eof(ctx)
394 && (info = OSSL_STORE_load(ctx)) != NULL
395 && pkey == NULL) {
396 if (OSSL_STORE_INFO_get_type(info) == OSSL_STORE_INFO_PKEY)
397 pkey = OSSL_STORE_INFO_get1_PKEY(info);
398 OSSL_STORE_INFO_free(info);
399 info = NULL;
400 }
401
402 if (!TEST_ptr(pkey) || !TEST_int_eq(EVP_PKEY_is_a(pkey, "RSA"), 1))
403 goto end;
404 EVP_PKEY_free(pkey);
405 pkey = NULL;
406
407 if (!TEST_int_eq(OSSL_STORE_delete("fake_rsa:test", libctx, propq,
408 NULL, NULL, NULL), 1))
409 goto end;
410 if (!TEST_int_eq(OSSL_STORE_close(ctx), 1))
411 goto end;
412
413 /* Second iteration: load key should fail */
414 if (!TEST_ptr(ctx = OSSL_STORE_open_ex("fake_rsa:test", libctx, propq,
415 NULL, NULL, NULL, NULL, NULL)))
416 goto end;
417
418 while (!OSSL_STORE_eof(ctx)) {
419 info = OSSL_STORE_load(ctx);
420 if (!TEST_ptr_null(info))
421 goto end;
422 }
423
424 ret = 1;
425
426 end:
427 fake_rsa_finish(fake_rsa);
428 OSSL_PROVIDER_unload(deflt);
429 OSSL_STORE_close(ctx);
430 fake_rsa_restore_store_state();
431 return ret;
432 }
433
fake_pw_read_string(UI * ui,UI_STRING * uis)434 static int fake_pw_read_string(UI *ui, UI_STRING *uis)
435 {
436 const char *passphrase = FAKE_PASSPHRASE;
437
438 if (UI_get_string_type(uis) == UIT_PROMPT) {
439 UI_set_result(ui, uis, passphrase);
440 return 1;
441 }
442
443 return 0;
444 }
445
test_pkey_store_open_ex(void)446 static int test_pkey_store_open_ex(void)
447 {
448 OSSL_PROVIDER *deflt = NULL;
449 OSSL_PROVIDER *fake_rsa = NULL;
450 int ret = 0;
451 EVP_PKEY *pkey = NULL;
452 OSSL_STORE_LOADER *loader = NULL;
453 OSSL_STORE_CTX *ctx = NULL;
454 const char *propq = "?provider=fake-rsa";
455 UI_METHOD *ui_method = NULL;
456
457 /* It's important to load the default provider first for this test */
458 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
459 goto end;
460
461 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
462 goto end;
463
464 if (!TEST_ptr(loader = OSSL_STORE_LOADER_fetch(libctx, "fake_rsa",
465 propq)))
466 goto end;
467
468 OSSL_STORE_LOADER_free(loader);
469
470 if (!TEST_ptr(ui_method= UI_create_method("PW Callbacks")))
471 goto end;
472
473 if (UI_method_set_reader(ui_method, fake_pw_read_string))
474 goto end;
475
476 if (!TEST_ptr(ctx = OSSL_STORE_open_ex("fake_rsa:openpwtest", libctx, propq,
477 ui_method, NULL, NULL, NULL, NULL)))
478 goto end;
479
480 /* retry w/o ui_method to ensure we actually enter pw checks and fail */
481 OSSL_STORE_close(ctx);
482 if (!TEST_ptr_null(ctx = OSSL_STORE_open_ex("fake_rsa:openpwtest", libctx,
483 propq, NULL, NULL, NULL, NULL,
484 NULL)))
485 goto end;
486
487 ret = 1;
488
489 end:
490 UI_destroy_method(ui_method);
491 fake_rsa_finish(fake_rsa);
492 OSSL_PROVIDER_unload(deflt);
493 OSSL_STORE_close(ctx);
494 EVP_PKEY_free(pkey);
495 return ret;
496 }
497
498 #define DEFAULT_PROVIDER_IDX 0
499 #define FAKE_RSA_PROVIDER_IDX 1
500
reset_ctx_providers(OSSL_LIB_CTX ** ctx,OSSL_PROVIDER * providers[2],const char * prop)501 static int reset_ctx_providers(OSSL_LIB_CTX **ctx, OSSL_PROVIDER *providers[2], const char *prop)
502 {
503 OSSL_PROVIDER_unload(providers[DEFAULT_PROVIDER_IDX]);
504 providers[DEFAULT_PROVIDER_IDX] = NULL;
505 fake_rsa_finish(providers[FAKE_RSA_PROVIDER_IDX]);
506 providers[FAKE_RSA_PROVIDER_IDX] = NULL;
507 OSSL_LIB_CTX_free(*ctx);
508 *ctx = NULL;
509
510 if (!TEST_ptr(*ctx = OSSL_LIB_CTX_new())
511 || !TEST_ptr(providers[DEFAULT_PROVIDER_IDX] = OSSL_PROVIDER_load(*ctx, "default"))
512 || !TEST_ptr(providers[FAKE_RSA_PROVIDER_IDX] = fake_rsa_start(*ctx))
513 || !TEST_true(EVP_set_default_properties(*ctx, prop)))
514 return 0;
515 return 1;
516 }
517
518 struct test_pkey_decoder_properties_t {
519 const char *provider_props;
520 const char *explicit_props;
521 int curr_provider_idx;
522 };
523
test_pkey_provider_decoder_props(void)524 static int test_pkey_provider_decoder_props(void)
525 {
526 OSSL_LIB_CTX *my_libctx = NULL;
527 OSSL_PROVIDER *providers[2] = { NULL };
528 struct test_pkey_decoder_properties_t properties_test[] = {
529 { "?provider=fake-rsa", NULL, FAKE_RSA_PROVIDER_IDX },
530 { "?provider=default", NULL, DEFAULT_PROVIDER_IDX },
531 { NULL, "?provider=fake-rsa", FAKE_RSA_PROVIDER_IDX },
532 { NULL, "?provider=default", DEFAULT_PROVIDER_IDX },
533 { NULL, "provider=fake-rsa", FAKE_RSA_PROVIDER_IDX },
534 { NULL, "provider=default", DEFAULT_PROVIDER_IDX },
535 };
536 EVP_PKEY *pkey = NULL;
537 BIO *bio_priv = NULL;
538 unsigned char *encoded_pub = NULL;
539 int len_pub;
540 const unsigned char *p;
541 PKCS8_PRIV_KEY_INFO *p8 = NULL;
542 size_t i;
543 int ret = 0;
544 const char pem_rsa_priv_key[] = {
545 0x2D, 0x2D, 0x2D, 0x2D, 0x2D, 0x42, 0x45, 0x47, 0x49, 0x4E, 0x20, 0x50,
546 0x52, 0x49, 0x56, 0x41, 0x54, 0x45, 0x20, 0x4B, 0x45, 0x59, 0x2D, 0x2D,
547 0x2D, 0x2D, 0x2D, 0x0A, 0x4D, 0x49, 0x49, 0x45, 0x76, 0x51, 0x49, 0x42,
548 0x41, 0x44, 0x41, 0x4E, 0x42, 0x67, 0x6B, 0x71, 0x68, 0x6B, 0x69, 0x47,
549 0x39, 0x77, 0x30, 0x42, 0x41, 0x51, 0x45, 0x46, 0x41, 0x41, 0x53, 0x43,
550 0x42, 0x4B, 0x63, 0x77, 0x67, 0x67, 0x53, 0x6A, 0x41, 0x67, 0x45, 0x41,
551 0x41, 0x6F, 0x49, 0x42, 0x41, 0x51, 0x44, 0x45, 0x6B, 0x43, 0x34, 0x5A,
552 0x57, 0x76, 0x33, 0x75, 0x63, 0x46, 0x62, 0x55, 0x0A, 0x46, 0x38, 0x59,
553 0x77, 0x6C, 0x55, 0x72, 0x6D, 0x51, 0x6C, 0x4C, 0x43, 0x5A, 0x77, 0x41,
554 0x67, 0x72, 0x34, 0x44, 0x50, 0x55, 0x41, 0x46, 0x56, 0x48, 0x6C, 0x2B,
555 0x77, 0x46, 0x63, 0x58, 0x79, 0x70, 0x56, 0x67, 0x53, 0x63, 0x56, 0x59,
556 0x34, 0x4B, 0x37, 0x51, 0x6D, 0x64, 0x57, 0x4B, 0x73, 0x59, 0x71, 0x62,
557 0x38, 0x74, 0x70, 0x4F, 0x78, 0x71, 0x77, 0x30, 0x4E, 0x77, 0x5A, 0x57,
558 0x58, 0x0A, 0x4F, 0x2B, 0x74, 0x61, 0x34, 0x2B, 0x79, 0x32, 0x37, 0x43,
559 0x4F, 0x75, 0x66, 0x6F, 0x4F, 0x68, 0x52, 0x54, 0x4D, 0x77, 0x4E, 0x79,
560 0x4E, 0x32, 0x4C, 0x77, 0x53, 0x4E, 0x54, 0x50, 0x4E, 0x33, 0x65, 0x45,
561 0x6B, 0x34, 0x65, 0x65, 0x35, 0x51, 0x6E, 0x70, 0x70, 0x45, 0x79, 0x44,
562 0x72, 0x71, 0x6F, 0x43, 0x67, 0x76, 0x54, 0x6C, 0x41, 0x41, 0x64, 0x54,
563 0x6F, 0x46, 0x61, 0x58, 0x76, 0x6A, 0x0A, 0x78, 0x31, 0x33, 0x59, 0x62,
564 0x6A, 0x37, 0x6A, 0x66, 0x68, 0x77, 0x4E, 0x37, 0x34, 0x71, 0x4B, 0x64,
565 0x71, 0x73, 0x53, 0x45, 0x74, 0x50, 0x57, 0x79, 0x67, 0x67, 0x65, 0x6F,
566 0x74, 0x69, 0x51, 0x53, 0x50, 0x79, 0x36, 0x4B, 0x79, 0x42, 0x49, 0x75,
567 0x57, 0x74, 0x49, 0x78, 0x50, 0x41, 0x41, 0x38, 0x6A, 0x41, 0x76, 0x66,
568 0x41, 0x6E, 0x51, 0x6A, 0x31, 0x65, 0x58, 0x68, 0x67, 0x68, 0x46, 0x0A,
569 0x4E, 0x32, 0x4E, 0x78, 0x6B, 0x71, 0x67, 0x78, 0x76, 0x42, 0x59, 0x64,
570 0x4E, 0x79, 0x31, 0x6D, 0x33, 0x2B, 0x6A, 0x58, 0x41, 0x43, 0x50, 0x4C,
571 0x52, 0x7A, 0x63, 0x31, 0x31, 0x5A, 0x62, 0x4E, 0x48, 0x4B, 0x69, 0x77,
572 0x68, 0x43, 0x59, 0x31, 0x2F, 0x48, 0x69, 0x53, 0x42, 0x6B, 0x77, 0x48,
573 0x6C, 0x49, 0x4B, 0x2B, 0x2F, 0x56, 0x4C, 0x6A, 0x32, 0x73, 0x6D, 0x43,
574 0x4B, 0x64, 0x55, 0x51, 0x0A, 0x67, 0x76, 0x4C, 0x58, 0x53, 0x6E, 0x6E,
575 0x56, 0x67, 0x51, 0x75, 0x6C, 0x48, 0x69, 0x6F, 0x44, 0x36, 0x55, 0x67,
576 0x59, 0x38, 0x78, 0x41, 0x32, 0x61, 0x34, 0x4D, 0x31, 0x72, 0x68, 0x59,
577 0x75, 0x54, 0x56, 0x38, 0x42, 0x72, 0x50, 0x52, 0x5A, 0x34, 0x42, 0x46,
578 0x78, 0x32, 0x6F, 0x30, 0x6A, 0x59, 0x57, 0x76, 0x47, 0x62, 0x41, 0x2F,
579 0x48, 0x6C, 0x70, 0x37, 0x66, 0x54, 0x4F, 0x79, 0x2B, 0x0A, 0x46, 0x35,
580 0x4F, 0x6B, 0x69, 0x48, 0x53, 0x37, 0x41, 0x67, 0x4D, 0x42, 0x41, 0x41,
581 0x45, 0x43, 0x67, 0x67, 0x45, 0x41, 0x59, 0x67, 0x43, 0x75, 0x38, 0x31,
582 0x5A, 0x69, 0x51, 0x42, 0x56, 0x44, 0x76, 0x57, 0x69, 0x44, 0x47, 0x4B,
583 0x72, 0x2B, 0x31, 0x70, 0x49, 0x66, 0x32, 0x43, 0x78, 0x70, 0x72, 0x47,
584 0x4A, 0x45, 0x6D, 0x31, 0x68, 0x38, 0x36, 0x5A, 0x63, 0x45, 0x78, 0x33,
585 0x4C, 0x37, 0x0A, 0x71, 0x46, 0x44, 0x57, 0x2B, 0x67, 0x38, 0x48, 0x47,
586 0x57, 0x64, 0x30, 0x34, 0x53, 0x33, 0x71, 0x76, 0x68, 0x39, 0x4C, 0x75,
587 0x62, 0x6C, 0x41, 0x4A, 0x7A, 0x65, 0x74, 0x41, 0x50, 0x78, 0x52, 0x58,
588 0x4C, 0x39, 0x7A, 0x78, 0x33, 0x50, 0x58, 0x6A, 0x4A, 0x5A, 0x73, 0x37,
589 0x65, 0x33, 0x48, 0x4C, 0x45, 0x75, 0x6E, 0x79, 0x33, 0x54, 0x61, 0x57,
590 0x65, 0x7A, 0x30, 0x58, 0x49, 0x30, 0x4F, 0x0A, 0x34, 0x4C, 0x53, 0x59,
591 0x38, 0x53, 0x38, 0x64, 0x36, 0x70, 0x56, 0x42, 0x50, 0x6D, 0x55, 0x45,
592 0x74, 0x77, 0x47, 0x57, 0x4E, 0x34, 0x76, 0x59, 0x71, 0x48, 0x6E, 0x4B,
593 0x4C, 0x58, 0x4F, 0x62, 0x34, 0x51, 0x51, 0x41, 0x58, 0x73, 0x34, 0x4D,
594 0x7A, 0x66, 0x6B, 0x4D, 0x2F, 0x4D, 0x65, 0x2F, 0x62, 0x2B, 0x7A, 0x64,
595 0x75, 0x31, 0x75, 0x6D, 0x77, 0x6A, 0x4D, 0x6C, 0x33, 0x44, 0x75, 0x64,
596 0x0A, 0x35, 0x72, 0x56, 0x68, 0x6B, 0x67, 0x76, 0x74, 0x38, 0x75, 0x68,
597 0x44, 0x55, 0x47, 0x33, 0x58, 0x53, 0x48, 0x65, 0x6F, 0x4A, 0x59, 0x42,
598 0x4D, 0x62, 0x54, 0x39, 0x69, 0x6B, 0x4A, 0x44, 0x56, 0x4D, 0x4A, 0x35,
599 0x31, 0x72, 0x72, 0x65, 0x2F, 0x31, 0x52, 0x69, 0x64, 0x64, 0x67, 0x78,
600 0x70, 0x38, 0x53, 0x6B, 0x74, 0x56, 0x6B, 0x76, 0x47, 0x6D, 0x4D, 0x6C,
601 0x39, 0x6B, 0x51, 0x52, 0x38, 0x0A, 0x38, 0x64, 0x76, 0x33, 0x50, 0x78,
602 0x2F, 0x6B, 0x54, 0x4E, 0x39, 0x34, 0x45, 0x75, 0x52, 0x67, 0x30, 0x43,
603 0x6B, 0x58, 0x42, 0x68, 0x48, 0x70, 0x6F, 0x47, 0x6F, 0x34, 0x71, 0x6E,
604 0x4D, 0x33, 0x51, 0x33, 0x42, 0x35, 0x50, 0x6C, 0x6D, 0x53, 0x4B, 0x35,
605 0x67, 0x6B, 0x75, 0x50, 0x76, 0x57, 0x79, 0x39, 0x6C, 0x38, 0x4C, 0x2F,
606 0x54, 0x56, 0x74, 0x38, 0x4C, 0x62, 0x36, 0x2F, 0x7A, 0x4C, 0x0A, 0x42,
607 0x79, 0x51, 0x57, 0x2B, 0x67, 0x30, 0x32, 0x77, 0x78, 0x65, 0x4E, 0x47,
608 0x68, 0x77, 0x31, 0x66, 0x6B, 0x44, 0x2B, 0x58, 0x46, 0x48, 0x37, 0x4B,
609 0x6B, 0x53, 0x65, 0x57, 0x6C, 0x2B, 0x51, 0x6E, 0x72, 0x4C, 0x63, 0x65,
610 0x50, 0x4D, 0x30, 0x68, 0x51, 0x4B, 0x42, 0x67, 0x51, 0x44, 0x78, 0x6F,
611 0x71, 0x55, 0x6B, 0x30, 0x50, 0x4C, 0x4F, 0x59, 0x35, 0x57, 0x67, 0x4F,
612 0x6B, 0x67, 0x72, 0x0A, 0x75, 0x6D, 0x67, 0x69, 0x65, 0x2F, 0x4B, 0x31,
613 0x57, 0x4B, 0x73, 0x2B, 0x69, 0x7A, 0x54, 0x74, 0x41, 0x70, 0x6A, 0x7A,
614 0x63, 0x4D, 0x37, 0x36, 0x73, 0x7A, 0x61, 0x36, 0x33, 0x62, 0x35, 0x52,
615 0x39, 0x77, 0x2B, 0x50, 0x2B, 0x4E, 0x73, 0x73, 0x4D, 0x56, 0x34, 0x61,
616 0x65, 0x56, 0x39, 0x65, 0x70, 0x45, 0x47, 0x5A, 0x4F, 0x36, 0x38, 0x49,
617 0x55, 0x6D, 0x69, 0x30, 0x51, 0x6A, 0x76, 0x51, 0x0A, 0x6E, 0x70, 0x6C,
618 0x75, 0x51, 0x6F, 0x61, 0x64, 0x46, 0x59, 0x77, 0x65, 0x46, 0x77, 0x53,
619 0x51, 0x31, 0x31, 0x42, 0x58, 0x48, 0x6F, 0x65, 0x51, 0x42, 0x41, 0x34,
620 0x6E, 0x4E, 0x70, 0x6B, 0x72, 0x56, 0x35, 0x38, 0x68, 0x67, 0x7A, 0x5A,
621 0x4E, 0x33, 0x6D, 0x39, 0x4A, 0x4C, 0x52, 0x37, 0x4A, 0x78, 0x79, 0x72,
622 0x49, 0x71, 0x58, 0x73, 0x52, 0x6E, 0x55, 0x7A, 0x6C, 0x31, 0x33, 0x4B,
623 0x6A, 0x0A, 0x47, 0x7A, 0x5A, 0x42, 0x43, 0x4A, 0x78, 0x43, 0x70, 0x4A,
624 0x6A, 0x66, 0x54, 0x7A, 0x65, 0x2F, 0x79, 0x6D, 0x65, 0x38, 0x64, 0x33,
625 0x70, 0x61, 0x35, 0x51, 0x4B, 0x42, 0x67, 0x51, 0x44, 0x51, 0x50, 0x35,
626 0x6D, 0x42, 0x34, 0x6A, 0x49, 0x2B, 0x67, 0x33, 0x58, 0x48, 0x33, 0x4D,
627 0x75, 0x4C, 0x79, 0x42, 0x6A, 0x4D, 0x6F, 0x54, 0x49, 0x76, 0x6F, 0x79,
628 0x37, 0x43, 0x59, 0x4D, 0x68, 0x5A, 0x0A, 0x36, 0x2F, 0x2B, 0x4B, 0x6B,
629 0x70, 0x77, 0x31, 0x33, 0x32, 0x4A, 0x31, 0x36, 0x6D, 0x71, 0x6B, 0x4C,
630 0x72, 0x77, 0x55, 0x4F, 0x5A, 0x66, 0x54, 0x30, 0x65, 0x31, 0x72, 0x4A,
631 0x42, 0x73, 0x43, 0x55, 0x6B, 0x45, 0x6F, 0x42, 0x6D, 0x67, 0x4B, 0x4E,
632 0x74, 0x52, 0x6B, 0x48, 0x6F, 0x33, 0x2F, 0x53, 0x6A, 0x55, 0x49, 0x2F,
633 0x39, 0x66, 0x48, 0x6A, 0x33, 0x75, 0x53, 0x74, 0x50, 0x48, 0x56, 0x0A,
634 0x6F, 0x50, 0x63, 0x66, 0x58, 0x6A, 0x2F, 0x67, 0x46, 0x52, 0x55, 0x6B,
635 0x44, 0x44, 0x7A, 0x59, 0x2B, 0x61, 0x75, 0x42, 0x33, 0x64, 0x48, 0x4F,
636 0x4E, 0x46, 0x31, 0x55, 0x31, 0x7A, 0x30, 0x36, 0x45, 0x41, 0x4E, 0x6B,
637 0x6B, 0x50, 0x43, 0x43, 0x33, 0x61, 0x35, 0x33, 0x38, 0x55, 0x41, 0x4E,
638 0x42, 0x49, 0x61, 0x50, 0x6A, 0x77, 0x70, 0x52, 0x64, 0x42, 0x7A, 0x4E,
639 0x77, 0x31, 0x78, 0x6C, 0x0A, 0x62, 0x76, 0x6E, 0x35, 0x61, 0x43, 0x74,
640 0x33, 0x48, 0x77, 0x4B, 0x42, 0x67, 0x42, 0x66, 0x4F, 0x6C, 0x34, 0x6A,
641 0x47, 0x45, 0x58, 0x59, 0x6D, 0x4E, 0x36, 0x4B, 0x2B, 0x75, 0x30, 0x65,
642 0x62, 0x71, 0x52, 0x44, 0x6B, 0x74, 0x32, 0x67, 0x49, 0x6F, 0x57, 0x36,
643 0x62, 0x46, 0x6F, 0x37, 0x58, 0x64, 0x36, 0x78, 0x63, 0x69, 0x2F, 0x67,
644 0x46, 0x57, 0x6A, 0x6F, 0x56, 0x43, 0x4F, 0x42, 0x59, 0x0A, 0x67, 0x43,
645 0x38, 0x47, 0x4C, 0x4D, 0x6E, 0x77, 0x33, 0x7A, 0x32, 0x71, 0x67, 0x61,
646 0x76, 0x34, 0x63, 0x51, 0x49, 0x67, 0x38, 0x45, 0x44, 0x59, 0x70, 0x62,
647 0x70, 0x45, 0x34, 0x46, 0x48, 0x51, 0x6E, 0x6E, 0x74, 0x50, 0x6B, 0x4B,
648 0x57, 0x2F, 0x62, 0x72, 0x75, 0x30, 0x4E, 0x74, 0x33, 0x79, 0x61, 0x4E,
649 0x62, 0x38, 0x69, 0x67, 0x79, 0x31, 0x61, 0x5A, 0x4F, 0x52, 0x66, 0x49,
650 0x76, 0x5A, 0x0A, 0x71, 0x54, 0x4D, 0x4C, 0x45, 0x33, 0x6D, 0x65, 0x6C,
651 0x63, 0x5A, 0x57, 0x37, 0x4C, 0x61, 0x69, 0x71, 0x65, 0x4E, 0x31, 0x56,
652 0x30, 0x76, 0x48, 0x2F, 0x4D, 0x43, 0x55, 0x64, 0x70, 0x58, 0x39, 0x59,
653 0x31, 0x34, 0x4B, 0x39, 0x43, 0x4A, 0x59, 0x78, 0x7A, 0x73, 0x52, 0x4F,
654 0x67, 0x50, 0x71, 0x64, 0x45, 0x67, 0x4D, 0x57, 0x59, 0x44, 0x46, 0x41,
655 0x6F, 0x47, 0x41, 0x41, 0x65, 0x39, 0x6C, 0x0A, 0x58, 0x4D, 0x69, 0x65,
656 0x55, 0x4F, 0x68, 0x6C, 0x30, 0x73, 0x71, 0x68, 0x64, 0x5A, 0x59, 0x52,
657 0x62, 0x4F, 0x31, 0x65, 0x69, 0x77, 0x54, 0x49, 0x4C, 0x58, 0x51, 0x36,
658 0x79, 0x47, 0x4D, 0x69, 0x42, 0x38, 0x61, 0x65, 0x2F, 0x76, 0x30, 0x70,
659 0x62, 0x42, 0x45, 0x57, 0x6C, 0x70, 0x6E, 0x38, 0x6B, 0x32, 0x2B, 0x4A,
660 0x6B, 0x71, 0x56, 0x54, 0x77, 0x48, 0x67, 0x67, 0x62, 0x43, 0x41, 0x5A,
661 0x0A, 0x6A, 0x4F, 0x61, 0x71, 0x56, 0x74, 0x58, 0x31, 0x6D, 0x55, 0x79,
662 0x54, 0x59, 0x7A, 0x6A, 0x73, 0x54, 0x7A, 0x34, 0x5A, 0x59, 0x6A, 0x68,
663 0x61, 0x48, 0x4A, 0x33, 0x6A, 0x31, 0x57, 0x6C, 0x65, 0x67, 0x6F, 0x4D,
664 0x63, 0x73, 0x74, 0x64, 0x66, 0x54, 0x2B, 0x74, 0x78, 0x4D, 0x55, 0x37,
665 0x34, 0x6F, 0x67, 0x64, 0x4F, 0x71, 0x4D, 0x7A, 0x68, 0x78, 0x53, 0x55,
666 0x4F, 0x34, 0x35, 0x67, 0x38, 0x0A, 0x66, 0x39, 0x57, 0x38, 0x39, 0x6D,
667 0x70, 0x61, 0x38, 0x62, 0x42, 0x6A, 0x4F, 0x50, 0x75, 0x2B, 0x79, 0x46,
668 0x79, 0x36, 0x36, 0x74, 0x44, 0x61, 0x5A, 0x36, 0x73, 0x57, 0x45, 0x37,
669 0x63, 0x35, 0x53, 0x58, 0x45, 0x48, 0x58, 0x6C, 0x38, 0x43, 0x67, 0x59,
670 0x45, 0x41, 0x74, 0x41, 0x57, 0x77, 0x46, 0x50, 0x6F, 0x44, 0x53, 0x54,
671 0x64, 0x7A, 0x6F, 0x58, 0x41, 0x77, 0x52, 0x6F, 0x66, 0x30, 0x0A, 0x51,
672 0x4D, 0x4F, 0x30, 0x38, 0x2B, 0x50, 0x6E, 0x51, 0x47, 0x6F, 0x50, 0x62,
673 0x4D, 0x4A, 0x54, 0x71, 0x72, 0x67, 0x78, 0x72, 0x48, 0x59, 0x43, 0x53,
674 0x38, 0x75, 0x34, 0x63, 0x59, 0x53, 0x48, 0x64, 0x44, 0x4D, 0x4A, 0x44,
675 0x43, 0x4F, 0x4D, 0x6F, 0x35, 0x67, 0x46, 0x58, 0x79, 0x43, 0x2B, 0x35,
676 0x46, 0x66, 0x54, 0x69, 0x47, 0x77, 0x42, 0x68, 0x79, 0x35, 0x38, 0x7A,
677 0x35, 0x62, 0x37, 0x0A, 0x67, 0x42, 0x77, 0x46, 0x4B, 0x49, 0x39, 0x52,
678 0x67, 0x52, 0x66, 0x56, 0x31, 0x44, 0x2F, 0x4E, 0x69, 0x6D, 0x78, 0x50,
679 0x72, 0x6C, 0x6A, 0x33, 0x57, 0x48, 0x79, 0x65, 0x63, 0x31, 0x2F, 0x43,
680 0x73, 0x2B, 0x42, 0x72, 0x2B, 0x2F, 0x76, 0x65, 0x6B, 0x4D, 0x56, 0x46,
681 0x67, 0x35, 0x67, 0x65, 0x6B, 0x65, 0x48, 0x72, 0x34, 0x61, 0x47, 0x53,
682 0x46, 0x34, 0x62, 0x6B, 0x30, 0x41, 0x6A, 0x56, 0x0A, 0x54, 0x76, 0x2F,
683 0x70, 0x51, 0x6A, 0x79, 0x52, 0x75, 0x5A, 0x41, 0x74, 0x36, 0x36, 0x49,
684 0x62, 0x52, 0x5A, 0x64, 0x6C, 0x32, 0x49, 0x49, 0x3D, 0x0A, 0x2D, 0x2D,
685 0x2D, 0x2D, 0x2D, 0x45, 0x4E, 0x44, 0x20, 0x50, 0x52, 0x49, 0x56, 0x41,
686 0x54, 0x45, 0x20, 0x4B, 0x45, 0x59, 0x2D, 0x2D, 0x2D, 0x2D, 0x2D
687 };
688 /*
689 * PEM of pem_rsa_priv_key:
690 * -----BEGIN PRIVATE KEY-----
691 * MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDEkC4ZWv3ucFbU
692 * F8YwlUrmQlLCZwAgr4DPUAFVHl+wFcXypVgScVY4K7QmdWKsYqb8tpOxqw0NwZWX
693 * O+ta4+y27COufoOhRTMwNyN2LwSNTPN3eEk4ee5QnppEyDrqoCgvTlAAdToFaXvj
694 * x13Ybj7jfhwN74qKdqsSEtPWyggeotiQSPy6KyBIuWtIxPAA8jAvfAnQj1eXhghF
695 * N2NxkqgxvBYdNy1m3+jXACPLRzc11ZbNHKiwhCY1/HiSBkwHlIK+/VLj2smCKdUQ
696 * gvLXSnnVgQulHioD6UgY8xA2a4M1rhYuTV8BrPRZ4BFx2o0jYWvGbA/Hlp7fTOy+
697 * F5OkiHS7AgMBAAECggEAYgCu81ZiQBVDvWiDGKr+1pIf2CxprGJEm1h86ZcEx3L7
698 * qFDW+g8HGWd04S3qvh9LublAJzetAPxRXL9zx3PXjJZs7e3HLEuny3TaWez0XI0O
699 * 4LSY8S8d6pVBPmUEtwGWN4vYqHnKLXOb4QQAXs4MzfkM/Me/b+zdu1umwjMl3Dud
700 * 5rVhkgvt8uhDUG3XSHeoJYBMbT9ikJDVMJ51rre/1Riddgxp8SktVkvGmMl9kQR8
701 * 8dv3Px/kTN94EuRg0CkXBhHpoGo4qnM3Q3B5PlmSK5gkuPvWy9l8L/TVt8Lb6/zL
702 * ByQW+g02wxeNGhw1fkD+XFH7KkSeWl+QnrLcePM0hQKBgQDxoqUk0PLOY5WgOkgr
703 * umgie/K1WKs+izTtApjzcM76sza63b5R9w+P+NssMV4aeV9epEGZO68IUmi0QjvQ
704 * npluQoadFYweFwSQ11BXHoeQBA4nNpkrV58hgzZN3m9JLR7JxyrIqXsRnUzl13Kj
705 * GzZBCJxCpJjfTze/yme8d3pa5QKBgQDQP5mB4jI+g3XH3MuLyBjMoTIvoy7CYMhZ
706 * 6/+Kkpw132J16mqkLrwUOZfT0e1rJBsCUkEoBmgKNtRkHo3/SjUI/9fHj3uStPHV
707 * oPcfXj/gFRUkDDzY+auB3dHONF1U1z06EANkkPCC3a538UANBIaPjwpRdBzNw1xl
708 * bvn5aCt3HwKBgBfOl4jGEXYmN6K+u0ebqRDkt2gIoW6bFo7Xd6xci/gFWjoVCOBY
709 * gC8GLMnw3z2qgav4cQIg8EDYpbpE4FHQnntPkKW/bru0Nt3yaNb8igy1aZORfIvZ
710 * qTMLE3melcZW7LaiqeN1V0vH/MCUdpX9Y14K9CJYxzsROgPqdEgMWYDFAoGAAe9l
711 * XMieUOhl0sqhdZYRbO1eiwTILXQ6yGMiB8ae/v0pbBEWlpn8k2+JkqVTwHggbCAZ
712 * jOaqVtX1mUyTYzjsTz4ZYjhaHJ3j1WlegoMcstdfT+txMU74ogdOqMzhxSUO45g8
713 * f9W89mpa8bBjOPu+yFy66tDaZ6sWE7c5SXEHXl8CgYEAtAWwFPoDSTdzoXAwRof0
714 * QMO08+PnQGoPbMJTqrgxrHYCS8u4cYSHdDMJDCOMo5gFXyC+5FfTiGwBhy58z5b7
715 * gBwFKI9RgRfV1D/NimxPrlj3WHyec1/Cs+Br+/vekMVFg5gekeHr4aGSF4bk0AjV
716 * Tv/pQjyRuZAt66IbRZdl2II=
717 * -----END PRIVATE KEY-----
718 */
719
720 /* Load private key BIO, DER-encoded public key and PKCS#8 private key for testing */
721 if (!TEST_ptr(bio_priv = BIO_new(BIO_s_mem()))
722 || !TEST_int_gt(BIO_write(bio_priv, pem_rsa_priv_key, sizeof(pem_rsa_priv_key)), 0)
723 || !TEST_ptr(pkey = PEM_read_bio_PrivateKey_ex(bio_priv, NULL, NULL, NULL, NULL, NULL))
724 || !TEST_int_ge(BIO_seek(bio_priv, 0), 0)
725 || !TEST_int_gt((len_pub = i2d_PUBKEY(pkey, &encoded_pub)), 0)
726 || !TEST_ptr(p8 = EVP_PKEY2PKCS8(pkey)))
727 goto end;
728 EVP_PKEY_free(pkey);
729 pkey = NULL;
730
731 for (i = 0; i < OSSL_NELEM(properties_test); i++) {
732 const char *libctx_prop = properties_test[i].provider_props;
733 const char *explicit_prop = properties_test[i].explicit_props;
734 /* *curr_provider will be updated in reset_ctx_providers */
735 OSSL_PROVIDER **curr_provider = &providers[properties_test[i].curr_provider_idx];
736
737 /*
738 * Decoding a PEM-encoded key uses the properties to select the right provider.
739 * Using a PEM-encoding adds an extra decoder before the key is created.
740 */
741 if (!TEST_int_eq(reset_ctx_providers(&my_libctx, providers, libctx_prop), 1))
742 goto end;
743 if (!TEST_int_ge(BIO_seek(bio_priv, 0), 0)
744 || !TEST_ptr(pkey = PEM_read_bio_PrivateKey_ex(bio_priv, NULL, NULL, NULL, my_libctx,
745 explicit_prop))
746 || !TEST_ptr_eq(EVP_PKEY_get0_provider(pkey), *curr_provider))
747 goto end;
748 EVP_PKEY_free(pkey);
749 pkey = NULL;
750
751 /* Decoding a DER-encoded X509_PUBKEY uses the properties to select the right provider */
752 if (!TEST_int_eq(reset_ctx_providers(&my_libctx, providers, libctx_prop), 1))
753 goto end;
754 p = encoded_pub;
755 if (!TEST_ptr(pkey = d2i_PUBKEY_ex(NULL, &p, len_pub, my_libctx, explicit_prop))
756 || !TEST_ptr_eq(EVP_PKEY_get0_provider(pkey), *curr_provider))
757 goto end;
758 EVP_PKEY_free(pkey);
759 pkey = NULL;
760
761 /* Decoding a PKCS8_PRIV_KEY_INFO uses the properties to select the right provider */
762 if (!TEST_int_eq(reset_ctx_providers(&my_libctx, providers, libctx_prop), 1))
763 goto end;
764 if (!TEST_ptr(pkey = EVP_PKCS82PKEY_ex(p8, my_libctx, explicit_prop))
765 || !TEST_ptr_eq(EVP_PKEY_get0_provider(pkey), *curr_provider))
766 goto end;
767 EVP_PKEY_free(pkey);
768 pkey = NULL;
769 }
770
771 ret = 1;
772
773 end:
774 PKCS8_PRIV_KEY_INFO_free(p8);
775 BIO_free(bio_priv);
776 OPENSSL_free(encoded_pub);
777 EVP_PKEY_free(pkey);
778 OSSL_PROVIDER_unload(providers[DEFAULT_PROVIDER_IDX]);
779 fake_rsa_finish(providers[FAKE_RSA_PROVIDER_IDX]);
780 OSSL_LIB_CTX_free(my_libctx);
781 return ret;
782 }
783
setup_tests(void)784 int setup_tests(void)
785 {
786 libctx = OSSL_LIB_CTX_new();
787 if (libctx == NULL)
788 return 0;
789
790 ADD_TEST(test_pkey_sig);
791 ADD_TEST(test_alternative_keygen_init);
792 ADD_TEST(test_pkey_eq);
793 ADD_TEST(test_pkey_can_sign);
794 ADD_ALL_TESTS(test_pkey_store, 2);
795 ADD_TEST(test_pkey_delete);
796 ADD_TEST(test_pkey_store_open_ex);
797 ADD_TEST(test_pkey_provider_decoder_props);
798
799 return 1;
800 }
801
cleanup_tests(void)802 void cleanup_tests(void)
803 {
804 OSSL_LIB_CTX_free(libctx);
805 }
806