evp_pkey_provided_test.c 69 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785
  1. /*
  2. * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <string.h> /* memset */
  10. #include <openssl/evp.h>
  11. #include <openssl/pem.h>
  12. #include <openssl/encoder.h>
  13. #include <openssl/provider.h>
  14. #include <openssl/param_build.h>
  15. #include <openssl/core_names.h>
  16. #include <openssl/sha.h>
  17. #include "crypto/ecx.h"
  18. #include "crypto/evp.h" /* For the internal API */
  19. #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
  20. #include "internal/nelem.h"
  21. #include "testutil.h"
  22. static char *datadir = NULL;
  23. /*
  24. * Do not change the order of the following defines unless you also
  25. * update the for loop bounds used inside test_print_key_using_encoder() and
  26. * test_print_key_using_encoder_public().
  27. */
  28. #define PRIV_TEXT 0
  29. #define PRIV_PEM 1
  30. #define PRIV_DER 2
  31. #define PUB_TEXT 3
  32. #define PUB_PEM 4
  33. #define PUB_DER 5
  34. static void stripcr(char *buf, size_t *len)
  35. {
  36. size_t i;
  37. char *curr, *writ;
  38. for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
  39. if (*curr == '\r') {
  40. (*len)--;
  41. continue;
  42. }
  43. if (curr != writ)
  44. *writ = *curr;
  45. writ++;
  46. }
  47. }
  48. static int compare_with_file(const char *alg, int type, BIO *membio)
  49. {
  50. char filename[80];
  51. BIO *file = NULL;
  52. char buf[4096];
  53. char *memdata, *fullfile = NULL;
  54. const char *suffix;
  55. size_t readbytes;
  56. int ret = 0;
  57. int len;
  58. size_t slen;
  59. switch (type) {
  60. case PRIV_TEXT:
  61. suffix = "priv.txt";
  62. break;
  63. case PRIV_PEM:
  64. suffix = "priv.pem";
  65. break;
  66. case PRIV_DER:
  67. suffix = "priv.der";
  68. break;
  69. case PUB_TEXT:
  70. suffix = "pub.txt";
  71. break;
  72. case PUB_PEM:
  73. suffix = "pub.pem";
  74. break;
  75. case PUB_DER:
  76. suffix = "pub.der";
  77. break;
  78. default:
  79. TEST_error("Invalid file type");
  80. goto err;
  81. }
  82. BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
  83. fullfile = test_mk_file_path(datadir, filename);
  84. if (!TEST_ptr(fullfile))
  85. goto err;
  86. file = BIO_new_file(fullfile, "rb");
  87. if (!TEST_ptr(file))
  88. goto err;
  89. if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
  90. || !TEST_true(BIO_eof(file))
  91. || !TEST_size_t_lt(readbytes, sizeof(buf)))
  92. goto err;
  93. len = BIO_get_mem_data(membio, &memdata);
  94. if (!TEST_int_gt(len, 0))
  95. goto err;
  96. slen = len;
  97. if (type != PRIV_DER && type != PUB_DER) {
  98. stripcr(memdata, &slen);
  99. stripcr(buf, &readbytes);
  100. }
  101. if (!TEST_mem_eq(memdata, slen, buf, readbytes))
  102. goto err;
  103. ret = 1;
  104. err:
  105. OPENSSL_free(fullfile);
  106. (void)BIO_reset(membio);
  107. BIO_free(file);
  108. return ret;
  109. }
  110. static int pass_cb(char *buf, int size, int rwflag, void *u)
  111. {
  112. return 0;
  113. }
  114. static int pass_cb_error(char *buf, int size, int rwflag, void *u)
  115. {
  116. return -1;
  117. }
  118. static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
  119. {
  120. BIO *membio = BIO_new(BIO_s_mem());
  121. int ret = 0;
  122. if (!TEST_ptr(membio))
  123. goto err;
  124. if (/* Output Encrypted private key in PEM form */
  125. !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
  126. (unsigned char *)"pass", 4,
  127. NULL, NULL))
  128. /* Output zero-length passphrase encrypted private key in PEM form */
  129. || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
  130. EVP_aes_256_cbc(),
  131. (const char *)~0, 0,
  132. NULL, NULL))
  133. || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
  134. EVP_aes_256_cbc(),
  135. NULL, 0, NULL, ""))
  136. || !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
  137. EVP_aes_256_cbc(),
  138. NULL, 0, pass_cb, NULL))
  139. || !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
  140. EVP_aes_256_cbc(),
  141. NULL, 0, pass_cb_error,
  142. NULL))
  143. #ifndef OPENSSL_NO_DES
  144. || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
  145. bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
  146. (const char *)~0, 0, NULL, NULL))
  147. || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
  148. bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
  149. NULL, ""))
  150. || !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
  151. bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
  152. pass_cb, NULL))
  153. || !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
  154. bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
  155. pass_cb_error, NULL))
  156. #endif
  157. /* Private key in text form */
  158. || !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
  159. || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
  160. /* Public key in PEM form */
  161. || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
  162. || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
  163. /* Unencrypted private key in PEM form */
  164. || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
  165. NULL, NULL, 0, NULL, NULL))
  166. || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
  167. /* NULL key */
  168. || !TEST_false(PEM_write_bio_PrivateKey(membio, NULL,
  169. NULL, NULL, 0, NULL, NULL))
  170. || !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL,
  171. NULL, NULL, 0, NULL, NULL)))
  172. goto err;
  173. ret = 1;
  174. err:
  175. BIO_free(membio);
  176. return ret;
  177. }
  178. static int test_print_key_type_using_encoder(const char *alg, int type,
  179. const EVP_PKEY *pk)
  180. {
  181. const char *output_type, *output_structure;
  182. int selection;
  183. OSSL_ENCODER_CTX *ctx = NULL;
  184. BIO *membio = BIO_new(BIO_s_mem());
  185. int ret = 0;
  186. switch (type) {
  187. case PRIV_TEXT:
  188. output_type = "TEXT";
  189. output_structure = NULL;
  190. selection = OSSL_KEYMGMT_SELECT_KEYPAIR
  191. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  192. break;
  193. case PRIV_PEM:
  194. output_type = "PEM";
  195. output_structure = "PrivateKeyInfo";
  196. selection = OSSL_KEYMGMT_SELECT_KEYPAIR
  197. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  198. break;
  199. case PRIV_DER:
  200. output_type = "DER";
  201. output_structure = "PrivateKeyInfo";
  202. selection = OSSL_KEYMGMT_SELECT_KEYPAIR
  203. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  204. break;
  205. case PUB_TEXT:
  206. output_type = "TEXT";
  207. output_structure = NULL;
  208. selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
  209. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  210. break;
  211. case PUB_PEM:
  212. output_type = "PEM";
  213. output_structure = "SubjectPublicKeyInfo";
  214. selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
  215. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  216. break;
  217. case PUB_DER:
  218. output_type = "DER";
  219. output_structure = "SubjectPublicKeyInfo";
  220. selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
  221. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
  222. break;
  223. default:
  224. TEST_error("Invalid encoding type");
  225. goto err;
  226. }
  227. if (!TEST_ptr(membio))
  228. goto err;
  229. /* Make a context, it's valid for several prints */
  230. TEST_note("Setting up a OSSL_ENCODER context with passphrase");
  231. if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
  232. output_type,
  233. output_structure,
  234. NULL))
  235. /* Check that this operation is supported */
  236. || !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
  237. goto err;
  238. /* Use no cipher. This should give us an unencrypted PEM */
  239. TEST_note("Testing with no encryption");
  240. if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
  241. || !TEST_true(compare_with_file(alg, type, membio)))
  242. goto err;
  243. if (type == PRIV_PEM) {
  244. /* Set a passphrase to be used later */
  245. if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
  246. (unsigned char *)"pass",
  247. 4)))
  248. goto err;
  249. /* Use a valid cipher name */
  250. TEST_note("Displaying PEM encrypted with AES-256-CBC");
  251. if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
  252. || !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
  253. goto err;
  254. /* Use an invalid cipher name, which should generate no output */
  255. TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
  256. if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
  257. || !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
  258. goto err;
  259. /* Clear the cipher. This should give us an unencrypted PEM again */
  260. TEST_note("Testing with encryption cleared (no encryption)");
  261. if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
  262. || !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
  263. || !TEST_true(compare_with_file(alg, type, membio)))
  264. goto err;
  265. }
  266. ret = 1;
  267. err:
  268. BIO_free(membio);
  269. OSSL_ENCODER_CTX_free(ctx);
  270. return ret;
  271. }
  272. static int test_print_key_using_encoder(const char *alg, const EVP_PKEY *pk)
  273. {
  274. int i;
  275. int ret = 1;
  276. for (i = PRIV_TEXT; i <= PUB_DER; i++)
  277. ret = ret && test_print_key_type_using_encoder(alg, i, pk);
  278. return ret;
  279. }
  280. #ifndef OPENSSL_NO_ECX
  281. static int test_print_key_using_encoder_public(const char *alg,
  282. const EVP_PKEY *pk)
  283. {
  284. int i;
  285. int ret = 1;
  286. for (i = PUB_TEXT; i <= PUB_DER; i++)
  287. ret = ret && test_print_key_type_using_encoder(alg, i, pk);
  288. return ret;
  289. }
  290. #endif
  291. /* Array indexes used in test_fromdata_rsa */
  292. #define N 0
  293. #define E 1
  294. #define D 2
  295. #define P 3
  296. #define Q 4
  297. #define DP 5
  298. #define DQ 6
  299. #define QINV 7
  300. static int test_fromdata_rsa(void)
  301. {
  302. int ret = 0, i;
  303. EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
  304. EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
  305. /*
  306. * 32-bit RSA key, extracted from this command,
  307. * executed with OpenSSL 1.0.2:
  308. *
  309. * openssl genrsa 32 | openssl rsa -text
  310. */
  311. static unsigned long key_numbers[] = {
  312. 0xbc747fc5, /* N */
  313. 0x10001, /* E */
  314. 0x7b133399, /* D */
  315. 0xe963, /* P */
  316. 0xceb7, /* Q */
  317. 0x8599, /* DP */
  318. 0xbd87, /* DQ */
  319. 0xcc3b, /* QINV */
  320. };
  321. OSSL_PARAM fromdata_params[] = {
  322. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
  323. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
  324. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
  325. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
  326. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
  327. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
  328. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
  329. OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
  330. OSSL_PARAM_END
  331. };
  332. BIGNUM *bn = BN_new();
  333. BIGNUM *bn_from = BN_new();
  334. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
  335. goto err;
  336. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  337. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  338. fromdata_params), 1))
  339. goto err;
  340. while (dup_pk == NULL) {
  341. ret = 0;
  342. if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
  343. || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
  344. || !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
  345. || !TEST_false(EVP_PKEY_missing_parameters(pk)))
  346. goto err;
  347. EVP_PKEY_CTX_free(key_ctx);
  348. if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
  349. goto err;
  350. if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
  351. || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
  352. || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
  353. || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
  354. goto err;
  355. /* EVP_PKEY_copy_parameters() should fail for RSA */
  356. if (!TEST_ptr(copy_pk = EVP_PKEY_new())
  357. || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
  358. goto err;
  359. EVP_PKEY_free(copy_pk);
  360. copy_pk = NULL;
  361. ret = test_print_key_using_pem("RSA", pk)
  362. && test_print_key_using_encoder("RSA", pk);
  363. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  364. goto err;
  365. ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  366. EVP_PKEY_free(pk);
  367. pk = dup_pk;
  368. if (!ret)
  369. goto err;
  370. }
  371. err:
  372. /* for better diagnostics always compare key params */
  373. for (i = 0; fromdata_params[i].key != NULL; ++i) {
  374. if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
  375. || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
  376. || !TEST_BN_eq(bn, bn_from))
  377. ret = 0;
  378. }
  379. BN_free(bn_from);
  380. BN_free(bn);
  381. EVP_PKEY_free(pk);
  382. EVP_PKEY_free(copy_pk);
  383. EVP_PKEY_CTX_free(key_ctx);
  384. EVP_PKEY_CTX_free(ctx);
  385. return ret;
  386. }
  387. static int test_evp_pkey_get_bn_param_large(void)
  388. {
  389. int ret = 0;
  390. EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
  391. EVP_PKEY *pk = NULL;
  392. OSSL_PARAM_BLD *bld = NULL;
  393. OSSL_PARAM *fromdata_params = NULL;
  394. BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
  395. /*
  396. * The buffer size chosen here for n_data larger than the buffer used
  397. * internally in EVP_PKEY_get_bn_param.
  398. */
  399. static unsigned char n_data[2050];
  400. static const unsigned char e_data[] = {
  401. 0x1, 0x00, 0x01
  402. };
  403. static const unsigned char d_data[]= {
  404. 0x99, 0x33, 0x13, 0x7b
  405. };
  406. /* N is a large buffer */
  407. memset(n_data, 0xCE, sizeof(n_data));
  408. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  409. || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
  410. || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
  411. || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
  412. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
  413. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
  414. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
  415. || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
  416. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
  417. || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  418. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  419. fromdata_params), 1)
  420. || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
  421. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
  422. || !TEST_BN_eq(n, n_out))
  423. goto err;
  424. ret = 1;
  425. err:
  426. BN_free(n_out);
  427. BN_free(n);
  428. BN_free(e);
  429. BN_free(d);
  430. EVP_PKEY_free(pk);
  431. EVP_PKEY_CTX_free(key_ctx);
  432. EVP_PKEY_CTX_free(ctx);
  433. OSSL_PARAM_free(fromdata_params);
  434. OSSL_PARAM_BLD_free(bld);
  435. return ret;
  436. }
  437. #ifndef OPENSSL_NO_DH
  438. static int test_fromdata_dh_named_group(void)
  439. {
  440. int ret = 0;
  441. int gindex = 0, pcounter = 0, hindex = 0;
  442. EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
  443. EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
  444. size_t len;
  445. BIGNUM *pub = NULL, *priv = NULL;
  446. BIGNUM *pub_out = NULL, *priv_out = NULL;
  447. BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
  448. OSSL_PARAM *fromdata_params = NULL;
  449. OSSL_PARAM_BLD *bld = NULL;
  450. char name_out[80];
  451. unsigned char seed_out[32];
  452. /*
  453. * DH key data was generated using the following:
  454. * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
  455. * -pkeyopt priv_len:224 -text
  456. */
  457. static const unsigned char priv_data[] = {
  458. 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
  459. 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
  460. 0x87, 0xe8, 0xa9, 0x7b,
  461. };
  462. static const unsigned char pub_data[] = {
  463. 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
  464. 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
  465. 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
  466. 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
  467. 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
  468. 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
  469. 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
  470. 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
  471. 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
  472. 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
  473. 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
  474. 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
  475. 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
  476. 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
  477. 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
  478. 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
  479. 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
  480. 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
  481. 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
  482. 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
  483. 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
  484. 0xcf, 0x33, 0x42, 0x83, 0x42
  485. };
  486. static const char group_name[] = "ffdhe2048";
  487. static const long priv_len = 224;
  488. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  489. || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
  490. || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
  491. || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
  492. OSSL_PKEY_PARAM_GROUP_NAME,
  493. group_name, 0))
  494. || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
  495. priv_len))
  496. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
  497. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
  498. || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
  499. goto err;
  500. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
  501. goto err;
  502. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  503. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  504. fromdata_params), 1))
  505. goto err;
  506. /*
  507. * A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
  508. * it behaves as expected with regards to string length and terminating
  509. * NUL byte.
  510. */
  511. if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
  512. OSSL_PKEY_PARAM_GROUP_NAME,
  513. NULL, sizeof(name_out),
  514. &len))
  515. || !TEST_size_t_eq(len, sizeof(group_name) - 1)
  516. /* Just enough space to hold the group name and a terminating NUL */
  517. || !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
  518. OSSL_PKEY_PARAM_GROUP_NAME,
  519. name_out,
  520. sizeof(group_name),
  521. &len))
  522. || !TEST_size_t_eq(len, sizeof(group_name) - 1)
  523. /* Too small buffer to hold the terminating NUL byte */
  524. || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
  525. OSSL_PKEY_PARAM_GROUP_NAME,
  526. name_out,
  527. sizeof(group_name) - 1,
  528. &len))
  529. /* Too small buffer to hold the whole group name, even! */
  530. || !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
  531. OSSL_PKEY_PARAM_GROUP_NAME,
  532. name_out,
  533. sizeof(group_name) - 2,
  534. &len)))
  535. goto err;
  536. while (dup_pk == NULL) {
  537. ret = 0;
  538. if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
  539. || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
  540. || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
  541. || !TEST_false(EVP_PKEY_missing_parameters(pk)))
  542. goto err;
  543. if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
  544. OSSL_PKEY_PARAM_GROUP_NAME,
  545. name_out,
  546. sizeof(name_out),
  547. &len))
  548. || !TEST_str_eq(name_out, group_name)
  549. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
  550. &pub_out))
  551. || !TEST_BN_eq(pub, pub_out)
  552. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
  553. &priv_out))
  554. || !TEST_BN_eq(priv, priv_out)
  555. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
  556. || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
  557. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
  558. || !TEST_ptr(q)
  559. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
  560. || !TEST_BN_eq(&ossl_bignum_const_2, g)
  561. || !TEST_false(EVP_PKEY_get_bn_param(pk,
  562. OSSL_PKEY_PARAM_FFC_COFACTOR,
  563. &j))
  564. || !TEST_ptr_null(j)
  565. || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
  566. OSSL_PKEY_PARAM_FFC_SEED,
  567. seed_out,
  568. sizeof(seed_out),
  569. &len))
  570. || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
  571. &gindex))
  572. || !TEST_int_eq(gindex, -1)
  573. || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
  574. &hindex))
  575. || !TEST_int_eq(hindex, 0)
  576. || !TEST_true(EVP_PKEY_get_int_param(pk,
  577. OSSL_PKEY_PARAM_FFC_PCOUNTER,
  578. &pcounter))
  579. || !TEST_int_eq(pcounter, -1))
  580. goto err;
  581. BN_free(p);
  582. p = NULL;
  583. BN_free(q);
  584. q = NULL;
  585. BN_free(g);
  586. g = NULL;
  587. BN_free(j);
  588. j = NULL;
  589. BN_free(pub_out);
  590. pub_out = NULL;
  591. BN_free(priv_out);
  592. priv_out = NULL;
  593. if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
  594. goto err;
  595. if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
  596. || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
  597. || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
  598. || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
  599. goto err;
  600. EVP_PKEY_CTX_free(key_ctx);
  601. key_ctx = NULL;
  602. if (!TEST_ptr(copy_pk = EVP_PKEY_new())
  603. || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
  604. goto err;
  605. EVP_PKEY_free(copy_pk);
  606. copy_pk = NULL;
  607. ret = test_print_key_using_pem("DH", pk)
  608. && test_print_key_using_encoder("DH", pk);
  609. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  610. goto err;
  611. ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  612. EVP_PKEY_free(pk);
  613. pk = dup_pk;
  614. if (!ret)
  615. goto err;
  616. }
  617. err:
  618. BN_free(p);
  619. BN_free(q);
  620. BN_free(g);
  621. BN_free(j);
  622. BN_free(pub);
  623. BN_free(priv);
  624. BN_free(pub_out);
  625. BN_free(priv_out);
  626. EVP_PKEY_free(copy_pk);
  627. EVP_PKEY_free(pk);
  628. EVP_PKEY_CTX_free(ctx);
  629. EVP_PKEY_CTX_free(key_ctx);
  630. OSSL_PARAM_free(fromdata_params);
  631. OSSL_PARAM_BLD_free(bld);
  632. return ret;
  633. }
  634. static int test_fromdata_dh_fips186_4(void)
  635. {
  636. int ret = 0;
  637. int gindex = 0, pcounter = 0, hindex = 0;
  638. EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
  639. EVP_PKEY *pk = NULL, *dup_pk = NULL;
  640. size_t len;
  641. BIGNUM *pub = NULL, *priv = NULL;
  642. BIGNUM *pub_out = NULL, *priv_out = NULL;
  643. BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
  644. OSSL_PARAM_BLD *bld = NULL;
  645. OSSL_PARAM *fromdata_params = NULL;
  646. char name_out[80];
  647. unsigned char seed_out[32];
  648. /*
  649. * DH key data was generated using the following:
  650. * openssl genpkey -algorithm DH
  651. * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
  652. */
  653. static const unsigned char priv_data[] = {
  654. 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
  655. 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
  656. 0x87, 0xe8, 0xa9, 0x7b,
  657. };
  658. static const unsigned char pub_data[] = {
  659. 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
  660. 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
  661. 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
  662. 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
  663. 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
  664. 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
  665. 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
  666. 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
  667. 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
  668. 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
  669. 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
  670. 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
  671. 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
  672. 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
  673. 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
  674. 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
  675. 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
  676. 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
  677. 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
  678. 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
  679. 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
  680. 0x33, 0x42, 0x83, 0x42
  681. };
  682. static const char group_name[] = "ffdhe2048";
  683. static const long priv_len = 224;
  684. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  685. || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
  686. || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
  687. || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
  688. OSSL_PKEY_PARAM_GROUP_NAME,
  689. group_name, 0))
  690. || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
  691. priv_len))
  692. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
  693. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
  694. || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
  695. goto err;
  696. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
  697. goto err;
  698. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  699. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  700. fromdata_params), 1))
  701. goto err;
  702. while (dup_pk == NULL) {
  703. ret = 0;
  704. if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
  705. || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
  706. || !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
  707. || !TEST_false(EVP_PKEY_missing_parameters(pk)))
  708. goto err;
  709. if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
  710. OSSL_PKEY_PARAM_GROUP_NAME,
  711. name_out,
  712. sizeof(name_out),
  713. &len))
  714. || !TEST_str_eq(name_out, group_name)
  715. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
  716. &pub_out))
  717. || !TEST_BN_eq(pub, pub_out)
  718. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
  719. &priv_out))
  720. || !TEST_BN_eq(priv, priv_out)
  721. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
  722. || !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
  723. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
  724. || !TEST_ptr(q)
  725. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
  726. || !TEST_BN_eq(&ossl_bignum_const_2, g)
  727. || !TEST_false(EVP_PKEY_get_bn_param(pk,
  728. OSSL_PKEY_PARAM_FFC_COFACTOR,
  729. &j))
  730. || !TEST_ptr_null(j)
  731. || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
  732. OSSL_PKEY_PARAM_FFC_SEED,
  733. seed_out,
  734. sizeof(seed_out),
  735. &len))
  736. || !TEST_true(EVP_PKEY_get_int_param(pk,
  737. OSSL_PKEY_PARAM_FFC_GINDEX,
  738. &gindex))
  739. || !TEST_int_eq(gindex, -1)
  740. || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
  741. &hindex))
  742. || !TEST_int_eq(hindex, 0)
  743. || !TEST_true(EVP_PKEY_get_int_param(pk,
  744. OSSL_PKEY_PARAM_FFC_PCOUNTER,
  745. &pcounter))
  746. || !TEST_int_eq(pcounter, -1))
  747. goto err;
  748. BN_free(p);
  749. p = NULL;
  750. BN_free(q);
  751. q = NULL;
  752. BN_free(g);
  753. g = NULL;
  754. BN_free(j);
  755. j = NULL;
  756. BN_free(pub_out);
  757. pub_out = NULL;
  758. BN_free(priv_out);
  759. priv_out = NULL;
  760. if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
  761. goto err;
  762. if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
  763. || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
  764. || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
  765. || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
  766. goto err;
  767. EVP_PKEY_CTX_free(key_ctx);
  768. key_ctx = NULL;
  769. ret = test_print_key_using_pem("DH", pk)
  770. && test_print_key_using_encoder("DH", pk);
  771. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  772. goto err;
  773. ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  774. EVP_PKEY_free(pk);
  775. pk = dup_pk;
  776. if (!ret)
  777. goto err;
  778. }
  779. err:
  780. BN_free(p);
  781. BN_free(q);
  782. BN_free(g);
  783. BN_free(j);
  784. BN_free(pub);
  785. BN_free(priv);
  786. BN_free(pub_out);
  787. BN_free(priv_out);
  788. EVP_PKEY_free(pk);
  789. EVP_PKEY_CTX_free(ctx);
  790. EVP_PKEY_CTX_free(key_ctx);
  791. OSSL_PARAM_free(fromdata_params);
  792. OSSL_PARAM_BLD_free(bld);
  793. return ret;
  794. }
  795. #endif
  796. #ifndef OPENSSL_NO_EC
  797. # ifndef OPENSSL_NO_ECX
  798. /* Array indexes used in test_fromdata_ecx */
  799. # define PRIV_KEY 0
  800. # define PUB_KEY 1
  801. # define X25519_IDX 0
  802. # define X448_IDX 1
  803. # define ED25519_IDX 2
  804. # define ED448_IDX 3
  805. /*
  806. * tst uses indexes 0 ... (3 * 4 - 1)
  807. * For the 4 ECX key types (X25519_IDX..ED448_IDX)
  808. * 0..3 = public + private key.
  809. * 4..7 = private key (This will generate the public key from the private key)
  810. * 8..11 = public key
  811. */
  812. static int test_fromdata_ecx(int tst)
  813. {
  814. int ret = 0;
  815. EVP_PKEY_CTX *ctx = NULL, *ctx2 = NULL;
  816. EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
  817. const char *alg = NULL;
  818. size_t len;
  819. unsigned char out_pub[ED448_KEYLEN];
  820. unsigned char out_priv[ED448_KEYLEN];
  821. OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
  822. /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
  823. static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
  824. /* X25519: Keys from RFC 7748 6.1 */
  825. {
  826. /* Private Key */
  827. {
  828. 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
  829. 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
  830. 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
  831. 0x2c, 0x2a
  832. },
  833. /* Public Key */
  834. {
  835. 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
  836. 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
  837. 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
  838. 0x4e, 0x6a
  839. }
  840. },
  841. /* X448: Keys from RFC 7748 6.2 */
  842. {
  843. /* Private Key */
  844. {
  845. 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
  846. 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
  847. 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
  848. 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
  849. 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
  850. 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
  851. },
  852. /* Public Key */
  853. {
  854. 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
  855. 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
  856. 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
  857. 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
  858. 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
  859. 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
  860. }
  861. },
  862. /* ED25519: Keys from RFC 8032 */
  863. {
  864. /* Private Key */
  865. {
  866. 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
  867. 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
  868. 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
  869. 0x7f, 0x60
  870. },
  871. /* Public Key */
  872. {
  873. 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
  874. 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
  875. 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
  876. 0x51, 0x1a
  877. }
  878. },
  879. /* ED448: Keys from RFC 8032 */
  880. {
  881. /* Private Key */
  882. {
  883. 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
  884. 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
  885. 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
  886. 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
  887. 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
  888. 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
  889. },
  890. /* Public Key */
  891. {
  892. 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
  893. 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
  894. 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
  895. 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
  896. 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
  897. 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
  898. }
  899. }
  900. };
  901. OSSL_PARAM x25519_fromdata_params[] = {
  902. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
  903. key_numbers[X25519_IDX][PRIV_KEY],
  904. X25519_KEYLEN),
  905. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
  906. key_numbers[X25519_IDX][PUB_KEY],
  907. X25519_KEYLEN),
  908. OSSL_PARAM_END
  909. };
  910. OSSL_PARAM x448_fromdata_params[] = {
  911. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
  912. key_numbers[X448_IDX][PRIV_KEY],
  913. X448_KEYLEN),
  914. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
  915. key_numbers[X448_IDX][PUB_KEY],
  916. X448_KEYLEN),
  917. OSSL_PARAM_END
  918. };
  919. OSSL_PARAM ed25519_fromdata_params[] = {
  920. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
  921. key_numbers[ED25519_IDX][PRIV_KEY],
  922. ED25519_KEYLEN),
  923. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
  924. key_numbers[ED25519_IDX][PUB_KEY],
  925. ED25519_KEYLEN),
  926. OSSL_PARAM_END
  927. };
  928. OSSL_PARAM ed448_fromdata_params[] = {
  929. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
  930. key_numbers[ED448_IDX][PRIV_KEY],
  931. ED448_KEYLEN),
  932. OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
  933. key_numbers[ED448_IDX][PUB_KEY],
  934. ED448_KEYLEN),
  935. OSSL_PARAM_END
  936. };
  937. OSSL_PARAM *fromdata_params = NULL;
  938. int bits = 0, security_bits = 0, size = 0;
  939. OSSL_PARAM *orig_fromdata_params = NULL;
  940. switch (tst & 3) {
  941. case X25519_IDX:
  942. fromdata_params = x25519_fromdata_params;
  943. bits = X25519_BITS;
  944. security_bits = X25519_SECURITY_BITS;
  945. size = X25519_KEYLEN;
  946. alg = "X25519";
  947. break;
  948. case X448_IDX:
  949. fromdata_params = x448_fromdata_params;
  950. bits = X448_BITS;
  951. security_bits = X448_SECURITY_BITS;
  952. size = X448_KEYLEN;
  953. alg = "X448";
  954. break;
  955. case ED25519_IDX:
  956. fromdata_params = ed25519_fromdata_params;
  957. bits = ED25519_BITS;
  958. security_bits = ED25519_SECURITY_BITS;
  959. size = ED25519_SIGSIZE;
  960. alg = "ED25519";
  961. break;
  962. case ED448_IDX:
  963. fromdata_params = ed448_fromdata_params;
  964. bits = ED448_BITS;
  965. security_bits = ED448_SECURITY_BITS;
  966. size = ED448_SIGSIZE;
  967. alg = "ED448";
  968. break;
  969. default:
  970. goto err;
  971. }
  972. ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
  973. if (!TEST_ptr(ctx))
  974. goto err;
  975. orig_fromdata_params = fromdata_params;
  976. if (tst > 7) {
  977. /* public key only */
  978. fromdata_params++;
  979. } else if (tst > 3) {
  980. /* private key only */
  981. params[0] = fromdata_params[0];
  982. params[1] = fromdata_params[2];
  983. fromdata_params = params;
  984. }
  985. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  986. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  987. fromdata_params), 1))
  988. goto err;
  989. while (dup_pk == NULL) {
  990. ret = 0;
  991. if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
  992. || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
  993. || !TEST_int_eq(EVP_PKEY_get_size(pk), size)
  994. || !TEST_false(EVP_PKEY_missing_parameters(pk)))
  995. goto err;
  996. if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
  997. goto err;
  998. if (tst <= 7) {
  999. if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
  1000. goto err;
  1001. if (!TEST_true(EVP_PKEY_get_octet_string_param(
  1002. pk, orig_fromdata_params[PRIV_KEY].key,
  1003. out_priv, sizeof(out_priv), &len))
  1004. || !TEST_mem_eq(out_priv, len,
  1005. orig_fromdata_params[PRIV_KEY].data,
  1006. orig_fromdata_params[PRIV_KEY].data_size)
  1007. || !TEST_true(EVP_PKEY_get_octet_string_param(
  1008. pk, orig_fromdata_params[PUB_KEY].key,
  1009. out_pub, sizeof(out_pub), &len))
  1010. || !TEST_mem_eq(out_pub, len,
  1011. orig_fromdata_params[PUB_KEY].data,
  1012. orig_fromdata_params[PUB_KEY].data_size))
  1013. goto err;
  1014. } else {
  1015. /* The private key check should fail if there is only a public key */
  1016. if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0)
  1017. || !TEST_int_le(EVP_PKEY_private_check(ctx2), 0)
  1018. || !TEST_int_le(EVP_PKEY_check(ctx2), 0))
  1019. goto err;
  1020. }
  1021. EVP_PKEY_CTX_free(ctx2);
  1022. ctx2 = NULL;
  1023. if (!TEST_ptr(copy_pk = EVP_PKEY_new())
  1024. /* This should succeed because there are no parameters to copy */
  1025. || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
  1026. goto err;
  1027. EVP_PKEY_free(copy_pk);
  1028. copy_pk = NULL;
  1029. if (tst > 7)
  1030. ret = test_print_key_using_encoder_public(alg, pk);
  1031. else
  1032. ret = test_print_key_using_pem(alg, pk)
  1033. && test_print_key_using_encoder(alg, pk);
  1034. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  1035. goto err;
  1036. ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  1037. EVP_PKEY_free(pk);
  1038. pk = dup_pk;
  1039. if (!ret)
  1040. goto err;
  1041. }
  1042. err:
  1043. EVP_PKEY_free(pk);
  1044. EVP_PKEY_free(copy_pk);
  1045. EVP_PKEY_CTX_free(ctx);
  1046. EVP_PKEY_CTX_free(ctx2);
  1047. return ret;
  1048. }
  1049. # endif /* OPENSSL_NO_ECX */
  1050. static int test_fromdata_ec(void)
  1051. {
  1052. int ret = 0;
  1053. EVP_PKEY_CTX *ctx = NULL;
  1054. EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
  1055. OSSL_PARAM_BLD *bld = NULL;
  1056. BIGNUM *ec_priv_bn = NULL;
  1057. BIGNUM *bn_priv = NULL;
  1058. OSSL_PARAM *fromdata_params = NULL;
  1059. const char *alg = "EC";
  1060. const char *curve = "prime256v1";
  1061. const char bad_curve[] = "nonexistent-curve";
  1062. OSSL_PARAM nokey_params[2] = {
  1063. OSSL_PARAM_END,
  1064. OSSL_PARAM_END
  1065. };
  1066. /* UNCOMPRESSED FORMAT */
  1067. static const unsigned char ec_pub_keydata[] = {
  1068. POINT_CONVERSION_UNCOMPRESSED,
  1069. 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
  1070. 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
  1071. 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
  1072. 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
  1073. 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
  1074. 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
  1075. 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
  1076. 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
  1077. };
  1078. /* SAME BUT COMPRESSED FORMAT */
  1079. static const unsigned char ec_pub_keydata_compressed[] = {
  1080. POINT_CONVERSION_COMPRESSED+1,
  1081. 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
  1082. 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
  1083. 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
  1084. 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2
  1085. };
  1086. static const unsigned char ec_priv_keydata[] = {
  1087. 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
  1088. 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
  1089. 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
  1090. 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
  1091. };
  1092. unsigned char out_pub[sizeof(ec_pub_keydata)];
  1093. char out_curve_name[80];
  1094. const OSSL_PARAM *gettable = NULL;
  1095. size_t len;
  1096. EC_GROUP *group = NULL;
  1097. BIGNUM *group_a = NULL;
  1098. BIGNUM *group_b = NULL;
  1099. BIGNUM *group_p = NULL;
  1100. BIGNUM *a = NULL;
  1101. BIGNUM *b = NULL;
  1102. BIGNUM *p = NULL;
  1103. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
  1104. goto err;
  1105. if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
  1106. sizeof(ec_priv_keydata), NULL)))
  1107. goto err;
  1108. if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
  1109. curve, 0) <= 0)
  1110. goto err;
  1111. /*
  1112. * We intentionally provide the input point in compressed format,
  1113. * and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`.
  1114. *
  1115. * Later on we check what format is used when exporting the
  1116. * `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed
  1117. * format.
  1118. */
  1119. if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
  1120. ec_pub_keydata_compressed,
  1121. sizeof(ec_pub_keydata_compressed)) <= 0)
  1122. goto err;
  1123. if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
  1124. goto err;
  1125. if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
  1126. goto err;
  1127. ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
  1128. if (!TEST_ptr(ctx))
  1129. goto err;
  1130. /* try importing parameters with bad curve first */
  1131. nokey_params[0] =
  1132. OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
  1133. (char *)bad_curve, sizeof(bad_curve));
  1134. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  1135. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
  1136. nokey_params), 0)
  1137. || !TEST_ptr_null(pk))
  1138. goto err;
  1139. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  1140. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  1141. fromdata_params), 1))
  1142. goto err;
  1143. while (dup_pk == NULL) {
  1144. ret = 0;
  1145. if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
  1146. || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
  1147. || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
  1148. || !TEST_false(EVP_PKEY_missing_parameters(pk)))
  1149. goto err;
  1150. if (!TEST_ptr(copy_pk = EVP_PKEY_new())
  1151. || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
  1152. goto err;
  1153. EVP_PKEY_free(copy_pk);
  1154. copy_pk = NULL;
  1155. if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
  1156. || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
  1157. OSSL_PKEY_PARAM_GROUP_NAME))
  1158. || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
  1159. OSSL_PKEY_PARAM_PUB_KEY))
  1160. || !TEST_ptr(OSSL_PARAM_locate_const(gettable,
  1161. OSSL_PKEY_PARAM_PRIV_KEY)))
  1162. goto err;
  1163. if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
  1164. || !TEST_ptr(group_p = BN_new())
  1165. || !TEST_ptr(group_a = BN_new())
  1166. || !TEST_ptr(group_b = BN_new())
  1167. || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
  1168. goto err;
  1169. if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
  1170. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
  1171. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
  1172. goto err;
  1173. if (!TEST_BN_eq(group_p, p) || !TEST_BN_eq(group_a, a)
  1174. || !TEST_BN_eq(group_b, b))
  1175. goto err;
  1176. if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
  1177. out_curve_name,
  1178. sizeof(out_curve_name),
  1179. &len)
  1180. || !TEST_str_eq(out_curve_name, curve)
  1181. || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
  1182. out_pub, sizeof(out_pub), &len)
  1183. /*
  1184. * Our providers use uncompressed format by default if
  1185. * `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not
  1186. * explicitly set, irrespective of the format used for the
  1187. * input point given as a param to create this key.
  1188. */
  1189. || !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED)
  1190. || !TEST_mem_eq(out_pub + 1, len - 1,
  1191. ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1)
  1192. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
  1193. &bn_priv))
  1194. || !TEST_BN_eq(ec_priv_bn, bn_priv))
  1195. goto err;
  1196. BN_free(bn_priv);
  1197. bn_priv = NULL;
  1198. ret = test_print_key_using_pem(alg, pk)
  1199. && test_print_key_using_encoder(alg, pk);
  1200. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  1201. goto err;
  1202. ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  1203. EVP_PKEY_free(pk);
  1204. pk = dup_pk;
  1205. if (!ret)
  1206. goto err;
  1207. }
  1208. err:
  1209. EC_GROUP_free(group);
  1210. BN_free(group_a);
  1211. BN_free(group_b);
  1212. BN_free(group_p);
  1213. BN_free(a);
  1214. BN_free(b);
  1215. BN_free(p);
  1216. BN_free(bn_priv);
  1217. BN_free(ec_priv_bn);
  1218. OSSL_PARAM_free(fromdata_params);
  1219. OSSL_PARAM_BLD_free(bld);
  1220. EVP_PKEY_free(pk);
  1221. EVP_PKEY_free(copy_pk);
  1222. EVP_PKEY_CTX_free(ctx);
  1223. return ret;
  1224. }
  1225. static int test_ec_dup_no_operation(void)
  1226. {
  1227. int ret = 0;
  1228. EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
  1229. EVP_PKEY *param = NULL, *pkey = NULL;
  1230. if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
  1231. || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
  1232. || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
  1233. NID_X9_62_prime256v1), 0)
  1234. || !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
  1235. || !TEST_ptr(param))
  1236. goto err;
  1237. EVP_PKEY_CTX_free(pctx);
  1238. pctx = NULL;
  1239. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
  1240. || !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
  1241. || !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
  1242. || !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
  1243. goto err;
  1244. ret = 1;
  1245. err:
  1246. EVP_PKEY_free(pkey);
  1247. EVP_PKEY_free(param);
  1248. EVP_PKEY_CTX_free(ctx);
  1249. EVP_PKEY_CTX_free(kctx);
  1250. EVP_PKEY_CTX_free(pctx);
  1251. return ret;
  1252. }
  1253. /* Test that keygen doesn't support EVP_PKEY_CTX_dup */
  1254. static int test_ec_dup_keygen_operation(void)
  1255. {
  1256. int ret = 0;
  1257. EVP_PKEY_CTX *pctx = NULL, *ctx = NULL, *kctx = NULL;
  1258. EVP_PKEY *param = NULL, *pkey = NULL;
  1259. if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
  1260. || !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
  1261. || !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
  1262. NID_X9_62_prime256v1), 0)
  1263. || !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
  1264. || !TEST_ptr(param))
  1265. goto err;
  1266. EVP_PKEY_CTX_free(pctx);
  1267. pctx = NULL;
  1268. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
  1269. || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
  1270. || !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
  1271. goto err;
  1272. ret = 1;
  1273. err:
  1274. EVP_PKEY_free(pkey);
  1275. EVP_PKEY_free(param);
  1276. EVP_PKEY_CTX_free(ctx);
  1277. EVP_PKEY_CTX_free(kctx);
  1278. EVP_PKEY_CTX_free(pctx);
  1279. return ret;
  1280. }
  1281. #endif /* OPENSSL_NO_EC */
  1282. #ifndef OPENSSL_NO_DSA
  1283. static int test_fromdata_dsa_fips186_4(void)
  1284. {
  1285. int ret = 0;
  1286. EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
  1287. EVP_PKEY *pk = NULL, *copy_pk = NULL, *dup_pk = NULL;
  1288. BIGNUM *pub = NULL, *priv = NULL;
  1289. BIGNUM *p = NULL, *q = NULL, *g = NULL;
  1290. BIGNUM *pub_out = NULL, *priv_out = NULL;
  1291. BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
  1292. int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
  1293. char name_out[80];
  1294. unsigned char seed_out[32];
  1295. size_t len;
  1296. OSSL_PARAM_BLD *bld = NULL;
  1297. OSSL_PARAM *fromdata_params = NULL;
  1298. /*
  1299. * DSA parameter data was generated using the following:
  1300. * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
  1301. * -pkeyopt qbits:256 -pkeyopt type:0 \
  1302. * -pkeyopt gindex:1 -out dsa_params.pem -text
  1303. */
  1304. static const unsigned char p_data[] = {
  1305. 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
  1306. 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
  1307. 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
  1308. 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
  1309. 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
  1310. 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
  1311. 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
  1312. 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
  1313. 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
  1314. 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
  1315. 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
  1316. 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
  1317. 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
  1318. 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
  1319. 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
  1320. 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
  1321. 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
  1322. 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
  1323. 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
  1324. 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
  1325. 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
  1326. 0x7c, 0xfe, 0xaf, 0x6a, 0x05
  1327. };
  1328. static const unsigned char q_data[] = {
  1329. 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
  1330. 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
  1331. 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
  1332. };
  1333. static const unsigned char g_data[] = {
  1334. 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
  1335. 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
  1336. 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
  1337. 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
  1338. 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
  1339. 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
  1340. 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
  1341. 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
  1342. 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
  1343. 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
  1344. 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
  1345. 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
  1346. 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
  1347. 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
  1348. 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
  1349. 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
  1350. 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
  1351. 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
  1352. 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
  1353. 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
  1354. 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
  1355. 0x02, 0x6f, 0x96, 0x36
  1356. };
  1357. static const unsigned char seed_data[] = {
  1358. 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
  1359. 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
  1360. 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
  1361. };
  1362. const int gindex = 1;
  1363. const int pcounter = 53;
  1364. /*
  1365. * The keypair was generated using
  1366. * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
  1367. * -pkeyopt gindex:1 \
  1368. * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
  1369. */
  1370. static const unsigned char priv_data[] = {
  1371. 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
  1372. 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
  1373. 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
  1374. };
  1375. static const unsigned char pub_data[] = {
  1376. 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
  1377. 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
  1378. 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
  1379. 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
  1380. 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
  1381. 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
  1382. 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
  1383. 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
  1384. 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
  1385. 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
  1386. 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
  1387. 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
  1388. 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
  1389. 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
  1390. 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
  1391. 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
  1392. 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
  1393. 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
  1394. 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
  1395. 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
  1396. 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
  1397. 0x48, 0xd1, 0x8a, 0xbd
  1398. };
  1399. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  1400. || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
  1401. || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
  1402. || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
  1403. || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
  1404. || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
  1405. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
  1406. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
  1407. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
  1408. || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
  1409. OSSL_PKEY_PARAM_FFC_SEED,
  1410. seed_data,
  1411. sizeof(seed_data)))
  1412. || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
  1413. gindex))
  1414. || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
  1415. OSSL_PKEY_PARAM_FFC_PCOUNTER,
  1416. pcounter))
  1417. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
  1418. pub))
  1419. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
  1420. priv))
  1421. || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
  1422. goto err;
  1423. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
  1424. goto err;
  1425. if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  1426. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
  1427. fromdata_params), 1))
  1428. goto err;
  1429. while (dup_pk == NULL) {
  1430. ret = 0;
  1431. if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
  1432. || !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
  1433. || !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
  1434. || !TEST_false(EVP_PKEY_missing_parameters(pk)))
  1435. goto err;
  1436. if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
  1437. OSSL_PKEY_PARAM_GROUP_NAME,
  1438. name_out,
  1439. sizeof(name_out),
  1440. &len))
  1441. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
  1442. &pub_out))
  1443. || !TEST_BN_eq(pub, pub_out)
  1444. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
  1445. &priv_out))
  1446. || !TEST_BN_eq(priv, priv_out)
  1447. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
  1448. &p_out))
  1449. || !TEST_BN_eq(p, p_out)
  1450. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
  1451. &q_out))
  1452. || !TEST_BN_eq(q, q_out)
  1453. || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
  1454. &g_out))
  1455. || !TEST_BN_eq(g, g_out)
  1456. || !TEST_false(EVP_PKEY_get_bn_param(pk,
  1457. OSSL_PKEY_PARAM_FFC_COFACTOR,
  1458. &j_out))
  1459. || !TEST_ptr_null(j_out)
  1460. || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
  1461. OSSL_PKEY_PARAM_FFC_SEED,
  1462. seed_out,
  1463. sizeof(seed_out),
  1464. &len))
  1465. || !TEST_true(EVP_PKEY_get_int_param(pk,
  1466. OSSL_PKEY_PARAM_FFC_GINDEX,
  1467. &gindex_out))
  1468. || !TEST_int_eq(gindex, gindex_out)
  1469. || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
  1470. &hindex_out))
  1471. || !TEST_int_eq(hindex_out, 0)
  1472. || !TEST_true(EVP_PKEY_get_int_param(pk,
  1473. OSSL_PKEY_PARAM_FFC_PCOUNTER,
  1474. &pcounter_out))
  1475. || !TEST_int_eq(pcounter, pcounter_out))
  1476. goto err;
  1477. BN_free(p);
  1478. p = NULL;
  1479. BN_free(q);
  1480. q = NULL;
  1481. BN_free(g);
  1482. g = NULL;
  1483. BN_free(j_out);
  1484. j_out = NULL;
  1485. BN_free(pub_out);
  1486. pub_out = NULL;
  1487. BN_free(priv_out);
  1488. priv_out = NULL;
  1489. if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
  1490. goto err;
  1491. if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
  1492. || !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
  1493. || !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
  1494. || !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
  1495. goto err;
  1496. EVP_PKEY_CTX_free(key_ctx);
  1497. key_ctx = NULL;
  1498. if (!TEST_ptr(copy_pk = EVP_PKEY_new())
  1499. || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
  1500. goto err;
  1501. EVP_PKEY_free(copy_pk);
  1502. copy_pk = NULL;
  1503. ret = test_print_key_using_pem("DSA", pk)
  1504. && test_print_key_using_encoder("DSA", pk);
  1505. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  1506. goto err;
  1507. ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  1508. EVP_PKEY_free(pk);
  1509. pk = dup_pk;
  1510. if (!ret)
  1511. goto err;
  1512. }
  1513. err:
  1514. OSSL_PARAM_free(fromdata_params);
  1515. OSSL_PARAM_BLD_free(bld);
  1516. BN_free(p);
  1517. BN_free(q);
  1518. BN_free(g);
  1519. BN_free(pub);
  1520. BN_free(priv);
  1521. BN_free(p_out);
  1522. BN_free(q_out);
  1523. BN_free(g_out);
  1524. BN_free(pub_out);
  1525. BN_free(priv_out);
  1526. BN_free(j_out);
  1527. EVP_PKEY_free(pk);
  1528. EVP_PKEY_free(copy_pk);
  1529. EVP_PKEY_CTX_free(ctx);
  1530. EVP_PKEY_CTX_free(key_ctx);
  1531. return ret;
  1532. }
  1533. static int test_check_dsa(void)
  1534. {
  1535. int ret = 0;
  1536. EVP_PKEY_CTX *ctx = NULL;
  1537. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
  1538. || !TEST_int_le(EVP_PKEY_check(ctx), 0)
  1539. || !TEST_int_le(EVP_PKEY_public_check(ctx), 0)
  1540. || !TEST_int_le(EVP_PKEY_private_check(ctx), 0)
  1541. || !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0))
  1542. goto err;
  1543. ret = 1;
  1544. err:
  1545. EVP_PKEY_CTX_free(ctx);
  1546. return ret;
  1547. }
  1548. #endif /* OPENSSL_NO_DSA */
  1549. static OSSL_PARAM *do_construct_hkdf_params(char *digest, char *key,
  1550. size_t keylen, char *salt)
  1551. {
  1552. OSSL_PARAM *params = OPENSSL_malloc(sizeof(OSSL_PARAM) * 5);
  1553. OSSL_PARAM *p = params;
  1554. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
  1555. *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
  1556. salt, strlen(salt));
  1557. *p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
  1558. (unsigned char *)key, keylen);
  1559. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
  1560. "EXTRACT_ONLY", 0);
  1561. *p = OSSL_PARAM_construct_end();
  1562. return params;
  1563. }
  1564. static int test_evp_pkey_ctx_dup_kdf(void)
  1565. {
  1566. int ret = 0;
  1567. size_t len = 0, dlen = 0;
  1568. EVP_PKEY_CTX *pctx = NULL, *dctx = NULL;
  1569. OSSL_PARAM *params = NULL;
  1570. if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
  1571. "salt")))
  1572. goto err;
  1573. if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
  1574. goto err;
  1575. if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
  1576. goto err;
  1577. if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
  1578. goto err;
  1579. if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
  1580. || !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
  1581. || !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
  1582. || !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
  1583. goto err;
  1584. ret = 1;
  1585. err:
  1586. OPENSSL_free(params);
  1587. EVP_PKEY_CTX_free(dctx);
  1588. EVP_PKEY_CTX_free(pctx);
  1589. return ret;
  1590. }
  1591. int setup_tests(void)
  1592. {
  1593. if (!test_skip_common_options()) {
  1594. TEST_error("Error parsing test options\n");
  1595. return 0;
  1596. }
  1597. if (!TEST_ptr(datadir = test_get_argument(0)))
  1598. return 0;
  1599. ADD_TEST(test_evp_pkey_ctx_dup_kdf);
  1600. ADD_TEST(test_evp_pkey_get_bn_param_large);
  1601. ADD_TEST(test_fromdata_rsa);
  1602. #ifndef OPENSSL_NO_DH
  1603. ADD_TEST(test_fromdata_dh_fips186_4);
  1604. ADD_TEST(test_fromdata_dh_named_group);
  1605. #endif
  1606. #ifndef OPENSSL_NO_DSA
  1607. ADD_TEST(test_check_dsa);
  1608. ADD_TEST(test_fromdata_dsa_fips186_4);
  1609. #endif
  1610. #ifndef OPENSSL_NO_EC
  1611. # ifndef OPENSSL_NO_ECX
  1612. ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
  1613. # endif
  1614. ADD_TEST(test_fromdata_ec);
  1615. ADD_TEST(test_ec_dup_no_operation);
  1616. ADD_TEST(test_ec_dup_keygen_operation);
  1617. #endif
  1618. return 1;
  1619. }