2
0

acvp_test.c 52 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504
  1. /*
  2. * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * A set of tests demonstrating uses cases for CAVS/ACVP testing.
  11. *
  12. * For examples of testing KDF's, Digests, KeyAgreement & DRBG's refer to
  13. * providers/fips/self_test_kats.c
  14. */
  15. #include <string.h>
  16. #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */
  17. #include <openssl/core_names.h>
  18. #include <openssl/evp.h>
  19. #include <openssl/ec.h>
  20. #include <openssl/dh.h>
  21. #include <openssl/dsa.h>
  22. #include <openssl/rsa.h>
  23. #include <openssl/param_build.h>
  24. #include <openssl/provider.h>
  25. #include <openssl/self_test.h>
  26. #include "testutil.h"
  27. #include "testutil/output.h"
  28. #include "acvp_test.inc"
  29. #include "internal/nelem.h"
  30. typedef enum OPTION_choice {
  31. OPT_ERR = -1,
  32. OPT_EOF = 0,
  33. OPT_CONFIG_FILE,
  34. OPT_TEST_ENUM
  35. } OPTION_CHOICE;
  36. typedef struct st_args {
  37. int enable;
  38. int called;
  39. } SELF_TEST_ARGS;
  40. static OSSL_PROVIDER *prov_null = NULL;
  41. static OSSL_LIB_CTX *libctx = NULL;
  42. static SELF_TEST_ARGS self_test_args = { 0 };
  43. static OSSL_CALLBACK self_test_events;
  44. const OPTIONS *test_get_options(void)
  45. {
  46. static const OPTIONS test_options[] = {
  47. OPT_TEST_OPTIONS_DEFAULT_USAGE,
  48. { "config", OPT_CONFIG_FILE, '<',
  49. "The configuration file to use for the libctx" },
  50. { NULL }
  51. };
  52. return test_options;
  53. }
  54. static int pkey_get_bn_bytes(EVP_PKEY *pkey, const char *name,
  55. unsigned char **out, size_t *out_len)
  56. {
  57. unsigned char *buf = NULL;
  58. BIGNUM *bn = NULL;
  59. int sz;
  60. if (!EVP_PKEY_get_bn_param(pkey, name, &bn))
  61. goto err;
  62. sz = BN_num_bytes(bn);
  63. buf = OPENSSL_zalloc(sz);
  64. if (buf == NULL)
  65. goto err;
  66. if (BN_bn2binpad(bn, buf, sz) <= 0)
  67. goto err;
  68. *out_len = sz;
  69. *out = buf;
  70. BN_free(bn);
  71. return 1;
  72. err:
  73. OPENSSL_free(buf);
  74. BN_free(bn);
  75. return 0;
  76. }
  77. static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name,
  78. const unsigned char *msg, size_t msg_len,
  79. unsigned char **sig_out, size_t *sig_out_len)
  80. {
  81. int ret = 0;
  82. EVP_MD_CTX *md_ctx = NULL;
  83. unsigned char *sig = NULL;
  84. size_t sig_len;
  85. size_t sz = EVP_PKEY_get_size(pkey);
  86. sig_len = sz;
  87. if (!TEST_ptr(sig = OPENSSL_malloc(sz))
  88. || !TEST_ptr(md_ctx = EVP_MD_CTX_new())
  89. || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, libctx,
  90. NULL, pkey, NULL), 1)
  91. || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0))
  92. goto err;
  93. *sig_out = sig;
  94. *sig_out_len = sig_len;
  95. sig = NULL;
  96. ret = 1;
  97. err:
  98. OPENSSL_free(sig);
  99. EVP_MD_CTX_free(md_ctx);
  100. return ret;
  101. }
  102. #ifndef OPENSSL_NO_EC
  103. static int ecdsa_keygen_test(int id)
  104. {
  105. int ret = 0;
  106. EVP_PKEY *pkey = NULL;
  107. unsigned char *priv = NULL;
  108. unsigned char *pubx = NULL, *puby = NULL;
  109. size_t priv_len = 0, pubx_len = 0, puby_len = 0;
  110. const struct ecdsa_keygen_st *tst = &ecdsa_keygen_data[id];
  111. self_test_args.called = 0;
  112. self_test_args.enable = 1;
  113. if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "EC", tst->curve_name))
  114. || !TEST_int_ge(self_test_args.called, 3)
  115. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY, &priv,
  116. &priv_len))
  117. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_X, &pubx,
  118. &pubx_len))
  119. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_EC_PUB_Y, &puby,
  120. &puby_len)))
  121. goto err;
  122. test_output_memory("qy", puby, puby_len);
  123. test_output_memory("qx", pubx, pubx_len);
  124. test_output_memory("d", priv, priv_len);
  125. ret = 1;
  126. err:
  127. self_test_args.enable = 0;
  128. self_test_args.called = 0;
  129. OPENSSL_clear_free(priv, priv_len);
  130. OPENSSL_free(pubx);
  131. OPENSSL_free(puby);
  132. EVP_PKEY_free(pkey);
  133. return ret;
  134. }
  135. static int ecdsa_create_pkey(EVP_PKEY **pkey, const char *curve_name,
  136. const unsigned char *pub, size_t pub_len,
  137. int expected)
  138. {
  139. int ret = 0;
  140. EVP_PKEY_CTX *ctx = NULL;
  141. OSSL_PARAM_BLD *bld = NULL;
  142. OSSL_PARAM *params = NULL;
  143. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  144. || (curve_name != NULL
  145. && !TEST_true(OSSL_PARAM_BLD_push_utf8_string(
  146. bld, OSSL_PKEY_PARAM_GROUP_NAME, curve_name, 0) > 0))
  147. || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
  148. OSSL_PKEY_PARAM_PUB_KEY,
  149. pub, pub_len) > 0)
  150. || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
  151. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", NULL))
  152. || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  153. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY,
  154. params), expected))
  155. goto err;
  156. ret = 1;
  157. err:
  158. OSSL_PARAM_free(params);
  159. OSSL_PARAM_BLD_free(bld);
  160. EVP_PKEY_CTX_free(ctx);
  161. return ret;
  162. }
  163. static int ecdsa_pub_verify_test(int id)
  164. {
  165. const struct ecdsa_pub_verify_st *tst = &ecdsa_pv_data[id];
  166. int ret = 0;
  167. EVP_PKEY_CTX *key_ctx = NULL;
  168. EVP_PKEY *pkey = NULL;
  169. if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name,
  170. tst->pub, tst->pub_len, tst->pass)))
  171. goto err;
  172. if (tst->pass) {
  173. if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
  174. || !TEST_int_eq(EVP_PKEY_public_check(key_ctx), tst->pass))
  175. goto err;
  176. }
  177. ret = 1;
  178. err:
  179. EVP_PKEY_free(pkey);
  180. EVP_PKEY_CTX_free(key_ctx);
  181. return ret;
  182. }
  183. /* Extract r and s from an ecdsa signature */
  184. static int get_ecdsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len,
  185. unsigned char **r, unsigned char **s,
  186. size_t *rlen, size_t *slen)
  187. {
  188. int ret = 0;
  189. unsigned char *rbuf = NULL, *sbuf = NULL;
  190. size_t r1_len, s1_len;
  191. const BIGNUM *r1, *s1;
  192. ECDSA_SIG *sign = d2i_ECDSA_SIG(NULL, &sig, sig_len);
  193. if (sign == NULL)
  194. return 0;
  195. r1 = ECDSA_SIG_get0_r(sign);
  196. s1 = ECDSA_SIG_get0_s(sign);
  197. if (r1 == NULL || s1 == NULL)
  198. goto err;
  199. r1_len = BN_num_bytes(r1);
  200. s1_len = BN_num_bytes(s1);
  201. rbuf = OPENSSL_zalloc(r1_len);
  202. sbuf = OPENSSL_zalloc(s1_len);
  203. if (rbuf == NULL || sbuf == NULL)
  204. goto err;
  205. if (BN_bn2binpad(r1, rbuf, r1_len) <= 0)
  206. goto err;
  207. if (BN_bn2binpad(s1, sbuf, s1_len) <= 0)
  208. goto err;
  209. *r = rbuf;
  210. *s = sbuf;
  211. *rlen = r1_len;
  212. *slen = s1_len;
  213. ret = 1;
  214. err:
  215. if (ret == 0) {
  216. OPENSSL_free(rbuf);
  217. OPENSSL_free(sbuf);
  218. }
  219. ECDSA_SIG_free(sign);
  220. return ret;
  221. }
  222. static int ecdsa_siggen_test(int id)
  223. {
  224. int ret = 0;
  225. EVP_PKEY *pkey = NULL;
  226. size_t sig_len = 0, rlen = 0, slen = 0;
  227. unsigned char *sig = NULL;
  228. unsigned char *r = NULL, *s = NULL;
  229. const struct ecdsa_siggen_st *tst = &ecdsa_siggen_data[id];
  230. if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "EC", tst->curve_name)))
  231. goto err;
  232. if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len,
  233. &sig, &sig_len))
  234. || !TEST_true(get_ecdsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen)))
  235. goto err;
  236. test_output_memory("r", r, rlen);
  237. test_output_memory("s", s, slen);
  238. ret = 1;
  239. err:
  240. OPENSSL_free(r);
  241. OPENSSL_free(s);
  242. OPENSSL_free(sig);
  243. EVP_PKEY_free(pkey);
  244. return ret;
  245. }
  246. static int ecdsa_sigver_test(int id)
  247. {
  248. int ret = 0;
  249. EVP_MD_CTX *md_ctx = NULL;
  250. EVP_PKEY *pkey = NULL;
  251. ECDSA_SIG *sign = NULL;
  252. size_t sig_len;
  253. unsigned char *sig = NULL;
  254. BIGNUM *rbn = NULL, *sbn = NULL;
  255. const struct ecdsa_sigver_st *tst = &ecdsa_sigver_data[id];
  256. if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name,
  257. tst->pub, tst->pub_len, 1)))
  258. goto err;
  259. if (!TEST_ptr(sign = ECDSA_SIG_new())
  260. || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL))
  261. || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL))
  262. || !TEST_true(ECDSA_SIG_set0(sign, rbn, sbn)))
  263. goto err;
  264. rbn = sbn = NULL;
  265. ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0)
  266. && TEST_ptr(md_ctx = EVP_MD_CTX_new())
  267. && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg,
  268. libctx, NULL, pkey, NULL)
  269. && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len,
  270. tst->msg, tst->msg_len), tst->pass));
  271. err:
  272. BN_free(rbn);
  273. BN_free(sbn);
  274. OPENSSL_free(sig);
  275. ECDSA_SIG_free(sign);
  276. EVP_PKEY_free(pkey);
  277. EVP_MD_CTX_free(md_ctx);
  278. return ret;
  279. }
  280. #endif /* OPENSSL_NO_EC */
  281. #ifndef OPENSSL_NO_DSA
  282. static int pkey_get_octet_bytes(EVP_PKEY *pkey, const char *name,
  283. unsigned char **out, size_t *out_len)
  284. {
  285. size_t len = 0;
  286. unsigned char *buf = NULL;
  287. if (!EVP_PKEY_get_octet_string_param(pkey, name, NULL, 0, &len))
  288. goto err;
  289. buf = OPENSSL_zalloc(len);
  290. if (buf == NULL)
  291. goto err;
  292. if (!EVP_PKEY_get_octet_string_param(pkey, name, buf, len, out_len))
  293. goto err;
  294. *out = buf;
  295. return 1;
  296. err:
  297. OPENSSL_free(buf);
  298. return 0;
  299. }
  300. static EVP_PKEY *dsa_paramgen(int L, int N)
  301. {
  302. EVP_PKEY_CTX *paramgen_ctx = NULL;
  303. EVP_PKEY *param_key = NULL;
  304. if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
  305. || !TEST_int_gt(EVP_PKEY_paramgen_init(paramgen_ctx), 0)
  306. || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, L))
  307. || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, N))
  308. || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, &param_key)))
  309. return NULL;
  310. EVP_PKEY_CTX_free(paramgen_ctx);
  311. return param_key;
  312. }
  313. static EVP_PKEY *dsa_keygen(int L, int N)
  314. {
  315. EVP_PKEY *param_key = NULL, *key = NULL;
  316. EVP_PKEY_CTX *keygen_ctx = NULL;
  317. if (!TEST_ptr(param_key = dsa_paramgen(L, N))
  318. || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key,
  319. NULL))
  320. || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0)
  321. || !TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0))
  322. goto err;
  323. err:
  324. EVP_PKEY_free(param_key);
  325. EVP_PKEY_CTX_free(keygen_ctx);
  326. return key;
  327. }
  328. static int dsa_keygen_test(int id)
  329. {
  330. int ret = 0, i;
  331. EVP_PKEY_CTX *paramgen_ctx = NULL, *keygen_ctx = NULL;
  332. EVP_PKEY *param_key = NULL, *key = NULL;
  333. unsigned char *priv = NULL, *pub = NULL;
  334. size_t priv_len = 0, pub_len = 0;
  335. const struct dsa_paramgen_st *tst = &dsa_keygen_data[id];
  336. if (!TEST_ptr(param_key = dsa_paramgen(tst->L, tst->N))
  337. || !TEST_ptr(keygen_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key,
  338. NULL))
  339. || !TEST_int_gt(EVP_PKEY_keygen_init(keygen_ctx), 0))
  340. goto err;
  341. for (i = 0; i < 2; ++i) {
  342. if (!TEST_int_gt(EVP_PKEY_keygen(keygen_ctx, &key), 0)
  343. || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PRIV_KEY,
  344. &priv, &priv_len))
  345. || !TEST_true(pkey_get_bn_bytes(key, OSSL_PKEY_PARAM_PUB_KEY,
  346. &pub, &pub_len)))
  347. goto err;
  348. test_output_memory("y", pub, pub_len);
  349. test_output_memory("x", priv, priv_len);
  350. EVP_PKEY_free(key);
  351. OPENSSL_clear_free(priv, priv_len);
  352. OPENSSL_free(pub);
  353. key = NULL;
  354. pub = priv = NULL;
  355. }
  356. ret = 1;
  357. err:
  358. OPENSSL_clear_free(priv, priv_len);
  359. OPENSSL_free(pub);
  360. EVP_PKEY_free(param_key);
  361. EVP_PKEY_free(key);
  362. EVP_PKEY_CTX_free(keygen_ctx);
  363. EVP_PKEY_CTX_free(paramgen_ctx);
  364. return ret;
  365. }
  366. static int dsa_paramgen_test(int id)
  367. {
  368. int ret = 0, counter = 0;
  369. EVP_PKEY_CTX *paramgen_ctx = NULL;
  370. EVP_PKEY *param_key = NULL;
  371. unsigned char *p = NULL, *q = NULL, *seed = NULL;
  372. size_t plen = 0, qlen = 0, seedlen = 0;
  373. const struct dsa_paramgen_st *tst = &dsa_paramgen_data[id];
  374. if (!TEST_ptr(paramgen_ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
  375. || !TEST_int_gt(EVP_PKEY_paramgen_init(paramgen_ctx), 0)
  376. || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(paramgen_ctx, tst->L))
  377. || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(paramgen_ctx, tst->N))
  378. || !TEST_true(EVP_PKEY_paramgen(paramgen_ctx, &param_key))
  379. || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_P,
  380. &p, &plen))
  381. || !TEST_true(pkey_get_bn_bytes(param_key, OSSL_PKEY_PARAM_FFC_Q,
  382. &q, &qlen))
  383. || !TEST_true(pkey_get_octet_bytes(param_key, OSSL_PKEY_PARAM_FFC_SEED,
  384. &seed, &seedlen))
  385. || !TEST_true(EVP_PKEY_get_int_param(param_key,
  386. OSSL_PKEY_PARAM_FFC_PCOUNTER,
  387. &counter)))
  388. goto err;
  389. test_output_memory("p", p, plen);
  390. test_output_memory("q", q, qlen);
  391. test_output_memory("domainSeed", seed, seedlen);
  392. test_printf_stderr("%s: %d\n", "counter", counter);
  393. ret = 1;
  394. err:
  395. OPENSSL_free(p);
  396. OPENSSL_free(q);
  397. OPENSSL_free(seed);
  398. EVP_PKEY_free(param_key);
  399. EVP_PKEY_CTX_free(paramgen_ctx);
  400. return ret;
  401. }
  402. static int dsa_create_pkey(EVP_PKEY **pkey,
  403. const unsigned char *p, size_t p_len,
  404. const unsigned char *q, size_t q_len,
  405. const unsigned char *g, size_t g_len,
  406. const unsigned char *seed, size_t seed_len,
  407. int counter,
  408. int validate_pq, int validate_g,
  409. const unsigned char *pub, size_t pub_len,
  410. BN_CTX *bn_ctx)
  411. {
  412. int ret = 0;
  413. EVP_PKEY_CTX *ctx = NULL;
  414. OSSL_PARAM_BLD *bld = NULL;
  415. OSSL_PARAM *params = NULL;
  416. BIGNUM *p_bn = NULL, *q_bn = NULL, *g_bn = NULL, *pub_bn = NULL;
  417. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  418. || !TEST_ptr(p_bn = BN_CTX_get(bn_ctx))
  419. || !TEST_ptr(BN_bin2bn(p, p_len, p_bn))
  420. || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
  421. OSSL_PKEY_PARAM_FFC_VALIDATE_PQ,
  422. validate_pq))
  423. || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
  424. OSSL_PKEY_PARAM_FFC_VALIDATE_G,
  425. validate_g))
  426. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p_bn))
  427. || !TEST_ptr(q_bn = BN_CTX_get(bn_ctx))
  428. || !TEST_ptr(BN_bin2bn(q, q_len, q_bn))
  429. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q_bn)))
  430. goto err;
  431. if (g != NULL) {
  432. if (!TEST_ptr(g_bn = BN_CTX_get(bn_ctx))
  433. || !TEST_ptr(BN_bin2bn(g, g_len, g_bn))
  434. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld,
  435. OSSL_PKEY_PARAM_FFC_G, g_bn)))
  436. goto err;
  437. }
  438. if (seed != NULL) {
  439. if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
  440. OSSL_PKEY_PARAM_FFC_SEED, seed, seed_len)))
  441. goto err;
  442. }
  443. if (counter != -1) {
  444. if (!TEST_true(OSSL_PARAM_BLD_push_int(bld,
  445. OSSL_PKEY_PARAM_FFC_PCOUNTER,
  446. counter)))
  447. goto err;
  448. }
  449. if (pub != NULL) {
  450. if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx))
  451. || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn))
  452. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld,
  453. OSSL_PKEY_PARAM_PUB_KEY,
  454. pub_bn)))
  455. goto err;
  456. }
  457. if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
  458. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DSA", NULL))
  459. || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  460. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_PUBLIC_KEY,
  461. params), 1))
  462. goto err;
  463. ret = 1;
  464. err:
  465. OSSL_PARAM_free(params);
  466. OSSL_PARAM_BLD_free(bld);
  467. EVP_PKEY_CTX_free(ctx);
  468. return ret;
  469. }
  470. static int dsa_pqver_test(int id)
  471. {
  472. int ret = 0;
  473. BN_CTX *bn_ctx = NULL;
  474. EVP_PKEY_CTX *key_ctx = NULL;
  475. EVP_PKEY *param_key = NULL;
  476. const struct dsa_pqver_st *tst = &dsa_pqver_data[id];
  477. if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx))
  478. || !TEST_true(dsa_create_pkey(&param_key, tst->p, tst->p_len,
  479. tst->q, tst->q_len, NULL, 0,
  480. tst->seed, tst->seed_len, tst->counter,
  481. 1, 0,
  482. NULL, 0,
  483. bn_ctx))
  484. || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, param_key,
  485. NULL))
  486. || !TEST_int_eq(EVP_PKEY_param_check(key_ctx), tst->pass))
  487. goto err;
  488. ret = 1;
  489. err:
  490. BN_CTX_free(bn_ctx);
  491. EVP_PKEY_free(param_key);
  492. EVP_PKEY_CTX_free(key_ctx);
  493. return ret;
  494. }
  495. /* Extract r and s from a dsa signature */
  496. static int get_dsa_sig_rs_bytes(const unsigned char *sig, size_t sig_len,
  497. unsigned char **r, unsigned char **s,
  498. size_t *r_len, size_t *s_len)
  499. {
  500. int ret = 0;
  501. unsigned char *rbuf = NULL, *sbuf = NULL;
  502. size_t r1_len, s1_len;
  503. const BIGNUM *r1, *s1;
  504. DSA_SIG *sign = d2i_DSA_SIG(NULL, &sig, sig_len);
  505. if (sign == NULL)
  506. return 0;
  507. DSA_SIG_get0(sign, &r1, &s1);
  508. if (r1 == NULL || s1 == NULL)
  509. goto err;
  510. r1_len = BN_num_bytes(r1);
  511. s1_len = BN_num_bytes(s1);
  512. rbuf = OPENSSL_zalloc(r1_len);
  513. sbuf = OPENSSL_zalloc(s1_len);
  514. if (rbuf == NULL || sbuf == NULL)
  515. goto err;
  516. if (BN_bn2binpad(r1, rbuf, r1_len) <= 0)
  517. goto err;
  518. if (BN_bn2binpad(s1, sbuf, s1_len) <= 0)
  519. goto err;
  520. *r = rbuf;
  521. *s = sbuf;
  522. *r_len = r1_len;
  523. *s_len = s1_len;
  524. ret = 1;
  525. err:
  526. if (ret == 0) {
  527. OPENSSL_free(rbuf);
  528. OPENSSL_free(sbuf);
  529. }
  530. DSA_SIG_free(sign);
  531. return ret;
  532. }
  533. static int dsa_siggen_test(int id)
  534. {
  535. int ret = 0;
  536. EVP_PKEY *pkey = NULL;
  537. unsigned char *sig = NULL, *r = NULL, *s = NULL;
  538. size_t sig_len = 0, rlen = 0, slen = 0;
  539. const struct dsa_siggen_st *tst = &dsa_siggen_data[id];
  540. if (!TEST_ptr(pkey = dsa_keygen(tst->L, tst->N)))
  541. goto err;
  542. if (!TEST_true(sig_gen(pkey, NULL, tst->digest_alg, tst->msg, tst->msg_len,
  543. &sig, &sig_len))
  544. || !TEST_true(get_dsa_sig_rs_bytes(sig, sig_len, &r, &s, &rlen, &slen)))
  545. goto err;
  546. test_output_memory("r", r, rlen);
  547. test_output_memory("s", s, slen);
  548. ret = 1;
  549. err:
  550. OPENSSL_free(r);
  551. OPENSSL_free(s);
  552. OPENSSL_free(sig);
  553. EVP_PKEY_free(pkey);
  554. return ret;
  555. }
  556. static int dsa_sigver_test(int id)
  557. {
  558. int ret = 0;
  559. EVP_PKEY_CTX *ctx = NULL;
  560. EVP_PKEY *pkey = NULL;
  561. DSA_SIG *sign = NULL;
  562. size_t sig_len;
  563. unsigned char *sig = NULL;
  564. BIGNUM *rbn = NULL, *sbn = NULL;
  565. EVP_MD *md = NULL;
  566. unsigned char digest[EVP_MAX_MD_SIZE];
  567. unsigned int digest_len;
  568. BN_CTX *bn_ctx = NULL;
  569. const struct dsa_sigver_st *tst = &dsa_sigver_data[id];
  570. if (!TEST_ptr(bn_ctx = BN_CTX_new())
  571. || !TEST_true(dsa_create_pkey(&pkey, tst->p, tst->p_len,
  572. tst->q, tst->q_len, tst->g, tst->g_len,
  573. NULL, 0, 0, 0, 0, tst->pub, tst->pub_len,
  574. bn_ctx)))
  575. goto err;
  576. if (!TEST_ptr(sign = DSA_SIG_new())
  577. || !TEST_ptr(rbn = BN_bin2bn(tst->r, tst->r_len, NULL))
  578. || !TEST_ptr(sbn = BN_bin2bn(tst->s, tst->s_len, NULL))
  579. || !TEST_true(DSA_SIG_set0(sign, rbn, sbn)))
  580. goto err;
  581. rbn = sbn = NULL;
  582. if (!TEST_ptr(md = EVP_MD_fetch(libctx, tst->digest_alg, ""))
  583. || !TEST_true(EVP_Digest(tst->msg, tst->msg_len,
  584. digest, &digest_len, md, NULL)))
  585. goto err;
  586. if (!TEST_int_gt((sig_len = i2d_DSA_SIG(sign, &sig)), 0)
  587. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
  588. || !TEST_int_gt(EVP_PKEY_verify_init(ctx), 0)
  589. || !TEST_int_eq(EVP_PKEY_verify(ctx, sig, sig_len, digest, digest_len),
  590. tst->pass))
  591. goto err;
  592. ret = 1;
  593. err:
  594. EVP_PKEY_CTX_free(ctx);
  595. OPENSSL_free(sig);
  596. EVP_MD_free(md);
  597. DSA_SIG_free(sign);
  598. EVP_PKEY_free(pkey);
  599. BN_free(rbn);
  600. BN_free(sbn);
  601. BN_CTX_free(bn_ctx);
  602. return ret;
  603. }
  604. #endif /* OPENSSL_NO_DSA */
  605. /* cipher encrypt/decrypt */
  606. static int cipher_enc(const char *alg,
  607. const unsigned char *pt, size_t pt_len,
  608. const unsigned char *key, size_t key_len,
  609. const unsigned char *iv, size_t iv_len,
  610. const unsigned char *ct, size_t ct_len,
  611. int enc)
  612. {
  613. int ret = 0, out_len = 0, len = 0;
  614. EVP_CIPHER_CTX *ctx = NULL;
  615. EVP_CIPHER *cipher = NULL;
  616. unsigned char out[256] = { 0 };
  617. TEST_note("%s : %s", alg, enc ? "encrypt" : "decrypt");
  618. if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
  619. || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, ""))
  620. || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, enc))
  621. || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))
  622. || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len))
  623. || !TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len)))
  624. goto err;
  625. out_len += len;
  626. if (!TEST_mem_eq(out, out_len, ct, ct_len))
  627. goto err;
  628. ret = 1;
  629. err:
  630. EVP_CIPHER_free(cipher);
  631. EVP_CIPHER_CTX_free(ctx);
  632. return ret;
  633. }
  634. static int cipher_enc_dec_test(int id)
  635. {
  636. const struct cipher_st *tst = &cipher_enc_data[id];
  637. const int enc = 1;
  638. return TEST_true(cipher_enc(tst->alg, tst->pt, tst->pt_len,
  639. tst->key, tst->key_len,
  640. tst->iv, tst->iv_len,
  641. tst->ct, tst->ct_len, enc))
  642. && TEST_true(cipher_enc(tst->alg, tst->ct, tst->ct_len,
  643. tst->key, tst->key_len,
  644. tst->iv, tst->iv_len,
  645. tst->pt, tst->pt_len, !enc));
  646. }
  647. static int aes_ccm_enc_dec(const char *alg,
  648. const unsigned char *pt, size_t pt_len,
  649. const unsigned char *key, size_t key_len,
  650. const unsigned char *iv, size_t iv_len,
  651. const unsigned char *aad, size_t aad_len,
  652. const unsigned char *ct, size_t ct_len,
  653. const unsigned char *tag, size_t tag_len,
  654. int enc, int pass)
  655. {
  656. int ret = 0;
  657. EVP_CIPHER_CTX *ctx;
  658. EVP_CIPHER *cipher = NULL;
  659. int out_len, len;
  660. unsigned char out[1024];
  661. TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt",
  662. pass ? "pass" : "fail");
  663. if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
  664. || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, ""))
  665. || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
  666. || !TEST_int_gt(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len,
  667. NULL), 0)
  668. || !TEST_int_gt(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len,
  669. enc ? NULL : (void *)tag), 0)
  670. || !TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
  671. || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))
  672. || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, NULL, pt_len))
  673. || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len))
  674. || !TEST_int_eq(EVP_CipherUpdate(ctx, out, &len, pt, pt_len), pass))
  675. goto err;
  676. if (!pass) {
  677. ret = 1;
  678. goto err;
  679. }
  680. if (!TEST_true(EVP_CipherFinal_ex(ctx, out + len, &out_len)))
  681. goto err;
  682. if (enc) {
  683. out_len += len;
  684. if (!TEST_int_gt(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
  685. tag_len, out + out_len), 0)
  686. || !TEST_mem_eq(out, out_len, ct, ct_len)
  687. || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len))
  688. goto err;
  689. } else {
  690. if (!TEST_mem_eq(out, out_len + len, ct, ct_len))
  691. goto err;
  692. }
  693. ret = 1;
  694. err:
  695. EVP_CIPHER_free(cipher);
  696. EVP_CIPHER_CTX_free(ctx);
  697. return ret;
  698. }
  699. static int aes_ccm_enc_dec_test(int id)
  700. {
  701. const struct cipher_ccm_st *tst = &aes_ccm_enc_data[id];
  702. /* The tag is on the end of the cipher text */
  703. const size_t tag_len = tst->ct_len - tst->pt_len;
  704. const size_t ct_len = tst->ct_len - tag_len;
  705. const unsigned char *tag = tst->ct + ct_len;
  706. const int enc = 1;
  707. const int pass = 1;
  708. if (ct_len < 1)
  709. return 0;
  710. return aes_ccm_enc_dec(tst->alg, tst->pt, tst->pt_len,
  711. tst->key, tst->key_len,
  712. tst->iv, tst->iv_len, tst->aad, tst->aad_len,
  713. tst->ct, ct_len, tag, tag_len, enc, pass)
  714. && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len,
  715. tst->key, tst->key_len,
  716. tst->iv, tst->iv_len, tst->aad, tst->aad_len,
  717. tst->pt, tst->pt_len, tag, tag_len, !enc, pass)
  718. /* test that it fails if the tag is incorrect */
  719. && aes_ccm_enc_dec(tst->alg, tst->ct, ct_len,
  720. tst->key, tst->key_len,
  721. tst->iv, tst->iv_len, tst->aad, tst->aad_len,
  722. tst->pt, tst->pt_len,
  723. tag - 1, tag_len, !enc, !pass);
  724. }
  725. static int aes_gcm_enc_dec(const char *alg,
  726. const unsigned char *pt, size_t pt_len,
  727. const unsigned char *key, size_t key_len,
  728. const unsigned char *iv, size_t iv_len,
  729. const unsigned char *aad, size_t aad_len,
  730. const unsigned char *ct, size_t ct_len,
  731. const unsigned char *tag, size_t tag_len,
  732. int enc, int pass)
  733. {
  734. int ret = 0;
  735. EVP_CIPHER_CTX *ctx;
  736. EVP_CIPHER *cipher = NULL;
  737. int out_len, len;
  738. unsigned char out[1024];
  739. TEST_note("%s : %s : expected to %s", alg, enc ? "encrypt" : "decrypt",
  740. pass ? "pass" : "fail");
  741. if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
  742. || !TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, alg, ""))
  743. || !TEST_true(EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
  744. || !TEST_int_gt(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, iv_len,
  745. NULL), 0))
  746. goto err;
  747. if (!enc) {
  748. if (!TEST_int_gt(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, tag_len,
  749. (void *)tag), 0))
  750. goto err;
  751. }
  752. /*
  753. * For testing purposes the IV it being set here. In a compliant application
  754. * the IV would be generated internally. A fake entropy source could also
  755. * be used to feed in the random IV bytes (see fake_random.c)
  756. */
  757. if (!TEST_true(EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
  758. || !TEST_true(EVP_CIPHER_CTX_set_padding(ctx, 0))
  759. || !TEST_true(EVP_CipherUpdate(ctx, NULL, &len, aad, aad_len))
  760. || !TEST_true(EVP_CipherUpdate(ctx, out, &len, pt, pt_len)))
  761. goto err;
  762. if (!TEST_int_eq(EVP_CipherFinal_ex(ctx, out + len, &out_len), pass))
  763. goto err;
  764. if (!pass) {
  765. ret = 1;
  766. goto err;
  767. }
  768. out_len += len;
  769. if (enc) {
  770. if (!TEST_mem_eq(out, out_len, ct, ct_len)
  771. || !TEST_int_gt(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG,
  772. tag_len, out + out_len), 0)
  773. || !TEST_mem_eq(out + out_len, tag_len, tag, tag_len))
  774. goto err;
  775. } else {
  776. if (!TEST_mem_eq(out, out_len, ct, ct_len))
  777. goto err;
  778. }
  779. ret = 1;
  780. err:
  781. EVP_CIPHER_free(cipher);
  782. EVP_CIPHER_CTX_free(ctx);
  783. return ret;
  784. }
  785. static int aes_gcm_enc_dec_test(int id)
  786. {
  787. const struct cipher_gcm_st *tst = &aes_gcm_enc_data[id];
  788. int enc = 1;
  789. int pass = 1;
  790. return aes_gcm_enc_dec(tst->alg, tst->pt, tst->pt_len,
  791. tst->key, tst->key_len,
  792. tst->iv, tst->iv_len, tst->aad, tst->aad_len,
  793. tst->ct, tst->ct_len, tst->tag, tst->tag_len,
  794. enc, pass)
  795. && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len,
  796. tst->key, tst->key_len,
  797. tst->iv, tst->iv_len, tst->aad, tst->aad_len,
  798. tst->pt, tst->pt_len, tst->tag, tst->tag_len,
  799. !enc, pass)
  800. /* Fail if incorrect tag passed to decrypt */
  801. && aes_gcm_enc_dec(tst->alg, tst->ct, tst->ct_len,
  802. tst->key, tst->key_len,
  803. tst->iv, tst->iv_len, tst->aad, tst->aad_len,
  804. tst->pt, tst->pt_len, tst->aad, tst->tag_len,
  805. !enc, !pass);
  806. }
  807. #ifndef OPENSSL_NO_DH
  808. static int dh_create_pkey(EVP_PKEY **pkey, const char *group_name,
  809. const unsigned char *pub, size_t pub_len,
  810. const unsigned char *priv, size_t priv_len,
  811. BN_CTX *bn_ctx, int pass)
  812. {
  813. int ret = 0;
  814. EVP_PKEY_CTX *ctx = NULL;
  815. OSSL_PARAM_BLD *bld = NULL;
  816. OSSL_PARAM *params = NULL;
  817. BIGNUM *pub_bn = NULL, *priv_bn = NULL;
  818. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  819. || (group_name != NULL
  820. && !TEST_int_gt(OSSL_PARAM_BLD_push_utf8_string(
  821. bld, OSSL_PKEY_PARAM_GROUP_NAME,
  822. group_name, 0), 0)))
  823. goto err;
  824. if (pub != NULL) {
  825. if (!TEST_ptr(pub_bn = BN_CTX_get(bn_ctx))
  826. || !TEST_ptr(BN_bin2bn(pub, pub_len, pub_bn))
  827. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
  828. pub_bn)))
  829. goto err;
  830. }
  831. if (priv != NULL) {
  832. if (!TEST_ptr(priv_bn = BN_CTX_get(bn_ctx))
  833. || !TEST_ptr(BN_bin2bn(priv, priv_len, priv_bn))
  834. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
  835. priv_bn)))
  836. goto err;
  837. }
  838. if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
  839. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL))
  840. || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  841. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params),
  842. pass))
  843. goto err;
  844. ret = 1;
  845. err:
  846. OSSL_PARAM_free(params);
  847. OSSL_PARAM_BLD_free(bld);
  848. EVP_PKEY_CTX_free(ctx);
  849. return ret;
  850. }
  851. static int dh_safe_prime_keygen_test(int id)
  852. {
  853. int ret = 0;
  854. EVP_PKEY_CTX *ctx = NULL;
  855. EVP_PKEY *pkey = NULL;
  856. unsigned char *priv = NULL;
  857. unsigned char *pub = NULL;
  858. size_t priv_len = 0, pub_len = 0;
  859. OSSL_PARAM params[2];
  860. const struct dh_safe_prime_keygen_st *tst = &dh_safe_prime_keygen_data[id];
  861. params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
  862. (char *)tst->group_name, 0);
  863. params[1] = OSSL_PARAM_construct_end();
  864. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "DH", NULL))
  865. || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
  866. || !TEST_true(EVP_PKEY_CTX_set_params(ctx, params))
  867. || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)
  868. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PRIV_KEY,
  869. &priv, &priv_len))
  870. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_PUB_KEY,
  871. &pub, &pub_len)))
  872. goto err;
  873. test_output_memory("x", priv, priv_len);
  874. test_output_memory("y", pub, pub_len);
  875. ret = 1;
  876. err:
  877. OPENSSL_clear_free(priv, priv_len);
  878. OPENSSL_free(pub);
  879. EVP_PKEY_free(pkey);
  880. EVP_PKEY_CTX_free(ctx);
  881. return ret;
  882. }
  883. static int dh_safe_prime_keyver_test(int id)
  884. {
  885. int ret = 0;
  886. BN_CTX *bn_ctx = NULL;
  887. EVP_PKEY_CTX *key_ctx = NULL;
  888. EVP_PKEY *pkey = NULL;
  889. const struct dh_safe_prime_keyver_st *tst = &dh_safe_prime_keyver_data[id];
  890. if (!TEST_ptr(bn_ctx = BN_CTX_new_ex(libctx))
  891. || !TEST_true(dh_create_pkey(&pkey, tst->group_name,
  892. tst->pub, tst->pub_len,
  893. tst->priv, tst->priv_len, bn_ctx, 1))
  894. || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
  895. || !TEST_int_eq(EVP_PKEY_check(key_ctx), tst->pass))
  896. goto err;
  897. ret = 1;
  898. err:
  899. EVP_PKEY_free(pkey);
  900. EVP_PKEY_CTX_free(key_ctx);
  901. BN_CTX_free(bn_ctx);
  902. return ret;
  903. }
  904. #endif /* OPENSSL_NO_DH */
  905. static int rsa_create_pkey(EVP_PKEY **pkey,
  906. const unsigned char *n, size_t n_len,
  907. const unsigned char *e, size_t e_len,
  908. const unsigned char *d, size_t d_len,
  909. BN_CTX *bn_ctx)
  910. {
  911. int ret = 0;
  912. EVP_PKEY_CTX *ctx = NULL;
  913. OSSL_PARAM_BLD *bld = NULL;
  914. OSSL_PARAM *params = NULL;
  915. BIGNUM *e_bn = NULL, *d_bn = NULL, *n_bn = NULL;
  916. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  917. || !TEST_ptr(n_bn = BN_CTX_get(bn_ctx))
  918. || !TEST_ptr(BN_bin2bn(n, n_len, n_bn))
  919. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n_bn)))
  920. goto err;
  921. if (e != NULL) {
  922. if (!TEST_ptr(e_bn = BN_CTX_get(bn_ctx))
  923. || !TEST_ptr(BN_bin2bn(e, e_len, e_bn))
  924. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E,
  925. e_bn)))
  926. goto err;
  927. }
  928. if (d != NULL) {
  929. if (!TEST_ptr(d_bn = BN_CTX_get(bn_ctx))
  930. || !TEST_ptr(BN_bin2bn(d, d_len, d_bn))
  931. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D,
  932. d_bn)))
  933. goto err;
  934. }
  935. if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))
  936. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL))
  937. || !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
  938. || !TEST_int_eq(EVP_PKEY_fromdata(ctx, pkey, EVP_PKEY_KEYPAIR, params),
  939. 1))
  940. goto err;
  941. ret = 1;
  942. err:
  943. OSSL_PARAM_free(params);
  944. OSSL_PARAM_BLD_free(bld);
  945. EVP_PKEY_CTX_free(ctx);
  946. return ret;
  947. }
  948. static int rsa_keygen_test(int id)
  949. {
  950. int ret = 0;
  951. EVP_PKEY_CTX *ctx = NULL;
  952. EVP_PKEY *pkey = NULL;
  953. BIGNUM *e_bn = NULL;
  954. BIGNUM *xp1_bn = NULL, *xp2_bn = NULL, *xp_bn = NULL;
  955. BIGNUM *xq1_bn = NULL, *xq2_bn = NULL, *xq_bn = NULL;
  956. unsigned char *n = NULL, *d = NULL;
  957. unsigned char *p = NULL, *p1 = NULL, *p2 = NULL;
  958. unsigned char *q = NULL, *q1 = NULL, *q2 = NULL;
  959. size_t n_len = 0, d_len = 0;
  960. size_t p_len = 0, p1_len = 0, p2_len = 0;
  961. size_t q_len = 0, q1_len = 0, q2_len = 0;
  962. OSSL_PARAM_BLD *bld = NULL;
  963. OSSL_PARAM *params = NULL;
  964. const struct rsa_keygen_st *tst = &rsa_keygen_data[id];
  965. if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
  966. || !TEST_ptr(xp1_bn = BN_bin2bn(tst->xp1, tst->xp1_len, NULL))
  967. || !TEST_ptr(xp2_bn = BN_bin2bn(tst->xp2, tst->xp2_len, NULL))
  968. || !TEST_ptr(xp_bn = BN_bin2bn(tst->xp, tst->xp_len, NULL))
  969. || !TEST_ptr(xq1_bn = BN_bin2bn(tst->xq1, tst->xq1_len, NULL))
  970. || !TEST_ptr(xq2_bn = BN_bin2bn(tst->xq2, tst->xq2_len, NULL))
  971. || !TEST_ptr(xq_bn = BN_bin2bn(tst->xq, tst->xq_len, NULL))
  972. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP1,
  973. xp1_bn))
  974. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP2,
  975. xp2_bn))
  976. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XP,
  977. xp_bn))
  978. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ1,
  979. xq1_bn))
  980. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ2,
  981. xq2_bn))
  982. || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_TEST_XQ,
  983. xq_bn))
  984. || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)))
  985. goto err;
  986. if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", NULL))
  987. || !TEST_ptr(e_bn = BN_bin2bn(tst->e, tst->e_len, NULL))
  988. || !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
  989. || !TEST_int_gt(EVP_PKEY_CTX_set_params(ctx, params), 0)
  990. || !TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, tst->mod), 0)
  991. || !TEST_int_gt(EVP_PKEY_CTX_set1_rsa_keygen_pubexp(ctx, e_bn), 0)
  992. || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0)
  993. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P1,
  994. &p1, &p1_len))
  995. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_P2,
  996. &p2, &p2_len))
  997. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q1,
  998. &q1, &q1_len))
  999. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_TEST_Q2,
  1000. &q2, &q2_len))
  1001. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1,
  1002. &p, &p_len))
  1003. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2,
  1004. &q, &q_len))
  1005. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N,
  1006. &n, &n_len))
  1007. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_D,
  1008. &d, &d_len)))
  1009. goto err;
  1010. if (!TEST_mem_eq(tst->p1, tst->p1_len, p1, p1_len)
  1011. || !TEST_mem_eq(tst->p2, tst->p2_len, p2, p2_len)
  1012. || !TEST_mem_eq(tst->p, tst->p_len, p, p_len)
  1013. || !TEST_mem_eq(tst->q1, tst->q1_len, q1, q1_len)
  1014. || !TEST_mem_eq(tst->q2, tst->q2_len, q2, q2_len)
  1015. || !TEST_mem_eq(tst->q, tst->q_len, q, q_len)
  1016. || !TEST_mem_eq(tst->n, tst->n_len, n, n_len)
  1017. || !TEST_mem_eq(tst->d, tst->d_len, d, d_len))
  1018. goto err;
  1019. test_output_memory("p1", p1, p1_len);
  1020. test_output_memory("p2", p2, p2_len);
  1021. test_output_memory("p", p, p_len);
  1022. test_output_memory("q1", q1, q1_len);
  1023. test_output_memory("q2", q2, q2_len);
  1024. test_output_memory("q", q, q_len);
  1025. test_output_memory("n", n, n_len);
  1026. test_output_memory("d", d, d_len);
  1027. ret = 1;
  1028. err:
  1029. BN_free(xp1_bn);
  1030. BN_free(xp2_bn);
  1031. BN_free(xp_bn);
  1032. BN_free(xq1_bn);
  1033. BN_free(xq2_bn);
  1034. BN_free(xq_bn);
  1035. BN_free(e_bn);
  1036. OPENSSL_free(p1);
  1037. OPENSSL_free(p2);
  1038. OPENSSL_free(q1);
  1039. OPENSSL_free(q2);
  1040. OPENSSL_free(p);
  1041. OPENSSL_free(q);
  1042. OPENSSL_free(n);
  1043. OPENSSL_free(d);
  1044. EVP_PKEY_free(pkey);
  1045. EVP_PKEY_CTX_free(ctx);
  1046. OSSL_PARAM_free(params);
  1047. OSSL_PARAM_BLD_free(bld);
  1048. return ret;
  1049. }
  1050. static int rsa_siggen_test(int id)
  1051. {
  1052. int ret = 0;
  1053. EVP_PKEY *pkey = NULL;
  1054. unsigned char *sig = NULL, *n = NULL, *e = NULL;
  1055. size_t sig_len = 0, n_len = 0, e_len = 0;
  1056. OSSL_PARAM params[4], *p;
  1057. const struct rsa_siggen_st *tst = &rsa_siggen_data[id];
  1058. int salt_len = tst->pss_salt_len;
  1059. TEST_note("RSA %s signature generation", tst->sig_pad_mode);
  1060. p = params;
  1061. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
  1062. (char *)tst->sig_pad_mode, 0);
  1063. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
  1064. (char *)tst->digest_alg, 0);
  1065. if (salt_len >= 0)
  1066. *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN,
  1067. &salt_len);
  1068. *p++ = OSSL_PARAM_construct_end();
  1069. if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "RSA", tst->mod))
  1070. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len))
  1071. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len))
  1072. || !TEST_true(sig_gen(pkey, params, tst->digest_alg,
  1073. tst->msg, tst->msg_len,
  1074. &sig, &sig_len)))
  1075. goto err;
  1076. test_output_memory("n", n, n_len);
  1077. test_output_memory("e", e, e_len);
  1078. test_output_memory("sig", sig, sig_len);
  1079. ret = 1;
  1080. err:
  1081. OPENSSL_free(n);
  1082. OPENSSL_free(e);
  1083. OPENSSL_free(sig);
  1084. EVP_PKEY_free(pkey);
  1085. return ret;
  1086. }
  1087. static int rsa_sigver_test(int id)
  1088. {
  1089. int ret = 0;
  1090. EVP_PKEY_CTX *pkey_ctx = NULL;
  1091. EVP_PKEY *pkey = NULL;
  1092. EVP_MD_CTX *md_ctx = NULL;
  1093. BN_CTX *bn_ctx = NULL;
  1094. OSSL_PARAM params[4], *p;
  1095. const struct rsa_sigver_st *tst = &rsa_sigver_data[id];
  1096. int salt_len = tst->pss_salt_len;
  1097. TEST_note("RSA %s Signature Verify : expected to %s ", tst->sig_pad_mode,
  1098. tst->pass == PASS ? "pass" : "fail");
  1099. p = params;
  1100. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_PAD_MODE,
  1101. (char *)tst->sig_pad_mode, 0);
  1102. *p++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
  1103. (char *)tst->digest_alg, 0);
  1104. if (salt_len >= 0)
  1105. *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_PSS_SALTLEN,
  1106. &salt_len);
  1107. *p++ = OSSL_PARAM_construct_end();
  1108. if (!TEST_ptr(bn_ctx = BN_CTX_new())
  1109. || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len,
  1110. tst->e, tst->e_len, NULL, 0, bn_ctx))
  1111. || !TEST_ptr(md_ctx = EVP_MD_CTX_new())
  1112. || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx,
  1113. tst->digest_alg, libctx, NULL,
  1114. pkey, NULL))
  1115. || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params))
  1116. || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len,
  1117. tst->msg, tst->msg_len), tst->pass))
  1118. goto err;
  1119. ret = 1;
  1120. err:
  1121. EVP_PKEY_free(pkey);
  1122. BN_CTX_free(bn_ctx);
  1123. EVP_MD_CTX_free(md_ctx);
  1124. return ret;
  1125. }
  1126. static int rsa_decryption_primitive_test(int id)
  1127. {
  1128. int ret = 0;
  1129. EVP_PKEY_CTX *ctx = NULL;
  1130. EVP_PKEY *pkey = NULL;
  1131. unsigned char pt[2048];
  1132. size_t pt_len = sizeof(pt);
  1133. unsigned char *n = NULL, *e = NULL;
  1134. size_t n_len = 0, e_len = 0;
  1135. BN_CTX *bn_ctx = NULL;
  1136. const struct rsa_decrypt_prim_st *tst = &rsa_decrypt_prim_data[id];
  1137. if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "RSA", 2048))
  1138. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_N, &n, &n_len))
  1139. || !TEST_true(pkey_get_bn_bytes(pkey, OSSL_PKEY_PARAM_RSA_E, &e, &e_len))
  1140. || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, ""))
  1141. || !TEST_int_gt(EVP_PKEY_decrypt_init(ctx), 0)
  1142. || !TEST_int_gt(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), 0))
  1143. goto err;
  1144. test_output_memory("n", n, n_len);
  1145. test_output_memory("e", e, e_len);
  1146. if (EVP_PKEY_decrypt(ctx, pt, &pt_len, tst->ct, tst->ct_len) <= 0)
  1147. TEST_note("Decryption Failed");
  1148. else
  1149. test_output_memory("pt", pt, pt_len);
  1150. ret = 1;
  1151. err:
  1152. OPENSSL_free(n);
  1153. OPENSSL_free(e);
  1154. EVP_PKEY_CTX_free(ctx);
  1155. EVP_PKEY_free(pkey);
  1156. BN_CTX_free(bn_ctx);
  1157. return ret;
  1158. }
  1159. static int self_test_events(const OSSL_PARAM params[], void *varg)
  1160. {
  1161. SELF_TEST_ARGS *args = varg;
  1162. const OSSL_PARAM *p = NULL;
  1163. const char *phase = NULL, *type = NULL, *desc = NULL;
  1164. int ret = 0;
  1165. if (!args->enable)
  1166. return 1;
  1167. args->called++;
  1168. p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_PHASE);
  1169. if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING)
  1170. goto err;
  1171. phase = (const char *)p->data;
  1172. p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_DESC);
  1173. if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING)
  1174. goto err;
  1175. desc = (const char *)p->data;
  1176. p = OSSL_PARAM_locate_const(params, OSSL_PROV_PARAM_SELF_TEST_TYPE);
  1177. if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING)
  1178. goto err;
  1179. type = (const char *)p->data;
  1180. BIO_printf(bio_out, "%s %s %s\n", phase, desc, type);
  1181. ret = 1;
  1182. err:
  1183. return ret;
  1184. }
  1185. static int drbg_test(int id)
  1186. {
  1187. OSSL_PARAM params[3];
  1188. EVP_RAND *rand = NULL;
  1189. EVP_RAND_CTX *ctx = NULL, *parent = NULL;
  1190. unsigned char returned_bits[64];
  1191. const size_t returned_bits_len = sizeof(returned_bits);
  1192. unsigned int strength = 256;
  1193. const struct drbg_st *tst = &drbg_data[id];
  1194. int res = 0;
  1195. /* Create the seed source */
  1196. if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, "TEST-RAND", "-fips"))
  1197. || !TEST_ptr(parent = EVP_RAND_CTX_new(rand, NULL)))
  1198. goto err;
  1199. EVP_RAND_free(rand);
  1200. rand = NULL;
  1201. params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
  1202. params[1] = OSSL_PARAM_construct_end();
  1203. if (!TEST_true(EVP_RAND_CTX_set_params(parent, params)))
  1204. goto err;
  1205. /* Get the DRBG */
  1206. if (!TEST_ptr(rand = EVP_RAND_fetch(libctx, tst->drbg_name, ""))
  1207. || !TEST_ptr(ctx = EVP_RAND_CTX_new(rand, parent)))
  1208. goto err;
  1209. /* Set the DRBG up */
  1210. params[0] = OSSL_PARAM_construct_int(OSSL_DRBG_PARAM_USE_DF,
  1211. (int *)&tst->use_df);
  1212. params[1] = OSSL_PARAM_construct_utf8_string(OSSL_DRBG_PARAM_CIPHER,
  1213. (char *)tst->cipher, 0);
  1214. params[2] = OSSL_PARAM_construct_end();
  1215. if (!TEST_true(EVP_RAND_CTX_set_params(ctx, params)))
  1216. goto err;
  1217. /* Feed in the entropy and nonce */
  1218. params[0] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
  1219. (void *)tst->entropy_input,
  1220. tst->entropy_input_len);
  1221. params[1] = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_NONCE,
  1222. (void *)tst->nonce,
  1223. tst->nonce_len);
  1224. params[2] = OSSL_PARAM_construct_end();
  1225. if (!TEST_true(EVP_RAND_CTX_set_params(parent, params)))
  1226. goto err;
  1227. /*
  1228. * Run the test
  1229. * A NULL personalisation string defaults to the built in so something
  1230. * non-NULL is needed if there is no personalisation string
  1231. */
  1232. if (!TEST_true(EVP_RAND_instantiate(ctx, 0, 0, (void *)"", 0, NULL))
  1233. || !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len,
  1234. 0, 0, NULL, 0))
  1235. || !TEST_true(EVP_RAND_generate(ctx, returned_bits, returned_bits_len,
  1236. 0, 0, NULL, 0)))
  1237. goto err;
  1238. test_output_memory("returned bits", returned_bits, returned_bits_len);
  1239. /* Clean up */
  1240. if (!TEST_true(EVP_RAND_uninstantiate(ctx))
  1241. || !TEST_true(EVP_RAND_uninstantiate(parent)))
  1242. goto err;
  1243. /* Verify the output */
  1244. if (!TEST_mem_eq(returned_bits, returned_bits_len,
  1245. tst->returned_bits, tst->returned_bits_len))
  1246. goto err;
  1247. res = 1;
  1248. err:
  1249. EVP_RAND_CTX_free(ctx);
  1250. /* Coverity is confused by the upref/free in EVP_RAND_CTX_new() subdue it */
  1251. /* coverity[pass_freed_arg] */
  1252. EVP_RAND_CTX_free(parent);
  1253. EVP_RAND_free(rand);
  1254. return res;
  1255. }
  1256. static int aes_cfb1_bits_test(void)
  1257. {
  1258. int ret = 0;
  1259. EVP_CIPHER *cipher = NULL;
  1260. EVP_CIPHER_CTX *ctx = NULL;
  1261. unsigned char out[16] = { 0 };
  1262. int outlen;
  1263. const OSSL_PARAM *params, *p;
  1264. static const unsigned char key[] = {
  1265. 0x12, 0x22, 0x58, 0x2F, 0x1C, 0x1A, 0x8A, 0x88,
  1266. 0x30, 0xFC, 0x18, 0xB7, 0x24, 0x89, 0x7F, 0xC0
  1267. };
  1268. static const unsigned char iv[] = {
  1269. 0x05, 0x28, 0xB5, 0x2B, 0x58, 0x27, 0x63, 0x5C,
  1270. 0x81, 0x86, 0xD3, 0x63, 0x60, 0xB0, 0xAA, 0x2B
  1271. };
  1272. static const unsigned char pt[] = {
  1273. 0xB4
  1274. };
  1275. static const unsigned char expected[] = {
  1276. 0x6C
  1277. };
  1278. if (!TEST_ptr(cipher = EVP_CIPHER_fetch(libctx, "AES-128-CFB1", "fips=yes")))
  1279. goto err;
  1280. if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
  1281. goto err;
  1282. if (!TEST_int_gt(EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, 1), 0))
  1283. goto err;
  1284. if (!TEST_ptr(params = EVP_CIPHER_CTX_settable_params(ctx))
  1285. || !TEST_ptr(p = OSSL_PARAM_locate_const(params,
  1286. OSSL_CIPHER_PARAM_USE_BITS)))
  1287. goto err;
  1288. EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPH_FLAG_LENGTH_BITS);
  1289. if (!TEST_int_gt(EVP_CipherUpdate(ctx, out, &outlen, pt, 7), 0))
  1290. goto err;
  1291. if (!TEST_int_eq(outlen, 7))
  1292. goto err;
  1293. if (!TEST_mem_eq(out, (outlen + 7) / 8, expected, sizeof(expected)))
  1294. goto err;
  1295. ret = 1;
  1296. err:
  1297. EVP_CIPHER_free(cipher);
  1298. EVP_CIPHER_CTX_free(ctx);
  1299. return ret;
  1300. }
  1301. int setup_tests(void)
  1302. {
  1303. char *config_file = NULL;
  1304. OPTION_CHOICE o;
  1305. while ((o = opt_next()) != OPT_EOF) {
  1306. switch (o) {
  1307. case OPT_CONFIG_FILE:
  1308. config_file = opt_arg();
  1309. break;
  1310. case OPT_TEST_CASES:
  1311. break;
  1312. default:
  1313. case OPT_ERR:
  1314. return 0;
  1315. }
  1316. }
  1317. if (!test_get_libctx(&libctx, &prov_null, config_file, NULL, NULL))
  1318. return 0;
  1319. OSSL_SELF_TEST_set_callback(libctx, self_test_events, &self_test_args);
  1320. ADD_TEST(aes_cfb1_bits_test);
  1321. ADD_ALL_TESTS(cipher_enc_dec_test, OSSL_NELEM(cipher_enc_data));
  1322. ADD_ALL_TESTS(aes_ccm_enc_dec_test, OSSL_NELEM(aes_ccm_enc_data));
  1323. ADD_ALL_TESTS(aes_gcm_enc_dec_test, OSSL_NELEM(aes_gcm_enc_data));
  1324. ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data));
  1325. ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data));
  1326. ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data));
  1327. ADD_ALL_TESTS(rsa_decryption_primitive_test,
  1328. OSSL_NELEM(rsa_decrypt_prim_data));
  1329. #ifndef OPENSSL_NO_DH
  1330. ADD_ALL_TESTS(dh_safe_prime_keygen_test,
  1331. OSSL_NELEM(dh_safe_prime_keygen_data));
  1332. ADD_ALL_TESTS(dh_safe_prime_keyver_test,
  1333. OSSL_NELEM(dh_safe_prime_keyver_data));
  1334. #endif /* OPENSSL_NO_DH */
  1335. #ifndef OPENSSL_NO_DSA
  1336. ADD_ALL_TESTS(dsa_keygen_test, OSSL_NELEM(dsa_keygen_data));
  1337. ADD_ALL_TESTS(dsa_paramgen_test, OSSL_NELEM(dsa_paramgen_data));
  1338. ADD_ALL_TESTS(dsa_pqver_test, OSSL_NELEM(dsa_pqver_data));
  1339. ADD_ALL_TESTS(dsa_siggen_test, OSSL_NELEM(dsa_siggen_data));
  1340. ADD_ALL_TESTS(dsa_sigver_test, OSSL_NELEM(dsa_sigver_data));
  1341. #endif /* OPENSSL_NO_DSA */
  1342. #ifndef OPENSSL_NO_EC
  1343. ADD_ALL_TESTS(ecdsa_keygen_test, OSSL_NELEM(ecdsa_keygen_data));
  1344. ADD_ALL_TESTS(ecdsa_pub_verify_test, OSSL_NELEM(ecdsa_pv_data));
  1345. ADD_ALL_TESTS(ecdsa_siggen_test, OSSL_NELEM(ecdsa_siggen_data));
  1346. ADD_ALL_TESTS(ecdsa_sigver_test, OSSL_NELEM(ecdsa_sigver_data));
  1347. #endif /* OPENSSL_NO_EC */
  1348. ADD_ALL_TESTS(drbg_test, OSSL_NELEM(drbg_data));
  1349. return 1;
  1350. }
  1351. void cleanup_tests(void)
  1352. {
  1353. OSSL_PROVIDER_unload(prov_null);
  1354. OSSL_LIB_CTX_free(libctx);
  1355. }