keymgmt_internal_test.c 9.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292
  1. /*
  2. * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * RSA low level APIs are deprecated for public use, but still ok for
  11. * internal use.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <string.h>
  15. #include <openssl/bio.h>
  16. #include <openssl/bn.h>
  17. #include <openssl/rsa.h>
  18. #include <openssl/evp.h>
  19. #include <openssl/provider.h>
  20. #include <openssl/core_names.h>
  21. #include "internal/core.h"
  22. #include "internal/nelem.h"
  23. #include "crypto/evp.h" /* For the internal API */
  24. #include "testutil.h"
  25. typedef struct {
  26. OSSL_LIB_CTX *ctx1;
  27. OSSL_PROVIDER *prov1;
  28. OSSL_LIB_CTX *ctx2;
  29. OSSL_PROVIDER *prov2;
  30. } FIXTURE;
  31. static void tear_down(FIXTURE *fixture)
  32. {
  33. if (fixture != NULL) {
  34. OSSL_PROVIDER_unload(fixture->prov1);
  35. OSSL_PROVIDER_unload(fixture->prov2);
  36. OSSL_LIB_CTX_free(fixture->ctx1);
  37. OSSL_LIB_CTX_free(fixture->ctx2);
  38. OPENSSL_free(fixture);
  39. }
  40. }
  41. static FIXTURE *set_up(const char *testcase_name)
  42. {
  43. FIXTURE *fixture;
  44. if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))
  45. || !TEST_ptr(fixture->ctx1 = OSSL_LIB_CTX_new())
  46. || !TEST_ptr(fixture->prov1 = OSSL_PROVIDER_load(fixture->ctx1,
  47. "default"))
  48. || !TEST_ptr(fixture->ctx2 = OSSL_LIB_CTX_new())
  49. || !TEST_ptr(fixture->prov2 = OSSL_PROVIDER_load(fixture->ctx2,
  50. "default"))) {
  51. tear_down(fixture);
  52. return NULL;
  53. }
  54. return fixture;
  55. }
  56. /* Array indexes */
  57. #define N 0
  58. #define E 1
  59. #define D 2
  60. #define P 3
  61. #define Q 4
  62. #define F3 5 /* Extra factor */
  63. #define DP 6
  64. #define DQ 7
  65. #define E3 8 /* Extra exponent */
  66. #define QINV 9
  67. #define C2 10 /* Extra coefficient */
  68. /*
  69. * We have to do this because OSSL_PARAM_get_ulong() can't handle params
  70. * holding data that isn't exactly sizeof(uint32_t) or sizeof(uint64_t),
  71. * and because the other end deals with BIGNUM, the resulting param might
  72. * be any size. In this particular test, we know that the expected data
  73. * fits within an unsigned long, and we want to get the data in that form
  74. * to make testing of values easier.
  75. */
  76. static int get_ulong_via_BN(const OSSL_PARAM *p, unsigned long *goal)
  77. {
  78. BIGNUM *n = NULL;
  79. int ret = 1; /* Ever so hopeful */
  80. if (!TEST_true(OSSL_PARAM_get_BN(p, &n))
  81. || !TEST_true(BN_bn2nativepad(n, (unsigned char *)goal, sizeof(*goal))))
  82. ret = 0;
  83. BN_free(n);
  84. return ret;
  85. }
  86. static int export_cb(const OSSL_PARAM *params, void *arg)
  87. {
  88. unsigned long *keydata = arg;
  89. const OSSL_PARAM *p = NULL;
  90. if (keydata == NULL)
  91. return 0;
  92. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_N))
  93. || !TEST_true(get_ulong_via_BN(p, &keydata[N]))
  94. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_E))
  95. || !TEST_true(get_ulong_via_BN(p, &keydata[E]))
  96. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_D))
  97. || !TEST_true(get_ulong_via_BN(p, &keydata[D])))
  98. return 0;
  99. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR1))
  100. || !TEST_true(get_ulong_via_BN(p, &keydata[P]))
  101. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR2))
  102. || !TEST_true(get_ulong_via_BN(p, &keydata[Q]))
  103. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR3))
  104. || !TEST_true(get_ulong_via_BN(p, &keydata[F3])))
  105. return 0;
  106. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT1))
  107. || !TEST_true(get_ulong_via_BN(p, &keydata[DP]))
  108. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT2))
  109. || !TEST_true(get_ulong_via_BN(p, &keydata[DQ]))
  110. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT3))
  111. || !TEST_true(get_ulong_via_BN(p, &keydata[E3])))
  112. return 0;
  113. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT1))
  114. || !TEST_true(get_ulong_via_BN(p, &keydata[QINV]))
  115. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT2))
  116. || !TEST_true(get_ulong_via_BN(p, &keydata[C2])))
  117. return 0;
  118. return 1;
  119. }
  120. static int test_pass_rsa(FIXTURE *fixture)
  121. {
  122. size_t i;
  123. int ret = 0;
  124. RSA *rsa = NULL;
  125. BIGNUM *bn1 = NULL, *bn2 = NULL, *bn3 = NULL;
  126. EVP_PKEY *pk = NULL, *dup_pk = NULL;
  127. EVP_KEYMGMT *km = NULL, *km1 = NULL, *km2 = NULL, *km3 = NULL;
  128. void *provkey = NULL, *provkey2 = NULL;
  129. BIGNUM *bn_primes[1] = { NULL };
  130. BIGNUM *bn_exps[1] = { NULL };
  131. BIGNUM *bn_coeffs[1] = { NULL };
  132. /*
  133. * 32-bit RSA key, extracted from this command,
  134. * executed with OpenSSL 1.0.2:
  135. * An extra factor was added just for testing purposes.
  136. *
  137. * openssl genrsa 32 | openssl rsa -text
  138. */
  139. static BN_ULONG expected[] = {
  140. 0xbc747fc5, /* N */
  141. 0x10001, /* E */
  142. 0x7b133399, /* D */
  143. 0xe963, /* P */
  144. 0xceb7, /* Q */
  145. 1, /* F3 */
  146. 0x8599, /* DP */
  147. 0xbd87, /* DQ */
  148. 2, /* E3 */
  149. 0xcc3b, /* QINV */
  150. 3, /* C3 */
  151. 0 /* Extra, should remain zero */
  152. };
  153. static unsigned long keydata[OSSL_NELEM(expected)] = { 0, };
  154. if (!TEST_ptr(rsa = RSA_new()))
  155. goto err;
  156. if (!TEST_ptr(bn1 = BN_new())
  157. || !TEST_true(BN_set_word(bn1, expected[N]))
  158. || !TEST_ptr(bn2 = BN_new())
  159. || !TEST_true(BN_set_word(bn2, expected[E]))
  160. || !TEST_ptr(bn3 = BN_new())
  161. || !TEST_true(BN_set_word(bn3, expected[D]))
  162. || !TEST_true(RSA_set0_key(rsa, bn1, bn2, bn3)))
  163. goto err;
  164. if (!TEST_ptr(bn1 = BN_new())
  165. || !TEST_true(BN_set_word(bn1, expected[P]))
  166. || !TEST_ptr(bn2 = BN_new())
  167. || !TEST_true(BN_set_word(bn2, expected[Q]))
  168. || !TEST_true(RSA_set0_factors(rsa, bn1, bn2)))
  169. goto err;
  170. if (!TEST_ptr(bn1 = BN_new())
  171. || !TEST_true(BN_set_word(bn1, expected[DP]))
  172. || !TEST_ptr(bn2 = BN_new())
  173. || !TEST_true(BN_set_word(bn2, expected[DQ]))
  174. || !TEST_ptr(bn3 = BN_new())
  175. || !TEST_true(BN_set_word(bn3, expected[QINV]))
  176. || !TEST_true(RSA_set0_crt_params(rsa, bn1, bn2, bn3)))
  177. goto err;
  178. bn1 = bn2 = bn3 = NULL;
  179. if (!TEST_ptr(bn_primes[0] = BN_new())
  180. || !TEST_true(BN_set_word(bn_primes[0], expected[F3]))
  181. || !TEST_ptr(bn_exps[0] = BN_new())
  182. || !TEST_true(BN_set_word(bn_exps[0], expected[E3]))
  183. || !TEST_ptr(bn_coeffs[0] = BN_new())
  184. || !TEST_true(BN_set_word(bn_coeffs[0], expected[C2]))
  185. || !TEST_true(RSA_set0_multi_prime_params(rsa, bn_primes, bn_exps,
  186. bn_coeffs, 1)))
  187. goto err;
  188. if (!TEST_ptr(pk = EVP_PKEY_new())
  189. || !TEST_true(EVP_PKEY_assign_RSA(pk, rsa)))
  190. goto err;
  191. rsa = NULL;
  192. if (!TEST_ptr(km1 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA", NULL))
  193. || !TEST_ptr(km2 = EVP_KEYMGMT_fetch(fixture->ctx2, "RSA", NULL))
  194. || !TEST_ptr(km3 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA-PSS", NULL))
  195. || !TEST_ptr_ne(km1, km2))
  196. goto err;
  197. while (dup_pk == NULL) {
  198. ret = 0;
  199. km = km3;
  200. /* Check that we can't export an RSA key into a RSA-PSS keymanager */
  201. if (!TEST_ptr_null(provkey2 = evp_pkey_export_to_provider(pk, NULL,
  202. &km,
  203. NULL)))
  204. goto err;
  205. if (!TEST_ptr(provkey = evp_pkey_export_to_provider(pk, NULL, &km1,
  206. NULL))
  207. || !TEST_true(evp_keymgmt_export(km2, provkey,
  208. OSSL_KEYMGMT_SELECT_KEYPAIR,
  209. &export_cb, keydata)))
  210. goto err;
  211. /*
  212. * At this point, the hope is that keydata will have all the numbers
  213. * from the key.
  214. */
  215. for (i = 0; i < OSSL_NELEM(expected); i++) {
  216. int rv = TEST_int_eq(expected[i], keydata[i]);
  217. if (!rv)
  218. TEST_info("i = %zu", i);
  219. else
  220. ret++;
  221. }
  222. ret = (ret == OSSL_NELEM(expected));
  223. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  224. goto err;
  225. ret = TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  226. EVP_PKEY_free(pk);
  227. pk = dup_pk;
  228. if (!ret)
  229. goto err;
  230. }
  231. err:
  232. RSA_free(rsa);
  233. BN_free(bn1);
  234. BN_free(bn2);
  235. BN_free(bn3);
  236. EVP_PKEY_free(pk);
  237. EVP_KEYMGMT_free(km1);
  238. EVP_KEYMGMT_free(km2);
  239. EVP_KEYMGMT_free(km3);
  240. return ret;
  241. }
  242. static int (*tests[])(FIXTURE *) = {
  243. test_pass_rsa
  244. };
  245. static int test_pass_key(int n)
  246. {
  247. SETUP_TEST_FIXTURE(FIXTURE, set_up);
  248. EXECUTE_TEST(tests[n], tear_down);
  249. return result;
  250. }
  251. int setup_tests(void)
  252. {
  253. ADD_ALL_TESTS(test_pass_key, 1);
  254. return 1;
  255. }