keymgmt_internal_test.c 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358
  1. /*
  2. * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. /*
  10. * RSA low level APIs are deprecated for public use, but still ok for
  11. * internal use.
  12. */
  13. #include "internal/deprecated.h"
  14. #include <string.h>
  15. #include <openssl/bio.h>
  16. #include <openssl/bn.h>
  17. #include <openssl/rsa.h>
  18. #include <openssl/evp.h>
  19. #include <openssl/pem.h>
  20. #include <openssl/provider.h>
  21. #include <openssl/core_names.h>
  22. #include "internal/core.h"
  23. #include "internal/nelem.h"
  24. #include "crypto/evp.h" /* For the internal API */
  25. #include "testutil.h"
  26. typedef struct {
  27. OSSL_LIB_CTX *ctx1;
  28. OSSL_PROVIDER *prov1;
  29. OSSL_LIB_CTX *ctx2;
  30. OSSL_PROVIDER *prov2;
  31. } FIXTURE;
  32. /* Collected arguments */
  33. static const char *cert_filename = NULL;
  34. static void tear_down(FIXTURE *fixture)
  35. {
  36. if (fixture != NULL) {
  37. OSSL_PROVIDER_unload(fixture->prov1);
  38. OSSL_PROVIDER_unload(fixture->prov2);
  39. OSSL_LIB_CTX_free(fixture->ctx1);
  40. OSSL_LIB_CTX_free(fixture->ctx2);
  41. OPENSSL_free(fixture);
  42. }
  43. }
  44. static FIXTURE *set_up(const char *testcase_name)
  45. {
  46. FIXTURE *fixture;
  47. if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))
  48. || !TEST_ptr(fixture->ctx1 = OSSL_LIB_CTX_new())
  49. || !TEST_ptr(fixture->prov1 = OSSL_PROVIDER_load(fixture->ctx1,
  50. "default"))
  51. || !TEST_ptr(fixture->ctx2 = OSSL_LIB_CTX_new())
  52. || !TEST_ptr(fixture->prov2 = OSSL_PROVIDER_load(fixture->ctx2,
  53. "default"))) {
  54. tear_down(fixture);
  55. return NULL;
  56. }
  57. return fixture;
  58. }
  59. /* Array indexes */
  60. #define N 0
  61. #define E 1
  62. #define D 2
  63. #define P 3
  64. #define Q 4
  65. #define F3 5 /* Extra factor */
  66. #define DP 6
  67. #define DQ 7
  68. #define E3 8 /* Extra exponent */
  69. #define QINV 9
  70. #define C2 10 /* Extra coefficient */
  71. /*
  72. * We have to do this because OSSL_PARAM_get_ulong() can't handle params
  73. * holding data that isn't exactly sizeof(uint32_t) or sizeof(uint64_t),
  74. * and because the other end deals with BIGNUM, the resulting param might
  75. * be any size. In this particular test, we know that the expected data
  76. * fits within an unsigned long, and we want to get the data in that form
  77. * to make testing of values easier.
  78. */
  79. static int get_ulong_via_BN(const OSSL_PARAM *p, unsigned long *goal)
  80. {
  81. BIGNUM *n = NULL;
  82. int ret = 1; /* Ever so hopeful */
  83. if (!TEST_true(OSSL_PARAM_get_BN(p, &n))
  84. || !TEST_int_ge(BN_bn2nativepad(n, (unsigned char *)goal, sizeof(*goal)), 0))
  85. ret = 0;
  86. BN_free(n);
  87. return ret;
  88. }
  89. static int export_cb(const OSSL_PARAM *params, void *arg)
  90. {
  91. unsigned long *keydata = arg;
  92. const OSSL_PARAM *p = NULL;
  93. if (keydata == NULL)
  94. return 0;
  95. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_N))
  96. || !TEST_true(get_ulong_via_BN(p, &keydata[N]))
  97. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_E))
  98. || !TEST_true(get_ulong_via_BN(p, &keydata[E]))
  99. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_D))
  100. || !TEST_true(get_ulong_via_BN(p, &keydata[D])))
  101. return 0;
  102. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR1))
  103. || !TEST_true(get_ulong_via_BN(p, &keydata[P]))
  104. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR2))
  105. || !TEST_true(get_ulong_via_BN(p, &keydata[Q]))
  106. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_FACTOR3))
  107. || !TEST_true(get_ulong_via_BN(p, &keydata[F3])))
  108. return 0;
  109. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT1))
  110. || !TEST_true(get_ulong_via_BN(p, &keydata[DP]))
  111. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT2))
  112. || !TEST_true(get_ulong_via_BN(p, &keydata[DQ]))
  113. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_EXPONENT3))
  114. || !TEST_true(get_ulong_via_BN(p, &keydata[E3])))
  115. return 0;
  116. if (!TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT1))
  117. || !TEST_true(get_ulong_via_BN(p, &keydata[QINV]))
  118. || !TEST_ptr(p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_RSA_COEFFICIENT2))
  119. || !TEST_true(get_ulong_via_BN(p, &keydata[C2])))
  120. return 0;
  121. return 1;
  122. }
  123. static int test_pass_rsa(FIXTURE *fixture)
  124. {
  125. size_t i;
  126. int ret = 0;
  127. RSA *rsa = NULL;
  128. BIGNUM *bn1 = NULL, *bn2 = NULL, *bn3 = NULL;
  129. EVP_PKEY *pk = NULL, *dup_pk = NULL;
  130. EVP_KEYMGMT *km = NULL, *km1 = NULL, *km2 = NULL, *km3 = NULL;
  131. void *provkey = NULL, *provkey2 = NULL;
  132. BIGNUM *bn_primes[1] = { NULL };
  133. BIGNUM *bn_exps[1] = { NULL };
  134. BIGNUM *bn_coeffs[1] = { NULL };
  135. /*
  136. * 32-bit RSA key, extracted from this command,
  137. * executed with OpenSSL 1.0.2:
  138. * An extra factor was added just for testing purposes.
  139. *
  140. * openssl genrsa 32 | openssl rsa -text
  141. */
  142. static BN_ULONG expected[] = {
  143. 0xbc747fc5, /* N */
  144. 0x10001, /* E */
  145. 0x7b133399, /* D */
  146. 0xe963, /* P */
  147. 0xceb7, /* Q */
  148. 1, /* F3 */
  149. 0x8599, /* DP */
  150. 0xbd87, /* DQ */
  151. 2, /* E3 */
  152. 0xcc3b, /* QINV */
  153. 3, /* C3 */
  154. 0 /* Extra, should remain zero */
  155. };
  156. static unsigned long keydata[OSSL_NELEM(expected)] = { 0, };
  157. if (!TEST_ptr(rsa = RSA_new()))
  158. goto err;
  159. if (!TEST_ptr(bn1 = BN_new())
  160. || !TEST_true(BN_set_word(bn1, expected[N]))
  161. || !TEST_ptr(bn2 = BN_new())
  162. || !TEST_true(BN_set_word(bn2, expected[E]))
  163. || !TEST_ptr(bn3 = BN_new())
  164. || !TEST_true(BN_set_word(bn3, expected[D]))
  165. || !TEST_true(RSA_set0_key(rsa, bn1, bn2, bn3)))
  166. goto err;
  167. if (!TEST_ptr(bn1 = BN_new())
  168. || !TEST_true(BN_set_word(bn1, expected[P]))
  169. || !TEST_ptr(bn2 = BN_new())
  170. || !TEST_true(BN_set_word(bn2, expected[Q]))
  171. || !TEST_true(RSA_set0_factors(rsa, bn1, bn2)))
  172. goto err;
  173. if (!TEST_ptr(bn1 = BN_new())
  174. || !TEST_true(BN_set_word(bn1, expected[DP]))
  175. || !TEST_ptr(bn2 = BN_new())
  176. || !TEST_true(BN_set_word(bn2, expected[DQ]))
  177. || !TEST_ptr(bn3 = BN_new())
  178. || !TEST_true(BN_set_word(bn3, expected[QINV]))
  179. || !TEST_true(RSA_set0_crt_params(rsa, bn1, bn2, bn3)))
  180. goto err;
  181. bn1 = bn2 = bn3 = NULL;
  182. if (!TEST_ptr(bn_primes[0] = BN_new())
  183. || !TEST_true(BN_set_word(bn_primes[0], expected[F3]))
  184. || !TEST_ptr(bn_exps[0] = BN_new())
  185. || !TEST_true(BN_set_word(bn_exps[0], expected[E3]))
  186. || !TEST_ptr(bn_coeffs[0] = BN_new())
  187. || !TEST_true(BN_set_word(bn_coeffs[0], expected[C2]))
  188. || !TEST_true(RSA_set0_multi_prime_params(rsa, bn_primes, bn_exps,
  189. bn_coeffs, 1)))
  190. goto err;
  191. if (!TEST_ptr(pk = EVP_PKEY_new())
  192. || !TEST_true(EVP_PKEY_assign_RSA(pk, rsa)))
  193. goto err;
  194. rsa = NULL;
  195. if (!TEST_ptr(km1 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA", NULL))
  196. || !TEST_ptr(km2 = EVP_KEYMGMT_fetch(fixture->ctx2, "RSA", NULL))
  197. || !TEST_ptr(km3 = EVP_KEYMGMT_fetch(fixture->ctx1, "RSA-PSS", NULL))
  198. || !TEST_ptr_ne(km1, km2))
  199. goto err;
  200. while (dup_pk == NULL) {
  201. ret = 0;
  202. km = km3;
  203. /* Check that we can't export an RSA key into a RSA-PSS keymanager */
  204. if (!TEST_ptr_null(provkey2 = evp_pkey_export_to_provider(pk, NULL,
  205. &km,
  206. NULL)))
  207. goto err;
  208. if (!TEST_ptr(provkey = evp_pkey_export_to_provider(pk, NULL, &km1,
  209. NULL))
  210. || !TEST_true(evp_keymgmt_export(km2, provkey,
  211. OSSL_KEYMGMT_SELECT_KEYPAIR,
  212. &export_cb, keydata)))
  213. goto err;
  214. /*
  215. * At this point, the hope is that keydata will have all the numbers
  216. * from the key.
  217. */
  218. for (i = 0; i < OSSL_NELEM(expected); i++) {
  219. int rv = TEST_int_eq(expected[i], keydata[i]);
  220. if (!rv)
  221. TEST_info("i = %zu", i);
  222. else
  223. ret++;
  224. }
  225. ret = (ret == OSSL_NELEM(expected));
  226. if (!ret || !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
  227. goto err;
  228. ret = TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
  229. EVP_PKEY_free(pk);
  230. pk = dup_pk;
  231. if (!ret)
  232. goto err;
  233. }
  234. err:
  235. RSA_free(rsa);
  236. BN_free(bn1);
  237. BN_free(bn2);
  238. BN_free(bn3);
  239. EVP_PKEY_free(pk);
  240. EVP_KEYMGMT_free(km1);
  241. EVP_KEYMGMT_free(km2);
  242. EVP_KEYMGMT_free(km3);
  243. return ret;
  244. }
  245. static int (*tests[])(FIXTURE *) = {
  246. test_pass_rsa
  247. };
  248. static int test_pass_key(int n)
  249. {
  250. SETUP_TEST_FIXTURE(FIXTURE, set_up);
  251. EXECUTE_TEST(tests[n], tear_down);
  252. return result;
  253. }
  254. static int test_evp_pkey_export_to_provider(int n)
  255. {
  256. OSSL_LIB_CTX *libctx = NULL;
  257. OSSL_PROVIDER *prov = NULL;
  258. X509 *cert = NULL;
  259. BIO *bio = NULL;
  260. X509_PUBKEY *pubkey = NULL;
  261. EVP_KEYMGMT *keymgmt = NULL;
  262. EVP_PKEY *pkey = NULL;
  263. void *keydata = NULL;
  264. int ret = 0;
  265. if (!TEST_ptr(libctx = OSSL_LIB_CTX_new())
  266. || !TEST_ptr(prov = OSSL_PROVIDER_load(libctx, "default")))
  267. goto end;
  268. if ((bio = BIO_new_file(cert_filename, "r")) == NULL) {
  269. TEST_error("Couldn't open '%s' for reading\n", cert_filename);
  270. TEST_openssl_errors();
  271. goto end;
  272. }
  273. if ((cert = PEM_read_bio_X509(bio, NULL, NULL, NULL)) == NULL) {
  274. TEST_error("'%s' doesn't appear to be a X.509 certificate in PEM format\n",
  275. cert_filename);
  276. TEST_openssl_errors();
  277. goto end;
  278. }
  279. pubkey = X509_get_X509_PUBKEY(cert);
  280. pkey = X509_PUBKEY_get0(pubkey);
  281. if (n == 0) {
  282. if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
  283. NULL, NULL)))
  284. goto end;
  285. } else if (n == 1) {
  286. if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
  287. &keymgmt, NULL)))
  288. goto end;
  289. } else {
  290. keymgmt = EVP_KEYMGMT_fetch(libctx, "RSA", NULL);
  291. if (!TEST_ptr(keydata = evp_pkey_export_to_provider(pkey, NULL,
  292. &keymgmt, NULL)))
  293. goto end;
  294. }
  295. ret = 1;
  296. end:
  297. BIO_free(bio);
  298. X509_free(cert);
  299. EVP_KEYMGMT_free(keymgmt);
  300. OSSL_PROVIDER_unload(prov);
  301. OSSL_LIB_CTX_free(libctx);
  302. return ret;
  303. }
  304. int setup_tests(void)
  305. {
  306. if (!TEST_ptr(cert_filename = test_get_argument(0)))
  307. return 0;
  308. ADD_ALL_TESTS(test_pass_key, 1);
  309. ADD_ALL_TESTS(test_evp_pkey_export_to_provider, 3);
  310. return 1;
  311. }