2 * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include <openssl/bio.h>
14 #include <openssl/conf.h>
15 #include <openssl/crypto.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/rsa.h>
19 #include <openssl/x509.h>
20 #include <openssl/pem.h>
21 #include <openssl/kdf.h>
22 #include <openssl/provider.h>
23 #include <openssl/core_names.h>
24 #include <openssl/params.h>
25 #include <openssl/dsa.h>
26 #include <openssl/dh.h>
28 #include "internal/nelem.h"
29 #include "internal/sizes.h"
30 #include "crypto/evp.h"
32 static OPENSSL_CTX *testctx = NULL;
35 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
36 * should never use this key anywhere but in an example.
38 static const unsigned char kExampleRSAKeyDER[] = {
39 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
40 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
41 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
42 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
43 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
44 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
45 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
46 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
47 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
48 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
49 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
50 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
51 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
52 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
53 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
54 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
55 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
56 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
57 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
58 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
59 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
60 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
61 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
62 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
63 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
64 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
65 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
66 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
67 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
68 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
69 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
70 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
71 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
72 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
73 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
74 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
75 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
76 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
77 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
78 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
79 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
80 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
81 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
82 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
83 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
84 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
85 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
86 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
87 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
88 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
89 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
93 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
94 * should never use this key anywhere but in an example.
96 #ifndef OPENSSL_NO_DSA
97 static const unsigned char kExampleDSAKeyDER[] = {
98 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
99 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
100 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
101 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
102 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
103 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
104 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
105 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
106 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
107 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
108 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
109 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
110 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
111 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
112 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
113 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
114 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
115 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
116 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
117 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
118 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
119 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
120 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
121 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
122 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
123 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
124 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
125 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
126 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
127 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
128 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
129 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
130 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
131 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
132 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
133 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
134 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
140 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
141 * components are not correct.
143 static const unsigned char kExampleBadRSAKeyDER[] = {
144 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
145 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
146 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
147 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
148 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
149 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
150 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
151 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
152 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
153 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
154 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
155 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
156 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
157 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
158 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
159 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
160 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
161 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
162 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
163 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
164 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
165 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
166 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
167 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
168 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
169 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
170 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
171 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
172 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
173 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
174 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
175 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
176 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
177 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
178 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
179 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
180 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
181 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
182 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
183 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
184 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
185 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
186 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
187 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
188 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
189 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
190 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
191 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
192 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
193 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
194 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
195 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
196 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
197 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
198 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
199 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
200 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
201 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
202 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
203 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
204 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
205 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
206 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
207 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
208 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
209 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
210 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
211 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
212 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
213 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
214 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
215 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
216 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
217 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
218 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
219 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
220 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
221 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
222 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
223 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
224 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
225 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
226 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
227 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
228 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
229 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
230 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
231 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
232 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
235 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
237 static const unsigned char kSignature[] = {
238 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
239 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
240 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
241 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
242 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
243 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
244 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
245 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
246 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
247 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
248 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
252 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
255 static const unsigned char kExampleRSAKeyPKCS8[] = {
256 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
257 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
258 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
259 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
260 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
261 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
262 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
263 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
264 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
265 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
266 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
267 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
268 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
269 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
270 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
271 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
272 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
273 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
274 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
275 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
276 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
277 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
278 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
279 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
280 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
281 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
282 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
283 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
284 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
285 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
286 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
287 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
288 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
289 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
290 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
291 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
292 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
293 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
294 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
295 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
296 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
297 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
298 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
299 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
300 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
301 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
302 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
303 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
304 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
305 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
306 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
307 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
308 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
311 #ifndef OPENSSL_NO_EC
313 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
316 static const unsigned char kExampleECKeyDER[] = {
317 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
318 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
319 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
320 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
321 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
322 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
323 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
324 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
325 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
326 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
331 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
332 * structure. The private key is equal to the order and will fail to import
334 static const unsigned char kExampleBadECKeyDER[] = {
335 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
336 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
337 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
338 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
339 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
340 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
341 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
342 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
343 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
347 static const unsigned char kExampleECPubKeyDER[] = {
348 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
349 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
350 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
351 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
352 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
353 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
354 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
355 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
359 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
360 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
362 static const unsigned char kExampleBadECPubKeyDER[] = {
363 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
364 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
365 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
366 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
367 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
368 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
369 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
370 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
373 static const unsigned char pExampleECParamDER[] = {
374 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
378 typedef struct APK_DATA_st {
379 const unsigned char *kder;
385 int type; /* 0 for private, 1 for public, 2 for params */
388 static APK_DATA keydata[] = {
389 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
390 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
391 #ifndef OPENSSL_NO_EC
392 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
396 static APK_DATA keycheckdata[] = {
397 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
398 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
400 #ifndef OPENSSL_NO_EC
401 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
402 /* group is also associated in our pub key */
403 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
404 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
408 static EVP_PKEY *load_example_rsa_key(void)
410 EVP_PKEY *ret = NULL;
411 const unsigned char *derp = kExampleRSAKeyDER;
412 EVP_PKEY *pkey = NULL;
415 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
418 if (!TEST_ptr(pkey = EVP_PKEY_new())
419 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
432 #ifndef OPENSSL_NO_DSA
433 static EVP_PKEY *load_example_dsa_key(void)
435 EVP_PKEY *ret = NULL;
436 const unsigned char *derp = kExampleDSAKeyDER;
437 EVP_PKEY *pkey = NULL;
440 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
443 if (!TEST_ptr(pkey = EVP_PKEY_new())
444 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
458 static EVP_PKEY *load_example_hmac_key(void)
460 EVP_PKEY *pkey = NULL;
461 unsigned char key[] = {
462 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
463 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
464 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f
467 pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, sizeof(key));
474 static int test_EVP_set_default_properties(void)
480 if (!TEST_ptr(ctx = OPENSSL_CTX_new())
481 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
486 if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
487 || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
488 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
493 if (!TEST_true(EVP_set_default_properties(ctx, NULL))
494 || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
499 OPENSSL_CTX_free(ctx);
503 static int test_EVP_Enveloped(void)
506 EVP_CIPHER_CTX *ctx = NULL;
507 EVP_PKEY *keypair = NULL;
508 unsigned char *kek = NULL;
509 unsigned char iv[EVP_MAX_IV_LENGTH];
510 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
511 int len, kek_len, ciphertext_len, plaintext_len;
512 unsigned char ciphertext[32], plaintext[16];
513 const EVP_CIPHER *type = EVP_aes_256_cbc();
515 if (!TEST_ptr(keypair = load_example_rsa_key())
516 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
517 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
518 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
520 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
522 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
526 ciphertext_len += len;
528 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
529 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
530 ciphertext, ciphertext_len))
531 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
534 plaintext_len += len;
535 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
541 EVP_PKEY_free(keypair);
542 EVP_CIPHER_CTX_free(ctx);
547 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, RSA)
548 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, DSA)
549 * Test 2: Standard calls to EVP_DigestSignInit/Update/Final (Implicit fetch digest, HMAC)
550 * Test 3: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, RSA)
551 * Test 4: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch digest, DSA)
552 * Test 5: Standard calls to EVP_DigestSignInit/Update/Final (Explicit fetch diegst, HMAC)
553 * Test 6: Use an MD BIO to do the Update calls instead (RSA)
554 * Test 7: Use an MD BIO to do the Update calls instead (DSA)
555 * Test 8: Use an MD BIO to do the Update calls instead (HMAC)
557 static int test_EVP_DigestSignInit(int tst)
560 EVP_PKEY *pkey = NULL;
561 unsigned char *sig = NULL;
563 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
564 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
565 BIO *mdbio = NULL, *membio = NULL;
568 EVP_MD *mdexp = NULL;
571 membio = BIO_new(BIO_s_mem());
572 mdbio = BIO_new(BIO_f_md());
573 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
575 BIO_push(mdbio, membio);
576 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
579 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
580 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
584 if (tst == 0 || tst == 3 || tst == 6) {
585 if (!TEST_ptr(pkey = load_example_rsa_key()))
587 } else if (tst == 1 || tst == 4 || tst == 7) {
588 #ifndef OPENSSL_NO_DSA
589 if (!TEST_ptr(pkey = load_example_dsa_key()))
596 if (!TEST_ptr(pkey = load_example_hmac_key()))
600 if (tst >= 3 && tst <= 5)
601 md = mdexp = EVP_MD_fetch(NULL, "SHA256", NULL);
605 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
609 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
612 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
616 /* Determine the size of the signature. */
617 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
618 || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
619 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
623 if (!TEST_int_gt(BIO_reset(mdbio), 0)
624 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
629 * Ensure that the signature round-trips (Verification isn't supported for
630 * HMAC via EVP_DigestVerify*)
632 if (tst != 2 && tst != 5 && tst != 8) {
633 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, md,
638 if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
641 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
645 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
654 EVP_MD_CTX_free(a_md_ctx);
655 EVP_MD_CTX_free(a_md_ctx_verify);
663 static int test_EVP_DigestVerifyInit(void)
666 EVP_PKEY *pkey = NULL;
667 EVP_MD_CTX *md_ctx = NULL;
669 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
670 || !TEST_ptr(pkey = load_example_rsa_key()))
673 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
674 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
675 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
676 sizeof(kSignature))))
681 EVP_MD_CTX_free(md_ctx);
686 static int test_d2i_AutoPrivateKey(int i)
689 const unsigned char *p;
690 EVP_PKEY *pkey = NULL;
691 const APK_DATA *ak = &keydata[i];
692 const unsigned char *input = ak->kder;
693 size_t input_len = ak->size;
694 int expected_id = ak->evptype;
697 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
698 || !TEST_ptr_eq(p, input + input_len)
699 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
709 #ifndef OPENSSL_NO_EC
711 static const unsigned char ec_public_sect163k1_validxy[] = {
712 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
713 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
714 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
715 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
716 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
717 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
720 static const unsigned char ec_public_sect163k1_badx[] = {
721 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
722 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
723 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
724 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
725 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
726 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
729 static const unsigned char ec_public_sect163k1_bady[] = {
730 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
731 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
732 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
733 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
734 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
735 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
738 static struct ec_der_pub_keys_st {
739 const unsigned char *der;
742 } ec_der_pub_keys[] = {
743 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
744 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
745 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
749 * Tests the range of the decoded EC char2 public point.
750 * See ec_GF2m_simple_oct2point().
752 static int test_invalide_ec_char2_pub_range_decode(int id)
756 EC_KEY *eckey = NULL;
758 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
759 ec_der_pub_keys[id].len)))
761 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
762 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
763 || TEST_ptr_null(eckey);
770 /* Tests loading a bad key in PKCS8 format */
771 static int test_EVP_PKCS82PKEY(void)
774 const unsigned char *derp = kExampleBadECKeyDER;
775 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
776 EVP_PKEY *pkey = NULL;
778 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
779 sizeof(kExampleBadECKeyDER))))
782 if (!TEST_ptr_eq(derp,
783 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
786 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
792 PKCS8_PRIV_KEY_INFO_free(p8inf);
799 /* This uses kExampleRSAKeyDER and kExampleRSAKeyPKCS8 to verify encoding */
800 static int test_privatekey_to_pkcs8(void)
802 EVP_PKEY *pkey = NULL;
805 size_t membuf_len = 0;
808 if (!TEST_ptr(membio = BIO_new(BIO_s_mem()))
809 || !TEST_ptr(pkey = load_example_rsa_key())
810 || !TEST_int_gt(i2d_PKCS8PrivateKey_bio(membio, pkey, NULL,
811 NULL, 0, NULL, NULL),
813 || !TEST_ptr((membuf_len = (size_t)BIO_get_mem_data(membio, &membuf),
815 || !TEST_mem_eq(membuf, membuf_len,
816 kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8))
818 * We try to write PEM as well, just to see that it doesn't err, but
819 * assume that the result is correct.
821 || !TEST_int_gt(PEM_write_bio_PKCS8PrivateKey(membio, pkey, NULL,
822 NULL, 0, NULL, NULL),
829 BIO_free_all(membio);
833 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
835 static int test_EVP_SM2_verify(void)
837 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
839 "-----BEGIN PUBLIC KEY-----\n"
840 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
841 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
842 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
843 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
844 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
845 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
846 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
847 "-----END PUBLIC KEY-----\n";
849 const char *msg = "message digest";
850 const char *id = "ALICE123@YAHOO.COM";
852 const uint8_t signature[] = {
853 0x30, 0x44, 0x02, 0x20,
855 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
856 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
857 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
861 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
862 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
863 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
868 EVP_PKEY *pkey = NULL;
869 EVP_MD_CTX *mctx = NULL;
870 EVP_PKEY_CTX *pctx = NULL;
872 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
873 if (!TEST_true(bio != NULL))
876 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
877 if (!TEST_true(pkey != NULL))
880 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
883 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
886 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
889 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
893 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
895 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
898 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
901 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
908 EVP_PKEY_CTX_free(pctx);
909 EVP_MD_CTX_free(mctx);
913 static int test_EVP_SM2(void)
916 EVP_PKEY *pkey = NULL;
917 EVP_PKEY *params = NULL;
918 EVP_PKEY_CTX *pctx = NULL;
919 EVP_PKEY_CTX *kctx = NULL;
920 EVP_PKEY_CTX *sctx = NULL;
922 unsigned char *sig = NULL;
923 EVP_MD_CTX *md_ctx = NULL;
924 EVP_MD_CTX *md_ctx_verify = NULL;
925 EVP_PKEY_CTX *cctx = NULL;
927 uint8_t ciphertext[128];
928 size_t ctext_len = sizeof(ciphertext);
930 uint8_t plaintext[8];
931 size_t ptext_len = sizeof(plaintext);
933 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
935 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
939 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
942 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
945 if (!TEST_true(EVP_PKEY_paramgen(pctx, ¶ms)))
948 kctx = EVP_PKEY_CTX_new(params, NULL);
952 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
955 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
958 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
961 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
964 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
967 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
970 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
971 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
973 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
976 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
979 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
982 /* Determine the size of the signature. */
983 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
986 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
989 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
992 /* Ensure that the signature round-trips. */
994 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
997 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
1000 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
1003 /* now check encryption/decryption */
1005 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
1008 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
1011 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
1014 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
1017 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
1020 if (!TEST_true(ptext_len == sizeof(kMsg)))
1023 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
1028 EVP_PKEY_CTX_free(pctx);
1029 EVP_PKEY_CTX_free(kctx);
1030 EVP_PKEY_CTX_free(sctx);
1031 EVP_PKEY_CTX_free(cctx);
1032 EVP_PKEY_free(pkey);
1033 EVP_PKEY_free(params);
1034 EVP_MD_CTX_free(md_ctx);
1035 EVP_MD_CTX_free(md_ctx_verify);
1042 static struct keys_st {
1048 EVP_PKEY_HMAC, "0123456789", NULL
1050 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
1052 EVP_PKEY_SIPHASH, "0123456789012345", NULL
1054 #ifndef OPENSSL_NO_EC
1056 EVP_PKEY_X25519, "01234567890123456789012345678901",
1057 "abcdefghijklmnopqrstuvwxyzabcdef"
1059 EVP_PKEY_ED25519, "01234567890123456789012345678901",
1060 "abcdefghijklmnopqrstuvwxyzabcdef"
1063 "01234567890123456789012345678901234567890123456789012345",
1064 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
1067 "012345678901234567890123456789012345678901234567890123456",
1068 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
1073 static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
1076 unsigned char buf[80];
1078 size_t inlen, len = 0;
1081 /* Check if this algorithm supports public keys */
1082 if (keys[tst].pub == NULL)
1085 memset(buf, 0, sizeof(buf));
1088 inlen = strlen(keys[tst].pub);
1089 in = (unsigned char *)keys[tst].pub;
1091 pkey = EVP_PKEY_new_raw_public_key_with_libctx(
1093 OBJ_nid2sn(keys[tst].type),
1098 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
1104 inlen = strlen(keys[tst].priv);
1105 in = (unsigned char *)keys[tst].priv;
1107 pkey = EVP_PKEY_new_raw_private_key_with_libctx(
1108 testctx, OBJ_nid2sn(keys[tst].type),
1113 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
1121 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
1122 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
1123 || !TEST_true(len == inlen)
1124 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1125 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1126 || !TEST_mem_eq(in, inlen, buf, len))
1131 EVP_PKEY_free(pkey);
1135 static int test_set_get_raw_keys(int tst)
1137 return test_set_get_raw_keys_int(tst, 0, 0)
1138 && test_set_get_raw_keys_int(tst, 0, 1)
1139 && test_set_get_raw_keys_int(tst, 1, 0)
1140 && test_set_get_raw_keys_int(tst, 1, 1);
1143 static int pkey_custom_check(EVP_PKEY *pkey)
1148 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1153 static int pkey_custom_param_check(EVP_PKEY *pkey)
1158 static EVP_PKEY_METHOD *custom_pmeth;
1160 static int test_EVP_PKEY_check(int i)
1163 const unsigned char *p;
1164 EVP_PKEY *pkey = NULL;
1165 #ifndef OPENSSL_NO_EC
1166 EC_KEY *eckey = NULL;
1168 EVP_PKEY_CTX *ctx = NULL;
1169 EVP_PKEY_CTX *ctx2 = NULL;
1170 const APK_DATA *ak = &keycheckdata[i];
1171 const unsigned char *input = ak->kder;
1172 size_t input_len = ak->size;
1173 int expected_id = ak->evptype;
1174 int expected_check = ak->check;
1175 int expected_pub_check = ak->pub_check;
1176 int expected_param_check = ak->param_check;
1177 int type = ak->type;
1184 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1185 || !TEST_ptr_eq(p, input + input_len)
1186 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1189 #ifndef OPENSSL_NO_EC
1191 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1192 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1193 || !TEST_ptr(pkey = EVP_PKEY_new())
1194 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1198 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1199 || !TEST_ptr_eq(p, input + input_len)
1200 || !TEST_ptr(pkey = EVP_PKEY_new())
1201 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1209 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1212 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1215 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1218 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1221 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1222 /* assign the pkey directly, as an internal test */
1223 EVP_PKEY_up_ref(pkey);
1226 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1229 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1232 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1238 EVP_PKEY_CTX_free(ctx);
1239 EVP_PKEY_CTX_free(ctx2);
1240 EVP_PKEY_free(pkey);
1245 #ifndef OPENSSL_NO_CMAC
1246 static int test_CMAC_keygen(void)
1249 * This is a legacy method for CMACs, but should still work.
1250 * This verifies that it works without an ENGINE.
1252 EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
1255 if (!TEST_true(EVP_PKEY_keygen_init(kctx) > 0)
1256 && !TEST_true(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
1257 EVP_PKEY_CTRL_CIPHER,
1258 0, (void *)EVP_aes_256_ecb()) > 0))
1263 EVP_PKEY_CTX_free(kctx);
1268 static int test_HKDF(void)
1271 unsigned char out[20];
1274 unsigned char salt[] = "0123456789";
1275 unsigned char key[] = "012345678901234567890123456789";
1276 unsigned char info[] = "infostring";
1277 const unsigned char expected[] = {
1278 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1279 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1281 size_t expectedlen = sizeof(expected);
1283 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1286 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1287 for (i = 0; i < 2; i++) {
1288 outlen = sizeof(out);
1289 memset(out, 0, outlen);
1291 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1292 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1293 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1294 sizeof(salt) - 1), 0)
1295 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1296 sizeof(key) - 1), 0)
1297 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1298 sizeof(info) - 1), 0)
1299 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1300 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1307 EVP_PKEY_CTX_free(pctx);
1312 static int test_emptyikm_HKDF(void)
1315 unsigned char out[20];
1318 unsigned char salt[] = "9876543210";
1319 unsigned char key[] = "";
1320 unsigned char info[] = "stringinfo";
1321 const unsigned char expected[] = {
1322 0x68, 0x81, 0xa5, 0x3e, 0x5b, 0x9c, 0x7b, 0x6f, 0x2e, 0xec, 0xc8, 0x47,
1323 0x7c, 0xfa, 0x47, 0x35, 0x66, 0x82, 0x15, 0x30
1325 size_t expectedlen = sizeof(expected);
1327 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1330 outlen = sizeof(out);
1331 memset(out, 0, outlen);
1333 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1334 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1335 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1336 sizeof(salt) - 1), 0)
1337 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1338 sizeof(key) - 1), 0)
1339 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1340 sizeof(info) - 1), 0)
1341 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1342 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1348 EVP_PKEY_CTX_free(pctx);
1353 #ifndef OPENSSL_NO_EC
1354 static int test_X509_PUBKEY_inplace(void)
1357 X509_PUBKEY *xp = NULL;
1358 const unsigned char *p = kExampleECPubKeyDER;
1359 size_t input_len = sizeof(kExampleECPubKeyDER);
1361 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1364 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1367 p = kExampleBadECPubKeyDER;
1368 input_len = sizeof(kExampleBadECPubKeyDER);
1370 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1373 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1379 X509_PUBKEY_free(xp);
1382 #endif /* OPENSSL_NO_EC */
1384 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1385 static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey)
1387 EVP_MD_CTX *mdctx = NULL;
1388 EVP_PKEY_CTX *ctx = NULL;
1389 const OSSL_PARAM *params;
1390 OSSL_PARAM ourparams[2], *param = ourparams, *param_md;
1393 char mdname[OSSL_MAX_NAME_SIZE];
1396 /* Initialise a sign operation */
1397 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1399 || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0))
1403 * We should be able to query the parameters now.
1405 params = EVP_PKEY_CTX_settable_params(ctx);
1406 if (!TEST_ptr(params)
1407 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1408 OSSL_SIGNATURE_PARAM_DIGEST)))
1411 params = EVP_PKEY_CTX_gettable_params(ctx);
1412 if (!TEST_ptr(params)
1413 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1414 OSSL_SIGNATURE_PARAM_ALGORITHM_ID))
1415 || !TEST_ptr(OSSL_PARAM_locate_const(params,
1416 OSSL_SIGNATURE_PARAM_DIGEST)))
1420 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1421 * EVP_PKEY_CTX_get_params()
1423 strcpy(mdname, "SHA512");
1425 *param++ = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1427 *param++ = OSSL_PARAM_construct_end();
1429 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1433 *param_md = OSSL_PARAM_construct_utf8_string(OSSL_SIGNATURE_PARAM_DIGEST,
1434 mdname, sizeof(mdname));
1435 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1436 || !TEST_str_eq(mdname, "SHA512"))
1440 * Test the TEST_PKEY_CTX_set_signature_md() and
1441 * TEST_PKEY_CTX_get_signature_md() functions
1443 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1444 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1445 || !TEST_ptr_eq(md, EVP_sha256()))
1449 * Test getting MD parameters via an associated EVP_PKEY_CTX
1451 mdctx = EVP_MD_CTX_new();
1452 if (!TEST_ptr(mdctx)
1453 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, pkey,
1458 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1459 * able to obtain the digest's settable parameters from the provider.
1461 params = EVP_MD_CTX_settable_params(mdctx);
1462 if (!TEST_ptr(params)
1463 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1464 /* The final key should be NULL */
1465 || !TEST_ptr_null(params[1].key))
1469 memset(ssl3ms, 0, sizeof(ssl3ms));
1470 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1471 ssl3ms, sizeof(ssl3ms));
1472 *param++ = OSSL_PARAM_construct_end();
1474 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1480 EVP_MD_CTX_free(mdctx);
1481 EVP_PKEY_CTX_free(ctx);
1486 #ifndef OPENSSL_NO_DSA
1487 static int test_DSA_get_set_params(void)
1490 BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
1491 EVP_PKEY *pkey = NULL;
1495 * Setup the parameters for our DSA object. For our purposes they don't
1496 * have to actually be *valid* parameters. We just need to set something.
1509 || !DSA_set0_pqg(dsa, p, q, g)
1510 || !DSA_set0_key(dsa, pub, priv))
1512 p = q = g = pub = priv = NULL;
1514 pkey = EVP_PKEY_new();
1516 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1521 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1524 EVP_PKEY_free(pkey);
1536 static int test_RSA_get_set_params(void)
1539 BIGNUM *n = NULL, *e = NULL, *d = NULL;
1540 EVP_PKEY *pkey = NULL;
1544 * Setup the parameters for our RSA object. For our purposes they don't
1545 * have to actually be *valid* parameters. We just need to set something.
1555 || !RSA_set0_key(rsa, n, e, d))
1559 pkey = EVP_PKEY_new();
1561 || !TEST_true(EVP_PKEY_assign_RSA(pkey, rsa)))
1566 ret = test_EVP_PKEY_CTX_get_set_params(pkey);
1569 EVP_PKEY_free(pkey);
1578 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1579 static int test_decrypt_null_chunks(void)
1581 EVP_CIPHER_CTX* ctx = NULL;
1582 const unsigned char key[32] = {
1583 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
1584 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
1585 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1
1587 unsigned char iv[12] = {
1588 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b
1590 unsigned char msg[] = "It was the best of times, it was the worst of times";
1591 unsigned char ciphertext[80];
1592 unsigned char plaintext[80];
1593 /* We initialise tmp to a non zero value on purpose */
1594 int ctlen, ptlen, tmp = 99;
1596 const int enc_offset = 10, dec_offset = 20;
1598 if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())
1599 || !TEST_true(EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL,
1601 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext, &ctlen, msg,
1603 /* Deliberate add a zero length update */
1604 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp, NULL,
1606 || !TEST_int_eq(tmp, 0)
1607 || !TEST_true(EVP_EncryptUpdate(ctx, ciphertext + ctlen, &tmp,
1609 sizeof(msg) - enc_offset))
1610 || !TEST_int_eq(ctlen += tmp, sizeof(msg))
1611 || !TEST_true(EVP_EncryptFinal(ctx, ciphertext + ctlen, &tmp))
1612 || !TEST_int_eq(tmp, 0))
1615 /* Deliberately initialise tmp to a non zero value */
1617 if (!TEST_true(EVP_DecryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, key,
1619 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext, &ptlen, ciphertext,
1622 * Deliberately add a zero length update. We also deliberately do
1623 * this at a different offset than for encryption.
1625 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp, NULL,
1627 || !TEST_int_eq(tmp, 0)
1628 || !TEST_true(EVP_DecryptUpdate(ctx, plaintext + ptlen, &tmp,
1629 ciphertext + dec_offset,
1630 ctlen - dec_offset))
1631 || !TEST_int_eq(ptlen += tmp, sizeof(msg))
1632 || !TEST_true(EVP_DecryptFinal(ctx, plaintext + ptlen, &tmp))
1633 || !TEST_int_eq(tmp, 0)
1634 || !TEST_mem_eq(msg, sizeof(msg), plaintext, ptlen))
1639 EVP_CIPHER_CTX_free(ctx);
1642 #endif /* !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) */
1644 #ifndef OPENSSL_NO_DH
1645 static int test_EVP_PKEY_set1_DH(void)
1647 DH *x942dh = NULL, *noqdh = NULL;
1648 EVP_PKEY *pkey1 = NULL, *pkey2 = NULL;
1650 BIGNUM *p, *g = NULL;
1652 if (!TEST_ptr(p = BN_new())
1653 || !TEST_ptr(g = BN_new())
1654 || !BN_set_word(p, 9999)
1655 || !BN_set_word(g, 2)
1656 || !TEST_ptr(noqdh = DH_new())
1657 || !DH_set0_pqg(noqdh, p, NULL, g))
1661 x942dh = DH_get_2048_256();
1662 pkey1 = EVP_PKEY_new();
1663 pkey2 = EVP_PKEY_new();
1664 if (!TEST_ptr(x942dh)
1667 || !TEST_ptr(pkey2))
1670 if(!TEST_true(EVP_PKEY_set1_DH(pkey1, x942dh))
1671 || !TEST_int_eq(EVP_PKEY_id(pkey1), EVP_PKEY_DHX))
1674 if(!TEST_true(EVP_PKEY_set1_DH(pkey2, noqdh))
1675 || !TEST_int_eq(EVP_PKEY_id(pkey2), EVP_PKEY_DH))
1682 EVP_PKEY_free(pkey1);
1683 EVP_PKEY_free(pkey2);
1692 * We test what happens with an empty template. For the sake of this test,
1693 * the template must be ignored, and we know that's the case for RSA keys
1694 * (this might arguably be a misfeature, but that's what we currently do,
1695 * even in provider code, since that's how the legacy RSA implementation
1698 static int test_keygen_with_empty_template(int n)
1700 EVP_PKEY_CTX *ctx = NULL;
1701 EVP_PKEY *pkey = NULL;
1702 EVP_PKEY *tkey = NULL;
1707 /* We do test with no template at all as well */
1708 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)))
1712 /* Here we create an empty RSA key that serves as our template */
1713 if (!TEST_ptr(tkey = EVP_PKEY_new())
1714 || !TEST_true(EVP_PKEY_set_type(tkey, EVP_PKEY_RSA))
1715 || !TEST_ptr(ctx = EVP_PKEY_CTX_new(tkey, NULL)))
1720 if (!TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1721 || !TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0))
1726 EVP_PKEY_CTX_free(ctx);
1727 EVP_PKEY_free(pkey);
1728 EVP_PKEY_free(tkey);
1733 * Test that we fail if we attempt to use an algorithm that is not available
1734 * in the current library context (unless we are using an algorithm that should
1735 * be made available via legacy codepaths).
1737 static int test_pkey_ctx_fail_without_provider(int tst)
1739 OPENSSL_CTX *tmpctx = OPENSSL_CTX_new();
1740 OSSL_PROVIDER *nullprov = NULL;
1741 EVP_PKEY_CTX *pctx = NULL;
1744 if (!TEST_ptr(tmpctx))
1747 nullprov = OSSL_PROVIDER_load(tmpctx, "null");
1748 if (!TEST_ptr(nullprov))
1751 pctx = EVP_PKEY_CTX_new_from_name(tmpctx, tst == 0 ? "RSA" : "HMAC", "");
1753 /* RSA is not available via any provider so we expect this to fail */
1754 if (tst == 0 && !TEST_ptr_null(pctx))
1758 * HMAC is always available because it is implemented via legacy codepaths
1759 * and not in a provider at all. We expect this to pass.
1761 if (tst == 1 && !TEST_ptr(pctx))
1767 EVP_PKEY_CTX_free(pctx);
1768 OSSL_PROVIDER_unload(nullprov);
1769 OPENSSL_CTX_free(tmpctx);
1773 static int test_rand_agglomeration(void)
1777 OSSL_PARAM params[3], *p = params;
1779 unsigned int step = 7;
1780 static unsigned char seed[] = "It does not matter how slowly you go "
1781 "as long as you do not stop.";
1782 unsigned char out[sizeof(seed)];
1784 if (!TEST_int_ne(sizeof(seed) % step, 0)
1785 || !TEST_ptr(rand = EVP_RAND_fetch(NULL, "TEST-RAND", NULL)))
1787 ctx = EVP_RAND_CTX_new(rand, NULL);
1788 EVP_RAND_free(rand);
1792 memset(out, 0, sizeof(out));
1793 *p++ = OSSL_PARAM_construct_octet_string(OSSL_RAND_PARAM_TEST_ENTROPY,
1794 seed, sizeof(seed));
1795 *p++ = OSSL_PARAM_construct_uint(OSSL_DRBG_PARAM_MAX_REQUEST, &step);
1796 *p = OSSL_PARAM_construct_end();
1797 res = TEST_true(EVP_RAND_set_ctx_params(ctx, params))
1798 && TEST_true(EVP_RAND_generate(ctx, out, sizeof(out), 0, 1, NULL, 0))
1799 && TEST_mem_eq(seed, sizeof(seed), out, sizeof(out));
1800 EVP_RAND_CTX_free(ctx);
1804 int setup_tests(void)
1806 testctx = OPENSSL_CTX_new();
1808 if (!TEST_ptr(testctx))
1811 ADD_TEST(test_EVP_set_default_properties);
1812 ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
1813 ADD_TEST(test_EVP_DigestVerifyInit);
1814 ADD_TEST(test_EVP_Enveloped);
1815 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1816 ADD_TEST(test_privatekey_to_pkcs8);
1817 #ifndef OPENSSL_NO_EC
1818 ADD_TEST(test_EVP_PKCS82PKEY);
1820 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODULE)
1821 ADD_TEST(test_EVP_SM2);
1822 ADD_TEST(test_EVP_SM2_verify);
1824 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1825 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1826 if (!TEST_ptr(custom_pmeth))
1828 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1829 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1830 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1831 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1833 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1834 #ifndef OPENSSL_NO_CMAC
1835 ADD_TEST(test_CMAC_keygen);
1837 ADD_TEST(test_HKDF);
1838 ADD_TEST(test_emptyikm_HKDF);
1839 #ifndef OPENSSL_NO_EC
1840 ADD_TEST(test_X509_PUBKEY_inplace);
1841 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1842 OSSL_NELEM(ec_der_pub_keys));
1844 #ifndef OPENSSL_NO_DSA
1845 ADD_TEST(test_DSA_get_set_params);
1847 ADD_TEST(test_RSA_get_set_params);
1848 #if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
1849 ADD_TEST(test_decrypt_null_chunks);
1851 #ifndef OPENSSL_NO_DH
1852 ADD_TEST(test_EVP_PKEY_set1_DH);
1854 ADD_ALL_TESTS(test_keygen_with_empty_template, 2);
1855 ADD_ALL_TESTS(test_pkey_ctx_fail_without_provider, 2);
1857 ADD_TEST(test_rand_agglomeration);
1862 void cleanup_tests(void)
1864 OPENSSL_CTX_free(testctx);