2 * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include <openssl/bio.h>
14 #include <openssl/conf.h>
15 #include <openssl/crypto.h>
16 #include <openssl/err.h>
17 #include <openssl/evp.h>
18 #include <openssl/rsa.h>
19 #include <openssl/x509.h>
20 #include <openssl/pem.h>
21 #include <openssl/kdf.h>
22 #include <openssl/provider.h>
23 #include <openssl/core_names.h>
24 #include <openssl/dsa.h>
26 #include "internal/nelem.h"
27 #include "crypto/evp.h"
30 * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you
31 * should never use this key anywhere but in an example.
33 static const unsigned char kExampleRSAKeyDER[] = {
34 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xf8,
35 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5, 0xb4, 0x59,
36 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e, 0xd3, 0x37,
37 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34, 0x75, 0x71,
38 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde, 0x97, 0x8a,
39 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8, 0x50, 0xe4,
40 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b, 0xdc, 0xec,
41 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83, 0x58, 0x76,
42 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48, 0x1a, 0xd8,
43 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a, 0x5c, 0xd7,
44 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2, 0xa7, 0x2c,
45 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01, 0x00, 0x01,
46 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a, 0x6d, 0xc7,
47 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5, 0x32, 0x85,
48 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6, 0x5f, 0xee,
49 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8, 0x66, 0x85,
50 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6, 0xa4, 0x0a,
51 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f, 0xc2, 0x15,
52 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c, 0x5b, 0x83,
53 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78, 0x80, 0x1b,
54 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71, 0x99, 0x73,
55 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60, 0x1f, 0x99,
56 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d, 0xb1, 0x02,
57 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3, 0x40, 0x41,
58 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d, 0x3d, 0x59,
59 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18, 0xc6, 0xd9,
60 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d, 0x9f, 0xef,
61 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32, 0x46, 0x87,
62 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc, 0x2c, 0xdf,
63 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63, 0x55, 0xf5,
64 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05, 0xcd, 0xb5,
65 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16, 0xb3, 0x62,
66 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3, 0x9b, 0x64,
67 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85, 0xfa, 0xb8,
68 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97, 0xe8, 0xba,
69 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7, 0xe7, 0xfe,
70 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99, 0x75, 0xe7,
71 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4, 0x9d, 0xfe,
72 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d, 0xf1, 0xdb,
73 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40, 0x5a, 0x34,
74 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26, 0x84, 0x27,
75 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1, 0xe9, 0xc0,
76 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c, 0xb9, 0xba,
77 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30, 0x10, 0x06,
78 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea, 0x52, 0x2c,
79 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b, 0xc4, 0x1e,
80 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e, 0x49, 0xaf,
81 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9, 0xd1, 0x8a,
82 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae, 0x17, 0x17,
83 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d, 0x08, 0xf1,
84 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
88 * kExampleDSAKeyDER is a DSA private key in ASN.1, DER format. Of course, you
89 * should never use this key anywhere but in an example.
91 static const unsigned char kExampleDSAKeyDER[] = {
92 0x30, 0x82, 0x01, 0xba, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0x9a,
93 0x05, 0x6d, 0x33, 0xcd, 0x5d, 0x78, 0xa1, 0xbb, 0xcb, 0x7d, 0x5b, 0x8d,
94 0xb4, 0xcc, 0xbf, 0x03, 0x99, 0x64, 0xde, 0x38, 0x78, 0x06, 0x15, 0x2f,
95 0x86, 0x26, 0x77, 0xf3, 0xb1, 0x85, 0x00, 0xed, 0xfc, 0x28, 0x3a, 0x42,
96 0x4d, 0xab, 0xab, 0xdf, 0xbc, 0x9c, 0x16, 0xd0, 0x22, 0x50, 0xd1, 0x38,
97 0xdd, 0x3f, 0x64, 0x05, 0x9e, 0x68, 0x7a, 0x1e, 0xf1, 0x56, 0xbf, 0x1e,
98 0x2c, 0xc5, 0x97, 0x2a, 0xfe, 0x7a, 0x22, 0xdc, 0x6c, 0x68, 0xb8, 0x2e,
99 0x06, 0xdb, 0x41, 0xca, 0x98, 0xd8, 0x54, 0xc7, 0x64, 0x48, 0x24, 0x04,
100 0x20, 0xbc, 0x59, 0xe3, 0x6b, 0xea, 0x7e, 0xfc, 0x7e, 0xc5, 0x4e, 0xd4,
101 0xd8, 0x3a, 0xed, 0xcd, 0x5d, 0x99, 0xb8, 0x5c, 0xa2, 0x8b, 0xbb, 0x0b,
102 0xac, 0xe6, 0x8e, 0x25, 0x56, 0x22, 0x3a, 0x2d, 0x3a, 0x56, 0x41, 0x14,
103 0x1f, 0x1c, 0x8f, 0x53, 0x46, 0x13, 0x85, 0x02, 0x15, 0x00, 0x98, 0x7e,
104 0x92, 0x81, 0x88, 0xc7, 0x3f, 0x70, 0x49, 0x54, 0xf6, 0x76, 0xb4, 0xa3,
105 0x9e, 0x1d, 0x45, 0x98, 0x32, 0x7f, 0x02, 0x81, 0x80, 0x69, 0x4d, 0xef,
106 0x55, 0xff, 0x4d, 0x59, 0x2c, 0x01, 0xfa, 0x6a, 0x38, 0xe0, 0x70, 0x9f,
107 0x9e, 0x66, 0x8e, 0x3e, 0x8c, 0x52, 0x22, 0x9d, 0x15, 0x7e, 0x3c, 0xef,
108 0x4c, 0x7a, 0x61, 0x26, 0xe0, 0x2b, 0x81, 0x3f, 0xeb, 0xaf, 0x35, 0x38,
109 0x8d, 0xfe, 0xed, 0x46, 0xff, 0x5f, 0x03, 0x9b, 0x81, 0x92, 0xe7, 0x6f,
110 0x76, 0x4f, 0x1d, 0xd9, 0xbb, 0x89, 0xc9, 0x3e, 0xd9, 0x0b, 0xf9, 0xf4,
111 0x78, 0x11, 0x59, 0xc0, 0x1d, 0xcd, 0x0e, 0xa1, 0x6f, 0x15, 0xf1, 0x4d,
112 0xc1, 0xc9, 0x22, 0xed, 0x8d, 0xad, 0x67, 0xc5, 0x4b, 0x95, 0x93, 0x86,
113 0xa6, 0xaf, 0x8a, 0xee, 0x06, 0x89, 0x2f, 0x37, 0x7e, 0x64, 0xaa, 0xf6,
114 0xe7, 0xb1, 0x5a, 0x0a, 0x93, 0x95, 0x5d, 0x3e, 0x53, 0x9a, 0xde, 0x8a,
115 0xc2, 0x95, 0x45, 0x81, 0xbe, 0x5c, 0x2f, 0xc2, 0xb2, 0x92, 0x58, 0x19,
116 0x72, 0x80, 0xe9, 0x79, 0xa1, 0x02, 0x81, 0x80, 0x07, 0xd7, 0x62, 0xff,
117 0xdf, 0x1a, 0x3f, 0xed, 0x32, 0xd4, 0xd4, 0x88, 0x7b, 0x2c, 0x63, 0x7f,
118 0x97, 0xdc, 0x44, 0xd4, 0x84, 0xa2, 0xdd, 0x17, 0x16, 0x85, 0x13, 0xe0,
119 0xac, 0x51, 0x8d, 0x29, 0x1b, 0x75, 0x9a, 0xe4, 0xe3, 0x8a, 0x92, 0x69,
120 0x09, 0x03, 0xc5, 0x68, 0xae, 0x5e, 0x94, 0xfe, 0xc9, 0x92, 0x6c, 0x07,
121 0xb4, 0x1e, 0x64, 0x62, 0x87, 0xc6, 0xa4, 0xfd, 0x0d, 0x5f, 0xe5, 0xf9,
122 0x1b, 0x4f, 0x85, 0x5f, 0xae, 0xf3, 0x11, 0xe5, 0x18, 0xd4, 0x4d, 0x79,
123 0x9f, 0xc4, 0x79, 0x26, 0x04, 0x27, 0xf0, 0x0b, 0xee, 0x2b, 0x86, 0x9f,
124 0x86, 0x61, 0xe6, 0x51, 0xce, 0x04, 0x9b, 0x5d, 0x6b, 0x34, 0x43, 0x8c,
125 0x85, 0x3c, 0xf1, 0x51, 0x9b, 0x08, 0x23, 0x1b, 0xf5, 0x7e, 0x33, 0x12,
126 0xea, 0xab, 0x1f, 0xb7, 0x2d, 0xe2, 0x5f, 0xe6, 0x97, 0x99, 0xb5, 0x45,
127 0x16, 0x5b, 0xc3, 0x41, 0x02, 0x14, 0x61, 0xbf, 0x51, 0x60, 0xcf, 0xc8,
128 0xf1, 0x8c, 0x82, 0x97, 0xf2, 0xf4, 0x19, 0xba, 0x2b, 0xf3, 0x16, 0xbe,
133 * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private
134 * components are not correct.
136 static const unsigned char kExampleBadRSAKeyDER[] = {
137 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
138 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef,
139 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9,
140 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4,
141 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3,
142 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05,
143 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26,
144 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0,
145 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33,
146 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66,
147 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde,
148 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa,
149 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53,
150 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c,
151 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75,
152 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7,
153 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c,
154 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a,
155 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87,
156 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd,
157 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0,
158 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18,
159 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
160 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5,
161 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06,
162 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0,
163 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75,
164 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1,
165 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00,
166 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd,
167 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29,
168 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5,
169 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05,
170 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e,
171 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf,
172 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d,
173 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb,
174 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5,
175 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef,
176 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9,
177 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2,
178 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7,
179 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff,
180 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99,
181 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78,
182 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb,
183 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35,
184 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46,
185 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6,
186 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f,
187 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56,
188 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d,
189 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55,
190 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20,
191 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6,
192 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81,
193 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a,
194 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e,
195 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3,
196 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1,
197 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6,
198 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77,
199 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a,
200 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d,
201 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b,
202 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a,
203 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf,
204 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28,
205 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12,
206 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd,
207 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a,
208 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5,
209 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e,
210 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b,
211 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84,
212 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e,
213 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97,
214 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81,
215 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b,
216 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6,
217 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74,
218 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e,
219 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9,
220 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98,
221 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05,
222 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef,
223 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf,
224 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69,
225 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce,
228 static const unsigned char kMsg[] = { 1, 2, 3, 4 };
230 static const unsigned char kSignature[] = {
231 0xa5, 0xf0, 0x8a, 0x47, 0x5d, 0x3c, 0xb3, 0xcc, 0xa9, 0x79, 0xaf, 0x4d,
232 0x8c, 0xae, 0x4c, 0x14, 0xef, 0xc2, 0x0b, 0x34, 0x36, 0xde, 0xf4, 0x3e,
233 0x3d, 0xbb, 0x4a, 0x60, 0x5c, 0xc8, 0x91, 0x28, 0xda, 0xfb, 0x7e, 0x04,
234 0x96, 0x7e, 0x63, 0x13, 0x90, 0xce, 0xb9, 0xb4, 0x62, 0x7a, 0xfd, 0x09,
235 0x3d, 0xc7, 0x67, 0x78, 0x54, 0x04, 0xeb, 0x52, 0x62, 0x6e, 0x24, 0x67,
236 0xb4, 0x40, 0xfc, 0x57, 0x62, 0xc6, 0xf1, 0x67, 0xc1, 0x97, 0x8f, 0x6a,
237 0xa8, 0xae, 0x44, 0x46, 0x5e, 0xab, 0x67, 0x17, 0x53, 0x19, 0x3a, 0xda,
238 0x5a, 0xc8, 0x16, 0x3e, 0x86, 0xd5, 0xc5, 0x71, 0x2f, 0xfc, 0x23, 0x48,
239 0xd9, 0x0b, 0x13, 0xdd, 0x7b, 0x5a, 0x25, 0x79, 0xef, 0xa5, 0x7b, 0x04,
240 0xed, 0x44, 0xf6, 0x18, 0x55, 0xe4, 0x0a, 0xe9, 0x57, 0x79, 0x5d, 0xd7,
241 0x55, 0xa7, 0xab, 0x45, 0x02, 0x97, 0x60, 0x42,
245 * kExampleRSAKeyPKCS8 is kExampleRSAKeyDER encoded in a PKCS #8
248 static const unsigned char kExampleRSAKeyPKCS8[] = {
249 0x30, 0x82, 0x02, 0x76, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a,
250 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82,
251 0x02, 0x60, 0x30, 0x82, 0x02, 0x5c, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81,
252 0x00, 0xf8, 0xb8, 0x6c, 0x83, 0xb4, 0xbc, 0xd9, 0xa8, 0x57, 0xc0, 0xa5,
253 0xb4, 0x59, 0x76, 0x8c, 0x54, 0x1d, 0x79, 0xeb, 0x22, 0x52, 0x04, 0x7e,
254 0xd3, 0x37, 0xeb, 0x41, 0xfd, 0x83, 0xf9, 0xf0, 0xa6, 0x85, 0x15, 0x34,
255 0x75, 0x71, 0x5a, 0x84, 0xa8, 0x3c, 0xd2, 0xef, 0x5a, 0x4e, 0xd3, 0xde,
256 0x97, 0x8a, 0xdd, 0xff, 0xbb, 0xcf, 0x0a, 0xaa, 0x86, 0x92, 0xbe, 0xb8,
257 0x50, 0xe4, 0xcd, 0x6f, 0x80, 0x33, 0x30, 0x76, 0x13, 0x8f, 0xca, 0x7b,
258 0xdc, 0xec, 0x5a, 0xca, 0x63, 0xc7, 0x03, 0x25, 0xef, 0xa8, 0x8a, 0x83,
259 0x58, 0x76, 0x20, 0xfa, 0x16, 0x77, 0xd7, 0x79, 0x92, 0x63, 0x01, 0x48,
260 0x1a, 0xd8, 0x7b, 0x67, 0xf1, 0x52, 0x55, 0x49, 0x4e, 0xd6, 0x6e, 0x4a,
261 0x5c, 0xd7, 0x7a, 0x37, 0x36, 0x0c, 0xde, 0xdd, 0x8f, 0x44, 0xe8, 0xc2,
262 0xa7, 0x2c, 0x2b, 0xb5, 0xaf, 0x64, 0x4b, 0x61, 0x07, 0x02, 0x03, 0x01,
263 0x00, 0x01, 0x02, 0x81, 0x80, 0x74, 0x88, 0x64, 0x3f, 0x69, 0x45, 0x3a,
264 0x6d, 0xc7, 0x7f, 0xb9, 0xa3, 0xc0, 0x6e, 0xec, 0xdc, 0xd4, 0x5a, 0xb5,
265 0x32, 0x85, 0x5f, 0x19, 0xd4, 0xf8, 0xd4, 0x3f, 0x3c, 0xfa, 0xc2, 0xf6,
266 0x5f, 0xee, 0xe6, 0xba, 0x87, 0x74, 0x2e, 0xc7, 0x0c, 0xd4, 0x42, 0xb8,
267 0x66, 0x85, 0x9c, 0x7b, 0x24, 0x61, 0xaa, 0x16, 0x11, 0xf6, 0xb5, 0xb6,
268 0xa4, 0x0a, 0xc9, 0x55, 0x2e, 0x81, 0xa5, 0x47, 0x61, 0xcb, 0x25, 0x8f,
269 0xc2, 0x15, 0x7b, 0x0e, 0x7c, 0x36, 0x9f, 0x3a, 0xda, 0x58, 0x86, 0x1c,
270 0x5b, 0x83, 0x79, 0xe6, 0x2b, 0xcc, 0xe6, 0xfa, 0x2c, 0x61, 0xf2, 0x78,
271 0x80, 0x1b, 0xe2, 0xf3, 0x9d, 0x39, 0x2b, 0x65, 0x57, 0x91, 0x3d, 0x71,
272 0x99, 0x73, 0xa5, 0xc2, 0x79, 0x20, 0x8c, 0x07, 0x4f, 0xe5, 0xb4, 0x60,
273 0x1f, 0x99, 0xa2, 0xb1, 0x4f, 0x0c, 0xef, 0xbc, 0x59, 0x53, 0x00, 0x7d,
274 0xb1, 0x02, 0x41, 0x00, 0xfc, 0x7e, 0x23, 0x65, 0x70, 0xf8, 0xce, 0xd3,
275 0x40, 0x41, 0x80, 0x6a, 0x1d, 0x01, 0xd6, 0x01, 0xff, 0xb6, 0x1b, 0x3d,
276 0x3d, 0x59, 0x09, 0x33, 0x79, 0xc0, 0x4f, 0xde, 0x96, 0x27, 0x4b, 0x18,
277 0xc6, 0xd9, 0x78, 0xf1, 0xf4, 0x35, 0x46, 0xe9, 0x7c, 0x42, 0x7a, 0x5d,
278 0x9f, 0xef, 0x54, 0xb8, 0xf7, 0x9f, 0xc4, 0x33, 0x6c, 0xf3, 0x8c, 0x32,
279 0x46, 0x87, 0x67, 0x30, 0x7b, 0xa7, 0xac, 0xe3, 0x02, 0x41, 0x00, 0xfc,
280 0x2c, 0xdf, 0x0c, 0x0d, 0x88, 0xf5, 0xb1, 0x92, 0xa8, 0x93, 0x47, 0x63,
281 0x55, 0xf5, 0xca, 0x58, 0x43, 0xba, 0x1c, 0xe5, 0x9e, 0xb6, 0x95, 0x05,
282 0xcd, 0xb5, 0x82, 0xdf, 0xeb, 0x04, 0x53, 0x9d, 0xbd, 0xc2, 0x38, 0x16,
283 0xb3, 0x62, 0xdd, 0xa1, 0x46, 0xdb, 0x6d, 0x97, 0x93, 0x9f, 0x8a, 0xc3,
284 0x9b, 0x64, 0x7e, 0x42, 0xe3, 0x32, 0x57, 0x19, 0x1b, 0xd5, 0x6e, 0x85,
285 0xfa, 0xb8, 0x8d, 0x02, 0x41, 0x00, 0xbc, 0x3d, 0xde, 0x6d, 0xd6, 0x97,
286 0xe8, 0xba, 0x9e, 0x81, 0x37, 0x17, 0xe5, 0xa0, 0x64, 0xc9, 0x00, 0xb7,
287 0xe7, 0xfe, 0xf4, 0x29, 0xd9, 0x2e, 0x43, 0x6b, 0x19, 0x20, 0xbd, 0x99,
288 0x75, 0xe7, 0x76, 0xf8, 0xd3, 0xae, 0xaf, 0x7e, 0xb8, 0xeb, 0x81, 0xf4,
289 0x9d, 0xfe, 0x07, 0x2b, 0x0b, 0x63, 0x0b, 0x5a, 0x55, 0x90, 0x71, 0x7d,
290 0xf1, 0xdb, 0xd9, 0xb1, 0x41, 0x41, 0x68, 0x2f, 0x4e, 0x39, 0x02, 0x40,
291 0x5a, 0x34, 0x66, 0xd8, 0xf5, 0xe2, 0x7f, 0x18, 0xb5, 0x00, 0x6e, 0x26,
292 0x84, 0x27, 0x14, 0x93, 0xfb, 0xfc, 0xc6, 0x0f, 0x5e, 0x27, 0xe6, 0xe1,
293 0xe9, 0xc0, 0x8a, 0xe4, 0x34, 0xda, 0xe9, 0xa2, 0x4b, 0x73, 0xbc, 0x8c,
294 0xb9, 0xba, 0x13, 0x6c, 0x7a, 0x2b, 0x51, 0x84, 0xa3, 0x4a, 0xe0, 0x30,
295 0x10, 0x06, 0x7e, 0xed, 0x17, 0x5a, 0x14, 0x00, 0xc9, 0xef, 0x85, 0xea,
296 0x52, 0x2c, 0xbc, 0x65, 0x02, 0x40, 0x51, 0xe3, 0xf2, 0x83, 0x19, 0x9b,
297 0xc4, 0x1e, 0x2f, 0x50, 0x3d, 0xdf, 0x5a, 0xa2, 0x18, 0xca, 0x5f, 0x2e,
298 0x49, 0xaf, 0x6f, 0xcc, 0xfa, 0x65, 0x77, 0x94, 0xb5, 0xa1, 0x0a, 0xa9,
299 0xd1, 0x8a, 0x39, 0x37, 0xf4, 0x0b, 0xa0, 0xd7, 0x82, 0x27, 0x5e, 0xae,
300 0x17, 0x17, 0xa1, 0x1e, 0x54, 0x34, 0xbf, 0x6e, 0xc4, 0x8e, 0x99, 0x5d,
301 0x08, 0xf1, 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf,
304 #ifndef OPENSSL_NO_EC
306 * kExampleECKeyDER is a sample EC private key encoded as an ECPrivateKey
309 static const unsigned char kExampleECKeyDER[] = {
310 0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
311 0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
312 0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
313 0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
314 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
315 0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
316 0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
317 0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
318 0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
319 0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
324 * kExampleBadECKeyDER is a sample EC private key encoded as an ECPrivateKey
325 * structure. The private key is equal to the order and will fail to import
327 static const unsigned char kExampleBadECKeyDER[] = {
328 0x30, 0x66, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48,
329 0xCE, 0x3D, 0x02, 0x01, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03,
330 0x01, 0x07, 0x04, 0x4C, 0x30, 0x4A, 0x02, 0x01, 0x01, 0x04, 0x20, 0xFF,
331 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
332 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3,
333 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51, 0xA1, 0x23, 0x03, 0x21, 0x00,
334 0x00, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF,
335 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84,
336 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
340 static const unsigned char kExampleECPubKeyDER[] = {
341 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
342 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
343 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
344 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
345 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
346 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
347 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
348 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
352 * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
353 * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
355 static const unsigned char kExampleBadECPubKeyDER[] = {
356 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
357 0x02, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
358 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53,
359 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8,
360 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7,
361 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b,
362 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20,
363 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5
366 static const unsigned char pExampleECParamDER[] = {
367 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
371 typedef struct APK_DATA_st {
372 const unsigned char *kder;
378 int type; /* 0 for private, 1 for public, 2 for params */
381 static APK_DATA keydata[] = {
382 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA},
383 {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA},
384 #ifndef OPENSSL_NO_EC
385 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC}
389 static APK_DATA keycheckdata[] = {
390 {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0},
391 {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA,
393 #ifndef OPENSSL_NO_EC
394 {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0},
395 /* group is also associated in our pub key */
396 {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1},
397 {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2}
401 static EVP_PKEY *load_example_rsa_key(void)
403 EVP_PKEY *ret = NULL;
404 const unsigned char *derp = kExampleRSAKeyDER;
405 EVP_PKEY *pkey = NULL;
408 if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))))
411 if (!TEST_ptr(pkey = EVP_PKEY_new())
412 || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa)))
425 static EVP_PKEY *load_example_dsa_key(void)
427 EVP_PKEY *ret = NULL;
428 const unsigned char *derp = kExampleDSAKeyDER;
429 EVP_PKEY *pkey = NULL;
432 if (!TEST_true(d2i_DSAPrivateKey(&dsa, &derp, sizeof(kExampleDSAKeyDER))))
435 if (!TEST_ptr(pkey = EVP_PKEY_new())
436 || !TEST_true(EVP_PKEY_set1_DSA(pkey, dsa)))
450 static int test_EVP_Enveloped(void)
453 EVP_CIPHER_CTX *ctx = NULL;
454 EVP_PKEY *keypair = NULL;
455 unsigned char *kek = NULL;
456 unsigned char iv[EVP_MAX_IV_LENGTH];
457 static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 };
458 int len, kek_len, ciphertext_len, plaintext_len;
459 unsigned char ciphertext[32], plaintext[16];
460 const EVP_CIPHER *type = EVP_aes_256_cbc();
462 if (!TEST_ptr(keypair = load_example_rsa_key())
463 || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair)))
464 || !TEST_ptr(ctx = EVP_CIPHER_CTX_new())
465 || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv,
467 || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len,
469 || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len,
473 ciphertext_len += len;
475 if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair))
476 || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len,
477 ciphertext, ciphertext_len))
478 || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len)))
481 plaintext_len += len;
482 if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len))
488 EVP_PKEY_free(keypair);
489 EVP_CIPHER_CTX_free(ctx);
494 * Test 0: Standard calls to EVP_DigestSignInit/Update/Final (RSA)
495 * Test 1: Standard calls to EVP_DigestSignInit/Update/Final (DSA)
496 * Test 2: Use an MD BIO to do the Update calls instead (RSA)
497 * Test 3: Use an MD BIO to do the Update calls instead (DSA)
499 static int test_EVP_DigestSignInit(int tst)
502 EVP_PKEY *pkey = NULL;
503 unsigned char *sig = NULL;
505 EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
506 EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
507 BIO *mdbio = NULL, *membio = NULL;
511 membio = BIO_new(BIO_s_mem());
512 mdbio = BIO_new(BIO_f_md());
513 if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
515 BIO_push(mdbio, membio);
516 if (!TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx), 0))
519 if (!TEST_ptr(a_md_ctx = md_ctx = EVP_MD_CTX_new())
520 || !TEST_ptr(a_md_ctx_verify = md_ctx_verify = EVP_MD_CTX_new()))
524 if (tst == 0 || tst == 2) {
525 if (!TEST_ptr(pkey = load_example_rsa_key()))
528 if (!TEST_ptr(pkey = load_example_dsa_key()))
532 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)))
536 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
539 if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
543 /* Determine the size of the signature. */
544 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
545 || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
548 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))
549 || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
553 if (!TEST_int_gt(BIO_reset(mdbio), 0)
554 || !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
558 /* Ensure that the signature round-trips. */
559 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(),
564 if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
567 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg,
571 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
579 EVP_MD_CTX_free(a_md_ctx);
580 EVP_MD_CTX_free(a_md_ctx_verify);
587 static int test_EVP_DigestVerifyInit(void)
590 EVP_PKEY *pkey = NULL;
591 EVP_MD_CTX *md_ctx = NULL;
593 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())
594 || !TEST_ptr(pkey = load_example_rsa_key()))
597 if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey))
598 || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)))
599 || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature,
600 sizeof(kSignature))))
605 EVP_MD_CTX_free(md_ctx);
610 static int test_d2i_AutoPrivateKey(int i)
613 const unsigned char *p;
614 EVP_PKEY *pkey = NULL;
615 const APK_DATA *ak = &keydata[i];
616 const unsigned char *input = ak->kder;
617 size_t input_len = ak->size;
618 int expected_id = ak->evptype;
621 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
622 || !TEST_ptr_eq(p, input + input_len)
623 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
633 #ifndef OPENSSL_NO_EC
635 static const unsigned char ec_public_sect163k1_validxy[] = {
636 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
637 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
638 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
639 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x02, 0xd1, 0x7b,
640 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
641 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
644 static const unsigned char ec_public_sect163k1_badx[] = {
645 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
646 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
647 0x0a, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
648 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0xb0, 0x02, 0xd1, 0x7b,
649 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
650 0x6a, 0xd8, 0x17, 0x65, 0x41, 0x2f
653 static const unsigned char ec_public_sect163k1_bady[] = {
654 0x30, 0x40, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
655 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x01, 0x03, 0x2c, 0x00, 0x04,
656 0x02, 0x84, 0x58, 0xa6, 0xd4, 0xa0, 0x35, 0x2b, 0xae, 0xf0, 0xc0, 0x69,
657 0x05, 0xcf, 0x2a, 0x50, 0x33, 0xf9, 0xe3, 0x92, 0x79, 0x0a, 0xd1, 0x7b,
658 0x9f, 0x22, 0x00, 0xf0, 0x3b, 0x0e, 0x5d, 0x2e, 0xb7, 0x23, 0x24, 0xf3,
659 0x6a, 0xd8, 0x17, 0x65, 0x41, 0xe6
662 static struct ec_der_pub_keys_st {
663 const unsigned char *der;
666 } ec_der_pub_keys[] = {
667 { ec_public_sect163k1_validxy, sizeof(ec_public_sect163k1_validxy), 1 },
668 { ec_public_sect163k1_badx, sizeof(ec_public_sect163k1_badx), 0 },
669 { ec_public_sect163k1_bady, sizeof(ec_public_sect163k1_bady), 0 },
673 * Tests the range of the decoded EC char2 public point.
674 * See ec_GF2m_simple_oct2point().
676 static int test_invalide_ec_char2_pub_range_decode(int id)
680 EC_KEY *eckey = NULL;
682 if (!TEST_ptr(bio = BIO_new_mem_buf(ec_der_pub_keys[id].der,
683 ec_der_pub_keys[id].len)))
685 eckey = d2i_EC_PUBKEY_bio(bio, NULL);
686 ret = (ec_der_pub_keys[id].valid && TEST_ptr(eckey))
687 || TEST_ptr_null(eckey);
694 /* Tests loading a bad key in PKCS8 format */
695 static int test_EVP_PKCS82PKEY(void)
698 const unsigned char *derp = kExampleBadECKeyDER;
699 PKCS8_PRIV_KEY_INFO *p8inf = NULL;
700 EVP_PKEY *pkey = NULL;
702 if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp,
703 sizeof(kExampleBadECKeyDER))))
706 if (!TEST_ptr_eq(derp,
707 kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)))
710 if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf)))
716 PKCS8_PRIV_KEY_INFO_free(p8inf);
723 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
725 static int test_EVP_SM2_verify(void)
727 /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */
729 "-----BEGIN PUBLIC KEY-----\n"
730 "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n"
731 "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n"
732 "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n"
733 "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n"
734 "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n"
735 "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n"
736 "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n"
737 "-----END PUBLIC KEY-----\n";
739 const char *msg = "message digest";
740 const char *id = "ALICE123@YAHOO.COM";
742 const uint8_t signature[] = {
743 0x30, 0x44, 0x02, 0x20,
745 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC,
746 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2,
747 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1,
751 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF,
752 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0,
753 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7
758 EVP_PKEY *pkey = NULL;
759 EVP_MD_CTX *mctx = NULL;
760 EVP_PKEY_CTX *pctx = NULL;
762 bio = BIO_new_mem_buf(pubkey, strlen(pubkey));
763 if (!TEST_true(bio != NULL))
766 pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
767 if (!TEST_true(pkey != NULL))
770 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
773 if (!TEST_ptr(mctx = EVP_MD_CTX_new()))
776 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL)))
779 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id,
783 EVP_MD_CTX_set_pkey_ctx(mctx, pctx);
785 if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey)))
788 if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg))))
791 if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature))))
798 EVP_PKEY_CTX_free(pctx);
799 EVP_MD_CTX_free(mctx);
803 static int test_EVP_SM2(void)
806 EVP_PKEY *pkey = NULL;
807 EVP_PKEY *params = NULL;
808 EVP_PKEY_CTX *pctx = NULL;
809 EVP_PKEY_CTX *kctx = NULL;
810 EVP_PKEY_CTX *sctx = NULL;
812 unsigned char *sig = NULL;
813 EVP_MD_CTX *md_ctx = NULL;
814 EVP_MD_CTX *md_ctx_verify = NULL;
815 EVP_PKEY_CTX *cctx = NULL;
817 uint8_t ciphertext[128];
818 size_t ctext_len = sizeof(ciphertext);
820 uint8_t plaintext[8];
821 size_t ptext_len = sizeof(plaintext);
823 uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'};
825 pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL);
829 if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1))
832 if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)))
835 if (!TEST_true(EVP_PKEY_paramgen(pctx, ¶ms)))
838 kctx = EVP_PKEY_CTX_new(params, NULL);
842 if (!TEST_true(EVP_PKEY_keygen_init(kctx)))
845 if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey)))
848 if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)))
851 if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()))
854 if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()))
857 if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL)))
860 EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);
861 EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);
863 if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0))
866 if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)))
869 if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
872 /* Determine the size of the signature. */
873 if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)))
876 if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey)))
879 if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)))
882 if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
885 /* Ensure that the signature round-trips. */
887 if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)))
890 if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg))))
893 if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)))
896 /* now check encryption/decryption */
898 if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
901 if (!TEST_true(EVP_PKEY_encrypt_init(cctx)))
904 if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg))))
907 if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
910 if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len)))
913 if (!TEST_true(ptext_len == sizeof(kMsg)))
916 if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0))
921 EVP_PKEY_CTX_free(pctx);
922 EVP_PKEY_CTX_free(kctx);
923 EVP_PKEY_CTX_free(sctx);
924 EVP_PKEY_CTX_free(cctx);
926 EVP_PKEY_free(params);
927 EVP_MD_CTX_free(md_ctx);
928 EVP_MD_CTX_free(md_ctx_verify);
935 static struct keys_st {
941 EVP_PKEY_HMAC, "0123456789", NULL
943 EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL
945 EVP_PKEY_SIPHASH, "0123456789012345", NULL
947 #ifndef OPENSSL_NO_EC
949 EVP_PKEY_X25519, "01234567890123456789012345678901",
950 "abcdefghijklmnopqrstuvwxyzabcdef"
952 EVP_PKEY_ED25519, "01234567890123456789012345678901",
953 "abcdefghijklmnopqrstuvwxyzabcdef"
956 "01234567890123456789012345678901234567890123456789012345",
957 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd"
960 "012345678901234567890123456789012345678901234567890123456",
961 "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde"
966 static int test_set_get_raw_keys_int(int tst, int pub)
969 unsigned char buf[80];
971 size_t inlen, len = 0;
974 /* Check if this algorithm supports public keys */
975 if (keys[tst].pub == NULL)
978 memset(buf, 0, sizeof(buf));
981 inlen = strlen(keys[tst].pub);
982 in = (unsigned char *)keys[tst].pub;
983 pkey = EVP_PKEY_new_raw_public_key(keys[tst].type,
988 inlen = strlen(keys[tst].priv);
989 in = (unsigned char *)keys[tst].priv;
990 pkey = EVP_PKEY_new_raw_private_key(keys[tst].type,
997 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
998 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
999 || !TEST_true(len == inlen)
1000 || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
1001 || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
1002 || !TEST_mem_eq(in, inlen, buf, len))
1007 EVP_PKEY_free(pkey);
1011 static int test_set_get_raw_keys(int tst)
1013 return test_set_get_raw_keys_int(tst, 0)
1014 && test_set_get_raw_keys_int(tst, 1);
1017 static int pkey_custom_check(EVP_PKEY *pkey)
1022 static int pkey_custom_pub_check(EVP_PKEY *pkey)
1027 static int pkey_custom_param_check(EVP_PKEY *pkey)
1032 static EVP_PKEY_METHOD *custom_pmeth;
1034 static int test_EVP_PKEY_check(int i)
1037 const unsigned char *p;
1038 EVP_PKEY *pkey = NULL;
1039 #ifndef OPENSSL_NO_EC
1040 EC_KEY *eckey = NULL;
1042 EVP_PKEY_CTX *ctx = NULL;
1043 EVP_PKEY_CTX *ctx2 = NULL;
1044 const APK_DATA *ak = &keycheckdata[i];
1045 const unsigned char *input = ak->kder;
1046 size_t input_len = ak->size;
1047 int expected_id = ak->evptype;
1048 int expected_check = ak->check;
1049 int expected_pub_check = ak->pub_check;
1050 int expected_param_check = ak->param_check;
1051 int type = ak->type;
1058 if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len))
1059 || !TEST_ptr_eq(p, input + input_len)
1060 || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id))
1063 #ifndef OPENSSL_NO_EC
1065 if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len))
1066 || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL))
1067 || !TEST_ptr(pkey = EVP_PKEY_new())
1068 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1072 if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len))
1073 || !TEST_ptr_eq(p, input + input_len)
1074 || !TEST_ptr(pkey = EVP_PKEY_new())
1075 || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey)))
1083 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)))
1086 if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check))
1089 if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check))
1092 if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check))
1095 ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL);
1096 /* assign the pkey directly, as an internal test */
1097 EVP_PKEY_up_ref(pkey);
1100 if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef))
1103 if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef))
1106 if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef))
1112 EVP_PKEY_CTX_free(ctx);
1113 EVP_PKEY_CTX_free(ctx2);
1114 EVP_PKEY_free(pkey);
1119 static int test_HKDF(void)
1122 unsigned char out[20];
1125 unsigned char salt[] = "0123456789";
1126 unsigned char key[] = "012345678901234567890123456789";
1127 unsigned char info[] = "infostring";
1128 const unsigned char expected[] = {
1129 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5,
1130 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca
1132 size_t expectedlen = sizeof(expected);
1134 if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)))
1137 /* We do this twice to test reuse of the EVP_PKEY_CTX */
1138 for (i = 0; i < 2; i++) {
1139 outlen = sizeof(out);
1140 memset(out, 0, outlen);
1142 if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0)
1143 || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0)
1144 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt,
1145 sizeof(salt) - 1), 0)
1146 || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key,
1147 sizeof(key) - 1), 0)
1148 || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info,
1149 sizeof(info) - 1), 0)
1150 || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0)
1151 || !TEST_mem_eq(out, outlen, expected, expectedlen))
1158 EVP_PKEY_CTX_free(pctx);
1163 #ifndef OPENSSL_NO_EC
1164 static int test_X509_PUBKEY_inplace(void)
1167 X509_PUBKEY *xp = NULL;
1168 const unsigned char *p = kExampleECPubKeyDER;
1169 size_t input_len = sizeof(kExampleECPubKeyDER);
1171 if (!TEST_ptr(xp = d2i_X509_PUBKEY(NULL, &p, input_len)))
1174 if (!TEST_ptr(X509_PUBKEY_get0(xp)))
1177 p = kExampleBadECPubKeyDER;
1178 input_len = sizeof(kExampleBadECPubKeyDER);
1180 if (!TEST_ptr(xp = d2i_X509_PUBKEY(&xp, &p, input_len)))
1183 if (!TEST_true(X509_PUBKEY_get0(xp) == NULL))
1189 X509_PUBKEY_free(xp);
1192 #endif /* OPENSSL_NO_EC */
1194 #ifndef OPENSSL_NO_DSA
1195 /* Test getting and setting parameters on an EVP_PKEY_CTX */
1196 static int test_EVP_PKEY_CTX_get_set_params(void)
1198 EVP_MD_CTX *mdctx = NULL;
1199 EVP_PKEY_CTX *ctx = NULL;
1200 EVP_SIGNATURE *dsaimpl = NULL;
1201 const OSSL_PARAM *params;
1202 OSSL_PARAM ourparams[2], *param = ourparams;
1204 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1205 EVP_PKEY *pkey = NULL;
1208 size_t mdsize = SHA512_DIGEST_LENGTH;
1212 * Setup the parameters for our DSA object. For our purposes they don't have
1213 * to actually be *valid* parameters. We just need to set something. We
1214 * don't even need a pub_key/priv_key.
1224 || !DSA_set0_pqg(dsa, p, q, g))
1228 pkey = EVP_PKEY_new();
1230 || !TEST_true(EVP_PKEY_assign_DSA(pkey, dsa)))
1235 /* Initialise a sign operation */
1236 ctx = EVP_PKEY_CTX_new(pkey, NULL);
1237 dsaimpl = EVP_SIGNATURE_fetch(NULL, "DSA", NULL);
1239 || !TEST_ptr(dsaimpl)
1240 || !TEST_int_gt(EVP_PKEY_sign_init_ex(ctx, dsaimpl), 0))
1244 * We should be able to query the parameters now. The default DSA
1245 * implementation supports exactly one parameter - so we expect to see that
1246 * returned and no more.
1248 params = EVP_PKEY_CTX_settable_params(ctx);
1249 if (!TEST_ptr(params)
1250 || !TEST_int_eq(strcmp(params[0].key,
1251 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1252 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1254 /* The final key should be NULL */
1255 || !TEST_ptr_null(params[2].key))
1258 /* Gettable params are the same as the settable ones */
1259 params = EVP_PKEY_CTX_gettable_params(ctx);
1260 if (!TEST_ptr(params)
1261 || !TEST_int_eq(strcmp(params[0].key,
1262 OSSL_SIGNATURE_PARAM_DIGEST_SIZE), 0)
1263 || !TEST_int_eq(strcmp(params[1].key, OSSL_SIGNATURE_PARAM_DIGEST),
1265 /* The final key should be NULL */
1266 || !TEST_ptr_null(params[2].key))
1270 * Test getting and setting params via EVP_PKEY_CTX_set_params() and
1271 * EVP_PKEY_CTX_get_params()
1273 *param++ = OSSL_PARAM_construct_size_t(OSSL_SIGNATURE_PARAM_DIGEST_SIZE,
1275 *param++ = OSSL_PARAM_construct_end();
1277 if (!TEST_true(EVP_PKEY_CTX_set_params(ctx, ourparams)))
1281 if (!TEST_true(EVP_PKEY_CTX_get_params(ctx, ourparams))
1282 || !TEST_size_t_eq(mdsize, SHA512_DIGEST_LENGTH))
1286 * Test the TEST_PKEY_CTX_set_signature_md() and
1287 * TEST_PKEY_CTX_get_signature_md() functions
1289 if (!TEST_int_gt(EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()), 0)
1290 || !TEST_int_gt(EVP_PKEY_CTX_get_signature_md(ctx, &md), 0)
1291 || !TEST_ptr_eq(md, EVP_sha256()))
1295 * Test getting MD parameters via an associated EVP_PKEY_CTX
1297 mdctx = EVP_MD_CTX_new();
1298 if (!TEST_ptr(mdctx)
1299 || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL,
1304 * We now have an EVP_MD_CTX with an EVP_PKEY_CTX inside it. We should be
1305 * able to obtain the digest's settable parameters from the provider.
1307 params = EVP_MD_CTX_settable_params(mdctx);
1308 if (!TEST_ptr(params)
1309 || !TEST_int_eq(strcmp(params[0].key, OSSL_DIGEST_PARAM_SSL3_MS), 0)
1310 /* The final key should be NULL */
1311 || !TEST_ptr_null(params[1].key))
1315 memset(ssl3ms, 0, sizeof(ssl3ms));
1316 *param++ = OSSL_PARAM_construct_octet_string(OSSL_DIGEST_PARAM_SSL3_MS,
1317 ssl3ms, sizeof(ssl3ms));
1318 *param++ = OSSL_PARAM_construct_end();
1320 if (!TEST_true(EVP_MD_CTX_set_params(mdctx, ourparams)))
1326 EVP_MD_CTX_free(mdctx);
1327 EVP_PKEY_CTX_free(ctx);
1328 EVP_SIGNATURE_free(dsaimpl);
1329 EVP_PKEY_free(pkey);
1339 int setup_tests(void)
1341 ADD_ALL_TESTS(test_EVP_DigestSignInit, 4);
1342 ADD_TEST(test_EVP_DigestVerifyInit);
1343 ADD_TEST(test_EVP_Enveloped);
1344 ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
1345 #ifndef OPENSSL_NO_EC
1346 ADD_TEST(test_EVP_PKCS82PKEY);
1348 #if !defined(OPENSSL_NO_SM2) && !defined(FIPS_MODE)
1349 ADD_TEST(test_EVP_SM2);
1350 ADD_TEST(test_EVP_SM2_verify);
1352 ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys));
1353 custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0);
1354 if (!TEST_ptr(custom_pmeth))
1356 EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check);
1357 EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check);
1358 EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check);
1359 if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
1361 ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
1362 ADD_TEST(test_HKDF);
1363 #ifndef OPENSSL_NO_EC
1364 ADD_TEST(test_X509_PUBKEY_inplace);
1365 ADD_ALL_TESTS(test_invalide_ec_char2_pub_range_decode,
1366 OSSL_NELEM(ec_der_pub_keys));
1368 #ifndef OPENSSL_NO_DSA
1369 ADD_TEST(test_EVP_PKEY_CTX_get_set_params);