2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/serializer.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
32 static void stripcr(char *buf, size_t *len)
37 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
48 static int compare_with_file(const char *alg, int type, BIO *membio)
53 char *memdata, *fullfile = NULL;
86 TEST_error("Invalid file type");
90 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91 fullfile = test_mk_file_path(datadir, filename);
92 if (!TEST_ptr(fullfile))
95 file = BIO_new_file(fullfile, "rb");
99 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100 || !TEST_true(BIO_eof(file))
101 || !TEST_size_t_lt(readbytes, sizeof(buf)))
104 len = BIO_get_mem_data(membio, &memdata);
105 if (!TEST_int_gt(len, 0))
109 if (type != PRIV_DER && type != PUB_DER) {
110 stripcr(memdata, &slen);
111 stripcr(buf, &readbytes);
114 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
119 OPENSSL_free(fullfile);
120 (void)BIO_reset(membio);
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
127 BIO *membio = BIO_new(BIO_s_mem());
130 if (!TEST_ptr(membio))
133 if (!TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
134 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
135 /* Public key in PEM form */
136 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
137 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
138 /* Unencrypted private key in PEM form */
139 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
140 NULL, NULL, 0, NULL, NULL))
141 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
142 /* Encrypted private key in PEM form */
143 || !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
144 (unsigned char *)"pass", 4,
154 static int test_print_key_type_using_serializer(const char *alg, int type,
158 OSSL_SERIALIZER_CTX *ctx = NULL;
159 BIO *membio = BIO_new(BIO_s_mem());
164 pq = OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ;
168 pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
172 pq = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
176 pq = OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ;
180 pq = OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ;
184 pq = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
188 TEST_error("Invalid serialization type");
192 if (!TEST_ptr(membio))
195 /* Make a context, it's valid for several prints */
196 TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
197 if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
198 /* Check that this operation is supported */
199 || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx)))
202 /* Use no cipher. This should give us an unencrypted PEM */
203 TEST_note("Testing with no encryption");
204 if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
205 || !TEST_true(compare_with_file(alg, type, membio)))
208 if (type == PRIV_PEM) {
209 /* Set a passphrase to be used later */
210 if (!TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
211 (unsigned char *)"pass",
215 /* Use a valid cipher name */
216 TEST_note("Displaying PEM encrypted with AES-256-CBC");
217 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
218 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
221 /* Use an invalid cipher name, which should generate no output */
222 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
223 if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
224 || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
227 /* Clear the cipher. This should give us an unencrypted PEM again */
228 TEST_note("Testing with encryption cleared (no encryption)");
229 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
230 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
231 || !TEST_true(compare_with_file(alg, type, membio)))
237 OSSL_SERIALIZER_CTX_free(ctx);
241 static int test_print_key_using_serializer(const char *alg, const EVP_PKEY *pk)
246 for (i = 0; i < 6; i++)
247 ret = ret && test_print_key_type_using_serializer(alg, i, pk);
252 /* Array indexes used in test_fromdata_rsa */
262 static int test_fromdata_rsa(void)
265 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
266 EVP_PKEY *pk = NULL, *copy_pk = NULL;
268 * 32-bit RSA key, extracted from this command,
269 * executed with OpenSSL 1.0.2:
271 * openssl genrsa 32 | openssl rsa -text
273 static unsigned long key_numbers[] = {
283 OSSL_PARAM fromdata_params[] = {
284 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
285 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
286 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
287 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
288 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
289 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
290 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
291 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
294 BIGNUM *bn = BN_new();
295 BIGNUM *bn_from = BN_new();
297 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
300 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
301 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
302 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
303 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
304 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
307 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
310 if (!TEST_true(EVP_PKEY_check(key_ctx))
311 || !TEST_true(EVP_PKEY_public_check(key_ctx))
312 || !TEST_true(EVP_PKEY_private_check(key_ctx))
313 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
316 /* EVP_PKEY_copy_parameters() should fail for RSA */
317 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
318 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
321 for (i = 0; fromdata_params[i].key != NULL; ++i) {
322 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
323 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
324 || !TEST_BN_eq(bn, bn_from))
327 ret = test_print_key_using_pem("RSA", pk)
328 && test_print_key_using_serializer("RSA", pk);
333 EVP_PKEY_free(copy_pk);
334 EVP_PKEY_CTX_free(key_ctx);
335 EVP_PKEY_CTX_free(ctx);
340 static int test_evp_pkey_get_bn_param_large(void)
343 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
345 OSSL_PARAM_BLD *bld = NULL;
346 OSSL_PARAM *fromdata_params = NULL;
347 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
349 * The buffer size chosen here for n_data larger than the buffer used
350 * internally in EVP_PKEY_get_bn_param.
352 static unsigned char n_data[2050];
353 static const unsigned char e_data[] = {
356 static const unsigned char d_data[]= {
357 0x99, 0x33, 0x13, 0x7b
360 /* N is a large buffer */
361 memset(n_data, 0xCE, sizeof(n_data));
363 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
364 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
365 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
366 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
367 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
368 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
369 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
370 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
371 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
372 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
373 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
374 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
375 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
376 || !TEST_BN_eq(n, n_out))
385 EVP_PKEY_CTX_free(key_ctx);
386 EVP_PKEY_CTX_free(ctx);
387 OSSL_PARAM_BLD_free_params(fromdata_params);
388 OSSL_PARAM_BLD_free(bld);
393 #ifndef OPENSSL_NO_DH
394 static int test_fromdata_dh_named_group(void)
397 int gindex = 0, pcounter = 0, hindex = 0;
398 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
399 EVP_PKEY *pk = NULL, *copy_pk = NULL;
401 BIGNUM *pub = NULL, *priv = NULL;
402 BIGNUM *pub_out = NULL, *priv_out = NULL;
403 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
404 OSSL_PARAM *fromdata_params = NULL;
405 OSSL_PARAM_BLD *bld = NULL;
407 unsigned char seed_out[32];
410 * DH key data was generated using the following:
411 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
412 * -pkeyopt priv_len:224 -text
414 static const unsigned char priv_data[] = {
415 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
416 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
417 0x87, 0xe8, 0xa9, 0x7b,
419 static const unsigned char pub_data[] = {
420 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
421 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
422 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
423 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
424 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
425 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
426 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
427 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
428 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
429 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
430 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
431 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
432 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
433 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
434 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
435 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
436 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
437 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
438 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
439 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
440 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
441 0xcf, 0x33, 0x42, 0x83, 0x42
443 static const char group_name[] = "ffdhe2048";
445 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
446 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
447 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
448 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
449 OSSL_PKEY_PARAM_FFC_GROUP,
451 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
452 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
453 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
456 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
459 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
460 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
461 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
462 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
463 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
466 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
467 name_out, sizeof(name_out),
469 || !TEST_str_eq(name_out, group_name)
470 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
473 || !TEST_BN_eq(pub, pub_out)
474 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
476 || !TEST_BN_eq(priv, priv_out)
477 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
478 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
479 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
481 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
482 || !TEST_BN_eq(&_bignum_const_2, g)
483 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
486 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
487 OSSL_PKEY_PARAM_FFC_SEED,
489 sizeof(seed_out), &len))
490 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
492 || !TEST_int_eq(gindex, -1)
493 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
494 || !TEST_int_eq(hindex, 0)
495 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
497 || !TEST_int_eq(pcounter, -1))
500 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
503 if (!TEST_true(EVP_PKEY_check(key_ctx))
504 || !TEST_true(EVP_PKEY_public_check(key_ctx))
505 || !TEST_true(EVP_PKEY_private_check(key_ctx))
506 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
509 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
510 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
513 ret = test_print_key_using_pem("DH", pk)
514 && test_print_key_using_serializer("DH", pk);
524 EVP_PKEY_free(copy_pk);
526 EVP_PKEY_CTX_free(ctx);
527 EVP_PKEY_CTX_free(key_ctx);
528 OSSL_PARAM_BLD_free_params(fromdata_params);
529 OSSL_PARAM_BLD_free(bld);
534 static int test_fromdata_dh_fips186_4(void)
537 int gindex = 0, pcounter = 0, hindex = 0;
538 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
541 BIGNUM *pub = NULL, *priv = NULL;
542 BIGNUM *pub_out = NULL, *priv_out = NULL;
543 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
544 OSSL_PARAM_BLD *bld = NULL;
545 OSSL_PARAM *fromdata_params = NULL;
547 unsigned char seed_out[32];
550 * DH key data was generated using the following:
551 * openssl genpkey -algorithm DH
552 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
554 static const unsigned char priv_data[] = {
555 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
556 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
557 0x87, 0xe8, 0xa9, 0x7b,
559 static const unsigned char pub_data[] = {
560 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
561 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
562 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
563 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
564 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
565 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
566 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
567 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
568 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
569 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
570 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
571 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
572 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
573 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
574 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
575 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
576 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
577 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
578 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
579 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
580 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
581 0x33, 0x42, 0x83, 0x42
583 static const char group_name[] = "ffdhe2048";
586 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
587 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
588 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
589 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
590 OSSL_PKEY_PARAM_FFC_GROUP,
592 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
593 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
594 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
597 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
600 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
601 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
602 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
603 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
604 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
607 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
608 name_out, sizeof(name_out),
610 || !TEST_str_eq(name_out, group_name)
611 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
613 || !TEST_BN_eq(pub, pub_out)
614 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
616 || !TEST_BN_eq(priv, priv_out)
617 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
618 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
619 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
621 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
622 || !TEST_BN_eq(&_bignum_const_2, g)
623 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
626 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
627 OSSL_PKEY_PARAM_FFC_SEED,
629 sizeof(seed_out), &len))
630 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
632 || !TEST_int_eq(gindex, -1)
633 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
634 || !TEST_int_eq(hindex, 0)
635 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
637 || !TEST_int_eq(pcounter, -1))
640 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
643 if (!TEST_true(EVP_PKEY_check(key_ctx))
644 || !TEST_true(EVP_PKEY_public_check(key_ctx))
645 || !TEST_true(EVP_PKEY_private_check(key_ctx))
646 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
649 ret = test_print_key_using_pem("DH", pk)
650 && test_print_key_using_serializer("DH", pk);
661 EVP_PKEY_CTX_free(ctx);
662 EVP_PKEY_CTX_free(key_ctx);
663 OSSL_PARAM_BLD_free_params(fromdata_params);
664 OSSL_PARAM_BLD_free(bld);
673 #ifndef OPENSSL_NO_EC
674 /* Array indexes used in test_fromdata_ecx */
678 # define X25519_IDX 0
680 # define ED25519_IDX 2
683 static int test_fromdata_ecx(int tst)
686 EVP_PKEY_CTX *ctx = NULL;
687 EVP_PKEY *pk = NULL, *copy_pk = NULL;
688 const char *alg = NULL;
690 unsigned char out_pub[ED448_KEYLEN];
691 unsigned char out_priv[ED448_KEYLEN];
693 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
694 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
695 /* X25519: Keys from RFC 7748 6.1 */
699 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
700 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
701 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
706 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
707 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
708 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
712 /* X448: Keys from RFC 7748 6.2 */
716 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
717 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
718 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
719 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
720 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
721 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
725 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
726 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
727 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
728 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
729 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
730 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
733 /* ED25519: Keys from RFC 8032 */
737 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
738 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
739 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
744 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
745 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
746 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
750 /* ED448: Keys from RFC 8032 */
754 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
755 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
756 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
757 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
758 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
759 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
763 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
764 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
765 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
766 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
767 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
768 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
772 OSSL_PARAM x25519_fromdata_params[] = {
773 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
774 key_numbers[X25519_IDX][PRIV_KEY],
776 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
777 key_numbers[X25519_IDX][PUB_KEY],
781 OSSL_PARAM x448_fromdata_params[] = {
782 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
783 key_numbers[X448_IDX][PRIV_KEY],
785 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
786 key_numbers[X448_IDX][PUB_KEY],
790 OSSL_PARAM ed25519_fromdata_params[] = {
791 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
792 key_numbers[ED25519_IDX][PRIV_KEY],
794 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
795 key_numbers[ED25519_IDX][PUB_KEY],
799 OSSL_PARAM ed448_fromdata_params[] = {
800 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
801 key_numbers[ED448_IDX][PRIV_KEY],
803 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
804 key_numbers[ED448_IDX][PUB_KEY],
808 OSSL_PARAM *fromdata_params = NULL;
809 int bits = 0, security_bits = 0, size = 0;
813 fromdata_params = x25519_fromdata_params;
815 security_bits = X25519_SECURITY_BITS;
816 size = X25519_KEYLEN;
821 fromdata_params = x448_fromdata_params;
823 security_bits = X448_SECURITY_BITS;
829 fromdata_params = ed25519_fromdata_params;
831 security_bits = ED25519_SECURITY_BITS;
832 size = ED25519_KEYLEN;
837 fromdata_params = ed448_fromdata_params;
839 security_bits = ED448_SECURITY_BITS;
845 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
849 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
850 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
851 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
852 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
853 || !TEST_int_eq(EVP_PKEY_size(pk), size))
856 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
857 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
860 if (!TEST_true(EVP_PKEY_get_octet_string_param(
861 pk, fromdata_params[PRIV_KEY].key,
862 out_priv, sizeof(out_priv), &len))
863 || !TEST_mem_eq(out_priv, len,
864 fromdata_params[PRIV_KEY].data,
865 fromdata_params[PRIV_KEY].data_size)
866 || !TEST_true(EVP_PKEY_get_octet_string_param(
867 pk, fromdata_params[PUB_KEY].key,
868 out_pub, sizeof(out_pub), &len))
869 || !TEST_mem_eq(out_pub, len,
870 fromdata_params[PUB_KEY].data,
871 fromdata_params[PUB_KEY].data_size))
874 ret = test_print_key_using_pem(alg, pk)
875 && test_print_key_using_serializer(alg, pk);
879 EVP_PKEY_free(copy_pk);
880 EVP_PKEY_CTX_free(ctx);
887 static int test_fromdata_ec(void)
890 EVP_PKEY_CTX *ctx = NULL;
891 EVP_PKEY *pk = NULL, *copy_pk = NULL;
892 OSSL_PARAM_BLD *bld = NULL;
893 BIGNUM *ec_priv_bn = NULL;
894 BIGNUM *bn_priv = NULL;
895 OSSL_PARAM *fromdata_params = NULL;
896 const char *alg = "EC";
897 const char *curve = "prime256v1";
898 /* UNCOMPRESSED FORMAT */
899 static const unsigned char ec_pub_keydata[] = {
900 POINT_CONVERSION_UNCOMPRESSED,
901 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
902 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
903 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
904 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
905 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
906 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
907 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
908 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
910 static const unsigned char ec_priv_keydata[] = {
911 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
912 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
913 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
914 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
916 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
917 unsigned char out_pub[sizeof(ec_pub_keydata)];
918 char out_curve_name[80];
919 const OSSL_PARAM *gettable = NULL;
923 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
925 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
926 sizeof(ec_priv_keydata), NULL)))
929 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME,
932 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
934 sizeof(ec_pub_keydata)) <= 0)
936 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
938 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
940 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
944 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
945 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
946 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
947 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
948 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
951 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
952 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
955 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
956 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_NAME))
957 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
958 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
961 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_EC_NAME,
962 out_curve_name, sizeof(out_curve_name),
964 || !TEST_str_eq(out_curve_name, curve)
965 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
966 out_pub, sizeof(out_pub), &len)
967 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
968 || !TEST_mem_eq(out_pub + 1, len - 1,
969 ec_pub_keydata + 1, compressed_sz - 1)
970 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
972 || !TEST_BN_eq(ec_priv_bn, bn_priv))
975 ret = test_print_key_using_pem(alg, pk)
976 && test_print_key_using_serializer(alg, pk);
980 OSSL_PARAM_BLD_free_params(fromdata_params);
981 OSSL_PARAM_BLD_free(bld);
983 EVP_PKEY_free(copy_pk);
984 EVP_PKEY_CTX_free(ctx);
988 #endif /* OPENSSL_NO_EC */
990 #ifndef OPENSSL_NO_DSA
991 static int test_fromdata_dsa_fips186_4(void)
994 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
995 EVP_PKEY *pk = NULL, *copy_pk = NULL;
996 BIGNUM *pub = NULL, *priv = NULL;
997 BIGNUM *p = NULL, *q = NULL, *g = NULL;
998 BIGNUM *pub_out = NULL, *priv_out = NULL;
999 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1000 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1002 unsigned char seed_out[32];
1004 OSSL_PARAM_BLD *bld = NULL;
1005 OSSL_PARAM *fromdata_params = NULL;
1008 * DSA parameter data was generated using the following:
1009 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1010 * -pkeyopt qbits:256 -pkeyopt type:0 \
1011 * -pkeyopt gindex:1 -out dsa_params.pem -text
1013 static const unsigned char p_data[] = {
1014 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1015 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1016 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1017 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1018 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1019 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1020 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1021 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1022 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1023 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1024 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1025 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1026 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1027 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1028 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1029 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1030 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1031 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1032 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1033 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1034 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1035 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1037 static const unsigned char q_data[] = {
1038 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1039 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1040 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1042 static const unsigned char g_data[] = {
1043 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1044 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1045 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1046 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1047 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1048 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1049 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1050 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1051 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1052 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1053 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1054 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1055 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1056 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1057 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1058 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1059 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1060 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1061 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1062 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1063 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1064 0x02, 0x6f, 0x96, 0x36
1066 static const unsigned char seed_data[] = {
1067 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1068 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1069 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1071 const int gindex = 1;
1072 const int pcounter = 53;
1074 * The keypair was generated using
1075 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1076 * -pkeyopt gindex:1 \
1077 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1079 static const unsigned char priv_data[] = {
1080 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1081 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1082 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1084 static const unsigned char pub_data[] = {
1085 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1086 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1087 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1088 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1089 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1090 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1091 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1092 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1093 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1094 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1095 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1096 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1097 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1098 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1099 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1100 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1101 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1102 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1103 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1104 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1105 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1106 0x48, 0xd1, 0x8a, 0xbd
1109 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1110 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1111 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1112 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1113 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1114 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1116 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1117 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1118 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1119 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1120 OSSL_PKEY_PARAM_FFC_SEED,
1123 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1125 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1126 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1128 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1130 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1132 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1135 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1138 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1139 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1140 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1141 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1142 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1145 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_FFC_GROUP,
1146 name_out, sizeof(name_out),
1148 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1150 || !TEST_BN_eq(pub, pub_out)
1151 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1153 || !TEST_BN_eq(priv, priv_out)
1154 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1155 || !TEST_BN_eq(p, p_out)
1156 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1157 || !TEST_BN_eq(q, q_out)
1158 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1159 || !TEST_BN_eq(g, g_out)
1160 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1162 || !TEST_ptr_null(j_out)
1163 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1164 OSSL_PKEY_PARAM_FFC_SEED,
1165 seed_out, sizeof(seed_out),
1167 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1169 || !TEST_int_eq(gindex, gindex_out)
1170 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1172 || !TEST_int_eq(hindex_out, 0)
1173 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1175 || !TEST_int_eq(pcounter, pcounter_out))
1178 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1181 if (!TEST_true(EVP_PKEY_check(key_ctx))
1182 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1183 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1184 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1187 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1188 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1191 ret = test_print_key_using_pem("DSA", pk)
1192 && test_print_key_using_serializer("DSA", pk);
1194 OSSL_PARAM_BLD_free_params(fromdata_params);
1195 OSSL_PARAM_BLD_free(bld);
1208 EVP_PKEY_free(copy_pk);
1209 EVP_PKEY_CTX_free(ctx);
1210 EVP_PKEY_CTX_free(key_ctx);
1214 #endif /* OPENSSL_NO_DSA */
1217 int setup_tests(void)
1219 if (!test_skip_common_options()) {
1220 TEST_error("Error parsing test options\n");
1224 if (!TEST_ptr(datadir = test_get_argument(0)))
1227 ADD_TEST(test_evp_pkey_get_bn_param_large);
1228 ADD_TEST(test_fromdata_rsa);
1229 #ifndef OPENSSL_NO_DH
1230 ADD_TEST(test_fromdata_dh_fips186_4);
1231 ADD_TEST(test_fromdata_dh_named_group);
1233 #ifndef OPENSSL_NO_DSA
1234 ADD_TEST(test_fromdata_dsa_fips186_4);
1236 #ifndef OPENSSL_NO_EC
1237 ADD_ALL_TESTS(test_fromdata_ecx, 4);
1238 ADD_TEST(test_fromdata_ec);