2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/serializer.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
32 static void stripcr(char *buf, size_t *len)
37 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
48 static int compare_with_file(const char *alg, int type, BIO *membio)
53 char *memdata, *fullfile = NULL;
86 TEST_error("Invalid file type");
90 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91 fullfile = test_mk_file_path(datadir, filename);
92 if (!TEST_ptr(fullfile))
95 file = BIO_new_file(fullfile, "rb");
99 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100 || !TEST_true(BIO_eof(file))
101 || !TEST_size_t_lt(readbytes, sizeof(buf)))
104 len = BIO_get_mem_data(membio, &memdata);
105 if (!TEST_int_gt(len, 0))
109 if (type != PRIV_DER && type != PUB_DER) {
110 stripcr(memdata, &slen);
111 stripcr(buf, &readbytes);
114 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
119 OPENSSL_free(fullfile);
120 (void)BIO_reset(membio);
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
127 BIO *membio = BIO_new(BIO_s_mem());
130 if (!TEST_ptr(membio))
133 if (/* Output Encrypted private key in PEM form */
134 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
135 (unsigned char *)"pass", 4,
137 /* Private key in text form */
138 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
139 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
140 /* Public key in PEM form */
141 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
142 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
143 /* Unencrypted private key in PEM form */
144 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
145 NULL, NULL, 0, NULL, NULL))
146 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
155 static int test_print_key_type_using_serializer(const char *alg, int type,
159 OSSL_SERIALIZER_CTX *ctx = NULL;
160 BIO *membio = BIO_new(BIO_s_mem());
165 pq = OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ;
169 pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
173 pq = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
177 pq = OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ;
181 pq = OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ;
185 pq = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
189 TEST_error("Invalid serialization type");
193 if (!TEST_ptr(membio))
196 /* Make a context, it's valid for several prints */
197 TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
198 if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
199 /* Check that this operation is supported */
200 || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx)))
203 /* Use no cipher. This should give us an unencrypted PEM */
204 TEST_note("Testing with no encryption");
205 if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
206 || !TEST_true(compare_with_file(alg, type, membio)))
209 if (type == PRIV_PEM) {
210 /* Set a passphrase to be used later */
211 if (!TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
212 (unsigned char *)"pass",
216 /* Use a valid cipher name */
217 TEST_note("Displaying PEM encrypted with AES-256-CBC");
218 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
219 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
222 /* Use an invalid cipher name, which should generate no output */
223 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
224 if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
225 || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
228 /* Clear the cipher. This should give us an unencrypted PEM again */
229 TEST_note("Testing with encryption cleared (no encryption)");
230 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
231 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
232 || !TEST_true(compare_with_file(alg, type, membio)))
238 OSSL_SERIALIZER_CTX_free(ctx);
242 static int test_print_key_using_serializer(const char *alg, const EVP_PKEY *pk)
247 for (i = 0; i < 6; i++)
248 ret = ret && test_print_key_type_using_serializer(alg, i, pk);
253 /* Array indexes used in test_fromdata_rsa */
263 static int test_fromdata_rsa(void)
266 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
267 EVP_PKEY *pk = NULL, *copy_pk = NULL;
269 * 32-bit RSA key, extracted from this command,
270 * executed with OpenSSL 1.0.2:
272 * openssl genrsa 32 | openssl rsa -text
274 static unsigned long key_numbers[] = {
284 OSSL_PARAM fromdata_params[] = {
285 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
286 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
287 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
288 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
289 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
290 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
291 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
292 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
295 BIGNUM *bn = BN_new();
296 BIGNUM *bn_from = BN_new();
298 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
301 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
302 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
303 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
304 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
305 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
308 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
311 if (!TEST_true(EVP_PKEY_check(key_ctx))
312 || !TEST_true(EVP_PKEY_public_check(key_ctx))
313 || !TEST_true(EVP_PKEY_private_check(key_ctx))
314 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
317 /* EVP_PKEY_copy_parameters() should fail for RSA */
318 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
319 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
322 for (i = 0; fromdata_params[i].key != NULL; ++i) {
323 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
324 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
325 || !TEST_BN_eq(bn, bn_from))
328 ret = test_print_key_using_pem("RSA", pk)
329 && test_print_key_using_serializer("RSA", pk);
334 EVP_PKEY_free(copy_pk);
335 EVP_PKEY_CTX_free(key_ctx);
336 EVP_PKEY_CTX_free(ctx);
341 static int test_evp_pkey_get_bn_param_large(void)
344 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
346 OSSL_PARAM_BLD *bld = NULL;
347 OSSL_PARAM *fromdata_params = NULL;
348 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
350 * The buffer size chosen here for n_data larger than the buffer used
351 * internally in EVP_PKEY_get_bn_param.
353 static unsigned char n_data[2050];
354 static const unsigned char e_data[] = {
357 static const unsigned char d_data[]= {
358 0x99, 0x33, 0x13, 0x7b
361 /* N is a large buffer */
362 memset(n_data, 0xCE, sizeof(n_data));
364 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
365 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
366 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
367 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
368 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
369 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
370 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
371 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
372 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
373 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
374 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
375 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
376 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
377 || !TEST_BN_eq(n, n_out))
386 EVP_PKEY_CTX_free(key_ctx);
387 EVP_PKEY_CTX_free(ctx);
388 OSSL_PARAM_BLD_free_params(fromdata_params);
389 OSSL_PARAM_BLD_free(bld);
394 #ifndef OPENSSL_NO_DH
395 static int test_fromdata_dh_named_group(void)
398 int gindex = 0, pcounter = 0, hindex = 0;
399 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
400 EVP_PKEY *pk = NULL, *copy_pk = NULL;
402 BIGNUM *pub = NULL, *priv = NULL;
403 BIGNUM *pub_out = NULL, *priv_out = NULL;
404 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
405 OSSL_PARAM *fromdata_params = NULL;
406 OSSL_PARAM_BLD *bld = NULL;
408 unsigned char seed_out[32];
411 * DH key data was generated using the following:
412 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
413 * -pkeyopt priv_len:224 -text
415 static const unsigned char priv_data[] = {
416 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
417 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
418 0x87, 0xe8, 0xa9, 0x7b,
420 static const unsigned char pub_data[] = {
421 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
422 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
423 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
424 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
425 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
426 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
427 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
428 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
429 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
430 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
431 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
432 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
433 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
434 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
435 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
436 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
437 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
438 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
439 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
440 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
441 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
442 0xcf, 0x33, 0x42, 0x83, 0x42
444 static const char group_name[] = "ffdhe2048";
446 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
447 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
448 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
449 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
450 OSSL_PKEY_PARAM_DH_GROUP,
452 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
453 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
454 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
457 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
460 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
461 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
462 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
463 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
464 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
467 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_DH_GROUP,
468 name_out, sizeof(name_out),
470 || !TEST_str_eq(name_out, group_name)
471 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
474 || !TEST_BN_eq(pub, pub_out)
475 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
477 || !TEST_BN_eq(priv, priv_out)
478 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
479 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
480 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
482 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
483 || !TEST_BN_eq(&_bignum_const_2, g)
484 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
487 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
488 OSSL_PKEY_PARAM_FFC_SEED,
490 sizeof(seed_out), &len))
491 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
493 || !TEST_int_eq(gindex, -1)
494 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
495 || !TEST_int_eq(hindex, 0)
496 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
498 || !TEST_int_eq(pcounter, -1))
501 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
504 if (!TEST_true(EVP_PKEY_check(key_ctx))
505 || !TEST_true(EVP_PKEY_public_check(key_ctx))
506 || !TEST_true(EVP_PKEY_private_check(key_ctx))
507 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
510 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
511 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
514 ret = test_print_key_using_pem("DH", pk)
515 && test_print_key_using_serializer("DH", pk);
525 EVP_PKEY_free(copy_pk);
527 EVP_PKEY_CTX_free(ctx);
528 EVP_PKEY_CTX_free(key_ctx);
529 OSSL_PARAM_BLD_free_params(fromdata_params);
530 OSSL_PARAM_BLD_free(bld);
535 static int test_fromdata_dh_fips186_4(void)
538 int gindex = 0, pcounter = 0, hindex = 0;
539 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
542 BIGNUM *pub = NULL, *priv = NULL;
543 BIGNUM *pub_out = NULL, *priv_out = NULL;
544 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
545 OSSL_PARAM_BLD *bld = NULL;
546 OSSL_PARAM *fromdata_params = NULL;
548 unsigned char seed_out[32];
551 * DH key data was generated using the following:
552 * openssl genpkey -algorithm DH
553 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
555 static const unsigned char priv_data[] = {
556 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
557 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
558 0x87, 0xe8, 0xa9, 0x7b,
560 static const unsigned char pub_data[] = {
561 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
562 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
563 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
564 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
565 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
566 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
567 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
568 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
569 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
570 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
571 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
572 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
573 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
574 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
575 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
576 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
577 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
578 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
579 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
580 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
581 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
582 0x33, 0x42, 0x83, 0x42
584 static const char group_name[] = "ffdhe2048";
587 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
588 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
589 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
590 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
591 OSSL_PKEY_PARAM_DH_GROUP,
593 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
594 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
595 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
598 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
601 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
602 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
603 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
604 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
605 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
608 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_DH_GROUP,
609 name_out, sizeof(name_out),
611 || !TEST_str_eq(name_out, group_name)
612 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
614 || !TEST_BN_eq(pub, pub_out)
615 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
617 || !TEST_BN_eq(priv, priv_out)
618 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
619 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
620 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
622 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
623 || !TEST_BN_eq(&_bignum_const_2, g)
624 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
627 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
628 OSSL_PKEY_PARAM_FFC_SEED,
630 sizeof(seed_out), &len))
631 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
633 || !TEST_int_eq(gindex, -1)
634 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
635 || !TEST_int_eq(hindex, 0)
636 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
638 || !TEST_int_eq(pcounter, -1))
641 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
644 if (!TEST_true(EVP_PKEY_check(key_ctx))
645 || !TEST_true(EVP_PKEY_public_check(key_ctx))
646 || !TEST_true(EVP_PKEY_private_check(key_ctx))
647 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
650 ret = test_print_key_using_pem("DH", pk)
651 && test_print_key_using_serializer("DH", pk);
662 EVP_PKEY_CTX_free(ctx);
663 EVP_PKEY_CTX_free(key_ctx);
664 OSSL_PARAM_BLD_free_params(fromdata_params);
665 OSSL_PARAM_BLD_free(bld);
674 #ifndef OPENSSL_NO_EC
675 /* Array indexes used in test_fromdata_ecx */
679 # define X25519_IDX 0
681 # define ED25519_IDX 2
684 static int test_fromdata_ecx(int tst)
687 EVP_PKEY_CTX *ctx = NULL;
688 EVP_PKEY *pk = NULL, *copy_pk = NULL;
689 const char *alg = NULL;
691 unsigned char out_pub[ED448_KEYLEN];
692 unsigned char out_priv[ED448_KEYLEN];
694 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
695 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
696 /* X25519: Keys from RFC 7748 6.1 */
700 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
701 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
702 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
707 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
708 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
709 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
713 /* X448: Keys from RFC 7748 6.2 */
717 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
718 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
719 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
720 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
721 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
722 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
726 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
727 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
728 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
729 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
730 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
731 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
734 /* ED25519: Keys from RFC 8032 */
738 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
739 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
740 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
745 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
746 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
747 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
751 /* ED448: Keys from RFC 8032 */
755 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
756 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
757 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
758 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
759 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
760 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
764 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
765 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
766 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
767 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
768 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
769 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
773 OSSL_PARAM x25519_fromdata_params[] = {
774 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
775 key_numbers[X25519_IDX][PRIV_KEY],
777 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
778 key_numbers[X25519_IDX][PUB_KEY],
782 OSSL_PARAM x448_fromdata_params[] = {
783 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
784 key_numbers[X448_IDX][PRIV_KEY],
786 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
787 key_numbers[X448_IDX][PUB_KEY],
791 OSSL_PARAM ed25519_fromdata_params[] = {
792 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
793 key_numbers[ED25519_IDX][PRIV_KEY],
795 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
796 key_numbers[ED25519_IDX][PUB_KEY],
800 OSSL_PARAM ed448_fromdata_params[] = {
801 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
802 key_numbers[ED448_IDX][PRIV_KEY],
804 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
805 key_numbers[ED448_IDX][PUB_KEY],
809 OSSL_PARAM *fromdata_params = NULL;
810 int bits = 0, security_bits = 0, size = 0;
814 fromdata_params = x25519_fromdata_params;
816 security_bits = X25519_SECURITY_BITS;
817 size = X25519_KEYLEN;
822 fromdata_params = x448_fromdata_params;
824 security_bits = X448_SECURITY_BITS;
830 fromdata_params = ed25519_fromdata_params;
832 security_bits = ED25519_SECURITY_BITS;
833 size = ED25519_KEYLEN;
838 fromdata_params = ed448_fromdata_params;
840 security_bits = ED448_SECURITY_BITS;
846 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
850 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
851 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
852 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
853 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
854 || !TEST_int_eq(EVP_PKEY_size(pk), size))
857 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
858 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
861 if (!TEST_true(EVP_PKEY_get_octet_string_param(
862 pk, fromdata_params[PRIV_KEY].key,
863 out_priv, sizeof(out_priv), &len))
864 || !TEST_mem_eq(out_priv, len,
865 fromdata_params[PRIV_KEY].data,
866 fromdata_params[PRIV_KEY].data_size)
867 || !TEST_true(EVP_PKEY_get_octet_string_param(
868 pk, fromdata_params[PUB_KEY].key,
869 out_pub, sizeof(out_pub), &len))
870 || !TEST_mem_eq(out_pub, len,
871 fromdata_params[PUB_KEY].data,
872 fromdata_params[PUB_KEY].data_size))
875 ret = test_print_key_using_pem(alg, pk)
876 && test_print_key_using_serializer(alg, pk);
880 EVP_PKEY_free(copy_pk);
881 EVP_PKEY_CTX_free(ctx);
888 static int test_fromdata_ec(void)
891 EVP_PKEY_CTX *ctx = NULL;
892 EVP_PKEY *pk = NULL, *copy_pk = NULL;
893 OSSL_PARAM_BLD *bld = NULL;
894 BIGNUM *ec_priv_bn = NULL;
895 BIGNUM *bn_priv = NULL;
896 OSSL_PARAM *fromdata_params = NULL;
897 const char *alg = "EC";
898 const char *curve = "prime256v1";
899 /* UNCOMPRESSED FORMAT */
900 static const unsigned char ec_pub_keydata[] = {
901 POINT_CONVERSION_UNCOMPRESSED,
902 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
903 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
904 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
905 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
906 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
907 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
908 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
909 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
911 static const unsigned char ec_priv_keydata[] = {
912 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
913 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
914 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
915 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
917 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
918 unsigned char out_pub[sizeof(ec_pub_keydata)];
919 char out_curve_name[80];
920 const OSSL_PARAM *gettable = NULL;
924 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
926 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
927 sizeof(ec_priv_keydata), NULL)))
930 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME,
933 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
935 sizeof(ec_pub_keydata)) <= 0)
937 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
939 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
941 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
945 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
946 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
947 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
948 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
949 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
952 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
953 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
956 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
957 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_NAME))
958 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
959 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
962 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_EC_NAME,
963 out_curve_name, sizeof(out_curve_name),
965 || !TEST_str_eq(out_curve_name, curve)
966 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
967 out_pub, sizeof(out_pub), &len)
968 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
969 || !TEST_mem_eq(out_pub + 1, len - 1,
970 ec_pub_keydata + 1, compressed_sz - 1)
971 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
973 || !TEST_BN_eq(ec_priv_bn, bn_priv))
976 ret = test_print_key_using_pem(alg, pk)
977 && test_print_key_using_serializer(alg, pk);
981 OSSL_PARAM_BLD_free_params(fromdata_params);
982 OSSL_PARAM_BLD_free(bld);
984 EVP_PKEY_free(copy_pk);
985 EVP_PKEY_CTX_free(ctx);
989 #endif /* OPENSSL_NO_EC */
991 #ifndef OPENSSL_NO_DSA
992 static int test_fromdata_dsa_fips186_4(void)
995 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
996 EVP_PKEY *pk = NULL, *copy_pk = NULL;
997 BIGNUM *pub = NULL, *priv = NULL;
998 BIGNUM *p = NULL, *q = NULL, *g = NULL;
999 BIGNUM *pub_out = NULL, *priv_out = NULL;
1000 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1001 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1003 unsigned char seed_out[32];
1005 OSSL_PARAM_BLD *bld = NULL;
1006 OSSL_PARAM *fromdata_params = NULL;
1009 * DSA parameter data was generated using the following:
1010 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1011 * -pkeyopt qbits:256 -pkeyopt type:0 \
1012 * -pkeyopt gindex:1 -out dsa_params.pem -text
1014 static const unsigned char p_data[] = {
1015 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1016 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1017 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1018 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1019 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1020 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1021 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1022 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1023 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1024 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1025 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1026 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1027 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1028 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1029 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1030 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1031 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1032 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1033 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1034 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1035 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1036 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1038 static const unsigned char q_data[] = {
1039 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1040 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1041 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1043 static const unsigned char g_data[] = {
1044 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1045 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1046 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1047 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1048 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1049 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1050 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1051 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1052 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1053 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1054 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1055 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1056 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1057 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1058 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1059 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1060 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1061 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1062 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1063 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1064 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1065 0x02, 0x6f, 0x96, 0x36
1067 static const unsigned char seed_data[] = {
1068 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1069 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1070 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1072 const int gindex = 1;
1073 const int pcounter = 53;
1075 * The keypair was generated using
1076 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1077 * -pkeyopt gindex:1 \
1078 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1080 static const unsigned char priv_data[] = {
1081 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1082 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1083 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1085 static const unsigned char pub_data[] = {
1086 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1087 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1088 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1089 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1090 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1091 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1092 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1093 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1094 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1095 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1096 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1097 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1098 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1099 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1100 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1101 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1102 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1103 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1104 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1105 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1106 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1107 0x48, 0xd1, 0x8a, 0xbd
1110 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1111 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1112 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1113 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1114 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1115 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1117 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1118 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1119 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1120 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1121 OSSL_PKEY_PARAM_FFC_SEED,
1124 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1126 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1127 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1129 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1131 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1133 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1136 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1139 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1140 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1141 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1142 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1143 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1146 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_DH_GROUP,
1147 name_out, sizeof(name_out),
1149 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1151 || !TEST_BN_eq(pub, pub_out)
1152 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1154 || !TEST_BN_eq(priv, priv_out)
1155 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1156 || !TEST_BN_eq(p, p_out)
1157 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1158 || !TEST_BN_eq(q, q_out)
1159 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1160 || !TEST_BN_eq(g, g_out)
1161 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1163 || !TEST_ptr_null(j_out)
1164 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1165 OSSL_PKEY_PARAM_FFC_SEED,
1166 seed_out, sizeof(seed_out),
1168 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1170 || !TEST_int_eq(gindex, gindex_out)
1171 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1173 || !TEST_int_eq(hindex_out, 0)
1174 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1176 || !TEST_int_eq(pcounter, pcounter_out))
1179 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1182 if (!TEST_true(EVP_PKEY_check(key_ctx))
1183 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1184 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1185 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1188 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1189 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1192 ret = test_print_key_using_pem("DSA", pk)
1193 && test_print_key_using_serializer("DSA", pk);
1195 OSSL_PARAM_BLD_free_params(fromdata_params);
1196 OSSL_PARAM_BLD_free(bld);
1209 EVP_PKEY_free(copy_pk);
1210 EVP_PKEY_CTX_free(ctx);
1211 EVP_PKEY_CTX_free(key_ctx);
1216 static int test_check_dsa(void)
1219 EVP_PKEY_CTX *ctx = NULL;
1221 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1222 || !TEST_false(EVP_PKEY_check(ctx))
1223 || !TEST_false(EVP_PKEY_public_check(ctx))
1224 || !TEST_false(EVP_PKEY_private_check(ctx))
1225 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1230 EVP_PKEY_CTX_free(ctx);
1234 #endif /* OPENSSL_NO_DSA */
1237 int setup_tests(void)
1239 if (!test_skip_common_options()) {
1240 TEST_error("Error parsing test options\n");
1244 if (!TEST_ptr(datadir = test_get_argument(0)))
1247 ADD_TEST(test_evp_pkey_get_bn_param_large);
1248 ADD_TEST(test_fromdata_rsa);
1249 #ifndef OPENSSL_NO_DH
1250 ADD_TEST(test_fromdata_dh_fips186_4);
1251 ADD_TEST(test_fromdata_dh_named_group);
1253 #ifndef OPENSSL_NO_DSA
1254 ADD_TEST(test_check_dsa);
1255 ADD_TEST(test_fromdata_dsa_fips186_4);
1257 #ifndef OPENSSL_NO_EC
1258 ADD_ALL_TESTS(test_fromdata_ecx, 4);
1259 ADD_TEST(test_fromdata_ec);