2 * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <string.h> /* memset */
11 #include <openssl/evp.h>
12 #include <openssl/pem.h>
13 #include <openssl/serializer.h>
14 #include <openssl/provider.h>
15 #include <openssl/param_build.h>
16 #include <openssl/core_names.h>
17 #include "crypto/ecx.h"
18 #include "crypto/evp.h" /* For the internal API */
19 #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
20 #include "internal/nelem.h"
23 static char *datadir = NULL;
32 static void stripcr(char *buf, size_t *len)
37 for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
48 static int compare_with_file(const char *alg, int type, BIO *membio)
53 char *memdata, *fullfile = NULL;
86 TEST_error("Invalid file type");
90 BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
91 fullfile = test_mk_file_path(datadir, filename);
92 if (!TEST_ptr(fullfile))
95 file = BIO_new_file(fullfile, "rb");
99 if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
100 || !TEST_true(BIO_eof(file))
101 || !TEST_size_t_lt(readbytes, sizeof(buf)))
104 len = BIO_get_mem_data(membio, &memdata);
105 if (!TEST_int_gt(len, 0))
109 if (type != PRIV_DER && type != PUB_DER) {
110 stripcr(memdata, &slen);
111 stripcr(buf, &readbytes);
114 if (!TEST_mem_eq(memdata, slen, buf, readbytes))
119 OPENSSL_free(fullfile);
120 (void)BIO_reset(membio);
125 static int test_print_key_using_pem(const char *alg, const EVP_PKEY *pk)
127 BIO *membio = BIO_new(BIO_s_mem());
130 if (!TEST_ptr(membio))
133 if (/* Output Encrypted private key in PEM form */
134 !TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
135 (unsigned char *)"pass", 4,
137 /* Private key in text form */
138 || !TEST_true(EVP_PKEY_print_private(membio, pk, 0, NULL))
139 || !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
140 /* Public key in PEM form */
141 || !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
142 || !TEST_true(compare_with_file(alg, PUB_PEM, membio))
143 /* Unencrypted private key in PEM form */
144 || !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
145 NULL, NULL, 0, NULL, NULL))
146 || !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
155 static int test_print_key_type_using_serializer(const char *alg, int type,
159 OSSL_SERIALIZER_CTX *ctx = NULL;
160 BIO *membio = BIO_new(BIO_s_mem());
165 pq = OSSL_SERIALIZER_PrivateKey_TO_TEXT_PQ;
169 pq = OSSL_SERIALIZER_PrivateKey_TO_PEM_PQ;
173 pq = OSSL_SERIALIZER_PrivateKey_TO_DER_PQ;
177 pq = OSSL_SERIALIZER_PUBKEY_TO_TEXT_PQ;
181 pq = OSSL_SERIALIZER_PUBKEY_TO_PEM_PQ;
185 pq = OSSL_SERIALIZER_PUBKEY_TO_DER_PQ;
189 TEST_error("Invalid serialization type");
193 if (!TEST_ptr(membio))
196 /* Make a context, it's valid for several prints */
197 TEST_note("Setting up a OSSL_SERIALIZER context with passphrase");
198 if (!TEST_ptr(ctx = OSSL_SERIALIZER_CTX_new_by_EVP_PKEY(pk, pq))
199 /* Check that this operation is supported */
200 || !TEST_ptr(OSSL_SERIALIZER_CTX_get_serializer(ctx)))
203 /* Use no cipher. This should give us an unencrypted PEM */
204 TEST_note("Testing with no encryption");
205 if (!TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
206 || !TEST_true(compare_with_file(alg, type, membio)))
209 if (type == PRIV_PEM) {
210 /* Set a passphrase to be used later */
211 if (!TEST_true(OSSL_SERIALIZER_CTX_set_passphrase(ctx,
212 (unsigned char *)"pass",
216 /* Use a valid cipher name */
217 TEST_note("Displaying PEM encrypted with AES-256-CBC");
218 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
219 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
222 /* Use an invalid cipher name, which should generate no output */
223 TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
224 if (!TEST_false(OSSL_SERIALIZER_CTX_set_cipher(ctx, "FOO", NULL))
225 || !TEST_false(OSSL_SERIALIZER_to_bio(ctx, bio_out)))
228 /* Clear the cipher. This should give us an unencrypted PEM again */
229 TEST_note("Testing with encryption cleared (no encryption)");
230 if (!TEST_true(OSSL_SERIALIZER_CTX_set_cipher(ctx, NULL, NULL))
231 || !TEST_true(OSSL_SERIALIZER_to_bio(ctx, membio))
232 || !TEST_true(compare_with_file(alg, type, membio)))
238 OSSL_SERIALIZER_CTX_free(ctx);
242 static int test_print_key_using_serializer(const char *alg, const EVP_PKEY *pk)
247 for (i = 0; i < 6; i++)
248 ret = ret && test_print_key_type_using_serializer(alg, i, pk);
253 /* Array indexes used in test_fromdata_rsa */
263 static int test_fromdata_rsa(void)
266 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
267 EVP_PKEY *pk = NULL, *copy_pk = NULL;
269 * 32-bit RSA key, extracted from this command,
270 * executed with OpenSSL 1.0.2:
272 * openssl genrsa 32 | openssl rsa -text
274 static unsigned long key_numbers[] = {
284 OSSL_PARAM fromdata_params[] = {
285 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
286 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
287 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
288 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
289 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
290 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
291 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
292 OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
295 BIGNUM *bn = BN_new();
296 BIGNUM *bn_from = BN_new();
298 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
301 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
302 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
303 || !TEST_int_eq(EVP_PKEY_bits(pk), 32)
304 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 8)
305 || !TEST_int_eq(EVP_PKEY_size(pk), 4))
308 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
311 if (!TEST_true(EVP_PKEY_check(key_ctx))
312 || !TEST_true(EVP_PKEY_public_check(key_ctx))
313 || !TEST_true(EVP_PKEY_private_check(key_ctx))
314 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
317 /* EVP_PKEY_copy_parameters() should fail for RSA */
318 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
319 || !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
322 for (i = 0; fromdata_params[i].key != NULL; ++i) {
323 if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
324 || !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
325 || !TEST_BN_eq(bn, bn_from))
328 ret = test_print_key_using_pem("RSA", pk)
329 && test_print_key_using_serializer("RSA", pk);
334 EVP_PKEY_free(copy_pk);
335 EVP_PKEY_CTX_free(key_ctx);
336 EVP_PKEY_CTX_free(ctx);
341 static int test_evp_pkey_get_bn_param_large(void)
344 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
346 OSSL_PARAM_BLD *bld = NULL;
347 OSSL_PARAM *fromdata_params = NULL;
348 BIGNUM *n = NULL, *e = NULL, *d = NULL, *n_out = NULL;
350 * The buffer size chosen here for n_data larger than the buffer used
351 * internally in EVP_PKEY_get_bn_param.
353 static unsigned char n_data[2050];
354 static const unsigned char e_data[] = {
357 static const unsigned char d_data[]= {
358 0x99, 0x33, 0x13, 0x7b
361 /* N is a large buffer */
362 memset(n_data, 0xCE, sizeof(n_data));
364 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
365 || !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
366 || !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
367 || !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
368 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
369 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
370 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
371 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
372 || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
373 || !TEST_true(EVP_PKEY_key_fromdata_init(ctx))
374 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
375 || !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
376 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
377 || !TEST_BN_eq(n, n_out))
386 EVP_PKEY_CTX_free(key_ctx);
387 EVP_PKEY_CTX_free(ctx);
388 OSSL_PARAM_BLD_free_params(fromdata_params);
389 OSSL_PARAM_BLD_free(bld);
394 #ifndef OPENSSL_NO_DH
395 static int test_fromdata_dh_named_group(void)
398 int gindex = 0, pcounter = 0, hindex = 0;
399 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
400 EVP_PKEY *pk = NULL, *copy_pk = NULL;
402 BIGNUM *pub = NULL, *priv = NULL;
403 BIGNUM *pub_out = NULL, *priv_out = NULL;
404 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
405 OSSL_PARAM *fromdata_params = NULL;
406 OSSL_PARAM_BLD *bld = NULL;
408 unsigned char seed_out[32];
411 * DH key data was generated using the following:
412 * openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
413 * -pkeyopt priv_len:224 -text
415 static const unsigned char priv_data[] = {
416 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
417 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
418 0x87, 0xe8, 0xa9, 0x7b,
420 static const unsigned char pub_data[] = {
421 0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
422 0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
423 0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
424 0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
425 0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
426 0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
427 0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
428 0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
429 0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
430 0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
431 0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
432 0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
433 0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
434 0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
435 0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
436 0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
437 0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
438 0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
439 0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
440 0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
441 0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
442 0xcf, 0x33, 0x42, 0x83, 0x42
444 static const char group_name[] = "ffdhe2048";
446 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
447 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
448 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
449 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
450 OSSL_PKEY_PARAM_DH_GROUP,
452 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
453 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
454 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
457 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
460 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
461 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
462 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
463 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
464 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
467 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_DH_GROUP,
468 name_out, sizeof(name_out),
470 || !TEST_str_eq(name_out, group_name)
471 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
474 || !TEST_BN_eq(pub, pub_out)
475 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
477 || !TEST_BN_eq(priv, priv_out)
478 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
479 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
480 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
482 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
483 || !TEST_BN_eq(&_bignum_const_2, g)
484 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
487 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
488 OSSL_PKEY_PARAM_FFC_SEED,
490 sizeof(seed_out), &len))
491 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
493 || !TEST_int_eq(gindex, -1)
494 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
495 || !TEST_int_eq(hindex, 0)
496 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
498 || !TEST_int_eq(pcounter, -1))
501 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
504 if (!TEST_true(EVP_PKEY_check(key_ctx))
505 || !TEST_true(EVP_PKEY_public_check(key_ctx))
506 || !TEST_true(EVP_PKEY_private_check(key_ctx))
507 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
510 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
511 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
514 ret = test_print_key_using_pem("DH", pk)
515 && test_print_key_using_serializer("DH", pk);
525 EVP_PKEY_free(copy_pk);
527 EVP_PKEY_CTX_free(ctx);
528 EVP_PKEY_CTX_free(key_ctx);
529 OSSL_PARAM_BLD_free_params(fromdata_params);
530 OSSL_PARAM_BLD_free(bld);
535 static int test_fromdata_dh_fips186_4(void)
538 int gindex = 0, pcounter = 0, hindex = 0;
539 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
542 BIGNUM *pub = NULL, *priv = NULL;
543 BIGNUM *pub_out = NULL, *priv_out = NULL;
544 BIGNUM *p = NULL, *q = NULL, *g = NULL, *j = NULL;
545 OSSL_PARAM_BLD *bld = NULL;
546 OSSL_PARAM *fromdata_params = NULL;
548 unsigned char seed_out[32];
551 * DH key data was generated using the following:
552 * openssl genpkey -algorithm DH
553 * -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
555 static const unsigned char priv_data[] = {
556 0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
557 0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
558 0x87, 0xe8, 0xa9, 0x7b,
560 static const unsigned char pub_data[] = {
561 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
562 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
563 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
564 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
565 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
566 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
567 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
568 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
569 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
570 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
571 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
572 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
573 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
574 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
575 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
576 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
577 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
578 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
579 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
580 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
581 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
582 0x33, 0x42, 0x83, 0x42
584 static const char group_name[] = "ffdhe2048";
587 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
588 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
589 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
590 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
591 OSSL_PKEY_PARAM_DH_GROUP,
593 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
594 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
595 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
598 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
601 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
602 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
603 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
604 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
605 || !TEST_int_eq(EVP_PKEY_size(pk), 256))
608 if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_DH_GROUP,
609 name_out, sizeof(name_out),
611 || !TEST_str_eq(name_out, group_name)
612 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
614 || !TEST_BN_eq(pub, pub_out)
615 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
617 || !TEST_BN_eq(priv, priv_out)
618 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
619 || !TEST_BN_eq(&_bignum_ffdhe2048_p, p)
620 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
622 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
623 || !TEST_BN_eq(&_bignum_const_2, g)
624 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
627 || !TEST_false(EVP_PKEY_get_octet_string_param(pk,
628 OSSL_PKEY_PARAM_FFC_SEED,
630 sizeof(seed_out), &len))
631 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
633 || !TEST_int_eq(gindex, -1)
634 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H, &hindex))
635 || !TEST_int_eq(hindex, 0)
636 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
638 || !TEST_int_eq(pcounter, -1))
641 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
644 if (!TEST_true(EVP_PKEY_check(key_ctx))
645 || !TEST_true(EVP_PKEY_public_check(key_ctx))
646 || !TEST_true(EVP_PKEY_private_check(key_ctx))
647 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
650 ret = test_print_key_using_pem("DH", pk)
651 && test_print_key_using_serializer("DH", pk);
662 EVP_PKEY_CTX_free(ctx);
663 EVP_PKEY_CTX_free(key_ctx);
664 OSSL_PARAM_BLD_free_params(fromdata_params);
665 OSSL_PARAM_BLD_free(bld);
674 #ifndef OPENSSL_NO_EC
675 /* Array indexes used in test_fromdata_ecx */
679 # define X25519_IDX 0
681 # define ED25519_IDX 2
684 static int test_fromdata_ecx(int tst)
687 EVP_PKEY_CTX *ctx = NULL;
688 EVP_PKEY *pk = NULL, *copy_pk = NULL;
689 const char *alg = NULL;
691 unsigned char out_pub[ED448_KEYLEN];
692 unsigned char out_priv[ED448_KEYLEN];
694 /* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
695 static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
696 /* X25519: Keys from RFC 7748 6.1 */
700 0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
701 0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
702 0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
707 0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
708 0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
709 0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
713 /* X448: Keys from RFC 7748 6.2 */
717 0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
718 0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
719 0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
720 0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
721 0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
722 0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
726 0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
727 0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
728 0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
729 0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
730 0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
731 0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
734 /* ED25519: Keys from RFC 8032 */
738 0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
739 0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
740 0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
745 0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
746 0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
747 0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
751 /* ED448: Keys from RFC 8032 */
755 0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
756 0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
757 0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
758 0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
759 0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
760 0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
764 0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
765 0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
766 0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
767 0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
768 0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
769 0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
773 OSSL_PARAM x25519_fromdata_params[] = {
774 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
775 key_numbers[X25519_IDX][PRIV_KEY],
777 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
778 key_numbers[X25519_IDX][PUB_KEY],
782 OSSL_PARAM x448_fromdata_params[] = {
783 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
784 key_numbers[X448_IDX][PRIV_KEY],
786 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
787 key_numbers[X448_IDX][PUB_KEY],
791 OSSL_PARAM ed25519_fromdata_params[] = {
792 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
793 key_numbers[ED25519_IDX][PRIV_KEY],
795 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
796 key_numbers[ED25519_IDX][PUB_KEY],
800 OSSL_PARAM ed448_fromdata_params[] = {
801 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
802 key_numbers[ED448_IDX][PRIV_KEY],
804 OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
805 key_numbers[ED448_IDX][PUB_KEY],
809 OSSL_PARAM *fromdata_params = NULL;
810 int bits = 0, security_bits = 0, size = 0;
814 fromdata_params = x25519_fromdata_params;
816 security_bits = X25519_SECURITY_BITS;
817 size = X25519_KEYLEN;
822 fromdata_params = x448_fromdata_params;
824 security_bits = X448_SECURITY_BITS;
830 fromdata_params = ed25519_fromdata_params;
832 security_bits = ED25519_SECURITY_BITS;
833 size = ED25519_KEYLEN;
838 fromdata_params = ed448_fromdata_params;
840 security_bits = ED448_SECURITY_BITS;
846 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
850 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
851 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
852 || !TEST_int_eq(EVP_PKEY_bits(pk), bits)
853 || !TEST_int_eq(EVP_PKEY_security_bits(pk), security_bits)
854 || !TEST_int_eq(EVP_PKEY_size(pk), size))
857 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
858 /* This should succeed because there are no parameters to copy */
859 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
862 if (!TEST_true(EVP_PKEY_get_octet_string_param(
863 pk, fromdata_params[PRIV_KEY].key,
864 out_priv, sizeof(out_priv), &len))
865 || !TEST_mem_eq(out_priv, len,
866 fromdata_params[PRIV_KEY].data,
867 fromdata_params[PRIV_KEY].data_size)
868 || !TEST_true(EVP_PKEY_get_octet_string_param(
869 pk, fromdata_params[PUB_KEY].key,
870 out_pub, sizeof(out_pub), &len))
871 || !TEST_mem_eq(out_pub, len,
872 fromdata_params[PUB_KEY].data,
873 fromdata_params[PUB_KEY].data_size))
876 ret = test_print_key_using_pem(alg, pk)
877 && test_print_key_using_serializer(alg, pk);
881 EVP_PKEY_free(copy_pk);
882 EVP_PKEY_CTX_free(ctx);
889 static int test_fromdata_ec(void)
892 EVP_PKEY_CTX *ctx = NULL;
893 EVP_PKEY *pk = NULL, *copy_pk = NULL;
894 OSSL_PARAM_BLD *bld = NULL;
895 BIGNUM *ec_priv_bn = NULL;
896 BIGNUM *bn_priv = NULL;
897 OSSL_PARAM *fromdata_params = NULL;
898 const char *alg = "EC";
899 const char *curve = "prime256v1";
900 /* UNCOMPRESSED FORMAT */
901 static const unsigned char ec_pub_keydata[] = {
902 POINT_CONVERSION_UNCOMPRESSED,
903 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
904 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
905 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
906 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
907 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
908 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
909 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
910 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
912 static const unsigned char ec_priv_keydata[] = {
913 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
914 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
915 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
916 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
918 const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
919 unsigned char out_pub[sizeof(ec_pub_keydata)];
920 char out_curve_name[80];
921 const OSSL_PARAM *gettable = NULL;
925 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
927 if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
928 sizeof(ec_priv_keydata), NULL)))
931 if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_EC_NAME,
934 if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
936 sizeof(ec_pub_keydata)) <= 0)
938 if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
940 if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
942 ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
946 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
947 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
948 || !TEST_int_eq(EVP_PKEY_bits(pk), 256)
949 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 128)
950 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 35 * 2))
953 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
954 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
957 if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
958 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_NAME))
959 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PUB_KEY))
960 || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_PRIV_KEY)))
963 if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_EC_NAME,
964 out_curve_name, sizeof(out_curve_name),
966 || !TEST_str_eq(out_curve_name, curve)
967 || !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
968 out_pub, sizeof(out_pub), &len)
969 || !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
970 || !TEST_mem_eq(out_pub + 1, len - 1,
971 ec_pub_keydata + 1, compressed_sz - 1)
972 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
974 || !TEST_BN_eq(ec_priv_bn, bn_priv))
977 ret = test_print_key_using_pem(alg, pk)
978 && test_print_key_using_serializer(alg, pk);
982 OSSL_PARAM_BLD_free_params(fromdata_params);
983 OSSL_PARAM_BLD_free(bld);
985 EVP_PKEY_free(copy_pk);
986 EVP_PKEY_CTX_free(ctx);
990 #endif /* OPENSSL_NO_EC */
992 #ifndef OPENSSL_NO_DSA
993 static int test_fromdata_dsa_fips186_4(void)
996 EVP_PKEY_CTX *ctx = NULL, *key_ctx = NULL;
997 EVP_PKEY *pk = NULL, *copy_pk = NULL;
998 BIGNUM *pub = NULL, *priv = NULL;
999 BIGNUM *p = NULL, *q = NULL, *g = NULL;
1000 BIGNUM *pub_out = NULL, *priv_out = NULL;
1001 BIGNUM *p_out = NULL, *q_out = NULL, *g_out = NULL, *j_out = NULL;
1002 int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1004 unsigned char seed_out[32];
1006 OSSL_PARAM_BLD *bld = NULL;
1007 OSSL_PARAM *fromdata_params = NULL;
1010 * DSA parameter data was generated using the following:
1011 * openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1012 * -pkeyopt qbits:256 -pkeyopt type:0 \
1013 * -pkeyopt gindex:1 -out dsa_params.pem -text
1015 static const unsigned char p_data[] = {
1016 0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1017 0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1018 0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1019 0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1020 0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1021 0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1022 0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1023 0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1024 0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1025 0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1026 0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1027 0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1028 0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1029 0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1030 0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1031 0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1032 0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1033 0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1034 0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1035 0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1036 0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1037 0x7c, 0xfe, 0xaf, 0x6a, 0x05
1039 static const unsigned char q_data[] = {
1040 0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1041 0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1042 0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1044 static const unsigned char g_data[] = {
1045 0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1046 0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1047 0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1048 0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1049 0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1050 0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1051 0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1052 0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1053 0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1054 0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1055 0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1056 0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1057 0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1058 0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1059 0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1060 0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1061 0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1062 0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1063 0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1064 0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1065 0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1066 0x02, 0x6f, 0x96, 0x36
1068 static const unsigned char seed_data[] = {
1069 0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1070 0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1071 0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1073 const int gindex = 1;
1074 const int pcounter = 53;
1076 * The keypair was generated using
1077 * openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1078 * -pkeyopt gindex:1 \
1079 * -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1081 static const unsigned char priv_data[] = {
1082 0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1083 0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1084 0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1086 static const unsigned char pub_data[] = {
1087 0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1088 0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1089 0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1090 0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1091 0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1092 0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1093 0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1094 0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1095 0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1096 0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1097 0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1098 0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1099 0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1100 0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1101 0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1102 0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1103 0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1104 0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1105 0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1106 0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1107 0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1108 0x48, 0xd1, 0x8a, 0xbd
1111 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1112 || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1113 || !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1114 || !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1115 || !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1116 || !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1118 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1119 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1120 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1121 || !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1122 OSSL_PKEY_PARAM_FFC_SEED,
1125 || !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1127 || !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1128 OSSL_PKEY_PARAM_FFC_PCOUNTER,
1130 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1132 || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1134 || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1137 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1140 if (!TEST_true(EVP_PKEY_key_fromdata_init(ctx))
1141 || !TEST_true(EVP_PKEY_fromdata(ctx, &pk, fromdata_params))
1142 || !TEST_int_eq(EVP_PKEY_bits(pk), 2048)
1143 || !TEST_int_eq(EVP_PKEY_security_bits(pk), 112)
1144 || !TEST_int_eq(EVP_PKEY_size(pk), 2 + 2 * (3 + sizeof(q_data))))
1147 if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_DH_GROUP,
1148 name_out, sizeof(name_out),
1150 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1152 || !TEST_BN_eq(pub, pub_out)
1153 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1155 || !TEST_BN_eq(priv, priv_out)
1156 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p_out))
1157 || !TEST_BN_eq(p, p_out)
1158 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q_out))
1159 || !TEST_BN_eq(q, q_out)
1160 || !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g_out))
1161 || !TEST_BN_eq(g, g_out)
1162 || !TEST_false(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_COFACTOR,
1164 || !TEST_ptr_null(j_out)
1165 || !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1166 OSSL_PKEY_PARAM_FFC_SEED,
1167 seed_out, sizeof(seed_out),
1169 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
1171 || !TEST_int_eq(gindex, gindex_out)
1172 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1174 || !TEST_int_eq(hindex_out, 0)
1175 || !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_PCOUNTER,
1177 || !TEST_int_eq(pcounter, pcounter_out))
1180 if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1183 if (!TEST_true(EVP_PKEY_check(key_ctx))
1184 || !TEST_true(EVP_PKEY_public_check(key_ctx))
1185 || !TEST_true(EVP_PKEY_private_check(key_ctx))
1186 || !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1189 if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1190 || !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1193 ret = test_print_key_using_pem("DSA", pk)
1194 && test_print_key_using_serializer("DSA", pk);
1196 OSSL_PARAM_BLD_free_params(fromdata_params);
1197 OSSL_PARAM_BLD_free(bld);
1210 EVP_PKEY_free(copy_pk);
1211 EVP_PKEY_CTX_free(ctx);
1212 EVP_PKEY_CTX_free(key_ctx);
1217 static int test_check_dsa(void)
1220 EVP_PKEY_CTX *ctx = NULL;
1222 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1223 || !TEST_false(EVP_PKEY_check(ctx))
1224 || !TEST_false(EVP_PKEY_public_check(ctx))
1225 || !TEST_false(EVP_PKEY_private_check(ctx))
1226 || !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1231 EVP_PKEY_CTX_free(ctx);
1235 #endif /* OPENSSL_NO_DSA */
1238 int setup_tests(void)
1240 if (!test_skip_common_options()) {
1241 TEST_error("Error parsing test options\n");
1245 if (!TEST_ptr(datadir = test_get_argument(0)))
1248 ADD_TEST(test_evp_pkey_get_bn_param_large);
1249 ADD_TEST(test_fromdata_rsa);
1250 #ifndef OPENSSL_NO_DH
1251 ADD_TEST(test_fromdata_dh_fips186_4);
1252 ADD_TEST(test_fromdata_dh_named_group);
1254 #ifndef OPENSSL_NO_DSA
1255 ADD_TEST(test_check_dsa);
1256 ADD_TEST(test_fromdata_dsa_fips186_4);
1258 #ifndef OPENSSL_NO_EC
1259 ADD_ALL_TESTS(test_fromdata_ecx, 4);
1260 ADD_TEST(test_fromdata_ec);