evp_pkey_provided_test.c@ 94403

最後變更在這個檔案從94403是 94320,由 vboxsync 提交於 3 年前
libs/openssl-3.0.1: Export to OSE and fix copyright headers in Makefiles, bugref:10128
檔案大小: 65.0 KB

行
1	/*
2	* Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h> /* memset */
11	#include <openssl/evp.h>
12	#include <openssl/pem.h>
13	#include <openssl/encoder.h>
14	#include <openssl/provider.h>
15	#include <openssl/param_build.h>
16	#include <openssl/core_names.h>
17	#include <openssl/sha.h>
18	#include "crypto/ecx.h"
19	#include "crypto/evp.h" /* For the internal API */
20	#include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21	#include "internal/nelem.h"
22	#include "testutil.h"
23
24	static char *datadir = NULL;
25
26	/*
27	* Do not change the order of the following defines unless you also
28	* update the for loop bounds used inside test_print_key_using_encoder() and
29	* test_print_key_using_encoder_public().
30	*/
31	#define PRIV_TEXT 0
32	#define PRIV_PEM 1
33	#define PRIV_DER 2
34	#define PUB_TEXT 3
35	#define PUB_PEM 4
36	#define PUB_DER 5
37
38	static void stripcr(char buf, size_t len)
39	{
40	size_t i;
41	char curr, writ;
42
43	for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
44	if (*curr == '\r') {
45	(*len)--;
46	continue;
47	}
48	if (curr != writ)
49	writ = curr;
50	writ++;
51	}
52	}
53
54	static int compare_with_file(const char alg, int type, BIO membio)
55	{
56	char filename[80];
57	BIO *file = NULL;
58	char buf[4096];
59	char memdata, fullfile = NULL;
60	const char *suffix;
61	size_t readbytes;
62	int ret = 0;
63	int len;
64	size_t slen;
65
66	switch (type) {
67	case PRIV_TEXT:
68	suffix = "priv.txt";
69	break;
70
71	case PRIV_PEM:
72	suffix = "priv.pem";
73	break;
74
75	case PRIV_DER:
76	suffix = "priv.der";
77	break;
78
79	case PUB_TEXT:
80	suffix = "pub.txt";
81	break;
82
83	case PUB_PEM:
84	suffix = "pub.pem";
85	break;
86
87	case PUB_DER:
88	suffix = "pub.der";
89	break;
90
91	default:
92	TEST_error("Invalid file type");
93	goto err;
94	}
95
96	BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97	fullfile = test_mk_file_path(datadir, filename);
98	if (!TEST_ptr(fullfile))
99	goto err;
100
101	file = BIO_new_file(fullfile, "rb");
102	if (!TEST_ptr(file))
103	goto err;
104
105	if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106	\|\| !TEST_true(BIO_eof(file))
107	\|\| !TEST_size_t_lt(readbytes, sizeof(buf)))
108	goto err;
109
110	len = BIO_get_mem_data(membio, &memdata);
111	if (!TEST_int_gt(len, 0))
112	goto err;
113
114	slen = len;
115	if (type != PRIV_DER && type != PUB_DER) {
116	stripcr(memdata, &slen);
117	stripcr(buf, &readbytes);
118	}
119
120	if (!TEST_mem_eq(memdata, slen, buf, readbytes))
121	goto err;
122
123	ret = 1;
124	err:
125	OPENSSL_free(fullfile);
126	(void)BIO_reset(membio);
127	BIO_free(file);
128	return ret;
129	}
130
131	static int test_print_key_using_pem(const char alg, const EVP_PKEY pk)
132	{
133	BIO *membio = BIO_new(BIO_s_mem());
134	int ret = 0;
135
136	if (!TEST_ptr(membio))
137	goto err;
138
139	if (/* Output Encrypted private key in PEM form */
140	!TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
141	(unsigned char *)"pass", 4,
142	NULL, NULL))
143	/* Private key in text form */
144	\|\| !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
145	\|\| !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
146	/* Public key in PEM form */
147	\|\| !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
148	\|\| !TEST_true(compare_with_file(alg, PUB_PEM, membio))
149	/* Unencrypted private key in PEM form */
150	\|\| !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
151	NULL, NULL, 0, NULL, NULL))
152	\|\| !TEST_true(compare_with_file(alg, PRIV_PEM, membio)))
153	goto err;
154
155	ret = 1;
156	err:
157	BIO_free(membio);
158	return ret;
159	}
160
161	static int test_print_key_type_using_encoder(const char *alg, int type,
162	const EVP_PKEY *pk)
163	{
164	const char output_type, output_structure;
165	int selection;
166	OSSL_ENCODER_CTX *ctx = NULL;
167	BIO *membio = BIO_new(BIO_s_mem());
168	int ret = 0;
169
170	switch (type) {
171	case PRIV_TEXT:
172	output_type = "TEXT";
173	output_structure = NULL;
174	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
175	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
176	break;
177
178	case PRIV_PEM:
179	output_type = "PEM";
180	output_structure = "PrivateKeyInfo";
181	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
182	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
183	break;
184
185	case PRIV_DER:
186	output_type = "DER";
187	output_structure = "PrivateKeyInfo";
188	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
189	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
190	break;
191
192	case PUB_TEXT:
193	output_type = "TEXT";
194	output_structure = NULL;
195	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
196	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
197	break;
198
199	case PUB_PEM:
200	output_type = "PEM";
201	output_structure = "SubjectPublicKeyInfo";
202	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
203	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
204	break;
205
206	case PUB_DER:
207	output_type = "DER";
208	output_structure = "SubjectPublicKeyInfo";
209	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
210	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
211	break;
212
213	default:
214	TEST_error("Invalid encoding type");
215	goto err;
216	}
217
218	if (!TEST_ptr(membio))
219	goto err;
220
221	/* Make a context, it's valid for several prints */
222	TEST_note("Setting up a OSSL_ENCODER context with passphrase");
223	if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
224	output_type,
225	output_structure,
226	NULL))
227	/* Check that this operation is supported */
228	\|\| !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
229	goto err;
230
231	/* Use no cipher. This should give us an unencrypted PEM */
232	TEST_note("Testing with no encryption");
233	if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
234	\|\| !TEST_true(compare_with_file(alg, type, membio)))
235	goto err;
236
237	if (type == PRIV_PEM) {
238	/* Set a passphrase to be used later */
239	if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
240	(unsigned char *)"pass",
241	4)))
242	goto err;
243
244	/* Use a valid cipher name */
245	TEST_note("Displaying PEM encrypted with AES-256-CBC");
246	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
247	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
248	goto err;
249
250	/* Use an invalid cipher name, which should generate no output */
251	TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
252	if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
253	\|\| !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
254	goto err;
255
256	/* Clear the cipher. This should give us an unencrypted PEM again */
257	TEST_note("Testing with encryption cleared (no encryption)");
258	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
259	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
260	\|\| !TEST_true(compare_with_file(alg, type, membio)))
261	goto err;
262	}
263	ret = 1;
264	err:
265	BIO_free(membio);
266	OSSL_ENCODER_CTX_free(ctx);
267	return ret;
268	}
269
270	static int test_print_key_using_encoder(const char alg, const EVP_PKEY pk)
271	{
272	int i;
273	int ret = 1;
274
275	for (i = PRIV_TEXT; i <= PUB_DER; i++)
276	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
277
278	return ret;
279	}
280
281	#ifndef OPENSSL_NO_EC
282	static int test_print_key_using_encoder_public(const char *alg,
283	const EVP_PKEY *pk)
284	{
285	int i;
286	int ret = 1;
287
288	for (i = PUB_TEXT; i <= PUB_DER; i++)
289	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
290
291	return ret;
292	}
293	#endif
294
295	/* Array indexes used in test_fromdata_rsa */
296	#define N 0
297	#define E 1
298	#define D 2
299	#define P 3
300	#define Q 4
301	#define DP 5
302	#define DQ 6
303	#define QINV 7
304
305	static int test_fromdata_rsa(void)
306	{
307	int ret = 0, i;
308	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
309	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
310	/*
311	* 32-bit RSA key, extracted from this command,
312	* executed with OpenSSL 1.0.2:
313	*
314	* openssl genrsa 32 \| openssl rsa -text
315	*/
316	static unsigned long key_numbers[] = {
317	0xbc747fc5, /* N */
318	0x10001, /* E */
319	0x7b133399, /* D */
320	0xe963, /* P */
321	0xceb7, /* Q */
322	0x8599, /* DP */
323	0xbd87, /* DQ */
324	0xcc3b, /* QINV */
325	};
326	OSSL_PARAM fromdata_params[] = {
327	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
328	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
329	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
330	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
331	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
332	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
333	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
334	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
335	OSSL_PARAM_END
336	};
337	BIGNUM *bn = BN_new();
338	BIGNUM *bn_from = BN_new();
339
340	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
341	goto err;
342
343	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
344	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
345	fromdata_params), 1))
346	goto err;
347
348	while (dup_pk == NULL) {
349	ret = 0;
350	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
351	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
352	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
353	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
354	goto err;
355
356	EVP_PKEY_CTX_free(key_ctx);
357	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
358	goto err;
359
360	if (!TEST_true(EVP_PKEY_check(key_ctx))
361	\|\| !TEST_true(EVP_PKEY_public_check(key_ctx))
362	\|\| !TEST_true(EVP_PKEY_private_check(key_ctx))
363	\|\| !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
364	goto err;
365
366	/* EVP_PKEY_copy_parameters() should fail for RSA */
367	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
368	\|\| !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
369	goto err;
370	EVP_PKEY_free(copy_pk);
371	copy_pk = NULL;
372
373	ret = test_print_key_using_pem("RSA", pk)
374	&& test_print_key_using_encoder("RSA", pk);
375
376	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
377	goto err;
378	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
379	EVP_PKEY_free(pk);
380	pk = dup_pk;
381	if (!ret)
382	goto err;
383	}
384	err:
385	/* for better diagnostics always compare key params */
386	for (i = 0; fromdata_params[i].key != NULL; ++i) {
387	if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
388	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
389	\|\| !TEST_BN_eq(bn, bn_from))
390	ret = 0;
391	}
392	BN_free(bn_from);
393	BN_free(bn);
394	EVP_PKEY_free(pk);
395	EVP_PKEY_free(copy_pk);
396	EVP_PKEY_CTX_free(key_ctx);
397	EVP_PKEY_CTX_free(ctx);
398
399	return ret;
400	}
401
402	static int test_evp_pkey_get_bn_param_large(void)
403	{
404	int ret = 0;
405	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
406	EVP_PKEY *pk = NULL;
407	OSSL_PARAM_BLD *bld = NULL;
408	OSSL_PARAM *fromdata_params = NULL;
409	BIGNUM n = NULL, e = NULL, d = NULL, n_out = NULL;
410	/*
411	* The buffer size chosen here for n_data larger than the buffer used
412	* internally in EVP_PKEY_get_bn_param.
413	*/
414	static unsigned char n_data[2050];
415	static const unsigned char e_data[] = {
416	0x1, 0x00, 0x01
417	};
418	static const unsigned char d_data[]= {
419	0x99, 0x33, 0x13, 0x7b
420	};
421
422	/* N is a large buffer */
423	memset(n_data, 0xCE, sizeof(n_data));
424
425	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
426	\|\| !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
427	\|\| !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
428	\|\| !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
429	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
430	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
431	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
432	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
433	\|\| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
434	\|\| !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
435	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
436	fromdata_params), 1)
437	\|\| !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
438	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
439	\|\| !TEST_BN_eq(n, n_out))
440	goto err;
441	ret = 1;
442	err:
443	BN_free(n_out);
444	BN_free(n);
445	BN_free(e);
446	BN_free(d);
447	EVP_PKEY_free(pk);
448	EVP_PKEY_CTX_free(key_ctx);
449	EVP_PKEY_CTX_free(ctx);
450	OSSL_PARAM_free(fromdata_params);
451	OSSL_PARAM_BLD_free(bld);
452	return ret;
453	}
454
455
456	#ifndef OPENSSL_NO_DH
457	static int test_fromdata_dh_named_group(void)
458	{
459	int ret = 0;
460	int gindex = 0, pcounter = 0, hindex = 0;
461	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
462	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
463	size_t len;
464	BIGNUM pub = NULL, priv = NULL;
465	BIGNUM pub_out = NULL, priv_out = NULL;
466	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
467	OSSL_PARAM *fromdata_params = NULL;
468	OSSL_PARAM_BLD *bld = NULL;
469	char name_out[80];
470	unsigned char seed_out[32];
471
472	/*
473	* DH key data was generated using the following:
474	* openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
475	* -pkeyopt priv_len:224 -text
476	*/
477	static const unsigned char priv_data[] = {
478	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
479	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
480	0x87, 0xe8, 0xa9, 0x7b,
481	};
482	static const unsigned char pub_data[] = {
483	0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
484	0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
485	0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
486	0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
487	0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
488	0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
489	0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
490	0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
491	0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
492	0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
493	0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
494	0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
495	0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
496	0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
497	0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
498	0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
499	0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
500	0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
501	0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
502	0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
503	0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
504	0xcf, 0x33, 0x42, 0x83, 0x42
505	};
506	static const char group_name[] = "ffdhe2048";
507	static const long priv_len = 224;
508
509	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
510	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
511	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
512	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
513	OSSL_PKEY_PARAM_GROUP_NAME,
514	group_name, 0))
515	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
516	priv_len))
517	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
518	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
519	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
520	goto err;
521
522	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
523	goto err;
524
525	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
526	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
527	fromdata_params), 1))
528	goto err;
529
530	/*
531	* A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
532	* it behaves as expected with regards to string length and terminating
533	* NUL byte.
534	*/
535	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
536	OSSL_PKEY_PARAM_GROUP_NAME,
537	NULL, sizeof(name_out),
538	&len))
539	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
540	/* Just enough space to hold the group name and a terminating NUL */
541	\|\| !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
542	OSSL_PKEY_PARAM_GROUP_NAME,
543	name_out,
544	sizeof(group_name),
545	&len))
546	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
547	/* Too small buffer to hold the terminating NUL byte */
548	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
549	OSSL_PKEY_PARAM_GROUP_NAME,
550	name_out,
551	sizeof(group_name) - 1,
552	&len))
553	/* Too small buffer to hold the whole group name, even! */
554	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
555	OSSL_PKEY_PARAM_GROUP_NAME,
556	name_out,
557	sizeof(group_name) - 2,
558	&len)))
559	goto err;
560
561	while (dup_pk == NULL) {
562	ret = 0;
563	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
564	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
565	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
566	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
567	goto err;
568
569	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
570	OSSL_PKEY_PARAM_GROUP_NAME,
571	name_out,
572	sizeof(name_out),
573	&len))
574	\|\| !TEST_str_eq(name_out, group_name)
575	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
576	&pub_out))
577
578	\|\| !TEST_BN_eq(pub, pub_out)
579	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
580	&priv_out))
581	\|\| !TEST_BN_eq(priv, priv_out)
582	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
583	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
584	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
585	\|\| !TEST_ptr(q)
586	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
587	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
588	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
589	OSSL_PKEY_PARAM_FFC_COFACTOR,
590	&j))
591	\|\| !TEST_ptr_null(j)
592	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
593	OSSL_PKEY_PARAM_FFC_SEED,
594	seed_out,
595	sizeof(seed_out),
596	&len))
597	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
598	&gindex))
599	\|\| !TEST_int_eq(gindex, -1)
600	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
601	&hindex))
602	\|\| !TEST_int_eq(hindex, 0)
603	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
604	OSSL_PKEY_PARAM_FFC_PCOUNTER,
605	&pcounter))
606	\|\| !TEST_int_eq(pcounter, -1))
607	goto err;
608	BN_free(p);
609	p = NULL;
610	BN_free(q);
611	q = NULL;
612	BN_free(g);
613	g = NULL;
614	BN_free(j);
615	j = NULL;
616	BN_free(pub_out);
617	pub_out = NULL;
618	BN_free(priv_out);
619	priv_out = NULL;
620
621	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
622	goto err;
623
624	if (!TEST_true(EVP_PKEY_check(key_ctx))
625	\|\| !TEST_true(EVP_PKEY_public_check(key_ctx))
626	\|\| !TEST_true(EVP_PKEY_private_check(key_ctx))
627	\|\| !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
628	goto err;
629	EVP_PKEY_CTX_free(key_ctx);
630	key_ctx = NULL;
631
632	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
633	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
634	goto err;
635	EVP_PKEY_free(copy_pk);
636	copy_pk = NULL;
637
638	ret = test_print_key_using_pem("DH", pk)
639	&& test_print_key_using_encoder("DH", pk);
640
641	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
642	goto err;
643	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
644	EVP_PKEY_free(pk);
645	pk = dup_pk;
646	if (!ret)
647	goto err;
648	}
649	err:
650	BN_free(p);
651	BN_free(q);
652	BN_free(g);
653	BN_free(j);
654	BN_free(pub);
655	BN_free(priv);
656	BN_free(pub_out);
657	BN_free(priv_out);
658	EVP_PKEY_free(copy_pk);
659	EVP_PKEY_free(pk);
660	EVP_PKEY_CTX_free(ctx);
661	EVP_PKEY_CTX_free(key_ctx);
662	OSSL_PARAM_free(fromdata_params);
663	OSSL_PARAM_BLD_free(bld);
664
665	return ret;
666	}
667
668	static int test_fromdata_dh_fips186_4(void)
669	{
670	int ret = 0;
671	int gindex = 0, pcounter = 0, hindex = 0;
672	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
673	EVP_PKEY pk = NULL, dup_pk = NULL;
674	size_t len;
675	BIGNUM pub = NULL, priv = NULL;
676	BIGNUM pub_out = NULL, priv_out = NULL;
677	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
678	OSSL_PARAM_BLD *bld = NULL;
679	OSSL_PARAM *fromdata_params = NULL;
680	char name_out[80];
681	unsigned char seed_out[32];
682
683	/*
684	* DH key data was generated using the following:
685	* openssl genpkey -algorithm DH
686	* -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
687	*/
688	static const unsigned char priv_data[] = {
689	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
690	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
691	0x87, 0xe8, 0xa9, 0x7b,
692	};
693	static const unsigned char pub_data[] = {
694	0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
695	0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
696	0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
697	0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
698	0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
699	0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
700	0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
701	0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
702	0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
703	0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
704	0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
705	0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
706	0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
707	0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
708	0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
709	0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
710	0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
711	0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
712	0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
713	0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
714	0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
715	0x33, 0x42, 0x83, 0x42
716	};
717	static const char group_name[] = "ffdhe2048";
718	static const long priv_len = 224;
719
720
721	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
722	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
723	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
724	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
725	OSSL_PKEY_PARAM_GROUP_NAME,
726	group_name, 0))
727	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
728	priv_len))
729	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
730	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
731	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
732	goto err;
733
734	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
735	goto err;
736
737	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
738	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
739	fromdata_params), 1))
740	goto err;
741
742	while (dup_pk == NULL) {
743	ret = 0;
744	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
745	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
746	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
747	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
748	goto err;
749
750	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
751	OSSL_PKEY_PARAM_GROUP_NAME,
752	name_out,
753	sizeof(name_out),
754	&len))
755	\|\| !TEST_str_eq(name_out, group_name)
756	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
757	&pub_out))
758	\|\| !TEST_BN_eq(pub, pub_out)
759	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
760	&priv_out))
761	\|\| !TEST_BN_eq(priv, priv_out)
762	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
763	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
764	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
765	\|\| !TEST_ptr(q)
766	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
767	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
768	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
769	OSSL_PKEY_PARAM_FFC_COFACTOR,
770	&j))
771	\|\| !TEST_ptr_null(j)
772	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
773	OSSL_PKEY_PARAM_FFC_SEED,
774	seed_out,
775	sizeof(seed_out),
776	&len))
777	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
778	OSSL_PKEY_PARAM_FFC_GINDEX,
779	&gindex))
780	\|\| !TEST_int_eq(gindex, -1)
781	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
782	&hindex))
783	\|\| !TEST_int_eq(hindex, 0)
784	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
785	OSSL_PKEY_PARAM_FFC_PCOUNTER,
786	&pcounter))
787	\|\| !TEST_int_eq(pcounter, -1))
788	goto err;
789	BN_free(p);
790	p = NULL;
791	BN_free(q);
792	q = NULL;
793	BN_free(g);
794	g = NULL;
795	BN_free(j);
796	j = NULL;
797	BN_free(pub_out);
798	pub_out = NULL;
799	BN_free(priv_out);
800	priv_out = NULL;
801
802	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
803	goto err;
804
805	if (!TEST_true(EVP_PKEY_check(key_ctx))
806	\|\| !TEST_true(EVP_PKEY_public_check(key_ctx))
807	\|\| !TEST_true(EVP_PKEY_private_check(key_ctx))
808	\|\| !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
809	goto err;
810	EVP_PKEY_CTX_free(key_ctx);
811	key_ctx = NULL;
812
813	ret = test_print_key_using_pem("DH", pk)
814	&& test_print_key_using_encoder("DH", pk);
815
816	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
817	goto err;
818	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
819	EVP_PKEY_free(pk);
820	pk = dup_pk;
821	if (!ret)
822	goto err;
823	}
824	err:
825	BN_free(p);
826	BN_free(q);
827	BN_free(g);
828	BN_free(j);
829	BN_free(pub);
830	BN_free(priv);
831	BN_free(pub_out);
832	BN_free(priv_out);
833	EVP_PKEY_free(pk);
834	EVP_PKEY_CTX_free(ctx);
835	EVP_PKEY_CTX_free(key_ctx);
836	OSSL_PARAM_free(fromdata_params);
837	OSSL_PARAM_BLD_free(bld);
838
839	return ret;
840	}
841
842	#endif
843
844
845
846	#ifndef OPENSSL_NO_EC
847	/* Array indexes used in test_fromdata_ecx */
848	# define PRIV_KEY 0
849	# define PUB_KEY 1
850
851	# define X25519_IDX 0
852	# define X448_IDX 1
853	# define ED25519_IDX 2
854	# define ED448_IDX 3
855
856	/*
857	* tst uses indexes 0 ... (3 * 4 - 1)
858	* For the 4 ECX key types (X25519_IDX..ED448_IDX)
859	* 0..3 = public + private key.
860	* 4..7 = private key (This will generate the public key from the private key)
861	* 8..11 = public key
862	*/
863	static int test_fromdata_ecx(int tst)
864	{
865	int ret = 0;
866	EVP_PKEY_CTX ctx = NULL, ctx2 = NULL;
867	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
868	const char *alg = NULL;
869	size_t len;
870	unsigned char out_pub[ED448_KEYLEN];
871	unsigned char out_priv[ED448_KEYLEN];
872	OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
873
874	/* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
875	static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
876	/* X25519: Keys from RFC 7748 6.1 */
877	{
878	/* Private Key */
879	{
880	0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
881	0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
882	0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
883	0x2c, 0x2a
884	},
885	/* Public Key */
886	{
887	0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
888	0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
889	0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
890	0x4e, 0x6a
891	}
892	},
893	/* X448: Keys from RFC 7748 6.2 */
894	{
895	/* Private Key */
896	{
897	0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
898	0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
899	0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
900	0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
901	0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
902	0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
903	},
904	/* Public Key */
905	{
906	0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
907	0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
908	0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
909	0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
910	0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
911	0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
912	}
913	},
914	/* ED25519: Keys from RFC 8032 */
915	{
916	/* Private Key */
917	{
918	0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
919	0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
920	0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
921	0x7f, 0x60
922	},
923	/* Public Key */
924	{
925	0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
926	0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
927	0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
928	0x51, 0x1a
929	}
930	},
931	/* ED448: Keys from RFC 8032 */
932	{
933	/* Private Key */
934	{
935	0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
936	0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
937	0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
938	0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
939	0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
940	0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
941	},
942	/* Public Key */
943	{
944	0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
945	0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
946	0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
947	0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
948	0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
949	0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
950	}
951	}
952	};
953	OSSL_PARAM x25519_fromdata_params[] = {
954	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
955	key_numbers[X25519_IDX][PRIV_KEY],
956	X25519_KEYLEN),
957	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
958	key_numbers[X25519_IDX][PUB_KEY],
959	X25519_KEYLEN),
960	OSSL_PARAM_END
961	};
962	OSSL_PARAM x448_fromdata_params[] = {
963	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
964	key_numbers[X448_IDX][PRIV_KEY],
965	X448_KEYLEN),
966	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
967	key_numbers[X448_IDX][PUB_KEY],
968	X448_KEYLEN),
969	OSSL_PARAM_END
970	};
971	OSSL_PARAM ed25519_fromdata_params[] = {
972	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
973	key_numbers[ED25519_IDX][PRIV_KEY],
974	ED25519_KEYLEN),
975	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
976	key_numbers[ED25519_IDX][PUB_KEY],
977	ED25519_KEYLEN),
978	OSSL_PARAM_END
979	};
980	OSSL_PARAM ed448_fromdata_params[] = {
981	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
982	key_numbers[ED448_IDX][PRIV_KEY],
983	ED448_KEYLEN),
984	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
985	key_numbers[ED448_IDX][PUB_KEY],
986	ED448_KEYLEN),
987	OSSL_PARAM_END
988	};
989	OSSL_PARAM *fromdata_params = NULL;
990	int bits = 0, security_bits = 0, size = 0;
991	OSSL_PARAM *orig_fromdata_params = NULL;
992
993	switch (tst & 3) {
994	case X25519_IDX:
995	fromdata_params = x25519_fromdata_params;
996	bits = X25519_BITS;
997	security_bits = X25519_SECURITY_BITS;
998	size = X25519_KEYLEN;
999	alg = "X25519";
1000	break;
1001
1002	case X448_IDX:
1003	fromdata_params = x448_fromdata_params;
1004	bits = X448_BITS;
1005	security_bits = X448_SECURITY_BITS;
1006	size = X448_KEYLEN;
1007	alg = "X448";
1008	break;
1009
1010	case ED25519_IDX:
1011	fromdata_params = ed25519_fromdata_params;
1012	bits = ED25519_BITS;
1013	security_bits = ED25519_SECURITY_BITS;
1014	size = ED25519_SIGSIZE;
1015	alg = "ED25519";
1016	break;
1017
1018	case ED448_IDX:
1019	fromdata_params = ed448_fromdata_params;
1020	bits = ED448_BITS;
1021	security_bits = ED448_SECURITY_BITS;
1022	size = ED448_SIGSIZE;
1023	alg = "ED448";
1024	break;
1025	default:
1026	goto err;
1027	}
1028
1029	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1030	if (!TEST_ptr(ctx))
1031	goto err;
1032
1033	orig_fromdata_params = fromdata_params;
1034	if (tst > 7) {
1035	/* public key only */
1036	fromdata_params++;
1037	} else if (tst > 3) {
1038	/* private key only */
1039	params[0] = fromdata_params[0];
1040	params[1] = fromdata_params[2];
1041	fromdata_params = params;
1042	}
1043
1044	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1045	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1046	fromdata_params), 1))
1047	goto err;
1048
1049	while (dup_pk == NULL) {
1050	ret = 0;
1051	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1052	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1053	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1054	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1055	goto err;
1056
1057	if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1058	goto err;
1059	if (tst <= 7) {
1060	if (!TEST_true(EVP_PKEY_check(ctx2)))
1061	goto err;
1062	if (!TEST_true(EVP_PKEY_get_octet_string_param(
1063	pk, orig_fromdata_params[PRIV_KEY].key,
1064	out_priv, sizeof(out_priv), &len))
1065	\|\| !TEST_mem_eq(out_priv, len,
1066	orig_fromdata_params[PRIV_KEY].data,
1067	orig_fromdata_params[PRIV_KEY].data_size)
1068	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(
1069	pk, orig_fromdata_params[PUB_KEY].key,
1070	out_pub, sizeof(out_pub), &len))
1071	\|\| !TEST_mem_eq(out_pub, len,
1072	orig_fromdata_params[PUB_KEY].data,
1073	orig_fromdata_params[PUB_KEY].data_size))
1074	goto err;
1075	} else {
1076	/* The private key check should fail if there is only a public key */
1077	if (!TEST_true(EVP_PKEY_public_check(ctx2))
1078	\|\| !TEST_false(EVP_PKEY_private_check(ctx2))
1079	\|\| !TEST_false(EVP_PKEY_check(ctx2)))
1080	goto err;
1081	}
1082	EVP_PKEY_CTX_free(ctx2);
1083	ctx2 = NULL;
1084
1085	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1086	/* This should succeed because there are no parameters to copy */
1087	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1088	goto err;
1089	EVP_PKEY_free(copy_pk);
1090	copy_pk = NULL;
1091
1092	if (tst > 7)
1093	ret = test_print_key_using_encoder_public(alg, pk);
1094	else
1095	ret = test_print_key_using_pem(alg, pk)
1096	&& test_print_key_using_encoder(alg, pk);
1097
1098	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1099	goto err;
1100	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1101	EVP_PKEY_free(pk);
1102	pk = dup_pk;
1103	if (!ret)
1104	goto err;
1105	}
1106
1107	err:
1108	EVP_PKEY_free(pk);
1109	EVP_PKEY_free(copy_pk);
1110	EVP_PKEY_CTX_free(ctx);
1111	EVP_PKEY_CTX_free(ctx2);
1112
1113	return ret;
1114	}
1115
1116	#define CURVE_NAME 2
1117
1118	static int test_fromdata_ec(void)
1119	{
1120	int ret = 0;
1121	EVP_PKEY_CTX *ctx = NULL;
1122	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1123	OSSL_PARAM_BLD *bld = NULL;
1124	BIGNUM *ec_priv_bn = NULL;
1125	BIGNUM *bn_priv = NULL;
1126	OSSL_PARAM *fromdata_params = NULL;
1127	const char *alg = "EC";
1128	const char *curve = "prime256v1";
1129	/* UNCOMPRESSED FORMAT */
1130	static const unsigned char ec_pub_keydata[] = {
1131	POINT_CONVERSION_UNCOMPRESSED,
1132	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1133	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1134	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1135	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1136	0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1137	0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1138	0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1139	0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1140	};
1141	static const unsigned char ec_priv_keydata[] = {
1142	0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1143	0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1144	0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1145	0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1146	};
1147	const int compressed_sz = 1 + (sizeof(ec_pub_keydata) - 1) / 2;
1148	unsigned char out_pub[sizeof(ec_pub_keydata)];
1149	char out_curve_name[80];
1150	const OSSL_PARAM *gettable = NULL;
1151	size_t len;
1152	EC_GROUP *group = NULL;
1153	BIGNUM *group_a = NULL;
1154	BIGNUM *group_b = NULL;
1155	BIGNUM *group_p = NULL;
1156	BIGNUM *a = NULL;
1157	BIGNUM *b = NULL;
1158	BIGNUM *p = NULL;
1159
1160
1161	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1162	goto err;
1163	if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1164	sizeof(ec_priv_keydata), NULL)))
1165	goto err;
1166
1167	if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1168	curve, 0) <= 0)
1169	goto err;
1170	if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1171	ec_pub_keydata,
1172	sizeof(ec_pub_keydata)) <= 0)
1173	goto err;
1174	if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1175	goto err;
1176	if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1177	goto err;
1178	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1179	if (!TEST_ptr(ctx))
1180	goto err;
1181
1182	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1183	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1184	fromdata_params), 1))
1185	goto err;
1186
1187	while (dup_pk == NULL) {
1188	ret = 0;
1189	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1190	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1191	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1192	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1193	goto err;
1194
1195	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1196	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1197	goto err;
1198	EVP_PKEY_free(copy_pk);
1199	copy_pk = NULL;
1200
1201	if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1202	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1203	OSSL_PKEY_PARAM_GROUP_NAME))
1204	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1205	OSSL_PKEY_PARAM_PUB_KEY))
1206	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1207	OSSL_PKEY_PARAM_PRIV_KEY)))
1208	goto err;
1209
1210	if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1211	\|\| !TEST_ptr(group_p = BN_new())
1212	\|\| !TEST_ptr(group_a = BN_new())
1213	\|\| !TEST_ptr(group_b = BN_new())
1214	\|\| !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1215	goto err;
1216
1217	if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1218	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1219	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1220	goto err;
1221
1222	if (!TEST_BN_eq(group_p, p) \|\| !TEST_BN_eq(group_a, a)
1223	\|\| !TEST_BN_eq(group_b, b))
1224	goto err;
1225
1226	if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1227	out_curve_name,
1228	sizeof(out_curve_name),
1229	&len)
1230	\|\| !TEST_str_eq(out_curve_name, curve)
1231	\|\| !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1232	out_pub, sizeof(out_pub), &len)
1233	\|\| !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1))
1234	\|\| !TEST_mem_eq(out_pub + 1, len - 1,
1235	ec_pub_keydata + 1, compressed_sz - 1)
1236	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1237	&bn_priv))
1238	\|\| !TEST_BN_eq(ec_priv_bn, bn_priv))
1239	goto err;
1240	BN_free(bn_priv);
1241	bn_priv = NULL;
1242
1243	ret = test_print_key_using_pem(alg, pk)
1244	&& test_print_key_using_encoder(alg, pk);
1245
1246	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1247	goto err;
1248	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1249	EVP_PKEY_free(pk);
1250	pk = dup_pk;
1251	if (!ret)
1252	goto err;
1253	}
1254
1255	err:
1256	EC_GROUP_free(group);
1257	BN_free(group_a);
1258	BN_free(group_b);
1259	BN_free(group_p);
1260	BN_free(a);
1261	BN_free(b);
1262	BN_free(p);
1263	BN_free(bn_priv);
1264	BN_free(ec_priv_bn);
1265	OSSL_PARAM_free(fromdata_params);
1266	OSSL_PARAM_BLD_free(bld);
1267	EVP_PKEY_free(pk);
1268	EVP_PKEY_free(copy_pk);
1269	EVP_PKEY_CTX_free(ctx);
1270	return ret;
1271	}
1272
1273	static int test_ec_dup_no_operation(void)
1274	{
1275	int ret = 0;
1276	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1277	EVP_PKEY param = NULL, pkey = NULL;
1278
1279	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1280	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1281	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1282	NID_X9_62_prime256v1), 0)
1283	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1284	\|\| !TEST_ptr(param))
1285	goto err;
1286
1287	EVP_PKEY_CTX_free(pctx);
1288	pctx = NULL;
1289
1290	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1291	\|\| !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1292	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1293	\|\| !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1294	goto err;
1295	ret = 1;
1296	err:
1297	EVP_PKEY_free(pkey);
1298	EVP_PKEY_free(param);
1299	EVP_PKEY_CTX_free(ctx);
1300	EVP_PKEY_CTX_free(kctx);
1301	EVP_PKEY_CTX_free(pctx);
1302	return ret;
1303	}
1304
1305	/* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1306	static int test_ec_dup_keygen_operation(void)
1307	{
1308	int ret = 0;
1309	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1310	EVP_PKEY param = NULL, pkey = NULL;
1311
1312	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1313	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1314	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1315	NID_X9_62_prime256v1), 0)
1316	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1317	\|\| !TEST_ptr(param))
1318	goto err;
1319
1320	EVP_PKEY_CTX_free(pctx);
1321	pctx = NULL;
1322
1323	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1324	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1325	\|\| !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1326	goto err;
1327	ret = 1;
1328	err:
1329	EVP_PKEY_free(pkey);
1330	EVP_PKEY_free(param);
1331	EVP_PKEY_CTX_free(ctx);
1332	EVP_PKEY_CTX_free(kctx);
1333	EVP_PKEY_CTX_free(pctx);
1334	return ret;
1335	}
1336
1337	#endif /* OPENSSL_NO_EC */
1338
1339	#ifndef OPENSSL_NO_DSA
1340	static int test_fromdata_dsa_fips186_4(void)
1341	{
1342	int ret = 0;
1343	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
1344	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1345	BIGNUM pub = NULL, priv = NULL;
1346	BIGNUM p = NULL, q = NULL, *g = NULL;
1347	BIGNUM pub_out = NULL, priv_out = NULL;
1348	BIGNUM p_out = NULL, q_out = NULL, g_out = NULL, j_out = NULL;
1349	int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1350	char name_out[80];
1351	unsigned char seed_out[32];
1352	size_t len;
1353	OSSL_PARAM_BLD *bld = NULL;
1354	OSSL_PARAM *fromdata_params = NULL;
1355
1356	/*
1357	* DSA parameter data was generated using the following:
1358	* openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1359	* -pkeyopt qbits:256 -pkeyopt type:0 \
1360	* -pkeyopt gindex:1 -out dsa_params.pem -text
1361	*/
1362	static const unsigned char p_data[] = {
1363	0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1364	0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1365	0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1366	0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1367	0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1368	0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1369	0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1370	0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1371	0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1372	0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1373	0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1374	0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1375	0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1376	0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1377	0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1378	0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1379	0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1380	0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1381	0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1382	0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1383	0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1384	0x7c, 0xfe, 0xaf, 0x6a, 0x05
1385	};
1386	static const unsigned char q_data[] = {
1387	0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1388	0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1389	0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1390	};
1391	static const unsigned char g_data[] = {
1392	0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1393	0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1394	0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1395	0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1396	0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1397	0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1398	0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1399	0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1400	0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1401	0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1402	0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1403	0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1404	0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1405	0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1406	0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1407	0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1408	0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1409	0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1410	0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1411	0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1412	0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1413	0x02, 0x6f, 0x96, 0x36
1414	};
1415	static const unsigned char seed_data[] = {
1416	0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1417	0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1418	0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1419	};
1420	const int gindex = 1;
1421	const int pcounter = 53;
1422	/*
1423	* The keypair was generated using
1424	* openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1425	* -pkeyopt gindex:1 \
1426	* -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1427	*/
1428	static const unsigned char priv_data[] = {
1429	0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1430	0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1431	0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1432	};
1433	static const unsigned char pub_data[] = {
1434	0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1435	0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1436	0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1437	0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1438	0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1439	0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1440	0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1441	0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1442	0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1443	0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1444	0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1445	0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1446	0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1447	0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1448	0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1449	0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1450	0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1451	0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1452	0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1453	0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1454	0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1455	0x48, 0xd1, 0x8a, 0xbd
1456	};
1457
1458	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1459	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1460	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1461	\|\| !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1462	\|\| !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1463	\|\| !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1464
1465	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1466	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1467	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1468	\|\| !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1469	OSSL_PKEY_PARAM_FFC_SEED,
1470	seed_data,
1471	sizeof(seed_data)))
1472	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1473	gindex))
1474	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1475	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1476	pcounter))
1477	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1478	pub))
1479	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1480	priv))
1481	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1482	goto err;
1483
1484	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1485	goto err;
1486
1487	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1488	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1489	fromdata_params), 1))
1490	goto err;
1491
1492	while (dup_pk == NULL) {
1493	ret = 0;
1494	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1495	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1496	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1497	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1498	goto err;
1499
1500	if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1501	OSSL_PKEY_PARAM_GROUP_NAME,
1502	name_out,
1503	sizeof(name_out),
1504	&len))
1505	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1506	&pub_out))
1507	\|\| !TEST_BN_eq(pub, pub_out)
1508	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1509	&priv_out))
1510	\|\| !TEST_BN_eq(priv, priv_out)
1511	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1512	&p_out))
1513	\|\| !TEST_BN_eq(p, p_out)
1514	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1515	&q_out))
1516	\|\| !TEST_BN_eq(q, q_out)
1517	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1518	&g_out))
1519	\|\| !TEST_BN_eq(g, g_out)
1520	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
1521	OSSL_PKEY_PARAM_FFC_COFACTOR,
1522	&j_out))
1523	\|\| !TEST_ptr_null(j_out)
1524	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1525	OSSL_PKEY_PARAM_FFC_SEED,
1526	seed_out,
1527	sizeof(seed_out),
1528	&len))
1529	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1530	OSSL_PKEY_PARAM_FFC_GINDEX,
1531	&gindex_out))
1532	\|\| !TEST_int_eq(gindex, gindex_out)
1533	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1534	&hindex_out))
1535	\|\| !TEST_int_eq(hindex_out, 0)
1536	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1537	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1538	&pcounter_out))
1539	\|\| !TEST_int_eq(pcounter, pcounter_out))
1540	goto err;
1541	BN_free(p);
1542	p = NULL;
1543	BN_free(q);
1544	q = NULL;
1545	BN_free(g);
1546	g = NULL;
1547	BN_free(j_out);
1548	j_out = NULL;
1549	BN_free(pub_out);
1550	pub_out = NULL;
1551	BN_free(priv_out);
1552	priv_out = NULL;
1553
1554	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1555	goto err;
1556
1557	if (!TEST_true(EVP_PKEY_check(key_ctx))
1558	\|\| !TEST_true(EVP_PKEY_public_check(key_ctx))
1559	\|\| !TEST_true(EVP_PKEY_private_check(key_ctx))
1560	\|\| !TEST_true(EVP_PKEY_pairwise_check(key_ctx)))
1561	goto err;
1562	EVP_PKEY_CTX_free(key_ctx);
1563	key_ctx = NULL;
1564
1565	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1566	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1567	goto err;
1568	EVP_PKEY_free(copy_pk);
1569	copy_pk = NULL;
1570
1571	ret = test_print_key_using_pem("DSA", pk)
1572	&& test_print_key_using_encoder("DSA", pk);
1573
1574	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1575	goto err;
1576	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1577	EVP_PKEY_free(pk);
1578	pk = dup_pk;
1579	if (!ret)
1580	goto err;
1581	}
1582
1583	err:
1584	OSSL_PARAM_free(fromdata_params);
1585	OSSL_PARAM_BLD_free(bld);
1586	BN_free(p);
1587	BN_free(q);
1588	BN_free(g);
1589	BN_free(pub);
1590	BN_free(priv);
1591	BN_free(p_out);
1592	BN_free(q_out);
1593	BN_free(g_out);
1594	BN_free(pub_out);
1595	BN_free(priv_out);
1596	BN_free(j_out);
1597	EVP_PKEY_free(pk);
1598	EVP_PKEY_free(copy_pk);
1599	EVP_PKEY_CTX_free(ctx);
1600	EVP_PKEY_CTX_free(key_ctx);
1601
1602	return ret;
1603	}
1604
1605	static int test_check_dsa(void)
1606	{
1607	int ret = 0;
1608	EVP_PKEY_CTX *ctx = NULL;
1609
1610	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1611	\|\| !TEST_false(EVP_PKEY_check(ctx))
1612	\|\| !TEST_false(EVP_PKEY_public_check(ctx))
1613	\|\| !TEST_false(EVP_PKEY_private_check(ctx))
1614	\|\| !TEST_false(EVP_PKEY_pairwise_check(ctx)))
1615	goto err;
1616
1617	ret = 1;
1618	err:
1619	EVP_PKEY_CTX_free(ctx);
1620
1621	return ret;
1622	}
1623	#endif /* OPENSSL_NO_DSA */
1624
1625
1626	static OSSL_PARAM do_construct_hkdf_params(char digest, char *key,
1627	size_t keylen, char *salt)
1628	{
1629	OSSL_PARAM params = OPENSSL_malloc(sizeof(OSSL_PARAM) 5);
1630	OSSL_PARAM *p = params;
1631
1632	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1633	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1634	salt, strlen(salt));
1635	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1636	(unsigned char *)key, keylen);
1637	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1638	"EXTRACT_ONLY", 0);
1639	*p = OSSL_PARAM_construct_end();
1640
1641	return params;
1642	}
1643
1644	/* Test that EVP_PKEY_CTX_dup() fails gracefully for a KDF */
1645	static int test_evp_pkey_ctx_dup_kdf_fail(void)
1646	{
1647	int ret = 0;
1648	size_t len = 0;
1649	EVP_PKEY_CTX pctx = NULL, dctx = NULL;
1650	OSSL_PARAM *params = NULL;
1651
1652	if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1653	"salt")))
1654	goto err;
1655	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1656	goto err;
1657	if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1658	goto err;
1659	if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1660	\|\| !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH))
1661	goto err;
1662	if (!TEST_ptr_null(dctx = EVP_PKEY_CTX_dup(pctx)))
1663	goto err;
1664	ret = 1;
1665	err:
1666	OPENSSL_free(params);
1667	EVP_PKEY_CTX_free(dctx);
1668	EVP_PKEY_CTX_free(pctx);
1669	return ret;
1670	}
1671
1672	int setup_tests(void)
1673	{
1674	if (!test_skip_common_options()) {
1675	TEST_error("Error parsing test options\n");
1676	return 0;
1677	}
1678
1679	if (!TEST_ptr(datadir = test_get_argument(0)))
1680	return 0;
1681
1682	ADD_TEST(test_evp_pkey_ctx_dup_kdf_fail);
1683	ADD_TEST(test_evp_pkey_get_bn_param_large);
1684	ADD_TEST(test_fromdata_rsa);
1685	#ifndef OPENSSL_NO_DH
1686	ADD_TEST(test_fromdata_dh_fips186_4);
1687	ADD_TEST(test_fromdata_dh_named_group);
1688	#endif
1689	#ifndef OPENSSL_NO_DSA
1690	ADD_TEST(test_check_dsa);
1691	ADD_TEST(test_fromdata_dsa_fips186_4);
1692	#endif
1693	#ifndef OPENSSL_NO_EC
1694	ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1695	ADD_TEST(test_fromdata_ec);
1696	ADD_TEST(test_ec_dup_no_operation);
1697	ADD_TEST(test_ec_dup_keygen_operation);
1698	#endif
1699	return 1;
1700	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.0.2/test/evp_pkey_provided_test.c@ 94403

以其他格式下載: