endecode_test.c@ 97371

最後變更在這個檔案從97371是 95219,由 vboxsync 提交於 3 年前
libs/openssl: Switched to v3.0.3, bugref:10128
檔案大小: 56.8 KB

行
1	/*
2	* Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h>
11	#include <openssl/core_dispatch.h>
12	#include <openssl/evp.h>
13	#include <openssl/pem.h>
14	#include <openssl/rsa.h>
15	#include <openssl/x509.h>
16	#include <openssl/core_names.h>
17	#include <openssl/params.h>
18	#include <openssl/param_build.h>
19	#include <openssl/encoder.h>
20	#include <openssl/decoder.h>
21
22	#include "internal/cryptlib.h" /* ossl_assert */
23	#include "crypto/pem.h" /* For PVK and "blob" PEM headers */
24	#include "crypto/evp.h" /* For evp_pkey_is_provided() */
25
26	#include "helpers/predefined_dhparams.h"
27	#include "testutil.h"
28
29	/* Extended test macros to allow passing file & line number */
30	#define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
31	#define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
32	#define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
33	#define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
34	#define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
35	#define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
36	#define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
37	#define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
38	#define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
39
40	#if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
41	# define OPENSSL_NO_KEYPARAMS
42	#endif
43
44	static int default_libctx = 1;
45	static int is_fips = 0;
46
47	static OSSL_LIB_CTX *testctx = NULL;
48	static OSSL_LIB_CTX *keyctx = NULL;
49	static char *testpropq = NULL;
50
51	static OSSL_PROVIDER *nullprov = NULL;
52	static OSSL_PROVIDER *deflprov = NULL;
53	static OSSL_PROVIDER *keyprov = NULL;
54
55	#ifndef OPENSSL_NO_EC
56	static BN_CTX *bnctx = NULL;
57	static OSSL_PARAM_BLD *bld_prime_nc = NULL;
58	static OSSL_PARAM_BLD *bld_prime = NULL;
59	static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
60	static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
61
62	# ifndef OPENSSL_NO_EC2M
63	static OSSL_PARAM_BLD *bld_tri_nc = NULL;
64	static OSSL_PARAM_BLD *bld_tri = NULL;
65	static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
66	static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
67	# endif
68	#endif
69
70	#ifndef OPENSSL_NO_KEYPARAMS
71	static EVP_PKEY make_template(const char type, OSSL_PARAM *genparams)
72	{
73	EVP_PKEY *pkey = NULL;
74	EVP_PKEY_CTX *ctx = NULL;
75
76	# ifndef OPENSSL_NO_DH
77	/*
78	* Use 512-bit DH(X) keys with predetermined parameters for efficiency,
79	* for testing only. Use a minimum key size of 2048 for security purposes.
80	*/
81	if (strcmp(type, "DH") == 0)
82	return get_dh512(keyctx);
83
84	if (strcmp(type, "X9.42 DH") == 0)
85	return get_dhx512(keyctx);
86	# endif
87
88	/*
89	* No real need to check the errors other than for the cascade
90	* effect. \|pkey\| will simply remain NULL if something goes wrong.
91	*/
92	(void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL
93	&& EVP_PKEY_paramgen_init(ctx) > 0
94	&& (genparams == NULL
95	\|\| EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
96	&& EVP_PKEY_generate(ctx, &pkey) > 0);
97	EVP_PKEY_CTX_free(ctx);
98
99	return pkey;
100	}
101	#endif
102
103	#if !defined(OPENSSL_NO_DH) \|\| !defined(OPENSSL_NO_DSA) \|\| !defined(OPENSSL_NO_EC)
104	static EVP_PKEY make_key(const char type, EVP_PKEY *template,
105	OSSL_PARAM *genparams)
106	{
107	EVP_PKEY *pkey = NULL;
108	EVP_PKEY_CTX *ctx =
109	template != NULL
110	? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq)
111	: EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq);
112
113	/*
114	* No real need to check the errors other than for the cascade
115	* effect. \|pkey\| will simply remain NULL if something goes wrong.
116	*/
117	(void)(ctx != NULL
118	&& EVP_PKEY_keygen_init(ctx) > 0
119	&& (genparams == NULL
120	\|\| EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
121	&& EVP_PKEY_keygen(ctx, &pkey) > 0);
122	EVP_PKEY_CTX_free(ctx);
123	return pkey;
124	}
125	#endif
126
127	/* Main test driver */
128
129	typedef int (encoder)(const char *file, const int line,
130	void *encoded, long encoded_len,
131	void *object, int selection,
132	const char output_type, const char output_structure,
133	const char pass, const char pcipher);
134	typedef int (decoder)(const char *file, const int line,
135	void *object, void encoded, long encoded_len,
136	const char input_type, const char structure_type,
137	const char keytype, int selection, const char pass);
138	typedef int (tester)(const char *file, const int line,
139	const void *data1, size_t data1_len,
140	const void *data2, size_t data2_len);
141	typedef int (checker)(const char *file, const int line,
142	const char type, const void data, size_t data_len);
143	typedef void (dumper)(const char label, const void data, size_t data_len);
144
145	#define FLAG_DECODE_WITH_TYPE 0x0001
146	#define FLAG_FAIL_IF_FIPS 0x0002
147
148	static int test_encode_decode(const char *file, const int line,
149	const char type, EVP_PKEY pkey,
150	int selection, const char *output_type,
151	const char *output_structure,
152	const char pass, const char pcipher,
153	encoder encode_cb, decoder decode_cb,
154	tester test_cb, checker check_cb,
155	dumper *dump_cb, int flags)
156	{
157	void *encoded = NULL;
158	long encoded_len = 0;
159	EVP_PKEY *pkey2 = NULL;
160	void *encoded2 = NULL;
161	long encoded2_len = 0;
162	int ok = 0;
163
164	/*
165	* Encode \|pkey\|, decode the result into \|pkey2\|, and finish off by
166	* encoding \|pkey2\| as well. That last encoding is for checking and
167	* dumping purposes.
168	*/
169	if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
170	output_type, output_structure, pass, pcipher)))
171	goto end;
172
173	if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips) {
174	if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
175	encoded_len, output_type, output_structure,
176	(flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
177	selection, pass)))
178	ok = 1;
179	goto end;
180	}
181
182	if (!TEST_true(check_cb(file, line, type, encoded, encoded_len))
183	\|\| !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
184	output_type, output_structure,
185	(flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
186	selection, pass))
187	\|\| !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
188	output_type, output_structure, pass, pcipher)))
189	goto end;
190
191	if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
192	if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1))
193	goto end;
194	} else {
195	if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1))
196	goto end;
197	}
198
199	/*
200	* Double check the encoding, but only for unprotected keys,
201	* as protected keys have a random component, which makes the output
202	* differ.
203	*/
204	if ((pass == NULL && pcipher == NULL)
205	&& !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
206	goto end;
207
208	ok = 1;
209	end:
210	if (!ok) {
211	if (encoded != NULL && encoded_len != 0)
212	dump_cb("\|pkey\| encoded", encoded, encoded_len);
213	if (encoded2 != NULL && encoded2_len != 0)
214	dump_cb("\|pkey2\| encoded", encoded2, encoded2_len);
215	}
216
217	OPENSSL_free(encoded);
218	OPENSSL_free(encoded2);
219	EVP_PKEY_free(pkey2);
220	return ok;
221	}
222
223	/* Encoding and decoding methods */
224
225	static int encode_EVP_PKEY_prov(const char *file, const int line,
226	void *encoded, long encoded_len,
227	void *object, int selection,
228	const char *output_type,
229	const char *output_structure,
230	const char pass, const char pcipher)
231	{
232	EVP_PKEY *pkey = object;
233	OSSL_ENCODER_CTX *ectx = NULL;
234	BIO *mem_ser = NULL;
235	BUF_MEM *mem_buf = NULL;
236	const unsigned char upass = (const unsigned char )pass;
237	int ok = 0;
238
239	if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
240	output_type,
241	output_structure,
242	testpropq))
243	\|\| !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
244	\|\| (pass != NULL
245	&& !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
246	strlen(pass))))
247	\|\| (pcipher != NULL
248	&& !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
249	\|\| !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
250	\|\| !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
251	\|\| !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
252	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
253	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
254	goto end;
255
256	/* Detach the encoded output */
257	mem_buf->data = NULL;
258	mem_buf->length = 0;
259	ok = 1;
260	end:
261	BIO_free(mem_ser);
262	OSSL_ENCODER_CTX_free(ectx);
263	return ok;
264	}
265
266	static int decode_EVP_PKEY_prov(const char *file, const int line,
267	void *object, void encoded, long encoded_len,
268	const char *input_type,
269	const char *structure_type,
270	const char *keytype, int selection,
271	const char *pass)
272	{
273	EVP_PKEY pkey = NULL, testpkey = NULL;
274	OSSL_DECODER_CTX *dctx = NULL;
275	BIO *encoded_bio = NULL;
276	const unsigned char upass = (const unsigned char )pass;
277	int ok = 0;
278	int i;
279	const char *badtype;
280
281	if (strcmp(input_type, "DER") == 0)
282	badtype = "PEM";
283	else
284	badtype = "DER";
285
286	if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
287	goto end;
288
289	/*
290	* We attempt the decode 3 times. The first time we provide the expected
291	* starting input type. The second time we provide NULL for the starting
292	* type. The third time we provide a bad starting input type.
293	* The bad starting input type should fail. The other two should succeed
294	* and produce the same result.
295	*/
296	for (i = 0; i < 3; i++) {
297	const char *testtype = (i == 0) ? input_type
298	: ((i == 1) ? NULL : badtype);
299
300	if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
301	testtype,
302	structure_type,
303	keytype,
304	selection,
305	testctx, testpropq))
306	\|\| (pass != NULL
307	&& !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
308	\|\| !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
309	/* We expect to fail when using a bad input type */
310	\|\| !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
311	(i == 2) ? 0 : 1))
312	goto end;
313	OSSL_DECODER_CTX_free(dctx);
314	dctx = NULL;
315
316	if (i == 0) {
317	pkey = testpkey;
318	testpkey = NULL;
319	} else if (i == 1) {
320	if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
321	if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
322	goto end;
323	} else {
324	if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
325	goto end;
326	}
327	}
328	}
329	ok = 1;
330	*object = pkey;
331	pkey = NULL;
332
333	end:
334	EVP_PKEY_free(pkey);
335	EVP_PKEY_free(testpkey);
336	BIO_free(encoded_bio);
337	OSSL_DECODER_CTX_free(dctx);
338	return ok;
339	}
340
341	static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
342	void *encoded, long encoded_len,
343	void *object, ossl_unused int selection,
344	ossl_unused const char *output_type,
345	ossl_unused const char *output_structure,
346	const char pass, const char pcipher)
347	{
348	EVP_PKEY *pkey = object;
349	EVP_CIPHER *cipher = NULL;
350	BIO *mem_ser = NULL;
351	BUF_MEM *mem_buf = NULL;
352	const unsigned char upass = (const unsigned char )pass;
353	size_t passlen = 0;
354	int ok = 0;
355
356	if (pcipher != NULL && pass != NULL) {
357	passlen = strlen(pass);
358	if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq)))
359	goto end;
360	}
361	if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
362	\|\| !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
363	cipher,
364	upass, passlen,
365	NULL, NULL))
366	\|\| !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
367	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
368	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
369	goto end;
370
371	/* Detach the encoded output */
372	mem_buf->data = NULL;
373	mem_buf->length = 0;
374	ok = 1;
375	end:
376	BIO_free(mem_ser);
377	EVP_CIPHER_free(cipher);
378	return ok;
379	}
380
381	static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
382	void *encoded, long encoded_len,
383	void *object, int selection,
384	ossl_unused const char *output_type,
385	ossl_unused const char *output_structure,
386	ossl_unused const char *pass,
387	ossl_unused const char *pcipher)
388	{
389	EVP_PKEY *pkey = object;
390	BIO *mem_ser = NULL;
391	BUF_MEM *mem_buf = NULL;
392	int ok = 0;
393
394	if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
395	goto end;
396
397	if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
398	if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
399	goto end;
400	} else {
401	if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
402	goto end;
403	}
404
405	if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
406	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
407	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
408	goto end;
409
410	/* Detach the encoded output */
411	mem_buf->data = NULL;
412	mem_buf->length = 0;
413	ok = 1;
414	end:
415	BIO_free(mem_ser);
416	return ok;
417	}
418
419	static pem_password_cb pass_pw;
420	static int pass_pw(char buf, int size, int rwflag, void userdata)
421	{
422	OPENSSL_strlcpy(buf, userdata, size);
423	return strlen(userdata);
424	}
425
426	static int encode_EVP_PKEY_PVK(const char *file, const int line,
427	void *encoded, long encoded_len,
428	void *object, int selection,
429	ossl_unused const char *output_type,
430	ossl_unused const char *output_structure,
431	const char *pass,
432	ossl_unused const char *pcipher)
433	{
434	EVP_PKEY *pkey = object;
435	BIO *mem_ser = NULL;
436	BUF_MEM *mem_buf = NULL;
437	int enc = (pass != NULL);
438	int ok = 0;
439
440	if (!TEST_FL_true(ossl_assert((selection
441	& OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
442	\|\| !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
443	\|\| !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc,
444	pass_pw, (void *)pass, testctx, testpropq), 0)
445	\|\| !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
446	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
447	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
448	goto end;
449
450	/* Detach the encoded output */
451	mem_buf->data = NULL;
452	mem_buf->length = 0;
453	ok = 1;
454	end:
455	BIO_free(mem_ser);
456	return ok;
457	}
458
459	static int test_text(const char *file, const int line,
460	const void *data1, size_t data1_len,
461	const void *data2, size_t data2_len)
462	{
463	return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
464	}
465
466	static int test_mem(const char *file, const int line,
467	const void *data1, size_t data1_len,
468	const void *data2, size_t data2_len)
469	{
470	return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
471	}
472
473	/* Test cases and their dumpers / checkers */
474
475	static void collect_name(const char name, void arg)
476	{
477	char **namelist = arg;
478	char *new_namelist;
479	size_t space;
480
481	space = strlen(name);
482	if (*namelist != NULL)
483	space += strlen(namelist) + 2 / for comma and space */;
484	space++; /* for terminating null byte */
485
486	new_namelist = OPENSSL_realloc(*namelist, space);
487	if (new_namelist == NULL)
488	return;
489	if (*namelist != NULL) {
490	strcat(new_namelist, ", ");
491	strcat(new_namelist, name);
492	} else {
493	strcpy(new_namelist, name);
494	}
495	*namelist = new_namelist;
496	}
497
498	static void dump_der(const char label, const void data, size_t data_len)
499	{
500	test_output_memory(label, data, data_len);
501	}
502
503	static void dump_pem(const char label, const void data, size_t data_len)
504	{
505	test_output_string(label, data, data_len - 1);
506	}
507
508	static int check_unprotected_PKCS8_DER(const char *file, const int line,
509	const char *type,
510	const void *data, size_t data_len)
511	{
512	const unsigned char *datap = data;
513	PKCS8_PRIV_KEY_INFO *p8inf =
514	d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
515	int ok = 0;
516
517	if (TEST_FL_ptr(p8inf)) {
518	EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq);
519	char *namelist = NULL;
520
521	if (TEST_FL_ptr(pkey)) {
522	if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
523	EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist);
524	if (namelist != NULL)
525	TEST_note("%s isn't any of %s", type, namelist);
526	OPENSSL_free(namelist);
527	}
528	ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey));
529	EVP_PKEY_free(pkey);
530	}
531	}
532	PKCS8_PRIV_KEY_INFO_free(p8inf);
533	return ok;
534	}
535
536	static int test_unprotected_via_DER(const char type, EVP_PKEY key, int fips)
537	{
538	return test_encode_decode(__FILE__, __LINE__, type, key,
539	OSSL_KEYMGMT_SELECT_KEYPAIR
540	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
541	"DER", "PrivateKeyInfo", NULL, NULL,
542	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
543	test_mem, check_unprotected_PKCS8_DER,
544	dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
545	}
546
547	static int check_unprotected_PKCS8_PEM(const char *file, const int line,
548	const char *type,
549	const void *data, size_t data_len)
550	{
551	static const char expected_pem_header[] =
552	"-----BEGIN " PEM_STRING_PKCS8INF "-----";
553
554	return TEST_FL_strn_eq(data, expected_pem_header,
555	sizeof(expected_pem_header) - 1);
556	}
557
558	static int test_unprotected_via_PEM(const char type, EVP_PKEY key, int fips)
559	{
560	return test_encode_decode(__FILE__, __LINE__, type, key,
561	OSSL_KEYMGMT_SELECT_KEYPAIR
562	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
563	"PEM", "PrivateKeyInfo", NULL, NULL,
564	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
565	test_text, check_unprotected_PKCS8_PEM,
566	dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
567	}
568
569	#ifndef OPENSSL_NO_KEYPARAMS
570	static int check_params_DER(const char *file, const int line,
571	const char type, const void data, size_t data_len)
572	{
573	const unsigned char *datap = data;
574	int ok = 0;
575	int itype = NID_undef;
576	EVP_PKEY *pkey = NULL;
577
578	if (strcmp(type, "DH") == 0)
579	itype = EVP_PKEY_DH;
580	else if (strcmp(type, "X9.42 DH") == 0)
581	itype = EVP_PKEY_DHX;
582	else if (strcmp(type, "DSA") == 0)
583	itype = EVP_PKEY_DSA;
584	else if (strcmp(type, "EC") == 0)
585	itype = EVP_PKEY_EC;
586
587	if (itype != NID_undef) {
588	pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
589	ok = (pkey != NULL);
590	EVP_PKEY_free(pkey);
591	}
592
593	return ok;
594	}
595
596	static int check_params_PEM(const char *file, const int line,
597	const char *type,
598	const void *data, size_t data_len)
599	{
600	static char expected_pem_header[80];
601
602	return
603	TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
604	sizeof(expected_pem_header),
605	"-----BEGIN %s PARAMETERS-----", type), 0)
606	&& TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
607	}
608
609	static int test_params_via_DER(const char type, EVP_PKEY key)
610	{
611	return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
612	"DER", "type-specific", NULL, NULL,
613	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
614	test_mem, check_params_DER,
615	dump_der, FLAG_DECODE_WITH_TYPE);
616	}
617
618	static int test_params_via_PEM(const char type, EVP_PKEY key)
619	{
620	return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
621	"PEM", "type-specific", NULL, NULL,
622	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
623	test_text, check_params_PEM,
624	dump_pem, 0);
625	}
626	#endif /* !OPENSSL_NO_KEYPARAMS */
627
628	static int check_unprotected_legacy_PEM(const char *file, const int line,
629	const char *type,
630	const void *data, size_t data_len)
631	{
632	static char expected_pem_header[80];
633
634	return
635	TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
636	sizeof(expected_pem_header),
637	"-----BEGIN %s PRIVATE KEY-----", type), 0)
638	&& TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
639	}
640
641	static int test_unprotected_via_legacy_PEM(const char type, EVP_PKEY key)
642	{
643	if (!default_libctx \|\| is_fips)
644	return TEST_skip("Test not available if using a non-default library context or FIPS provider");
645
646	return test_encode_decode(__FILE__, __LINE__, type, key,
647	OSSL_KEYMGMT_SELECT_KEYPAIR
648	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
649	"PEM", "type-specific", NULL, NULL,
650	encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
651	test_text, check_unprotected_legacy_PEM,
652	dump_pem, 0);
653	}
654
655	static int check_MSBLOB(const char *file, const int line,
656	const char type, const void data, size_t data_len)
657	{
658	const unsigned char *datap = data;
659	EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
660	int ok = TEST_FL_ptr(pkey);
661
662	EVP_PKEY_free(pkey);
663	return ok;
664	}
665
666	static int test_unprotected_via_MSBLOB(const char type, EVP_PKEY key)
667	{
668	return test_encode_decode(__FILE__, __LINE__, type, key,
669	OSSL_KEYMGMT_SELECT_KEYPAIR
670	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
671	"MSBLOB", NULL, NULL, NULL,
672	encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
673	test_mem, check_MSBLOB,
674	dump_der, 0);
675	}
676
677	static int check_PVK(const char *file, const int line,
678	const char type, const void data, size_t data_len)
679	{
680	const unsigned char *in = data;
681	unsigned int saltlen = 0, keylen = 0;
682	int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
683
684	return ok;
685	}
686
687	static int test_unprotected_via_PVK(const char type, EVP_PKEY key)
688	{
689	return test_encode_decode(__FILE__, __LINE__, type, key,
690	OSSL_KEYMGMT_SELECT_KEYPAIR
691	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
692	"PVK", NULL, NULL, NULL,
693	encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
694	test_mem, check_PVK,
695	dump_der, 0);
696	}
697
698	static const char *pass_cipher = "AES-256-CBC";
699	static const char *pass = "the holy handgrenade of antioch";
700
701	static int check_protected_PKCS8_DER(const char *file, const int line,
702	const char *type,
703	const void *data, size_t data_len)
704	{
705	const unsigned char *datap = data;
706	X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
707	int ok = TEST_FL_ptr(p8);
708
709	X509_SIG_free(p8);
710	return ok;
711	}
712
713	static int test_protected_via_DER(const char type, EVP_PKEY key, int fips)
714	{
715	return test_encode_decode(__FILE__, __LINE__, type, key,
716	OSSL_KEYMGMT_SELECT_KEYPAIR
717	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
718	"DER", "EncryptedPrivateKeyInfo",
719	pass, pass_cipher,
720	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
721	test_mem, check_protected_PKCS8_DER,
722	dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
723	}
724
725	static int check_protected_PKCS8_PEM(const char *file, const int line,
726	const char *type,
727	const void *data, size_t data_len)
728	{
729	static const char expected_pem_header[] =
730	"-----BEGIN " PEM_STRING_PKCS8 "-----";
731
732	return TEST_FL_strn_eq(data, expected_pem_header,
733	sizeof(expected_pem_header) - 1);
734	}
735
736	static int test_protected_via_PEM(const char type, EVP_PKEY key, int fips)
737	{
738	return test_encode_decode(__FILE__, __LINE__, type, key,
739	OSSL_KEYMGMT_SELECT_KEYPAIR
740	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
741	"PEM", "EncryptedPrivateKeyInfo",
742	pass, pass_cipher,
743	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
744	test_text, check_protected_PKCS8_PEM,
745	dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
746	}
747
748	static int check_protected_legacy_PEM(const char *file, const int line,
749	const char *type,
750	const void *data, size_t data_len)
751	{
752	static char expected_pem_header[80];
753
754	return
755	TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
756	sizeof(expected_pem_header),
757	"-----BEGIN %s PRIVATE KEY-----", type), 0)
758	&& TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
759	&& TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
760	}
761
762	static int test_protected_via_legacy_PEM(const char type, EVP_PKEY key)
763	{
764	if (!default_libctx \|\| is_fips)
765	return TEST_skip("Test not available if using a non-default library context or FIPS provider");
766
767	return test_encode_decode(__FILE__, __LINE__, type, key,
768	OSSL_KEYMGMT_SELECT_KEYPAIR
769	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
770	"PEM", "type-specific", pass, pass_cipher,
771	encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
772	test_text, check_protected_legacy_PEM,
773	dump_pem, 0);
774	}
775
776	#ifndef OPENSSL_NO_RC4
777	static int test_protected_via_PVK(const char type, EVP_PKEY key)
778	{
779	int ret = 0;
780	OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
781	if (lgcyprov == NULL)
782	return TEST_skip("Legacy provider not available");
783
784	ret = test_encode_decode(__FILE__, __LINE__, type, key,
785	OSSL_KEYMGMT_SELECT_KEYPAIR
786	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
787	"PVK", NULL, pass, NULL,
788	encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
789	test_mem, check_PVK, dump_der, 0);
790	OSSL_PROVIDER_unload(lgcyprov);
791	return ret;
792	}
793	#endif
794
795	static int check_public_DER(const char *file, const int line,
796	const char type, const void data, size_t data_len)
797	{
798	const unsigned char *datap = data;
799	EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq);
800	int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
801
802	EVP_PKEY_free(pkey);
803	return ok;
804	}
805
806	static int test_public_via_DER(const char type, EVP_PKEY key, int fips)
807	{
808	return test_encode_decode(__FILE__, __LINE__, type, key,
809	OSSL_KEYMGMT_SELECT_PUBLIC_KEY
810	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
811	"DER", "SubjectPublicKeyInfo", NULL, NULL,
812	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
813	test_mem, check_public_DER, dump_der,
814	fips ? 0 : FLAG_FAIL_IF_FIPS);
815	}
816
817	static int check_public_PEM(const char *file, const int line,
818	const char type, const void data, size_t data_len)
819	{
820	static const char expected_pem_header[] =
821	"-----BEGIN " PEM_STRING_PUBLIC "-----";
822
823	return
824	TEST_FL_strn_eq(data, expected_pem_header,
825	sizeof(expected_pem_header) - 1);
826	}
827
828	static int test_public_via_PEM(const char type, EVP_PKEY key, int fips)
829	{
830	return test_encode_decode(__FILE__, __LINE__, type, key,
831	OSSL_KEYMGMT_SELECT_PUBLIC_KEY
832	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
833	"PEM", "SubjectPublicKeyInfo", NULL, NULL,
834	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
835	test_text, check_public_PEM, dump_pem,
836	fips ? 0 : FLAG_FAIL_IF_FIPS);
837	}
838
839	static int check_public_MSBLOB(const char *file, const int line,
840	const char *type,
841	const void *data, size_t data_len)
842	{
843	const unsigned char *datap = data;
844	EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
845	int ok = TEST_FL_ptr(pkey);
846
847	EVP_PKEY_free(pkey);
848	return ok;
849	}
850
851	static int test_public_via_MSBLOB(const char type, EVP_PKEY key)
852	{
853	return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
854	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
855	"MSBLOB", NULL, NULL, NULL,
856	encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
857	test_mem, check_public_MSBLOB, dump_der, 0);
858	}
859
860	#define KEYS(KEYTYPE) \
861	static EVP_PKEY *key_##KEYTYPE = NULL
862	#define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
863	ok = ok \
864	&& TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
865	#define FREE_KEYS(KEYTYPE) \
866	EVP_PKEY_free(key_##KEYTYPE); \
867
868	#define DOMAIN_KEYS(KEYTYPE) \
869	static EVP_PKEY *template_##KEYTYPE = NULL; \
870	static EVP_PKEY *key_##KEYTYPE = NULL
871	#define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
872	ok = ok \
873	&& TEST_ptr(template_##KEYTYPE = \
874	make_template(KEYTYPEstr, params)) \
875	&& TEST_ptr(key_##KEYTYPE = \
876	make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
877	#define FREE_DOMAIN_KEYS(KEYTYPE) \
878	EVP_PKEY_free(template_##KEYTYPE); \
879	EVP_PKEY_free(key_##KEYTYPE)
880
881	#define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \
882	static int test_unprotected_##KEYTYPE##_via_DER(void) \
883	{ \
884	return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
885	} \
886	static int test_unprotected_##KEYTYPE##_via_PEM(void) \
887	{ \
888	return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
889	} \
890	static int test_protected_##KEYTYPE##_via_DER(void) \
891	{ \
892	return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
893	} \
894	static int test_protected_##KEYTYPE##_via_PEM(void) \
895	{ \
896	return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
897	} \
898	static int test_public_##KEYTYPE##_via_DER(void) \
899	{ \
900	return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
901	} \
902	static int test_public_##KEYTYPE##_via_PEM(void) \
903	{ \
904	return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
905	}
906
907	#define ADD_TEST_SUITE(KEYTYPE) \
908	ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
909	ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
910	ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
911	ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
912	ADD_TEST(test_public_##KEYTYPE##_via_DER); \
913	ADD_TEST(test_public_##KEYTYPE##_via_PEM)
914
915	#define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
916	static int test_params_##KEYTYPE##_via_DER(void) \
917	{ \
918	return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
919	} \
920	static int test_params_##KEYTYPE##_via_PEM(void) \
921	{ \
922	return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
923	}
924
925	#define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
926	ADD_TEST(test_params_##KEYTYPE##_via_DER); \
927	ADD_TEST(test_params_##KEYTYPE##_via_PEM)
928
929	#define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
930	static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
931	{ \
932	return \
933	test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
934	} \
935	static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
936	{ \
937	return \
938	test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
939	}
940
941	#define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
942	ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
943	ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
944
945	#define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
946	static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
947	{ \
948	return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
949	} \
950	static int test_public_##KEYTYPE##_via_MSBLOB(void) \
951	{ \
952	return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
953	}
954
955	#define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
956	ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
957	ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
958
959	#define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
960	static int test_unprotected_##KEYTYPE##_via_PVK(void) \
961	{ \
962	return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
963	}
964	# define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
965	ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
966	#ifndef OPENSSL_NO_RC4
967	# define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
968	static int test_protected_##KEYTYPE##_via_PVK(void) \
969	{ \
970	return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
971	}
972	# define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
973	ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
974	#endif
975
976	#ifndef OPENSSL_NO_DH
977	DOMAIN_KEYS(DH);
978	IMPLEMENT_TEST_SUITE(DH, "DH", 1)
979	IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
980	DOMAIN_KEYS(DHX);
981	IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1)
982	IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
983	/*
984	* DH has no support for PEM_write_bio_PrivateKey_traditional(),
985	* so no legacy tests.
986	*/
987	#endif
988	#ifndef OPENSSL_NO_DSA
989	DOMAIN_KEYS(DSA);
990	IMPLEMENT_TEST_SUITE(DSA, "DSA", 1)
991	IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
992	IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
993	IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
994	IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
995	# ifndef OPENSSL_NO_RC4
996	IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
997	# endif
998	#endif
999	#ifndef OPENSSL_NO_EC
1000	DOMAIN_KEYS(EC);
1001	IMPLEMENT_TEST_SUITE(EC, "EC", 1)
1002	IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
1003	IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
1004	DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1005	IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
1006	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
1007	DOMAIN_KEYS(ECExplicitPrime2G);
1008	IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)
1009	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
1010	# ifndef OPENSSL_NO_EC2M
1011	DOMAIN_KEYS(ECExplicitTriNamedCurve);
1012	IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
1013	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
1014	DOMAIN_KEYS(ECExplicitTri2G);
1015	IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0)
1016	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
1017	# endif
1018	KEYS(ED25519);
1019	IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1)
1020	KEYS(ED448);
1021	IMPLEMENT_TEST_SUITE(ED448, "ED448", 1)
1022	KEYS(X25519);
1023	IMPLEMENT_TEST_SUITE(X25519, "X25519", 1)
1024	KEYS(X448);
1025	IMPLEMENT_TEST_SUITE(X448, "X448", 1)
1026	/*
1027	* ED25519, ED448, X25519 and X448 have no support for
1028	* PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1029	*/
1030	#endif
1031	KEYS(RSA);
1032	IMPLEMENT_TEST_SUITE(RSA, "RSA", 1)
1033	IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
1034	KEYS(RSA_PSS);
1035	IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1)
1036	/*
1037	* RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1038	* so no legacy tests.
1039	*/
1040	IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
1041	IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
1042	#ifndef OPENSSL_NO_RC4
1043	IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1044	#endif
1045
1046	#ifndef OPENSSL_NO_EC
1047	/* Explicit parameters that match a named curve */
1048	static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1049	const unsigned char *gen,
1050	size_t gen_len)
1051	{
1052	BIGNUM a, b, prime, order;
1053
1054	/* Curve prime256v1 */
1055	static const unsigned char prime_data[] = {
1056	0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1057	0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1058	0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1059	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1060	0xff
1061	};
1062	static const unsigned char a_data[] = {
1063	0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1064	0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1065	0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1066	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1067	0xfc
1068	};
1069	static const unsigned char b_data[] = {
1070	0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1071	0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1072	0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1073	0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1074	};
1075	static const unsigned char seed[] = {
1076	0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1077	0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1078	0x81, 0x9f, 0x7e, 0x90
1079	};
1080	static const unsigned char order_data[] = {
1081	0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1082	0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1083	0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1084	0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1085	};
1086	return TEST_ptr(a = BN_CTX_get(bnctx))
1087	&& TEST_ptr(b = BN_CTX_get(bnctx))
1088	&& TEST_ptr(prime = BN_CTX_get(bnctx))
1089	&& TEST_ptr(order = BN_CTX_get(bnctx))
1090	&& TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1091	&& TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1092	&& TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1093	&& TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1094	&& TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1095	OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1096	0))
1097	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1098	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1099	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1100	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1101	OSSL_PKEY_PARAM_EC_ORDER, order))
1102	&& TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1103	OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1104	&& TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1105	OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1106	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1107	BN_value_one()));
1108	}
1109
1110	static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1111	{
1112	static const unsigned char prime256v1_gen[] = {
1113	0x04,
1114	0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1115	0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1116	0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1117	0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1118	0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1119	0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1120	0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1121	0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1122	};
1123	return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1124	sizeof(prime256v1_gen));
1125	}
1126
1127	static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1128	{
1129	/* 2G */
1130	static const unsigned char prime256v1_gen2[] = {
1131	0x04,
1132	0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1133	0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1134	0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1135	0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1136	0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1137	0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1138	0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1139	0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1140	};
1141	return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1142	sizeof(prime256v1_gen2));
1143	}
1144
1145	# ifndef OPENSSL_NO_EC2M
1146	static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1147	const unsigned char *gen,
1148	size_t gen_len)
1149	{
1150	BIGNUM a, b, poly, order, *cofactor;
1151	/* sect233k1 characteristic-two-field tpBasis */
1152	static const unsigned char poly_data[] = {
1153	0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1154	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1155	0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1156	};
1157	static const unsigned char a_data[] = {
1158	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1159	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1160	0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1161	};
1162	static const unsigned char b_data[] = {
1163	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1164	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1165	0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1166	};
1167	static const unsigned char order_data[] = {
1168	0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1169	0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1170	0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1171	};
1172	static const unsigned char cofactor_data[]= {
1173	0x4
1174	};
1175	return TEST_ptr(a = BN_CTX_get(bnctx))
1176	&& TEST_ptr(b = BN_CTX_get(bnctx))
1177	&& TEST_ptr(poly = BN_CTX_get(bnctx))
1178	&& TEST_ptr(order = BN_CTX_get(bnctx))
1179	&& TEST_ptr(cofactor = BN_CTX_get(bnctx))
1180	&& TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1181	&& TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1182	&& TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1183	&& TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1184	&& TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1185	&& TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1186	OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1187	SN_X9_62_characteristic_two_field, 0))
1188	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1189	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1190	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1191	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1192	OSSL_PKEY_PARAM_EC_ORDER, order))
1193	&& TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1194	OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1195	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1196	cofactor));
1197	}
1198
1199	static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1200	{
1201	static const unsigned char gen[] = {
1202	0x04,
1203	0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1204	0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1205	0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1206	0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1207	0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1208	0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1209	};
1210	return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1211	}
1212
1213	static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1214	{
1215	static const unsigned char gen2[] = {
1216	0x04,
1217	0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1218	0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1219	0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1220	0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1221	0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1222	0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1223	};
1224	return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1225	}
1226	# endif /* OPENSSL_NO_EC2M */
1227	#endif /* OPENSSL_NO_EC */
1228
1229	typedef enum OPTION_choice {
1230	OPT_ERR = -1,
1231	OPT_EOF = 0,
1232	OPT_CONTEXT,
1233	OPT_RSA_FILE,
1234	OPT_RSA_PSS_FILE,
1235	OPT_CONFIG_FILE,
1236	OPT_PROVIDER_NAME,
1237	OPT_TEST_ENUM
1238	} OPTION_CHOICE;
1239
1240	const OPTIONS *test_get_options(void)
1241	{
1242	static const OPTIONS options[] = {
1243	OPT_TEST_OPTIONS_DEFAULT_USAGE,
1244	{ "context", OPT_CONTEXT, '-',
1245	"Explicitly use a non-default library context" },
1246	{ "rsa", OPT_RSA_FILE, '<',
1247	"PEM format RSA key file to encode/decode" },
1248	{ "pss", OPT_RSA_PSS_FILE, '<',
1249	"PEM format RSA-PSS key file to encode/decode" },
1250	{ "config", OPT_CONFIG_FILE, '<',
1251	"The configuration file to use for the library context" },
1252	{ "provider", OPT_PROVIDER_NAME, 's',
1253	"The provider to load (The default value is 'default')" },
1254	{ NULL }
1255	};
1256	return options;
1257	}
1258
1259	int setup_tests(void)
1260	{
1261	const char *rsa_file = NULL;
1262	const char *rsa_pss_file = NULL;
1263	const char *prov_name = "default";
1264	char *config_file = NULL;
1265	int ok = 1;
1266
1267	#ifndef OPENSSL_NO_DSA
1268	static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1269	static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1270	OSSL_PARAM DSA_params[] = {
1271	OSSL_PARAM_size_t("pbits", &pbits),
1272	OSSL_PARAM_size_t("qbits", &qbits),
1273	OSSL_PARAM_END
1274	};
1275	#endif
1276
1277	#ifndef OPENSSL_NO_EC
1278	static char groupname[] = "prime256v1";
1279	OSSL_PARAM EC_params[] = {
1280	OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1281	OSSL_PARAM_END
1282	};
1283	#endif
1284
1285	OPTION_CHOICE o;
1286
1287	while ((o = opt_next()) != OPT_EOF) {
1288	switch (o) {
1289	case OPT_CONTEXT:
1290	default_libctx = 0;
1291	break;
1292	case OPT_PROVIDER_NAME:
1293	prov_name = opt_arg();
1294	break;
1295	case OPT_CONFIG_FILE:
1296	config_file = opt_arg();
1297	break;
1298	case OPT_RSA_FILE:
1299	rsa_file = opt_arg();
1300	break;
1301	case OPT_RSA_PSS_FILE:
1302	rsa_pss_file = opt_arg();
1303	break;
1304	case OPT_TEST_CASES:
1305	break;
1306	default:
1307	return 0;
1308	}
1309	}
1310
1311	if (strcmp(prov_name, "fips") == 0)
1312	is_fips = 1;
1313
1314	if (default_libctx) {
1315	if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name))
1316	return 0;
1317	} else {
1318	if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name))
1319	return 0;
1320	}
1321
1322	/* Separate provider/ctx for generating the test data */
1323	if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1324	return 0;
1325	if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default")))
1326	return 0;
1327
1328	#ifndef OPENSSL_NO_EC
1329	if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx))
1330	\|\| !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1331	\|\| !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1332	\|\| !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1333	\|\| !create_ec_explicit_prime_params(bld_prime)
1334	\|\| !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1335	\|\| !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1336	# ifndef OPENSSL_NO_EC2M
1337	\|\| !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1338	\|\| !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1339	\|\| !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1340	\|\| !create_ec_explicit_trinomial_params(bld_tri)
1341	\|\| !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1342	\|\| !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1343	# endif
1344	)
1345	return 0;
1346	#endif
1347
1348	TEST_info("Generating keys...");
1349
1350	#ifndef OPENSSL_NO_DH
1351	TEST_info("Generating DH keys...");
1352	MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1353	MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1354	#endif
1355	#ifndef OPENSSL_NO_DSA
1356	TEST_info("Generating DSA keys...");
1357	MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1358	#endif
1359	#ifndef OPENSSL_NO_EC
1360	TEST_info("Generating EC keys...");
1361	MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1362	MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1363	MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1364	# ifndef OPENSSL_NO_EC2M
1365	MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1366	MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1367	# endif
1368	MAKE_KEYS(ED25519, "ED25519", NULL);
1369	MAKE_KEYS(ED448, "ED448", NULL);
1370	MAKE_KEYS(X25519, "X25519", NULL);
1371	MAKE_KEYS(X448, "X448", NULL);
1372	#endif
1373	TEST_info("Loading RSA key...");
1374	ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx));
1375	TEST_info("Loading RSA_PSS key...");
1376	ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx));
1377	TEST_info("Generating keys done");
1378
1379	if (ok) {
1380	#ifndef OPENSSL_NO_DH
1381	ADD_TEST_SUITE(DH);
1382	ADD_TEST_SUITE_PARAMS(DH);
1383	ADD_TEST_SUITE(DHX);
1384	ADD_TEST_SUITE_PARAMS(DHX);
1385	/*
1386	* DH has no support for PEM_write_bio_PrivateKey_traditional(),
1387	* so no legacy tests.
1388	*/
1389	#endif
1390	#ifndef OPENSSL_NO_DSA
1391	ADD_TEST_SUITE(DSA);
1392	ADD_TEST_SUITE_PARAMS(DSA);
1393	ADD_TEST_SUITE_LEGACY(DSA);
1394	ADD_TEST_SUITE_MSBLOB(DSA);
1395	ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1396	# ifndef OPENSSL_NO_RC4
1397	ADD_TEST_SUITE_PROTECTED_PVK(DSA);
1398	# endif
1399	#endif
1400	#ifndef OPENSSL_NO_EC
1401	ADD_TEST_SUITE(EC);
1402	ADD_TEST_SUITE_PARAMS(EC);
1403	ADD_TEST_SUITE_LEGACY(EC);
1404	ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1405	ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1406	ADD_TEST_SUITE(ECExplicitPrime2G);
1407	ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1408	# ifndef OPENSSL_NO_EC2M
1409	ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1410	ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1411	ADD_TEST_SUITE(ECExplicitTri2G);
1412	ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1413	# endif
1414	ADD_TEST_SUITE(ED25519);
1415	ADD_TEST_SUITE(ED448);
1416	ADD_TEST_SUITE(X25519);
1417	ADD_TEST_SUITE(X448);
1418	/*
1419	* ED25519, ED448, X25519 and X448 have no support for
1420	* PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1421	*/
1422	#endif
1423	ADD_TEST_SUITE(RSA);
1424	ADD_TEST_SUITE_LEGACY(RSA);
1425	ADD_TEST_SUITE(RSA_PSS);
1426	/*
1427	* RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1428	* so no legacy tests.
1429	*/
1430	ADD_TEST_SUITE_MSBLOB(RSA);
1431	ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1432	# ifndef OPENSSL_NO_RC4
1433	ADD_TEST_SUITE_PROTECTED_PVK(RSA);
1434	# endif
1435	}
1436
1437	return 1;
1438	}
1439
1440	void cleanup_tests(void)
1441	{
1442	#ifndef OPENSSL_NO_EC
1443	OSSL_PARAM_free(ec_explicit_prime_params_nc);
1444	OSSL_PARAM_free(ec_explicit_prime_params_explicit);
1445	OSSL_PARAM_BLD_free(bld_prime_nc);
1446	OSSL_PARAM_BLD_free(bld_prime);
1447	# ifndef OPENSSL_NO_EC2M
1448	OSSL_PARAM_free(ec_explicit_tri_params_nc);
1449	OSSL_PARAM_free(ec_explicit_tri_params_explicit);
1450	OSSL_PARAM_BLD_free(bld_tri_nc);
1451	OSSL_PARAM_BLD_free(bld_tri);
1452	# endif
1453	BN_CTX_free(bnctx);
1454	#endif /* OPENSSL_NO_EC */
1455
1456	#ifndef OPENSSL_NO_DH
1457	FREE_DOMAIN_KEYS(DH);
1458	FREE_DOMAIN_KEYS(DHX);
1459	#endif
1460	#ifndef OPENSSL_NO_DSA
1461	FREE_DOMAIN_KEYS(DSA);
1462	#endif
1463	#ifndef OPENSSL_NO_EC
1464	FREE_DOMAIN_KEYS(EC);
1465	FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1466	FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1467	# ifndef OPENSSL_NO_EC2M
1468	FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1469	FREE_DOMAIN_KEYS(ECExplicitTri2G);
1470	# endif
1471	FREE_KEYS(ED25519);
1472	FREE_KEYS(ED448);
1473	FREE_KEYS(X25519);
1474	FREE_KEYS(X448);
1475	#endif
1476	FREE_KEYS(RSA);
1477	FREE_KEYS(RSA_PSS);
1478
1479	OSSL_PROVIDER_unload(nullprov);
1480	OSSL_PROVIDER_unload(deflprov);
1481	OSSL_PROVIDER_unload(keyprov);
1482	OSSL_LIB_CTX_free(testctx);
1483	OSSL_LIB_CTX_free(keyctx);
1484	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.0.7/test/endecode_test.c@ 97371

以其他格式下載: