evp_pkey_provided_test.c@ 105945

最後變更在這個檔案從105945是 105945,由 vboxsync 提交於 7 月前
openssl-3.1.7: Applied and adjusted our OpenSSL changes to 3.1.7. bugref:10757
檔案大小: 69.5 KB

行
1	/*
2	* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h> /* memset */
11	#include <openssl/evp.h>
12	#include <openssl/pem.h>
13	#include <openssl/encoder.h>
14	#include <openssl/provider.h>
15	#include <openssl/param_build.h>
16	#include <openssl/core_names.h>
17	#include <openssl/sha.h>
18	#include "crypto/ecx.h"
19	#include "crypto/evp.h" /* For the internal API */
20	#include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21	#include "internal/nelem.h"
22	#include "testutil.h"
23
24	static char *datadir = NULL;
25
26	/*
27	* Do not change the order of the following defines unless you also
28	* update the for loop bounds used inside test_print_key_using_encoder() and
29	* test_print_key_using_encoder_public().
30	*/
31	#define PRIV_TEXT 0
32	#define PRIV_PEM 1
33	#define PRIV_DER 2
34	#define PUB_TEXT 3
35	#define PUB_PEM 4
36	#define PUB_DER 5
37
38	static void stripcr(char buf, size_t len)
39	{
40	size_t i;
41	char curr, writ;
42
43	for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
44	if (*curr == '\r') {
45	(*len)--;
46	continue;
47	}
48	if (curr != writ)
49	writ = curr;
50	writ++;
51	}
52	}
53
54	static int compare_with_file(const char alg, int type, BIO membio)
55	{
56	char filename[80];
57	BIO *file = NULL;
58	char buf[4096];
59	char memdata, fullfile = NULL;
60	const char *suffix;
61	size_t readbytes;
62	int ret = 0;
63	int len;
64	size_t slen;
65
66	switch (type) {
67	case PRIV_TEXT:
68	suffix = "priv.txt";
69	break;
70
71	case PRIV_PEM:
72	suffix = "priv.pem";
73	break;
74
75	case PRIV_DER:
76	suffix = "priv.der";
77	break;
78
79	case PUB_TEXT:
80	suffix = "pub.txt";
81	break;
82
83	case PUB_PEM:
84	suffix = "pub.pem";
85	break;
86
87	case PUB_DER:
88	suffix = "pub.der";
89	break;
90
91	default:
92	TEST_error("Invalid file type");
93	goto err;
94	}
95
96	BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97	fullfile = test_mk_file_path(datadir, filename);
98	if (!TEST_ptr(fullfile))
99	goto err;
100
101	file = BIO_new_file(fullfile, "rb");
102	if (!TEST_ptr(file))
103	goto err;
104
105	if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106	\|\| !TEST_true(BIO_eof(file))
107	\|\| !TEST_size_t_lt(readbytes, sizeof(buf)))
108	goto err;
109
110	len = BIO_get_mem_data(membio, &memdata);
111	if (!TEST_int_gt(len, 0))
112	goto err;
113
114	slen = len;
115	if (type != PRIV_DER && type != PUB_DER) {
116	stripcr(memdata, &slen);
117	stripcr(buf, &readbytes);
118	}
119
120	if (!TEST_mem_eq(memdata, slen, buf, readbytes))
121	goto err;
122
123	ret = 1;
124	err:
125	OPENSSL_free(fullfile);
126	(void)BIO_reset(membio);
127	BIO_free(file);
128	return ret;
129	}
130
131	static int pass_cb(char buf, int size, int rwflag, void u)
132	{
133	return 0;
134	}
135
136	static int pass_cb_error(char buf, int size, int rwflag, void u)
137	{
138	return -1;
139	}
140
141	static int test_print_key_using_pem(const char alg, const EVP_PKEY pk)
142	{
143	BIO *membio = BIO_new(BIO_s_mem());
144	int ret = 0;
145
146	if (!TEST_ptr(membio))
147	goto err;
148
149	if (/* Output Encrypted private key in PEM form */
150	!TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151	(unsigned char *)"pass", 4,
152	NULL, NULL))
153	/* Output zero-length passphrase encrypted private key in PEM form */
154	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
155	EVP_aes_256_cbc(),
156	(const char *)~0, 0,
157	NULL, NULL))
158	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
159	EVP_aes_256_cbc(),
160	NULL, 0, NULL, ""))
161	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
162	EVP_aes_256_cbc(),
163	NULL, 0, pass_cb, NULL))
164	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
165	EVP_aes_256_cbc(),
166	NULL, 0, pass_cb_error,
167	NULL))
168	#ifndef OPENSSL_NO_DES
169	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
170	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
171	(const char *)~0, 0, NULL, NULL))
172	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
173	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
174	NULL, ""))
175	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
176	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
177	pass_cb, NULL))
178	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
179	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
180	pass_cb_error, NULL))
181	#endif
182	/* Private key in text form */
183	\|\| !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
184	\|\| !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
185	/* Public key in PEM form */
186	\|\| !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
187	\|\| !TEST_true(compare_with_file(alg, PUB_PEM, membio))
188	/* Unencrypted private key in PEM form */
189	\|\| !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
190	NULL, NULL, 0, NULL, NULL))
191	\|\| !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
192	/* NULL key */
193	\|\| !TEST_false(PEM_write_bio_PrivateKey(membio, NULL,
194	NULL, NULL, 0, NULL, NULL))
195	\|\| !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL,
196	NULL, NULL, 0, NULL, NULL)))
197	goto err;
198
199	ret = 1;
200	err:
201	BIO_free(membio);
202	return ret;
203	}
204
205	static int test_print_key_type_using_encoder(const char *alg, int type,
206	const EVP_PKEY *pk)
207	{
208	const char output_type, output_structure;
209	int selection;
210	OSSL_ENCODER_CTX *ctx = NULL;
211	BIO *membio = BIO_new(BIO_s_mem());
212	int ret = 0;
213
214	switch (type) {
215	case PRIV_TEXT:
216	output_type = "TEXT";
217	output_structure = NULL;
218	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
219	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
220	break;
221
222	case PRIV_PEM:
223	output_type = "PEM";
224	output_structure = "PrivateKeyInfo";
225	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
226	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
227	break;
228
229	case PRIV_DER:
230	output_type = "DER";
231	output_structure = "PrivateKeyInfo";
232	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
233	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
234	break;
235
236	case PUB_TEXT:
237	output_type = "TEXT";
238	output_structure = NULL;
239	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
240	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
241	break;
242
243	case PUB_PEM:
244	output_type = "PEM";
245	output_structure = "SubjectPublicKeyInfo";
246	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
247	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
248	break;
249
250	case PUB_DER:
251	output_type = "DER";
252	output_structure = "SubjectPublicKeyInfo";
253	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
254	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
255	break;
256
257	default:
258	TEST_error("Invalid encoding type");
259	goto err;
260	}
261
262	if (!TEST_ptr(membio))
263	goto err;
264
265	/* Make a context, it's valid for several prints */
266	TEST_note("Setting up a OSSL_ENCODER context with passphrase");
267	if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
268	output_type,
269	output_structure,
270	NULL))
271	/* Check that this operation is supported */
272	\|\| !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
273	goto err;
274
275	/* Use no cipher. This should give us an unencrypted PEM */
276	TEST_note("Testing with no encryption");
277	if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
278	\|\| !TEST_true(compare_with_file(alg, type, membio)))
279	goto err;
280
281	if (type == PRIV_PEM) {
282	/* Set a passphrase to be used later */
283	if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
284	(unsigned char *)"pass",
285	4)))
286	goto err;
287
288	/* Use a valid cipher name */
289	TEST_note("Displaying PEM encrypted with AES-256-CBC");
290	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
291	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
292	goto err;
293
294	/* Use an invalid cipher name, which should generate no output */
295	TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
296	if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
297	\|\| !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
298	goto err;
299
300	/* Clear the cipher. This should give us an unencrypted PEM again */
301	TEST_note("Testing with encryption cleared (no encryption)");
302	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
303	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
304	\|\| !TEST_true(compare_with_file(alg, type, membio)))
305	goto err;
306	}
307	ret = 1;
308	err:
309	BIO_free(membio);
310	OSSL_ENCODER_CTX_free(ctx);
311	return ret;
312	}
313
314	static int test_print_key_using_encoder(const char alg, const EVP_PKEY pk)
315	{
316	int i;
317	int ret = 1;
318
319	for (i = PRIV_TEXT; i <= PUB_DER; i++)
320	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
321
322	return ret;
323	}
324
325	#ifndef OPENSSL_NO_EC
326	static int test_print_key_using_encoder_public(const char *alg,
327	const EVP_PKEY *pk)
328	{
329	int i;
330	int ret = 1;
331
332	for (i = PUB_TEXT; i <= PUB_DER; i++)
333	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
334
335	return ret;
336	}
337	#endif
338
339	/* Array indexes used in test_fromdata_rsa */
340	#define N 0
341	#define E 1
342	#define D 2
343	#define P 3
344	#define Q 4
345	#define DP 5
346	#define DQ 6
347	#define QINV 7
348
349	static int test_fromdata_rsa(void)
350	{
351	int ret = 0, i;
352	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
353	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
354	/*
355	* 32-bit RSA key, extracted from this command,
356	* executed with OpenSSL 1.0.2:
357	*
358	* openssl genrsa 32 \| openssl rsa -text
359	*/
360	static unsigned long key_numbers[] = {
361	0xbc747fc5, /* N */
362	0x10001, /* E */
363	0x7b133399, /* D */
364	0xe963, /* P */
365	0xceb7, /* Q */
366	0x8599, /* DP */
367	0xbd87, /* DQ */
368	0xcc3b, /* QINV */
369	};
370	OSSL_PARAM fromdata_params[] = {
371	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
372	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
373	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
374	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
375	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
376	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
377	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
378	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
379	OSSL_PARAM_END
380	};
381	BIGNUM *bn = BN_new();
382	BIGNUM *bn_from = BN_new();
383
384	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
385	goto err;
386
387	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
388	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
389	fromdata_params), 1))
390	goto err;
391
392	for (;;) {
393	ret = 0;
394	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
395	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
396	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
397	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
398	goto err;
399
400	EVP_PKEY_CTX_free(key_ctx);
401	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
402	goto err;
403
404	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
405	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
406	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
407	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
408	goto err;
409
410	/* EVP_PKEY_copy_parameters() should fail for RSA */
411	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
412	\|\| !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
413	goto err;
414	EVP_PKEY_free(copy_pk);
415	copy_pk = NULL;
416
417	ret = test_print_key_using_pem("RSA", pk)
418	&& test_print_key_using_encoder("RSA", pk);
419
420	if (!ret \|\| dup_pk != NULL)
421	break;
422
423	if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
424	goto err;
425	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
426	EVP_PKEY_free(pk);
427	pk = dup_pk;
428	if (!ret)
429	goto err;
430	}
431	err:
432	/* for better diagnostics always compare key params */
433	for (i = 0; fromdata_params[i].key != NULL; ++i) {
434	if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
435	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
436	\|\| !TEST_BN_eq(bn, bn_from))
437	ret = 0;
438	}
439	BN_free(bn_from);
440	BN_free(bn);
441	EVP_PKEY_free(pk);
442	EVP_PKEY_free(copy_pk);
443	EVP_PKEY_CTX_free(key_ctx);
444	EVP_PKEY_CTX_free(ctx);
445
446	return ret;
447	}
448
449	static int test_evp_pkey_get_bn_param_large(void)
450	{
451	int ret = 0;
452	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
453	EVP_PKEY *pk = NULL;
454	OSSL_PARAM_BLD *bld = NULL;
455	OSSL_PARAM *fromdata_params = NULL;
456	BIGNUM n = NULL, e = NULL, d = NULL, n_out = NULL;
457	/*
458	* The buffer size chosen here for n_data larger than the buffer used
459	* internally in EVP_PKEY_get_bn_param.
460	*/
461	static unsigned char n_data[2050];
462	static const unsigned char e_data[] = {
463	0x1, 0x00, 0x01
464	};
465	static const unsigned char d_data[]= {
466	0x99, 0x33, 0x13, 0x7b
467	};
468
469	/* N is a large buffer */
470	memset(n_data, 0xCE, sizeof(n_data));
471
472	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
473	\|\| !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
474	\|\| !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
475	\|\| !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
476	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
477	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
478	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
479	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
480	\|\| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
481	\|\| !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
482	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
483	fromdata_params), 1)
484	\|\| !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
485	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
486	\|\| !TEST_BN_eq(n, n_out))
487	goto err;
488	ret = 1;
489	err:
490	BN_free(n_out);
491	BN_free(n);
492	BN_free(e);
493	BN_free(d);
494	EVP_PKEY_free(pk);
495	EVP_PKEY_CTX_free(key_ctx);
496	EVP_PKEY_CTX_free(ctx);
497	OSSL_PARAM_free(fromdata_params);
498	OSSL_PARAM_BLD_free(bld);
499	return ret;
500	}
501
502
503	#ifndef OPENSSL_NO_DH
504	static int test_fromdata_dh_named_group(void)
505	{
506	int ret = 0;
507	int gindex = 0, pcounter = 0, hindex = 0;
508	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
509	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
510	size_t len;
511	BIGNUM pub = NULL, priv = NULL;
512	BIGNUM pub_out = NULL, priv_out = NULL;
513	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
514	OSSL_PARAM *fromdata_params = NULL;
515	OSSL_PARAM_BLD *bld = NULL;
516	char name_out[80];
517	unsigned char seed_out[32];
518
519	/*
520	* DH key data was generated using the following:
521	* openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
522	* -pkeyopt priv_len:224 -text
523	*/
524	static const unsigned char priv_data[] = {
525	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
526	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
527	0x87, 0xe8, 0xa9, 0x7b,
528	};
529	static const unsigned char pub_data[] = {
530	0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
531	0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
532	0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
533	0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
534	0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
535	0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
536	0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
537	0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
538	0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
539	0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
540	0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
541	0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
542	0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
543	0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
544	0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
545	0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
546	0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
547	0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
548	0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
549	0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
550	0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
551	0xcf, 0x33, 0x42, 0x83, 0x42
552	};
553	static const char group_name[] = "ffdhe2048";
554	static const long priv_len = 224;
555
556	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
557	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
558	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
559	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
560	OSSL_PKEY_PARAM_GROUP_NAME,
561	group_name, 0))
562	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
563	priv_len))
564	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
565	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
566	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
567	goto err;
568
569	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
570	goto err;
571
572	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
573	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
574	fromdata_params), 1))
575	goto err;
576
577	/*
578	* A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
579	* it behaves as expected with regards to string length and terminating
580	* NUL byte.
581	*/
582	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
583	OSSL_PKEY_PARAM_GROUP_NAME,
584	NULL, sizeof(name_out),
585	&len))
586	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
587	/* Just enough space to hold the group name and a terminating NUL */
588	\|\| !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
589	OSSL_PKEY_PARAM_GROUP_NAME,
590	name_out,
591	sizeof(group_name),
592	&len))
593	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
594	/* Too small buffer to hold the terminating NUL byte */
595	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
596	OSSL_PKEY_PARAM_GROUP_NAME,
597	name_out,
598	sizeof(group_name) - 1,
599	&len))
600	/* Too small buffer to hold the whole group name, even! */
601	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
602	OSSL_PKEY_PARAM_GROUP_NAME,
603	name_out,
604	sizeof(group_name) - 2,
605	&len)))
606	goto err;
607
608	for (;;) {
609	ret = 0;
610	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
611	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
612	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
613	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
614	goto err;
615
616	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
617	OSSL_PKEY_PARAM_GROUP_NAME,
618	name_out,
619	sizeof(name_out),
620	&len))
621	\|\| !TEST_str_eq(name_out, group_name)
622	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
623	&pub_out))
624
625	\|\| !TEST_BN_eq(pub, pub_out)
626	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
627	&priv_out))
628	\|\| !TEST_BN_eq(priv, priv_out)
629	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
630	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
631	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
632	\|\| !TEST_ptr(q)
633	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
634	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
635	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
636	OSSL_PKEY_PARAM_FFC_COFACTOR,
637	&j))
638	\|\| !TEST_ptr_null(j)
639	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
640	OSSL_PKEY_PARAM_FFC_SEED,
641	seed_out,
642	sizeof(seed_out),
643	&len))
644	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
645	&gindex))
646	\|\| !TEST_int_eq(gindex, -1)
647	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
648	&hindex))
649	\|\| !TEST_int_eq(hindex, 0)
650	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
651	OSSL_PKEY_PARAM_FFC_PCOUNTER,
652	&pcounter))
653	\|\| !TEST_int_eq(pcounter, -1))
654	goto err;
655	BN_free(p);
656	p = NULL;
657	BN_free(q);
658	q = NULL;
659	BN_free(g);
660	g = NULL;
661	BN_free(j);
662	j = NULL;
663	BN_free(pub_out);
664	pub_out = NULL;
665	BN_free(priv_out);
666	priv_out = NULL;
667
668	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
669	goto err;
670
671	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
672	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
673	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
674	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
675	goto err;
676	EVP_PKEY_CTX_free(key_ctx);
677	key_ctx = NULL;
678
679	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
680	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
681	goto err;
682	EVP_PKEY_free(copy_pk);
683	copy_pk = NULL;
684
685	ret = test_print_key_using_pem("DH", pk)
686	&& test_print_key_using_encoder("DH", pk);
687
688	if (!ret \|\| dup_pk != NULL)
689	break;
690
691	if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
692	goto err;
693	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
694	EVP_PKEY_free(pk);
695	pk = dup_pk;
696	if (!ret)
697	goto err;
698	}
699	err:
700	BN_free(p);
701	BN_free(q);
702	BN_free(g);
703	BN_free(j);
704	BN_free(pub);
705	BN_free(priv);
706	BN_free(pub_out);
707	BN_free(priv_out);
708	EVP_PKEY_free(copy_pk);
709	EVP_PKEY_free(pk);
710	EVP_PKEY_CTX_free(ctx);
711	EVP_PKEY_CTX_free(key_ctx);
712	OSSL_PARAM_free(fromdata_params);
713	OSSL_PARAM_BLD_free(bld);
714
715	return ret;
716	}
717
718	static int test_fromdata_dh_fips186_4(void)
719	{
720	int ret = 0;
721	int gindex = 0, pcounter = 0, hindex = 0;
722	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
723	EVP_PKEY pk = NULL, dup_pk = NULL;
724	size_t len;
725	BIGNUM pub = NULL, priv = NULL;
726	BIGNUM pub_out = NULL, priv_out = NULL;
727	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
728	OSSL_PARAM_BLD *bld = NULL;
729	OSSL_PARAM *fromdata_params = NULL;
730	char name_out[80];
731	unsigned char seed_out[32];
732
733	/*
734	* DH key data was generated using the following:
735	* openssl genpkey -algorithm DH
736	* -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
737	*/
738	static const unsigned char priv_data[] = {
739	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
740	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
741	0x87, 0xe8, 0xa9, 0x7b,
742	};
743	static const unsigned char pub_data[] = {
744	0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
745	0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
746	0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
747	0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
748	0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
749	0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
750	0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
751	0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
752	0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
753	0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
754	0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
755	0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
756	0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
757	0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
758	0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
759	0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
760	0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
761	0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
762	0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
763	0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
764	0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
765	0x33, 0x42, 0x83, 0x42
766	};
767	static const char group_name[] = "ffdhe2048";
768	static const long priv_len = 224;
769
770
771	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
772	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
773	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
774	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
775	OSSL_PKEY_PARAM_GROUP_NAME,
776	group_name, 0))
777	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
778	priv_len))
779	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
780	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
781	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
782	goto err;
783
784	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
785	goto err;
786
787	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
788	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
789	fromdata_params), 1))
790	goto err;
791
792	for (;;) {
793	ret = 0;
794	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
795	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
796	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
797	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
798	goto err;
799
800	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
801	OSSL_PKEY_PARAM_GROUP_NAME,
802	name_out,
803	sizeof(name_out),
804	&len))
805	\|\| !TEST_str_eq(name_out, group_name)
806	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
807	&pub_out))
808	\|\| !TEST_BN_eq(pub, pub_out)
809	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
810	&priv_out))
811	\|\| !TEST_BN_eq(priv, priv_out)
812	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
813	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
814	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
815	\|\| !TEST_ptr(q)
816	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
817	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
818	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
819	OSSL_PKEY_PARAM_FFC_COFACTOR,
820	&j))
821	\|\| !TEST_ptr_null(j)
822	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
823	OSSL_PKEY_PARAM_FFC_SEED,
824	seed_out,
825	sizeof(seed_out),
826	&len))
827	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
828	OSSL_PKEY_PARAM_FFC_GINDEX,
829	&gindex))
830	\|\| !TEST_int_eq(gindex, -1)
831	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
832	&hindex))
833	\|\| !TEST_int_eq(hindex, 0)
834	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
835	OSSL_PKEY_PARAM_FFC_PCOUNTER,
836	&pcounter))
837	\|\| !TEST_int_eq(pcounter, -1))
838	goto err;
839	BN_free(p);
840	p = NULL;
841	BN_free(q);
842	q = NULL;
843	BN_free(g);
844	g = NULL;
845	BN_free(j);
846	j = NULL;
847	BN_free(pub_out);
848	pub_out = NULL;
849	BN_free(priv_out);
850	priv_out = NULL;
851
852	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
853	goto err;
854
855	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
856	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
857	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
858	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
859	goto err;
860	EVP_PKEY_CTX_free(key_ctx);
861	key_ctx = NULL;
862
863	ret = test_print_key_using_pem("DH", pk)
864	&& test_print_key_using_encoder("DH", pk);
865
866	if (!ret \|\| dup_pk != NULL)
867	break;
868
869	if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
870	goto err;
871	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
872	EVP_PKEY_free(pk);
873	pk = dup_pk;
874	if (!ret)
875	goto err;
876	}
877	err:
878	BN_free(p);
879	BN_free(q);
880	BN_free(g);
881	BN_free(j);
882	BN_free(pub);
883	BN_free(priv);
884	BN_free(pub_out);
885	BN_free(priv_out);
886	EVP_PKEY_free(pk);
887	EVP_PKEY_CTX_free(ctx);
888	EVP_PKEY_CTX_free(key_ctx);
889	OSSL_PARAM_free(fromdata_params);
890	OSSL_PARAM_BLD_free(bld);
891
892	return ret;
893	}
894
895	#endif
896
897
898
899	#ifndef OPENSSL_NO_EC
900	/* Array indexes used in test_fromdata_ecx */
901	# define PRIV_KEY 0
902	# define PUB_KEY 1
903
904	# define X25519_IDX 0
905	# define X448_IDX 1
906	# define ED25519_IDX 2
907	# define ED448_IDX 3
908
909	/*
910	* tst uses indexes 0 ... (3 * 4 - 1)
911	* For the 4 ECX key types (X25519_IDX..ED448_IDX)
912	* 0..3 = public + private key.
913	* 4..7 = private key (This will generate the public key from the private key)
914	* 8..11 = public key
915	*/
916	static int test_fromdata_ecx(int tst)
917	{
918	int ret = 0;
919	EVP_PKEY_CTX ctx = NULL, ctx2 = NULL;
920	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
921	const char *alg = NULL;
922	size_t len;
923	unsigned char out_pub[ED448_KEYLEN];
924	unsigned char out_priv[ED448_KEYLEN];
925	OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
926
927	/* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
928	static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
929	/* X25519: Keys from RFC 7748 6.1 */
930	{
931	/* Private Key */
932	{
933	0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
934	0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
935	0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
936	0x2c, 0x2a
937	},
938	/* Public Key */
939	{
940	0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
941	0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
942	0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
943	0x4e, 0x6a
944	}
945	},
946	/* X448: Keys from RFC 7748 6.2 */
947	{
948	/* Private Key */
949	{
950	0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
951	0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
952	0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
953	0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
954	0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
955	0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
956	},
957	/* Public Key */
958	{
959	0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
960	0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
961	0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
962	0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
963	0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
964	0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
965	}
966	},
967	/* ED25519: Keys from RFC 8032 */
968	{
969	/* Private Key */
970	{
971	0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
972	0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
973	0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
974	0x7f, 0x60
975	},
976	/* Public Key */
977	{
978	0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
979	0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
980	0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
981	0x51, 0x1a
982	}
983	},
984	/* ED448: Keys from RFC 8032 */
985	{
986	/* Private Key */
987	{
988	0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
989	0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
990	0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
991	0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
992	0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
993	0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
994	},
995	/* Public Key */
996	{
997	0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
998	0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
999	0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
1000	0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
1001	0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
1002	0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
1003	}
1004	}
1005	};
1006	OSSL_PARAM x25519_fromdata_params[] = {
1007	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1008	key_numbers[X25519_IDX][PRIV_KEY],
1009	X25519_KEYLEN),
1010	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1011	key_numbers[X25519_IDX][PUB_KEY],
1012	X25519_KEYLEN),
1013	OSSL_PARAM_END
1014	};
1015	OSSL_PARAM x448_fromdata_params[] = {
1016	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1017	key_numbers[X448_IDX][PRIV_KEY],
1018	X448_KEYLEN),
1019	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1020	key_numbers[X448_IDX][PUB_KEY],
1021	X448_KEYLEN),
1022	OSSL_PARAM_END
1023	};
1024	OSSL_PARAM ed25519_fromdata_params[] = {
1025	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1026	key_numbers[ED25519_IDX][PRIV_KEY],
1027	ED25519_KEYLEN),
1028	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1029	key_numbers[ED25519_IDX][PUB_KEY],
1030	ED25519_KEYLEN),
1031	OSSL_PARAM_END
1032	};
1033	OSSL_PARAM ed448_fromdata_params[] = {
1034	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1035	key_numbers[ED448_IDX][PRIV_KEY],
1036	ED448_KEYLEN),
1037	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1038	key_numbers[ED448_IDX][PUB_KEY],
1039	ED448_KEYLEN),
1040	OSSL_PARAM_END
1041	};
1042	OSSL_PARAM *fromdata_params = NULL;
1043	int bits = 0, security_bits = 0, size = 0;
1044	OSSL_PARAM *orig_fromdata_params = NULL;
1045
1046	switch (tst & 3) {
1047	case X25519_IDX:
1048	fromdata_params = x25519_fromdata_params;
1049	bits = X25519_BITS;
1050	security_bits = X25519_SECURITY_BITS;
1051	size = X25519_KEYLEN;
1052	alg = "X25519";
1053	break;
1054
1055	case X448_IDX:
1056	fromdata_params = x448_fromdata_params;
1057	bits = X448_BITS;
1058	security_bits = X448_SECURITY_BITS;
1059	size = X448_KEYLEN;
1060	alg = "X448";
1061	break;
1062
1063	case ED25519_IDX:
1064	fromdata_params = ed25519_fromdata_params;
1065	bits = ED25519_BITS;
1066	security_bits = ED25519_SECURITY_BITS;
1067	size = ED25519_SIGSIZE;
1068	alg = "ED25519";
1069	break;
1070
1071	case ED448_IDX:
1072	fromdata_params = ed448_fromdata_params;
1073	bits = ED448_BITS;
1074	security_bits = ED448_SECURITY_BITS;
1075	size = ED448_SIGSIZE;
1076	alg = "ED448";
1077	break;
1078	default:
1079	goto err;
1080	}
1081
1082	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1083	if (!TEST_ptr(ctx))
1084	goto err;
1085
1086	orig_fromdata_params = fromdata_params;
1087	if (tst > 7) {
1088	/* public key only */
1089	fromdata_params++;
1090	} else if (tst > 3) {
1091	/* private key only */
1092	params[0] = fromdata_params[0];
1093	params[1] = fromdata_params[2];
1094	fromdata_params = params;
1095	}
1096
1097	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1098	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1099	fromdata_params), 1))
1100	goto err;
1101
1102	for (;;) {
1103	ret = 0;
1104	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1105	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1106	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1107	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1108	goto err;
1109
1110	if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1111	goto err;
1112	if (tst <= 7) {
1113	if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
1114	goto err;
1115	if (!TEST_true(EVP_PKEY_get_octet_string_param(
1116	pk, orig_fromdata_params[PRIV_KEY].key,
1117	out_priv, sizeof(out_priv), &len))
1118	\|\| !TEST_mem_eq(out_priv, len,
1119	orig_fromdata_params[PRIV_KEY].data,
1120	orig_fromdata_params[PRIV_KEY].data_size)
1121	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(
1122	pk, orig_fromdata_params[PUB_KEY].key,
1123	out_pub, sizeof(out_pub), &len))
1124	\|\| !TEST_mem_eq(out_pub, len,
1125	orig_fromdata_params[PUB_KEY].data,
1126	orig_fromdata_params[PUB_KEY].data_size))
1127	goto err;
1128	} else {
1129	/* The private key check should fail if there is only a public key */
1130	if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0)
1131	\|\| !TEST_int_le(EVP_PKEY_private_check(ctx2), 0)
1132	\|\| !TEST_int_le(EVP_PKEY_check(ctx2), 0))
1133	goto err;
1134	}
1135	EVP_PKEY_CTX_free(ctx2);
1136	ctx2 = NULL;
1137
1138	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1139	/* This should succeed because there are no parameters to copy */
1140	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1141	goto err;
1142	if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, copy_pk, NULL))
1143	/* This should fail because copy_pk has no pubkey */
1144	\|\| !TEST_int_le(EVP_PKEY_public_check(ctx2), 0))
1145	goto err;
1146	EVP_PKEY_CTX_free(ctx2);
1147	ctx2 = NULL;
1148	EVP_PKEY_free(copy_pk);
1149	copy_pk = NULL;
1150
1151	if (tst > 7)
1152	ret = test_print_key_using_encoder_public(alg, pk);
1153	else
1154	ret = test_print_key_using_pem(alg, pk)
1155	&& test_print_key_using_encoder(alg, pk);
1156
1157	if (!ret \|\| dup_pk != NULL)
1158	break;
1159
1160	if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1161	goto err;
1162	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1163	EVP_PKEY_free(pk);
1164	pk = dup_pk;
1165	if (!ret)
1166	goto err;
1167	}
1168
1169	err:
1170	EVP_PKEY_free(pk);
1171	EVP_PKEY_free(copy_pk);
1172	EVP_PKEY_CTX_free(ctx);
1173	EVP_PKEY_CTX_free(ctx2);
1174
1175	return ret;
1176	}
1177
1178	static int test_fromdata_ec(void)
1179	{
1180	int ret = 0;
1181	EVP_PKEY_CTX *ctx = NULL;
1182	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1183	OSSL_PARAM_BLD *bld = NULL;
1184	BIGNUM *ec_priv_bn = NULL;
1185	BIGNUM *bn_priv = NULL;
1186	OSSL_PARAM *fromdata_params = NULL;
1187	const char *alg = "EC";
1188	const char *curve = "prime256v1";
1189	const char bad_curve[] = "nonexistent-curve";
1190	OSSL_PARAM nokey_params[2] = {
1191	OSSL_PARAM_END,
1192	OSSL_PARAM_END
1193	};
1194	/* UNCOMPRESSED FORMAT */
1195	static const unsigned char ec_pub_keydata[] = {
1196	POINT_CONVERSION_UNCOMPRESSED,
1197	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1198	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1199	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1200	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1201	0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1202	0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1203	0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1204	0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1205	};
1206	/* SAME BUT COMPRESSED FORMAT */
1207	static const unsigned char ec_pub_keydata_compressed[] = {
1208	POINT_CONVERSION_COMPRESSED+1,
1209	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1210	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1211	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1212	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2
1213	};
1214	static const unsigned char ec_priv_keydata[] = {
1215	0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1216	0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1217	0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1218	0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1219	};
1220	unsigned char out_pub[sizeof(ec_pub_keydata)];
1221	char out_curve_name[80];
1222	const OSSL_PARAM *gettable = NULL;
1223	size_t len;
1224	EC_GROUP *group = NULL;
1225	BIGNUM *group_a = NULL;
1226	BIGNUM *group_b = NULL;
1227	BIGNUM *group_p = NULL;
1228	BIGNUM *a = NULL;
1229	BIGNUM *b = NULL;
1230	BIGNUM *p = NULL;
1231
1232
1233	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1234	goto err;
1235	if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1236	sizeof(ec_priv_keydata), NULL)))
1237	goto err;
1238
1239	if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1240	curve, 0) <= 0)
1241	goto err;
1242	/*
1243	* We intentionally provide the input point in compressed format,
1244	* and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`.
1245	*
1246	* Later on we check what format is used when exporting the
1247	* `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed
1248	* format.
1249	*/
1250	if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1251	ec_pub_keydata_compressed,
1252	sizeof(ec_pub_keydata_compressed)) <= 0)
1253	goto err;
1254	if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1255	goto err;
1256	if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1257	goto err;
1258	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1259	if (!TEST_ptr(ctx))
1260	goto err;
1261
1262	/* try importing parameters with bad curve first */
1263	nokey_params[0] =
1264	OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1265	(char *)bad_curve, sizeof(bad_curve));
1266	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1267	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1268	nokey_params), 0)
1269	\|\| !TEST_ptr_null(pk))
1270	goto err;
1271
1272	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1273	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1274	fromdata_params), 1))
1275	goto err;
1276
1277	for (;;) {
1278	ret = 0;
1279	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1280	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1281	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1282	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1283	goto err;
1284
1285	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1286	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1287	goto err;
1288	EVP_PKEY_free(copy_pk);
1289	copy_pk = NULL;
1290
1291	if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1292	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1293	OSSL_PKEY_PARAM_GROUP_NAME))
1294	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1295	OSSL_PKEY_PARAM_PUB_KEY))
1296	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1297	OSSL_PKEY_PARAM_PRIV_KEY)))
1298	goto err;
1299
1300	if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1301	\|\| !TEST_ptr(group_p = BN_new())
1302	\|\| !TEST_ptr(group_a = BN_new())
1303	\|\| !TEST_ptr(group_b = BN_new())
1304	\|\| !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1305	goto err;
1306
1307	if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1308	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1309	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1310	goto err;
1311
1312	if (!TEST_BN_eq(group_p, p) \|\| !TEST_BN_eq(group_a, a)
1313	\|\| !TEST_BN_eq(group_b, b))
1314	goto err;
1315
1316	EC_GROUP_free(group);
1317	group = NULL;
1318	BN_free(group_p);
1319	group_p = NULL;
1320	BN_free(group_a);
1321	group_a = NULL;
1322	BN_free(group_b);
1323	group_b = NULL;
1324
1325	if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1326	out_curve_name,
1327	sizeof(out_curve_name),
1328	&len)
1329	\|\| !TEST_str_eq(out_curve_name, curve)
1330	\|\| !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1331	out_pub, sizeof(out_pub), &len)
1332
1333	/*
1334	* Our providers use uncompressed format by default if
1335	* `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not
1336	* explicitly set, irrespective of the format used for the
1337	* input point given as a param to create this key.
1338	*/
1339	\|\| !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED)
1340	\|\| !TEST_mem_eq(out_pub + 1, len - 1,
1341	ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1)
1342
1343	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1344	&bn_priv))
1345	\|\| !TEST_BN_eq(ec_priv_bn, bn_priv))
1346	goto err;
1347	BN_free(bn_priv);
1348	bn_priv = NULL;
1349
1350	ret = test_print_key_using_pem(alg, pk)
1351	&& test_print_key_using_encoder(alg, pk);
1352
1353	if (!ret \|\| dup_pk != NULL)
1354	break;
1355
1356	if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1357	goto err;
1358	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1359	EVP_PKEY_free(pk);
1360	pk = dup_pk;
1361	if (!ret)
1362	goto err;
1363	}
1364
1365	err:
1366	EC_GROUP_free(group);
1367	BN_free(group_a);
1368	BN_free(group_b);
1369	BN_free(group_p);
1370	BN_free(a);
1371	BN_free(b);
1372	BN_free(p);
1373	BN_free(bn_priv);
1374	BN_free(ec_priv_bn);
1375	OSSL_PARAM_free(fromdata_params);
1376	OSSL_PARAM_BLD_free(bld);
1377	EVP_PKEY_free(pk);
1378	EVP_PKEY_free(copy_pk);
1379	EVP_PKEY_CTX_free(ctx);
1380	return ret;
1381	}
1382
1383	static int test_ec_dup_no_operation(void)
1384	{
1385	int ret = 0;
1386	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1387	EVP_PKEY param = NULL, pkey = NULL;
1388
1389	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1390	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1391	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1392	NID_X9_62_prime256v1), 0)
1393	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1394	\|\| !TEST_ptr(param))
1395	goto err;
1396
1397	EVP_PKEY_CTX_free(pctx);
1398	pctx = NULL;
1399
1400	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1401	\|\| !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1402	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1403	\|\| !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1404	goto err;
1405	ret = 1;
1406	err:
1407	EVP_PKEY_free(pkey);
1408	EVP_PKEY_free(param);
1409	EVP_PKEY_CTX_free(ctx);
1410	EVP_PKEY_CTX_free(kctx);
1411	EVP_PKEY_CTX_free(pctx);
1412	return ret;
1413	}
1414
1415	/* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1416	static int test_ec_dup_keygen_operation(void)
1417	{
1418	int ret = 0;
1419	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1420	EVP_PKEY param = NULL, pkey = NULL;
1421
1422	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1423	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1424	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1425	NID_X9_62_prime256v1), 0)
1426	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1427	\|\| !TEST_ptr(param))
1428	goto err;
1429
1430	EVP_PKEY_CTX_free(pctx);
1431	pctx = NULL;
1432
1433	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1434	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1435	\|\| !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1436	goto err;
1437	ret = 1;
1438	err:
1439	EVP_PKEY_free(pkey);
1440	EVP_PKEY_free(param);
1441	EVP_PKEY_CTX_free(ctx);
1442	EVP_PKEY_CTX_free(kctx);
1443	EVP_PKEY_CTX_free(pctx);
1444	return ret;
1445	}
1446
1447	#endif /* OPENSSL_NO_EC */
1448
1449	#ifndef OPENSSL_NO_DSA
1450	static int test_fromdata_dsa_fips186_4(void)
1451	{
1452	int ret = 0;
1453	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
1454	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1455	BIGNUM pub = NULL, priv = NULL;
1456	BIGNUM p = NULL, q = NULL, *g = NULL;
1457	BIGNUM pub_out = NULL, priv_out = NULL;
1458	BIGNUM p_out = NULL, q_out = NULL, g_out = NULL, j_out = NULL;
1459	int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1460	char name_out[80];
1461	unsigned char seed_out[32];
1462	size_t len;
1463	OSSL_PARAM_BLD *bld = NULL;
1464	OSSL_PARAM *fromdata_params = NULL;
1465
1466	/*
1467	* DSA parameter data was generated using the following:
1468	* openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1469	* -pkeyopt qbits:256 -pkeyopt type:0 \
1470	* -pkeyopt gindex:1 -out dsa_params.pem -text
1471	*/
1472	static const unsigned char p_data[] = {
1473	0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1474	0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1475	0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1476	0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1477	0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1478	0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1479	0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1480	0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1481	0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1482	0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1483	0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1484	0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1485	0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1486	0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1487	0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1488	0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1489	0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1490	0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1491	0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1492	0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1493	0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1494	0x7c, 0xfe, 0xaf, 0x6a, 0x05
1495	};
1496	static const unsigned char q_data[] = {
1497	0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1498	0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1499	0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1500	};
1501	static const unsigned char g_data[] = {
1502	0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1503	0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1504	0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1505	0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1506	0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1507	0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1508	0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1509	0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1510	0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1511	0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1512	0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1513	0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1514	0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1515	0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1516	0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1517	0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1518	0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1519	0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1520	0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1521	0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1522	0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1523	0x02, 0x6f, 0x96, 0x36
1524	};
1525	static const unsigned char seed_data[] = {
1526	0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1527	0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1528	0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1529	};
1530	const int gindex = 1;
1531	const int pcounter = 53;
1532	/*
1533	* The keypair was generated using
1534	* openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1535	* -pkeyopt gindex:1 \
1536	* -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1537	*/
1538	static const unsigned char priv_data[] = {
1539	0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1540	0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1541	0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1542	};
1543	static const unsigned char pub_data[] = {
1544	0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1545	0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1546	0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1547	0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1548	0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1549	0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1550	0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1551	0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1552	0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1553	0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1554	0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1555	0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1556	0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1557	0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1558	0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1559	0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1560	0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1561	0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1562	0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1563	0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1564	0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1565	0x48, 0xd1, 0x8a, 0xbd
1566	};
1567
1568	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1569	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1570	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1571	\|\| !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1572	\|\| !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1573	\|\| !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1574
1575	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1576	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1577	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1578	\|\| !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1579	OSSL_PKEY_PARAM_FFC_SEED,
1580	seed_data,
1581	sizeof(seed_data)))
1582	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1583	gindex))
1584	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1585	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1586	pcounter))
1587	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1588	pub))
1589	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1590	priv))
1591	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1592	goto err;
1593
1594	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1595	goto err;
1596
1597	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1598	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1599	fromdata_params), 1))
1600	goto err;
1601
1602	for (;;) {
1603	ret = 0;
1604	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1605	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1606	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1607	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1608	goto err;
1609
1610	if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1611	OSSL_PKEY_PARAM_GROUP_NAME,
1612	name_out,
1613	sizeof(name_out),
1614	&len))
1615	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1616	&pub_out))
1617	\|\| !TEST_BN_eq(pub, pub_out)
1618	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1619	&priv_out))
1620	\|\| !TEST_BN_eq(priv, priv_out)
1621	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1622	&p_out))
1623	\|\| !TEST_BN_eq(p, p_out)
1624	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1625	&q_out))
1626	\|\| !TEST_BN_eq(q, q_out)
1627	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1628	&g_out))
1629	\|\| !TEST_BN_eq(g, g_out)
1630	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
1631	OSSL_PKEY_PARAM_FFC_COFACTOR,
1632	&j_out))
1633	\|\| !TEST_ptr_null(j_out)
1634	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1635	OSSL_PKEY_PARAM_FFC_SEED,
1636	seed_out,
1637	sizeof(seed_out),
1638	&len))
1639	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1640	OSSL_PKEY_PARAM_FFC_GINDEX,
1641	&gindex_out))
1642	\|\| !TEST_int_eq(gindex, gindex_out)
1643	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1644	&hindex_out))
1645	\|\| !TEST_int_eq(hindex_out, 0)
1646	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1647	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1648	&pcounter_out))
1649	\|\| !TEST_int_eq(pcounter, pcounter_out))
1650	goto err;
1651	BN_free(p_out);
1652	p_out = NULL;
1653	BN_free(q_out);
1654	q_out = NULL;
1655	BN_free(g_out);
1656	g_out = NULL;
1657	BN_free(j_out);
1658	j_out = NULL;
1659	BN_free(pub_out);
1660	pub_out = NULL;
1661	BN_free(priv_out);
1662	priv_out = NULL;
1663
1664	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1665	goto err;
1666
1667	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
1668	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
1669	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
1670	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
1671	goto err;
1672	EVP_PKEY_CTX_free(key_ctx);
1673	key_ctx = NULL;
1674
1675	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1676	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1677	goto err;
1678	EVP_PKEY_free(copy_pk);
1679	copy_pk = NULL;
1680
1681	ret = test_print_key_using_pem("DSA", pk)
1682	&& test_print_key_using_encoder("DSA", pk);
1683
1684	if (!ret \|\| dup_pk != NULL)
1685	break;
1686
1687	if (!TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1688	goto err;
1689	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1690	EVP_PKEY_free(pk);
1691	pk = dup_pk;
1692	if (!ret)
1693	goto err;
1694	}
1695
1696	err:
1697	OSSL_PARAM_free(fromdata_params);
1698	OSSL_PARAM_BLD_free(bld);
1699	BN_free(p);
1700	BN_free(q);
1701	BN_free(g);
1702	BN_free(pub);
1703	BN_free(priv);
1704	BN_free(p_out);
1705	BN_free(q_out);
1706	BN_free(g_out);
1707	BN_free(pub_out);
1708	BN_free(priv_out);
1709	BN_free(j_out);
1710	EVP_PKEY_free(pk);
1711	EVP_PKEY_free(copy_pk);
1712	EVP_PKEY_CTX_free(ctx);
1713	EVP_PKEY_CTX_free(key_ctx);
1714
1715	return ret;
1716	}
1717
1718	static int test_check_dsa(void)
1719	{
1720	int ret = 0;
1721	EVP_PKEY_CTX *ctx = NULL;
1722
1723	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1724	\|\| !TEST_int_le(EVP_PKEY_check(ctx), 0)
1725	\|\| !TEST_int_le(EVP_PKEY_public_check(ctx), 0)
1726	\|\| !TEST_int_le(EVP_PKEY_private_check(ctx), 0)
1727	\|\| !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0))
1728	goto err;
1729
1730	ret = 1;
1731	err:
1732	EVP_PKEY_CTX_free(ctx);
1733
1734	return ret;
1735	}
1736	#endif /* OPENSSL_NO_DSA */
1737
1738
1739	static OSSL_PARAM do_construct_hkdf_params(char digest, char *key,
1740	size_t keylen, char *salt)
1741	{
1742	OSSL_PARAM params = OPENSSL_malloc(sizeof(OSSL_PARAM) 5);
1743	OSSL_PARAM *p = params;
1744
1745	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1746	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1747	salt, strlen(salt));
1748	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1749	(unsigned char *)key, keylen);
1750	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1751	"EXTRACT_ONLY", 0);
1752	*p = OSSL_PARAM_construct_end();
1753
1754	return params;
1755	}
1756
1757	static int test_evp_pkey_ctx_dup_kdf(void)
1758	{
1759	int ret = 0;
1760	size_t len = 0, dlen = 0;
1761	EVP_PKEY_CTX pctx = NULL, dctx = NULL;
1762	OSSL_PARAM *params = NULL;
1763
1764	if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1765	"salt")))
1766	goto err;
1767	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1768	goto err;
1769	if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1770	goto err;
1771	if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
1772	goto err;
1773	if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1774	\|\| !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
1775	\|\| !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
1776	\|\| !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
1777	goto err;
1778	ret = 1;
1779	err:
1780	OPENSSL_free(params);
1781	EVP_PKEY_CTX_free(dctx);
1782	EVP_PKEY_CTX_free(pctx);
1783	return ret;
1784	}
1785
1786	int setup_tests(void)
1787	{
1788	if (!test_skip_common_options()) {
1789	TEST_error("Error parsing test options\n");
1790	return 0;
1791	}
1792
1793	if (!TEST_ptr(datadir = test_get_argument(0)))
1794	return 0;
1795
1796	ADD_TEST(test_evp_pkey_ctx_dup_kdf);
1797	ADD_TEST(test_evp_pkey_get_bn_param_large);
1798	ADD_TEST(test_fromdata_rsa);
1799	#ifndef OPENSSL_NO_DH
1800	ADD_TEST(test_fromdata_dh_fips186_4);
1801	ADD_TEST(test_fromdata_dh_named_group);
1802	#endif
1803	#ifndef OPENSSL_NO_DSA
1804	ADD_TEST(test_check_dsa);
1805	ADD_TEST(test_fromdata_dsa_fips186_4);
1806	#endif
1807	#ifndef OPENSSL_NO_EC
1808	ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1809	ADD_TEST(test_fromdata_ec);
1810	ADD_TEST(test_ec_dup_no_operation);
1811	ADD_TEST(test_ec_dup_keygen_operation);
1812	#endif
1813	return 1;
1814	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.1.7/test/evp_pkey_provided_test.c@ 105945

以其他格式下載: