VirtualBox

source: vbox/trunk/src/libs/openssl-3.1.0/providers/fips/self_test_data.inc@ 100947

Last change on this file since 100947 was 99366, checked in by vboxsync, 22 months ago

openssl-3.1.0: Applied and adjusted our OpenSSL changes to 3.0.7. bugref:10418
File size: 66.3 KB
Line 
1/*
2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10/* Macros to build Self test data */
11#define ITM(x) ((void *)&x), sizeof(x)
12#define ITM_STR(x) ((void *)&x), (sizeof(x) - 1)
13
14#define ST_KAT_PARAM_END() { "", 0, NULL, 0 }
15#define ST_KAT_PARAM_BIGNUM(name, data) \
16 { name, OSSL_PARAM_UNSIGNED_INTEGER, ITM(data) }
17#define ST_KAT_PARAM_OCTET(name, data) \
18 { name, OSSL_PARAM_OCTET_STRING, ITM(data) }
19#define ST_KAT_PARAM_UTF8STRING(name, data) \
20 { name, OSSL_PARAM_UTF8_STRING, ITM_STR(data) }
21#define ST_KAT_PARAM_UTF8CHAR(name, data) \
22 { name, OSSL_PARAM_UTF8_STRING, ITM(data) }
23#define ST_KAT_PARAM_INT(name, i) \
24 { name, OSSL_PARAM_INTEGER, ITM(i) }
25
26/* used to store raw parameters for keys and algorithms */
27typedef struct st_kat_param_st {
28 const char *name; /* an OSSL_PARAM name */
29 size_t type; /* the type associated with the data */
30 const void *data; /* unsigned char [], or char [] depending on the type */
31 size_t data_len; /* the length of the data */
32} ST_KAT_PARAM;
33
34typedef struct st_kat_st {
35 const char *desc;
36 const char *algorithm;
37 const unsigned char *pt;
38 size_t pt_len;
39 const unsigned char *expected;
40 size_t expected_len;
41} ST_KAT;
42
43#define CIPHER_MODE_ENCRYPT 1
44#define CIPHER_MODE_DECRYPT 2
45#define CIPHER_MODE_ALL (CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT)
46
47typedef ST_KAT ST_KAT_DIGEST;
48typedef struct st_kat_cipher_st {
49 ST_KAT base;
50 int mode;
51 const unsigned char *key;
52 size_t key_len;
53 const unsigned char *iv;
54 size_t iv_len;
55 const unsigned char *aad;
56 size_t aad_len;
57 const unsigned char *tag;
58 size_t tag_len;
59} ST_KAT_CIPHER;
60
61typedef struct st_kat_kdf_st {
62 const char *desc;
63 const char *algorithm;
64 const ST_KAT_PARAM *params;
65 const unsigned char *expected;
66 size_t expected_len;
67} ST_KAT_KDF;
68
69typedef struct st_kat_drbg_st {
70 const char *desc;
71 const char *algorithm;
72 const char *param_name;
73 char *param_value;
74 const unsigned char *entropyin;
75 size_t entropyinlen;
76 const unsigned char *nonce;
77 size_t noncelen;
78 const unsigned char *persstr;
79 size_t persstrlen;
80 const unsigned char *entropyinpr1;
81 size_t entropyinpr1len;
82 const unsigned char *entropyinpr2;
83 size_t entropyinpr2len;
84 const unsigned char *entropyaddin1;
85 size_t entropyaddin1len;
86 const unsigned char *entropyaddin2;
87 size_t entropyaddin2len;
88 const unsigned char *expected;
89 size_t expectedlen;
90} ST_KAT_DRBG;
91
92typedef struct st_kat_kas_st {
93 const char *desc;
94 const char *algorithm;
95
96 const ST_KAT_PARAM *key_group;
97 const ST_KAT_PARAM *key_host_data;
98 const ST_KAT_PARAM *key_peer_data;
99
100 const unsigned char *expected;
101 size_t expected_len;
102} ST_KAT_KAS;
103
104typedef struct st_kat_sign_st {
105 const char *desc;
106 const char *algorithm;
107 const char *mdalgorithm;
108 const ST_KAT_PARAM *key;
109 const unsigned char *entropy;
110 size_t entropy_len;
111 const unsigned char *nonce;
112 size_t nonce_len;
113 const unsigned char *persstr;
114 size_t persstr_len;
115 const unsigned char *sig_expected; /* Set to NULL if this value changes */
116 size_t sig_expected_len;
117} ST_KAT_SIGN;
118
119typedef struct st_kat_asym_cipher_st {
120 const char *desc;
121 const char *algorithm;
122 int encrypt;
123 const ST_KAT_PARAM *key;
124 const ST_KAT_PARAM *postinit;
125 const unsigned char *in;
126 size_t in_len;
127 const unsigned char *expected;
128 size_t expected_len;
129} ST_KAT_ASYM_CIPHER;
130
131/*- DIGEST TEST DATA */
132static const unsigned char sha1_pt[] = "abc";
133static const unsigned char sha1_digest[] = {
134 0xA9, 0x99, 0x3E, 0x36, 0x47, 0x06, 0x81, 0x6A, 0xBA, 0x3E, 0x25, 0x71,
135 0x78, 0x50, 0xC2, 0x6C, 0x9C, 0xD0, 0xD8, 0x9D
136};
137
138static const unsigned char sha512_pt[] = "abc";
139static const unsigned char sha512_digest[] = {
140 0xDD, 0xAF, 0x35, 0xA1, 0x93, 0x61, 0x7A, 0xBA, 0xCC, 0x41, 0x73, 0x49,
141 0xAE, 0x20, 0x41, 0x31, 0x12, 0xE6, 0xFA, 0x4E, 0x89, 0xA9, 0x7E, 0xA2,
142 0x0A, 0x9E, 0xEE, 0xE6, 0x4B, 0x55, 0xD3, 0x9A, 0x21, 0x92, 0x99, 0x2A,
143 0x27, 0x4F, 0xC1, 0xA8, 0x36, 0xBA, 0x3C, 0x23, 0xA3, 0xFE, 0xEB, 0xBD,
144 0x45, 0x4D, 0x44, 0x23, 0x64, 0x3C, 0xE8, 0x0E, 0x2A, 0x9A, 0xC9, 0x4F,
145 0xA5, 0x4C, 0xA4, 0x9F
146};
147static const unsigned char sha3_256_pt[] = { 0xe7, 0x37, 0x21, 0x05 };
148static const unsigned char sha3_256_digest[] = {
149 0x3a, 0x42, 0xb6, 0x8a, 0xb0, 0x79, 0xf2, 0x8c, 0x4c, 0xa3, 0xc7, 0x52,
150 0x29, 0x6f, 0x27, 0x90, 0x06, 0xc4, 0xfe, 0x78, 0xb1, 0xeb, 0x79, 0xd9,
151 0x89, 0x77, 0x7f, 0x05, 0x1e, 0x40, 0x46, 0xae
152};
153
154static const ST_KAT_DIGEST st_kat_digest_tests[] =
155{
156 {
157 OSSL_SELF_TEST_DESC_MD_SHA1,
158 "SHA1",
159 ITM_STR(sha1_pt),
160 ITM(sha1_digest),
161 },
162 {
163 OSSL_SELF_TEST_DESC_MD_SHA2,
164 "SHA512",
165 ITM_STR(sha512_pt),
166 ITM(sha512_digest),
167 },
168 {
169 OSSL_SELF_TEST_DESC_MD_SHA3,
170 "SHA3-256",
171 ITM(sha3_256_pt),
172 ITM(sha3_256_digest),
173 },
174};
175
176
177/*- CIPHER TEST DATA */
178
179/* DES3 test data */
180static const unsigned char des_ede3_cbc_pt[] = {
181 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
182 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A,
183 0xAE, 0x2D, 0x8A, 0x57, 0x1E, 0x03, 0xAC, 0x9C,
184 0x9E, 0xB7, 0x6F, 0xAC, 0x45, 0xAF, 0x8E, 0x51
185};
186static const unsigned char des_ede3_cbc_key[] = {
187 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
188 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01,
189 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF, 0x01, 0x23
190};
191static const unsigned char des_ede3_cbc_iv[] = {
192 0xF6, 0x9F, 0x24, 0x45, 0xDF, 0x4F, 0x9B, 0x17
193};
194static const unsigned char des_ede3_cbc_ct[] = {
195 0x20, 0x79, 0xC3, 0xD5, 0x3A, 0xA7, 0x63, 0xE1,
196 0x93, 0xB7, 0x9E, 0x25, 0x69, 0xAB, 0x52, 0x62,
197 0x51, 0x65, 0x70, 0x48, 0x1F, 0x25, 0xB5, 0x0F,
198 0x73, 0xC0, 0xBD, 0xA8, 0x5C, 0x8E, 0x0D, 0xA7
199};
200
201/* AES-256 GCM test data */
202static const unsigned char aes_256_gcm_key[] = {
203 0x92, 0xe1, 0x1d, 0xcd, 0xaa, 0x86, 0x6f, 0x5c,
204 0xe7, 0x90, 0xfd, 0x24, 0x50, 0x1f, 0x92, 0x50,
205 0x9a, 0xac, 0xf4, 0xcb, 0x8b, 0x13, 0x39, 0xd5,
206 0x0c, 0x9c, 0x12, 0x40, 0x93, 0x5d, 0xd0, 0x8b
207};
208static const unsigned char aes_256_gcm_iv[] = {
209 0xac, 0x93, 0xa1, 0xa6, 0x14, 0x52, 0x99, 0xbd,
210 0xe9, 0x02, 0xf2, 0x1a
211};
212static const unsigned char aes_256_gcm_pt[] = {
213 0x2d, 0x71, 0xbc, 0xfa, 0x91, 0x4e, 0x4a, 0xc0,
214 0x45, 0xb2, 0xaa, 0x60, 0x95, 0x5f, 0xad, 0x24
215};
216static const unsigned char aes_256_gcm_aad[] = {
217 0x1e, 0x08, 0x89, 0x01, 0x6f, 0x67, 0x60, 0x1c,
218 0x8e, 0xbe, 0xa4, 0x94, 0x3b, 0xc2, 0x3a, 0xd6
219};
220static const unsigned char aes_256_gcm_ct[] = {
221 0x89, 0x95, 0xae, 0x2e, 0x6d, 0xf3, 0xdb, 0xf9,
222 0x6f, 0xac, 0x7b, 0x71, 0x37, 0xba, 0xe6, 0x7f
223};
224static const unsigned char aes_256_gcm_tag[] = {
225 0xec, 0xa5, 0xaa, 0x77, 0xd5, 0x1d, 0x4a, 0x0a,
226 0x14, 0xd9, 0xc5, 0x1e, 0x1d, 0xa4, 0x74, 0xab
227};
228
229/* AES-ECB test data */
230static const unsigned char aes_128_ecb_key[] = {
231 0x10, 0xa5, 0x88, 0x69, 0xd7, 0x4b, 0xe5, 0xa3,
232 0x74, 0xcf, 0x86, 0x7c, 0xfb, 0x47, 0x38, 0x59
233};
234static const unsigned char aes_128_ecb_pt[] = {
235 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
236 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
237};
238static const unsigned char aes_128_ecb_ct[] = {
239 0x6d, 0x25, 0x1e, 0x69, 0x44, 0xb0, 0x51, 0xe0,
240 0x4e, 0xaa, 0x6f, 0xb4, 0xdb, 0xf7, 0x84, 0x65
241};
242
243static const ST_KAT_CIPHER st_kat_cipher_tests[] = {
244 {
245 {
246 OSSL_SELF_TEST_DESC_CIPHER_AES_GCM,
247 "AES-256-GCM",
248 ITM(aes_256_gcm_pt),
249 ITM(aes_256_gcm_ct)
250 },
251 CIPHER_MODE_ENCRYPT | CIPHER_MODE_DECRYPT,
252 ITM(aes_256_gcm_key),
253 ITM(aes_256_gcm_iv),
254 ITM(aes_256_gcm_aad),
255 ITM(aes_256_gcm_tag)
256 },
257 {
258 {
259 OSSL_SELF_TEST_DESC_CIPHER_AES_ECB,
260 "AES-128-ECB",
261 ITM(aes_128_ecb_pt),
262 ITM(aes_128_ecb_ct)
263 },
264 CIPHER_MODE_DECRYPT,
265 ITM(aes_128_ecb_key)
266 }
267};
268
269static const char hkdf_digest[] = "SHA256";
270static const unsigned char hkdf_secret[] = { 's', 'e', 'c', 'r', 'e', 't' };
271static const unsigned char hkdf_salt[] = { 's', 'a', 'l', 't' };
272static const unsigned char hkdf_info[] = { 'l', 'a', 'b', 'e', 'l' };
273
274static const ST_KAT_PARAM hkdf_params[] = {
275 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, hkdf_digest),
276 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, hkdf_secret),
277 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, hkdf_salt),
278 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, hkdf_info),
279 ST_KAT_PARAM_END()
280};
281static const unsigned char hkdf_expected[] = {
282 0x2a, 0xc4, 0x36, 0x9f, 0x52, 0x59, 0x96, 0xf8,
283 0xde, 0x13
284};
285
286static const char sskdf_digest[] = "SHA224";
287static const unsigned char sskdf_secret[] = {
288 0x6d, 0xbd, 0xc2, 0x3f, 0x04, 0x54, 0x88, 0xe4,
289 0x06, 0x27, 0x57, 0xb0, 0x6b, 0x9e, 0xba, 0xe1,
290 0x83, 0xfc, 0x5a, 0x59, 0x46, 0xd8, 0x0d, 0xb9,
291 0x3f, 0xec, 0x6f, 0x62, 0xec, 0x07, 0xe3, 0x72,
292 0x7f, 0x01, 0x26, 0xae, 0xd1, 0x2c, 0xe4, 0xb2,
293 0x62, 0xf4, 0x7d, 0x48, 0xd5, 0x42, 0x87, 0xf8,
294 0x1d, 0x47, 0x4c, 0x7c, 0x3b, 0x18, 0x50, 0xe9
295};
296static const unsigned char sskdf_otherinfo[] = {
297 0xa1, 0xb2, 0xc3, 0xd4, 0xe5, 0x43, 0x41, 0x56,
298 0x53, 0x69, 0x64, 0x3c, 0x83, 0x2e, 0x98, 0x49,
299 0xdc, 0xdb, 0xa7, 0x1e, 0x9a, 0x31, 0x39, 0xe6,
300 0x06, 0xe0, 0x95, 0xde, 0x3c, 0x26, 0x4a, 0x66,
301 0xe9, 0x8a, 0x16, 0x58, 0x54, 0xcd, 0x07, 0x98,
302 0x9b, 0x1e, 0xe0, 0xec, 0x3f, 0x8d, 0xbe
303};
304static const unsigned char sskdf_expected[] = {
305 0xa4, 0x62, 0xde, 0x16, 0xa8, 0x9d, 0xe8, 0x46,
306 0x6e, 0xf5, 0x46, 0x0b, 0x47, 0xb8
307};
308static const ST_KAT_PARAM sskdf_params[] = {
309 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sskdf_digest),
310 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sskdf_secret),
311 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, sskdf_otherinfo),
312 ST_KAT_PARAM_END()
313};
314
315static const char x942kdf_digest[] = "SHA1";
316static const char x942kdf_cekalg[] = "AES-128-WRAP";
317static const unsigned char x942kdf_secret[] = {
318 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
319 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
320 0x10, 0x11, 0x12, 0x13
321};
322static const unsigned char x942kdf_expected[] = {
323 0xd6, 0xd6, 0xb0, 0x94, 0xc1, 0x02, 0x7a, 0x7d,
324 0xe6, 0xe3, 0x11, 0x72, 0x94, 0xa3, 0x53, 0x64
325};
326static const ST_KAT_PARAM x942kdf_params[] = {
327 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x942kdf_digest),
328 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_CEK_ALG, x942kdf_cekalg),
329 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x942kdf_secret),
330 ST_KAT_PARAM_END()
331};
332
333static const char x963kdf_digest[] = "SHA256";
334static const unsigned char x963kdf_otherinfo[] = {
335 0x75, 0xee, 0xf8, 0x1a, 0xa3, 0x04, 0x1e, 0x33,
336 0xb8, 0x09, 0x71, 0x20, 0x3d, 0x2c, 0x0c, 0x52
337};
338static const unsigned char x963kdf_secret[] = {
339 0x22, 0x51, 0x8b, 0x10, 0xe7, 0x0f, 0x2a, 0x3f,
340 0x24, 0x38, 0x10, 0xae, 0x32, 0x54, 0x13, 0x9e,
341 0xfb, 0xee, 0x04, 0xaa, 0x57, 0xc7, 0xaf, 0x7d
342};
343static const unsigned char x963kdf_expected[] = {
344 0xc4, 0x98, 0xaf, 0x77, 0x16, 0x1c, 0xc5, 0x9f,
345 0x29, 0x62, 0xb9, 0xa7, 0x13, 0xe2, 0xb2, 0x15,
346 0x15, 0x2d, 0x13, 0x97, 0x66, 0xce, 0x34, 0xa7,
347 0x76, 0xdf, 0x11, 0x86, 0x6a, 0x69, 0xbf, 0x2e
348};
349static const ST_KAT_PARAM x963kdf_params[] = {
350 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, x963kdf_digest),
351 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, x963kdf_secret),
352 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, x963kdf_otherinfo),
353 ST_KAT_PARAM_END()
354};
355
356static const char pbkdf2_digest[] = "SHA256";
357/*
358 * Input parameters from RFC 6070, vector 5 (because it is the only one with
359 * a salt >= 16 bytes, which NIST SP 800-132 section 5.1 requires). The
360 * expected output is taken from
361 * https://github.com/brycx/Test-Vector-Generation/blob/master/PBKDF2/pbkdf2-hmac-sha2-test-vectors.md,
362 * which ran these test vectors with SHA-256.
363 */
364static const unsigned char pbkdf2_password[] = {
365 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x50, 0x41, 0x53, 0x53,
366 0x57, 0x4f, 0x52, 0x44, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64
367};
368static const unsigned char pbkdf2_salt[] = {
369 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74,
370 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54,
371 0x73, 0x61, 0x6c, 0x74, 0x53, 0x41, 0x4c, 0x54, 0x73, 0x61, 0x6c, 0x74
372};
373static const unsigned char pbkdf2_expected[] = {
374 0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f, 0x32, 0xd8, 0x14, 0xb8,
375 0x11, 0x6e, 0x84, 0xcf, 0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
376 0x1c
377};
378static int pbkdf2_iterations = 4096;
379static int pbkdf2_pkcs5 = 0;
380static const ST_KAT_PARAM pbkdf2_params[] = {
381 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, pbkdf2_digest),
382 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PASSWORD, pbkdf2_password),
383 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, pbkdf2_salt),
384 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_ITER, pbkdf2_iterations),
385 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_PKCS5, pbkdf2_pkcs5),
386 ST_KAT_PARAM_END()
387};
388
389static const char sshkdf_digest[] = "SHA1";
390static const char sshkdf_type = EVP_KDF_SSHKDF_TYPE_INITIAL_IV_CLI_TO_SRV;
391static const unsigned char sshkdf_key[] = {
392 0x00, 0x00, 0x00, 0x80, 0x55, 0xba, 0xe9, 0x31,
393 0xc0, 0x7f, 0xd8, 0x24, 0xbf, 0x10, 0xad, 0xd1,
394 0x90, 0x2b, 0x6f, 0xbc, 0x7c, 0x66, 0x53, 0x47,
395 0x38, 0x34, 0x98, 0xa6, 0x86, 0x92, 0x9f, 0xf5,
396 0xa2, 0x5f, 0x8e, 0x40, 0xcb, 0x66, 0x45, 0xea,
397 0x81, 0x4f, 0xb1, 0xa5, 0xe0, 0xa1, 0x1f, 0x85,
398 0x2f, 0x86, 0x25, 0x56, 0x41, 0xe5, 0xed, 0x98,
399 0x6e, 0x83, 0xa7, 0x8b, 0xc8, 0x26, 0x94, 0x80,
400 0xea, 0xc0, 0xb0, 0xdf, 0xd7, 0x70, 0xca, 0xb9,
401 0x2e, 0x7a, 0x28, 0xdd, 0x87, 0xff, 0x45, 0x24,
402 0x66, 0xd6, 0xae, 0x86, 0x7c, 0xea, 0xd6, 0x3b,
403 0x36, 0x6b, 0x1c, 0x28, 0x6e, 0x6c, 0x48, 0x11,
404 0xa9, 0xf1, 0x4c, 0x27, 0xae, 0xa1, 0x4c, 0x51,
405 0x71, 0xd4, 0x9b, 0x78, 0xc0, 0x6e, 0x37, 0x35,
406 0xd3, 0x6e, 0x6a, 0x3b, 0xe3, 0x21, 0xdd, 0x5f,
407 0xc8, 0x23, 0x08, 0xf3, 0x4e, 0xe1, 0xcb, 0x17,
408 0xfb, 0xa9, 0x4a, 0x59,
409};
410static const unsigned char sshkdf_xcghash[] = {
411 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
412 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
413 0xdc, 0x88, 0x92, 0x45,
414};
415static const unsigned char sshkdf_session_id[] = {
416 0xa4, 0xeb, 0xd4, 0x59, 0x34, 0xf5, 0x67, 0x92,
417 0xb5, 0x11, 0x2d, 0xcd, 0x75, 0xa1, 0x07, 0x5f,
418 0xdc, 0x88, 0x92, 0x45,
419};
420static const unsigned char sshkdf_expected[] = {
421 0xe2, 0xf6, 0x27, 0xc0, 0xb4, 0x3f, 0x1a, 0xc1,
422};
423static const ST_KAT_PARAM sshkdf_params[] = {
424 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, sshkdf_digest),
425 ST_KAT_PARAM_UTF8CHAR(OSSL_KDF_PARAM_SSHKDF_TYPE, sshkdf_type),
426 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, sshkdf_key),
427 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_XCGHASH, sshkdf_xcghash),
428 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SSHKDF_SESSION_ID, sshkdf_session_id),
429 ST_KAT_PARAM_END()
430};
431
432static const char tls12prf_digest[] = "SHA256";
433static const unsigned char tls12prf_secret[] = {
434 0x20, 0x2c, 0x88, 0xc0, 0x0f, 0x84, 0xa1, 0x7a,
435 0x20, 0x02, 0x70, 0x79, 0x60, 0x47, 0x87, 0x46,
436 0x11, 0x76, 0x45, 0x55, 0x39, 0xe7, 0x05, 0xbe,
437 0x73, 0x08, 0x90, 0x60, 0x2c, 0x28, 0x9a, 0x50,
438 0x01, 0xe3, 0x4e, 0xeb, 0x3a, 0x04, 0x3e, 0x5d,
439 0x52, 0xa6, 0x5e, 0x66, 0x12, 0x51, 0x88, 0xbf,
440};
441static const unsigned char tls12prf_seed[] = {
442 'k', 'e', 'y', ' ', 'e', 'x', 'p', 'a', 'n', 's', 'i', 'o', 'n',
443 0xae, 0x6c, 0x80, 0x6f, 0x8a, 0xd4, 0xd8, 0x07,
444 0x84, 0x54, 0x9d, 0xff, 0x28, 0xa4, 0xb5, 0x8f,
445 0xd8, 0x37, 0x68, 0x1a, 0x51, 0xd9, 0x28, 0xc3,
446 0xe3, 0x0e, 0xe5, 0xff, 0x14, 0xf3, 0x98, 0x68,
447 0x62, 0xe1, 0xfd, 0x91, 0xf2, 0x3f, 0x55, 0x8a,
448 0x60, 0x5f, 0x28, 0x47, 0x8c, 0x58, 0xcf, 0x72,
449 0x63, 0x7b, 0x89, 0x78, 0x4d, 0x95, 0x9d, 0xf7,
450 0xe9, 0x46, 0xd3, 0xf0, 0x7b, 0xd1, 0xb6, 0x16,
451 };
452static const unsigned char tls12prf_expected[] = {
453 0xd0, 0x61, 0x39, 0x88, 0x9f, 0xff, 0xac, 0x1e,
454 0x3a, 0x71, 0x86, 0x5f, 0x50, 0x4a, 0xa5, 0xd0,
455 0xd2, 0xa2, 0xe8, 0x95, 0x06, 0xc6, 0xf2, 0x27,
456 0x9b, 0x67, 0x0c, 0x3e, 0x1b, 0x74, 0xf5, 0x31,
457 0x01, 0x6a, 0x25, 0x30, 0xc5, 0x1a, 0x3a, 0x0f,
458 0x7e, 0x1d, 0x65, 0x90, 0xd0, 0xf0, 0x56, 0x6b,
459 0x2f, 0x38, 0x7f, 0x8d, 0x11, 0xfd, 0x4f, 0x73,
460 0x1c, 0xdd, 0x57, 0x2d, 0x2e, 0xae, 0x92, 0x7f,
461 0x6f, 0x2f, 0x81, 0x41, 0x0b, 0x25, 0xe6, 0x96,
462 0x0b, 0xe6, 0x89, 0x85, 0xad, 0xd6, 0xc3, 0x84,
463 0x45, 0xad, 0x9f, 0x8c, 0x64, 0xbf, 0x80, 0x68,
464 0xbf, 0x9a, 0x66, 0x79, 0x48, 0x5d, 0x96, 0x6f,
465 0x1a, 0xd6, 0xf6, 0x8b, 0x43, 0x49, 0x5b, 0x10,
466 0xa6, 0x83, 0x75, 0x5e, 0xa2, 0xb8, 0x58, 0xd7,
467 0x0c, 0xca, 0xc7, 0xec, 0x8b, 0x05, 0x3c, 0x6b,
468 0xd4, 0x1c, 0xa2, 0x99, 0xd4, 0xe5, 0x19, 0x28,
469};
470static const ST_KAT_PARAM tls12prf_params[] = {
471 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls12prf_digest),
472 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SECRET, tls12prf_secret),
473 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SEED, tls12prf_seed),
474 ST_KAT_PARAM_END()
475};
476
477static const char kbkdf_digest[] = "SHA256";
478static const char kbkdf_mac[] = "HMAC";
479static const unsigned char kbkdf_salt[] = { 'p', 'r', 'f' };
480static const unsigned char kbkdf_prfinput[] = { 't', 'e', 's', 't' };
481static unsigned char kbkdf_key[] = {
482 0x37, 0x05, 0xD9, 0x60, 0x80, 0xC1, 0x77, 0x28,
483 0xA0, 0xE8, 0x00, 0xEA, 0xB6, 0xE0, 0xD2, 0x3C,
484};
485static unsigned char kbkdf_expected[] = {
486 0x9D, 0x18, 0x86, 0x16, 0xF6, 0x38, 0x52, 0xFE,
487 0x86, 0x91, 0x5B, 0xB8, 0x40, 0xB4, 0xA8, 0x86,
488 0xFF, 0x3E, 0x6B, 0xB0, 0xF8, 0x19, 0xB4, 0x9B,
489 0x89, 0x33, 0x93, 0xD3, 0x93, 0x85, 0x42, 0x95,
490};
491static const ST_KAT_PARAM kbkdf_params[] = {
492 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, kbkdf_digest),
493 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_MAC, kbkdf_mac),
494 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, kbkdf_key),
495 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_SALT, kbkdf_salt),
496 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_INFO, kbkdf_prfinput),
497 ST_KAT_PARAM_END()
498};
499
500static const char tls13_kdf_digest[] = "SHA256";
501static int tls13_kdf_extract_mode = EVP_KDF_HKDF_MODE_EXTRACT_ONLY;
502static int tls13_kdf_expand_mode = EVP_KDF_HKDF_MODE_EXPAND_ONLY;
503static const unsigned char tls13_kdf_prefix[] = {
504 0x74, 0x6C, 0x73, 0x31, 0x33, 0x20 /* "tls13 " */
505};
506static const unsigned char tls13_kdf_client_early_secret_label[] = {
507 0x63, 0x20, 0x65, 0x20, 0x74, 0x72, 0x61, 0x66,
508 0x66, 0x69, 0x63 /* "c e traffic"*/
509};
510static const unsigned char tls13_kdf_psk[] = {
511 0xF8, 0xAF, 0x6A, 0xEA, 0x2D, 0x39, 0x7B, 0xAF,
512 0x29, 0x48, 0xA2, 0x5B, 0x28, 0x34, 0x20, 0x06,
513 0x92, 0xCF, 0xF1, 0x7E, 0xEE, 0x91, 0x65, 0xE4,
514 0xE2, 0x7B, 0xAB, 0xEE, 0x9E, 0xDE, 0xFD, 0x05
515};
516static const unsigned char tls13_kdf_client_hello_hash[] = {
517 0x7c, 0x92, 0xf6, 0x8b, 0xd5, 0xbf, 0x36, 0x38,
518 0xea, 0x33, 0x8a, 0x64, 0x94, 0x72, 0x2e, 0x1b,
519 0x44, 0x12, 0x7e, 0x1b, 0x7e, 0x8a, 0xad, 0x53,
520 0x5f, 0x23, 0x22, 0xa6, 0x44, 0xff, 0x22, 0xb3
521};
522
523static const unsigned char tls13_kdf_early_secret[] = {
524 0x15, 0x3B, 0x63, 0x94, 0xA9, 0xC0, 0x3C, 0xF3,
525 0xF5, 0xAC, 0xCC, 0x6E, 0x45, 0x5A, 0x76, 0x93,
526 0x28, 0x11, 0x38, 0xA1, 0xBC, 0xFA, 0x38, 0x03,
527 0xC2, 0x67, 0x35, 0xDD, 0x11, 0x94, 0xD2, 0x16
528};
529static const unsigned char tls13_kdf_client_early_traffic_secret[] = {
530 0xC8, 0x05, 0x83, 0xA9, 0x0E, 0x99, 0x5C, 0x48,
531 0x96, 0x00, 0x49, 0x2A, 0x5D, 0xA6, 0x42, 0xE6,
532 0xB1, 0xF6, 0x79, 0xBA, 0x67, 0x48, 0x28, 0x79,
533 0x2D, 0xF0, 0x87, 0xB9, 0x39, 0x63, 0x61, 0x71
534};
535static const ST_KAT_PARAM tls13_kdf_early_secret_params[] = {
536 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_extract_mode),
537 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
538 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_psk),
539 ST_KAT_PARAM_END()
540};
541static const ST_KAT_PARAM tls13_kdf_client_early_secret_params[] = {
542 ST_KAT_PARAM_INT(OSSL_KDF_PARAM_MODE, tls13_kdf_expand_mode),
543 ST_KAT_PARAM_UTF8STRING(OSSL_KDF_PARAM_DIGEST, tls13_kdf_digest),
544 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_KEY, tls13_kdf_early_secret),
545 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_DATA, tls13_kdf_client_hello_hash),
546 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_PREFIX, tls13_kdf_prefix),
547 ST_KAT_PARAM_OCTET(OSSL_KDF_PARAM_LABEL,
548 tls13_kdf_client_early_secret_label),
549 ST_KAT_PARAM_END()
550};
551
552static const ST_KAT_KDF st_kat_kdf_tests[] =
553{
554 {
555 OSSL_SELF_TEST_DESC_KDF_TLS13_EXTRACT,
556 OSSL_KDF_NAME_TLS1_3_KDF,
557 tls13_kdf_early_secret_params,
558 ITM(tls13_kdf_early_secret)
559 },
560 {
561 OSSL_SELF_TEST_DESC_KDF_TLS13_EXPAND,
562 OSSL_KDF_NAME_TLS1_3_KDF,
563 tls13_kdf_client_early_secret_params,
564 ITM(tls13_kdf_client_early_traffic_secret)
565 },
566 {
567 OSSL_SELF_TEST_DESC_KDF_TLS12_PRF,
568 OSSL_KDF_NAME_TLS1_PRF,
569 tls12prf_params,
570 ITM(tls12prf_expected)
571 },
572 {
573 OSSL_SELF_TEST_DESC_KDF_PBKDF2,
574 OSSL_KDF_NAME_PBKDF2,
575 pbkdf2_params,
576 ITM(pbkdf2_expected)
577 },
578 {
579 OSSL_SELF_TEST_DESC_KDF_SSHKDF,
580 OSSL_KDF_NAME_SSHKDF,
581 sshkdf_params,
582 ITM(sshkdf_expected)
583 },
584 {
585 OSSL_SELF_TEST_DESC_KDF_KBKDF,
586 OSSL_KDF_NAME_KBKDF,
587 kbkdf_params,
588 ITM(kbkdf_expected)
589 },
590 {
591 OSSL_SELF_TEST_DESC_KDF_HKDF,
592 OSSL_KDF_NAME_HKDF,
593 hkdf_params,
594 ITM(hkdf_expected)
595 },
596 {
597 OSSL_SELF_TEST_DESC_KDF_SSKDF,
598 OSSL_KDF_NAME_SSKDF,
599 sskdf_params,
600 ITM(sskdf_expected)
601 },
602 {
603 OSSL_SELF_TEST_DESC_KDF_X963KDF,
604 OSSL_KDF_NAME_X963KDF,
605 x963kdf_params,
606 ITM(x963kdf_expected)
607 },
608 {
609 OSSL_SELF_TEST_DESC_KDF_X942KDF,
610 OSSL_KDF_NAME_X942KDF_ASN1,
611 x942kdf_params,
612 ITM(x942kdf_expected)
613 },
614};
615
616/*-
617* DRBG test vectors are a small subset of
618* https://csrc.nist.rip/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
619* Using the folder drbgvectors_pr_true
620* Generated for CAVS 14.3.
621*/
622
623/*
624 * Hash_DRBG.rsp
625 *
626 * [SHA-256]
627 * [PredictionResistance = True]
628 * [EntropyInputLen = 256]
629 * [NonceLen = 128]
630 * [PersonalizationStringLen = 256]
631 * [AdditionalInputLen = 256]
632 * [ReturnedBitsLen = 1024]
633 *
634 * COUNT = 14
635 */
636static const unsigned char drbg_hash_sha256_pr_entropyin[] = {
637 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
638 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
639 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
640};
641static const unsigned char drbg_hash_sha256_pr_nonce[] = {
642 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
643 0xf0, 0xe5, 0x07, 0x1f
644};
645static const unsigned char drbg_hash_sha256_pr_persstr[] = {
646 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
647 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
648 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
649};
650static const unsigned char drbg_hash_sha256_pr_entropyinpr0[] = {
651 0xff, 0x80, 0xb7, 0xd2, 0x6a, 0x05, 0xbc, 0x8a, 0x7a, 0xbe, 0x53, 0x28,
652 0x6b, 0x0e, 0xeb, 0x73, 0x3b, 0x71, 0x5a, 0x20, 0x5b, 0xfa, 0x4f, 0xf6,
653 0x37, 0x03, 0xde, 0xad, 0xb6, 0xea, 0x0e, 0xf4
654};
655static const unsigned char drbg_hash_sha256_pr_entropyinpr1[] = {
656 0xc7, 0x38, 0x32, 0x53, 0x46, 0x81, 0xed, 0xe3, 0x7e, 0x03, 0x84, 0x6d,
657 0x3c, 0x84, 0x17, 0x67, 0x29, 0x7d, 0x24, 0x6c, 0x68, 0x92, 0x41, 0xd2,
658 0xe7, 0x75, 0xbe, 0x7e, 0xc9, 0x96, 0x29, 0x3d
659};
660static const unsigned char drbg_hash_sha256_pr_addin0[] = {
661 0xb7, 0x21, 0x5f, 0x14, 0xac, 0x7b, 0xaf, 0xd0, 0xa9, 0x17, 0x72, 0xba,
662 0x22, 0xf7, 0x19, 0xaf, 0xbd, 0x20, 0xb3, 0x11, 0x63, 0x6c, 0x2b, 0x1e,
663 0x83, 0xe4, 0xa8, 0x23, 0x35, 0x3f, 0xc6, 0xea
664};
665static const unsigned char drbg_hash_sha256_pr_addin1[] = {
666 0xce, 0xd3, 0x1f, 0x7e, 0x0d, 0xae, 0x5b, 0xb5, 0xc0, 0x43, 0xe2, 0x46,
667 0xb2, 0x94, 0x73, 0xe2, 0xfd, 0x39, 0x51, 0x2e, 0xad, 0x45, 0x69, 0xee,
668 0xe3, 0xe3, 0x80, 0x33, 0x14, 0xab, 0xa7, 0xa3
669};
670static const unsigned char drbg_hash_sha256_pr_expected[] = {
671 0x60, 0xc2, 0x34, 0xcf, 0xaf, 0xb4, 0x68, 0x03, 0x3b, 0xf1, 0x95, 0xe5,
672 0x78, 0xce, 0x26, 0x6e, 0x14, 0x65, 0x32, 0x6a, 0x96, 0xa9, 0xe0, 0x3f,
673 0x8b, 0x89, 0x36, 0x70, 0xef, 0x62, 0x75, 0x4d, 0x5e, 0x80, 0xd5, 0x53,
674 0xa1, 0xf8, 0x49, 0x50, 0x20, 0x8b, 0x93, 0x43, 0x07, 0x9f, 0x2e, 0xf8,
675 0x56, 0xe9, 0xc5, 0x70, 0x61, 0x85, 0x97, 0xb5, 0xdc, 0x82, 0xa2, 0xda,
676 0xea, 0xa3, 0xfd, 0x9b, 0x2f, 0xd2, 0xa0, 0xd7, 0x1b, 0xc6, 0x29, 0x35,
677 0xcc, 0xb8, 0x3d, 0xa0, 0x67, 0x98, 0x05, 0xa0, 0xe3, 0x1e, 0xfe, 0xe4,
678 0xf0, 0xe5, 0x13, 0xb0, 0x83, 0x17, 0xfa, 0xca, 0x93, 0x5e, 0x38, 0x29,
679 0x48, 0xd2, 0x72, 0xdb, 0x76, 0x3e, 0x6d, 0xf3, 0x25, 0x10, 0xff, 0x1b,
680 0x99, 0xff, 0xf8, 0xc6, 0x0e, 0xb0, 0xdd, 0x29, 0x2e, 0xbc, 0xbb, 0xc8,
681 0x0a, 0x01, 0x6e, 0xd3, 0xb0, 0x0e, 0x4e, 0xab
682};
683
684/*
685 * CTR_DRBG.rsp
686 *
687 * [AES-128 use df]
688 * [PredictionResistance = True]
689 * [EntropyInputLen = 128]
690 * [NonceLen = 64]
691 * [PersonalizationStringLen = 128]
692 * [AdditionalInputLen = 128]
693 * [ReturnedBitsLen = 512]
694 *
695 * COUNT = 0
696 */
697static const unsigned char drbg_ctr_aes128_pr_df_entropyin[] = {
698 0x92, 0x89, 0x8f, 0x31, 0xfa, 0x1c, 0xff, 0x6d, 0x18, 0x2f, 0x26, 0x06,
699 0x43, 0xdf, 0xf8, 0x18
700};
701static const unsigned char drbg_ctr_aes128_pr_df_nonce[] = {
702 0xc2, 0xa4, 0xd9, 0x72, 0xc3, 0xb9, 0xb6, 0x97
703};
704static const unsigned char drbg_ctr_aes128_pr_df_persstr[] = {
705 0xea, 0x65, 0xee, 0x60, 0x26, 0x4e, 0x7e, 0xb6, 0x0e, 0x82, 0x68, 0xc4,
706 0x37, 0x3c, 0x5c, 0x0b
707};
708static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr0[] = {
709 0x20, 0x72, 0x8a, 0x06, 0xf8, 0x6f, 0x8d, 0xd4, 0x41, 0xe2, 0x72, 0xb7,
710 0xc4, 0x2c, 0xe8, 0x10
711};
712static const unsigned char drbg_ctr_aes128_pr_df_entropyinpr1[] = {
713 0x3d, 0xb0, 0xf0, 0x94, 0xf3, 0x05, 0x50, 0x33, 0x17, 0x86, 0x3e, 0x22,
714 0x08, 0xf7, 0xa5, 0x01
715};
716static const unsigned char drbg_ctr_aes128_pr_df_addin0[] = {
717 0x1a, 0x40, 0xfa, 0xe3, 0xcc, 0x6c, 0x7c, 0xa0, 0xf8, 0xda, 0xba, 0x59,
718 0x23, 0x6d, 0xad, 0x1d
719};
720static const unsigned char drbg_ctr_aes128_pr_df_addin1[] = {
721 0x9f, 0x72, 0x76, 0x6c, 0xc7, 0x46, 0xe5, 0xed, 0x2e, 0x53, 0x20, 0x12,
722 0xbc, 0x59, 0x31, 0x8c
723};
724static const unsigned char drbg_ctr_aes128_pr_df_expected[] = {
725 0x5a, 0x35, 0x39, 0x87, 0x0f, 0x4d, 0x22, 0xa4, 0x09, 0x24, 0xee, 0x71,
726 0xc9, 0x6f, 0xac, 0x72, 0x0a, 0xd6, 0xf0, 0x88, 0x82, 0xd0, 0x83, 0x28,
727 0x73, 0xec, 0x3f, 0x93, 0xd8, 0xab, 0x45, 0x23, 0xf0, 0x7e, 0xac, 0x45,
728 0x14, 0x5e, 0x93, 0x9f, 0xb1, 0xd6, 0x76, 0x43, 0x3d, 0xb6, 0xe8, 0x08,
729 0x88, 0xf6, 0xda, 0x89, 0x08, 0x77, 0x42, 0xfe, 0x1a, 0xf4, 0x3f, 0xc4,
730 0x23, 0xc5, 0x1f, 0x68
731};
732
733/*
734 * HMAC_DRBG.rsp
735 *
736 * [SHA-1]
737 * [PredictionResistance = True]
738 * [EntropyInputLen = 128]
739 * [NonceLen = 64]
740 * [PersonalizationStringLen = 128]
741 * [AdditionalInputLen = 128]
742 * [ReturnedBitsLen = 640]
743 *
744 * COUNT = 0
745 */
746static const unsigned char drbg_hmac_sha1_pr_entropyin[] = {
747 0x68, 0x0f, 0xac, 0xe9, 0x0d, 0x7b, 0xca, 0x21, 0xd4, 0xa0, 0xed, 0xb7,
748 0x79, 0x9e, 0xe5, 0xd8
749};
750static const unsigned char drbg_hmac_sha1_pr_nonce[] = {
751 0xb7, 0xbe, 0x9e, 0xed, 0xdd, 0x0e, 0x3b, 0x4b
752};
753static const unsigned char drbg_hmac_sha1_pr_persstr[] = {
754 0xf5, 0x8c, 0x40, 0xae, 0x70, 0xf7, 0xa5, 0x56, 0x48, 0xa9, 0x31, 0xa0,
755 0xa9, 0x31, 0x3d, 0xd7
756};
757static const unsigned char drbg_hmac_sha1_pr_entropyinpr0[] = {
758 0x7c, 0xaf, 0xe2, 0x31, 0x63, 0x0a, 0xa9, 0x5a, 0x74, 0x2c, 0x4e, 0x5f,
759 0x5f, 0x22, 0xc6, 0xa4
760};
761static const unsigned char drbg_hmac_sha1_pr_entropyinpr1[] = {
762 0x1c, 0x0d, 0x77, 0x92, 0x89, 0x88, 0x27, 0x94, 0x8a, 0x58, 0x9f, 0x82,
763 0x2d, 0x1a, 0xf7, 0xa6
764};
765static const unsigned char drbg_hmac_sha1_pr_addin0[] = {
766 0xdc, 0x36, 0x63, 0xf0, 0x62, 0x78, 0x9c, 0xd1, 0x5c, 0xbb, 0x20, 0xc3,
767 0xc1, 0x8c, 0xd9, 0xd7
768};
769static const unsigned char drbg_hmac_sha1_pr_addin1[] = {
770 0xfe, 0x85, 0xb0, 0xab, 0x14, 0xc6, 0x96, 0xe6, 0x9c, 0x24, 0xe7, 0xb5,
771 0xa1, 0x37, 0x12, 0x0c
772};
773static const unsigned char drbg_hmac_sha1_pr_expected[] = {
774 0x68, 0x00, 0x4b, 0x3a, 0x28, 0xf7, 0xf0, 0x1c, 0xf9, 0xe9, 0xb5, 0x71,
775 0x20, 0x79, 0xef, 0x80, 0x87, 0x1b, 0x08, 0xb9, 0xa9, 0x1b, 0xcd, 0x2b,
776 0x9f, 0x09, 0x4d, 0xa4, 0x84, 0x80, 0xb3, 0x4c, 0xaf, 0xd5, 0x59, 0x6b,
777 0x0c, 0x0a, 0x48, 0xe1, 0x48, 0xda, 0xbc, 0x6f, 0x77, 0xb8, 0xff, 0xaf,
778 0x18, 0x70, 0x28, 0xe1, 0x04, 0x13, 0x7a, 0x4f, 0xeb, 0x1c, 0x72, 0xb0,
779 0xc4, 0x4f, 0xe8, 0xb1, 0xaf, 0xab, 0xa5, 0xbc, 0xfd, 0x86, 0x67, 0xf2,
780 0xf5, 0x5b, 0x46, 0x06, 0x63, 0x2e, 0x3c, 0xbc
781};
782
783static const ST_KAT_DRBG st_kat_drbg_tests[] =
784{
785 {
786 OSSL_SELF_TEST_DESC_DRBG_HASH,
787 "HASH-DRBG", "digest", "SHA256",
788 ITM(drbg_hash_sha256_pr_entropyin),
789 ITM(drbg_hash_sha256_pr_nonce),
790 ITM(drbg_hash_sha256_pr_persstr),
791 ITM(drbg_hash_sha256_pr_entropyinpr0),
792 ITM(drbg_hash_sha256_pr_entropyinpr1),
793 ITM(drbg_hash_sha256_pr_addin0),
794 ITM(drbg_hash_sha256_pr_addin1),
795 ITM(drbg_hash_sha256_pr_expected)
796 },
797 {
798 OSSL_SELF_TEST_DESC_DRBG_CTR,
799 "CTR-DRBG", "cipher", "AES-128-CTR",
800 ITM(drbg_ctr_aes128_pr_df_entropyin),
801 ITM(drbg_ctr_aes128_pr_df_nonce),
802 ITM(drbg_ctr_aes128_pr_df_persstr),
803 ITM(drbg_ctr_aes128_pr_df_entropyinpr0),
804 ITM(drbg_ctr_aes128_pr_df_entropyinpr1),
805 ITM(drbg_ctr_aes128_pr_df_addin0),
806 ITM(drbg_ctr_aes128_pr_df_addin1),
807 ITM(drbg_ctr_aes128_pr_df_expected)
808 },
809 {
810 OSSL_SELF_TEST_DESC_DRBG_HMAC,
811 "HMAC-DRBG", "digest", "SHA1",
812 ITM(drbg_hmac_sha1_pr_entropyin),
813 ITM(drbg_hmac_sha1_pr_nonce),
814 ITM(drbg_hmac_sha1_pr_persstr),
815 ITM(drbg_hmac_sha1_pr_entropyinpr0),
816 ITM(drbg_hmac_sha1_pr_entropyinpr1),
817 ITM(drbg_hmac_sha1_pr_addin0),
818 ITM(drbg_hmac_sha1_pr_addin1),
819 ITM(drbg_hmac_sha1_pr_expected)
820 }
821};
822
823/* KEY EXCHANGE TEST DATA */
824
825#ifndef OPENSSL_NO_DH
826/* DH KAT */
827static const unsigned char dh_p[] = {
828 0xdc, 0xca, 0x15, 0x11, 0xb2, 0x31, 0x32, 0x25,
829 0xf5, 0x21, 0x16, 0xe1, 0x54, 0x27, 0x89, 0xe0,
830 0x01, 0xf0, 0x42, 0x5b, 0xcc, 0xc7, 0xf3, 0x66,
831 0xf7, 0x40, 0x64, 0x07, 0xf1, 0xc9, 0xfa, 0x8b,
832 0xe6, 0x10, 0xf1, 0x77, 0x8b, 0xb1, 0x70, 0xbe,
833 0x39, 0xdb, 0xb7, 0x6f, 0x85, 0xbf, 0x24, 0xce,
834 0x68, 0x80, 0xad, 0xb7, 0x62, 0x9f, 0x7c, 0x6d,
835 0x01, 0x5e, 0x61, 0xd4, 0x3f, 0xa3, 0xee, 0x4d,
836 0xe1, 0x85, 0xf2, 0xcf, 0xd0, 0x41, 0xff, 0xde,
837 0x9d, 0x41, 0x84, 0x07, 0xe1, 0x51, 0x38, 0xbb,
838 0x02, 0x1d, 0xae, 0xb3, 0x5f, 0x76, 0x2d, 0x17,
839 0x82, 0xac, 0xc6, 0x58, 0xd3, 0x2b, 0xd4, 0xb0,
840 0x23, 0x2c, 0x92, 0x7d, 0xd3, 0x8f, 0xa0, 0x97,
841 0xb3, 0xd1, 0x85, 0x9f, 0xa8, 0xac, 0xaf, 0xb9,
842 0x8f, 0x06, 0x66, 0x08, 0xfc, 0x64, 0x4e, 0xc7,
843 0xdd, 0xb6, 0xf0, 0x85, 0x99, 0xf9, 0x2a, 0xc1,
844 0xb5, 0x98, 0x25, 0xda, 0x84, 0x32, 0x07, 0x7d,
845 0xef, 0x69, 0x56, 0x46, 0x06, 0x3c, 0x20, 0x82,
846 0x3c, 0x95, 0x07, 0xab, 0x6f, 0x01, 0x76, 0xd4,
847 0x73, 0x0d, 0x99, 0x0d, 0xbb, 0xe6, 0x36, 0x1c,
848 0xd8, 0xb2, 0xb9, 0x4d, 0x3d, 0x2f, 0x32, 0x9b,
849 0x82, 0x09, 0x9b, 0xd6, 0x61, 0xf4, 0x29, 0x50,
850 0xf4, 0x03, 0xdf, 0x3e, 0xde, 0x62, 0xa3, 0x31,
851 0x88, 0xb0, 0x27, 0x98, 0xba, 0x82, 0x3f, 0x44,
852 0xb9, 0x46, 0xfe, 0x9d, 0xf6, 0x77, 0xa0, 0xc5,
853 0xa1, 0x23, 0x8e, 0xaa, 0x97, 0xb7, 0x0f, 0x80,
854 0xda, 0x8c, 0xac, 0x88, 0xe0, 0x92, 0xb1, 0x12,
855 0x70, 0x60, 0xff, 0xbf, 0x45, 0x57, 0x99, 0x94,
856 0x01, 0x1d, 0xc2, 0xfa, 0xa5, 0xe7, 0xf6, 0xc7,
857 0x62, 0x45, 0xe1, 0xcc, 0x31, 0x22, 0x31, 0xc1,
858 0x7d, 0x1c, 0xa6, 0xb1, 0x90, 0x07, 0xef, 0x0d,
859 0xb9, 0x9f, 0x9c, 0xb6, 0x0e, 0x1d, 0x5f, 0x69
860};
861static const unsigned char dh_q[] = {
862 0x89, 0x8b, 0x22, 0x67, 0x17, 0xef, 0x03, 0x9e,
863 0x60, 0x3e, 0x82, 0xe5, 0xc7, 0xaf, 0xe4, 0x83,
864 0x74, 0xac, 0x5f, 0x62, 0x5c, 0x54, 0xf1, 0xea,
865 0x11, 0xac, 0xb5, 0x7d
866};
867static const unsigned char dh_g[] = {
868 0x5e, 0xf7, 0xb8, 0x8f, 0x2d, 0xf6, 0x01, 0x39,
869 0x35, 0x1d, 0xfb, 0xfe, 0x12, 0x66, 0x80, 0x5f,
870 0xdf, 0x35, 0x6c, 0xdf, 0xd1, 0x3a, 0x4d, 0xa0,
871 0x05, 0x0c, 0x7e, 0xde, 0x24, 0x6d, 0xf5, 0x9f,
872 0x6a, 0xbf, 0x96, 0xad, 0xe5, 0xf2, 0xb2, 0x8f,
873 0xfe, 0x88, 0xd6, 0xbc, 0xe7, 0xf7, 0x89, 0x4a,
874 0x3d, 0x53, 0x5f, 0xc8, 0x21, 0x26, 0xdd, 0xd4,
875 0x24, 0x87, 0x2e, 0x16, 0xb8, 0x38, 0xdf, 0x8c,
876 0x51, 0xe9, 0x01, 0x6f, 0x88, 0x9c, 0x7c, 0x20,
877 0x3e, 0x98, 0xa8, 0xb6, 0x31, 0xf9, 0xc7, 0x25,
878 0x63, 0xd3, 0x8a, 0x49, 0x58, 0x9a, 0x07, 0x53,
879 0xd3, 0x58, 0xe7, 0x83, 0x31, 0x8c, 0xef, 0xd9,
880 0x67, 0x7c, 0x7b, 0x2d, 0xbb, 0x77, 0xd6, 0xdc,
881 0xe2, 0xa1, 0x96, 0x37, 0x95, 0xca, 0x64, 0xb9,
882 0x2d, 0x1c, 0x9a, 0xac, 0x6d, 0x0e, 0x8d, 0x43,
883 0x1d, 0xe5, 0xe5, 0x00, 0x60, 0xdf, 0xf7, 0x86,
884 0x89, 0xc9, 0xec, 0xa1, 0xc1, 0x24, 0x8c, 0x16,
885 0xed, 0x09, 0xc7, 0xad, 0x41, 0x2a, 0x17, 0x40,
886 0x6d, 0x2b, 0x52, 0x5a, 0xa1, 0xca, 0xbb, 0x23,
887 0x7b, 0x97, 0x34, 0xec, 0x7b, 0x8c, 0xe3, 0xfa,
888 0xe0, 0x2f, 0x29, 0xc5, 0xef, 0xed, 0x30, 0xd6,
889 0x91, 0x87, 0xda, 0x10, 0x9c, 0x2c, 0x9f, 0xe2,
890 0xaa, 0xdb, 0xb0, 0xc2, 0x2a, 0xf5, 0x4c, 0x61,
891 0x66, 0x55, 0x00, 0x0c, 0x43, 0x1c, 0x6b, 0x4a,
892 0x37, 0x97, 0x63, 0xb0, 0xa9, 0x16, 0x58, 0xef,
893 0xc8, 0x4e, 0x8b, 0x06, 0x35, 0x8c, 0x8b, 0x4f,
894 0x21, 0x37, 0x10, 0xfd, 0x10, 0x17, 0x2c, 0xf3,
895 0x9b, 0x83, 0x0c, 0x2d, 0xd8, 0x4a, 0x0c, 0x8a,
896 0xb8, 0x25, 0x16, 0xec, 0xab, 0x99, 0x5f, 0xa4,
897 0x21, 0x5e, 0x02, 0x3e, 0x4e, 0xcf, 0x80, 0x74,
898 0xc3, 0x9d, 0x6c, 0x88, 0xb7, 0x0d, 0x1e, 0xe4,
899 0xe9, 0x6f, 0xdc, 0x20, 0xea, 0x11, 0x5c, 0x32
900};
901static const unsigned char dh_priv[] = {
902 0x14, 0x33, 0xe0, 0xb5, 0xa9, 0x17, 0xb6, 0x0a,
903 0x30, 0x23, 0xf2, 0xf8, 0xaa, 0x2c, 0x2d, 0x70,
904 0xd2, 0x96, 0x8a, 0xba, 0x9a, 0xea, 0xc8, 0x15,
905 0x40, 0xb8, 0xfc, 0xe6
906};
907static const unsigned char dh_pub[] = {
908 0x95, 0xdd, 0x33, 0x8d, 0x29, 0xe5, 0x71, 0x04,
909 0x92, 0xb9, 0x18, 0x31, 0x7b, 0x72, 0xa3, 0x69,
910 0x36, 0xe1, 0x95, 0x1a, 0x2e, 0xe5, 0xa5, 0x59,
911 0x16, 0x99, 0xc0, 0x48, 0x6d, 0x0d, 0x4f, 0x9b,
912 0xdd, 0x6d, 0x5a, 0x3f, 0x6b, 0x98, 0x89, 0x0c,
913 0x62, 0xb3, 0x76, 0x52, 0xd3, 0x6e, 0x71, 0x21,
914 0x11, 0xe6, 0x8a, 0x73, 0x55, 0x37, 0x25, 0x06,
915 0x99, 0xef, 0xe3, 0x30, 0x53, 0x73, 0x91, 0xfb,
916 0xc2, 0xc5, 0x48, 0xbc, 0x5a, 0xc3, 0xe5, 0xb2,
917 0x33, 0x86, 0xc3, 0xee, 0xf5, 0xeb, 0x43, 0xc0,
918 0x99, 0xd7, 0x0a, 0x52, 0x02, 0x68, 0x7e, 0x83,
919 0x96, 0x42, 0x48, 0xfc, 0xa9, 0x1f, 0x40, 0x90,
920 0x8e, 0x8f, 0xb3, 0x31, 0x93, 0x15, 0xf6, 0xd2,
921 0x60, 0x6d, 0x7f, 0x7c, 0xd5, 0x2c, 0xc6, 0xe7,
922 0xc5, 0x84, 0x3a, 0xfb, 0x22, 0x51, 0x9c, 0xf0,
923 0xf0, 0xf9, 0xd3, 0xa0, 0xa4, 0xe8, 0xc8, 0x88,
924 0x99, 0xef, 0xed, 0xe7, 0x36, 0x43, 0x51, 0xfb,
925 0x6a, 0x36, 0x3e, 0xe7, 0x17, 0xe5, 0x44, 0x5a,
926 0xda, 0xb4, 0xc9, 0x31, 0xa6, 0x48, 0x39, 0x97,
927 0xb8, 0x7d, 0xad, 0x83, 0x67, 0x7e, 0x4d, 0x1d,
928 0x3a, 0x77, 0x75, 0xe0, 0xf6, 0xd0, 0x0f, 0xdf,
929 0x73, 0xc7, 0xad, 0x80, 0x1e, 0x66, 0x5a, 0x0e,
930 0x5a, 0x79, 0x6d, 0x0a, 0x03, 0x80, 0xa1, 0x9f,
931 0xa1, 0x82, 0xef, 0xc8, 0xa0, 0x4f, 0x5e, 0x4d,
932 0xb9, 0x0d, 0x1a, 0x86, 0x37, 0xf9, 0x5d, 0xb1,
933 0x64, 0x36, 0xbd, 0xc8, 0xf3, 0xfc, 0x09, 0x6c,
934 0x4f, 0xf7, 0xf2, 0x34, 0xbe, 0x8f, 0xef, 0x47,
935 0x9a, 0xc4, 0xb0, 0xdc, 0x4b, 0x77, 0x26, 0x3e,
936 0x07, 0xd9, 0x95, 0x9d, 0xe0, 0xf1, 0xbf, 0x3f,
937 0x0a, 0xe3, 0xd9, 0xd5, 0x0e, 0x4b, 0x89, 0xc9,
938 0x9e, 0x3e, 0xa1, 0x21, 0x73, 0x43, 0xdd, 0x8c,
939 0x65, 0x81, 0xac, 0xc4, 0x95, 0x9c, 0x91, 0xd3
940};
941static const unsigned char dh_peer_pub[] = {
942 0x1f, 0xc1, 0xda, 0x34, 0x1d, 0x1a, 0x84, 0x6a,
943 0x96, 0xb7, 0xbe, 0x24, 0x34, 0x0f, 0x87, 0x7d,
944 0xd0, 0x10, 0xaa, 0x03, 0x56, 0xd5, 0xad, 0x58,
945 0xaa, 0xe9, 0xc7, 0xb0, 0x8f, 0x74, 0x9a, 0x32,
946 0x23, 0x51, 0x10, 0xb5, 0xd8, 0x8e, 0xb5, 0xdb,
947 0xfa, 0x97, 0x8d, 0x27, 0xec, 0xc5, 0x30, 0xf0,
948 0x2d, 0x31, 0x14, 0x00, 0x5b, 0x64, 0xb1, 0xc0,
949 0xe0, 0x24, 0xcb, 0x8a, 0xe2, 0x16, 0x98, 0xbc,
950 0xa9, 0xe6, 0x0d, 0x42, 0x80, 0x86, 0x22, 0xf1,
951 0x81, 0xc5, 0x6e, 0x1d, 0xe7, 0xa9, 0x6e, 0x6e,
952 0xfe, 0xe9, 0xd6, 0x65, 0x67, 0xe9, 0x1b, 0x97,
953 0x70, 0x42, 0xc7, 0xe3, 0xd0, 0x44, 0x8f, 0x05,
954 0xfb, 0x77, 0xf5, 0x22, 0xb9, 0xbf, 0xc8, 0xd3,
955 0x3c, 0xc3, 0xc3, 0x1e, 0xd3, 0xb3, 0x1f, 0x0f,
956 0xec, 0xb6, 0xdb, 0x4f, 0x6e, 0xa3, 0x11, 0xe7,
957 0x7a, 0xfd, 0xbc, 0xd4, 0x7a, 0xee, 0x1b, 0xb1,
958 0x50, 0xf2, 0x16, 0x87, 0x35, 0x78, 0xfb, 0x96,
959 0x46, 0x8e, 0x8f, 0x9f, 0x3d, 0xe8, 0xef, 0xbf,
960 0xce, 0x75, 0x62, 0x4b, 0x1d, 0xf0, 0x53, 0x22,
961 0xa3, 0x4f, 0x14, 0x63, 0xe8, 0x39, 0xe8, 0x98,
962 0x4c, 0x4a, 0xd0, 0xa9, 0x6e, 0x1a, 0xc8, 0x42,
963 0xe5, 0x31, 0x8c, 0xc2, 0x3c, 0x06, 0x2a, 0x8c,
964 0xa1, 0x71, 0xb8, 0xd5, 0x75, 0x98, 0x0d, 0xde,
965 0x7f, 0xc5, 0x6f, 0x15, 0x36, 0x52, 0x38, 0x20,
966 0xd4, 0x31, 0x92, 0xbf, 0xd5, 0x1e, 0x8e, 0x22,
967 0x89, 0x78, 0xac, 0xa5, 0xb9, 0x44, 0x72, 0xf3,
968 0x39, 0xca, 0xeb, 0x99, 0x31, 0xb4, 0x2b, 0xe3,
969 0x01, 0x26, 0x8b, 0xc9, 0x97, 0x89, 0xc9, 0xb2,
970 0x55, 0x71, 0xc3, 0xc0, 0xe4, 0xcb, 0x3f, 0x00,
971 0x7f, 0x1a, 0x51, 0x1c, 0xbb, 0x53, 0xc8, 0x51,
972 0x9c, 0xdd, 0x13, 0x02, 0xab, 0xca, 0x6c, 0x0f,
973 0x34, 0xf9, 0x67, 0x39, 0xf1, 0x7f, 0xf4, 0x8b
974};
975
976static const unsigned char dh_secret_expected[] = {
977 0x08, 0xff, 0x33, 0xbb, 0x2e, 0xcf, 0xf4, 0x9a,
978 0x7d, 0x4a, 0x79, 0x12, 0xae, 0xb1, 0xbb, 0x6a,
979 0xb5, 0x11, 0x64, 0x1b, 0x4a, 0x76, 0x77, 0x0c,
980 0x8c, 0xc1, 0xbc, 0xc2, 0x33, 0x34, 0x3d, 0xfe,
981 0x70, 0x0d, 0x11, 0x81, 0x3d, 0x2c, 0x9e, 0xd2,
982 0x3b, 0x21, 0x1c, 0xa9, 0xe8, 0x78, 0x69, 0x21,
983 0xed, 0xca, 0x28, 0x3c, 0x68, 0xb1, 0x61, 0x53,
984 0xfa, 0x01, 0xe9, 0x1a, 0xb8, 0x2c, 0x90, 0xdd,
985 0xab, 0x4a, 0x95, 0x81, 0x67, 0x70, 0xa9, 0x87,
986 0x10, 0xe1, 0x4c, 0x92, 0xab, 0x83, 0xb6, 0xe4,
987 0x6e, 0x1e, 0x42, 0x6e, 0xe8, 0x52, 0x43, 0x0d,
988 0x61, 0x87, 0xda, 0xa3, 0x72, 0x0a, 0x6b, 0xcd,
989 0x73, 0x23, 0x5c, 0x6b, 0x0f, 0x94, 0x1f, 0x33,
990 0x64, 0xf5, 0x04, 0x20, 0x55, 0x1a, 0x4b, 0xfe,
991 0xaf, 0xe2, 0xbc, 0x43, 0x85, 0x05, 0xa5, 0x9a,
992 0x4a, 0x40, 0xda, 0xca, 0x7a, 0x89, 0x5a, 0x73,
993 0xdb, 0x57, 0x5c, 0x74, 0xc1, 0x3a, 0x23, 0xad,
994 0x88, 0x32, 0x95, 0x7d, 0x58, 0x2d, 0x38, 0xf0,
995 0xa6, 0x16, 0x5f, 0xb0, 0xd7, 0xe9, 0xb8, 0x79,
996 0x9e, 0x42, 0xfd, 0x32, 0x20, 0xe3, 0x32, 0xe9,
997 0x81, 0x85, 0xa0, 0xc9, 0x42, 0x97, 0x57, 0xb2,
998 0xd0, 0xd0, 0x2c, 0x17, 0xdb, 0xaa, 0x1f, 0xf6,
999 0xed, 0x93, 0xd7, 0xe7, 0x3e, 0x24, 0x1e, 0xae,
1000 0xd9, 0x0c, 0xaf, 0x39, 0x4d, 0x2b, 0xc6, 0x57,
1001 0x0f, 0x18, 0xc8, 0x1f, 0x2b, 0xe5, 0xd0, 0x1a,
1002 0x2c, 0xa9, 0x9f, 0xf1, 0x42, 0xb5, 0xd9, 0x63,
1003 0xf9, 0xf5, 0x00, 0x32, 0x5e, 0x75, 0x56, 0xf9,
1004 0x58, 0x49, 0xb3, 0xff, 0xc7, 0x47, 0x94, 0x86,
1005 0xbe, 0x1d, 0x45, 0x96, 0xa3, 0x10, 0x6b, 0xd5,
1006 0xcb, 0x4f, 0x61, 0xc5, 0x7e, 0xc5, 0xf1, 0x00,
1007 0xfb, 0x7a, 0x0c, 0x82, 0xa1, 0x0b, 0x82, 0x52,
1008 0x6a, 0x97, 0xd1, 0xd9, 0x7d, 0x98, 0xea, 0xf6
1009};
1010
1011static const ST_KAT_PARAM dh_group[] = {
1012 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dh_p),
1013 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dh_q),
1014 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dh_g),
1015 ST_KAT_PARAM_END()
1016};
1017
1018/* The host's private key */
1019static const ST_KAT_PARAM dh_host_key[] = {
1020 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_pub),
1021 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dh_priv),
1022 ST_KAT_PARAM_END()
1023};
1024
1025/* The peer's public key */
1026static const ST_KAT_PARAM dh_peer_key[] = {
1027 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dh_peer_pub),
1028 ST_KAT_PARAM_END()
1029};
1030#endif /* OPENSSL_NO_DH */
1031
1032
1033#ifndef OPENSSL_NO_EC
1034static const char ecdh_curve_name[] = "prime256v1";
1035static const unsigned char ecdh_privd[] = {
1036 0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1037 0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1038 0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1039 0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1040};
1041static const unsigned char ecdh_pub[] = {
1042 0x04,
1043 0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1044 0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1045 0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1046 0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1047 0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1048 0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1049 0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1050 0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1051};
1052static const unsigned char ecdh_peer_pub[] = {
1053 0x04,
1054 0x1f, 0x72, 0xbd, 0x2a, 0x3e, 0xeb, 0x6c, 0x76,
1055 0xe5, 0x5d, 0x69, 0x75, 0x24, 0xbf, 0x2f, 0x5b,
1056 0x96, 0xb2, 0x91, 0x62, 0x06, 0x35, 0xcc, 0xb2,
1057 0x4b, 0x31, 0x1b, 0x0c, 0x6f, 0x06, 0x9f, 0x86,
1058 0xcf, 0xc8, 0xac, 0xd5, 0x4f, 0x4d, 0x77, 0xf3,
1059 0x70, 0x4a, 0x8f, 0x04, 0x9a, 0xb1, 0x03, 0xc7,
1060 0xeb, 0xd5, 0x94, 0x78, 0x61, 0xab, 0x78, 0x0c,
1061 0x4a, 0x2d, 0x6b, 0xf3, 0x2f, 0x2e, 0x4a, 0xbc
1062};
1063
1064static const ST_KAT_PARAM ecdh_group[] = {
1065 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecdh_curve_name),
1066 ST_KAT_PARAM_END()
1067};
1068static const ST_KAT_PARAM ecdh_host_key[] = {
1069 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_pub),
1070 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecdh_privd),
1071 ST_KAT_PARAM_END()
1072};
1073static const ST_KAT_PARAM ecdh_peer_key[] = {
1074 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecdh_peer_pub),
1075 ST_KAT_PARAM_END()
1076};
1077static const unsigned char ecdh_secret_expected[] = {
1078 0x45, 0x2a, 0x2f, 0x0d, 0x24, 0xe6, 0x8d, 0xd0,
1079 0xda, 0x59, 0x7b, 0x0c, 0xec, 0x9b, 0x4c, 0x38,
1080 0x41, 0xdd, 0xce, 0xb3, 0xcc, 0xf1, 0x90, 0x8e,
1081 0x30, 0xdb, 0x5b, 0x5f, 0x97, 0xea, 0xe0, 0xc2
1082};
1083#endif /* OPENSSL_NO_EC */
1084
1085#if !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC)
1086static const ST_KAT_KAS st_kat_kas_tests[] =
1087{
1088# ifndef OPENSSL_NO_DH
1089 {
1090 OSSL_SELF_TEST_DESC_KA_DH,
1091 "DH",
1092 dh_group,
1093 dh_host_key,
1094 dh_peer_key,
1095 ITM(dh_secret_expected)
1096 },
1097# endif /* OPENSSL_NO_DH */
1098# ifndef OPENSSL_NO_EC
1099 {
1100 OSSL_SELF_TEST_DESC_KA_ECDH,
1101 "EC",
1102 ecdh_group,
1103 ecdh_host_key,
1104 ecdh_peer_key,
1105 ITM(ecdh_secret_expected)
1106 },
1107# endif /* OPENSSL_NO_EC */
1108};
1109#endif /* !defined(OPENSSL_NO_DH) || !defined(OPENSSL_NO_EC) */
1110
1111/* RSA key data */
1112static const unsigned char rsa_n[] = {
1113 0xDB, 0x10, 0x1A, 0xC2, 0xA3, 0xF1, 0xDC, 0xFF,
1114 0x13, 0x6B, 0xED, 0x44, 0xDF, 0xF0, 0x02, 0x6D,
1115 0x13, 0xC7, 0x88, 0xDA, 0x70, 0x6B, 0x54, 0xF1,
1116 0xE8, 0x27, 0xDC, 0xC3, 0x0F, 0x99, 0x6A, 0xFA,
1117 0xC6, 0x67, 0xFF, 0x1D, 0x1E, 0x3C, 0x1D, 0xC1,
1118 0xB5, 0x5F, 0x6C, 0xC0, 0xB2, 0x07, 0x3A, 0x6D,
1119 0x41, 0xE4, 0x25, 0x99, 0xAC, 0xFC, 0xD2, 0x0F,
1120 0x02, 0xD3, 0xD1, 0x54, 0x06, 0x1A, 0x51, 0x77,
1121 0xBD, 0xB6, 0xBF, 0xEA, 0xA7, 0x5C, 0x06, 0xA9,
1122 0x5D, 0x69, 0x84, 0x45, 0xD7, 0xF5, 0x05, 0xBA,
1123 0x47, 0xF0, 0x1B, 0xD7, 0x2B, 0x24, 0xEC, 0xCB,
1124 0x9B, 0x1B, 0x10, 0x8D, 0x81, 0xA0, 0xBE, 0xB1,
1125 0x8C, 0x33, 0xE4, 0x36, 0xB8, 0x43, 0xEB, 0x19,
1126 0x2A, 0x81, 0x8D, 0xDE, 0x81, 0x0A, 0x99, 0x48,
1127 0xB6, 0xF6, 0xBC, 0xCD, 0x49, 0x34, 0x3A, 0x8F,
1128 0x26, 0x94, 0xE3, 0x28, 0x82, 0x1A, 0x7C, 0x8F,
1129 0x59, 0x9F, 0x45, 0xE8, 0x5D, 0x1A, 0x45, 0x76,
1130 0x04, 0x56, 0x05, 0xA1, 0xD0, 0x1B, 0x8C, 0x77,
1131 0x6D, 0xAF, 0x53, 0xFA, 0x71, 0xE2, 0x67, 0xE0,
1132 0x9A, 0xFE, 0x03, 0xA9, 0x85, 0xD2, 0xC9, 0xAA,
1133 0xBA, 0x2A, 0xBC, 0xF4, 0xA0, 0x08, 0xF5, 0x13,
1134 0x98, 0x13, 0x5D, 0xF0, 0xD9, 0x33, 0x34, 0x2A,
1135 0x61, 0xC3, 0x89, 0x55, 0xF0, 0xAE, 0x1A, 0x9C,
1136 0x22, 0xEE, 0x19, 0x05, 0x8D, 0x32, 0xFE, 0xEC,
1137 0x9C, 0x84, 0xBA, 0xB7, 0xF9, 0x6C, 0x3A, 0x4F,
1138 0x07, 0xFC, 0x45, 0xEB, 0x12, 0xE5, 0x7B, 0xFD,
1139 0x55, 0xE6, 0x29, 0x69, 0xD1, 0xC2, 0xE8, 0xB9,
1140 0x78, 0x59, 0xF6, 0x79, 0x10, 0xC6, 0x4E, 0xEB,
1141 0x6A, 0x5E, 0xB9, 0x9A, 0xC7, 0xC4, 0x5B, 0x63,
1142 0xDA, 0xA3, 0x3F, 0x5E, 0x92, 0x7A, 0x81, 0x5E,
1143 0xD6, 0xB0, 0xE2, 0x62, 0x8F, 0x74, 0x26, 0xC2,
1144 0x0C, 0xD3, 0x9A, 0x17, 0x47, 0xE6, 0x8E, 0xAB
1145};
1146static const unsigned char rsa_e[] = { 0x01, 0x00, 0x01 };
1147static const unsigned char rsa_d[] = {
1148 0x52, 0x41, 0xF4, 0xDA, 0x7B, 0xB7, 0x59, 0x55,
1149 0xCA, 0xD4, 0x2F, 0x0F, 0x3A, 0xCB, 0xA4, 0x0D,
1150 0x93, 0x6C, 0xCC, 0x9D, 0xC1, 0xB2, 0xFB, 0xFD,
1151 0xAE, 0x40, 0x31, 0xAC, 0x69, 0x52, 0x21, 0x92,
1152 0xB3, 0x27, 0xDF, 0xEA, 0xEE, 0x2C, 0x82, 0xBB,
1153 0xF7, 0x40, 0x32, 0xD5, 0x14, 0xC4, 0x94, 0x12,
1154 0xEC, 0xB8, 0x1F, 0xCA, 0x59, 0xE3, 0xC1, 0x78,
1155 0xF3, 0x85, 0xD8, 0x47, 0xA5, 0xD7, 0x02, 0x1A,
1156 0x65, 0x79, 0x97, 0x0D, 0x24, 0xF4, 0xF0, 0x67,
1157 0x6E, 0x75, 0x2D, 0xBF, 0x10, 0x3D, 0xA8, 0x7D,
1158 0xEF, 0x7F, 0x60, 0xE4, 0xE6, 0x05, 0x82, 0x89,
1159 0x5D, 0xDF, 0xC6, 0xD2, 0x6C, 0x07, 0x91, 0x33,
1160 0x98, 0x42, 0xF0, 0x02, 0x00, 0x25, 0x38, 0xC5,
1161 0x85, 0x69, 0x8A, 0x7D, 0x2F, 0x95, 0x6C, 0x43,
1162 0x9A, 0xB8, 0x81, 0xE2, 0xD0, 0x07, 0x35, 0xAA,
1163 0x05, 0x41, 0xC9, 0x1E, 0xAF, 0xE4, 0x04, 0x3B,
1164 0x19, 0xB8, 0x73, 0xA2, 0xAC, 0x4B, 0x1E, 0x66,
1165 0x48, 0xD8, 0x72, 0x1F, 0xAC, 0xF6, 0xCB, 0xBC,
1166 0x90, 0x09, 0xCA, 0xEC, 0x0C, 0xDC, 0xF9, 0x2C,
1167 0xD7, 0xEB, 0xAE, 0xA3, 0xA4, 0x47, 0xD7, 0x33,
1168 0x2F, 0x8A, 0xCA, 0xBC, 0x5E, 0xF0, 0x77, 0xE4,
1169 0x97, 0x98, 0x97, 0xC7, 0x10, 0x91, 0x7D, 0x2A,
1170 0xA6, 0xFF, 0x46, 0x83, 0x97, 0xDE, 0xE9, 0xE2,
1171 0x17, 0x03, 0x06, 0x14, 0xE2, 0xD7, 0xB1, 0x1D,
1172 0x77, 0xAF, 0x51, 0x27, 0x5B, 0x5E, 0x69, 0xB8,
1173 0x81, 0xE6, 0x11, 0xC5, 0x43, 0x23, 0x81, 0x04,
1174 0x62, 0xFF, 0xE9, 0x46, 0xB8, 0xD8, 0x44, 0xDB,
1175 0xA5, 0xCC, 0x31, 0x54, 0x34, 0xCE, 0x3E, 0x82,
1176 0xD6, 0xBF, 0x7A, 0x0B, 0x64, 0x21, 0x6D, 0x88,
1177 0x7E, 0x5B, 0x45, 0x12, 0x1E, 0x63, 0x8D, 0x49,
1178 0xA7, 0x1D, 0xD9, 0x1E, 0x06, 0xCD, 0xE8, 0xBA,
1179 0x2C, 0x8C, 0x69, 0x32, 0xEA, 0xBE, 0x60, 0x71
1180};
1181static const unsigned char rsa_p[] = {
1182 0xFA, 0xAC, 0xE1, 0x37, 0x5E, 0x32, 0x11, 0x34,
1183 0xC6, 0x72, 0x58, 0x2D, 0x91, 0x06, 0x3E, 0x77,
1184 0xE7, 0x11, 0x21, 0xCD, 0x4A, 0xF8, 0xA4, 0x3F,
1185 0x0F, 0xEF, 0x31, 0xE3, 0xF3, 0x55, 0xA0, 0xB9,
1186 0xAC, 0xB6, 0xCB, 0xBB, 0x41, 0xD0, 0x32, 0x81,
1187 0x9A, 0x8F, 0x7A, 0x99, 0x30, 0x77, 0x6C, 0x68,
1188 0x27, 0xE2, 0x96, 0xB5, 0x72, 0xC9, 0xC3, 0xD4,
1189 0x42, 0xAA, 0xAA, 0xCA, 0x95, 0x8F, 0xFF, 0xC9,
1190 0x9B, 0x52, 0x34, 0x30, 0x1D, 0xCF, 0xFE, 0xCF,
1191 0x3C, 0x56, 0x68, 0x6E, 0xEF, 0xE7, 0x6C, 0xD7,
1192 0xFB, 0x99, 0xF5, 0x4A, 0xA5, 0x21, 0x1F, 0x2B,
1193 0xEA, 0x93, 0xE8, 0x98, 0x26, 0xC4, 0x6E, 0x42,
1194 0x21, 0x5E, 0xA0, 0xA1, 0x2A, 0x58, 0x35, 0xBB,
1195 0x10, 0xE7, 0xBA, 0x27, 0x0A, 0x3B, 0xB3, 0xAF,
1196 0xE2, 0x75, 0x36, 0x04, 0xAC, 0x56, 0xA0, 0xAB,
1197 0x52, 0xDE, 0xCE, 0xDD, 0x2C, 0x28, 0x77, 0x03
1198};
1199static const unsigned char rsa_q[] = {
1200 0xDF, 0xB7, 0x52, 0xB6, 0xD7, 0xC0, 0xE2, 0x96,
1201 0xE7, 0xC9, 0xFE, 0x5D, 0x71, 0x5A, 0xC4, 0x40,
1202 0x96, 0x2F, 0xE5, 0x87, 0xEA, 0xF3, 0xA5, 0x77,
1203 0x11, 0x67, 0x3C, 0x8D, 0x56, 0x08, 0xA7, 0xB5,
1204 0x67, 0xFA, 0x37, 0xA8, 0xB8, 0xCF, 0x61, 0xE8,
1205 0x63, 0xD8, 0x38, 0x06, 0x21, 0x2B, 0x92, 0x09,
1206 0xA6, 0x39, 0x3A, 0xEA, 0xA8, 0xB4, 0x45, 0x4B,
1207 0x36, 0x10, 0x4C, 0xE4, 0x00, 0x66, 0x71, 0x65,
1208 0xF8, 0x0B, 0x94, 0x59, 0x4F, 0x8C, 0xFD, 0xD5,
1209 0x34, 0xA2, 0xE7, 0x62, 0x84, 0x0A, 0xA7, 0xBB,
1210 0xDB, 0xD9, 0x8A, 0xCD, 0x05, 0xE1, 0xCC, 0x57,
1211 0x7B, 0xF1, 0xF1, 0x1F, 0x11, 0x9D, 0xBA, 0x3E,
1212 0x45, 0x18, 0x99, 0x1B, 0x41, 0x64, 0x43, 0xEE,
1213 0x97, 0x5D, 0x77, 0x13, 0x5B, 0x74, 0x69, 0x73,
1214 0x87, 0x95, 0x05, 0x07, 0xBE, 0x45, 0x07, 0x17,
1215 0x7E, 0x4A, 0x69, 0x22, 0xF3, 0xDB, 0x05, 0x39
1216};
1217static const unsigned char rsa_dp[] = {
1218 0x5E, 0xD8, 0xDC, 0xDA, 0x53, 0x44, 0xC4, 0x67,
1219 0xE0, 0x92, 0x51, 0x34, 0xE4, 0x83, 0xA5, 0x4D,
1220 0x3E, 0xDB, 0xA7, 0x9B, 0x82, 0xBB, 0x73, 0x81,
1221 0xFC, 0xE8, 0x77, 0x4B, 0x15, 0xBE, 0x17, 0x73,
1222 0x49, 0x9B, 0x5C, 0x98, 0xBC, 0xBD, 0x26, 0xEF,
1223 0x0C, 0xE9, 0x2E, 0xED, 0x19, 0x7E, 0x86, 0x41,
1224 0x1E, 0x9E, 0x48, 0x81, 0xDD, 0x2D, 0xE4, 0x6F,
1225 0xC2, 0xCD, 0xCA, 0x93, 0x9E, 0x65, 0x7E, 0xD5,
1226 0xEC, 0x73, 0xFD, 0x15, 0x1B, 0xA2, 0xA0, 0x7A,
1227 0x0F, 0x0D, 0x6E, 0xB4, 0x53, 0x07, 0x90, 0x92,
1228 0x64, 0x3B, 0x8B, 0xA9, 0x33, 0xB3, 0xC5, 0x94,
1229 0x9B, 0x4C, 0x5D, 0x9C, 0x7C, 0x46, 0xA4, 0xA5,
1230 0x56, 0xF4, 0xF3, 0xF8, 0x27, 0x0A, 0x7B, 0x42,
1231 0x0D, 0x92, 0x70, 0x47, 0xE7, 0x42, 0x51, 0xA9,
1232 0xC2, 0x18, 0xB1, 0x58, 0xB1, 0x50, 0x91, 0xB8,
1233 0x61, 0x41, 0xB6, 0xA9, 0xCE, 0xD4, 0x7C, 0xBB
1234};
1235static const unsigned char rsa_dq[] = {
1236 0x54, 0x09, 0x1F, 0x0F, 0x03, 0xD8, 0xB6, 0xC5,
1237 0x0C, 0xE8, 0xB9, 0x9E, 0x0C, 0x38, 0x96, 0x43,
1238 0xD4, 0xA6, 0xC5, 0x47, 0xDB, 0x20, 0x0E, 0xE5,
1239 0xBD, 0x29, 0xD4, 0x7B, 0x1A, 0xF8, 0x41, 0x57,
1240 0x49, 0x69, 0x9A, 0x82, 0xCC, 0x79, 0x4A, 0x43,
1241 0xEB, 0x4D, 0x8B, 0x2D, 0xF2, 0x43, 0xD5, 0xA5,
1242 0xBE, 0x44, 0xFD, 0x36, 0xAC, 0x8C, 0x9B, 0x02,
1243 0xF7, 0x9A, 0x03, 0xE8, 0x19, 0xA6, 0x61, 0xAE,
1244 0x76, 0x10, 0x93, 0x77, 0x41, 0x04, 0xAB, 0x4C,
1245 0xED, 0x6A, 0xCC, 0x14, 0x1B, 0x99, 0x8D, 0x0C,
1246 0x6A, 0x37, 0x3B, 0x86, 0x6C, 0x51, 0x37, 0x5B,
1247 0x1D, 0x79, 0xF2, 0xA3, 0x43, 0x10, 0xC6, 0xA7,
1248 0x21, 0x79, 0x6D, 0xF9, 0xE9, 0x04, 0x6A, 0xE8,
1249 0x32, 0xFF, 0xAE, 0xFD, 0x1C, 0x7B, 0x8C, 0x29,
1250 0x13, 0xA3, 0x0C, 0xB2, 0xAD, 0xEC, 0x6C, 0x0F,
1251 0x8D, 0x27, 0x12, 0x7B, 0x48, 0xB2, 0xDB, 0x31
1252};
1253static const unsigned char rsa_qInv[] = {
1254 0x8D, 0x1B, 0x05, 0xCA, 0x24, 0x1F, 0x0C, 0x53,
1255 0x19, 0x52, 0x74, 0x63, 0x21, 0xFA, 0x78, 0x46,
1256 0x79, 0xAF, 0x5C, 0xDE, 0x30, 0xA4, 0x6C, 0x20,
1257 0x38, 0xE6, 0x97, 0x39, 0xB8, 0x7A, 0x70, 0x0D,
1258 0x8B, 0x6C, 0x6D, 0x13, 0x74, 0xD5, 0x1C, 0xDE,
1259 0xA9, 0xF4, 0x60, 0x37, 0xFE, 0x68, 0x77, 0x5E,
1260 0x0B, 0x4E, 0x5E, 0x03, 0x31, 0x30, 0xDF, 0xD6,
1261 0xAE, 0x85, 0xD0, 0x81, 0xBB, 0x61, 0xC7, 0xB1,
1262 0x04, 0x5A, 0xC4, 0x6D, 0x56, 0x1C, 0xD9, 0x64,
1263 0xE7, 0x85, 0x7F, 0x88, 0x91, 0xC9, 0x60, 0x28,
1264 0x05, 0xE2, 0xC6, 0x24, 0x8F, 0xDD, 0x61, 0x64,
1265 0xD8, 0x09, 0xDE, 0x7E, 0xD3, 0x4A, 0x61, 0x1A,
1266 0xD3, 0x73, 0x58, 0x4B, 0xD8, 0xA0, 0x54, 0x25,
1267 0x48, 0x83, 0x6F, 0x82, 0x6C, 0xAF, 0x36, 0x51,
1268 0x2A, 0x5D, 0x14, 0x2F, 0x41, 0x25, 0x00, 0xDD,
1269 0xF8, 0xF3, 0x95, 0xFE, 0x31, 0x25, 0x50, 0x12
1270};
1271
1272static const ST_KAT_PARAM rsa_crt_key[] = {
1273 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1274 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1275 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1276 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR1, rsa_p),
1277 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_FACTOR2, rsa_q),
1278 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT1, rsa_dp),
1279 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_EXPONENT2, rsa_dq),
1280 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, rsa_qInv),
1281 ST_KAT_PARAM_END()
1282};
1283
1284static const ST_KAT_PARAM rsa_pub_key[] = {
1285 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1286 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1287 ST_KAT_PARAM_END()
1288};
1289
1290static const ST_KAT_PARAM rsa_priv_key[] = {
1291 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_N, rsa_n),
1292 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_E, rsa_e),
1293 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_RSA_D, rsa_d),
1294 ST_KAT_PARAM_END()
1295};
1296
1297/*-
1298 * Using OSSL_PKEY_RSA_PAD_MODE_NONE directly in the expansion of the
1299 * ST_KAT_PARAM_UTF8STRING macro below causes a failure on ancient
1300 * HP/UX PA-RISC compilers.
1301 */
1302static const char pad_mode_none[] = OSSL_PKEY_RSA_PAD_MODE_NONE;
1303
1304static const ST_KAT_PARAM rsa_enc_params[] = {
1305 ST_KAT_PARAM_UTF8STRING(OSSL_ASYM_CIPHER_PARAM_PAD_MODE, pad_mode_none),
1306 ST_KAT_PARAM_END()
1307};
1308
1309static const unsigned char rsa_expected_sig[256] = {
1310 0xad, 0xbe, 0x2a, 0xaf, 0x16, 0x85, 0xc5, 0x00,
1311 0x91, 0x3e, 0xd0, 0x49, 0xfb, 0x3a, 0x81, 0xb9,
1312 0x6c, 0x28, 0xbc, 0xbf, 0xea, 0x96, 0x5f, 0xe4,
1313 0x9f, 0x99, 0xf7, 0x18, 0x8c, 0xec, 0x60, 0x28,
1314 0xeb, 0x29, 0x02, 0x49, 0xfc, 0xda, 0xd7, 0x78,
1315 0x68, 0xf8, 0xe1, 0xe9, 0x4d, 0x20, 0x6d, 0x32,
1316 0xa6, 0xde, 0xfc, 0xe4, 0xda, 0xcc, 0x6c, 0x75,
1317 0x36, 0x6b, 0xff, 0x5a, 0xac, 0x01, 0xa8, 0xc2,
1318 0xa9, 0xe6, 0x8b, 0x18, 0x3e, 0xec, 0xea, 0x4c,
1319 0x4a, 0x9e, 0x00, 0x09, 0xd1, 0x8a, 0x69, 0x1b,
1320 0x8b, 0xd9, 0xad, 0x37, 0xe5, 0x7c, 0xff, 0x7d,
1321 0x59, 0x56, 0x3e, 0xa0, 0xc6, 0x32, 0xd8, 0x35,
1322 0x2f, 0xff, 0xfb, 0x05, 0x02, 0xcd, 0xd7, 0x19,
1323 0xb9, 0x00, 0x86, 0x2a, 0xcf, 0xaa, 0x78, 0x16,
1324 0x4b, 0xf1, 0xa7, 0x59, 0xef, 0x7d, 0xe8, 0x74,
1325 0x23, 0x5c, 0xb2, 0xd4, 0x8a, 0x99, 0xa5, 0xbc,
1326 0xfa, 0x63, 0xd8, 0xf7, 0xbd, 0xc6, 0x00, 0x13,
1327 0x06, 0x02, 0x9a, 0xd4, 0xa7, 0xb4, 0x3d, 0x61,
1328 0xab, 0xf1, 0xc2, 0x95, 0x59, 0x9b, 0x3d, 0x67,
1329 0x1f, 0xde, 0x57, 0xb6, 0xb6, 0x9f, 0xb0, 0x87,
1330 0xd6, 0x51, 0xd5, 0x3e, 0x00, 0xe2, 0xc9, 0xa0,
1331 0x03, 0x66, 0xbc, 0x01, 0xb3, 0x8e, 0xfa, 0xf1,
1332 0x15, 0xeb, 0x26, 0xf1, 0x5d, 0x81, 0x90, 0xb4,
1333 0x1c, 0x00, 0x7c, 0x83, 0x4a, 0xa5, 0xde, 0x64,
1334 0xae, 0xea, 0x6c, 0x43, 0xc3, 0x20, 0x77, 0x77,
1335 0x42, 0x12, 0x24, 0xf5, 0xe3, 0x70, 0xdd, 0x59,
1336 0x48, 0x9c, 0xef, 0xd4, 0x8a, 0x3c, 0x29, 0x6a,
1337 0x0c, 0x9c, 0xf2, 0x13, 0xa4, 0x1c, 0x2f, 0x49,
1338 0xcd, 0xb4, 0xaa, 0x28, 0x40, 0x34, 0xc6, 0x75,
1339 0xba, 0x30, 0xe6, 0xd8, 0x5b, 0x2f, 0x08, 0xd0,
1340 0x29, 0xa5, 0x39, 0xfb, 0x6e, 0x3b, 0x0f, 0x52,
1341 0x2c, 0x68, 0xf0, 0x37, 0xa9, 0xd2, 0x56, 0xd6
1342};
1343
1344static const unsigned char rsa_asym_plaintext_encrypt[256] = {
1345 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
1346 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
1347};
1348static const unsigned char rsa_asym_expected_encrypt[256] = {
1349 0x54, 0xac, 0x23, 0x96, 0x1d, 0x82, 0x5d, 0x8b,
1350 0x8f, 0x36, 0x33, 0xd0, 0xf4, 0x02, 0xa2, 0x61,
1351 0xb1, 0x13, 0xd4, 0x4a, 0x46, 0x06, 0x37, 0x3c,
1352 0xbf, 0x40, 0x05, 0x3c, 0xc6, 0x3b, 0x64, 0xdc,
1353 0x22, 0x22, 0xaf, 0x36, 0x79, 0x62, 0x45, 0xf0,
1354 0x97, 0x82, 0x22, 0x44, 0x86, 0x4a, 0x7c, 0xfa,
1355 0xac, 0x03, 0x21, 0x84, 0x3f, 0x31, 0xad, 0x2a,
1356 0xa4, 0x6e, 0x7a, 0xc5, 0x93, 0xf3, 0x0f, 0xfc,
1357 0xf1, 0x62, 0xce, 0x82, 0x12, 0x45, 0xc9, 0x35,
1358 0xb0, 0x7a, 0xcd, 0x99, 0x8c, 0x91, 0x6b, 0x5a,
1359 0xd3, 0x46, 0xdb, 0xf9, 0x9e, 0x52, 0x49, 0xbd,
1360 0x1e, 0xe8, 0xda, 0xac, 0x61, 0x47, 0xc2, 0xda,
1361 0xfc, 0x1e, 0xfb, 0x74, 0xd7, 0xd6, 0xc1, 0x18,
1362 0x86, 0x3e, 0x20, 0x9c, 0x7a, 0xe1, 0x04, 0xb7,
1363 0x38, 0x43, 0xb1, 0x4e, 0xa0, 0xd8, 0xc1, 0x39,
1364 0x4d, 0xe1, 0xd3, 0xb0, 0xb3, 0xf1, 0x82, 0x87,
1365 0x1f, 0x74, 0xb5, 0x69, 0xfd, 0x33, 0xd6, 0x21,
1366 0x7c, 0x61, 0x60, 0x28, 0xca, 0x70, 0xdb, 0xa0,
1367 0xbb, 0xc8, 0x73, 0xa9, 0x82, 0xf8, 0x6b, 0xd8,
1368 0xf0, 0xc9, 0x7b, 0x20, 0xdf, 0x9d, 0xfb, 0x8c,
1369 0xd4, 0xa2, 0x89, 0xe1, 0x9b, 0x04, 0xad, 0xaa,
1370 0x11, 0x6c, 0x8f, 0xce, 0x83, 0x29, 0x56, 0x69,
1371 0xbb, 0x00, 0x3b, 0xef, 0xca, 0x2d, 0xcd, 0x52,
1372 0xc8, 0xf1, 0xb3, 0x9b, 0xb4, 0x4f, 0x6d, 0x9c,
1373 0x3d, 0x69, 0xcc, 0x6d, 0x1f, 0x38, 0x4d, 0xe6,
1374 0xbb, 0x0c, 0x87, 0xdc, 0x5f, 0xa9, 0x24, 0x93,
1375 0x03, 0x46, 0xa2, 0x33, 0x6c, 0xf4, 0xd8, 0x5d,
1376 0x68, 0xf3, 0xd3, 0xe0, 0xf2, 0x30, 0xdb, 0xf5,
1377 0x4f, 0x0f, 0xad, 0xc7, 0xd0, 0xaa, 0x47, 0xd9,
1378 0x9f, 0x85, 0x1b, 0x2e, 0x6c, 0x3c, 0x57, 0x04,
1379 0x29, 0xf4, 0xf5, 0x66, 0x7d, 0x93, 0x4a, 0xaa,
1380 0x05, 0x52, 0x55, 0xc1, 0xc6, 0x06, 0x90, 0xab,
1381};
1382
1383#ifndef OPENSSL_NO_EC
1384/* ECDSA key data */
1385static const char ecd_prime_curve_name[] = "secp224r1";
1386static const unsigned char ecd_prime_priv[] = {
1387 0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
1388 0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
1389 0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
1390 0x80, 0x93, 0x50, 0x30
1391};
1392static const unsigned char ecd_prime_pub[] = {
1393 0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
1394 0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
1395 0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
1396 0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
1397 0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
1398 0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
1399 0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
1400 0x82
1401};
1402static const unsigned char ecdsa_prime_expected_sig[] = {
1403 0x30, 0x3d, 0x02, 0x1d, 0x00, 0xd2, 0x4a, 0xc9,
1404 0x4f, 0xaf, 0xdb, 0x62, 0xfc, 0x41, 0x4a, 0x81,
1405 0x2a, 0x9f, 0xcf, 0xa3, 0xda, 0xfe, 0xa3, 0x49,
1406 0xbd, 0xea, 0xbf, 0x2a, 0x51, 0xb4, 0x0b, 0xc3,
1407 0xbc, 0x02, 0x1c, 0x7f, 0x30, 0xb7, 0xad, 0xab,
1408 0x09, 0x6e, 0x3c, 0xad, 0x7f, 0xf9, 0x5e, 0xaa,
1409 0xe2, 0x38, 0xe5, 0x29, 0x16, 0xc4, 0xc8, 0x77,
1410 0xa1, 0xf8, 0x60, 0x77, 0x39, 0x7a, 0xec
1411};
1412static const ST_KAT_PARAM ecdsa_prime_key[] = {
1413 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_prime_curve_name),
1414 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_prime_pub),
1415 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_prime_priv),
1416 ST_KAT_PARAM_END()
1417};
1418
1419# ifndef OPENSSL_NO_EC2M
1420static const char ecd_bin_curve_name[] = "sect233r1";
1421static const unsigned char ecd_bin_priv[] = {
1422 0x00, 0x6d, 0xd6, 0x39, 0x9d, 0x2a, 0xa2, 0xc8,
1423 0x8c, 0xfc, 0x7b, 0x80, 0x66, 0xaa, 0xe1, 0xaa,
1424 0xba, 0xee, 0xcb, 0xfd, 0xc9, 0xe5, 0x36, 0x38,
1425 0x2e, 0xf7, 0x37, 0x6d, 0xd3, 0x20
1426};
1427static const unsigned char ecd_bin_pub[] = {
1428 0x04, 0x00, 0x06, 0xe2, 0x56, 0xf7, 0x37, 0xf9,
1429 0xea, 0xb6, 0xd1, 0x0f, 0x59, 0xfa, 0x23, 0xc3,
1430 0x93, 0xa8, 0xb2, 0x26, 0xe2, 0x5c, 0x08, 0xbe,
1431 0x63, 0x49, 0x26, 0xdc, 0xc7, 0x1e, 0x6f, 0x01,
1432 0x32, 0x3b, 0xe6, 0x54, 0x8d, 0xc1, 0x13, 0x3e,
1433 0x54, 0xb2, 0x66, 0x89, 0xb2, 0x82, 0x0a, 0x72,
1434 0x02, 0xa8, 0xe9, 0x6f, 0x54, 0xfd, 0x3a, 0x6b,
1435 0x99, 0xb6, 0x8f, 0x80, 0x46
1436};
1437static const unsigned char ecdsa_bin_expected_sig[] = {
1438 0x30, 0x3f, 0x02, 0x1d, 0x08, 0x11, 0x7c, 0xcd,
1439 0xf4, 0xa1, 0x31, 0x9a, 0xc1, 0xfd, 0x50, 0x0e,
1440 0x5d, 0xa9, 0xb6, 0x0e, 0x95, 0x49, 0xe1, 0xbd,
1441 0x44, 0xe3, 0x5b, 0xa9, 0x35, 0x94, 0xa5, 0x2f,
1442 0xae, 0x02, 0x1e, 0x00, 0xe3, 0xba, 0xb8, 0x8f,
1443 0x4b, 0x05, 0x76, 0x88, 0x1e, 0x49, 0xd6, 0x62,
1444 0x76, 0xd3, 0x22, 0x4d, 0xa3, 0x7b, 0x04, 0xcc,
1445 0xfa, 0x7b, 0x41, 0x9b, 0x8c, 0xaf, 0x1b, 0x6d,
1446 0xbd
1447};
1448static const ST_KAT_PARAM ecdsa_bin_key[] = {
1449 ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_bin_curve_name),
1450 ST_KAT_PARAM_OCTET(OSSL_PKEY_PARAM_PUB_KEY, ecd_bin_pub),
1451 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, ecd_bin_priv),
1452 ST_KAT_PARAM_END()
1453};
1454# endif /* OPENSSL_NO_EC2M */
1455#endif /* OPENSSL_NO_EC */
1456
1457#ifndef OPENSSL_NO_DSA
1458/* dsa 2048 */
1459static const unsigned char dsa_p[] = {
1460 0xa2, 0x9b, 0x88, 0x72, 0xce, 0x8b, 0x84, 0x23,
1461 0xb7, 0xd5, 0xd2, 0x1d, 0x4b, 0x02, 0xf5, 0x7e,
1462 0x03, 0xe9, 0xe6, 0xb8, 0xa2, 0x58, 0xdc, 0x16,
1463 0x61, 0x1b, 0xa0, 0x98, 0xab, 0x54, 0x34, 0x15,
1464 0xe4, 0x15, 0xf1, 0x56, 0x99, 0x7a, 0x3e, 0xe2,
1465 0x36, 0x65, 0x8f, 0xa0, 0x93, 0x26, 0x0d, 0xe3,
1466 0xad, 0x42, 0x2e, 0x05, 0xe0, 0x46, 0xf9, 0xec,
1467 0x29, 0x16, 0x1a, 0x37, 0x5f, 0x0e, 0xb4, 0xef,
1468 0xfc, 0xef, 0x58, 0x28, 0x5c, 0x5d, 0x39, 0xed,
1469 0x42, 0x5d, 0x7a, 0x62, 0xca, 0x12, 0x89, 0x6c,
1470 0x4a, 0x92, 0xcb, 0x19, 0x46, 0xf2, 0x95, 0x2a,
1471 0x48, 0x13, 0x3f, 0x07, 0xda, 0x36, 0x4d, 0x1b,
1472 0xdf, 0x6b, 0x0f, 0x71, 0x39, 0x98, 0x3e, 0x69,
1473 0x3c, 0x80, 0x05, 0x9b, 0x0e, 0xac, 0xd1, 0x47,
1474 0x9b, 0xa9, 0xf2, 0x85, 0x77, 0x54, 0xed, 0xe7,
1475 0x5f, 0x11, 0x2b, 0x07, 0xeb, 0xbf, 0x35, 0x34,
1476 0x8b, 0xbf, 0x3e, 0x01, 0xe0, 0x2f, 0x2d, 0x47,
1477 0x3d, 0xe3, 0x94, 0x53, 0xf9, 0x9d, 0xd2, 0x36,
1478 0x75, 0x41, 0xca, 0xca, 0x3b, 0xa0, 0x11, 0x66,
1479 0x34, 0x3d, 0x7b, 0x5b, 0x58, 0xa3, 0x7b, 0xd1,
1480 0xb7, 0x52, 0x1d, 0xb2, 0xf1, 0x3b, 0x86, 0x70,
1481 0x71, 0x32, 0xfe, 0x09, 0xf4, 0xcd, 0x09, 0xdc,
1482 0x16, 0x18, 0xfa, 0x34, 0x01, 0xeb, 0xf9, 0xcc,
1483 0x7b, 0x19, 0xfa, 0x94, 0xaa, 0x47, 0x20, 0x88,
1484 0x13, 0x3d, 0x6c, 0xb2, 0xd3, 0x5c, 0x11, 0x79,
1485 0xc8, 0xc8, 0xff, 0x36, 0x87, 0x58, 0xd5, 0x07,
1486 0xd9, 0xf9, 0xa1, 0x7d, 0x46, 0xc1, 0x10, 0xfe,
1487 0x31, 0x44, 0xce, 0x9b, 0x02, 0x2b, 0x42, 0xe4,
1488 0x19, 0xeb, 0x4f, 0x53, 0x88, 0x61, 0x3b, 0xfc,
1489 0x3e, 0x26, 0x24, 0x1a, 0x43, 0x2e, 0x87, 0x06,
1490 0xbc, 0x58, 0xef, 0x76, 0x11, 0x72, 0x78, 0xde,
1491 0xab, 0x6c, 0xf6, 0x92, 0x61, 0x82, 0x91, 0xb7
1492};
1493static const unsigned char dsa_q[] = {
1494 0xa3, 0xbf, 0xd9, 0xab, 0x78, 0x84, 0x79, 0x4e,
1495 0x38, 0x34, 0x50, 0xd5, 0x89, 0x1d, 0xc1, 0x8b,
1496 0x65, 0x15, 0x7b, 0xdc, 0xfc, 0xda, 0xc5, 0x15,
1497 0x18, 0x90, 0x28, 0x67
1498};
1499static const unsigned char dsa_g[] = {
1500 0x68, 0x19, 0x27, 0x88, 0x69, 0xc7, 0xfd, 0x3d,
1501 0x2d, 0x7b, 0x77, 0xf7, 0x7e, 0x81, 0x50, 0xd9,
1502 0xad, 0x43, 0x3b, 0xea, 0x3b, 0xa8, 0x5e, 0xfc,
1503 0x80, 0x41, 0x5a, 0xa3, 0x54, 0x5f, 0x78, 0xf7,
1504 0x22, 0x96, 0xf0, 0x6c, 0xb1, 0x9c, 0xed, 0xa0,
1505 0x6c, 0x94, 0xb0, 0x55, 0x1c, 0xfe, 0x6e, 0x6f,
1506 0x86, 0x3e, 0x31, 0xd1, 0xde, 0x6e, 0xed, 0x7d,
1507 0xab, 0x8b, 0x0c, 0x9d, 0xf2, 0x31, 0xe0, 0x84,
1508 0x34, 0xd1, 0x18, 0x4f, 0x91, 0xd0, 0x33, 0x69,
1509 0x6b, 0xb3, 0x82, 0xf8, 0x45, 0x5e, 0x98, 0x88,
1510 0xf5, 0xd3, 0x1d, 0x47, 0x84, 0xec, 0x40, 0x12,
1511 0x02, 0x46, 0xf4, 0xbe, 0xa6, 0x17, 0x94, 0xbb,
1512 0xa5, 0x86, 0x6f, 0x09, 0x74, 0x64, 0x63, 0xbd,
1513 0xf8, 0xe9, 0xe1, 0x08, 0xcd, 0x95, 0x29, 0xc3,
1514 0xd0, 0xf6, 0xdf, 0x80, 0x31, 0x6e, 0x2e, 0x70,
1515 0xaa, 0xeb, 0x1b, 0x26, 0xcd, 0xb8, 0xad, 0x97,
1516 0xbc, 0x3d, 0x28, 0x7e, 0x0b, 0x8d, 0x61, 0x6c,
1517 0x42, 0xe6, 0x5b, 0x87, 0xdb, 0x20, 0xde, 0xb7,
1518 0x00, 0x5b, 0xc4, 0x16, 0x74, 0x7a, 0x64, 0x70,
1519 0x14, 0x7a, 0x68, 0xa7, 0x82, 0x03, 0x88, 0xeb,
1520 0xf4, 0x4d, 0x52, 0xe0, 0x62, 0x8a, 0xf9, 0xcf,
1521 0x1b, 0x71, 0x66, 0xd0, 0x34, 0x65, 0xf3, 0x5a,
1522 0xcc, 0x31, 0xb6, 0x11, 0x0c, 0x43, 0xda, 0xbc,
1523 0x7c, 0x5d, 0x59, 0x1e, 0x67, 0x1e, 0xaf, 0x7c,
1524 0x25, 0x2c, 0x1c, 0x14, 0x53, 0x36, 0xa1, 0xa4,
1525 0xdd, 0xf1, 0x32, 0x44, 0xd5, 0x5e, 0x83, 0x56,
1526 0x80, 0xca, 0xb2, 0x53, 0x3b, 0x82, 0xdf, 0x2e,
1527 0xfe, 0x55, 0xec, 0x18, 0xc1, 0xe6, 0xcd, 0x00,
1528 0x7b, 0xb0, 0x89, 0x75, 0x8b, 0xb1, 0x7c, 0x2c,
1529 0xbe, 0x14, 0x44, 0x1b, 0xd0, 0x93, 0xae, 0x66,
1530 0xe5, 0x97, 0x6d, 0x53, 0x73, 0x3f, 0x4f, 0xa3,
1531 0x26, 0x97, 0x01, 0xd3, 0x1d, 0x23, 0xd4, 0x67
1532};
1533static const unsigned char dsa_pub[] = {
1534 0xa0, 0x12, 0xb3, 0xb1, 0x70, 0xb3, 0x07, 0x22,
1535 0x79, 0x57, 0xb7, 0xca, 0x20, 0x61, 0xa8, 0x16,
1536 0xac, 0x7a, 0x2b, 0x3d, 0x9a, 0xe9, 0x95, 0xa5,
1537 0x11, 0x9c, 0x38, 0x5b, 0x60, 0x3b, 0xf6, 0xf6,
1538 0xc5, 0xde, 0x4d, 0xc5, 0xec, 0xb5, 0xdf, 0xa4,
1539 0xa4, 0x1c, 0x68, 0x66, 0x2e, 0xb2, 0x5b, 0x63,
1540 0x8b, 0x7e, 0x26, 0x20, 0xba, 0x89, 0x8d, 0x07,
1541 0xda, 0x6c, 0x49, 0x91, 0xe7, 0x6c, 0xc0, 0xec,
1542 0xd1, 0xad, 0x34, 0x21, 0x07, 0x70, 0x67, 0xe4,
1543 0x7c, 0x18, 0xf5, 0x8a, 0x92, 0xa7, 0x2a, 0xd4,
1544 0x31, 0x99, 0xec, 0xb7, 0xbd, 0x84, 0xe7, 0xd3,
1545 0xaf, 0xb9, 0x01, 0x9f, 0x0e, 0x9d, 0xd0, 0xfb,
1546 0xaa, 0x48, 0x73, 0x00, 0xb1, 0x30, 0x81, 0xe3,
1547 0x3c, 0x90, 0x28, 0x76, 0x43, 0x6f, 0x7b, 0x03,
1548 0xc3, 0x45, 0x52, 0x84, 0x81, 0xd3, 0x62, 0x81,
1549 0x5e, 0x24, 0xfe, 0x59, 0xda, 0xc5, 0xac, 0x34,
1550 0x66, 0x0d, 0x4c, 0x8a, 0x76, 0xcb, 0x99, 0xa7,
1551 0xc7, 0xde, 0x93, 0xeb, 0x95, 0x6c, 0xd6, 0xbc,
1552 0x88, 0xe5, 0x8d, 0x90, 0x10, 0x34, 0x94, 0x4a,
1553 0x09, 0x4b, 0x01, 0x80, 0x3a, 0x43, 0xc6, 0x72,
1554 0xb9, 0x68, 0x8c, 0x0e, 0x01, 0xd8, 0xf4, 0xfc,
1555 0x91, 0xc6, 0x2a, 0x3f, 0x88, 0x02, 0x1f, 0x7b,
1556 0xd6, 0xa6, 0x51, 0xb1, 0xa8, 0x8f, 0x43, 0xaa,
1557 0x4e, 0xf2, 0x76, 0x53, 0xd1, 0x2b, 0xf8, 0xb7,
1558 0x09, 0x9f, 0xdf, 0x6b, 0x46, 0x10, 0x82, 0xf8,
1559 0xe9, 0x39, 0x10, 0x7b, 0xfd, 0x2f, 0x72, 0x10,
1560 0x08, 0x7d, 0x32, 0x6c, 0x37, 0x52, 0x00, 0xf1,
1561 0xf5, 0x1e, 0x7e, 0x74, 0xa3, 0x41, 0x31, 0x90,
1562 0x1b, 0xcd, 0x08, 0x63, 0x52, 0x1f, 0xf8, 0xd6,
1563 0x76, 0xc4, 0x85, 0x81, 0x86, 0x87, 0x36, 0xc5,
1564 0xe5, 0x1b, 0x16, 0xa4, 0xe3, 0x92, 0x15, 0xea,
1565 0x0b, 0x17, 0xc4, 0x73, 0x59, 0x74, 0xc5, 0x16
1566};
1567static const unsigned char dsa_priv[] = {
1568 0x6c, 0xca, 0xee, 0xf6, 0xd7, 0x3b, 0x4e, 0x80,
1569 0xf1, 0x1c, 0x17, 0xb8, 0xe9, 0x62, 0x7c, 0x03,
1570 0x66, 0x35, 0xba, 0xc3, 0x94, 0x23, 0x50, 0x5e,
1571 0x40, 0x7e, 0x5c, 0xb7
1572};
1573static const unsigned char dsa_expected_sig[] = {
1574 0x30, 0x3c, 0x02, 0x1c, 0x70, 0xa4, 0x77, 0xb6,
1575 0x02, 0xb5, 0xd3, 0x07, 0x21, 0x22, 0x2d, 0xe3,
1576 0x4f, 0x7d, 0xfd, 0xfd, 0x6b, 0x4f, 0x03, 0x27,
1577 0x4c, 0xd3, 0xb2, 0x8c, 0x7c, 0xc5, 0xc4, 0xdf,
1578 0x02, 0x1c, 0x11, 0x52, 0x65, 0x16, 0x9f, 0xbd,
1579 0x4c, 0xe5, 0xab, 0xb2, 0x01, 0xd0, 0x7a, 0x30,
1580 0x5c, 0xc5, 0xba, 0x22, 0xc6, 0x62, 0x7e, 0xa6,
1581 0x7d, 0x98, 0x96, 0xc9, 0x77, 0x00
1582};
1583
1584static const ST_KAT_PARAM dsa_key[] = {
1585 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_P, dsa_p),
1586 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_Q, dsa_q),
1587 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_FFC_G, dsa_g),
1588 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PUB_KEY, dsa_pub),
1589 ST_KAT_PARAM_BIGNUM(OSSL_PKEY_PARAM_PRIV_KEY, dsa_priv),
1590 ST_KAT_PARAM_END()
1591};
1592#endif /* OPENSSL_NO_DSA */
1593
1594/* Hash DRBG inputs for signature KATs */
1595static const unsigned char sig_kat_entropyin[] = {
1596 0x06, 0x6d, 0xc8, 0xce, 0x75, 0xb2, 0x89, 0x66, 0xa6, 0x85, 0x16, 0x3f,
1597 0xe2, 0xa4, 0xd4, 0x27, 0xfb, 0xdb, 0x61, 0x66, 0x50, 0x61, 0x6b, 0xa2,
1598 0x82, 0xfc, 0x33, 0x2b, 0x4e, 0x6f, 0x12, 0x20
1599};
1600static const unsigned char sig_kat_nonce[] = {
1601 0x55, 0x9f, 0x7c, 0x64, 0x89, 0x70, 0x83, 0xec, 0x2d, 0x73, 0x70, 0xd9,
1602 0xf0, 0xe5, 0x07, 0x1f
1603};
1604static const unsigned char sig_kat_persstr[] = {
1605 0x88, 0x6f, 0x54, 0x9a, 0xad, 0x1a, 0xc6, 0x3d, 0x18, 0xcb, 0xcc, 0x66,
1606 0x85, 0xda, 0xa2, 0xc2, 0xf7, 0x9e, 0xb0, 0x89, 0x4c, 0xb4, 0xae, 0xf1,
1607 0xac, 0x54, 0x4f, 0xce, 0x57, 0xf1, 0x5e, 0x11
1608};
1609
1610static const ST_KAT_SIGN st_kat_sign_tests[] = {
1611 {
1612 OSSL_SELF_TEST_DESC_SIGN_RSA,
1613 "RSA",
1614 "SHA-256",
1615 rsa_crt_key,
1616 ITM(sig_kat_entropyin),
1617 ITM(sig_kat_nonce),
1618 ITM(sig_kat_persstr),
1619 ITM(rsa_expected_sig)
1620 },
1621#ifndef OPENSSL_NO_EC
1622 {
1623 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1624 "EC",
1625 "SHA-256",
1626 ecdsa_prime_key,
1627 ITM(sig_kat_entropyin),
1628 ITM(sig_kat_nonce),
1629 ITM(sig_kat_persstr),
1630 ITM(ecdsa_prime_expected_sig)
1631 },
1632# ifndef OPENSSL_NO_EC2M
1633 {
1634 OSSL_SELF_TEST_DESC_SIGN_ECDSA,
1635 "EC",
1636 "SHA-256",
1637 ecdsa_bin_key,
1638 ITM(sig_kat_entropyin),
1639 ITM(sig_kat_nonce),
1640 ITM(sig_kat_persstr),
1641 ITM(ecdsa_bin_expected_sig)
1642 },
1643# endif
1644#endif /* OPENSSL_NO_EC */
1645#ifndef OPENSSL_NO_DSA
1646 {
1647 OSSL_SELF_TEST_DESC_SIGN_DSA,
1648 "DSA",
1649 "SHA-256",
1650 dsa_key,
1651 ITM(sig_kat_entropyin),
1652 ITM(sig_kat_nonce),
1653 ITM(sig_kat_persstr),
1654 ITM(dsa_expected_sig)
1655 },
1656#endif /* OPENSSL_NO_DSA */
1657};
1658
1659static const ST_KAT_ASYM_CIPHER st_kat_asym_cipher_tests[] = {
1660 {
1661 OSSL_SELF_TEST_DESC_ASYM_RSA_ENC,
1662 "RSA",
1663 1,
1664 rsa_pub_key,
1665 rsa_enc_params,
1666 ITM(rsa_asym_plaintext_encrypt),
1667 ITM(rsa_asym_expected_encrypt),
1668 },
1669 {
1670 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1671 "RSA",
1672 0,
1673 rsa_priv_key,
1674 rsa_enc_params,
1675 ITM(rsa_asym_expected_encrypt),
1676 ITM(rsa_asym_plaintext_encrypt),
1677 },
1678 {
1679 OSSL_SELF_TEST_DESC_ASYM_RSA_DEC,
1680 "RSA",
1681 0,
1682 rsa_crt_key,
1683 rsa_enc_params,
1684 ITM(rsa_asym_expected_encrypt),
1685 ITM(rsa_asym_plaintext_encrypt),
1686 },
1687};
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette