evp_pkey_provided_test.c@ 101211

Last change on this file since 101211 was 101211, checked in by vboxsync, 17 months ago
openssl-3.1.3: Applied and adjusted our OpenSSL changes to 3.1.2. bugref:10527
File size: 68.8 KB

Line
1	/*
2	* Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h> /* memset */
11	#include <openssl/evp.h>
12	#include <openssl/pem.h>
13	#include <openssl/encoder.h>
14	#include <openssl/provider.h>
15	#include <openssl/param_build.h>
16	#include <openssl/core_names.h>
17	#include <openssl/sha.h>
18	#include "crypto/ecx.h"
19	#include "crypto/evp.h" /* For the internal API */
20	#include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21	#include "internal/nelem.h"
22	#include "testutil.h"
23
24	static char *datadir = NULL;
25
26	/*
27	* Do not change the order of the following defines unless you also
28	* update the for loop bounds used inside test_print_key_using_encoder() and
29	* test_print_key_using_encoder_public().
30	*/
31	#define PRIV_TEXT 0
32	#define PRIV_PEM 1
33	#define PRIV_DER 2
34	#define PUB_TEXT 3
35	#define PUB_PEM 4
36	#define PUB_DER 5
37
38	static void stripcr(char buf, size_t len)
39	{
40	size_t i;
41	char curr, writ;
42
43	for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
44	if (*curr == '\r') {
45	(*len)--;
46	continue;
47	}
48	if (curr != writ)
49	writ = curr;
50	writ++;
51	}
52	}
53
54	static int compare_with_file(const char alg, int type, BIO membio)
55	{
56	char filename[80];
57	BIO *file = NULL;
58	char buf[4096];
59	char memdata, fullfile = NULL;
60	const char *suffix;
61	size_t readbytes;
62	int ret = 0;
63	int len;
64	size_t slen;
65
66	switch (type) {
67	case PRIV_TEXT:
68	suffix = "priv.txt";
69	break;
70
71	case PRIV_PEM:
72	suffix = "priv.pem";
73	break;
74
75	case PRIV_DER:
76	suffix = "priv.der";
77	break;
78
79	case PUB_TEXT:
80	suffix = "pub.txt";
81	break;
82
83	case PUB_PEM:
84	suffix = "pub.pem";
85	break;
86
87	case PUB_DER:
88	suffix = "pub.der";
89	break;
90
91	default:
92	TEST_error("Invalid file type");
93	goto err;
94	}
95
96	BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97	fullfile = test_mk_file_path(datadir, filename);
98	if (!TEST_ptr(fullfile))
99	goto err;
100
101	file = BIO_new_file(fullfile, "rb");
102	if (!TEST_ptr(file))
103	goto err;
104
105	if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106	\|\| !TEST_true(BIO_eof(file))
107	\|\| !TEST_size_t_lt(readbytes, sizeof(buf)))
108	goto err;
109
110	len = BIO_get_mem_data(membio, &memdata);
111	if (!TEST_int_gt(len, 0))
112	goto err;
113
114	slen = len;
115	if (type != PRIV_DER && type != PUB_DER) {
116	stripcr(memdata, &slen);
117	stripcr(buf, &readbytes);
118	}
119
120	if (!TEST_mem_eq(memdata, slen, buf, readbytes))
121	goto err;
122
123	ret = 1;
124	err:
125	OPENSSL_free(fullfile);
126	(void)BIO_reset(membio);
127	BIO_free(file);
128	return ret;
129	}
130
131	static int pass_cb(char buf, int size, int rwflag, void u)
132	{
133	return 0;
134	}
135
136	static int pass_cb_error(char buf, int size, int rwflag, void u)
137	{
138	return -1;
139	}
140
141	static int test_print_key_using_pem(const char alg, const EVP_PKEY pk)
142	{
143	BIO *membio = BIO_new(BIO_s_mem());
144	int ret = 0;
145
146	if (!TEST_ptr(membio))
147	goto err;
148
149	if (/* Output Encrypted private key in PEM form */
150	!TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151	(unsigned char *)"pass", 4,
152	NULL, NULL))
153	/* Output zero-length passphrase encrypted private key in PEM form */
154	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
155	EVP_aes_256_cbc(),
156	(const char *)~0, 0,
157	NULL, NULL))
158	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
159	EVP_aes_256_cbc(),
160	NULL, 0, NULL, ""))
161	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
162	EVP_aes_256_cbc(),
163	NULL, 0, pass_cb, NULL))
164	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
165	EVP_aes_256_cbc(),
166	NULL, 0, pass_cb_error,
167	NULL))
168	#ifndef OPENSSL_NO_DES
169	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
170	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
171	(const char *)~0, 0, NULL, NULL))
172	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
173	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
174	NULL, ""))
175	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
176	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
177	pass_cb, NULL))
178	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
179	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
180	pass_cb_error, NULL))
181	#endif
182	/* Private key in text form */
183	\|\| !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
184	\|\| !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
185	/* Public key in PEM form */
186	\|\| !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
187	\|\| !TEST_true(compare_with_file(alg, PUB_PEM, membio))
188	/* Unencrypted private key in PEM form */
189	\|\| !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
190	NULL, NULL, 0, NULL, NULL))
191	\|\| !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
192	/* NULL key */
193	\|\| !TEST_false(PEM_write_bio_PrivateKey(membio, NULL,
194	NULL, NULL, 0, NULL, NULL))
195	\|\| !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL,
196	NULL, NULL, 0, NULL, NULL)))
197	goto err;
198
199	ret = 1;
200	err:
201	BIO_free(membio);
202	return ret;
203	}
204
205	static int test_print_key_type_using_encoder(const char *alg, int type,
206	const EVP_PKEY *pk)
207	{
208	const char output_type, output_structure;
209	int selection;
210	OSSL_ENCODER_CTX *ctx = NULL;
211	BIO *membio = BIO_new(BIO_s_mem());
212	int ret = 0;
213
214	switch (type) {
215	case PRIV_TEXT:
216	output_type = "TEXT";
217	output_structure = NULL;
218	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
219	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
220	break;
221
222	case PRIV_PEM:
223	output_type = "PEM";
224	output_structure = "PrivateKeyInfo";
225	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
226	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
227	break;
228
229	case PRIV_DER:
230	output_type = "DER";
231	output_structure = "PrivateKeyInfo";
232	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
233	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
234	break;
235
236	case PUB_TEXT:
237	output_type = "TEXT";
238	output_structure = NULL;
239	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
240	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
241	break;
242
243	case PUB_PEM:
244	output_type = "PEM";
245	output_structure = "SubjectPublicKeyInfo";
246	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
247	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
248	break;
249
250	case PUB_DER:
251	output_type = "DER";
252	output_structure = "SubjectPublicKeyInfo";
253	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
254	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
255	break;
256
257	default:
258	TEST_error("Invalid encoding type");
259	goto err;
260	}
261
262	if (!TEST_ptr(membio))
263	goto err;
264
265	/* Make a context, it's valid for several prints */
266	TEST_note("Setting up a OSSL_ENCODER context with passphrase");
267	if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
268	output_type,
269	output_structure,
270	NULL))
271	/* Check that this operation is supported */
272	\|\| !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
273	goto err;
274
275	/* Use no cipher. This should give us an unencrypted PEM */
276	TEST_note("Testing with no encryption");
277	if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
278	\|\| !TEST_true(compare_with_file(alg, type, membio)))
279	goto err;
280
281	if (type == PRIV_PEM) {
282	/* Set a passphrase to be used later */
283	if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
284	(unsigned char *)"pass",
285	4)))
286	goto err;
287
288	/* Use a valid cipher name */
289	TEST_note("Displaying PEM encrypted with AES-256-CBC");
290	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
291	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
292	goto err;
293
294	/* Use an invalid cipher name, which should generate no output */
295	TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
296	if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
297	\|\| !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
298	goto err;
299
300	/* Clear the cipher. This should give us an unencrypted PEM again */
301	TEST_note("Testing with encryption cleared (no encryption)");
302	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
303	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
304	\|\| !TEST_true(compare_with_file(alg, type, membio)))
305	goto err;
306	}
307	ret = 1;
308	err:
309	BIO_free(membio);
310	OSSL_ENCODER_CTX_free(ctx);
311	return ret;
312	}
313
314	static int test_print_key_using_encoder(const char alg, const EVP_PKEY pk)
315	{
316	int i;
317	int ret = 1;
318
319	for (i = PRIV_TEXT; i <= PUB_DER; i++)
320	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
321
322	return ret;
323	}
324
325	#ifndef OPENSSL_NO_EC
326	static int test_print_key_using_encoder_public(const char *alg,
327	const EVP_PKEY *pk)
328	{
329	int i;
330	int ret = 1;
331
332	for (i = PUB_TEXT; i <= PUB_DER; i++)
333	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
334
335	return ret;
336	}
337	#endif
338
339	/* Array indexes used in test_fromdata_rsa */
340	#define N 0
341	#define E 1
342	#define D 2
343	#define P 3
344	#define Q 4
345	#define DP 5
346	#define DQ 6
347	#define QINV 7
348
349	static int test_fromdata_rsa(void)
350	{
351	int ret = 0, i;
352	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
353	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
354	/*
355	* 32-bit RSA key, extracted from this command,
356	* executed with OpenSSL 1.0.2:
357	*
358	* openssl genrsa 32 \| openssl rsa -text
359	*/
360	static unsigned long key_numbers[] = {
361	0xbc747fc5, /* N */
362	0x10001, /* E */
363	0x7b133399, /* D */
364	0xe963, /* P */
365	0xceb7, /* Q */
366	0x8599, /* DP */
367	0xbd87, /* DQ */
368	0xcc3b, /* QINV */
369	};
370	OSSL_PARAM fromdata_params[] = {
371	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
372	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
373	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
374	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
375	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
376	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
377	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
378	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
379	OSSL_PARAM_END
380	};
381	BIGNUM *bn = BN_new();
382	BIGNUM *bn_from = BN_new();
383
384	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
385	goto err;
386
387	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
388	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
389	fromdata_params), 1))
390	goto err;
391
392	while (dup_pk == NULL) {
393	ret = 0;
394	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
395	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
396	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
397	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
398	goto err;
399
400	EVP_PKEY_CTX_free(key_ctx);
401	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
402	goto err;
403
404	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
405	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
406	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
407	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
408	goto err;
409
410	/* EVP_PKEY_copy_parameters() should fail for RSA */
411	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
412	\|\| !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
413	goto err;
414	EVP_PKEY_free(copy_pk);
415	copy_pk = NULL;
416
417	ret = test_print_key_using_pem("RSA", pk)
418	&& test_print_key_using_encoder("RSA", pk);
419
420	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
421	goto err;
422	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
423	EVP_PKEY_free(pk);
424	pk = dup_pk;
425	if (!ret)
426	goto err;
427	}
428	err:
429	/* for better diagnostics always compare key params */
430	for (i = 0; fromdata_params[i].key != NULL; ++i) {
431	if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
432	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
433	\|\| !TEST_BN_eq(bn, bn_from))
434	ret = 0;
435	}
436	BN_free(bn_from);
437	BN_free(bn);
438	EVP_PKEY_free(pk);
439	EVP_PKEY_free(copy_pk);
440	EVP_PKEY_CTX_free(key_ctx);
441	EVP_PKEY_CTX_free(ctx);
442
443	return ret;
444	}
445
446	static int test_evp_pkey_get_bn_param_large(void)
447	{
448	int ret = 0;
449	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
450	EVP_PKEY *pk = NULL;
451	OSSL_PARAM_BLD *bld = NULL;
452	OSSL_PARAM *fromdata_params = NULL;
453	BIGNUM n = NULL, e = NULL, d = NULL, n_out = NULL;
454	/*
455	* The buffer size chosen here for n_data larger than the buffer used
456	* internally in EVP_PKEY_get_bn_param.
457	*/
458	static unsigned char n_data[2050];
459	static const unsigned char e_data[] = {
460	0x1, 0x00, 0x01
461	};
462	static const unsigned char d_data[]= {
463	0x99, 0x33, 0x13, 0x7b
464	};
465
466	/* N is a large buffer */
467	memset(n_data, 0xCE, sizeof(n_data));
468
469	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
470	\|\| !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
471	\|\| !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
472	\|\| !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
473	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
474	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
475	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
476	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
477	\|\| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
478	\|\| !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
479	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
480	fromdata_params), 1)
481	\|\| !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
482	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
483	\|\| !TEST_BN_eq(n, n_out))
484	goto err;
485	ret = 1;
486	err:
487	BN_free(n_out);
488	BN_free(n);
489	BN_free(e);
490	BN_free(d);
491	EVP_PKEY_free(pk);
492	EVP_PKEY_CTX_free(key_ctx);
493	EVP_PKEY_CTX_free(ctx);
494	OSSL_PARAM_free(fromdata_params);
495	OSSL_PARAM_BLD_free(bld);
496	return ret;
497	}
498
499
500	#ifndef OPENSSL_NO_DH
501	static int test_fromdata_dh_named_group(void)
502	{
503	int ret = 0;
504	int gindex = 0, pcounter = 0, hindex = 0;
505	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
506	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
507	size_t len;
508	BIGNUM pub = NULL, priv = NULL;
509	BIGNUM pub_out = NULL, priv_out = NULL;
510	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
511	OSSL_PARAM *fromdata_params = NULL;
512	OSSL_PARAM_BLD *bld = NULL;
513	char name_out[80];
514	unsigned char seed_out[32];
515
516	/*
517	* DH key data was generated using the following:
518	* openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
519	* -pkeyopt priv_len:224 -text
520	*/
521	static const unsigned char priv_data[] = {
522	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
523	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
524	0x87, 0xe8, 0xa9, 0x7b,
525	};
526	static const unsigned char pub_data[] = {
527	0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
528	0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
529	0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
530	0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
531	0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
532	0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
533	0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
534	0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
535	0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
536	0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
537	0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
538	0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
539	0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
540	0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
541	0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
542	0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
543	0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
544	0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
545	0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
546	0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
547	0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
548	0xcf, 0x33, 0x42, 0x83, 0x42
549	};
550	static const char group_name[] = "ffdhe2048";
551	static const long priv_len = 224;
552
553	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
554	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
555	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
556	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
557	OSSL_PKEY_PARAM_GROUP_NAME,
558	group_name, 0))
559	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
560	priv_len))
561	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
562	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
563	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
564	goto err;
565
566	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
567	goto err;
568
569	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
570	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
571	fromdata_params), 1))
572	goto err;
573
574	/*
575	* A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
576	* it behaves as expected with regards to string length and terminating
577	* NUL byte.
578	*/
579	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
580	OSSL_PKEY_PARAM_GROUP_NAME,
581	NULL, sizeof(name_out),
582	&len))
583	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
584	/* Just enough space to hold the group name and a terminating NUL */
585	\|\| !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
586	OSSL_PKEY_PARAM_GROUP_NAME,
587	name_out,
588	sizeof(group_name),
589	&len))
590	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
591	/* Too small buffer to hold the terminating NUL byte */
592	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
593	OSSL_PKEY_PARAM_GROUP_NAME,
594	name_out,
595	sizeof(group_name) - 1,
596	&len))
597	/* Too small buffer to hold the whole group name, even! */
598	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
599	OSSL_PKEY_PARAM_GROUP_NAME,
600	name_out,
601	sizeof(group_name) - 2,
602	&len)))
603	goto err;
604
605	while (dup_pk == NULL) {
606	ret = 0;
607	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
608	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
609	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
610	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
611	goto err;
612
613	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
614	OSSL_PKEY_PARAM_GROUP_NAME,
615	name_out,
616	sizeof(name_out),
617	&len))
618	\|\| !TEST_str_eq(name_out, group_name)
619	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
620	&pub_out))
621
622	\|\| !TEST_BN_eq(pub, pub_out)
623	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
624	&priv_out))
625	\|\| !TEST_BN_eq(priv, priv_out)
626	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
627	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
628	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
629	\|\| !TEST_ptr(q)
630	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
631	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
632	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
633	OSSL_PKEY_PARAM_FFC_COFACTOR,
634	&j))
635	\|\| !TEST_ptr_null(j)
636	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
637	OSSL_PKEY_PARAM_FFC_SEED,
638	seed_out,
639	sizeof(seed_out),
640	&len))
641	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
642	&gindex))
643	\|\| !TEST_int_eq(gindex, -1)
644	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
645	&hindex))
646	\|\| !TEST_int_eq(hindex, 0)
647	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
648	OSSL_PKEY_PARAM_FFC_PCOUNTER,
649	&pcounter))
650	\|\| !TEST_int_eq(pcounter, -1))
651	goto err;
652	BN_free(p);
653	p = NULL;
654	BN_free(q);
655	q = NULL;
656	BN_free(g);
657	g = NULL;
658	BN_free(j);
659	j = NULL;
660	BN_free(pub_out);
661	pub_out = NULL;
662	BN_free(priv_out);
663	priv_out = NULL;
664
665	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
666	goto err;
667
668	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
669	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
670	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
671	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
672	goto err;
673	EVP_PKEY_CTX_free(key_ctx);
674	key_ctx = NULL;
675
676	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
677	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
678	goto err;
679	EVP_PKEY_free(copy_pk);
680	copy_pk = NULL;
681
682	ret = test_print_key_using_pem("DH", pk)
683	&& test_print_key_using_encoder("DH", pk);
684
685	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
686	goto err;
687	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
688	EVP_PKEY_free(pk);
689	pk = dup_pk;
690	if (!ret)
691	goto err;
692	}
693	err:
694	BN_free(p);
695	BN_free(q);
696	BN_free(g);
697	BN_free(j);
698	BN_free(pub);
699	BN_free(priv);
700	BN_free(pub_out);
701	BN_free(priv_out);
702	EVP_PKEY_free(copy_pk);
703	EVP_PKEY_free(pk);
704	EVP_PKEY_CTX_free(ctx);
705	EVP_PKEY_CTX_free(key_ctx);
706	OSSL_PARAM_free(fromdata_params);
707	OSSL_PARAM_BLD_free(bld);
708
709	return ret;
710	}
711
712	static int test_fromdata_dh_fips186_4(void)
713	{
714	int ret = 0;
715	int gindex = 0, pcounter = 0, hindex = 0;
716	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
717	EVP_PKEY pk = NULL, dup_pk = NULL;
718	size_t len;
719	BIGNUM pub = NULL, priv = NULL;
720	BIGNUM pub_out = NULL, priv_out = NULL;
721	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
722	OSSL_PARAM_BLD *bld = NULL;
723	OSSL_PARAM *fromdata_params = NULL;
724	char name_out[80];
725	unsigned char seed_out[32];
726
727	/*
728	* DH key data was generated using the following:
729	* openssl genpkey -algorithm DH
730	* -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
731	*/
732	static const unsigned char priv_data[] = {
733	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
734	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
735	0x87, 0xe8, 0xa9, 0x7b,
736	};
737	static const unsigned char pub_data[] = {
738	0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
739	0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
740	0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
741	0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
742	0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
743	0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
744	0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
745	0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
746	0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
747	0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
748	0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
749	0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
750	0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
751	0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
752	0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
753	0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
754	0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
755	0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
756	0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
757	0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
758	0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
759	0x33, 0x42, 0x83, 0x42
760	};
761	static const char group_name[] = "ffdhe2048";
762	static const long priv_len = 224;
763
764
765	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
766	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
767	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
768	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
769	OSSL_PKEY_PARAM_GROUP_NAME,
770	group_name, 0))
771	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
772	priv_len))
773	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
774	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
775	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
776	goto err;
777
778	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
779	goto err;
780
781	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
782	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
783	fromdata_params), 1))
784	goto err;
785
786	while (dup_pk == NULL) {
787	ret = 0;
788	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
789	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
790	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
791	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
792	goto err;
793
794	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
795	OSSL_PKEY_PARAM_GROUP_NAME,
796	name_out,
797	sizeof(name_out),
798	&len))
799	\|\| !TEST_str_eq(name_out, group_name)
800	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
801	&pub_out))
802	\|\| !TEST_BN_eq(pub, pub_out)
803	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
804	&priv_out))
805	\|\| !TEST_BN_eq(priv, priv_out)
806	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
807	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
808	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
809	\|\| !TEST_ptr(q)
810	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
811	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
812	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
813	OSSL_PKEY_PARAM_FFC_COFACTOR,
814	&j))
815	\|\| !TEST_ptr_null(j)
816	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
817	OSSL_PKEY_PARAM_FFC_SEED,
818	seed_out,
819	sizeof(seed_out),
820	&len))
821	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
822	OSSL_PKEY_PARAM_FFC_GINDEX,
823	&gindex))
824	\|\| !TEST_int_eq(gindex, -1)
825	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
826	&hindex))
827	\|\| !TEST_int_eq(hindex, 0)
828	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
829	OSSL_PKEY_PARAM_FFC_PCOUNTER,
830	&pcounter))
831	\|\| !TEST_int_eq(pcounter, -1))
832	goto err;
833	BN_free(p);
834	p = NULL;
835	BN_free(q);
836	q = NULL;
837	BN_free(g);
838	g = NULL;
839	BN_free(j);
840	j = NULL;
841	BN_free(pub_out);
842	pub_out = NULL;
843	BN_free(priv_out);
844	priv_out = NULL;
845
846	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
847	goto err;
848
849	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
850	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
851	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
852	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
853	goto err;
854	EVP_PKEY_CTX_free(key_ctx);
855	key_ctx = NULL;
856
857	ret = test_print_key_using_pem("DH", pk)
858	&& test_print_key_using_encoder("DH", pk);
859
860	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
861	goto err;
862	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
863	EVP_PKEY_free(pk);
864	pk = dup_pk;
865	if (!ret)
866	goto err;
867	}
868	err:
869	BN_free(p);
870	BN_free(q);
871	BN_free(g);
872	BN_free(j);
873	BN_free(pub);
874	BN_free(priv);
875	BN_free(pub_out);
876	BN_free(priv_out);
877	EVP_PKEY_free(pk);
878	EVP_PKEY_CTX_free(ctx);
879	EVP_PKEY_CTX_free(key_ctx);
880	OSSL_PARAM_free(fromdata_params);
881	OSSL_PARAM_BLD_free(bld);
882
883	return ret;
884	}
885
886	#endif
887
888
889
890	#ifndef OPENSSL_NO_EC
891	/* Array indexes used in test_fromdata_ecx */
892	# define PRIV_KEY 0
893	# define PUB_KEY 1
894
895	# define X25519_IDX 0
896	# define X448_IDX 1
897	# define ED25519_IDX 2
898	# define ED448_IDX 3
899
900	/*
901	* tst uses indexes 0 ... (3 * 4 - 1)
902	* For the 4 ECX key types (X25519_IDX..ED448_IDX)
903	* 0..3 = public + private key.
904	* 4..7 = private key (This will generate the public key from the private key)
905	* 8..11 = public key
906	*/
907	static int test_fromdata_ecx(int tst)
908	{
909	int ret = 0;
910	EVP_PKEY_CTX ctx = NULL, ctx2 = NULL;
911	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
912	const char *alg = NULL;
913	size_t len;
914	unsigned char out_pub[ED448_KEYLEN];
915	unsigned char out_priv[ED448_KEYLEN];
916	OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
917
918	/* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
919	static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
920	/* X25519: Keys from RFC 7748 6.1 */
921	{
922	/* Private Key */
923	{
924	0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
925	0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
926	0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
927	0x2c, 0x2a
928	},
929	/* Public Key */
930	{
931	0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
932	0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
933	0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
934	0x4e, 0x6a
935	}
936	},
937	/* X448: Keys from RFC 7748 6.2 */
938	{
939	/* Private Key */
940	{
941	0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
942	0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
943	0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
944	0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
945	0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
946	0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
947	},
948	/* Public Key */
949	{
950	0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
951	0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
952	0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
953	0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
954	0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
955	0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
956	}
957	},
958	/* ED25519: Keys from RFC 8032 */
959	{
960	/* Private Key */
961	{
962	0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
963	0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
964	0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
965	0x7f, 0x60
966	},
967	/* Public Key */
968	{
969	0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
970	0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
971	0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
972	0x51, 0x1a
973	}
974	},
975	/* ED448: Keys from RFC 8032 */
976	{
977	/* Private Key */
978	{
979	0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
980	0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
981	0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
982	0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
983	0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
984	0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
985	},
986	/* Public Key */
987	{
988	0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
989	0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
990	0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
991	0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
992	0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
993	0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
994	}
995	}
996	};
997	OSSL_PARAM x25519_fromdata_params[] = {
998	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
999	key_numbers[X25519_IDX][PRIV_KEY],
1000	X25519_KEYLEN),
1001	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1002	key_numbers[X25519_IDX][PUB_KEY],
1003	X25519_KEYLEN),
1004	OSSL_PARAM_END
1005	};
1006	OSSL_PARAM x448_fromdata_params[] = {
1007	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1008	key_numbers[X448_IDX][PRIV_KEY],
1009	X448_KEYLEN),
1010	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1011	key_numbers[X448_IDX][PUB_KEY],
1012	X448_KEYLEN),
1013	OSSL_PARAM_END
1014	};
1015	OSSL_PARAM ed25519_fromdata_params[] = {
1016	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1017	key_numbers[ED25519_IDX][PRIV_KEY],
1018	ED25519_KEYLEN),
1019	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1020	key_numbers[ED25519_IDX][PUB_KEY],
1021	ED25519_KEYLEN),
1022	OSSL_PARAM_END
1023	};
1024	OSSL_PARAM ed448_fromdata_params[] = {
1025	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1026	key_numbers[ED448_IDX][PRIV_KEY],
1027	ED448_KEYLEN),
1028	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1029	key_numbers[ED448_IDX][PUB_KEY],
1030	ED448_KEYLEN),
1031	OSSL_PARAM_END
1032	};
1033	OSSL_PARAM *fromdata_params = NULL;
1034	int bits = 0, security_bits = 0, size = 0;
1035	OSSL_PARAM *orig_fromdata_params = NULL;
1036
1037	switch (tst & 3) {
1038	case X25519_IDX:
1039	fromdata_params = x25519_fromdata_params;
1040	bits = X25519_BITS;
1041	security_bits = X25519_SECURITY_BITS;
1042	size = X25519_KEYLEN;
1043	alg = "X25519";
1044	break;
1045
1046	case X448_IDX:
1047	fromdata_params = x448_fromdata_params;
1048	bits = X448_BITS;
1049	security_bits = X448_SECURITY_BITS;
1050	size = X448_KEYLEN;
1051	alg = "X448";
1052	break;
1053
1054	case ED25519_IDX:
1055	fromdata_params = ed25519_fromdata_params;
1056	bits = ED25519_BITS;
1057	security_bits = ED25519_SECURITY_BITS;
1058	size = ED25519_SIGSIZE;
1059	alg = "ED25519";
1060	break;
1061
1062	case ED448_IDX:
1063	fromdata_params = ed448_fromdata_params;
1064	bits = ED448_BITS;
1065	security_bits = ED448_SECURITY_BITS;
1066	size = ED448_SIGSIZE;
1067	alg = "ED448";
1068	break;
1069	default:
1070	goto err;
1071	}
1072
1073	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1074	if (!TEST_ptr(ctx))
1075	goto err;
1076
1077	orig_fromdata_params = fromdata_params;
1078	if (tst > 7) {
1079	/* public key only */
1080	fromdata_params++;
1081	} else if (tst > 3) {
1082	/* private key only */
1083	params[0] = fromdata_params[0];
1084	params[1] = fromdata_params[2];
1085	fromdata_params = params;
1086	}
1087
1088	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1089	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1090	fromdata_params), 1))
1091	goto err;
1092
1093	while (dup_pk == NULL) {
1094	ret = 0;
1095	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1096	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1097	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1098	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1099	goto err;
1100
1101	if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1102	goto err;
1103	if (tst <= 7) {
1104	if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
1105	goto err;
1106	if (!TEST_true(EVP_PKEY_get_octet_string_param(
1107	pk, orig_fromdata_params[PRIV_KEY].key,
1108	out_priv, sizeof(out_priv), &len))
1109	\|\| !TEST_mem_eq(out_priv, len,
1110	orig_fromdata_params[PRIV_KEY].data,
1111	orig_fromdata_params[PRIV_KEY].data_size)
1112	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(
1113	pk, orig_fromdata_params[PUB_KEY].key,
1114	out_pub, sizeof(out_pub), &len))
1115	\|\| !TEST_mem_eq(out_pub, len,
1116	orig_fromdata_params[PUB_KEY].data,
1117	orig_fromdata_params[PUB_KEY].data_size))
1118	goto err;
1119	} else {
1120	/* The private key check should fail if there is only a public key */
1121	if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0)
1122	\|\| !TEST_int_le(EVP_PKEY_private_check(ctx2), 0)
1123	\|\| !TEST_int_le(EVP_PKEY_check(ctx2), 0))
1124	goto err;
1125	}
1126	EVP_PKEY_CTX_free(ctx2);
1127	ctx2 = NULL;
1128
1129	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1130	/* This should succeed because there are no parameters to copy */
1131	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1132	goto err;
1133	EVP_PKEY_free(copy_pk);
1134	copy_pk = NULL;
1135
1136	if (tst > 7)
1137	ret = test_print_key_using_encoder_public(alg, pk);
1138	else
1139	ret = test_print_key_using_pem(alg, pk)
1140	&& test_print_key_using_encoder(alg, pk);
1141
1142	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1143	goto err;
1144	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1145	EVP_PKEY_free(pk);
1146	pk = dup_pk;
1147	if (!ret)
1148	goto err;
1149	}
1150
1151	err:
1152	EVP_PKEY_free(pk);
1153	EVP_PKEY_free(copy_pk);
1154	EVP_PKEY_CTX_free(ctx);
1155	EVP_PKEY_CTX_free(ctx2);
1156
1157	return ret;
1158	}
1159
1160	static int test_fromdata_ec(void)
1161	{
1162	int ret = 0;
1163	EVP_PKEY_CTX *ctx = NULL;
1164	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1165	OSSL_PARAM_BLD *bld = NULL;
1166	BIGNUM *ec_priv_bn = NULL;
1167	BIGNUM *bn_priv = NULL;
1168	OSSL_PARAM *fromdata_params = NULL;
1169	const char *alg = "EC";
1170	const char *curve = "prime256v1";
1171	const char bad_curve[] = "nonexistent-curve";
1172	OSSL_PARAM nokey_params[2] = {
1173	OSSL_PARAM_END,
1174	OSSL_PARAM_END
1175	};
1176	/* UNCOMPRESSED FORMAT */
1177	static const unsigned char ec_pub_keydata[] = {
1178	POINT_CONVERSION_UNCOMPRESSED,
1179	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1180	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1181	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1182	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1183	0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1184	0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1185	0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1186	0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1187	};
1188	/* SAME BUT COMPRESSED FORMAT */
1189	static const unsigned char ec_pub_keydata_compressed[] = {
1190	POINT_CONVERSION_COMPRESSED+1,
1191	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1192	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1193	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1194	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2
1195	};
1196	static const unsigned char ec_priv_keydata[] = {
1197	0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1198	0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1199	0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1200	0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1201	};
1202	unsigned char out_pub[sizeof(ec_pub_keydata)];
1203	char out_curve_name[80];
1204	const OSSL_PARAM *gettable = NULL;
1205	size_t len;
1206	EC_GROUP *group = NULL;
1207	BIGNUM *group_a = NULL;
1208	BIGNUM *group_b = NULL;
1209	BIGNUM *group_p = NULL;
1210	BIGNUM *a = NULL;
1211	BIGNUM *b = NULL;
1212	BIGNUM *p = NULL;
1213
1214
1215	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1216	goto err;
1217	if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1218	sizeof(ec_priv_keydata), NULL)))
1219	goto err;
1220
1221	if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1222	curve, 0) <= 0)
1223	goto err;
1224	/*
1225	* We intentionally provide the input point in compressed format,
1226	* and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`.
1227	*
1228	* Later on we check what format is used when exporting the
1229	* `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed
1230	* format.
1231	*/
1232	if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1233	ec_pub_keydata_compressed,
1234	sizeof(ec_pub_keydata_compressed)) <= 0)
1235	goto err;
1236	if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1237	goto err;
1238	if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1239	goto err;
1240	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1241	if (!TEST_ptr(ctx))
1242	goto err;
1243
1244	/* try importing parameters with bad curve first */
1245	nokey_params[0] =
1246	OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1247	(char *)bad_curve, sizeof(bad_curve));
1248	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1249	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1250	nokey_params), 0)
1251	\|\| !TEST_ptr_null(pk))
1252	goto err;
1253
1254	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1255	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1256	fromdata_params), 1))
1257	goto err;
1258
1259	while (dup_pk == NULL) {
1260	ret = 0;
1261	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1262	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1263	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1264	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1265	goto err;
1266
1267	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1268	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1269	goto err;
1270	EVP_PKEY_free(copy_pk);
1271	copy_pk = NULL;
1272
1273	if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1274	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1275	OSSL_PKEY_PARAM_GROUP_NAME))
1276	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1277	OSSL_PKEY_PARAM_PUB_KEY))
1278	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1279	OSSL_PKEY_PARAM_PRIV_KEY)))
1280	goto err;
1281
1282	if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1283	\|\| !TEST_ptr(group_p = BN_new())
1284	\|\| !TEST_ptr(group_a = BN_new())
1285	\|\| !TEST_ptr(group_b = BN_new())
1286	\|\| !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1287	goto err;
1288
1289	if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1290	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1291	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1292	goto err;
1293
1294	if (!TEST_BN_eq(group_p, p) \|\| !TEST_BN_eq(group_a, a)
1295	\|\| !TEST_BN_eq(group_b, b))
1296	goto err;
1297
1298	if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1299	out_curve_name,
1300	sizeof(out_curve_name),
1301	&len)
1302	\|\| !TEST_str_eq(out_curve_name, curve)
1303	\|\| !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1304	out_pub, sizeof(out_pub), &len)
1305
1306	/*
1307	* Our providers use uncompressed format by default if
1308	* `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not
1309	* explicitly set, irrespective of the format used for the
1310	* input point given as a param to create this key.
1311	*/
1312	\|\| !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED)
1313	\|\| !TEST_mem_eq(out_pub + 1, len - 1,
1314	ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1)
1315
1316	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1317	&bn_priv))
1318	\|\| !TEST_BN_eq(ec_priv_bn, bn_priv))
1319	goto err;
1320	BN_free(bn_priv);
1321	bn_priv = NULL;
1322
1323	ret = test_print_key_using_pem(alg, pk)
1324	&& test_print_key_using_encoder(alg, pk);
1325
1326	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1327	goto err;
1328	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1329	EVP_PKEY_free(pk);
1330	pk = dup_pk;
1331	if (!ret)
1332	goto err;
1333	}
1334
1335	err:
1336	EC_GROUP_free(group);
1337	BN_free(group_a);
1338	BN_free(group_b);
1339	BN_free(group_p);
1340	BN_free(a);
1341	BN_free(b);
1342	BN_free(p);
1343	BN_free(bn_priv);
1344	BN_free(ec_priv_bn);
1345	OSSL_PARAM_free(fromdata_params);
1346	OSSL_PARAM_BLD_free(bld);
1347	EVP_PKEY_free(pk);
1348	EVP_PKEY_free(copy_pk);
1349	EVP_PKEY_CTX_free(ctx);
1350	return ret;
1351	}
1352
1353	static int test_ec_dup_no_operation(void)
1354	{
1355	int ret = 0;
1356	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1357	EVP_PKEY param = NULL, pkey = NULL;
1358
1359	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1360	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1361	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1362	NID_X9_62_prime256v1), 0)
1363	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1364	\|\| !TEST_ptr(param))
1365	goto err;
1366
1367	EVP_PKEY_CTX_free(pctx);
1368	pctx = NULL;
1369
1370	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1371	\|\| !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1372	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1373	\|\| !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1374	goto err;
1375	ret = 1;
1376	err:
1377	EVP_PKEY_free(pkey);
1378	EVP_PKEY_free(param);
1379	EVP_PKEY_CTX_free(ctx);
1380	EVP_PKEY_CTX_free(kctx);
1381	EVP_PKEY_CTX_free(pctx);
1382	return ret;
1383	}
1384
1385	/* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1386	static int test_ec_dup_keygen_operation(void)
1387	{
1388	int ret = 0;
1389	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1390	EVP_PKEY param = NULL, pkey = NULL;
1391
1392	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1393	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1394	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1395	NID_X9_62_prime256v1), 0)
1396	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1397	\|\| !TEST_ptr(param))
1398	goto err;
1399
1400	EVP_PKEY_CTX_free(pctx);
1401	pctx = NULL;
1402
1403	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1404	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1405	\|\| !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1406	goto err;
1407	ret = 1;
1408	err:
1409	EVP_PKEY_free(pkey);
1410	EVP_PKEY_free(param);
1411	EVP_PKEY_CTX_free(ctx);
1412	EVP_PKEY_CTX_free(kctx);
1413	EVP_PKEY_CTX_free(pctx);
1414	return ret;
1415	}
1416
1417	#endif /* OPENSSL_NO_EC */
1418
1419	#ifndef OPENSSL_NO_DSA
1420	static int test_fromdata_dsa_fips186_4(void)
1421	{
1422	int ret = 0;
1423	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
1424	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1425	BIGNUM pub = NULL, priv = NULL;
1426	BIGNUM p = NULL, q = NULL, *g = NULL;
1427	BIGNUM pub_out = NULL, priv_out = NULL;
1428	BIGNUM p_out = NULL, q_out = NULL, g_out = NULL, j_out = NULL;
1429	int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1430	char name_out[80];
1431	unsigned char seed_out[32];
1432	size_t len;
1433	OSSL_PARAM_BLD *bld = NULL;
1434	OSSL_PARAM *fromdata_params = NULL;
1435
1436	/*
1437	* DSA parameter data was generated using the following:
1438	* openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1439	* -pkeyopt qbits:256 -pkeyopt type:0 \
1440	* -pkeyopt gindex:1 -out dsa_params.pem -text
1441	*/
1442	static const unsigned char p_data[] = {
1443	0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1444	0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1445	0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1446	0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1447	0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1448	0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1449	0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1450	0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1451	0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1452	0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1453	0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1454	0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1455	0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1456	0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1457	0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1458	0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1459	0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1460	0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1461	0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1462	0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1463	0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1464	0x7c, 0xfe, 0xaf, 0x6a, 0x05
1465	};
1466	static const unsigned char q_data[] = {
1467	0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1468	0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1469	0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1470	};
1471	static const unsigned char g_data[] = {
1472	0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1473	0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1474	0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1475	0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1476	0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1477	0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1478	0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1479	0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1480	0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1481	0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1482	0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1483	0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1484	0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1485	0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1486	0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1487	0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1488	0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1489	0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1490	0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1491	0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1492	0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1493	0x02, 0x6f, 0x96, 0x36
1494	};
1495	static const unsigned char seed_data[] = {
1496	0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1497	0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1498	0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1499	};
1500	const int gindex = 1;
1501	const int pcounter = 53;
1502	/*
1503	* The keypair was generated using
1504	* openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1505	* -pkeyopt gindex:1 \
1506	* -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1507	*/
1508	static const unsigned char priv_data[] = {
1509	0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1510	0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1511	0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1512	};
1513	static const unsigned char pub_data[] = {
1514	0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1515	0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1516	0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1517	0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1518	0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1519	0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1520	0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1521	0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1522	0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1523	0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1524	0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1525	0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1526	0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1527	0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1528	0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1529	0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1530	0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1531	0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1532	0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1533	0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1534	0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1535	0x48, 0xd1, 0x8a, 0xbd
1536	};
1537
1538	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1539	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1540	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1541	\|\| !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1542	\|\| !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1543	\|\| !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1544
1545	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1546	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1547	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1548	\|\| !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1549	OSSL_PKEY_PARAM_FFC_SEED,
1550	seed_data,
1551	sizeof(seed_data)))
1552	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1553	gindex))
1554	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1555	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1556	pcounter))
1557	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1558	pub))
1559	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1560	priv))
1561	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1562	goto err;
1563
1564	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1565	goto err;
1566
1567	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1568	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1569	fromdata_params), 1))
1570	goto err;
1571
1572	while (dup_pk == NULL) {
1573	ret = 0;
1574	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1575	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1576	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1577	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1578	goto err;
1579
1580	if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1581	OSSL_PKEY_PARAM_GROUP_NAME,
1582	name_out,
1583	sizeof(name_out),
1584	&len))
1585	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1586	&pub_out))
1587	\|\| !TEST_BN_eq(pub, pub_out)
1588	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1589	&priv_out))
1590	\|\| !TEST_BN_eq(priv, priv_out)
1591	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1592	&p_out))
1593	\|\| !TEST_BN_eq(p, p_out)
1594	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1595	&q_out))
1596	\|\| !TEST_BN_eq(q, q_out)
1597	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1598	&g_out))
1599	\|\| !TEST_BN_eq(g, g_out)
1600	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
1601	OSSL_PKEY_PARAM_FFC_COFACTOR,
1602	&j_out))
1603	\|\| !TEST_ptr_null(j_out)
1604	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1605	OSSL_PKEY_PARAM_FFC_SEED,
1606	seed_out,
1607	sizeof(seed_out),
1608	&len))
1609	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1610	OSSL_PKEY_PARAM_FFC_GINDEX,
1611	&gindex_out))
1612	\|\| !TEST_int_eq(gindex, gindex_out)
1613	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1614	&hindex_out))
1615	\|\| !TEST_int_eq(hindex_out, 0)
1616	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1617	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1618	&pcounter_out))
1619	\|\| !TEST_int_eq(pcounter, pcounter_out))
1620	goto err;
1621	BN_free(p);
1622	p = NULL;
1623	BN_free(q);
1624	q = NULL;
1625	BN_free(g);
1626	g = NULL;
1627	BN_free(j_out);
1628	j_out = NULL;
1629	BN_free(pub_out);
1630	pub_out = NULL;
1631	BN_free(priv_out);
1632	priv_out = NULL;
1633
1634	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1635	goto err;
1636
1637	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
1638	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
1639	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
1640	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
1641	goto err;
1642	EVP_PKEY_CTX_free(key_ctx);
1643	key_ctx = NULL;
1644
1645	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1646	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1647	goto err;
1648	EVP_PKEY_free(copy_pk);
1649	copy_pk = NULL;
1650
1651	ret = test_print_key_using_pem("DSA", pk)
1652	&& test_print_key_using_encoder("DSA", pk);
1653
1654	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1655	goto err;
1656	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1657	EVP_PKEY_free(pk);
1658	pk = dup_pk;
1659	if (!ret)
1660	goto err;
1661	}
1662
1663	err:
1664	OSSL_PARAM_free(fromdata_params);
1665	OSSL_PARAM_BLD_free(bld);
1666	BN_free(p);
1667	BN_free(q);
1668	BN_free(g);
1669	BN_free(pub);
1670	BN_free(priv);
1671	BN_free(p_out);
1672	BN_free(q_out);
1673	BN_free(g_out);
1674	BN_free(pub_out);
1675	BN_free(priv_out);
1676	BN_free(j_out);
1677	EVP_PKEY_free(pk);
1678	EVP_PKEY_free(copy_pk);
1679	EVP_PKEY_CTX_free(ctx);
1680	EVP_PKEY_CTX_free(key_ctx);
1681
1682	return ret;
1683	}
1684
1685	static int test_check_dsa(void)
1686	{
1687	int ret = 0;
1688	EVP_PKEY_CTX *ctx = NULL;
1689
1690	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1691	\|\| !TEST_int_le(EVP_PKEY_check(ctx), 0)
1692	\|\| !TEST_int_le(EVP_PKEY_public_check(ctx), 0)
1693	\|\| !TEST_int_le(EVP_PKEY_private_check(ctx), 0)
1694	\|\| !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0))
1695	goto err;
1696
1697	ret = 1;
1698	err:
1699	EVP_PKEY_CTX_free(ctx);
1700
1701	return ret;
1702	}
1703	#endif /* OPENSSL_NO_DSA */
1704
1705
1706	static OSSL_PARAM do_construct_hkdf_params(char digest, char *key,
1707	size_t keylen, char *salt)
1708	{
1709	OSSL_PARAM params = OPENSSL_malloc(sizeof(OSSL_PARAM) 5);
1710	OSSL_PARAM *p = params;
1711
1712	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1713	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1714	salt, strlen(salt));
1715	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1716	(unsigned char *)key, keylen);
1717	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1718	"EXTRACT_ONLY", 0);
1719	*p = OSSL_PARAM_construct_end();
1720
1721	return params;
1722	}
1723
1724	static int test_evp_pkey_ctx_dup_kdf(void)
1725	{
1726	int ret = 0;
1727	size_t len = 0, dlen = 0;
1728	EVP_PKEY_CTX pctx = NULL, dctx = NULL;
1729	OSSL_PARAM *params = NULL;
1730
1731	if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1732	"salt")))
1733	goto err;
1734	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1735	goto err;
1736	if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1737	goto err;
1738	if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
1739	goto err;
1740	if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1741	\|\| !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
1742	\|\| !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
1743	\|\| !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
1744	goto err;
1745	ret = 1;
1746	err:
1747	OPENSSL_free(params);
1748	EVP_PKEY_CTX_free(dctx);
1749	EVP_PKEY_CTX_free(pctx);
1750	return ret;
1751	}
1752
1753	int setup_tests(void)
1754	{
1755	if (!test_skip_common_options()) {
1756	TEST_error("Error parsing test options\n");
1757	return 0;
1758	}
1759
1760	if (!TEST_ptr(datadir = test_get_argument(0)))
1761	return 0;
1762
1763	ADD_TEST(test_evp_pkey_ctx_dup_kdf);
1764	ADD_TEST(test_evp_pkey_get_bn_param_large);
1765	ADD_TEST(test_fromdata_rsa);
1766	#ifndef OPENSSL_NO_DH
1767	ADD_TEST(test_fromdata_dh_fips186_4);
1768	ADD_TEST(test_fromdata_dh_named_group);
1769	#endif
1770	#ifndef OPENSSL_NO_DSA
1771	ADD_TEST(test_check_dsa);
1772	ADD_TEST(test_fromdata_dsa_fips186_4);
1773	#endif
1774	#ifndef OPENSSL_NO_EC
1775	ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1776	ADD_TEST(test_fromdata_ec);
1777	ADD_TEST(test_ec_dup_no_operation);
1778	ADD_TEST(test_ec_dup_keygen_operation);
1779	#endif
1780	return 1;
1781	}

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.1.3/test/evp_pkey_provided_test.c@ 101211

Download in other formats: