evp_pkey_provided_test.c@ 105943

最後變更在這個檔案從105943是 104078,由 vboxsync 提交於 8 月前
openssl-3.1.5: Applied and adjusted our OpenSSL changes to 3.1.4. bugref:10638
檔案大小: 69.1 KB

行
1	/*
2	* Copyright 2019-2024 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h> /* memset */
11	#include <openssl/evp.h>
12	#include <openssl/pem.h>
13	#include <openssl/encoder.h>
14	#include <openssl/provider.h>
15	#include <openssl/param_build.h>
16	#include <openssl/core_names.h>
17	#include <openssl/sha.h>
18	#include "crypto/ecx.h"
19	#include "crypto/evp.h" /* For the internal API */
20	#include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */
21	#include "internal/nelem.h"
22	#include "testutil.h"
23
24	static char *datadir = NULL;
25
26	/*
27	* Do not change the order of the following defines unless you also
28	* update the for loop bounds used inside test_print_key_using_encoder() and
29	* test_print_key_using_encoder_public().
30	*/
31	#define PRIV_TEXT 0
32	#define PRIV_PEM 1
33	#define PRIV_DER 2
34	#define PUB_TEXT 3
35	#define PUB_PEM 4
36	#define PUB_DER 5
37
38	static void stripcr(char buf, size_t len)
39	{
40	size_t i;
41	char curr, writ;
42
43	for (i = *len, curr = buf, writ = buf; i > 0; i--, curr++) {
44	if (*curr == '\r') {
45	(*len)--;
46	continue;
47	}
48	if (curr != writ)
49	writ = curr;
50	writ++;
51	}
52	}
53
54	static int compare_with_file(const char alg, int type, BIO membio)
55	{
56	char filename[80];
57	BIO *file = NULL;
58	char buf[4096];
59	char memdata, fullfile = NULL;
60	const char *suffix;
61	size_t readbytes;
62	int ret = 0;
63	int len;
64	size_t slen;
65
66	switch (type) {
67	case PRIV_TEXT:
68	suffix = "priv.txt";
69	break;
70
71	case PRIV_PEM:
72	suffix = "priv.pem";
73	break;
74
75	case PRIV_DER:
76	suffix = "priv.der";
77	break;
78
79	case PUB_TEXT:
80	suffix = "pub.txt";
81	break;
82
83	case PUB_PEM:
84	suffix = "pub.pem";
85	break;
86
87	case PUB_DER:
88	suffix = "pub.der";
89	break;
90
91	default:
92	TEST_error("Invalid file type");
93	goto err;
94	}
95
96	BIO_snprintf(filename, sizeof(filename), "%s.%s", alg, suffix);
97	fullfile = test_mk_file_path(datadir, filename);
98	if (!TEST_ptr(fullfile))
99	goto err;
100
101	file = BIO_new_file(fullfile, "rb");
102	if (!TEST_ptr(file))
103	goto err;
104
105	if (!TEST_true(BIO_read_ex(file, buf, sizeof(buf), &readbytes))
106	\|\| !TEST_true(BIO_eof(file))
107	\|\| !TEST_size_t_lt(readbytes, sizeof(buf)))
108	goto err;
109
110	len = BIO_get_mem_data(membio, &memdata);
111	if (!TEST_int_gt(len, 0))
112	goto err;
113
114	slen = len;
115	if (type != PRIV_DER && type != PUB_DER) {
116	stripcr(memdata, &slen);
117	stripcr(buf, &readbytes);
118	}
119
120	if (!TEST_mem_eq(memdata, slen, buf, readbytes))
121	goto err;
122
123	ret = 1;
124	err:
125	OPENSSL_free(fullfile);
126	(void)BIO_reset(membio);
127	BIO_free(file);
128	return ret;
129	}
130
131	static int pass_cb(char buf, int size, int rwflag, void u)
132	{
133	return 0;
134	}
135
136	static int pass_cb_error(char buf, int size, int rwflag, void u)
137	{
138	return -1;
139	}
140
141	static int test_print_key_using_pem(const char alg, const EVP_PKEY pk)
142	{
143	BIO *membio = BIO_new(BIO_s_mem());
144	int ret = 0;
145
146	if (!TEST_ptr(membio))
147	goto err;
148
149	if (/* Output Encrypted private key in PEM form */
150	!TEST_true(PEM_write_bio_PrivateKey(bio_out, pk, EVP_aes_256_cbc(),
151	(unsigned char *)"pass", 4,
152	NULL, NULL))
153	/* Output zero-length passphrase encrypted private key in PEM form */
154	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
155	EVP_aes_256_cbc(),
156	(const char *)~0, 0,
157	NULL, NULL))
158	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
159	EVP_aes_256_cbc(),
160	NULL, 0, NULL, ""))
161	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
162	EVP_aes_256_cbc(),
163	NULL, 0, pass_cb, NULL))
164	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey(bio_out, pk,
165	EVP_aes_256_cbc(),
166	NULL, 0, pass_cb_error,
167	NULL))
168	#ifndef OPENSSL_NO_DES
169	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
170	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
171	(const char *)~0, 0, NULL, NULL))
172	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
173	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
174	NULL, ""))
175	\|\| !TEST_true(PEM_write_bio_PKCS8PrivateKey_nid(
176	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
177	pass_cb, NULL))
178	\|\| !TEST_false(PEM_write_bio_PKCS8PrivateKey_nid(
179	bio_out, pk, NID_pbe_WithSHA1And3_Key_TripleDES_CBC, NULL, 0,
180	pass_cb_error, NULL))
181	#endif
182	/* Private key in text form */
183	\|\| !TEST_int_gt(EVP_PKEY_print_private(membio, pk, 0, NULL), 0)
184	\|\| !TEST_true(compare_with_file(alg, PRIV_TEXT, membio))
185	/* Public key in PEM form */
186	\|\| !TEST_true(PEM_write_bio_PUBKEY(membio, pk))
187	\|\| !TEST_true(compare_with_file(alg, PUB_PEM, membio))
188	/* Unencrypted private key in PEM form */
189	\|\| !TEST_true(PEM_write_bio_PrivateKey(membio, pk,
190	NULL, NULL, 0, NULL, NULL))
191	\|\| !TEST_true(compare_with_file(alg, PRIV_PEM, membio))
192	/* NULL key */
193	\|\| !TEST_false(PEM_write_bio_PrivateKey(membio, NULL,
194	NULL, NULL, 0, NULL, NULL))
195	\|\| !TEST_false(PEM_write_bio_PrivateKey_traditional(membio, NULL,
196	NULL, NULL, 0, NULL, NULL)))
197	goto err;
198
199	ret = 1;
200	err:
201	BIO_free(membio);
202	return ret;
203	}
204
205	static int test_print_key_type_using_encoder(const char *alg, int type,
206	const EVP_PKEY *pk)
207	{
208	const char output_type, output_structure;
209	int selection;
210	OSSL_ENCODER_CTX *ctx = NULL;
211	BIO *membio = BIO_new(BIO_s_mem());
212	int ret = 0;
213
214	switch (type) {
215	case PRIV_TEXT:
216	output_type = "TEXT";
217	output_structure = NULL;
218	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
219	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
220	break;
221
222	case PRIV_PEM:
223	output_type = "PEM";
224	output_structure = "PrivateKeyInfo";
225	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
226	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
227	break;
228
229	case PRIV_DER:
230	output_type = "DER";
231	output_structure = "PrivateKeyInfo";
232	selection = OSSL_KEYMGMT_SELECT_KEYPAIR
233	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
234	break;
235
236	case PUB_TEXT:
237	output_type = "TEXT";
238	output_structure = NULL;
239	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
240	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
241	break;
242
243	case PUB_PEM:
244	output_type = "PEM";
245	output_structure = "SubjectPublicKeyInfo";
246	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
247	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
248	break;
249
250	case PUB_DER:
251	output_type = "DER";
252	output_structure = "SubjectPublicKeyInfo";
253	selection = OSSL_KEYMGMT_SELECT_PUBLIC_KEY
254	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS;
255	break;
256
257	default:
258	TEST_error("Invalid encoding type");
259	goto err;
260	}
261
262	if (!TEST_ptr(membio))
263	goto err;
264
265	/* Make a context, it's valid for several prints */
266	TEST_note("Setting up a OSSL_ENCODER context with passphrase");
267	if (!TEST_ptr(ctx = OSSL_ENCODER_CTX_new_for_pkey(pk, selection,
268	output_type,
269	output_structure,
270	NULL))
271	/* Check that this operation is supported */
272	\|\| !TEST_int_ne(OSSL_ENCODER_CTX_get_num_encoders(ctx), 0))
273	goto err;
274
275	/* Use no cipher. This should give us an unencrypted PEM */
276	TEST_note("Testing with no encryption");
277	if (!TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
278	\|\| !TEST_true(compare_with_file(alg, type, membio)))
279	goto err;
280
281	if (type == PRIV_PEM) {
282	/* Set a passphrase to be used later */
283	if (!TEST_true(OSSL_ENCODER_CTX_set_passphrase(ctx,
284	(unsigned char *)"pass",
285	4)))
286	goto err;
287
288	/* Use a valid cipher name */
289	TEST_note("Displaying PEM encrypted with AES-256-CBC");
290	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL))
291	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, bio_out)))
292	goto err;
293
294	/* Use an invalid cipher name, which should generate no output */
295	TEST_note("NOT Displaying PEM encrypted with (invalid) FOO");
296	if (!TEST_false(OSSL_ENCODER_CTX_set_cipher(ctx, "FOO", NULL))
297	\|\| !TEST_false(OSSL_ENCODER_to_bio(ctx, bio_out)))
298	goto err;
299
300	/* Clear the cipher. This should give us an unencrypted PEM again */
301	TEST_note("Testing with encryption cleared (no encryption)");
302	if (!TEST_true(OSSL_ENCODER_CTX_set_cipher(ctx, NULL, NULL))
303	\|\| !TEST_true(OSSL_ENCODER_to_bio(ctx, membio))
304	\|\| !TEST_true(compare_with_file(alg, type, membio)))
305	goto err;
306	}
307	ret = 1;
308	err:
309	BIO_free(membio);
310	OSSL_ENCODER_CTX_free(ctx);
311	return ret;
312	}
313
314	static int test_print_key_using_encoder(const char alg, const EVP_PKEY pk)
315	{
316	int i;
317	int ret = 1;
318
319	for (i = PRIV_TEXT; i <= PUB_DER; i++)
320	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
321
322	return ret;
323	}
324
325	#ifndef OPENSSL_NO_EC
326	static int test_print_key_using_encoder_public(const char *alg,
327	const EVP_PKEY *pk)
328	{
329	int i;
330	int ret = 1;
331
332	for (i = PUB_TEXT; i <= PUB_DER; i++)
333	ret = ret && test_print_key_type_using_encoder(alg, i, pk);
334
335	return ret;
336	}
337	#endif
338
339	/* Array indexes used in test_fromdata_rsa */
340	#define N 0
341	#define E 1
342	#define D 2
343	#define P 3
344	#define Q 4
345	#define DP 5
346	#define DQ 6
347	#define QINV 7
348
349	static int test_fromdata_rsa(void)
350	{
351	int ret = 0, i;
352	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
353	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
354	/*
355	* 32-bit RSA key, extracted from this command,
356	* executed with OpenSSL 1.0.2:
357	*
358	* openssl genrsa 32 \| openssl rsa -text
359	*/
360	static unsigned long key_numbers[] = {
361	0xbc747fc5, /* N */
362	0x10001, /* E */
363	0x7b133399, /* D */
364	0xe963, /* P */
365	0xceb7, /* Q */
366	0x8599, /* DP */
367	0xbd87, /* DQ */
368	0xcc3b, /* QINV */
369	};
370	OSSL_PARAM fromdata_params[] = {
371	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_N, &key_numbers[N]),
372	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_E, &key_numbers[E]),
373	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_D, &key_numbers[D]),
374	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR1, &key_numbers[P]),
375	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_FACTOR2, &key_numbers[Q]),
376	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT1, &key_numbers[DP]),
377	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_EXPONENT2, &key_numbers[DQ]),
378	OSSL_PARAM_ulong(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &key_numbers[QINV]),
379	OSSL_PARAM_END
380	};
381	BIGNUM *bn = BN_new();
382	BIGNUM *bn_from = BN_new();
383
384	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL)))
385	goto err;
386
387	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
388	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
389	fromdata_params), 1))
390	goto err;
391
392	while (dup_pk == NULL) {
393	ret = 0;
394	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 32)
395	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 8)
396	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 4)
397	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
398	goto err;
399
400	EVP_PKEY_CTX_free(key_ctx);
401	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
402	goto err;
403
404	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
405	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
406	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
407	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
408	goto err;
409
410	/* EVP_PKEY_copy_parameters() should fail for RSA */
411	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
412	\|\| !TEST_false(EVP_PKEY_copy_parameters(copy_pk, pk)))
413	goto err;
414	EVP_PKEY_free(copy_pk);
415	copy_pk = NULL;
416
417	ret = test_print_key_using_pem("RSA", pk)
418	&& test_print_key_using_encoder("RSA", pk);
419
420	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
421	goto err;
422	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
423	EVP_PKEY_free(pk);
424	pk = dup_pk;
425	if (!ret)
426	goto err;
427	}
428	err:
429	/* for better diagnostics always compare key params */
430	for (i = 0; fromdata_params[i].key != NULL; ++i) {
431	if (!TEST_true(BN_set_word(bn_from, key_numbers[i]))
432	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, fromdata_params[i].key, &bn))
433	\|\| !TEST_BN_eq(bn, bn_from))
434	ret = 0;
435	}
436	BN_free(bn_from);
437	BN_free(bn);
438	EVP_PKEY_free(pk);
439	EVP_PKEY_free(copy_pk);
440	EVP_PKEY_CTX_free(key_ctx);
441	EVP_PKEY_CTX_free(ctx);
442
443	return ret;
444	}
445
446	static int test_evp_pkey_get_bn_param_large(void)
447	{
448	int ret = 0;
449	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
450	EVP_PKEY *pk = NULL;
451	OSSL_PARAM_BLD *bld = NULL;
452	OSSL_PARAM *fromdata_params = NULL;
453	BIGNUM n = NULL, e = NULL, d = NULL, n_out = NULL;
454	/*
455	* The buffer size chosen here for n_data larger than the buffer used
456	* internally in EVP_PKEY_get_bn_param.
457	*/
458	static unsigned char n_data[2050];
459	static const unsigned char e_data[] = {
460	0x1, 0x00, 0x01
461	};
462	static const unsigned char d_data[]= {
463	0x99, 0x33, 0x13, 0x7b
464	};
465
466	/* N is a large buffer */
467	memset(n_data, 0xCE, sizeof(n_data));
468
469	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
470	\|\| !TEST_ptr(n = BN_bin2bn(n_data, sizeof(n_data), NULL))
471	\|\| !TEST_ptr(e = BN_bin2bn(e_data, sizeof(e_data), NULL))
472	\|\| !TEST_ptr(d = BN_bin2bn(d_data, sizeof(d_data), NULL))
473	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n))
474	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e))
475	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))
476	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))
477	\|\| !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "RSA", NULL))
478	\|\| !TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
479	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
480	fromdata_params), 1)
481	\|\| !TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, ""))
482	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_RSA_N, &n_out))
483	\|\| !TEST_BN_eq(n, n_out))
484	goto err;
485	ret = 1;
486	err:
487	BN_free(n_out);
488	BN_free(n);
489	BN_free(e);
490	BN_free(d);
491	EVP_PKEY_free(pk);
492	EVP_PKEY_CTX_free(key_ctx);
493	EVP_PKEY_CTX_free(ctx);
494	OSSL_PARAM_free(fromdata_params);
495	OSSL_PARAM_BLD_free(bld);
496	return ret;
497	}
498
499
500	#ifndef OPENSSL_NO_DH
501	static int test_fromdata_dh_named_group(void)
502	{
503	int ret = 0;
504	int gindex = 0, pcounter = 0, hindex = 0;
505	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
506	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
507	size_t len;
508	BIGNUM pub = NULL, priv = NULL;
509	BIGNUM pub_out = NULL, priv_out = NULL;
510	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
511	OSSL_PARAM *fromdata_params = NULL;
512	OSSL_PARAM_BLD *bld = NULL;
513	char name_out[80];
514	unsigned char seed_out[32];
515
516	/*
517	* DH key data was generated using the following:
518	* openssl genpkey -algorithm DH -pkeyopt group:ffdhe2048
519	* -pkeyopt priv_len:224 -text
520	*/
521	static const unsigned char priv_data[] = {
522	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
523	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
524	0x87, 0xe8, 0xa9, 0x7b,
525	};
526	static const unsigned char pub_data[] = {
527	0x00, 0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1,
528	0x82, 0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd,
529	0x33, 0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c,
530	0x64, 0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6,
531	0xf9, 0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5,
532	0xfa, 0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03,
533	0x9d, 0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9,
534	0x7e, 0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a,
535	0x57, 0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa,
536	0xe5, 0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef,
537	0x9a, 0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1,
538	0xdb, 0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7,
539	0x22, 0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f,
540	0x7c, 0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20,
541	0x82, 0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77,
542	0x14, 0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2,
543	0x6e, 0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12,
544	0xbc, 0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0,
545	0xf1, 0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67,
546	0xa1, 0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc,
547	0xa8, 0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab,
548	0xcf, 0x33, 0x42, 0x83, 0x42
549	};
550	static const char group_name[] = "ffdhe2048";
551	static const long priv_len = 224;
552
553	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
554	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
555	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
556	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
557	OSSL_PKEY_PARAM_GROUP_NAME,
558	group_name, 0))
559	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
560	priv_len))
561	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
562	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
563	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
564	goto err;
565
566	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
567	goto err;
568
569	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
570	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
571	fromdata_params), 1))
572	goto err;
573
574	/*
575	* A few extra checks of EVP_PKEY_get_utf8_string_param() to see that
576	* it behaves as expected with regards to string length and terminating
577	* NUL byte.
578	*/
579	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
580	OSSL_PKEY_PARAM_GROUP_NAME,
581	NULL, sizeof(name_out),
582	&len))
583	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
584	/* Just enough space to hold the group name and a terminating NUL */
585	\|\| !TEST_true(EVP_PKEY_get_utf8_string_param(pk,
586	OSSL_PKEY_PARAM_GROUP_NAME,
587	name_out,
588	sizeof(group_name),
589	&len))
590	\|\| !TEST_size_t_eq(len, sizeof(group_name) - 1)
591	/* Too small buffer to hold the terminating NUL byte */
592	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
593	OSSL_PKEY_PARAM_GROUP_NAME,
594	name_out,
595	sizeof(group_name) - 1,
596	&len))
597	/* Too small buffer to hold the whole group name, even! */
598	\|\| !TEST_false(EVP_PKEY_get_utf8_string_param(pk,
599	OSSL_PKEY_PARAM_GROUP_NAME,
600	name_out,
601	sizeof(group_name) - 2,
602	&len)))
603	goto err;
604
605	while (dup_pk == NULL) {
606	ret = 0;
607	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
608	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
609	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
610	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
611	goto err;
612
613	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
614	OSSL_PKEY_PARAM_GROUP_NAME,
615	name_out,
616	sizeof(name_out),
617	&len))
618	\|\| !TEST_str_eq(name_out, group_name)
619	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
620	&pub_out))
621
622	\|\| !TEST_BN_eq(pub, pub_out)
623	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
624	&priv_out))
625	\|\| !TEST_BN_eq(priv, priv_out)
626	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
627	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
628	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
629	\|\| !TEST_ptr(q)
630	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
631	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
632	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
633	OSSL_PKEY_PARAM_FFC_COFACTOR,
634	&j))
635	\|\| !TEST_ptr_null(j)
636	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
637	OSSL_PKEY_PARAM_FFC_SEED,
638	seed_out,
639	sizeof(seed_out),
640	&len))
641	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_GINDEX,
642	&gindex))
643	\|\| !TEST_int_eq(gindex, -1)
644	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
645	&hindex))
646	\|\| !TEST_int_eq(hindex, 0)
647	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
648	OSSL_PKEY_PARAM_FFC_PCOUNTER,
649	&pcounter))
650	\|\| !TEST_int_eq(pcounter, -1))
651	goto err;
652	BN_free(p);
653	p = NULL;
654	BN_free(q);
655	q = NULL;
656	BN_free(g);
657	g = NULL;
658	BN_free(j);
659	j = NULL;
660	BN_free(pub_out);
661	pub_out = NULL;
662	BN_free(priv_out);
663	priv_out = NULL;
664
665	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
666	goto err;
667
668	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
669	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
670	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
671	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
672	goto err;
673	EVP_PKEY_CTX_free(key_ctx);
674	key_ctx = NULL;
675
676	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
677	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
678	goto err;
679	EVP_PKEY_free(copy_pk);
680	copy_pk = NULL;
681
682	ret = test_print_key_using_pem("DH", pk)
683	&& test_print_key_using_encoder("DH", pk);
684
685	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
686	goto err;
687	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
688	EVP_PKEY_free(pk);
689	pk = dup_pk;
690	if (!ret)
691	goto err;
692	}
693	err:
694	BN_free(p);
695	BN_free(q);
696	BN_free(g);
697	BN_free(j);
698	BN_free(pub);
699	BN_free(priv);
700	BN_free(pub_out);
701	BN_free(priv_out);
702	EVP_PKEY_free(copy_pk);
703	EVP_PKEY_free(pk);
704	EVP_PKEY_CTX_free(ctx);
705	EVP_PKEY_CTX_free(key_ctx);
706	OSSL_PARAM_free(fromdata_params);
707	OSSL_PARAM_BLD_free(bld);
708
709	return ret;
710	}
711
712	static int test_fromdata_dh_fips186_4(void)
713	{
714	int ret = 0;
715	int gindex = 0, pcounter = 0, hindex = 0;
716	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
717	EVP_PKEY pk = NULL, dup_pk = NULL;
718	size_t len;
719	BIGNUM pub = NULL, priv = NULL;
720	BIGNUM pub_out = NULL, priv_out = NULL;
721	BIGNUM p = NULL, q = NULL, g = NULL, j = NULL;
722	OSSL_PARAM_BLD *bld = NULL;
723	OSSL_PARAM *fromdata_params = NULL;
724	char name_out[80];
725	unsigned char seed_out[32];
726
727	/*
728	* DH key data was generated using the following:
729	* openssl genpkey -algorithm DH
730	* -pkeyopt group:ffdhe2048 -pkeyopt priv_len:224 -text
731	*/
732	static const unsigned char priv_data[] = {
733	0x88, 0x85, 0xe7, 0x9f, 0xee, 0x6d, 0xc5, 0x7c, 0x78, 0xaf, 0x63, 0x5d,
734	0x38, 0x2a, 0xd0, 0xed, 0x56, 0x4b, 0x47, 0x21, 0x2b, 0xfa, 0x55, 0xfa,
735	0x87, 0xe8, 0xa9, 0x7b,
736	};
737	static const unsigned char pub_data[] = {
738	0xd6, 0x2d, 0x77, 0xe0, 0xd3, 0x7d, 0xf8, 0xeb, 0x98, 0x50, 0xa1, 0x82,
739	0x22, 0x65, 0xd5, 0xd9, 0xfe, 0xc9, 0x3f, 0xbe, 0x16, 0x83, 0xbd, 0x33,
740	0xe9, 0xc6, 0x93, 0xcf, 0x08, 0xaf, 0x83, 0xfa, 0x80, 0x8a, 0x6c, 0x64,
741	0xdf, 0x70, 0x64, 0xd5, 0x0a, 0x7c, 0x5a, 0x72, 0xda, 0x66, 0xe6, 0xf9,
742	0xf5, 0x31, 0x21, 0x92, 0xb0, 0x60, 0x1a, 0xb5, 0xd3, 0xf0, 0xa5, 0xfa,
743	0x48, 0x95, 0x2e, 0x38, 0xd9, 0xc5, 0xe6, 0xda, 0xfb, 0x6c, 0x03, 0x9d,
744	0x4b, 0x69, 0xb7, 0x95, 0xe4, 0x5c, 0xc0, 0x93, 0x4f, 0x48, 0xd9, 0x7e,
745	0x06, 0x22, 0xb2, 0xde, 0xf3, 0x79, 0x24, 0xed, 0xe1, 0xd1, 0x4a, 0x57,
746	0xf1, 0x40, 0x86, 0x70, 0x42, 0x25, 0xc5, 0x27, 0x68, 0xc9, 0xfa, 0xe5,
747	0x8e, 0x62, 0x7e, 0xff, 0x49, 0x6c, 0x5b, 0xb5, 0xba, 0xf9, 0xef, 0x9a,
748	0x1a, 0x10, 0xd4, 0x81, 0x53, 0xcf, 0x83, 0x04, 0x18, 0x1c, 0xe1, 0xdb,
749	0xe1, 0x65, 0xa9, 0x7f, 0xe1, 0x33, 0xeb, 0xc3, 0x4f, 0xe3, 0xb7, 0x22,
750	0xf7, 0x1c, 0x09, 0x4f, 0xed, 0xc6, 0x07, 0x8e, 0x78, 0x05, 0x8f, 0x7c,
751	0x96, 0xd9, 0x12, 0xe0, 0x81, 0x74, 0x1a, 0xe9, 0x13, 0xc0, 0x20, 0x82,
752	0x65, 0xbb, 0x42, 0x3b, 0xed, 0x08, 0x6a, 0x84, 0x4f, 0xea, 0x77, 0x14,
753	0x32, 0xf9, 0xed, 0xc2, 0x12, 0xd6, 0xc5, 0xc6, 0xb3, 0xe5, 0xf2, 0x6e,
754	0xf6, 0x16, 0x7f, 0x37, 0xde, 0xbc, 0x09, 0xc7, 0x06, 0x6b, 0x12, 0xbc,
755	0xad, 0x2d, 0x49, 0x25, 0xd5, 0xdc, 0xf4, 0x18, 0x14, 0xd2, 0xf0, 0xf1,
756	0x1d, 0x1f, 0x3a, 0xaa, 0x15, 0x55, 0xbb, 0x0d, 0x7f, 0xbe, 0x67, 0xa1,
757	0xa7, 0xf0, 0xaa, 0xb3, 0xfb, 0x41, 0x82, 0x39, 0x49, 0x93, 0xbc, 0xa8,
758	0xee, 0x72, 0x13, 0x45, 0x65, 0x15, 0x42, 0x17, 0xaa, 0xd8, 0xab, 0xcf,
759	0x33, 0x42, 0x83, 0x42
760	};
761	static const char group_name[] = "ffdhe2048";
762	static const long priv_len = 224;
763
764
765	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
766	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
767	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
768	\|\| !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
769	OSSL_PKEY_PARAM_GROUP_NAME,
770	group_name, 0))
771	\|\| !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN,
772	priv_len))
773	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub))
774	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv))
775	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
776	goto err;
777
778	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DH", NULL)))
779	goto err;
780
781	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
782	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
783	fromdata_params), 1))
784	goto err;
785
786	while (dup_pk == NULL) {
787	ret = 0;
788	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
789	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
790	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 256)
791	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
792	goto err;
793
794	if (!TEST_true(EVP_PKEY_get_utf8_string_param(pk,
795	OSSL_PKEY_PARAM_GROUP_NAME,
796	name_out,
797	sizeof(name_out),
798	&len))
799	\|\| !TEST_str_eq(name_out, group_name)
800	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
801	&pub_out))
802	\|\| !TEST_BN_eq(pub, pub_out)
803	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
804	&priv_out))
805	\|\| !TEST_BN_eq(priv, priv_out)
806	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P, &p))
807	\|\| !TEST_BN_eq(&ossl_bignum_ffdhe2048_p, p)
808	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q, &q))
809	\|\| !TEST_ptr(q)
810	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G, &g))
811	\|\| !TEST_BN_eq(&ossl_bignum_const_2, g)
812	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
813	OSSL_PKEY_PARAM_FFC_COFACTOR,
814	&j))
815	\|\| !TEST_ptr_null(j)
816	\|\| !TEST_false(EVP_PKEY_get_octet_string_param(pk,
817	OSSL_PKEY_PARAM_FFC_SEED,
818	seed_out,
819	sizeof(seed_out),
820	&len))
821	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
822	OSSL_PKEY_PARAM_FFC_GINDEX,
823	&gindex))
824	\|\| !TEST_int_eq(gindex, -1)
825	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
826	&hindex))
827	\|\| !TEST_int_eq(hindex, 0)
828	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
829	OSSL_PKEY_PARAM_FFC_PCOUNTER,
830	&pcounter))
831	\|\| !TEST_int_eq(pcounter, -1))
832	goto err;
833	BN_free(p);
834	p = NULL;
835	BN_free(q);
836	q = NULL;
837	BN_free(g);
838	g = NULL;
839	BN_free(j);
840	j = NULL;
841	BN_free(pub_out);
842	pub_out = NULL;
843	BN_free(priv_out);
844	priv_out = NULL;
845
846	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
847	goto err;
848
849	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
850	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
851	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
852	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
853	goto err;
854	EVP_PKEY_CTX_free(key_ctx);
855	key_ctx = NULL;
856
857	ret = test_print_key_using_pem("DH", pk)
858	&& test_print_key_using_encoder("DH", pk);
859
860	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
861	goto err;
862	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
863	EVP_PKEY_free(pk);
864	pk = dup_pk;
865	if (!ret)
866	goto err;
867	}
868	err:
869	BN_free(p);
870	BN_free(q);
871	BN_free(g);
872	BN_free(j);
873	BN_free(pub);
874	BN_free(priv);
875	BN_free(pub_out);
876	BN_free(priv_out);
877	EVP_PKEY_free(pk);
878	EVP_PKEY_CTX_free(ctx);
879	EVP_PKEY_CTX_free(key_ctx);
880	OSSL_PARAM_free(fromdata_params);
881	OSSL_PARAM_BLD_free(bld);
882
883	return ret;
884	}
885
886	#endif
887
888
889
890	#ifndef OPENSSL_NO_EC
891	/* Array indexes used in test_fromdata_ecx */
892	# define PRIV_KEY 0
893	# define PUB_KEY 1
894
895	# define X25519_IDX 0
896	# define X448_IDX 1
897	# define ED25519_IDX 2
898	# define ED448_IDX 3
899
900	/*
901	* tst uses indexes 0 ... (3 * 4 - 1)
902	* For the 4 ECX key types (X25519_IDX..ED448_IDX)
903	* 0..3 = public + private key.
904	* 4..7 = private key (This will generate the public key from the private key)
905	* 8..11 = public key
906	*/
907	static int test_fromdata_ecx(int tst)
908	{
909	int ret = 0;
910	EVP_PKEY_CTX ctx = NULL, ctx2 = NULL;
911	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
912	const char *alg = NULL;
913	size_t len;
914	unsigned char out_pub[ED448_KEYLEN];
915	unsigned char out_priv[ED448_KEYLEN];
916	OSSL_PARAM params[3] = { OSSL_PARAM_END, OSSL_PARAM_END, OSSL_PARAM_END };
917
918	/* ED448_KEYLEN > X448_KEYLEN > X25519_KEYLEN == ED25519_KEYLEN */
919	static unsigned char key_numbers[4][2][ED448_KEYLEN] = {
920	/* X25519: Keys from RFC 7748 6.1 */
921	{
922	/* Private Key */
923	{
924	0x77, 0x07, 0x6d, 0x0a, 0x73, 0x18, 0xa5, 0x7d, 0x3c, 0x16,
925	0xc1, 0x72, 0x51, 0xb2, 0x66, 0x45, 0xdf, 0x4c, 0x2f, 0x87,
926	0xeb, 0xc0, 0x99, 0x2a, 0xb1, 0x77, 0xfb, 0xa5, 0x1d, 0xb9,
927	0x2c, 0x2a
928	},
929	/* Public Key */
930	{
931	0x85, 0x20, 0xf0, 0x09, 0x89, 0x30, 0xa7, 0x54, 0x74, 0x8b,
932	0x7d, 0xdc, 0xb4, 0x3e, 0xf7, 0x5a, 0x0d, 0xbf, 0x3a, 0x0d,
933	0x26, 0x38, 0x1a, 0xf4, 0xeb, 0xa4, 0xa9, 0x8e, 0xaa, 0x9b,
934	0x4e, 0x6a
935	}
936	},
937	/* X448: Keys from RFC 7748 6.2 */
938	{
939	/* Private Key */
940	{
941	0x9a, 0x8f, 0x49, 0x25, 0xd1, 0x51, 0x9f, 0x57, 0x75, 0xcf,
942	0x46, 0xb0, 0x4b, 0x58, 0x00, 0xd4, 0xee, 0x9e, 0xe8, 0xba,
943	0xe8, 0xbc, 0x55, 0x65, 0xd4, 0x98, 0xc2, 0x8d, 0xd9, 0xc9,
944	0xba, 0xf5, 0x74, 0xa9, 0x41, 0x97, 0x44, 0x89, 0x73, 0x91,
945	0x00, 0x63, 0x82, 0xa6, 0xf1, 0x27, 0xab, 0x1d, 0x9a, 0xc2,
946	0xd8, 0xc0, 0xa5, 0x98, 0x72, 0x6b
947	},
948	/* Public Key */
949	{
950	0x9b, 0x08, 0xf7, 0xcc, 0x31, 0xb7, 0xe3, 0xe6, 0x7d, 0x22,
951	0xd5, 0xae, 0xa1, 0x21, 0x07, 0x4a, 0x27, 0x3b, 0xd2, 0xb8,
952	0x3d, 0xe0, 0x9c, 0x63, 0xfa, 0xa7, 0x3d, 0x2c, 0x22, 0xc5,
953	0xd9, 0xbb, 0xc8, 0x36, 0x64, 0x72, 0x41, 0xd9, 0x53, 0xd4,
954	0x0c, 0x5b, 0x12, 0xda, 0x88, 0x12, 0x0d, 0x53, 0x17, 0x7f,
955	0x80, 0xe5, 0x32, 0xc4, 0x1f, 0xa0
956	}
957	},
958	/* ED25519: Keys from RFC 8032 */
959	{
960	/* Private Key */
961	{
962	0x9d, 0x61, 0xb1, 0x9d, 0xef, 0xfd, 0x5a, 0x60, 0xba, 0x84,
963	0x4a, 0xf4, 0x92, 0xec, 0x2c, 0xc4, 0x44, 0x49, 0xc5, 0x69,
964	0x7b, 0x32, 0x69, 0x19, 0x70, 0x3b, 0xac, 0x03, 0x1c, 0xae,
965	0x7f, 0x60
966	},
967	/* Public Key */
968	{
969	0xd7, 0x5a, 0x98, 0x01, 0x82, 0xb1, 0x0a, 0xb7, 0xd5, 0x4b,
970	0xfe, 0xd3, 0xc9, 0x64, 0x07, 0x3a, 0x0e, 0xe1, 0x72, 0xf3,
971	0xda, 0xa6, 0x23, 0x25, 0xaf, 0x02, 0x1a, 0x68, 0xf7, 0x07,
972	0x51, 0x1a
973	}
974	},
975	/* ED448: Keys from RFC 8032 */
976	{
977	/* Private Key */
978	{
979	0x6c, 0x82, 0xa5, 0x62, 0xcb, 0x80, 0x8d, 0x10, 0xd6, 0x32,
980	0xbe, 0x89, 0xc8, 0x51, 0x3e, 0xbf, 0x6c, 0x92, 0x9f, 0x34,
981	0xdd, 0xfa, 0x8c, 0x9f, 0x63, 0xc9, 0x96, 0x0e, 0xf6, 0xe3,
982	0x48, 0xa3, 0x52, 0x8c, 0x8a, 0x3f, 0xcc, 0x2f, 0x04, 0x4e,
983	0x39, 0xa3, 0xfc, 0x5b, 0x94, 0x49, 0x2f, 0x8f, 0x03, 0x2e,
984	0x75, 0x49, 0xa2, 0x00, 0x98, 0xf9, 0x5b
985	},
986	/* Public Key */
987	{
988	0x5f, 0xd7, 0x44, 0x9b, 0x59, 0xb4, 0x61, 0xfd, 0x2c, 0xe7,
989	0x87, 0xec, 0x61, 0x6a, 0xd4, 0x6a, 0x1d, 0xa1, 0x34, 0x24,
990	0x85, 0xa7, 0x0e, 0x1f, 0x8a, 0x0e, 0xa7, 0x5d, 0x80, 0xe9,
991	0x67, 0x78, 0xed, 0xf1, 0x24, 0x76, 0x9b, 0x46, 0xc7, 0x06,
992	0x1b, 0xd6, 0x78, 0x3d, 0xf1, 0xe5, 0x0f, 0x6c, 0xd1, 0xfa,
993	0x1a, 0xbe, 0xaf, 0xe8, 0x25, 0x61, 0x80
994	}
995	}
996	};
997	OSSL_PARAM x25519_fromdata_params[] = {
998	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
999	key_numbers[X25519_IDX][PRIV_KEY],
1000	X25519_KEYLEN),
1001	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1002	key_numbers[X25519_IDX][PUB_KEY],
1003	X25519_KEYLEN),
1004	OSSL_PARAM_END
1005	};
1006	OSSL_PARAM x448_fromdata_params[] = {
1007	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1008	key_numbers[X448_IDX][PRIV_KEY],
1009	X448_KEYLEN),
1010	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1011	key_numbers[X448_IDX][PUB_KEY],
1012	X448_KEYLEN),
1013	OSSL_PARAM_END
1014	};
1015	OSSL_PARAM ed25519_fromdata_params[] = {
1016	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1017	key_numbers[ED25519_IDX][PRIV_KEY],
1018	ED25519_KEYLEN),
1019	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1020	key_numbers[ED25519_IDX][PUB_KEY],
1021	ED25519_KEYLEN),
1022	OSSL_PARAM_END
1023	};
1024	OSSL_PARAM ed448_fromdata_params[] = {
1025	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PRIV_KEY,
1026	key_numbers[ED448_IDX][PRIV_KEY],
1027	ED448_KEYLEN),
1028	OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_PUB_KEY,
1029	key_numbers[ED448_IDX][PUB_KEY],
1030	ED448_KEYLEN),
1031	OSSL_PARAM_END
1032	};
1033	OSSL_PARAM *fromdata_params = NULL;
1034	int bits = 0, security_bits = 0, size = 0;
1035	OSSL_PARAM *orig_fromdata_params = NULL;
1036
1037	switch (tst & 3) {
1038	case X25519_IDX:
1039	fromdata_params = x25519_fromdata_params;
1040	bits = X25519_BITS;
1041	security_bits = X25519_SECURITY_BITS;
1042	size = X25519_KEYLEN;
1043	alg = "X25519";
1044	break;
1045
1046	case X448_IDX:
1047	fromdata_params = x448_fromdata_params;
1048	bits = X448_BITS;
1049	security_bits = X448_SECURITY_BITS;
1050	size = X448_KEYLEN;
1051	alg = "X448";
1052	break;
1053
1054	case ED25519_IDX:
1055	fromdata_params = ed25519_fromdata_params;
1056	bits = ED25519_BITS;
1057	security_bits = ED25519_SECURITY_BITS;
1058	size = ED25519_SIGSIZE;
1059	alg = "ED25519";
1060	break;
1061
1062	case ED448_IDX:
1063	fromdata_params = ed448_fromdata_params;
1064	bits = ED448_BITS;
1065	security_bits = ED448_SECURITY_BITS;
1066	size = ED448_SIGSIZE;
1067	alg = "ED448";
1068	break;
1069	default:
1070	goto err;
1071	}
1072
1073	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1074	if (!TEST_ptr(ctx))
1075	goto err;
1076
1077	orig_fromdata_params = fromdata_params;
1078	if (tst > 7) {
1079	/* public key only */
1080	fromdata_params++;
1081	} else if (tst > 3) {
1082	/* private key only */
1083	params[0] = fromdata_params[0];
1084	params[1] = fromdata_params[2];
1085	fromdata_params = params;
1086	}
1087
1088	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1089	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1090	fromdata_params), 1))
1091	goto err;
1092
1093	while (dup_pk == NULL) {
1094	ret = 0;
1095	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), bits)
1096	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), security_bits)
1097	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), size)
1098	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1099	goto err;
1100
1101	if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, pk, NULL)))
1102	goto err;
1103	if (tst <= 7) {
1104	if (!TEST_int_gt(EVP_PKEY_check(ctx2), 0))
1105	goto err;
1106	if (!TEST_true(EVP_PKEY_get_octet_string_param(
1107	pk, orig_fromdata_params[PRIV_KEY].key,
1108	out_priv, sizeof(out_priv), &len))
1109	\|\| !TEST_mem_eq(out_priv, len,
1110	orig_fromdata_params[PRIV_KEY].data,
1111	orig_fromdata_params[PRIV_KEY].data_size)
1112	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(
1113	pk, orig_fromdata_params[PUB_KEY].key,
1114	out_pub, sizeof(out_pub), &len))
1115	\|\| !TEST_mem_eq(out_pub, len,
1116	orig_fromdata_params[PUB_KEY].data,
1117	orig_fromdata_params[PUB_KEY].data_size))
1118	goto err;
1119	} else {
1120	/* The private key check should fail if there is only a public key */
1121	if (!TEST_int_gt(EVP_PKEY_public_check(ctx2), 0)
1122	\|\| !TEST_int_le(EVP_PKEY_private_check(ctx2), 0)
1123	\|\| !TEST_int_le(EVP_PKEY_check(ctx2), 0))
1124	goto err;
1125	}
1126	EVP_PKEY_CTX_free(ctx2);
1127	ctx2 = NULL;
1128
1129	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1130	/* This should succeed because there are no parameters to copy */
1131	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1132	goto err;
1133	if (!TEST_ptr(ctx2 = EVP_PKEY_CTX_new_from_pkey(NULL, copy_pk, NULL))
1134	/* This should fail because copy_pk has no pubkey */
1135	\|\| !TEST_int_le(EVP_PKEY_public_check(ctx2), 0))
1136	goto err;
1137	EVP_PKEY_CTX_free(ctx2);
1138	ctx2 = NULL;
1139	EVP_PKEY_free(copy_pk);
1140	copy_pk = NULL;
1141
1142	if (tst > 7)
1143	ret = test_print_key_using_encoder_public(alg, pk);
1144	else
1145	ret = test_print_key_using_pem(alg, pk)
1146	&& test_print_key_using_encoder(alg, pk);
1147
1148	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1149	goto err;
1150	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1151	EVP_PKEY_free(pk);
1152	pk = dup_pk;
1153	if (!ret)
1154	goto err;
1155	}
1156
1157	err:
1158	EVP_PKEY_free(pk);
1159	EVP_PKEY_free(copy_pk);
1160	EVP_PKEY_CTX_free(ctx);
1161	EVP_PKEY_CTX_free(ctx2);
1162
1163	return ret;
1164	}
1165
1166	static int test_fromdata_ec(void)
1167	{
1168	int ret = 0;
1169	EVP_PKEY_CTX *ctx = NULL;
1170	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1171	OSSL_PARAM_BLD *bld = NULL;
1172	BIGNUM *ec_priv_bn = NULL;
1173	BIGNUM *bn_priv = NULL;
1174	OSSL_PARAM *fromdata_params = NULL;
1175	const char *alg = "EC";
1176	const char *curve = "prime256v1";
1177	const char bad_curve[] = "nonexistent-curve";
1178	OSSL_PARAM nokey_params[2] = {
1179	OSSL_PARAM_END,
1180	OSSL_PARAM_END
1181	};
1182	/* UNCOMPRESSED FORMAT */
1183	static const unsigned char ec_pub_keydata[] = {
1184	POINT_CONVERSION_UNCOMPRESSED,
1185	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1186	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1187	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1188	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2,
1189	0x80, 0xec, 0xe9, 0xa7, 0x08, 0x29, 0x71, 0x2f,
1190	0xc9, 0x56, 0x82, 0xee, 0x9a, 0x85, 0x0f, 0x6d,
1191	0x7f, 0x59, 0x5f, 0x8c, 0xd1, 0x96, 0x0b, 0xdf,
1192	0x29, 0x3e, 0x49, 0x07, 0x88, 0x3f, 0x9a, 0x29
1193	};
1194	/* SAME BUT COMPRESSED FORMAT */
1195	static const unsigned char ec_pub_keydata_compressed[] = {
1196	POINT_CONVERSION_COMPRESSED+1,
1197	0x1b, 0x93, 0x67, 0x55, 0x1c, 0x55, 0x9f, 0x63,
1198	0xd1, 0x22, 0xa4, 0xd8, 0xd1, 0x0a, 0x60, 0x6d,
1199	0x02, 0xa5, 0x77, 0x57, 0xc8, 0xa3, 0x47, 0x73,
1200	0x3a, 0x6a, 0x08, 0x28, 0x39, 0xbd, 0xc9, 0xd2
1201	};
1202	static const unsigned char ec_priv_keydata[] = {
1203	0x33, 0xd0, 0x43, 0x83, 0xa9, 0x89, 0x56, 0x03,
1204	0xd2, 0xd7, 0xfe, 0x6b, 0x01, 0x6f, 0xe4, 0x59,
1205	0xcc, 0x0d, 0x9a, 0x24, 0x6c, 0x86, 0x1b, 0x2e,
1206	0xdc, 0x4b, 0x4d, 0x35, 0x43, 0xe1, 0x1b, 0xad
1207	};
1208	unsigned char out_pub[sizeof(ec_pub_keydata)];
1209	char out_curve_name[80];
1210	const OSSL_PARAM *gettable = NULL;
1211	size_t len;
1212	EC_GROUP *group = NULL;
1213	BIGNUM *group_a = NULL;
1214	BIGNUM *group_b = NULL;
1215	BIGNUM *group_p = NULL;
1216	BIGNUM *a = NULL;
1217	BIGNUM *b = NULL;
1218	BIGNUM *p = NULL;
1219
1220
1221	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()))
1222	goto err;
1223	if (!TEST_ptr(ec_priv_bn = BN_bin2bn(ec_priv_keydata,
1224	sizeof(ec_priv_keydata), NULL)))
1225	goto err;
1226
1227	if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME,
1228	curve, 0) <= 0)
1229	goto err;
1230	/*
1231	* We intentionally provide the input point in compressed format,
1232	* and avoid setting `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`.
1233	*
1234	* Later on we check what format is used when exporting the
1235	* `OSSL_PKEY_PARAM_PUB_KEY` and expect to default to uncompressed
1236	* format.
1237	*/
1238	if (OSSL_PARAM_BLD_push_octet_string(bld, OSSL_PKEY_PARAM_PUB_KEY,
1239	ec_pub_keydata_compressed,
1240	sizeof(ec_pub_keydata_compressed)) <= 0)
1241	goto err;
1242	if (OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, ec_priv_bn) <= 0)
1243	goto err;
1244	if (!TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1245	goto err;
1246	ctx = EVP_PKEY_CTX_new_from_name(NULL, alg, NULL);
1247	if (!TEST_ptr(ctx))
1248	goto err;
1249
1250	/* try importing parameters with bad curve first */
1251	nokey_params[0] =
1252	OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME,
1253	(char *)bad_curve, sizeof(bad_curve));
1254	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1255	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEY_PARAMETERS,
1256	nokey_params), 0)
1257	\|\| !TEST_ptr_null(pk))
1258	goto err;
1259
1260	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1261	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1262	fromdata_params), 1))
1263	goto err;
1264
1265	while (dup_pk == NULL) {
1266	ret = 0;
1267	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 256)
1268	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 128)
1269	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 35 * 2)
1270	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1271	goto err;
1272
1273	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1274	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1275	goto err;
1276	EVP_PKEY_free(copy_pk);
1277	copy_pk = NULL;
1278
1279	if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pk))
1280	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1281	OSSL_PKEY_PARAM_GROUP_NAME))
1282	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1283	OSSL_PKEY_PARAM_PUB_KEY))
1284	\|\| !TEST_ptr(OSSL_PARAM_locate_const(gettable,
1285	OSSL_PKEY_PARAM_PRIV_KEY)))
1286	goto err;
1287
1288	if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(OBJ_sn2nid(curve)))
1289	\|\| !TEST_ptr(group_p = BN_new())
1290	\|\| !TEST_ptr(group_a = BN_new())
1291	\|\| !TEST_ptr(group_b = BN_new())
1292	\|\| !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)))
1293	goto err;
1294
1295	if (!TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_A, &a))
1296	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_B, &b))
1297	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_EC_P, &p)))
1298	goto err;
1299
1300	if (!TEST_BN_eq(group_p, p) \|\| !TEST_BN_eq(group_a, a)
1301	\|\| !TEST_BN_eq(group_b, b))
1302	goto err;
1303
1304	if (!EVP_PKEY_get_utf8_string_param(pk, OSSL_PKEY_PARAM_GROUP_NAME,
1305	out_curve_name,
1306	sizeof(out_curve_name),
1307	&len)
1308	\|\| !TEST_str_eq(out_curve_name, curve)
1309	\|\| !EVP_PKEY_get_octet_string_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1310	out_pub, sizeof(out_pub), &len)
1311
1312	/*
1313	* Our providers use uncompressed format by default if
1314	* `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT` was not
1315	* explicitly set, irrespective of the format used for the
1316	* input point given as a param to create this key.
1317	*/
1318	\|\| !TEST_true(out_pub[0] == POINT_CONVERSION_UNCOMPRESSED)
1319	\|\| !TEST_mem_eq(out_pub + 1, len - 1,
1320	ec_pub_keydata + 1, sizeof(ec_pub_keydata) - 1)
1321
1322	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1323	&bn_priv))
1324	\|\| !TEST_BN_eq(ec_priv_bn, bn_priv))
1325	goto err;
1326	BN_free(bn_priv);
1327	bn_priv = NULL;
1328
1329	ret = test_print_key_using_pem(alg, pk)
1330	&& test_print_key_using_encoder(alg, pk);
1331
1332	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1333	goto err;
1334	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1335	EVP_PKEY_free(pk);
1336	pk = dup_pk;
1337	if (!ret)
1338	goto err;
1339	}
1340
1341	err:
1342	EC_GROUP_free(group);
1343	BN_free(group_a);
1344	BN_free(group_b);
1345	BN_free(group_p);
1346	BN_free(a);
1347	BN_free(b);
1348	BN_free(p);
1349	BN_free(bn_priv);
1350	BN_free(ec_priv_bn);
1351	OSSL_PARAM_free(fromdata_params);
1352	OSSL_PARAM_BLD_free(bld);
1353	EVP_PKEY_free(pk);
1354	EVP_PKEY_free(copy_pk);
1355	EVP_PKEY_CTX_free(ctx);
1356	return ret;
1357	}
1358
1359	static int test_ec_dup_no_operation(void)
1360	{
1361	int ret = 0;
1362	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1363	EVP_PKEY param = NULL, pkey = NULL;
1364
1365	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1366	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1367	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1368	NID_X9_62_prime256v1), 0)
1369	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1370	\|\| !TEST_ptr(param))
1371	goto err;
1372
1373	EVP_PKEY_CTX_free(pctx);
1374	pctx = NULL;
1375
1376	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1377	\|\| !TEST_ptr(kctx = EVP_PKEY_CTX_dup(ctx))
1378	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(kctx), 0)
1379	\|\| !TEST_int_gt(EVP_PKEY_keygen(kctx, &pkey), 0))
1380	goto err;
1381	ret = 1;
1382	err:
1383	EVP_PKEY_free(pkey);
1384	EVP_PKEY_free(param);
1385	EVP_PKEY_CTX_free(ctx);
1386	EVP_PKEY_CTX_free(kctx);
1387	EVP_PKEY_CTX_free(pctx);
1388	return ret;
1389	}
1390
1391	/* Test that keygen doesn't support EVP_PKEY_CTX_dup */
1392	static int test_ec_dup_keygen_operation(void)
1393	{
1394	int ret = 0;
1395	EVP_PKEY_CTX pctx = NULL, ctx = NULL, *kctx = NULL;
1396	EVP_PKEY param = NULL, pkey = NULL;
1397
1398	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL))
1399	\|\| !TEST_int_gt(EVP_PKEY_paramgen_init(pctx), 0)
1400	\|\| !TEST_int_gt(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx,
1401	NID_X9_62_prime256v1), 0)
1402	\|\| !TEST_int_gt(EVP_PKEY_paramgen(pctx, &param), 0)
1403	\|\| !TEST_ptr(param))
1404	goto err;
1405
1406	EVP_PKEY_CTX_free(pctx);
1407	pctx = NULL;
1408
1409	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(NULL, param, NULL))
1410	\|\| !TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
1411	\|\| !TEST_ptr_null(kctx = EVP_PKEY_CTX_dup(ctx)))
1412	goto err;
1413	ret = 1;
1414	err:
1415	EVP_PKEY_free(pkey);
1416	EVP_PKEY_free(param);
1417	EVP_PKEY_CTX_free(ctx);
1418	EVP_PKEY_CTX_free(kctx);
1419	EVP_PKEY_CTX_free(pctx);
1420	return ret;
1421	}
1422
1423	#endif /* OPENSSL_NO_EC */
1424
1425	#ifndef OPENSSL_NO_DSA
1426	static int test_fromdata_dsa_fips186_4(void)
1427	{
1428	int ret = 0;
1429	EVP_PKEY_CTX ctx = NULL, key_ctx = NULL;
1430	EVP_PKEY pk = NULL, copy_pk = NULL, *dup_pk = NULL;
1431	BIGNUM pub = NULL, priv = NULL;
1432	BIGNUM p = NULL, q = NULL, *g = NULL;
1433	BIGNUM pub_out = NULL, priv_out = NULL;
1434	BIGNUM p_out = NULL, q_out = NULL, g_out = NULL, j_out = NULL;
1435	int gindex_out = 0, pcounter_out = 0, hindex_out = 0;
1436	char name_out[80];
1437	unsigned char seed_out[32];
1438	size_t len;
1439	OSSL_PARAM_BLD *bld = NULL;
1440	OSSL_PARAM *fromdata_params = NULL;
1441
1442	/*
1443	* DSA parameter data was generated using the following:
1444	* openssl genpkey -genparam -algorithm DSA -pkeyopt pbits:2048 \
1445	* -pkeyopt qbits:256 -pkeyopt type:0 \
1446	* -pkeyopt gindex:1 -out dsa_params.pem -text
1447	*/
1448	static const unsigned char p_data[] = {
1449	0x00, 0xa0, 0xb7, 0x02, 0xc4, 0xac, 0xa6, 0x42, 0xab, 0xf2, 0x34, 0x0b,
1450	0x22, 0x47, 0x1f, 0x33, 0xcf, 0xd5, 0x04, 0xe4, 0x3e, 0xec, 0xa1, 0x21,
1451	0xc8, 0x41, 0x2b, 0xef, 0xb8, 0x1f, 0x0b, 0x5b, 0x88, 0x8b, 0x67, 0xf8,
1452	0x68, 0x6d, 0x7c, 0x4d, 0x96, 0x5f, 0x3c, 0x66, 0xef, 0x58, 0x34, 0xd7,
1453	0xf6, 0xa2, 0x1b, 0xad, 0xc8, 0x12, 0x52, 0xb8, 0xe8, 0x2a, 0x63, 0xcc,
1454	0xea, 0xe7, 0x4e, 0xc8, 0x34, 0x4c, 0x58, 0x59, 0x0a, 0xc2, 0x4a, 0xe4,
1455	0xb4, 0x64, 0x20, 0xf4, 0xf6, 0x0a, 0xcf, 0x86, 0x01, 0x6c, 0x7f, 0x23,
1456	0x4a, 0x51, 0x07, 0x99, 0x42, 0x28, 0x7a, 0xff, 0x18, 0x67, 0x52, 0x64,
1457	0xf2, 0x9a, 0x62, 0x30, 0xc3, 0x00, 0xde, 0x23, 0xe9, 0x11, 0x95, 0x7e,
1458	0xd1, 0x3d, 0x8d, 0xb4, 0x0e, 0x9f, 0x9e, 0xb1, 0x30, 0x03, 0xf0, 0x73,
1459	0xa8, 0x40, 0x48, 0x42, 0x7b, 0x60, 0xa0, 0xc4, 0xf2, 0x3b, 0x2d, 0x0a,
1460	0x0c, 0xb8, 0x19, 0xfb, 0xb4, 0xf8, 0xe0, 0x2a, 0xc7, 0xf1, 0xc0, 0xc6,
1461	0x86, 0x14, 0x60, 0x12, 0x0f, 0xc0, 0xde, 0x4a, 0x67, 0xec, 0xc7, 0xde,
1462	0x76, 0x21, 0x1a, 0x55, 0x7f, 0x86, 0xc3, 0x97, 0x98, 0xce, 0xf5, 0xcd,
1463	0xf0, 0xe7, 0x12, 0xd6, 0x93, 0xee, 0x1b, 0x9b, 0x61, 0xef, 0x05, 0x8c,
1464	0x45, 0x46, 0xd9, 0x64, 0x6f, 0xbe, 0x27, 0xaa, 0x67, 0x01, 0xcc, 0x71,
1465	0xb1, 0x60, 0xce, 0x21, 0xd8, 0x51, 0x17, 0x27, 0x0d, 0x90, 0x3d, 0x18,
1466	0x7c, 0x87, 0x15, 0x8e, 0x48, 0x4c, 0x6c, 0xc5, 0x72, 0xeb, 0xb7, 0x56,
1467	0xf5, 0x6b, 0x60, 0x8f, 0xc2, 0xfd, 0x3f, 0x46, 0x5c, 0x00, 0x91, 0x85,
1468	0x79, 0x45, 0x5b, 0x1c, 0x82, 0xc4, 0x87, 0x50, 0x79, 0xba, 0xcc, 0x1c,
1469	0x32, 0x7e, 0x2e, 0xb8, 0x2e, 0xc5, 0x4e, 0xd1, 0x9b, 0xdb, 0x66, 0x79,
1470	0x7c, 0xfe, 0xaf, 0x6a, 0x05
1471	};
1472	static const unsigned char q_data[] = {
1473	0xa8, 0xcd, 0xf4, 0x33, 0x7b, 0x13, 0x0a, 0x24, 0xc1, 0xde, 0x4a, 0x04,
1474	0x7b, 0x4b, 0x71, 0x51, 0x32, 0xe9, 0x47, 0x74, 0xbd, 0x0c, 0x21, 0x40,
1475	0x84, 0x12, 0x0a, 0x17, 0x73, 0xdb, 0x29, 0xc7
1476	};
1477	static const unsigned char g_data[] = {
1478	0x6c, 0xc6, 0xa4, 0x3e, 0x61, 0x84, 0xc1, 0xff, 0x6f, 0x4a, 0x1a, 0x6b,
1479	0xb0, 0x24, 0x4b, 0xd2, 0x92, 0x5b, 0x29, 0x5c, 0x61, 0xb8, 0xc9, 0x2b,
1480	0xd6, 0xf7, 0x59, 0xfd, 0xd8, 0x70, 0x66, 0x77, 0xfc, 0xc1, 0xa4, 0xd4,
1481	0xb0, 0x1e, 0xd5, 0xbf, 0x59, 0x98, 0xb3, 0x66, 0x8b, 0xf4, 0x2e, 0xe6,
1482	0x12, 0x3e, 0xcc, 0xf8, 0x02, 0xb8, 0xc6, 0xc3, 0x47, 0xd2, 0xf5, 0xaa,
1483	0x0c, 0x5f, 0x51, 0xf5, 0xd0, 0x4c, 0x55, 0x3d, 0x07, 0x73, 0xa6, 0x57,
1484	0xce, 0x5a, 0xad, 0x42, 0x0c, 0x13, 0x0f, 0xe2, 0x31, 0x25, 0x8e, 0x72,
1485	0x12, 0x73, 0x10, 0xdb, 0x7f, 0x79, 0xeb, 0x59, 0xfc, 0xfe, 0xf7, 0x0c,
1486	0x1a, 0x81, 0x53, 0x96, 0x22, 0xb8, 0xe7, 0x58, 0xd8, 0x67, 0x80, 0x60,
1487	0xad, 0x8b, 0x55, 0x1c, 0x91, 0xf0, 0x72, 0x9a, 0x7e, 0xad, 0x37, 0xf1,
1488	0x77, 0x18, 0x96, 0x8a, 0x68, 0x70, 0xfc, 0x71, 0xa9, 0xa2, 0xe8, 0x35,
1489	0x27, 0x78, 0xf2, 0xef, 0x59, 0x36, 0x6d, 0x7c, 0xb6, 0x98, 0xd8, 0x1e,
1490	0xfa, 0x25, 0x73, 0x97, 0x45, 0x58, 0xe3, 0xae, 0xbd, 0x52, 0x54, 0x05,
1491	0xd8, 0x26, 0x26, 0xba, 0xba, 0x05, 0xb5, 0xe9, 0xe5, 0x76, 0xae, 0x25,
1492	0xdd, 0xfc, 0x10, 0x89, 0x5a, 0xa9, 0xee, 0x59, 0xc5, 0x79, 0x8b, 0xeb,
1493	0x1e, 0x2c, 0x61, 0xab, 0x0d, 0xd1, 0x10, 0x04, 0x91, 0x32, 0x77, 0x4a,
1494	0xa6, 0x64, 0x53, 0xda, 0x4c, 0xd7, 0x3a, 0x29, 0xd4, 0xf3, 0x82, 0x25,
1495	0x1d, 0x6f, 0x4a, 0x7f, 0xd3, 0x08, 0x3b, 0x42, 0x30, 0x10, 0xd8, 0xd0,
1496	0x97, 0x3a, 0xeb, 0x92, 0x63, 0xec, 0x93, 0x2b, 0x6f, 0x32, 0xd8, 0xcd,
1497	0x80, 0xd3, 0xc0, 0x4c, 0x03, 0xd5, 0xca, 0xbc, 0x8f, 0xc7, 0x43, 0x53,
1498	0x64, 0x66, 0x1c, 0x82, 0x2d, 0xfb, 0xff, 0x39, 0xba, 0xd6, 0x42, 0x62,
1499	0x02, 0x6f, 0x96, 0x36
1500	};
1501	static const unsigned char seed_data[] = {
1502	0x64, 0x46, 0x07, 0x32, 0x8d, 0x70, 0x9c, 0xb3, 0x8a, 0x35, 0xde, 0x62,
1503	0x00, 0xf2, 0x6d, 0x52, 0x37, 0x4d, 0xb3, 0x84, 0xe1, 0x9d, 0x41, 0x04,
1504	0xda, 0x7b, 0xdc, 0x0d, 0x8b, 0x5e, 0xe0, 0x84
1505	};
1506	const int gindex = 1;
1507	const int pcounter = 53;
1508	/*
1509	* The keypair was generated using
1510	* openssl genpkey -paramfile dsa_params.pem --pkeyopt pcounter:53 \
1511	* -pkeyopt gindex:1 \
1512	* -pkeyopt hexseed:644607328d709cb38a35de6200f26d -text
1513	*/
1514	static const unsigned char priv_data[] = {
1515	0x00, 0x8f, 0xc5, 0x9e, 0xd0, 0xf7, 0x2a, 0x0b, 0x66, 0xf1, 0x32, 0x73,
1516	0xae, 0xf6, 0xd9, 0xd4, 0xdb, 0x2d, 0x96, 0x55, 0x89, 0xff, 0xef, 0xa8,
1517	0x5f, 0x47, 0x8f, 0xca, 0x02, 0x8a, 0xe1, 0x35, 0x90
1518	};
1519	static const unsigned char pub_data[] = {
1520	0x44, 0x19, 0xc9, 0x46, 0x45, 0x57, 0xc1, 0xa9, 0xd8, 0x30, 0x99, 0x29,
1521	0x6a, 0x4b, 0x63, 0x71, 0x69, 0x96, 0x35, 0x17, 0xb2, 0x62, 0x9b, 0x80,
1522	0x0a, 0x95, 0x9d, 0x6a, 0xc0, 0x32, 0x0d, 0x07, 0x5f, 0x19, 0x44, 0x02,
1523	0xf1, 0xbd, 0xce, 0xdf, 0x10, 0xf8, 0x02, 0x5d, 0x7d, 0x98, 0x8a, 0x73,
1524	0x89, 0x00, 0xb6, 0x24, 0xd6, 0x33, 0xe7, 0xcf, 0x8b, 0x49, 0x2a, 0xaf,
1525	0x13, 0x1c, 0xb2, 0x52, 0x15, 0xfd, 0x9b, 0xd5, 0x40, 0x4a, 0x1a, 0xda,
1526	0x29, 0x4c, 0x92, 0x7e, 0x66, 0x06, 0xdb, 0x61, 0x86, 0xac, 0xb5, 0xda,
1527	0x3c, 0x7d, 0x73, 0x7e, 0x54, 0x32, 0x68, 0xa5, 0x02, 0xbc, 0x59, 0x47,
1528	0x84, 0xd3, 0x87, 0x71, 0x5f, 0xeb, 0x43, 0x45, 0x24, 0xd3, 0xec, 0x08,
1529	0x52, 0xc2, 0x89, 0x2d, 0x9c, 0x1a, 0xcc, 0x91, 0x65, 0x5d, 0xa3, 0xa1,
1530	0x35, 0x31, 0x10, 0x1c, 0x3a, 0xa8, 0x4d, 0x18, 0xd5, 0x06, 0xaf, 0xb2,
1531	0xec, 0x5c, 0x89, 0x9e, 0x90, 0x86, 0x10, 0x01, 0xeb, 0x51, 0xd5, 0x1b,
1532	0x9c, 0xcb, 0x66, 0x07, 0x3f, 0xc4, 0x6e, 0x0a, 0x1b, 0x73, 0xa0, 0x4b,
1533	0x5f, 0x4d, 0xab, 0x35, 0x28, 0xfa, 0xda, 0x3a, 0x0c, 0x08, 0xe8, 0xf3,
1534	0xef, 0x42, 0x67, 0xbc, 0x21, 0xf2, 0xc2, 0xb8, 0xff, 0x1a, 0x81, 0x05,
1535	0x68, 0x73, 0x62, 0xdf, 0xd7, 0xab, 0x0f, 0x22, 0x89, 0x57, 0x96, 0xd4,
1536	0x93, 0xaf, 0xa1, 0x21, 0xa3, 0x48, 0xe9, 0xf0, 0x97, 0x47, 0xa0, 0x27,
1537	0xba, 0x87, 0xb8, 0x15, 0x5f, 0xff, 0x2c, 0x50, 0x41, 0xf1, 0x7e, 0xc6,
1538	0x81, 0xc4, 0x51, 0xf1, 0xfd, 0xd6, 0x86, 0xf7, 0x69, 0x97, 0xf1, 0x49,
1539	0xc9, 0xf9, 0xf4, 0x9b, 0xf4, 0xe8, 0x85, 0xa7, 0xbd, 0x36, 0x55, 0x4a,
1540	0x3d, 0xe8, 0x65, 0x09, 0x7b, 0xb7, 0x12, 0x64, 0xd2, 0x0a, 0x53, 0x60,
1541	0x48, 0xd1, 0x8a, 0xbd
1542	};
1543
1544	if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
1545	\|\| !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL))
1546	\|\| !TEST_ptr(priv = BN_bin2bn(priv_data, sizeof(priv_data), NULL))
1547	\|\| !TEST_ptr(p = BN_bin2bn(p_data, sizeof(p_data), NULL))
1548	\|\| !TEST_ptr(q = BN_bin2bn(q_data, sizeof(q_data), NULL))
1549	\|\| !TEST_ptr(g = BN_bin2bn(g_data, sizeof(g_data), NULL))
1550
1551	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_P, p))
1552	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_Q, q))
1553	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_FFC_G, g))
1554	\|\| !TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1555	OSSL_PKEY_PARAM_FFC_SEED,
1556	seed_data,
1557	sizeof(seed_data)))
1558	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld, OSSL_PKEY_PARAM_FFC_GINDEX,
1559	gindex))
1560	\|\| !TEST_true(OSSL_PARAM_BLD_push_int(bld,
1561	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1562	pcounter))
1563	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY,
1564	pub))
1565	\|\| !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY,
1566	priv))
1567	\|\| !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld)))
1568	goto err;
1569
1570	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL)))
1571	goto err;
1572
1573	if (!TEST_int_eq(EVP_PKEY_fromdata_init(ctx), 1)
1574	\|\| !TEST_int_eq(EVP_PKEY_fromdata(ctx, &pk, EVP_PKEY_KEYPAIR,
1575	fromdata_params), 1))
1576	goto err;
1577
1578	while (dup_pk == NULL) {
1579	ret = 0;
1580	if (!TEST_int_eq(EVP_PKEY_get_bits(pk), 2048)
1581	\|\| !TEST_int_eq(EVP_PKEY_get_security_bits(pk), 112)
1582	\|\| !TEST_int_eq(EVP_PKEY_get_size(pk), 2 + 2 * (3 + sizeof(q_data)))
1583	\|\| !TEST_false(EVP_PKEY_missing_parameters(pk)))
1584	goto err;
1585
1586	if (!TEST_false(EVP_PKEY_get_utf8_string_param(pk,
1587	OSSL_PKEY_PARAM_GROUP_NAME,
1588	name_out,
1589	sizeof(name_out),
1590	&len))
1591	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PUB_KEY,
1592	&pub_out))
1593	\|\| !TEST_BN_eq(pub, pub_out)
1594	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_PRIV_KEY,
1595	&priv_out))
1596	\|\| !TEST_BN_eq(priv, priv_out)
1597	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_P,
1598	&p_out))
1599	\|\| !TEST_BN_eq(p, p_out)
1600	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_Q,
1601	&q_out))
1602	\|\| !TEST_BN_eq(q, q_out)
1603	\|\| !TEST_true(EVP_PKEY_get_bn_param(pk, OSSL_PKEY_PARAM_FFC_G,
1604	&g_out))
1605	\|\| !TEST_BN_eq(g, g_out)
1606	\|\| !TEST_false(EVP_PKEY_get_bn_param(pk,
1607	OSSL_PKEY_PARAM_FFC_COFACTOR,
1608	&j_out))
1609	\|\| !TEST_ptr_null(j_out)
1610	\|\| !TEST_true(EVP_PKEY_get_octet_string_param(pk,
1611	OSSL_PKEY_PARAM_FFC_SEED,
1612	seed_out,
1613	sizeof(seed_out),
1614	&len))
1615	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1616	OSSL_PKEY_PARAM_FFC_GINDEX,
1617	&gindex_out))
1618	\|\| !TEST_int_eq(gindex, gindex_out)
1619	\|\| !TEST_true(EVP_PKEY_get_int_param(pk, OSSL_PKEY_PARAM_FFC_H,
1620	&hindex_out))
1621	\|\| !TEST_int_eq(hindex_out, 0)
1622	\|\| !TEST_true(EVP_PKEY_get_int_param(pk,
1623	OSSL_PKEY_PARAM_FFC_PCOUNTER,
1624	&pcounter_out))
1625	\|\| !TEST_int_eq(pcounter, pcounter_out))
1626	goto err;
1627	BN_free(p);
1628	p = NULL;
1629	BN_free(q);
1630	q = NULL;
1631	BN_free(g);
1632	g = NULL;
1633	BN_free(j_out);
1634	j_out = NULL;
1635	BN_free(pub_out);
1636	pub_out = NULL;
1637	BN_free(priv_out);
1638	priv_out = NULL;
1639
1640	if (!TEST_ptr(key_ctx = EVP_PKEY_CTX_new_from_pkey(NULL, pk, "")))
1641	goto err;
1642
1643	if (!TEST_int_gt(EVP_PKEY_check(key_ctx), 0)
1644	\|\| !TEST_int_gt(EVP_PKEY_public_check(key_ctx), 0)
1645	\|\| !TEST_int_gt(EVP_PKEY_private_check(key_ctx), 0)
1646	\|\| !TEST_int_gt(EVP_PKEY_pairwise_check(key_ctx), 0))
1647	goto err;
1648	EVP_PKEY_CTX_free(key_ctx);
1649	key_ctx = NULL;
1650
1651	if (!TEST_ptr(copy_pk = EVP_PKEY_new())
1652	\|\| !TEST_true(EVP_PKEY_copy_parameters(copy_pk, pk)))
1653	goto err;
1654	EVP_PKEY_free(copy_pk);
1655	copy_pk = NULL;
1656
1657	ret = test_print_key_using_pem("DSA", pk)
1658	&& test_print_key_using_encoder("DSA", pk);
1659
1660	if (!ret \|\| !TEST_ptr(dup_pk = EVP_PKEY_dup(pk)))
1661	goto err;
1662	ret = ret && TEST_int_eq(EVP_PKEY_eq(pk, dup_pk), 1);
1663	EVP_PKEY_free(pk);
1664	pk = dup_pk;
1665	if (!ret)
1666	goto err;
1667	}
1668
1669	err:
1670	OSSL_PARAM_free(fromdata_params);
1671	OSSL_PARAM_BLD_free(bld);
1672	BN_free(p);
1673	BN_free(q);
1674	BN_free(g);
1675	BN_free(pub);
1676	BN_free(priv);
1677	BN_free(p_out);
1678	BN_free(q_out);
1679	BN_free(g_out);
1680	BN_free(pub_out);
1681	BN_free(priv_out);
1682	BN_free(j_out);
1683	EVP_PKEY_free(pk);
1684	EVP_PKEY_free(copy_pk);
1685	EVP_PKEY_CTX_free(ctx);
1686	EVP_PKEY_CTX_free(key_ctx);
1687
1688	return ret;
1689	}
1690
1691	static int test_check_dsa(void)
1692	{
1693	int ret = 0;
1694	EVP_PKEY_CTX *ctx = NULL;
1695
1696	if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL))
1697	\|\| !TEST_int_le(EVP_PKEY_check(ctx), 0)
1698	\|\| !TEST_int_le(EVP_PKEY_public_check(ctx), 0)
1699	\|\| !TEST_int_le(EVP_PKEY_private_check(ctx), 0)
1700	\|\| !TEST_int_le(EVP_PKEY_pairwise_check(ctx), 0))
1701	goto err;
1702
1703	ret = 1;
1704	err:
1705	EVP_PKEY_CTX_free(ctx);
1706
1707	return ret;
1708	}
1709	#endif /* OPENSSL_NO_DSA */
1710
1711
1712	static OSSL_PARAM do_construct_hkdf_params(char digest, char *key,
1713	size_t keylen, char *salt)
1714	{
1715	OSSL_PARAM params = OPENSSL_malloc(sizeof(OSSL_PARAM) 5);
1716	OSSL_PARAM *p = params;
1717
1718	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, digest, 0);
1719	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT,
1720	salt, strlen(salt));
1721	*p++ = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY,
1722	(unsigned char *)key, keylen);
1723	*p++ = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE,
1724	"EXTRACT_ONLY", 0);
1725	*p = OSSL_PARAM_construct_end();
1726
1727	return params;
1728	}
1729
1730	static int test_evp_pkey_ctx_dup_kdf(void)
1731	{
1732	int ret = 0;
1733	size_t len = 0, dlen = 0;
1734	EVP_PKEY_CTX pctx = NULL, dctx = NULL;
1735	OSSL_PARAM *params = NULL;
1736
1737	if (!TEST_ptr(params = do_construct_hkdf_params("sha256", "secret", 6,
1738	"salt")))
1739	goto err;
1740	if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "HKDF", NULL)))
1741	goto err;
1742	if (!TEST_int_eq(EVP_PKEY_derive_init_ex(pctx, params), 1))
1743	goto err;
1744	if (!TEST_ptr(dctx = EVP_PKEY_CTX_dup(pctx)))
1745	goto err;
1746	if (!TEST_int_eq(EVP_PKEY_derive(pctx, NULL, &len), 1)
1747	\|\| !TEST_size_t_eq(len, SHA256_DIGEST_LENGTH)
1748	\|\| !TEST_int_eq(EVP_PKEY_derive(dctx, NULL, &dlen), 1)
1749	\|\| !TEST_size_t_eq(dlen, SHA256_DIGEST_LENGTH))
1750	goto err;
1751	ret = 1;
1752	err:
1753	OPENSSL_free(params);
1754	EVP_PKEY_CTX_free(dctx);
1755	EVP_PKEY_CTX_free(pctx);
1756	return ret;
1757	}
1758
1759	int setup_tests(void)
1760	{
1761	if (!test_skip_common_options()) {
1762	TEST_error("Error parsing test options\n");
1763	return 0;
1764	}
1765
1766	if (!TEST_ptr(datadir = test_get_argument(0)))
1767	return 0;
1768
1769	ADD_TEST(test_evp_pkey_ctx_dup_kdf);
1770	ADD_TEST(test_evp_pkey_get_bn_param_large);
1771	ADD_TEST(test_fromdata_rsa);
1772	#ifndef OPENSSL_NO_DH
1773	ADD_TEST(test_fromdata_dh_fips186_4);
1774	ADD_TEST(test_fromdata_dh_named_group);
1775	#endif
1776	#ifndef OPENSSL_NO_DSA
1777	ADD_TEST(test_check_dsa);
1778	ADD_TEST(test_fromdata_dsa_fips186_4);
1779	#endif
1780	#ifndef OPENSSL_NO_EC
1781	ADD_ALL_TESTS(test_fromdata_ecx, 4 * 3);
1782	ADD_TEST(test_fromdata_ec);
1783	ADD_TEST(test_ec_dup_no_operation);
1784	ADD_TEST(test_ec_dup_keygen_operation);
1785	#endif
1786	return 1;
1787	}

注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

source: vbox/trunk/src/libs/openssl-3.1.7/test/evp_pkey_provided_test.c@ 105943

以其他格式下載: