/* test_evp_pkey.c * * Copyright (C) 2006-2025 wolfSSL Inc. * * This file is part of wolfSSL. * * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA */ #include #ifdef NO_INLINE #include #else #define WOLFSSL_MISC_INCLUDED #include #endif #include #include #include #include int test_wolfSSL_EVP_PKEY_CTX_new_id(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_ENGINE* e = NULL; int id = 0; EVP_PKEY_CTX *ctx = NULL; ExpectNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e)); EVP_PKEY_CTX_free(ctx); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_EVP_PKEY* pkey = NULL; EVP_PKEY_CTX* ctx = NULL; int bits = 2048; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits), WOLFSSL_SUCCESS); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_QT_EVP_PKEY_CTX_free(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(OPENSSL_ALL) EVP_PKEY* pkey = NULL; EVP_PKEY_CTX* ctx = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); #if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L /* void */ EVP_PKEY_CTX_free(ctx); #else /* int */ ExpectIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS); #endif EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_up_ref(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) EVP_PKEY* pkey; pkey = EVP_PKEY_new(); ExpectNotNull(pkey); ExpectIntEQ(EVP_PKEY_up_ref(NULL), 0); ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1); EVP_PKEY_free(pkey); ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1); EVP_PKEY_free(pkey); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_base_id(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef); ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_id(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0); ExpectIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_MD_pkey_type(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA const WOLFSSL_EVP_MD* md; #ifndef NO_MD5 ExpectNotNull(md = EVP_md5()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_md5WithRSAEncryption); #endif #ifndef NO_SHA ExpectNotNull(md = EVP_sha1()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha1WithRSAEncryption); #endif #ifdef WOLFSSL_SHA224 ExpectNotNull(md = EVP_sha224()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha224WithRSAEncryption); #endif ExpectNotNull(md = EVP_sha256()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha256WithRSAEncryption); #ifdef WOLFSSL_SHA384 ExpectNotNull(md = EVP_sha384()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha384WithRSAEncryption); #endif #ifdef WOLFSSL_SHA512 ExpectNotNull(md = EVP_sha512()); ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha512WithRSAEncryption); #endif #endif return EXPECT_RESULT(); } #ifdef OPENSSL_EXTRA static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey, size_t testKeySz, const char* testData, size_t testDataSz, const byte* testResult, size_t testResultSz) { EXPECT_DECLS; unsigned char check[WC_MAX_DIGEST_SIZE]; size_t checkSz = 0; WOLFSSL_EVP_PKEY* key = NULL; WOLFSSL_EVP_MD_CTX mdCtx; ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, testKey, (int)testKeySz)); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)testDataSz), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, (int)testResultSz); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,(int)testResultSz); ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)testDataSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, (int)testResultSz); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,(int)testResultSz); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4, (unsigned int)testDataSz - 4), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,(int)testResultSz); ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4, (unsigned int)testDataSz - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); wolfSSL_EVP_PKEY_free(key); return EXPECT_RESULT(); } #endif int test_wolfSSL_EVP_MD_hmac_signing(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA static const unsigned char testKey[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; static const char testData[] = "Hi There"; #ifdef WOLFSSL_SHA224 static const unsigned char testResultSha224[] = { 0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4, 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68, 0x4b, 0x22 }; #endif #ifndef NO_SHA256 static const unsigned char testResultSha256[] = { 0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7 }; #endif #ifdef WOLFSSL_SHA384 static const unsigned char testResultSha384[] = { 0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62, 0x6b, 0x08, 0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f, 0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6, 0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c, 0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f, 0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6 }; #endif #ifdef WOLFSSL_SHA512 static const unsigned char testResultSha512[] = { 0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7, 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54 }; #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 static const unsigned char testResultSha3_224[] = { 0x3b, 0x16, 0x54, 0x6b, 0xbc, 0x7b, 0xe2, 0x70, 0x6a, 0x03, 0x1d, 0xca, 0xfd, 0x56, 0x37, 0x3d, 0x98, 0x84, 0x36, 0x76, 0x41, 0xd8, 0xc5, 0x9a, 0xf3, 0xc8, 0x60, 0xf7 }; #endif #ifndef WOLFSSL_NOSHA3_256 static const unsigned char testResultSha3_256[] = { 0xba, 0x85, 0x19, 0x23, 0x10, 0xdf, 0xfa, 0x96, 0xe2, 0xa3, 0xa4, 0x0e, 0x69, 0x77, 0x43, 0x51, 0x14, 0x0b, 0xb7, 0x18, 0x5e, 0x12, 0x02, 0xcd, 0xcc, 0x91, 0x75, 0x89, 0xf9, 0x5e, 0x16, 0xbb }; #endif #ifndef WOLFSSL_NOSHA3_384 static const unsigned char testResultSha3_384[] = { 0x68, 0xd2, 0xdc, 0xf7, 0xfd, 0x4d, 0xdd, 0x0a, 0x22, 0x40, 0xc8, 0xa4, 0x37, 0x30, 0x5f, 0x61, 0xfb, 0x73, 0x34, 0xcf, 0xb5, 0xd0, 0x22, 0x6e, 0x1b, 0xc2, 0x7d, 0xc1, 0x0a, 0x2e, 0x72, 0x3a, 0x20, 0xd3, 0x70, 0xb4, 0x77, 0x43, 0x13, 0x0e, 0x26, 0xac, 0x7e, 0x3d, 0x53, 0x28, 0x86, 0xbd }; #endif #ifndef WOLFSSL_NOSHA3_512 static const unsigned char testResultSha3_512[] = { 0xeb, 0x3f, 0xbd, 0x4b, 0x2e, 0xaa, 0xb8, 0xf5, 0xc5, 0x04, 0xbd, 0x3a, 0x41, 0x46, 0x5a, 0xac, 0xec, 0x15, 0x77, 0x0a, 0x7c, 0xab, 0xac, 0x53, 0x1e, 0x48, 0x2f, 0x86, 0x0b, 0x5e, 0xc7, 0xba, 0x47, 0xcc, 0xb2, 0xc6, 0xf2, 0xaf, 0xce, 0x8f, 0x88, 0xd2, 0x2b, 0x6d, 0xc6, 0x13, 0x80, 0xf2, 0x3a, 0x66, 0x8f, 0xd3, 0x88, 0x8b, 0xb8, 0x05, 0x37, 0xc0, 0xa0, 0xb8, 0x64, 0x07, 0x68, 0x9e }; #endif #endif #ifndef NO_SHA256 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha256(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha256, sizeof(testResultSha256)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA224 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha224(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha224, sizeof(testResultSha224)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA384 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha384(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha384, sizeof(testResultSha384)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA512 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha512(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha512, sizeof(testResultSha512)), TEST_SUCCESS); #endif #ifdef WOLFSSL_SHA3 #ifndef WOLFSSL_NOSHA3_224 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_224(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_224, sizeof(testResultSha3_224)), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_256 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_256(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_256, sizeof(testResultSha3_256)), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_384 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_384(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_384, sizeof(testResultSha3_384)), TEST_SUCCESS); #endif #ifndef WOLFSSL_NOSHA3_512 ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_512(), testKey, sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_512, sizeof(testResultSha3_512)), TEST_SUCCESS); #endif #endif #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_new_mac_key(void) { EXPECT_DECLS; #ifdef OPENSSL_EXTRA static const unsigned char pw[] = "password"; static const int pwSz = sizeof(pw) - 1; size_t checkPwSz = 0; const unsigned char* checkPw = NULL; WOLFSSL_EVP_PKEY* key = NULL; ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, pw, pwSz)); ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, NULL, pwSz)); ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw, pwSz)); if (key != NULL) { ExpectIntEQ(key->type, EVP_PKEY_HMAC); ExpectIntEQ(key->save_type, EVP_PKEY_HMAC); ExpectIntEQ(key->pkey_sz, pwSz); ExpectIntEQ(XMEMCMP(key->pkey.ptr, pw, pwSz), 0); } ExpectNotNull(checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz)); ExpectIntEQ((int)checkPwSz, pwSz); ExpectIntEQ(XMEMCMP(checkPw, pw, pwSz), 0); wolfSSL_EVP_PKEY_free(key); key = NULL; ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw, 0)); ExpectIntEQ(key->pkey_sz, 0); if (EXPECT_SUCCESS()) { /* Allocation for key->pkey.ptr may fail - OK key len is 0 */ checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz); } ExpectTrue((checkPwSz == 0) || (checkPw != NULL)); ExpectIntEQ((int)checkPwSz, 0); wolfSSL_EVP_PKEY_free(key); key = NULL; ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, NULL, 0)); ExpectIntEQ(key->pkey_sz, 0); if (EXPECT_SUCCESS()) { /* Allocation for key->pkey.ptr may fail - OK key len is 0 */ checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz); } ExpectTrue((checkPwSz == 0) || (checkPw != NULL)); ExpectIntEQ((int)checkPwSz, 0); wolfSSL_EVP_PKEY_free(key); key = NULL; #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_hkdf(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_HKDF) EVP_PKEY_CTX* ctx = NULL; byte salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; byte key[] = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}; byte info[] = {0X01, 0x02, 0x03, 0x04, 0x05}; byte info2[] = {0X06, 0x07, 0x08, 0x09, 0x0A}; byte outKey[34]; size_t outKeySz = sizeof(outKey); /* These expected outputs were gathered by running the same test below using * OpenSSL. */ const byte extractAndExpand[] = { 0x8B, 0xEB, 0x90, 0xA9, 0x04, 0xFF, 0x05, 0x10, 0xE4, 0xB5, 0xB1, 0x10, 0x31, 0x34, 0xFF, 0x07, 0x5B, 0xE3, 0xC6, 0x93, 0xD4, 0xF8, 0xC7, 0xEE, 0x96, 0xDA, 0x78, 0x7A, 0xE2, 0x9A, 0x2D, 0x05, 0x4B, 0xF6 }; const byte extractOnly[] = { 0xE7, 0x6B, 0x9E, 0x0F, 0xE4, 0x02, 0x1D, 0x62, 0xEA, 0x97, 0x74, 0x5E, 0xF4, 0x3C, 0x65, 0x4D, 0xC1, 0x46, 0x98, 0xAA, 0x79, 0x9A, 0xCB, 0x9C, 0xCC, 0x3E, 0x7F, 0x2A, 0x2B, 0x41, 0xA1, 0x9E }; const byte expandOnly[] = { 0xFF, 0x29, 0x29, 0x56, 0x9E, 0xA7, 0x66, 0x02, 0xDB, 0x4F, 0xDB, 0x53, 0x7D, 0x21, 0x67, 0x52, 0xC3, 0x0E, 0xF3, 0xFC, 0x71, 0xCE, 0x67, 0x2B, 0xEA, 0x3B, 0xE9, 0xFC, 0xDD, 0xC8, 0xCC, 0xB7, 0x42, 0x74 }; const byte extractAndExpandAddInfo[] = { 0x5A, 0x74, 0x79, 0x83, 0xA3, 0xA4, 0x2E, 0xB7, 0xD4, 0x08, 0xC2, 0x6A, 0x2F, 0xA5, 0xE3, 0x4E, 0xF1, 0xF4, 0x87, 0x3E, 0xA6, 0xC7, 0x88, 0x45, 0xD7, 0xE2, 0x15, 0xBC, 0xB8, 0x10, 0xEF, 0x6C, 0x4D, 0x7A }; ExpectNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL))); ExpectIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* NULL md. */ ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* NULL salt is ok. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)), WOLFSSL_SUCCESS); /* Salt length <= 0. */ /* Length 0 salt is ok. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* NULL key. */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* Key length <= 0 */ ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* NULL info is ok. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)), WOLFSSL_SUCCESS); /* Info length <= 0 */ /* Length 0 info is ok. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)), WOLFSSL_SUCCESS); /* NULL ctx. */ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* Extract and expand (default). */ ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(extractAndExpand)); ExpectIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0); /* Extract only. */ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(extractOnly)); ExpectIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0); outKeySz = sizeof(outKey); /* Expand only. */ ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(expandOnly)); ExpectIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0); outKeySz = sizeof(outKey); /* Extract and expand with appended additional info. */ ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(outKeySz, sizeof(extractAndExpandAddInfo)); ExpectIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0); EVP_PKEY_CTX_free(ctx); #endif /* OPENSSL_EXTRA && HAVE_HKDF */ return EXPECT_RESULT(); } int test_wolfSSL_EVP_PBE_scrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && \ (!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 5)) #if !defined(NO_PWDBASED) && !defined(NO_SHA256) int ret; const char pwd[] = {'p','a','s','s','w','o','r','d'}; int pwdlen = sizeof(pwd); const byte salt[] = {'N','a','C','l'}; int saltlen = sizeof(salt); byte key[80]; word64 numOvr32 = (word64)INT32_MAX + 1; /* expected derived key for N:16, r:1, p:1 */ const byte expectedKey[] = { 0xAE, 0xC6, 0xB7, 0x48, 0x3E, 0xD2, 0x6E, 0x08, 0x80, 0x2B, 0x41, 0xF4, 0x03, 0x20, 0x86, 0xA0, 0xE8, 0x86, 0xBE, 0x7A, 0xC4, 0x8F, 0xCF, 0xD9, 0x2F, 0xF0, 0xCE, 0xF8, 0x10, 0x97, 0x52, 0xF4, 0xAC, 0x74, 0xB0, 0x77, 0x26, 0x32, 0x56, 0xA6, 0x5A, 0x99, 0x70, 0x1B, 0x7A, 0x30, 0x4D, 0x46, 0x61, 0x1C, 0x8A, 0xA3, 0x91, 0xE7, 0x99, 0xCE, 0x10, 0xA2, 0x77, 0x53, 0xE7, 0xE9, 0xC0, 0x9A}; /* N r p mx key keylen */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 0, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* N must be greater than 1 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 3, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* N must be power of 2 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 0, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* r must be greater than 0 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 0, 0, key, 64); ExpectIntEQ(ret, 0); /* p must be greater than 0 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 0); ExpectIntEQ(ret, 0); /* keylen must be greater than 0 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 9, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* r must be smaller than 9 */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, NULL, 64); ExpectIntEQ(ret, 1); /* should succeed if key is NULL */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, numOvr32, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* should fail since r is greater than INT32_MAC */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, numOvr32, 0, key, 64); ExpectIntEQ(ret, 0); /* should fail since p is greater than INT32_MAC */ ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 0, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed even if salt is NULL */ ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 4, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* if salt is NULL, saltlen must be 0, otherwise fail*/ ret = EVP_PBE_scrypt(NULL, 0, salt, saltlen, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed if pwd is NULL and pwdlen is 0*/ ret = EVP_PBE_scrypt(NULL, 4, salt, saltlen, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 0); /* if pwd is NULL, pwdlen must be 0 */ ret = EVP_PBE_scrypt(NULL, 0, NULL, 0, 2, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); /* should succeed even both pwd and salt are NULL */ ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 16, 1, 1, 0, key, 64); ExpectIntEQ(ret, 1); ret = XMEMCMP(expectedKey, key, sizeof(expectedKey)); ExpectIntEQ(ret, 0); /* derived key must be the same as expected-key */ #endif /* !NO_PWDBASED && !NO_SHA256 */ #endif /* OPENSSL_EXTRA && HAVE_SCRYPT && HAVE_PBKDF2 */ return EXPECT_RESULT(); } int test_EVP_PKEY_cmp(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) EVP_PKEY *a = NULL; EVP_PKEY *b = NULL; const unsigned char *in; #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) in = client_key_der_2048; ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &in, (long)sizeof_client_key_der_2048)); in = client_key_der_2048; ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &in, (long)sizeof_client_key_der_2048)); /* Test success case RSA */ #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(a, b), 1); #else ExpectIntEQ(EVP_PKEY_cmp(a, b), 0); #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ EVP_PKEY_free(b); b = NULL; EVP_PKEY_free(a); a = NULL; #endif #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) in = ecc_clikey_der_256; ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); in = ecc_clikey_der_256; ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); /* Test success case ECC */ #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(a, b), 1); #else ExpectIntEQ(EVP_PKEY_cmp(a, b), 0); #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ EVP_PKEY_free(b); b = NULL; EVP_PKEY_free(a); a = NULL; #endif /* Test failure cases */ #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && \ defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) in = client_key_der_2048; ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &in, (long)sizeof_client_key_der_2048)); in = ecc_clikey_der_256; ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &in, (long)sizeof_ecc_clikey_der_256)); #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(a, b), -1); #else ExpectIntNE(EVP_PKEY_cmp(a, b), 0); #endif /* WOLFSSL_ERROR_CODE_OPENSSL */ EVP_PKEY_free(b); b = NULL; EVP_PKEY_free(a); a = NULL; #endif /* invalid or empty failure cases */ a = EVP_PKEY_new(); b = EVP_PKEY_new(); #if defined(WOLFSSL_ERROR_CODE_OPENSSL) ExpectIntEQ(EVP_PKEY_cmp(NULL, NULL), 0); ExpectIntEQ(EVP_PKEY_cmp(a, NULL), 0); ExpectIntEQ(EVP_PKEY_cmp(NULL, b), 0); #ifdef NO_RSA /* Type check will fail since RSA is the default EVP key type */ ExpectIntEQ(EVP_PKEY_cmp(a, b), -2); #else ExpectIntEQ(EVP_PKEY_cmp(a, b), 0); #endif #else ExpectIntNE(EVP_PKEY_cmp(NULL, NULL), 0); ExpectIntNE(EVP_PKEY_cmp(a, NULL), 0); ExpectIntNE(EVP_PKEY_cmp(NULL, b), 0); ExpectIntNE(EVP_PKEY_cmp(a, b), 0); #endif EVP_PKEY_free(b); EVP_PKEY_free(a); (void)in; #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined (NO_DSA) && !defined(HAVE_SELFTEST) && \ defined(WOLFSSL_KEY_GEN) DSA *dsa = NULL; DSA *setDsa = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY *set1Pkey = NULL; SHA_CTX sha; byte signature[DSA_SIG_SIZE]; byte hash[WC_SHA_DIGEST_SIZE]; word32 bytes; int answer; #ifdef USE_CERT_BUFFERS_1024 const unsigned char* dsaKeyDer = dsa_key_der_1024; int dsaKeySz = sizeof_dsa_key_der_1024; byte tmp[ONEK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsaKeyDer , dsaKeySz); bytes = dsaKeySz; #elif defined(USE_CERT_BUFFERS_2048) const unsigned char* dsaKeyDer = dsa_key_der_2048; int dsaKeySz = sizeof_dsa_key_der_2048; byte tmp[TWOK_BUF]; XMEMSET(tmp, 0, sizeof(tmp)); XMEMCPY(tmp, dsaKeyDer , dsaKeySz); bytes = (word32)dsaKeySz; #else byte tmp[TWOK_BUF]; const unsigned char* dsaKeyDer = (const unsigned char*)tmp; int dsaKeySz; XFILE fp = XBADFILE; XMEMSET(tmp, 0, sizeof(tmp)); ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE); ExpectIntGT(dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0); if (fp != XBADFILE) XFCLOSE(fp); #endif /* END USE_CERT_BUFFERS_1024 */ /* Create hash to later Sign and Verify */ ExpectIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS); ExpectIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS); ExpectIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS); /* Initialize pkey with der format dsa key */ ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer, (long)dsaKeySz)); /* Test wolfSSL_EVP_PKEY_get1_DSA */ /* Should Fail: NULL argument */ ExpectNull(dsa = EVP_PKEY_get0_DSA(NULL)); ExpectNull(dsa = EVP_PKEY_get1_DSA(NULL)); /* Should Pass: Initialized pkey argument */ ExpectNotNull(dsa = EVP_PKEY_get0_DSA(pkey)); ExpectNotNull(dsa = EVP_PKEY_get1_DSA(pkey)); #ifdef USE_CERT_BUFFERS_1024 ExpectIntEQ(DSA_bits(dsa), 1024); #else ExpectIntEQ(DSA_bits(dsa), 2048); #endif /* Sign */ ExpectIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS); /* Verify. */ ExpectIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer), WOLFSSL_SUCCESS); /* Test wolfSSL_EVP_PKEY_set1_DSA */ /* Should Fail: set1Pkey not initialized */ ExpectIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS); /* Initialize set1Pkey */ set1Pkey = EVP_PKEY_new(); /* Should Fail Verify: setDsa not initialized from set1Pkey */ ExpectIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer), WOLFSSL_SUCCESS); /* Should Pass: set dsa into set1Pkey */ ExpectIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS); DSA_free(dsa); DSA_free(setDsa); EVP_PKEY_free(pkey); EVP_PKEY_free(set1Pkey); #endif /* OPENSSL_ALL && !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ return EXPECT_RESULT(); } /* END test_EVP_PKEY_set1_get1_DSA */ int test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(OPENSSL_ALL) WOLFSSL_EC_KEY* ecKey = NULL; WOLFSSL_EC_KEY* ecGet1 = NULL; EVP_PKEY* pkey = NULL; ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); /* Test wolfSSL_EVP_PKEY_set1_EC_KEY */ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* Should fail since ecKey is empty */ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS); /* Test wolfSSL_EVP_PKEY_get1_EC_KEY */ ExpectNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL)); ExpectNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey)); wolfSSL_EC_KEY_free(ecKey); wolfSSL_EC_KEY_free(ecGet1); EVP_PKEY_free(pkey); #endif /* HAVE_ECC && OPENSSL_ALL */ return EXPECT_RESULT(); } /* END test_EVP_PKEY_set1_get1_EC_KEY */ int test_wolfSSL_EVP_PKEY_get0_EC_KEY(void) { EXPECT_DECLS; #if defined(HAVE_ECC) && defined(OPENSSL_ALL) WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNull(EVP_PKEY_get0_EC_KEY(NULL)); ExpectNotNull(pkey = EVP_PKEY_new()); ExpectNull(EVP_PKEY_get0_EC_KEY(pkey)); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_set1_get1_DH(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM) DH *dh = NULL; DH *setDh = NULL; EVP_PKEY *pkey = NULL; XFILE f = XBADFILE; unsigned char buf[4096]; const unsigned char* pt = buf; const char* dh2048 = "./certs/dh2048.der"; long len = 0; int code = -1; XMEMSET(buf, 0, sizeof(buf)); ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); /* Load dh2048.der into DH with internal format */ ExpectNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS); ExpectIntEQ(code, 0); code = -1; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); /* Set DH into PKEY */ ExpectIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS); /* Get DH from PKEY */ ExpectNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey)); ExpectIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS); ExpectIntEQ(code, 0); EVP_PKEY_free(pkey); DH_free(setDh); setDh = NULL; DH_free(dh); dh = NULL; #endif /* !NO_DH && WOLFSSL_DH_EXTRA && !NO_FILESYSTEM */ #endif /* !HAVE_FIPS || HAVE_FIPS_VERSION > 2 */ #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */ return EXPECT_RESULT(); } /* END test_EVP_PKEY_set1_get1_DH */ int test_wolfSSL_EVP_PKEY_assign(void) { EXPECT_DECLS; #if (!defined(NO_RSA) || !defined(NO_DSA) || defined(HAVE_ECC)) && \ defined(OPENSSL_ALL) int type; WOLFSSL_EVP_PKEY* pkey = NULL; #ifndef NO_RSA WOLFSSL_RSA* rsa = NULL; #endif #ifndef NO_DSA WOLFSSL_DSA* dsa = NULL; #endif #ifdef HAVE_ECC WOLFSSL_EC_KEY* ecKey = NULL; #endif #ifndef NO_RSA type = EVP_PKEY_RSA; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(rsa = wolfSSL_RSA_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, rsa), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, rsa), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, rsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_RSA_free(rsa); } wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; #endif /* NO_RSA */ #ifndef NO_DSA type = EVP_PKEY_DSA; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dsa = wolfSSL_DSA_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, dsa), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, dsa), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, dsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_DSA_free(dsa); } wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; #endif /* NO_DSA */ #ifdef HAVE_ECC type = EVP_PKEY_EC; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_EC_KEY_free(ecKey); } wolfSSL_EVP_PKEY_free(pkey); pkey = NULL; #endif /* HAVE_ECC */ #endif /* (!NO_RSA || !NO_DSA || HAVE_ECC) && OPENSSL_ALL */ return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_assign_DH(void) { EXPECT_DECLS; #if !defined(NO_DH) && defined(OPENSSL_ALL) && (!defined(HAVE_FIPS) || \ (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2))) XFILE f = XBADFILE; unsigned char buf[4096]; const unsigned char* pt = buf; const char* params1 = "./certs/dh2048.der"; long len = 0; WOLFSSL_DH* dh = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; XMEMSET(buf, 0, sizeof(buf)); /* Load DH parameters DER. */ ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len)); ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); /* Bad cases */ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* Good case */ ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_DH_free(dh); } EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_EVP_PKEY_rsa(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) WOLFSSL_RSA* rsa = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(rsa = wolfSSL_RSA_new()); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(EVP_PKEY_assign_RSA(NULL, rsa), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_RSA_free(rsa); } ExpectPtrEq(EVP_PKEY_get0_RSA(pkey), rsa); wolfSSL_EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_EVP_PKEY_ec(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_EC_KEY* ecKey = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(ecKey = wolfSSL_EC_KEY_new()); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); /* Should fail since ecKey is empty */ ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1); ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { wolfSSL_EC_KEY_free(ecKey); } wolfSSL_EVP_PKEY_free(pkey); #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_missing_parameters(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB) WOLFSSL_EVP_PKEY* pkey = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0); ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(NULL), 0); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_copy_parameters(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_DH) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) && defined(WOLFSSL_DH_EXTRA) && \ (defined(OPENSSL_ALL) || defined(WOLFSSL_QT)) && !defined(NO_FILESYSTEM) WOLFSSL_EVP_PKEY* params = NULL; WOLFSSL_EVP_PKEY* copy = NULL; DH* dh = NULL; BIGNUM* p1; BIGNUM* g1; BIGNUM* q1; BIGNUM* p2; BIGNUM* g2; BIGNUM* q2; /* create DH with DH_get_2048_256 params */ ExpectNotNull(params = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dh = DH_get_2048_256()); ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS); DH_get0_pqg(dh, (const BIGNUM**)&p1, (const BIGNUM**)&q1, (const BIGNUM**)&g1); DH_free(dh); dh = NULL; /* create DH with random generated DH params */ ExpectNotNull(copy = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL)); ExpectIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS); DH_free(dh); dh = NULL; ExpectIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS); ExpectNotNull(dh = EVP_PKEY_get1_DH(copy)); ExpectNotNull(dh->p); ExpectNotNull(dh->g); ExpectNotNull(dh->q); DH_get0_pqg(dh, (const BIGNUM**)&p2, (const BIGNUM**)&q2, (const BIGNUM**)&g2); ExpectIntEQ(BN_cmp(p1, p2), 0); ExpectIntEQ(BN_cmp(q1, q2), 0); ExpectIntEQ(BN_cmp(g1, g2), 0); DH_free(dh); dh = NULL; EVP_PKEY_free(copy); EVP_PKEY_free(params); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_paramgen(void) { EXPECT_DECLS; /* ECC check taken from ecc.c. It is the condition that defines ECC256 */ #if defined(OPENSSL_ALL) && !defined(NO_ECC_SECP) && \ ((!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \ ECC_MIN_KEY_SZ <= 256) EVP_PKEY_CTX* ctx = NULL; EVP_PKEY* pkey = NULL; /* Test error conditions. */ ExpectIntEQ(EVP_PKEY_paramgen(NULL, &pkey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)); ExpectIntEQ(EVP_PKEY_paramgen(ctx, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); #ifndef NO_RSA EVP_PKEY_CTX_free(ctx); /* Parameter generation for RSA not supported yet. */ ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)); ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); #endif #ifdef HAVE_ECC EVP_PKEY_CTX_free(ctx); ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)); ExpectIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx, NID_X9_62_prime256v1), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS); #endif EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_param_check(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM) DH *dh = NULL; DH *setDh = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX* ctx = NULL; FILE* f = NULL; unsigned char buf[512]; const unsigned char* pt = buf; const char* dh2048 = "./certs/dh2048.der"; long len = 0; int code = -1; XMEMSET(buf, 0, sizeof(buf)); ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE); ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0); if (f != XBADFILE) XFCLOSE(f); /* Load dh2048.der into DH with internal format */ ExpectNotNull(setDh = d2i_DHparams(NULL, &pt, len)); ExpectIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS); ExpectIntEQ(code, 0); code = -1; pkey = wolfSSL_EVP_PKEY_new(); /* Set DH into PKEY */ ExpectIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS); /* create ctx from pkey */ ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_param_check(ctx), 1/* valid */); /* TODO: more invalid cases */ ExpectIntEQ(EVP_PKEY_param_check(NULL), 0); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); DH_free(setDh); setDh = NULL; DH_free(dh); dh = NULL; #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_keygen_init(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_EVP_PKEY* pkey = NULL; EVP_PKEY_CTX *ctx = NULL; ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(NULL), WOLFSSL_SUCCESS); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_keygen(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_EVP_PKEY* pkey = NULL; EVP_PKEY_CTX* ctx = NULL; #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) WOLFSSL_EVP_PKEY* params = NULL; DH* dh = NULL; const BIGNUM* pubkey = NULL; const BIGNUM* privkey = NULL; ASN1_INTEGER* asn1int = NULL; unsigned int length = 0; byte* derBuffer = NULL; #endif ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); /* Bad cases */ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), 0); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), 0); ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), 0); /* Good case */ ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0); EVP_PKEY_CTX_free(ctx); ctx = NULL; EVP_PKEY_free(pkey); pkey = NULL; #if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0)) /* Test DH keygen */ { ExpectNotNull(params = wolfSSL_EVP_PKEY_new()); ExpectNotNull(dh = DH_get_2048_256()); ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS); ExpectNotNull(ctx = EVP_PKEY_CTX_new(params, NULL)); ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS); DH_free(dh); dh = NULL; EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(params); /* try exporting generated key to DER, to verify */ ExpectNotNull(dh = EVP_PKEY_get1_DH(pkey)); DH_get0_key(dh, &pubkey, &privkey); ExpectNotNull(pubkey); ExpectNotNull(privkey); ExpectNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL)); ExpectIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0); ASN1_INTEGER_free(asn1int); DH_free(dh); dh = NULL; XFREE(derBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); EVP_PKEY_free(pkey); } #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_SignInit_ex(void) { EXPECT_DECLS; #ifdef OPENSSL_ALL WOLFSSL_EVP_MD_CTX mdCtx; WOLFSSL_ENGINE* e = 0; const EVP_MD* md = EVP_sha256(); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS); ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1); #endif return EXPECT_RESULT(); } #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #endif #endif #endif #if defined(OPENSSL_EXTRA) #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #endif #endif #endif #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) #ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY #endif #endif #endif #ifdef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY static int test_wolfSSL_EVP_PKEY_sign_verify(int keyType) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_RSA* rsa = NULL; #endif #endif #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) WOLFSSL_DSA* dsa = NULL; #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) WOLFSSL_EC_KEY* ecKey = NULL; #endif #endif WOLFSSL_EVP_PKEY* pkey = NULL; WOLFSSL_EVP_PKEY_CTX* ctx = NULL; WOLFSSL_EVP_PKEY_CTX* ctx_verify = NULL; const char* in = "What is easy to do is easy not to do."; size_t inlen = XSTRLEN(in); byte hash[SHA256_DIGEST_LENGTH] = {0}; byte zero[SHA256_DIGEST_LENGTH] = {0}; SHA256_CTX c; byte* sig = NULL; byte* sigVerify = NULL; size_t siglen; size_t siglenOnlyLen; size_t keySz = 2048/8; /* Bytes */ ExpectNotNull(sig = (byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); ExpectNotNull(sigVerify = (byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); siglen = keySz; ExpectNotNull(XMEMSET(sig, 0, keySz)); ExpectNotNull(XMEMSET(sigVerify, 0, keySz)); /* Generate hash */ SHA256_Init(&c); SHA256_Update(&c, in, inlen); SHA256_Final(hash, &c); #ifdef WOLFSSL_SMALL_STACK_CACHE /* workaround for small stack cache case */ wc_Sha256Free((wc_Sha256*)&c); #endif /* Generate key */ ExpectNotNull(pkey = EVP_PKEY_new()); switch (keyType) { case EVP_PKEY_RSA: #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) { ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS); } #endif #endif break; case EVP_PKEY_DSA: #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) ExpectNotNull(dsa = DSA_new()); ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048, NULL, 0, NULL, NULL, NULL), 1); ExpectIntEQ(DSA_generate_key(dsa), 1); ExpectIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS); #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ break; case EVP_PKEY_EC: #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) { ExpectNotNull(ecKey = EC_KEY_new()); ExpectIntEQ(EC_KEY_generate_key(ecKey), 1); ExpectIntEQ( EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { EC_KEY_free(ecKey); } } #endif #endif break; } ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) if (keyType == EVP_PKEY_RSA) ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); #endif #endif /* Check returning only length */ ExpectIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash, SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS); ExpectIntGT(siglenOnlyLen, 0); /* Sign data */ ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash, SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS); ExpectIntGE(siglenOnlyLen, siglen); /* Verify signature */ ExpectNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS); #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) if (keyType == EVP_PKEY_RSA) ExpectIntEQ( EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); #endif #endif ExpectIntEQ(EVP_PKEY_verify( ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_verify( ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH), WC_NO_ERR_TRACE(WOLFSSL_FAILURE)); #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) if (keyType == EVP_PKEY_RSA) { #if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT) /* Try RSA sign/verify with no padding. */ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig, siglen), WOLFSSL_SUCCESS); ExpectIntGE(siglenOnlyLen, siglen); ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_NO_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig, siglen), WOLFSSL_SUCCESS); #endif /* Wrong padding schemes. */ ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS); ExpectIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig, siglen), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS); ExpectIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig, siglen), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); } #endif #endif /* error cases */ siglen = keySz; /* Reset because sig size may vary slightly */ ExpectIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS); ExpectIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen), WOLFSSL_SUCCESS); EVP_PKEY_free(pkey); pkey = NULL; #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) DSA_free(dsa); dsa = NULL; #endif /* !NO_DSA && !HAVE_SELFTEST && WOLFSSL_KEY_GEN */ EVP_PKEY_CTX_free(ctx_verify); ctx_verify = NULL; EVP_PKEY_CTX_free(ctx); ctx = NULL; XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(sigVerify, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); } #endif int test_wolfSSL_EVP_PKEY_sign_verify_rsa(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \ !defined(HAVE_SELFTEST) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_RSA), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_sign_verify_dsa(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) #if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN) ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_DSA), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_sign_verify_ec(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) #if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2)) ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_EC), TEST_SUCCESS); #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_MD_rsa_signing(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) WOLFSSL_EVP_PKEY* privKey = NULL; WOLFSSL_EVP_PKEY* pubKey = NULL; WOLFSSL_EVP_PKEY_CTX* keyCtx = NULL; const char testData[] = "Hi There"; WOLFSSL_EVP_MD_CTX mdCtx; WOLFSSL_EVP_MD_CTX mdCtxCopy; int ret; size_t checkSz = -1; int sz = 2048 / 8; const unsigned char* cp; const unsigned char* p; unsigned char check[2048/8]; size_t i; int paddings[] = { RSA_PKCS1_PADDING, #if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && defined(WC_RSA_PSS) RSA_PKCS1_PSS_PADDING, #endif }; cp = client_key_der_2048; ExpectNotNull((privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &cp, sizeof_client_key_der_2048))); p = client_keypub_der_2048; ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p, sizeof_client_keypub_der_2048))); wolfSSL_EVP_MD_CTX_init(&mdCtx); wolfSSL_EVP_MD_CTX_init(&mdCtxCopy); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,sz); ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1); ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtxCopy); ExpectIntEQ(ret, 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); /* Check all signing padding types */ for (i = 0; i < sizeof(paddings)/sizeof(int); i++) { wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, &keyCtx, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx, paddings[i]), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); ExpectIntEQ((int)checkSz, sz); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ((int)checkSz,sz); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, &keyCtx, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx, paddings[i]), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); } wolfSSL_EVP_PKEY_free(pubKey); wolfSSL_EVP_PKEY_free(privKey); #endif return EXPECT_RESULT(); } /* Test RSA-PSS digital signature creation and verification */ int test_wc_RsaPSS_DigitalSignVerify(void) { EXPECT_DECLS; /* Early FIPS did not support PSS. */ #if (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \ (HAVE_FIPS_VERSION > 2))) && \ (!defined(HAVE_SELFTEST) || (defined(HAVE_SELFTEST_VERSION) && \ (HAVE_SELFTEST_VERSION > 2))) && \ !defined(NO_RSA) && defined(WC_RSA_PSS) && defined(OPENSSL_EXTRA) && \ defined(WOLFSSL_KEY_GEN) && defined(WC_RSA_NO_PADDING) && \ !defined(NO_SHA256) /* Test digest */ const unsigned char test_digest[32] = { 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09 }; const unsigned int digest_len = sizeof(test_digest); /* Variables for RSA key generation and signature operations */ EVP_PKEY_CTX *pkctx = NULL; EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *sign_ctx = NULL; EVP_PKEY_CTX *verify_ctx = NULL; unsigned char signature[256+MAX_DER_DIGEST_ASN_SZ] = {0}; size_t signature_len = sizeof(signature); int modulus_bits = 2048; /* Generate RSA key pair to avoid file dependencies */ ExpectNotNull(pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)); ExpectIntEQ(EVP_PKEY_keygen_init(pkctx), 1); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_keygen_bits(pkctx, modulus_bits), 1); ExpectIntEQ(EVP_PKEY_keygen(pkctx, &pkey), 1); /* Create signing context */ ExpectNotNull(sign_ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_sign_init(sign_ctx), 1); /* Configure RSA-PSS parameters for signing. */ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(sign_ctx, RSA_PKCS1_PSS_PADDING), 1); /* Default salt length matched hash so use 32 for SHA256 */ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_pss_saltlen(sign_ctx, 32), 1); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_mgf1_md(sign_ctx, EVP_sha256()), 1); ExpectIntEQ(EVP_PKEY_CTX_set_signature_md(sign_ctx, EVP_sha256()), 1); /* Create the digital signature */ ExpectIntEQ(EVP_PKEY_sign(sign_ctx, signature, &signature_len, test_digest, digest_len), 1); ExpectIntGT((int)signature_len, 0); /* Create verification context */ ExpectNotNull(verify_ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_verify_init(verify_ctx), 1); /* Configure RSA-PSS parameters for verification */ ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(verify_ctx, RSA_PKCS1_PSS_PADDING), 1); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_pss_saltlen(verify_ctx, 32), 1); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_mgf1_md(verify_ctx, EVP_sha256()), 1); ExpectIntEQ(EVP_PKEY_CTX_set_signature_md(verify_ctx, EVP_sha256()), 1); /* Verify the digital signature */ ExpectIntEQ(EVP_PKEY_verify(verify_ctx, signature, signature_len, test_digest, digest_len), 1); /* Test with wrong digest to ensure verification fails (negative test) */ { const unsigned char wrong_digest[32] = { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02 }; ExpectIntNE(EVP_PKEY_verify(verify_ctx, signature, signature_len, wrong_digest, digest_len), 1); } /* Clean up */ if (verify_ctx) EVP_PKEY_CTX_free(verify_ctx); if (sign_ctx) EVP_PKEY_CTX_free(sign_ctx); if (pkey) EVP_PKEY_free(pkey); if (pkctx) EVP_PKEY_CTX_free(pkctx); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_MD_ecc_signing(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) WOLFSSL_EVP_PKEY* privKey = NULL; WOLFSSL_EVP_PKEY* pubKey = NULL; const char testData[] = "Hi There"; WOLFSSL_EVP_MD_CTX mdCtx; int ret; const unsigned char* cp; const unsigned char* p; unsigned char check[2048/8]; size_t checkSz = sizeof(check); XMEMSET(check, 0, sizeof(check)); cp = ecc_clikey_der_256; ExpectNotNull(privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp, sizeof_ecc_clikey_der_256)); p = ecc_clikeypub_der_256; ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p, sizeof_ecc_clikeypub_der_256))); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, (unsigned int)XSTRLEN(testData)), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, privKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); checkSz = sizeof(check); ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_MD_CTX_init(&mdCtx); ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(), NULL, pubKey), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4, (unsigned int)XSTRLEN(testData) - 4), 1); ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1); ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx); ExpectIntEQ(ret, 1); wolfSSL_EVP_PKEY_free(pubKey); wolfSSL_EVP_PKEY_free(privKey); #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_encrypt(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) WOLFSSL_RSA* rsa = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; WOLFSSL_EVP_PKEY_CTX* ctx = NULL; const char* in = "What is easy to do is easy not to do."; size_t inlen = XSTRLEN(in); size_t outEncLen = 0; byte* outEnc = NULL; byte* outDec = NULL; size_t outDecLen = 0; size_t rsaKeySz = 2048/8; /* Bytes */ #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING) byte* inTmp = NULL; byte* outEncTmp = NULL; byte* outDecTmp = NULL; #endif ExpectNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outEnc != NULL) { XMEMSET(outEnc, 0, rsaKeySz); } ExpectNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outDec != NULL) { XMEMSET(outDec, 0, rsaKeySz); } ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL)); ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new()); ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS); if (EXPECT_FAIL()) { RSA_free(rsa); } ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING), WOLFSSL_SUCCESS); /* Test pkey references count is decremented. pkey shouldn't be destroyed since ctx uses it.*/ ExpectIntEQ(pkey->ref.count, 2); EVP_PKEY_free(pkey); ExpectIntEQ(pkey->ref.count, 1); /* Encrypt data */ /* Check that we can get the required output buffer length by passing in a * NULL output buffer. */ ExpectIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen, (const unsigned char*)in, inlen), WOLFSSL_SUCCESS); ExpectIntEQ(rsaKeySz, outEncLen); /* Now do the actual encryption. */ ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen, (const unsigned char*)in, inlen), WOLFSSL_SUCCESS); /* Decrypt data */ ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS); /* Check that we can get the required output buffer length by passing in a * NULL output buffer. */ ExpectIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen), WOLFSSL_SUCCESS); ExpectIntEQ(rsaKeySz, outDecLen); /* Now do the actual decryption. */ ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(in, outDec, outDecLen), 0); #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING) /* The input length must be the same size as the RSA key.*/ ExpectNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (inTmp != NULL) { XMEMSET(inTmp, 9, rsaKeySz); } ExpectNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outEncTmp != NULL) { XMEMSET(outEncTmp, 0, rsaKeySz); } ExpectNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER)); if (outDecTmp != NULL) { XMEMSET(outDecTmp, 0, rsaKeySz); } ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS); ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp, outEncLen), WOLFSSL_SUCCESS); ExpectIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0); #endif EVP_PKEY_CTX_free(ctx); XFREE(outEnc, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outDec, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING) XFREE(inTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outEncTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); XFREE(outDecTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); #endif #endif return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_derive(void) { EXPECT_DECLS; #if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH) #if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC) EVP_PKEY_CTX *ctx = NULL; unsigned char *skey = NULL; size_t skeylen; EVP_PKEY *pkey = NULL; EVP_PKEY *peerkey = NULL; const unsigned char* key; #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) /* DH */ key = dh_key_der_2048; ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key, sizeof_dh_key_der_2048))); ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1); key = dh_key_der_2048; ExpectNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key, sizeof_dh_key_der_2048))); ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1); ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1); ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1); ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL)); ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1); EVP_PKEY_CTX_free(ctx); ctx = NULL; EVP_PKEY_free(peerkey); peerkey = NULL; EVP_PKEY_free(pkey); pkey = NULL; XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL); skey = NULL; #endif #ifdef HAVE_ECC /* ECDH */ key = ecc_clikey_der_256; ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key, sizeof_ecc_clikey_der_256))); key = ecc_clikeypub_der_256; ExpectNotNull((peerkey = d2i_PUBKEY(NULL, &key, sizeof_ecc_clikeypub_der_256))); ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL)); ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1); ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1); ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1); ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL, DYNAMIC_TYPE_OPENSSL)); ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(peerkey); EVP_PKEY_free(pkey); XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL); #endif /* HAVE_ECC */ #endif /* (!NO_DH && WOLFSSL_DH_EXTRA) || HAVE_ECC */ #endif /* OPENSSL_ALL || WOLFSSL_QT || WOLFSSL_OPENSSH */ return EXPECT_RESULT(); } int test_wolfSSL_EVP_PKEY_print_public(void) { EXPECT_DECLS; #if defined(OPENSSL_EXTRA) && !defined(NO_BIO) WOLFSSL_BIO* rbio = NULL; WOLFSSL_BIO* wbio = NULL; WOLFSSL_EVP_PKEY* pkey = NULL; char line[256] = { 0 }; char line1[256] = { 0 }; int i = 0; /* test error cases */ ExpectIntEQ( EVP_PKEY_print_public(NULL,NULL,0,NULL),0L); /* * test RSA public key print * in this test, pass '3' for indent */ #if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_1024) ExpectNotNull(rbio = BIO_new_mem_buf( client_keypub_der_1024, sizeof_client_keypub_der_1024)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,3,NULL),1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " RSA Public-Key: (1024 bit)\n"); ExpectIntEQ(XSTRNCMP(line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " Modulus:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of modulus element*/ for (i = 0; i < 8 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " Exponent: 65537 (0x010001)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* !NO_RSA && USE_CERT_BUFFERS_1024*/ /* * test DSA public key print */ #if !defined(NO_DSA) && defined(USE_CERT_BUFFERS_2048) ExpectNotNull(rbio = BIO_new_mem_buf( dsa_pub_key_der_2048, sizeof_dsa_pub_key_der_2048)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "DSA Public-Key: (2048 bit)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "pub:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 00:C2:35:2D:EC:83:83:6C:73:13:9E:52:7C:74:C8:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of pub element*/ for (i = 0; i < 17 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "P:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of P element*/ for (i = 0; i < 18 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "Q:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of Q element*/ for (i = 0; i < 3 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "G:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of G element*/ for (i = 0; i < 18 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* !NO_DSA && USE_CERT_BUFFERS_2048 */ /* * test ECC public key print */ #if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256) ExpectNotNull(rbio = BIO_new_mem_buf( ecc_clikeypub_der_256, sizeof_ecc_clikeypub_der_256)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); ExpectStrEQ(line, "Public-Key: (256 bit)\n"); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "pub:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 04:55:BF:F4:0F:44:50:9A:3D:CE:9B:B7:F0:C5:4D:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of pub element*/ for (i = 0; i < 4 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "ASN1 OID: prime256v1\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "NIST CURVE: P-256\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* HAVE_ECC && USE_CERT_BUFFERS_256 */ /* * test DH public key print */ #if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048) ExpectNotNull(rbio = BIO_new_mem_buf( dh_pub_key_der_2048, sizeof_dh_pub_key_der_2048)); ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey)); ExpectNotNull(wbio = BIO_new(BIO_s_mem())); ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL), 1); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "DH Public-Key: (2048 bit)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "public-key:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 34:41:BF:E9:F2:11:BF:05:DB:B2:72:A8:29:CC:BD:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of public-key element*/ for (i = 0; i < 17 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "prime:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, " 00:D3:B2:99:84:5C:0A:4C:E7:37:CC:FC:18:37:01:\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* skip to the end of prime element*/ for (i = 0; i < 17 ;i++) { ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); } ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0); strcpy(line1, "generator: 2 (0x02)\n"); ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0); /* should reach EOF */ ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0); EVP_PKEY_free(pkey); pkey = NULL; BIO_free(rbio); BIO_free(wbio); rbio = NULL; wbio = NULL; #endif /* WOLFSSL_DH_EXTRA && USE_CERT_BUFFERS_2048 */ /* to prevent "unused variable" warning */ (void)pkey; (void)wbio; (void)rbio; (void)line; (void)line1; (void)i; #endif /* OPENSSL_EXTRA */ return EXPECT_RESULT(); }