endecode_test.c@ 106842

Last change on this file since 106842 was 105949, checked in by vboxsync, 4 months ago
openssl-3.1.7: Applied and adjusted our OpenSSL changes to 3.1.7. bugref:10757
File size: 58.1 KB

Line
1	/*
2	* Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the Apache License 2.0 (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#include <string.h>
11	#include <openssl/core_dispatch.h>
12	#include <openssl/evp.h>
13	#include <openssl/pem.h>
14	#include <openssl/rsa.h>
15	#include <openssl/x509.h>
16	#include <openssl/core_names.h>
17	#include <openssl/params.h>
18	#include <openssl/param_build.h>
19	#include <openssl/encoder.h>
20	#include <openssl/decoder.h>
21
22	#include "internal/cryptlib.h" /* ossl_assert */
23	#include "crypto/pem.h" /* For PVK and "blob" PEM headers */
24	#include "crypto/evp.h" /* For evp_pkey_is_provided() */
25
26	#include "helpers/predefined_dhparams.h"
27	#include "testutil.h"
28
29	#ifdef STATIC_LEGACY
30	OSSL_provider_init_fn ossl_legacy_provider_init;
31	#endif
32
33	/* Extended test macros to allow passing file & line number */
34	#define TEST_FL_ptr(a) test_ptr(file, line, #a, a)
35	#define TEST_FL_mem_eq(a, m, b, n) test_mem_eq(file, line, #a, #b, a, m, b, n)
36	#define TEST_FL_strn_eq(a, b, n) test_strn_eq(file, line, #a, #b, a, n, b, n)
37	#define TEST_FL_strn2_eq(a, m, b, n) test_strn_eq(file, line, #a, #b, a, m, b, n)
38	#define TEST_FL_int_eq(a, b) test_int_eq(file, line, #a, #b, a, b)
39	#define TEST_FL_int_ge(a, b) test_int_ge(file, line, #a, #b, a, b)
40	#define TEST_FL_int_gt(a, b) test_int_gt(file, line, #a, #b, a, b)
41	#define TEST_FL_long_gt(a, b) test_long_gt(file, line, #a, #b, a, b)
42	#define TEST_FL_true(a) test_true(file, line, #a, (a) != 0)
43
44	#if defined(OPENSSL_NO_DH) && defined(OPENSSL_NO_DSA) && defined(OPENSSL_NO_EC)
45	# define OPENSSL_NO_KEYPARAMS
46	#endif
47
48	static int default_libctx = 1;
49	static int is_fips = 0;
50	static int is_fips_3_0_0 = 0;
51
52	static OSSL_LIB_CTX *testctx = NULL;
53	static OSSL_LIB_CTX *keyctx = NULL;
54	static char *testpropq = NULL;
55
56	static OSSL_PROVIDER *nullprov = NULL;
57	static OSSL_PROVIDER *deflprov = NULL;
58	static OSSL_PROVIDER *keyprov = NULL;
59
60	#ifndef OPENSSL_NO_EC
61	static BN_CTX *bnctx = NULL;
62	static OSSL_PARAM_BLD *bld_prime_nc = NULL;
63	static OSSL_PARAM_BLD *bld_prime = NULL;
64	static OSSL_PARAM *ec_explicit_prime_params_nc = NULL;
65	static OSSL_PARAM *ec_explicit_prime_params_explicit = NULL;
66
67	# ifndef OPENSSL_NO_EC2M
68	static OSSL_PARAM_BLD *bld_tri_nc = NULL;
69	static OSSL_PARAM_BLD *bld_tri = NULL;
70	static OSSL_PARAM *ec_explicit_tri_params_nc = NULL;
71	static OSSL_PARAM *ec_explicit_tri_params_explicit = NULL;
72	# endif
73	#endif
74
75	#ifndef OPENSSL_NO_KEYPARAMS
76	static EVP_PKEY make_template(const char type, OSSL_PARAM *genparams)
77	{
78	EVP_PKEY *pkey = NULL;
79	EVP_PKEY_CTX *ctx = NULL;
80
81	# ifndef OPENSSL_NO_DH
82	/*
83	* Use 512-bit DH(X) keys with predetermined parameters for efficiency,
84	* for testing only. Use a minimum key size of 2048 for security purposes.
85	*/
86	if (strcmp(type, "DH") == 0)
87	return get_dh512(keyctx);
88
89	if (strcmp(type, "X9.42 DH") == 0)
90	return get_dhx512(keyctx);
91	# endif
92
93	/*
94	* No real need to check the errors other than for the cascade
95	* effect. \|pkey\| will simply remain NULL if something goes wrong.
96	*/
97	(void)((ctx = EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq)) != NULL
98	&& EVP_PKEY_paramgen_init(ctx) > 0
99	&& (genparams == NULL
100	\|\| EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
101	&& EVP_PKEY_generate(ctx, &pkey) > 0);
102	EVP_PKEY_CTX_free(ctx);
103
104	return pkey;
105	}
106	#endif
107
108	#if !defined(OPENSSL_NO_DH) \|\| !defined(OPENSSL_NO_DSA) \|\| !defined(OPENSSL_NO_EC)
109	static EVP_PKEY make_key(const char type, EVP_PKEY *template,
110	OSSL_PARAM *genparams)
111	{
112	EVP_PKEY *pkey = NULL;
113	EVP_PKEY_CTX *ctx =
114	template != NULL
115	? EVP_PKEY_CTX_new_from_pkey(keyctx, template, testpropq)
116	: EVP_PKEY_CTX_new_from_name(keyctx, type, testpropq);
117
118	/*
119	* No real need to check the errors other than for the cascade
120	* effect. \|pkey\| will simply remain NULL if something goes wrong.
121	*/
122	(void)(ctx != NULL
123	&& EVP_PKEY_keygen_init(ctx) > 0
124	&& (genparams == NULL
125	\|\| EVP_PKEY_CTX_set_params(ctx, genparams) > 0)
126	&& EVP_PKEY_keygen(ctx, &pkey) > 0);
127	EVP_PKEY_CTX_free(ctx);
128	return pkey;
129	}
130	#endif
131
132	/* Main test driver */
133
134	typedef int (encoder)(const char *file, const int line,
135	void *encoded, long encoded_len,
136	void *object, int selection,
137	const char output_type, const char output_structure,
138	const char pass, const char pcipher);
139	typedef int (decoder)(const char *file, const int line,
140	void *object, void encoded, long encoded_len,
141	const char input_type, const char structure_type,
142	const char keytype, int selection, const char pass);
143	typedef int (tester)(const char *file, const int line,
144	const void *data1, size_t data1_len,
145	const void *data2, size_t data2_len);
146	typedef int (checker)(const char *file, const int line,
147	const char type, const void data, size_t data_len);
148	typedef void (dumper)(const char label, const void data, size_t data_len);
149
150	#define FLAG_DECODE_WITH_TYPE 0x0001
151	#define FLAG_FAIL_IF_FIPS 0x0002
152
153	static int test_encode_decode(const char *file, const int line,
154	const char type, EVP_PKEY pkey,
155	int selection, const char *output_type,
156	const char *output_structure,
157	const char pass, const char pcipher,
158	encoder encode_cb, decoder decode_cb,
159	tester test_cb, checker check_cb,
160	dumper *dump_cb, int flags)
161	{
162	void *encoded = NULL;
163	long encoded_len = 0;
164	EVP_PKEY *pkey2 = NULL;
165	EVP_PKEY *pkey3 = NULL;
166	void *encoded2 = NULL;
167	long encoded2_len = 0;
168	int ok = 0;
169
170	/*
171	* Encode \|pkey\|, decode the result into \|pkey2\|, and finish off by
172	* encoding \|pkey2\| as well. That last encoding is for checking and
173	* dumping purposes.
174	*/
175	if (!TEST_true(encode_cb(file, line, &encoded, &encoded_len, pkey, selection,
176	output_type, output_structure, pass, pcipher)))
177	goto end;
178
179	if ((flags & FLAG_FAIL_IF_FIPS) != 0 && is_fips && !is_fips_3_0_0) {
180	if (TEST_false(decode_cb(file, line, (void **)&pkey2, encoded,
181	encoded_len, output_type, output_structure,
182	(flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
183	selection, pass)))
184	ok = 1;
185	goto end;
186	}
187
188	if (!TEST_true(check_cb(file, line, type, encoded, encoded_len))
189	\|\| !TEST_true(decode_cb(file, line, (void **)&pkey2, encoded, encoded_len,
190	output_type, output_structure,
191	(flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
192	selection, pass))
193	\|\| ((output_structure == NULL
194	\|\| strcmp(output_structure, "type-specific") != 0)
195	&& !TEST_true(decode_cb(file, line, (void **)&pkey3, encoded, encoded_len,
196	output_type, output_structure,
197	(flags & FLAG_DECODE_WITH_TYPE ? type : NULL),
198	0, pass)))
199	\|\| !TEST_true(encode_cb(file, line, &encoded2, &encoded2_len, pkey2, selection,
200	output_type, output_structure, pass, pcipher)))
201	goto end;
202
203	if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
204	if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1)
205	\|\| (pkey3 != NULL
206	&& !TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey3), 1)))
207	goto end;
208	} else {
209	if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)
210	\|\| (pkey3 != NULL
211	&& !TEST_int_eq(EVP_PKEY_eq(pkey, pkey3), 1)))
212	goto end;
213	}
214
215	/*
216	* Double check the encoding, but only for unprotected keys,
217	* as protected keys have a random component, which makes the output
218	* differ.
219	*/
220	if ((pass == NULL && pcipher == NULL)
221	&& !test_cb(file, line, encoded, encoded_len, encoded2, encoded2_len))
222	goto end;
223
224	ok = 1;
225	end:
226	if (!ok) {
227	if (encoded != NULL && encoded_len != 0)
228	dump_cb("\|pkey\| encoded", encoded, encoded_len);
229	if (encoded2 != NULL && encoded2_len != 0)
230	dump_cb("\|pkey2\| encoded", encoded2, encoded2_len);
231	}
232
233	OPENSSL_free(encoded);
234	OPENSSL_free(encoded2);
235	EVP_PKEY_free(pkey2);
236	EVP_PKEY_free(pkey3);
237	return ok;
238	}
239
240	/* Encoding and decoding methods */
241
242	static int encode_EVP_PKEY_prov(const char *file, const int line,
243	void *encoded, long encoded_len,
244	void *object, int selection,
245	const char *output_type,
246	const char *output_structure,
247	const char pass, const char pcipher)
248	{
249	EVP_PKEY *pkey = object;
250	OSSL_ENCODER_CTX *ectx = NULL;
251	BIO *mem_ser = NULL;
252	BUF_MEM *mem_buf = NULL;
253	const unsigned char upass = (const unsigned char )pass;
254	int ok = 0;
255
256	if (!TEST_FL_ptr(ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey, selection,
257	output_type,
258	output_structure,
259	testpropq))
260	\|\| !TEST_FL_int_gt(OSSL_ENCODER_CTX_get_num_encoders(ectx), 0)
261	\|\| (pass != NULL
262	&& !TEST_FL_true(OSSL_ENCODER_CTX_set_passphrase(ectx, upass,
263	strlen(pass))))
264	\|\| (pcipher != NULL
265	&& !TEST_FL_true(OSSL_ENCODER_CTX_set_cipher(ectx, pcipher, NULL)))
266	\|\| !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
267	\|\| !TEST_FL_true(OSSL_ENCODER_to_bio(ectx, mem_ser))
268	\|\| !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
269	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
270	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
271	goto end;
272
273	/* Detach the encoded output */
274	mem_buf->data = NULL;
275	mem_buf->length = 0;
276	ok = 1;
277	end:
278	BIO_free(mem_ser);
279	OSSL_ENCODER_CTX_free(ectx);
280	return ok;
281	}
282
283	static int decode_EVP_PKEY_prov(const char *file, const int line,
284	void *object, void encoded, long encoded_len,
285	const char *input_type,
286	const char *structure_type,
287	const char *keytype, int selection,
288	const char *pass)
289	{
290	EVP_PKEY pkey = NULL, testpkey = NULL;
291	OSSL_DECODER_CTX *dctx = NULL;
292	BIO *encoded_bio = NULL;
293	const unsigned char upass = (const unsigned char )pass;
294	int ok = 0;
295	int i;
296	const char *badtype;
297
298	if (strcmp(input_type, "DER") == 0)
299	badtype = "PEM";
300	else
301	badtype = "DER";
302
303	if (!TEST_FL_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len)))
304	goto end;
305
306	/*
307	* We attempt the decode 3 times. The first time we provide the expected
308	* starting input type. The second time we provide NULL for the starting
309	* type. The third time we provide a bad starting input type.
310	* The bad starting input type should fail. The other two should succeed
311	* and produce the same result.
312	*/
313	for (i = 0; i < 3; i++) {
314	const char *testtype = (i == 0) ? input_type
315	: ((i == 1) ? NULL : badtype);
316
317	if (!TEST_FL_ptr(dctx = OSSL_DECODER_CTX_new_for_pkey(&testpkey,
318	testtype,
319	structure_type,
320	keytype,
321	selection,
322	testctx, testpropq))
323	\|\| (pass != NULL
324	&& !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass)))
325	\|\| !TEST_FL_int_gt(BIO_reset(encoded_bio), 0)
326	/* We expect to fail when using a bad input type */
327	\|\| !TEST_FL_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio),
328	(i == 2) ? 0 : 1))
329	goto end;
330	OSSL_DECODER_CTX_free(dctx);
331	dctx = NULL;
332
333	if (i == 0) {
334	pkey = testpkey;
335	testpkey = NULL;
336	} else if (i == 1) {
337	if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) {
338	if (!TEST_FL_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1))
339	goto end;
340	} else {
341	if (!TEST_FL_int_eq(EVP_PKEY_eq(pkey, testpkey), 1))
342	goto end;
343	}
344	}
345	}
346	ok = 1;
347	*object = pkey;
348	pkey = NULL;
349
350	end:
351	EVP_PKEY_free(pkey);
352	EVP_PKEY_free(testpkey);
353	BIO_free(encoded_bio);
354	OSSL_DECODER_CTX_free(dctx);
355	return ok;
356	}
357
358	static int encode_EVP_PKEY_legacy_PEM(const char *file, const int line,
359	void *encoded, long encoded_len,
360	void *object, ossl_unused int selection,
361	ossl_unused const char *output_type,
362	ossl_unused const char *output_structure,
363	const char pass, const char pcipher)
364	{
365	EVP_PKEY *pkey = object;
366	EVP_CIPHER *cipher = NULL;
367	BIO *mem_ser = NULL;
368	BUF_MEM *mem_buf = NULL;
369	const unsigned char upass = (const unsigned char )pass;
370	size_t passlen = 0;
371	int ok = 0;
372
373	if (pcipher != NULL && pass != NULL) {
374	passlen = strlen(pass);
375	if (!TEST_FL_ptr(cipher = EVP_CIPHER_fetch(testctx, pcipher, testpropq)))
376	goto end;
377	}
378	if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
379	\|\| !TEST_FL_true(PEM_write_bio_PrivateKey_traditional(mem_ser, pkey,
380	cipher,
381	upass, passlen,
382	NULL, NULL))
383	\|\| !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
384	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
385	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
386	goto end;
387
388	/* Detach the encoded output */
389	mem_buf->data = NULL;
390	mem_buf->length = 0;
391	ok = 1;
392	end:
393	BIO_free(mem_ser);
394	EVP_CIPHER_free(cipher);
395	return ok;
396	}
397
398	static int encode_EVP_PKEY_MSBLOB(const char *file, const int line,
399	void *encoded, long encoded_len,
400	void *object, int selection,
401	ossl_unused const char *output_type,
402	ossl_unused const char *output_structure,
403	ossl_unused const char *pass,
404	ossl_unused const char *pcipher)
405	{
406	EVP_PKEY *pkey = object;
407	BIO *mem_ser = NULL;
408	BUF_MEM *mem_buf = NULL;
409	int ok = 0;
410
411	if (!TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem())))
412	goto end;
413
414	if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
415	if (!TEST_FL_int_ge(i2b_PrivateKey_bio(mem_ser, pkey), 0))
416	goto end;
417	} else {
418	if (!TEST_FL_int_ge(i2b_PublicKey_bio(mem_ser, pkey), 0))
419	goto end;
420	}
421
422	if (!TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
423	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
424	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
425	goto end;
426
427	/* Detach the encoded output */
428	mem_buf->data = NULL;
429	mem_buf->length = 0;
430	ok = 1;
431	end:
432	BIO_free(mem_ser);
433	return ok;
434	}
435
436	static pem_password_cb pass_pw;
437	static int pass_pw(char buf, int size, int rwflag, void userdata)
438	{
439	OPENSSL_strlcpy(buf, userdata, size);
440	return strlen(userdata);
441	}
442
443	static int encode_EVP_PKEY_PVK(const char *file, const int line,
444	void *encoded, long encoded_len,
445	void *object, int selection,
446	ossl_unused const char *output_type,
447	ossl_unused const char *output_structure,
448	const char *pass,
449	ossl_unused const char *pcipher)
450	{
451	EVP_PKEY *pkey = object;
452	BIO *mem_ser = NULL;
453	BUF_MEM *mem_buf = NULL;
454	int enc = (pass != NULL);
455	int ok = 0;
456
457	if (!TEST_FL_true(ossl_assert((selection
458	& OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0))
459	\|\| !TEST_FL_ptr(mem_ser = BIO_new(BIO_s_mem()))
460	\|\| !TEST_FL_int_ge(i2b_PVK_bio_ex(mem_ser, pkey, enc,
461	pass_pw, (void *)pass, testctx, testpropq), 0)
462	\|\| !TEST_FL_true(BIO_get_mem_ptr(mem_ser, &mem_buf) > 0)
463	\|\| !TEST_FL_ptr(*encoded = mem_buf->data)
464	\|\| !TEST_FL_long_gt(*encoded_len = mem_buf->length, 0))
465	goto end;
466
467	/* Detach the encoded output */
468	mem_buf->data = NULL;
469	mem_buf->length = 0;
470	ok = 1;
471	end:
472	BIO_free(mem_ser);
473	return ok;
474	}
475
476	static int test_text(const char *file, const int line,
477	const void *data1, size_t data1_len,
478	const void *data2, size_t data2_len)
479	{
480	return TEST_FL_strn2_eq(data1, data1_len, data2, data2_len);
481	}
482
483	static int test_mem(const char *file, const int line,
484	const void *data1, size_t data1_len,
485	const void *data2, size_t data2_len)
486	{
487	return TEST_FL_mem_eq(data1, data1_len, data2, data2_len);
488	}
489
490	/* Test cases and their dumpers / checkers */
491
492	static void collect_name(const char name, void arg)
493	{
494	char **namelist = arg;
495	char *new_namelist;
496	size_t space;
497
498	space = strlen(name);
499	if (*namelist != NULL)
500	space += strlen(namelist) + 2 / for comma and space */;
501	space++; /* for terminating null byte */
502
503	new_namelist = OPENSSL_realloc(*namelist, space);
504	if (new_namelist == NULL)
505	return;
506	if (*namelist != NULL) {
507	strcat(new_namelist, ", ");
508	strcat(new_namelist, name);
509	} else {
510	strcpy(new_namelist, name);
511	}
512	*namelist = new_namelist;
513	}
514
515	static void dump_der(const char label, const void data, size_t data_len)
516	{
517	test_output_memory(label, data, data_len);
518	}
519
520	static void dump_pem(const char label, const void data, size_t data_len)
521	{
522	test_output_string(label, data, data_len - 1);
523	}
524
525	static int check_unprotected_PKCS8_DER(const char *file, const int line,
526	const char *type,
527	const void *data, size_t data_len)
528	{
529	const unsigned char *datap = data;
530	PKCS8_PRIV_KEY_INFO *p8inf =
531	d2i_PKCS8_PRIV_KEY_INFO(NULL, &datap, data_len);
532	int ok = 0;
533
534	if (TEST_FL_ptr(p8inf)) {
535	EVP_PKEY *pkey = EVP_PKCS82PKEY_ex(p8inf, testctx, testpropq);
536	char *namelist = NULL;
537
538	if (TEST_FL_ptr(pkey)) {
539	if (!(ok = TEST_FL_true(EVP_PKEY_is_a(pkey, type)))) {
540	EVP_PKEY_type_names_do_all(pkey, collect_name, &namelist);
541	if (namelist != NULL)
542	TEST_note("%s isn't any of %s", type, namelist);
543	OPENSSL_free(namelist);
544	}
545	ok = ok && TEST_FL_true(evp_pkey_is_provided(pkey));
546	EVP_PKEY_free(pkey);
547	}
548	}
549	PKCS8_PRIV_KEY_INFO_free(p8inf);
550	return ok;
551	}
552
553	static int test_unprotected_via_DER(const char type, EVP_PKEY key, int fips)
554	{
555	return test_encode_decode(__FILE__, __LINE__, type, key,
556	OSSL_KEYMGMT_SELECT_KEYPAIR
557	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
558	"DER", "PrivateKeyInfo", NULL, NULL,
559	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
560	test_mem, check_unprotected_PKCS8_DER,
561	dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
562	}
563
564	static int check_unprotected_PKCS8_PEM(const char *file, const int line,
565	const char *type,
566	const void *data, size_t data_len)
567	{
568	static const char expected_pem_header[] =
569	"-----BEGIN " PEM_STRING_PKCS8INF "-----";
570
571	return TEST_FL_strn_eq(data, expected_pem_header,
572	sizeof(expected_pem_header) - 1);
573	}
574
575	static int test_unprotected_via_PEM(const char type, EVP_PKEY key, int fips)
576	{
577	return test_encode_decode(__FILE__, __LINE__, type, key,
578	OSSL_KEYMGMT_SELECT_KEYPAIR
579	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
580	"PEM", "PrivateKeyInfo", NULL, NULL,
581	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
582	test_text, check_unprotected_PKCS8_PEM,
583	dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
584	}
585
586	#ifndef OPENSSL_NO_KEYPARAMS
587	static int check_params_DER(const char *file, const int line,
588	const char type, const void data, size_t data_len)
589	{
590	const unsigned char *datap = data;
591	int ok = 0;
592	int itype = NID_undef;
593	EVP_PKEY *pkey = NULL;
594
595	if (strcmp(type, "DH") == 0)
596	itype = EVP_PKEY_DH;
597	else if (strcmp(type, "X9.42 DH") == 0)
598	itype = EVP_PKEY_DHX;
599	else if (strcmp(type, "DSA") == 0)
600	itype = EVP_PKEY_DSA;
601	else if (strcmp(type, "EC") == 0)
602	itype = EVP_PKEY_EC;
603
604	if (itype != NID_undef) {
605	pkey = d2i_KeyParams(itype, NULL, &datap, data_len);
606	ok = (pkey != NULL);
607	EVP_PKEY_free(pkey);
608	}
609
610	return ok;
611	}
612
613	static int check_params_PEM(const char *file, const int line,
614	const char *type,
615	const void *data, size_t data_len)
616	{
617	static char expected_pem_header[80];
618
619	return
620	TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
621	sizeof(expected_pem_header),
622	"-----BEGIN %s PARAMETERS-----", type), 0)
623	&& TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
624	}
625
626	static int test_params_via_DER(const char type, EVP_PKEY key)
627	{
628	return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
629	"DER", "type-specific", NULL, NULL,
630	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
631	test_mem, check_params_DER,
632	dump_der, FLAG_DECODE_WITH_TYPE);
633	}
634
635	static int test_params_via_PEM(const char type, EVP_PKEY key)
636	{
637	return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
638	"PEM", "type-specific", NULL, NULL,
639	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
640	test_text, check_params_PEM,
641	dump_pem, 0);
642	}
643	#endif /* !OPENSSL_NO_KEYPARAMS */
644
645	static int check_unprotected_legacy_PEM(const char *file, const int line,
646	const char *type,
647	const void *data, size_t data_len)
648	{
649	static char expected_pem_header[80];
650
651	return
652	TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
653	sizeof(expected_pem_header),
654	"-----BEGIN %s PRIVATE KEY-----", type), 0)
655	&& TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header));
656	}
657
658	static int test_unprotected_via_legacy_PEM(const char type, EVP_PKEY key)
659	{
660	if (!default_libctx \|\| is_fips)
661	return TEST_skip("Test not available if using a non-default library context or FIPS provider");
662
663	return test_encode_decode(__FILE__, __LINE__, type, key,
664	OSSL_KEYMGMT_SELECT_KEYPAIR
665	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
666	"PEM", "type-specific", NULL, NULL,
667	encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
668	test_text, check_unprotected_legacy_PEM,
669	dump_pem, 0);
670	}
671
672	static int check_MSBLOB(const char *file, const int line,
673	const char type, const void data, size_t data_len)
674	{
675	const unsigned char *datap = data;
676	EVP_PKEY *pkey = b2i_PrivateKey(&datap, data_len);
677	int ok = TEST_FL_ptr(pkey);
678
679	EVP_PKEY_free(pkey);
680	return ok;
681	}
682
683	static int test_unprotected_via_MSBLOB(const char type, EVP_PKEY key)
684	{
685	return test_encode_decode(__FILE__, __LINE__, type, key,
686	OSSL_KEYMGMT_SELECT_KEYPAIR
687	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
688	"MSBLOB", NULL, NULL, NULL,
689	encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
690	test_mem, check_MSBLOB,
691	dump_der, 0);
692	}
693
694	static int check_PVK(const char *file, const int line,
695	const char type, const void data, size_t data_len)
696	{
697	const unsigned char *in = data;
698	unsigned int saltlen = 0, keylen = 0;
699	int ok = ossl_do_PVK_header(&in, data_len, 0, &saltlen, &keylen);
700
701	return ok;
702	}
703
704	static int test_unprotected_via_PVK(const char type, EVP_PKEY key)
705	{
706	return test_encode_decode(__FILE__, __LINE__, type, key,
707	OSSL_KEYMGMT_SELECT_KEYPAIR
708	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
709	"PVK", NULL, NULL, NULL,
710	encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
711	test_mem, check_PVK,
712	dump_der, 0);
713	}
714
715	static const char *pass_cipher = "AES-256-CBC";
716	static const char *pass = "the holy handgrenade of antioch";
717
718	static int check_protected_PKCS8_DER(const char *file, const int line,
719	const char *type,
720	const void *data, size_t data_len)
721	{
722	const unsigned char *datap = data;
723	X509_SIG *p8 = d2i_X509_SIG(NULL, &datap, data_len);
724	int ok = TEST_FL_ptr(p8);
725
726	X509_SIG_free(p8);
727	return ok;
728	}
729
730	static int test_protected_via_DER(const char type, EVP_PKEY key, int fips)
731	{
732	return test_encode_decode(__FILE__, __LINE__, type, key,
733	OSSL_KEYMGMT_SELECT_KEYPAIR
734	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
735	"DER", "EncryptedPrivateKeyInfo",
736	pass, pass_cipher,
737	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
738	test_mem, check_protected_PKCS8_DER,
739	dump_der, fips ? 0 : FLAG_FAIL_IF_FIPS);
740	}
741
742	static int check_protected_PKCS8_PEM(const char *file, const int line,
743	const char *type,
744	const void *data, size_t data_len)
745	{
746	static const char expected_pem_header[] =
747	"-----BEGIN " PEM_STRING_PKCS8 "-----";
748
749	return TEST_FL_strn_eq(data, expected_pem_header,
750	sizeof(expected_pem_header) - 1);
751	}
752
753	static int test_protected_via_PEM(const char type, EVP_PKEY key, int fips)
754	{
755	return test_encode_decode(__FILE__, __LINE__, type, key,
756	OSSL_KEYMGMT_SELECT_KEYPAIR
757	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
758	"PEM", "EncryptedPrivateKeyInfo",
759	pass, pass_cipher,
760	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
761	test_text, check_protected_PKCS8_PEM,
762	dump_pem, fips ? 0 : FLAG_FAIL_IF_FIPS);
763	}
764
765	static int check_protected_legacy_PEM(const char *file, const int line,
766	const char *type,
767	const void *data, size_t data_len)
768	{
769	static char expected_pem_header[80];
770
771	return
772	TEST_FL_int_gt(BIO_snprintf(expected_pem_header,
773	sizeof(expected_pem_header),
774	"-----BEGIN %s PRIVATE KEY-----", type), 0)
775	&& TEST_FL_strn_eq(data, expected_pem_header, strlen(expected_pem_header))
776	&& TEST_FL_ptr(strstr(data, "\nDEK-Info: "));
777	}
778
779	static int test_protected_via_legacy_PEM(const char type, EVP_PKEY key)
780	{
781	if (!default_libctx \|\| is_fips)
782	return TEST_skip("Test not available if using a non-default library context or FIPS provider");
783
784	return test_encode_decode(__FILE__, __LINE__, type, key,
785	OSSL_KEYMGMT_SELECT_KEYPAIR
786	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
787	"PEM", "type-specific", pass, pass_cipher,
788	encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov,
789	test_text, check_protected_legacy_PEM,
790	dump_pem, 0);
791	}
792
793	#ifndef OPENSSL_NO_RC4
794	static int test_protected_via_PVK(const char type, EVP_PKEY key)
795	{
796	int ret = 0;
797	OSSL_PROVIDER *lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
798	if (lgcyprov == NULL)
799	return TEST_skip("Legacy provider not available");
800
801	ret = test_encode_decode(__FILE__, __LINE__, type, key,
802	OSSL_KEYMGMT_SELECT_KEYPAIR
803	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
804	"PVK", NULL, pass, NULL,
805	encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov,
806	test_mem, check_PVK, dump_der, 0);
807	OSSL_PROVIDER_unload(lgcyprov);
808	return ret;
809	}
810	#endif
811
812	static int check_public_DER(const char *file, const int line,
813	const char type, const void data, size_t data_len)
814	{
815	const unsigned char *datap = data;
816	EVP_PKEY *pkey = d2i_PUBKEY_ex(NULL, &datap, data_len, testctx, testpropq);
817	int ok = (TEST_FL_ptr(pkey) && TEST_FL_true(EVP_PKEY_is_a(pkey, type)));
818
819	EVP_PKEY_free(pkey);
820	return ok;
821	}
822
823	static int test_public_via_DER(const char type, EVP_PKEY key, int fips)
824	{
825	return test_encode_decode(__FILE__, __LINE__, type, key,
826	OSSL_KEYMGMT_SELECT_PUBLIC_KEY
827	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
828	"DER", "SubjectPublicKeyInfo", NULL, NULL,
829	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
830	test_mem, check_public_DER, dump_der,
831	fips ? 0 : FLAG_FAIL_IF_FIPS);
832	}
833
834	static int check_public_PEM(const char *file, const int line,
835	const char type, const void data, size_t data_len)
836	{
837	static const char expected_pem_header[] =
838	"-----BEGIN " PEM_STRING_PUBLIC "-----";
839
840	return
841	TEST_FL_strn_eq(data, expected_pem_header,
842	sizeof(expected_pem_header) - 1);
843	}
844
845	static int test_public_via_PEM(const char type, EVP_PKEY key, int fips)
846	{
847	return test_encode_decode(__FILE__, __LINE__, type, key,
848	OSSL_KEYMGMT_SELECT_PUBLIC_KEY
849	\| OSSL_KEYMGMT_SELECT_ALL_PARAMETERS,
850	"PEM", "SubjectPublicKeyInfo", NULL, NULL,
851	encode_EVP_PKEY_prov, decode_EVP_PKEY_prov,
852	test_text, check_public_PEM, dump_pem,
853	fips ? 0 : FLAG_FAIL_IF_FIPS);
854	}
855
856	static int check_public_MSBLOB(const char *file, const int line,
857	const char *type,
858	const void *data, size_t data_len)
859	{
860	const unsigned char *datap = data;
861	EVP_PKEY *pkey = b2i_PublicKey(&datap, data_len);
862	int ok = TEST_FL_ptr(pkey);
863
864	EVP_PKEY_free(pkey);
865	return ok;
866	}
867
868	static int test_public_via_MSBLOB(const char type, EVP_PKEY key)
869	{
870	return test_encode_decode(__FILE__, __LINE__, type, key, OSSL_KEYMGMT_SELECT_PUBLIC_KEY
871	\| OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
872	"MSBLOB", NULL, NULL, NULL,
873	encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov,
874	test_mem, check_public_MSBLOB, dump_der, 0);
875	}
876
877	#define KEYS(KEYTYPE) \
878	static EVP_PKEY *key_##KEYTYPE = NULL
879	#define MAKE_KEYS(KEYTYPE, KEYTYPEstr, params) \
880	ok = ok \
881	&& TEST_ptr(key_##KEYTYPE = make_key(KEYTYPEstr, NULL, params))
882	#define FREE_KEYS(KEYTYPE) \
883	EVP_PKEY_free(key_##KEYTYPE); \
884
885	#define DOMAIN_KEYS(KEYTYPE) \
886	static EVP_PKEY *template_##KEYTYPE = NULL; \
887	static EVP_PKEY *key_##KEYTYPE = NULL
888	#define MAKE_DOMAIN_KEYS(KEYTYPE, KEYTYPEstr, params) \
889	ok = ok \
890	&& TEST_ptr(template_##KEYTYPE = \
891	make_template(KEYTYPEstr, params)) \
892	&& TEST_ptr(key_##KEYTYPE = \
893	make_key(KEYTYPEstr, template_##KEYTYPE, NULL))
894	#define FREE_DOMAIN_KEYS(KEYTYPE) \
895	EVP_PKEY_free(template_##KEYTYPE); \
896	EVP_PKEY_free(key_##KEYTYPE)
897
898	#define IMPLEMENT_TEST_SUITE(KEYTYPE, KEYTYPEstr, fips) \
899	static int test_unprotected_##KEYTYPE##_via_DER(void) \
900	{ \
901	return test_unprotected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
902	} \
903	static int test_unprotected_##KEYTYPE##_via_PEM(void) \
904	{ \
905	return test_unprotected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
906	} \
907	static int test_protected_##KEYTYPE##_via_DER(void) \
908	{ \
909	return test_protected_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
910	} \
911	static int test_protected_##KEYTYPE##_via_PEM(void) \
912	{ \
913	return test_protected_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
914	} \
915	static int test_public_##KEYTYPE##_via_DER(void) \
916	{ \
917	return test_public_via_DER(KEYTYPEstr, key_##KEYTYPE, fips); \
918	} \
919	static int test_public_##KEYTYPE##_via_PEM(void) \
920	{ \
921	return test_public_via_PEM(KEYTYPEstr, key_##KEYTYPE, fips); \
922	}
923
924	#define ADD_TEST_SUITE(KEYTYPE) \
925	ADD_TEST(test_unprotected_##KEYTYPE##_via_DER); \
926	ADD_TEST(test_unprotected_##KEYTYPE##_via_PEM); \
927	ADD_TEST(test_protected_##KEYTYPE##_via_DER); \
928	ADD_TEST(test_protected_##KEYTYPE##_via_PEM); \
929	ADD_TEST(test_public_##KEYTYPE##_via_DER); \
930	ADD_TEST(test_public_##KEYTYPE##_via_PEM)
931
932	#define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \
933	static int test_params_##KEYTYPE##_via_DER(void) \
934	{ \
935	return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \
936	} \
937	static int test_params_##KEYTYPE##_via_PEM(void) \
938	{ \
939	return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \
940	}
941
942	#define ADD_TEST_SUITE_PARAMS(KEYTYPE) \
943	ADD_TEST(test_params_##KEYTYPE##_via_DER); \
944	ADD_TEST(test_params_##KEYTYPE##_via_PEM)
945
946	#define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \
947	static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \
948	{ \
949	return \
950	test_unprotected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
951	} \
952	static int test_protected_##KEYTYPE##_via_legacy_PEM(void) \
953	{ \
954	return \
955	test_protected_via_legacy_PEM(KEYTYPEstr, key_##KEYTYPE); \
956	}
957
958	#define ADD_TEST_SUITE_LEGACY(KEYTYPE) \
959	ADD_TEST(test_unprotected_##KEYTYPE##_via_legacy_PEM); \
960	ADD_TEST(test_protected_##KEYTYPE##_via_legacy_PEM)
961
962	#define IMPLEMENT_TEST_SUITE_MSBLOB(KEYTYPE, KEYTYPEstr) \
963	static int test_unprotected_##KEYTYPE##_via_MSBLOB(void) \
964	{ \
965	return test_unprotected_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
966	} \
967	static int test_public_##KEYTYPE##_via_MSBLOB(void) \
968	{ \
969	return test_public_via_MSBLOB(KEYTYPEstr, key_##KEYTYPE); \
970	}
971
972	#define ADD_TEST_SUITE_MSBLOB(KEYTYPE) \
973	ADD_TEST(test_unprotected_##KEYTYPE##_via_MSBLOB); \
974	ADD_TEST(test_public_##KEYTYPE##_via_MSBLOB)
975
976	#define IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
977	static int test_unprotected_##KEYTYPE##_via_PVK(void) \
978	{ \
979	return test_unprotected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
980	}
981	# define ADD_TEST_SUITE_UNPROTECTED_PVK(KEYTYPE) \
982	ADD_TEST(test_unprotected_##KEYTYPE##_via_PVK)
983	#ifndef OPENSSL_NO_RC4
984	# define IMPLEMENT_TEST_SUITE_PROTECTED_PVK(KEYTYPE, KEYTYPEstr) \
985	static int test_protected_##KEYTYPE##_via_PVK(void) \
986	{ \
987	return test_protected_via_PVK(KEYTYPEstr, key_##KEYTYPE); \
988	}
989	# define ADD_TEST_SUITE_PROTECTED_PVK(KEYTYPE) \
990	ADD_TEST(test_protected_##KEYTYPE##_via_PVK)
991	#endif
992
993	#ifndef OPENSSL_NO_DH
994	DOMAIN_KEYS(DH);
995	IMPLEMENT_TEST_SUITE(DH, "DH", 1)
996	IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH")
997	DOMAIN_KEYS(DHX);
998	IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH", 1)
999	IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH")
1000	/*
1001	* DH has no support for PEM_write_bio_PrivateKey_traditional(),
1002	* so no legacy tests.
1003	*/
1004	#endif
1005	#ifndef OPENSSL_NO_DSA
1006	DOMAIN_KEYS(DSA);
1007	IMPLEMENT_TEST_SUITE(DSA, "DSA", 1)
1008	IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA")
1009	IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA")
1010	IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA")
1011	IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(DSA, "DSA")
1012	# ifndef OPENSSL_NO_RC4
1013	IMPLEMENT_TEST_SUITE_PROTECTED_PVK(DSA, "DSA")
1014	# endif
1015	#endif
1016	#ifndef OPENSSL_NO_EC
1017	DOMAIN_KEYS(EC);
1018	IMPLEMENT_TEST_SUITE(EC, "EC", 1)
1019	IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC")
1020	IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC")
1021	DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1022	IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC", 1)
1023	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve, "EC")
1024	DOMAIN_KEYS(ECExplicitPrime2G);
1025	IMPLEMENT_TEST_SUITE(ECExplicitPrime2G, "EC", 0)
1026	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitPrime2G, "EC")
1027	# ifndef OPENSSL_NO_EC2M
1028	DOMAIN_KEYS(ECExplicitTriNamedCurve);
1029	IMPLEMENT_TEST_SUITE(ECExplicitTriNamedCurve, "EC", 1)
1030	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve, "EC")
1031	DOMAIN_KEYS(ECExplicitTri2G);
1032	IMPLEMENT_TEST_SUITE(ECExplicitTri2G, "EC", 0)
1033	IMPLEMENT_TEST_SUITE_LEGACY(ECExplicitTri2G, "EC")
1034	# endif
1035	KEYS(ED25519);
1036	IMPLEMENT_TEST_SUITE(ED25519, "ED25519", 1)
1037	KEYS(ED448);
1038	IMPLEMENT_TEST_SUITE(ED448, "ED448", 1)
1039	KEYS(X25519);
1040	IMPLEMENT_TEST_SUITE(X25519, "X25519", 1)
1041	KEYS(X448);
1042	IMPLEMENT_TEST_SUITE(X448, "X448", 1)
1043	/*
1044	* ED25519, ED448, X25519 and X448 have no support for
1045	* PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1046	*/
1047	#endif
1048	KEYS(RSA);
1049	IMPLEMENT_TEST_SUITE(RSA, "RSA", 1)
1050	IMPLEMENT_TEST_SUITE_LEGACY(RSA, "RSA")
1051	KEYS(RSA_PSS);
1052	IMPLEMENT_TEST_SUITE(RSA_PSS, "RSA-PSS", 1)
1053	/*
1054	* RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1055	* so no legacy tests.
1056	*/
1057	IMPLEMENT_TEST_SUITE_MSBLOB(RSA, "RSA")
1058	IMPLEMENT_TEST_SUITE_UNPROTECTED_PVK(RSA, "RSA")
1059	#ifndef OPENSSL_NO_RC4
1060	IMPLEMENT_TEST_SUITE_PROTECTED_PVK(RSA, "RSA")
1061	#endif
1062
1063	#ifndef OPENSSL_NO_EC
1064	/* Explicit parameters that match a named curve */
1065	static int do_create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld,
1066	const unsigned char *gen,
1067	size_t gen_len)
1068	{
1069	BIGNUM a, b, prime, order;
1070
1071	/* Curve prime256v1 */
1072	static const unsigned char prime_data[] = {
1073	0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1074	0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1075	0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1076	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1077	0xff
1078	};
1079	static const unsigned char a_data[] = {
1080	0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1081	0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1082	0x00, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff,
1083	0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1084	0xfc
1085	};
1086	static const unsigned char b_data[] = {
1087	0x5a, 0xc6, 0x35, 0xd8, 0xaa, 0x3a, 0x93, 0xe7,
1088	0xb3, 0xeb, 0xbd, 0x55, 0x76, 0x98, 0x86, 0xbc,
1089	0x65, 0x1d, 0x06, 0xb0, 0xcc, 0x53, 0xb0, 0xf6,
1090	0x3b, 0xce, 0x3c, 0x3e, 0x27, 0xd2, 0x60, 0x4b
1091	};
1092	static const unsigned char seed[] = {
1093	0xc4, 0x9d, 0x36, 0x08, 0x86, 0xe7, 0x04, 0x93,
1094	0x6a, 0x66, 0x78, 0xe1, 0x13, 0x9d, 0x26, 0xb7,
1095	0x81, 0x9f, 0x7e, 0x90
1096	};
1097	static const unsigned char order_data[] = {
1098	0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x00,
1099	0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
1100	0xff, 0xbc, 0xe6, 0xfa, 0xad, 0xa7, 0x17, 0x9e,
1101	0x84, 0xf3, 0xb9, 0xca, 0xc2, 0xfc, 0x63, 0x25, 0x51
1102	};
1103	return TEST_ptr(a = BN_CTX_get(bnctx))
1104	&& TEST_ptr(b = BN_CTX_get(bnctx))
1105	&& TEST_ptr(prime = BN_CTX_get(bnctx))
1106	&& TEST_ptr(order = BN_CTX_get(bnctx))
1107	&& TEST_ptr(BN_bin2bn(prime_data, sizeof(prime_data), prime))
1108	&& TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1109	&& TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1110	&& TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1111	&& TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1112	OSSL_PKEY_PARAM_EC_FIELD_TYPE, SN_X9_62_prime_field,
1113	0))
1114	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, prime))
1115	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1116	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1117	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1118	OSSL_PKEY_PARAM_EC_ORDER, order))
1119	&& TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1120	OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1121	&& TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1122	OSSL_PKEY_PARAM_EC_SEED, seed, sizeof(seed)))
1123	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1124	BN_value_one()));
1125	}
1126
1127	static int create_ec_explicit_prime_params_namedcurve(OSSL_PARAM_BLD *bld)
1128	{
1129	static const unsigned char prime256v1_gen[] = {
1130	0x04,
1131	0x6b, 0x17, 0xd1, 0xf2, 0xe1, 0x2c, 0x42, 0x47,
1132	0xf8, 0xbc, 0xe6, 0xe5, 0x63, 0xa4, 0x40, 0xf2,
1133	0x77, 0x03, 0x7d, 0x81, 0x2d, 0xeb, 0x33, 0xa0,
1134	0xf4, 0xa1, 0x39, 0x45, 0xd8, 0x98, 0xc2, 0x96,
1135	0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b,
1136	0x8e, 0xe7, 0xeb, 0x4a, 0x7c, 0x0f, 0x9e, 0x16,
1137	0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce,
1138	0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5
1139	};
1140	return do_create_ec_explicit_prime_params(bld, prime256v1_gen,
1141	sizeof(prime256v1_gen));
1142	}
1143
1144	static int create_ec_explicit_prime_params(OSSL_PARAM_BLD *bld)
1145	{
1146	/* 2G */
1147	static const unsigned char prime256v1_gen2[] = {
1148	0x04,
1149	0xe4, 0x97, 0x08, 0xbe, 0x7d, 0xfa, 0xa2, 0x9a,
1150	0xa3, 0x12, 0x6f, 0xe4, 0xe7, 0xd0, 0x25, 0xe3,
1151	0x4a, 0xc1, 0x03, 0x15, 0x8c, 0xd9, 0x33, 0xc6,
1152	0x97, 0x42, 0xf5, 0xdc, 0x97, 0xb9, 0xd7, 0x31,
1153	0xe9, 0x7d, 0x74, 0x3d, 0x67, 0x6a, 0x3b, 0x21,
1154	0x08, 0x9c, 0x31, 0x73, 0xf8, 0xc1, 0x27, 0xc9,
1155	0xd2, 0xa0, 0xa0, 0x83, 0x66, 0xe0, 0xc9, 0xda,
1156	0xa8, 0xc6, 0x56, 0x2b, 0x94, 0xb1, 0xae, 0x55
1157	};
1158	return do_create_ec_explicit_prime_params(bld, prime256v1_gen2,
1159	sizeof(prime256v1_gen2));
1160	}
1161
1162	# ifndef OPENSSL_NO_EC2M
1163	static int do_create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld,
1164	const unsigned char *gen,
1165	size_t gen_len)
1166	{
1167	BIGNUM a, b, poly, order, *cofactor;
1168	/* sect233k1 characteristic-two-field tpBasis */
1169	static const unsigned char poly_data[] = {
1170	0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1171	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
1172	0x00, 0x00, 0x00, 0x00, 0x00, 0x01,
1173	};
1174	static const unsigned char a_data[] = {
1175	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1176	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1177	0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1178	};
1179	static const unsigned char b_data[] = {
1180	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1181	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1182	0x00, 0x00, 0x00, 0x00, 0x00, 0x01
1183	};
1184	static const unsigned char order_data[] = {
1185	0x00, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1186	0x00, 0x00, 0x00, 0x06, 0x9D, 0x5B, 0xB9, 0x15, 0xBC, 0xD4, 0x6E, 0xFB,
1187	0x1A, 0xD5, 0xF1, 0x73, 0xAB, 0xDF
1188	};
1189	static const unsigned char cofactor_data[]= {
1190	0x4
1191	};
1192	return TEST_ptr(a = BN_CTX_get(bnctx))
1193	&& TEST_ptr(b = BN_CTX_get(bnctx))
1194	&& TEST_ptr(poly = BN_CTX_get(bnctx))
1195	&& TEST_ptr(order = BN_CTX_get(bnctx))
1196	&& TEST_ptr(cofactor = BN_CTX_get(bnctx))
1197	&& TEST_ptr(BN_bin2bn(poly_data, sizeof(poly_data), poly))
1198	&& TEST_ptr(BN_bin2bn(a_data, sizeof(a_data), a))
1199	&& TEST_ptr(BN_bin2bn(b_data, sizeof(b_data), b))
1200	&& TEST_ptr(BN_bin2bn(order_data, sizeof(order_data), order))
1201	&& TEST_ptr(BN_bin2bn(cofactor_data, sizeof(cofactor_data), cofactor))
1202	&& TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld,
1203	OSSL_PKEY_PARAM_EC_FIELD_TYPE,
1204	SN_X9_62_characteristic_two_field, 0))
1205	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, poly))
1206	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a))
1207	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))
1208	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld,
1209	OSSL_PKEY_PARAM_EC_ORDER, order))
1210	&& TEST_true(OSSL_PARAM_BLD_push_octet_string(bld,
1211	OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_len))
1212	&& TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR,
1213	cofactor));
1214	}
1215
1216	static int create_ec_explicit_trinomial_params_namedcurve(OSSL_PARAM_BLD *bld)
1217	{
1218	static const unsigned char gen[] = {
1219	0x04,
1220	0x01, 0x72, 0x32, 0xBA, 0x85, 0x3A, 0x7E, 0x73, 0x1A, 0xF1, 0x29, 0xF2,
1221	0x2F, 0xF4, 0x14, 0x95, 0x63, 0xA4, 0x19, 0xC2, 0x6B, 0xF5, 0x0A, 0x4C,
1222	0x9D, 0x6E, 0xEF, 0xAD, 0x61, 0x26,
1223	0x01, 0xDB, 0x53, 0x7D, 0xEC, 0xE8, 0x19, 0xB7, 0xF7, 0x0F, 0x55, 0x5A,
1224	0x67, 0xC4, 0x27, 0xA8, 0xCD, 0x9B, 0xF1, 0x8A, 0xEB, 0x9B, 0x56, 0xE0,
1225	0xC1, 0x10, 0x56, 0xFA, 0xE6, 0xA3
1226	};
1227	return do_create_ec_explicit_trinomial_params(bld, gen, sizeof(gen));
1228	}
1229
1230	static int create_ec_explicit_trinomial_params(OSSL_PARAM_BLD *bld)
1231	{
1232	static const unsigned char gen2[] = {
1233	0x04,
1234	0x00, 0xd7, 0xba, 0xd0, 0x26, 0x6c, 0x31, 0x6a, 0x78, 0x76, 0x01, 0xd1,
1235	0x32, 0x4b, 0x8f, 0x30, 0x29, 0x2d, 0x78, 0x30, 0xca, 0x43, 0xaa, 0xf0,
1236	0xa2, 0x5a, 0xd4, 0x0f, 0xb3, 0xf4,
1237	0x00, 0x85, 0x4b, 0x1b, 0x8d, 0x50, 0x10, 0xa5, 0x1c, 0x80, 0xf7, 0x86,
1238	0x40, 0x62, 0x4c, 0x87, 0xd1, 0x26, 0x7a, 0x9c, 0x5c, 0xe9, 0x82, 0x29,
1239	0xd1, 0x67, 0x70, 0x41, 0xea, 0xcb
1240	};
1241	return do_create_ec_explicit_trinomial_params(bld, gen2, sizeof(gen2));
1242	}
1243	# endif /* OPENSSL_NO_EC2M */
1244	#endif /* OPENSSL_NO_EC */
1245
1246	typedef enum OPTION_choice {
1247	OPT_ERR = -1,
1248	OPT_EOF = 0,
1249	OPT_CONTEXT,
1250	OPT_RSA_FILE,
1251	OPT_RSA_PSS_FILE,
1252	OPT_CONFIG_FILE,
1253	OPT_PROVIDER_NAME,
1254	OPT_TEST_ENUM
1255	} OPTION_CHOICE;
1256
1257	const OPTIONS *test_get_options(void)
1258	{
1259	static const OPTIONS options[] = {
1260	OPT_TEST_OPTIONS_DEFAULT_USAGE,
1261	{ "context", OPT_CONTEXT, '-',
1262	"Explicitly use a non-default library context" },
1263	{ "rsa", OPT_RSA_FILE, '<',
1264	"PEM format RSA key file to encode/decode" },
1265	{ "pss", OPT_RSA_PSS_FILE, '<',
1266	"PEM format RSA-PSS key file to encode/decode" },
1267	{ "config", OPT_CONFIG_FILE, '<',
1268	"The configuration file to use for the library context" },
1269	{ "provider", OPT_PROVIDER_NAME, 's',
1270	"The provider to load (The default value is 'default')" },
1271	{ NULL }
1272	};
1273	return options;
1274	}
1275
1276	int setup_tests(void)
1277	{
1278	const char *rsa_file = NULL;
1279	const char *rsa_pss_file = NULL;
1280	const char *prov_name = "default";
1281	char *config_file = NULL;
1282	int ok = 1;
1283
1284	#ifndef OPENSSL_NO_DSA
1285	static size_t qbits = 160; /* PVK only tolerates 160 Q bits */
1286	static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
1287	OSSL_PARAM DSA_params[] = {
1288	OSSL_PARAM_size_t("pbits", &pbits),
1289	OSSL_PARAM_size_t("qbits", &qbits),
1290	OSSL_PARAM_END
1291	};
1292	#endif
1293
1294	#ifndef OPENSSL_NO_EC
1295	static char groupname[] = "prime256v1";
1296	OSSL_PARAM EC_params[] = {
1297	OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
1298	OSSL_PARAM_END
1299	};
1300	#endif
1301
1302	OPTION_CHOICE o;
1303
1304	while ((o = opt_next()) != OPT_EOF) {
1305	switch (o) {
1306	case OPT_CONTEXT:
1307	default_libctx = 0;
1308	break;
1309	case OPT_PROVIDER_NAME:
1310	prov_name = opt_arg();
1311	break;
1312	case OPT_CONFIG_FILE:
1313	config_file = opt_arg();
1314	break;
1315	case OPT_RSA_FILE:
1316	rsa_file = opt_arg();
1317	break;
1318	case OPT_RSA_PSS_FILE:
1319	rsa_pss_file = opt_arg();
1320	break;
1321	case OPT_TEST_CASES:
1322	break;
1323	default:
1324	return 0;
1325	}
1326	}
1327
1328	if (strcmp(prov_name, "fips") == 0)
1329	is_fips = 1;
1330
1331	if (default_libctx) {
1332	if (!test_get_libctx(NULL, NULL, config_file, &deflprov, prov_name))
1333	return 0;
1334	} else {
1335	if (!test_get_libctx(&testctx, &nullprov, config_file, &deflprov, prov_name))
1336	return 0;
1337	}
1338
1339	/* FIPS(3.0.0): provider imports explicit params but they won't work #17998 */
1340	is_fips_3_0_0 = fips_provider_version_eq(testctx, 3, 0, 0);
1341	if (is_fips_3_0_0 < 0)
1342	return 0;
1343
1344	#ifdef STATIC_LEGACY
1345	/*
1346	* This test is always statically linked against libcrypto. We must not
1347	* attempt to load legacy.so that might be dynamically linked against
1348	* libcrypto. Instead we use a built-in version of the legacy provider.
1349	*/
1350	if (!OSSL_PROVIDER_add_builtin(testctx, "legacy", ossl_legacy_provider_init))
1351	return 0;
1352	#endif
1353
1354	/* Separate provider/ctx for generating the test data */
1355	if (!TEST_ptr(keyctx = OSSL_LIB_CTX_new()))
1356	return 0;
1357	if (!TEST_ptr(keyprov = OSSL_PROVIDER_load(keyctx, "default")))
1358	return 0;
1359
1360	#ifndef OPENSSL_NO_EC
1361	if (!TEST_ptr(bnctx = BN_CTX_new_ex(testctx))
1362	\|\| !TEST_ptr(bld_prime_nc = OSSL_PARAM_BLD_new())
1363	\|\| !TEST_ptr(bld_prime = OSSL_PARAM_BLD_new())
1364	\|\| !create_ec_explicit_prime_params_namedcurve(bld_prime_nc)
1365	\|\| !create_ec_explicit_prime_params(bld_prime)
1366	\|\| !TEST_ptr(ec_explicit_prime_params_nc = OSSL_PARAM_BLD_to_param(bld_prime_nc))
1367	\|\| !TEST_ptr(ec_explicit_prime_params_explicit = OSSL_PARAM_BLD_to_param(bld_prime))
1368	# ifndef OPENSSL_NO_EC2M
1369	\|\| !TEST_ptr(bld_tri_nc = OSSL_PARAM_BLD_new())
1370	\|\| !TEST_ptr(bld_tri = OSSL_PARAM_BLD_new())
1371	\|\| !create_ec_explicit_trinomial_params_namedcurve(bld_tri_nc)
1372	\|\| !create_ec_explicit_trinomial_params(bld_tri)
1373	\|\| !TEST_ptr(ec_explicit_tri_params_nc = OSSL_PARAM_BLD_to_param(bld_tri_nc))
1374	\|\| !TEST_ptr(ec_explicit_tri_params_explicit = OSSL_PARAM_BLD_to_param(bld_tri))
1375	# endif
1376	)
1377	return 0;
1378	#endif
1379
1380	TEST_info("Generating keys...");
1381
1382	#ifndef OPENSSL_NO_DH
1383	TEST_info("Generating DH keys...");
1384	MAKE_DOMAIN_KEYS(DH, "DH", NULL);
1385	MAKE_DOMAIN_KEYS(DHX, "X9.42 DH", NULL);
1386	#endif
1387	#ifndef OPENSSL_NO_DSA
1388	TEST_info("Generating DSA keys...");
1389	MAKE_DOMAIN_KEYS(DSA, "DSA", DSA_params);
1390	#endif
1391	#ifndef OPENSSL_NO_EC
1392	TEST_info("Generating EC keys...");
1393	MAKE_DOMAIN_KEYS(EC, "EC", EC_params);
1394	MAKE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve, "EC", ec_explicit_prime_params_nc);
1395	MAKE_DOMAIN_KEYS(ECExplicitPrime2G, "EC", ec_explicit_prime_params_explicit);
1396	# ifndef OPENSSL_NO_EC2M
1397	MAKE_DOMAIN_KEYS(ECExplicitTriNamedCurve, "EC", ec_explicit_tri_params_nc);
1398	MAKE_DOMAIN_KEYS(ECExplicitTri2G, "EC", ec_explicit_tri_params_explicit);
1399	# endif
1400	MAKE_KEYS(ED25519, "ED25519", NULL);
1401	MAKE_KEYS(ED448, "ED448", NULL);
1402	MAKE_KEYS(X25519, "X25519", NULL);
1403	MAKE_KEYS(X448, "X448", NULL);
1404	#endif
1405	TEST_info("Loading RSA key...");
1406	ok = ok && TEST_ptr(key_RSA = load_pkey_pem(rsa_file, keyctx));
1407	TEST_info("Loading RSA_PSS key...");
1408	ok = ok && TEST_ptr(key_RSA_PSS = load_pkey_pem(rsa_pss_file, keyctx));
1409	TEST_info("Generating keys done");
1410
1411	if (ok) {
1412	#ifndef OPENSSL_NO_DH
1413	ADD_TEST_SUITE(DH);
1414	ADD_TEST_SUITE_PARAMS(DH);
1415	ADD_TEST_SUITE(DHX);
1416	ADD_TEST_SUITE_PARAMS(DHX);
1417	/*
1418	* DH has no support for PEM_write_bio_PrivateKey_traditional(),
1419	* so no legacy tests.
1420	*/
1421	#endif
1422	#ifndef OPENSSL_NO_DSA
1423	ADD_TEST_SUITE(DSA);
1424	ADD_TEST_SUITE_PARAMS(DSA);
1425	ADD_TEST_SUITE_LEGACY(DSA);
1426	ADD_TEST_SUITE_MSBLOB(DSA);
1427	ADD_TEST_SUITE_UNPROTECTED_PVK(DSA);
1428	# ifndef OPENSSL_NO_RC4
1429	ADD_TEST_SUITE_PROTECTED_PVK(DSA);
1430	# endif
1431	#endif
1432	#ifndef OPENSSL_NO_EC
1433	ADD_TEST_SUITE(EC);
1434	ADD_TEST_SUITE_PARAMS(EC);
1435	ADD_TEST_SUITE_LEGACY(EC);
1436	ADD_TEST_SUITE(ECExplicitPrimeNamedCurve);
1437	ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve);
1438	ADD_TEST_SUITE(ECExplicitPrime2G);
1439	ADD_TEST_SUITE_LEGACY(ECExplicitPrime2G);
1440	# ifndef OPENSSL_NO_EC2M
1441	ADD_TEST_SUITE(ECExplicitTriNamedCurve);
1442	ADD_TEST_SUITE_LEGACY(ECExplicitTriNamedCurve);
1443	ADD_TEST_SUITE(ECExplicitTri2G);
1444	ADD_TEST_SUITE_LEGACY(ECExplicitTri2G);
1445	# endif
1446	ADD_TEST_SUITE(ED25519);
1447	ADD_TEST_SUITE(ED448);
1448	ADD_TEST_SUITE(X25519);
1449	ADD_TEST_SUITE(X448);
1450	/*
1451	* ED25519, ED448, X25519 and X448 have no support for
1452	* PEM_write_bio_PrivateKey_traditional(), so no legacy tests.
1453	*/
1454	#endif
1455	ADD_TEST_SUITE(RSA);
1456	ADD_TEST_SUITE_LEGACY(RSA);
1457	ADD_TEST_SUITE(RSA_PSS);
1458	/*
1459	* RSA-PSS has no support for PEM_write_bio_PrivateKey_traditional(),
1460	* so no legacy tests.
1461	*/
1462	ADD_TEST_SUITE_MSBLOB(RSA);
1463	ADD_TEST_SUITE_UNPROTECTED_PVK(RSA);
1464	# ifndef OPENSSL_NO_RC4
1465	ADD_TEST_SUITE_PROTECTED_PVK(RSA);
1466	# endif
1467	}
1468
1469	return 1;
1470	}
1471
1472	void cleanup_tests(void)
1473	{
1474	#ifndef OPENSSL_NO_EC
1475	OSSL_PARAM_free(ec_explicit_prime_params_nc);
1476	OSSL_PARAM_free(ec_explicit_prime_params_explicit);
1477	OSSL_PARAM_BLD_free(bld_prime_nc);
1478	OSSL_PARAM_BLD_free(bld_prime);
1479	# ifndef OPENSSL_NO_EC2M
1480	OSSL_PARAM_free(ec_explicit_tri_params_nc);
1481	OSSL_PARAM_free(ec_explicit_tri_params_explicit);
1482	OSSL_PARAM_BLD_free(bld_tri_nc);
1483	OSSL_PARAM_BLD_free(bld_tri);
1484	# endif
1485	BN_CTX_free(bnctx);
1486	#endif /* OPENSSL_NO_EC */
1487
1488	#ifndef OPENSSL_NO_DH
1489	FREE_DOMAIN_KEYS(DH);
1490	FREE_DOMAIN_KEYS(DHX);
1491	#endif
1492	#ifndef OPENSSL_NO_DSA
1493	FREE_DOMAIN_KEYS(DSA);
1494	#endif
1495	#ifndef OPENSSL_NO_EC
1496	FREE_DOMAIN_KEYS(EC);
1497	FREE_DOMAIN_KEYS(ECExplicitPrimeNamedCurve);
1498	FREE_DOMAIN_KEYS(ECExplicitPrime2G);
1499	# ifndef OPENSSL_NO_EC2M
1500	FREE_DOMAIN_KEYS(ECExplicitTriNamedCurve);
1501	FREE_DOMAIN_KEYS(ECExplicitTri2G);
1502	# endif
1503	FREE_KEYS(ED25519);
1504	FREE_KEYS(ED448);
1505	FREE_KEYS(X25519);
1506	FREE_KEYS(X448);
1507	#endif
1508	FREE_KEYS(RSA);
1509	FREE_KEYS(RSA_PSS);
1510
1511	OSSL_PROVIDER_unload(nullprov);
1512	OSSL_PROVIDER_unload(deflprov);
1513	OSSL_PROVIDER_unload(keyprov);
1514	OSSL_LIB_CTX_free(testctx);
1515	OSSL_LIB_CTX_free(keyctx);
1516	}

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/libs/openssl-3.1.7/test/endecode_test.c@ 106842

Download in other formats: