#include <tests/unit.h>
#ifdef NO_INLINE
#include <wolfssl/wolfcrypt/misc.h>
#else
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#endif
#include <wolfssl/openssl/evp.h>
#include <wolfssl/openssl/kdf.h>
#include <tests/api/api.h>
#include <tests/api/test_evp_pkey.h>
int test_wolfSSL_EVP_PKEY_CTX_new_id(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_ENGINE* e = NULL;
int id = 0;
EVP_PKEY_CTX *ctx = NULL;
ExpectNotNull(ctx = wolfSSL_EVP_PKEY_CTX_new_id(id, e));
EVP_PKEY_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
int bits = 2048;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, bits),
WOLFSSL_SUCCESS);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_QT_EVP_PKEY_CTX_free(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(OPENSSL_ALL)
EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L
EVP_PKEY_CTX_free(ctx);
#else
ExpectIntEQ(EVP_PKEY_CTX_free(ctx), WOLFSSL_SUCCESS);
#endif
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_up_ref(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL)
EVP_PKEY* pkey;
pkey = EVP_PKEY_new();
ExpectNotNull(pkey);
ExpectIntEQ(EVP_PKEY_up_ref(NULL), 0);
ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
EVP_PKEY_free(pkey);
ExpectIntEQ(EVP_PKEY_up_ref(pkey), 1);
EVP_PKEY_free(pkey);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_base_id(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(NULL), NID_undef);
ExpectIntEQ(wolfSSL_EVP_PKEY_base_id(pkey), EVP_PKEY_RSA);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_id(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_id(NULL), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_id(pkey), EVP_PKEY_RSA);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_MD_pkey_type(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
const WOLFSSL_EVP_MD* md;
#ifndef NO_MD5
ExpectNotNull(md = EVP_md5());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_md5WithRSAEncryption);
#endif
#ifndef NO_SHA
ExpectNotNull(md = EVP_sha1());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha1WithRSAEncryption);
#endif
#ifdef WOLFSSL_SHA224
ExpectNotNull(md = EVP_sha224());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha224WithRSAEncryption);
#endif
ExpectNotNull(md = EVP_sha256());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha256WithRSAEncryption);
#ifdef WOLFSSL_SHA384
ExpectNotNull(md = EVP_sha384());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha384WithRSAEncryption);
#endif
#ifdef WOLFSSL_SHA512
ExpectNotNull(md = EVP_sha512());
ExpectIntEQ(EVP_MD_pkey_type(md), NID_sha512WithRSAEncryption);
#endif
#endif
return EXPECT_RESULT();
}
#ifdef OPENSSL_EXTRA
static int test_hmac_signing(const WOLFSSL_EVP_MD *type, const byte* testKey,
size_t testKeySz, const char* testData, size_t testDataSz,
const byte* testResult, size_t testResultSz)
{
EXPECT_DECLS;
unsigned char check[WC_MAX_DIGEST_SIZE];
size_t checkSz = 0;
WOLFSSL_EVP_PKEY* key = NULL;
WOLFSSL_EVP_MD_CTX mdCtx;
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
testKey, (int)testKeySz));
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)testDataSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, (int)testResultSz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)testDataSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, (int)testResultSz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)testDataSz - 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,(int)testResultSz);
ExpectIntEQ(XMEMCMP(testResult, check, testResultSz), 0);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, type, NULL, key), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4,
(unsigned int)testDataSz - 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, testResult, checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
wolfSSL_EVP_PKEY_free(key);
return EXPECT_RESULT();
}
#endif
int test_wolfSSL_EVP_MD_hmac_signing(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
static const unsigned char testKey[] =
{
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
static const char testData[] = "Hi There";
#ifdef WOLFSSL_SHA224
static const unsigned char testResultSha224[] =
{
0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19,
0x68, 0x32, 0x10, 0x7c, 0xd4, 0x9d, 0xf3, 0x3f,
0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f,
0x53, 0x68, 0x4b, 0x22
};
#endif
#ifndef NO_SHA256
static const unsigned char testResultSha256[] =
{
0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53,
0x5c, 0xa8, 0xaf, 0xce, 0xaf, 0x0b, 0xf1, 0x2b,
0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7,
0x26, 0xe9, 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7
};
#endif
#ifdef WOLFSSL_SHA384
static const unsigned char testResultSha384[] =
{
0xaf, 0xd0, 0x39, 0x44, 0xd8, 0x48, 0x95, 0x62,
0x6b, 0x08, 0x25, 0xf4, 0xab, 0x46, 0x90, 0x7f,
0x15, 0xf9, 0xda, 0xdb, 0xe4, 0x10, 0x1e, 0xc6,
0x82, 0xaa, 0x03, 0x4c, 0x7c, 0xeb, 0xc5, 0x9c,
0xfa, 0xea, 0x9e, 0xa9, 0x07, 0x6e, 0xde, 0x7f,
0x4a, 0xf1, 0x52, 0xe8, 0xb2, 0xfa, 0x9c, 0xb6
};
#endif
#ifdef WOLFSSL_SHA512
static const unsigned char testResultSha512[] =
{
0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d,
0x4f, 0xf0, 0xb4, 0x24, 0x1a, 0x1d, 0x6c, 0xb0,
0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78,
0x7a, 0xd0, 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde,
0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7, 0x02,
0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4,
0xbe, 0x9d, 0x91, 0x4e, 0xeb, 0x61, 0xf1, 0x70,
0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54
};
#endif
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
static const unsigned char testResultSha3_224[] =
{
0x3b, 0x16, 0x54, 0x6b, 0xbc, 0x7b, 0xe2, 0x70,
0x6a, 0x03, 0x1d, 0xca, 0xfd, 0x56, 0x37, 0x3d,
0x98, 0x84, 0x36, 0x76, 0x41, 0xd8, 0xc5, 0x9a,
0xf3, 0xc8, 0x60, 0xf7
};
#endif
#ifndef WOLFSSL_NOSHA3_256
static const unsigned char testResultSha3_256[] =
{
0xba, 0x85, 0x19, 0x23, 0x10, 0xdf, 0xfa, 0x96,
0xe2, 0xa3, 0xa4, 0x0e, 0x69, 0x77, 0x43, 0x51,
0x14, 0x0b, 0xb7, 0x18, 0x5e, 0x12, 0x02, 0xcd,
0xcc, 0x91, 0x75, 0x89, 0xf9, 0x5e, 0x16, 0xbb
};
#endif
#ifndef WOLFSSL_NOSHA3_384
static const unsigned char testResultSha3_384[] =
{
0x68, 0xd2, 0xdc, 0xf7, 0xfd, 0x4d, 0xdd, 0x0a,
0x22, 0x40, 0xc8, 0xa4, 0x37, 0x30, 0x5f, 0x61,
0xfb, 0x73, 0x34, 0xcf, 0xb5, 0xd0, 0x22, 0x6e,
0x1b, 0xc2, 0x7d, 0xc1, 0x0a, 0x2e, 0x72, 0x3a,
0x20, 0xd3, 0x70, 0xb4, 0x77, 0x43, 0x13, 0x0e,
0x26, 0xac, 0x7e, 0x3d, 0x53, 0x28, 0x86, 0xbd
};
#endif
#ifndef WOLFSSL_NOSHA3_512
static const unsigned char testResultSha3_512[] =
{
0xeb, 0x3f, 0xbd, 0x4b, 0x2e, 0xaa, 0xb8, 0xf5,
0xc5, 0x04, 0xbd, 0x3a, 0x41, 0x46, 0x5a, 0xac,
0xec, 0x15, 0x77, 0x0a, 0x7c, 0xab, 0xac, 0x53,
0x1e, 0x48, 0x2f, 0x86, 0x0b, 0x5e, 0xc7, 0xba,
0x47, 0xcc, 0xb2, 0xc6, 0xf2, 0xaf, 0xce, 0x8f,
0x88, 0xd2, 0x2b, 0x6d, 0xc6, 0x13, 0x80, 0xf2,
0x3a, 0x66, 0x8f, 0xd3, 0x88, 0x8b, 0xb8, 0x05,
0x37, 0xc0, 0xa0, 0xb8, 0x64, 0x07, 0x68, 0x9e
};
#endif
#endif
#ifndef NO_SHA256
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha256(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha256,
sizeof(testResultSha256)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA224
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha224(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha224,
sizeof(testResultSha224)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA384
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha384(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha384,
sizeof(testResultSha384)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA512
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha512(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha512,
sizeof(testResultSha512)), TEST_SUCCESS);
#endif
#ifdef WOLFSSL_SHA3
#ifndef WOLFSSL_NOSHA3_224
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_224(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_224,
sizeof(testResultSha3_224)), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_256
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_256(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_256,
sizeof(testResultSha3_256)), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_384
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_384(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_384,
sizeof(testResultSha3_384)), TEST_SUCCESS);
#endif
#ifndef WOLFSSL_NOSHA3_512
ExpectIntEQ(test_hmac_signing(wolfSSL_EVP_sha3_512(), testKey,
sizeof(testKey), testData, XSTRLEN(testData), testResultSha3_512,
sizeof(testResultSha3_512)), TEST_SUCCESS);
#endif
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_new_mac_key(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_EXTRA
static const unsigned char pw[] = "password";
static const int pwSz = sizeof(pw) - 1;
size_t checkPwSz = 0;
const unsigned char* checkPw = NULL;
WOLFSSL_EVP_PKEY* key = NULL;
ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, pw, pwSz));
ExpectNull(key = wolfSSL_EVP_PKEY_new_mac_key(0, NULL, NULL, pwSz));
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw,
pwSz));
if (key != NULL) {
ExpectIntEQ(key->type, EVP_PKEY_HMAC);
ExpectIntEQ(key->save_type, EVP_PKEY_HMAC);
ExpectIntEQ(key->pkey_sz, pwSz);
ExpectIntEQ(XMEMCMP(key->pkey.ptr, pw, pwSz), 0);
}
ExpectNotNull(checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz));
ExpectIntEQ((int)checkPwSz, pwSz);
ExpectIntEQ(XMEMCMP(checkPw, pw, pwSz), 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, pw,
0));
ExpectIntEQ(key->pkey_sz, 0);
if (EXPECT_SUCCESS()) {
checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz);
}
ExpectTrue((checkPwSz == 0) || (checkPw != NULL));
ExpectIntEQ((int)checkPwSz, 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
ExpectNotNull(key = wolfSSL_EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, NULL,
0));
ExpectIntEQ(key->pkey_sz, 0);
if (EXPECT_SUCCESS()) {
checkPw = wolfSSL_EVP_PKEY_get0_hmac(key, &checkPwSz);
}
ExpectTrue((checkPwSz == 0) || (checkPw != NULL));
ExpectIntEQ((int)checkPwSz, 0);
wolfSSL_EVP_PKEY_free(key);
key = NULL;
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_hkdf(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_HKDF)
EVP_PKEY_CTX* ctx = NULL;
byte salt[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
byte key[] = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
byte info[] = {0X01, 0x02, 0x03, 0x04, 0x05};
byte info2[] = {0X06, 0x07, 0x08, 0x09, 0x0A};
byte outKey[34];
size_t outKeySz = sizeof(outKey);
const byte extractAndExpand[] = {
0x8B, 0xEB, 0x90, 0xA9, 0x04, 0xFF, 0x05, 0x10, 0xE4, 0xB5, 0xB1, 0x10,
0x31, 0x34, 0xFF, 0x07, 0x5B, 0xE3, 0xC6, 0x93, 0xD4, 0xF8, 0xC7, 0xEE,
0x96, 0xDA, 0x78, 0x7A, 0xE2, 0x9A, 0x2D, 0x05, 0x4B, 0xF6
};
const byte extractOnly[] = {
0xE7, 0x6B, 0x9E, 0x0F, 0xE4, 0x02, 0x1D, 0x62, 0xEA, 0x97, 0x74, 0x5E,
0xF4, 0x3C, 0x65, 0x4D, 0xC1, 0x46, 0x98, 0xAA, 0x79, 0x9A, 0xCB, 0x9C,
0xCC, 0x3E, 0x7F, 0x2A, 0x2B, 0x41, 0xA1, 0x9E
};
const byte expandOnly[] = {
0xFF, 0x29, 0x29, 0x56, 0x9E, 0xA7, 0x66, 0x02, 0xDB, 0x4F, 0xDB, 0x53,
0x7D, 0x21, 0x67, 0x52, 0xC3, 0x0E, 0xF3, 0xFC, 0x71, 0xCE, 0x67, 0x2B,
0xEA, 0x3B, 0xE9, 0xFC, 0xDD, 0xC8, 0xCC, 0xB7, 0x42, 0x74
};
const byte extractAndExpandAddInfo[] = {
0x5A, 0x74, 0x79, 0x83, 0xA3, 0xA4, 0x2E, 0xB7, 0xD4, 0x08, 0xC2, 0x6A,
0x2F, 0xA5, 0xE3, 0x4E, 0xF1, 0xF4, 0x87, 0x3E, 0xA6, 0xC7, 0x88, 0x45,
0xD7, 0xE2, 0x15, 0xBC, 0xB8, 0x10, 0xEF, 0x6C, 0x4D, 0x7A
};
ExpectNotNull((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL)));
ExpectIntEQ(EVP_PKEY_derive_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(NULL, EVP_sha256()),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set_hkdf_md(ctx, EVP_sha256()), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(NULL, salt, sizeof(salt)),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, NULL, sizeof(salt)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, -1),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_salt(ctx, salt, sizeof(salt)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(NULL, key, sizeof(key)),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, NULL, sizeof(key)),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, 0),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, -1),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_set1_hkdf_key(ctx, key, sizeof(key)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(NULL, info, sizeof(info)),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, NULL, sizeof(info)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, 0), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, -1),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info, sizeof(info)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(NULL, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(extractAndExpand));
ExpectIntEQ(XMEMCMP(outKey, extractAndExpand, outKeySz), 0);
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXTRACT_ONLY),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(extractOnly));
ExpectIntEQ(XMEMCMP(outKey, extractOnly, outKeySz), 0);
outKeySz = sizeof(outKey);
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(expandOnly));
ExpectIntEQ(XMEMCMP(outKey, expandOnly, outKeySz), 0);
outKeySz = sizeof(outKey);
ExpectIntEQ(EVP_PKEY_CTX_add1_hkdf_info(ctx, info2, sizeof(info2)),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_hkdf_mode(ctx,
EVP_PKEY_HKDEF_MODE_EXTRACT_AND_EXPAND), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_derive(ctx, outKey, &outKeySz), WOLFSSL_SUCCESS);
ExpectIntEQ(outKeySz, sizeof(extractAndExpandAddInfo));
ExpectIntEQ(XMEMCMP(outKey, extractAndExpandAddInfo, outKeySz), 0);
EVP_PKEY_CTX_free(ctx);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PBE_scrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_SCRYPT) && defined(HAVE_PBKDF2) && \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION < 5))
#if !defined(NO_PWDBASED) && !defined(NO_SHA256)
int ret;
const char pwd[] = {'p','a','s','s','w','o','r','d'};
int pwdlen = sizeof(pwd);
const byte salt[] = {'N','a','C','l'};
int saltlen = sizeof(salt);
byte key[80];
word64 numOvr32 = (word64)INT32_MAX + 1;
const byte expectedKey[] = {
0xAE, 0xC6, 0xB7, 0x48, 0x3E, 0xD2, 0x6E, 0x08, 0x80, 0x2B,
0x41, 0xF4, 0x03, 0x20, 0x86, 0xA0, 0xE8, 0x86, 0xBE, 0x7A,
0xC4, 0x8F, 0xCF, 0xD9, 0x2F, 0xF0, 0xCE, 0xF8, 0x10, 0x97,
0x52, 0xF4, 0xAC, 0x74, 0xB0, 0x77, 0x26, 0x32, 0x56, 0xA6,
0x5A, 0x99, 0x70, 0x1B, 0x7A, 0x30, 0x4D, 0x46, 0x61, 0x1C,
0x8A, 0xA3, 0x91, 0xE7, 0x99, 0xCE, 0x10, 0xA2, 0x77, 0x53,
0xE7, 0xE9, 0xC0, 0x9A};
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 0, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 3, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 0, 1, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 0, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 0);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 9, 1, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, NULL, 64);
ExpectIntEQ(ret, 1);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, numOvr32, 1, 0,
key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 2, 1, numOvr32, 0,
key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 0, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1);
ret = EVP_PBE_scrypt(pwd, pwdlen, NULL, 4, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(NULL, 0, salt, saltlen, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1);
ret = EVP_PBE_scrypt(NULL, 4, salt, saltlen, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 0);
ret = EVP_PBE_scrypt(NULL, 0, NULL, 0, 2, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1);
ret = EVP_PBE_scrypt(pwd, pwdlen, salt, saltlen, 16, 1, 1, 0, key, 64);
ExpectIntEQ(ret, 1);
ret = XMEMCMP(expectedKey, key, sizeof(expectedKey));
ExpectIntEQ(ret, 0);
#endif
#endif
return EXPECT_RESULT();
}
int test_EVP_PKEY_cmp(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
EVP_PKEY *a = NULL;
EVP_PKEY *b = NULL;
const unsigned char *in;
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
in = client_key_der_2048;
ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
in = client_key_der_2048;
ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
#else
ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif
EVP_PKEY_free(b);
b = NULL;
EVP_PKEY_free(a);
a = NULL;
#endif
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
in = ecc_clikey_der_256;
ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
in = ecc_clikey_der_256;
ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(a, b), 1);
#else
ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif
EVP_PKEY_free(b);
b = NULL;
EVP_PKEY_free(a);
a = NULL;
#endif
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048) && \
defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
in = client_key_der_2048;
ExpectNotNull(a = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL,
&in, (long)sizeof_client_key_der_2048));
in = ecc_clikey_der_256;
ExpectNotNull(b = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL,
&in, (long)sizeof_ecc_clikey_der_256));
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(a, b), -1);
#else
ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
#endif
EVP_PKEY_free(b);
b = NULL;
EVP_PKEY_free(a);
a = NULL;
#endif
a = EVP_PKEY_new();
b = EVP_PKEY_new();
#if defined(WOLFSSL_ERROR_CODE_OPENSSL)
ExpectIntEQ(EVP_PKEY_cmp(NULL, NULL), 0);
ExpectIntEQ(EVP_PKEY_cmp(a, NULL), 0);
ExpectIntEQ(EVP_PKEY_cmp(NULL, b), 0);
#ifdef NO_RSA
ExpectIntEQ(EVP_PKEY_cmp(a, b), -2);
#else
ExpectIntEQ(EVP_PKEY_cmp(a, b), 0);
#endif
#else
ExpectIntNE(EVP_PKEY_cmp(NULL, NULL), 0);
ExpectIntNE(EVP_PKEY_cmp(a, NULL), 0);
ExpectIntNE(EVP_PKEY_cmp(NULL, b), 0);
ExpectIntNE(EVP_PKEY_cmp(a, b), 0);
#endif
EVP_PKEY_free(b);
EVP_PKEY_free(a);
(void)in;
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_set1_get1_DSA(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined (NO_DSA) && !defined(HAVE_SELFTEST) && \
!defined(WC_FIPS_186_5_PLUS) && defined(WOLFSSL_KEY_GEN)
DSA *dsa = NULL;
DSA *setDsa = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY *set1Pkey = NULL;
SHA_CTX sha;
byte signature[DSA_SIG_SIZE];
byte hash[WC_SHA_DIGEST_SIZE];
word32 bytes;
int answer;
#ifdef USE_CERT_BUFFERS_1024
const unsigned char* dsaKeyDer = dsa_key_der_1024;
int dsaKeySz = sizeof_dsa_key_der_1024;
byte tmp[ONEK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
bytes = dsaKeySz;
#elif defined(USE_CERT_BUFFERS_2048)
const unsigned char* dsaKeyDer = dsa_key_der_2048;
int dsaKeySz = sizeof_dsa_key_der_2048;
byte tmp[TWOK_BUF];
XMEMSET(tmp, 0, sizeof(tmp));
XMEMCPY(tmp, dsaKeyDer , dsaKeySz);
bytes = (word32)dsaKeySz;
#else
byte tmp[TWOK_BUF];
const unsigned char* dsaKeyDer = (const unsigned char*)tmp;
int dsaKeySz;
XFILE fp = XBADFILE;
XMEMSET(tmp, 0, sizeof(tmp));
ExpectTrue((fp = XFOPEN("./certs/dsa2048.der", "rb")) != XBADFILE);
ExpectIntGT(dsaKeySz = bytes = (word32) XFREAD(tmp, 1, sizeof(tmp), fp), 0);
if (fp != XBADFILE)
XFCLOSE(fp);
#endif
ExpectIntEQ(SHA1_Init(&sha), WOLFSSL_SUCCESS);
ExpectIntEQ(SHA1_Update(&sha, tmp, bytes), WOLFSSL_SUCCESS);
ExpectIntEQ(SHA1_Final(hash,&sha), WOLFSSL_SUCCESS);
ExpectNotNull(d2i_PrivateKey(EVP_PKEY_DSA, &pkey, &dsaKeyDer,
(long)dsaKeySz));
ExpectNull(dsa = EVP_PKEY_get0_DSA(NULL));
ExpectNull(dsa = EVP_PKEY_get1_DSA(NULL));
ExpectNotNull(dsa = EVP_PKEY_get0_DSA(pkey));
ExpectNotNull(dsa = EVP_PKEY_get1_DSA(pkey));
#ifdef USE_CERT_BUFFERS_1024
ExpectIntEQ(DSA_bits(dsa), 1024);
#else
ExpectIntEQ(DSA_bits(dsa), 2048);
#endif
ExpectIntEQ(wolfSSL_DSA_do_sign(hash, signature, dsa), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_DSA_do_verify(hash, signature, dsa, &answer),
WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
set1Pkey = EVP_PKEY_new();
ExpectIntNE(wolfSSL_DSA_do_verify(hash,signature,setDsa,&answer),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_set1_DSA(set1Pkey, dsa), WOLFSSL_SUCCESS);
DSA_free(dsa);
DSA_free(setDsa);
EVP_PKEY_free(pkey);
EVP_PKEY_free(set1Pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_set1_get1_EC_KEY(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(OPENSSL_ALL)
WOLFSSL_EC_KEY* ecKey = NULL;
WOLFSSL_EC_KEY* ecGet1 = NULL;
EVP_PKEY* pkey = NULL;
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(NULL, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
ExpectNull(wolfSSL_EVP_PKEY_get1_EC_KEY(NULL));
ExpectNotNull(ecGet1 = wolfSSL_EVP_PKEY_get1_EC_KEY(pkey));
wolfSSL_EC_KEY_free(ecKey);
wolfSSL_EC_KEY_free(ecGet1);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_get0_EC_KEY(void)
{
EXPECT_DECLS;
#if defined(HAVE_ECC) && defined(OPENSSL_ALL)
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNull(EVP_PKEY_get0_EC_KEY(NULL));
ExpectNotNull(pkey = EVP_PKEY_new());
ExpectNull(EVP_PKEY_get0_EC_KEY(pkey));
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_set1_get1_DH(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH *dh = NULL;
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
const char* dh2048 = "./certs/dh2048.der";
long len = 0;
int code = -1;
XMEMSET(buf, 0, sizeof(buf));
ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(setDh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectIntEQ(wolfSSL_DH_check(setDh, &code), WOLFSSL_SUCCESS);
ExpectIntEQ(code, 0);
code = -1;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
ExpectNotNull(dh = wolfSSL_EVP_PKEY_get1_DH(pkey));
ExpectIntEQ(wolfSSL_DH_check(dh, &code), WOLFSSL_SUCCESS);
ExpectIntEQ(code, 0);
EVP_PKEY_free(pkey);
DH_free(setDh);
setDh = NULL;
DH_free(dh);
dh = NULL;
#endif
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_assign(void)
{
EXPECT_DECLS;
#if (!defined(NO_RSA) || !defined(NO_DSA) || defined(HAVE_ECC)) && \
defined(OPENSSL_ALL)
int type;
WOLFSSL_EVP_PKEY* pkey = NULL;
#ifndef NO_RSA
WOLFSSL_RSA* rsa = NULL;
#endif
#ifndef NO_DSA
WOLFSSL_DSA* dsa = NULL;
#endif
#ifdef HAVE_ECC
WOLFSSL_EC_KEY* ecKey = NULL;
#endif
#ifndef NO_RSA
type = EVP_PKEY_RSA;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(rsa = wolfSSL_RSA_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, rsa),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, rsa),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, rsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_RSA_free(rsa);
}
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#ifndef NO_DSA
type = EVP_PKEY_DSA;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dsa = wolfSSL_DSA_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, dsa),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, dsa),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, dsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_DSA_free(dsa);
}
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#ifdef HAVE_ECC
type = EVP_PKEY_EC;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(NULL, type, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, -1, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_assign(pkey, type, ecKey), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_EC_KEY_free(ecKey);
}
wolfSSL_EVP_PKEY_free(pkey);
pkey = NULL;
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_assign_DH(void)
{
EXPECT_DECLS;
#if !defined(NO_DH) && defined(OPENSSL_ALL) && (!defined(HAVE_FIPS) || \
(defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION > 2)))
XFILE f = XBADFILE;
unsigned char buf[4096];
const unsigned char* pt = buf;
const char* params1 = "./certs/dh2048.der";
long len = 0;
WOLFSSL_DH* dh = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
XMEMSET(buf, 0, sizeof(buf));
ExpectTrue((f = XFOPEN(params1, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(dh = wolfSSL_d2i_DHparams(NULL, &pt, len));
ExpectIntEQ(DH_generate_key(dh), WOLFSSL_SUCCESS);
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, dh),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(NULL, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EVP_PKEY_assign_DH(pkey, dh), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_DH_free(dh);
}
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_EVP_PKEY_rsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA)
WOLFSSL_RSA* rsa = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(rsa = wolfSSL_RSA_new());
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(EVP_PKEY_assign_RSA(NULL, rsa),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_RSA_free(rsa);
}
ExpectPtrEq(EVP_PKEY_get0_RSA(pkey), rsa);
wolfSSL_EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_EVP_PKEY_ec(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_EC_KEY* ecKey = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(ecKey = wolfSSL_EC_KEY_new());
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(NULL, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, NULL),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectIntEQ(wolfSSL_EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
wolfSSL_EC_KEY_free(ecKey);
}
wolfSSL_EVP_PKEY_free(pkey);
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_missing_parameters(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_WOLFSSL_STUB)
WOLFSSL_EVP_PKEY* pkey = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(pkey), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_missing_parameters(NULL), 0);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_copy_parameters(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_DH) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST) && defined(WOLFSSL_DH_EXTRA) && \
(defined(OPENSSL_ALL) || defined(WOLFSSL_QT)) && !defined(NO_FILESYSTEM)
WOLFSSL_EVP_PKEY* params = NULL;
WOLFSSL_EVP_PKEY* copy = NULL;
DH* dh = NULL;
BIGNUM* p1;
BIGNUM* g1;
BIGNUM* q1;
BIGNUM* p2;
BIGNUM* g2;
BIGNUM* q2;
ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dh = DH_get_2048_256());
ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
DH_get0_pqg(dh, (const BIGNUM**)&p1,
(const BIGNUM**)&q1,
(const BIGNUM**)&g1);
DH_free(dh);
dh = NULL;
ExpectNotNull(copy = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dh = DH_generate_parameters(2048, 2, NULL, NULL));
ExpectIntEQ(EVP_PKEY_set1_DH(copy, dh), WOLFSSL_SUCCESS);
DH_free(dh);
dh = NULL;
ExpectIntEQ(EVP_PKEY_copy_parameters(copy, params), WOLFSSL_SUCCESS);
ExpectNotNull(dh = EVP_PKEY_get1_DH(copy));
ExpectNotNull(dh->p);
ExpectNotNull(dh->g);
ExpectNotNull(dh->q);
DH_get0_pqg(dh, (const BIGNUM**)&p2,
(const BIGNUM**)&q2,
(const BIGNUM**)&g2);
ExpectIntEQ(BN_cmp(p1, p2), 0);
ExpectIntEQ(BN_cmp(q1, q2), 0);
ExpectIntEQ(BN_cmp(g1, g2), 0);
DH_free(dh);
dh = NULL;
EVP_PKEY_free(copy);
EVP_PKEY_free(params);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_paramgen(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) && !defined(NO_ECC_SECP) && \
((!defined(NO_ECC256) || defined(HAVE_ALL_CURVES)) && \
ECC_MIN_KEY_SZ <= 256)
EVP_PKEY_CTX* ctx = NULL;
EVP_PKEY* pkey = NULL;
ExpectIntEQ(EVP_PKEY_paramgen(NULL, &pkey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
ExpectIntEQ(EVP_PKEY_paramgen(ctx, NULL), WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
#ifndef NO_RSA
EVP_PKEY_CTX_free(ctx);
ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
#endif
#ifdef HAVE_ECC
EVP_PKEY_CTX_free(ctx);
ExpectNotNull(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL));
ExpectIntEQ(EVP_PKEY_paramgen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(ctx,
NID_X9_62_prime256v1), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_paramgen(ctx, &pkey), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_ec_param_enc(ctx, OPENSSL_EC_NAMED_CURVE),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
#endif
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_param_check(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT)
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) && !defined(NO_FILESYSTEM)
DH *dh = NULL;
DH *setDh = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
FILE* f = NULL;
unsigned char buf[512];
const unsigned char* pt = buf;
const char* dh2048 = "./certs/dh2048.der";
long len = 0;
int code = -1;
XMEMSET(buf, 0, sizeof(buf));
ExpectTrue((f = XFOPEN(dh2048, "rb")) != XBADFILE);
ExpectTrue((len = (long)XFREAD(buf, 1, sizeof(buf), f)) > 0);
if (f != XBADFILE)
XFCLOSE(f);
ExpectNotNull(setDh = d2i_DHparams(NULL, &pt, len));
ExpectIntEQ(DH_check(setDh, &code), WOLFSSL_SUCCESS);
ExpectIntEQ(code, 0);
code = -1;
pkey = wolfSSL_EVP_PKEY_new();
ExpectIntEQ(EVP_PKEY_set1_DH(pkey, setDh), WOLFSSL_SUCCESS);
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_param_check(ctx), 1);
ExpectIntEQ(EVP_PKEY_param_check(NULL), 0);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
DH_free(setDh);
setDh = NULL;
DH_free(dh);
dh = NULL;
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_keygen_init(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen_init(NULL), WOLFSSL_SUCCESS);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_keygen(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_EVP_PKEY* pkey = NULL;
EVP_PKEY_CTX* ctx = NULL;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
WOLFSSL_EVP_PKEY* params = NULL;
DH* dh = NULL;
const BIGNUM* pubkey = NULL;
const BIGNUM* privkey = NULL;
ASN1_INTEGER* asn1int = NULL;
unsigned int length = 0;
byte* derBuffer = NULL;
#endif
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, &pkey), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, NULL), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(NULL, NULL), 0);
ExpectIntEQ(wolfSSL_EVP_PKEY_keygen(ctx, &pkey), 0);
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
#if !defined(NO_DH) && (!defined(HAVE_FIPS) || FIPS_VERSION_GT(2,0))
{
ExpectNotNull(params = wolfSSL_EVP_PKEY_new());
ExpectNotNull(dh = DH_get_2048_256());
ExpectIntEQ(EVP_PKEY_set1_DH(params, dh), WOLFSSL_SUCCESS);
ExpectNotNull(ctx = EVP_PKEY_CTX_new(params, NULL));
ExpectIntEQ(EVP_PKEY_keygen_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_keygen(ctx, &pkey), WOLFSSL_SUCCESS);
DH_free(dh);
dh = NULL;
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(params);
ExpectNotNull(dh = EVP_PKEY_get1_DH(pkey));
DH_get0_key(dh, &pubkey, &privkey);
ExpectNotNull(pubkey);
ExpectNotNull(privkey);
ExpectNotNull(asn1int = BN_to_ASN1_INTEGER(pubkey, NULL));
ExpectIntGT((length = i2d_ASN1_INTEGER(asn1int, &derBuffer)), 0);
ASN1_INTEGER_free(asn1int);
DH_free(dh);
dh = NULL;
XFREE(derBuffer, NULL, DYNAMIC_TYPE_TMP_BUFFER);
EVP_PKEY_free(pkey);
}
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_SignInit_ex(void)
{
EXPECT_DECLS;
#ifdef OPENSSL_ALL
WOLFSSL_EVP_MD_CTX mdCtx;
WOLFSSL_ENGINE* e = 0;
const EVP_MD* md = EVP_sha256();
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_SignInit_ex(&mdCtx, md, e), WOLFSSL_SUCCESS);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_cleanup(&mdCtx), 1);
#endif
return EXPECT_RESULT();
}
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#endif
#endif
#endif
#if defined(OPENSSL_EXTRA)
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
#ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#endif
#endif
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
#ifndef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#define TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
#endif
#endif
#endif
#ifdef TEST_WOLFSSL_EVP_PKEY_SIGN_VERIFY
static int test_wolfSSL_EVP_PKEY_sign_verify(int keyType)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_RSA* rsa = NULL;
#endif
#endif
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
WOLFSSL_DSA* dsa = NULL;
#endif
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
WOLFSSL_EC_KEY* ecKey = NULL;
#endif
#endif
WOLFSSL_EVP_PKEY* pkey = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx_verify = NULL;
const char* in = "What is easy to do is easy not to do.";
size_t inlen = XSTRLEN(in);
byte hash[SHA256_DIGEST_LENGTH] = {0};
byte zero[SHA256_DIGEST_LENGTH] = {0};
SHA256_CTX c;
byte* sig = NULL;
byte* sigVerify = NULL;
size_t siglen;
size_t siglenOnlyLen;
size_t keySz = 2048/8;
ExpectNotNull(sig =
(byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
ExpectNotNull(sigVerify =
(byte*)XMALLOC(keySz, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER));
siglen = keySz;
ExpectNotNull(XMEMSET(sig, 0, keySz));
ExpectNotNull(XMEMSET(sigVerify, 0, keySz));
SHA256_Init(&c);
SHA256_Update(&c, in, inlen);
SHA256_Final(hash, &c);
#ifdef WOLFSSL_SMALL_STACK_CACHE
wc_Sha256Free((wc_Sha256*)&c);
#endif
ExpectNotNull(pkey = EVP_PKEY_new());
switch (keyType) {
case EVP_PKEY_RSA:
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
{
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
}
#endif
#endif
break;
case EVP_PKEY_DSA:
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
ExpectNotNull(dsa = DSA_new());
ExpectIntEQ(DSA_generate_parameters_ex(dsa, 2048,
NULL, 0, NULL, NULL, NULL), 1);
ExpectIntEQ(DSA_generate_key(dsa), 1);
ExpectIntEQ(EVP_PKEY_set1_DSA(pkey, dsa), WOLFSSL_SUCCESS);
#endif
break;
case EVP_PKEY_EC:
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
{
ExpectNotNull(ecKey = EC_KEY_new());
ExpectIntEQ(EC_KEY_generate_key(ecKey), 1);
ExpectIntEQ(
EVP_PKEY_assign_EC_KEY(pkey, ecKey), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
EC_KEY_free(ecKey);
}
}
#endif
#endif
break;
}
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
if (keyType == EVP_PKEY_RSA)
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
#endif
#endif
ExpectIntEQ(EVP_PKEY_sign(ctx, NULL, &siglenOnlyLen, hash,
SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
ExpectIntGT(siglenOnlyLen, 0);
ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, hash,
SHA256_DIGEST_LENGTH), WOLFSSL_SUCCESS);
ExpectIntGE(siglenOnlyLen, siglen);
ExpectNotNull(ctx_verify = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
if (keyType == EVP_PKEY_RSA)
ExpectIntEQ(
EVP_PKEY_CTX_set_rsa_padding(ctx_verify, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
#endif
#endif
ExpectIntEQ(EVP_PKEY_verify(
ctx_verify, sig, siglen, hash, SHA256_DIGEST_LENGTH),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_verify(
ctx_verify, sig, siglen, zero, SHA256_DIGEST_LENGTH),
WC_NO_ERR_TRACE(WOLFSSL_FAILURE));
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
if (keyType == EVP_PKEY_RSA) {
#if defined(WC_RSA_NO_PADDING) || defined(WC_RSA_DIRECT)
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
siglen), WOLFSSL_SUCCESS);
ExpectIntGE(siglenOnlyLen, siglen);
ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_NO_PADDING), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
siglen), WOLFSSL_SUCCESS);
#endif
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx,
RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_sign(ctx, sigVerify, &siglen, sig,
siglen), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_verify_init(ctx_verify), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_PKCS1_OAEP_PADDING), WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_verify(ctx_verify, sigVerify, siglen, sig,
siglen), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx_verify,
RSA_PKCS1_PADDING), WOLFSSL_SUCCESS);
}
#endif
#endif
siglen = keySz;
ExpectIntNE(EVP_PKEY_sign_init(NULL), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign_init(ctx), WOLFSSL_SUCCESS);
ExpectIntNE(EVP_PKEY_sign(NULL, sig, &siglen, (byte*)in, inlen),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_sign(ctx, sig, &siglen, (byte*)in, inlen),
WOLFSSL_SUCCESS);
EVP_PKEY_free(pkey);
pkey = NULL;
#if !defined (NO_DSA) && !defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
DSA_free(dsa);
dsa = NULL;
#endif
EVP_PKEY_CTX_free(ctx_verify);
ctx_verify = NULL;
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
XFREE(sig, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(sigVerify, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return EXPECT_RESULT();
}
#endif
int test_wolfSSL_EVP_PKEY_sign_verify_rsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN) && \
!defined(HAVE_SELFTEST)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_RSA), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_sign_verify_dsa(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA)
#if !defined (NO_DSA) && !defined(WC_FIPS_186_5_PLUS) && \
!defined(HAVE_SELFTEST) && defined(WOLFSSL_KEY_GEN)
ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_DSA), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_sign_verify_ec(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
#if !defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION>2))
ExpectIntEQ(test_wolfSSL_EVP_PKEY_sign_verify(EVP_PKEY_EC), TEST_SUCCESS);
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_MD_rsa_signing(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(USE_CERT_BUFFERS_2048)
WOLFSSL_EVP_PKEY* privKey = NULL;
WOLFSSL_EVP_PKEY* pubKey = NULL;
WOLFSSL_EVP_PKEY_CTX* keyCtx = NULL;
const char testData[] = "Hi There";
WOLFSSL_EVP_MD_CTX mdCtx;
WOLFSSL_EVP_MD_CTX mdCtxCopy;
int ret;
size_t checkSz = -1;
int sz = 2048 / 8;
const unsigned char* cp;
const unsigned char* p;
unsigned char check[2048/8];
size_t i;
int paddings[] = {
RSA_PKCS1_PADDING,
#if !defined(HAVE_FIPS) && !defined(HAVE_SELFTEST) && defined(WC_RSA_PSS)
RSA_PKCS1_PSS_PADDING,
#endif
};
cp = client_key_der_2048;
ExpectNotNull((privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_RSA, NULL, &cp,
sizeof_client_key_der_2048)));
p = client_keypub_der_2048;
ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p,
sizeof_client_keypub_der_2048)));
wolfSSL_EVP_MD_CTX_init(&mdCtx);
wolfSSL_EVP_MD_CTX_init(&mdCtxCopy);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,sz);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
ExpectIntEQ(wolfSSL_EVP_MD_CTX_copy_ex(&mdCtxCopy, &mdCtx), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtxCopy);
ExpectIntEQ(ret, 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
for (i = 0; i < sizeof(paddings)/sizeof(int); i++) {
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, &keyCtx,
wolfSSL_EVP_sha256(), NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx,
paddings[i]), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
ExpectIntEQ((int)checkSz, sz);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ((int)checkSz,sz);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, &keyCtx,
wolfSSL_EVP_sha256(), NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_PKEY_CTX_set_rsa_padding(keyCtx,
paddings[i]), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
}
wolfSSL_EVP_PKEY_free(pubKey);
wolfSSL_EVP_PKEY_free(privKey);
#endif
return EXPECT_RESULT();
}
int test_wc_RsaPSS_DigitalSignVerify(void)
{
EXPECT_DECLS;
#if (!defined(HAVE_FIPS) || (defined(HAVE_FIPS_VERSION) && \
(HAVE_FIPS_VERSION > 2))) && \
(!defined(HAVE_SELFTEST) || (defined(HAVE_SELFTEST_VERSION) && \
(HAVE_SELFTEST_VERSION > 2))) && \
!defined(NO_RSA) && defined(WC_RSA_PSS) && defined(OPENSSL_EXTRA) && \
defined(WOLFSSL_KEY_GEN) && defined(WC_RSA_NO_PADDING) && \
!defined(NO_SHA256)
const unsigned char test_digest[32] = {
0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03,
0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01,
0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09
};
const unsigned int digest_len = sizeof(test_digest);
EVP_PKEY_CTX *pkctx = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *sign_ctx = NULL;
EVP_PKEY_CTX *verify_ctx = NULL;
unsigned char signature[256+MAX_DER_DIGEST_ASN_SZ] = {0};
size_t signature_len = sizeof(signature);
int modulus_bits = 2048;
ExpectNotNull(pkctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL));
ExpectIntEQ(EVP_PKEY_keygen_init(pkctx), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_keygen_bits(pkctx, modulus_bits), 1);
ExpectIntEQ(EVP_PKEY_keygen(pkctx, &pkey), 1);
ExpectNotNull(sign_ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_sign_init(sign_ctx), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(sign_ctx, RSA_PKCS1_PSS_PADDING),
1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_pss_saltlen(sign_ctx, 32), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_mgf1_md(sign_ctx, EVP_sha256()), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_signature_md(sign_ctx, EVP_sha256()), 1);
ExpectIntEQ(EVP_PKEY_sign(sign_ctx, signature, &signature_len, test_digest,
digest_len), 1);
ExpectIntGT((int)signature_len, 0);
ExpectNotNull(verify_ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_verify_init(verify_ctx), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(verify_ctx, RSA_PKCS1_PSS_PADDING),
1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_pss_saltlen(verify_ctx, 32), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_mgf1_md(verify_ctx, EVP_sha256()), 1);
ExpectIntEQ(EVP_PKEY_CTX_set_signature_md(verify_ctx, EVP_sha256()), 1);
ExpectIntEQ(EVP_PKEY_verify(verify_ctx, signature, signature_len,
test_digest, digest_len), 1);
{
const unsigned char wrong_digest[32] = {
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06,
0x07, 0x08, 0x09, 0x00, 0x01, 0x02, 0x03, 0x04,
0x05, 0x06, 0x07, 0x08, 0x09, 0x00, 0x01, 0x02
};
ExpectIntNE(EVP_PKEY_verify(verify_ctx, signature, signature_len,
wrong_digest, digest_len), 1);
}
if (verify_ctx)
EVP_PKEY_CTX_free(verify_ctx);
if (sign_ctx)
EVP_PKEY_CTX_free(sign_ctx);
if (pkey)
EVP_PKEY_free(pkey);
if (pkctx)
EVP_PKEY_CTX_free(pkctx);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_MD_ecc_signing(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
WOLFSSL_EVP_PKEY* privKey = NULL;
WOLFSSL_EVP_PKEY* pubKey = NULL;
const char testData[] = "Hi There";
WOLFSSL_EVP_MD_CTX mdCtx;
int ret;
const unsigned char* cp;
const unsigned char* p;
unsigned char check[2048/8];
size_t checkSz = sizeof(check);
XMEMSET(check, 0, sizeof(check));
cp = ecc_clikey_der_256;
ExpectNotNull(privKey = wolfSSL_d2i_PrivateKey(EVP_PKEY_EC, NULL, &cp,
sizeof_ecc_clikey_der_256));
p = ecc_clikeypub_der_256;
ExpectNotNull((pubKey = wolfSSL_d2i_PUBKEY(NULL, &p,
sizeof_ecc_clikeypub_der_256)));
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData,
(unsigned int)XSTRLEN(testData)),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestSignInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, privKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData, 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, NULL, &checkSz), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ExpectIntEQ(wolfSSL_EVP_DigestSignUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4), 1);
checkSz = sizeof(check);
ExpectIntEQ(wolfSSL_EVP_DigestSignFinal(&mdCtx, check, &checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_MD_CTX_init(&mdCtx);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyInit(&mdCtx, NULL, wolfSSL_EVP_sha256(),
NULL, pubKey), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData, 4), 1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyUpdate(&mdCtx, testData + 4,
(unsigned int)XSTRLEN(testData) - 4),
1);
ExpectIntEQ(wolfSSL_EVP_DigestVerifyFinal(&mdCtx, check, checkSz), 1);
ret = wolfSSL_EVP_MD_CTX_cleanup(&mdCtx);
ExpectIntEQ(ret, 1);
wolfSSL_EVP_PKEY_free(pubKey);
wolfSSL_EVP_PKEY_free(privKey);
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_encrypt(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_RSA) && defined(WOLFSSL_KEY_GEN)
WOLFSSL_RSA* rsa = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
WOLFSSL_EVP_PKEY_CTX* ctx = NULL;
const char* in = "What is easy to do is easy not to do.";
size_t inlen = XSTRLEN(in);
size_t outEncLen = 0;
byte* outEnc = NULL;
byte* outDec = NULL;
size_t outDecLen = 0;
size_t rsaKeySz = 2048/8;
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
byte* inTmp = NULL;
byte* outEncTmp = NULL;
byte* outDecTmp = NULL;
#endif
ExpectNotNull(outEnc = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outEnc != NULL) {
XMEMSET(outEnc, 0, rsaKeySz);
}
ExpectNotNull(outDec = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outDec != NULL) {
XMEMSET(outDec, 0, rsaKeySz);
}
ExpectNotNull(rsa = RSA_generate_key(2048, 3, NULL, NULL));
ExpectNotNull(pkey = wolfSSL_EVP_PKEY_new());
ExpectIntEQ(EVP_PKEY_assign_RSA(pkey, rsa), WOLFSSL_SUCCESS);
if (EXPECT_FAIL()) {
RSA_free(rsa);
}
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(pkey->ref.count, 2);
EVP_PKEY_free(pkey);
ExpectIntEQ(pkey->ref.count, 1);
ExpectIntEQ(EVP_PKEY_encrypt(ctx, NULL, &outEncLen,
(const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
ExpectIntEQ(rsaKeySz, outEncLen);
ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEnc, &outEncLen,
(const unsigned char*)in, inlen), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_decrypt(ctx, NULL, &outDecLen, outEnc, outEncLen),
WOLFSSL_SUCCESS);
ExpectIntEQ(rsaKeySz, outDecLen);
ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDec, &outDecLen, outEnc, outEncLen),
WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(in, outDec, outDecLen), 0);
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
ExpectNotNull(inTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (inTmp != NULL) {
XMEMSET(inTmp, 9, rsaKeySz);
}
ExpectNotNull(outEncTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outEncTmp != NULL) {
XMEMSET(outEncTmp, 0, rsaKeySz);
}
ExpectNotNull(outDecTmp = (byte*)XMALLOC(rsaKeySz, HEAP_HINT,
DYNAMIC_TYPE_TMP_BUFFER));
if (outDecTmp != NULL) {
XMEMSET(outDecTmp, 0, rsaKeySz);
}
ExpectIntEQ(EVP_PKEY_encrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_NO_PADDING),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_encrypt(ctx, outEncTmp, &outEncLen, inTmp, rsaKeySz),
WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_decrypt_init(ctx), WOLFSSL_SUCCESS);
ExpectIntEQ(EVP_PKEY_decrypt(ctx, outDecTmp, &outDecLen, outEncTmp,
outEncLen), WOLFSSL_SUCCESS);
ExpectIntEQ(XMEMCMP(inTmp, outDecTmp, outDecLen), 0);
#endif
EVP_PKEY_CTX_free(ctx);
XFREE(outEnc, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outDec, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#if !defined(HAVE_FIPS) && defined(WC_RSA_NO_PADDING)
XFREE(inTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outEncTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(outDecTmp, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_derive(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_ALL) || defined(WOLFSSL_QT) || defined(WOLFSSL_OPENSSH)
#if (!defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)) || defined(HAVE_ECC)
EVP_PKEY_CTX *ctx = NULL;
unsigned char *skey = NULL;
size_t skeylen;
EVP_PKEY *pkey = NULL;
EVP_PKEY *peerkey = NULL;
const unsigned char* key;
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
key = dh_key_der_2048;
ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
sizeof_dh_key_der_2048)));
ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(pkey)), 1);
key = dh_key_der_2048;
ExpectNotNull((peerkey = d2i_PrivateKey(EVP_PKEY_DH, NULL, &key,
sizeof_dh_key_der_2048)));
ExpectIntEQ(DH_generate_key(EVP_PKEY_get0_DH(peerkey)), 1);
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
DYNAMIC_TYPE_OPENSSL));
ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
EVP_PKEY_free(peerkey);
peerkey = NULL;
EVP_PKEY_free(pkey);
pkey = NULL;
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
skey = NULL;
#endif
#ifdef HAVE_ECC
key = ecc_clikey_der_256;
ExpectNotNull((pkey = d2i_PrivateKey(EVP_PKEY_EC, NULL, &key,
sizeof_ecc_clikey_der_256)));
key = ecc_clikeypub_der_256;
ExpectNotNull((peerkey = d2i_PUBKEY(NULL, &key,
sizeof_ecc_clikeypub_der_256)));
ExpectNotNull(ctx = EVP_PKEY_CTX_new(pkey, NULL));
ExpectIntEQ(EVP_PKEY_derive_init(ctx), 1);
ExpectIntEQ(EVP_PKEY_derive_set_peer(ctx, peerkey), 1);
ExpectIntEQ(EVP_PKEY_derive(ctx, NULL, &skeylen), 1);
ExpectNotNull(skey = (unsigned char*)XMALLOC(skeylen, NULL,
DYNAMIC_TYPE_OPENSSL));
ExpectIntEQ(EVP_PKEY_derive(ctx, skey, &skeylen), 1);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(peerkey);
EVP_PKEY_free(pkey);
XFREE(skey, NULL, DYNAMIC_TYPE_OPENSSL);
#endif
#endif
#endif
return EXPECT_RESULT();
}
int test_wolfSSL_EVP_PKEY_print_public(void)
{
EXPECT_DECLS;
#if defined(OPENSSL_EXTRA) && !defined(NO_BIO)
WOLFSSL_BIO* rbio = NULL;
WOLFSSL_BIO* wbio = NULL;
WOLFSSL_EVP_PKEY* pkey = NULL;
char line[256] = { 0 };
char line1[256] = { 0 };
int i = 0;
ExpectIntEQ( EVP_PKEY_print_public(NULL,NULL,0,NULL),0L);
#if !defined(NO_RSA) && defined(USE_CERT_BUFFERS_1024)
ExpectNotNull(rbio = BIO_new_mem_buf( client_keypub_der_1024,
sizeof_client_keypub_der_1024));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,3,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " RSA Public-Key: (1024 bit)\n");
ExpectIntEQ(XSTRNCMP(line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " Modulus:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 8 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, " Exponent: 65537 (0x010001)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif
#if !defined(NO_DSA) && defined(USE_CERT_BUFFERS_2048)
ExpectNotNull(rbio = BIO_new_mem_buf( dsa_pub_key_der_2048,
sizeof_dsa_pub_key_der_2048));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "DSA Public-Key: (2048 bit)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "pub:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 00:C2:35:2D:EC:83:83:6C:73:13:9E:52:7C:74:C8:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 17 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "P:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 18 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "Q:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 3 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "G:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 18 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif
#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)
ExpectNotNull(rbio = BIO_new_mem_buf( ecc_clikeypub_der_256,
sizeof_ecc_clikeypub_der_256));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL),1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
ExpectStrEQ(line, "Public-Key: (256 bit)\n");
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "pub:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 04:55:BF:F4:0F:44:50:9A:3D:CE:9B:B7:F0:C5:4D:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 4 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "ASN1 OID: prime256v1\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "NIST CURVE: P-256\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif
#if defined(WOLFSSL_DH_EXTRA) && defined(USE_CERT_BUFFERS_2048)
ExpectNotNull(rbio = BIO_new_mem_buf( dh_pub_key_der_2048,
sizeof_dh_pub_key_der_2048));
ExpectNotNull(wolfSSL_d2i_PUBKEY_bio(rbio, &pkey));
ExpectNotNull(wbio = BIO_new(BIO_s_mem()));
ExpectIntEQ(EVP_PKEY_print_public(wbio, pkey,0,NULL), 1);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "DH Public-Key: (2048 bit)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "public-key:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 34:41:BF:E9:F2:11:BF:05:DB:B2:72:A8:29:CC:BD:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 17 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "prime:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1,
" 00:D3:B2:99:84:5C:0A:4C:E7:37:CC:FC:18:37:01:\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
for (i = 0; i < 17 ;i++) {
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
}
ExpectIntGT(BIO_gets(wbio, line, sizeof(line)), 0);
strcpy(line1, "generator: 2 (0x02)\n");
ExpectIntEQ(XSTRNCMP( line, line1, XSTRLEN(line1)), 0);
ExpectIntLE(BIO_gets(wbio, line, sizeof(line)), 0);
EVP_PKEY_free(pkey);
pkey = NULL;
BIO_free(rbio);
BIO_free(wbio);
rbio = NULL;
wbio = NULL;
#endif
(void)pkey;
(void)wbio;
(void)rbio;
(void)line;
(void)line1;
(void)i;
#endif
return EXPECT_RESULT();
}