Add regress coverage for DH and for DSA parameters

author: tb <> 2023-08-11 22:50:44 +0000
committer: tb <> 2023-08-11 22:50:44 +0000
commit: dc545d973cd674616909f2370a243a5ca42d85d1 (patch)
tree: dc7387125a03a975a928ddaf878a7be4d34bedbe
parent: 1972ef43f23b3e408404c5fcdcb93ff497daaa3d (diff)
download: openbsd-dc545d973cd674616909f2370a243a5ca42d85d1.tar.gz
openbsd-dc545d973cd674616909f2370a243a5ca42d85d1.tar.bz2
openbsd-dc545d973cd674616909f2370a243a5ca42d85d1.zip
1 files changed, 267 insertions, 2 deletions
diff --git a/src/regress/lib/libcrypto/asn1/asn1x509.c b/src/regress/lib/libcrypto/asn1/asn1x509.c
index 4d689aa7d2..972b8290f2 100644
--- a/src/regress/lib/libcrypto/asn1/asn1x509.c
+++ b/src/regress/lib/libcrypto/asn1/asn1x509.c
@@ -1,6 +1,7 @@
-/* $OpenBSD: asn1x509.c,v 1.4 2023/02/13 09:50:47 tb Exp $ */
+/* $OpenBSD: asn1x509.c,v 1.5 2023/08/11 22:50:44 tb Exp $ */
 /*
 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
+ * Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
@@ -72,6 +73,20 @@ unsigned char dsa_test_asn1_pubkey[] = {
        0x43, 0x86, 0x13, 0x9d, 0x22,
 };
+const unsigned char dsa_test_asn1_pubkey_noparams[] = {
+        0x30, 0x51, 0x30, 0x09, 0x06, 0x07, 0x2a, 0x86,
+        0x48, 0xce, 0x38, 0x04, 0x01, 0x03, 0x44, 0x00,
+        0x02, 0x41, 0x00, 0x80, 0xd1, 0xb7, 0x4a, 0xd0,
+        0x18, 0x6a, 0xc5, 0x09, 0x12, 0x78, 0x3b, 0x7f,
+        0x48, 0xaa, 0x57, 0xf6, 0xef, 0x22, 0x0e, 0xe8,
+        0x6a, 0xb5, 0xa6, 0x96, 0xc4, 0x5a, 0xfb, 0x2f,
+        0xcf, 0x86, 0x12, 0x21, 0x9b, 0x06, 0xd3, 0x6b,
+        0xe5, 0x06, 0x5c, 0xd5, 0x22, 0x15, 0x0b, 0x7e,
+        0xd3, 0x67, 0x92, 0x93, 0x79, 0xf4, 0xc1, 0x6d,
+        0x22, 0x3c, 0x7c, 0x46, 0xc6, 0xc4, 0x43, 0x86,
+        0x13, 0x9d, 0x22,
+};
 const char *ec_test_key =
    "-----BEGIN EC PRIVATE KEY-----\n"
    "MHcCAQEEIEDkF84aPdBNu4vbPE+QV3EP9ULp4Enr1N0lz4vzuc2boAoGCCqGSM49\n"
@@ -121,6 +136,94 @@ unsigned char rsa_test_asn1_pubkey[] = {
        0x87, 0x02, 0x03, 0x01, 0x00, 0x01,
 };
+const char dh_test_key[] =
+        "-----BEGIN PRIVATE KEY-----\n"
+        "MIICJgIBADCCARcGCSqGSIb3DQEDATCCAQgCggEBAIXmHiRswMxVCnVzq4GuaErl\n"
+        "2fBPDquOzFaxd/YSN7tVxnz3wcMNfBsHZWqtAXxTBWeyt8ydHcrIWx4EB3XTSwSi\n"
+        "Jqh3CEcFhDfqKdo/u7vffxG+43lEsvZZIzZHYMcYsHIpcERRoAu0xnqjHUQTkvoi\n"
+        "w7ukbuWr28bJrncPaxFGC8zZvLhSnUst5yzdyAsIddQvHgYBdCn2UEbz6qBx8gvJ\n"
+        "lb3Jv1BiVJJ0odL94vpNXRGNZ57PPm5Xlj/n8l8LHpzzxbtjc52MVYbMPpVuWzmv\n"
+        "2nWV0eL14708S/XG6e2AWGKb8AX8hCitdtVQ28SbEsf8Yd1dyWNo++oedFvU49sC\n"
+        "AQIEggEEAoIBAGywTP/vBwEeuWIgTPnBf1/jWQgfFA5no3HdRIQsHVgo2EEZHErS\n"
+        "X82hALavaUTEu+pHu+/yv3BLPr/8Lau6O7LOiqeXMjYX4HtSNmLZIEjugd1aCyCp\n"
+        "n+jZjIHQCG0fvnwWFqkKTADe4n4DUz5qxuHYmlFY4NsdMj5yARAh9mn7hqwYX+Mf\n"
+        "WhHLhHIHngXKNs7vKdHH/guo638uL6dv6OuTS0wbBsjLMFvQvccVlVUWlUFkH6I8\n"
+        "GFt8kAFLdrzz8+oMq3hHsoWIrDSp0GYq6keSu3pBj4q2mTP7ugUU8ag/dZnga5sB\n"
+        "Mdt2hicktiw/mQZP578plm6z2Lg0gl5yLxk=\n"
+        "-----END PRIVATE KEY-----\n";
+const unsigned char dh_test_asn1_pubkey[] = {
+        0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17,
+        0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+        0x01, 0x03, 0x01, 0x30, 0x82, 0x01, 0x08, 0x02,
+        0x82, 0x01, 0x01, 0x00, 0x85, 0xe6, 0x1e, 0x24,
+        0x6c, 0xc0, 0xcc, 0x55, 0x0a, 0x75, 0x73, 0xab,
+        0x81, 0xae, 0x68, 0x4a, 0xe5, 0xd9, 0xf0, 0x4f,
+        0x0e, 0xab, 0x8e, 0xcc, 0x56, 0xb1, 0x77, 0xf6,
+        0x12, 0x37, 0xbb, 0x55, 0xc6, 0x7c, 0xf7, 0xc1,
+        0xc3, 0x0d, 0x7c, 0x1b, 0x07, 0x65, 0x6a, 0xad,
+        0x01, 0x7c, 0x53, 0x05, 0x67, 0xb2, 0xb7, 0xcc,
+        0x9d, 0x1d, 0xca, 0xc8, 0x5b, 0x1e, 0x04, 0x07,
+        0x75, 0xd3, 0x4b, 0x04, 0xa2, 0x26, 0xa8, 0x77,
+        0x08, 0x47, 0x05, 0x84, 0x37, 0xea, 0x29, 0xda,
+        0x3f, 0xbb, 0xbb, 0xdf, 0x7f, 0x11, 0xbe, 0xe3,
+        0x79, 0x44, 0xb2, 0xf6, 0x59, 0x23, 0x36, 0x47,
+        0x60, 0xc7, 0x18, 0xb0, 0x72, 0x29, 0x70, 0x44,
+        0x51, 0xa0, 0x0b, 0xb4, 0xc6, 0x7a, 0xa3, 0x1d,
+        0x44, 0x13, 0x92, 0xfa, 0x22, 0xc3, 0xbb, 0xa4,
+        0x6e, 0xe5, 0xab, 0xdb, 0xc6, 0xc9, 0xae, 0x77,
+        0x0f, 0x6b, 0x11, 0x46, 0x0b, 0xcc, 0xd9, 0xbc,
+        0xb8, 0x52, 0x9d, 0x4b, 0x2d, 0xe7, 0x2c, 0xdd,
+        0xc8, 0x0b, 0x08, 0x75, 0xd4, 0x2f, 0x1e, 0x06,
+        0x01, 0x74, 0x29, 0xf6, 0x50, 0x46, 0xf3, 0xea,
+        0xa0, 0x71, 0xf2, 0x0b, 0xc9, 0x95, 0xbd, 0xc9,
+        0xbf, 0x50, 0x62, 0x54, 0x92, 0x74, 0xa1, 0xd2,
+        0xfd, 0xe2, 0xfa, 0x4d, 0x5d, 0x11, 0x8d, 0x67,
+        0x9e, 0xcf, 0x3e, 0x6e, 0x57, 0x96, 0x3f, 0xe7,
+        0xf2, 0x5f, 0x0b, 0x1e, 0x9c, 0xf3, 0xc5, 0xbb,
+        0x63, 0x73, 0x9d, 0x8c, 0x55, 0x86, 0xcc, 0x3e,
+        0x95, 0x6e, 0x5b, 0x39, 0xaf, 0xda, 0x75, 0x95,
+        0xd1, 0xe2, 0xf5, 0xe3, 0xbd, 0x3c, 0x4b, 0xf5,
+        0xc6, 0xe9, 0xed, 0x80, 0x58, 0x62, 0x9b, 0xf0,
+        0x05, 0xfc, 0x84, 0x28, 0xad, 0x76, 0xd5, 0x50,
+        0xdb, 0xc4, 0x9b, 0x12, 0xc7, 0xfc, 0x61, 0xdd,
+        0x5d, 0xc9, 0x63, 0x68, 0xfb, 0xea, 0x1e, 0x74,
+        0x5b, 0xd4, 0xe3, 0xdb, 0x02, 0x01, 0x02, 0x03,
+        0x82, 0x01, 0x05, 0x00, 0x02, 0x82, 0x01, 0x00,
+        0x44, 0x30, 0x25, 0xe2, 0xeb, 0x8f, 0xd0, 0x81,
+        0x96, 0x3e, 0x7d, 0x1d, 0x9b, 0x82, 0x8a, 0x2d,
+        0x0f, 0xb3, 0x2d, 0x9c, 0x2b, 0xb2, 0x88, 0xda,
+        0xc6, 0xef, 0x6c, 0x9d, 0x1c, 0x80, 0xf1, 0xee,
+        0x9d, 0x6b, 0x31, 0xb7, 0xb1, 0x9f, 0x30, 0x0d,
+        0xb7, 0x92, 0xcf, 0x56, 0xeb, 0xfc, 0x91, 0x16,
+        0x35, 0x96, 0x0c, 0x7b, 0x95, 0xbc, 0x65, 0x66,
+        0x10, 0x81, 0x4b, 0x46, 0x04, 0xee, 0x95, 0xca,
+        0xc9, 0x0c, 0xea, 0xc1, 0xd7, 0x3b, 0x83, 0xfb,
+        0xce, 0x76, 0x17, 0xb4, 0x15, 0xad, 0x03, 0xd0,
+        0x00, 0xef, 0xb2, 0xee, 0x12, 0x3f, 0x75, 0xd1,
+        0xb8, 0x6c, 0xfd, 0x87, 0xb5, 0x07, 0xfa, 0x1e,
+        0x60, 0x9b, 0x49, 0x6f, 0x89, 0xc2, 0x75, 0x4d,
+        0x7d, 0x21, 0xdb, 0xb6, 0x85, 0x78, 0xa5, 0x77,
+        0xbe, 0xeb, 0x4d, 0x9e, 0x1c, 0x05, 0xbc, 0x51,
+        0x97, 0x0f, 0xe9, 0x68, 0x78, 0x5a, 0xc8, 0x4e,
+        0xef, 0x72, 0x8f, 0x53, 0x41, 0x0d, 0x57, 0xf2,
+        0xc5, 0x29, 0x33, 0x67, 0xdd, 0x35, 0x43, 0xfc,
+        0x13, 0x49, 0x92, 0x1d, 0x14, 0x92, 0x40, 0x14,
+        0x38, 0x32, 0xdb, 0x14, 0x95, 0x44, 0x2a, 0x03,
+        0xb7, 0x87, 0xa3, 0x5a, 0x5a, 0xe2, 0x3b, 0xc5,
+        0x44, 0xa4, 0x06, 0xf6, 0x14, 0xe6, 0x08, 0x9c,
+        0x51, 0x09, 0x2a, 0xc4, 0x2e, 0x72, 0xb3, 0x20,
+        0x46, 0x77, 0xe2, 0xda, 0x07, 0xd8, 0x10, 0x89,
+        0xcf, 0x2b, 0xef, 0x67, 0xa2, 0x48, 0xfd, 0xa3,
+        0x71, 0x59, 0xf0, 0x89, 0x3a, 0x35, 0x31, 0x87,
+        0xad, 0x45, 0x9e, 0x35, 0xbd, 0x64, 0xec, 0xd1,
+        0xd7, 0xea, 0x92, 0xed, 0x72, 0x9c, 0x81, 0x8e,
+        0x11, 0x4e, 0xa5, 0xe7, 0x12, 0xe3, 0x7c, 0x53,
+        0x2b, 0x31, 0xd4, 0x3d, 0xd5, 0xd9, 0xbd, 0x44,
+        0x27, 0xa3, 0x4a, 0x3f, 0x20, 0x87, 0xce, 0x73,
+        0x0e, 0xa8, 0x90, 0xcd, 0xfe, 0x32, 0x69, 0x9a,
+};
 static void
 hexdump(const unsigned char *buf, size_t len)
 {
@@ -153,6 +256,93 @@ compare_data(const char *label, const unsigned char *d1, size_t d1_len,
 }
 static int
+dh_pubkey_test(void)
+{
+        EVP_PKEY *pkey = NULL;
+        EVP_PKEY *pkey_a = NULL, *pkey_b = NULL;
+        unsigned char *out = NULL, *data = NULL;
+        DH *dh_a = NULL, *dh_b = NULL;
+        const unsigned char *p;
+        BIO *bio_mem = NULL;
+        int failure = 1;
+        int len;
+        ERR_clear_error();
+        if ((bio_mem = BIO_new_mem_buf(dh_test_key, -1)) == NULL)
+                errx(1, "failed to create BIO");
+        if ((pkey = PEM_read_bio_PrivateKey(bio_mem, NULL, NULL, NULL)) == NULL) {
+                ERR_print_errors_fp(stderr);
+                errx(1, "failed to decode DH key from PEM");
+        }
+        /*
+         * Test PEM_write_bio_PrivateKey().
+         */
+        BIO_free_all(bio_mem);
+        if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
+                errx(1, "BIO_new failed for BIO_s_mem");
+        if (!PEM_write_bio_PrivateKey(bio_mem, pkey, NULL, NULL, 0, 0, NULL)) {
+                fprintf(stderr, "FAIL: PEM_write_bio_PrivateKey failed\n");
+                goto done;
+        }
+        len = BIO_get_mem_data(bio_mem, &data);
+        if (compare_data("DH PrivateKey", data, len,
+            dh_test_key, sizeof(dh_test_key) - 1) == -1)
+                goto done;
+        /*
+         * Test i2d_PUBKEY/d2i_PUBKEY.
+         */
+        if ((dh_a = EVP_PKEY_get1_DH(pkey)) == NULL) {
+                ERR_print_errors_fp(stderr);
+                errx(1, "failed to get1 DH key from PEM");
+        }
+        if ((pkey_a = EVP_PKEY_new()) == NULL)
+                errx(1, "failed to create EVP_PKEY");
+        if (!EVP_PKEY_set1_DH(pkey_a, dh_a))
+                errx(1, "failed to set DH on EVP_PKEY");
+        if ((len = i2d_PUBKEY(pkey_a, &out)) < 0) {
+                fprintf(stderr, "FAIL: i2d_PUBKEY failed\n");
+                goto done;
+        }
+        if (compare_data("DH PUBKEY", out, len, dh_test_asn1_pubkey,
+            sizeof(dh_test_asn1_pubkey)) == -1)
+                goto done;
+        p = out;
+        if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
+                fprintf(stderr, "FAIL: d2i_PUBKEY failed\n");
+                goto done;
+        }
+        if (BN_cmp(DH_get0_pub_key(EVP_PKEY_get0_DH(pkey_a)),
+            DH_get0_pub_key(EVP_PKEY_get0_DH(pkey_b))) != 0) {
+                fprintf(stderr, "FAIL: DH public keys mismatch\n");
+                goto done;
+        }
+        failure = 0;
+ done:
+        BIO_free_all(bio_mem);
+        EVP_PKEY_free(pkey);
+        DH_free(dh_a);
+        DH_free(dh_b);
+        EVP_PKEY_free(pkey_a);
+        EVP_PKEY_free(pkey_b);
+        free(out);
+        return failure;
+}
+static int
 dsa_pubkey_test(void)
 {
        EVP_PKEY *pkey_a = NULL, *pkey_b = NULL;
@@ -161,7 +351,7 @@ dsa_pubkey_test(void)
        const unsigned char *p;
        BIO *bio_mem = NULL;
        int failure = 1;
-        int len;
+        int len, ret;
        ERR_clear_error();
@@ -201,6 +391,80 @@ dsa_pubkey_test(void)
                goto done;
        }
+        if (EVP_PKEY_missing_parameters(pkey_b)) {
+                fprintf(stderr, "FAIL: DSA pkey_b has missing parameters\n");
+                goto done;
+        }
+        if (!EVP_PKEY_cmp_parameters(pkey_a, pkey_b)) {
+                fprintf(stderr, "FAIL: DSA parameters mismatch\n");
+                goto done;
+        }
+        /*
+         * Check save_parameters defaults - EVP_PKEY_save_parameters() returns
+         * the current save_parameters; mode -1 inspects without setting.
+         */
+        if ((ret = EVP_PKEY_save_parameters(pkey_b, 0)) != 1) {
+                fprintf(stderr, "FAIL: DSA save_parameters want 1, got %d\n", ret);
+                goto done;
+        }
+        if ((ret = EVP_PKEY_save_parameters(pkey_b, -1)) != 0) {
+                fprintf(stderr, "FAIL: DSA save_parameters want 0, got %d\n", ret);
+                goto done;
+        }
+        free(out);
+        out = NULL;
+        if ((len = i2d_PUBKEY(pkey_b, &out)) < 0) {
+                fprintf(stderr, "FAIL: i2d_PUBKEY (no params) failed\n");
+                goto done;
+        }
+        if (compare_data("PUBKEY (no params)", dsa_test_asn1_pubkey_noparams,
+            sizeof(dsa_test_asn1_pubkey_noparams), out, len) == -1)
+                goto done;
+        EVP_PKEY_free(pkey_b);
+        p = out;
+        if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
+                fprintf(stderr, "FAIL: d2i_PUBKEY (no params) failed\n");
+                goto done;
+        }
+        if (!EVP_PKEY_missing_parameters(pkey_b)) {
+                fprintf(stderr, "FAIL: DSA pkey_b has no missing parameters\n");
+                goto done;
+        }
+        if (BN_cmp(DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_a)),
+            DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_b))) != 0) {
+                fprintf(stderr, "FAIL: DSA public keys mismatch\n");
+                goto done;
+        }
+        if (EVP_PKEY_cmp_parameters(pkey_a, pkey_b)) {
+                fprintf(stderr, "FAIL: DSA parameters match\n");
+                goto done;
+        }
+        if (EVP_PKEY_cmp(pkey_a, pkey_b)) {
+                fprintf(stderr, "FAIL: DSA keys should not match\n");
+                goto done;
+        }
+        if (!EVP_PKEY_copy_parameters(pkey_b, pkey_a)) {
+                fprintf(stderr, "FAIL: failed to copy DSA parameters\n");
+                goto done;
+        }
+        if (!EVP_PKEY_cmp(pkey_a, pkey_b)) {
+                fprintf(stderr, "FAIL: DSA keys should match\n");
+                goto done;
+        }
        free(out);
        out = NULL;
@@ -569,6 +833,7 @@ main(int argc, char **argv)
        ERR_load_crypto_strings();
+        failed |= dh_pubkey_test();
        failed |= dsa_pubkey_test();
        failed |= ec_pubkey_test();
        failed |= rsa_pubkey_test();
author	tb <>	2023-08-11 22:50:44 +0000
committer	tb <>	2023-08-11 22:50:44 +0000
commit	dc545d973cd674616909f2370a243a5ca42d85d1 (patch)
tree	dc7387125a03a975a928ddaf878a7be4d34bedbe
parent	1972ef43f23b3e408404c5fcdcb93ff497daaa3d (diff)
download	openbsd-dc545d973cd674616909f2370a243a5ca42d85d1.tar.gz openbsd-dc545d973cd674616909f2370a243a5ca42d85d1.tar.bz2 openbsd-dc545d973cd674616909f2370a243a5ca42d85d1.zip

diff --git a/src/regress/lib/libcrypto/asn1/asn1x509.c b/src/regress/lib/libcrypto/asn1/asn1x509.c index 4d689aa7d2..972b8290f2 100644 --- a/src/regress/lib/libcrypto/asn1/asn1x509.c +++ b/src/regress/lib/libcrypto/asn1/asn1x509.c
@@ -1,6 +1,7 @@
1	/* $OpenBSD: asn1x509.c,v 1.4 2023/02/13 09:50:47 tb Exp $ */	1	/* $OpenBSD: asn1x509.c,v 1.5 2023/08/11 22:50:44 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>	3	* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
		4	* Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
4	*	5	*
5	* Permission to use, copy, modify, and distribute this software for any	6	* Permission to use, copy, modify, and distribute this software for any
6	* purpose with or without fee is hereby granted, provided that the above	7	* purpose with or without fee is hereby granted, provided that the above
@@ -72,6 +73,20 @@ unsigned char dsa_test_asn1_pubkey[] = {
72	0x43, 0x86, 0x13, 0x9d, 0x22,	73	0x43, 0x86, 0x13, 0x9d, 0x22,
73	};	74	};
74		75
		76	const unsigned char dsa_test_asn1_pubkey_noparams[] = {
		77	0x30, 0x51, 0x30, 0x09, 0x06, 0x07, 0x2a, 0x86,
		78	0x48, 0xce, 0x38, 0x04, 0x01, 0x03, 0x44, 0x00,
		79	0x02, 0x41, 0x00, 0x80, 0xd1, 0xb7, 0x4a, 0xd0,
		80	0x18, 0x6a, 0xc5, 0x09, 0x12, 0x78, 0x3b, 0x7f,
		81	0x48, 0xaa, 0x57, 0xf6, 0xef, 0x22, 0x0e, 0xe8,
		82	0x6a, 0xb5, 0xa6, 0x96, 0xc4, 0x5a, 0xfb, 0x2f,
		83	0xcf, 0x86, 0x12, 0x21, 0x9b, 0x06, 0xd3, 0x6b,
		84	0xe5, 0x06, 0x5c, 0xd5, 0x22, 0x15, 0x0b, 0x7e,
		85	0xd3, 0x67, 0x92, 0x93, 0x79, 0xf4, 0xc1, 0x6d,
		86	0x22, 0x3c, 0x7c, 0x46, 0xc6, 0xc4, 0x43, 0x86,
		87	0x13, 0x9d, 0x22,
		88	};
		89
75	const char *ec_test_key =	90	const char *ec_test_key =
76	"-----BEGIN EC PRIVATE KEY-----\n"	91	"-----BEGIN EC PRIVATE KEY-----\n"
77	"MHcCAQEEIEDkF84aPdBNu4vbPE+QV3EP9ULp4Enr1N0lz4vzuc2boAoGCCqGSM49\n"	92	"MHcCAQEEIEDkF84aPdBNu4vbPE+QV3EP9ULp4Enr1N0lz4vzuc2boAoGCCqGSM49\n"
@@ -121,6 +136,94 @@ unsigned char rsa_test_asn1_pubkey[] = {
121	0x87, 0x02, 0x03, 0x01, 0x00, 0x01,	136	0x87, 0x02, 0x03, 0x01, 0x00, 0x01,
122	};	137	};
123		138
		139	const char dh_test_key[] =
		140	"-----BEGIN PRIVATE KEY-----\n"
		141	"MIICJgIBADCCARcGCSqGSIb3DQEDATCCAQgCggEBAIXmHiRswMxVCnVzq4GuaErl\n"
		142	"2fBPDquOzFaxd/YSN7tVxnz3wcMNfBsHZWqtAXxTBWeyt8ydHcrIWx4EB3XTSwSi\n"
		143	"Jqh3CEcFhDfqKdo/u7vffxG+43lEsvZZIzZHYMcYsHIpcERRoAu0xnqjHUQTkvoi\n"
		144	"w7ukbuWr28bJrncPaxFGC8zZvLhSnUst5yzdyAsIddQvHgYBdCn2UEbz6qBx8gvJ\n"
		145	"lb3Jv1BiVJJ0odL94vpNXRGNZ57PPm5Xlj/n8l8LHpzzxbtjc52MVYbMPpVuWzmv\n"
		146	"2nWV0eL14708S/XG6e2AWGKb8AX8hCitdtVQ28SbEsf8Yd1dyWNo++oedFvU49sC\n"
		147	"AQIEggEEAoIBAGywTP/vBwEeuWIgTPnBf1/jWQgfFA5no3HdRIQsHVgo2EEZHErS\n"
		148	"X82hALavaUTEu+pHu+/yv3BLPr/8Lau6O7LOiqeXMjYX4HtSNmLZIEjugd1aCyCp\n"
		149	"n+jZjIHQCG0fvnwWFqkKTADe4n4DUz5qxuHYmlFY4NsdMj5yARAh9mn7hqwYX+Mf\n"
		150	"WhHLhHIHngXKNs7vKdHH/guo638uL6dv6OuTS0wbBsjLMFvQvccVlVUWlUFkH6I8\n"
		151	"GFt8kAFLdrzz8+oMq3hHsoWIrDSp0GYq6keSu3pBj4q2mTP7ugUU8ag/dZnga5sB\n"
		152	"Mdt2hicktiw/mQZP578plm6z2Lg0gl5yLxk=\n"
		153	"-----END PRIVATE KEY-----\n";
		154
		155	const unsigned char dh_test_asn1_pubkey[] = {
		156	0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17,
		157	0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
		158	0x01, 0x03, 0x01, 0x30, 0x82, 0x01, 0x08, 0x02,
		159	0x82, 0x01, 0x01, 0x00, 0x85, 0xe6, 0x1e, 0x24,
		160	0x6c, 0xc0, 0xcc, 0x55, 0x0a, 0x75, 0x73, 0xab,
		161	0x81, 0xae, 0x68, 0x4a, 0xe5, 0xd9, 0xf0, 0x4f,
		162	0x0e, 0xab, 0x8e, 0xcc, 0x56, 0xb1, 0x77, 0xf6,
		163	0x12, 0x37, 0xbb, 0x55, 0xc6, 0x7c, 0xf7, 0xc1,
		164	0xc3, 0x0d, 0x7c, 0x1b, 0x07, 0x65, 0x6a, 0xad,
		165	0x01, 0x7c, 0x53, 0x05, 0x67, 0xb2, 0xb7, 0xcc,
		166	0x9d, 0x1d, 0xca, 0xc8, 0x5b, 0x1e, 0x04, 0x07,
		167	0x75, 0xd3, 0x4b, 0x04, 0xa2, 0x26, 0xa8, 0x77,
		168	0x08, 0x47, 0x05, 0x84, 0x37, 0xea, 0x29, 0xda,
		169	0x3f, 0xbb, 0xbb, 0xdf, 0x7f, 0x11, 0xbe, 0xe3,
		170	0x79, 0x44, 0xb2, 0xf6, 0x59, 0x23, 0x36, 0x47,
		171	0x60, 0xc7, 0x18, 0xb0, 0x72, 0x29, 0x70, 0x44,
		172	0x51, 0xa0, 0x0b, 0xb4, 0xc6, 0x7a, 0xa3, 0x1d,
		173	0x44, 0x13, 0x92, 0xfa, 0x22, 0xc3, 0xbb, 0xa4,
		174	0x6e, 0xe5, 0xab, 0xdb, 0xc6, 0xc9, 0xae, 0x77,
		175	0x0f, 0x6b, 0x11, 0x46, 0x0b, 0xcc, 0xd9, 0xbc,
		176	0xb8, 0x52, 0x9d, 0x4b, 0x2d, 0xe7, 0x2c, 0xdd,
		177	0xc8, 0x0b, 0x08, 0x75, 0xd4, 0x2f, 0x1e, 0x06,
		178	0x01, 0x74, 0x29, 0xf6, 0x50, 0x46, 0xf3, 0xea,
		179	0xa0, 0x71, 0xf2, 0x0b, 0xc9, 0x95, 0xbd, 0xc9,
		180	0xbf, 0x50, 0x62, 0x54, 0x92, 0x74, 0xa1, 0xd2,
		181	0xfd, 0xe2, 0xfa, 0x4d, 0x5d, 0x11, 0x8d, 0x67,
		182	0x9e, 0xcf, 0x3e, 0x6e, 0x57, 0x96, 0x3f, 0xe7,
		183	0xf2, 0x5f, 0x0b, 0x1e, 0x9c, 0xf3, 0xc5, 0xbb,
		184	0x63, 0x73, 0x9d, 0x8c, 0x55, 0x86, 0xcc, 0x3e,
		185	0x95, 0x6e, 0x5b, 0x39, 0xaf, 0xda, 0x75, 0x95,
		186	0xd1, 0xe2, 0xf5, 0xe3, 0xbd, 0x3c, 0x4b, 0xf5,
		187	0xc6, 0xe9, 0xed, 0x80, 0x58, 0x62, 0x9b, 0xf0,
		188	0x05, 0xfc, 0x84, 0x28, 0xad, 0x76, 0xd5, 0x50,
		189	0xdb, 0xc4, 0x9b, 0x12, 0xc7, 0xfc, 0x61, 0xdd,
		190	0x5d, 0xc9, 0x63, 0x68, 0xfb, 0xea, 0x1e, 0x74,
		191	0x5b, 0xd4, 0xe3, 0xdb, 0x02, 0x01, 0x02, 0x03,
		192	0x82, 0x01, 0x05, 0x00, 0x02, 0x82, 0x01, 0x00,
		193	0x44, 0x30, 0x25, 0xe2, 0xeb, 0x8f, 0xd0, 0x81,
		194	0x96, 0x3e, 0x7d, 0x1d, 0x9b, 0x82, 0x8a, 0x2d,
		195	0x0f, 0xb3, 0x2d, 0x9c, 0x2b, 0xb2, 0x88, 0xda,
		196	0xc6, 0xef, 0x6c, 0x9d, 0x1c, 0x80, 0xf1, 0xee,
		197	0x9d, 0x6b, 0x31, 0xb7, 0xb1, 0x9f, 0x30, 0x0d,
		198	0xb7, 0x92, 0xcf, 0x56, 0xeb, 0xfc, 0x91, 0x16,
		199	0x35, 0x96, 0x0c, 0x7b, 0x95, 0xbc, 0x65, 0x66,
		200	0x10, 0x81, 0x4b, 0x46, 0x04, 0xee, 0x95, 0xca,
		201	0xc9, 0x0c, 0xea, 0xc1, 0xd7, 0x3b, 0x83, 0xfb,
		202	0xce, 0x76, 0x17, 0xb4, 0x15, 0xad, 0x03, 0xd0,
		203	0x00, 0xef, 0xb2, 0xee, 0x12, 0x3f, 0x75, 0xd1,
		204	0xb8, 0x6c, 0xfd, 0x87, 0xb5, 0x07, 0xfa, 0x1e,
		205	0x60, 0x9b, 0x49, 0x6f, 0x89, 0xc2, 0x75, 0x4d,
		206	0x7d, 0x21, 0xdb, 0xb6, 0x85, 0x78, 0xa5, 0x77,
		207	0xbe, 0xeb, 0x4d, 0x9e, 0x1c, 0x05, 0xbc, 0x51,
		208	0x97, 0x0f, 0xe9, 0x68, 0x78, 0x5a, 0xc8, 0x4e,
		209	0xef, 0x72, 0x8f, 0x53, 0x41, 0x0d, 0x57, 0xf2,
		210	0xc5, 0x29, 0x33, 0x67, 0xdd, 0x35, 0x43, 0xfc,
		211	0x13, 0x49, 0x92, 0x1d, 0x14, 0x92, 0x40, 0x14,
		212	0x38, 0x32, 0xdb, 0x14, 0x95, 0x44, 0x2a, 0x03,
		213	0xb7, 0x87, 0xa3, 0x5a, 0x5a, 0xe2, 0x3b, 0xc5,
		214	0x44, 0xa4, 0x06, 0xf6, 0x14, 0xe6, 0x08, 0x9c,
		215	0x51, 0x09, 0x2a, 0xc4, 0x2e, 0x72, 0xb3, 0x20,
		216	0x46, 0x77, 0xe2, 0xda, 0x07, 0xd8, 0x10, 0x89,
		217	0xcf, 0x2b, 0xef, 0x67, 0xa2, 0x48, 0xfd, 0xa3,
		218	0x71, 0x59, 0xf0, 0x89, 0x3a, 0x35, 0x31, 0x87,
		219	0xad, 0x45, 0x9e, 0x35, 0xbd, 0x64, 0xec, 0xd1,
		220	0xd7, 0xea, 0x92, 0xed, 0x72, 0x9c, 0x81, 0x8e,
		221	0x11, 0x4e, 0xa5, 0xe7, 0x12, 0xe3, 0x7c, 0x53,
		222	0x2b, 0x31, 0xd4, 0x3d, 0xd5, 0xd9, 0xbd, 0x44,
		223	0x27, 0xa3, 0x4a, 0x3f, 0x20, 0x87, 0xce, 0x73,
		224	0x0e, 0xa8, 0x90, 0xcd, 0xfe, 0x32, 0x69, 0x9a,
		225	};
		226
124	static void	227	static void
125	hexdump(const unsigned char *buf, size_t len)	228	hexdump(const unsigned char *buf, size_t len)
126	{	229	{
@@ -153,6 +256,93 @@ compare_data(const char label, const unsigned char d1, size_t d1_len,
153	}	256	}
154		257
155	static int	258	static int
		259	dh_pubkey_test(void)
		260	{
		261	EVP_PKEY *pkey = NULL;
		262	EVP_PKEY pkey_a = NULL, pkey_b = NULL;
		263	unsigned char out = NULL, data = NULL;
		264	DH dh_a = NULL, dh_b = NULL;
		265	const unsigned char *p;
		266	BIO *bio_mem = NULL;
		267	int failure = 1;
		268	int len;
		269
		270	ERR_clear_error();
		271
		272	if ((bio_mem = BIO_new_mem_buf(dh_test_key, -1)) == NULL)
		273	errx(1, "failed to create BIO");
		274
		275	if ((pkey = PEM_read_bio_PrivateKey(bio_mem, NULL, NULL, NULL)) == NULL) {
		276	ERR_print_errors_fp(stderr);
		277	errx(1, "failed to decode DH key from PEM");
		278	}
		279
		280	/*
		281	* Test PEM_write_bio_PrivateKey().
		282	*/
		283	BIO_free_all(bio_mem);
		284	if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
		285	errx(1, "BIO_new failed for BIO_s_mem");
		286
		287	if (!PEM_write_bio_PrivateKey(bio_mem, pkey, NULL, NULL, 0, 0, NULL)) {
		288	fprintf(stderr, "FAIL: PEM_write_bio_PrivateKey failed\n");
		289	goto done;
		290	}
		291
		292	len = BIO_get_mem_data(bio_mem, &data);
		293	if (compare_data("DH PrivateKey", data, len,
		294	dh_test_key, sizeof(dh_test_key) - 1) == -1)
		295	goto done;
		296
		297	/*
		298	* Test i2d_PUBKEY/d2i_PUBKEY.
		299	*/
		300
		301	if ((dh_a = EVP_PKEY_get1_DH(pkey)) == NULL) {
		302	ERR_print_errors_fp(stderr);
		303	errx(1, "failed to get1 DH key from PEM");
		304	}
		305
		306	if ((pkey_a = EVP_PKEY_new()) == NULL)
		307	errx(1, "failed to create EVP_PKEY");
		308	if (!EVP_PKEY_set1_DH(pkey_a, dh_a))
		309	errx(1, "failed to set DH on EVP_PKEY");
		310
		311	if ((len = i2d_PUBKEY(pkey_a, &out)) < 0) {
		312	fprintf(stderr, "FAIL: i2d_PUBKEY failed\n");
		313	goto done;
		314	}
		315	if (compare_data("DH PUBKEY", out, len, dh_test_asn1_pubkey,
		316	sizeof(dh_test_asn1_pubkey)) == -1)
		317	goto done;
		318
		319	p = out;
		320	if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
		321	fprintf(stderr, "FAIL: d2i_PUBKEY failed\n");
		322	goto done;
		323	}
		324
		325	if (BN_cmp(DH_get0_pub_key(EVP_PKEY_get0_DH(pkey_a)),
		326	DH_get0_pub_key(EVP_PKEY_get0_DH(pkey_b))) != 0) {
		327	fprintf(stderr, "FAIL: DH public keys mismatch\n");
		328	goto done;
		329	}
		330
		331	failure = 0;
		332
		333	done:
		334	BIO_free_all(bio_mem);
		335	EVP_PKEY_free(pkey);
		336	DH_free(dh_a);
		337	DH_free(dh_b);
		338	EVP_PKEY_free(pkey_a);
		339	EVP_PKEY_free(pkey_b);
		340	free(out);
		341
		342	return failure;
		343	}
		344
		345	static int
156	dsa_pubkey_test(void)	346	dsa_pubkey_test(void)
157	{	347	{
158	EVP_PKEY pkey_a = NULL, pkey_b = NULL;	348	EVP_PKEY pkey_a = NULL, pkey_b = NULL;
@@ -161,7 +351,7 @@ dsa_pubkey_test(void)
161	const unsigned char *p;	351	const unsigned char *p;
162	BIO *bio_mem = NULL;	352	BIO *bio_mem = NULL;
163	int failure = 1;	353	int failure = 1;
164	int len;	354	int len, ret;
165		355
166	ERR_clear_error();	356	ERR_clear_error();
167		357
@@ -201,6 +391,80 @@ dsa_pubkey_test(void)
201	goto done;	391	goto done;
202	}	392	}
203		393
		394	if (EVP_PKEY_missing_parameters(pkey_b)) {
		395	fprintf(stderr, "FAIL: DSA pkey_b has missing parameters\n");
		396	goto done;
		397	}
		398
		399	if (!EVP_PKEY_cmp_parameters(pkey_a, pkey_b)) {
		400	fprintf(stderr, "FAIL: DSA parameters mismatch\n");
		401	goto done;
		402	}
		403
		404	/*
		405	* Check save_parameters defaults - EVP_PKEY_save_parameters() returns
		406	* the current save_parameters; mode -1 inspects without setting.
		407	*/
		408	if ((ret = EVP_PKEY_save_parameters(pkey_b, 0)) != 1) {
		409	fprintf(stderr, "FAIL: DSA save_parameters want 1, got %d\n", ret);
		410	goto done;
		411	}
		412	if ((ret = EVP_PKEY_save_parameters(pkey_b, -1)) != 0) {
		413	fprintf(stderr, "FAIL: DSA save_parameters want 0, got %d\n", ret);
		414	goto done;
		415	}
		416
		417	free(out);
		418	out = NULL;
		419
		420	if ((len = i2d_PUBKEY(pkey_b, &out)) < 0) {
		421	fprintf(stderr, "FAIL: i2d_PUBKEY (no params) failed\n");
		422	goto done;
		423	}
		424
		425	if (compare_data("PUBKEY (no params)", dsa_test_asn1_pubkey_noparams,
		426	sizeof(dsa_test_asn1_pubkey_noparams), out, len) == -1)
		427	goto done;
		428
		429	EVP_PKEY_free(pkey_b);
		430
		431	p = out;
		432	if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
		433	fprintf(stderr, "FAIL: d2i_PUBKEY (no params) failed\n");
		434	goto done;
		435	}
		436
		437	if (!EVP_PKEY_missing_parameters(pkey_b)) {
		438	fprintf(stderr, "FAIL: DSA pkey_b has no missing parameters\n");
		439	goto done;
		440	}
		441
		442	if (BN_cmp(DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_a)),
		443	DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_b))) != 0) {
		444	fprintf(stderr, "FAIL: DSA public keys mismatch\n");
		445	goto done;
		446	}
		447
		448	if (EVP_PKEY_cmp_parameters(pkey_a, pkey_b)) {
		449	fprintf(stderr, "FAIL: DSA parameters match\n");
		450	goto done;
		451	}
		452
		453	if (EVP_PKEY_cmp(pkey_a, pkey_b)) {
		454	fprintf(stderr, "FAIL: DSA keys should not match\n");
		455	goto done;
		456	}
		457
		458	if (!EVP_PKEY_copy_parameters(pkey_b, pkey_a)) {
		459	fprintf(stderr, "FAIL: failed to copy DSA parameters\n");
		460	goto done;
		461	}
		462
		463	if (!EVP_PKEY_cmp(pkey_a, pkey_b)) {
		464	fprintf(stderr, "FAIL: DSA keys should match\n");
		465	goto done;
		466	}
		467
204	free(out);	468	free(out);
205	out = NULL;	469	out = NULL;
206		470
@@ -569,6 +833,7 @@ main(int argc, char **argv)
569		833
570	ERR_load_crypto_strings();	834	ERR_load_crypto_strings();
571		835
		836	failed \|= dh_pubkey_test();
572	failed \|= dsa_pubkey_test();	837	failed \|= dsa_pubkey_test();
573	failed \|= ec_pubkey_test();	838	failed \|= ec_pubkey_test();
574	failed \|= rsa_pubkey_test();	839	failed \|= rsa_pubkey_test();