1b0d17251Schristos /*
2b0d17251Schristos * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3b0d17251Schristos * Copyright (c) 2019-2020, Oracle and/or its affiliates. All rights reserved.
4b0d17251Schristos *
5b0d17251Schristos * Licensed under the Apache License 2.0 (the "License"). You may not use
6b0d17251Schristos * this file except in compliance with the License. You can obtain a copy
7b0d17251Schristos * in the file LICENSE in the source distribution or at
8b0d17251Schristos * https://www.openssl.org/source/license.html
9b0d17251Schristos */
10b0d17251Schristos
11b0d17251Schristos /*
12b0d17251Schristos * This is an internal test that is intentionally using internal APIs. Some of
13b0d17251Schristos * those APIs are deprecated for public use.
14b0d17251Schristos */
15b0d17251Schristos #include "internal/deprecated.h"
16b0d17251Schristos
17b0d17251Schristos #include <stdio.h>
18b0d17251Schristos #include <stdlib.h>
19b0d17251Schristos #include <string.h>
20b0d17251Schristos
21b0d17251Schristos #include "internal/nelem.h"
22b0d17251Schristos #include <openssl/crypto.h>
23b0d17251Schristos #include <openssl/bio.h>
24b0d17251Schristos #include <openssl/bn.h>
25b0d17251Schristos #include <openssl/rand.h>
26b0d17251Schristos #include <openssl/err.h>
27b0d17251Schristos #include "testutil.h"
28b0d17251Schristos
29b0d17251Schristos #include "internal/ffc.h"
30b0d17251Schristos #include "crypto/security_bits.h"
31b0d17251Schristos
32b0d17251Schristos #ifndef OPENSSL_NO_DSA
33b0d17251Schristos static const unsigned char dsa_2048_224_sha224_p[] = {
34b0d17251Schristos 0x93, 0x57, 0x93, 0x62, 0x1b, 0x9a, 0x10, 0x9b, 0xc1, 0x56, 0x0f, 0x24,
35b0d17251Schristos 0x71, 0x76, 0x4e, 0xd3, 0xed, 0x78, 0x78, 0x7a, 0xbf, 0x89, 0x71, 0x67,
36b0d17251Schristos 0x8e, 0x03, 0xd8, 0x5b, 0xcd, 0x22, 0x8f, 0x70, 0x74, 0xff, 0x22, 0x05,
37b0d17251Schristos 0x07, 0x0c, 0x4c, 0x60, 0xed, 0x41, 0xe1, 0x9e, 0x9c, 0xaa, 0x3e, 0x19,
38b0d17251Schristos 0x5c, 0x3d, 0x80, 0x58, 0xb2, 0x7f, 0x5f, 0x89, 0xec, 0xb5, 0x19, 0xdb,
39b0d17251Schristos 0x06, 0x11, 0xe9, 0x78, 0x5c, 0xf9, 0xa0, 0x9e, 0x70, 0x62, 0x14, 0x7b,
40b0d17251Schristos 0xda, 0x92, 0xbf, 0xb2, 0x6b, 0x01, 0x6f, 0xb8, 0x68, 0x9c, 0x89, 0x36,
41b0d17251Schristos 0x89, 0x72, 0x79, 0x49, 0x93, 0x3d, 0x14, 0xb2, 0x2d, 0xbb, 0xf0, 0xdf,
42b0d17251Schristos 0x94, 0x45, 0x0b, 0x5f, 0xf1, 0x75, 0x37, 0xeb, 0x49, 0xb9, 0x2d, 0xce,
43b0d17251Schristos 0xb7, 0xf4, 0x95, 0x77, 0xc2, 0xe9, 0x39, 0x1c, 0x4e, 0x0c, 0x40, 0x62,
44b0d17251Schristos 0x33, 0x0a, 0xe6, 0x29, 0x6f, 0xba, 0xef, 0x02, 0xdd, 0x0d, 0xe4, 0x04,
45b0d17251Schristos 0x01, 0x70, 0x40, 0xb9, 0xc9, 0x7e, 0x2f, 0x10, 0x37, 0xe9, 0xde, 0xb0,
46b0d17251Schristos 0xf6, 0xeb, 0x71, 0x7f, 0x9c, 0x35, 0x16, 0xf3, 0x0d, 0xc4, 0xe8, 0x02,
47b0d17251Schristos 0x37, 0x6c, 0xdd, 0xb3, 0x8d, 0x2d, 0x1e, 0x28, 0x13, 0x22, 0x89, 0x40,
48b0d17251Schristos 0xe5, 0xfa, 0x16, 0x67, 0xd6, 0xda, 0x12, 0xa2, 0x38, 0x83, 0x25, 0xcc,
49b0d17251Schristos 0x26, 0xc1, 0x27, 0x74, 0xfe, 0xf6, 0x7a, 0xb6, 0xa1, 0xe4, 0xe8, 0xdf,
50b0d17251Schristos 0x5d, 0xd2, 0x9c, 0x2f, 0xec, 0xea, 0x08, 0xca, 0x48, 0xdb, 0x18, 0x4b,
51b0d17251Schristos 0x12, 0xee, 0x16, 0x9b, 0xa6, 0x00, 0xa0, 0x18, 0x98, 0x7d, 0xce, 0x6c,
52b0d17251Schristos 0x6d, 0xf8, 0xfc, 0x95, 0x51, 0x1b, 0x0a, 0x40, 0xb6, 0xfc, 0xe5, 0xe2,
53b0d17251Schristos 0xb0, 0x26, 0x53, 0x4c, 0xd7, 0xfe, 0xaa, 0x6d, 0xbc, 0xdd, 0xc0, 0x61,
54b0d17251Schristos 0x65, 0xe4, 0x89, 0x44, 0x18, 0x6f, 0xd5, 0x39, 0xcf, 0x75, 0x6d, 0x29,
55b0d17251Schristos 0xcc, 0xf8, 0x40, 0xab
56b0d17251Schristos };
57b0d17251Schristos static const unsigned char dsa_2048_224_sha224_q[] = {
58b0d17251Schristos 0xf2, 0x5e, 0x4e, 0x9a, 0x15, 0xa8, 0x13, 0xdf, 0xa3, 0x17, 0x90, 0xc6,
59b0d17251Schristos 0xd6, 0x5e, 0xb1, 0xfb, 0x31, 0xf8, 0xb5, 0xb1, 0x4b, 0xa7, 0x6d, 0xde,
60b0d17251Schristos 0x57, 0x76, 0x6f, 0x11
61b0d17251Schristos };
62b0d17251Schristos static const unsigned char dsa_2048_224_sha224_seed[] = {
63b0d17251Schristos 0xd2, 0xb1, 0x36, 0xd8, 0x5b, 0x8e, 0xa4, 0xb2, 0x6a, 0xab, 0x4e, 0x85,
64b0d17251Schristos 0x8b, 0x49, 0xf9, 0xdd, 0xe6, 0xa1, 0xcd, 0xad, 0x49, 0x52, 0xe9, 0xb3,
65b0d17251Schristos 0x36, 0x17, 0x06, 0xcf
66b0d17251Schristos };
67b0d17251Schristos static const unsigned char dsa_2048_224_sha224_bad_seed[] = {
68b0d17251Schristos 0xd2, 0xb1, 0x36, 0xd8, 0x5b, 0x8e, 0xa4, 0xb2, 0x6a, 0xab, 0x4e, 0x85,
69b0d17251Schristos 0x8b, 0x49, 0xf9, 0xdd, 0xe6, 0xa1, 0xcd, 0xad, 0x49, 0x52, 0xe9, 0xb3,
70b0d17251Schristos 0x36, 0x17, 0x06, 0xd0
71b0d17251Schristos };
72b0d17251Schristos static int dsa_2048_224_sha224_counter = 2878;
73b0d17251Schristos
74b0d17251Schristos static const unsigned char dsa_3072_256_sha512_p[] = {
75b0d17251Schristos 0x9a, 0x82, 0x8b, 0x8d, 0xea, 0xd0, 0x56, 0x23, 0x88, 0x2d, 0x5d, 0x41,
76b0d17251Schristos 0x42, 0x4c, 0x13, 0x5a, 0x15, 0x81, 0x59, 0x02, 0xc5, 0x00, 0x82, 0x28,
77b0d17251Schristos 0x01, 0xee, 0x8f, 0x99, 0xfd, 0x6a, 0x95, 0xf2, 0x0f, 0xae, 0x34, 0x77,
78b0d17251Schristos 0x29, 0xcc, 0xc7, 0x50, 0x0e, 0x03, 0xef, 0xb0, 0x4d, 0xe5, 0x10, 0x00,
79b0d17251Schristos 0xa8, 0x7b, 0xce, 0x8c, 0xc6, 0xb2, 0x01, 0x74, 0x23, 0x1b, 0x7f, 0xe8,
80b0d17251Schristos 0xf9, 0x71, 0x28, 0x39, 0xcf, 0x18, 0x04, 0xb2, 0x95, 0x61, 0x2d, 0x11,
81b0d17251Schristos 0x71, 0x6b, 0xdd, 0x0d, 0x0b, 0xf0, 0xe6, 0x97, 0x52, 0x29, 0x9d, 0x45,
82b0d17251Schristos 0xb1, 0x23, 0xda, 0xb0, 0xd5, 0xcb, 0x51, 0x71, 0x8e, 0x40, 0x9c, 0x97,
83b0d17251Schristos 0x13, 0xea, 0x1f, 0x4b, 0x32, 0x5d, 0x27, 0x74, 0x81, 0x8d, 0x47, 0x8a,
84b0d17251Schristos 0x08, 0xce, 0xf4, 0xd1, 0x28, 0xa2, 0x0f, 0x9b, 0x2e, 0xc9, 0xa3, 0x0e,
85b0d17251Schristos 0x5d, 0xde, 0x47, 0x19, 0x6d, 0x5f, 0x98, 0xe0, 0x8e, 0x7f, 0x60, 0x8f,
86b0d17251Schristos 0x25, 0xa7, 0xa4, 0xeb, 0xb9, 0xf3, 0x24, 0xa4, 0x9e, 0xc1, 0xbd, 0x14,
87b0d17251Schristos 0x27, 0x7c, 0x27, 0xc8, 0x4f, 0x5f, 0xed, 0xfd, 0x86, 0xc8, 0xf1, 0xd7,
88b0d17251Schristos 0x82, 0xe2, 0xeb, 0xe5, 0xd2, 0xbe, 0xb0, 0x65, 0x28, 0xab, 0x99, 0x9e,
89b0d17251Schristos 0xcd, 0xd5, 0x22, 0xf8, 0x1b, 0x3b, 0x01, 0xe9, 0x20, 0x3d, 0xe4, 0x98,
90b0d17251Schristos 0x22, 0xfe, 0xfc, 0x09, 0x7e, 0x95, 0x20, 0xda, 0xb6, 0x12, 0x2c, 0x94,
91b0d17251Schristos 0x5c, 0xea, 0x74, 0x71, 0xbd, 0x19, 0xac, 0x78, 0x43, 0x02, 0x51, 0xb8,
92b0d17251Schristos 0x5f, 0x06, 0x1d, 0xea, 0xc8, 0xa4, 0x3b, 0xc9, 0x78, 0xa3, 0x2b, 0x09,
93b0d17251Schristos 0xdc, 0x76, 0x74, 0xc4, 0x23, 0x14, 0x48, 0x2e, 0x84, 0x2b, 0xa3, 0x82,
94b0d17251Schristos 0xc1, 0xba, 0x0b, 0x39, 0x2a, 0x9f, 0x24, 0x7b, 0xd6, 0xc2, 0xea, 0x5a,
95b0d17251Schristos 0xb6, 0xbd, 0x15, 0x82, 0x21, 0x85, 0xe0, 0x6b, 0x12, 0x4f, 0x8d, 0x64,
96b0d17251Schristos 0x75, 0xeb, 0x7e, 0xa1, 0xdb, 0xe0, 0x9d, 0x25, 0xae, 0x3b, 0xe9, 0x9b,
97b0d17251Schristos 0x21, 0x7f, 0x9a, 0x3d, 0x66, 0xd0, 0x52, 0x1d, 0x39, 0x8b, 0xeb, 0xfc,
98b0d17251Schristos 0xec, 0xbe, 0x72, 0x20, 0x5a, 0xdf, 0x1b, 0x00, 0xf1, 0x0e, 0xed, 0xc6,
99b0d17251Schristos 0x78, 0x6f, 0xc9, 0xab, 0xe4, 0xd6, 0x81, 0x8b, 0xcc, 0xf6, 0xd4, 0x6a,
100b0d17251Schristos 0x31, 0x62, 0x08, 0xd9, 0x38, 0x21, 0x8f, 0xda, 0x9e, 0xb1, 0x2b, 0x9c,
101b0d17251Schristos 0xc0, 0xbe, 0xf7, 0x9a, 0x43, 0x2d, 0x07, 0x59, 0x46, 0x0e, 0xd5, 0x23,
102b0d17251Schristos 0x4e, 0xaa, 0x4a, 0x04, 0xc2, 0xde, 0x33, 0xa6, 0x34, 0xba, 0xac, 0x4f,
103b0d17251Schristos 0x78, 0xd8, 0xca, 0x76, 0xce, 0x5e, 0xd4, 0xf6, 0x85, 0x4c, 0x6a, 0x60,
104b0d17251Schristos 0x08, 0x5d, 0x0e, 0x34, 0x8b, 0xf2, 0xb6, 0xe3, 0xb7, 0x51, 0xca, 0x43,
105b0d17251Schristos 0xaa, 0x68, 0x7b, 0x0a, 0x6e, 0xea, 0xce, 0x1e, 0x2c, 0x34, 0x8e, 0x0f,
106b0d17251Schristos 0xe2, 0xcc, 0x38, 0xf2, 0x9a, 0x98, 0xef, 0xe6, 0x7f, 0xf6, 0x62, 0xbb
107b0d17251Schristos };
108b0d17251Schristos static const unsigned char dsa_3072_256_sha512_q[] = {
109b0d17251Schristos 0xc1, 0xdb, 0xc1, 0x21, 0x50, 0x49, 0x63, 0xa3, 0x77, 0x6d, 0x4c, 0x92,
110b0d17251Schristos 0xed, 0x58, 0x9e, 0x98, 0xea, 0xac, 0x7a, 0x90, 0x13, 0x24, 0xf7, 0xcd,
111b0d17251Schristos 0xd7, 0xe6, 0xd4, 0x8f, 0xf0, 0x45, 0x4b, 0xf7
112b0d17251Schristos };
113b0d17251Schristos static const unsigned char dsa_3072_256_sha512_seed[] = {
114b0d17251Schristos 0x35, 0x24, 0xb5, 0x59, 0xd5, 0x27, 0x58, 0x10, 0xf6, 0xa2, 0x7c, 0x9a,
115b0d17251Schristos 0x0d, 0xc2, 0x70, 0x8a, 0xb0, 0x41, 0x4a, 0x84, 0x0b, 0xfe, 0x66, 0xf5,
116b0d17251Schristos 0x3a, 0xbf, 0x4a, 0xa9, 0xcb, 0xfc, 0xa6, 0x22
117b0d17251Schristos };
118b0d17251Schristos static int dsa_3072_256_sha512_counter = 1604;
119b0d17251Schristos
120b0d17251Schristos static const unsigned char dsa_2048_224_sha256_p[] = {
121b0d17251Schristos 0xe9, 0x13, 0xbc, 0xf2, 0x14, 0x5d, 0xf9, 0x79, 0xd6, 0x6d, 0xf5, 0xc5,
122b0d17251Schristos 0xbe, 0x7b, 0x6f, 0x90, 0x63, 0xd0, 0xfd, 0xee, 0x4f, 0xc4, 0x65, 0x83,
123b0d17251Schristos 0xbf, 0xec, 0xc3, 0x2c, 0x5d, 0x30, 0xc8, 0xa4, 0x3b, 0x2f, 0x3b, 0x29,
124b0d17251Schristos 0x43, 0x69, 0xfb, 0x6e, 0xa9, 0xa4, 0x07, 0x6c, 0xcd, 0xb0, 0xd2, 0xd9,
125b0d17251Schristos 0xd3, 0xe6, 0xf4, 0x87, 0x16, 0xb7, 0xe5, 0x06, 0xb9, 0xba, 0xd6, 0x87,
126b0d17251Schristos 0xbc, 0x01, 0x9e, 0xba, 0xc2, 0xcf, 0x39, 0xb6, 0xec, 0xdc, 0x75, 0x07,
127b0d17251Schristos 0xc1, 0x39, 0x2d, 0x6a, 0x95, 0x31, 0x97, 0xda, 0x54, 0x20, 0x29, 0xe0,
128b0d17251Schristos 0x1b, 0xf9, 0x74, 0x65, 0xaa, 0xc1, 0x47, 0xd3, 0x9e, 0xb4, 0x3c, 0x1d,
129b0d17251Schristos 0xe0, 0xdc, 0x2d, 0x21, 0xab, 0x12, 0x3b, 0xa5, 0x51, 0x1e, 0xc6, 0xbc,
130b0d17251Schristos 0x6b, 0x4c, 0x22, 0xd1, 0x7c, 0xc6, 0xce, 0xcb, 0x8c, 0x1d, 0x1f, 0xce,
131b0d17251Schristos 0x1c, 0xe2, 0x75, 0x49, 0x6d, 0x2c, 0xee, 0x7f, 0x5f, 0xb8, 0x74, 0x42,
132b0d17251Schristos 0x5c, 0x96, 0x77, 0x13, 0xff, 0x80, 0xf3, 0x05, 0xc7, 0xfe, 0x08, 0x3b,
133b0d17251Schristos 0x25, 0x36, 0x46, 0xa2, 0xc4, 0x26, 0xb4, 0xb0, 0x3b, 0xd5, 0xb2, 0x4c,
134b0d17251Schristos 0x13, 0x29, 0x0e, 0x47, 0x31, 0x66, 0x7d, 0x78, 0x57, 0xe6, 0xc2, 0xb5,
135b0d17251Schristos 0x9f, 0x46, 0x17, 0xbc, 0xa9, 0x9a, 0x49, 0x1c, 0x0f, 0x45, 0xe0, 0x88,
136b0d17251Schristos 0x97, 0xa1, 0x30, 0x7c, 0x42, 0xb7, 0x2c, 0x0a, 0xce, 0xb3, 0xa5, 0x7a,
137b0d17251Schristos 0x61, 0x8e, 0xab, 0x44, 0xc1, 0xdc, 0x70, 0xe5, 0xda, 0x78, 0x2a, 0xb4,
138b0d17251Schristos 0xe6, 0x3c, 0xa0, 0x58, 0xda, 0x62, 0x0a, 0xb2, 0xa9, 0x3d, 0xaa, 0x49,
139b0d17251Schristos 0x7e, 0x7f, 0x9a, 0x19, 0x67, 0xee, 0xd6, 0xe3, 0x67, 0x13, 0xe8, 0x6f,
140b0d17251Schristos 0x79, 0x50, 0x76, 0xfc, 0xb3, 0x9d, 0x7e, 0x9e, 0x3e, 0x6e, 0x47, 0xb1,
141b0d17251Schristos 0x11, 0x5e, 0xc8, 0x83, 0x3a, 0x3c, 0xfc, 0x82, 0x5c, 0x9d, 0x34, 0x65,
142b0d17251Schristos 0x73, 0xb4, 0x56, 0xd5
143b0d17251Schristos };
144b0d17251Schristos static const unsigned char dsa_2048_224_sha256_q[] = {
145b0d17251Schristos 0xb0, 0xdf, 0xa1, 0x7b, 0xa4, 0x77, 0x64, 0x0e, 0xb9, 0x28, 0xbb, 0xbc,
146b0d17251Schristos 0xd4, 0x60, 0x02, 0xaf, 0x21, 0x8c, 0xb0, 0x69, 0x0f, 0x8a, 0x7b, 0xc6,
147b0d17251Schristos 0x80, 0xcb, 0x0a, 0x45
148b0d17251Schristos };
149b0d17251Schristos static const unsigned char dsa_2048_224_sha256_g[] = {
150b0d17251Schristos 0x11, 0x7c, 0x5f, 0xf6, 0x99, 0x44, 0x67, 0x5b, 0x69, 0xa3, 0x83, 0xef,
151b0d17251Schristos 0xb5, 0x85, 0xa2, 0x19, 0x35, 0x18, 0x2a, 0xf2, 0x58, 0xf4, 0xc9, 0x58,
152b0d17251Schristos 0x9e, 0xb9, 0xe8, 0x91, 0x17, 0x2f, 0xb0, 0x60, 0x85, 0x95, 0xa6, 0x62,
153b0d17251Schristos 0x36, 0xd0, 0xff, 0x94, 0xb9, 0xa6, 0x50, 0xad, 0xa6, 0xf6, 0x04, 0x28,
154b0d17251Schristos 0xc2, 0xc9, 0xb9, 0x75, 0xf3, 0x66, 0xb4, 0xeb, 0xf6, 0xd5, 0x06, 0x13,
155b0d17251Schristos 0x01, 0x64, 0x82, 0xa9, 0xf1, 0xd5, 0x41, 0xdc, 0xf2, 0x08, 0xfc, 0x2f,
156b0d17251Schristos 0xc4, 0xa1, 0x21, 0xee, 0x7d, 0xbc, 0xda, 0x5a, 0xa4, 0xa2, 0xb9, 0x68,
157b0d17251Schristos 0x87, 0x36, 0xba, 0x53, 0x9e, 0x14, 0x4e, 0x76, 0x5c, 0xba, 0x79, 0x3d,
158b0d17251Schristos 0x0f, 0xe5, 0x99, 0x1c, 0x27, 0xfc, 0xaf, 0x10, 0x63, 0x87, 0x68, 0x0e,
159b0d17251Schristos 0x3e, 0x6e, 0xaa, 0xf3, 0xdf, 0x76, 0x7e, 0x02, 0x9a, 0x41, 0x96, 0xa1,
160b0d17251Schristos 0x6c, 0xbb, 0x67, 0xee, 0x0c, 0xad, 0x72, 0x65, 0xf1, 0x70, 0xb0, 0x39,
161b0d17251Schristos 0x9b, 0x54, 0x5f, 0xd7, 0x6c, 0xc5, 0x9a, 0x90, 0x53, 0x18, 0xde, 0x5e,
162b0d17251Schristos 0x62, 0x89, 0xb9, 0x2f, 0x66, 0x59, 0x3a, 0x3d, 0x10, 0xeb, 0xa5, 0x99,
163b0d17251Schristos 0xf6, 0x21, 0x7d, 0xf2, 0x7b, 0x42, 0x15, 0x1c, 0x55, 0x79, 0x15, 0xaa,
164b0d17251Schristos 0xa4, 0x17, 0x2e, 0x48, 0xc3, 0xa8, 0x36, 0xf5, 0x1a, 0x97, 0xce, 0xbd,
165b0d17251Schristos 0x72, 0xef, 0x1d, 0x50, 0x5b, 0xb1, 0x60, 0x0a, 0x5c, 0x0b, 0xa6, 0x21,
166b0d17251Schristos 0x38, 0x28, 0x4e, 0x89, 0x33, 0x1d, 0xb5, 0x7e, 0x5c, 0xf1, 0x6b, 0x2c,
167b0d17251Schristos 0xbd, 0xad, 0x84, 0xb2, 0x8e, 0x96, 0xe2, 0x30, 0xe7, 0x54, 0xb8, 0xc9,
168b0d17251Schristos 0x70, 0xcb, 0x10, 0x30, 0x63, 0x90, 0xf4, 0x45, 0x64, 0x93, 0x09, 0x38,
169b0d17251Schristos 0x6a, 0x47, 0x58, 0x31, 0x04, 0x1a, 0x18, 0x04, 0x1a, 0xe0, 0xd7, 0x0b,
170b0d17251Schristos 0x3c, 0xbe, 0x2a, 0x9c, 0xec, 0xcc, 0x0d, 0x0c, 0xed, 0xde, 0x54, 0xbc,
171b0d17251Schristos 0xe6, 0x93, 0x59, 0xfc
172b0d17251Schristos };
173b0d17251Schristos
ffc_params_validate_g_unverified_test(void)174b0d17251Schristos static int ffc_params_validate_g_unverified_test(void)
175b0d17251Schristos {
176b0d17251Schristos int ret = 0, res;
177b0d17251Schristos FFC_PARAMS params;
178b0d17251Schristos BIGNUM *p = NULL, *q = NULL, *g = NULL;
179b0d17251Schristos BIGNUM *p1 = NULL, *g1 = NULL;
180b0d17251Schristos
181b0d17251Schristos ossl_ffc_params_init(¶ms);
182b0d17251Schristos
183b0d17251Schristos if (!TEST_ptr(p = BN_bin2bn(dsa_2048_224_sha256_p,
184b0d17251Schristos sizeof(dsa_2048_224_sha256_p), NULL)))
185b0d17251Schristos goto err;
186b0d17251Schristos p1 = p;
187b0d17251Schristos if (!TEST_ptr(q = BN_bin2bn(dsa_2048_224_sha256_q,
188b0d17251Schristos sizeof(dsa_2048_224_sha256_q), NULL)))
189b0d17251Schristos goto err;
190b0d17251Schristos if (!TEST_ptr(g = BN_bin2bn(dsa_2048_224_sha256_g,
191b0d17251Schristos sizeof(dsa_2048_224_sha256_g), NULL)))
192b0d17251Schristos goto err;
193b0d17251Schristos g1 = g;
194b0d17251Schristos
195b0d17251Schristos /* Fail if g is NULL */
196b0d17251Schristos ossl_ffc_params_set0_pqg(¶ms, p, q, NULL);
197b0d17251Schristos p = NULL;
198b0d17251Schristos q = NULL;
199b0d17251Schristos ossl_ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_G);
200b0d17251Schristos ossl_ffc_set_digest(¶ms, "SHA256", NULL);
201b0d17251Schristos
202b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
203b0d17251Schristos FFC_PARAM_TYPE_DSA,
204b0d17251Schristos &res, NULL)))
205b0d17251Schristos goto err;
206b0d17251Schristos
207b0d17251Schristos ossl_ffc_params_set0_pqg(¶ms, p, q, g);
208b0d17251Schristos g = NULL;
209b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
210b0d17251Schristos FFC_PARAM_TYPE_DSA,
211b0d17251Schristos &res, NULL)))
212b0d17251Schristos goto err;
213b0d17251Schristos
214b0d17251Schristos /* incorrect g */
215b0d17251Schristos BN_add_word(g1, 1);
216b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
217b0d17251Schristos FFC_PARAM_TYPE_DSA,
218b0d17251Schristos &res, NULL)))
219b0d17251Schristos goto err;
220b0d17251Schristos
221b0d17251Schristos /* fail if g < 2 */
222b0d17251Schristos BN_set_word(g1, 1);
223b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
224b0d17251Schristos FFC_PARAM_TYPE_DSA,
225b0d17251Schristos &res, NULL)))
226b0d17251Schristos goto err;
227b0d17251Schristos
228b0d17251Schristos BN_copy(g1, p1);
229b0d17251Schristos /* Fail if g >= p */
230b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
231b0d17251Schristos FFC_PARAM_TYPE_DSA,
232b0d17251Schristos &res, NULL)))
233b0d17251Schristos goto err;
234b0d17251Schristos
235b0d17251Schristos ret = 1;
236b0d17251Schristos err:
237b0d17251Schristos ossl_ffc_params_cleanup(¶ms);
238b0d17251Schristos BN_free(p);
239b0d17251Schristos BN_free(q);
240b0d17251Schristos BN_free(g);
241b0d17251Schristos return ret;
242b0d17251Schristos }
243b0d17251Schristos
ffc_params_validate_pq_test(void)244b0d17251Schristos static int ffc_params_validate_pq_test(void)
245b0d17251Schristos {
246b0d17251Schristos int ret = 0, res = -1;
247b0d17251Schristos FFC_PARAMS params;
248b0d17251Schristos BIGNUM *p = NULL, *q = NULL;
249b0d17251Schristos
250b0d17251Schristos ossl_ffc_params_init(¶ms);
251b0d17251Schristos if (!TEST_ptr(p = BN_bin2bn(dsa_2048_224_sha224_p,
252b0d17251Schristos sizeof(dsa_2048_224_sha224_p),
253b0d17251Schristos NULL)))
254b0d17251Schristos goto err;
255b0d17251Schristos if (!TEST_ptr(q = BN_bin2bn(dsa_2048_224_sha224_q,
256b0d17251Schristos sizeof(dsa_2048_224_sha224_q),
257b0d17251Schristos NULL)))
258b0d17251Schristos goto err;
259b0d17251Schristos
260b0d17251Schristos /* No p */
261b0d17251Schristos ossl_ffc_params_set0_pqg(¶ms, NULL, q, NULL);
262b0d17251Schristos q = NULL;
263b0d17251Schristos ossl_ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_PQ);
264b0d17251Schristos ossl_ffc_set_digest(¶ms, "SHA224", NULL);
265b0d17251Schristos
266b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
267b0d17251Schristos FFC_PARAM_TYPE_DSA,
268b0d17251Schristos &res, NULL)))
269b0d17251Schristos goto err;
270b0d17251Schristos
271b0d17251Schristos /* Test valid case */
272b0d17251Schristos ossl_ffc_params_set0_pqg(¶ms, p, NULL, NULL);
273b0d17251Schristos p = NULL;
274b0d17251Schristos ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed,
275b0d17251Schristos sizeof(dsa_2048_224_sha224_seed),
276b0d17251Schristos dsa_2048_224_sha224_counter);
277b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
278b0d17251Schristos FFC_PARAM_TYPE_DSA,
279b0d17251Schristos &res, NULL)))
280b0d17251Schristos goto err;
281b0d17251Schristos
282b0d17251Schristos /* Bad counter - so p is not prime */
283b0d17251Schristos ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed,
284b0d17251Schristos sizeof(dsa_2048_224_sha224_seed),
285b0d17251Schristos 1);
286b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
287b0d17251Schristos FFC_PARAM_TYPE_DSA,
288b0d17251Schristos &res, NULL)))
289b0d17251Schristos goto err;
290b0d17251Schristos
291b0d17251Schristos /* seedlen smaller than N */
292b0d17251Schristos ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed,
293b0d17251Schristos sizeof(dsa_2048_224_sha224_seed)-1,
294b0d17251Schristos dsa_2048_224_sha224_counter);
295b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
296b0d17251Schristos FFC_PARAM_TYPE_DSA,
297b0d17251Schristos &res, NULL)))
298b0d17251Schristos goto err;
299b0d17251Schristos
300b0d17251Schristos /* Provided seed doesnt produce a valid prime q */
301b0d17251Schristos ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_bad_seed,
302b0d17251Schristos sizeof(dsa_2048_224_sha224_bad_seed),
303b0d17251Schristos dsa_2048_224_sha224_counter);
304b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
305b0d17251Schristos FFC_PARAM_TYPE_DSA,
306b0d17251Schristos &res, NULL)))
307b0d17251Schristos goto err;
308b0d17251Schristos
309b0d17251Schristos if (!TEST_ptr(p = BN_bin2bn(dsa_3072_256_sha512_p,
310b0d17251Schristos sizeof(dsa_3072_256_sha512_p), NULL)))
311b0d17251Schristos goto err;
312b0d17251Schristos if (!TEST_ptr(q = BN_bin2bn(dsa_3072_256_sha512_q,
313b0d17251Schristos sizeof(dsa_3072_256_sha512_q),
314b0d17251Schristos NULL)))
315b0d17251Schristos goto err;
316b0d17251Schristos
317b0d17251Schristos
318b0d17251Schristos ossl_ffc_params_set0_pqg(¶ms, p, q, NULL);
319b0d17251Schristos p = q = NULL;
320b0d17251Schristos ossl_ffc_set_digest(¶ms, "SHA512", NULL);
321b0d17251Schristos ossl_ffc_params_set_validate_params(¶ms, dsa_3072_256_sha512_seed,
322b0d17251Schristos sizeof(dsa_3072_256_sha512_seed),
323b0d17251Schristos dsa_3072_256_sha512_counter);
324b0d17251Schristos /* Q doesn't div P-1 */
325b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
326b0d17251Schristos FFC_PARAM_TYPE_DSA,
327b0d17251Schristos &res, NULL)))
328b0d17251Schristos goto err;
329b0d17251Schristos
330b0d17251Schristos /* Bad L/N for FIPS DH */
331b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
332b0d17251Schristos FFC_PARAM_TYPE_DH,
333b0d17251Schristos &res, NULL)))
334b0d17251Schristos goto err;
335b0d17251Schristos
336b0d17251Schristos ret = 1;
337b0d17251Schristos err:
338b0d17251Schristos ossl_ffc_params_cleanup(¶ms);
339b0d17251Schristos BN_free(p);
340b0d17251Schristos BN_free(q);
341b0d17251Schristos return ret;
342b0d17251Schristos }
343b0d17251Schristos #endif /* OPENSSL_NO_DSA */
344b0d17251Schristos
345b0d17251Schristos #ifndef OPENSSL_NO_DH
ffc_params_gen_test(void)346b0d17251Schristos static int ffc_params_gen_test(void)
347b0d17251Schristos {
348b0d17251Schristos int ret = 0, res = -1;
349b0d17251Schristos FFC_PARAMS params;
350b0d17251Schristos
351b0d17251Schristos ossl_ffc_params_init(¶ms);
352b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_4_generate(NULL, ¶ms,
353b0d17251Schristos FFC_PARAM_TYPE_DH,
354b0d17251Schristos 2048, 256, &res, NULL)))
355b0d17251Schristos goto err;
356b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
357b0d17251Schristos FFC_PARAM_TYPE_DH,
358b0d17251Schristos &res, NULL)))
359b0d17251Schristos goto err;
360b0d17251Schristos
361b0d17251Schristos ret = 1;
362b0d17251Schristos err:
363b0d17251Schristos ossl_ffc_params_cleanup(¶ms);
364b0d17251Schristos return ret;
365b0d17251Schristos }
366b0d17251Schristos
ffc_params_gen_canonicalg_test(void)367b0d17251Schristos static int ffc_params_gen_canonicalg_test(void)
368b0d17251Schristos {
369b0d17251Schristos int ret = 0, res = -1;
370b0d17251Schristos FFC_PARAMS params;
371b0d17251Schristos
372b0d17251Schristos ossl_ffc_params_init(¶ms);
373b0d17251Schristos params.gindex = 1;
374b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_4_generate(NULL, ¶ms,
375b0d17251Schristos FFC_PARAM_TYPE_DH,
376b0d17251Schristos 2048, 256, &res, NULL)))
377b0d17251Schristos goto err;
378b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
379b0d17251Schristos FFC_PARAM_TYPE_DH,
380b0d17251Schristos &res, NULL)))
381b0d17251Schristos goto err;
382b0d17251Schristos
383b0d17251Schristos if (!TEST_true(ossl_ffc_params_print(bio_out, ¶ms, 4)))
384b0d17251Schristos goto err;
385b0d17251Schristos
386b0d17251Schristos ret = 1;
387b0d17251Schristos err:
388b0d17251Schristos ossl_ffc_params_cleanup(¶ms);
389b0d17251Schristos return ret;
390b0d17251Schristos }
391b0d17251Schristos
ffc_params_fips186_2_gen_validate_test(void)392b0d17251Schristos static int ffc_params_fips186_2_gen_validate_test(void)
393b0d17251Schristos {
394b0d17251Schristos int ret = 0, res = -1;
395b0d17251Schristos FFC_PARAMS params;
396b0d17251Schristos BIGNUM *bn = NULL;
397b0d17251Schristos
398b0d17251Schristos ossl_ffc_params_init(¶ms);
399b0d17251Schristos if (!TEST_ptr(bn = BN_new()))
400b0d17251Schristos goto err;
401b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_2_generate(NULL, ¶ms,
402b0d17251Schristos FFC_PARAM_TYPE_DH,
403b0d17251Schristos 1024, 160, &res, NULL)))
404b0d17251Schristos goto err;
405b0d17251Schristos if (!TEST_true(ossl_ffc_params_FIPS186_2_validate(NULL, ¶ms,
406b0d17251Schristos FFC_PARAM_TYPE_DH,
407b0d17251Schristos &res, NULL)))
408b0d17251Schristos goto err;
409b0d17251Schristos
410b0d17251Schristos /*
411b0d17251Schristos * The fips186-2 generation should produce a different q compared to
412b0d17251Schristos * fips 186-4 given the same seed value. So validation of q will fail.
413b0d17251Schristos */
414b0d17251Schristos if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
415b0d17251Schristos FFC_PARAM_TYPE_DSA,
416b0d17251Schristos &res, NULL)))
417b0d17251Schristos goto err;
418b0d17251Schristos /* As the params are randomly generated the error is one of the following */
419b0d17251Schristos if (!TEST_true(res == FFC_CHECK_Q_MISMATCH || res == FFC_CHECK_Q_NOT_PRIME))
420b0d17251Schristos goto err;
421b0d17251Schristos
422b0d17251Schristos ossl_ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_G);
423b0d17251Schristos /* Partially valid g test will still pass */
424b0d17251Schristos if (!TEST_int_eq(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms,
425b0d17251Schristos FFC_PARAM_TYPE_DSA,
426b0d17251Schristos &res, NULL), 2))
427b0d17251Schristos goto err;
428b0d17251Schristos
429b0d17251Schristos if (!TEST_true(ossl_ffc_params_print(bio_out, ¶ms, 4)))
430b0d17251Schristos goto err;
431b0d17251Schristos
432b0d17251Schristos ret = 1;
433b0d17251Schristos err:
434b0d17251Schristos BN_free(bn);
435b0d17251Schristos ossl_ffc_params_cleanup(¶ms);
436b0d17251Schristos return ret;
437b0d17251Schristos }
438b0d17251Schristos
439b0d17251Schristos extern FFC_PARAMS *ossl_dh_get0_params(DH *dh);
440b0d17251Schristos
ffc_public_validate_test(void)441b0d17251Schristos static int ffc_public_validate_test(void)
442b0d17251Schristos {
443b0d17251Schristos int ret = 0, res = -1;
444b0d17251Schristos FFC_PARAMS *params;
445b0d17251Schristos BIGNUM *pub = NULL;
446b0d17251Schristos DH *dh = NULL;
447b0d17251Schristos
448b0d17251Schristos if (!TEST_ptr(pub = BN_new()))
449b0d17251Schristos goto err;
450b0d17251Schristos
451b0d17251Schristos if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe2048)))
452b0d17251Schristos goto err;
453b0d17251Schristos params = ossl_dh_get0_params(dh);
454b0d17251Schristos
455b0d17251Schristos if (!TEST_true(BN_set_word(pub, 1)))
456b0d17251Schristos goto err;
457b0d17251Schristos BN_set_negative(pub, 1);
458*4778aedeSchristos /* Check must succeed but set res if public key is negative */
459*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
460b0d17251Schristos goto err;
461b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res))
462b0d17251Schristos goto err;
463b0d17251Schristos if (!TEST_true(BN_set_word(pub, 0)))
464b0d17251Schristos goto err;
465*4778aedeSchristos /* Check must succeed but set res if public key is zero */
466*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
467b0d17251Schristos goto err;
468b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res))
469b0d17251Schristos goto err;
470*4778aedeSchristos /* Check must succeed but set res if public key is 1 */
471*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, BN_value_one(), &res)))
472b0d17251Schristos goto err;
473b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res))
474b0d17251Schristos goto err;
475b0d17251Schristos if (!TEST_true(BN_add_word(pub, 2)))
476b0d17251Schristos goto err;
477b0d17251Schristos /* Pass if public key >= 2 */
478b0d17251Schristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
479b0d17251Schristos goto err;
480b0d17251Schristos
481b0d17251Schristos if (!TEST_ptr(BN_copy(pub, params->p)))
482b0d17251Schristos goto err;
483*4778aedeSchristos /* Check must succeed but set res if public key = p */
484*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
485b0d17251Schristos goto err;
486b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_LARGE, res))
487b0d17251Schristos goto err;
488b0d17251Schristos
489b0d17251Schristos if (!TEST_true(BN_sub_word(pub, 1)))
490b0d17251Schristos goto err;
491*4778aedeSchristos /* Check must succeed but set res if public key = p - 1 */
492*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
493b0d17251Schristos goto err;
494b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_LARGE, res))
495b0d17251Schristos goto err;
496b0d17251Schristos
497b0d17251Schristos if (!TEST_true(BN_sub_word(pub, 1)))
498b0d17251Schristos goto err;
499*4778aedeSchristos /* Check must succeed but set res if public key is not related to p & q */
500*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
501b0d17251Schristos goto err;
502b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PUBKEY_INVALID, res))
503b0d17251Schristos goto err;
504b0d17251Schristos
505b0d17251Schristos if (!TEST_true(BN_sub_word(pub, 5)))
506b0d17251Schristos goto err;
507b0d17251Schristos /* Pass if public key is valid */
508b0d17251Schristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
509b0d17251Schristos goto err;
510b0d17251Schristos
511*4778aedeSchristos /* Check must succeed but set res if params is NULL */
512*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(NULL, pub, &res)))
513b0d17251Schristos goto err;
514b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
515b0d17251Schristos goto err;
516b0d17251Schristos res = -1;
517*4778aedeSchristos /* Check must succeed but set res if pubkey is NULL */
518*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, NULL, &res)))
519b0d17251Schristos goto err;
520b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
521b0d17251Schristos goto err;
522b0d17251Schristos res = -1;
523b0d17251Schristos
524b0d17251Schristos BN_free(params->p);
525b0d17251Schristos params->p = NULL;
526*4778aedeSchristos /* Check must succeed but set res if params->p is NULL */
527*4778aedeSchristos if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res)))
528b0d17251Schristos goto err;
529b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
530b0d17251Schristos goto err;
531b0d17251Schristos
532b0d17251Schristos ret = 1;
533b0d17251Schristos err:
534b0d17251Schristos DH_free(dh);
535b0d17251Schristos BN_free(pub);
536b0d17251Schristos return ret;
537b0d17251Schristos }
538b0d17251Schristos
ffc_private_validate_test(void)539b0d17251Schristos static int ffc_private_validate_test(void)
540b0d17251Schristos {
541b0d17251Schristos int ret = 0, res = -1;
542b0d17251Schristos FFC_PARAMS *params;
543b0d17251Schristos BIGNUM *priv = NULL;
544b0d17251Schristos DH *dh = NULL;
545b0d17251Schristos
546b0d17251Schristos if (!TEST_ptr(priv = BN_new()))
547b0d17251Schristos goto err;
548b0d17251Schristos
549b0d17251Schristos if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe2048)))
550b0d17251Schristos goto err;
551b0d17251Schristos params = ossl_dh_get0_params(dh);
552b0d17251Schristos
553b0d17251Schristos if (!TEST_true(BN_set_word(priv, 1)))
554b0d17251Schristos goto err;
555b0d17251Schristos BN_set_negative(priv, 1);
556b0d17251Schristos /* Fail if priv key is negative */
557b0d17251Schristos if (!TEST_false(ossl_ffc_validate_private_key(params->q, priv, &res)))
558b0d17251Schristos goto err;
559b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PRIVKEY_TOO_SMALL, res))
560b0d17251Schristos goto err;
561b0d17251Schristos
562b0d17251Schristos if (!TEST_true(BN_set_word(priv, 0)))
563b0d17251Schristos goto err;
564b0d17251Schristos /* Fail if priv key is zero */
565b0d17251Schristos if (!TEST_false(ossl_ffc_validate_private_key(params->q, priv, &res)))
566b0d17251Schristos goto err;
567b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PRIVKEY_TOO_SMALL, res))
568b0d17251Schristos goto err;
569b0d17251Schristos
570b0d17251Schristos /* Pass if priv key >= 1 */
571b0d17251Schristos if (!TEST_true(ossl_ffc_validate_private_key(params->q, BN_value_one(),
572b0d17251Schristos &res)))
573b0d17251Schristos goto err;
574b0d17251Schristos
575b0d17251Schristos if (!TEST_ptr(BN_copy(priv, params->q)))
576b0d17251Schristos goto err;
577b0d17251Schristos /* Fail if priv key = upper */
578b0d17251Schristos if (!TEST_false(ossl_ffc_validate_private_key(params->q, priv, &res)))
579b0d17251Schristos goto err;
580b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PRIVKEY_TOO_LARGE, res))
581b0d17251Schristos goto err;
582b0d17251Schristos
583b0d17251Schristos if (!TEST_true(BN_sub_word(priv, 1)))
584b0d17251Schristos goto err;
585b0d17251Schristos /* Pass if priv key <= upper - 1 */
586b0d17251Schristos if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
587b0d17251Schristos goto err;
588b0d17251Schristos
589b0d17251Schristos if (!TEST_false(ossl_ffc_validate_private_key(NULL, priv, &res)))
590b0d17251Schristos goto err;
591b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
592b0d17251Schristos goto err;
593b0d17251Schristos res = -1;
594b0d17251Schristos if (!TEST_false(ossl_ffc_validate_private_key(params->q, NULL, &res)))
595b0d17251Schristos goto err;
596b0d17251Schristos if (!TEST_int_eq(FFC_ERROR_PASSED_NULL_PARAM, res))
597b0d17251Schristos goto err;
598b0d17251Schristos
599b0d17251Schristos ret = 1;
600b0d17251Schristos err:
601b0d17251Schristos DH_free(dh);
602b0d17251Schristos BN_free(priv);
603b0d17251Schristos return ret;
604b0d17251Schristos }
605b0d17251Schristos
ffc_private_gen_test(int index)606b0d17251Schristos static int ffc_private_gen_test(int index)
607b0d17251Schristos {
608b0d17251Schristos int ret = 0, res = -1, N;
609b0d17251Schristos FFC_PARAMS *params;
610b0d17251Schristos BIGNUM *priv = NULL;
611b0d17251Schristos DH *dh = NULL;
612b0d17251Schristos BN_CTX *ctx = NULL;
613b0d17251Schristos
614b0d17251Schristos if (!TEST_ptr(ctx = BN_CTX_new_ex(NULL)))
615b0d17251Schristos goto err;
616b0d17251Schristos
617b0d17251Schristos if (!TEST_ptr(priv = BN_new()))
618b0d17251Schristos goto err;
619b0d17251Schristos
620b0d17251Schristos if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe2048)))
621b0d17251Schristos goto err;
622b0d17251Schristos params = ossl_dh_get0_params(dh);
623b0d17251Schristos
624b0d17251Schristos N = BN_num_bits(params->q);
625b0d17251Schristos /* Fail since N < 2*s - where s = 112*/
626b0d17251Schristos if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, 220, 112, priv)))
627b0d17251Schristos goto err;
628b0d17251Schristos /* fail since N > len(q) */
629b0d17251Schristos if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N + 1, 112, priv)))
630b0d17251Schristos goto err;
631b0d17251Schristos /* s must be always set */
632b0d17251Schristos if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N, 0, priv)))
633b0d17251Schristos goto err;
634b0d17251Schristos /* pass since 2s <= N <= len(q) */
635b0d17251Schristos if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, N, 112, priv)))
636b0d17251Schristos goto err;
637b0d17251Schristos /* pass since N = len(q) */
638b0d17251Schristos if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
639b0d17251Schristos goto err;
640b0d17251Schristos /* pass since 2s <= N < len(q) */
641b0d17251Schristos if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, N / 2, 112, priv)))
642b0d17251Schristos goto err;
643b0d17251Schristos if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
644b0d17251Schristos goto err;
645b0d17251Schristos /* N is ignored in this case */
646b0d17251Schristos if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, 0,
647b0d17251Schristos ossl_ifc_ffc_compute_security_bits(BN_num_bits(params->p)),
648b0d17251Schristos priv)))
649b0d17251Schristos goto err;
650b0d17251Schristos if (!TEST_int_le(BN_num_bits(priv), 225))
651b0d17251Schristos goto err;
652b0d17251Schristos if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res)))
653b0d17251Schristos goto err;
654b0d17251Schristos
655b0d17251Schristos ret = 1;
656b0d17251Schristos err:
657b0d17251Schristos DH_free(dh);
658b0d17251Schristos BN_free(priv);
659b0d17251Schristos BN_CTX_free(ctx);
660b0d17251Schristos return ret;
661b0d17251Schristos }
662b0d17251Schristos
ffc_params_copy_test(void)663b0d17251Schristos static int ffc_params_copy_test(void)
664b0d17251Schristos {
665b0d17251Schristos int ret = 0;
666b0d17251Schristos DH *dh = NULL;
667b0d17251Schristos FFC_PARAMS *params, copy;
668b0d17251Schristos
669b0d17251Schristos ossl_ffc_params_init(©);
670b0d17251Schristos
671b0d17251Schristos if (!TEST_ptr(dh = DH_new_by_nid(NID_ffdhe3072)))
672b0d17251Schristos goto err;
673b0d17251Schristos params = ossl_dh_get0_params(dh);
674b0d17251Schristos
675b0d17251Schristos if (!TEST_int_eq(params->keylength, 275))
676b0d17251Schristos goto err;
677b0d17251Schristos
678b0d17251Schristos if (!TEST_true(ossl_ffc_params_copy(©, params)))
679b0d17251Schristos goto err;
680b0d17251Schristos
681b0d17251Schristos if (!TEST_int_eq(copy.keylength, 275))
682b0d17251Schristos goto err;
683b0d17251Schristos
684b0d17251Schristos if (!TEST_true(ossl_ffc_params_cmp(©, params, 0)))
685b0d17251Schristos goto err;
686b0d17251Schristos
687b0d17251Schristos ret = 1;
688b0d17251Schristos err:
689b0d17251Schristos ossl_ffc_params_cleanup(©);
690b0d17251Schristos DH_free(dh);
691b0d17251Schristos return ret;
692b0d17251Schristos }
693b0d17251Schristos #endif /* OPENSSL_NO_DH */
694b0d17251Schristos
setup_tests(void)695b0d17251Schristos int setup_tests(void)
696b0d17251Schristos {
697b0d17251Schristos #ifndef OPENSSL_NO_DSA
698b0d17251Schristos ADD_TEST(ffc_params_validate_pq_test);
699b0d17251Schristos ADD_TEST(ffc_params_validate_g_unverified_test);
700b0d17251Schristos #endif /* OPENSSL_NO_DSA */
701b0d17251Schristos #ifndef OPENSSL_NO_DH
702b0d17251Schristos ADD_TEST(ffc_params_gen_test);
703b0d17251Schristos ADD_TEST(ffc_params_gen_canonicalg_test);
704b0d17251Schristos ADD_TEST(ffc_params_fips186_2_gen_validate_test);
705b0d17251Schristos ADD_TEST(ffc_public_validate_test);
706b0d17251Schristos ADD_TEST(ffc_private_validate_test);
707b0d17251Schristos ADD_ALL_TESTS(ffc_private_gen_test, 10);
708b0d17251Schristos ADD_TEST(ffc_params_copy_test);
709b0d17251Schristos #endif /* OPENSSL_NO_DH */
710b0d17251Schristos return 1;
711b0d17251Schristos }
712