1 /* $OpenBSD: asn1x509.c,v 1.5 2023/08/11 22:50:44 tb Exp $ */
2 /*
3 * Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2023 Theo Buehler <tb@openbsd.org>
5 *
6 * Permission to use, copy, modify, and distribute this software for any
7 * purpose with or without fee is hereby granted, provided that the above
8 * copyright notice and this permission notice appear in all copies.
9 *
10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 */
18
19 #include <err.h>
20 #include <string.h>
21
22 #include <openssl/asn1.h>
23 #include <openssl/bio.h>
24 #include <openssl/bn.h>
25 #include <openssl/dsa.h>
26 #include <openssl/ec.h>
27 #include <openssl/err.h>
28 #include <openssl/pem.h>
29 #include <openssl/rsa.h>
30 #include <openssl/x509.h>
31
32 const char *dsa_test_key =
33 "-----BEGIN DSA PRIVATE KEY-----\n"
34 "MIH5AgEAAkEAt+CNNryEe8t2SkjuP0azjOKjSMXsw3GzjLS5c+vFLQKs0zIuPp8F\n"
35 "I/z5t8vcNt/D8EyzQZWxgCfoasHqDOJvRwIVAKrJMyIMt9iJtaS31cyIJmIDVlZX\n"
36 "AkEAs1/Uy+x0+1C1n7V3eJxuBdO/LUalbrZM5PfcwDshf9kcQNLsRu5zTZkU0OX/\n"
37 "8xANz+ue2o6LON2sTAtuEfSM1QJBAIDRt0rQGGrFCRJ4O39Iqlf27yIO6Gq1ppbE\n"
38 "Wvsvz4YSIZsG02vlBlzVIhULftNnkpN59MFtIjx8RsbEQ4YTnSICFDXPf/UIRvdH\n"
39 "20NV++tnUZYUAXM+\n"
40 "-----END DSA PRIVATE KEY-----\n";
41
42 unsigned char dsa_test_asn1_pubkey[] = {
43 0x30, 0x81, 0xf2, 0x30, 0x81, 0xa9, 0x06, 0x07,
44 0x2a, 0x86, 0x48, 0xce, 0x38, 0x04, 0x01, 0x30,
45 0x81, 0x9d, 0x02, 0x41, 0x00, 0xb7, 0xe0, 0x8d,
46 0x36, 0xbc, 0x84, 0x7b, 0xcb, 0x76, 0x4a, 0x48,
47 0xee, 0x3f, 0x46, 0xb3, 0x8c, 0xe2, 0xa3, 0x48,
48 0xc5, 0xec, 0xc3, 0x71, 0xb3, 0x8c, 0xb4, 0xb9,
49 0x73, 0xeb, 0xc5, 0x2d, 0x02, 0xac, 0xd3, 0x32,
50 0x2e, 0x3e, 0x9f, 0x05, 0x23, 0xfc, 0xf9, 0xb7,
51 0xcb, 0xdc, 0x36, 0xdf, 0xc3, 0xf0, 0x4c, 0xb3,
52 0x41, 0x95, 0xb1, 0x80, 0x27, 0xe8, 0x6a, 0xc1,
53 0xea, 0x0c, 0xe2, 0x6f, 0x47, 0x02, 0x15, 0x00,
54 0xaa, 0xc9, 0x33, 0x22, 0x0c, 0xb7, 0xd8, 0x89,
55 0xb5, 0xa4, 0xb7, 0xd5, 0xcc, 0x88, 0x26, 0x62,
56 0x03, 0x56, 0x56, 0x57, 0x02, 0x41, 0x00, 0xb3,
57 0x5f, 0xd4, 0xcb, 0xec, 0x74, 0xfb, 0x50, 0xb5,
58 0x9f, 0xb5, 0x77, 0x78, 0x9c, 0x6e, 0x05, 0xd3,
59 0xbf, 0x2d, 0x46, 0xa5, 0x6e, 0xb6, 0x4c, 0xe4,
60 0xf7, 0xdc, 0xc0, 0x3b, 0x21, 0x7f, 0xd9, 0x1c,
61 0x40, 0xd2, 0xec, 0x46, 0xee, 0x73, 0x4d, 0x99,
62 0x14, 0xd0, 0xe5, 0xff, 0xf3, 0x10, 0x0d, 0xcf,
63 0xeb, 0x9e, 0xda, 0x8e, 0x8b, 0x38, 0xdd, 0xac,
64 0x4c, 0x0b, 0x6e, 0x11, 0xf4, 0x8c, 0xd5, 0x03,
65 0x44, 0x00, 0x02, 0x41, 0x00, 0x80, 0xd1, 0xb7,
66 0x4a, 0xd0, 0x18, 0x6a, 0xc5, 0x09, 0x12, 0x78,
67 0x3b, 0x7f, 0x48, 0xaa, 0x57, 0xf6, 0xef, 0x22,
68 0x0e, 0xe8, 0x6a, 0xb5, 0xa6, 0x96, 0xc4, 0x5a,
69 0xfb, 0x2f, 0xcf, 0x86, 0x12, 0x21, 0x9b, 0x06,
70 0xd3, 0x6b, 0xe5, 0x06, 0x5c, 0xd5, 0x22, 0x15,
71 0x0b, 0x7e, 0xd3, 0x67, 0x92, 0x93, 0x79, 0xf4,
72 0xc1, 0x6d, 0x22, 0x3c, 0x7c, 0x46, 0xc6, 0xc4,
73 0x43, 0x86, 0x13, 0x9d, 0x22,
74 };
75
76 const unsigned char dsa_test_asn1_pubkey_noparams[] = {
77 0x30, 0x51, 0x30, 0x09, 0x06, 0x07, 0x2a, 0x86,
78 0x48, 0xce, 0x38, 0x04, 0x01, 0x03, 0x44, 0x00,
79 0x02, 0x41, 0x00, 0x80, 0xd1, 0xb7, 0x4a, 0xd0,
80 0x18, 0x6a, 0xc5, 0x09, 0x12, 0x78, 0x3b, 0x7f,
81 0x48, 0xaa, 0x57, 0xf6, 0xef, 0x22, 0x0e, 0xe8,
82 0x6a, 0xb5, 0xa6, 0x96, 0xc4, 0x5a, 0xfb, 0x2f,
83 0xcf, 0x86, 0x12, 0x21, 0x9b, 0x06, 0xd3, 0x6b,
84 0xe5, 0x06, 0x5c, 0xd5, 0x22, 0x15, 0x0b, 0x7e,
85 0xd3, 0x67, 0x92, 0x93, 0x79, 0xf4, 0xc1, 0x6d,
86 0x22, 0x3c, 0x7c, 0x46, 0xc6, 0xc4, 0x43, 0x86,
87 0x13, 0x9d, 0x22,
88 };
89
90 const char *ec_test_key =
91 "-----BEGIN EC PRIVATE KEY-----\n"
92 "MHcCAQEEIEDkF84aPdBNu4vbPE+QV3EP9ULp4Enr1N0lz4vzuc2boAoGCCqGSM49\n"
93 "AwEHoUQDQgAEUQGHBjYwbfHvI3QqdDy8ftNU5UvQqh6TH6upIrtz4CVccxnWO2+s\n"
94 "qSMOu1z5KnGIOVf2kLQ2S2iMahyFMezr8g==\n"
95 "-----END EC PRIVATE KEY-----\n";
96
97 unsigned char ec_test_asn1_pubkey[] = {
98 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
99 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a,
100 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03,
101 0x42, 0x00, 0x04, 0x51, 0x01, 0x87, 0x06, 0x36,
102 0x30, 0x6d, 0xf1, 0xef, 0x23, 0x74, 0x2a, 0x74,
103 0x3c, 0xbc, 0x7e, 0xd3, 0x54, 0xe5, 0x4b, 0xd0,
104 0xaa, 0x1e, 0x93, 0x1f, 0xab, 0xa9, 0x22, 0xbb,
105 0x73, 0xe0, 0x25, 0x5c, 0x73, 0x19, 0xd6, 0x3b,
106 0x6f, 0xac, 0xa9, 0x23, 0x0e, 0xbb, 0x5c, 0xf9,
107 0x2a, 0x71, 0x88, 0x39, 0x57, 0xf6, 0x90, 0xb4,
108 0x36, 0x4b, 0x68, 0x8c, 0x6a, 0x1c, 0x85, 0x31,
109 0xec, 0xeb, 0xf2,
110 };
111
112 const char *rsa_test_key =
113 "-----BEGIN PRIVATE KEY-----\n"
114 "MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEA4Fs6ljFFQw/ElDf5\n"
115 "LTghVw972PVpQuKPQvwb1cWbV3+7W5sXOcoM/RvwzO7WeppkeltVCBoKaQd+9e2Z\n"
116 "BHtYhwIDAQABAkEAhWv7dWIrrGvuHa8D0i51NU8R+b5IMOyHAfDnpMN1VByWcBdb\n"
117 "G7ZJsEYlO1Tbx1zFQOVyrDUY2hn0YttPjWys0QIhAP9+FRhHCYye/EY14zSa+lxb\n"
118 "ljOPjWgddMdJBcPOVNUNAiEA4M1QUtIcTnTnfvcxvEBIhbmSR8fRvZYAeT5EoTKM\n"
119 "puMCIQD9898X8JRHWEg9qZabVWiBoO+ddJUD5jOLWsQGKvMbiQIgBOQyxTqRJxvg\n"
120 "FaEnUeNMMKyzBCDS7X8gD4NNVvyUluUCIQC/lnO9xYi6S4BFMwHFEUY0jLr5vgsR\n"
121 "+esRU9dLkMqt+w==\n"
122 "-----END PRIVATE KEY-----\n";
123
124 unsigned char rsa_test_asn1_pubkey[] = {
125 0x30, 0x5c, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86,
126 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
127 0x00, 0x03, 0x4b, 0x00, 0x30, 0x48, 0x02, 0x41,
128 0x00, 0xe0, 0x5b, 0x3a, 0x96, 0x31, 0x45, 0x43,
129 0x0f, 0xc4, 0x94, 0x37, 0xf9, 0x2d, 0x38, 0x21,
130 0x57, 0x0f, 0x7b, 0xd8, 0xf5, 0x69, 0x42, 0xe2,
131 0x8f, 0x42, 0xfc, 0x1b, 0xd5, 0xc5, 0x9b, 0x57,
132 0x7f, 0xbb, 0x5b, 0x9b, 0x17, 0x39, 0xca, 0x0c,
133 0xfd, 0x1b, 0xf0, 0xcc, 0xee, 0xd6, 0x7a, 0x9a,
134 0x64, 0x7a, 0x5b, 0x55, 0x08, 0x1a, 0x0a, 0x69,
135 0x07, 0x7e, 0xf5, 0xed, 0x99, 0x04, 0x7b, 0x58,
136 0x87, 0x02, 0x03, 0x01, 0x00, 0x01,
137 };
138
139 const char dh_test_key[] =
140 "-----BEGIN PRIVATE KEY-----\n"
141 "MIICJgIBADCCARcGCSqGSIb3DQEDATCCAQgCggEBAIXmHiRswMxVCnVzq4GuaErl\n"
142 "2fBPDquOzFaxd/YSN7tVxnz3wcMNfBsHZWqtAXxTBWeyt8ydHcrIWx4EB3XTSwSi\n"
143 "Jqh3CEcFhDfqKdo/u7vffxG+43lEsvZZIzZHYMcYsHIpcERRoAu0xnqjHUQTkvoi\n"
144 "w7ukbuWr28bJrncPaxFGC8zZvLhSnUst5yzdyAsIddQvHgYBdCn2UEbz6qBx8gvJ\n"
145 "lb3Jv1BiVJJ0odL94vpNXRGNZ57PPm5Xlj/n8l8LHpzzxbtjc52MVYbMPpVuWzmv\n"
146 "2nWV0eL14708S/XG6e2AWGKb8AX8hCitdtVQ28SbEsf8Yd1dyWNo++oedFvU49sC\n"
147 "AQIEggEEAoIBAGywTP/vBwEeuWIgTPnBf1/jWQgfFA5no3HdRIQsHVgo2EEZHErS\n"
148 "X82hALavaUTEu+pHu+/yv3BLPr/8Lau6O7LOiqeXMjYX4HtSNmLZIEjugd1aCyCp\n"
149 "n+jZjIHQCG0fvnwWFqkKTADe4n4DUz5qxuHYmlFY4NsdMj5yARAh9mn7hqwYX+Mf\n"
150 "WhHLhHIHngXKNs7vKdHH/guo638uL6dv6OuTS0wbBsjLMFvQvccVlVUWlUFkH6I8\n"
151 "GFt8kAFLdrzz8+oMq3hHsoWIrDSp0GYq6keSu3pBj4q2mTP7ugUU8ag/dZnga5sB\n"
152 "Mdt2hicktiw/mQZP578plm6z2Lg0gl5yLxk=\n"
153 "-----END PRIVATE KEY-----\n";
154
155 const unsigned char dh_test_asn1_pubkey[] = {
156 0x30, 0x82, 0x02, 0x24, 0x30, 0x82, 0x01, 0x17,
157 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
158 0x01, 0x03, 0x01, 0x30, 0x82, 0x01, 0x08, 0x02,
159 0x82, 0x01, 0x01, 0x00, 0x85, 0xe6, 0x1e, 0x24,
160 0x6c, 0xc0, 0xcc, 0x55, 0x0a, 0x75, 0x73, 0xab,
161 0x81, 0xae, 0x68, 0x4a, 0xe5, 0xd9, 0xf0, 0x4f,
162 0x0e, 0xab, 0x8e, 0xcc, 0x56, 0xb1, 0x77, 0xf6,
163 0x12, 0x37, 0xbb, 0x55, 0xc6, 0x7c, 0xf7, 0xc1,
164 0xc3, 0x0d, 0x7c, 0x1b, 0x07, 0x65, 0x6a, 0xad,
165 0x01, 0x7c, 0x53, 0x05, 0x67, 0xb2, 0xb7, 0xcc,
166 0x9d, 0x1d, 0xca, 0xc8, 0x5b, 0x1e, 0x04, 0x07,
167 0x75, 0xd3, 0x4b, 0x04, 0xa2, 0x26, 0xa8, 0x77,
168 0x08, 0x47, 0x05, 0x84, 0x37, 0xea, 0x29, 0xda,
169 0x3f, 0xbb, 0xbb, 0xdf, 0x7f, 0x11, 0xbe, 0xe3,
170 0x79, 0x44, 0xb2, 0xf6, 0x59, 0x23, 0x36, 0x47,
171 0x60, 0xc7, 0x18, 0xb0, 0x72, 0x29, 0x70, 0x44,
172 0x51, 0xa0, 0x0b, 0xb4, 0xc6, 0x7a, 0xa3, 0x1d,
173 0x44, 0x13, 0x92, 0xfa, 0x22, 0xc3, 0xbb, 0xa4,
174 0x6e, 0xe5, 0xab, 0xdb, 0xc6, 0xc9, 0xae, 0x77,
175 0x0f, 0x6b, 0x11, 0x46, 0x0b, 0xcc, 0xd9, 0xbc,
176 0xb8, 0x52, 0x9d, 0x4b, 0x2d, 0xe7, 0x2c, 0xdd,
177 0xc8, 0x0b, 0x08, 0x75, 0xd4, 0x2f, 0x1e, 0x06,
178 0x01, 0x74, 0x29, 0xf6, 0x50, 0x46, 0xf3, 0xea,
179 0xa0, 0x71, 0xf2, 0x0b, 0xc9, 0x95, 0xbd, 0xc9,
180 0xbf, 0x50, 0x62, 0x54, 0x92, 0x74, 0xa1, 0xd2,
181 0xfd, 0xe2, 0xfa, 0x4d, 0x5d, 0x11, 0x8d, 0x67,
182 0x9e, 0xcf, 0x3e, 0x6e, 0x57, 0x96, 0x3f, 0xe7,
183 0xf2, 0x5f, 0x0b, 0x1e, 0x9c, 0xf3, 0xc5, 0xbb,
184 0x63, 0x73, 0x9d, 0x8c, 0x55, 0x86, 0xcc, 0x3e,
185 0x95, 0x6e, 0x5b, 0x39, 0xaf, 0xda, 0x75, 0x95,
186 0xd1, 0xe2, 0xf5, 0xe3, 0xbd, 0x3c, 0x4b, 0xf5,
187 0xc6, 0xe9, 0xed, 0x80, 0x58, 0x62, 0x9b, 0xf0,
188 0x05, 0xfc, 0x84, 0x28, 0xad, 0x76, 0xd5, 0x50,
189 0xdb, 0xc4, 0x9b, 0x12, 0xc7, 0xfc, 0x61, 0xdd,
190 0x5d, 0xc9, 0x63, 0x68, 0xfb, 0xea, 0x1e, 0x74,
191 0x5b, 0xd4, 0xe3, 0xdb, 0x02, 0x01, 0x02, 0x03,
192 0x82, 0x01, 0x05, 0x00, 0x02, 0x82, 0x01, 0x00,
193 0x44, 0x30, 0x25, 0xe2, 0xeb, 0x8f, 0xd0, 0x81,
194 0x96, 0x3e, 0x7d, 0x1d, 0x9b, 0x82, 0x8a, 0x2d,
195 0x0f, 0xb3, 0x2d, 0x9c, 0x2b, 0xb2, 0x88, 0xda,
196 0xc6, 0xef, 0x6c, 0x9d, 0x1c, 0x80, 0xf1, 0xee,
197 0x9d, 0x6b, 0x31, 0xb7, 0xb1, 0x9f, 0x30, 0x0d,
198 0xb7, 0x92, 0xcf, 0x56, 0xeb, 0xfc, 0x91, 0x16,
199 0x35, 0x96, 0x0c, 0x7b, 0x95, 0xbc, 0x65, 0x66,
200 0x10, 0x81, 0x4b, 0x46, 0x04, 0xee, 0x95, 0xca,
201 0xc9, 0x0c, 0xea, 0xc1, 0xd7, 0x3b, 0x83, 0xfb,
202 0xce, 0x76, 0x17, 0xb4, 0x15, 0xad, 0x03, 0xd0,
203 0x00, 0xef, 0xb2, 0xee, 0x12, 0x3f, 0x75, 0xd1,
204 0xb8, 0x6c, 0xfd, 0x87, 0xb5, 0x07, 0xfa, 0x1e,
205 0x60, 0x9b, 0x49, 0x6f, 0x89, 0xc2, 0x75, 0x4d,
206 0x7d, 0x21, 0xdb, 0xb6, 0x85, 0x78, 0xa5, 0x77,
207 0xbe, 0xeb, 0x4d, 0x9e, 0x1c, 0x05, 0xbc, 0x51,
208 0x97, 0x0f, 0xe9, 0x68, 0x78, 0x5a, 0xc8, 0x4e,
209 0xef, 0x72, 0x8f, 0x53, 0x41, 0x0d, 0x57, 0xf2,
210 0xc5, 0x29, 0x33, 0x67, 0xdd, 0x35, 0x43, 0xfc,
211 0x13, 0x49, 0x92, 0x1d, 0x14, 0x92, 0x40, 0x14,
212 0x38, 0x32, 0xdb, 0x14, 0x95, 0x44, 0x2a, 0x03,
213 0xb7, 0x87, 0xa3, 0x5a, 0x5a, 0xe2, 0x3b, 0xc5,
214 0x44, 0xa4, 0x06, 0xf6, 0x14, 0xe6, 0x08, 0x9c,
215 0x51, 0x09, 0x2a, 0xc4, 0x2e, 0x72, 0xb3, 0x20,
216 0x46, 0x77, 0xe2, 0xda, 0x07, 0xd8, 0x10, 0x89,
217 0xcf, 0x2b, 0xef, 0x67, 0xa2, 0x48, 0xfd, 0xa3,
218 0x71, 0x59, 0xf0, 0x89, 0x3a, 0x35, 0x31, 0x87,
219 0xad, 0x45, 0x9e, 0x35, 0xbd, 0x64, 0xec, 0xd1,
220 0xd7, 0xea, 0x92, 0xed, 0x72, 0x9c, 0x81, 0x8e,
221 0x11, 0x4e, 0xa5, 0xe7, 0x12, 0xe3, 0x7c, 0x53,
222 0x2b, 0x31, 0xd4, 0x3d, 0xd5, 0xd9, 0xbd, 0x44,
223 0x27, 0xa3, 0x4a, 0x3f, 0x20, 0x87, 0xce, 0x73,
224 0x0e, 0xa8, 0x90, 0xcd, 0xfe, 0x32, 0x69, 0x9a,
225 };
226
227 static void
hexdump(const unsigned char * buf,size_t len)228 hexdump(const unsigned char *buf, size_t len)
229 {
230 size_t i;
231
232 for (i = 1; i <= len; i++)
233 fprintf(stderr, " 0x%02hhx,%s", buf[i - 1], i % 8 ? "" : "\n");
234
235 fprintf(stderr, "\n");
236 }
237
238 static int
compare_data(const char * label,const unsigned char * d1,size_t d1_len,const unsigned char * d2,size_t d2_len)239 compare_data(const char *label, const unsigned char *d1, size_t d1_len,
240 const unsigned char *d2, size_t d2_len)
241 {
242 if (d1_len != d2_len) {
243 fprintf(stderr, "FAIL: got %s with length %zu, want %zu\n",
244 label, d1_len, d2_len);
245 return -1;
246 }
247 if (memcmp(d1, d2, d1_len) != 0) {
248 fprintf(stderr, "FAIL: %s differs\n", label);
249 fprintf(stderr, "got:\n");
250 hexdump(d1, d1_len);
251 fprintf(stderr, "want:\n");
252 hexdump(d2, d2_len);
253 return -1;
254 }
255 return 0;
256 }
257
258 static int
dh_pubkey_test(void)259 dh_pubkey_test(void)
260 {
261 EVP_PKEY *pkey = NULL;
262 EVP_PKEY *pkey_a = NULL, *pkey_b = NULL;
263 unsigned char *out = NULL, *data = NULL;
264 DH *dh_a = NULL, *dh_b = NULL;
265 const unsigned char *p;
266 BIO *bio_mem = NULL;
267 int failure = 1;
268 int len;
269
270 ERR_clear_error();
271
272 if ((bio_mem = BIO_new_mem_buf(dh_test_key, -1)) == NULL)
273 errx(1, "failed to create BIO");
274
275 if ((pkey = PEM_read_bio_PrivateKey(bio_mem, NULL, NULL, NULL)) == NULL) {
276 ERR_print_errors_fp(stderr);
277 errx(1, "failed to decode DH key from PEM");
278 }
279
280 /*
281 * Test PEM_write_bio_PrivateKey().
282 */
283 BIO_free_all(bio_mem);
284 if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
285 errx(1, "BIO_new failed for BIO_s_mem");
286
287 if (!PEM_write_bio_PrivateKey(bio_mem, pkey, NULL, NULL, 0, 0, NULL)) {
288 fprintf(stderr, "FAIL: PEM_write_bio_PrivateKey failed\n");
289 goto done;
290 }
291
292 len = BIO_get_mem_data(bio_mem, &data);
293 if (compare_data("DH PrivateKey", data, len,
294 dh_test_key, sizeof(dh_test_key) - 1) == -1)
295 goto done;
296
297 /*
298 * Test i2d_PUBKEY/d2i_PUBKEY.
299 */
300
301 if ((dh_a = EVP_PKEY_get1_DH(pkey)) == NULL) {
302 ERR_print_errors_fp(stderr);
303 errx(1, "failed to get1 DH key from PEM");
304 }
305
306 if ((pkey_a = EVP_PKEY_new()) == NULL)
307 errx(1, "failed to create EVP_PKEY");
308 if (!EVP_PKEY_set1_DH(pkey_a, dh_a))
309 errx(1, "failed to set DH on EVP_PKEY");
310
311 if ((len = i2d_PUBKEY(pkey_a, &out)) < 0) {
312 fprintf(stderr, "FAIL: i2d_PUBKEY failed\n");
313 goto done;
314 }
315 if (compare_data("DH PUBKEY", out, len, dh_test_asn1_pubkey,
316 sizeof(dh_test_asn1_pubkey)) == -1)
317 goto done;
318
319 p = out;
320 if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
321 fprintf(stderr, "FAIL: d2i_PUBKEY failed\n");
322 goto done;
323 }
324
325 if (BN_cmp(DH_get0_pub_key(EVP_PKEY_get0_DH(pkey_a)),
326 DH_get0_pub_key(EVP_PKEY_get0_DH(pkey_b))) != 0) {
327 fprintf(stderr, "FAIL: DH public keys mismatch\n");
328 goto done;
329 }
330
331 failure = 0;
332
333 done:
334 BIO_free_all(bio_mem);
335 EVP_PKEY_free(pkey);
336 DH_free(dh_a);
337 DH_free(dh_b);
338 EVP_PKEY_free(pkey_a);
339 EVP_PKEY_free(pkey_b);
340 free(out);
341
342 return failure;
343 }
344
345 static int
dsa_pubkey_test(void)346 dsa_pubkey_test(void)
347 {
348 EVP_PKEY *pkey_a = NULL, *pkey_b = NULL;
349 unsigned char *out = NULL, *data = NULL;
350 DSA *dsa_a = NULL, *dsa_b = NULL;
351 const unsigned char *p;
352 BIO *bio_mem = NULL;
353 int failure = 1;
354 int len, ret;
355
356 ERR_clear_error();
357
358 if ((bio_mem = BIO_new_mem_buf((void *)dsa_test_key, -1)) == NULL)
359 errx(1, "failed to create BIO");
360
361 if ((dsa_a = PEM_read_bio_DSAPrivateKey(bio_mem, NULL, NULL, NULL)) == NULL) {
362 ERR_print_errors_fp(stderr);
363 errx(1, "failed to decode DSA key from PEM");
364 }
365
366 /*
367 * Test i2d_PUBKEY/d2i_PUBKEY.
368 */
369 if ((pkey_a = EVP_PKEY_new()) == NULL)
370 errx(1, "failed to create EVP_PKEY");
371 if (!EVP_PKEY_set1_DSA(pkey_a, dsa_a))
372 errx(1, "failed to set DSA on EVP_PKEY");
373
374 if ((len = i2d_PUBKEY(pkey_a, &out)) < 0) {
375 fprintf(stderr, "FAIL: i2d_PUBKEY failed\n");
376 goto done;
377 }
378 if (compare_data("DSA PUBKEY", out, len, dsa_test_asn1_pubkey,
379 sizeof(dsa_test_asn1_pubkey)) == -1)
380 goto done;
381
382 p = out;
383 if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
384 fprintf(stderr, "FAIL: d2i_PUBKEY failed\n");
385 goto done;
386 }
387
388 if (BN_cmp(DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_a)),
389 DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_b))) != 0) {
390 fprintf(stderr, "FAIL: DSA public keys mismatch\n");
391 goto done;
392 }
393
394 if (EVP_PKEY_missing_parameters(pkey_b)) {
395 fprintf(stderr, "FAIL: DSA pkey_b has missing parameters\n");
396 goto done;
397 }
398
399 if (!EVP_PKEY_cmp_parameters(pkey_a, pkey_b)) {
400 fprintf(stderr, "FAIL: DSA parameters mismatch\n");
401 goto done;
402 }
403
404 /*
405 * Check save_parameters defaults - EVP_PKEY_save_parameters() returns
406 * the current save_parameters; mode -1 inspects without setting.
407 */
408 if ((ret = EVP_PKEY_save_parameters(pkey_b, 0)) != 1) {
409 fprintf(stderr, "FAIL: DSA save_parameters want 1, got %d\n", ret);
410 goto done;
411 }
412 if ((ret = EVP_PKEY_save_parameters(pkey_b, -1)) != 0) {
413 fprintf(stderr, "FAIL: DSA save_parameters want 0, got %d\n", ret);
414 goto done;
415 }
416
417 free(out);
418 out = NULL;
419
420 if ((len = i2d_PUBKEY(pkey_b, &out)) < 0) {
421 fprintf(stderr, "FAIL: i2d_PUBKEY (no params) failed\n");
422 goto done;
423 }
424
425 if (compare_data("PUBKEY (no params)", dsa_test_asn1_pubkey_noparams,
426 sizeof(dsa_test_asn1_pubkey_noparams), out, len) == -1)
427 goto done;
428
429 EVP_PKEY_free(pkey_b);
430
431 p = out;
432 if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
433 fprintf(stderr, "FAIL: d2i_PUBKEY (no params) failed\n");
434 goto done;
435 }
436
437 if (!EVP_PKEY_missing_parameters(pkey_b)) {
438 fprintf(stderr, "FAIL: DSA pkey_b has no missing parameters\n");
439 goto done;
440 }
441
442 if (BN_cmp(DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_a)),
443 DSA_get0_pub_key(EVP_PKEY_get0_DSA(pkey_b))) != 0) {
444 fprintf(stderr, "FAIL: DSA public keys mismatch\n");
445 goto done;
446 }
447
448 if (EVP_PKEY_cmp_parameters(pkey_a, pkey_b)) {
449 fprintf(stderr, "FAIL: DSA parameters match\n");
450 goto done;
451 }
452
453 if (EVP_PKEY_cmp(pkey_a, pkey_b)) {
454 fprintf(stderr, "FAIL: DSA keys should not match\n");
455 goto done;
456 }
457
458 if (!EVP_PKEY_copy_parameters(pkey_b, pkey_a)) {
459 fprintf(stderr, "FAIL: failed to copy DSA parameters\n");
460 goto done;
461 }
462
463 if (!EVP_PKEY_cmp(pkey_a, pkey_b)) {
464 fprintf(stderr, "FAIL: DSA keys should match\n");
465 goto done;
466 }
467
468 free(out);
469 out = NULL;
470
471 /*
472 * Test i2d_DSA_PUBKEY/d2i_DSA_PUBKEY.
473 */
474
475 if ((len = i2d_DSA_PUBKEY(dsa_a, &out)) < 0) {
476 fprintf(stderr, "FAIL: i2d_DSA_PUBKEY failed\n");
477 goto done;
478 }
479 if (compare_data("DSA_PUBKEY", out, len, dsa_test_asn1_pubkey,
480 sizeof(dsa_test_asn1_pubkey)) == -1)
481 goto done;
482
483 p = out;
484 if ((dsa_b = d2i_DSA_PUBKEY(NULL, &p, len)) == NULL) {
485 fprintf(stderr, "FAIL: d2i_DSA_PUBKEY failed\n");
486 goto done;
487 }
488
489 if (BN_cmp(DSA_get0_pub_key(dsa_a), DSA_get0_pub_key(dsa_b)) != 0) {
490 fprintf(stderr, "FAIL: DSA public keys mismatch\n");
491 goto done;
492 }
493
494 p = out;
495 if ((dsa_a = d2i_DSA_PUBKEY(&dsa_a, &p, len)) == NULL) {
496 fprintf(stderr, "FAIL: d2i_DSA_PUBKEY failed\n");
497 goto done;
498 }
499
500 if (BN_cmp(DSA_get0_pub_key(dsa_a), DSA_get0_pub_key(dsa_b)) != 0) {
501 fprintf(stderr, "FAIL: DSA public keys mismatch\n");
502 goto done;
503 }
504
505 /*
506 * Test i2d_DSA_PUBKEY_bio/d2i_DSA_PUBKEY_bio.
507 */
508 BIO_free_all(bio_mem);
509 if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
510 errx(1, "BIO_new failed for BIO_s_mem");
511
512 if ((len = i2d_DSA_PUBKEY_bio(bio_mem, dsa_a)) < 0) {
513 fprintf(stderr, "FAIL: i2d_DSA_PUBKEY_bio failed\n");
514 goto done;
515 }
516
517 len = BIO_get_mem_data(bio_mem, &data);
518 if (compare_data("DSA_PUBKEY", data, len, dsa_test_asn1_pubkey,
519 sizeof(dsa_test_asn1_pubkey)) == -1)
520 goto done;
521
522 DSA_free(dsa_b);
523 if ((dsa_b = d2i_DSA_PUBKEY_bio(bio_mem, NULL)) == NULL) {
524 fprintf(stderr, "FAIL: d2i_DSA_PUBKEY_bio failed\n");
525 goto done;
526 }
527
528 if (BN_cmp(DSA_get0_pub_key(dsa_a), DSA_get0_pub_key(dsa_b)) != 0) {
529 fprintf(stderr, "FAIL: DSA public keys mismatch\n");
530 goto done;
531 }
532
533 failure = 0;
534
535 done:
536 BIO_free_all(bio_mem);
537 DSA_free(dsa_a);
538 DSA_free(dsa_b);
539 EVP_PKEY_free(pkey_a);
540 EVP_PKEY_free(pkey_b);
541 free(out);
542
543 return (failure);
544 }
545
546 static int
ec_pubkey_test(void)547 ec_pubkey_test(void)
548 {
549 EVP_PKEY *pkey_a = NULL, *pkey_b = NULL;
550 unsigned char *out = NULL, *data = NULL;
551 EC_KEY *ec_a = NULL, *ec_b = NULL;
552 const unsigned char *p;
553 BIO *bio_mem = NULL;
554 int failure = 1;
555 int len;
556
557 ERR_clear_error();
558
559 if ((bio_mem = BIO_new_mem_buf((void *)ec_test_key, -1)) == NULL)
560 errx(1, "failed to create BIO");
561
562 if ((ec_a = PEM_read_bio_ECPrivateKey(bio_mem, NULL, NULL, NULL)) == NULL) {
563 ERR_print_errors_fp(stderr);
564 errx(1, "failed to decode EC key from PEM");
565 }
566
567 /*
568 * Test i2d_PUBKEY/d2i_PUBKEY.
569 */
570 if ((pkey_a = EVP_PKEY_new()) == NULL)
571 errx(1, "failed to create EVP_PKEY");
572 if (!EVP_PKEY_set1_EC_KEY(pkey_a, ec_a))
573 errx(1, "failed to set EC_KEY on EVP_PKEY");
574
575 if ((len = i2d_PUBKEY(pkey_a, &out)) < 0) {
576 fprintf(stderr, "FAIL: i2d_PUBKEY failed\n");
577 goto done;
578 }
579 if (compare_data("EC_KEY PUBKEY", out, len, ec_test_asn1_pubkey,
580 sizeof(ec_test_asn1_pubkey)) == -1)
581 goto done;
582
583 p = out;
584 if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
585 fprintf(stderr, "FAIL: d2i_PUBKEY failed\n");
586 goto done;
587 }
588
589 if (EC_GROUP_cmp(EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey_a)),
590 EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey_b)), NULL) != 0) {
591 fprintf(stderr, "FAIL: EC_KEY groups keys mismatch\n");
592 goto done;
593 }
594 if (EC_POINT_cmp(EC_KEY_get0_group(EVP_PKEY_get0_EC_KEY(pkey_a)),
595 EC_KEY_get0_public_key(EVP_PKEY_get0_EC_KEY(pkey_a)),
596 EC_KEY_get0_public_key(EVP_PKEY_get0_EC_KEY(pkey_b)), NULL) != 0) {
597 fprintf(stderr, "FAIL: EC_KEY public keys mismatch\n");
598 goto done;
599 }
600
601 free(out);
602 out = NULL;
603
604 /*
605 * Test i2d_EC_PUBKEY/d2i_EC_PUBKEY.
606 */
607
608 if ((len = i2d_EC_PUBKEY(ec_a, &out)) < 0) {
609 fprintf(stderr, "FAIL: i2d_EC_PUBKEY failed\n");
610 goto done;
611 }
612 if (compare_data("EC_PUBKEY", out, len, ec_test_asn1_pubkey,
613 sizeof(ec_test_asn1_pubkey)) == -1)
614 goto done;
615
616 p = out;
617 if ((ec_b = d2i_EC_PUBKEY(NULL, &p, len)) == NULL) {
618 fprintf(stderr, "FAIL: d2i_EC_PUBKEY failed\n");
619 goto done;
620 }
621
622 if (EC_GROUP_cmp(EC_KEY_get0_group(ec_a), EC_KEY_get0_group(ec_b),
623 NULL) != 0) {
624 fprintf(stderr, "FAIL: EC_KEY groups keys mismatch\n");
625 goto done;
626 }
627 if (EC_POINT_cmp(EC_KEY_get0_group(ec_a), EC_KEY_get0_public_key(ec_a),
628 EC_KEY_get0_public_key(ec_b), NULL) != 0) {
629 fprintf(stderr, "FAIL: EC_KEY public keys mismatch\n");
630 goto done;
631 }
632
633 p = out;
634 if ((ec_a = d2i_EC_PUBKEY(&ec_a, &p, len)) == NULL) {
635 fprintf(stderr, "FAIL: d2i_EC_PUBKEY failed\n");
636 goto done;
637 }
638
639 if (EC_GROUP_cmp(EC_KEY_get0_group(ec_a), EC_KEY_get0_group(ec_b),
640 NULL) != 0) {
641 fprintf(stderr, "FAIL: EC_KEY groups keys mismatch\n");
642 goto done;
643 }
644 if (EC_POINT_cmp(EC_KEY_get0_group(ec_a), EC_KEY_get0_public_key(ec_a),
645 EC_KEY_get0_public_key(ec_b), NULL) != 0) {
646 fprintf(stderr, "FAIL: EC_KEY public keys mismatch\n");
647 goto done;
648 }
649
650 /*
651 * Test i2d_EC_PUBKEY_bio/d2i_EC_PUBKEY_bio.
652 */
653 BIO_free_all(bio_mem);
654 if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
655 errx(1, "BIO_new failed for BIO_s_mem");
656
657 if ((len = i2d_EC_PUBKEY_bio(bio_mem, ec_a)) < 0) {
658 fprintf(stderr, "FAIL: i2d_EC_PUBKEY_bio failed\n");
659 goto done;
660 }
661
662 len = BIO_get_mem_data(bio_mem, &data);
663 if (compare_data("EC_PUBKEY", data, len, ec_test_asn1_pubkey,
664 sizeof(ec_test_asn1_pubkey)) == -1)
665 goto done;
666
667 EC_KEY_free(ec_b);
668 if ((ec_b = d2i_EC_PUBKEY_bio(bio_mem, NULL)) == NULL) {
669 fprintf(stderr, "FAIL: d2i_EC_PUBKEY_bio failed\n");
670 goto done;
671 }
672
673 if (EC_GROUP_cmp(EC_KEY_get0_group(ec_a), EC_KEY_get0_group(ec_b),
674 NULL) != 0) {
675 fprintf(stderr, "FAIL: EC_KEY groups keys mismatch\n");
676 goto done;
677 }
678 if (EC_POINT_cmp(EC_KEY_get0_group(ec_a), EC_KEY_get0_public_key(ec_a),
679 EC_KEY_get0_public_key(ec_b), NULL) != 0) {
680 fprintf(stderr, "FAIL: EC_KEY public keys mismatch\n");
681 goto done;
682 }
683
684 failure = 0;
685
686 done:
687 BIO_free_all(bio_mem);
688 EC_KEY_free(ec_a);
689 EC_KEY_free(ec_b);
690 EVP_PKEY_free(pkey_a);
691 EVP_PKEY_free(pkey_b);
692 free(out);
693
694 return (failure);
695 }
696
697 static int
rsa_pubkey_test(void)698 rsa_pubkey_test(void)
699 {
700 EVP_PKEY *pkey_a = NULL, *pkey_b = NULL;
701 RSA *rsa_a = NULL, *rsa_b = NULL;
702 unsigned char *out = NULL, *data = NULL;
703 const unsigned char *p;
704 BIO *bio_mem = NULL;
705 int failure = 1;
706 int len;
707
708 ERR_clear_error();
709
710 if ((bio_mem = BIO_new_mem_buf((void *)rsa_test_key, -1)) == NULL)
711 errx(1, "failed to create BIO");
712
713 if ((rsa_a = PEM_read_bio_RSAPrivateKey(bio_mem, NULL, NULL, NULL)) == NULL) {
714 ERR_print_errors_fp(stderr);
715 errx(1, "failed to decode RSA key from PEM");
716 }
717
718 /*
719 * Test i2d_PUBKEY/d2i_PUBKEY.
720 */
721 if ((pkey_a = EVP_PKEY_new()) == NULL)
722 errx(1, "failed to create EVP_PKEY");
723 if (!EVP_PKEY_set1_RSA(pkey_a, rsa_a))
724 errx(1, "failed to set RSA on EVP_PKEY");
725
726 if ((len = i2d_PUBKEY(pkey_a, &out)) < 0) {
727 fprintf(stderr, "FAIL: i2d_PUBKEY failed\n");
728 goto done;
729 }
730 if (compare_data("RSA PUBKEY", out, len, rsa_test_asn1_pubkey,
731 sizeof(rsa_test_asn1_pubkey)) == -1)
732 goto done;
733
734 p = out;
735 if ((pkey_b = d2i_PUBKEY(NULL, &p, len)) == NULL) {
736 fprintf(stderr, "FAIL: d2i_PUBKEY failed\n");
737 goto done;
738 }
739
740 if (BN_cmp(RSA_get0_n(EVP_PKEY_get0_RSA(pkey_a)),
741 RSA_get0_n(EVP_PKEY_get0_RSA(pkey_b))) != 0 ||
742 BN_cmp(RSA_get0_e(EVP_PKEY_get0_RSA(pkey_a)),
743 RSA_get0_e(EVP_PKEY_get0_RSA(pkey_b))) != 0) {
744 fprintf(stderr, "FAIL: RSA public keys mismatch\n");
745 goto done;
746 }
747
748 free(out);
749 out = NULL;
750
751 /*
752 * Test i2d_RSA_PUBKEY/d2i_RSA_PUBKEY.
753 */
754
755 if ((len = i2d_RSA_PUBKEY(rsa_a, &out)) < 0) {
756 fprintf(stderr, "FAIL: i2d_RSA_PUBKEY failed\n");
757 goto done;
758 }
759 if (compare_data("RSA_PUBKEY", out, len, rsa_test_asn1_pubkey,
760 sizeof(rsa_test_asn1_pubkey)) == -1)
761 goto done;
762
763 p = out;
764 if ((rsa_b = d2i_RSA_PUBKEY(NULL, &p, len)) == NULL) {
765 fprintf(stderr, "FAIL: d2i_RSA_PUBKEY failed\n");
766 goto done;
767 }
768
769 if (BN_cmp(RSA_get0_n(rsa_a), RSA_get0_n(rsa_b)) != 0 ||
770 BN_cmp(RSA_get0_e(rsa_a), RSA_get0_e(rsa_b)) != 0) {
771 fprintf(stderr, "FAIL: RSA public keys mismatch\n");
772 goto done;
773 }
774
775 p = out;
776 if ((rsa_a = d2i_RSA_PUBKEY(&rsa_a, &p, len)) == NULL) {
777 fprintf(stderr, "FAIL: d2i_RSA_PUBKEY failed\n");
778 goto done;
779 }
780
781 if (BN_cmp(RSA_get0_n(rsa_a), RSA_get0_n(rsa_b)) != 0 ||
782 BN_cmp(RSA_get0_e(rsa_a), RSA_get0_e(rsa_b)) != 0) {
783 fprintf(stderr, "FAIL: RSA public keys mismatch\n");
784 goto done;
785 }
786
787 /*
788 * Test i2d_RSA_PUBKEY_bio/d2i_RSA_PUBKEY_bio.
789 */
790 BIO_free_all(bio_mem);
791 if ((bio_mem = BIO_new(BIO_s_mem())) == NULL)
792 errx(1, "BIO_new failed for BIO_s_mem");
793
794 if ((len = i2d_RSA_PUBKEY_bio(bio_mem, rsa_a)) < 0) {
795 fprintf(stderr, "FAIL: i2d_RSA_PUBKEY_bio failed\n");
796 goto done;
797 }
798
799 len = BIO_get_mem_data(bio_mem, &data);
800 if (compare_data("RSA_PUBKEY", data, len, rsa_test_asn1_pubkey,
801 sizeof(rsa_test_asn1_pubkey)) == -1)
802 goto done;
803
804 RSA_free(rsa_b);
805 if ((rsa_b = d2i_RSA_PUBKEY_bio(bio_mem, NULL)) == NULL) {
806 fprintf(stderr, "FAIL: d2i_RSA_PUBKEY_bio failed\n");
807 goto done;
808 }
809
810 if (BN_cmp(RSA_get0_n(rsa_a), RSA_get0_n(rsa_b)) != 0 ||
811 BN_cmp(RSA_get0_e(rsa_a), RSA_get0_e(rsa_b)) != 0) {
812 fprintf(stderr, "FAIL: RSA public keys mismatch\n");
813 goto done;
814 }
815
816 failure = 0;
817
818 done:
819 BIO_free_all(bio_mem);
820 RSA_free(rsa_a);
821 RSA_free(rsa_b);
822 EVP_PKEY_free(pkey_a);
823 EVP_PKEY_free(pkey_b);
824 free(out);
825
826 return (failure);
827 }
828
829 int
main(int argc,char ** argv)830 main(int argc, char **argv)
831 {
832 int failed = 0;
833
834 ERR_load_crypto_strings();
835
836 failed |= dh_pubkey_test();
837 failed |= dsa_pubkey_test();
838 failed |= ec_pubkey_test();
839 failed |= rsa_pubkey_test();
840
841 return (failed);
842 }
843