| # |
| # Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. |
| # |
| # Licensed under the Apache License 2.0 (the "License"). You may not use |
| # this file except in compliance with the License. You can obtain a copy |
| # in the file LICENSE in the source distribution or at |
| # https://www.openssl.org/source/license.html |
| |
| # Tests start with one of these keywords |
| # Cipher Decrypt Derive Digest Encoding KDF MAC PBE |
| # PrivPubKeyPair Sign Verify VerifyRecover |
| # and continue until a blank line. Lines starting with a pound sign are ignored. |
| # The keyword Availablein must appear before the test name if needed. |
| |
| # Public key algorithm tests |
| |
| # Private keys used for PKEY operations. |
| |
| # EC P-256 key |
| |
| PrivateKey=P-256 |
| -----BEGIN PRIVATE KEY----- |
| MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgiocvtiiTxNH/xbnw |
| +RdYBp+DUuCPoFpJ+NuSbLVyhyWhRANCAAQsFQ9CnOcPIWwlLPXgYs4fY5zV0WXH |
| +JQkBywnGX14szuSDpXNtmTpkNzwz+oNlOKo5q+dDlgFbmUxBJJbn+bJ |
| -----END PRIVATE KEY----- |
| |
| # EC public key for above |
| |
| PublicKey=P-256-PUBLIC |
| -----BEGIN PUBLIC KEY----- |
| MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUPQpznDyFsJSz14GLOH2Oc1dFl |
| x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== |
| -----END PUBLIC KEY----- |
| |
| PrivPubKeyPair = P-256:P-256-PUBLIC |
| |
| Title = ECDSA tests |
| |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1234" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 |
| |
| # Digest too long |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF12345" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 |
| Result = VERIFY_ERROR |
| |
| # Digest too short |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF123" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 |
| Result = VERIFY_ERROR |
| |
| # Digest invalid |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1235" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 |
| Result = VERIFY_ERROR |
| |
| # Invalid signature |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1234" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec7 |
| Result = VERIFY_ERROR |
| |
| # Garbage after signature |
| Availablein = default |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1234" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec800 |
| Result = VERIFY_ERROR |
| |
| # BER signature |
| Verify = P-256 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1234" |
| Output = 3080022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec80000 |
| Result = VERIFY_ERROR |
| |
| Verify = P-256-PUBLIC |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1234" |
| Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 |
| |
| Title = DigestSign and DigestVerify |
| |
| DigestVerify = SHA256 |
| Key = P-256-PUBLIC |
| Input = "Hello World" |
| Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 |
| |
| # Oneshot tests |
| OneShotDigestVerify = SHA256 |
| Key = P-256-PUBLIC |
| Input = "Hello World" |
| Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 |
| |
| # Test that mdsize != tbssize fails |
| Sign = P-256 |
| Ctrl = digest:SHA256 |
| Input = "0123456789ABCDEF1234" |
| Result = KEYOP_ERROR |
| |
| PrivateKey = P-256_NAMED_CURVE_EXPLICIT |
| -----BEGIN PRIVATE KEY----- |
| MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB |
| AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA |
| ///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV |
| AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg |
| 9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A |
| AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgiUTxtr5vLVjj |
| 0BOXUa/4r82DJ30QoupYS/wlilW4gWehRANCAATM0n3q2UaDyaQ7OxzJM3B6prhW |
| 3ev1gTwRBduzqqlwd54AUSgI+pjttW8zrWNitO8H1sf59MPWOESKxNtZ1+Nl |
| -----END PRIVATE KEY----- |
| |
| PrivateKey = EC_EXPLICIT |
| -----BEGIN PRIVATE KEY----- |
| MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB |
| AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA |
| ///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV |
| AMSdNgiG5wSTamZ44ROdJreBn36QBEEE5JcIvn36opqjEm/k59Al40rBAxWM2TPG |
| l0L13Je51zHpfXQ9Z2o7IQicMXP4wSfJ0qCgg2bgydqoxlYrlLGuVQIhAP////8A |
| AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQgec92jwduadCk |
| OjoNRI+YT5Be5TkzZXzYCyTLkMOikDmhRANCAATtECEhQbLEaiUj/Wu0qjcr81lL |
| 46dx5zYgArz/iaSNJ3W80oO+F7v04jlQ7wxQzg96R0bwKiMeq5CcW9ZFt6xg |
| -----END PRIVATE KEY----- |
| |
| PrivateKey = B-163 |
| -----BEGIN PRIVATE KEY----- |
| MGMCAQAwEAYHKoZIzj0CAQYFK4EEAA8ETDBKAgEBBBUDnQW0mLiHVha/jqFznX/K |
| DnVlDgChLgMsAAQB1qZ00fPIct+QN8skv1XIHtBNp3EGLytJV0tsAUTYtGhtrzRj |
| e3GzYyg= |
| -----END PRIVATE KEY----- |
| |
| PrivateKey = secp256k1 |
| -----BEGIN PRIVATE KEY----- |
| MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgsLpFV9joHc0bisyV53XL |
| mrG6/Gu6ZaHoXtKP/VFX44ehRANCAARLYWGgp5nP4N8guypLSbYGCVN6ZPCnWW4x |
| srYkcpdbxr4neRT3zC62keCKgPbJf5SIHkJ2Tcaw6hVSrBOUFtix |
| -----END PRIVATE KEY----- |
| |
| Title = FIPS tests |
| |
| # Test that a nist curve with < 112 bits is allowed in fips mode for verifying |
| DigestVerify = SHA256 |
| Key = B-163 |
| Input = "Hello World" |
| Output = 302e0215027bb891747468b4b59ca2a2bf8f42d29d08866cf5021502cc311b25e9a2168e42240b07a6071070f687eb3b |
| |
| # Test that a nist curve with SHA3 is allowed in fips mode |
| # The sign will get a mismatch error since the output signature changes on each run |
| DigestSign = SHA3-512 |
| Key = P-256 |
| Input = "Hello World" |
| Result = SIGNATURE_MISMATCH |
| |
| # Test that a explicit curve that is a named curve is allowed in fips mode |
| DigestVerify = SHA256 |
| Key = P-256_NAMED_CURVE_EXPLICIT |
| Input = "Hello World" |
| Output = 30450220796fcf472882ed5779226dcd0217b9d2b9acfe4fa2fb0109c8ee63c63adc1033022100e306c69f7e31b9a5d54eb12ba813cddf4de4af933e4f6cea38a0817d9d831d91 |
| |
| Title = FIPS Negative tests (using different curves and digests) |
| |
| # Test that a explicit curve is not allowed in fips mode |
| Availablein = fips |
| DigestVerify = SHA256 |
| Securitycheck = 1 |
| Key = EC_EXPLICIT |
| Input = "Hello World" |
| Result = DIGESTVERIFYINIT_ERROR |
| |
| # Test that a curve with < 112 bits is not allowed in fips mode for signing |
| Availablein = fips |
| DigestSign = SHA3-512 |
| Securitycheck = 1 |
| Key = B-163 |
| Input = "Hello World" |
| Result = DIGESTSIGNINIT_ERROR |
| |
| # Test that a non nist curve is not allowed in fips mode |
| Availablein = fips |
| DigestSign = SHA3-512 |
| Securitycheck = 1 |
| Key = secp256k1 |
| Input = "Hello World" |
| Result = DIGESTSIGNINIT_ERROR |
| |
| # Test that SHA1 is not allowed in fips mode for signing |
| Availablein = fips |
| DigestSign = SHA1 |
| Securitycheck = 1 |
| Key = B-163 |
| Input = "Hello World" |
| Result = DIGESTSIGNINIT_ERROR |
| |
| # Test that SHA1 is not allowed in fips mode for signing |
| Availablein = fips |
| Sign = P-256 |
| Securitycheck = 1 |
| Ctrl = digest:SHA1 |
| Input = "0123456789ABCDEF1234" |
| Result = PKEY_CTRL_ERROR |
| |
| # Invalid non-approved digest |
| Availablein = fips |
| DigestVerify = MD5 |
| Securitycheck = 1 |
| Key = P-256-PUBLIC |
| Result = DIGESTVERIFYINIT_ERROR |