Google Git
Sign in
flutter / third_party / openssl / 6d0b5ee1d6163732b886bc0567dbce08aeade4c1 / . / test / dhtest.c
blob: 2847c5c03827436f63df847f483a4b9b14d57ef7 [file] [log] [blame]
Rich Salz440e5d82016-05-17 14:20:24 -0400[diff] [blame]1/*
2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3 *
Rich Salz440e5d82016-05-17 14:20:24 -0400[diff] [blame]4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]8 */
9
10#include <stdio.h>
11#include <stdlib.h>
12#include <string.h>
Richard Levitte55f78ba2002-11-28 18:54:30 +0000[diff] [blame]13
14#include "../e_os.h"
15
Bodo Möllerec577821999-04-23 22:13:45 +0000[diff] [blame]16#include <openssl/crypto.h>
17#include <openssl/bio.h>
18#include <openssl/bn.h>
Ulf Möllerb0bb2b92000-01-16 21:07:36 +0000[diff] [blame]19#include <openssl/rand.h>
Geoff Thorpecb784862001-09-25 20:23:40 +0000[diff] [blame]20#include <openssl/err.h>
Ulf Möllerf5d7a031999-04-27 01:14:46 +0000[diff] [blame]21
Richard Levittecf1b7d92001-02-19 16:06:34 +0000[diff] [blame]22#ifdef OPENSSL_NO_DH
Ulf Möllerf5d7a031999-04-27 01:14:46 +0000[diff] [blame]23int main(int argc, char *argv[])
24{
25 printf("No DH support\n");
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]26 return (0);
Ulf Möllerf5d7a031999-04-27 01:14:46 +0000[diff] [blame]27}
28#else
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]29# include <openssl/dh.h>
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]30
Rich Salz6d23cf92015-01-12 17:29:26 -0500[diff] [blame]31static int cb(int p, int n, BN_GENCB *arg);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]32
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]33static const char rnd_seed[] =
34 "string to make the random number generator think it has entropy";
Bodo Möller7d388202000-01-15 21:48:46 +0000[diff] [blame]35
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]36static int run_rfc5114_tests(void);
37
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]38int main(int argc, char *argv[])
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]39{
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]40 BN_GENCB *_cb = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]41 DH *a = NULL;
42 DH *b = NULL;
Matt Caswellb84e1222016-06-16 10:07:32 +0100[diff] [blame]43 const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL, *priv_key = NULL;
44 const BIGNUM *bpub_key = NULL;
45 BIGNUM *bp = NULL, *bg = NULL;
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]46 char buf[12] = {0};
47 unsigned char *abuf = NULL;
48 unsigned char *bbuf = NULL;
49 int i, alen, blen, aout, bout;
50 int ret = 1;
51 BIO *out = NULL;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]52
Rich Salzbbd86bf2016-01-07 15:06:38 -0500[diff] [blame]53 CRYPTO_set_mem_debug(1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]54 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
Geoff Thorpecb784862001-09-25 20:23:40 +0000[diff] [blame]55
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]56 RAND_seed(rnd_seed, sizeof rnd_seed);
Bodo Möller7d388202000-01-15 21:48:46 +0000[diff] [blame]57
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]58 out = BIO_new(BIO_s_file());
59 if (out == NULL)
60 EXIT(1);
Richard Levitte0f81f5f2015-09-04 14:07:57 +0200[diff] [blame]61 BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]62
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]63 _cb = BN_GENCB_new();
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]64 if (_cb == NULL)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]65 goto err;
66 BN_GENCB_set(_cb, &cb, out);
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]67 if (((a = DH_new()) == NULL)
68 || (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb)))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]69 goto err;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]70
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]71 if (!DH_check(a, &i))
72 goto err;
73 if (i & DH_CHECK_P_NOT_PRIME)
74 BIO_puts(out, "p value is not prime\n");
75 if (i & DH_CHECK_P_NOT_SAFE_PRIME)
76 BIO_puts(out, "p value is not a safe prime\n");
77 if (i & DH_UNABLE_TO_CHECK_GENERATOR)
78 BIO_puts(out, "unable to check the generator value\n");
79 if (i & DH_NOT_SUITABLE_GENERATOR)
80 BIO_puts(out, "the g value is not a generator\n");
Bodo Möller82652aa2002-03-20 16:04:04 +0000[diff] [blame]81
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]82 DH_get0_pqg(a, &ap, NULL, &ag);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]83 BIO_puts(out, "\np =");
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]84 BN_print(out, ap);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]85 BIO_puts(out, "\ng =");
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]86 BN_print(out, ag);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]87 BIO_puts(out, "\n");
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]88
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]89 b = DH_new();
90 if (b == NULL)
91 goto err;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]92
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]93 bp = BN_dup(ap);
94 bg = BN_dup(ag);
95 if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]96 goto err;
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]97 bp = bg = NULL;
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]98
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]99 if (!DH_generate_key(a))
100 goto err;
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]101 DH_get0_key(a, &apub_key, &priv_key);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]102 BIO_puts(out, "pri 1=");
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]103 BN_print(out, priv_key);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]104 BIO_puts(out, "\npub 1=");
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]105 BN_print(out, apub_key);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]106 BIO_puts(out, "\n");
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]107
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]108 if (!DH_generate_key(b))
109 goto err;
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]110 DH_get0_key(b, &bpub_key, &priv_key);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]111 BIO_puts(out, "pri 2=");
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]112 BN_print(out, priv_key);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]113 BIO_puts(out, "\npub 2=");
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]114 BN_print(out, bpub_key);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]115 BIO_puts(out, "\n");
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]116
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]117 alen = DH_size(a);
Rich Salzb196e7d2015-04-28 15:28:14 -0400[diff] [blame]118 abuf = OPENSSL_malloc(alen);
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]119 if (abuf == NULL)
120 goto err;
121
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]122 aout = DH_compute_key(abuf, bpub_key, a);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]123
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]124 BIO_puts(out, "key1 =");
125 for (i = 0; i < aout; i++) {
126 sprintf(buf, "%02X", abuf[i]);
127 BIO_puts(out, buf);
128 }
129 BIO_puts(out, "\n");
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]130
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]131 blen = DH_size(b);
Rich Salzb196e7d2015-04-28 15:28:14 -0400[diff] [blame]132 bbuf = OPENSSL_malloc(blen);
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]133 if (bbuf == NULL)
134 goto err;
135
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]136 bout = DH_compute_key(bbuf, apub_key, b);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]137
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]138 BIO_puts(out, "key2 =");
139 for (i = 0; i < bout; i++) {
140 sprintf(buf, "%02X", bbuf[i]);
141 BIO_puts(out, buf);
142 }
143 BIO_puts(out, "\n");
144 if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0)) {
145 fprintf(stderr, "Error in DH routines\n");
146 ret = 1;
147 } else
148 ret = 0;
149 if (!run_rfc5114_tests())
150 ret = 1;
151 err:
FdaSilvaYYf0e1fe72016-03-18 23:17:39 +0100[diff] [blame]152 (void)BIO_flush(out);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]153 ERR_print_errors_fp(stderr);
Bodo Möller82652aa2002-03-20 16:04:04 +0000[diff] [blame]154
Rich Salzb548a1f2015-05-01 10:02:07 -0400[diff] [blame]155 OPENSSL_free(abuf);
156 OPENSSL_free(bbuf);
Rich Salzd6407082015-03-24 10:17:37 -0400[diff] [blame]157 DH_free(b);
158 DH_free(a);
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]159 BN_free(bp);
160 BN_free(bg);
Rich Salz23a1d5e2015-04-30 21:37:06 -0400[diff] [blame]161 BN_GENCB_free(_cb);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]162 BIO_free(out);
FdaSilvaYYf0e1fe72016-03-18 23:17:39 +0100[diff] [blame]163
164#ifndef OPENSSL_NO_CRYPTO_MDEBUG
165 if (CRYPTO_mem_leaks_fp(stderr) <= 0)
166 ret = 1;
167#endif
168
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]169 EXIT(ret);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]170}
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]171
Rich Salz6d23cf92015-01-12 17:29:26 -0500[diff] [blame]172static int cb(int p, int n, BN_GENCB *arg)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]173{
174 char c = '*';
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]175
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]176 if (p == 0)
177 c = '.';
178 if (p == 1)
179 c = '+';
180 if (p == 2)
181 c = '*';
182 if (p == 3)
183 c = '\n';
184 BIO_write(BN_GENCB_get_arg(arg), &c, 1);
185 (void)BIO_flush(BN_GENCB_get_arg(arg));
186 return 1;
187}
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]188
189/* Test data from RFC 5114 */
190
191static const unsigned char dhtest_1024_160_xA[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]192 0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50,
193 0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]194};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]195
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]196static const unsigned char dhtest_1024_160_yA[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]197 0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D,
198 0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09,
199 0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76,
200 0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F,
201 0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D,
202 0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A,
203 0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA,
204 0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA,
205 0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01,
206 0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95,
207 0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]208};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]209
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]210static const unsigned char dhtest_1024_160_xB[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]211 0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8,
212 0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]213};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]214
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]215static const unsigned char dhtest_1024_160_yB[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]216 0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94,
217 0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66,
218 0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C,
219 0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E,
220 0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3,
221 0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A,
222 0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E,
223 0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26,
224 0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A,
225 0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67,
226 0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]227};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]228
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]229static const unsigned char dhtest_1024_160_Z[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]230 0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F,
231 0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5,
232 0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3,
233 0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8,
234 0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF,
235 0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13,
236 0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED,
237 0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83,
238 0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0,
239 0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46,
240 0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]241};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]242
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]243static const unsigned char dhtest_2048_224_xA[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]244 0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7,
245 0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4,
246 0x83, 0x29, 0x4B, 0x0C
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]247};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]248
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]249static const unsigned char dhtest_2048_224_yA[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]250 0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49,
251 0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0,
252 0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04,
253 0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B,
254 0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1,
255 0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C,
256 0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6,
257 0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43,
258 0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D,
259 0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E,
260 0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9,
261 0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE,
262 0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52,
263 0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3,
264 0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6,
265 0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06,
266 0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52,
267 0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A,
268 0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15,
269 0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB,
270 0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C,
271 0x71, 0x64, 0x8D, 0x6F
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]272};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]273
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]274static const unsigned char dhtest_2048_224_xB[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]275 0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63,
276 0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15,
277 0x35, 0x3B, 0x75, 0x90
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]278};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]279
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]280static const unsigned char dhtest_2048_224_yB[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]281 0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44,
282 0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2,
283 0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41,
284 0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1,
285 0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C,
286 0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2,
287 0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE,
288 0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC,
289 0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47,
290 0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03,
291 0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6,
292 0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC,
293 0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A,
294 0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3,
295 0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4,
296 0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17,
297 0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF,
298 0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC,
299 0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7,
300 0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15,
301 0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20,
302 0x02, 0x14, 0x2B, 0x6C
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]303};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]304
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]305static const unsigned char dhtest_2048_224_Z[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]306 0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03,
307 0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3,
308 0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E,
309 0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C,
310 0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79,
311 0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4,
312 0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2,
313 0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9,
314 0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F,
315 0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B,
316 0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23,
317 0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A,
318 0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8,
319 0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89,
320 0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9,
321 0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF,
322 0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7,
323 0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2,
324 0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2,
325 0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4,
326 0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C,
327 0xF9, 0xF6, 0x38, 0x69
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]328};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]329
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]330static const unsigned char dhtest_2048_256_xA[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]331 0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61,
332 0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3,
333 0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]334};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]335
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]336static const unsigned char dhtest_2048_256_yA[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]337 0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41,
338 0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6,
339 0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9,
340 0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE,
341 0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8,
342 0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9,
343 0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50,
344 0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8,
345 0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82,
346 0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC,
347 0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41,
348 0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02,
349 0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA,
350 0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A,
351 0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F,
352 0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3,
353 0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5,
354 0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0,
355 0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A,
356 0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F,
357 0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5,
358 0x7C, 0xA6, 0x7E, 0x29
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]359};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]360
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]361static const unsigned char dhtest_2048_256_xB[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]362 0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF,
363 0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64,
364 0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]365};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]366
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]367static const unsigned char dhtest_2048_256_yB[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]368 0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8,
369 0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98,
370 0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7,
371 0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E,
372 0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25,
373 0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05,
374 0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63,
375 0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97,
376 0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F,
377 0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3,
378 0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98,
379 0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A,
380 0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D,
381 0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C,
382 0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5,
383 0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80,
384 0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A,
385 0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44,
386 0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA,
387 0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D,
388 0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53,
389 0x75, 0x7E, 0x19, 0x13
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]390};
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]391
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]392static const unsigned char dhtest_2048_256_Z[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]393 0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17,
394 0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1,
395 0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00,
396 0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE,
397 0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0,
398 0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0,
399 0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED,
400 0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04,
401 0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A,
402 0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C,
403 0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C,
404 0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93,
405 0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38,
406 0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52,
407 0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F,
408 0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9,
409 0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C,
410 0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A,
411 0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3,
412 0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0,
413 0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0,
414 0xC2, 0x6C, 0x5D, 0x7C
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]415};
416
Matt Caswelle729aac2016-01-20 11:56:28 +0000[diff] [blame]417static const unsigned char dhtest_rfc5114_2048_224_bad_y[] = {
418 0x45, 0x32, 0x5F, 0x51, 0x07, 0xE5, 0xDF, 0x1C, 0xD6, 0x02, 0x82, 0xB3,
419 0x32, 0x8F, 0xA4, 0x0F, 0x87, 0xB8, 0x41, 0xFE, 0xB9, 0x35, 0xDE, 0xAD,
420 0xC6, 0x26, 0x85, 0xB4, 0xFF, 0x94, 0x8C, 0x12, 0x4C, 0xBF, 0x5B, 0x20,
421 0xC4, 0x46, 0xA3, 0x26, 0xEB, 0xA4, 0x25, 0xB7, 0x68, 0x8E, 0xCC, 0x67,
422 0xBA, 0xEA, 0x58, 0xD0, 0xF2, 0xE9, 0xD2, 0x24, 0x72, 0x60, 0xDA, 0x88,
423 0x18, 0x9C, 0xE0, 0x31, 0x6A, 0xAD, 0x50, 0x6D, 0x94, 0x35, 0x8B, 0x83,
424 0x4A, 0x6E, 0xFA, 0x48, 0x73, 0x0F, 0x83, 0x87, 0xFF, 0x6B, 0x66, 0x1F,
425 0xA8, 0x82, 0xC6, 0x01, 0xE5, 0x80, 0xB5, 0xB0, 0x52, 0xD0, 0xE9, 0xD8,
426 0x72, 0xF9, 0x7D, 0x5B, 0x8B, 0xA5, 0x4C, 0xA5, 0x25, 0x95, 0x74, 0xE2,
427 0x7A, 0x61, 0x4E, 0xA7, 0x8F, 0x12, 0xE2, 0xD2, 0x9D, 0x8C, 0x02, 0x70,
428 0x34, 0x44, 0x32, 0xC7, 0xB2, 0xF3, 0xB9, 0xFE, 0x17, 0x2B, 0xD6, 0x1F,
429 0x8B, 0x7E, 0x4A, 0xFA, 0xA3, 0xB5, 0x3E, 0x7A, 0x81, 0x9A, 0x33, 0x66,
430 0x62, 0xA4, 0x50, 0x18, 0x3E, 0xA2, 0x5F, 0x00, 0x07, 0xD8, 0x9B, 0x22,
431 0xE4, 0xEC, 0x84, 0xD5, 0xEB, 0x5A, 0xF3, 0x2A, 0x31, 0x23, 0xD8, 0x44,
432 0x22, 0x2A, 0x8B, 0x37, 0x44, 0xCC, 0xC6, 0x87, 0x4B, 0xBE, 0x50, 0x9D,
433 0x4A, 0xC4, 0x8E, 0x45, 0xCF, 0x72, 0x4D, 0xC0, 0x89, 0xB3, 0x72, 0xED,
434 0x33, 0x2C, 0xBC, 0x7F, 0x16, 0x39, 0x3B, 0xEB, 0xD2, 0xDD, 0xA8, 0x01,
435 0x73, 0x84, 0x62, 0xB9, 0x29, 0xD2, 0xC9, 0x51, 0x32, 0x9E, 0x7A, 0x6A,
436 0xCF, 0xC1, 0x0A, 0xDB, 0x0E, 0xE0, 0x62, 0x77, 0x6F, 0x59, 0x62, 0x72,
437 0x5A, 0x69, 0xA6, 0x5B, 0x70, 0xCA, 0x65, 0xC4, 0x95, 0x6F, 0x9A, 0xC2,
438 0xDF, 0x72, 0x6D, 0xB1, 0x1E, 0x54, 0x7B, 0x51, 0xB4, 0xEF, 0x7F, 0x89,
439 0x93, 0x74, 0x89, 0x59
440};
441
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]442typedef struct {
443 DH *(*get_param) (void);
444 const unsigned char *xA;
445 size_t xA_len;
446 const unsigned char *yA;
447 size_t yA_len;
448 const unsigned char *xB;
449 size_t xB_len;
450 const unsigned char *yB;
451 size_t yB_len;
452 const unsigned char *Z;
453 size_t Z_len;
454} rfc5114_td;
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]455
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]456# define make_rfc5114_td(pre) { \
457 DH_get_##pre, \
458 dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \
459 dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \
460 dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \
461 dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \
462 dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \
463 }
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]464
465static const rfc5114_td rfctd[] = {
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]466 make_rfc5114_td(1024_160),
467 make_rfc5114_td(2048_224),
468 make_rfc5114_td(2048_256)
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]469};
470
471static int run_rfc5114_tests(void)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]472{
473 int i;
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]474 DH *dhA = NULL;
475 DH *dhB = NULL;
476 unsigned char *Z1 = NULL;
477 unsigned char *Z2 = NULL;
478 const rfc5114_td *td = NULL;
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]479 BIGNUM *bady = NULL, *priv_key = NULL, *pub_key = NULL;
Matt Caswellb84e1222016-06-16 10:07:32 +0100[diff] [blame]480 const BIGNUM *pub_key_tmp;
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]481
Dr. Stephen Hensonbdcb1a22015-05-03 17:32:05 +0100[diff] [blame]482 for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) {
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]483 td = rfctd + i;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]484 /* Set up DH structures setting key components */
485 dhA = td->get_param();
486 dhB = td->get_param();
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]487 if ((dhA == NULL) || (dhB == NULL))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]488 goto bad_err;
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]489
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]490 priv_key = BN_bin2bn(td->xA, td->xA_len, NULL);
491 pub_key = BN_bin2bn(td->yA, td->yA_len, NULL);
492 if (priv_key == NULL || pub_key == NULL
493 || !DH_set0_key(dhA, pub_key, priv_key))
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]494 goto bad_err;
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]495
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]496 priv_key = BN_bin2bn(td->xB, td->xB_len, NULL);
497 pub_key = BN_bin2bn(td->yB, td->yB_len, NULL);
498
499 if (priv_key == NULL || pub_key == NULL
500 || !DH_set0_key(dhB, pub_key, priv_key))
501 goto bad_err;
502 priv_key = pub_key = NULL;
503
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]504 if ((td->Z_len != (size_t)DH_size(dhA))
505 || (td->Z_len != (size_t)DH_size(dhB)))
506 goto err;
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]507
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]508 Z1 = OPENSSL_malloc(DH_size(dhA));
509 Z2 = OPENSSL_malloc(DH_size(dhB));
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]510 if ((Z1 == NULL) || (Z2 == NULL))
511 goto bad_err;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]512 /*
513 * Work out shared secrets using both sides and compare with expected
514 * values.
515 */
Matt Caswellb84e1222016-06-16 10:07:32 +0100[diff] [blame]516 DH_get0_key(dhB, &pub_key_tmp, NULL);
517 if (DH_compute_key(Z1, pub_key_tmp, dhA) == -1)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]518 goto bad_err;
Matt Caswellb84e1222016-06-16 10:07:32 +0100[diff] [blame]519
520 DH_get0_key(dhA, &pub_key_tmp, NULL);
521 if (DH_compute_key(Z2, pub_key_tmp, dhB) == -1)
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]522 goto bad_err;
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]523
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]524 if (memcmp(Z1, td->Z, td->Z_len))
525 goto err;
526 if (memcmp(Z2, td->Z, td->Z_len))
527 goto err;
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]528
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]529 printf("RFC5114 parameter test %d OK\n", i + 1);
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]530
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]531 DH_free(dhA);
532 DH_free(dhB);
533 OPENSSL_free(Z1);
534 OPENSSL_free(Z2);
Matt Caswelle729aac2016-01-20 11:56:28 +0000[diff] [blame]535 dhA = NULL;
536 dhB = NULL;
537 Z1 = NULL;
538 Z2 = NULL;
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]539 }
Matt Caswelle729aac2016-01-20 11:56:28 +0000[diff] [blame]540
541 /* Now i == OSSL_NELEM(rfctd) */
542 /* RFC5114 uses unsafe primes, so now test an invalid y value */
543 dhA = DH_get_2048_224();
544 if (dhA == NULL)
545 goto bad_err;
546 Z1 = OPENSSL_malloc(DH_size(dhA));
547 if (Z1 == NULL)
548 goto bad_err;
549
550 bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y,
551 sizeof(dhtest_rfc5114_2048_224_bad_y), NULL);
552 if (bady == NULL)
553 goto bad_err;
554
555 if (!DH_generate_key(dhA))
556 goto bad_err;
557
558 if (DH_compute_key(Z1, bady, dhA) != -1) {
559 /*
560 * DH_compute_key should fail with -1. If we get here we unexpectedly
561 * allowed an invalid y value
562 */
563 goto err;
564 }
565 /* We'll have a stale error on the queue from the above test so clear it */
566 ERR_clear_error();
567
568 printf("RFC5114 parameter test %d OK\n", i + 1);
569
570 BN_free(bady);
571 DH_free(dhA);
572 OPENSSL_free(Z1);
573
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]574 return 1;
575 bad_err:
Matt Caswelle729aac2016-01-20 11:56:28 +0000[diff] [blame]576 BN_free(bady);
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]577 DH_free(dhA);
578 DH_free(dhB);
Matt Caswell0aeddcf2016-04-06 17:49:48 +0100[diff] [blame]579 BN_free(pub_key);
580 BN_free(priv_key);
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]581 OPENSSL_free(Z1);
582 OPENSSL_free(Z2);
583
FdaSilvaYY8483a002016-03-10 21:34:48 +0100[diff] [blame]584 fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1);
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]585 ERR_print_errors_fp(stderr);
586 return 0;
587 err:
Matt Caswelle729aac2016-01-20 11:56:28 +0000[diff] [blame]588 BN_free(bady);
Hongze Zhuf562aed2015-12-14 17:38:56 +0800[diff] [blame]589 DH_free(dhA);
590 DH_free(dhB);
591 OPENSSL_free(Z1);
592 OPENSSL_free(Z2);
593
Matt Caswell0f113f32015-01-22 03:40:55 +0000[diff] [blame]594 fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1);
595 return 0;
596}
Dr. Stephen Henson20bee962011-11-13 14:07:36 +0000[diff] [blame]597
Ulf Möllerf5d7a031999-04-27 01:14:46 +0000[diff] [blame]598#endif