diff --git a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch index 7a97dee1f02f51d3a9a0d68f8668c839af2f154f..79c6870dcddee654270575249613c1252e0db286 100644 --- a/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +++ b/0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch @@ -271,10 +271,10 @@ diff --git a/util/libcrypto.num b/util/libcrypto.num index 404a706fab..e81fa9ec3e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num -@@ -5282,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: - EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: - OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: +@@ -5428,3 +5282,4 @@ OSSL_DECODER_CTX_set_input_structure ? 3_0_0 EXIST::FUNCTION: OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: + OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP + OSSL_CMP_MSG_update_recipNonce 5559 3_0_9 EXIST::FUNCTION:CMP +ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: -- 2.26.2 diff --git a/0009-Add-Kernel-FIPS-mode-flag-support.patch b/0009-Add-Kernel-FIPS-mode-flag-support.patch index 30ff3259d55476fc74780673648055a9a7509ace..50c3343dd3f48cb145afddfab8ce33214ab7a811 100644 --- a/0009-Add-Kernel-FIPS-mode-flag-support.patch +++ b/0009-Add-Kernel-FIPS-mode-flag-support.patch @@ -2,8 +2,8 @@ diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha1 --- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips 2021-03-16 00:09:55.814826432 +0100 +++ openssl-3.0.0-alpha13/crypto/context.c 2021-03-16 00:15:55.129043811 +0100 @@ -12,11 +12,46 @@ - #include "internal/provider.h" #include "crypto/ctype.h" + #include "crypto/rand.h" +# include +# include diff --git a/0010-Add-changes-to-ectest-and-eccurve.patch b/0010-Add-changes-to-ectest-and-eccurve.patch new file mode 100644 index 0000000000000000000000000000000000000000..aac242b915fb5590b100067a923817abd3e15597 --- /dev/null +++ b/0010-Add-changes-to-ectest-and-eccurve.patch @@ -0,0 +1,1127 @@ +diff -up ./crypto/ec/ec_curve.c.remove-ec ./crypto/ec/ec_curve.c +--- ./crypto/ec/ec_curve.c.remove-ec 2023-03-13 16:50:09.278933578 +0100 ++++ ./crypto/ec/ec_curve.c 2023-03-21 12:38:57.696531941 +0100 +@@ -32,38 +32,6 @@ typedef struct { + /* the nist prime curves */ + static const struct { + EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_NIST_PRIME_192 = { +- { +- NID_X9_62_prime_field, 20, 24, 1 +- }, +- { +- /* seed */ +- 0x30, 0x45, 0xAE, 0x6F, 0xC8, 0x42, 0x2F, 0x64, 0xED, 0x57, 0x95, 0x28, +- 0xD3, 0x81, 0x20, 0xEA, 0xE1, 0x21, 0x96, 0xD5, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x64, 0x21, 0x05, 0x19, 0xE5, 0x9C, 0x80, 0xE7, 0x0F, 0xA7, 0xE9, 0xAB, +- 0x72, 0x24, 0x30, 0x49, 0xFE, 0xB8, 0xDE, 0xEC, 0xC1, 0x46, 0xB9, 0xB1, +- /* x */ +- 0x18, 0x8D, 0xA8, 0x0E, 0xB0, 0x30, 0x90, 0xF6, 0x7C, 0xBF, 0x20, 0xEB, +- 0x43, 0xA1, 0x88, 0x00, 0xF4, 0xFF, 0x0A, 0xFD, 0x82, 0xFF, 0x10, 0x12, +- /* y */ +- 0x07, 0x19, 0x2b, 0x95, 0xff, 0xc8, 0xda, 0x78, 0x63, 0x10, 0x11, 0xed, +- 0x6b, 0x24, 0xcd, 0xd5, 0x73, 0xf9, 0x77, 0xa1, 0x1e, 0x79, 0x48, 0x11, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x99, 0xDE, 0xF8, 0x36, 0x14, 0x6B, 0xC9, 0xB1, 0xB4, 0xD2, 0x28, 0x31 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; + unsigned char data[20 + 28 * 6]; + } _EC_NIST_PRIME_224 = { + { +@@ -200,187 +168,6 @@ static const struct { + } + }; + +-# ifndef FIPS_MODULE +-/* the x9.62 prime curves (minus the nist prime curves) */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_PRIME_192V2 = { +- { +- NID_X9_62_prime_field, 20, 24, 1 +- }, +- { +- /* seed */ +- 0x31, 0xA9, 0x2E, 0xE2, 0x02, 0x9F, 0xD1, 0x0D, 0x90, 0x1B, 0x11, 0x3E, +- 0x99, 0x07, 0x10, 0xF0, 0xD2, 0x1A, 0xC6, 0xB6, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0xCC, 0x22, 0xD6, 0xDF, 0xB9, 0x5C, 0x6B, 0x25, 0xE4, 0x9C, 0x0D, 0x63, +- 0x64, 0xA4, 0xE5, 0x98, 0x0C, 0x39, 0x3A, 0xA2, 0x16, 0x68, 0xD9, 0x53, +- /* x */ +- 0xEE, 0xA2, 0xBA, 0xE7, 0xE1, 0x49, 0x78, 0x42, 0xF2, 0xDE, 0x77, 0x69, +- 0xCF, 0xE9, 0xC9, 0x89, 0xC0, 0x72, 0xAD, 0x69, 0x6F, 0x48, 0x03, 0x4A, +- /* y */ +- 0x65, 0x74, 0xd1, 0x1d, 0x69, 0xb6, 0xec, 0x7a, 0x67, 0x2b, 0xb8, 0x2a, +- 0x08, 0x3d, 0xf2, 0xf2, 0xb0, 0x84, 0x7d, 0xe9, 0x70, 0xb2, 0xde, 0x15, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, +- 0x5F, 0xB1, 0xA7, 0x24, 0xDC, 0x80, 0x41, 0x86, 0x48, 0xD8, 0xDD, 0x31 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 24 * 6]; +-} _EC_X9_62_PRIME_192V3 = { +- { +- NID_X9_62_prime_field, 20, 24, 1 +- }, +- { +- /* seed */ +- 0xC4, 0x69, 0x68, 0x44, 0x35, 0xDE, 0xB3, 0x78, 0xC4, 0xB6, 0x5C, 0xA9, +- 0x59, 0x1E, 0x2A, 0x57, 0x63, 0x05, 0x9A, 0x2E, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x22, 0x12, 0x3D, 0xC2, 0x39, 0x5A, 0x05, 0xCA, 0xA7, 0x42, 0x3D, 0xAE, +- 0xCC, 0xC9, 0x47, 0x60, 0xA7, 0xD4, 0x62, 0x25, 0x6B, 0xD5, 0x69, 0x16, +- /* x */ +- 0x7D, 0x29, 0x77, 0x81, 0x00, 0xC6, 0x5A, 0x1D, 0xA1, 0x78, 0x37, 0x16, +- 0x58, 0x8D, 0xCE, 0x2B, 0x8B, 0x4A, 0xEE, 0x8E, 0x22, 0x8F, 0x18, 0x96, +- /* y */ +- 0x38, 0xa9, 0x0f, 0x22, 0x63, 0x73, 0x37, 0x33, 0x4b, 0x49, 0xdc, 0xb6, +- 0x6a, 0x6d, 0xc8, 0xf9, 0x97, 0x8a, 0xca, 0x76, 0x48, 0xa9, 0x43, 0xb0, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7A, 0x62, 0xD0, 0x31, 0xC8, 0x3F, 0x42, 0x94, 0xF6, 0x40, 0xEC, 0x13 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_PRIME_239V1 = { +- { +- NID_X9_62_prime_field, 20, 30, 1 +- }, +- { +- /* seed */ +- 0xE4, 0x3B, 0xB4, 0x60, 0xF0, 0xB8, 0x0C, 0xC0, 0xC0, 0xB0, 0x75, 0x79, +- 0x8E, 0x94, 0x80, 0x60, 0xF8, 0x32, 0x1B, 0x7D, +- /* p */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x6B, 0x01, 0x6C, 0x3B, 0xDC, 0xF1, 0x89, 0x41, 0xD0, 0xD6, 0x54, 0x92, +- 0x14, 0x75, 0xCA, 0x71, 0xA9, 0xDB, 0x2F, 0xB2, 0x7D, 0x1D, 0x37, 0x79, +- 0x61, 0x85, 0xC2, 0x94, 0x2C, 0x0A, +- /* x */ +- 0x0F, 0xFA, 0x96, 0x3C, 0xDC, 0xA8, 0x81, 0x6C, 0xCC, 0x33, 0xB8, 0x64, +- 0x2B, 0xED, 0xF9, 0x05, 0xC3, 0xD3, 0x58, 0x57, 0x3D, 0x3F, 0x27, 0xFB, +- 0xBD, 0x3B, 0x3C, 0xB9, 0xAA, 0xAF, +- /* y */ +- 0x7d, 0xeb, 0xe8, 0xe4, 0xe9, 0x0a, 0x5d, 0xae, 0x6e, 0x40, 0x54, 0xca, +- 0x53, 0x0b, 0xa0, 0x46, 0x54, 0xb3, 0x68, 0x18, 0xce, 0x22, 0x6b, 0x39, +- 0xfc, 0xcb, 0x7b, 0x02, 0xf1, 0xae, +- /* order */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0x9E, 0x5E, 0x9A, 0x9F, 0x5D, 0x90, 0x71, 0xFB, 0xD1, +- 0x52, 0x26, 0x88, 0x90, 0x9D, 0x0B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_PRIME_239V2 = { +- { +- NID_X9_62_prime_field, 20, 30, 1 +- }, +- { +- /* seed */ +- 0xE8, 0xB4, 0x01, 0x16, 0x04, 0x09, 0x53, 0x03, 0xCA, 0x3B, 0x80, 0x99, +- 0x98, 0x2B, 0xE0, 0x9F, 0xCB, 0x9A, 0xE6, 0x16, +- /* p */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x61, 0x7F, 0xAB, 0x68, 0x32, 0x57, 0x6C, 0xBB, 0xFE, 0xD5, 0x0D, 0x99, +- 0xF0, 0x24, 0x9C, 0x3F, 0xEE, 0x58, 0xB9, 0x4B, 0xA0, 0x03, 0x8C, 0x7A, +- 0xE8, 0x4C, 0x8C, 0x83, 0x2F, 0x2C, +- /* x */ +- 0x38, 0xAF, 0x09, 0xD9, 0x87, 0x27, 0x70, 0x51, 0x20, 0xC9, 0x21, 0xBB, +- 0x5E, 0x9E, 0x26, 0x29, 0x6A, 0x3C, 0xDC, 0xF2, 0xF3, 0x57, 0x57, 0xA0, +- 0xEA, 0xFD, 0x87, 0xB8, 0x30, 0xE7, +- /* y */ +- 0x5b, 0x01, 0x25, 0xe4, 0xdb, 0xea, 0x0e, 0xc7, 0x20, 0x6d, 0xa0, 0xfc, +- 0x01, 0xd9, 0xb0, 0x81, 0x32, 0x9f, 0xb5, 0x55, 0xde, 0x6e, 0xf4, 0x60, +- 0x23, 0x7d, 0xff, 0x8b, 0xe4, 0xba, +- /* order */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x80, 0x00, 0x00, 0xCF, 0xA7, 0xE8, 0x59, 0x43, 0x77, 0xD4, 0x14, 0xC0, +- 0x38, 0x21, 0xBC, 0x58, 0x20, 0x63 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 30 * 6]; +-} _EC_X9_62_PRIME_239V3 = { +- { +- NID_X9_62_prime_field, 20, 30, 1 +- }, +- { +- /* seed */ +- 0x7D, 0x73, 0x74, 0x16, 0x8F, 0xFE, 0x34, 0x71, 0xB6, 0x0A, 0x85, 0x76, +- 0x86, 0xA1, 0x94, 0x75, 0xD3, 0xBF, 0xA2, 0xFF, +- /* p */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x25, 0x57, 0x05, 0xFA, 0x2A, 0x30, 0x66, 0x54, 0xB1, 0xF4, 0xCB, 0x03, +- 0xD6, 0xA7, 0x50, 0xA3, 0x0C, 0x25, 0x01, 0x02, 0xD4, 0x98, 0x87, 0x17, +- 0xD9, 0xBA, 0x15, 0xAB, 0x6D, 0x3E, +- /* x */ +- 0x67, 0x68, 0xAE, 0x8E, 0x18, 0xBB, 0x92, 0xCF, 0xCF, 0x00, 0x5C, 0x94, +- 0x9A, 0xA2, 0xC6, 0xD9, 0x48, 0x53, 0xD0, 0xE6, 0x60, 0xBB, 0xF8, 0x54, +- 0xB1, 0xC9, 0x50, 0x5F, 0xE9, 0x5A, +- /* y */ +- 0x16, 0x07, 0xe6, 0x89, 0x8f, 0x39, 0x0c, 0x06, 0xbc, 0x1d, 0x55, 0x2b, +- 0xad, 0x22, 0x6f, 0x3b, 0x6f, 0xcf, 0xe4, 0x8b, 0x6e, 0x81, 0x84, 0x99, +- 0xaf, 0x18, 0xe3, 0xed, 0x6c, 0xf3, +- /* order */ +- 0x7F, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0x7F, 0xFF, 0xFF, 0x97, 0x5D, 0xEB, 0x41, 0xB3, 0xA6, 0x05, 0x7C, 0x3C, +- 0x43, 0x21, 0x46, 0x52, 0x65, 0x51 +- } +-}; +-#endif /* FIPS_MODULE */ +- + static const struct { + EC_CURVE_DATA h; + unsigned char data[20 + 32 * 6]; +@@ -423,294 +210,6 @@ static const struct { + /* the secg prime curves (minus the nist and x9.62 prime curves) */ + static const struct { + EC_CURVE_DATA h; +- unsigned char data[20 + 14 * 6]; +-} _EC_SECG_PRIME_112R1 = { +- { +- NID_X9_62_prime_field, 20, 14, 1 +- }, +- { +- /* seed */ +- 0x00, 0xF5, 0x0B, 0x02, 0x8E, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, +- 0x51, 0x75, 0x29, 0x04, 0x72, 0x78, 0x3F, 0xB1, +- /* p */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD, +- 0x20, 0x8B, +- /* a */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD, +- 0x20, 0x88, +- /* b */ +- 0x65, 0x9E, 0xF8, 0xBA, 0x04, 0x39, 0x16, 0xEE, 0xDE, 0x89, 0x11, 0x70, +- 0x2B, 0x22, +- /* x */ +- 0x09, 0x48, 0x72, 0x39, 0x99, 0x5A, 0x5E, 0xE7, 0x6B, 0x55, 0xF9, 0xC2, +- 0xF0, 0x98, +- /* y */ +- 0xa8, 0x9c, 0xe5, 0xaf, 0x87, 0x24, 0xc0, 0xa2, 0x3e, 0x0e, 0x0f, 0xf7, +- 0x75, 0x00, +- /* order */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x76, 0x28, 0xDF, 0xAC, 0x65, +- 0x61, 0xC5 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 14 * 6]; +-} _EC_SECG_PRIME_112R2 = { +- { +- NID_X9_62_prime_field, 20, 14, 4 +- }, +- { +- /* seed */ +- 0x00, 0x27, 0x57, 0xA1, 0x11, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, +- 0x51, 0x75, 0x53, 0x16, 0xC0, 0x5E, 0x0B, 0xD4, +- /* p */ +- 0xDB, 0x7C, 0x2A, 0xBF, 0x62, 0xE3, 0x5E, 0x66, 0x80, 0x76, 0xBE, 0xAD, +- 0x20, 0x8B, +- /* a */ +- 0x61, 0x27, 0xC2, 0x4C, 0x05, 0xF3, 0x8A, 0x0A, 0xAA, 0xF6, 0x5C, 0x0E, +- 0xF0, 0x2C, +- /* b */ +- 0x51, 0xDE, 0xF1, 0x81, 0x5D, 0xB5, 0xED, 0x74, 0xFC, 0xC3, 0x4C, 0x85, +- 0xD7, 0x09, +- /* x */ +- 0x4B, 0xA3, 0x0A, 0xB5, 0xE8, 0x92, 0xB4, 0xE1, 0x64, 0x9D, 0xD0, 0x92, +- 0x86, 0x43, +- /* y */ +- 0xad, 0xcd, 0x46, 0xf5, 0x88, 0x2e, 0x37, 0x47, 0xde, 0xf3, 0x6e, 0x95, +- 0x6e, 0x97, +- /* order */ +- 0x36, 0xDF, 0x0A, 0xAF, 0xD8, 0xB8, 0xD7, 0x59, 0x7C, 0xA1, 0x05, 0x20, +- 0xD0, 0x4B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 16 * 6]; +-} _EC_SECG_PRIME_128R1 = { +- { +- NID_X9_62_prime_field, 20, 16, 1 +- }, +- { +- /* seed */ +- 0x00, 0x0E, 0x0D, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, +- 0x0C, 0xC0, 0x3A, 0x44, 0x73, 0xD0, 0x36, 0x79, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0xE8, 0x75, 0x79, 0xC1, 0x10, 0x79, 0xF4, 0x3D, 0xD8, 0x24, 0x99, 0x3C, +- 0x2C, 0xEE, 0x5E, 0xD3, +- /* x */ +- 0x16, 0x1F, 0xF7, 0x52, 0x8B, 0x89, 0x9B, 0x2D, 0x0C, 0x28, 0x60, 0x7C, +- 0xA5, 0x2C, 0x5B, 0x86, +- /* y */ +- 0xcf, 0x5a, 0xc8, 0x39, 0x5b, 0xaf, 0xeb, 0x13, 0xc0, 0x2d, 0xa2, 0x92, +- 0xdd, 0xed, 0x7a, 0x83, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFE, 0x00, 0x00, 0x00, 0x00, 0x75, 0xA3, 0x0D, 0x1B, +- 0x90, 0x38, 0xA1, 0x15 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 16 * 6]; +-} _EC_SECG_PRIME_128R2 = { +- { +- NID_X9_62_prime_field, 20, 16, 4 +- }, +- { +- /* seed */ +- 0x00, 0x4D, 0x69, 0x6E, 0x67, 0x68, 0x75, 0x61, 0x51, 0x75, 0x12, 0xD8, +- 0xF0, 0x34, 0x31, 0xFC, 0xE6, 0x3B, 0x88, 0xF4, +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFD, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0xD6, 0x03, 0x19, 0x98, 0xD1, 0xB3, 0xBB, 0xFE, 0xBF, 0x59, 0xCC, 0x9B, +- 0xBF, 0xF9, 0xAE, 0xE1, +- /* b */ +- 0x5E, 0xEE, 0xFC, 0xA3, 0x80, 0xD0, 0x29, 0x19, 0xDC, 0x2C, 0x65, 0x58, +- 0xBB, 0x6D, 0x8A, 0x5D, +- /* x */ +- 0x7B, 0x6A, 0xA5, 0xD8, 0x5E, 0x57, 0x29, 0x83, 0xE6, 0xFB, 0x32, 0xA7, +- 0xCD, 0xEB, 0xC1, 0x40, +- /* y */ +- 0x27, 0xb6, 0x91, 0x6a, 0x89, 0x4d, 0x3a, 0xee, 0x71, 0x06, 0xfe, 0x80, +- 0x5f, 0xc3, 0x4b, 0x44, +- /* order */ +- 0x3F, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, 0xBE, 0x00, 0x24, 0x72, +- 0x06, 0x13, 0xB5, 0xA3 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_SECG_PRIME_160K1 = { +- { +- NID_X9_62_prime_field, 0, 21, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, +- /* x */ +- 0x00, 0x3B, 0x4C, 0x38, 0x2C, 0xE3, 0x7A, 0xA1, 0x92, 0xA4, 0x01, 0x9E, +- 0x76, 0x30, 0x36, 0xF4, 0xF5, 0xDD, 0x4D, 0x7E, 0xBB, +- /* y */ +- 0x00, 0x93, 0x8c, 0xf9, 0x35, 0x31, 0x8f, 0xdc, 0xed, 0x6b, 0xc2, 0x82, +- 0x86, 0x53, 0x17, 0x33, 0xc3, 0xf0, 0x3c, 0x4f, 0xee, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xB8, +- 0xFA, 0x16, 0xDF, 0xAB, 0x9A, 0xCA, 0x16, 0xB6, 0xB3 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_SECG_PRIME_160R1 = { +- { +- NID_X9_62_prime_field, 20, 21, 1 +- }, +- { +- /* seed */ +- 0x10, 0x53, 0xCD, 0xE4, 0x2C, 0x14, 0xD6, 0x96, 0xE6, 0x76, 0x87, 0x56, +- 0x15, 0x17, 0x53, 0x3B, 0xF3, 0xF8, 0x33, 0x45, +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFF, +- /* a */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x7F, 0xFF, 0xFF, 0xFC, +- /* b */ +- 0x00, 0x1C, 0x97, 0xBE, 0xFC, 0x54, 0xBD, 0x7A, 0x8B, 0x65, 0xAC, 0xF8, +- 0x9F, 0x81, 0xD4, 0xD4, 0xAD, 0xC5, 0x65, 0xFA, 0x45, +- /* x */ +- 0x00, 0x4A, 0x96, 0xB5, 0x68, 0x8E, 0xF5, 0x73, 0x28, 0x46, 0x64, 0x69, +- 0x89, 0x68, 0xC3, 0x8B, 0xB9, 0x13, 0xCB, 0xFC, 0x82, +- /* y */ +- 0x00, 0x23, 0xa6, 0x28, 0x55, 0x31, 0x68, 0x94, 0x7d, 0x59, 0xdc, 0xc9, +- 0x12, 0x04, 0x23, 0x51, 0x37, 0x7a, 0xc5, 0xfb, 0x32, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xF4, +- 0xC8, 0xF9, 0x27, 0xAE, 0xD3, 0xCA, 0x75, 0x22, 0x57 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[20 + 21 * 6]; +-} _EC_SECG_PRIME_160R2 = { +- { +- NID_X9_62_prime_field, 20, 21, 1 +- }, +- { +- /* seed */ +- 0xB9, 0x9B, 0x99, 0xB0, 0x99, 0xB3, 0x23, 0xE0, 0x27, 0x09, 0xA4, 0xD6, +- 0x96, 0xE6, 0x76, 0x87, 0x56, 0x15, 0x17, 0x51, +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x73, +- /* a */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xAC, 0x70, +- /* b */ +- 0x00, 0xB4, 0xE1, 0x34, 0xD3, 0xFB, 0x59, 0xEB, 0x8B, 0xAB, 0x57, 0x27, +- 0x49, 0x04, 0x66, 0x4D, 0x5A, 0xF5, 0x03, 0x88, 0xBA, +- /* x */ +- 0x00, 0x52, 0xDC, 0xB0, 0x34, 0x29, 0x3A, 0x11, 0x7E, 0x1F, 0x4F, 0xF1, +- 0x1B, 0x30, 0xF7, 0x19, 0x9D, 0x31, 0x44, 0xCE, 0x6D, +- /* y */ +- 0x00, 0xfe, 0xaf, 0xfe, 0xf2, 0xe3, 0x31, 0xf2, 0x96, 0xe0, 0x71, 0xfa, +- 0x0d, 0xf9, 0x98, 0x2c, 0xfe, 0xa7, 0xd4, 0x3f, 0x2e, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x35, +- 0x1E, 0xE7, 0x86, 0xA8, 0x18, 0xF3, 0xA1, 0xA1, 0x6B +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_SECG_PRIME_192K1 = { +- { +- NID_X9_62_prime_field, 0, 24, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xEE, 0x37, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, +- /* x */ +- 0xDB, 0x4F, 0xF1, 0x0E, 0xC0, 0x57, 0xE9, 0xAE, 0x26, 0xB0, 0x7D, 0x02, +- 0x80, 0xB7, 0xF4, 0x34, 0x1D, 0xA5, 0xD1, 0xB1, 0xEA, 0xE0, 0x6C, 0x7D, +- /* y */ +- 0x9b, 0x2f, 0x2f, 0x6d, 0x9c, 0x56, 0x28, 0xa7, 0x84, 0x41, 0x63, 0xd0, +- 0x15, 0xbe, 0x86, 0x34, 0x40, 0x82, 0xaa, 0x88, 0xd9, 0x5e, 0x2f, 0x9d, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, +- 0x26, 0xF2, 0xFC, 0x17, 0x0F, 0x69, 0x46, 0x6A, 0x74, 0xDE, 0xFD, 0x8D +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 29 * 6]; +-} _EC_SECG_PRIME_224K1 = { +- { +- NID_X9_62_prime_field, 0, 29, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFE, 0xFF, 0xFF, 0xE5, 0x6D, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x05, +- /* x */ +- 0x00, 0xA1, 0x45, 0x5B, 0x33, 0x4D, 0xF0, 0x99, 0xDF, 0x30, 0xFC, 0x28, +- 0xA1, 0x69, 0xA4, 0x67, 0xE9, 0xE4, 0x70, 0x75, 0xA9, 0x0F, 0x7E, 0x65, +- 0x0E, 0xB6, 0xB7, 0xA4, 0x5C, +- /* y */ +- 0x00, 0x7e, 0x08, 0x9f, 0xed, 0x7f, 0xba, 0x34, 0x42, 0x82, 0xca, 0xfb, +- 0xd6, 0xf7, 0xe3, 0x19, 0xf7, 0xc0, 0xb0, 0xbd, 0x59, 0xe2, 0xca, 0x4b, +- 0xdb, 0x55, 0x6d, 0x61, 0xa5, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, 0xDC, 0xE8, 0xD2, 0xEC, 0x61, 0x84, 0xCA, 0xF0, 0xA9, +- 0x71, 0x76, 0x9F, 0xB1, 0xF7 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; + unsigned char data[0 + 32 * 6]; + } _EC_SECG_PRIME_256K1 = { + { +@@ -745,102 +244,6 @@ static const struct { + } + }; + +-/* some wap/wtls curves */ +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 15 * 6]; +-} _EC_WTLS_8 = { +- { +- NID_X9_62_prime_field, 0, 15, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFD, 0xE7, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x03, +- /* x */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x01, +- /* y */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x02, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xEC, 0xEA, 0x55, 0x1A, +- 0xD8, 0x37, 0xE9 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 21 * 6]; +-} _EC_WTLS_9 = { +- { +- NID_X9_62_prime_field, 0, 21, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0x00, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, 0x80, 0x8F, +- /* a */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- /* b */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, +- /* x */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, +- /* y */ +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, +- /* order */ +- 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xCD, +- 0xC9, 0x8A, 0xE0, 0xE2, 0xDE, 0x57, 0x4A, 0xBF, 0x33 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 28 * 6]; +-} _EC_WTLS_12 = { +- { +- NID_X9_62_prime_field, 0, 28, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +- 0x00, 0x00, 0x00, 0x01, +- /* a */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0xFF, 0xFE, +- /* b */ +- 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56, +- 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, +- 0x23, 0x55, 0xFF, 0xB4, +- /* x */ +- 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9, +- 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, +- 0x11, 0x5C, 0x1D, 0x21, +- /* y */ +- 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6, +- 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99, +- 0x85, 0x00, 0x7e, 0x34, +- /* order */ +- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, +- 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, +- 0x5C, 0x5C, 0x2A, 0x3D +- } +-}; + #endif /* FIPS_MODULE */ + + #ifndef OPENSSL_NO_EC2M +@@ -2238,198 +1641,6 @@ static const struct { + #ifndef FIPS_MODULE + static const struct { + EC_CURVE_DATA h; +- unsigned char data[0 + 20 * 6]; +-} _EC_brainpoolP160r1 = { +- { +- NID_X9_62_prime_field, 0, 20, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD, +- 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F, +- /* a */ +- 0x34, 0x0E, 0x7B, 0xE2, 0xA2, 0x80, 0xEB, 0x74, 0xE2, 0xBE, 0x61, 0xBA, +- 0xDA, 0x74, 0x5D, 0x97, 0xE8, 0xF7, 0xC3, 0x00, +- /* b */ +- 0x1E, 0x58, 0x9A, 0x85, 0x95, 0x42, 0x34, 0x12, 0x13, 0x4F, 0xAA, 0x2D, +- 0xBD, 0xEC, 0x95, 0xC8, 0xD8, 0x67, 0x5E, 0x58, +- /* x */ +- 0xBE, 0xD5, 0xAF, 0x16, 0xEA, 0x3F, 0x6A, 0x4F, 0x62, 0x93, 0x8C, 0x46, +- 0x31, 0xEB, 0x5A, 0xF7, 0xBD, 0xBC, 0xDB, 0xC3, +- /* y */ +- 0x16, 0x67, 0xCB, 0x47, 0x7A, 0x1A, 0x8E, 0xC3, 0x38, 0xF9, 0x47, 0x41, +- 0x66, 0x9C, 0x97, 0x63, 0x16, 0xDA, 0x63, 0x21, +- /* order */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91, +- 0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 20 * 6]; +-} _EC_brainpoolP160t1 = { +- { +- NID_X9_62_prime_field, 0, 20, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD, +- 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0F, +- /* a */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0xC7, 0xAD, +- 0x95, 0xB3, 0xD8, 0x13, 0x95, 0x15, 0x62, 0x0C, +- /* b */ +- 0x7A, 0x55, 0x6B, 0x6D, 0xAE, 0x53, 0x5B, 0x7B, 0x51, 0xED, 0x2C, 0x4D, +- 0x7D, 0xAA, 0x7A, 0x0B, 0x5C, 0x55, 0xF3, 0x80, +- /* x */ +- 0xB1, 0x99, 0xB1, 0x3B, 0x9B, 0x34, 0xEF, 0xC1, 0x39, 0x7E, 0x64, 0xBA, +- 0xEB, 0x05, 0xAC, 0xC2, 0x65, 0xFF, 0x23, 0x78, +- /* y */ +- 0xAD, 0xD6, 0x71, 0x8B, 0x7C, 0x7C, 0x19, 0x61, 0xF0, 0x99, 0x1B, 0x84, +- 0x24, 0x43, 0x77, 0x21, 0x52, 0xC9, 0xE0, 0xAD, +- /* order */ +- 0xE9, 0x5E, 0x4A, 0x5F, 0x73, 0x70, 0x59, 0xDC, 0x60, 0xDF, 0x59, 0x91, +- 0xD4, 0x50, 0x29, 0x40, 0x9E, 0x60, 0xFC, 0x09 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_brainpoolP192r1 = { +- { +- NID_X9_62_prime_field, 0, 24, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30, +- 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97, +- /* a */ +- 0x6A, 0x91, 0x17, 0x40, 0x76, 0xB1, 0xE0, 0xE1, 0x9C, 0x39, 0xC0, 0x31, +- 0xFE, 0x86, 0x85, 0xC1, 0xCA, 0xE0, 0x40, 0xE5, 0xC6, 0x9A, 0x28, 0xEF, +- /* b */ +- 0x46, 0x9A, 0x28, 0xEF, 0x7C, 0x28, 0xCC, 0xA3, 0xDC, 0x72, 0x1D, 0x04, +- 0x4F, 0x44, 0x96, 0xBC, 0xCA, 0x7E, 0xF4, 0x14, 0x6F, 0xBF, 0x25, 0xC9, +- /* x */ +- 0xC0, 0xA0, 0x64, 0x7E, 0xAA, 0xB6, 0xA4, 0x87, 0x53, 0xB0, 0x33, 0xC5, +- 0x6C, 0xB0, 0xF0, 0x90, 0x0A, 0x2F, 0x5C, 0x48, 0x53, 0x37, 0x5F, 0xD6, +- /* y */ +- 0x14, 0xB6, 0x90, 0x86, 0x6A, 0xBD, 0x5B, 0xB8, 0x8B, 0x5F, 0x48, 0x28, +- 0xC1, 0x49, 0x00, 0x02, 0xE6, 0x77, 0x3F, 0xA2, 0xFA, 0x29, 0x9B, 0x8F, +- /* order */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F, +- 0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 24 * 6]; +-} _EC_brainpoolP192t1 = { +- { +- NID_X9_62_prime_field, 0, 24, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30, +- 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x97, +- /* a */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x30, +- 0x93, 0xD1, 0x8D, 0xB7, 0x8F, 0xCE, 0x47, 0x6D, 0xE1, 0xA8, 0x62, 0x94, +- /* b */ +- 0x13, 0xD5, 0x6F, 0xFA, 0xEC, 0x78, 0x68, 0x1E, 0x68, 0xF9, 0xDE, 0xB4, +- 0x3B, 0x35, 0xBE, 0xC2, 0xFB, 0x68, 0x54, 0x2E, 0x27, 0x89, 0x7B, 0x79, +- /* x */ +- 0x3A, 0xE9, 0xE5, 0x8C, 0x82, 0xF6, 0x3C, 0x30, 0x28, 0x2E, 0x1F, 0xE7, +- 0xBB, 0xF4, 0x3F, 0xA7, 0x2C, 0x44, 0x6A, 0xF6, 0xF4, 0x61, 0x81, 0x29, +- /* y */ +- 0x09, 0x7E, 0x2C, 0x56, 0x67, 0xC2, 0x22, 0x3A, 0x90, 0x2A, 0xB5, 0xCA, +- 0x44, 0x9D, 0x00, 0x84, 0xB7, 0xE5, 0xB3, 0xDE, 0x7C, 0xCC, 0x01, 0xC9, +- /* order */ +- 0xC3, 0x02, 0xF4, 0x1D, 0x93, 0x2A, 0x36, 0xCD, 0xA7, 0xA3, 0x46, 0x2F, +- 0x9E, 0x9E, 0x91, 0x6B, 0x5B, 0xE8, 0xF1, 0x02, 0x9A, 0xC4, 0xAC, 0xC1 +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 28 * 6]; +-} _EC_brainpoolP224r1 = { +- { +- NID_X9_62_prime_field, 0, 28, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, +- 0x7E, 0xC8, 0xC0, 0xFF, +- /* a */ +- 0x68, 0xA5, 0xE6, 0x2C, 0xA9, 0xCE, 0x6C, 0x1C, 0x29, 0x98, 0x03, 0xA6, +- 0xC1, 0x53, 0x0B, 0x51, 0x4E, 0x18, 0x2A, 0xD8, 0xB0, 0x04, 0x2A, 0x59, +- 0xCA, 0xD2, 0x9F, 0x43, +- /* b */ +- 0x25, 0x80, 0xF6, 0x3C, 0xCF, 0xE4, 0x41, 0x38, 0x87, 0x07, 0x13, 0xB1, +- 0xA9, 0x23, 0x69, 0xE3, 0x3E, 0x21, 0x35, 0xD2, 0x66, 0xDB, 0xB3, 0x72, +- 0x38, 0x6C, 0x40, 0x0B, +- /* x */ +- 0x0D, 0x90, 0x29, 0xAD, 0x2C, 0x7E, 0x5C, 0xF4, 0x34, 0x08, 0x23, 0xB2, +- 0xA8, 0x7D, 0xC6, 0x8C, 0x9E, 0x4C, 0xE3, 0x17, 0x4C, 0x1E, 0x6E, 0xFD, +- 0xEE, 0x12, 0xC0, 0x7D, +- /* y */ +- 0x58, 0xAA, 0x56, 0xF7, 0x72, 0xC0, 0x72, 0x6F, 0x24, 0xC6, 0xB8, 0x9E, +- 0x4E, 0xCD, 0xAC, 0x24, 0x35, 0x4B, 0x9E, 0x99, 0xCA, 0xA3, 0xF6, 0xD3, +- 0x76, 0x14, 0x02, 0xCD, +- /* order */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3, +- 0xA5, 0xA7, 0x93, 0x9F +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; +- unsigned char data[0 + 28 * 6]; +-} _EC_brainpoolP224t1 = { +- { +- NID_X9_62_prime_field, 0, 28, 1 +- }, +- { +- /* no seed */ +- /* p */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, +- 0x7E, 0xC8, 0xC0, 0xFF, +- /* a */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD1, 0xD7, 0x87, 0xB0, 0x9F, 0x07, 0x57, 0x97, 0xDA, 0x89, 0xF5, +- 0x7E, 0xC8, 0xC0, 0xFC, +- /* b */ +- 0x4B, 0x33, 0x7D, 0x93, 0x41, 0x04, 0xCD, 0x7B, 0xEF, 0x27, 0x1B, 0xF6, +- 0x0C, 0xED, 0x1E, 0xD2, 0x0D, 0xA1, 0x4C, 0x08, 0xB3, 0xBB, 0x64, 0xF1, +- 0x8A, 0x60, 0x88, 0x8D, +- /* x */ +- 0x6A, 0xB1, 0xE3, 0x44, 0xCE, 0x25, 0xFF, 0x38, 0x96, 0x42, 0x4E, 0x7F, +- 0xFE, 0x14, 0x76, 0x2E, 0xCB, 0x49, 0xF8, 0x92, 0x8A, 0xC0, 0xC7, 0x60, +- 0x29, 0xB4, 0xD5, 0x80, +- /* y */ +- 0x03, 0x74, 0xE9, 0xF5, 0x14, 0x3E, 0x56, 0x8C, 0xD2, 0x3F, 0x3F, 0x4D, +- 0x7C, 0x0D, 0x4B, 0x1E, 0x41, 0xC8, 0xCC, 0x0D, 0x1C, 0x6A, 0xBD, 0x5F, +- 0x1A, 0x46, 0xDB, 0x4C, +- /* order */ +- 0xD7, 0xC1, 0x34, 0xAA, 0x26, 0x43, 0x66, 0x86, 0x2A, 0x18, 0x30, 0x25, +- 0x75, 0xD0, 0xFB, 0x98, 0xD1, 0x16, 0xBC, 0x4B, 0x6D, 0xDE, 0xBC, 0xA3, +- 0xA5, 0xA7, 0x93, 0x9F +- } +-}; +- +-static const struct { +- EC_CURVE_DATA h; + unsigned char data[0 + 32 * 6]; + } _EC_brainpoolP256r1 = { + { +@@ -2854,8 +2065,6 @@ static const ec_list_element curve_list[ + "NIST/SECG curve over a 521 bit prime field"}, + + /* X9.62 curves */ +- {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, +- "NIST/X9.62/SECG curve over a 192 bit prime field"}, + {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, + # if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, +@@ -2899,25 +2108,6 @@ static const ec_list_element curve_list[ + static const ec_list_element curve_list[] = { + /* prime field curves */ + /* secg curves */ +- {NID_secp112r1, &_EC_SECG_PRIME_112R1.h, 0, +- "SECG/WTLS curve over a 112 bit prime field"}, +- {NID_secp112r2, &_EC_SECG_PRIME_112R2.h, 0, +- "SECG curve over a 112 bit prime field"}, +- {NID_secp128r1, &_EC_SECG_PRIME_128R1.h, 0, +- "SECG curve over a 128 bit prime field"}, +- {NID_secp128r2, &_EC_SECG_PRIME_128R2.h, 0, +- "SECG curve over a 128 bit prime field"}, +- {NID_secp160k1, &_EC_SECG_PRIME_160K1.h, 0, +- "SECG curve over a 160 bit prime field"}, +- {NID_secp160r1, &_EC_SECG_PRIME_160R1.h, 0, +- "SECG curve over a 160 bit prime field"}, +- {NID_secp160r2, &_EC_SECG_PRIME_160R2.h, 0, +- "SECG/WTLS curve over a 160 bit prime field"}, +- /* SECG secp192r1 is the same as X9.62 prime192v1 and hence omitted */ +- {NID_secp192k1, &_EC_SECG_PRIME_192K1.h, 0, +- "SECG curve over a 192 bit prime field"}, +- {NID_secp224k1, &_EC_SECG_PRIME_224K1.h, 0, +- "SECG curve over a 224 bit prime field"}, + # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 + {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, + "NIST/SECG curve over a 224 bit prime field"}, +@@ -2945,18 +2135,6 @@ static const ec_list_element curve_list[ + # endif + "NIST/SECG curve over a 521 bit prime field"}, + /* X9.62 curves */ +- {NID_X9_62_prime192v1, &_EC_NIST_PRIME_192.h, 0, +- "NIST/X9.62/SECG curve over a 192 bit prime field"}, +- {NID_X9_62_prime192v2, &_EC_X9_62_PRIME_192V2.h, 0, +- "X9.62 curve over a 192 bit prime field"}, +- {NID_X9_62_prime192v3, &_EC_X9_62_PRIME_192V3.h, 0, +- "X9.62 curve over a 192 bit prime field"}, +- {NID_X9_62_prime239v1, &_EC_X9_62_PRIME_239V1.h, 0, +- "X9.62 curve over a 239 bit prime field"}, +- {NID_X9_62_prime239v2, &_EC_X9_62_PRIME_239V2.h, 0, +- "X9.62 curve over a 239 bit prime field"}, +- {NID_X9_62_prime239v3, &_EC_X9_62_PRIME_239V3.h, 0, +- "X9.62 curve over a 239 bit prime field"}, + {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, + # if defined(ECP_NISTZ256_ASM) + EC_GFp_nistz256_method, +@@ -3053,22 +2231,12 @@ static const ec_list_element curve_list[ + {NID_wap_wsg_idm_ecid_wtls5, &_EC_X9_62_CHAR2_163V1.h, 0, + "X9.62 curve over a 163 bit binary field"}, + # endif +- {NID_wap_wsg_idm_ecid_wtls6, &_EC_SECG_PRIME_112R1.h, 0, +- "SECG/WTLS curve over a 112 bit prime field"}, +- {NID_wap_wsg_idm_ecid_wtls7, &_EC_SECG_PRIME_160R2.h, 0, +- "SECG/WTLS curve over a 160 bit prime field"}, +- {NID_wap_wsg_idm_ecid_wtls8, &_EC_WTLS_8.h, 0, +- "WTLS curve over a 112 bit prime field"}, +- {NID_wap_wsg_idm_ecid_wtls9, &_EC_WTLS_9.h, 0, +- "WTLS curve over a 160 bit prime field"}, + # ifndef OPENSSL_NO_EC2M + {NID_wap_wsg_idm_ecid_wtls10, &_EC_NIST_CHAR2_233K.h, 0, + "NIST/SECG/WTLS curve over a 233 bit binary field"}, + {NID_wap_wsg_idm_ecid_wtls11, &_EC_NIST_CHAR2_233B.h, 0, + "NIST/SECG/WTLS curve over a 233 bit binary field"}, + # endif +- {NID_wap_wsg_idm_ecid_wtls12, &_EC_WTLS_12.h, 0, +- "WTLS curve over a 224 bit prime field"}, + # ifndef OPENSSL_NO_EC2M + /* IPSec curves */ + {NID_ipsec3, &_EC_IPSEC_155_ID3.h, 0, +@@ -3079,18 +2247,6 @@ static const ec_list_element curve_list[ + "\tNot suitable for ECDSA.\n\tQuestionable extension field!"}, + # endif + /* brainpool curves */ +- {NID_brainpoolP160r1, &_EC_brainpoolP160r1.h, 0, +- "RFC 5639 curve over a 160 bit prime field"}, +- {NID_brainpoolP160t1, &_EC_brainpoolP160t1.h, 0, +- "RFC 5639 curve over a 160 bit prime field"}, +- {NID_brainpoolP192r1, &_EC_brainpoolP192r1.h, 0, +- "RFC 5639 curve over a 192 bit prime field"}, +- {NID_brainpoolP192t1, &_EC_brainpoolP192t1.h, 0, +- "RFC 5639 curve over a 192 bit prime field"}, +- {NID_brainpoolP224r1, &_EC_brainpoolP224r1.h, 0, +- "RFC 5639 curve over a 224 bit prime field"}, +- {NID_brainpoolP224t1, &_EC_brainpoolP224t1.h, 0, +- "RFC 5639 curve over a 224 bit prime field"}, + {NID_brainpoolP256r1, &_EC_brainpoolP256r1.h, 0, + "RFC 5639 curve over a 256 bit prime field"}, + {NID_brainpoolP256t1, &_EC_brainpoolP256t1.h, 0, +diff -up ./test/ectest.c.remove-ec ./test/ectest.c +--- ./test/ectest.c.remove-ec 2023-03-13 18:39:30.544642912 +0100 ++++ ./test/ectest.c 2023-03-20 07:27:26.403212965 +0100 +@@ -175,184 +175,26 @@ static int prime_field_tests(void) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) +- || !TEST_true(BN_hex2bn(&p, "17")) +- || !TEST_true(BN_hex2bn(&a, "1")) +- || !TEST_true(BN_hex2bn(&b, "1")) +- || !TEST_ptr(group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) +- || !TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx))) ++ /* ++ * applications should use EC_GROUP_new_curve_GFp so ++ * that the library gets to choose the EC_METHOD ++ */ ++ || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method()))) + goto err; + +- TEST_info("Curve defined by Weierstrass equation"); +- TEST_note(" y^2 = x^3 + a*x + b (mod p)"); +- test_output_bignum("a", a); +- test_output_bignum("b", b); +- test_output_bignum("p", p); +- + buf[0] = 0; + if (!TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) +- || !TEST_true(EC_POINT_set_to_infinity(group, P)) +- || !TEST_true(EC_POINT_is_at_infinity(group, P)) +- || !TEST_true(EC_POINT_oct2point(group, Q, buf, 1, ctx)) +- || !TEST_true(EC_POINT_add(group, P, P, Q, ctx)) +- || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(z = BN_new()) +- || !TEST_ptr(yplusone = BN_new()) +- || !TEST_true(BN_hex2bn(&x, "D")) +- || !TEST_true(EC_POINT_set_compressed_coordinates(group, Q, x, 1, ctx))) +- goto err; +- +- if (!TEST_int_gt(EC_POINT_is_on_curve(group, Q, ctx), 0)) { +- if (!TEST_true(EC_POINT_get_affine_coordinates(group, Q, x, y, ctx))) +- goto err; +- TEST_info("Point is not on curve"); +- test_output_bignum("x", x); +- test_output_bignum("y", y); +- goto err; +- } +- +- TEST_note("A cyclic subgroup:"); +- k = 100; +- do { +- if (!TEST_int_ne(k--, 0)) +- goto err; +- +- if (EC_POINT_is_at_infinity(group, P)) { +- TEST_note(" point at infinity"); +- } else { +- if (!TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, +- ctx))) +- goto err; +- +- test_output_bignum("x", x); +- test_output_bignum("y", y); +- } +- +- if (!TEST_true(EC_POINT_copy(R, P)) +- || !TEST_true(EC_POINT_add(group, P, P, Q, ctx))) +- goto err; +- +- } while (!EC_POINT_is_at_infinity(group, P)); +- +- if (!TEST_true(EC_POINT_add(group, P, Q, R, ctx)) +- || !TEST_true(EC_POINT_is_at_infinity(group, P))) +- goto err; +- +- len = +- EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, +- sizeof(buf), ctx); +- if (!TEST_size_t_ne(len, 0) +- || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) +- || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) +- goto err; +- test_output_memory("Generator as octet string, compressed form:", +- buf, len); +- +- len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, +- buf, sizeof(buf), ctx); +- if (!TEST_size_t_ne(len, 0) +- || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) +- || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) +- goto err; +- test_output_memory("Generator as octet string, uncompressed form:", +- buf, len); +- +- len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, +- buf, sizeof(buf), ctx); +- if (!TEST_size_t_ne(len, 0) +- || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) +- || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) +- goto err; +- test_output_memory("Generator as octet string, hybrid form:", +- buf, len); +- +- if (!TEST_true(EC_POINT_invert(group, P, ctx)) +- || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) +- +- /* +- * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2, +- * 2000) -- not a NIST curve, but commonly used +- */ +- +- || !TEST_true(BN_hex2bn(&p, "FFFFFFFF" +- "FFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) +- || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) +- || !TEST_true(BN_hex2bn(&a, "FFFFFFFF" +- "FFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) +- || !TEST_true(BN_hex2bn(&b, "1C97BEFC" +- "54BD7A8B65ACF89F81D4D4ADC565FA45")) +- || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) +- || !TEST_true(BN_hex2bn(&x, "4A96B568" +- "8EF573284664698968C38BB913CBFC82")) +- || !TEST_true(BN_hex2bn(&y, "23a62855" +- "3168947d59dcc912042351377ac5fb32")) +- || !TEST_true(BN_add(yplusone, y, BN_value_one())) +- /* +- * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, +- * and therefore setting the coordinates should fail. +- */ +- || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, +- ctx)) +- || !TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) +- || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) +- || !TEST_true(BN_hex2bn(&z, "0100000000" +- "000000000001F4C8F927AED3CA752257")) +- || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) +- || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) +- goto err; +- TEST_info("SEC2 curve secp160r1 -- Generator"); +- test_output_bignum("x", x); +- test_output_bignum("y", y); +- /* G_y value taken from the standard: */ +- if (!TEST_true(BN_hex2bn(&z, "23a62855" +- "3168947d59dcc912042351377ac5fb32")) +- || !TEST_BN_eq(y, z) +- || !TEST_int_eq(EC_GROUP_get_degree(group), 160) +- || !group_order_tests(group) +- +- /* Curve P-192 (FIPS PUB 186-2, App. 6) */ +- +- || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFF" +- "FFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) +- || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) +- || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFF" +- "FFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) +- || !TEST_true(BN_hex2bn(&b, "64210519E59C80E7" +- "0FA7E9AB72243049FEB8DEECC146B9B1")) +- || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) +- || !TEST_true(BN_hex2bn(&x, "188DA80EB03090F6" +- "7CBF20EB43A18800F4FF0AFD82FF1012")) +- || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) +- || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) +- || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFF" +- "FFFFFFFF99DEF836146BC9B1B4D22831")) +- || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) +- || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) ++ || !TEST_ptr(yplusone = BN_new())) + goto err; + +- TEST_info("NIST curve P-192 -- Generator"); +- test_output_bignum("x", x); +- test_output_bignum("y", y); +- /* G_y value taken from the standard: */ +- if (!TEST_true(BN_hex2bn(&z, "07192B95FFC8DA78" +- "631011ED6B24CDD573F977A11E794811")) +- || !TEST_BN_eq(y, z) +- || !TEST_true(BN_add(yplusone, y, BN_value_one())) +- /* +- * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, +- * and therefore setting the coordinates should fail. +- */ +- || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, +- ctx)) +- || !TEST_int_eq(EC_GROUP_get_degree(group), 192) +- || !group_order_tests(group) +- + /* Curve P-224 (FIPS PUB 186-2, App. 6) */ + +- || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" ++ if (!TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFF000000000000000000000001")) + || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFF" +@@ -3015,7 +2857,7 @@ int setup_tests(void) + return 0; + + ADD_TEST(parameter_test); +- ADD_TEST(cofactor_range_test); ++ /* ADD_TEST(cofactor_range_test); */ + ADD_ALL_TESTS(cardinality_test, crv_len); + ADD_TEST(prime_field_tests); + #ifndef OPENSSL_NO_EC2M diff --git a/0010-Remove-EC-curves.patch b/0010-Remove-EC-curves.patch deleted file mode 100644 index 10e200ca7ae60f99c261a7a13903edeb68355257..0000000000000000000000000000000000000000 --- a/0010-Remove-EC-curves.patch +++ /dev/null @@ -1,5025 +0,0 @@ -diff -up openssl-3.0.0-alpha13/apps/speed.c.ec-curves openssl-3.0.0-alpha13/apps/speed.c ---- openssl-3.0.0-alpha13/apps/speed.c.ec-curves 2021-04-10 12:12:00.620129302 +0200 -+++ openssl-3.0.0-alpha13/apps/speed.c 2021-04-10 12:18:11.872369417 +0200 -@@ -364,68 +364,23 @@ static double ffdh_results[FFDH_NUM][1]; - #endif /* OPENSSL_NO_DH */ - - enum ec_curves_t { -- R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, --#ifndef OPENSSL_NO_EC2M -- R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571, -- R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571, --#endif -- R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1, -- R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM -+ R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, -+ ECDSA_NUM - }; - /* list of ecdsa curves */ - static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { -- {"ecdsap160", R_EC_P160}, -- {"ecdsap192", R_EC_P192}, - {"ecdsap224", R_EC_P224}, - {"ecdsap256", R_EC_P256}, - {"ecdsap384", R_EC_P384}, - {"ecdsap521", R_EC_P521}, --#ifndef OPENSSL_NO_EC2M -- {"ecdsak163", R_EC_K163}, -- {"ecdsak233", R_EC_K233}, -- {"ecdsak283", R_EC_K283}, -- {"ecdsak409", R_EC_K409}, -- {"ecdsak571", R_EC_K571}, -- {"ecdsab163", R_EC_B163}, -- {"ecdsab233", R_EC_B233}, -- {"ecdsab283", R_EC_B283}, -- {"ecdsab409", R_EC_B409}, -- {"ecdsab571", R_EC_B571}, --#endif -- {"ecdsabrp256r1", R_EC_BRP256R1}, -- {"ecdsabrp256t1", R_EC_BRP256T1}, -- {"ecdsabrp384r1", R_EC_BRP384R1}, -- {"ecdsabrp384t1", R_EC_BRP384T1}, -- {"ecdsabrp512r1", R_EC_BRP512R1}, -- {"ecdsabrp512t1", R_EC_BRP512T1} - }; - enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM }; - /* list of ecdh curves, extension of |ecdsa_choices| list above */ - static const OPT_PAIR ecdh_choices[EC_NUM] = { -- {"ecdhp160", R_EC_P160}, -- {"ecdhp192", R_EC_P192}, - {"ecdhp224", R_EC_P224}, - {"ecdhp256", R_EC_P256}, - {"ecdhp384", R_EC_P384}, - {"ecdhp521", R_EC_P521}, --#ifndef OPENSSL_NO_EC2M -- {"ecdhk163", R_EC_K163}, -- {"ecdhk233", R_EC_K233}, -- {"ecdhk283", R_EC_K283}, -- {"ecdhk409", R_EC_K409}, -- {"ecdhk571", R_EC_K571}, -- {"ecdhb163", R_EC_B163}, -- {"ecdhb233", R_EC_B233}, -- {"ecdhb283", R_EC_B283}, -- {"ecdhb409", R_EC_B409}, -- {"ecdhb571", R_EC_B571}, --#endif -- {"ecdhbrp256r1", R_EC_BRP256R1}, -- {"ecdhbrp256t1", R_EC_BRP256T1}, -- {"ecdhbrp384r1", R_EC_BRP384R1}, -- {"ecdhbrp384t1", R_EC_BRP384T1}, -- {"ecdhbrp512r1", R_EC_BRP512R1}, -- {"ecdhbrp512t1", R_EC_BRP512T1}, - {"ecdhx25519", R_EC_X25519}, - {"ecdhx448", R_EC_X448} - }; -@@ -1449,31 +1404,10 @@ int speed_main(int argc, char **argv) - */ - static const EC_CURVE ec_curves[EC_NUM] = { - /* Prime Curves */ -- {"secp160r1", NID_secp160r1, 160}, -- {"nistp192", NID_X9_62_prime192v1, 192}, - {"nistp224", NID_secp224r1, 224}, - {"nistp256", NID_X9_62_prime256v1, 256}, - {"nistp384", NID_secp384r1, 384}, - {"nistp521", NID_secp521r1, 521}, --#ifndef OPENSSL_NO_EC2M -- /* Binary Curves */ -- {"nistk163", NID_sect163k1, 163}, -- {"nistk233", NID_sect233k1, 233}, -- {"nistk283", NID_sect283k1, 283}, -- {"nistk409", NID_sect409k1, 409}, -- {"nistk571", NID_sect571k1, 571}, -- {"nistb163", NID_sect163r2, 163}, -- {"nistb233", NID_sect233r1, 233}, -- {"nistb283", NID_sect283r1, 283}, -- {"nistb409", NID_sect409r1, 409}, -- {"nistb571", NID_sect571r1, 571}, --#endif -- {"brainpoolP256r1", NID_brainpoolP256r1, 256}, -- {"brainpoolP256t1", NID_brainpoolP256t1, 256}, -- {"brainpoolP384r1", NID_brainpoolP384r1, 384}, -- {"brainpoolP384t1", NID_brainpoolP384t1, 384}, -- {"brainpoolP512r1", NID_brainpoolP512r1, 512}, -- {"brainpoolP512t1", NID_brainpoolP512t1, 512}, - /* Other and ECDH only ones */ - {"X25519", NID_X25519, 253}, - {"X448", NID_X448, 448} -diff -up openssl-3.0.0-alpha13/test/ecdsatest.h.ec-curves openssl-3.0.0-alpha13/test/ecdsatest.h ---- openssl-3.0.0-alpha13/test/ecdsatest.h.ec-curves 2021-04-10 12:07:43.158013028 +0200 -+++ openssl-3.0.0-alpha13/test/ecdsatest.h 2021-04-10 12:11:21.601828737 +0200 -@@ -32,23 +32,6 @@ typedef struct { - } ecdsa_cavs_kat_t; - - static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = { -- /* prime KATs from X9.62 */ -- {NID_X9_62_prime192v1, NID_sha1, -- "616263", /* "abc" */ -- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb", -- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e" -- "5ca5c0d69716dfcb3474373902", -- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e", -- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead", -- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"}, -- {NID_X9_62_prime239v1, NID_sha1, -- "616263", /* "abc" */ -- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d", -- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e" -- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee", -- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", -- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0", -- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"}, - /* prime KATs from NIST CAVP */ - {NID_secp224r1, NID_sha224, - "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1" -diff -up openssl-3.0.0-alpha13/test/recipes/15-test_genec.t.ec-curves openssl-3.0.0-alpha13/test/recipes/15-test_genec.t ---- openssl-3.0.0-alpha13/test/recipes/15-test_genec.t.ec-curves 2021-04-10 11:59:37.453332668 +0200 -+++ openssl-3.0.0-alpha13/test/recipes/15-test_genec.t 2021-04-10 12:03:43.363538976 +0200 -@@ -41,45 +41,11 @@ plan skip_all => "This test is unsupport - if disabled("ec"); - - my @prime_curves = qw( -- secp112r1 -- secp112r2 -- secp128r1 -- secp128r2 -- secp160k1 -- secp160r1 -- secp160r2 -- secp192k1 -- secp224k1 - secp224r1 - secp256k1 - secp384r1 - secp521r1 -- prime192v1 -- prime192v2 -- prime192v3 -- prime239v1 -- prime239v2 -- prime239v3 - prime256v1 -- wap-wsg-idm-ecid-wtls6 -- wap-wsg-idm-ecid-wtls7 -- wap-wsg-idm-ecid-wtls8 -- wap-wsg-idm-ecid-wtls9 -- wap-wsg-idm-ecid-wtls12 -- brainpoolP160r1 -- brainpoolP160t1 -- brainpoolP192r1 -- brainpoolP192t1 -- brainpoolP224r1 -- brainpoolP224t1 -- brainpoolP256r1 -- brainpoolP256t1 -- brainpoolP320r1 -- brainpoolP320t1 -- brainpoolP384r1 -- brainpoolP384t1 -- brainpoolP512r1 -- brainpoolP512t1 - ); - - my @binary_curves = qw( -@@ -136,7 +102,6 @@ push(@other_curves, 'SM2') - if !disabled("sm2"); - - my @curve_aliases = qw( -- P-192 - P-224 - P-256 - P-384 -diff -up openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t.ec-curves openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t ---- openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t.ec-curves 2021-04-10 12:40:59.871858764 +0200 -+++ openssl-3.0.0-alpha13/test/recipes/06-test_algorithmid.t 2021-04-10 12:41:41.140455070 +0200 -@@ -33,7 +33,7 @@ my %certs_info = - 'ee-cert-ec-named-explicit' => 'ca-cert-ec-explicit', - 'ee-cert-ec-named-named' => 'ca-cert-ec-named', - # 'server-ed448-cert' => 'root-ed448-cert' -- 'server-ecdsa-brainpoolP256r1-cert' => 'rootcert', -+ # 'server-ecdsa-brainpoolP256r1-cert' => 'rootcert', - ) - ) - ); -diff -up openssl-3.0.0-alpha13/test/recipes/15-test_ec.t.ec-curves openssl-3.0.0-alpha13/test/recipes/15-test_ec.t -diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t -diff -up openssl-3.0.0-alpha13/test/recipes/30-test_acvp.t.ec-curves openssl-3.0.0-alpha13/test/recipes/30-test_acvp.t -diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf ---- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves 2021-04-10 13:21:52.123040226 +0200 -+++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf 2021-04-10 13:28:20.856023985 +0200 -@@ -776,14 +776,12 @@ server = 22-ECDSA with brainpool-server - client = 22-ECDSA with brainpool-client - - [22-ECDSA with brainpool-server] --Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem -+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem - CipherString = DEFAULT --Groups = brainpoolP256r1 --PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem -+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem - - [22-ECDSA with brainpool-client] - CipherString = aECDSA --Groups = brainpoolP256r1 - MaxProtocol = TLSv1.2 - RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem - VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -@@ -791,9 +789,6 @@ VerifyMode = Peer - - [test-22] - ExpectedResult = Success --ExpectedServerCANames = empty --ExpectedServerCertType = brainpoolP256r1 --ExpectedServerSignType = EC - - - # =========================================================== -@@ -1741,9 +1736,9 @@ server = 53-TLS 1.3 ECDSA with brainpool - client = 53-TLS 1.3 ECDSA with brainpool-client - - [53-TLS 1.3 ECDSA with brainpool-server] --Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem -+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem - CipherString = DEFAULT --PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem -+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem - - [53-TLS 1.3 ECDSA with brainpool-client] - CipherString = DEFAULT -@@ -1754,7 +1749,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/ro - VerifyMode = Peer - - [test-53] --ExpectedResult = ServerFail -+ExpectedResult = Success - - - # =========================================================== -diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in ---- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves 2021-04-10 13:22:06.275221662 +0200 -+++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in 2021-04-10 13:35:18.774623319 +0200 -@@ -428,21 +428,21 @@ my @tests_non_fips = ( - { - name => "ECDSA with brainpool", - server => { -- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), -- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), -- "Groups" => "brainpoolP256r1", -+ "Certificate" => test_pem("server-ecdsa-cert.pem"), -+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), -+ #"Groups" => "brainpoolP256r1", - }, - client => { - "MaxProtocol" => "TLSv1.2", - "CipherString" => "aECDSA", - "RequestCAFile" => test_pem("root-cert.pem"), -- "Groups" => "brainpoolP256r1", -+ #"Groups" => "brainpoolP256r1", - }, - test => { -- "ExpectedServerCertType" =>, "brainpoolP256r1", -- "ExpectedServerSignType" =>, "EC", -+ #"ExpectedServerCertType" =>, "brainpoolP256r1", -+ #"ExpectedServerSignType" =>, "EC", - # Note: certificate_authorities not sent for TLS < 1.3 -- "ExpectedServerCANames" =>, "empty", -+ #"ExpectedServerCANames" =>, "empty", - "ExpectedResult" => "Success" - }, - }, -@@ -915,8 +915,8 @@ my @tests_tls_1_3_non_fips = ( - { - name => "TLS 1.3 ECDSA with brainpool", - server => { -- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), -- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), -+ "Certificate" => test_pem("server-ecdsa-cert.pem"), -+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), - }, - client => { - "RequestCAFile" => test_pem("root-cert.pem"), -@@ -924,7 +924,7 @@ my @tests_tls_1_3_non_fips = ( - "MaxProtocol" => "TLSv1.3" - }, - test => { -- "ExpectedResult" => "ServerFail" -+ "ExpectedResult" => "Success" - }, - }, - ); -diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t ---- openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves 2021-04-10 14:00:22.482782216 +0200 -+++ openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t 2021-04-10 14:08:50.769727651 +0200 -@@ -158,60 +158,6 @@ sub tsignverify { - $testtext); - } - --SKIP : { -- skip "FIPS EC tests because of no ec in this build", 1 -- if disabled("ec"); -- -- subtest EC => sub { -- my $testtext_prefix = 'EC'; -- my $a_fips_curve = 'prime256v1'; -- my $fips_key = $testtext_prefix.'.fips.priv.pem'; -- my $fips_pub_key = $testtext_prefix.'.fips.pub.pem'; -- my $a_nonfips_curve = 'brainpoolP256r1'; -- my $nonfips_key = $testtext_prefix.'.nonfips.priv.pem'; -- my $nonfips_pub_key = $testtext_prefix.'.nonfips.pub.pem'; -- my $testtext = ''; -- my $curvename = ''; -- -- plan tests => 5 + $tsignverify_count; -- -- $ENV{OPENSSL_CONF} = $defaultconf; -- $curvename = $a_nonfips_curve; -- $testtext = $testtext_prefix.': '. -- 'Generate a key with a non-FIPS algorithm with the default provider'; -- ok(run(app(['openssl', 'genpkey', '-algorithm', 'EC', -- '-pkeyopt', 'ec_paramgen_curve:'.$curvename, -- '-out', $nonfips_key])), -- $testtext); -- -- pubfrompriv($testtext_prefix, $nonfips_key, $nonfips_pub_key, "non-FIPS"); -- -- $ENV{OPENSSL_CONF} = $fipsconf; -- -- $curvename = $a_fips_curve; -- $testtext = $testtext_prefix.': '. -- 'Generate a key with a FIPS algorithm'; -- ok(run(app(['openssl', 'genpkey', '-algorithm', 'EC', -- '-pkeyopt', 'ec_paramgen_curve:'.$curvename, -- '-out', $fips_key])), -- $testtext); -- -- pubfrompriv($testtext_prefix, $fips_key, $fips_pub_key, "FIPS"); -- -- $curvename = $a_nonfips_curve; -- $testtext = $testtext_prefix.': '. -- 'Generate a key with a non-FIPS algorithm'. -- ' (should fail)'; -- ok(!run(app(['openssl', 'genpkey', '-algorithm', 'EC', -- '-pkeyopt', 'ec_paramgen_curve:'.$curvename, -- '-out', $testtext_prefix.'.'.$curvename.'.priv.pem'])), -- $testtext); -- -- tsignverify($testtext_prefix, $fips_key, $fips_pub_key, $nonfips_key, -- $nonfips_pub_key); -- }; --} -- - SKIP: { - skip "FIPS RSA tests because of no rsa in this build", 1 - if disabled("rsa"); -diff -up openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t ---- openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t.ec-curves 2021-04-10 14:23:09.805468483 +0200 -+++ openssl-3.0.0-alpha13/test/recipes/20-test_cli_fips.t 2021-04-10 14:23:33.002784265 +0200 -@@ -26,7 +26,7 @@ use platform; - my $no_check = disabled("fips") || disabled('fips-securitychecks'); - plan skip_all => "Test only supported in a fips build with security checks" - if $no_check; --plan tests => 11; -+plan tests => 10; - - my $fipsmodule = bldtop_file('providers', platform->dso('fips')); - my $fipsconf = srctop_file("test", "fips-and-base.cnf"); -diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf ---- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.ec-curves 2021-04-10 17:52:46.478721611 +0200 -+++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf 2021-04-10 17:54:11.371688446 +0200 -@@ -1710,20 +1710,18 @@ server = 52-TLS 1.3 ECDSA with brainpool - client = 52-TLS 1.3 ECDSA with brainpool but no suitable groups-client - - [52-TLS 1.3 ECDSA with brainpool but no suitable groups-server] --Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem -+Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem - CipherString = DEFAULT --Groups = brainpoolP256r1 --PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem -+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem - - [52-TLS 1.3 ECDSA with brainpool but no suitable groups-client] - CipherString = aECDSA --Groups = brainpoolP256r1 - RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem - VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem - VerifyMode = Peer - - [test-52] --ExpectedResult = ClientFail -+ExpectedResult = Success - - - # =========================================================== -diff -up openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in ---- openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in.ec-curves 2021-04-10 17:53:03.317913390 +0200 -+++ openssl-3.0.0-alpha13/test/ssl-tests/20-cert-select.cnf.in 2021-04-10 17:55:22.507498606 +0200 -@@ -896,20 +896,20 @@ my @tests_tls_1_3_non_fips = ( - { - name => "TLS 1.3 ECDSA with brainpool but no suitable groups", - server => { -- "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), -- "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), -- "Groups" => "brainpoolP256r1", -+ "Certificate" => test_pem("server-ecdsa-cert.pem"), -+ "PrivateKey" => test_pem("server-ecdsa-key.pem"), -+ #"Groups" => "brainpoolP256r1", - }, - client => { - "CipherString" => "aECDSA", - "RequestCAFile" => test_pem("root-cert.pem"), -- "Groups" => "brainpoolP256r1", -+ #"Groups" => "brainpoolP256r1", - }, - test => { - #We only configured brainpoolP256r1 on the client side, but TLSv1.3 - #is enabled and this group is not allowed in TLSv1.3. Therefore this - #should fail -- "ExpectedResult" => "ClientFail" -+ "ExpectedResult" => "Success" - }, - }, - { -diff -up openssl-3.0.0-alpha13/crypto/evp/ec_support.c.ec-curves openssl-3.0.0-alpha13/crypto/evp/ec_support.c ---- openssl-3.0.0-alpha13/crypto/evp/ec_support.c.ec-curves 2021-04-11 11:13:14.236891844 +0200 -+++ openssl-3.0.0-alpha13/crypto/evp/ec_support.c 2021-04-11 11:12:05.128098714 +0200 -@@ -20,99 +20,13 @@ typedef struct ec_name2nid_st { - static const EC_NAME2NID curve_list[] = { - /* prime field curves */ - /* secg curves */ -- {"secp112r1", NID_secp112r1 }, -- {"secp112r2", NID_secp112r2 }, -- {"secp128r1", NID_secp128r1 }, -- {"secp128r2", NID_secp128r2 }, -- {"secp160k1", NID_secp160k1 }, -- {"secp160r1", NID_secp160r1 }, -- {"secp160r2", NID_secp160r2 }, -- {"secp192k1", NID_secp192k1 }, - {"secp224k1", NID_secp224k1 }, - {"secp224r1", NID_secp224r1 }, - {"secp256k1", NID_secp256k1 }, - {"secp384r1", NID_secp384r1 }, - {"secp521r1", NID_secp521r1 }, - /* X9.62 curves */ -- {"prime192v1", NID_X9_62_prime192v1 }, -- {"prime192v2", NID_X9_62_prime192v2 }, -- {"prime192v3", NID_X9_62_prime192v3 }, -- {"prime239v1", NID_X9_62_prime239v1 }, -- {"prime239v2", NID_X9_62_prime239v2 }, -- {"prime239v3", NID_X9_62_prime239v3 }, - {"prime256v1", NID_X9_62_prime256v1 }, -- /* characteristic two field curves */ -- /* NIST/SECG curves */ -- {"sect113r1", NID_sect113r1 }, -- {"sect113r2", NID_sect113r2 }, -- {"sect131r1", NID_sect131r1 }, -- {"sect131r2", NID_sect131r2 }, -- {"sect163k1", NID_sect163k1 }, -- {"sect163r1", NID_sect163r1 }, -- {"sect163r2", NID_sect163r2 }, -- {"sect193r1", NID_sect193r1 }, -- {"sect193r2", NID_sect193r2 }, -- {"sect233k1", NID_sect233k1 }, -- {"sect233r1", NID_sect233r1 }, -- {"sect239k1", NID_sect239k1 }, -- {"sect283k1", NID_sect283k1 }, -- {"sect283r1", NID_sect283r1 }, -- {"sect409k1", NID_sect409k1 }, -- {"sect409r1", NID_sect409r1 }, -- {"sect571k1", NID_sect571k1 }, -- {"sect571r1", NID_sect571r1 }, -- /* X9.62 curves */ -- {"c2pnb163v1", NID_X9_62_c2pnb163v1 }, -- {"c2pnb163v2", NID_X9_62_c2pnb163v2 }, -- {"c2pnb163v3", NID_X9_62_c2pnb163v3 }, -- {"c2pnb176v1", NID_X9_62_c2pnb176v1 }, -- {"c2tnb191v1", NID_X9_62_c2tnb191v1 }, -- {"c2tnb191v2", NID_X9_62_c2tnb191v2 }, -- {"c2tnb191v3", NID_X9_62_c2tnb191v3 }, -- {"c2pnb208w1", NID_X9_62_c2pnb208w1 }, -- {"c2tnb239v1", NID_X9_62_c2tnb239v1 }, -- {"c2tnb239v2", NID_X9_62_c2tnb239v2 }, -- {"c2tnb239v3", NID_X9_62_c2tnb239v3 }, -- {"c2pnb272w1", NID_X9_62_c2pnb272w1 }, -- {"c2pnb304w1", NID_X9_62_c2pnb304w1 }, -- {"c2tnb359v1", NID_X9_62_c2tnb359v1 }, -- {"c2pnb368w1", NID_X9_62_c2pnb368w1 }, -- {"c2tnb431r1", NID_X9_62_c2tnb431r1 }, -- /* -- * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves -- * from X9.62] -- */ -- {"wap-wsg-idm-ecid-wtls1", NID_wap_wsg_idm_ecid_wtls1 }, -- {"wap-wsg-idm-ecid-wtls3", NID_wap_wsg_idm_ecid_wtls3 }, -- {"wap-wsg-idm-ecid-wtls4", NID_wap_wsg_idm_ecid_wtls4 }, -- {"wap-wsg-idm-ecid-wtls5", NID_wap_wsg_idm_ecid_wtls5 }, -- {"wap-wsg-idm-ecid-wtls6", NID_wap_wsg_idm_ecid_wtls6 }, -- {"wap-wsg-idm-ecid-wtls7", NID_wap_wsg_idm_ecid_wtls7 }, -- {"wap-wsg-idm-ecid-wtls8", NID_wap_wsg_idm_ecid_wtls8 }, -- {"wap-wsg-idm-ecid-wtls9", NID_wap_wsg_idm_ecid_wtls9 }, -- {"wap-wsg-idm-ecid-wtls10", NID_wap_wsg_idm_ecid_wtls10 }, -- {"wap-wsg-idm-ecid-wtls11", NID_wap_wsg_idm_ecid_wtls11 }, -- {"wap-wsg-idm-ecid-wtls12", NID_wap_wsg_idm_ecid_wtls12 }, -- /* IPSec curves */ -- {"Oakley-EC2N-3", NID_ipsec3 }, -- {"Oakley-EC2N-4", NID_ipsec4 }, -- /* brainpool curves */ -- {"brainpoolP160r1", NID_brainpoolP160r1 }, -- {"brainpoolP160t1", NID_brainpoolP160t1 }, -- {"brainpoolP192r1", NID_brainpoolP192r1 }, -- {"brainpoolP192t1", NID_brainpoolP192t1 }, -- {"brainpoolP224r1", NID_brainpoolP224r1 }, -- {"brainpoolP224t1", NID_brainpoolP224t1 }, -- {"brainpoolP256r1", NID_brainpoolP256r1 }, -- {"brainpoolP256t1", NID_brainpoolP256t1 }, -- {"brainpoolP320r1", NID_brainpoolP320r1 }, -- {"brainpoolP320t1", NID_brainpoolP320t1 }, -- {"brainpoolP384r1", NID_brainpoolP384r1 }, -- {"brainpoolP384t1", NID_brainpoolP384t1 }, -- {"brainpoolP512r1", NID_brainpoolP512r1 }, -- {"brainpoolP512t1", NID_brainpoolP512t1 }, -- /* SM2 curve */ -- {"SM2", NID_sm2 }, - }; - - const char *OSSL_EC_curve_nid2name(int nid) -diff -up openssl-3.0.0-alpha13/test/acvp_test.inc.ec-curves openssl-3.0.0-alpha13/test/acvp_test.inc ---- openssl-3.0.0-alpha13/test/acvp_test.inc.ec-curves 2021-04-11 13:46:57.286828933 +0200 -+++ openssl-3.0.0-alpha13/test/acvp_test.inc 2021-04-11 13:48:01.356704526 +0200 -@@ -212,15 +212,6 @@ static const unsigned char ecdsa_sigver_ - }; - static const struct ecdsa_sigver_st ecdsa_sigver_data[] = { - { -- "SHA-1", -- "P-192", -- ITM(ecdsa_sigver_msg0), -- ITM(ecdsa_sigver_pub0), -- ITM(ecdsa_sigver_r0), -- ITM(ecdsa_sigver_s0), -- PASS, -- }, -- { - "SHA2-512", - "P-521", - ITM(ecdsa_sigver_msg1), -diff -up openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t.ec-curves openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t ---- openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t.ec-curves 2021-04-11 21:45:04.949948725 +0200 -+++ openssl-3.0.0-alpha13/test/recipes/65-test_cmp_protect.t 2021-04-11 21:44:09.585283604 +0200 -@@ -7,7 +7,6 @@ - # this file except in compliance with the License. You can obtain a copy - # in the file LICENSE in the source distribution or at - # https://www.openssl.org/source/license.html -- - use strict; - use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/; - use OpenSSL::Test::Utils; -@@ -27,7 +26,7 @@ plan skip_all => "This test is not suppo - plan skip_all => "This test is not supported in a shared library build on Windows" - if $^O eq 'MSWin32' && !disabled("shared"); - --plan tests => 2 + ($no_fips ? 0 : 1); #fips test -+plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test - - my @basic_cmd = ("cmp_protect_test", - data_file("server.pem"), -diff -up openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t.ec-curves openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t ---- openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t.ec-curves 2021-04-11 21:45:25.414194574 +0200 -+++ openssl-3.0.0-alpha13/test/recipes/65-test_cmp_vfy.t 2021-04-11 21:44:40.786658440 +0200 -@@ -7,7 +7,6 @@ - # this file except in compliance with the License. You can obtain a copy - # in the file LICENSE in the source distribution or at - # https://www.openssl.org/source/license.html -- - use strict; - use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/; - use OpenSSL::Test::Utils; -@@ -27,7 +26,7 @@ plan skip_all => "This test is not suppo - plan skip_all => "This test is not supported in a no-ec build" - if disabled("ec"); - --plan tests => 2 + ($no_fips ? 0 : 1); #fips test -+plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test - - my @basic_cmd = ("cmp_vfy_test", - data_file("server.crt"), data_file("client.crt"), -diff -up openssl-3.0.0-alpha15/crypto/evp/ec_support.c.ec-curves openssl-3.0.0-alpha15/crypto/evp/ec_support.c ---- openssl-3.0.0-alpha15/crypto/evp/ec_support.c.ec-curves 2021-04-23 18:15:12.571691284 +0200 -+++ openssl-3.0.0-alpha15/crypto/evp/ec_support.c 2021-04-23 18:16:00.803087403 +0200 -@@ -28,7 +28,6 @@ static const EC_NAME2NID curve_list[] = - static const EC_NAME2NID curve_list[] = { - /* prime field curves */ - /* secg curves */ -- {"secp224k1", NID_secp224k1 }, - {"secp224r1", NID_secp224r1 }, - {"secp256k1", NID_secp256k1 }, - {"secp384r1", NID_secp384r1 }, -diff -up openssl-3.0.0-alpha15/apps/speed.c.ec-curves openssl-3.0.0-alpha15/apps/speed.c ---- openssl-3.0.0-alpha15/apps/speed.c.ec-curves 2021-04-26 14:25:44.049991942 +0200 -+++ openssl-3.0.0-alpha15/apps/speed.c 2021-04-26 14:36:10.643570273 +0200 -@@ -1439,8 +1439,8 @@ int speed_main(int argc, char **argv) - OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448); - OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0); - -- OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1); -- OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0); -+ OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_secp521r1); -+ OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsap521") == 0); - - #ifndef OPENSSL_NO_SM2 - OPENSSL_assert(sm2_curves[SM2_NUM - 1].nid == NID_sm2); -diff -up openssl-3.0.0-alpha16/test/evp_extra_test.c.ec-curves openssl-3.0.0-alpha16/test/evp_extra_test.c ---- openssl-3.0.0-alpha16/test/evp_extra_test.c.ec-curves 2021-05-10 14:44:28.932751551 +0200 -+++ openssl-3.0.0-alpha16/test/evp_extra_test.c 2021-05-10 14:45:21.537238883 +0200 -@@ -2701,13 +2701,12 @@ err: - - #ifndef OPENSSL_NO_EC - static int ecpub_nids[] = { -- NID_brainpoolP256r1, NID_X9_62_prime256v1, -+ NID_X9_62_prime256v1, - NID_secp384r1, NID_secp521r1, - # ifndef OPENSSL_NO_EC2M - NID_sect233k1, NID_sect233r1, NID_sect283r1, - NID_sect409k1, NID_sect409r1, NID_sect571k1, NID_sect571r1, - # endif -- NID_brainpoolP384r1, NID_brainpoolP512r1 - }; - - static int test_ecpub(int idx) -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt.ec-curves 2021-05-17 10:45:03.968368782 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp_data/evppkey_mismatch.txt 2021-05-17 10:45:54.211747865 +0200 -@@ -31,12 +31,6 @@ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAELBUP - x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== - -----END PUBLIC KEY----- - --PublicKey=KAS-ECC-CDH_K-163_C0-PUBLIC -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBx+LKHfWAn2cGt5CRPLeoSaS7yPVBcFe --53YiHHK4SzR844PzgGe4nD6a -------END PUBLIC KEY----- -- - PrivateKey = RSA-2048 - -----BEGIN PRIVATE KEY----- - MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDNAIHqeyrh6gbV -@@ -77,9 +71,3 @@ Result = KEYPAIR_TYPE_MISMATCH - - PrivPubKeyPair = RSA-2048:P-256-PUBLIC - Result = KEYPAIR_TYPE_MISMATCH -- --PrivPubKeyPair = RSA-2048:KAS-ECC-CDH_K-163_C0-PUBLIC --Result = KEYPAIR_TYPE_MISMATCH -- --PrivPubKeyPair = Alice-25519:KAS-ECC-CDH_K-163_C0-PUBLIC --Result = KEYPAIR_TYPE_MISMATCH -diff -up openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves openssl-3.0.0-alpha16/test/recipes/30-test_evp.t ---- openssl-3.0.0-alpha16/test/recipes/30-test_evp.t.ec-curves 2021-05-17 10:49:28.050844977 +0200 -+++ openssl-3.0.0-alpha16/test/recipes/30-test_evp.t 2021-05-17 10:53:53.480444576 +0200 -@@ -111,7 +111,6 @@ my @defltfiles = qw( - evppkey_kdf_tls1_prf.txt - evppkey_rsa.txt - ); --push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; - push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; - - plan tests => -diff -up openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt ---- openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec 2021-06-29 16:24:56.863303499 +0200 -+++ openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt 2021-06-29 16:38:04.189996425 +0200 -@@ -11,1949 +11,6 @@ - # PrivPubKeyPair Sign Verify VerifyRecover - # and continue until a blank line. Lines starting with a pound sign are ignored. - --Title=c2pnb163v1 curve tests -- --PrivateKey=ALICE_cf_c2pnb163v1 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEEHDAaAgEBBBUD1JfG8cLNP9418YW+hVhriqH6O5Y= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb163v1_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBXgoOgVlWTLQnrQZXgQuSBcIS3bQAlXQ+yJhS03B --4G8rKQXbrc0mvWsF -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb163v1:ALICE_cf_c2pnb163v1_PUB -- --PrivateKey=BOB_cf_c2pnb163v1 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAEEHDAaAgEBBBUAc3EaoMmMORTzQhMkhPIXY+/jUSI= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb163v1_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEBn9J0jo39aFVZqhBsAKZ6bViAu6zBC8WaFGExnpZ --KuBh8tP8VSTHPCHF -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb163v1:BOB_cf_c2pnb163v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb163v1 --PeerKey=BOB_cf_c2pnb163v1_PUB --SharedSecret=065dd38fb6de7f394778e1bf65d840a2c0e7219acd -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb163v1 --PeerKey=ALICE_cf_c2pnb163v1_PUB --SharedSecret=065dd38fb6de7f394778e1bf65d840a2c0e7219acd -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb163v1 --PeerKey=BOB_cf_c2pnb163v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=066fc46e8cc4327634dd127748020f2de6aab67585 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb163v1 --PeerKey=ALICE_cf_c2pnb163v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=066fc46e8cc4327634dd127748020f2de6aab67585 -- --PublicKey=MALICE_cf_c2pnb163v1_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAEDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8JxepS05nN --/piKdhDD3dDKXUih -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb163v1 --PeerKey=MALICE_cf_c2pnb163v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb163v1 --PeerKey=MALICE_cf_c2pnb163v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb163v2 curve tests -- --PrivateKey=ALICE_cf_c2pnb163v2 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIEHDAaAgEBBBUA4KFv7c1dygtVbdp/g2z2TqLAHkI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb163v2_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAVnlL7lMBaASwCIJaf9x2LgNPVmEAb43huHQlo3Q --4PzawHXQoYm/qgDd -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb163v2:ALICE_cf_c2pnb163v2_PUB -- --PrivateKey=BOB_cf_c2pnb163v2 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAIEHDAaAgEBBBUCEdYqClRWIl2m+X34e+DB2iZSxmQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb163v2_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAVWNIKn7/WMfzuNnd5ws9J0DI2CfBkEJizZHAFqy --kBF3juAQuARgxuT6 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb163v2:BOB_cf_c2pnb163v2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb163v2 --PeerKey=BOB_cf_c2pnb163v2_PUB --SharedSecret=0078ebb986d4f9b0aa0bc4af99e82c2bd24130f3f4 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb163v2 --PeerKey=ALICE_cf_c2pnb163v2_PUB --SharedSecret=0078ebb986d4f9b0aa0bc4af99e82c2bd24130f3f4 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb163v2 --PeerKey=BOB_cf_c2pnb163v2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=069a80bcd45987fd1c874cd9dc5453207a09b61d41 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb163v2 --PeerKey=ALICE_cf_c2pnb163v2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=069a80bcd45987fd1c874cd9dc5453207a09b61d41 -- --PublicKey=MALICE_cf_c2pnb163v2_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAIDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAABuVBl1V5uysY --n6HANPEoMoK+7Sv0 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb163v2 --PeerKey=MALICE_cf_c2pnb163v2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb163v2 --PeerKey=MALICE_cf_c2pnb163v2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb163v3 curve tests -- --PrivateKey=ALICE_cf_c2pnb163v3 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMEHDAaAgEBBBUBItB0y/QeJ+cCh9yoHf0zqLVyMZc= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb163v3_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEBx1HRyjuBMjt+vlbWaQbKOpNvWKFAslzEbPv6MpK --YnObLnq34LRuWznb -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb163v3:ALICE_cf_c2pnb163v3_PUB -- --PrivateKey=BOB_cf_c2pnb163v3 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAMEHDAaAgEBBBUAXVHUHeP8Ioz7IqXOWbjaUXEHE5M= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb163v3_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEAqXF7rsAZ40Z1PT4TeeC45RKTxP4AJBAdfuknJ/J --DZnBLhxBwtqnfUpA -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb163v3:BOB_cf_c2pnb163v3_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb163v3 --PeerKey=BOB_cf_c2pnb163v3_PUB --SharedSecret=07fd2ffe9b18973c51caeadbc2154b97a9a0390be9 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb163v3 --PeerKey=ALICE_cf_c2pnb163v3_PUB --SharedSecret=07fd2ffe9b18973c51caeadbc2154b97a9a0390be9 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb163v3 --PeerKey=BOB_cf_c2pnb163v3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06f7daf1c963594e1a13f9f17b62aaab2934872c16 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb163v3 --PeerKey=ALICE_cf_c2pnb163v3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=06f7daf1c963594e1a13f9f17b62aaab2934872c16 -- --PublicKey=MALICE_cf_c2pnb163v3_PUB -------BEGIN PUBLIC KEY----- --MEMwEwYHKoZIzj0CAQYIKoZIzj0DAAMDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7jRlUg9oaLK --LwAuHF8g5Y0JjJnI -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb163v3 --PeerKey=MALICE_cf_c2pnb163v3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb163v3 --PeerKey=MALICE_cf_c2pnb163v3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb176v1 curve tests -- --PrivateKey=ALICE_cf_c2pnb176v1 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQEHDAaAgEBBBUAaZ1jV1jM9meV5iiNGPU/WMSfWOM= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb176v1_PUB -------BEGIN PUBLIC KEY----- --MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEPjME7IV6Tuz2P++wIT60hRxTkk0M0PNgvqYcUoCI --iw3girDLhNzOu3IQ8Ac= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb176v1:ALICE_cf_c2pnb176v1_PUB -- --PrivateKey=BOB_cf_c2pnb176v1 -------BEGIN PRIVATE KEY----- --MDYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAQEHDAaAgEBBBUAreyYbcF+ONIf64KmeSzV82OI/50= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb176v1_PUB -------BEGIN PUBLIC KEY----- --MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAEpJn1IDmFj5LceLGfY2wlhI1VHq5vJ+qNIAOXVZhX --uMtp6pzy63rCEK53bgs= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb176v1:BOB_cf_c2pnb176v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb176v1 --PeerKey=BOB_cf_c2pnb176v1_PUB --SharedSecret=3a8021848ee0b2c1c377404267a515225781c181e6ab -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb176v1 --PeerKey=ALICE_cf_c2pnb176v1_PUB --SharedSecret=3a8021848ee0b2c1c377404267a515225781c181e6ab -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb176v1 --PeerKey=BOB_cf_c2pnb176v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=b06cdc633b56e813d63326c69d2cfa335352279540ac -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb176v1 --PeerKey=ALICE_cf_c2pnb176v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=b06cdc633b56e813d63326c69d2cfa335352279540ac -- --PublicKey=MALICE_cf_c2pnb176v1_PUB -------BEGIN PUBLIC KEY----- --MEUwEwYHKoZIzj0CAQYIKoZIzj0DAAQDLgAE4ePri2opCoAUJIUQnaQlvDaxZd9bsdKnjWSvh+FL --zXV3l5j8K3pow+GJBE4= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb176v1 --PeerKey=MALICE_cf_c2pnb176v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb176v1 --PeerKey=MALICE_cf_c2pnb176v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb208w1 curve tests -- --PrivateKey=ALICE_cf_c2pnb208w1 -------BEGIN PRIVATE KEY----- --MDoCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEIDAeAgEBBBkAiENroXMYNbK/7DQQwCpbXk00gnVd --XF2k -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb208w1_PUB -------BEGIN PUBLIC KEY----- --ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEL+IHOL2IfeLRiE6Wqsc0Frqjq7t/JnBmhN1lMB9Y --Yj3+Btcne4CPWf8KvfGjAdMs6JKP4A== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb208w1:ALICE_cf_c2pnb208w1_PUB -- --PrivateKey=BOB_cf_c2pnb208w1 -------BEGIN PRIVATE KEY----- --MDoCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAoEIDAeAgEBBBkAY1GZLynO/IDWwOOjEWUE7k+I/MkP --cJot -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb208w1_PUB -------BEGIN PUBLIC KEY----- --ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAENBvdzCDOIvu9zo7reJq1ummhR+0jaDc+EoSlW984 --cl9FTi/JJznwC+RNgwVfJ1WKJun1YA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb208w1:BOB_cf_c2pnb208w1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb208w1 --PeerKey=BOB_cf_c2pnb208w1_PUB --SharedSecret=ba32bf80c0f7ab53cb083f267a902a1ad6396eb283237fad91cd -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb208w1 --PeerKey=ALICE_cf_c2pnb208w1_PUB --SharedSecret=ba32bf80c0f7ab53cb083f267a902a1ad6396eb283237fad91cd -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb208w1 --PeerKey=BOB_cf_c2pnb208w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=f09f5fc8bf20677558bc65939bf1b7fbbbe2579702729304258b -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb208w1 --PeerKey=ALICE_cf_c2pnb208w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=f09f5fc8bf20677558bc65939bf1b7fbbbe2579702729304258b -- --PublicKey=MALICE_cf_c2pnb208w1_PUB -------BEGIN PUBLIC KEY----- --ME0wEwYHKoZIzj0CAQYIKoZIzj0DAAoDNgAEfuWB9pBZQin+VnmqgYVpbUpKxSQsnXxNqiDtVwqJ --oPkHxRWnu5e7qI2idMcqaKDeeniUaA== -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb208w1 --PeerKey=MALICE_cf_c2pnb208w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb208w1 --PeerKey=MALICE_cf_c2pnb208w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb272w1 curve tests -- --PrivateKey=ALICE_cf_c2pnb272w1 -------BEGIN PRIVATE KEY----- --MEICAQAwEwYHKoZIzj0CAQYIKoZIzj0DABAEKDAmAgEBBCEA0SoHwKAgKb7WQ+s0w1iNBemDZ3+f --StHU67fpP7YoF8U= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb272w1_PUB -------BEGIN PUBLIC KEY----- --MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAE0IH60bGi46FDzEprGZ8EBK5uMMcVke/txeBRNGHQ --DzG68r3EMLZkOfE1+g04MN7HgY7zt3jMYb8ImyLRmvqR2abjs6c= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb272w1:ALICE_cf_c2pnb272w1_PUB -- --PrivateKey=BOB_cf_c2pnb272w1 -------BEGIN PRIVATE KEY----- --MEICAQAwEwYHKoZIzj0CAQYIKoZIzj0DABAEKDAmAgEBBCEAFqB5GbPJ4d+X7ye7m05l/OirDqfn --MOsOJ6xObBph3zQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb272w1_PUB -------BEGIN PUBLIC KEY----- --MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEIeIkcMHAuOgvHt2Wp52vVe0DYPNnUX79t/mLSx03 --cUlDmcxL7vIXdx9hB4OmQBYbm+YLDNfTFGAIlDfr2tELpVVPWPo= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb272w1:BOB_cf_c2pnb272w1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb272w1 --PeerKey=BOB_cf_c2pnb272w1_PUB --SharedSecret=cfebd65006520a40f081d8940edf0ebb8e54491ba1499d9f3c63deecee84ddc07142 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb272w1 --PeerKey=ALICE_cf_c2pnb272w1_PUB --SharedSecret=cfebd65006520a40f081d8940edf0ebb8e54491ba1499d9f3c63deecee84ddc07142 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb272w1 --PeerKey=BOB_cf_c2pnb272w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=756fc20b27352ac74e5135359c63d375d2732c6d02f25cd526155bac0882a9211dd4 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb272w1 --PeerKey=ALICE_cf_c2pnb272w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=756fc20b27352ac74e5135359c63d375d2732c6d02f25cd526155bac0882a9211dd4 -- --PublicKey=MALICE_cf_c2pnb272w1_PUB -------BEGIN PUBLIC KEY----- --MF0wEwYHKoZIzj0CAQYIKoZIzj0DABADRgAEvID3AM7qzpKDnOLFY00+E7EKZz/vS/pXgsUA3bWN --oJF8ElXFXv59s/SykQBCTHPqzmUbVmrXmtD44Kt1wUBRJfuwxy4= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb272w1 --PeerKey=MALICE_cf_c2pnb272w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb272w1 --PeerKey=MALICE_cf_c2pnb272w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb304w1 curve tests -- --PrivateKey=ALICE_cf_c2pnb304w1 -------BEGIN PRIVATE KEY----- --MEYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABEELDAqAgEBBCUAqJxh50ZIUXOJ1HE3cVkech9OTTPJ --8jy/v5cFcO0X6dykHgnZ -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb304w1_PUB -------BEGIN PUBLIC KEY----- --MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEvoaqRX6qiNQiFH1BhgLCPTpYszoRhmlLirkvlw/Q --iXBlfQ7U4g+iRR/kmu2RlwwOHgNNL+mWcvLkFfS8Kr4jzv1EY1Ecx96n21l0YQ== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb304w1:ALICE_cf_c2pnb304w1_PUB -- --PrivateKey=BOB_cf_c2pnb304w1 -------BEGIN PRIVATE KEY----- --MEYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABEELDAqAgEBBCUAOScHepX+IwqC8TjyAJI1bkR3cYYt --X9BbqYM9GQfVNSLHntTg -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb304w1_PUB -------BEGIN PUBLIC KEY----- --MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEYuAq/6Yw5HxMeMohlWmwl+ZK4ZQucfr1tWDKwhDb --kAOUO2P/Q/H+uelM3VVwxeu6A1kaX7K0UZpNa96NRBwI4aevc+vOxCgYkGt9BA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb304w1:BOB_cf_c2pnb304w1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb304w1 --PeerKey=BOB_cf_c2pnb304w1_PUB --SharedSecret=bfddf9f923210e8231a702e3a1c987cf27661de1bc243c1890e437d67d9f49c6ccfadc035d9d -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb304w1 --PeerKey=ALICE_cf_c2pnb304w1_PUB --SharedSecret=bfddf9f923210e8231a702e3a1c987cf27661de1bc243c1890e437d67d9f49c6ccfadc035d9d -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb304w1 --PeerKey=BOB_cf_c2pnb304w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0c7afb3143f93ef2166c05437a1757a62c916ff1751c6d456dd7f2356dcbc75df48015eb5ce8 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb304w1 --PeerKey=ALICE_cf_c2pnb304w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0c7afb3143f93ef2166c05437a1757a62c916ff1751c6d456dd7f2356dcbc75df48015eb5ce8 -- --PublicKey=MALICE_cf_c2pnb304w1_PUB -------BEGIN PUBLIC KEY----- --MGUwEwYHKoZIzj0CAQYIKoZIzj0DABEDTgAEBZ5FuthQt0mxTJ8NQWN2J37kYT8ySD893IXEmXYP --fMTr+CSNkf/sfF/13GEdVGnHmBgCH61sPWG69RgzdjRPprZFZxXjubIWYkp0DQ== -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb304w1 --PeerKey=MALICE_cf_c2pnb304w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb304w1 --PeerKey=MALICE_cf_c2pnb304w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2pnb368w1 curve tests -- --PrivateKey=ALICE_cf_c2pnb368w1 -------BEGIN PRIVATE KEY----- --ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABMENDAyAgEBBC0AXeSTXsHb2PEH12tZL8w2q6evA2mi --KfLLIa1c29BTmM//oWdKpqeuvwMIBto= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2pnb368w1_PUB -------BEGIN PUBLIC KEY----- --MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEmEBXcvMgnHwJW7wAKM4cqboco6zF01J9ntUwoACI --euvf3cpPXBvxUawJXfO9FwFRQabDRagGP99Walidd2JW8nWDWZgZMKj15Wh+4bp2dZHc2tPIIHHd --3makbwQ= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2pnb368w1:ALICE_cf_c2pnb368w1_PUB -- --PrivateKey=BOB_cf_c2pnb368w1 -------BEGIN PRIVATE KEY----- --ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABMENDAyAgEBBC0Aq1R9M/mCMbJMj6VBUpBkS4HXywEz --Qun6d6uXgyU4LZRszA7Dz9+eKbXEMsk= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2pnb368w1_PUB -------BEGIN PUBLIC KEY----- --MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEJOSnsaXA9wb5p8CGLPvYI47Yf3IdZSbWQ3Sn6G2v --At+zYlpzGax1oJ1CW8fGA0Gu0RnvAfDeW9vgrtzshH1Vy/Ni6a7LPho99PtUP2nzUBnv+hfhFSra --gqfRaOs= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2pnb368w1:BOB_cf_c2pnb368w1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb368w1 --PeerKey=BOB_cf_c2pnb368w1_PUB --SharedSecret=008d20ede3961be3b01051d6fdae63db43865664804d432293a2edb13dcc8be0fe5b0c655297a84b9067a29c2a6f -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb368w1 --PeerKey=ALICE_cf_c2pnb368w1_PUB --SharedSecret=008d20ede3961be3b01051d6fdae63db43865664804d432293a2edb13dcc8be0fe5b0c655297a84b9067a29c2a6f -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2pnb368w1 --PeerKey=BOB_cf_c2pnb368w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=df32ddeeffa029aeadabad000a79c3154a0ddd0aeacf4e3de426f5c10096eff8912038c64d4c899131dcd4df2561 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2pnb368w1 --PeerKey=ALICE_cf_c2pnb368w1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=df32ddeeffa029aeadabad000a79c3154a0ddd0aeacf4e3de426f5c10096eff8912038c64d4c899131dcd4df2561 -- --PublicKey=MALICE_cf_c2pnb368w1_PUB -------BEGIN PUBLIC KEY----- --MHUwEwYHKoZIzj0CAQYIKoZIzj0DABMDXgAEWDn/U9rymClM/a0Q1mawHjQjvpxSehRWstSE+2Sd --ubcZowJ+rw5LsEZteQyeVrCpKYUiIBmIVuFb2LDjtNLIJD1lr8C+vdco24ciLS9RzF/Dc9X+tcIj --726e1BE= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2pnb368w1 --PeerKey=MALICE_cf_c2pnb368w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2pnb368w1 --PeerKey=MALICE_cf_c2pnb368w1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb191v1 curve tests -- --PrivateKey=ALICE_cf_c2tnb191v1 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEHzAdAgEBBBgXyG7A4BvSmjKEl3aU+FQUt02p9U7x --Jk4= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb191v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEG9iuZmnhz2H/YQKmVUaO//fm7hvV+CP5c2iszpR3 --7lRimqLWHPyvKgcP+PRCIUom -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb191v1:ALICE_cf_c2tnb191v1_PUB -- --PrivateKey=BOB_cf_c2tnb191v1 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAUEHzAdAgEBBBg4+2hv9x9HxFy0c2c1XESDdgOamHu0 --MTU= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb191v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEdO/4ii8gi8eQfBrv3XmsOETwIfT8OIpBW/kUoHD+ --adqalcB6SIWOfoJReDLcpxAD -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb191v1:BOB_cf_c2tnb191v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb191v1 --PeerKey=BOB_cf_c2tnb191v1_PUB --SharedSecret=2ee8a85151c397600984285307c14f0ea0e4c2071d753a99 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb191v1 --PeerKey=ALICE_cf_c2tnb191v1_PUB --SharedSecret=2ee8a85151c397600984285307c14f0ea0e4c2071d753a99 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb191v1 --PeerKey=BOB_cf_c2tnb191v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=334051dfd62237e69e280ce2fab979bd77260f8dfe4df989 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb191v1 --PeerKey=ALICE_cf_c2tnb191v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=334051dfd62237e69e280ce2fab979bd77260f8dfe4df989 -- --PublicKey=MALICE_cf_c2tnb191v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAUDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcPEwZ1wj --iNoFyzyANZl8IDB0fF1RmZD6 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb191v1 --PeerKey=MALICE_cf_c2tnb191v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb191v1 --PeerKey=MALICE_cf_c2tnb191v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb191v2 curve tests -- --PrivateKey=ALICE_cf_c2tnb191v2 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEHzAdAgEBBBgQZHIQIPrAsbJqq4ZX3JdMrZAkaIGP --jbo= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb191v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEAyQdwZYRIiv7O4/WRLDKJ249TM8dr2Y+Oz8rSxCI --UVvJT/Jv9m462J6Iz1XOohhP -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb191v2:ALICE_cf_c2tnb191v2_PUB -- --PrivateKey=BOB_cf_c2tnb191v2 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAYEHzAdAgEBBBgThhW6d5QDaqM8yhm16q6Pu/VFBpf7 --wcs= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb191v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEBVkB4O6fFvGzMHv4BF51muFA0npOGKoOdKbIIMQY --JBIoz1RNNXTcgdpguLcrvcPJ -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb191v2:BOB_cf_c2tnb191v2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb191v2 --PeerKey=BOB_cf_c2tnb191v2_PUB --SharedSecret=711f90cb2aaea65e939065cbd1896affe1d490ba14571400 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb191v2 --PeerKey=ALICE_cf_c2tnb191v2_PUB --SharedSecret=711f90cb2aaea65e939065cbd1896affe1d490ba14571400 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb191v2 --PeerKey=BOB_cf_c2tnb191v2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1740db5b771fa2889d3ec7c1ba8eeffa7741f0ee62433dce -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb191v2 --PeerKey=ALICE_cf_c2tnb191v2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1740db5b771fa2889d3ec7c1ba8eeffa7741f0ee62433dce -- --PublicKey=MALICE_cf_c2tnb191v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAYDMgAEA3yPV6Ilx7PU7dWIDzgKzFV07LNsn1EhMyLQaa5U --2vqunpWef+/CaO2pFBcwwW+x -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb191v2 --PeerKey=MALICE_cf_c2tnb191v2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb191v2 --PeerKey=MALICE_cf_c2tnb191v2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb191v3 curve tests -- --PrivateKey=ALICE_cf_c2tnb191v3 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEHzAdAgEBBBgTPjf06B01Jq59qU1iczNuA29WfW+b --erU= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb191v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEL4NGEUX2CXY18MyoH1inKq5kde9RGr25ODm/0BEX --HWsGvDE2HC+6pL2BMl3MRCty -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb191v3:ALICE_cf_c2tnb191v3_PUB -- --PrivateKey=BOB_cf_c2tnb191v3 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAcEHzAdAgEBBBgUC2bC465JTXYLUaaET/r5n7X85gRH --iSQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb191v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAEPKekNkT9mQ8KRCTR2RwCFkhNvsjL+/mLHYzbMrYe --QFIb5QwXAdbg2tEOl7yj9qkk -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb191v3:BOB_cf_c2tnb191v3_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb191v3 --PeerKey=BOB_cf_c2tnb191v3_PUB --SharedSecret=196200f7ea06c43c35516b995cf4a4dd4151dbd0ed998561 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb191v3 --PeerKey=ALICE_cf_c2tnb191v3_PUB --SharedSecret=196200f7ea06c43c35516b995cf4a4dd4151dbd0ed998561 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb191v3 --PeerKey=BOB_cf_c2tnb191v3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=311939377670a8a1ed1ee17f9dd182167da00c5a19e2e109 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb191v3 --PeerKey=ALICE_cf_c2tnb191v3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=311939377670a8a1ed1ee17f9dd182167da00c5a19e2e109 -- --PublicKey=MALICE_cf_c2tnb191v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAAcDMgAESvPjWlLnANK2j38hHZ0uqueaniovkhwwdJZjrmUk --n5vQBTxUzkIkMjL33v6Lr3z7 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb191v3 --PeerKey=MALICE_cf_c2tnb191v3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb191v3 --PeerKey=MALICE_cf_c2tnb191v3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb239v1 curve tests -- --PrivateKey=ALICE_cf_c2tnb239v1 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAsEJTAjAgEBBB4fMJDhCEiuEf/RF6oGjHVcNwN+wCYG --rJMnJLIXiCI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEUgG/uMWy4k0R/kbVJEapF6r5ik4Q9WPsDXAd0856 --dVL8PvBXgixk2tKfyY1xUVebcEVlgdZP1pN1Xyvi -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb239v1:ALICE_cf_c2tnb239v1_PUB -- --PrivateKey=BOB_cf_c2tnb239v1 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAsEJTAjAgEBBB4JLDwVJQw3+00FiZBDWFErd7PXnchH --sfpZeV3i5FM= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEcwKt31cWaoFUd7QxYSdwgMDOqEhjPbD3Z9AfR3tc --G77/MY5z1oQegqImBog645vtPWI8lZd1zcl6QYRS -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb239v1:BOB_cf_c2tnb239v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb239v1 --PeerKey=BOB_cf_c2tnb239v1_PUB --SharedSecret=413ea943cdf40c45795c77aeea7099b81cc42566067924d1fdbae42ddf99 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb239v1 --PeerKey=ALICE_cf_c2tnb239v1_PUB --SharedSecret=413ea943cdf40c45795c77aeea7099b81cc42566067924d1fdbae42ddf99 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb239v1 --PeerKey=BOB_cf_c2tnb239v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1f1e5a6084492e895c35d76a5d2b4a3fafbd96c4b2230ea71cc1c711fa38 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb239v1 --PeerKey=ALICE_cf_c2tnb239v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1f1e5a6084492e895c35d76a5d2b4a3fafbd96c4b2230ea71cc1c711fa38 -- --PublicKey=MALICE_cf_c2tnb239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAsDPgAEJFn89FF7xaa5m+XGxWKFwCH+Mu4rbxwi6lvhuEuT --Itl/OAosALFh8xpt+N5gmKtUdhpjyok2udC4B/mY -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb239v1 --PeerKey=MALICE_cf_c2tnb239v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb239v1 --PeerKey=MALICE_cf_c2tnb239v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb239v2 curve tests -- --PrivateKey=ALICE_cf_c2tnb239v2 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAwEJTAjAgEBBB4KU4YKdzFOkl6M1biHkxtVGD2uNXr6 --GbEcp4PbJKU= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAEKzpycflUrsyqVV/+fzvC2+AuX3r0b0Syn8acvn78 --VnKA9mZKwPLWhnMJcLyzarIzc/6/UcfYGNmTyUlG -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb239v2:ALICE_cf_c2tnb239v2_PUB -- --PrivateKey=BOB_cf_c2tnb239v2 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAAwEJTAjAgEBBB4HZQLKGKBpIKiyTq6XYZWQNph1oGP+ --JLwCwn7lYx0= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAETPSkhMs3JW3BG66FSfCov76JKdcRiBhMCW453Wku --N7yBxBmWjeclHhnXIzfc4qM4qf9n3KzMSXejPVYg -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb239v2:BOB_cf_c2tnb239v2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb239v2 --PeerKey=BOB_cf_c2tnb239v2_PUB --SharedSecret=2e738f14795b2e19ee791c1bf30c5e462ca6c6ed0ec5c6c6402d0730cf4c -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb239v2 --PeerKey=ALICE_cf_c2tnb239v2_PUB --SharedSecret=2e738f14795b2e19ee791c1bf30c5e462ca6c6ed0ec5c6c6402d0730cf4c -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb239v2 --PeerKey=BOB_cf_c2tnb239v2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=7662d8b94d3f0d20eb8e112ca8b7d5699d81f35902df5b77561977df3946 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb239v2 --PeerKey=ALICE_cf_c2tnb239v2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=7662d8b94d3f0d20eb8e112ca8b7d5699d81f35902df5b77561977df3946 -- --PublicKey=MALICE_cf_c2tnb239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAAwDPgAES8fLc5mtVI0HqgKRJ7mN8MU1B0FBkiim6jCHYJf3 --JYUX3Gn3Ai11cHie+nVb3z51jSkpDQENHESTv5K2 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb239v2 --PeerKey=MALICE_cf_c2tnb239v2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb239v2 --PeerKey=MALICE_cf_c2tnb239v2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb239v3 curve tests -- --PrivateKey=ALICE_cf_c2tnb239v3 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAA0EJTAjAgEBBB4BZZXtcMw5GrpgHJLx4D8z7M6ocWdv --rDl2fV9ObC8= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEOu2HIAUX+r6IbRlrPUJUBDL814dR++maVAAkUIjD --H33ewqcI9ZLtpvuR8P8hgRNUTXlh1GWgrB6F21Eo -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb239v3:ALICE_cf_c2tnb239v3_PUB -- --PrivateKey=BOB_cf_c2tnb239v3 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAA0EJTAjAgEBBB4BDxw3SA54y6uYOW1n4yZaUK22J9ef --XG3HcQX+4i0= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAEVaEi76wyzlpzkkSElf4SmGZ7kf1ghHMP82HkGk7K --BC10zUyppoSOAr0eX4pHAkDUF1m/KGoJa7QcJJww -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb239v3:BOB_cf_c2tnb239v3_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb239v3 --PeerKey=BOB_cf_c2tnb239v3_PUB --SharedSecret=6a756022ec2ea89b0fa757824909707102acf3b7da39dc625c6252eb4c48 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb239v3 --PeerKey=ALICE_cf_c2tnb239v3_PUB --SharedSecret=6a756022ec2ea89b0fa757824909707102acf3b7da39dc625c6252eb4c48 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb239v3 --PeerKey=BOB_cf_c2tnb239v3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=3240e19dd8c290e5e1749df60ad0166dd9dbfad645e518b4948e14f774ce -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb239v3 --PeerKey=ALICE_cf_c2tnb239v3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=3240e19dd8c290e5e1749df60ad0166dd9dbfad645e518b4948e14f774ce -- --PublicKey=MALICE_cf_c2tnb239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAA0DPgAELe/znC87/2ucKX7mXUUyiUvg67slWRdH+WHDct9d --LcXDyB342ZN1nm0NCAmBMcLjohX0Zza0ji3YNjT1 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb239v3 --PeerKey=MALICE_cf_c2tnb239v3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb239v3 --PeerKey=MALICE_cf_c2tnb239v3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb359v1 curve tests -- --PrivateKey=ALICE_cf_c2tnb359v1 -------BEGIN PRIVATE KEY----- --ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABIENDAyAgEBBC0Afea/a1NrRf6rRRr/UDsI559ADTFP --Bd5HaS33laTZkCdNLITw1UUrESUIOiU= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb359v1_PUB -------BEGIN PUBLIC KEY----- --MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEZMJU3QF9UJJp2m6qyCnhPuVlPKPHtav3DCgH27SY --RLMN7C4rRmqiJakD11QtOforOgbPW5r/v7t4TUWIlq8jV7kapJNtxQtg/S87L0NQGgHBq/lnJL8x --fN3Y -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb359v1:ALICE_cf_c2tnb359v1_PUB -- --PrivateKey=BOB_cf_c2tnb359v1 -------BEGIN PRIVATE KEY----- --ME4CAQAwEwYHKoZIzj0CAQYIKoZIzj0DABIENDAyAgEBBC0Aaw+yr7Atz8CXjLsbI5msXLqxFoMr --esHVfU53i6ucCsnPTWSDWSb5CePtI9g= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb359v1_PUB -------BEGIN PUBLIC KEY----- --MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEUQde0iyDHbsFJZ459d4zUhsrJYAkqndmEBRwSlg5 --ZNX8SSS79Zf2HsQl+LWIZyzeYzoHobKXufChw9/H4ThS58VwV5/0hoE929PIgJ1MSEqr5LvJXi+b --R8fe -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb359v1:BOB_cf_c2tnb359v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb359v1 --PeerKey=BOB_cf_c2tnb359v1_PUB --SharedSecret=623a71122b5acad467d40d97ef8d8fd46541d8c41d7de6ba181c24e2714c1bc35bcefcf089af69c406eedecc12 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb359v1 --PeerKey=ALICE_cf_c2tnb359v1_PUB --SharedSecret=623a71122b5acad467d40d97ef8d8fd46541d8c41d7de6ba181c24e2714c1bc35bcefcf089af69c406eedecc12 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb359v1 --PeerKey=BOB_cf_c2tnb359v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1c9c4cea3251dace2cb763eabf60f106cc1b03f2491e6f20d7bea78e062f8f14c4e82e4d43786eefa44d33f7e9 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb359v1 --PeerKey=ALICE_cf_c2tnb359v1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=1c9c4cea3251dace2cb763eabf60f106cc1b03f2491e6f20d7bea78e062f8f14c4e82e4d43786eefa44d33f7e9 -- --PublicKey=MALICE_cf_c2tnb359v1_PUB -------BEGIN PUBLIC KEY----- --MHMwEwYHKoZIzj0CAQYIKoZIzj0DABIDXAAEDW1DxeJfyPPnxX4WiLM5ZnX9AypqqeKj7FTHxanl --++A6FgVFjUCatt8Sr4xnSc3zDE0kh6f/wS9SbtCAi74i8HAX5SJiccCMPRkw6kBuHZgiG8EmFJ53 --OEQw -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb359v1 --PeerKey=MALICE_cf_c2tnb359v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb359v1 --PeerKey=MALICE_cf_c2tnb359v1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=c2tnb431r1 curve tests -- --PrivateKey=ALICE_cf_c2tnb431r1 -------BEGIN PRIVATE KEY----- --MFYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABQEPDA6AgEBBDUAG1rgUnH3+PSxqlzt9+QTWv7PrYxz --Qgqj5A2Mqi0LbdixVDciVSSgrU6keVu72oCmHVP+OQ== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_c2tnb431r1_PUB -------BEGIN PUBLIC KEY----- --MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABFcQEDic9pYxtxStk/oBxafqyUux1kvEOOwR4FxJ --pGEMTh8B+YfkWuq+IDY5zSqNKtg7cRlAFX2dlHhRSvNxrN3DJCrhe/TQq8SIYawcqEQnM39F8hHM --7VQJLEsBpJ/WUonwMJXknjgfONP7GA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_c2tnb431r1:ALICE_cf_c2tnb431r1_PUB -- --PrivateKey=BOB_cf_c2tnb431r1 -------BEGIN PRIVATE KEY----- --MFYCAQAwEwYHKoZIzj0CAQYIKoZIzj0DABQEPDA6AgEBBDUBOsZrpI6hTgImR8DBhKOOrh2SvcT/ --VwmzYnbuCRrtr/zwIQcqKKI1ztlrl+kxFxJfk5L7UQ== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_c2tnb431r1_PUB -------BEGIN PUBLIC KEY----- --MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABHeTG6xjbsKKxn4oYQt9qUM9LrSPZfY11XsBmROc --fb9kEbBLU+QixSbYZOrqPasesDV9dApDXF+w6EfIeNyJEK5Lk+aXamrn7fRMUAQ2m7+Odp87GgA+ --8Cg6YpgbK314SK5STziqoZwzEISJ9w== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_c2tnb431r1:BOB_cf_c2tnb431r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb431r1 --PeerKey=BOB_cf_c2tnb431r1_PUB --SharedSecret=1c9a64de0b706f0e562d5144ceeb4806ce8782865dc0e3fab694967955bd40afc79bf9241ef4a173fbf9baeac0d416392fb13bdc6978 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb431r1 --PeerKey=ALICE_cf_c2tnb431r1_PUB --SharedSecret=1c9a64de0b706f0e562d5144ceeb4806ce8782865dc0e3fab694967955bd40afc79bf9241ef4a173fbf9baeac0d416392fb13bdc6978 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_c2tnb431r1 --PeerKey=BOB_cf_c2tnb431r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=059e2ea2d0d8bad5005a9401196ebb1633377c7ded8ec58a0398cf1d0f42ea82614f68cb836ecfc33612b8a705b4c3b7b4ed12eb6e22 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_c2tnb431r1 --PeerKey=ALICE_cf_c2tnb431r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=059e2ea2d0d8bad5005a9401196ebb1633377c7ded8ec58a0398cf1d0f42ea82614f68cb836ecfc33612b8a705b4c3b7b4ed12eb6e22 -- --PublicKey=MALICE_cf_c2tnb431r1_PUB -------BEGIN PUBLIC KEY----- --MIGFMBMGByqGSM49AgEGCCqGSM49AwAUA24ABA/cHJ1bNJ2l3GcrT67WEoU0w/Ajy28T9X4XLv8a --5EpnkembeFlRG8ILplDcZimE8kjNQWynAk+NbJRsIU/XLzcm7VXkkqEkx/yCQ/TOcbeB3qrpzWYr --F3Cls9x60wuFYNc9d6eIe4B+puz9IQ== -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_c2tnb431r1 --PeerKey=MALICE_cf_c2tnb431r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_c2tnb431r1 --PeerKey=MALICE_cf_c2tnb431r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=prime192v2 curve tests -- --PrivateKey=ALICE_cf_prime192v2 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBh6rcgPFDmA2P4CGSrC7ii9DAjepljX --sMM= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_prime192v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAET6wOPoDU3BeU7VKozsGEvDeJs//9Z/aNEcbbLQ0d --g5IzsS/XMJzifjCJZgNsb7mi -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_prime192v2:ALICE_cf_prime192v2_PUB -- --PrivateKey=BOB_cf_prime192v2 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBja4R9iZuiu95XEuM1558ArTwNnAl7M --xqI= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_prime192v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEcgWNAOL4pZCmouZl+be+rC0yLAJkm2YuPWs+FX2u --Y6OU1aHkkspZTC1uUVWjchy5 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_prime192v2:BOB_cf_prime192v2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_prime192v2 --PeerKey=BOB_cf_prime192v2_PUB --SharedSecret=ae2ff9f1f9f24e6d281dc78993d9f71913e1e105965000a1 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_prime192v2 --PeerKey=ALICE_cf_prime192v2_PUB --SharedSecret=ae2ff9f1f9f24e6d281dc78993d9f71913e1e105965000a1 -- --Title=prime192v3 curve tests -- --PrivateKey=ALICE_cf_prime192v3 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBij5blPQRKM1/9c57YDZXIIue80MDqx --Igw= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_prime192v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAE1+mLeiT/jjHO71IL/C/ZcnF6+yj9FV6eqfuPdHAi --MsDRFCB6/h8TcCUFuospu5l0 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_prime192v3:ALICE_cf_prime192v3_PUB -- --PrivateKey=BOB_cf_prime192v3 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBhgFP4fFLtm/yk5tsosBUBKTg370FOu --92g= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_prime192v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEv35bOz0xqLeJqpZdZ8LyiUgsJMBEtN2UMJm8blX2 --vMWAgEeLhzar86BUlS7dZwS7 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_prime192v3:BOB_cf_prime192v3_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_prime192v3 --PeerKey=BOB_cf_prime192v3_PUB --SharedSecret=9e562ecbe29c510a13b0daea822ec864c2a9684d2a382812 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_prime192v3 --PeerKey=ALICE_cf_prime192v3_PUB --SharedSecret=9e562ecbe29c510a13b0daea822ec864c2a9684d2a382812 -- --Title=prime239v1 curve tests -- --PrivateKey=ALICE_cf_prime239v1 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5nH2mt/GUx+I/60NlcuQlrdupDXwMY --SF/w+SUTNqY= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_prime239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEMqQLCgDR9njkq9QELuOu+J/9YGcxJHULdvxHImLW --RXqBUM5Xea+Qk2SKIpWcogxr2zFeQyeLj2bQysuo -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_prime239v1:ALICE_cf_prime239v1_PUB -- --PrivateKey=BOB_cf_prime239v1 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5RZgYV+j+zhwI12zCzB+mdPofMx0kB --jZ9gplgXxzk= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_prime239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEBR5m/kllh025oO4GvqALkjRliVv7q4x8ro/tkYnT --L2U4hkT6xUeRu9QC4KOz7KUVH+nBbQASL4XQg/3C -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_prime239v1:BOB_cf_prime239v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_prime239v1 --PeerKey=BOB_cf_prime239v1_PUB --SharedSecret=196b1d0206d4f87c313c266bfb12c90dd1f1f64b89bfc16518086b9801b8 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_prime239v1 --PeerKey=ALICE_cf_prime239v1_PUB --SharedSecret=196b1d0206d4f87c313c266bfb12c90dd1f1f64b89bfc16518086b9801b8 -- --Title=prime239v2 curve tests -- --PrivateKey=ALICE_cf_prime239v2 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5uLCwofbD2Suc/iIRhXJsPqZ4me87h --+tFevsg1pPE= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_prime239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAETH77jXHBItV673gTNK/HTFldo4VxPiscbideUgKd --CWjdVsXebgAZbqQwf0h9QWcIgM7K7ODdW5kCuZ1G -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_prime239v2:ALICE_cf_prime239v2_PUB -- --PrivateKey=BOB_cf_prime239v2 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5nlF+ouuw3Ljkgy3pHkCN+/JoHAMyT --KY0wlvJdo/w= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_prime239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAELUQYo0UH8HbK/RMD2jVphBU+iB4OTOfvaaTlHq06 --dcJ8a9a+mAQKhb1OZVEq1n4nQsgRiI1rPxugVERM -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_prime239v2:BOB_cf_prime239v2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_prime239v2 --PeerKey=BOB_cf_prime239v2_PUB --SharedSecret=1d18ca6366bceba3c1477daa0e08202088abcf14fc2b8fbf98ba95858fcf -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_prime239v2 --PeerKey=ALICE_cf_prime239v2_PUB --SharedSecret=1d18ca6366bceba3c1477daa0e08202088abcf14fc2b8fbf98ba95858fcf -- --Title=prime239v3 curve tests -- --PrivateKey=ALICE_cf_prime239v3 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5J95JRhBDTzlyAPAfu6T2Pb9vK0NKu --Y9AfhA2G+mI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_prime239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEZEN48pqgLF08Yjj/8BLM2Nr5ZhpYxyBurbzKRuBb --GLpzZLteJN9vZjN7ouNpMxLVUFQxTOwpsvUw86Lk -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_prime239v3:ALICE_cf_prime239v3_PUB -- --PrivateKey=BOB_cf_prime239v3 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5Z7rMZML1xeryBaYYr+QuMiQxHT44I --d9bmIVvG3dM= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_prime239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEQUWKqohAPAoIYEZOvc1QwSlcB+gW0febaNxGOy47 --LaIWdsNM7GJVP9xpdSwm/L+Dip/oH4E59f3SiOAd -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_prime239v3:BOB_cf_prime239v3_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_prime239v3 --PeerKey=BOB_cf_prime239v3_PUB --SharedSecret=4dcc2c67c5993162ed71ebb33077bbb85395b0d3eec2311aa404e45901a0 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_prime239v3 --PeerKey=ALICE_cf_prime239v3_PUB --SharedSecret=4dcc2c67c5993162ed71ebb33077bbb85395b0d3eec2311aa404e45901a0 -- --Title=secp112r1 curve tests -- --PrivateKey=ALICE_cf_secp112r1 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAYEFTATAgEBBA6zC5ZzEIIdvY4Q7DS0uw== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp112r1_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEYIawfjH3qRrJJWwuG3Ys5ZhDJsmdWi34aHgKAA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp112r1:ALICE_cf_secp112r1_PUB -- --PrivateKey=BOB_cf_secp112r1 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAYEFTATAgEBBA6WPx4YxBODium8BKDw0A== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp112r1_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAYDHgAEchh3iQdPN1rrzrpdZRQ95G6tvdwEBQ+gfu1tvA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp112r1:BOB_cf_secp112r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp112r1 --PeerKey=BOB_cf_secp112r1_PUB --SharedSecret=4ddd1d504b444d4be67ba2e4610a -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp112r1 --PeerKey=ALICE_cf_secp112r1_PUB --SharedSecret=4ddd1d504b444d4be67ba2e4610a -- --Title=secp112r2 curve tests -- --PrivateKey=ALICE_cf_secp112r2 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4GcvIx97ePHdAiH0Z9EA== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp112r2_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEHK9uNAILHBmPZdKKh79/nzYE0HbvC//rA7i0Xw== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp112r2:ALICE_cf_secp112r2_PUB -- --PrivateKey=BOB_cf_secp112r2 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4WzpVFZnZv9mvtpnYNyw== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp112r2_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEUzBLNQupqUpGgmZl9JVjKBpwusl52rFg5OVFJA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp112r2:BOB_cf_secp112r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp112r2 --PeerKey=BOB_cf_secp112r2_PUB --SharedSecret=a6d05c7ba5128a9685c705b5030b -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp112r2 --PeerKey=ALICE_cf_secp112r2_PUB --SharedSecret=a6d05c7ba5128a9685c705b5030b -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp112r2 --PeerKey=BOB_cf_secp112r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04f3280e92c269d794aa779efcef -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp112r2 --PeerKey=ALICE_cf_secp112r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04f3280e92c269d794aa779efcef -- --PublicKey=MALICE_cf_secp112r2_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEsf2N4SfUZWtXPrUTmEyr71I/JSn8VtzQsFHuqQ== -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_secp112r2 --PeerKey=MALICE_cf_secp112r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_secp112r2 --PeerKey=MALICE_cf_secp112r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=secp128r1 curve tests -- --PrivateKey=ALICE_cf_secp128r1 -------BEGIN PRIVATE KEY----- --MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBB+RX18d0+gKpdcKbJJTrEZ -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp128r1_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEG0XMAdrAZOPUW6L9ADU8XK8sZr7dtIcDinSWU1zSV9s= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp128r1:ALICE_cf_secp128r1_PUB -- --PrivateKey=BOB_cf_secp128r1 -------BEGIN PRIVATE KEY----- --MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBB/J9/eClt9mimGwOcOsjJF -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp128r1_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAE82nknsOS+u8mybP0KJqQhvm83gbPNTZOcvm0ZDVR5sU= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp128r1:BOB_cf_secp128r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp128r1 --PeerKey=BOB_cf_secp128r1_PUB --SharedSecret=5020f1b759da1f737a61a29a268d7669 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp128r1 --PeerKey=ALICE_cf_secp128r1_PUB --SharedSecret=5020f1b759da1f737a61a29a268d7669 -- --Title=secp128r2 curve tests -- --PrivateKey=ALICE_cf_secp128r2 -------BEGIN PRIVATE KEY----- --MC4CAQAwEAYHKoZIzj0CAQYFK4EEAB0EFzAVAgEBBBALPaUYCnPgNiLhez93Z1Gi -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp128r2_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAEOKiPRGtZXwxmvTr35NmUkNsAGGk9RKNA4D5BE9ZrjZQ= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp128r2:ALICE_cf_secp128r2_PUB -- --PrivateKey=BOB_cf_secp128r2 -------BEGIN PRIVATE KEY----- --MC4CAQAwEAYHKoZIzj0CAQYFK4EEAB0EFzAVAgEBBBARg3vb436QgyHdyt6l/b6G -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp128r2_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAELph7h27BYjIINC2EddcpIOxKbdz8Xe7h3Az1ZuR9bAI= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp128r2:BOB_cf_secp128r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp128r2 --PeerKey=BOB_cf_secp128r2_PUB --SharedSecret=8f4d8c75141e9b084328222440eb5dfa -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp128r2 --PeerKey=ALICE_cf_secp128r2_PUB --SharedSecret=8f4d8c75141e9b084328222440eb5dfa -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp128r2 --PeerKey=BOB_cf_secp128r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=baaa0c16e16eef291001475d638e4830 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp128r2 --PeerKey=ALICE_cf_secp128r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=baaa0c16e16eef291001475d638e4830 -- --PublicKey=MALICE_cf_secp128r2_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEAB0DIgAE6h6RzJIp6HLR6RDOPtyzGDurkuE9aAaZqHosPTnkLxQ= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_secp128r2 --PeerKey=MALICE_cf_secp128r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_secp128r2 --PeerKey=MALICE_cf_secp128r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=secp160k1 curve tests -- --PrivateKey=ALICE_cf_secp160k1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAkEHDAaAgEBBBUAlxTBO50KwFwWKPtk1rutu68m+zI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp160k1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAEcVWIjtPZn1cHckclpn5jKDCphQUVHxFN5tSeFG9wsJZT --EvqPyLS64w== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp160k1:ALICE_cf_secp160k1_PUB -- --PrivateKey=BOB_cf_secp160k1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAkEHDAaAgEBBBUAdrPkoNkRVUloiuwzruQszSUuwpY= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp160k1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAkDKgAESGN41cAj8Fg4pAJM7FUKHiawbCR0b9unMpZWxqOKeW1/ --bxT/CqEkyw== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp160k1:BOB_cf_secp160k1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp160k1 --PeerKey=BOB_cf_secp160k1_PUB --SharedSecret=b738a0bf17f3271a9a155bfdfe2f0f1d51494d42 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp160k1 --PeerKey=ALICE_cf_secp160k1_PUB --SharedSecret=b738a0bf17f3271a9a155bfdfe2f0f1d51494d42 -- --Title=secp160r1 curve tests -- --PrivateKey=ALICE_cf_secp160r1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUAR6m1+jIBuJnSKx9fHmyAYhsnYe8= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp160r1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEO78GZuBaCfJjHK97c9N21z+4mm37b5x7/Hr3Xc4pUbtb --OoNj/A+W9w== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp160r1:ALICE_cf_secp160r1_PUB -- --PrivateKey=BOB_cf_secp160r1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUATqvd54Jj7TbnrLAd2dMYCpExLws= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp160r1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEBKDbBSPTwmb00MFvMtJMxQ2YDmcPOZHE8YbVr5hp8s5J --Jwy17FaNNg== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp160r1:BOB_cf_secp160r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp160r1 --PeerKey=BOB_cf_secp160r1_PUB --SharedSecret=1912ea7b9bb1de5b8d3cef83e7a6e7a917816541 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp160r1 --PeerKey=ALICE_cf_secp160r1_PUB --SharedSecret=1912ea7b9bb1de5b8d3cef83e7a6e7a917816541 -- --Title=secp160r2 curve tests -- --PrivateKey=ALICE_cf_secp160r2 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUA3IsVg4R4paXaPATDHvzfnvM+vjQ= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp160r2_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAE4V+25YCpVkKF6NF/UPc1SYxohYWcf3qT3JDoPRhnm/rj --mSqCCA6gUw== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp160r2:ALICE_cf_secp160r2_PUB -- --PrivateKey=BOB_cf_secp160r2 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUAYT/5C7UpD17DnZm4ObswmGFMI1Q= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp160r2_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEB7YVzBmzhnIdouvN/nb8VMXCqO8dkhmebyVzoD0oAzuH --nN+SfWr6aQ== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp160r2:BOB_cf_secp160r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp160r2 --PeerKey=BOB_cf_secp160r2_PUB --SharedSecret=ccb9cae5c9487ff60c487bd1b39a62eb4680e9b6 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp160r2 --PeerKey=ALICE_cf_secp160r2_PUB --SharedSecret=ccb9cae5c9487ff60c487bd1b39a62eb4680e9b6 -- --Title=secp192k1 curve tests -- --PrivateKey=ALICE_cf_secp192k1 -------BEGIN PRIVATE KEY----- --MDYCAQAwEAYHKoZIzj0CAQYFK4EEAB8EHzAdAgEBBBikVZrCZQB7ZtkhNfQYpjKHZ9KxXgooJ90= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp192k1_PUB -------BEGIN PUBLIC KEY----- --MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAEyV4EzMZglBXtYdn38hNTrCGflAsJprMkxkOlw58chZ25 --6EAu7gVvYDTpnRkymKyH -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp192k1:ALICE_cf_secp192k1_PUB -- --PrivateKey=BOB_cf_secp192k1 -------BEGIN PRIVATE KEY----- --MDYCAQAwEAYHKoZIzj0CAQYFK4EEAB8EHzAdAgEBBBiJQ/PunKGk9QPUyqIBGMgHKKg+yxJr5io= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp192k1_PUB -------BEGIN PUBLIC KEY----- --MEYwEAYHKoZIzj0CAQYFK4EEAB8DMgAE990Tnmh9QQQHVHuLpfrAsgjvB9R2MJXzhBZN1WvtxLqF --OZ2oFMP0Kfcr7HbI7a5j -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp192k1:BOB_cf_secp192k1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp192k1 --PeerKey=BOB_cf_secp192k1_PUB --SharedSecret=a46a6bfb279d4dc30cffac585d1fbec905dbe46aca5e3c9d -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp192k1 --PeerKey=ALICE_cf_secp192k1_PUB --SharedSecret=a46a6bfb279d4dc30cffac585d1fbec905dbe46aca5e3c9d -- --Title=secp224k1 curve tests -- --PrivateKey=ALICE_cf_secp224k1 -------BEGIN PRIVATE KEY----- --MDsCAQAwEAYHKoZIzj0CAQYFK4EEACAEJDAiAgEBBB0AZPk3TzxGhX7TljBBhJDLBfulAMp6Bh3W --w40Qyg== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_secp224k1_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFK4EEACADOgAE4o7LGdJDixqJZ5imnqaX4IeE55NG4W0HEe72LVC7pmn2 --e3m7uC92ZQhduF9lJli4dXD5en/1wkE= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_secp224k1:ALICE_cf_secp224k1_PUB -- --PrivateKey=BOB_cf_secp224k1 -------BEGIN PRIVATE KEY----- --MDsCAQAwEAYHKoZIzj0CAQYFK4EEACAEJDAiAgEBBB0AdQ02GguRy3yHOjLkpoWb27QA/L1abfWe --q2xUfA== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_secp224k1_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFK4EEACADOgAEzp00m0DaADn1mGiDCT7K1LZnoj/vCxHPowUDC9yQd17K --KpJM5sGILrTkkgxqtt5pBeYE1NC1QUQ= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_secp224k1:BOB_cf_secp224k1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_secp224k1 --PeerKey=BOB_cf_secp224k1_PUB --SharedSecret=6f7b9d16c9c1d3a5c84b6028f2a4fed9ae8e02455e678a27243bcc48 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_secp224k1 --PeerKey=ALICE_cf_secp224k1_PUB --SharedSecret=6f7b9d16c9c1d3a5c84b6028f2a4fed9ae8e02455e678a27243bcc48 -- - Title=secp256k1 curve tests - - PrivateKey=ALICE_cf_secp256k1 -@@ -1998,1323 +55,6 @@ Derive=BOB_cf_secp256k1 - PeerKey=ALICE_cf_secp256k1_PUB - SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 - --Title=sect113r1 curve tests -- --PrivateKey=ALICE_cf_sect113r1 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAQEFjAUAgEBBA8ALw9CgsuNBkkhhUHE8bQ= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect113r1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEASO9jcamlg1pRE7JffrTAe9kyRZO2xrymHXoGdnA -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect113r1:ALICE_cf_sect113r1_PUB -- --PrivateKey=BOB_cf_sect113r1 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAQEFjAUAgEBBA8A/9qbs8sTFNkjS9/4CuM= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect113r1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEATykaf/cvJzLOUto1EbbAEz/3++nut6q0dcJOQeV -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect113r1:BOB_cf_sect113r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect113r1 --PeerKey=BOB_cf_sect113r1_PUB --SharedSecret=01ed16f1948dcb368a54004237842d -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect113r1 --PeerKey=ALICE_cf_sect113r1_PUB --SharedSecret=01ed16f1948dcb368a54004237842d -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect113r1 --PeerKey=BOB_cf_sect113r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=012e5f3e348c2a8a88d9590a639219 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect113r1 --PeerKey=ALICE_cf_sect113r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=012e5f3e348c2a8a88d9590a639219 -- --PublicKey=MALICE_cf_sect113r1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAQDIAAEAAAAAAAAAAAAAAAAAAAAAd+TqiBXnTd/lyA/OFsR -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect113r1 --PeerKey=MALICE_cf_sect113r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect113r1 --PeerKey=MALICE_cf_sect113r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect113r2 curve tests -- --PrivateKey=ALICE_cf_sect113r2 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAUEFjAUAgEBBA8AvovirHrqTxoKJ3l+7y0= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect113r2_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAFvQ4JgQTS8kjGeVfuITAS81qNcOQvt3PYa1HuCk -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect113r2:ALICE_cf_sect113r2_PUB -- --PrivateKey=BOB_cf_sect113r2 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFK4EEAAUEFjAUAgEBBA8ArUjgvp/goxRYb4WuQ80= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect113r2_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAUoS3of8y28meYu/NoI5AVdhJZCuDjMqFHTriWY4 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect113r2:BOB_cf_sect113r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect113r2 --PeerKey=BOB_cf_sect113r2_PUB --SharedSecret=0057a287ba1ea05cb4735e673647e1 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect113r2 --PeerKey=ALICE_cf_sect113r2_PUB --SharedSecret=0057a287ba1ea05cb4735e673647e1 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect113r2 --PeerKey=BOB_cf_sect113r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00fec2454e46732aca42b22b6d4f13 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect113r2 --PeerKey=ALICE_cf_sect113r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00fec2454e46732aca42b22b6d4f13 -- --PublicKey=MALICE_cf_sect113r2_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFK4EEAAUDIAAEAAAAAAAAAAAAAAAAAAAAAR3dbPHrhFekzJ7Azskr -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect113r2 --PeerKey=MALICE_cf_sect113r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect113r2 --PeerKey=MALICE_cf_sect113r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect131r1 curve tests -- --PrivateKey=ALICE_cf_sect131r1 -------BEGIN PRIVATE KEY----- --MC8CAQAwEAYHKoZIzj0CAQYFK4EEABYEGDAWAgEBBBEA5C6zHMQM7pXPZ6cJz72Niw== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect131r1_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEBXCuXD6wOOif91GUlJNKXf8FBNw8crgqi5aEJEZbCdBJ --Ag== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect131r1:ALICE_cf_sect131r1_PUB -- --PrivateKey=BOB_cf_sect131r1 -------BEGIN PRIVATE KEY----- --MC8CAQAwEAYHKoZIzj0CAQYFK4EEABYEGDAWAgEBBBEDYZmjiokBJ/SnTv8sskBR3A== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect131r1_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEB8vGy3OQXwWKcJUSSJbCtpMBjFgJeZxzAaI420+B1B+1 --5A== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect131r1:BOB_cf_sect131r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect131r1 --PeerKey=BOB_cf_sect131r1_PUB --SharedSecret=05346248f77f81fff50cc656e119976871 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect131r1 --PeerKey=ALICE_cf_sect131r1_PUB --SharedSecret=05346248f77f81fff50cc656e119976871 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect131r1 --PeerKey=BOB_cf_sect131r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01f151ae26efa507acc2597356baf7e8ab -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect131r1 --PeerKey=ALICE_cf_sect131r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01f151ae26efa507acc2597356baf7e8ab -- --PublicKey=MALICE_cf_sect131r1_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABYDJAAEAAAAAAAAAAAAAAAAAAAAAAABfiJEFG0vRzEGxk2BxjmK --zw== -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect131r1 --PeerKey=MALICE_cf_sect131r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect131r1 --PeerKey=MALICE_cf_sect131r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect131r2 curve tests -- --PrivateKey=ALICE_cf_sect131r2 -------BEGIN PRIVATE KEY----- --MC8CAQAwEAYHKoZIzj0CAQYFK4EEABcEGDAWAgEBBBEBnZRUKAQetk5kyUwhIaAyxg== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect131r2_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEA5+Y20L8q989I4jnKknZ7hcGlQ6RUIGni9RahT88kB/d --dw== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect131r2:ALICE_cf_sect131r2_PUB -- --PrivateKey=BOB_cf_sect131r2 -------BEGIN PRIVATE KEY----- --MC8CAQAwEAYHKoZIzj0CAQYFK4EEABcEGDAWAgEBBBEBnafx9vcMeoCqj/1YNuflzw== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect131r2_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEB2G2uNkhQNjjl0/Ov6UYpxoFaWNXO+qy7poV6cdrFN7z --pA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect131r2:BOB_cf_sect131r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect131r2 --PeerKey=BOB_cf_sect131r2_PUB --SharedSecret=058d8a8be33068ed8c1dc9f551ef2c3f3c -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect131r2 --PeerKey=ALICE_cf_sect131r2_PUB --SharedSecret=058d8a8be33068ed8c1dc9f551ef2c3f3c -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect131r2 --PeerKey=BOB_cf_sect131r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=037b16d85f27c2c878ef96c79a536f89a5 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect131r2 --PeerKey=ALICE_cf_sect131r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=037b16d85f27c2c878ef96c79a536f89a5 -- --PublicKey=MALICE_cf_sect131r2_PUB -------BEGIN PUBLIC KEY----- --MDgwEAYHKoZIzj0CAQYFK4EEABcDJAAEAAAAAAAAAAAAAAAAAAAAAAAGG5fiIbgziwBZHVzTYqCY --1w== -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect131r2 --PeerKey=MALICE_cf_sect131r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect131r2 --PeerKey=MALICE_cf_sect131r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect163r1 curve tests -- --PrivateKey=ALICE_cf_sect163r1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAIEHDAaAgEBBBUAlbn4x1UGJnAimsXufB/UvUaxU5U= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect163r1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEA0f195HCcD4D+7wWyl3QuPkRovG/ATy5l7fpMl4BNIg/ --sbtEXluCzANF -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect163r1:ALICE_cf_sect163r1_PUB -- --PrivateKey=BOB_cf_sect163r1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAIEHDAaAgEBBBUAoStq6Fjb7nB2PNL6WrzKKqhCGdE= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect163r1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEAul/oBKr9B5MsPHWGF+q07j0JC+WAxj1JzfcIXR98n+r --9FHWU5LC5pDM -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect163r1:BOB_cf_sect163r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect163r1 --PeerKey=BOB_cf_sect163r1_PUB --SharedSecret=06135eef489fe613c0d8bd522a2a640ff7ae6fb73d -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect163r1 --PeerKey=ALICE_cf_sect163r1_PUB --SharedSecret=06135eef489fe613c0d8bd522a2a640ff7ae6fb73d -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect163r1 --PeerKey=BOB_cf_sect163r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0580f5e8efb242a19ae1023acbcab8702c799751e7 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect163r1 --PeerKey=ALICE_cf_sect163r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0580f5e8efb242a19ae1023acbcab8702c799751e7 -- --PublicKey=MALICE_cf_sect163r1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAIDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJkXolVuGFa8fqmk --cs0Bv7iJuVg1 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect163r1 --PeerKey=MALICE_cf_sect163r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect163r1 --PeerKey=MALICE_cf_sect163r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect193r1 curve tests -- --PrivateKey=ALICE_cf_sect193r1 -------BEGIN PRIVATE KEY----- --MDcCAQAwEAYHKoZIzj0CAQYFK4EEABgEIDAeAgEBBBkACmcvidKWLtPFB2xqg76F8VhM1Njzrkgo -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect193r1_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAeqP0VQobenduwtf4MPmlYQVDjUmxKq50QFHnaBfzwXY --1TYShZZgBr0R6a5dUGCbiF0= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect193r1:ALICE_cf_sect193r1_PUB -- --PrivateKey=BOB_cf_sect193r1 -------BEGIN PRIVATE KEY----- --MDcCAQAwEAYHKoZIzj0CAQYFK4EEABgEIDAeAgEBBBkAKlSknQ66vpuLjC1mbQyfHOTdJ5Kw5jMh -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect193r1_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAaFZVIeqfV9wbPydaBSJKSWJjVyFVSB/QQB5rHonYQmK --f40zok8PJS6ratIcZwk/n20= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect193r1:BOB_cf_sect193r1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect193r1 --PeerKey=BOB_cf_sect193r1_PUB --SharedSecret=012b8849991814f8c7ed9d40cf9dc204c3a83e0b10675543a5 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect193r1 --PeerKey=ALICE_cf_sect193r1_PUB --SharedSecret=012b8849991814f8c7ed9d40cf9dc204c3a83e0b10675543a5 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect193r1 --PeerKey=BOB_cf_sect193r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0110180a18844859c52f6f012909522a2d87b5ab143bc80a55 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect193r1 --PeerKey=ALICE_cf_sect193r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0110180a18844859c52f6f012909522a2d87b5ab143bc80a55 -- --PublicKey=MALICE_cf_sect193r1_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABgDNAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHeX7PX3e5n --zROUg6/STkLp1D+L51L9+wY= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect193r1 --PeerKey=MALICE_cf_sect193r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect193r1 --PeerKey=MALICE_cf_sect193r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect193r2 curve tests -- --PrivateKey=ALICE_cf_sect193r2 -------BEGIN PRIVATE KEY----- --MDcCAQAwEAYHKoZIzj0CAQYFK4EEABkEIDAeAgEBBBkAhjkv8lXK/nPp3Qc4IwL/29JUKWi2VBMp -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect193r2_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAIn7oSu3adu4ChNXniHKkMIv9gT24rpzzwAeCTDPIkUT --kJ+Tit6e4RpgkB/dph4V+uI= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect193r2:ALICE_cf_sect193r2_PUB -- --PrivateKey=BOB_cf_sect193r2 -------BEGIN PRIVATE KEY----- --MDcCAQAwEAYHKoZIzj0CAQYFK4EEABkEIDAeAgEBBBkAwGkR3qSQdfh7Q6KbJ4lH5FShGsX8o/jD -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect193r2_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAFdSLKI0tlwZDpkndutOLsnHii1aJO8snwEJ0m/AZgMp --xiDevOQ/xE9SpMX25W7YqkU= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect193r2:BOB_cf_sect193r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect193r2 --PeerKey=BOB_cf_sect193r2_PUB --SharedSecret=01e2f66a63c24c1de8a399c484228a5ad5b6d911c6e5e83ae3 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect193r2 --PeerKey=ALICE_cf_sect193r2_PUB --SharedSecret=01e2f66a63c24c1de8a399c484228a5ad5b6d911c6e5e83ae3 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect193r2 --PeerKey=BOB_cf_sect193r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00bc82d393bd74406683aea003977a86a109f444a833652e43 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect193r2 --PeerKey=ALICE_cf_sect193r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00bc82d393bd74406683aea003977a86a109f444a833652e43 -- --PublicKey=MALICE_cf_sect193r2_PUB -------BEGIN PUBLIC KEY----- --MEgwEAYHKoZIzj0CAQYFK4EEABkDNAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfdLEkrvsO --Y7+6QpEvOay9A4MJCUZfZmI= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect193r2 --PeerKey=MALICE_cf_sect193r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect193r2 --PeerKey=MALICE_cf_sect193r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect239k1 curve tests -- --PrivateKey=ALICE_cf_sect239k1 -------BEGIN PRIVATE KEY----- --MDwCAQAwEAYHKoZIzj0CAQYFK4EEAAMEJTAjAgEBBB4G4nbQDUtTnkrPOvDGIlhH9XdjirUSbTI5 --5z6lf7o= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect239k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEf5paOMjzcnpVAPMQnIkikE4K2jne3ubX2TD1P3aedknF --lUr6tOU4BsiUQJACF90rQ9/KdeR5mYvYHzvI -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_sect239k1:ALICE_cf_sect239k1_PUB -- --PrivateKey=BOB_cf_sect239k1 -------BEGIN PRIVATE KEY----- --MDwCAQAwEAYHKoZIzj0CAQYFK4EEAAMEJTAjAgEBBB4e0F0NpepAF+iNrEtoZeo4TrQFspkUNLcx --Ly4Klfg= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect239k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEKnjJ4RHe+EiElXMrF4ou7VGy1pn0ZiO17FouF31Zbvjc --TcbhfE6ziXM8sekQJBwcwRKQ9+G/Qzq/2A9x -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_sect239k1:BOB_cf_sect239k1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect239k1 --PeerKey=BOB_cf_sect239k1_PUB --SharedSecret=0ef54c7b7dbf55d4278e7a6924dc4833c63ec708e820d501cacdfb4935d5 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect239k1 --PeerKey=ALICE_cf_sect239k1_PUB --SharedSecret=0ef54c7b7dbf55d4278e7a6924dc4833c63ec708e820d501cacdfb4935d5 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect239k1 --PeerKey=BOB_cf_sect239k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=592e4b33ac99624fe7f2f879cf52f12a70f189c5d90785db26a12e0a46c0 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect239k1 --PeerKey=ALICE_cf_sect239k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=592e4b33ac99624fe7f2f879cf52f12a70f189c5d90785db26a12e0a46c0 -- --PublicKey=MALICE_cf_sect239k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEAAMDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect239k1 --PeerKey=MALICE_cf_sect239k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect239k1 --PeerKey=MALICE_cf_sect239k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls10 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls10 -------BEGIN PRIVATE KEY----- --MDsCAQAwEAYHKoZIzj0CAQYFZysBBAoEJDAiAgEBBB1zvDMHGgcytka5KvlvQvJzTA4l2ts2NzBp --SJiGyw== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAZkrhWBz/Q4GB8DY4Ia114ew6H7Eg7ri2uxwxd3rAZs5 --/ShvunNyndjCt3Qaq8sulBM0nUyERSDakyD+ -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls10:ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls10 -------BEGIN PRIVATE KEY----- --MDsCAQAwEAYHKoZIzj0CAQYFZysBBAoEJDAiAgEBBB1SowkHU79PqokOfgllN53rNS8a3h1wFBY0 --dKPkQg== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls10_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAGavw4ChHCoWplAumMEBwJgJ2aYtw+utu4vhWnscAPIT --IJ4IiIGj18rCFBap1sgVbpXjhEBLYg6Itwv2 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls10:BOB_cf_wap-wsg-idm-ecid-wtls10_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls10_PUB --SharedSecret=0194ef5d80fdfe9df366b2273b983c3dbd440faf76964fcfc06c509f289d -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB --SharedSecret=0194ef5d80fdfe9df366b2273b983c3dbd440faf76964fcfc06c509f289d -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls10_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01bedc5cdf63fbf18c3e2bc9765e12f7990c0c0c64f0267ae7c37b9f49f0 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls10_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01bedc5cdf63fbf18c3e2bc9765e12f7990c0c0c64f0267ae7c37b9f49f0 -- --PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAoDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls11 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls11 -------BEGIN PRIVATE KEY----- --MDwCAQAwEAYHKoZIzj0CAQYFZysBBAsEJTAjAgEBBB4AkzS3zoqHNCLug/nwoYMQW3UigmZ9t56k --5jp+FiY= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEABttgKKYeGZRmcH/5UZR56lOSgbU4TH2AuIhvj88AL6H --zTCX9elzXpck+u22bnmkuvL2A8XKB5+fabMR -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls11:ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls11 -------BEGIN PRIVATE KEY----- --MDwCAQAwEAYHKoZIzj0CAQYFZysBBAsEJTAjAgEBBB4AWU05mbqPxsB749llNON1//l0w8RJJ3z5 --h/kzfNM= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls11_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAL6Xj/KCmXAQAAo847t0bl0wqBrteWRg93OvIJsPAAOE --ehdIgJyruc3KsH0RFlipu5QD8pnGSIXvif19 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls11:BOB_cf_wap-wsg-idm-ecid-wtls11_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls11_PUB --SharedSecret=01ac8a23ddeeafb4d3bb243fe409f2f9c8b1a3fc11d4690da583f2e21637 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB --SharedSecret=01ac8a23ddeeafb4d3bb243fe409f2f9c8b1a3fc11d4690da583f2e21637 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls11_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01b9992992572d3a59d424f8c9cc195576461ed6c1dadf6fb523717fab19 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls11_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01b9992992572d3a59d424f8c9cc195576461ed6c1dadf6fb523717fab19 -- --PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFZysBBAsDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYf4 --Vie5eHTnR+4x4G1xyq7qUvISU+X5RtBh2pE4 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls12 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls12 -------BEGIN PRIVATE KEY----- --MDoCAQAwEAYHKoZIzj0CAQYFZysBBAwEIzAhAgEBBBxwvll9Eb9mm2Xadq1evIi1zIK+6u0Nv8bP --LI9a -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAE0t0WqG/pFsiCt6agmebw3FCEWAzf9BpNLuzoCkPEe0Li --bqn5udrckL6s3stwCTVFaZUfY2qS9QE= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls12:ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls12 -------BEGIN PRIVATE KEY----- --MDoCAQAwEAYHKoZIzj0CAQYFZysBBAwEIzAhAgEBBBz+5P6gpqXxbeXvvaD5W9Ft69BTxcn7zc6q --K3Ax -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls12_PUB -------BEGIN PUBLIC KEY----- --ME4wEAYHKoZIzj0CAQYFZysBBAwDOgAEvyxedqaWkoAOMjaV5W3/tJpheiHAR0zV6BlIeUuGP2mx --+xsOK9/QB7hzipq9cXx1K/dXu58EoSY= -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls12:BOB_cf_wap-wsg-idm-ecid-wtls12_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls12 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls12_PUB --SharedSecret=a3b3f20af8c33a0f5c246b4b9d9dda1cd40c294d1f53365d18a8b54b -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls12 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB --SharedSecret=a3b3f20af8c33a0f5c246b4b9d9dda1cd40c294d1f53365d18a8b54b -- --Title=wap-wsg-idm-ecid-wtls1 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls1 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFZysBBAEEFTATAgEBBA5ZNASTt4/g6XPQwRiQ0Q== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEACBNPI48xxsPVQBy07jRAAcWzbIkMo8BQotxpfGJ -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls1:ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls1 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFZysBBAEEFTATAgEBBA6+0x9qk0NIKHSRvlTemQ== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAEeHMSBTx/EtOu+bjBinALHSkQuJyiP3mg1tu+I2 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls1:BOB_cf_wap-wsg-idm-ecid-wtls1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls1_PUB --SharedSecret=0040ba2fadc1da97c973e5e59ade31 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB --SharedSecret=0040ba2fadc1da97c973e5e59ade31 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008919696215a89e03d6c4c9265d6b -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008919696215a89e03d6c4c9265d6b -- --PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAEDIAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls3 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls3 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAMEHDAaAgEBBBUDO2cHbqQBUxuJBl6UT9UrasuRVrI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEBRIzvK9o7eO2NGmtPFV/zo9/1mlvBwjG7+e6hbPG1KdI --01f8oGBuXMQH -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls3:ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls3 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAMEHDAaAgEBBBUAhZv9WZ00bDnU9MOaqEegP771nes= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls3_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAYOspjEbzyZw61jCtUrxARr+w66nBH+73QIvlaRVSG/4 --hlBUf5kmG4Yn -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls3:BOB_cf_wap-wsg-idm-ecid-wtls3_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls3_PUB --SharedSecret=0311924428a839b7dcada662722945e62bf1131f4f -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB --SharedSecret=0311924428a839b7dcada662722945e62bf1131f4f -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=047f1aee6a1a1d7c9c1f0e8dce4349429f737aa658 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls3_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=047f1aee6a1a1d7c9c1f0e8dce4349429f737aa658 -- --PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAMDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAB -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls4 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls4 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFZysBBAQEFjAUAgEBBA8ACFOrBbOh5LjNtJQCuEE= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAW3K4Mus5+KAJVGLzEYrAYuCJSEYXFTo17aW0TwN -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls4:ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls4 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFZysBBAQEFjAUAgEBBA8Auz4XRc3Rg0bNcbrray8= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls4_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAI0F7ixGqOhnYpsuR80nAdTdSXM+YbcUbLe/U/xG -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls4:BOB_cf_wap-wsg-idm-ecid-wtls4_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls4_PUB --SharedSecret=0077378ddfdadff704a0b6646949e7 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB --SharedSecret=0077378ddfdadff704a0b6646949e7 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls4_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008f3713fe1ff1fa5d5041899817d1 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls4_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=008f3713fe1ff1fa5d5041899817d1 -- --PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB -------BEGIN PUBLIC KEY----- --MDQwEAYHKoZIzj0CAQYFZysBBAQDIAAEAAAAAAAAAAAAAAAAAAAAAd+TqiBXnTd/lyA/OFsR -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls5 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls5 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAUEHDAaAgEBBBUD9gVh3zbLTA7BuRVVi9T8QKZ1uco= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEAH5xyUrvbuN+tWmRhwqrQfFHPHNUBKtAGvJuvSFVwTKk --uFzn9fPvIDe6 -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls5:ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls5 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAUEHDAaAgEBBBUAr9ZlmuO7bNfqB42xUivJXyVHKNI= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls5_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEBdXxEk0L2XAVzRNLPcnMxGXXyDfZAoA1Qw2XpOfVWIVR --jdoMGRgUuJmO -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls5:BOB_cf_wap-wsg-idm-ecid-wtls5_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls5_PUB --SharedSecret=0190c68d80e94fbe9f193ae7d9a156bf0b8d097c23 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB --SharedSecret=0190c68d80e94fbe9f193ae7d9a156bf0b8d097c23 -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls5_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00aabc9b45c200e41294aa922ab06da6655731e0ea -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls5_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00aabc9b45c200e41294aa922ab06da6655731e0ea -- --PublicKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFZysBBAUDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8JxepS05nN/piK --dhDD3dDKXUih -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 --PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=wap-wsg-idm-ecid-wtls6 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls6 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFZysBBAYEFTATAgEBBA4ayMbswPbvYMwpwo80jA== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAERPw/8Ip/RrXr0gMgLGRQeiQ4Qd6W+Li0ylGKzg== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls6:ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls6 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFZysBBAYEFTATAgEBBA6kbCpFt3tX2hYBQHMXbg== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls6_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAYDHgAEhJXqpYGxE/l1X/LiBeyRbIcyzqPxUP5Tkv3U3w== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls6:BOB_cf_wap-wsg-idm-ecid-wtls6_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls6 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls6_PUB --SharedSecret=b4cae255268f11a1e46fecad04c2 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls6 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB --SharedSecret=b4cae255268f11a1e46fecad04c2 -- --Title=wap-wsg-idm-ecid-wtls7 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls7 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUABcyzh4ot9ck/j4/3ehK0aYngYoM= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEwQLnZ70n45RLqRtAGNzEa3Rl/9nwyjqYUtw2eeHhnNLT --feGY4CNH0w== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls7:ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls7 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUAPyrGRY1SR13hKQswS6yXs8w8PUQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls7_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEZGN44YbN5r3zcNtOHrvbQLt8/lE7BHp4D/9eKLmwFDn1 --QneRu3xwPA== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls7:BOB_cf_wap-wsg-idm-ecid-wtls7_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls7 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls7_PUB --SharedSecret=ae9f5bcc6457c0422866bf855921eabc42b7121a -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls7 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB --SharedSecret=ae9f5bcc6457c0422866bf855921eabc42b7121a -- --Title=wap-wsg-idm-ecid-wtls8 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls8 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFZysBBAgEFjAUAgEBBA8AnkC18b3pH2O5TIYIqAQ= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAEJD0h4HEfchwxqhp9eMHh9gczQKHX4MtWVoAxKQ== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls8:ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls8 -------BEGIN PRIVATE KEY----- --MC0CAQAwEAYHKoZIzj0CAQYFZysBBAgEFjAUAgEBBA8AXxPMnqbl3rOuIM5nsvc= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls8_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFZysBBAgDHgAEZawmRmzr9P+jihImUi6ykOzaSH484JhMKNdrgw== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls8:BOB_cf_wap-wsg-idm-ecid-wtls8_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls8 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls8_PUB --SharedSecret=48baf4f1f5e8a0eb5dae28ef6290 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls8 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB --SharedSecret=48baf4f1f5e8a0eb5dae28ef6290 -- --Title=wap-wsg-idm-ecid-wtls9 curve tests -- --PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls9 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAkEHDAaAgEBBBUALwvuKs3RLthMAsChbqKjXw6vTYo= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAET0ppOvd9DU4v+tkKDQ5wRBrN1FwD9+F9t5l3Im+mz3rw --DB/RYdZuUg== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=ALICE_cf_wap-wsg-idm-ecid-wtls9:ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB -- --PrivateKey=BOB_cf_wap-wsg-idm-ecid-wtls9 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAkEHDAaAgEBBBUAgeb/vqEM7X5AAAxyBu3M+C8pWLM= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_wap-wsg-idm-ecid-wtls9_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAkDKgAEWc37LGt6lt90iF4lhtDYNFdjAqoczebuNgzGff/Uq8ov --a3EVJ9yK1A== -------END PUBLIC KEY----- -- --Availablein = default --PrivPubKeyPair=BOB_cf_wap-wsg-idm-ecid-wtls9:BOB_cf_wap-wsg-idm-ecid-wtls9_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_wap-wsg-idm-ecid-wtls9 --PeerKey=BOB_cf_wap-wsg-idm-ecid-wtls9_PUB --SharedSecret=948d3030e95cead39a1bb3d8a01c2be178517ba7 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_wap-wsg-idm-ecid-wtls9 --PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB --SharedSecret=948d3030e95cead39a1bb3d8a01c2be178517ba7 -- --# tests: 484 -- --Title=zero x-coord regression tests -- --PrivateKey=ALICE_zero_prime192v1 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhaPNk8jG5hSG6y8tUqUoOaNNsZ3APU --pps= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime192v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe2hWBe5g --DLNj216pEvK7XjoKLg5gNg8S -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime192v1 --PeerKey=BOB_zero_prime192v1_PUB --SharedSecret=baaffd49a8399d2ad52cbbe24d47b67afb4b3cf436f1cd65 -- --PrivateKey=ALICE_zero_prime192v2 - -----BEGIN PRIVATE KEY----- - MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to - 41k= -@@ -3422,72 +162,6 @@ Derive=ALICE_zero_prime256v1 - PeerKey=BOB_zero_prime256v1_PUB - SharedSecret=c4f5607deb8501f1a4ba23fce4122a4343a17ada2c86a9c8e0d03d92d4a4c84c - --PrivateKey=ALICE_zero_secp112r2 -------BEGIN PRIVATE KEY----- --MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4hh3tRkG3tnA0496ffMw== -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_secp112r2_PUB -------BEGIN PUBLIC KEY----- --MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEAAAAAAAAAAAAAAAAAAAS5eEOWDV/Wk7w4djyDQ== -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_secp112r2 --PeerKey=BOB_zero_secp112r2_PUB --SharedSecret=958cc1cb425713678830a4d7d95e -- --PrivateKey=ALICE_zero_secp128r1 -------BEGIN PRIVATE KEY----- --MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBCykSzic/h3T2K6SkSP1SGt -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_secp128r1_PUB -------BEGIN PUBLIC KEY----- --MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEAAAAAAAAAAAAAAAAAAAAAABya8M5aeOpNG3z799IdHc= -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_secp128r1 --PeerKey=BOB_zero_secp128r1_PUB --SharedSecret=5235d452066f126cd7e99eea00fd3068 -- --PrivateKey=ALICE_zero_secp160r1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUACoRnbig69XLlh5VcRexpbbn5zwA= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_secp160r1_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAG/w1po29wYlxlygXs --MGfbiGg5ng== -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_secp160r1 --PeerKey=BOB_zero_secp160r1_PUB --SharedSecret=9ccd0ab8d093b6acdb3fe14c3736a0dfe61a4666 -- --PrivateKey=ALICE_zero_secp160r2 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUAQFGxInSw1eAvd45E9TUdbXtJGnA= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_secp160r2_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAZtSBSZqfmXp47v5z2 --ZZZl2JFxDg== -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_secp160r2 --PeerKey=BOB_zero_secp160r2_PUB --SharedSecret=303e0a282ac86f463fe834cb51b0057be42ed5ab -- - PrivateKey=ALICE_zero_secp384r1 - -----BEGIN PRIVATE KEY----- - ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDD6kgzKbg28zbQyVTdC0IdHbm0UCQt2Rdbi -@@ -3526,76 +200,6 @@ Derive=ALICE_zero_secp521r1 - PeerKey=BOB_zero_secp521r1_PUB - SharedSecret=003fc3028f61db94b20c7cd177923b6e73f12f0ab067c9ce8866755e3c82abb39c9863cde74fa80b32520bd7dd0eb156c30c08911503b67b2661f1264d09bb231423 - --PrivateKey=ALICE_zero_wap-wsg-idm-ecid-wtls7 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUAoGng7WzYr4P9vtdc3BS/UiNWmc0= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB -------BEGIN PUBLIC KEY----- --MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAZtSBSZqfmXp47v5z2 --ZZZl2JFxDg== -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_wap-wsg-idm-ecid-wtls7 --PeerKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB --SharedSecret=6582fc03bbb340fcf24a5fe8fcdf722655efa8b9 -- --# tests: 14 -- --Title=prime192v1 curve tests -- --PrivateKey=ALICE_cf_prime192v1 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhQFYLaobJ47BVWWZv/ByY8Ti69m/U9 --TeI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_prime192v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEHYbt14KzucSpmKMrlDx1IGz/a28nDs21OjKgx3BK --PZ78UrllIr69kgrYUKsRg4sd -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_prime192v1:ALICE_cf_prime192v1_PUB -- --PrivateKey=BOB_cf_prime192v1 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhsbmKHAtygIqirkmUXSbniDJOx0/fI --CWM= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_prime192v1_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEJA+FQcXq5Axzv8pLDslxq1QVt1hjN2i0TgoO6Yxp --bAekMot69VorE8ibSzgJixXJ -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_prime192v1:BOB_cf_prime192v1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_prime192v1 --PeerKey=BOB_cf_prime192v1_PUB --SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_prime192v1 --PeerKey=ALICE_cf_prime192v1_PUB --SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 -- --# ECDH Bob with Alice peer : curves with less than 112 bits of strength cannot --# be used for Key agreement in fips mode --Availablein = fips --Derive=BOB_cf_prime192v1 --Securitycheck = 1 --PeerKey=ALICE_cf_prime192v1_PUB --SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 --Result = DERIVE_SET_PEER_ERROR -- - Title=prime256v1 curve tests - - PrivateKey=ALICE_cf_prime256v1 -@@ -3759,743 +363,3 @@ SharedSecret=01dd4aa9037bb4ad298b420998d - Derive=BOB_cf_secp521r1 - PeerKey=ALICE_cf_secp521r1_PUB - SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695 -- --Title=sect163k1 curve tests -- --PrivateKey=ALICE_cf_sect163k1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUB905PYfmej8LzbzX6Bg51GJzXQjQ= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect163k1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBfvs5A1hD8YySP9O2ub8GEUfotVuBpfRx4GIHdAfx8wV --1UVeTRnyAlWU -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect163k1:ALICE_cf_sect163k1_PUB -- --PrivateKey=BOB_cf_sect163k1 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAEEHDAaAgEBBBUCHPtCjJ4/K8ylQBcLlb5VE0bkaUE= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect163k1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEBvgfX1mTRlt6Z4TE1D1MNWo4loH4AoeYa6oowK104LKk --nsdg7isQ8XBD -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect163k1:BOB_cf_sect163k1_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect163k1 --PeerKey=BOB_cf_sect163k1_PUB --SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect163k1 --PeerKey=ALICE_cf_sect163k1_PUB --SharedSecret=04d0e40788c5ce5220818055277cae53eac55c1e6b -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect163k1 --PeerKey=BOB_cf_sect163k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77 -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect163k1 --PeerKey=ALICE_cf_sect163k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=04c902a91110244d89110034dd2b099c49cbab6c77 -- --PublicKey=MALICE_cf_sect163k1_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAB -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect163k1 --PeerKey=MALICE_cf_sect163k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect163k1 --PeerKey=MALICE_cf_sect163k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect163r2 curve tests -- --PrivateKey=ALICE_cf_sect163r2 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBjCs/M3N31jsAueYrOq21vdETwAI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect163r2_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBd8Z1/HpA+89hF4I98EST3svWns3BAEbhWmL/fgxk2uu --YwVrmqhgqH/C -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect163r2:ALICE_cf_sect163r2_PUB -- --PrivateKey=BOB_cf_sect163r2 -------BEGIN PRIVATE KEY----- --MDMCAQAwEAYHKoZIzj0CAQYFK4EEAA8EHDAaAgEBBBUBsiouT9Df+mwHWrpPg1JSrY9nqlI= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect163r2_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEBULqBZ+nhLhDEMYY8NEEzZ126MdxAcFXWv8zmPEH9505 --8vT5zU3aq6HV -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect163r2:BOB_cf_sect163r2_PUB -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect163r2 --PeerKey=BOB_cf_sect163r2_PUB --SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d -- --# ECDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect163r2 --PeerKey=ALICE_cf_sect163r2_PUB --SharedSecret=019f829a53c4e6544bdec1395a23082169efaf369d -- --# ECC CDH Alice with Bob peer --Availablein = default --Derive=ALICE_cf_sect163r2 --PeerKey=BOB_cf_sect163r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f -- --# ECC CDH Bob with Alice peer --Availablein = default --Derive=BOB_cf_sect163r2 --PeerKey=ALICE_cf_sect163r2_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=048870d39235ecbc16a000ee478833509b9318a53f -- --PublicKey=MALICE_cf_sect163r2_PUB -------BEGIN PUBLIC KEY----- --MEAwEAYHKoZIzj0CAQYFK4EEAA8DLAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsJbhbrfiSdZPSHD --ZtqJwDlp802l -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Availablein = default --Derive=BOB_cf_sect163r2 --PeerKey=MALICE_cf_sect163r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Availablein = default --Derive=ALICE_cf_sect163r2 --PeerKey=MALICE_cf_sect163r2_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect233k1 curve tests -- --PrivateKey=ALICE_cf_sect233k1 -------BEGIN PRIVATE KEY----- --MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB0z/3heNFjJL+2sAT/38yRsN3kt2iXz7u+y --Gua8Kw== -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect233k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEALQyn0zJmOrHm4S2EIjxRe899PadBnfpYjLKWGvpAIzf --MEG861Nv1IYJkmkO1xlfNHeeRtqFgsQVFKZh -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect233k1:ALICE_cf_sect233k1_PUB -- --PrivateKey=BOB_cf_sect233k1 -------BEGIN PRIVATE KEY----- --MDsCAQAwEAYHKoZIzj0CAQYFK4EEABoEJDAiAgEBBB1I0ucrC4d9i6Z+0cbar5r7uKpF5iiQkSJA --DFMTUA== -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect233k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAatdqazxSghJ568CBFyMXhEvVeAiLewOY/jk9H5DAOB4 --ufNGbdd131KLaKPivB38a6n5Y+2BVSJangow -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect233k1:BOB_cf_sect233k1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect233k1 --PeerKey=BOB_cf_sect233k1_PUB --SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310 -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect233k1 --PeerKey=ALICE_cf_sect233k1_PUB --SharedSecret=012145026e8de65973c154e085456fc5539ba9e25663e7f5816abfcab310 -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect233k1 --PeerKey=BOB_cf_sect233k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect233k1 --PeerKey=ALICE_cf_sect233k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00ff7d6c6b80f39d2ae68fbd00adbcd75fa599ed0bc1aac0e3f49c1c164d -- --PublicKey=MALICE_cf_sect233k1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABoDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect233k1 --PeerKey=MALICE_cf_sect233k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect233k1 --PeerKey=MALICE_cf_sect233k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect233r1 curve tests -- --PrivateKey=ALICE_cf_sect233r1 -------BEGIN PRIVATE KEY----- --MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ATcy7zVpIsJ9rl5EIDmzRz5wxjrDIQyDm --HP3Pt8Y= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect233r1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAQMQHiJ44LiCnZkEg1zyww1h+idTbsw8E07P33WUAUfD --NeQ4hWEhTXPnytIbEhFKpnd3j/FbyZnJqxh8 -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect233r1:ALICE_cf_sect233r1_PUB -- --PrivateKey=BOB_cf_sect233r1 -------BEGIN PRIVATE KEY----- --MDwCAQAwEAYHKoZIzj0CAQYFK4EEABsEJTAjAgEBBB4ALpOlFn4OfiIAkRAZGOsn7L6W3XoQBSV8 --mQVC2pw= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect233r1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAJQw+NWqFJXYw4dVMovzvw76OYnYOTaDaEPNW8ECAQbl --TzzbBSTp5iqM13mP0/Bo4OO66NS3lA9e/GTO -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect233r1:BOB_cf_sect233r1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect233r1 --PeerKey=BOB_cf_sect233r1_PUB --SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795 -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect233r1 --PeerKey=ALICE_cf_sect233r1_PUB --SharedSecret=00209d2995a63f1e8b7a5c33dee5abb602e32e1835ae8bb57eb264d8d795 -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect233r1 --PeerKey=BOB_cf_sect233r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612 -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect233r1 --PeerKey=ALICE_cf_sect233r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=00c3cd1d38a65f5e421399409a76cec1136bc84149f054a7f55e7980c612 -- --PublicKey=MALICE_cf_sect233r1_PUB -------BEGIN PUBLIC KEY----- --MFIwEAYHKoZIzj0CAQYFK4EEABsDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYf4 --Vie5eHTnR+4x4G1xyq7qUvISU+X5RtBh2pE4 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect233r1 --PeerKey=MALICE_cf_sect233r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect233r1 --PeerKey=MALICE_cf_sect233r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect283k1 curve tests -- --PrivateKey=ALICE_cf_sect283k1 -------BEGIN PRIVATE KEY----- --MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQAY1Mi9rST7PiP1t03qYRczV/kSZ+VjQu8 --5EFCgxyvkaLManw= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect283k1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEBMjBO8WoxHS/vz8po52WZGxS+RK5yolrUe6tfbAMA3Sd --5/JjBDVjOz95vM4gUnqzUWHN5nKBQtj6HiU9Q/R+zqg98OiQKTyA -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect283k1:ALICE_cf_sect283k1_PUB -- --PrivateKey=BOB_cf_sect283k1 -------BEGIN PRIVATE KEY----- --MEICAQAwEAYHKoZIzj0CAQYFK4EEABAEKzApAgEBBCQBCZC8Is+YSjgXJBBDioEl6gu14QpGHllD --1J6957vBTPSQdH0= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect283k1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAGEQKZVHYAlvtjHrFyZVm12qUb5j+T5/WNoC962+kwUM --QkBYA5BpuG8Knlugq1iB31whPAgRCZfdLKHpHRPJSfXvKyUIdeUm -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect283k1:BOB_cf_sect283k1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect283k1 --PeerKey=BOB_cf_sect283k1_PUB --SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect283k1 --PeerKey=ALICE_cf_sect283k1_PUB --SharedSecret=03f67c88bdc230b43773d17fdb4d0a980556d074ceccee726932160e4ed965e3be72803c -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect283k1 --PeerKey=BOB_cf_sect283k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169 -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect283k1 --PeerKey=ALICE_cf_sect283k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0677ba01c84d139609ca145cb5b6079fc9ca67f59c9c913e47cad1073f1d1dfaddde0169 -- --PublicKey=MALICE_cf_sect283k1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABADSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect283k1 --PeerKey=MALICE_cf_sect283k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect283k1 --PeerKey=MALICE_cf_sect283k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect283r1 curve tests -- --PrivateKey=ALICE_cf_sect283r1 -------BEGIN PRIVATE KEY----- --MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQCQ5pqKvPxDysd1pi2Bv8Z11cFhsRZfuaf --4Pi0hpGr4ubZcHE= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect283r1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBcsrGDgO7pbGybQX/00gRHtQq3+X9XrGb7Uzv9Nabwc/ --kntnBMF0I2KU+aaTjQx1GVtmNf7CvFwPLEBnfKjJAjekjsGyIqoq -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect283r1:ALICE_cf_sect283r1_PUB -- --PrivateKey=BOB_cf_sect283r1 -------BEGIN PRIVATE KEY----- --MEICAQAwEAYHKoZIzj0CAQYFK4EEABEEKzApAgEBBCQDxItnY3cDCrX/jGnVuAKDPaySZCr3E83Q --UdFnP6YIykt7+Pg= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect283r1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEBJ2C9BCkX0YRfs2ufgUKvreUXFWp2AGK+iHlZB4N3LqO --PKpmAkrAeCMty6mw2mEnOR5HA1d4Ee+z7/NJgJJ80Ra9bFnreOW3 -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect283r1:BOB_cf_sect283r1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect283r1 --PeerKey=BOB_cf_sect283r1_PUB --SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773 -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect283r1 --PeerKey=ALICE_cf_sect283r1_PUB --SharedSecret=0424259cf09727574fb863cab7c27d8fe3835e96433110a45a951f94347fc81939ec4773 -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect283r1 --PeerKey=BOB_cf_sect283r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8 -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect283r1 --PeerKey=ALICE_cf_sect283r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=01c2a542654ce85b17456ed75b6bca6b6eb761580913670debc426a3525f236df0e875c8 -- --PublicKey=MALICE_cf_sect283r1_PUB -------BEGIN PUBLIC KEY----- --MF4wEAYHKoZIzj0CAQYFK4EEABEDSgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAByvMnFeSsevoGYMIn7b4NaL9IgowRCTKF8CCrhdEKu3pubP2 -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect283r1 --PeerKey=MALICE_cf_sect283r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect283r1 --PeerKey=MALICE_cf_sect283r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect409k1 curve tests -- --PrivateKey=ALICE_cf_sect409k1 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMOthcLahkXFgM0wjOzm767D1A72sFRGlhb --bVH+EB7z2WpIcPX4OD+M4Y1pf/a7wSaoSAo= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect409k1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAbiYYpeFgCMsZFMzQaiwMJDrC+mCMT7KmhYtD5EMMgLW --5OvhaqYdpRf49A8LOtVcRT7J5gGcMrXQgmQeS3FenA5owWnB2NIgrTNf5d8AAEtrOupsJ4c3kL6e --aAzayZ1+UCEj8skbC9U= -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect409k1:ALICE_cf_sect409k1_PUB -- --PrivateKey=BOB_cf_sect409k1 -------BEGIN PRIVATE KEY----- --MFECAQAwEAYHKoZIzj0CAQYFK4EEACQEOjA4AgEBBDMO43ldQllTewdZwffH4OEXdzBrLwabKsn4 --6/hjgIAaYda/pt4yCEQLMp18QgtfMey5ENI= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect409k1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAVTQj6hRizVmOx4Z6vroN/zMkmAY+QhkQ0CnFeJ0AydY --Fv+f+/420vMC1Mhqsc9VzPMmIAH6ZrgGKDsd4Ce9JUtYE0rVhGeiG2RaN1U5RlhVK4avkWhFlyQ5 --vuu4aApQiWE3yQd9v/I= -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect409k1:BOB_cf_sect409k1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect409k1 --PeerKey=BOB_cf_sect409k1_PUB --SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0 -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect409k1 --PeerKey=ALICE_cf_sect409k1_PUB --SharedSecret=01fbe13188588c9d1ac3a8a2680ea9a009b28e4b7d7fa4efcb1a22553876fb7973616819fd87c75e5b8ce6e3628595e4ce12edb0 -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect409k1 --PeerKey=BOB_cf_sect409k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect409k1 --PeerKey=ALICE_cf_sect409k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=007e9485f7234bb2255bb40e51f4be867cb0ef31f8e489a697b31b51c4d5346daaee51e96ae6f9636e6e3af56095fe28755325ee -- --PublicKey=MALICE_cf_sect409k1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACQDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAA= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect409k1 --PeerKey=MALICE_cf_sect409k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect409k1 --PeerKey=MALICE_cf_sect409k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect409r1 curve tests -- --PrivateKey=ALICE_cf_sect409r1 -------BEGIN PRIVATE KEY----- --MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQAxSC9lST5dtfXQI1Ug9VMMoue3GGni5ON --+gieyXK2KKbd29KAPs4/AOd8kX2wQDsZPO7E -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect409r1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEASAvXAM15DJerAu1JttpBuMJK1/fEfFohu2iEpt3r7Ui --iQoER6HUsWiw1hhcJyTv7WzpJQHFWrOlJMe/KjmQa/CygSc65YHDzG27oUL+KGdQUGc79ZRSwl/q --fGZqa3D+bDVMwrhmZto= -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect409r1:ALICE_cf_sect409r1_PUB -- --PrivateKey=BOB_cf_sect409r1 -------BEGIN PRIVATE KEY----- --MFICAQAwEAYHKoZIzj0CAQYFK4EEACUEOzA5AgEBBDQARen+1P3JQzBgOv0pUYwsZTPRVLpqqDAU --7mKL2lk9eH7zSGmtNoMvP2m1S2dBnXxFY/bV -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect409r1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAbDUw066TtdfOpDvrlKosEyqUNEG7rY+AKvDqKw+HOzf --sUTYee6cEf71oqJ1sCKPQiYzlwCu/HLQeWPxISE6Uo+53kkeJml2xpMBwoE25Gq/DSS61dR7SRTZ --+sUmumbIuGzbrjtMRmw= -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect409r1:BOB_cf_sect409r1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect409r1 --PeerKey=BOB_cf_sect409r1_PUB --SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1 -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect409r1 --PeerKey=ALICE_cf_sect409r1_PUB --SharedSecret=00a751259cdb3b445ce71a40a01a2189dfce70226111190505fc6eabe4e5a05bff7af55f2015e1ffcab6aea7ea9a6e74905da2a1 -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect409r1 --PeerKey=BOB_cf_sect409r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect409r1 --PeerKey=ALICE_cf_sect409r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=0115a31aed416c5089d74a263ec300aff13a5329c6ad27de950ae0b0917b40a3464fccf5691ac9633a51e5177a82b15cfc434aad -- --PublicKey=MALICE_cf_sect409r1_PUB -------BEGIN PUBLIC KEY----- --MH4wEAYHKoZIzj0CAQYFK4EEACUDagAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAACZNffkdo7i7yL5tKKfU8tdk6su0K185XwbJkn96JWVDPZXZ3My --bFKKSOJ7hyrM8Lwl1e8= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect409r1 --PeerKey=MALICE_cf_sect409r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect409r1 --PeerKey=MALICE_cf_sect409r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect571k1 curve tests -- --PrivateKey=ALICE_cf_sect571k1 -------BEGIN PRIVATE KEY----- --MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgB4agvk7Qdf9bVb9aMVdtXL0MuVw6dTleB --zrpPMYty/piI5GWkQEGVp4OJSjF1BGgWmtYSYlV0oI8jJ7hfWTjVGfVWix4ipb8= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect571k1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDUZq0ZrgYpTXNpOptjExaur0K9FAYHv1j9cvAptwX --dcmQf3VqekMkGZCfNdqNeqCajG3QHRkBHe4FZhWr3FXi8whvvr463lUDf+t46un1kE6FTYfhILGa --sBZm7OdfkarYd9TXBbmnkFA+XkyPlkM1+6daM3/WmnegK+TYghFDXLgwiyF8s0ElllF7z38Gmc4= -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect571k1:ALICE_cf_sect571k1_PUB -- --PrivateKey=BOB_cf_sect571k1 -------BEGIN PRIVATE KEY----- --MGYCAQAwEAYHKoZIzj0CAQYFK4EEACYETzBNAgEBBEgA3pINxGOI7L9M+Mil+bm/udPwI4xu7ubJ --p3aoOepTXW94laf8wjFLcQnRUwH87Vbq9VLQEfCAFvr2vZoBc+5asnNuDhRNNeQ= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect571k1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQDZRr5GCSq2uzGxmWNB+bED7zye18Rr/KehwXrbn1r --rKtR8fe+dg2V15FieC3qZe/wCpMtyp79VmEabGi6iGLlAN/rUE81URsA/K7GVpmklslV5gmwryR0 --3E7jGKPFesun9iNtmpgM18P9y3aJd4Qr4hMlwW2Nyw187l6QB/W2e/i+8vKXFTLHlz5WLAyAcpA= -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect571k1:BOB_cf_sect571k1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect571k1 --PeerKey=BOB_cf_sect571k1_PUB --SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect571k1 --PeerKey=ALICE_cf_sect571k1_PUB --SharedSecret=02b79c92cee50dc5b9fdddce36d4fa2e28d7d178cd74e575961f39429496305b38815c840c2e66327435c044ed885ec964068531251a2112717602532e8b6d5411db2fe05c1ac18c -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect571k1 --PeerKey=BOB_cf_sect571k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2 -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect571k1 --PeerKey=ALICE_cf_sect571k1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=063aea789492c9727a5a6b7f24e8d3d377c70ee8e86b13664e191a53b1905e90e78b85960b1881db5160c7c5cacca0d686d9e104140d565eeeec17426f93d3a7ba639ecd716b43d2 -- --PublicKey=MALICE_cf_sect571k1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAmA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect571k1 --PeerKey=MALICE_cf_sect571k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect571k1 --PeerKey=MALICE_cf_sect571k1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --Title=sect571r1 curve tests -- --PrivateKey=ALICE_cf_sect571r1 -------BEGIN PRIVATE KEY----- --MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAxfL2/gUsmJonvDMR95Azq1ySgXMlKSRk --+PL+WaS92ZyOo45HaC7RpH5sdkf4b948u6y1BXOxGZuORXy6lgbgZ1Zx2UgL3cI= -------END PRIVATE KEY----- -- --PublicKey=ALICE_cf_sect571r1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQBK5L9ccIWacU2A1srZ35opPu6kcbEOsBPmvj/rlMS --fFrdMOcagOYfcD0/ouYHPhvkHbr9k87IlQJfnV6ZNRA4PmWSp/FjkNwETm/fqTCUQHti/qqnKH7R --Ed4fYROLFGvz+PX6E20SryOt1vrmoRyC7Z5FVmgMVOQQ1AaBNAHi3+IPtKx41YdXdbqHJxuI5jE= -------END PUBLIC KEY----- -- --PrivPubKeyPair=ALICE_cf_sect571r1:ALICE_cf_sect571r1_PUB -- --PrivateKey=BOB_cf_sect571r1 -------BEGIN PRIVATE KEY----- --MGYCAQAwEAYHKoZIzj0CAQYFK4EEACcETzBNAgEBBEgAzcRvASPpWi0ybpOGlj0Lozz01C2a5oDA --G5alib1EmZKcpVULxJXn75FQlTKpkUEuWUgA4yk5X5DTiScUuh4LDhaF3AFhsEY= -------END PRIVATE KEY----- -- --PublicKey=BOB_cf_sect571r1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQH3dnL22NajtqDWTX6qD14w1BOlpHFBUPTr24VySlh --kiiBlOF95u7hFr/hSb7gm/3f+IVKyE18Sh2kR4KaxWcPWKY5xKTiqiICT7hCistuzNRt8gR+kNOT --c1rETMV6ZruZinwzEWWWjwJf6612oy2HG3CX3B8Rm+a3sS0q6IzowEwqmDv6v9bMTFk8bsCv0Fk= -------END PUBLIC KEY----- -- --PrivPubKeyPair=BOB_cf_sect571r1:BOB_cf_sect571r1_PUB -- --# ECDH Alice with Bob peer --Derive=ALICE_cf_sect571r1 --PeerKey=BOB_cf_sect571r1_PUB --SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827 -- --# ECDH Bob with Alice peer --Derive=BOB_cf_sect571r1 --PeerKey=ALICE_cf_sect571r1_PUB --SharedSecret=0031f9879fa75b8c67ba81ee861be634e2b53aa79f834e9a8ca4df7f4461bcb02f083d9fa5b4767f881a710caa6524b58eb626623ba394961d46535204c26d165089e7d4f7be1827 -- --# ECC CDH Alice with Bob peer --Derive=ALICE_cf_sect571r1 --PeerKey=BOB_cf_sect571r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0 -- --# ECC CDH Bob with Alice peer --Derive=BOB_cf_sect571r1 --PeerKey=ALICE_cf_sect571r1_PUB --Ctrl=ecdh_cofactor_mode:1 --SharedSecret=012e8c2c1554988fe20c5ae7d11cdcfe15c7c6e8d2b6f46a43a45d724bfc7b415ea7594d5c16f770a95d6e65bbcb1f34619db95e89f4fecbcb0bc6a3f92d52df6a49b0e7773e0ac0 -- --PublicKey=MALICE_cf_sect571r1_PUB -------BEGIN PUBLIC KEY----- --MIGnMBAGByqGSM49AgEGBSuBBAAnA4GSAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHMtVWZAwgtd1zmgWN/9WC --aNQcWRNUKesEHXqhJVkC5jYsSACodKsLYFNrWEYM0gwG8DQONZSn93G+38EM45tkaZsIRDt2HEM= -------END PUBLIC KEY----- -- --# ECC CDH Bob with Malice peer --Derive=BOB_cf_sect571r1 --PeerKey=MALICE_cf_sect571r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -- --# ECC CDH Alice with Malice peer --Derive=ALICE_cf_sect571r1 --PeerKey=MALICE_cf_sect571r1_PUB --Ctrl=ecdh_cofactor_mode:1 --Result=DERIVE_ERROR --Reason=point at infinity -diff -up openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt ---- openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt.remove-ec 2021-06-30 10:51:23.258816802 +0200 -+++ openssl-3.0.0-beta1/test/recipes/30-test_evp_data/evppkey_ecc.txt 2021-06-30 11:25:33.504721672 +0200 -@@ -1,3 +1,4 @@ -+ - # - # Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. - # -@@ -55,151 +56,6 @@ Derive=BOB_cf_secp256k1 - PeerKey=ALICE_cf_secp256k1_PUB - SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 - -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to --41k= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime192v2_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Gj7Qqt --2wx/jwFlKgvE4rnd50LspdMk -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime192v2 --PeerKey=BOB_zero_prime192v2_PUB --SharedSecret=b8f200a4b87064f2e8600685ca3e69b8e661a117aabc770b -- --PrivateKey=ALICE_zero_prime192v3 -------BEGIN PRIVATE KEY----- --MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBh/maLQMSlea9BfLqGy5NPuK0YAH/cz --GqI= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime192v3_PUB -------BEGIN PUBLIC KEY----- --MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZEzb63e2 --3MKatRLR9Y1M5JEdI9jwMocI -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime192v3 --PeerKey=BOB_zero_prime192v3_PUB --SharedSecret=b5de857d355bc5b9e270a4c290ea9728d764d8b243ff5d8d -- --PrivateKey=ALICE_zero_prime239v1 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5pYWzRYI+c6O7NXCt0H2kw8XRL3rhe --4MrJT8j++CI= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime239v1_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --Ox02uwNNLFuvDRn5ip8TxvW0W22R7UzJa9Av6/nh -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime239v1 --PeerKey=BOB_zero_prime239v1_PUB --SharedSecret=6b6206408bd05d42daa2cd224c401a1230b44e184f17b82f385f22dac215 -- --PrivateKey=ALICE_zero_prime239v2 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5l8bB7Cpmr7vyx9FiOT2wEF3YOFbDG --bmRr3Vi/xr4= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime239v2_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --IOg3VJGQ89d1GWg4Igxcj5xpDmJiP8tv+e4mxt5U -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime239v2 --PeerKey=BOB_zero_prime239v2_PUB --SharedSecret=772c2819c960c78f28f21f6542b7409294fad1f84567c44c4b7678dc0e42 -- --PrivateKey=ALICE_zero_prime239v3 -------BEGIN PRIVATE KEY----- --MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5HF5FABzUOTYMZg9UdZTx/oRERm/fU --M/+otKzpLjA= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime239v3_PUB -------BEGIN PUBLIC KEY----- --MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AsZ4u6r3qQI78EYBpiSgWjqNpoeShjr5piecMBWj -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime239v3 --PeerKey=BOB_zero_prime239v3_PUB --SharedSecret=56a71f5dd1611e8032c3e2d8224d86e5e8c2fc6480d74c0e282282decd43 -- --PrivateKey=ALICE_zero_prime256v1 -------BEGIN PRIVATE KEY----- --MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDXhMb6aR4JR2+l2tmgYqP0r8S4jtym --yH++awvF2nGhhg== -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_prime256v1_PUB -------BEGIN PUBLIC KEY----- --MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AABmSFx4Di+D1yQzvV2EoGu2VBwq8x2uhxcov4VqF0+T9A== -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_prime256v1 --PeerKey=BOB_zero_prime256v1_PUB --SharedSecret=c4f5607deb8501f1a4ba23fce4122a4343a17ada2c86a9c8e0d03d92d4a4c84c -- --PrivateKey=ALICE_zero_secp384r1 -------BEGIN PRIVATE KEY----- --ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDD6kgzKbg28zbQyVTdC0IdHbm0UCQt2Rdbi --VVHJeYRSnNpFOiFLaOsGOmwoeZzj6jc= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_secp384r1_PUB -------BEGIN PUBLIC KEY----- --MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAPPme8E9RpepjC6P5+WDdWToUyb45/SvSFdO0sIqq+Gu/kn8sRuUqsG+3 --QriFDlIe -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_secp384r1 --PeerKey=BOB_zero_secp384r1_PUB --SharedSecret=b1cfeaeef51dfd487d3a8b2849f1592e04d63f2d2c88b310a6290ebfe5399f5ffe954eabd0619231393e56c35b242986 -- --PrivateKey=ALICE_zero_secp521r1 -------BEGIN PRIVATE KEY----- --MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIAbddDLMUWbAsY7l3vbNDmntXuAUcDYPg5 --w/cgUwSCIvrV9MBeSG8AWqT16riHmHlsn+XI5PAJM6eij3JDahnu9Mo= -------END PRIVATE KEY----- -- --PublicKey=BOB_zero_secp521r1_PUB -------BEGIN PUBLIC KEY----- --MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA --AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0g7J/qa1d8ENJsobtEb0CymeZIsa --1Qiq0GiJb+4/jmFLxjBU1Xcr8Bpl1BLgvKqOll0vXTMtfzn4RtRArgAfT4c= -------END PUBLIC KEY----- -- --# ECDH Alice with Bob peer --Availablein = default --Derive=ALICE_zero_secp521r1 --PeerKey=BOB_zero_secp521r1_PUB --SharedSecret=003fc3028f61db94b20c7cd177923b6e73f12f0ab067c9ce8866755e3c82abb39c9863cde74fa80b32520bd7dd0eb156c30c08911503b67b2661f1264d09bb231423 -- - Title=prime256v1 curve tests - - PrivateKey=ALICE_cf_prime256v1 -diff -up openssl-3.0.7/test/recipes/15-test_ec.t.skipshort openssl-3.0.7/test/recipes/15-test_ec.t ---- openssl-3.0.7/test/recipes/15-test_ec.t.skipshort 2022-11-23 12:40:55.324395782 +0100 -+++ openssl-3.0.7/test/recipes/15-test_ec.t 2022-11-23 12:42:12.478094387 +0100 -@@ -90,7 +90,7 @@ subtest 'Ed448 conversions -- public key - - subtest 'Check loading of fips and non-fips keys' => sub { - plan skip_all => "FIPS is disabled" -- if $no_fips; -+ if 1; #Red Hat specific, original value is $no_fips; - - plan tests => 2; - diff --git a/0011-Remove-EC-curves.patch b/0011-Remove-EC-curves.patch new file mode 100644 index 0000000000000000000000000000000000000000..d70d28bfeaa2817fb7db77c17d8849cd3e41b99b --- /dev/null +++ b/0011-Remove-EC-curves.patch @@ -0,0 +1,227 @@ +diff -up ./apps/speed.c.ec-curves ./apps/speed.c +--- ./apps/speed.c.ec-curves 2023-03-14 04:44:12.545437892 +0100 ++++ ./apps/speed.c 2023-03-14 04:48:28.606729067 +0100 +@@ -366,7 +366,7 @@ static double ffdh_results[FFDH_NUM][1]; + #endif /* OPENSSL_NO_DH */ + + enum ec_curves_t { +- R_EC_P160, R_EC_P192, R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, ++ R_EC_P224, R_EC_P256, R_EC_P384, R_EC_P521, + #ifndef OPENSSL_NO_EC2M + R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571, + R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571, +@@ -376,8 +376,6 @@ enum ec_curves_t { + }; + /* list of ecdsa curves */ + static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { +- {"ecdsap160", R_EC_P160}, +- {"ecdsap192", R_EC_P192}, + {"ecdsap224", R_EC_P224}, + {"ecdsap256", R_EC_P256}, + {"ecdsap384", R_EC_P384}, +@@ -404,8 +402,6 @@ static const OPT_PAIR ecdsa_choices[ECDS + enum { R_EC_X25519 = ECDSA_NUM, R_EC_X448, EC_NUM }; + /* list of ecdh curves, extension of |ecdsa_choices| list above */ + static const OPT_PAIR ecdh_choices[EC_NUM] = { +- {"ecdhp160", R_EC_P160}, +- {"ecdhp192", R_EC_P192}, + {"ecdhp224", R_EC_P224}, + {"ecdhp256", R_EC_P256}, + {"ecdhp384", R_EC_P384}, +@@ -1422,8 +1418,6 @@ int speed_main(int argc, char **argv) + */ + static const EC_CURVE ec_curves[EC_NUM] = { + /* Prime Curves */ +- {"secp160r1", NID_secp160r1, 160}, +- {"nistp192", NID_X9_62_prime192v1, 192}, + {"nistp224", NID_secp224r1, 224}, + {"nistp256", NID_X9_62_prime256v1, 256}, + {"nistp384", NID_secp384r1, 384}, +diff -up ./crypto/evp/ec_support.c.ec-curves ./crypto/evp/ec_support.c +--- ./crypto/evp/ec_support.c.ec-curves 2023-03-14 06:22:41.542310442 +0100 ++++ ./crypto/evp/ec_support.c 2023-03-21 11:24:18.378451683 +0100 +@@ -20,89 +20,15 @@ typedef struct ec_name2nid_st { + static const EC_NAME2NID curve_list[] = { + /* prime field curves */ + /* secg curves */ +- {"secp112r1", NID_secp112r1 }, +- {"secp112r2", NID_secp112r2 }, +- {"secp128r1", NID_secp128r1 }, +- {"secp128r2", NID_secp128r2 }, +- {"secp160k1", NID_secp160k1 }, +- {"secp160r1", NID_secp160r1 }, +- {"secp160r2", NID_secp160r2 }, +- {"secp192k1", NID_secp192k1 }, +- {"secp224k1", NID_secp224k1 }, + {"secp224r1", NID_secp224r1 }, + {"secp256k1", NID_secp256k1 }, + {"secp384r1", NID_secp384r1 }, + {"secp521r1", NID_secp521r1 }, + /* X9.62 curves */ +- {"prime192v1", NID_X9_62_prime192v1 }, +- {"prime192v2", NID_X9_62_prime192v2 }, +- {"prime192v3", NID_X9_62_prime192v3 }, +- {"prime239v1", NID_X9_62_prime239v1 }, +- {"prime239v2", NID_X9_62_prime239v2 }, +- {"prime239v3", NID_X9_62_prime239v3 }, + {"prime256v1", NID_X9_62_prime256v1 }, + /* characteristic two field curves */ + /* NIST/SECG curves */ +- {"sect113r1", NID_sect113r1 }, +- {"sect113r2", NID_sect113r2 }, +- {"sect131r1", NID_sect131r1 }, +- {"sect131r2", NID_sect131r2 }, +- {"sect163k1", NID_sect163k1 }, +- {"sect163r1", NID_sect163r1 }, +- {"sect163r2", NID_sect163r2 }, +- {"sect193r1", NID_sect193r1 }, +- {"sect193r2", NID_sect193r2 }, +- {"sect233k1", NID_sect233k1 }, +- {"sect233r1", NID_sect233r1 }, +- {"sect239k1", NID_sect239k1 }, +- {"sect283k1", NID_sect283k1 }, +- {"sect283r1", NID_sect283r1 }, +- {"sect409k1", NID_sect409k1 }, +- {"sect409r1", NID_sect409r1 }, +- {"sect571k1", NID_sect571k1 }, +- {"sect571r1", NID_sect571r1 }, +- /* X9.62 curves */ +- {"c2pnb163v1", NID_X9_62_c2pnb163v1 }, +- {"c2pnb163v2", NID_X9_62_c2pnb163v2 }, +- {"c2pnb163v3", NID_X9_62_c2pnb163v3 }, +- {"c2pnb176v1", NID_X9_62_c2pnb176v1 }, +- {"c2tnb191v1", NID_X9_62_c2tnb191v1 }, +- {"c2tnb191v2", NID_X9_62_c2tnb191v2 }, +- {"c2tnb191v3", NID_X9_62_c2tnb191v3 }, +- {"c2pnb208w1", NID_X9_62_c2pnb208w1 }, +- {"c2tnb239v1", NID_X9_62_c2tnb239v1 }, +- {"c2tnb239v2", NID_X9_62_c2tnb239v2 }, +- {"c2tnb239v3", NID_X9_62_c2tnb239v3 }, +- {"c2pnb272w1", NID_X9_62_c2pnb272w1 }, +- {"c2pnb304w1", NID_X9_62_c2pnb304w1 }, +- {"c2tnb359v1", NID_X9_62_c2tnb359v1 }, +- {"c2pnb368w1", NID_X9_62_c2pnb368w1 }, +- {"c2tnb431r1", NID_X9_62_c2tnb431r1 }, +- /* +- * the WAP/WTLS curves [unlike SECG, spec has its own OIDs for curves +- * from X9.62] +- */ +- {"wap-wsg-idm-ecid-wtls1", NID_wap_wsg_idm_ecid_wtls1 }, +- {"wap-wsg-idm-ecid-wtls3", NID_wap_wsg_idm_ecid_wtls3 }, +- {"wap-wsg-idm-ecid-wtls4", NID_wap_wsg_idm_ecid_wtls4 }, +- {"wap-wsg-idm-ecid-wtls5", NID_wap_wsg_idm_ecid_wtls5 }, +- {"wap-wsg-idm-ecid-wtls6", NID_wap_wsg_idm_ecid_wtls6 }, +- {"wap-wsg-idm-ecid-wtls7", NID_wap_wsg_idm_ecid_wtls7 }, +- {"wap-wsg-idm-ecid-wtls8", NID_wap_wsg_idm_ecid_wtls8 }, +- {"wap-wsg-idm-ecid-wtls9", NID_wap_wsg_idm_ecid_wtls9 }, +- {"wap-wsg-idm-ecid-wtls10", NID_wap_wsg_idm_ecid_wtls10 }, +- {"wap-wsg-idm-ecid-wtls11", NID_wap_wsg_idm_ecid_wtls11 }, +- {"wap-wsg-idm-ecid-wtls12", NID_wap_wsg_idm_ecid_wtls12 }, +- /* IPSec curves */ +- {"Oakley-EC2N-3", NID_ipsec3 }, +- {"Oakley-EC2N-4", NID_ipsec4 }, + /* brainpool curves */ +- {"brainpoolP160r1", NID_brainpoolP160r1 }, +- {"brainpoolP160t1", NID_brainpoolP160t1 }, +- {"brainpoolP192r1", NID_brainpoolP192r1 }, +- {"brainpoolP192t1", NID_brainpoolP192t1 }, +- {"brainpoolP224r1", NID_brainpoolP224r1 }, +- {"brainpoolP224t1", NID_brainpoolP224t1 }, + {"brainpoolP256r1", NID_brainpoolP256r1 }, + {"brainpoolP256t1", NID_brainpoolP256t1 }, + {"brainpoolP320r1", NID_brainpoolP320r1 }, +diff -up ./test/acvp_test.inc.ec-curves ./test/acvp_test.inc +--- ./test/acvp_test.inc.ec-curves 2023-03-14 06:38:20.563712586 +0100 ++++ ./test/acvp_test.inc 2023-03-14 06:39:01.631080059 +0100 +@@ -212,15 +212,6 @@ static const unsigned char ecdsa_sigver_ + }; + static const struct ecdsa_sigver_st ecdsa_sigver_data[] = { + { +- "SHA-1", +- "P-192", +- ITM(ecdsa_sigver_msg0), +- ITM(ecdsa_sigver_pub0), +- ITM(ecdsa_sigver_r0), +- ITM(ecdsa_sigver_s0), +- PASS, +- }, +- { + "SHA2-512", + "P-521", + ITM(ecdsa_sigver_msg1), +diff -up ./test/ecdsatest.h.ec-curves ./test/ecdsatest.h +--- ./test/ecdsatest.h.ec-curves 2023-03-14 04:49:16.148154472 +0100 ++++ ./test/ecdsatest.h 2023-03-14 04:51:01.376096037 +0100 +@@ -32,23 +32,6 @@ typedef struct { + } ecdsa_cavs_kat_t; + + static const ecdsa_cavs_kat_t ecdsa_cavs_kats[] = { +- /* prime KATs from X9.62 */ +- {NID_X9_62_prime192v1, NID_sha1, +- "616263", /* "abc" */ +- "1a8d598fc15bf0fd89030b5cb1111aeb92ae8baf5ea475fb", +- "0462b12d60690cdcf330babab6e69763b471f994dd702d16a563bf5ec08069705ffff65e" +- "5ca5c0d69716dfcb3474373902", +- "fa6de29746bbeb7f8bb1e761f85f7dfb2983169d82fa2f4e", +- "885052380ff147b734c330c43d39b2c4a89f29b0f749fead", +- "e9ecc78106def82bf1070cf1d4d804c3cb390046951df686"}, +- {NID_X9_62_prime239v1, NID_sha1, +- "616263", /* "abc" */ +- "7ef7c6fabefffdea864206e80b0b08a9331ed93e698561b64ca0f7777f3d", +- "045b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c707fd9f1ed2e" +- "65f09f6ce0893baf5e8e31e6ae82ea8c3592335be906d38dee", +- "656c7196bf87dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", +- "2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0", +- "2eeae988104e9c2234a3c2beb1f53bfa5dc11ff36a875d1e3ccb1f7e45cf"}, + /* prime KATs from NIST CAVP */ + {NID_secp224r1, NID_sha224, + "699325d6fc8fbbb4981a6ded3c3a54ad2e4e3db8a5669201912064c64e700c139248cdc1" +diff -up ./test/recipes/15-test_genec.t.ec-curves ./test/recipes/15-test_genec.t +--- ./test/recipes/15-test_genec.t.ec-curves 2023-03-14 04:51:45.215488277 +0100 ++++ ./test/recipes/15-test_genec.t 2023-03-21 11:26:58.613885435 +0100 +@@ -41,37 +41,11 @@ plan skip_all => "This test is unsupport + if disabled("ec"); + + my @prime_curves = qw( +- secp112r1 +- secp112r2 +- secp128r1 +- secp128r2 +- secp160k1 +- secp160r1 +- secp160r2 +- secp192k1 +- secp224k1 + secp224r1 + secp256k1 + secp384r1 + secp521r1 +- prime192v1 +- prime192v2 +- prime192v3 +- prime239v1 +- prime239v2 +- prime239v3 + prime256v1 +- wap-wsg-idm-ecid-wtls6 +- wap-wsg-idm-ecid-wtls7 +- wap-wsg-idm-ecid-wtls8 +- wap-wsg-idm-ecid-wtls9 +- wap-wsg-idm-ecid-wtls12 +- brainpoolP160r1 +- brainpoolP160t1 +- brainpoolP192r1 +- brainpoolP192t1 +- brainpoolP224r1 +- brainpoolP224t1 + brainpoolP256r1 + brainpoolP256t1 + brainpoolP320r1 +@@ -136,7 +110,6 @@ push(@other_curves, 'SM2') + if !disabled("sm2"); + + my @curve_aliases = qw( +- P-192 + P-224 + P-256 + P-384 diff --git a/0011-Disable-explicit-ec.patch b/0012-Disable-explicit-ec.patch similarity index 100% rename from 0011-Disable-explicit-ec.patch rename to 0012-Disable-explicit-ec.patch diff --git a/0013-skipped-tests-EC-curves.patch b/0013-skipped-tests-EC-curves.patch new file mode 100644 index 0000000000000000000000000000000000000000..0c81d4c765e4c9073eda4bab01368f9fd1f4a75f --- /dev/null +++ b/0013-skipped-tests-EC-curves.patch @@ -0,0 +1,36 @@ +diff -up ./test/recipes/15-test_ec.t.skip-tests ./test/recipes/15-test_ec.t +--- ./test/recipes/15-test_ec.t.skip-tests 2023-03-14 13:42:38.865508269 +0100 ++++ ./test/recipes/15-test_ec.t 2023-03-14 13:43:36.237021635 +0100 +@@ -90,7 +90,7 @@ subtest 'Ed448 conversions -- public key + + subtest 'Check loading of fips and non-fips keys' => sub { + plan skip_all => "FIPS is disabled" +- if $no_fips; ++ if 1; #Red Hat specific, original value is $no_fips; + + plan tests => 2; + +diff -up ./test/recipes/65-test_cmp_protect.t.skip-tests ./test/recipes/65-test_cmp_protect.t +--- ./test/recipes/65-test_cmp_protect.t.skip-tests 2023-03-14 10:13:11.342056559 +0100 ++++ ./test/recipes/65-test_cmp_protect.t 2023-03-14 10:14:42.643873496 +0100 +@@ -27,7 +27,7 @@ plan skip_all => "This test is not suppo + plan skip_all => "This test is not supported in a shared library build on Windows" + if $^O eq 'MSWin32' && !disabled("shared"); + +-plan tests => 2 + ($no_fips ? 0 : 1); #fips test ++plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test + + my @basic_cmd = ("cmp_protect_test", + data_file("server.pem"), +diff -up ./test/recipes/65-test_cmp_vfy.t.skip-tests ./test/recipes/65-test_cmp_vfy.t +--- ./test/recipes/65-test_cmp_vfy.t.skip-tests 2023-03-14 10:13:38.106296042 +0100 ++++ ./test/recipes/65-test_cmp_vfy.t 2023-03-14 10:16:56.496071178 +0100 +@@ -27,7 +27,7 @@ plan skip_all => "This test is not suppo + plan skip_all => "This test is not supported in a no-ec build" + if disabled("ec"); + +-plan tests => 2 + ($no_fips ? 0 : 1); #fips test ++plan skip_all => 2 + ($no_fips ? 0 : 1); #fips test + + my @basic_cmd = ("cmp_vfy_test", + data_file("server.crt"), data_file("client.crt"), diff --git a/0012-load-legacy-prov.patch b/0014-load-legacy-prov.patch similarity index 100% rename from 0012-load-legacy-prov.patch rename to 0014-load-legacy-prov.patch diff --git a/0013-tmp-Fix-test-names.patch b/0015-tmp-Fix-test-names.patch similarity index 100% rename from 0013-tmp-Fix-test-names.patch rename to 0015-tmp-Fix-test-names.patch diff --git a/0014-Force-fips.patch b/0016-Force-fips.patch similarity index 100% rename from 0014-Force-fips.patch rename to 0016-Force-fips.patch diff --git a/0015-FIPS-embed-hmac.patch b/0017-FIPS-embed-hmac.patch similarity index 100% rename from 0015-FIPS-embed-hmac.patch rename to 0017-FIPS-embed-hmac.patch diff --git a/0016-fipsinstall_disable.patch b/0018-fipsinstall_disable.patch similarity index 99% rename from 0016-fipsinstall_disable.patch rename to 0018-fipsinstall_disable.patch index c4f9efd99d83dbdcdaf62f64737841a801e1f992..ab9d4601eed0591d5f7b1a6b7c25622fd2fec970 100644 --- a/0016-fipsinstall_disable.patch +++ b/0018-fipsinstall_disable.patch @@ -148,7 +148,7 @@ diff -up openssl-3.0.0/doc/man5/fips_config.pod.xxx openssl-3.0.0/doc/man5/fips_ +environment variable B is set. See the documentation +for more information. - =head1 COPYRIGHT + =head1 HISTORY diff -up openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod --- openssl-3.0.0/doc/man7/OSSL_PROVIDER-FIPS.pod.xxx 2021-11-22 13:18:13.850086386 +0100 diff --git a/0017-speed-skip-unavailable-dgst.patch b/0019-speed-skip-unavailable-dgst.patch similarity index 100% rename from 0017-speed-skip-unavailable-dgst.patch rename to 0019-speed-skip-unavailable-dgst.patch diff --git a/0018-FIPS-140-3-keychecks.patch b/0020-FIPS-140-3-keychecks.patch similarity index 100% rename from 0018-FIPS-140-3-keychecks.patch rename to 0020-FIPS-140-3-keychecks.patch diff --git a/0019-FIPS-services-minimize.patch b/0021-FIPS-services-minimize.patch similarity index 99% rename from 0019-FIPS-services-minimize.patch rename to 0021-FIPS-services-minimize.patch index abb13e093ae4eef3f991b44d60162e1163ecafce..e8e6fd9b5b72eab7021206b97edfeae066d8b6f3 100644 --- a/0019-FIPS-services-minimize.patch +++ b/0021-FIPS-services-minimize.patch @@ -434,9 +434,9 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp.t.fipsmin3 openssl-3.0.1/test/re + evpkdf_x942_des.txt + evpmac_cmac_des.txt + ) unless $no_des; + push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; - plan tests => diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt.fipsmin3 openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt --- openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt.fipsmin3 2022-05-05 14:46:32.721700697 +0200 +++ openssl-3.0.1/test/recipes/30-test_evp_data/evpmac_common.txt 2022-05-05 14:51:40.205418897 +0200 diff --git a/0020-FIPS-early-KATS.patch b/0022-FIPS-early-KATS.patch similarity index 100% rename from 0020-FIPS-early-KATS.patch rename to 0022-FIPS-early-KATS.patch diff --git a/0021-Selectively-disallow-SHA1-signatures.patch b/0023-Selectively-disallow-SHA1-signatures.patch similarity index 89% rename from 0021-Selectively-disallow-SHA1-signatures.patch rename to 0023-Selectively-disallow-SHA1-signatures.patch index f18e099925c9b6664a27cf854eea9d48ce1fef08..034f0aa3973c9d2370b3fcf89430e8f318d82433 100644 --- a/0021-Selectively-disallow-SHA1-signatures.patch +++ b/0023-Selectively-disallow-SHA1-signatures.patch @@ -1,7 +1,7 @@ -From 243201772cc6d583fae9eba81cb2c2c7425bc564 Mon Sep 17 00:00:00 2001 +From e738d17c45869eda31cb94f2832e65ec7cf8afa9 Mon Sep 17 00:00:00 2001 From: Clemens Lang -Date: Mon, 21 Feb 2022 17:24:44 +0100 -Subject: Selectively disallow SHA1 signatures +Date: Wed, 17 Aug 2022 12:56:29 -0400 +Subject: [PATCH] Selectively disallow SHA1 signatures For RHEL 9.0, we want to phase out SHA1. One of the steps to do that is disabling SHA1 signatures. Introduce a new configuration option in the @@ -35,6 +35,8 @@ implementation does not know that it is signing a SHA1 hash (it could be signing arbitrary data). Resolves: rhbz#2031742 + +Signed-off-by: Stephen Gallagher --- crypto/evp/evp_cnf.c | 13 ++++ crypto/evp/m_sigver.c | 77 +++++++++++++++++++ @@ -52,7 +54,7 @@ Resolves: rhbz#2031742 13 files changed, 188 insertions(+), 9 deletions(-) diff --git a/crypto/evp/evp_cnf.c b/crypto/evp/evp_cnf.c -index 0e7fe64cf9..b9d3b6d226 100644 +index 0e7fe64cf92e4b73b3bf873895e73fa9646df86d..b9d3b6d226ca07a65d972bb8505b7976a0d02572 100644 --- a/crypto/evp/evp_cnf.c +++ b/crypto/evp/evp_cnf.c @@ -10,6 +10,7 @@ @@ -83,7 +85,7 @@ index 0e7fe64cf9..b9d3b6d226 100644 ERR_raise_data(ERR_LIB_EVP, EVP_R_UNKNOWN_OPTION, "name=%s, value=%s", oval->name, oval->value); diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c -index 9188edbc21..db1a1d7bc3 100644 +index 76a6814b424bec3479bdf61374f0178b9cd96ded..4b2f1fcfb886661d98460c240d542df2ccd5df13 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -16,6 +16,71 @@ @@ -178,7 +180,7 @@ index 9188edbc21..db1a1d7bc3 100644 if (signature->digest_verify_init == NULL) { ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR); diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c -index 2b9c6c2351..3c5a1e6f5d 100644 +index da367ed05fbe42abb328c6e23cafe99e76d26819..ee6edf1e85e71cdbe58bf7e9f443425dce100e43 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -33,6 +33,7 @@ @@ -211,7 +213,7 @@ index 2b9c6c2351..3c5a1e6f5d 100644 return EVP_PKEY_CTX_ctrl(ctx, -1, op, ctrl, 0, (void *)(md)); diff --git a/doc/man5/config.pod b/doc/man5/config.pod -index 77a8055e81..aa1be5ca7f 100644 +index a84113287c3d0edf6c67726aee7d8abb87401445..f1536258470563b4fe74f8d1e3db6d73ed316341 100644 --- a/doc/man5/config.pod +++ b/doc/man5/config.pod @@ -304,6 +304,17 @@ Within the algorithm properties section, the following names have meaning: @@ -233,7 +235,7 @@ index 77a8055e81..aa1be5ca7f 100644 The value is a boolean that can be B or B. If the value is diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h -index 1291299b6e..e234341e6a 100644 +index 934d4b089c209a16b01a364da0f528afd4d12475..45346d7d0b0c91eae4a9d4466ed314c0873cf6f6 100644 --- a/include/internal/cryptlib.h +++ b/include/internal/cryptlib.h @@ -168,7 +168,8 @@ typedef struct ossl_ex_data_global_st { @@ -247,7 +249,7 @@ index 1291299b6e..e234341e6a 100644 # define OSSL_LIB_CTX_METHOD_LOW_PRIORITY -1 # define OSSL_LIB_CTX_METHOD_DEFAULT_PRIORITY 0 diff --git a/include/internal/sslconf.h b/include/internal/sslconf.h -index fd7f7e3331..05464b0655 100644 +index fd7f7e333183dde57a283dab7372f9afb38c0eb4..05464b0655b20da2035f6781f44ac577e895fc8a 100644 --- a/include/internal/sslconf.h +++ b/include/internal/sslconf.h @@ -18,4 +18,8 @@ int conf_ssl_name_find(const char *name, size_t *idx); @@ -260,7 +262,7 @@ index fd7f7e3331..05464b0655 100644 + int loadconfig); #endif diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c -index 699ada7c52..e534ad0a5f 100644 +index 446ad6b4c11cf8dcad9dcb86df38816eff4bf772..9e47f5655957e661fa4f66f5e67a78c6c7d2fe5b 100644 --- a/providers/common/securitycheck.c +++ b/providers/common/securitycheck.c @@ -19,6 +19,7 @@ @@ -304,7 +306,7 @@ index 699ada7c52..e534ad0a5f 100644 return 1; } diff --git a/providers/common/securitycheck_default.c b/providers/common/securitycheck_default.c -index de7f0d3a0a..ce54a94fbc 100644 +index de7f0d3a0a5718bd06a55d3d92236c27ffb7d0d5..ce54a94fbc9b3f48052c0bd5acf5b0aa349c4e91 100644 --- a/providers/common/securitycheck_default.c +++ b/providers/common/securitycheck_default.c @@ -15,6 +15,7 @@ @@ -341,7 +343,7 @@ index de7f0d3a0a..ce54a94fbc 100644 return mdnid; } diff --git a/providers/implementations/signature/dsa_sig.c b/providers/implementations/signature/dsa_sig.c -index 28fd7c498e..fa3822f39f 100644 +index 28fd7c498e9922b6fabd1fafa452afe7ca3734ec..fa3822f39fd14a16c761b316e276c68868f35c7d 100644 --- a/providers/implementations/signature/dsa_sig.c +++ b/providers/implementations/signature/dsa_sig.c @@ -124,12 +124,17 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, @@ -366,7 +368,7 @@ index 28fd7c498e..fa3822f39f 100644 if (md == NULL || md_nid < 0) { if (md == NULL) diff --git a/providers/implementations/signature/ecdsa_sig.c b/providers/implementations/signature/ecdsa_sig.c -index 865d49d100..99b228e82c 100644 +index 865d49d1004f0031c82c24c218828a7d9c7269c6..99b228e82c408171bb2458244d2cf763e32a19fb 100644 --- a/providers/implementations/signature/ecdsa_sig.c +++ b/providers/implementations/signature/ecdsa_sig.c @@ -237,7 +237,11 @@ static int ecdsa_setup_md(PROV_ECDSA_CTX *ctx, const char *mdname, @@ -382,10 +384,10 @@ index 865d49d100..99b228e82c 100644 sha1_allowed); if (md_nid < 0) { diff --git a/providers/implementations/signature/rsa_sig.c b/providers/implementations/signature/rsa_sig.c -index 325e855333..bea397f0c1 100644 +index 7023a866131e38c214ac7326fdd83274dab81833..f66d7705c35add553694c5808b51d5696f678ee7 100644 --- a/providers/implementations/signature/rsa_sig.c +++ b/providers/implementations/signature/rsa_sig.c -@@ -26,6 +26,7 @@ +@@ -25,6 +25,7 @@ #include "internal/cryptlib.h" #include "internal/nelem.h" #include "internal/sizes.h" @@ -393,7 +395,7 @@ index 325e855333..bea397f0c1 100644 #include "crypto/rsa.h" #include "prov/providercommon.h" #include "prov/implementations.h" -@@ -34,6 +35,7 @@ +@@ -33,6 +34,7 @@ #include "prov/securitycheck.h" #define RSA_DEFAULT_DIGEST_NAME OSSL_DIGEST_NAME_SHA1 @@ -401,7 +403,7 @@ index 325e855333..bea397f0c1 100644 static OSSL_FUNC_signature_newctx_fn rsa_newctx; static OSSL_FUNC_signature_sign_init_fn rsa_sign_init; -@@ -289,10 +291,15 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, +@@ -288,10 +290,15 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, if (mdname != NULL) { EVP_MD *md = EVP_MD_fetch(ctx->libctx, mdname, mdprops); @@ -419,7 +421,7 @@ index 325e855333..bea397f0c1 100644 if (md == NULL || md_nid <= 0 -@@ -1348,8 +1355,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) +@@ -1347,8 +1354,15 @@ static int rsa_set_ctx_params(void *vprsactx, const OSSL_PARAM params[]) prsactx->pad_mode = pad_mode; if (prsactx->md == NULL && pmdname == NULL @@ -437,7 +439,7 @@ index 325e855333..bea397f0c1 100644 if (pmgf1mdname != NULL && !rsa_setup_mgf1_md(prsactx, pmgf1mdname, pmgf1mdprops)) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index fc32bb3556..4b74ee1a34 100644 +index 51c2283db915d792fa3020a2d7cbdc0d91fc9dca..89c1dd31c72271b1923ab972e3d3359b6c8e1a03 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -20,6 +20,7 @@ @@ -448,7 +450,7 @@ index fc32bb3556..4b74ee1a34 100644 #include "internal/nelem.h" #include "internal/sizes.h" #include "internal/tlsgroups.h" -@@ -1145,11 +1146,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx) +@@ -1150,11 +1151,13 @@ int ssl_setup_sig_algs(SSL_CTX *ctx) = OPENSSL_malloc(sizeof(*lu) * OSSL_NELEM(sigalg_lookup_tbl)); EVP_PKEY *tmpkey = EVP_PKEY_new(); int ret = 0; @@ -462,7 +464,7 @@ index fc32bb3556..4b74ee1a34 100644 for (i = 0, lu = sigalg_lookup_tbl; i < OSSL_NELEM(sigalg_lookup_tbl); lu++, i++) { EVP_PKEY_CTX *pctx; -@@ -1169,6 +1172,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx) +@@ -1174,6 +1177,11 @@ int ssl_setup_sig_algs(SSL_CTX *ctx) cache[i].enabled = 0; continue; } @@ -475,15 +477,15 @@ index fc32bb3556..4b74ee1a34 100644 if (!EVP_PKEY_set_type(tmpkey, lu->sig)) { cache[i].enabled = 0; diff --git a/util/libcrypto.num b/util/libcrypto.num -index 10b4e57d79..2d3c363bb0 100644 +index 4e729be97d7b31b4caf0c3bab06dbce908dc2628..2ad515028ac6522e43cdb48794ba2cc96de56049 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num -@@ -5426,3 +5426,5 @@ ASN1_TIME_print_ex 5553 3_0_0 EXIST::FUNCTION: - OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: - OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: +@@ -5429,3 +5429,5 @@ OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: + OSSL_CMP_CTX_reset_geninfo_ITAVs 5558 3_0_8 EXIST::FUNCTION:CMP + OSSL_CMP_MSG_update_recipNonce 5559 3_0_9 EXIST::FUNCTION:CMP ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: +ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: -- -2.35.1 +2.39.1 diff --git a/0022-FIPS-enable-pkcs12-mac.patch b/0024-FIPS-enable-pkcs12-mac.patch similarity index 100% rename from 0022-FIPS-enable-pkcs12-mac.patch rename to 0024-FIPS-enable-pkcs12-mac.patch diff --git a/0023-Support-different-R_BITS-lengths-for-KBKDF.patch b/0025-Support-different-R_BITS-lengths-for-KBKDF.patch similarity index 100% rename from 0023-Support-different-R_BITS-lengths-for-KBKDF.patch rename to 0025-Support-different-R_BITS-lengths-for-KBKDF.patch diff --git a/0025-for-tests.patch b/0025-for-tests.patch new file mode 100644 index 0000000000000000000000000000000000000000..aef200bdd7835c0ca850f9d70793ef105f14e91c --- /dev/null +++ b/0025-for-tests.patch @@ -0,0 +1,18 @@ +diff -up openssl-3.0.0/apps/openssl.cnf.xxx openssl-3.0.0/apps/openssl.cnf +--- openssl-3.0.0/apps/openssl.cnf.xxx 2021-11-23 16:29:50.618691603 +0100 ++++ openssl-3.0.0/apps/openssl.cnf 2021-11-23 16:28:16.872882099 +0100 +@@ -55,11 +55,11 @@ providers = provider_sect + # to side-channel attacks and as such have been deprecated. + + [provider_sect] +-default = default_sect ++##default = default_sect + ##legacy = legacy_sect + ## +-[default_sect] +-activate = 1 ++##[default_sect] ++##activate = 1 + + ##[legacy_sect] + ##activate = 1 diff --git a/0024-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch b/0026-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch similarity index 87% rename from 0024-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch rename to 0026-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch index 5208f40b3fe3cfe360f42d311b1d328f4b7b154f..52da96488c0e6c56a9d1533963f9df844b8b1f23 100644 --- a/0024-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch +++ b/0026-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch @@ -1,7 +1,8 @@ -From c63599ee9708d543205a9173207ee7167315c624 Mon Sep 17 00:00:00 2001 +From b9e2912acb72837b2fdef5cd8f96dc4e0d2a8fea Mon Sep 17 00:00:00 2001 From: Clemens Lang Date: Tue, 1 Mar 2022 15:44:18 +0100 -Subject: [PATCH] Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes +Subject: [PATCH 23/38] Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = + yes References: rhbz#2055796 --- @@ -12,7 +13,7 @@ References: rhbz#2055796 4 files changed, 79 insertions(+), 18 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c -index ff3ca83de6..a549c1c111 100644 +index 9384f1da9bad9e104550ff270d9ae8dc61da073d..859d5caf4529e193336022bc8a4bdd640df26066 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -25,6 +25,7 @@ @@ -23,7 +24,7 @@ index ff3ca83de6..a549c1c111 100644 #include "crypto/x509.h" #include "x509_local.h" -@@ -3440,14 +3441,30 @@ static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert) +@@ -3430,14 +3431,30 @@ static int check_sig_level(X509_STORE_CTX *ctx, X509 *cert) { int secbits = -1; int level = ctx->param->auth_level; @@ -56,10 +57,10 @@ index ff3ca83de6..a549c1c111 100644 return secbits >= minbits_table[level - 1]; } diff --git a/doc/man5/config.pod b/doc/man5/config.pod -index aa1be5ca7f..aa69e2b844 100644 +index f7ac6a743b44c786cf18ccf2ed28105855ceb3ac..f850075d2d0da73e2ab8fc402b1884d3ef6254a8 100644 --- a/doc/man5/config.pod +++ b/doc/man5/config.pod -@@ -305,7 +305,12 @@ When set to B, any attempt to create or verify a signature with a SHA1 +@@ -313,7 +313,12 @@ When set to B, any attempt to create or verify a signature with a SHA1 digest will fail. For compatibility with older versions of OpenSSL, set this option to B. This setting also affects TLS, where signature algorithms that use SHA1 as digest will no longer be supported if this option is set to @@ -74,7 +75,7 @@ index aa1be5ca7f..aa69e2b844 100644 =item B (deprecated) diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c -index 4b74ee1a34..5f089de107 100644 +index 89c1dd31c72271b1923ab972e3d3359b6c8e1a03..831e594c00f1c048c9cd920b6c7e62cd6d7a06ed 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -20,6 +20,7 @@ @@ -85,7 +86,7 @@ index 4b74ee1a34..5f089de107 100644 #include "internal/sslconf.h" #include "internal/nelem.h" #include "internal/sizes.h" -@@ -1561,19 +1562,27 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey) +@@ -1566,19 +1567,27 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey) SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_UNKNOWN_DIGEST); return 0; } @@ -126,7 +127,7 @@ index 4b74ee1a34..5f089de107 100644 } /* Store the sigalg the peer uses */ s->s3.tmp.peer_sigalg = lu; -@@ -2106,6 +2115,14 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu) +@@ -2116,6 +2125,14 @@ static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu) } } @@ -141,7 +142,7 @@ index 4b74ee1a34..5f089de107 100644 /* Finally see if security callback allows it */ secbits = sigalg_security_bits(s->ctx, lu); sigalgstr[0] = (lu->sigalg >> 8) & 0xff; -@@ -2977,6 +2994,8 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op) +@@ -2985,6 +3002,8 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op) { /* Lookup signature algorithm digest */ int secbits, nid, pknid; @@ -150,7 +151,7 @@ index 4b74ee1a34..5f089de107 100644 /* Don't check signature if self signed */ if ((X509_get_extension_flags(x) & EXFLAG_SS) != 0) return 1; -@@ -2985,6 +3004,25 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op) +@@ -2993,6 +3012,25 @@ static int ssl_security_cert_sig(SSL *s, SSL_CTX *ctx, X509 *x, int op) /* If digest NID not defined use signature NID */ if (nid == NID_undef) nid = pknid; @@ -177,19 +178,19 @@ index 4b74ee1a34..5f089de107 100644 return ssl_security(s, op, secbits, nid, x); else diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t -index 700bbd849c..2de1d76b5e 100644 +index 2a4c36e86daff04f87ad4726a9fb359d958189bf..309cda877d15ff18f5e492c05372f5c9f1393525 100644 --- a/test/recipes/25-test_verify.t +++ b/test/recipes/25-test_verify.t @@ -29,7 +29,7 @@ sub verify { run(app([@args])); } --plan tests => 163; -+plan tests => 162; +-plan tests => 166; ++plan tests => 165; # Canonical success ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), -@@ -387,8 +387,9 @@ ok(verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "0" +@@ -419,8 +419,9 @@ ok(verify("ee-pss-sha1-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "0" ok(verify("ee-pss-sha256-cert", "", ["root-cert"], ["ca-cert"], ), "CA with PSS signature using SHA256"); @@ -202,5 +203,5 @@ index 700bbd849c..2de1d76b5e 100644 ok(verify("ee-pss-sha256-cert", "", ["root-cert"], ["ca-cert"], "-auth_level", "2"), "PSS signature using SHA256 and auth level 2"); -- -2.35.1 +2.39.1 diff --git a/0025-strcasecmp.patch b/0027-strcasecmp.patch similarity index 45% rename from 0025-strcasecmp.patch rename to 0027-strcasecmp.patch index 8a005e60c7d2c900c8e62f94cbf5df1eabeb9c5e..42cd5300940e572f45f960132ceb21ec63790311 100644 --- a/0025-strcasecmp.patch +++ b/0027-strcasecmp.patch @@ -1,19 +1,8 @@ -diff -up openssl-3.0.3/util/libcrypto.num.locale openssl-3.0.3/util/libcrypto.num ---- openssl-3.0.3/util/libcrypto.num.locale 2022-06-01 12:35:52.667498724 +0200 -+++ openssl-3.0.3/util/libcrypto.num 2022-06-01 12:36:08.112633093 +0200 -@@ -5425,6 +5425,8 @@ ASN1_item_d2i_ex - EVP_PKEY_CTX_get0_provider 5555 3_0_0 EXIST::FUNCTION: - OPENSSL_strcasecmp 5556 3_0_3 EXIST::FUNCTION: - OPENSSL_strncasecmp 5557 3_0_3 EXIST::FUNCTION: -+OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION: -+OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION: - ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: - ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: - ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: -diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c ---- openssl-3.0.7/crypto/o_str.c.cmp 2022-11-25 12:50:22.449760653 +0100 -+++ openssl-3.0.7/crypto/o_str.c 2022-11-25 12:51:19.416350584 +0100 -@@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char +diff --git a/crypto/o_str.c b/crypto/o_str.c +index 7fa487d..be3d60b 100644 +--- a/crypto/o_str.c ++++ b/crypto/o_str.c +@@ -342,7 +342,12 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen) #endif } @@ -27,7 +16,7 @@ diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c { int t; -@@ -352,7 +354,12 @@ int OPENSSL_strcasecmp(const char *s1, c +@@ -352,7 +357,12 @@ int OPENSSL_strcasecmp(const char *s1, const char *s2) return t; } @@ -41,10 +30,11 @@ diff -up openssl-3.0.7/crypto/o_str.c.cmp openssl-3.0.7/crypto/o_str.c { int t; size_t i; -diff -up openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp openssl-3.0.7/test/recipes/01-test_symbol_presence.t ---- openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp 2022-11-25 18:19:05.669769076 +0100 -+++ openssl-3.0.7/test/recipes/01-test_symbol_presence.t 2022-11-25 18:31:20.993392678 +0100 -@@ -77,6 +80,7 @@ foreach my $libname (@libnames) { +diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t +index 5530ade..238a8d7 100644 +--- a/test/recipes/01-test_symbol_presence.t ++++ b/test/recipes/01-test_symbol_presence.t +@@ -77,6 +77,7 @@ foreach my $libname (@libnames) { s| .*||; # Drop OpenSSL dynamic version information if there is any s|\@\@.+$||; @@ -52,3 +42,13 @@ diff -up openssl-3.0.7/test/recipes/01-test_symbol_presence.t.cmp openssl-3.0.7/ # Return the result $_ } +diff --git a/util/libcrypto.num b/util/libcrypto.num +index 40221eb..3b9492d 100644 +--- a/util/libcrypto.num ++++ b/util/libcrypto.num +@@ -5432,3 +5432,5 @@ OSSL_CMP_MSG_update_recipNonce 5559 3_0_9 EXIST::FUNCTION:CMP + ossl_safe_getenv ? 3_0_0 EXIST::FUNCTION: + ossl_ctx_legacy_digest_signatures_allowed ? 3_0_1 EXIST::FUNCTION: + ossl_ctx_legacy_digest_signatures_allowed_set ? 3_0_1 EXIST::FUNCTION: ++OPENSSL_strcasecmp ? 3_0_1 EXIST::FUNCTION: ++OPENSSL_strncasecmp ? 3_0_1 EXIST::FUNCTION: diff --git a/0026-FIPS-limit-rsa-encrypt.patch b/0028-FIPS-limit-rsa-encrypt.patch similarity index 99% rename from 0026-FIPS-limit-rsa-encrypt.patch rename to 0028-FIPS-limit-rsa-encrypt.patch index 6dcf7c0138f7dab4a74e79ef8f662976fa1ba703..5f13cc1d2778bf3fa25d1d6855ebcbd9201d096b 100644 --- a/0026-FIPS-limit-rsa-encrypt.patch +++ b/0028-FIPS-limit-rsa-encrypt.patch @@ -136,7 +136,7 @@ diff -up openssl-3.0.1/test/recipes/80-test_ssl_old.t.no_bad_pad openssl-3.0.1/t diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt --- openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fipskeylen 2022-06-16 14:26:19.383530498 +0200 +++ openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt 2022-06-16 14:39:53.637777701 +0200 -@@ -263,12 +263,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974 +@@ -263,13 +263,13 @@ Input = 64b0e9f9892371110c40ba5739dc0974 Output = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef # RSA decrypt @@ -147,6 +147,7 @@ diff -up openssl-3.0.1/test/recipes/30-test_evp_data/evppkey_rsa_common.txt.fips Output = "Hello World" # Corrupted ciphertext +-FIPSversion = <3.2.0 +Availablein = default Decrypt = RSA-2048 Input = 550AF55A2904E7B9762352F8FB7FA235A9CB053AACB2D5FCB8CA48453CB2EE3619746C701ABF2D4CC67003471A187900B05AA812BD25ED05C675DFC8C97A24A7BF49BD6214992CAD766D05A9A2B57B74F26A737E0237B8B76C45F1F226A836D7CFBC75BA999BDBE48DBC09227AA46C88F21DCCBA7840141AD5A5D71FD122E6BD6AC3E564780DFE623FC1CA9B995A6037BF0BBD43B205A84AC5444F34202C05CE9113087176432476576DE6FFFF9A52EA57C08BE3EC2F49676CB8E12F762AC71FA3C321E00AC988910C85FF52F93825666CE0D40FFAA0592078919D4493F46D95CCF76364C6D57760DD0B64805F9AFC76A2365A5575CA301D5103F0EA76CB9A79 diff --git a/0027-FIPS-KAT-signature-tests.patch b/0029-FIPS-KAT-signature-tests.patch similarity index 99% rename from 0027-FIPS-KAT-signature-tests.patch rename to 0029-FIPS-KAT-signature-tests.patch index 184b150b004ef4bf7151566d10481b465030845a..f4d62c202d885f02f647c7974b491daff849336f 100644 --- a/0027-FIPS-KAT-signature-tests.patch +++ b/0029-FIPS-KAT-signature-tests.patch @@ -48,14 +48,14 @@ diff -up openssl-3.0.1/crypto/ec/ecdsa_ossl.c.fips_kat_signature openssl-3.0.1/c @@ -20,6 +20,10 @@ #include "crypto/bn.h" #include "ec_local.h" - + +#ifdef FIPS_MODULE +extern int REDHAT_FIPS_signature_st; +#endif + - int ossl_ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, - BIGNUM **rp) - { + #define MIN_ECDSA_SIGN_ORDERBITS 64 + /* + * It is highly unlikely that a retry will happen, @@ -126,6 +130,11 @@ static int ecdsa_sign_setup(EC_KEY *ecke goto err; diff --git a/0028-Deny-SHA-1-signature-verification-in-FIPS-provider.patch b/0030-Deny-SHA-1-signature-verification-in-FIPS-provider.patch similarity index 100% rename from 0028-Deny-SHA-1-signature-verification-in-FIPS-provider.patch rename to 0030-Deny-SHA-1-signature-verification-in-FIPS-provider.patch diff --git a/0029-fips-Expose-a-FIPS-indicator.patch b/0031-fips-Expose-a-FIPS-indicator.patch similarity index 100% rename from 0029-fips-Expose-a-FIPS-indicator.patch rename to 0031-fips-Expose-a-FIPS-indicator.patch diff --git a/0030-AES-GCM-performance-optimization.patch b/0032-AES-GCM-performance-optimization.patch similarity index 100% rename from 0030-AES-GCM-performance-optimization.patch rename to 0032-AES-GCM-performance-optimization.patch diff --git a/0031-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch b/0033-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch similarity index 99% rename from 0031-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch rename to 0033-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch index eeafbfa90a3041b06a78219111679dff5d4d4445..85338b93694b68b594f7ebe9d3eb7d30e78d811c 100644 --- a/0031-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch +++ b/0033-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch @@ -295,7 +295,7 @@ index 00cf65fcd6..83be3d8ede 100644 static void *rsa_newctx(void *provctx) @@ -190,12 +196,21 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, - return 0; + } } ret = - ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, diff --git a/0032-FIPS-Use-digest_sign-digest_verify-in-self-test.patch b/0034-FIPS-Use-digest_sign-digest_verify-in-self-test.patch similarity index 100% rename from 0032-FIPS-Use-digest_sign-digest_verify-in-self-test.patch rename to 0034-FIPS-Use-digest_sign-digest_verify-in-self-test.patch diff --git a/0033-FIPS-Use-FFDHE2048-in-self-test.patch b/0035-FIPS-Use-FFDHE2048-in-self-test.patch similarity index 100% rename from 0033-FIPS-Use-FFDHE2048-in-self-test.patch rename to 0035-FIPS-Use-FFDHE2048-in-self-test.patch diff --git a/0034-FIPS-140-3-DRBG.patch b/0036-FIPS-140-3-DRBG.patch similarity index 100% rename from 0034-FIPS-140-3-DRBG.patch rename to 0036-FIPS-140-3-DRBG.patch diff --git a/0035-FIPS-140-3-zeroization.patch b/0037-FIPS-140-3-zeroization.patch similarity index 100% rename from 0035-FIPS-140-3-zeroization.patch rename to 0037-FIPS-140-3-zeroization.patch diff --git a/0036-Add-FIPS-indicator-parameter-to-HKDF.patch b/0038-Add-FIPS-indicator-parameter-to-HKDF.patch similarity index 100% rename from 0036-Add-FIPS-indicator-parameter-to-HKDF.patch rename to 0038-Add-FIPS-indicator-parameter-to-HKDF.patch diff --git a/0037-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch b/0039-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch similarity index 100% rename from 0037-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch rename to 0039-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch diff --git a/0038-signature-Remove-X9.31-padding-from-FIPS-prov.patch b/0040-signature-Remove-X9.31-padding-from-FIPS-prov.patch similarity index 100% rename from 0038-signature-Remove-X9.31-padding-from-FIPS-prov.patch rename to 0040-signature-Remove-X9.31-padding-from-FIPS-prov.patch diff --git a/0039-kbkdf-Add-explicit-FIPS-indicator-for-key-length.patch b/0041-kbkdf-Add-explicit-FIPS-indicator-for-key-length.patch similarity index 100% rename from 0039-kbkdf-Add-explicit-FIPS-indicator-for-key-length.patch rename to 0041-kbkdf-Add-explicit-FIPS-indicator-for-key-length.patch diff --git a/0040-hmac-Add-explicit-FIPS-indicator-for-key-length.patch b/0042-hmac-Add-explicit-FIPS-indicator-for-key-length.patch similarity index 100% rename from 0040-hmac-Add-explicit-FIPS-indicator-for-key-length.patch rename to 0042-hmac-Add-explicit-FIPS-indicator-for-key-length.patch diff --git a/0041-pbkdf2-Set-minimum-password-length-of-8-bytes.patch b/0043-pbkdf2-Set-minimum-password-length-of-8-bytes.patch similarity index 100% rename from 0041-pbkdf2-Set-minimum-password-length-of-8-bytes.patch rename to 0043-pbkdf2-Set-minimum-password-length-of-8-bytes.patch diff --git a/0042-FIPS-RSA-disable-shake.patch b/0044-FIPS-RSA-disable-shake.patch similarity index 100% rename from 0042-FIPS-RSA-disable-shake.patch rename to 0044-FIPS-RSA-disable-shake.patch diff --git a/0044-PSS-salt-length-from-provider.patch b/0044-PSS-salt-length-from-provider.patch deleted file mode 100644 index 8e617477b406a3253a0d9fa39cd5ea91f44f7379..0000000000000000000000000000000000000000 --- a/0044-PSS-salt-length-from-provider.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 0879fac692cb1bff0ec4c196cb364d970ad3ecec Mon Sep 17 00:00:00 2001 -From: Clemens Lang -Date: Mon, 21 Nov 2022 14:33:57 +0100 -Subject: [PATCH 2/3] Obtain PSS salt length from provider - -Rather than computing the PSS salt length again in core using -ossl_rsa_ctx_to_pss_string, which calls rsa_ctx_to_pss and computes the -salt length, obtain it from the provider using the -OSSL_SIGNATURE_PARAM_ALGORITHM_ID param to handle the case where the -interpretation of the magic constants in the provider differs from that -of OpenSSL core. - -Signed-off-by: Clemens Lang ---- - crypto/cms/cms_rsa.c | 19 +++++++++++++++---- - crypto/rsa/rsa_ameth.c | 34 +++++++++++++++++++++------------- - 2 files changed, 36 insertions(+), 17 deletions(-) - -diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c -index 20ed816918..997567fdbf 100644 ---- a/crypto/cms/cms_rsa.c -+++ b/crypto/cms/cms_rsa.c -@@ -10,6 +10,7 @@ - #include - #include - #include -+#include - #include "crypto/asn1.h" - #include "crypto/rsa.h" - #include "cms_local.h" -@@ -191,7 +192,10 @@ static int rsa_cms_sign(CMS_SignerInfo *si) - int pad_mode = RSA_PKCS1_PADDING; - X509_ALGOR *alg; - EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si); -- ASN1_STRING *os = NULL; -+ unsigned char aid[128]; -+ const unsigned char *pp = aid; -+ size_t aid_len = 0; -+ OSSL_PARAM params[2]; - - CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); - if (pkctx != NULL) { -@@ -205,10 +209,17 @@ static int rsa_cms_sign(CMS_SignerInfo *si) - /* We don't support it */ - if (pad_mode != RSA_PKCS1_PSS_PADDING) - return 0; -- os = ossl_rsa_ctx_to_pss_string(pkctx); -- if (os == NULL) -+ -+ params[0] = OSSL_PARAM_construct_octet_string( -+ OSSL_SIGNATURE_PARAM_ALGORITHM_ID, aid, sizeof(aid)); -+ params[1] = OSSL_PARAM_construct_end(); -+ -+ if (EVP_PKEY_CTX_get_params(pkctx, params) <= 0) -+ return 0; -+ if ((aid_len = params[0].return_size) == 0) -+ return 0; -+ if (d2i_X509_ALGOR(&alg, &pp, aid_len) == NULL) - return 0; -- X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os); - return 1; - } - -diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c -index c15554505b..61ec53d424 100644 ---- a/crypto/rsa/rsa_ameth.c -+++ b/crypto/rsa/rsa_ameth.c -@@ -637,22 +637,30 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *asn, - if (pad_mode == RSA_PKCS1_PADDING) - return 2; - if (pad_mode == RSA_PKCS1_PSS_PADDING) { -- ASN1_STRING *os1 = NULL; -- os1 = ossl_rsa_ctx_to_pss_string(pkctx); -- if (!os1) -+ unsigned char aid[128]; -+ size_t aid_len = 0; -+ OSSL_PARAM params[2]; -+ -+ params[0] = OSSL_PARAM_construct_octet_string( -+ OSSL_SIGNATURE_PARAM_ALGORITHM_ID, aid, sizeof(aid)); -+ params[1] = OSSL_PARAM_construct_end(); -+ -+ if (EVP_PKEY_CTX_get_params(pkctx, params) <= 0) - return 0; -- /* Duplicate parameters if we have to */ -- if (alg2) { -- ASN1_STRING *os2 = ASN1_STRING_dup(os1); -- if (!os2) { -- ASN1_STRING_free(os1); -+ if ((aid_len = params[0].return_size) == 0) -+ return 0; -+ -+ if (alg1 != NULL) { -+ const unsigned char *pp = aid; -+ if (d2i_X509_ALGOR(&alg1, &pp, aid_len) == NULL) -+ return 0; -+ } -+ if (alg2 != NULL) { -+ const unsigned char *pp = aid; -+ if (d2i_X509_ALGOR(&alg2, &pp, aid_len) == NULL) - return 0; -- } -- X509_ALGOR_set0(alg2, OBJ_nid2obj(EVP_PKEY_RSA_PSS), -- V_ASN1_SEQUENCE, os2); - } -- X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_RSA_PSS), -- V_ASN1_SEQUENCE, os1); -+ - return 3; - } - return 2; --- -2.38.1 - diff --git a/0043-signature-Add-indicator-for-PSS-salt-length.patch b/0045-signature-Add-indicator-for-PSS-salt-length.patch similarity index 100% rename from 0043-signature-Add-indicator-for-PSS-salt-length.patch rename to 0045-signature-Add-indicator-for-PSS-salt-length.patch diff --git a/0045-signature-Clamp-PSS-salt-len-to-MD-len.patch b/0046-signature-Clamp-PSS-salt-len-to-MD-len.patch similarity index 100% rename from 0045-signature-Clamp-PSS-salt-len-to-MD-len.patch rename to 0046-signature-Clamp-PSS-salt-len-to-MD-len.patch diff --git a/0046-FIPS-RSA-encapsulate.patch b/0047-FIPS-RSA-encapsulate.patch similarity index 100% rename from 0046-FIPS-RSA-encapsulate.patch rename to 0047-FIPS-RSA-encapsulate.patch diff --git a/0047-provider-improvements.patch b/0047-provider-improvements.patch deleted file mode 100644 index b850fc323d2e5c24bbba43dcd49eb3fba8948cd9..0000000000000000000000000000000000000000 --- a/0047-provider-improvements.patch +++ /dev/null @@ -1,705 +0,0 @@ -From 98642df4ba886818900ab7e6b23703544e6addd4 Mon Sep 17 00:00:00 2001 -From: Simo Sorce -Date: Thu, 10 Nov 2022 10:46:32 -0500 -Subject: [PATCH 1/3] Propagate selection all the way on key export - -EVP_PKEY_eq() is used to check, among other things, if a certificate -public key corresponds to a private key. When the private key belongs to -a provider that does not allow to export private keys this currently -fails as the internal functions used to import/export keys ignored the -selection given (which specifies that only the public key needs to be -considered) and instead tries to export everything. - -This patch allows to propagate the selection all the way down including -adding it in the cache so that a following operation actually looking -for other selection parameters does not mistakenly pick up an export -containing only partial information. - -Signed-off-by: Simo Sorce - -Reviewed-by: Dmitry Belyavskiy -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/19648) - -diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c -index b06730dc7a..2d0238ee27 100644 ---- a/crypto/evp/keymgmt_lib.c -+++ b/crypto/evp/keymgmt_lib.c -@@ -93,7 +93,8 @@ int evp_keymgmt_util_export(const EVP_PKEY *pk, int selection, - export_cb, export_cbarg); - } - --void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) -+void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, -+ int selection) - { - struct evp_keymgmt_util_try_import_data_st import_data; - OP_CACHE_ELEM *op; -@@ -127,7 +128,7 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) - */ - if (pk->dirty_cnt == pk->dirty_cnt_copy) { - /* If this key is already exported to |keymgmt|, no more to do */ -- op = evp_keymgmt_util_find_operation_cache(pk, keymgmt); -+ op = evp_keymgmt_util_find_operation_cache(pk, keymgmt, selection); - if (op != NULL && op->keymgmt != NULL) { - void *ret = op->keydata; - -@@ -157,13 +158,13 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) - /* Setup for the export callback */ - import_data.keydata = NULL; /* evp_keymgmt_util_try_import will create it */ - import_data.keymgmt = keymgmt; -- import_data.selection = OSSL_KEYMGMT_SELECT_ALL; -+ import_data.selection = selection; - - /* - * The export function calls the callback (evp_keymgmt_util_try_import), - * which does the import for us. If successful, we're done. - */ -- if (!evp_keymgmt_util_export(pk, OSSL_KEYMGMT_SELECT_ALL, -+ if (!evp_keymgmt_util_export(pk, selection, - &evp_keymgmt_util_try_import, &import_data)) - /* If there was an error, bail out */ - return NULL; -@@ -173,7 +174,7 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) - return NULL; - } - /* Check to make sure some other thread didn't get there first */ -- op = evp_keymgmt_util_find_operation_cache(pk, keymgmt); -+ op = evp_keymgmt_util_find_operation_cache(pk, keymgmt, selection); - if (op != NULL && op->keydata != NULL) { - void *ret = op->keydata; - -@@ -196,7 +197,8 @@ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt) - evp_keymgmt_util_clear_operation_cache(pk, 0); - - /* Add the new export to the operation cache */ -- if (!evp_keymgmt_util_cache_keydata(pk, keymgmt, import_data.keydata)) { -+ if (!evp_keymgmt_util_cache_keydata(pk, keymgmt, import_data.keydata, -+ selection)) { - CRYPTO_THREAD_unlock(pk->lock); - evp_keymgmt_freedata(keymgmt, import_data.keydata); - return NULL; -@@ -232,7 +234,8 @@ int evp_keymgmt_util_clear_operation_cache(EVP_PKEY *pk, int locking) - } - - OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk, -- EVP_KEYMGMT *keymgmt) -+ EVP_KEYMGMT *keymgmt, -+ int selection) - { - int i, end = sk_OP_CACHE_ELEM_num(pk->operation_cache); - OP_CACHE_ELEM *p; -@@ -243,14 +246,14 @@ OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk, - */ - for (i = 0; i < end; i++) { - p = sk_OP_CACHE_ELEM_value(pk->operation_cache, i); -- if (keymgmt == p->keymgmt) -+ if (keymgmt == p->keymgmt && (p->selection & selection) == selection) - return p; - } - return NULL; - } - --int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, -- EVP_KEYMGMT *keymgmt, void *keydata) -+int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, -+ void *keydata, int selection) - { - OP_CACHE_ELEM *p = NULL; - -@@ -266,6 +269,7 @@ int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, - return 0; - p->keydata = keydata; - p->keymgmt = keymgmt; -+ p->selection = selection; - - if (!EVP_KEYMGMT_up_ref(keymgmt)) { - OPENSSL_free(p); -@@ -391,7 +395,8 @@ int evp_keymgmt_util_match(EVP_PKEY *pk1, EVP_PKEY *pk2, int selection) - ok = 1; - if (keydata1 != NULL) { - tmp_keydata = -- evp_keymgmt_util_export_to_provider(pk1, keymgmt2); -+ evp_keymgmt_util_export_to_provider(pk1, keymgmt2, -+ selection); - ok = (tmp_keydata != NULL); - } - if (ok) { -@@ -411,7 +416,8 @@ int evp_keymgmt_util_match(EVP_PKEY *pk1, EVP_PKEY *pk2, int selection) - ok = 1; - if (keydata2 != NULL) { - tmp_keydata = -- evp_keymgmt_util_export_to_provider(pk2, keymgmt1); -+ evp_keymgmt_util_export_to_provider(pk2, keymgmt1, -+ selection); - ok = (tmp_keydata != NULL); - } - if (ok) { -diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c -index 70d17ec37e..905e9c9ce4 100644 ---- a/crypto/evp/p_lib.c -+++ b/crypto/evp/p_lib.c -@@ -1822,6 +1822,7 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - { - EVP_KEYMGMT *allocated_keymgmt = NULL; - EVP_KEYMGMT *tmp_keymgmt = NULL; -+ int selection = OSSL_KEYMGMT_SELECT_ALL; - void *keydata = NULL; - int check; - -@@ -1883,7 +1884,8 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - if (pk->ameth->dirty_cnt(pk) == pk->dirty_cnt_copy) { - if (!CRYPTO_THREAD_read_lock(pk->lock)) - goto end; -- op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt); -+ op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, -+ selection); - - /* - * If |tmp_keymgmt| is present in the operation cache, it means -@@ -1938,7 +1940,7 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - EVP_KEYMGMT_free(tmp_keymgmt); /* refcnt-- */ - - /* Check to make sure some other thread didn't get there first */ -- op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt); -+ op = evp_keymgmt_util_find_operation_cache(pk, tmp_keymgmt, selection); - if (op != NULL && op->keymgmt != NULL) { - void *tmp_keydata = op->keydata; - -@@ -1949,7 +1951,8 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - } - - /* Add the new export to the operation cache */ -- if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata)) { -+ if (!evp_keymgmt_util_cache_keydata(pk, tmp_keymgmt, keydata, -+ selection)) { - CRYPTO_THREAD_unlock(pk->lock); - evp_keymgmt_freedata(tmp_keymgmt, keydata); - keydata = NULL; -@@ -1964,7 +1967,7 @@ void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, - } - #endif /* FIPS_MODULE */ - -- keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt); -+ keydata = evp_keymgmt_util_export_to_provider(pk, tmp_keymgmt, selection); - - end: - /* -diff --git a/include/crypto/evp.h b/include/crypto/evp.h -index f601b72807..dbbdcccbda 100644 ---- a/include/crypto/evp.h -+++ b/include/crypto/evp.h -@@ -589,6 +589,7 @@ int evp_cipher_asn1_to_param_ex(EVP_CIPHER_CTX *c, ASN1_TYPE *type, - typedef struct { - EVP_KEYMGMT *keymgmt; - void *keydata; -+ int selection; - } OP_CACHE_ELEM; - - DEFINE_STACK_OF(OP_CACHE_ELEM) -@@ -778,12 +779,14 @@ EVP_PKEY *evp_keymgmt_util_make_pkey(EVP_KEYMGMT *keymgmt, void *keydata); - - int evp_keymgmt_util_export(const EVP_PKEY *pk, int selection, - OSSL_CALLBACK *export_cb, void *export_cbarg); --void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt); -+void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, -+ int selection); - OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk, -- EVP_KEYMGMT *keymgmt); -+ EVP_KEYMGMT *keymgmt, -+ int selection); - int evp_keymgmt_util_clear_operation_cache(EVP_PKEY *pk, int locking); --int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, -- EVP_KEYMGMT *keymgmt, void *keydata); -+int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, -+ void *keydata, int selection); - void evp_keymgmt_util_cache_keyinfo(EVP_PKEY *pk); - void *evp_keymgmt_util_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt, - int selection, const OSSL_PARAM params[]); --- -2.38.1 - -From 504427eb5f32108dd64ff7858012863fe47b369b Mon Sep 17 00:00:00 2001 -From: Simo Sorce -Date: Thu, 10 Nov 2022 16:58:28 -0500 -Subject: [PATCH 2/3] Update documentation for keymgmt export utils - -Change function prototypes and explain how to use the selection -argument. - -Signed-off-by: Simo Sorce - -Reviewed-by: Dmitry Belyavskiy -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/19648) - -diff --git a/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod b/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod -index 1fee9f6ff9..7099e44964 100644 ---- a/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod -+++ b/doc/internal/man3/evp_keymgmt_util_export_to_provider.pod -@@ -20,12 +20,14 @@ OP_CACHE_ELEM - - int evp_keymgmt_util_export(const EVP_PKEY *pk, int selection, - OSSL_CALLBACK *export_cb, void *export_cbarg); -- void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt); -+ void *evp_keymgmt_util_export_to_provider(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, -+ int selection); - OP_CACHE_ELEM *evp_keymgmt_util_find_operation_cache(EVP_PKEY *pk, -- EVP_KEYMGMT *keymgmt); -+ EVP_KEYMGMT *keymgmt, -+ int selection); - int evp_keymgmt_util_clear_operation_cache(EVP_PKEY *pk, int locking); -- int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, -- EVP_KEYMGMT *keymgmt, void *keydata); -+ int evp_keymgmt_util_cache_keydata(EVP_PKEY *pk, EVP_KEYMGMT *keymgmt, -+ void *keydata, int selection); - void evp_keymgmt_util_cache_keyinfo(EVP_PKEY *pk); - void *evp_keymgmt_util_fromdata(EVP_PKEY *target, EVP_KEYMGMT *keymgmt, - int selection, const OSSL_PARAM params[]); -@@ -65,6 +67,11 @@ evp_keymgmt_util_fromdata() can be used to add key object data to a - given key I via a B interface. This is used as a - helper for L. - -+In all functions that take a I argument, the selection is used to -+constraint the information requested on export. It is also used in the cache -+so that key data is guaranteed to contain all the information requested in -+the selection. -+ - =head1 RETURN VALUES - - evp_keymgmt_export_to_provider() and evp_keymgmt_util_fromdata() --- -2.38.1 - -From e5202fbd461cb6c067874987998e91c6093e5267 Mon Sep 17 00:00:00 2001 -From: Simo Sorce -Date: Fri, 11 Nov 2022 12:18:26 -0500 -Subject: [PATCH 3/3] Add test for EVP_PKEY_eq - -This tests that the comparison work even if a provider can only return -a public key. - -Signed-off-by: Simo Sorce - -Reviewed-by: Dmitry Belyavskiy -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/19648) - -diff --git a/test/fake_rsaprov.c b/test/fake_rsaprov.c -index d556551bb6..5e92e72d4b 100644 ---- a/test/fake_rsaprov.c -+++ b/test/fake_rsaprov.c -@@ -22,24 +22,34 @@ static OSSL_FUNC_keymgmt_has_fn fake_rsa_keymgmt_has; - static OSSL_FUNC_keymgmt_query_operation_name_fn fake_rsa_keymgmt_query; - static OSSL_FUNC_keymgmt_import_fn fake_rsa_keymgmt_import; - static OSSL_FUNC_keymgmt_import_types_fn fake_rsa_keymgmt_imptypes; -+static OSSL_FUNC_keymgmt_export_fn fake_rsa_keymgmt_export; -+static OSSL_FUNC_keymgmt_export_types_fn fake_rsa_keymgmt_exptypes; - static OSSL_FUNC_keymgmt_load_fn fake_rsa_keymgmt_load; - - static int has_selection; - static int imptypes_selection; -+static int exptypes_selection; - static int query_id; - -+struct fake_rsa_keydata { -+ int selection; -+ int status; -+}; -+ - static void *fake_rsa_keymgmt_new(void *provctx) - { -- unsigned char *keydata = OPENSSL_zalloc(1); -+ struct fake_rsa_keydata *key; - -- TEST_ptr(keydata); -+ if (!TEST_ptr(key = OPENSSL_zalloc(sizeof(struct fake_rsa_keydata)))) -+ return NULL; - - /* clear test globals */ - has_selection = 0; - imptypes_selection = 0; -+ exptypes_selection = 0; - query_id = 0; - -- return keydata; -+ return key; - } - - static void fake_rsa_keymgmt_free(void *keydata) -@@ -67,14 +77,104 @@ static const char *fake_rsa_keymgmt_query(int id) - static int fake_rsa_keymgmt_import(void *keydata, int selection, - const OSSL_PARAM *p) - { -- unsigned char *fake_rsa_key = keydata; -+ struct fake_rsa_keydata *fake_rsa_key = keydata; - - /* key was imported */ -- *fake_rsa_key = 1; -+ fake_rsa_key->status = 1; - - return 1; - } - -+static unsigned char fake_rsa_n[] = -+ "\x00\xAA\x36\xAB\xCE\x88\xAC\xFD\xFF\x55\x52\x3C\x7F\xC4\x52\x3F" -+ "\x90\xEF\xA0\x0D\xF3\x77\x4A\x25\x9F\x2E\x62\xB4\xC5\xD9\x9C\xB5" -+ "\xAD\xB3\x00\xA0\x28\x5E\x53\x01\x93\x0E\x0C\x70\xFB\x68\x76\x93" -+ "\x9C\xE6\x16\xCE\x62\x4A\x11\xE0\x08\x6D\x34\x1E\xBC\xAC\xA0\xA1" -+ "\xF5"; -+ -+static unsigned char fake_rsa_e[] = "\x11"; -+ -+static unsigned char fake_rsa_d[] = -+ "\x0A\x03\x37\x48\x62\x64\x87\x69\x5F\x5F\x30\xBC\x38\xB9\x8B\x44" -+ "\xC2\xCD\x2D\xFF\x43\x40\x98\xCD\x20\xD8\xA1\x38\xD0\x90\xBF\x64" -+ "\x79\x7C\x3F\xA7\xA2\xCD\xCB\x3C\xD1\xE0\xBD\xBA\x26\x54\xB4\xF9" -+ "\xDF\x8E\x8A\xE5\x9D\x73\x3D\x9F\x33\xB3\x01\x62\x4A\xFD\x1D\x51"; -+ -+static unsigned char fake_rsa_p[] = -+ "\x00\xD8\x40\xB4\x16\x66\xB4\x2E\x92\xEA\x0D\xA3\xB4\x32\x04\xB5" -+ "\xCF\xCE\x33\x52\x52\x4D\x04\x16\xA5\xA4\x41\xE7\x00\xAF\x46\x12" -+ "\x0D"; -+ -+static unsigned char fake_rsa_q[] = -+ "\x00\xC9\x7F\xB1\xF0\x27\xF4\x53\xF6\x34\x12\x33\xEA\xAA\xD1\xD9" -+ "\x35\x3F\x6C\x42\xD0\x88\x66\xB1\xD0\x5A\x0F\x20\x35\x02\x8B\x9D" -+ "\x89"; -+ -+static unsigned char fake_rsa_dmp1[] = -+ "\x59\x0B\x95\x72\xA2\xC2\xA9\xC4\x06\x05\x9D\xC2\xAB\x2F\x1D\xAF" -+ "\xEB\x7E\x8B\x4F\x10\xA7\x54\x9E\x8E\xED\xF5\xB4\xFC\xE0\x9E\x05"; -+ -+static unsigned char fake_rsa_dmq1[] = -+ "\x00\x8E\x3C\x05\x21\xFE\x15\xE0\xEA\x06\xA3\x6F\xF0\xF1\x0C\x99" -+ "\x52\xC3\x5B\x7A\x75\x14\xFD\x32\x38\xB8\x0A\xAD\x52\x98\x62\x8D" -+ "\x51"; -+ -+static unsigned char fake_rsa_iqmp[] = -+ "\x36\x3F\xF7\x18\x9D\xA8\xE9\x0B\x1D\x34\x1F\x71\xD0\x9B\x76\xA8" -+ "\xA9\x43\xE1\x1D\x10\xB2\x4D\x24\x9F\x2D\xEA\xFE\xF8\x0C\x18\x26"; -+ -+OSSL_PARAM *fake_rsa_key_params(int priv) -+{ -+ if (priv) { -+ OSSL_PARAM params[] = { -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n, -+ sizeof(fake_rsa_n) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e, -+ sizeof(fake_rsa_e) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_D, fake_rsa_d, -+ sizeof(fake_rsa_d) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR1, fake_rsa_p, -+ sizeof(fake_rsa_p) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_FACTOR2, fake_rsa_q, -+ sizeof(fake_rsa_q) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT1, fake_rsa_dmp1, -+ sizeof(fake_rsa_dmp1) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_EXPONENT2, fake_rsa_dmq1, -+ sizeof(fake_rsa_dmq1) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_COEFFICIENT1, fake_rsa_iqmp, -+ sizeof(fake_rsa_iqmp) -1), -+ OSSL_PARAM_END -+ }; -+ return OSSL_PARAM_dup(params); -+ } else { -+ OSSL_PARAM params[] = { -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, fake_rsa_n, -+ sizeof(fake_rsa_n) -1), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, fake_rsa_e, -+ sizeof(fake_rsa_e) -1), -+ OSSL_PARAM_END -+ }; -+ return OSSL_PARAM_dup(params); -+ } -+} -+ -+static int fake_rsa_keymgmt_export(void *keydata, int selection, -+ OSSL_CALLBACK *param_callback, void *cbarg) -+{ -+ OSSL_PARAM *params = NULL; -+ int ret; -+ -+ if (selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) -+ return 0; -+ -+ if (!TEST_ptr(params = fake_rsa_key_params(0))) -+ return 0; -+ -+ ret = param_callback(params, cbarg); -+ OSSL_PARAM_free(params); -+ return ret; -+} -+ - static const OSSL_PARAM fake_rsa_import_key_types[] = { - OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), - OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), -@@ -95,19 +195,33 @@ static const OSSL_PARAM *fake_rsa_keymgmt_imptypes(int selection) - return fake_rsa_import_key_types; - } - -+static const OSSL_PARAM fake_rsa_export_key_types[] = { -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_N, NULL, 0), -+ OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0), -+ OSSL_PARAM_END -+}; -+ -+static const OSSL_PARAM *fake_rsa_keymgmt_exptypes(int selection) -+{ -+ /* record global for checking */ -+ exptypes_selection = selection; -+ -+ return fake_rsa_export_key_types; -+} -+ - static void *fake_rsa_keymgmt_load(const void *reference, size_t reference_sz) - { -- unsigned char *key = NULL; -+ struct fake_rsa_keydata *key = NULL; - -- if (reference_sz != sizeof(key)) -+ if (reference_sz != sizeof(*key)) - return NULL; - -- key = *(unsigned char **)reference; -- if (*key != 1) -+ key = *(struct fake_rsa_keydata **)reference; -+ if (key->status != 1) - return NULL; - - /* detach the reference */ -- *(unsigned char **)reference = NULL; -+ *(struct fake_rsa_keydata **)reference = NULL; - - return key; - } -@@ -129,7 +243,7 @@ static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) - { - unsigned char *gctx = genctx; - static const unsigned char inited[] = { 1 }; -- unsigned char *keydata; -+ struct fake_rsa_keydata *keydata; - - if (!TEST_ptr(gctx) - || !TEST_mem_eq(gctx, sizeof(*gctx), inited, sizeof(inited))) -@@ -138,7 +252,7 @@ static void *fake_rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) - if (!TEST_ptr(keydata = fake_rsa_keymgmt_new(NULL))) - return NULL; - -- *keydata = 2; -+ keydata->status = 2; - return keydata; - } - -@@ -156,6 +270,9 @@ static const OSSL_DISPATCH fake_rsa_keymgmt_funcs[] = { - { OSSL_FUNC_KEYMGMT_IMPORT, (void (*)(void))fake_rsa_keymgmt_import }, - { OSSL_FUNC_KEYMGMT_IMPORT_TYPES, - (void (*)(void))fake_rsa_keymgmt_imptypes }, -+ { OSSL_FUNC_KEYMGMT_EXPORT, (void (*)(void))fake_rsa_keymgmt_export }, -+ { OSSL_FUNC_KEYMGMT_EXPORT_TYPES, -+ (void (*)(void))fake_rsa_keymgmt_exptypes }, - { OSSL_FUNC_KEYMGMT_LOAD, (void (*)(void))fake_rsa_keymgmt_load }, - { OSSL_FUNC_KEYMGMT_GEN_INIT, (void (*)(void))fake_rsa_gen_init }, - { OSSL_FUNC_KEYMGMT_GEN, (void (*)(void))fake_rsa_gen }, -@@ -191,14 +308,14 @@ static int fake_rsa_sig_sign_init(void *ctx, void *provkey, - const OSSL_PARAM params[]) - { - unsigned char *sigctx = ctx; -- unsigned char *keydata = provkey; -+ struct fake_rsa_keydata *keydata = provkey; - - /* we must have a ctx */ - if (!TEST_ptr(sigctx)) - return 0; - - /* we must have some initialized key */ -- if (!TEST_ptr(keydata) || !TEST_int_gt(keydata[0], 0)) -+ if (!TEST_ptr(keydata) || !TEST_int_gt(keydata->status, 0)) - return 0; - - /* record that sign init was called */ -@@ -289,7 +406,7 @@ static int fake_rsa_st_load(void *loaderctx, - unsigned char *storectx = loaderctx; - OSSL_PARAM params[4]; - int object_type = OSSL_OBJECT_PKEY; -- void *key = NULL; -+ struct fake_rsa_keydata *key = NULL; - int rv = 0; - - switch (*storectx) { -@@ -307,7 +424,7 @@ static int fake_rsa_st_load(void *loaderctx, - /* The address of the key becomes the octet string */ - params[2] = - OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_REFERENCE, -- &key, sizeof(key)); -+ &key, sizeof(*key)); - params[3] = OSSL_PARAM_construct_end(); - rv = object_cb(params, object_cbarg); - *storectx = 1; -diff --git a/test/fake_rsaprov.h b/test/fake_rsaprov.h -index 57de1ecf8d..190c46a285 100644 ---- a/test/fake_rsaprov.h -+++ b/test/fake_rsaprov.h -@@ -12,3 +12,4 @@ - /* Fake RSA provider implementation */ - OSSL_PROVIDER *fake_rsa_start(OSSL_LIB_CTX *libctx); - void fake_rsa_finish(OSSL_PROVIDER *p); -+OSSL_PARAM *fake_rsa_key_params(int priv); -diff --git a/test/provider_pkey_test.c b/test/provider_pkey_test.c -index 5c398398f4..3b190baa5e 100644 ---- a/test/provider_pkey_test.c -+++ b/test/provider_pkey_test.c -@@ -176,6 +176,67 @@ end: - return ret; - } - -+static int test_pkey_eq(void) -+{ -+ OSSL_PROVIDER *deflt = NULL; -+ OSSL_PROVIDER *fake_rsa = NULL; -+ EVP_PKEY *pkey_fake = NULL; -+ EVP_PKEY *pkey_dflt = NULL; -+ EVP_PKEY_CTX *ctx = NULL; -+ OSSL_PARAM *params = NULL; -+ int ret = 0; -+ -+ if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx))) -+ return 0; -+ -+ if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default"))) -+ goto end; -+ -+ /* Construct a public key for fake-rsa */ -+ if (!TEST_ptr(params = fake_rsa_key_params(0)) -+ || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", -+ "provider=fake-rsa")) -+ || !TEST_true(EVP_PKEY_fromdata_init(ctx)) -+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_fake, EVP_PKEY_PUBLIC_KEY, -+ params)) -+ || !TEST_ptr(pkey_fake)) -+ goto end; -+ -+ EVP_PKEY_CTX_free(ctx); -+ ctx = NULL; -+ OSSL_PARAM_free(params); -+ params = NULL; -+ -+ /* Construct a public key for default */ -+ if (!TEST_ptr(params = fake_rsa_key_params(0)) -+ || !TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA", -+ "provider=default")) -+ || !TEST_true(EVP_PKEY_fromdata_init(ctx)) -+ || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey_dflt, EVP_PKEY_PUBLIC_KEY, -+ params)) -+ || !TEST_ptr(pkey_dflt)) -+ goto end; -+ -+ EVP_PKEY_CTX_free(ctx); -+ ctx = NULL; -+ OSSL_PARAM_free(params); -+ params = NULL; -+ -+ /* now test for equality */ -+ if (!TEST_int_eq(EVP_PKEY_eq(pkey_fake, pkey_dflt), 1)) -+ goto end; -+ -+ ret = 1; -+end: -+ fake_rsa_finish(fake_rsa); -+ OSSL_PROVIDER_unload(deflt); -+ EVP_PKEY_CTX_free(ctx); -+ EVP_PKEY_free(pkey_fake); -+ EVP_PKEY_free(pkey_dflt); -+ OSSL_PARAM_free(params); -+ return ret; -+} -+ - static int test_pkey_store(int idx) - { - OSSL_PROVIDER *deflt = NULL; -@@ -235,6 +296,7 @@ int setup_tests(void) - - ADD_TEST(test_pkey_sig); - ADD_TEST(test_alternative_keygen_init); -+ ADD_TEST(test_pkey_eq); - ADD_ALL_TESTS(test_pkey_store, 2); - - return 1; --- -2.38.1 - -From 2fea56832780248af2aba2e4433ece2d18428515 Mon Sep 17 00:00:00 2001 -From: Simo Sorce -Date: Mon, 14 Nov 2022 10:25:15 -0500 -Subject: [PATCH] Drop explicit check for engines in opt_legacy_okay - -The providers indication should always indicate that this is not a -legacy request. -This makes a check for engines redundant as the default return is that -legacy is ok if there are no explicit providers. - -Fixes #19662 - -Signed-off-by: Simo Sorce - -Reviewed-by: Dmitry Belyavskiy -Reviewed-by: Paul Dale -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/19671) ---- - apps/lib/apps.c | 8 -------- - test/recipes/20-test_legacy_okay.t | 23 +++++++++++++++++++++++ - 2 files changed, 23 insertions(+), 8 deletions(-) - create mode 100755 test/recipes/20-test_legacy_okay.t - -diff --git a/apps/lib/apps.c b/apps/lib/apps.c -index 3d52e030ab7e258f9cd983b2d9755d954cb3aee5..bbe0d009efb35fcf1a902c86cbddc61e657e57f1 100644 ---- a/apps/lib/apps.c -+++ b/apps/lib/apps.c -@@ -3405,14 +3405,6 @@ int opt_legacy_okay(void) - { - int provider_options = opt_provider_option_given(); - int libctx = app_get0_libctx() != NULL || app_get0_propq() != NULL; --#ifndef OPENSSL_NO_ENGINE -- ENGINE *e = ENGINE_get_first(); -- -- if (e != NULL) { -- ENGINE_free(e); -- return 1; -- } --#endif - /* - * Having a provider option specified or a custom library context or - * property query, is a sure sign we're not using legacy. -diff --git a/test/recipes/20-test_legacy_okay.t b/test/recipes/20-test_legacy_okay.t -new file mode 100755 -index 0000000000000000000000000000000000000000..183499f3fd93f97e8a4a30681a9f383d2f6e0c56 ---- /dev/null -+++ b/test/recipes/20-test_legacy_okay.t -@@ -0,0 +1,23 @@ -+#! /usr/bin/env perl -+# Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. -+# -+# Licensed under the Apache License 2.0 (the "License"). You may not use -+# this file except in compliance with the License. You can obtain a copy -+# in the file LICENSE in the source distribution or at -+# https://www.openssl.org/source/license.html -+ -+use strict; -+use warnings; -+ -+use OpenSSL::Test; -+ -+setup("test_legacy"); -+ -+plan tests => 3; -+ -+ok(run(app(['openssl', 'rand', '-out', 'rand.txt', '256'])), "Generate random file"); -+ -+ok(run(app(['openssl', 'dgst', '-sha256', 'rand.txt'])), "Generate a digest"); -+ -+ok(!run(app(['openssl', 'dgst', '-sha256', '-propquery', 'foo=1', -+ 'rand.txt'])), "Fail to generate a digest"); --- -2.38.1 - diff --git a/0048-fix-CVE-2023-0464.patch b/0048-fix-CVE-2023-0464.patch deleted file mode 100644 index e887693b43490dd27834760af034b20e1f280074..0000000000000000000000000000000000000000 --- a/0048-fix-CVE-2023-0464.patch +++ /dev/null @@ -1,259 +0,0 @@ -From dbf899a67d84f8e35a29aba3e6905713ca931283 Mon Sep 17 00:00:00 2001 -From: Pauli -Date: Sat, 6 May 2023 17:37:51 +0800 -Subject: [PATCH 1/1] fix CVE 2023 0464 - ---- - CHANGES.md | 9 +++++++++ - NEWS.md | 2 ++ - crypto/x509/pcy_local.h | 8 +++++++- - crypto/x509/pcy_node.c | 13 ++++++++++--- - crypto/x509/pcy_tree.c | 36 ++++++++++++++++++++++++++---------- - 5 files changed, 54 insertions(+), 14 deletions(-) - -diff --git a/CHANGES.md b/CHANGES.md -index 84933a8..5cf1f60 100644 ---- a/CHANGES.md -+++ b/CHANGES.md -@@ -30,6 +30,14 @@ breaking changes, and mappings for the large list of deprecated functions. - - ### Changes between 3.0.6 and 3.0.7 [1 Nov 2022] - -+ * Limited the number of nodes created in a policy tree to mitigate -+ against CVE-2023-0464. The default limit is set to 1000 nodes, which -+ should be sufficient for most installations. If required, the limit -+ can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build -+ time define to a desired maximum number of nodes or zero to allow -+ unlimited growth. -+ ([CVE-2023-0464]) -+ - * Fixed two buffer overflows in punycode decoding functions. - - A buffer overrun can be triggered in X.509 certificate verification, -@@ -19415,6 +19423,7 @@ ndif - - - -+[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 - [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 - [CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 - [CVE-2020-1971]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1971 -diff --git a/NEWS.md b/NEWS.md -index e55777f..450c590 100644 ---- a/NEWS.md -+++ b/NEWS.md -@@ -24,6 +24,7 @@ OpenSSL 3.0 - * Fixed regressions introduced in 3.0.6 version. - * Fixed two buffer overflows in punycode decoding functions. - ([CVE-2022-3786]) and ([CVE-2022-3602]) -+ * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) - - ### Major changes between OpenSSL 3.0.5 and OpenSSL 3.0.6 [11 Oct 2022] - -@@ -1419,6 +1420,7 @@ OpenSSL 0.9.x - - - -+[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 - [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 - [CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 - [CVE-2020-1971]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1971 -diff --git a/crypto/x509/pcy_local.h b/crypto/x509/pcy_local.h -index 18b53cc..e7b569e 100644 ---- a/crypto/x509/pcy_local.h -+++ b/crypto/x509/pcy_local.h -@@ -111,6 +111,11 @@ struct X509_POLICY_LEVEL_st { - }; - - struct X509_POLICY_TREE_st { -+ /* The number of nodes in the tree */ -+ size_t node_count; -+ /* The maximum number of nodes in the tree */ -+ size_t node_maximum; -+ - /* This is the tree 'level' data */ - X509_POLICY_LEVEL *levels; - int nlevel; -@@ -157,7 +162,8 @@ X509_POLICY_NODE *ossl_policy_tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk, - X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - X509_POLICY_DATA *data, - X509_POLICY_NODE *parent, -- X509_POLICY_TREE *tree); -+ X509_POLICY_TREE *tree, -+ int extra_data); - void ossl_policy_node_free(X509_POLICY_NODE *node); - int ossl_policy_node_match(const X509_POLICY_LEVEL *lvl, - const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); -diff --git a/crypto/x509/pcy_node.c b/crypto/x509/pcy_node.c -index 9d9a7ea..47865c1 100644 ---- a/crypto/x509/pcy_node.c -+++ b/crypto/x509/pcy_node.c -@@ -59,10 +59,16 @@ X509_POLICY_NODE *ossl_policy_level_find_node(const X509_POLICY_LEVEL *level, - X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - X509_POLICY_DATA *data, - X509_POLICY_NODE *parent, -- X509_POLICY_TREE *tree) -+ X509_POLICY_TREE *tree, -+ int extra_data) -+ - { - X509_POLICY_NODE *node; - -+ /* Verify that the tree isn't too large. This mitigates CVE-2023-0464 */ -+ if (tree->node_maximum > 0 && tree->node_count >= tree->node_maximum) -+ return NULL; -+ - node = OPENSSL_zalloc(sizeof(*node)); - if (node == NULL) { - ERR_raise(ERR_LIB_X509V3, ERR_R_MALLOC_FAILURE); -@@ -70,7 +76,7 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - } - node->data = data; - node->parent = parent; -- if (level) { -+ if (level != NULL) { - if (OBJ_obj2nid(data->valid_policy) == NID_any_policy) { - if (level->anyPolicy) - goto node_error; -@@ -90,7 +96,7 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - } - } - -- if (tree) { -+ if (extra_data) { - if (tree->extra_data == NULL) - tree->extra_data = sk_X509_POLICY_DATA_new_null(); - if (tree->extra_data == NULL){ -@@ -103,6 +109,7 @@ X509_POLICY_NODE *ossl_policy_level_add_node(X509_POLICY_LEVEL *level, - } - } - -+ tree->node_count++; - if (parent) - parent->nchild++; - -diff --git a/crypto/x509/pcy_tree.c b/crypto/x509/pcy_tree.c -index fa45da5..b1271ea 100644 ---- a/crypto/x509/pcy_tree.c -+++ b/crypto/x509/pcy_tree.c -@@ -14,6 +14,17 @@ - - #include "pcy_local.h" - -+/* -+ * If the maximum number of nodes in the policy tree isn't defined, set it to -+ * a generous default of 1000 nodes. -+ * -+ * Defining this to be zero means unlimited policy tree growth which opens the -+ * door on CVE-2023-0464. -+ */ -+#ifndef OPENSSL_POLICY_TREE_NODES_MAX -+# define OPENSSL_POLICY_TREE_NODES_MAX 1000 -+#endif -+ - static void expected_print(BIO *channel, - X509_POLICY_LEVEL *lev, X509_POLICY_NODE *node, - int indent) -@@ -117,6 +128,9 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, - return X509_PCY_TREE_INTERNAL; - } - -+ /* Limit the growth of the tree to mitigate CVE-2023-0464 */ -+ tree->node_maximum = OPENSSL_POLICY_TREE_NODES_MAX; -+ - /* - * At this point check for invalid policies and required explicit policy. - * Note that the explicit_policy counter is a count-down to zero, with the -@@ -180,7 +194,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, - if ((data = ossl_policy_data_new(NULL, - OBJ_nid2obj(NID_any_policy), 0)) == NULL) - goto bad_tree; -- if (ossl_policy_level_add_node(level, data, NULL, tree) == NULL) { -+ if (ossl_policy_level_add_node(level, data, NULL, tree, 1) == NULL) { - ossl_policy_data_free(data); - goto bad_tree; - } -@@ -239,7 +253,8 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs, - * Return value: 1 on success, 0 otherwise - */ - static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, -- X509_POLICY_DATA *data) -+ X509_POLICY_DATA *data, -+ X509_POLICY_TREE *tree) - { - X509_POLICY_LEVEL *last = curr - 1; - int i, matched = 0; -@@ -249,13 +264,13 @@ static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, - X509_POLICY_NODE *node = sk_X509_POLICY_NODE_value(last->nodes, i); - - if (ossl_policy_node_match(last, node, data->valid_policy)) { -- if (ossl_policy_level_add_node(curr, data, node, NULL) == NULL) -+ if (ossl_policy_level_add_node(curr, data, node, tree, 0) == NULL) - return 0; - matched = 1; - } - } - if (!matched && last->anyPolicy) { -- if (ossl_policy_level_add_node(curr, data, last->anyPolicy, NULL) == NULL) -+ if (ossl_policy_level_add_node(curr, data, last->anyPolicy, tree, 0) == NULL) - return 0; - } - return 1; -@@ -268,7 +283,8 @@ static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr, - * Return value: 1 on success, 0 otherwise. - */ - static int tree_link_nodes(X509_POLICY_LEVEL *curr, -- const X509_POLICY_CACHE *cache) -+ const X509_POLICY_CACHE *cache, -+ X509_POLICY_TREE *tree) - { - int i; - -@@ -276,7 +292,7 @@ static int tree_link_nodes(X509_POLICY_LEVEL *curr, - X509_POLICY_DATA *data = sk_X509_POLICY_DATA_value(cache->data, i); - - /* Look for matching nodes in previous level */ -- if (!tree_link_matching_nodes(curr, data)) -+ if (!tree_link_matching_nodes(curr, data, tree)) - return 0; - } - return 1; -@@ -307,7 +323,7 @@ static int tree_add_unmatched(X509_POLICY_LEVEL *curr, - /* Curr may not have anyPolicy */ - data->qualifier_set = cache->anyPolicy->qualifier_set; - data->flags |= POLICY_DATA_FLAG_SHARED_QUALIFIERS; -- if (ossl_policy_level_add_node(curr, data, node, tree) == NULL) { -+ if (ossl_policy_level_add_node(curr, data, node, tree, 1) == NULL) { - ossl_policy_data_free(data); - return 0; - } -@@ -370,7 +386,7 @@ static int tree_link_any(X509_POLICY_LEVEL *curr, - /* Finally add link to anyPolicy */ - if (last->anyPolicy && - ossl_policy_level_add_node(curr, cache->anyPolicy, -- last->anyPolicy, NULL) == NULL) -+ last->anyPolicy, tree, 0) == NULL) - return 0; - return 1; - } -@@ -553,7 +569,7 @@ static int tree_calculate_user_set(X509_POLICY_TREE *tree, - extra->flags = POLICY_DATA_FLAG_SHARED_QUALIFIERS - | POLICY_DATA_FLAG_EXTRA_NODE; - node = ossl_policy_level_add_node(NULL, extra, anyPolicy->parent, -- tree); -+ tree, 1); - } - if (!tree->user_policies) { - tree->user_policies = sk_X509_POLICY_NODE_new_null(); -@@ -580,7 +596,7 @@ static int tree_evaluate(X509_POLICY_TREE *tree) - - for (i = 1; i < tree->nlevel; i++, curr++) { - cache = ossl_policy_cache_set(curr->cert); -- if (!tree_link_nodes(curr, cache)) -+ if (!tree_link_nodes(curr, cache, tree)) - return X509_PCY_TREE_INTERNAL; - - if (!(curr->flags & X509_V_FLAG_INHIBIT_ANY) --- -2.31.1 - diff --git a/0049-fix-CVE-2023-0465.patch b/0049-fix-CVE-2023-0465.patch deleted file mode 100644 index 88d8685162adced2c89d559baf80365819642fac..0000000000000000000000000000000000000000 --- a/0049-fix-CVE-2023-0465.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 93e500e954f4724365a7ee31c9dce2bd502a6f3d Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Sat, 6 May 2023 16:52:37 +0800 -Subject: [PATCH 1/1] fix CVE 2023 0465 - ---- - CHANGES.md | 8 ++++++++ - NEWS.md | 3 +++ - crypto/x509/x509_vfy.c | 12 ++++++++++-- - 3 files changed, 21 insertions(+), 2 deletions(-) - -diff --git a/CHANGES.md b/CHANGES.md -index 5cf1f60..bee4757 100644 ---- a/CHANGES.md -+++ b/CHANGES.md -@@ -30,6 +30,13 @@ breaking changes, and mappings for the large list of deprecated functions. - - ### Changes between 3.0.6 and 3.0.7 [1 Nov 2022] - -+ * Fixed an issue where invalid certificate policies in leaf certificates are -+ silently ignored by OpenSSL and other certificate policy checks are skipped -+ for that certificate. A malicious CA could use this to deliberately assert -+ invalid certificate policies in order to circumvent policy checking on the -+ certificate altogether. -+ ([CVE-2023-0465]) -+ - * Limited the number of nodes created in a policy tree to mitigate - against CVE-2023-0464. The default limit is set to 1000 nodes, which - should be sufficient for most installations. If required, the limit -@@ -19423,6 +19430,7 @@ ndif - - - -+[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 - [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 - [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 - [CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 -diff --git a/NEWS.md b/NEWS.md -index 450c590..e43a2ad 100644 ---- a/NEWS.md -+++ b/NEWS.md -@@ -25,6 +25,8 @@ OpenSSL 3.0 - * Fixed two buffer overflows in punycode decoding functions. - ([CVE-2022-3786]) and ([CVE-2022-3602]) - * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) -+ * Fixed handling of invalid certificate policies in leaf certificates -+ ([CVE-2023-0465]) - - ### Major changes between OpenSSL 3.0.5 and OpenSSL 3.0.6 [11 Oct 2022] - -@@ -1420,6 +1422,7 @@ OpenSSL 0.9.x - - - -+[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 - [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 - [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 - [CVE-2022-2097]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 -diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c -index 859d5ca..61167f6 100644 ---- a/crypto/x509/x509_vfy.c -+++ b/crypto/x509/x509_vfy.c -@@ -1655,15 +1655,23 @@ static int check_policy(X509_STORE_CTX *ctx) - goto memerr; - /* Invalid or inconsistent extensions */ - if (ret == X509_PCY_TREE_INVALID) { -- int i; -+ int i, cbcalled = 0; - - /* Locate certificates with bad extensions and notify callback. */ -- for (i = 1; i < sk_X509_num(ctx->chain); i++) { -+ for (i = 0; i < sk_X509_num(ctx->chain); i++) { - X509 *x = sk_X509_value(ctx->chain, i); - -+ if ((x->ex_flags & EXFLAG_INVALID_POLICY) != 0) -+ cbcalled = 1; - CB_FAIL_IF((x->ex_flags & EXFLAG_INVALID_POLICY) != 0, - ctx, x, i, X509_V_ERR_INVALID_POLICY_EXTENSION); - } -+ if (!cbcalled) { -+ /* Should not be able to get here */ -+ ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR); -+ return 0; -+ } -+ /* The callback ignored the error so we return success */ - return 1; - } - if (ret == X509_PCY_TREE_FAILURE) { --- -2.31.1 - diff --git a/0050-fix-CVE-2023-0466.patch b/0050-fix-CVE-2023-0466.patch deleted file mode 100644 index 124bfdbd9e0609a9aaa94bbb65f54de7234f466a..0000000000000000000000000000000000000000 --- a/0050-fix-CVE-2023-0466.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 79878304c42e58ed63f39ea138035ac7d26bed63 Mon Sep 17 00:00:00 2001 -From: Tomas Mraz -Date: Sat, 6 May 2023 16:56:21 +0800 -Subject: [PATCH 1/1] fix CVE 2023 0466 - ---- - CHANGES.md | 6 ++++++ - NEWS.md | 2 ++ - doc/man3/X509_VERIFY_PARAM_set_flags.pod | 9 +++++++-- - 3 files changed, 15 insertions(+), 2 deletions(-) - -diff --git a/CHANGES.md b/CHANGES.md -index bee4757..2943a2a 100644 ---- a/CHANGES.md -+++ b/CHANGES.md -@@ -30,6 +30,11 @@ breaking changes, and mappings for the large list of deprecated functions. - - ### Changes between 3.0.6 and 3.0.7 [1 Nov 2022] - -+ * Corrected documentation of X509_VERIFY_PARAM_add0_policy() to mention -+ that it does not enable policy checking. Thanks to David Benjamin for -+ discovering this issue. -+ ([CVE-2023-0466]) -+ - * Fixed an issue where invalid certificate policies in leaf certificates are - silently ignored by OpenSSL and other certificate policy checks are skipped - for that certificate. A malicious CA could use this to deliberately assert -@@ -19430,6 +19435,7 @@ ndif - - - -+[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 - [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 - [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 - [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 -diff --git a/NEWS.md b/NEWS.md -index e43a2ad..1b6cc64 100644 ---- a/NEWS.md -+++ b/NEWS.md -@@ -27,6 +27,7 @@ OpenSSL 3.0 - * Limited the number of nodes created in a policy tree ([CVE-2023-0464]) - * Fixed handling of invalid certificate policies in leaf certificates - ([CVE-2023-0465]) -+ * Fixed documentation of X509_VERIFY_PARAM_add0_policy() ([CVE-2023-0466]) - - ### Major changes between OpenSSL 3.0.5 and OpenSSL 3.0.6 [11 Oct 2022] - -@@ -1422,6 +1423,7 @@ OpenSSL 0.9.x - - - -+[CVE-2023-0466]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0466 - [CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465 - [CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464 - [CVE-2022-2274]: https://www.openssl.org/news/vulnerabilities.html#CVE-2022-2274 -diff --git a/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/doc/man3/X509_VERIFY_PARAM_set_flags.pod -index 5c0ca30..c3894ff 100644 ---- a/doc/man3/X509_VERIFY_PARAM_set_flags.pod -+++ b/doc/man3/X509_VERIFY_PARAM_set_flags.pod -@@ -97,8 +97,9 @@ B. - X509_VERIFY_PARAM_set_time() sets the verification time in B to - B. Normally the current time is used. - --X509_VERIFY_PARAM_add0_policy() enables policy checking (it is disabled --by default) and adds B to the acceptable policy set. -+X509_VERIFY_PARAM_add0_policy() adds B to the acceptable policy set. -+Contrary to preexisting documentation of this function it does not enable -+policy checking. - - X509_VERIFY_PARAM_set1_policies() enables policy checking (it is disabled - by default) and sets the acceptable policy set to B. Any existing -@@ -198,6 +199,10 @@ L. - X509_VERIFY_PARAM_get1_ip_asc() returns the expected IP address as a string. - The caller is responsible for freeing it. - -+The function X509_VERIFY_PARAM_add0_policy() was historically documented as -+enabling policy checking however the implementation has never done this. -+The documentation was changed to align with the implementation. -+ - X509_VERIFY_PARAM_set1_ip() sets the expected IP address to B. - The B argument is in binary format, in network byte-order and - B must be set to 4 for IPv4 and 16 for IPv6. When an IP --- -2.31.1 - diff --git a/ec_curve.c b/ec_curve.c deleted file mode 100644 index 64ac40bed40ce2e843fcc285fb0b6998b85d30fd..0000000000000000000000000000000000000000 --- a/ec_curve.c +++ /dev/null @@ -1,628 +0,0 @@ -/* - * Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved. - * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * ECDSA low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include -#include "ec_local.h" -#include -#include -#include -#include -#include "internal/nelem.h" - -typedef struct { - int field_type, /* either NID_X9_62_prime_field or - * NID_X9_62_characteristic_two_field */ - seed_len, param_len; - unsigned int cofactor; /* promoted to BN_ULONG */ -} EC_CURVE_DATA; - -/* the nist prime curves */ -static const struct { - EC_CURVE_DATA h; - unsigned char data[20 + 28 * 6]; -} _EC_NIST_PRIME_224 = { - { - NID_X9_62_prime_field, 20, 28, 1 - }, - { - /* seed */ - 0xBD, 0x71, 0x34, 0x47, 0x99, 0xD5, 0xC7, 0xFC, 0xDC, 0x45, 0xB5, 0x9F, - 0xA3, 0xB9, 0xAB, 0x8F, 0x6A, 0x94, 0x8B, 0xC5, - /* p */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01, - /* a */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFE, - /* b */ - 0xB4, 0x05, 0x0A, 0x85, 0x0C, 0x04, 0xB3, 0xAB, 0xF5, 0x41, 0x32, 0x56, - 0x50, 0x44, 0xB0, 0xB7, 0xD7, 0xBF, 0xD8, 0xBA, 0x27, 0x0B, 0x39, 0x43, - 0x23, 0x55, 0xFF, 0xB4, - /* x */ - 0xB7, 0x0E, 0x0C, 0xBD, 0x6B, 0xB4, 0xBF, 0x7F, 0x32, 0x13, 0x90, 0xB9, - 0x4A, 0x03, 0xC1, 0xD3, 0x56, 0xC2, 0x11, 0x22, 0x34, 0x32, 0x80, 0xD6, - 0x11, 0x5C, 0x1D, 0x21, - /* y */ - 0xbd, 0x37, 0x63, 0x88, 0xb5, 0xf7, 0x23, 0xfb, 0x4c, 0x22, 0xdf, 0xe6, - 0xcd, 0x43, 0x75, 0xa0, 0x5a, 0x07, 0x47, 0x64, 0x44, 0xd5, 0x81, 0x99, - 0x85, 0x00, 0x7e, 0x34, - /* order */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0x16, 0xA2, 0xE0, 0xB8, 0xF0, 0x3E, 0x13, 0xDD, 0x29, 0x45, - 0x5C, 0x5C, 0x2A, 0x3D - } -}; - -static const struct { - EC_CURVE_DATA h; - unsigned char data[20 + 48 * 6]; -} _EC_NIST_PRIME_384 = { - { - NID_X9_62_prime_field, 20, 48, 1 - }, - { - /* seed */ - 0xA3, 0x35, 0x92, 0x6A, 0xA3, 0x19, 0xA2, 0x7A, 0x1D, 0x00, 0x89, 0x6A, - 0x67, 0x73, 0xA4, 0x82, 0x7A, 0xCD, 0xAC, 0x73, - /* p */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, - /* a */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFF, 0xFF, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFC, - /* b */ - 0xB3, 0x31, 0x2F, 0xA7, 0xE2, 0x3E, 0xE7, 0xE4, 0x98, 0x8E, 0x05, 0x6B, - 0xE3, 0xF8, 0x2D, 0x19, 0x18, 0x1D, 0x9C, 0x6E, 0xFE, 0x81, 0x41, 0x12, - 0x03, 0x14, 0x08, 0x8F, 0x50, 0x13, 0x87, 0x5A, 0xC6, 0x56, 0x39, 0x8D, - 0x8A, 0x2E, 0xD1, 0x9D, 0x2A, 0x85, 0xC8, 0xED, 0xD3, 0xEC, 0x2A, 0xEF, - /* x */ - 0xAA, 0x87, 0xCA, 0x22, 0xBE, 0x8B, 0x05, 0x37, 0x8E, 0xB1, 0xC7, 0x1E, - 0xF3, 0x20, 0xAD, 0x74, 0x6E, 0x1D, 0x3B, 0x62, 0x8B, 0xA7, 0x9B, 0x98, - 0x59, 0xF7, 0x41, 0xE0, 0x82, 0x54, 0x2A, 0x38, 0x55, 0x02, 0xF2, 0x5D, - 0xBF, 0x55, 0x29, 0x6C, 0x3A, 0x54, 0x5E, 0x38, 0x72, 0x76, 0x0A, 0xB7, - /* y */ - 0x36, 0x17, 0xde, 0x4a, 0x96, 0x26, 0x2c, 0x6f, 0x5d, 0x9e, 0x98, 0xbf, - 0x92, 0x92, 0xdc, 0x29, 0xf8, 0xf4, 0x1d, 0xbd, 0x28, 0x9a, 0x14, 0x7c, - 0xe9, 0xda, 0x31, 0x13, 0xb5, 0xf0, 0xb8, 0xc0, 0x0a, 0x60, 0xb1, 0xce, - 0x1d, 0x7e, 0x81, 0x9d, 0x7a, 0x43, 0x1d, 0x7c, 0x90, 0xea, 0x0e, 0x5f, - /* order */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xC7, 0x63, 0x4D, 0x81, 0xF4, 0x37, 0x2D, 0xDF, 0x58, 0x1A, 0x0D, 0xB2, - 0x48, 0xB0, 0xA7, 0x7A, 0xEC, 0xEC, 0x19, 0x6A, 0xCC, 0xC5, 0x29, 0x73 - } -}; - -static const struct { - EC_CURVE_DATA h; - unsigned char data[20 + 66 * 6]; -} _EC_NIST_PRIME_521 = { - { - NID_X9_62_prime_field, 20, 66, 1 - }, - { - /* seed */ - 0xD0, 0x9E, 0x88, 0x00, 0x29, 0x1C, 0xB8, 0x53, 0x96, 0xCC, 0x67, 0x17, - 0x39, 0x32, 0x84, 0xAA, 0xA0, 0xDA, 0x64, 0xBA, - /* p */ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - /* a */ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, - /* b */ - 0x00, 0x51, 0x95, 0x3E, 0xB9, 0x61, 0x8E, 0x1C, 0x9A, 0x1F, 0x92, 0x9A, - 0x21, 0xA0, 0xB6, 0x85, 0x40, 0xEE, 0xA2, 0xDA, 0x72, 0x5B, 0x99, 0xB3, - 0x15, 0xF3, 0xB8, 0xB4, 0x89, 0x91, 0x8E, 0xF1, 0x09, 0xE1, 0x56, 0x19, - 0x39, 0x51, 0xEC, 0x7E, 0x93, 0x7B, 0x16, 0x52, 0xC0, 0xBD, 0x3B, 0xB1, - 0xBF, 0x07, 0x35, 0x73, 0xDF, 0x88, 0x3D, 0x2C, 0x34, 0xF1, 0xEF, 0x45, - 0x1F, 0xD4, 0x6B, 0x50, 0x3F, 0x00, - /* x */ - 0x00, 0xC6, 0x85, 0x8E, 0x06, 0xB7, 0x04, 0x04, 0xE9, 0xCD, 0x9E, 0x3E, - 0xCB, 0x66, 0x23, 0x95, 0xB4, 0x42, 0x9C, 0x64, 0x81, 0x39, 0x05, 0x3F, - 0xB5, 0x21, 0xF8, 0x28, 0xAF, 0x60, 0x6B, 0x4D, 0x3D, 0xBA, 0xA1, 0x4B, - 0x5E, 0x77, 0xEF, 0xE7, 0x59, 0x28, 0xFE, 0x1D, 0xC1, 0x27, 0xA2, 0xFF, - 0xA8, 0xDE, 0x33, 0x48, 0xB3, 0xC1, 0x85, 0x6A, 0x42, 0x9B, 0xF9, 0x7E, - 0x7E, 0x31, 0xC2, 0xE5, 0xBD, 0x66, - /* y */ - 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a, - 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b, - 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, - 0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, - 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe, - 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50, - /* order */ - 0x01, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFA, 0x51, 0x86, - 0x87, 0x83, 0xBF, 0x2F, 0x96, 0x6B, 0x7F, 0xCC, 0x01, 0x48, 0xF7, 0x09, - 0xA5, 0xD0, 0x3B, 0xB5, 0xC9, 0xB8, 0x89, 0x9C, 0x47, 0xAE, 0xBB, 0x6F, - 0xB7, 0x1E, 0x91, 0x38, 0x64, 0x09 - } -}; - -static const struct { - EC_CURVE_DATA h; - unsigned char data[20 + 32 * 6]; -} _EC_X9_62_PRIME_256V1 = { - { - NID_X9_62_prime_field, 20, 32, 1 - }, - { - /* seed */ - 0xC4, 0x9D, 0x36, 0x08, 0x86, 0xE7, 0x04, 0x93, 0x6A, 0x66, 0x78, 0xE1, - 0x13, 0x9D, 0x26, 0xB7, 0x81, 0x9F, 0x7E, 0x90, - /* p */ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - /* a */ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFC, - /* b */ - 0x5A, 0xC6, 0x35, 0xD8, 0xAA, 0x3A, 0x93, 0xE7, 0xB3, 0xEB, 0xBD, 0x55, - 0x76, 0x98, 0x86, 0xBC, 0x65, 0x1D, 0x06, 0xB0, 0xCC, 0x53, 0xB0, 0xF6, - 0x3B, 0xCE, 0x3C, 0x3E, 0x27, 0xD2, 0x60, 0x4B, - /* x */ - 0x6B, 0x17, 0xD1, 0xF2, 0xE1, 0x2C, 0x42, 0x47, 0xF8, 0xBC, 0xE6, 0xE5, - 0x63, 0xA4, 0x40, 0xF2, 0x77, 0x03, 0x7D, 0x81, 0x2D, 0xEB, 0x33, 0xA0, - 0xF4, 0xA1, 0x39, 0x45, 0xD8, 0x98, 0xC2, 0x96, - /* y */ - 0x4f, 0xe3, 0x42, 0xe2, 0xfe, 0x1a, 0x7f, 0x9b, 0x8e, 0xe7, 0xeb, 0x4a, - 0x7c, 0x0f, 0x9e, 0x16, 0x2b, 0xce, 0x33, 0x57, 0x6b, 0x31, 0x5e, 0xce, - 0xcb, 0xb6, 0x40, 0x68, 0x37, 0xbf, 0x51, 0xf5, - /* order */ - 0xFF, 0xFF, 0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, - 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 - } -}; - -static const struct { - EC_CURVE_DATA h; - unsigned char data[0 + 32 * 6]; -} _EC_SECG_PRIME_256K1 = { - { - NID_X9_62_prime_field, 0, 32, 1 - }, - { - /* no seed */ - /* p */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFE, 0xFF, 0xFF, 0xFC, 0x2F, - /* a */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - /* b */ - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, - /* x */ - 0x79, 0xBE, 0x66, 0x7E, 0xF9, 0xDC, 0xBB, 0xAC, 0x55, 0xA0, 0x62, 0x95, - 0xCE, 0x87, 0x0B, 0x07, 0x02, 0x9B, 0xFC, 0xDB, 0x2D, 0xCE, 0x28, 0xD9, - 0x59, 0xF2, 0x81, 0x5B, 0x16, 0xF8, 0x17, 0x98, - /* y */ - 0x48, 0x3a, 0xda, 0x77, 0x26, 0xa3, 0xc4, 0x65, 0x5d, 0xa4, 0xfb, 0xfc, - 0x0e, 0x11, 0x08, 0xa8, 0xfd, 0x17, 0xb4, 0x48, 0xa6, 0x85, 0x54, 0x19, - 0x9c, 0x47, 0xd0, 0x8f, 0xfb, 0x10, 0xd4, 0xb8, - /* order */ - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFE, 0xBA, 0xAE, 0xDC, 0xE6, 0xAF, 0x48, 0xA0, 0x3B, - 0xBF, 0xD2, 0x5E, 0x8C, 0xD0, 0x36, 0x41, 0x41 - } -}; - -typedef struct _ec_list_element_st { - int nid; - const EC_CURVE_DATA *data; - const EC_METHOD *(*meth) (void); - const char *comment; -} ec_list_element; - -#ifdef FIPS_MODULE -static const ec_list_element curve_list[] = { - /* prime field curves */ - /* secg curves */ - {NID_secp224r1, &_EC_NIST_PRIME_224.h, -# if !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) - EC_GFp_nistp224_method, -# else - 0, -# endif - "NIST/SECG curve over a 224 bit prime field"}, - /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ - {NID_secp384r1, &_EC_NIST_PRIME_384.h, -# if defined(S390X_EC_ASM) - EC_GFp_s390x_nistp384_method, -# else - 0, -# endif - "NIST/SECG curve over a 384 bit prime field"}, - - {NID_secp521r1, &_EC_NIST_PRIME_521.h, -# if defined(S390X_EC_ASM) - EC_GFp_s390x_nistp521_method, -# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) - EC_GFp_nistp521_method, -# else - 0, -# endif - "NIST/SECG curve over a 521 bit prime field"}, - - /* X9.62 curves */ - {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, -# if defined(ECP_NISTZ256_ASM) - EC_GFp_nistz256_method, -# elif defined(S390X_EC_ASM) - EC_GFp_s390x_nistp256_method, -# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) - EC_GFp_nistp256_method, -# else - 0, -# endif - "X9.62/SECG curve over a 256 bit prime field"}, -}; - -#else - -static const ec_list_element curve_list[] = { - /* prime field curves */ - /* secg curves */ -# ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 - {NID_secp224r1, &_EC_NIST_PRIME_224.h, EC_GFp_nistp224_method, - "NIST/SECG curve over a 224 bit prime field"}, -# else - {NID_secp224r1, &_EC_NIST_PRIME_224.h, 0, - "NIST/SECG curve over a 224 bit prime field"}, -# endif - {NID_secp256k1, &_EC_SECG_PRIME_256K1.h, 0, - "SECG curve over a 256 bit prime field"}, - /* SECG secp256r1 is the same as X9.62 prime256v1 and hence omitted */ - {NID_secp384r1, &_EC_NIST_PRIME_384.h, -# if defined(S390X_EC_ASM) - EC_GFp_s390x_nistp384_method, -# else - 0, -# endif - "NIST/SECG curve over a 384 bit prime field"}, - {NID_secp521r1, &_EC_NIST_PRIME_521.h, -# if defined(S390X_EC_ASM) - EC_GFp_s390x_nistp521_method, -# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) - EC_GFp_nistp521_method, -# else - 0, -# endif - "NIST/SECG curve over a 521 bit prime field"}, - /* X9.62 curves */ - {NID_X9_62_prime256v1, &_EC_X9_62_PRIME_256V1.h, -# if defined(ECP_NISTZ256_ASM) - EC_GFp_nistz256_method, -# elif defined(S390X_EC_ASM) - EC_GFp_s390x_nistp256_method, -# elif !defined(OPENSSL_NO_EC_NISTP_64_GCC_128) - EC_GFp_nistp256_method, -# else - 0, -# endif - "X9.62/SECG curve over a 256 bit prime field"}, -}; -#endif /* FIPS_MODULE */ - -#define curve_list_length OSSL_NELEM(curve_list) - -static const ec_list_element *ec_curve_nid2curve(int nid) -{ - size_t i; - - if (nid <= 0) - return NULL; - - for (i = 0; i < curve_list_length; i++) { - if (curve_list[i].nid == nid) - return &curve_list[i]; - } - return NULL; -} - -static EC_GROUP *ec_group_new_from_data(OSSL_LIB_CTX *libctx, - const char *propq, - const ec_list_element curve) -{ - EC_GROUP *group = NULL; - EC_POINT *P = NULL; - BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL, *order = - NULL; - int ok = 0; - int seed_len, param_len; - const EC_METHOD *meth; - const EC_CURVE_DATA *data; - const unsigned char *params; - - /* If no curve data curve method must handle everything */ - if (curve.data == NULL) - return ossl_ec_group_new_ex(libctx, propq, - curve.meth != NULL ? curve.meth() : NULL); - - if ((ctx = BN_CTX_new_ex(libctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_MALLOC_FAILURE); - goto err; - } - - data = curve.data; - seed_len = data->seed_len; - param_len = data->param_len; - params = (const unsigned char *)(data + 1); /* skip header */ - params += seed_len; /* skip seed */ - - if ((p = BN_bin2bn(params + 0 * param_len, param_len, NULL)) == NULL - || (a = BN_bin2bn(params + 1 * param_len, param_len, NULL)) == NULL - || (b = BN_bin2bn(params + 2 * param_len, param_len, NULL)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); - goto err; - } - - if (curve.meth != 0) { - meth = curve.meth(); - if (((group = ossl_ec_group_new_ex(libctx, propq, meth)) == NULL) || - (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - } else if (data->field_type == NID_X9_62_prime_field) { - if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - } -#ifndef OPENSSL_NO_EC2M - else { /* field_type == - * NID_X9_62_characteristic_two_field */ - - if ((group = EC_GROUP_new_curve_GF2m(p, a, b, ctx)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - } -#endif - - EC_GROUP_set_curve_name(group, curve.nid); - - if ((P = EC_POINT_new(group)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - - if ((x = BN_bin2bn(params + 3 * param_len, param_len, NULL)) == NULL - || (y = BN_bin2bn(params + 4 * param_len, param_len, NULL)) == NULL) { - ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); - goto err; - } - if (!EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - if ((order = BN_bin2bn(params + 5 * param_len, param_len, NULL)) == NULL - || !BN_set_word(x, (BN_ULONG)data->cofactor)) { - ERR_raise(ERR_LIB_EC, ERR_R_BN_LIB); - goto err; - } - if (!EC_GROUP_set_generator(group, P, order, x)) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - if (seed_len) { - if (!EC_GROUP_set_seed(group, params - seed_len, seed_len)) { - ERR_raise(ERR_LIB_EC, ERR_R_EC_LIB); - goto err; - } - } - ok = 1; - err: - if (!ok) { - EC_GROUP_free(group); - group = NULL; - } - EC_POINT_free(P); - BN_CTX_free(ctx); - BN_free(p); - BN_free(a); - BN_free(b); - BN_free(order); - BN_free(x); - BN_free(y); - return group; -} - -EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq, - int nid) -{ - EC_GROUP *ret = NULL; - const ec_list_element *curve; - - if ((curve = ec_curve_nid2curve(nid)) == NULL - || (ret = ec_group_new_from_data(libctx, propq, *curve)) == NULL) { -#ifndef FIPS_MODULE - ERR_raise_data(ERR_LIB_EC, EC_R_UNKNOWN_GROUP, - "name=%s", OBJ_nid2sn(nid)); -#else - ERR_raise(ERR_LIB_EC, EC_R_UNKNOWN_GROUP); -#endif - return NULL; - } - - return ret; -} - -#ifndef FIPS_MODULE -EC_GROUP *EC_GROUP_new_by_curve_name(int nid) -{ - return EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid); -} -#endif - -size_t EC_get_builtin_curves(EC_builtin_curve *r, size_t nitems) -{ - size_t i, min; - - if (r == NULL || nitems == 0) - return curve_list_length; - - min = nitems < curve_list_length ? nitems : curve_list_length; - - for (i = 0; i < min; i++) { - r[i].nid = curve_list[i].nid; - r[i].comment = curve_list[i].comment; - } - - return curve_list_length; -} - -const char *EC_curve_nid2nist(int nid) -{ - return ossl_ec_curve_nid2nist_int(nid); -} - -int EC_curve_nist2nid(const char *name) -{ - return ossl_ec_curve_nist2nid_int(name); -} - -#define NUM_BN_FIELDS 6 -/* - * Validates EC domain parameter data for known named curves. - * This can be used when a curve is loaded explicitly (without a curve - * name) or to validate that domain parameters have not been modified. - * - * Returns: The nid associated with the found named curve, or NID_undef - * if not found. If there was an error it returns -1. - */ -int ossl_ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx) -{ - int ret = -1, nid, len, field_type, param_len; - size_t i, seed_len; - const unsigned char *seed, *params_seed, *params; - unsigned char *param_bytes = NULL; - const EC_CURVE_DATA *data; - const EC_POINT *generator = NULL; - const BIGNUM *cofactor = NULL; - /* An array of BIGNUMs for (p, a, b, x, y, order) */ - BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL}; - - /* Use the optional named curve nid as a search field */ - nid = EC_GROUP_get_curve_name(group); - field_type = EC_GROUP_get_field_type(group); - seed_len = EC_GROUP_get_seed_len(group); - seed = EC_GROUP_get0_seed(group); - cofactor = EC_GROUP_get0_cofactor(group); - - BN_CTX_start(ctx); - - /* - * The built-in curves contains data fields (p, a, b, x, y, order) that are - * all zero-padded to be the same size. The size of the padding is - * determined by either the number of bytes in the field modulus (p) or the - * EC group order, whichever is larger. - */ - param_len = BN_num_bytes(group->order); - len = BN_num_bytes(group->field); - if (len > param_len) - param_len = len; - - /* Allocate space to store the padded data for (p, a, b, x, y, order) */ - param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS); - if (param_bytes == NULL) - goto end; - - /* Create the bignums */ - for (i = 0; i < NUM_BN_FIELDS; ++i) { - if ((bn[i] = BN_CTX_get(ctx)) == NULL) - goto end; - } - /* - * Fill in the bn array with the same values as the internal curves - * i.e. the values are p, a, b, x, y, order. - */ - /* Get p, a & b */ - if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx) - && ((generator = EC_GROUP_get0_generator(group)) != NULL) - /* Get x & y */ - && EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx) - /* Get order */ - && EC_GROUP_get_order(group, bn[5], ctx))) - goto end; - - /* - * Convert the bignum array to bytes that are joined together to form - * a single buffer that contains data for all fields. - * (p, a, b, x, y, order) are all zero padded to be the same size. - */ - for (i = 0; i < NUM_BN_FIELDS; ++i) { - if (BN_bn2binpad(bn[i], ¶m_bytes[i*param_len], param_len) <= 0) - goto end; - } - - for (i = 0; i < curve_list_length; i++) { - const ec_list_element curve = curve_list[i]; - - data = curve.data; - /* Get the raw order byte data */ - params_seed = (const unsigned char *)(data + 1); /* skip header */ - params = params_seed + data->seed_len; - - /* Look for unique fields in the fixed curve data */ - if (data->field_type == field_type - && param_len == data->param_len - && (nid <= 0 || nid == curve.nid) - /* check the optional cofactor (ignore if its zero) */ - && (BN_is_zero(cofactor) - || BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor)) - /* Check the optional seed (ignore if its not set) */ - && (data->seed_len == 0 || seed_len == 0 - || ((size_t)data->seed_len == seed_len - && memcmp(params_seed, seed, seed_len) == 0)) - /* Check that the groups params match the built-in curve params */ - && memcmp(param_bytes, params, param_len * NUM_BN_FIELDS) - == 0) { - ret = curve.nid; - goto end; - } - } - /* Gets here if the group was not found */ - ret = NID_undef; -end: - OPENSSL_free(param_bytes); - BN_CTX_end(ctx); - return ret; -} diff --git a/ectest.c b/ectest.c deleted file mode 100644 index 2ba662fdc8197a64023137f62a72e8d258a5f1cc..0000000000000000000000000000000000000000 --- a/ectest.c +++ /dev/null @@ -1,2311 +0,0 @@ -/* - * Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved. - * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/* - * EC_KEY low level APIs are deprecated for public use, but still ok for - * internal use. - */ -#include "internal/deprecated.h" - -#include -#include "internal/nelem.h" -#include "testutil.h" - -#include -#ifndef OPENSSL_NO_ENGINE -# include -#endif -#include -#include -#include -#include -#include -#include -#include -#include -#include - -static size_t crv_len = 0; -static EC_builtin_curve *curves = NULL; - -/* test multiplication with group order, long and negative scalars */ -static int group_order_tests(EC_GROUP *group) -{ - BIGNUM *n1 = NULL, *n2 = NULL, *order = NULL; - EC_POINT *P = NULL, *Q = NULL, *R = NULL, *S = NULL; - const EC_POINT *G = NULL; - BN_CTX *ctx = NULL; - int i = 0, r = 0; - - if (!TEST_ptr(n1 = BN_new()) - || !TEST_ptr(n2 = BN_new()) - || !TEST_ptr(order = BN_new()) - || !TEST_ptr(ctx = BN_CTX_new()) - || !TEST_ptr(G = EC_GROUP_get0_generator(group)) - || !TEST_ptr(P = EC_POINT_new(group)) - || !TEST_ptr(Q = EC_POINT_new(group)) - || !TEST_ptr(R = EC_POINT_new(group)) - || !TEST_ptr(S = EC_POINT_new(group))) - goto err; - - if (!TEST_true(EC_GROUP_get_order(group, order, ctx)) - || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, Q)) -#ifndef OPENSSL_NO_DEPRECATED_3_0 - || !TEST_true(EC_GROUP_precompute_mult(group, ctx)) -#endif - || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, Q)) - || !TEST_true(EC_POINT_copy(P, G)) - || !TEST_true(BN_one(n1)) - || !TEST_true(EC_POINT_mul(group, Q, n1, NULL, NULL, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) - || !TEST_true(BN_sub(n1, order, n1)) - || !TEST_true(EC_POINT_mul(group, Q, n1, NULL, NULL, ctx)) - || !TEST_true(EC_POINT_invert(group, Q, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) - goto err; - - for (i = 1; i <= 2; i++) { -#ifndef OPENSSL_NO_DEPRECATED_3_0 - const BIGNUM *scalars[6]; - const EC_POINT *points[6]; -#endif - - if (!TEST_true(BN_set_word(n1, i)) - /* - * If i == 1, P will be the predefined generator for which - * EC_GROUP_precompute_mult has set up precomputation. - */ - || !TEST_true(EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) - || (i == 1 && !TEST_int_eq(0, EC_POINT_cmp(group, P, G, ctx))) - || !TEST_true(BN_one(n1)) - /* n1 = 1 - order */ - || !TEST_true(BN_sub(n1, n1, order)) - || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n1, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) - - /* n2 = 1 + order */ - || !TEST_true(BN_add(n2, order, BN_value_one())) - || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) - - /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ - || !TEST_true(BN_mul(n2, n1, n2, ctx)) - || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) - goto err; - - /* n2 = order^2 - 1 */ - BN_set_negative(n2, 0); - if (!TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - /* Add P to verify the result. */ - || !TEST_true(EC_POINT_add(group, Q, Q, P, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, Q)) - || !TEST_false(EC_POINT_is_at_infinity(group, P))) - goto err; - -#ifndef OPENSSL_NO_DEPRECATED_3_0 - /* Exercise EC_POINTs_mul, including corner cases. */ - scalars[0] = scalars[1] = BN_value_one(); - points[0] = points[1] = P; - - if (!TEST_true(EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) - || !TEST_true(EC_POINT_dbl(group, S, points[0], ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, R, S, ctx))) - goto err; - - scalars[0] = n1; - points[0] = Q; /* => infinity */ - scalars[1] = n2; - points[1] = P; /* => -P */ - scalars[2] = n1; - points[2] = Q; /* => infinity */ - scalars[3] = n2; - points[3] = Q; /* => infinity */ - scalars[4] = n1; - points[4] = P; /* => P */ - scalars[5] = n2; - points[5] = Q; /* => infinity */ - if (!TEST_true(EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, P))) - goto err; -#endif - } - - r = 1; -err: - if (r == 0 && i != 0) - TEST_info(i == 1 ? "allowing precomputation" : - "without precomputation"); - EC_POINT_free(P); - EC_POINT_free(Q); - EC_POINT_free(R); - EC_POINT_free(S); - BN_free(n1); - BN_free(n2); - BN_free(order); - BN_CTX_free(ctx); - return r; -} - -static int prime_field_tests(void) -{ - BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *scalar3 = NULL; - EC_GROUP *group = NULL; - EC_POINT *P = NULL, *Q = NULL, *R = NULL; - BIGNUM *x = NULL, *y = NULL, *z = NULL, *yplusone = NULL; -#ifndef OPENSSL_NO_DEPRECATED_3_0 - const EC_POINT *points[4]; - const BIGNUM *scalars[4]; -#endif - unsigned char buf[100]; - size_t len, r = 0; - int k; - - if (!TEST_ptr(ctx = BN_CTX_new()) - || !TEST_ptr(p = BN_new()) - || !TEST_ptr(a = BN_new()) - || !TEST_ptr(b = BN_new()) - /* - * applications should use EC_GROUP_new_curve_GFp so - * that the library gets to choose the EC_METHOD - */ - || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method()))) - goto err; - - buf[0] = 0; - if (!TEST_ptr(P = EC_POINT_new(group)) - || !TEST_ptr(Q = EC_POINT_new(group)) - || !TEST_ptr(R = EC_POINT_new(group)) - || !TEST_ptr(x = BN_new()) - || !TEST_ptr(y = BN_new()) - || !TEST_ptr(z = BN_new()) - || !TEST_ptr(yplusone = BN_new())) - goto err; - - /* Curve P-224 (FIPS PUB 186-2, App. 6) */ - - if (!TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFF000000000000000000000001")) - || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) - || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) - || !TEST_true(BN_hex2bn(&b, "B4050A850C04B3ABF5413256" - "5044B0B7D7BFD8BA270B39432355FFB4")) - || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) - || !TEST_true(BN_hex2bn(&x, "B70E0CBD6BB4BF7F321390B9" - "4A03C1D356C21122343280D6115C1D21")) - || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) - || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) - || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF" - "FFFF16A2E0B8F03E13DD29455C5C2A3D")) - || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) - || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) - goto err; - - TEST_info("NIST curve P-224 -- Generator"); - test_output_bignum("x", x); - test_output_bignum("y", y); - /* G_y value taken from the standard: */ - if (!TEST_true(BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6" - "CD4375A05A07476444D5819985007E34")) - || !TEST_BN_eq(y, z) - || !TEST_true(BN_add(yplusone, y, BN_value_one())) - /* - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, - * and therefore setting the coordinates should fail. - */ - || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, - ctx)) - || !TEST_int_eq(EC_GROUP_get_degree(group), 224) - || !group_order_tests(group) - - /* Curve P-256 (FIPS PUB 186-2, App. 6) */ - - || !TEST_true(BN_hex2bn(&p, "FFFFFFFF000000010000000000000000" - "00000000FFFFFFFFFFFFFFFFFFFFFFFF")) - || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) - || !TEST_true(BN_hex2bn(&a, "FFFFFFFF000000010000000000000000" - "00000000FFFFFFFFFFFFFFFFFFFFFFFC")) - || !TEST_true(BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC" - "651D06B0CC53B0F63BCE3C3E27D2604B")) - || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) - - || !TEST_true(BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F2" - "77037D812DEB33A0F4A13945D898C296")) - || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) - || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) - || !TEST_true(BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFF" - "BCE6FAADA7179E84F3B9CAC2FC632551")) - || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) - || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) - goto err; - - TEST_info("NIST curve P-256 -- Generator"); - test_output_bignum("x", x); - test_output_bignum("y", y); - /* G_y value taken from the standard: */ - if (!TEST_true(BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" - "2BCE33576B315ECECBB6406837BF51F5")) - || !TEST_BN_eq(y, z) - || !TEST_true(BN_add(yplusone, y, BN_value_one())) - /* - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, - * and therefore setting the coordinates should fail. - */ - || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, - ctx)) - || !TEST_int_eq(EC_GROUP_get_degree(group), 256) - || !group_order_tests(group) - - /* Curve P-384 (FIPS PUB 186-2, App. 6) */ - - || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" - "FFFFFFFF0000000000000000FFFFFFFF")) - || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) - || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" - "FFFFFFFF0000000000000000FFFFFFFC")) - || !TEST_true(BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19" - "181D9C6EFE8141120314088F5013875A" - "C656398D8A2ED19D2A85C8EDD3EC2AEF")) - || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) - - || !TEST_true(BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD74" - "6E1D3B628BA79B9859F741E082542A38" - "5502F25DBF55296C3A545E3872760AB7")) - || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) - || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) - || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFC7634D81F4372DDF" - "581A0DB248B0A77AECEC196ACCC52973")) - || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) - || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) - goto err; - - TEST_info("NIST curve P-384 -- Generator"); - test_output_bignum("x", x); - test_output_bignum("y", y); - /* G_y value taken from the standard: */ - if (!TEST_true(BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29" - "F8F41DBD289A147CE9DA3113B5F0B8C0" - "0A60B1CE1D7E819D7A431D7C90EA0E5F")) - || !TEST_BN_eq(y, z) - || !TEST_true(BN_add(yplusone, y, BN_value_one())) - /* - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, - * and therefore setting the coordinates should fail. - */ - || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, - ctx)) - || !TEST_int_eq(EC_GROUP_get_degree(group), 384) - || !group_order_tests(group) - - /* Curve P-521 (FIPS PUB 186-2, App. 6) */ - || !TEST_true(BN_hex2bn(&p, "1FF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")) - || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) - || !TEST_true(BN_hex2bn(&a, "1FF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC")) - || !TEST_true(BN_hex2bn(&b, "051" - "953EB9618E1C9A1F929A21A0B68540EE" - "A2DA725B99B315F3B8B489918EF109E1" - "56193951EC7E937B1652C0BD3BB1BF07" - "3573DF883D2C34F1EF451FD46B503F00")) - || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) - || !TEST_true(BN_hex2bn(&x, "C6" - "858E06B70404E9CD9E3ECB662395B442" - "9C648139053FB521F828AF606B4D3DBA" - "A14B5E77EFE75928FE1DC127A2FFA8DE" - "3348B3C1856A429BF97E7E31C2E5BD66")) - || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) - || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) - || !TEST_true(BN_hex2bn(&z, "1FF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA" - "51868783BF2F966B7FCC0148F709A5D0" - "3BB5C9B8899C47AEBB6FB71E91386409")) - || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) - || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) - goto err; - - TEST_info("NIST curve P-521 -- Generator"); - test_output_bignum("x", x); - test_output_bignum("y", y); - /* G_y value taken from the standard: */ - if (!TEST_true(BN_hex2bn(&z, "118" - "39296A789A3BC0045C8A5FB42C7D1BD9" - "98F54449579B446817AFBD17273E662C" - "97EE72995EF42640C550B9013FAD0761" - "353C7086A272C24088BE94769FD16650")) - || !TEST_BN_eq(y, z) - || !TEST_true(BN_add(yplusone, y, BN_value_one())) - /* - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, - * and therefore setting the coordinates should fail. - */ - || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, - ctx)) - || !TEST_int_eq(EC_GROUP_get_degree(group), 521) - || !group_order_tests(group) - - /* more tests using the last curve */ - - /* Restore the point that got mangled in the (x, y + 1) test. */ - || !TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) - || !TEST_true(EC_POINT_copy(Q, P)) - || !TEST_false(EC_POINT_is_at_infinity(group, Q)) - || !TEST_true(EC_POINT_dbl(group, P, P, ctx)) - || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) - || !TEST_true(EC_POINT_invert(group, Q, ctx)) /* P = -2Q */ - || !TEST_true(EC_POINT_add(group, R, P, Q, ctx)) - || !TEST_true(EC_POINT_add(group, R, R, Q, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, R)) /* R = P + 2Q */ - || !TEST_false(EC_POINT_is_at_infinity(group, Q))) - goto err; - -#ifndef OPENSSL_NO_DEPRECATED_3_0 - TEST_note("combined multiplication ..."); - points[0] = Q; - points[1] = Q; - points[2] = Q; - points[3] = Q; - - if (!TEST_true(EC_GROUP_get_order(group, z, ctx)) - || !TEST_true(BN_add(y, z, BN_value_one())) - || !TEST_BN_even(y) - || !TEST_true(BN_rshift1(y, y))) - goto err; - - scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ - scalars[1] = y; - - /* z is still the group order */ - if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) - || !TEST_true(EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, R, Q, ctx)) - || !TEST_true(BN_rand(y, BN_num_bits(y), 0, 0)) - || !TEST_true(BN_add(z, z, y))) - goto err; - BN_set_negative(z, 1); - scalars[0] = y; - scalars[1] = z; /* z = -(order + y) */ - - if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, P)) - || !TEST_true(BN_rand(x, BN_num_bits(y) - 1, 0, 0)) - || !TEST_true(BN_add(z, x, y))) - goto err; - BN_set_negative(z, 1); - scalars[0] = x; - scalars[1] = y; - scalars[2] = z; /* z = -(x+y) */ - - if (!TEST_ptr(scalar3 = BN_new())) - goto err; - BN_zero(scalar3); - scalars[3] = scalar3; - - if (!TEST_true(EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) - || !TEST_true(EC_POINT_is_at_infinity(group, P))) - goto err; -#endif - TEST_note(" ok\n"); - r = 1; -err: - BN_CTX_free(ctx); - BN_free(p); - BN_free(a); - BN_free(b); - EC_GROUP_free(group); - EC_POINT_free(P); - EC_POINT_free(Q); - EC_POINT_free(R); - BN_free(x); - BN_free(y); - BN_free(z); - BN_free(yplusone); - BN_free(scalar3); - return r; -} - -static int internal_curve_test(int n) -{ - EC_GROUP *group = NULL; - int nid = curves[n].nid; - - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) { - TEST_info("EC_GROUP_new_curve_name() failed with curve %s\n", - OBJ_nid2sn(nid)); - return 0; - } - if (!TEST_true(EC_GROUP_check(group, NULL))) { - TEST_info("EC_GROUP_check() failed with curve %s\n", OBJ_nid2sn(nid)); - EC_GROUP_free(group); - return 0; - } - EC_GROUP_free(group); - return 1; -} - -static int internal_curve_test_method(int n) -{ - int r, nid = curves[n].nid; - EC_GROUP *group; - - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) { - TEST_info("Curve %s failed\n", OBJ_nid2sn(nid)); - return 0; - } - r = group_order_tests(group); - EC_GROUP_free(group); - return r; -} - -static int group_field_test(void) -{ - int r = 1; - BIGNUM *secp521r1_field = NULL; - BIGNUM *sect163r2_field = NULL; - EC_GROUP *secp521r1_group = NULL; - EC_GROUP *sect163r2_group = NULL; - - BN_hex2bn(&secp521r1_field, - "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFF"); - - - BN_hex2bn(§163r2_field, - "08000000000000000000000000000000" - "00000000C9"); - - secp521r1_group = EC_GROUP_new_by_curve_name(NID_secp521r1); - if (BN_cmp(secp521r1_field, EC_GROUP_get0_field(secp521r1_group))) - r = 0; - - # ifndef OPENSSL_NO_EC2M - sect163r2_group = EC_GROUP_new_by_curve_name(NID_sect163r2); - if (BN_cmp(sect163r2_field, EC_GROUP_get0_field(sect163r2_group))) - r = 0; - # endif - - EC_GROUP_free(secp521r1_group); - EC_GROUP_free(sect163r2_group); - BN_free(secp521r1_field); - BN_free(sect163r2_field); - return r; -} -/* - * nistp_test_params contains magic numbers for testing - * several NIST curves with characteristic > 3. - */ -struct nistp_test_params { - const int nid; - int degree; - /* - * Qx, Qy and D are taken from - * http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/ECDSA_Prime.pdf - * Otherwise, values are standard curve parameters from FIPS 180-3 - */ - const char *p, *a, *b, *Qx, *Qy, *Gx, *Gy, *order, *d; -}; - -static const struct nistp_test_params nistp_tests_params[] = { - { - /* P-224 */ - NID_secp224r1, - 224, - /* p */ - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", - /* a */ - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE", - /* b */ - "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", - /* Qx */ - "E84FB0B8E7000CB657D7973CF6B42ED78B301674276DF744AF130B3E", - /* Qy */ - "4376675C6FC5612C21A0FF2D2A89D2987DF7A2BC52183B5982298555", - /* Gx */ - "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", - /* Gy */ - "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", - /* order */ - "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", - /* d */ - "3F0C488E987C80BE0FEE521F8D90BE6034EC69AE11CA72AA777481E8", - }, - { - /* P-256 */ - NID_X9_62_prime256v1, - 256, - /* p */ - "ffffffff00000001000000000000000000000000ffffffffffffffffffffffff", - /* a */ - "ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", - /* b */ - "5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", - /* Qx */ - "b7e08afdfe94bad3f1dc8c734798ba1c62b3a0ad1e9ea2a38201cd0889bc7a19", - /* Qy */ - "3603f747959dbf7a4bb226e41928729063adc7ae43529e61b563bbc606cc5e09", - /* Gx */ - "6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", - /* Gy */ - "4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", - /* order */ - "ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", - /* d */ - "c477f9f65c22cce20657faa5b2d1d8122336f851a508a1ed04e479c34985bf96", - }, - { - /* P-521 */ - NID_secp521r1, - 521, - /* p */ - "1ff" - "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" - "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - /* a */ - "1ff" - "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" - "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", - /* b */ - "051" - "953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e1" - "56193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", - /* Qx */ - "0098" - "e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e" - "59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", - /* Qy */ - "0164" - "350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8" - "554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", - /* Gx */ - "c6" - "858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dba" - "a14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", - /* Gy */ - "118" - "39296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c" - "97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", - /* order */ - "1ff" - "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa" - "51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", - /* d */ - "0100" - "085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eee" - "df09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", - }, -}; - -static int nistp_single_test(int idx) -{ - const struct nistp_test_params *test = nistp_tests_params + idx; - BN_CTX *ctx = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; - BIGNUM *n = NULL, *m = NULL, *order = NULL, *yplusone = NULL; - EC_GROUP *NISTP = NULL; - EC_POINT *G = NULL, *P = NULL, *Q = NULL, *Q_CHECK = NULL; - int r = 0; - - TEST_note("NIST curve P-%d (optimised implementation):", - test->degree); - if (!TEST_ptr(ctx = BN_CTX_new()) - || !TEST_ptr(p = BN_new()) - || !TEST_ptr(a = BN_new()) - || !TEST_ptr(b = BN_new()) - || !TEST_ptr(x = BN_new()) - || !TEST_ptr(y = BN_new()) - || !TEST_ptr(m = BN_new()) - || !TEST_ptr(n = BN_new()) - || !TEST_ptr(order = BN_new()) - || !TEST_ptr(yplusone = BN_new()) - - || !TEST_ptr(NISTP = EC_GROUP_new_by_curve_name(test->nid)) - || !TEST_true(BN_hex2bn(&p, test->p)) - || !TEST_int_eq(1, BN_check_prime(p, ctx, NULL)) - || !TEST_true(BN_hex2bn(&a, test->a)) - || !TEST_true(BN_hex2bn(&b, test->b)) - || !TEST_true(EC_GROUP_set_curve(NISTP, p, a, b, ctx)) - || !TEST_ptr(G = EC_POINT_new(NISTP)) - || !TEST_ptr(P = EC_POINT_new(NISTP)) - || !TEST_ptr(Q = EC_POINT_new(NISTP)) - || !TEST_ptr(Q_CHECK = EC_POINT_new(NISTP)) - || !TEST_true(BN_hex2bn(&x, test->Qx)) - || !TEST_true(BN_hex2bn(&y, test->Qy)) - || !TEST_true(BN_add(yplusone, y, BN_value_one())) - /* - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, - * and therefore setting the coordinates should fail. - */ - || !TEST_false(EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, - yplusone, ctx)) - || !TEST_true(EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, y, - ctx)) - || !TEST_true(BN_hex2bn(&x, test->Gx)) - || !TEST_true(BN_hex2bn(&y, test->Gy)) - || !TEST_true(EC_POINT_set_affine_coordinates(NISTP, G, x, y, ctx)) - || !TEST_true(BN_hex2bn(&order, test->order)) - || !TEST_true(EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) - || !TEST_int_eq(EC_GROUP_get_degree(NISTP), test->degree)) - goto err; - - TEST_note("NIST test vectors ... "); - if (!TEST_true(BN_hex2bn(&n, test->d))) - goto err; - /* fixed point multiplication */ - EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) - goto err; - /* random point multiplication */ - EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - - /* set generator to P = 2*G, where G is the standard generator */ - || !TEST_true(EC_POINT_dbl(NISTP, P, G, ctx)) - || !TEST_true(EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) - /* set the scalar to m=n/2, where n is the NIST test scalar */ - || !TEST_true(BN_rshift(m, n, 1))) - goto err; - - /* test the non-standard generator */ - /* fixed point multiplication */ - EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) - goto err; - /* random point multiplication */ - EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) -#ifndef OPENSSL_NO_DEPRECATED_3_0 - /* We have not performed precomp so this should be false */ - || !TEST_false(EC_GROUP_have_precompute_mult(NISTP)) - /* now repeat all tests with precomputation */ - || !TEST_true(EC_GROUP_precompute_mult(NISTP, ctx)) -#endif - ) - goto err; - - /* fixed point multiplication */ - EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) - goto err; - /* random point multiplication */ - EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - - /* reset generator */ - || !TEST_true(EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))) - goto err; - /* fixed point multiplication */ - EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) - goto err; - /* random point multiplication */ - EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); - if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) - goto err; - - /* regression test for felem_neg bug */ - if (!TEST_true(BN_set_word(m, 32)) - || !TEST_true(BN_set_word(n, 31)) - || !TEST_true(EC_POINT_copy(P, G)) - || !TEST_true(EC_POINT_invert(NISTP, P, ctx)) - || !TEST_true(EC_POINT_mul(NISTP, Q, m, P, n, ctx)) - || !TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, G, ctx))) - goto err; - - r = 1; -err: - EC_GROUP_free(NISTP); - EC_POINT_free(G); - EC_POINT_free(P); - EC_POINT_free(Q); - EC_POINT_free(Q_CHECK); - BN_free(n); - BN_free(m); - BN_free(p); - BN_free(a); - BN_free(b); - BN_free(x); - BN_free(y); - BN_free(order); - BN_free(yplusone); - BN_CTX_free(ctx); - return r; -} - -static const unsigned char p521_named[] = { - 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23, -}; - -static const unsigned char p521_explicit[] = { - 0x30, 0x82, 0x01, 0xc3, 0x02, 0x01, 0x01, 0x30, 0x4d, 0x06, 0x07, 0x2a, - 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x42, 0x01, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0x30, 0x81, 0x9f, 0x04, 0x42, 0x01, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xfc, 0x04, 0x42, 0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, 0x9a, - 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85, 0x40, 0xee, 0xa2, 0xda, 0x72, - 0x5b, 0x99, 0xb3, 0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1, 0x09, - 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e, 0x93, 0x7b, 0x16, 0x52, 0xc0, - 0xbd, 0x3b, 0xb1, 0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c, 0x34, - 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50, 0x3f, 0x00, 0x03, 0x15, 0x00, - 0xd0, 0x9e, 0x88, 0x00, 0x29, 0x1c, 0xb8, 0x53, 0x96, 0xcc, 0x67, 0x17, - 0x39, 0x32, 0x84, 0xaa, 0xa0, 0xda, 0x64, 0xba, 0x04, 0x81, 0x85, 0x04, - 0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, 0xe9, 0xcd, 0x9e, 0x3e, - 0xcb, 0x66, 0x23, 0x95, 0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f, - 0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d, 0x3d, 0xba, 0xa1, 0x4b, - 0x5e, 0x77, 0xef, 0xe7, 0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff, - 0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a, 0x42, 0x9b, 0xf9, 0x7e, - 0x7e, 0x31, 0xc2, 0xe5, 0xbd, 0x66, 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, - 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, - 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b, 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, - 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, - 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, - 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50, - 0x02, 0x42, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfa, - 0x51, 0x86, 0x87, 0x83, 0xbf, 0x2f, 0x96, 0x6b, 0x7f, 0xcc, 0x01, 0x48, - 0xf7, 0x09, 0xa5, 0xd0, 0x3b, 0xb5, 0xc9, 0xb8, 0x89, 0x9c, 0x47, 0xae, - 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01, -}; - -/* - * This test validates a named curve's group parameters using - * EC_GROUP_check_named_curve(). It also checks that modifying any of the - * group parameters results in the curve not being valid. - */ -static int check_named_curve_test(int id) -{ - int ret = 0, nid, field_nid, has_seed; - EC_GROUP *group = NULL, *gtest = NULL; - const EC_POINT *group_gen = NULL; - EC_POINT *other_gen = NULL; - BIGNUM *group_p = NULL, *group_a = NULL, *group_b = NULL; - BIGNUM *other_p = NULL, *other_a = NULL, *other_b = NULL; - BIGNUM *group_cofactor = NULL, *other_cofactor = NULL; - BIGNUM *other_order = NULL; - const BIGNUM *group_order = NULL; - BN_CTX *bn_ctx = NULL; - static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED"; - static size_t invalid_seed_len = sizeof(invalid_seed); - - /* Do some setup */ - nid = curves[id].nid; - if (!TEST_ptr(bn_ctx = BN_CTX_new()) - || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) - || !TEST_ptr(gtest = EC_GROUP_dup(group)) - || !TEST_ptr(group_p = BN_new()) - || !TEST_ptr(group_a = BN_new()) - || !TEST_ptr(group_b = BN_new()) - || !TEST_ptr(group_cofactor = BN_new()) - || !TEST_ptr(group_gen = EC_GROUP_get0_generator(group)) - || !TEST_ptr(group_order = EC_GROUP_get0_order(group)) - || !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL)) - || !TEST_true(EC_GROUP_get_curve(group, group_p, group_a, group_b, NULL)) - || !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group)) - || !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL)) - || !TEST_ptr(other_order = BN_dup(group_order)) - || !TEST_true(BN_add_word(other_order, 1)) - || !TEST_ptr(other_a = BN_dup(group_a)) - || !TEST_true(BN_add_word(other_a, 1)) - || !TEST_ptr(other_b = BN_dup(group_b)) - || !TEST_true(BN_add_word(other_b, 1)) - || !TEST_ptr(other_cofactor = BN_dup(group_cofactor)) - || !TEST_true(BN_add_word(other_cofactor, 1))) - goto err; - - /* Determine if the built-in curve has a seed field set */ - has_seed = (EC_GROUP_get_seed_len(group) > 0); - field_nid = EC_GROUP_get_field_type(group); - if (field_nid == NID_X9_62_characteristic_two_field) { - if (!TEST_ptr(other_p = BN_dup(group_p)) - || !TEST_true(BN_lshift1(other_p, other_p))) - goto err; - } else { - if (!TEST_ptr(other_p = BN_dup(group_p))) - goto err; - /* - * Just choosing any arbitrary prime does not work.. - * Setting p via ec_GFp_nist_group_set_curve() needs the prime to be a - * nist prime. So only select one of these as an alternate prime. - */ - if (!TEST_ptr(BN_copy(other_p, - BN_ucmp(BN_get0_nist_prime_192(), other_p) == 0 ? - BN_get0_nist_prime_256() : - BN_get0_nist_prime_192()))) - goto err; - } - - /* Passes because this is a valid curve */ - if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid) - /* Only NIST curves pass */ - || !TEST_int_eq(EC_GROUP_check_named_curve(group, 1, NULL), - EC_curve_nid2nist(nid) != NULL ? nid : NID_undef)) - goto err; - - /* Fail if the curve name doesn't match the parameters */ - EC_GROUP_set_curve_name(group, nid + 1); - ERR_set_mark(); - if (!TEST_int_le(EC_GROUP_check_named_curve(group, 0, NULL), 0)) - goto err; - ERR_pop_to_mark(); - - /* Restore curve name and ensure it's passing */ - EC_GROUP_set_curve_name(group, nid); - if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)) - goto err; - - if (!TEST_int_eq(EC_GROUP_set_seed(group, invalid_seed, invalid_seed_len), - invalid_seed_len)) - goto err; - - if (has_seed) { - /* - * If the built-in curve has a seed and we set the seed to another value - * then it will fail the check. - */ - if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), 0)) - goto err; - } else { - /* - * If the built-in curve does not have a seed then setting the seed will - * pass the check (as the seed is optional). - */ - if (!TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)) - goto err; - } - /* Pass if the seed is unknown (as it is optional) */ - if (!TEST_int_eq(EC_GROUP_set_seed(group, NULL, 0), 1) - || !TEST_int_eq(EC_GROUP_check_named_curve(group, 0, NULL), nid)) - goto err; - - /* Check that a duped group passes */ - if (!TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)) - goto err; - - /* check that changing any generator parameter fails */ - if (!TEST_true(EC_GROUP_set_generator(gtest, other_gen, group_order, - group_cofactor)) - || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0) - || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, other_order, - group_cofactor)) - || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0) - /* The order is not an optional field, so this should fail */ - || !TEST_false(EC_GROUP_set_generator(gtest, group_gen, NULL, - group_cofactor)) - || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order, - other_cofactor)) - || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), 0) - /* Check that if the cofactor is not set then it still passes */ - || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order, - NULL)) - || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid) - /* check that restoring the generator passes */ - || !TEST_true(EC_GROUP_set_generator(gtest, group_gen, group_order, - group_cofactor)) - || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)) - goto err; - - /* - * check that changing any curve parameter fails - * - * Setting arbitrary p, a or b might fail for some EC_GROUPs - * depending on the internal EC_METHOD implementation, hence run - * these tests conditionally to the success of EC_GROUP_set_curve(). - */ - ERR_set_mark(); - if (EC_GROUP_set_curve(gtest, other_p, group_a, group_b, NULL)) { - if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)) - goto err; - } else { - /* clear the error stack if EC_GROUP_set_curve() failed */ - ERR_pop_to_mark(); - ERR_set_mark(); - } - if (EC_GROUP_set_curve(gtest, group_p, other_a, group_b, NULL)) { - if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)) - goto err; - } else { - /* clear the error stack if EC_GROUP_set_curve() failed */ - ERR_pop_to_mark(); - ERR_set_mark(); - } - if (EC_GROUP_set_curve(gtest, group_p, group_a, other_b, NULL)) { - if (!TEST_int_le(EC_GROUP_check_named_curve(gtest, 0, NULL), 0)) - goto err; - } else { - /* clear the error stack if EC_GROUP_set_curve() failed */ - ERR_pop_to_mark(); - ERR_set_mark(); - } - ERR_pop_to_mark(); - - /* Check that restoring the curve parameters passes */ - if (!TEST_true(EC_GROUP_set_curve(gtest, group_p, group_a, group_b, NULL)) - || !TEST_int_eq(EC_GROUP_check_named_curve(gtest, 0, NULL), nid)) - goto err; - - ret = 1; -err: - BN_free(group_p); - BN_free(other_p); - BN_free(group_a); - BN_free(other_a); - BN_free(group_b); - BN_free(other_b); - BN_free(group_cofactor); - BN_free(other_cofactor); - BN_free(other_order); - EC_POINT_free(other_gen); - EC_GROUP_free(gtest); - EC_GROUP_free(group); - BN_CTX_free(bn_ctx); - return ret; -} - -/* - * This checks the lookup capability of EC_GROUP_check_named_curve() - * when the given group was created with explicit parameters. - * - * It is possible to retrieve an alternative alias that does not match - * the original nid in this case. - */ -static int check_named_curve_lookup_test(int id) -{ - int ret = 0, nid, rv = 0; - EC_GROUP *g = NULL , *ga = NULL; - ECPARAMETERS *p = NULL, *pa = NULL; - BN_CTX *ctx = NULL; - - /* Do some setup */ - nid = curves[id].nid; - if (!TEST_ptr(ctx = BN_CTX_new()) - || !TEST_ptr(g = EC_GROUP_new_by_curve_name(nid)) - || !TEST_ptr(p = EC_GROUP_get_ecparameters(g, NULL))) - goto err; - - /* replace with group from explicit parameters */ - EC_GROUP_free(g); - if (!TEST_ptr(g = EC_GROUP_new_from_ecparameters(p))) - goto err; - - if (!TEST_int_gt(rv = EC_GROUP_check_named_curve(g, 0, NULL), 0)) - goto err; - if (rv != nid) { - /* - * Found an alias: - * fail if the returned nid is not an alias of the original group. - * - * The comparison here is done by comparing two explicit - * parameter EC_GROUPs with EC_GROUP_cmp(), to ensure the - * comparison happens with unnamed EC_GROUPs using the same - * EC_METHODs. - */ - if (!TEST_ptr(ga = EC_GROUP_new_by_curve_name(rv)) - || !TEST_ptr(pa = EC_GROUP_get_ecparameters(ga, NULL))) - goto err; - - /* replace with group from explicit parameters, then compare */ - EC_GROUP_free(ga); - if (!TEST_ptr(ga = EC_GROUP_new_from_ecparameters(pa)) - || !TEST_int_eq(EC_GROUP_cmp(g, ga, ctx), 0)) - goto err; - } - - ret = 1; - - err: - EC_GROUP_free(g); - EC_GROUP_free(ga); - ECPARAMETERS_free(p); - ECPARAMETERS_free(pa); - BN_CTX_free(ctx); - - return ret; -} - -/* - * Sometime we cannot compare nids for equality, as the built-in curve table - * includes aliases with different names for the same curve. - * - * This function returns TRUE (1) if the checked nids are identical, or if they - * alias to the same curve. FALSE (0) otherwise. - */ -static ossl_inline -int are_ec_nids_compatible(int n1d, int n2d) -{ - int ret = 0; - switch (n1d) { -#ifndef OPENSSL_NO_EC2M - case NID_sect113r1: - case NID_wap_wsg_idm_ecid_wtls4: - ret = (n2d == NID_sect113r1 || n2d == NID_wap_wsg_idm_ecid_wtls4); - break; - case NID_sect163k1: - case NID_wap_wsg_idm_ecid_wtls3: - ret = (n2d == NID_sect163k1 || n2d == NID_wap_wsg_idm_ecid_wtls3); - break; - case NID_sect233k1: - case NID_wap_wsg_idm_ecid_wtls10: - ret = (n2d == NID_sect233k1 || n2d == NID_wap_wsg_idm_ecid_wtls10); - break; - case NID_sect233r1: - case NID_wap_wsg_idm_ecid_wtls11: - ret = (n2d == NID_sect233r1 || n2d == NID_wap_wsg_idm_ecid_wtls11); - break; - case NID_X9_62_c2pnb163v1: - case NID_wap_wsg_idm_ecid_wtls5: - ret = (n2d == NID_X9_62_c2pnb163v1 - || n2d == NID_wap_wsg_idm_ecid_wtls5); - break; -#endif /* OPENSSL_NO_EC2M */ - case NID_secp112r1: - case NID_wap_wsg_idm_ecid_wtls6: - ret = (n2d == NID_secp112r1 || n2d == NID_wap_wsg_idm_ecid_wtls6); - break; - case NID_secp160r2: - case NID_wap_wsg_idm_ecid_wtls7: - ret = (n2d == NID_secp160r2 || n2d == NID_wap_wsg_idm_ecid_wtls7); - break; -#ifdef OPENSSL_NO_EC_NISTP_64_GCC_128 - case NID_secp224r1: - case NID_wap_wsg_idm_ecid_wtls12: - ret = (n2d == NID_secp224r1 || n2d == NID_wap_wsg_idm_ecid_wtls12); - break; -#else - /* - * For SEC P-224 we want to ensure that the SECP nid is returned, as - * that is associated with a specialized method. - */ - case NID_wap_wsg_idm_ecid_wtls12: - ret = (n2d == NID_secp224r1); - break; -#endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ - - default: - ret = (n1d == n2d); - } - return ret; -} - -/* - * This checks that EC_GROUP_bew_from_ecparameters() returns a "named" - * EC_GROUP for built-in curves. - * - * Note that it is possible to retrieve an alternative alias that does not match - * the original nid. - * - * Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. - */ -static int check_named_curve_from_ecparameters(int id) -{ - int ret = 0, nid, tnid; - EC_GROUP *group = NULL, *tgroup = NULL, *tmpg = NULL; - const EC_POINT *group_gen = NULL; - EC_POINT *other_gen = NULL; - BIGNUM *group_cofactor = NULL, *other_cofactor = NULL; - BIGNUM *other_gen_x = NULL, *other_gen_y = NULL; - const BIGNUM *group_order = NULL; - BIGNUM *other_order = NULL; - BN_CTX *bn_ctx = NULL; - static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED"; - static size_t invalid_seed_len = sizeof(invalid_seed); - ECPARAMETERS *params = NULL, *other_params = NULL; - EC_GROUP *g_ary[8] = {NULL}; - EC_GROUP **g_next = &g_ary[0]; - ECPARAMETERS *p_ary[8] = {NULL}; - ECPARAMETERS **p_next = &p_ary[0]; - - /* Do some setup */ - nid = curves[id].nid; - TEST_note("Curve %s", OBJ_nid2sn(nid)); - if (!TEST_ptr(bn_ctx = BN_CTX_new())) - return ret; - BN_CTX_start(bn_ctx); - - if (/* Allocations */ - !TEST_ptr(group_cofactor = BN_CTX_get(bn_ctx)) - || !TEST_ptr(other_gen_x = BN_CTX_get(bn_ctx)) - || !TEST_ptr(other_gen_y = BN_CTX_get(bn_ctx)) - || !TEST_ptr(other_order = BN_CTX_get(bn_ctx)) - || !TEST_ptr(other_cofactor = BN_CTX_get(bn_ctx)) - /* Generate reference group and params */ - || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) - || !TEST_ptr(params = EC_GROUP_get_ecparameters(group, NULL)) - || !TEST_ptr(group_gen = EC_GROUP_get0_generator(group)) - || !TEST_ptr(group_order = EC_GROUP_get0_order(group)) - || !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL)) - /* compute `other_*` values */ - || !TEST_ptr(tmpg = EC_GROUP_dup(group)) - || !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group)) - || !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL)) - || !TEST_true(EC_POINT_get_affine_coordinates(group, other_gen, - other_gen_x, other_gen_y, bn_ctx)) - || !TEST_true(BN_copy(other_order, group_order)) - || !TEST_true(BN_add_word(other_order, 1)) - || !TEST_true(BN_copy(other_cofactor, group_cofactor)) - || !TEST_true(BN_add_word(other_cofactor, 1))) - goto err; - - EC_POINT_free(other_gen); - other_gen = NULL; - - if (!TEST_ptr(other_gen = EC_POINT_new(tmpg)) - || !TEST_true(EC_POINT_set_affine_coordinates(tmpg, other_gen, - other_gen_x, other_gen_y, - bn_ctx))) - goto err; - - /* - * ########################### - * # Actual tests start here # - * ########################### - */ - - /* - * Creating a group from built-in explicit parameters returns a - * "named" EC_GROUP - */ - if (!TEST_ptr(tgroup = *g_next++ = EC_GROUP_new_from_ecparameters(params)) - || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)) - goto err; - /* - * We cannot always guarantee the names match, as the built-in table - * contains aliases for the same curve with different names. - */ - if (!TEST_true(are_ec_nids_compatible(nid, tnid))) { - TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid)); - goto err; - } - /* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. */ - if (!TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), OPENSSL_EC_EXPLICIT_CURVE)) - goto err; - - /* - * An invalid seed in the parameters should be ignored: expect a "named" - * group. - */ - if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, invalid_seed, invalid_seed_len), - invalid_seed_len) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - || !TEST_true(are_ec_nids_compatible(nid, tnid)) - || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), - OPENSSL_EC_EXPLICIT_CURVE)) { - TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid)); - goto err; - } - - /* - * A null seed in the parameters should be ignored, as it is optional: - * expect a "named" group. - */ - if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, NULL, 0), 1) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - || !TEST_true(are_ec_nids_compatible(nid, tnid)) - || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), - OPENSSL_EC_EXPLICIT_CURVE)) { - TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid)); - goto err; - } - - /* - * Check that changing any of the generator parameters does not yield a - * match with the built-in curves - */ - if (/* Other gen, same group order & cofactor */ - !TEST_true(EC_GROUP_set_generator(tmpg, other_gen, group_order, - group_cofactor)) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - /* Same gen & cofactor, different order */ - || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, other_order, - group_cofactor)) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - /* The order is not an optional field, so this should fail */ - || !TEST_false(EC_GROUP_set_generator(tmpg, group_gen, NULL, - group_cofactor)) - /* Check that a wrong cofactor is ignored, and we still match */ - || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order, - other_cofactor)) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - || !TEST_true(are_ec_nids_compatible(nid, tnid)) - || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), - OPENSSL_EC_EXPLICIT_CURVE) - /* Check that if the cofactor is not set then it still matches */ - || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order, - NULL)) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - || !TEST_true(are_ec_nids_compatible(nid, tnid)) - || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), - OPENSSL_EC_EXPLICIT_CURVE) - /* check that restoring the generator passes */ - || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order, - group_cofactor)) - || !TEST_ptr(other_params = *p_next++ = - EC_GROUP_get_ecparameters(tmpg, NULL)) - || !TEST_ptr(tgroup = *g_next++ = - EC_GROUP_new_from_ecparameters(other_params)) - || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef) - || !TEST_true(are_ec_nids_compatible(nid, tnid)) - || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), - OPENSSL_EC_EXPLICIT_CURVE)) - goto err; - - ret = 1; -err: - for (g_next = &g_ary[0]; g_next < g_ary + OSSL_NELEM(g_ary); g_next++) - EC_GROUP_free(*g_next); - for (p_next = &p_ary[0]; p_next < p_ary + OSSL_NELEM(g_ary); p_next++) - ECPARAMETERS_free(*p_next); - ECPARAMETERS_free(params); - EC_POINT_free(other_gen); - EC_GROUP_free(tmpg); - EC_GROUP_free(group); - BN_CTX_end(bn_ctx); - BN_CTX_free(bn_ctx); - return ret; -} - - -static int parameter_test(void) -{ - EC_GROUP *group = NULL, *group2 = NULL; - ECPARAMETERS *ecparameters = NULL; - unsigned char *buf = NULL; - int r = 0, len; - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp384r1)) - || !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL)) - || !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters)) - || !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0)) - goto err; - - EC_GROUP_free(group); - group = NULL; - - /* Test the named curve encoding, which should be default. */ - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp521r1)) - || !TEST_true((len = i2d_ECPKParameters(group, &buf)) >= 0) - || !TEST_mem_eq(buf, len, p521_named, sizeof(p521_named))) - goto err; - - OPENSSL_free(buf); - buf = NULL; - - /* - * Test the explicit encoding. P-521 requires correctly zero-padding the - * curve coefficients. - */ - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); - if (!TEST_true((len = i2d_ECPKParameters(group, &buf)) >= 0) - || !TEST_mem_eq(buf, len, p521_explicit, sizeof(p521_explicit))) - goto err; - - r = 1; -err: - EC_GROUP_free(group); - EC_GROUP_free(group2); - ECPARAMETERS_free(ecparameters); - OPENSSL_free(buf); - return r; -} - -/*- - * random 256-bit explicit parameters curve, cofactor absent - * order: 0x0c38d96a9f892b88772ec2e39614a82f4f (132 bit) - * cofactor: 0x12bc94785251297abfafddf1565100da (125 bit) - */ -static const unsigned char params_cf_pass[] = { - 0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, - 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xe5, 0x00, 0x1f, 0xc5, - 0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d, - 0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93, - 0x44, 0x88, 0xe6, 0x91, 0x30, 0x44, 0x04, 0x20, 0xe5, 0x00, 0x1f, 0xc5, - 0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d, - 0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93, - 0x44, 0x88, 0xe6, 0x8e, 0x04, 0x20, 0x18, 0x8c, 0x59, 0x57, 0xc4, 0xbc, - 0x85, 0x57, 0xc3, 0x66, 0x9f, 0x89, 0xd5, 0x92, 0x0d, 0x7e, 0x42, 0x27, - 0x07, 0x64, 0xaa, 0x26, 0xed, 0x89, 0xc4, 0x09, 0x05, 0x4d, 0xc7, 0x23, - 0x47, 0xda, 0x04, 0x41, 0x04, 0x1b, 0x6b, 0x41, 0x0b, 0xf9, 0xfb, 0x77, - 0xfd, 0x50, 0xb7, 0x3e, 0x23, 0xa3, 0xec, 0x9a, 0x3b, 0x09, 0x31, 0x6b, - 0xfa, 0xf6, 0xce, 0x1f, 0xff, 0xeb, 0x57, 0x93, 0x24, 0x70, 0xf3, 0xf4, - 0xba, 0x7e, 0xfa, 0x86, 0x6e, 0x19, 0x89, 0xe3, 0x55, 0x6d, 0x5a, 0xe9, - 0xc0, 0x3d, 0xbc, 0xfb, 0xaf, 0xad, 0xd4, 0x7e, 0xa6, 0xe5, 0xfa, 0x1a, - 0x58, 0x07, 0x9e, 0x8f, 0x0d, 0x3b, 0xf7, 0x38, 0xca, 0x02, 0x11, 0x0c, - 0x38, 0xd9, 0x6a, 0x9f, 0x89, 0x2b, 0x88, 0x77, 0x2e, 0xc2, 0xe3, 0x96, - 0x14, 0xa8, 0x2f, 0x4f -}; - -/*- - * random 256-bit explicit parameters curve, cofactor absent - * order: 0x045a75c0c17228ebd9b169a10e34a22101 (131 bit) - * cofactor: 0x2e134b4ede82649f67a2e559d361e5fe (126 bit) - */ -static const unsigned char params_cf_fail[] = { - 0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, - 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xc8, 0x95, 0x27, 0x37, - 0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b, - 0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0, - 0x33, 0xc2, 0xea, 0x13, 0x30, 0x44, 0x04, 0x20, 0xc8, 0x95, 0x27, 0x37, - 0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b, - 0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0, - 0x33, 0xc2, 0xea, 0x10, 0x04, 0x20, 0xbf, 0xa6, 0xa8, 0x05, 0x1d, 0x09, - 0xac, 0x70, 0x39, 0xbb, 0x4d, 0xb2, 0x90, 0x8a, 0x15, 0x41, 0x14, 0x1d, - 0x11, 0x86, 0x9f, 0x13, 0xa2, 0x63, 0x1a, 0xda, 0x95, 0x22, 0x4d, 0x02, - 0x15, 0x0a, 0x04, 0x41, 0x04, 0xaf, 0x16, 0x71, 0xf9, 0xc4, 0xc8, 0x59, - 0x1d, 0xa3, 0x6f, 0xe7, 0xc3, 0x57, 0xa1, 0xfa, 0x9f, 0x49, 0x7c, 0x11, - 0x27, 0x05, 0xa0, 0x7f, 0xff, 0xf9, 0xe0, 0xe7, 0x92, 0xdd, 0x9c, 0x24, - 0x8e, 0xc7, 0xb9, 0x52, 0x71, 0x3f, 0xbc, 0x7f, 0x6a, 0x9f, 0x35, 0x70, - 0xe1, 0x27, 0xd5, 0x35, 0x8a, 0x13, 0xfa, 0xa8, 0x33, 0x3e, 0xd4, 0x73, - 0x1c, 0x14, 0x58, 0x9e, 0xc7, 0x0a, 0x87, 0x65, 0x8d, 0x02, 0x11, 0x04, - 0x5a, 0x75, 0xc0, 0xc1, 0x72, 0x28, 0xeb, 0xd9, 0xb1, 0x69, 0xa1, 0x0e, - 0x34, 0xa2, 0x21, 0x01 -}; - -/*- - * Test two random 256-bit explicit parameters curves with absent cofactor. - * The two curves are chosen to roughly straddle the bounds at which the lib - * can compute the cofactor automatically, roughly 4*sqrt(p). So test that: - * - * - params_cf_pass: order is sufficiently close to p to compute cofactor - * - params_cf_fail: order is too far away from p to compute cofactor - * - * For standards-compliant curves, cofactor is chosen as small as possible. - * So you can see neither of these curves are fit for cryptographic use. - * - * Some standards even mandate an upper bound on the cofactor, e.g. SECG1 v2: - * h <= 2**(t/8) where t is the security level of the curve, for which the lib - * will always succeed in computing the cofactor. Neither of these curves - * conform to that -- this is just robustness testing. - */ -static int cofactor_range_test(void) -{ - EC_GROUP *group = NULL; - BIGNUM *cf = NULL; - int ret = 0; - const unsigned char *b1 = (const unsigned char *)params_cf_fail; - const unsigned char *b2 = (const unsigned char *)params_cf_pass; - - if (!TEST_ptr(group = d2i_ECPKParameters(NULL, &b1, sizeof(params_cf_fail))) - || !TEST_BN_eq_zero(EC_GROUP_get0_cofactor(group)) - || !TEST_ptr(group = d2i_ECPKParameters(&group, &b2, - sizeof(params_cf_pass))) - || !TEST_int_gt(BN_hex2bn(&cf, "12bc94785251297abfafddf1565100da"), 0) - || !TEST_BN_eq(cf, EC_GROUP_get0_cofactor(group))) - goto err; - ret = 1; - err: - BN_free(cf); - EC_GROUP_free(group); - return ret; -} - -/*- - * For named curves, test that: - * - the lib correctly computes the cofactor if passed a NULL or zero cofactor - * - a nonsensical cofactor throws an error (negative test) - * - nonsensical orders throw errors (negative tests) - */ -static int cardinality_test(int n) -{ - int ret = 0, is_binary = 0; - int nid = curves[n].nid; - BN_CTX *ctx = NULL; - EC_GROUP *g1 = NULL, *g2 = NULL; - EC_POINT *g2_gen = NULL; - BIGNUM *g1_p = NULL, *g1_a = NULL, *g1_b = NULL, *g1_x = NULL, *g1_y = NULL, - *g1_order = NULL, *g1_cf = NULL, *g2_cf = NULL; - - TEST_info("Curve %s cardinality test", OBJ_nid2sn(nid)); - - if (!TEST_ptr(ctx = BN_CTX_new()) - || !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid))) { - BN_CTX_free(ctx); - return 0; - } - - is_binary = (EC_GROUP_get_field_type(g1) == NID_X9_62_characteristic_two_field); - - BN_CTX_start(ctx); - g1_p = BN_CTX_get(ctx); - g1_a = BN_CTX_get(ctx); - g1_b = BN_CTX_get(ctx); - g1_x = BN_CTX_get(ctx); - g1_y = BN_CTX_get(ctx); - g1_order = BN_CTX_get(ctx); - g1_cf = BN_CTX_get(ctx); - - if (!TEST_ptr(g2_cf = BN_CTX_get(ctx)) - /* pull out the explicit curve parameters */ - || !TEST_true(EC_GROUP_get_curve(g1, g1_p, g1_a, g1_b, ctx)) - || !TEST_true(EC_POINT_get_affine_coordinates(g1, - EC_GROUP_get0_generator(g1), g1_x, g1_y, ctx)) - || !TEST_true(BN_copy(g1_order, EC_GROUP_get0_order(g1))) - || !TEST_true(EC_GROUP_get_cofactor(g1, g1_cf, ctx)) - /* construct g2 manually with g1 parameters */ -#ifndef OPENSSL_NO_EC2M - || !TEST_ptr(g2 = (is_binary) ? - EC_GROUP_new_curve_GF2m(g1_p, g1_a, g1_b, ctx) : - EC_GROUP_new_curve_GFp(g1_p, g1_a, g1_b, ctx)) -#else - || !TEST_int_eq(0, is_binary) - || !TEST_ptr(g2 = EC_GROUP_new_curve_GFp(g1_p, g1_a, g1_b, ctx)) -#endif - || !TEST_ptr(g2_gen = EC_POINT_new(g2)) - || !TEST_true(EC_POINT_set_affine_coordinates(g2, g2_gen, g1_x, g1_y, ctx)) - /* pass NULL cofactor: lib should compute it */ - || !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)) - || !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx)) - || !TEST_BN_eq(g1_cf, g2_cf) - /* pass zero cofactor: lib should compute it */ - || !TEST_true(BN_set_word(g2_cf, 0)) - || !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf)) - || !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx)) - || !TEST_BN_eq(g1_cf, g2_cf) - /* negative test for invalid cofactor */ - || !TEST_true(BN_set_word(g2_cf, 0)) - || !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one())) - || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf)) - /* negative test for NULL order */ - || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, NULL, NULL)) - /* negative test for zero order */ - || !TEST_true(BN_set_word(g1_order, 0)) - || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)) - /* negative test for negative order */ - || !TEST_true(BN_set_word(g2_cf, 0)) - || !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one())) - || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)) - /* negative test for too large order */ - || !TEST_true(BN_lshift(g1_order, g1_p, 2)) - || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))) - goto err; - ret = 1; - err: - EC_POINT_free(g2_gen); - EC_GROUP_free(g1); - EC_GROUP_free(g2); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - return ret; -} - -static int check_ec_key_field_public_range_test(int id) -{ - int ret = 0, type = 0; - const EC_POINT *pub = NULL; - const EC_GROUP *group = NULL; - const BIGNUM *field = NULL; - BIGNUM *x = NULL, *y = NULL; - EC_KEY *key = NULL; - - if (!TEST_ptr(x = BN_new()) - || !TEST_ptr(y = BN_new()) - || !TEST_ptr(key = EC_KEY_new_by_curve_name(curves[id].nid)) - || !TEST_ptr(group = EC_KEY_get0_group(key)) - || !TEST_ptr(field = EC_GROUP_get0_field(group)) - || !TEST_int_gt(EC_KEY_generate_key(key), 0) - || !TEST_int_gt(EC_KEY_check_key(key), 0) - || !TEST_ptr(pub = EC_KEY_get0_public_key(key)) - || !TEST_int_gt(EC_POINT_get_affine_coordinates(group, pub, x, y, - NULL), 0)) - goto err; - - /* - * Make the public point out of range by adding the field (which will still - * be the same point on the curve). The add is different for char2 fields. - */ - type = EC_GROUP_get_field_type(group); -#ifndef OPENSSL_NO_EC2M - if (type == NID_X9_62_characteristic_two_field) { - /* test for binary curves */ - if (!TEST_true(BN_GF2m_add(x, x, field))) - goto err; - } else -#endif - if (type == NID_X9_62_prime_field) { - /* test for prime curves */ - if (!TEST_true(BN_add(x, x, field))) - goto err; - } else { - /* this should never happen */ - TEST_error("Unsupported EC_METHOD field_type"); - goto err; - } - if (!TEST_int_le(EC_KEY_set_public_key_affine_coordinates(key, x, y), 0)) - goto err; - - ret = 1; -err: - BN_free(x); - BN_free(y); - EC_KEY_free(key); - return ret; -} - -/* - * Helper for ec_point_hex2point_test - * - * Self-tests EC_POINT_point2hex() against EC_POINT_hex2point() for the given - * (group,P) pair. - * - * If P is NULL use point at infinity. - */ -static ossl_inline -int ec_point_hex2point_test_helper(const EC_GROUP *group, const EC_POINT *P, - point_conversion_form_t form, - BN_CTX *bnctx) -{ - int ret = 0; - EC_POINT *Q = NULL, *Pinf = NULL; - char *hex = NULL; - - if (P == NULL) { - /* If P is NULL use point at infinity. */ - if (!TEST_ptr(Pinf = EC_POINT_new(group)) - || !TEST_true(EC_POINT_set_to_infinity(group, Pinf))) - goto err; - P = Pinf; - } - - if (!TEST_ptr(hex = EC_POINT_point2hex(group, P, form, bnctx)) - || !TEST_ptr(Q = EC_POINT_hex2point(group, hex, NULL, bnctx)) - || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, bnctx))) - goto err; - - /* - * The next check is most likely superfluous, as EC_POINT_cmp should already - * cover this. - * Nonetheless it increases the test coverage for EC_POINT_is_at_infinity, - * so we include it anyway! - */ - if (Pinf != NULL - && !TEST_true(EC_POINT_is_at_infinity(group, Q))) - goto err; - - ret = 1; - - err: - EC_POINT_free(Pinf); - OPENSSL_free(hex); - EC_POINT_free(Q); - - return ret; -} - -/* - * This test self-validates EC_POINT_hex2point() and EC_POINT_point2hex() - */ -static int ec_point_hex2point_test(int id) -{ - int ret = 0, nid; - EC_GROUP *group = NULL; - const EC_POINT *G = NULL; - EC_POINT *P = NULL; - BN_CTX * bnctx = NULL; - - /* Do some setup */ - nid = curves[id].nid; - if (!TEST_ptr(bnctx = BN_CTX_new()) - || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) - || !TEST_ptr(G = EC_GROUP_get0_generator(group)) - || !TEST_ptr(P = EC_POINT_dup(G, group))) - goto err; - - if (!TEST_true(ec_point_hex2point_test_helper(group, P, - POINT_CONVERSION_COMPRESSED, - bnctx)) - || !TEST_true(ec_point_hex2point_test_helper(group, NULL, - POINT_CONVERSION_COMPRESSED, - bnctx)) - || !TEST_true(ec_point_hex2point_test_helper(group, P, - POINT_CONVERSION_UNCOMPRESSED, - bnctx)) - || !TEST_true(ec_point_hex2point_test_helper(group, NULL, - POINT_CONVERSION_UNCOMPRESSED, - bnctx)) - || !TEST_true(ec_point_hex2point_test_helper(group, P, - POINT_CONVERSION_HYBRID, - bnctx)) - || !TEST_true(ec_point_hex2point_test_helper(group, NULL, - POINT_CONVERSION_HYBRID, - bnctx))) - goto err; - - ret = 1; - - err: - EC_POINT_free(P); - EC_GROUP_free(group); - BN_CTX_free(bnctx); - - return ret; -} - -static int do_test_custom_explicit_fromdata(EC_GROUP *group, BN_CTX *ctx, - unsigned char *gen, int gen_size) -{ - int ret = 0, i_out; - EVP_PKEY_CTX *pctx = NULL; - EVP_PKEY *pkeyparam = NULL; - OSSL_PARAM_BLD *bld = NULL; - const char *field_name; - OSSL_PARAM *params = NULL; - const OSSL_PARAM *gettable; - BIGNUM *p, *a, *b; - BIGNUM *p_out = NULL, *a_out = NULL, *b_out = NULL; - BIGNUM *order_out = NULL, *cofactor_out = NULL; - char name[80]; - unsigned char buf[1024]; - size_t buf_len, name_len; -#ifndef OPENSSL_NO_EC2M - unsigned int k1 = 0, k2 = 0, k3 = 0; - const char *basis_name = NULL; -#endif - - p = BN_CTX_get(ctx); - a = BN_CTX_get(ctx); - b = BN_CTX_get(ctx); - - if (!TEST_ptr(b) - || !TEST_ptr(bld = OSSL_PARAM_BLD_new())) - goto err; - - if (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) { - field_name = SN_X9_62_prime_field; - } else { - field_name = SN_X9_62_characteristic_two_field; -#ifndef OPENSSL_NO_EC2M - if (EC_GROUP_get_basis_type(group) == NID_X9_62_tpBasis) { - basis_name = SN_X9_62_tpBasis; - if (!TEST_true(EC_GROUP_get_trinomial_basis(group, &k1))) - goto err; - } else { - basis_name = SN_X9_62_ppBasis; - if (!TEST_true(EC_GROUP_get_pentanomial_basis(group, &k1, &k2, &k3))) - goto err; - } -#endif /* OPENSSL_NO_EC2M */ - } - if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx)) - || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, - OSSL_PKEY_PARAM_EC_FIELD_TYPE, field_name, 0)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_P, p)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_A, a)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_B, b))) - goto err; - - if (EC_GROUP_get0_seed(group) != NULL) { - if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, - OSSL_PKEY_PARAM_EC_SEED, EC_GROUP_get0_seed(group), - EC_GROUP_get_seed_len(group)))) - goto err; - } - if (EC_GROUP_get0_cofactor(group) != NULL) { - if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_COFACTOR, - EC_GROUP_get0_cofactor(group)))) - goto err; - } - - if (!TEST_true(OSSL_PARAM_BLD_push_octet_string(bld, - OSSL_PKEY_PARAM_EC_GENERATOR, gen, gen_size)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_EC_ORDER, - EC_GROUP_get0_order(group)))) - goto err; - - if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld)) - || !TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) - || !TEST_int_gt(EVP_PKEY_fromdata_init(pctx), 0) - || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkeyparam, - EVP_PKEY_KEY_PARAMETERS, params), 0)) - goto err; - - /*- Check that all the set values are retrievable -*/ - - /* There should be no match to a group name since the generator changed */ - if (!TEST_false(EVP_PKEY_get_utf8_string_param(pkeyparam, - OSSL_PKEY_PARAM_GROUP_NAME, name, sizeof(name), - &name_len))) - goto err; - - /* The encoding should be explicit as it has no group */ - if (!TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam, - OSSL_PKEY_PARAM_EC_ENCODING, - name, sizeof(name), &name_len)) - || !TEST_str_eq(name, OSSL_PKEY_EC_ENCODING_EXPLICIT)) - goto err; - - if (!TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam, - OSSL_PKEY_PARAM_EC_FIELD_TYPE, name, sizeof(name), - &name_len)) - || !TEST_str_eq(name, field_name)) - goto err; - - if (!TEST_true(EVP_PKEY_get_octet_string_param(pkeyparam, - OSSL_PKEY_PARAM_EC_GENERATOR, buf, sizeof(buf), &buf_len)) - || !TEST_mem_eq(buf, (int)buf_len, gen, gen_size)) - goto err; - - if (!TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_P, &p_out)) - || !TEST_BN_eq(p_out, p) - || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_A, - &a_out)) - || !TEST_BN_eq(a_out, a) - || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_B, - &b_out)) - || !TEST_BN_eq(b_out, b) - || !TEST_true(EVP_PKEY_get_bn_param(pkeyparam, OSSL_PKEY_PARAM_EC_ORDER, - &order_out)) - || !TEST_BN_eq(order_out, EC_GROUP_get0_order(group))) - goto err; - - if (EC_GROUP_get0_cofactor(group) != NULL) { - if (!TEST_true(EVP_PKEY_get_bn_param(pkeyparam, - OSSL_PKEY_PARAM_EC_COFACTOR, &cofactor_out)) - || !TEST_BN_eq(cofactor_out, EC_GROUP_get0_cofactor(group))) - goto err; - } - if (EC_GROUP_get0_seed(group) != NULL) { - if (!TEST_true(EVP_PKEY_get_octet_string_param(pkeyparam, - OSSL_PKEY_PARAM_EC_SEED, buf, sizeof(buf), &buf_len)) - || !TEST_mem_eq(buf, buf_len, EC_GROUP_get0_seed(group), - EC_GROUP_get_seed_len(group))) - goto err; - } - - if (EC_GROUP_get_field_type(group) == NID_X9_62_prime_field) { - /* No extra fields should be set for a prime field */ - if (!TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_M, &i_out)) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out)) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out)) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out)) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out)) - || !TEST_false(EVP_PKEY_get_utf8_string_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_TYPE, name, sizeof(name), - &name_len))) - goto err; - } else { -#ifndef OPENSSL_NO_EC2M - if (!TEST_true(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_M, &i_out)) - || !TEST_int_eq(EC_GROUP_get_degree(group), i_out) - || !TEST_true(EVP_PKEY_get_utf8_string_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_TYPE, name, sizeof(name), - &name_len)) - || !TEST_str_eq(name, basis_name)) - goto err; - - if (EC_GROUP_get_basis_type(group) == NID_X9_62_tpBasis) { - if (!TEST_true(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out)) - || !TEST_int_eq(k1, i_out) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out)) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out)) - || !TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out))) - goto err; - } else { - if (!TEST_false(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS, &i_out)) - || !TEST_true(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K1, &i_out)) - || !TEST_int_eq(k1, i_out) - || !TEST_true(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K2, &i_out)) - || !TEST_int_eq(k2, i_out) - || !TEST_true(EVP_PKEY_get_int_param(pkeyparam, - OSSL_PKEY_PARAM_EC_CHAR2_PP_K3, &i_out)) - || !TEST_int_eq(k3, i_out)) - goto err; - } -#endif /* OPENSSL_NO_EC2M */ - } - if (!TEST_ptr(gettable = EVP_PKEY_gettable_params(pkeyparam)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_GROUP_NAME)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_ENCODING)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_FIELD_TYPE)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_P)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_A)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_B)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_GENERATOR)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_ORDER)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_COFACTOR)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_SEED)) -#ifndef OPENSSL_NO_EC2M - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_M)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_TYPE)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_TP_BASIS)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K1)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K2)) - || !TEST_ptr(OSSL_PARAM_locate_const(gettable, OSSL_PKEY_PARAM_EC_CHAR2_PP_K3)) -#endif - ) - goto err; - ret = 1; -err: - BN_free(order_out); - BN_free(cofactor_out); - BN_free(a_out); - BN_free(b_out); - BN_free(p_out); - OSSL_PARAM_free(params); - OSSL_PARAM_BLD_free(bld); - EVP_PKEY_free(pkeyparam); - EVP_PKEY_CTX_free(pctx); - return ret; -} - -/* - * check the EC_METHOD respects the supplied EC_GROUP_set_generator G - */ -static int custom_generator_test(int id) -{ - int ret = 0, nid, bsize; - EC_GROUP *group = NULL; - EC_POINT *G2 = NULL, *Q1 = NULL, *Q2 = NULL; - BN_CTX *ctx = NULL; - BIGNUM *k = NULL; - unsigned char *b1 = NULL, *b2 = NULL; - - /* Do some setup */ - nid = curves[id].nid; - TEST_note("Curve %s", OBJ_nid2sn(nid)); - if (!TEST_ptr(ctx = BN_CTX_new())) - return 0; - - BN_CTX_start(ctx); - - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) - goto err; - - /* expected byte length of encoded points */ - bsize = (EC_GROUP_get_degree(group) + 7) / 8; - bsize = 1 + 2 * bsize; /* UNCOMPRESSED_POINT format */ - - if (!TEST_ptr(k = BN_CTX_get(ctx)) - /* fetch a testing scalar k != 0,1 */ - || !TEST_true(BN_rand(k, EC_GROUP_order_bits(group) - 1, - BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) - /* make k even */ - || !TEST_true(BN_clear_bit(k, 0)) - || !TEST_ptr(G2 = EC_POINT_new(group)) - || !TEST_ptr(Q1 = EC_POINT_new(group)) - /* Q1 := kG */ - || !TEST_true(EC_POINT_mul(group, Q1, k, NULL, NULL, ctx)) - /* pull out the bytes of that */ - || !TEST_int_eq(EC_POINT_point2oct(group, Q1, - POINT_CONVERSION_UNCOMPRESSED, NULL, - 0, ctx), bsize) - || !TEST_ptr(b1 = OPENSSL_malloc(bsize)) - || !TEST_int_eq(EC_POINT_point2oct(group, Q1, - POINT_CONVERSION_UNCOMPRESSED, b1, - bsize, ctx), bsize) - /* new generator is G2 := 2G */ - || !TEST_true(EC_POINT_dbl(group, G2, EC_GROUP_get0_generator(group), - ctx)) - || !TEST_true(EC_GROUP_set_generator(group, G2, - EC_GROUP_get0_order(group), - EC_GROUP_get0_cofactor(group))) - || !TEST_ptr(Q2 = EC_POINT_new(group)) - || !TEST_true(BN_rshift1(k, k)) - /* Q2 := k/2 G2 */ - || !TEST_true(EC_POINT_mul(group, Q2, k, NULL, NULL, ctx)) - || !TEST_int_eq(EC_POINT_point2oct(group, Q2, - POINT_CONVERSION_UNCOMPRESSED, NULL, - 0, ctx), bsize) - || !TEST_ptr(b2 = OPENSSL_malloc(bsize)) - || !TEST_int_eq(EC_POINT_point2oct(group, Q2, - POINT_CONVERSION_UNCOMPRESSED, b2, - bsize, ctx), bsize) - /* Q1 = kG = k/2 G2 = Q2 should hold */ - || !TEST_mem_eq(b1, bsize, b2, bsize)) - goto err; - - if (!do_test_custom_explicit_fromdata(group, ctx, b1, bsize)) - goto err; - - ret = 1; - - err: - EC_POINT_free(Q1); - EC_POINT_free(Q2); - EC_POINT_free(G2); - EC_GROUP_free(group); - BN_CTX_end(ctx); - BN_CTX_free(ctx); - OPENSSL_free(b1); - OPENSSL_free(b2); - - return ret; -} - -/* - * check creation of curves from explicit params through the public API - */ -static int custom_params_test(int id) -{ - int ret = 0, nid, bsize; - const char *curve_name = NULL; - EC_GROUP *group = NULL, *altgroup = NULL; - EC_POINT *G2 = NULL, *Q1 = NULL, *Q2 = NULL; - const EC_POINT *Q = NULL; - BN_CTX *ctx = NULL; - BIGNUM *k = NULL; - unsigned char *buf1 = NULL, *buf2 = NULL; - const BIGNUM *z = NULL, *cof = NULL, *priv1 = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL; - int is_prime = 0; - EC_KEY *eckey1 = NULL, *eckey2 = NULL; - EVP_PKEY *pkey1 = NULL, *pkey2 = NULL; - EVP_PKEY_CTX *pctx1 = NULL, *pctx2 = NULL; - size_t sslen, t; - unsigned char *pub1 = NULL , *pub2 = NULL; - OSSL_PARAM_BLD *param_bld = NULL; - OSSL_PARAM *params1 = NULL, *params2 = NULL; - - /* Do some setup */ - nid = curves[id].nid; - curve_name = OBJ_nid2sn(nid); - TEST_note("Curve %s", curve_name); - - if (nid == NID_sm2) - return TEST_skip("custom params not supported with SM2"); - - if (!TEST_ptr(ctx = BN_CTX_new())) - return 0; - - if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) - goto err; - - is_prime = EC_GROUP_get_field_type(group) == NID_X9_62_prime_field; -#ifdef OPENSSL_NO_EC2M - if (!is_prime) { - ret = TEST_skip("binary curves not supported in this build"); - goto err; - } -#endif - - BN_CTX_start(ctx); - if (!TEST_ptr(p = BN_CTX_get(ctx)) - || !TEST_ptr(a = BN_CTX_get(ctx)) - || !TEST_ptr(b = BN_CTX_get(ctx)) - || !TEST_ptr(k = BN_CTX_get(ctx))) - goto err; - - /* expected byte length of encoded points */ - bsize = (EC_GROUP_get_degree(group) + 7) / 8; - bsize = 1 + 2 * bsize; /* UNCOMPRESSED_POINT format */ - - /* extract parameters from built-in curve */ - if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx)) - || !TEST_ptr(G2 = EC_POINT_new(group)) - /* new generator is G2 := 2G */ - || !TEST_true(EC_POINT_dbl(group, G2, - EC_GROUP_get0_generator(group), ctx)) - /* pull out the bytes of that */ - || !TEST_int_eq(EC_POINT_point2oct(group, G2, - POINT_CONVERSION_UNCOMPRESSED, - NULL, 0, ctx), bsize) - || !TEST_ptr(buf1 = OPENSSL_malloc(bsize)) - || !TEST_int_eq(EC_POINT_point2oct(group, G2, - POINT_CONVERSION_UNCOMPRESSED, - buf1, bsize, ctx), bsize) - || !TEST_ptr(z = EC_GROUP_get0_order(group)) - || !TEST_ptr(cof = EC_GROUP_get0_cofactor(group)) - ) - goto err; - - /* create a new group using same params (but different generator) */ - if (is_prime) { - if (!TEST_ptr(altgroup = EC_GROUP_new_curve_GFp(p, a, b, ctx))) - goto err; - } -#ifndef OPENSSL_NO_EC2M - else { - if (!TEST_ptr(altgroup = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) - goto err; - } -#endif - - /* set 2*G as the generator of altgroup */ - EC_POINT_free(G2); /* discard G2 as it refers to the original group */ - if (!TEST_ptr(G2 = EC_POINT_new(altgroup)) - || !TEST_true(EC_POINT_oct2point(altgroup, G2, buf1, bsize, ctx)) - || !TEST_int_eq(EC_POINT_is_on_curve(altgroup, G2, ctx), 1) - || !TEST_true(EC_GROUP_set_generator(altgroup, G2, z, cof)) - ) - goto err; - - /* verify math checks out */ - if (/* allocate temporary points on group and altgroup */ - !TEST_ptr(Q1 = EC_POINT_new(group)) - || !TEST_ptr(Q2 = EC_POINT_new(altgroup)) - /* fetch a testing scalar k != 0,1 */ - || !TEST_true(BN_rand(k, EC_GROUP_order_bits(group) - 1, - BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) - /* make k even */ - || !TEST_true(BN_clear_bit(k, 0)) - /* Q1 := kG on group */ - || !TEST_true(EC_POINT_mul(group, Q1, k, NULL, NULL, ctx)) - /* pull out the bytes of that */ - || !TEST_int_eq(EC_POINT_point2oct(group, Q1, - POINT_CONVERSION_UNCOMPRESSED, - NULL, 0, ctx), bsize) - || !TEST_int_eq(EC_POINT_point2oct(group, Q1, - POINT_CONVERSION_UNCOMPRESSED, - buf1, bsize, ctx), bsize) - /* k := k/2 */ - || !TEST_true(BN_rshift1(k, k)) - /* Q2 := k/2 G2 on altgroup */ - || !TEST_true(EC_POINT_mul(altgroup, Q2, k, NULL, NULL, ctx)) - /* pull out the bytes of that */ - || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q2, - POINT_CONVERSION_UNCOMPRESSED, - NULL, 0, ctx), bsize) - || !TEST_ptr(buf2 = OPENSSL_malloc(bsize)) - || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q2, - POINT_CONVERSION_UNCOMPRESSED, - buf2, bsize, ctx), bsize) - /* Q1 = kG = k/2 G2 = Q2 should hold */ - || !TEST_mem_eq(buf1, bsize, buf2, bsize)) - goto err; - - /* create two `EC_KEY`s on altgroup */ - if (!TEST_ptr(eckey1 = EC_KEY_new()) - || !TEST_true(EC_KEY_set_group(eckey1, altgroup)) - || !TEST_true(EC_KEY_generate_key(eckey1)) - || !TEST_ptr(eckey2 = EC_KEY_new()) - || !TEST_true(EC_KEY_set_group(eckey2, altgroup)) - || !TEST_true(EC_KEY_generate_key(eckey2))) - goto err; - - /* retrieve priv1 for later */ - if (!TEST_ptr(priv1 = EC_KEY_get0_private_key(eckey1))) - goto err; - - /* - * retrieve bytes for pub1 for later - * - * We compute the pub key in the original group as we will later use it to - * define a provider key in the built-in group. - */ - if (!TEST_true(EC_POINT_mul(group, Q1, priv1, NULL, NULL, ctx)) - || !TEST_int_eq(EC_POINT_point2oct(group, Q1, - POINT_CONVERSION_UNCOMPRESSED, - NULL, 0, ctx), bsize) - || !TEST_ptr(pub1 = OPENSSL_malloc(bsize)) - || !TEST_int_eq(EC_POINT_point2oct(group, Q1, - POINT_CONVERSION_UNCOMPRESSED, - pub1, bsize, ctx), bsize)) - goto err; - - /* retrieve bytes for pub2 for later */ - if (!TEST_ptr(Q = EC_KEY_get0_public_key(eckey2)) - || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q, - POINT_CONVERSION_UNCOMPRESSED, - NULL, 0, ctx), bsize) - || !TEST_ptr(pub2 = OPENSSL_malloc(bsize)) - || !TEST_int_eq(EC_POINT_point2oct(altgroup, Q, - POINT_CONVERSION_UNCOMPRESSED, - pub2, bsize, ctx), bsize)) - goto err; - - /* create two `EVP_PKEY`s from the `EC_KEY`s */ - if(!TEST_ptr(pkey1 = EVP_PKEY_new()) - || !TEST_int_eq(EVP_PKEY_assign_EC_KEY(pkey1, eckey1), 1)) - goto err; - eckey1 = NULL; /* ownership passed to pkey1 */ - if(!TEST_ptr(pkey2 = EVP_PKEY_new()) - || !TEST_int_eq(EVP_PKEY_assign_EC_KEY(pkey2, eckey2), 1)) - goto err; - eckey2 = NULL; /* ownership passed to pkey2 */ - - /* Compute keyexchange in both directions */ - if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL)) - || !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1) - || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1) - || !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &sslen), 1) - || !TEST_int_gt(bsize, sslen) - || !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &sslen), 1)) - goto err; - if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new(pkey2, NULL)) - || !TEST_int_eq(EVP_PKEY_derive_init(pctx2), 1) - || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx2, pkey1), 1) - || !TEST_int_eq(EVP_PKEY_derive(pctx2, NULL, &t), 1) - || !TEST_int_gt(bsize, t) - || !TEST_int_le(sslen, t) - || !TEST_int_eq(EVP_PKEY_derive(pctx2, buf2, &t), 1)) - goto err; - - /* Both sides should expect the same shared secret */ - if (!TEST_mem_eq(buf1, sslen, buf2, t)) - goto err; - - /* Build parameters for provider-native keys */ - if (!TEST_ptr(param_bld = OSSL_PARAM_BLD_new()) - || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(param_bld, - OSSL_PKEY_PARAM_GROUP_NAME, - curve_name, 0)) - || !TEST_true(OSSL_PARAM_BLD_push_octet_string(param_bld, - OSSL_PKEY_PARAM_PUB_KEY, - pub1, bsize)) - || !TEST_true(OSSL_PARAM_BLD_push_BN(param_bld, - OSSL_PKEY_PARAM_PRIV_KEY, - priv1)) - || !TEST_ptr(params1 = OSSL_PARAM_BLD_to_param(param_bld))) - goto err; - - OSSL_PARAM_BLD_free(param_bld); - if (!TEST_ptr(param_bld = OSSL_PARAM_BLD_new()) - || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(param_bld, - OSSL_PKEY_PARAM_GROUP_NAME, - curve_name, 0)) - || !TEST_true(OSSL_PARAM_BLD_push_octet_string(param_bld, - OSSL_PKEY_PARAM_PUB_KEY, - pub2, bsize)) - || !TEST_ptr(params2 = OSSL_PARAM_BLD_to_param(param_bld))) - goto err; - - /* create two new provider-native `EVP_PKEY`s */ - EVP_PKEY_CTX_free(pctx2); - if (!TEST_ptr(pctx2 = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL)) - || !TEST_true(EVP_PKEY_fromdata_init(pctx2)) - || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey1, EVP_PKEY_KEYPAIR, - params1)) - || !TEST_true(EVP_PKEY_fromdata(pctx2, &pkey2, EVP_PKEY_PUBLIC_KEY, - params2))) - goto err; - - /* compute keyexchange once more using the provider keys */ - EVP_PKEY_CTX_free(pctx1); - if (!TEST_ptr(pctx1 = EVP_PKEY_CTX_new(pkey1, NULL)) - || !TEST_int_eq(EVP_PKEY_derive_init(pctx1), 1) - || !TEST_int_eq(EVP_PKEY_derive_set_peer(pctx1, pkey2), 1) - || !TEST_int_eq(EVP_PKEY_derive(pctx1, NULL, &t), 1) - || !TEST_int_gt(bsize, t) - || !TEST_int_le(sslen, t) - || !TEST_int_eq(EVP_PKEY_derive(pctx1, buf1, &t), 1) - /* compare with previous result */ - || !TEST_mem_eq(buf1, t, buf2, sslen)) - goto err; - - ret = 1; - - err: - BN_CTX_end(ctx); - BN_CTX_free(ctx); - OSSL_PARAM_BLD_free(param_bld); - OSSL_PARAM_free(params1); - OSSL_PARAM_free(params2); - EC_POINT_free(Q1); - EC_POINT_free(Q2); - EC_POINT_free(G2); - EC_GROUP_free(group); - EC_GROUP_free(altgroup); - OPENSSL_free(buf1); - OPENSSL_free(buf2); - OPENSSL_free(pub1); - OPENSSL_free(pub2); - EC_KEY_free(eckey1); - EC_KEY_free(eckey2); - EVP_PKEY_free(pkey1); - EVP_PKEY_free(pkey2); - EVP_PKEY_CTX_free(pctx1); - EVP_PKEY_CTX_free(pctx2); - - return ret; -} - -int setup_tests(void) -{ - crv_len = EC_get_builtin_curves(NULL, 0); - if (!TEST_ptr(curves = OPENSSL_malloc(sizeof(*curves) * crv_len)) - || !TEST_true(EC_get_builtin_curves(curves, crv_len))) - return 0; - - ADD_TEST(parameter_test); - ADD_TEST(cofactor_range_test); - ADD_ALL_TESTS(cardinality_test, crv_len); - ADD_TEST(prime_field_tests); -#ifndef OPENSSL_NO_EC2M - ADD_TEST(char2_field_tests); - ADD_ALL_TESTS(char2_curve_test, OSSL_NELEM(char2_curve_tests)); -#endif - ADD_ALL_TESTS(nistp_single_test, OSSL_NELEM(nistp_tests_params)); - ADD_ALL_TESTS(internal_curve_test, crv_len); - ADD_ALL_TESTS(internal_curve_test_method, crv_len); - ADD_TEST(group_field_test); - ADD_ALL_TESTS(check_named_curve_test, crv_len); - ADD_ALL_TESTS(check_named_curve_lookup_test, crv_len); - ADD_ALL_TESTS(check_ec_key_field_public_range_test, crv_len); - ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len); - ADD_ALL_TESTS(ec_point_hex2point_test, crv_len); - /* ADD_ALL_TESTS(custom_generator_test, crv_len); - ADD_ALL_TESTS(custom_params_test, crv_len); */ - return 1; -} - -void cleanup_tests(void) -{ - OPENSSL_free(curves); -} diff --git a/hobble-openssl b/hobble-openssl deleted file mode 100755 index 9a23ca6f4cacb06025e0d398a5067a18056beff2..0000000000000000000000000000000000000000 --- a/hobble-openssl +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh - -# Quit out if anything fails. -set -e - -# Clean out patent-or-otherwise-encumbered code. -# MDC-2: 4,908,861 13/03/2007 - expired, we do not remove it but do not enable it anyway -# IDEA: 5,214,703 07/01/2012 - expired, we do not remove it anymore -# RC5: 5,724,428 01/11/2015 - expired, we do not remove it anymore -# EC: ????????? ??/??/2020 -# SRP: ????????? ??/??/2017 - expired, we do not remove it anymore - -# Remove assembler portions of IDEA, MDC2, and RC5. -# (find crypto/rc5/asm -type f | xargs -r rm -fv) - -for c in `find crypto/bn -name "*gf2m.c"`; do - echo Destroying $c - > $c -done - -for c in `find crypto/ec -name "ec2*.c" -o -name "ec_curve.c"`; do - echo Destroying $c - > $c -done - -for c in `find test -name "ectest.c"`; do - echo Destroying $c - > $c -done - -for h in `find crypto ssl apps test -name "*.h"` ; do - echo Removing EC2M references from $h - cat $h | \ - awk 'BEGIN {ech=1;} \ - /^#[ \t]*ifndef.*NO_EC2M/ {ech--; next;} \ - /^#[ \t]*if/ {if(ech < 1) ech--;} \ - {if(ech>0) {;print $0};} \ - /^#[ \t]*endif/ {if(ech < 1) ech++;}' > $h.hobbled && \ - mv $h.hobbled $h -done diff --git a/openssl-3.0.7.tar.gz b/openssl-3.0.9.tar.gz similarity index 63% rename from openssl-3.0.7.tar.gz rename to openssl-3.0.9.tar.gz index b70d1f44df1456afa79744fbf0da61534546793d..5c2971456306505e6f24ddd425ceed9946fa48cf 100644 Binary files a/openssl-3.0.7.tar.gz and b/openssl-3.0.9.tar.gz differ diff --git a/openssl.spec b/openssl.spec index cb784bec14bee6ac7bce29469893c32a7d633a17..c72e7e29341075633784787032276c28a189893d 100644 --- a/openssl.spec +++ b/openssl.spec @@ -1,4 +1,4 @@ -%define anolis_release 8 +%define anolis_release 1 %global soversion 3 %define srpmhash() %{lua: @@ -16,9 +16,10 @@ print(string.sub(hash, 0, 16)) } %global _performance_build 1 +%define __provides_exclude_from %{_libdir}/openssl Name: openssl -Version: 3.0.7 +Version: 3.0.9 Release: %{anolis_release}%{?dist} Epoch: 1 Summary: Utilities from the general purpose cryptography library with TLS implementation @@ -26,81 +27,76 @@ Summary: Utilities from the general purpose cryptography library with TLS License: ASL 2.0 URL: http://www.openssl.org/ Source0: https://www.openssl.org/source/%{name}-%{version}.tar.gz -Source1: hobble-openssl Source2: Makefile.certificate Source3: genpatches Source4: make-dummy-cert Source5: renew-dummy-cert Source6: configuration-switch.h Source7: configuration-prefix.h -Source8: ec_curve.c -Source9: ectest.c - -Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch -Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch -Patch3: 0003-Do-not-install-html-docs.patch -Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch -Patch5: 0005-apps-ca-fix-md-option-help-text.patch -Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch -Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch -Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch +Source14: 0025-for-tests.patch + +Patch1: 0001-Aarch64-and-ppc64le-use-lib64.patch +Patch2: 0002-Use-more-general-default-values-in-openssl.cnf.patch +Patch3: 0003-Do-not-install-html-docs.patch +Patch4: 0004-Override-default-paths-for-the-CA-directory-tree.patch +Patch5: 0005-apps-ca-fix-md-option-help-text.patch +Patch6: 0006-Disable-signature-verification-with-totally-unsafe-h.patch +Patch7: 0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch +Patch8: 0008-Add-FIPS_mode-compatibility-macro.patch # Add check to see if fips flag is enabled in kernel -Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch -Patch10: 0010-Remove-EC-curves.patch -Patch11: 0011-Disable-explicit-ec.patch -Patch12: 0012-load-legacy-prov.patch +Patch9: 0009-Add-Kernel-FIPS-mode-flag-support.patch +Patch10: 0010-Add-changes-to-ectest-and-eccurve.patch +Patch11: 0011-Remove-EC-curves.patch +Patch12: 0012-Disable-explicit-ec.patch +Patch13: 0013-skipped-tests-EC-curves.patch +Patch14: 0014-load-legacy-prov.patch # Tmp: test name change -Patch13: 0013-tmp-Fix-test-names.patch +Patch15: 0015-tmp-Fix-test-names.patch # We load FIPS provider and set FIPS properties implicitly -Patch14: 0014-Force-fips.patch +Patch16: 0016-Force-fips.patch # Embed HMAC into the fips.so -Patch15: 0015-FIPS-embed-hmac.patch +Patch17: 0017-FIPS-embed-hmac.patch # Comment out fipsinstall command-line utility -Patch16: 0016-fipsinstall_disable.patch +Patch18: 0018-fipsinstall_disable.patch # Skip unavailable algorithms running `openssl speed` -Patch17: 0017-speed-skip-unavailable-dgst.patch +Patch19: 0019-speed-skip-unavailable-dgst.patch # Extra public/private key checks required by FIPS-140-3 -Patch18: 0018-FIPS-140-3-keychecks.patch +Patch20: 0020-FIPS-140-3-keychecks.patch # Minimize fips services -Patch19: 0019-FIPS-services-minimize.patch +Patch21: 0021-FIPS-services-minimize.patch # Execute KATS before HMAC verification -Patch20: 0020-FIPS-early-KATS.patch +Patch22: 0022-FIPS-early-KATS.patch # Selectively disallow SHA1 signatures -Patch21: 0021-Selectively-disallow-SHA1-signatures.patch -Patch22: 0022-FIPS-enable-pkcs12-mac.patch -Patch23: 0023-Support-different-R_BITS-lengths-for-KBKDF.patch +Patch23: 0023-Selectively-disallow-SHA1-signatures.patch +Patch24: 0024-FIPS-enable-pkcs12-mac.patch +Patch25: 0025-Support-different-R_BITS-lengths-for-KBKDF.patch # Allow SHA1 in seclevel 2 if rh-allow-sha1-signatures = yes -Patch24: 0024-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch +Patch26: 0026-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch # https://github.com/openssl/openssl/pull/18103 # The patch is incorporated in 3.0.3 but we provide this function since 3.0.1 # so the patch should persist -Patch25: 0025-strcasecmp.patch -Patch26: 0026-FIPS-limit-rsa-encrypt.patch -Patch27: 0027-FIPS-KAT-signature-tests.patch -Patch28: 0028-Deny-SHA-1-signature-verification-in-FIPS-provider.patch -Patch29: 0029-fips-Expose-a-FIPS-indicator.patch -Patch30: 0030-AES-GCM-performance-optimization.patch -Patch31: 0031-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch -Patch32: 0032-FIPS-Use-digest_sign-digest_verify-in-self-test.patch -Patch33: 0033-FIPS-Use-FFDHE2048-in-self-test.patch +Patch27: 0027-strcasecmp.patch +Patch28: 0028-FIPS-limit-rsa-encrypt.patch +Patch29: 0029-FIPS-KAT-signature-tests.patch +Patch30: 0030-Deny-SHA-1-signature-verification-in-FIPS-provider.patch +Patch31: 0031-fips-Expose-a-FIPS-indicator.patch +Patch32: 0032-AES-GCM-performance-optimization.patch +Patch33: 0033-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch +Patch34: 0034-FIPS-Use-digest_sign-digest_verify-in-self-test.patch +Patch35: 0035-FIPS-Use-FFDHE2048-in-self-test.patch # Downstream only. Reseed DRBG using getrandom(GRND_RANDOM) -Patch34: 0034-FIPS-140-3-DRBG.patch -Patch35: 0035-FIPS-140-3-zeroization.patch -Patch36: 0036-Add-FIPS-indicator-parameter-to-HKDF.patch -Patch37: 0037-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch -Patch38: 0038-signature-Remove-X9.31-padding-from-FIPS-prov.patch -Patch39: 0039-kbkdf-Add-explicit-FIPS-indicator-for-key-length.patch -Patch40: 0040-hmac-Add-explicit-FIPS-indicator-for-key-length.patch -Patch41: 0041-pbkdf2-Set-minimum-password-length-of-8-bytes.patch -Patch42: 0042-FIPS-RSA-disable-shake.patch -Patch43: 0043-signature-Add-indicator-for-PSS-salt-length.patch -Patch44: 0044-PSS-salt-length-from-provider.patch -Patch45: 0045-signature-Clamp-PSS-salt-len-to-MD-len.patch -Patch46: 0046-FIPS-RSA-encapsulate.patch -Patch47: 0047-provider-improvements.patch -Patch48: 0048-fix-CVE-2023-0464.patch -Patch49: 0049-fix-CVE-2023-0465.patch -Patch50: 0050-fix-CVE-2023-0466.patch +Patch36: 0036-FIPS-140-3-DRBG.patch +Patch37: 0037-FIPS-140-3-zeroization.patch +Patch38: 0038-Add-FIPS-indicator-parameter-to-HKDF.patch +Patch39: 0039-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch +Patch40: 0040-signature-Remove-X9.31-padding-from-FIPS-prov.patch +Patch41: 0041-kbkdf-Add-explicit-FIPS-indicator-for-key-length.patch +Patch42: 0042-hmac-Add-explicit-FIPS-indicator-for-key-length.patch +Patch43: 0043-pbkdf2-Set-minimum-password-length-of-8-bytes.patch +Patch44: 0044-FIPS-RSA-disable-shake.patch +Patch45: 0045-signature-Add-indicator-for-PSS-salt-length.patch +Patch46: 0046-signature-Clamp-PSS-salt-len-to-MD-len.patch +Patch47: 0047-FIPS-RSA-encapsulate.patch BuildRequires: gcc git coreutils perl-interpreter sed zlib-devel /usr/bin/cmp BuildRequires: lksctp-tools-devel @@ -113,7 +109,7 @@ BuildRequires: perl(Time::HiRes) perl(IPC::Cmd) perl(Pod::Html) perl(Digest::SH BuildRequires: perl(FindBin) perl(lib) perl(File::Compare) perl(File::Copy) perl(bigint) BuildRequires: perl(ExtUtils::MakeMaker) Requires: coreutils -Requires: %{name}-libs = %{epoch}:%{version}-%{release} +Requires: %{name}-libs = %{EVR} %description The OpenSSL toolkit provides support for secure communications between @@ -125,7 +121,7 @@ protocols. Summary: A general purpose cryptography library with TLS implementation Requires: ca-certificates >= 2008-5 Requires: crypto-policies >= %{installed_version_of crypto-policies} -Recommends: openssl-pkcs11 = %{epoch}:%{version}-%{release} +Recommends: openssl-pkcs11 %description libs OpenSSL is a toolkit for supporting cryptography. The openssl-libs @@ -134,8 +130,7 @@ support cryptographic algorithms and protocols. %package devel Summary: Files for development of applications which will use OpenSSL -Requires: %{name}-libs = %{epoch}:%{version}-%{release} -Requires: pkgconfig +Requires: %{name}-libs = %{EVR} %description devel OpenSSL is a toolkit for supporting cryptography. The openssl-devel @@ -145,7 +140,7 @@ support various cryptographic algorithms and protocols. %package perl Summary: Perl scripts provided with OpenSSL Requires: perl-interpreter -Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: %{name} = %{EVR} %description perl OpenSSL is a toolkit for supporting cryptography. The openssl-perl @@ -154,7 +149,7 @@ from other formats to the formats used by the OpenSSL toolkit. %package doc Summary: Doc files for OpenSSL -Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: %{name} = %{EVR} BuildArch: noarch %description doc @@ -162,9 +157,6 @@ Doc files for OpenSSL %prep %autosetup -S git -%{SOURCE1} > /dev/null -cp %{SOURCE8} crypto/ec/ -cp %{SOURCE9} test/ %build sslarch=%{_os}-%{_target_cpu} @@ -189,7 +181,7 @@ export HASHBANGPERL=/usr/bin/perl --system-ciphers-file=%{_sysconfdir}/crypto-policies/back-ends/openssl.config \ zlib enable-camellia enable-seed enable-rfc3779 enable-sctp \ enable-cms enable-md2 enable-rc5 enable-ktls enable-fips\ - no-mdc2 no-ec2m enable-buildtest-c++\ + no-mdc2 no-ec2m enable-sm2 enable-sm4 enable-buildtest-c++\ shared ${sslarch} $RPM_OPT_FLAGS '-DDEVRANDOM="\"/dev/urandom\"" -DREDHAT_FIPS_VERSION="\"%{fips}\""'\ -Wl,--allow-multiple-definition @@ -199,8 +191,35 @@ for i in libcrypto.pc libssl.pc openssl.pc ; do sed -i '/^Libs.private:/{s/-L[^ ]* //;s/-Wl[^ ]* //}' $i done +%check +# Verify that what was compiled actually works. + +# Hack - either enable SCTP AUTH chunks in kernel or disable sctp for check +(sysctl net.sctp.addip_enable=1 && sysctl net.sctp.auth_enable=1) || \ +(echo 'Failed to enable SCTP AUTH chunks, disabling SCTP for tests...' && + sed '/"msan" => "default",/a\ \ "sctp" => "default",' configdata.pm > configdata.pm.new && \ + touch -r configdata.pm configdata.pm.new && \ + mv -f configdata.pm.new configdata.pm) + +# We must revert patch4 before tests otherwise they will fail +patch -p1 -R < %{PATCH4} +#We must disable default provider before tests otherwise they will fail +patch -p1 < %{SOURCE14} + +OPENSSL_ENABLE_MD5_VERIFY= +export OPENSSL_ENABLE_MD5_VERIFY +OPENSSL_ENABLE_SHA1_SIGNATURES= +export OPENSSL_ENABLE_SHA1_SIGNATURES +OPENSSL_SYSTEM_CIPHERS_OVERRIDE=xyz_nonexistent_file +export OPENSSL_SYSTEM_CIPHERS_OVERRIDE +#embed HMAC into fips provider for test run +LD_LIBRARY_PATH=. apps/openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:f4556650ac31d35461610bac4ed81b1a181b2d8a43ea2854cbae22ca74560813 < providers/fips.so > providers/fips.so.hmac +objcopy --update-section .rodata1=providers/fips.so.hmac providers/fips.so providers/fips.so.mac +mv providers/fips.so.mac providers/fips.so +#run tests itself +make test HARNESS_JOBS=8 + %install -rm -rf $RPM_BUILD_ROOT install -d $RPM_BUILD_ROOT{%{_bindir},%{_includedir},%{_libdir},%{_mandir},%{_libdir}/openssl,%{_pkgdocdir}} %make_install rename so.%{soversion} so.%{version} $RPM_BUILD_ROOT%{_libdir}/*.so.%{soversion} @@ -230,7 +249,6 @@ touch -r %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/ct_log_list.cnf rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/{openssl.cnf.dist,ct_log_list.cnf.dist,fipsmodule.cnf} %files -%{!?_licensedir:%global license %%doc} %license LICENSE.txt %{_bindir}/make-dummy-cert %{_bindir}/renew-dummy-cert @@ -243,7 +261,6 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/{openssl.cnf.dist,ct_log_list.cnf.di %exclude %{_mandir}/man1/tsget* %files libs -%{!?_licensedir:%global license %%doc} %license LICENSE.txt %dir %{_sysconfdir}/pki/tls %dir %{_sysconfdir}/pki/tls/certs @@ -280,9 +297,10 @@ rm -f $RPM_BUILD_ROOT%{_sysconfdir}/pki/tls/{openssl.cnf.dist,ct_log_list.cnf.di %files doc %doc NEWS.md README.md -%ldconfig_scriptlets libs - %changelog +* Wed May 31 2023 Funda Wang - 1:3.0.9-1 +- New version 3.0.9 + * Sat May 06 2023 happy_orange - 1:3.0.7-8 - fix CVE-2023-0465 and CVE-2023-0466