1 1.1 christos /* 2 1.1 christos * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * 4 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 5 1.1 christos * this file except in compliance with the License. You can obtain a copy 6 1.1 christos * in the file LICENSE in the source distribution or at 7 1.1 christos * https://www.openssl.org/source/license.html 8 1.1 christos */ 9 1.1 christos 10 1.1 christos /* 11 1.1 christos * DH low level APIs are deprecated for public use, but still ok for 12 1.1 christos * internal use. 13 1.1 christos */ 14 1.1 christos #include "internal/deprecated.h" 15 1.1 christos 16 1.1 christos #include <stdio.h> 17 1.1 christos #include <stdlib.h> 18 1.1 christos #include <string.h> 19 1.1 christos 20 1.1 christos #include "internal/nelem.h" 21 1.1 christos #include <openssl/crypto.h> 22 1.1 christos #include <openssl/bio.h> 23 1.1 christos #include <openssl/bn.h> 24 1.1 christos #include <openssl/rand.h> 25 1.1 christos #include <openssl/err.h> 26 1.1 christos #include <openssl/obj_mac.h> 27 1.1 christos #include <openssl/core_names.h> 28 1.1 christos #include "testutil.h" 29 1.1 christos 30 1.1 christos #ifndef OPENSSL_NO_DH 31 1.1.1.2 christos #include <openssl/dh.h> 32 1.1.1.2 christos #include "crypto/bn_dh.h" 33 1.1.1.2 christos #include "crypto/dh.h" 34 1.1 christos 35 1.1 christos static int cb(int p, int n, BN_GENCB *arg); 36 1.1 christos 37 1.1 christos static int dh_test(void) 38 1.1 christos { 39 1.1 christos DH *dh = NULL; 40 1.1 christos BIGNUM *p = NULL, *q = NULL, *g = NULL; 41 1.1 christos const BIGNUM *p2, *q2, *g2; 42 1.1 christos BIGNUM *priv_key = NULL; 43 1.1 christos const BIGNUM *pub_key2, *priv_key2; 44 1.1 christos BN_GENCB *_cb = NULL; 45 1.1 christos DH *a = NULL; 46 1.1 christos DH *b = NULL; 47 1.1 christos DH *c = NULL; 48 1.1 christos const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL; 49 1.1 christos const BIGNUM *bpub_key = NULL, *bpriv_key = NULL; 50 1.1 christos BIGNUM *bp = NULL, *bg = NULL, *cpriv_key = NULL; 51 1.1 christos unsigned char *abuf = NULL; 52 1.1 christos unsigned char *bbuf = NULL; 53 1.1 christos unsigned char *cbuf = NULL; 54 1.1 christos int i, alen, blen, clen, aout, bout, cout; 55 1.1 christos int ret = 0; 56 1.1 christos 57 1.1 christos if (!TEST_ptr(dh = DH_new()) 58 1.1 christos || !TEST_ptr(p = BN_new()) 59 1.1 christos || !TEST_ptr(q = BN_new()) 60 1.1 christos || !TEST_ptr(g = BN_new()) 61 1.1 christos || !TEST_ptr(priv_key = BN_new())) 62 1.1 christos goto err1; 63 1.1 christos 64 1.1 christos /* 65 1.1 christos * I) basic tests 66 1.1 christos */ 67 1.1 christos 68 1.1 christos /* using a small predefined Sophie Germain DH group with generator 3 */ 69 1.1 christos if (!TEST_true(BN_set_word(p, 4079L)) 70 1.1 christos || !TEST_true(BN_set_word(q, 2039L)) 71 1.1 christos || !TEST_true(BN_set_word(g, 3L)) 72 1.1 christos || !TEST_true(DH_set0_pqg(dh, p, q, g))) 73 1.1 christos goto err1; 74 1.1 christos 75 1.1 christos /* check fails, because p is way too small */ 76 1.1 christos if (!TEST_true(DH_check(dh, &i))) 77 1.1 christos goto err2; 78 1.1 christos i ^= DH_MODULUS_TOO_SMALL; 79 1.1 christos if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) 80 1.1.1.2 christos || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) 81 1.1.1.2 christos || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) 82 1.1.1.2 christos || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR) 83 1.1.1.2 christos || !TEST_false(i & DH_CHECK_Q_NOT_PRIME) 84 1.1.1.2 christos || !TEST_false(i & DH_CHECK_INVALID_Q_VALUE) 85 1.1.1.2 christos || !TEST_false(i & DH_CHECK_INVALID_J_VALUE) 86 1.1.1.2 christos || !TEST_false(i & DH_MODULUS_TOO_SMALL) 87 1.1.1.2 christos || !TEST_false(i & DH_MODULUS_TOO_LARGE) 88 1.1.1.2 christos || !TEST_false(i)) 89 1.1 christos goto err2; 90 1.1 christos 91 1.1 christos /* test the combined getter for p, q, and g */ 92 1.1 christos DH_get0_pqg(dh, &p2, &q2, &g2); 93 1.1 christos if (!TEST_ptr_eq(p2, p) 94 1.1 christos || !TEST_ptr_eq(q2, q) 95 1.1 christos || !TEST_ptr_eq(g2, g)) 96 1.1 christos goto err2; 97 1.1 christos 98 1.1 christos /* test the simple getters for p, q, and g */ 99 1.1 christos if (!TEST_ptr_eq(DH_get0_p(dh), p2) 100 1.1 christos || !TEST_ptr_eq(DH_get0_q(dh), q2) 101 1.1 christos || !TEST_ptr_eq(DH_get0_g(dh), g2)) 102 1.1 christos goto err2; 103 1.1 christos 104 1.1 christos /* set the private key only*/ 105 1.1 christos if (!TEST_true(BN_set_word(priv_key, 1234L)) 106 1.1 christos || !TEST_true(DH_set0_key(dh, NULL, priv_key))) 107 1.1 christos goto err2; 108 1.1 christos 109 1.1 christos /* test the combined getter for pub_key and priv_key */ 110 1.1 christos DH_get0_key(dh, &pub_key2, &priv_key2); 111 1.1 christos if (!TEST_ptr_eq(pub_key2, NULL) 112 1.1 christos || !TEST_ptr_eq(priv_key2, priv_key)) 113 1.1 christos goto err3; 114 1.1 christos 115 1.1 christos /* test the simple getters for pub_key and priv_key */ 116 1.1 christos if (!TEST_ptr_eq(DH_get0_pub_key(dh), pub_key2) 117 1.1 christos || !TEST_ptr_eq(DH_get0_priv_key(dh), priv_key2)) 118 1.1 christos goto err3; 119 1.1 christos 120 1.1 christos /* now generate a key pair (expect failure since modulus is too small) */ 121 1.1 christos if (!TEST_false(DH_generate_key(dh))) 122 1.1 christos goto err3; 123 1.1 christos 124 1.1 christos /* We'll have a stale error on the queue from the above test so clear it */ 125 1.1 christos ERR_clear_error(); 126 1.1 christos 127 1.1 christos if (!TEST_ptr(BN_copy(q, p)) || !TEST_true(BN_add(q, q, BN_value_one()))) 128 1.1 christos goto err3; 129 1.1 christos 130 1.1 christos if (!TEST_true(DH_check(dh, &i))) 131 1.1 christos goto err3; 132 1.1 christos if (!TEST_true(i & DH_CHECK_INVALID_Q_VALUE) 133 1.1 christos || !TEST_false(i & DH_CHECK_Q_NOT_PRIME)) 134 1.1 christos goto err3; 135 1.1 christos 136 1.1 christos /* Modulus of size: dh check max modulus bits + 1 */ 137 1.1 christos if (!TEST_true(BN_set_word(p, 1)) 138 1.1.1.2 christos || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS))) 139 1.1 christos goto err3; 140 1.1 christos 141 1.1 christos /* 142 1.1 christos * We expect no checks at all for an excessively large modulus 143 1.1 christos */ 144 1.1 christos if (!TEST_false(DH_check(dh, &i))) 145 1.1 christos goto err3; 146 1.1 christos 147 1.1 christos /* We'll have a stale error on the queue from the above test so clear it */ 148 1.1 christos ERR_clear_error(); 149 1.1 christos 150 1.1 christos /* 151 1.1 christos * II) key generation 152 1.1 christos */ 153 1.1 christos 154 1.1 christos /* generate a DH group ... */ 155 1.1 christos if (!TEST_ptr(_cb = BN_GENCB_new())) 156 1.1 christos goto err3; 157 1.1 christos BN_GENCB_set(_cb, &cb, NULL); 158 1.1 christos if (!TEST_ptr(a = DH_new()) 159 1.1.1.2 christos || !TEST_true(DH_generate_parameters_ex(a, 512, 160 1.1.1.2 christos DH_GENERATOR_5, _cb))) 161 1.1 christos goto err3; 162 1.1 christos 163 1.1 christos /* ... and check whether it is valid */ 164 1.1 christos if (!TEST_true(DH_check(a, &i))) 165 1.1 christos goto err3; 166 1.1 christos if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) 167 1.1.1.2 christos || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) 168 1.1.1.2 christos || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) 169 1.1.1.2 christos || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR) 170 1.1.1.2 christos || !TEST_false(i & DH_CHECK_Q_NOT_PRIME) 171 1.1.1.2 christos || !TEST_false(i & DH_CHECK_INVALID_Q_VALUE) 172 1.1.1.2 christos || !TEST_false(i & DH_CHECK_INVALID_J_VALUE) 173 1.1.1.2 christos || !TEST_false(i & DH_MODULUS_TOO_SMALL) 174 1.1.1.2 christos || !TEST_false(i & DH_MODULUS_TOO_LARGE) 175 1.1.1.2 christos || !TEST_false(i)) 176 1.1 christos goto err3; 177 1.1 christos 178 1.1 christos DH_get0_pqg(a, &ap, NULL, &ag); 179 1.1 christos 180 1.1 christos /* now create another copy of the DH group for the peer */ 181 1.1 christos if (!TEST_ptr(b = DH_new())) 182 1.1 christos goto err3; 183 1.1 christos 184 1.1 christos if (!TEST_ptr(bp = BN_dup(ap)) 185 1.1.1.2 christos || !TEST_ptr(bg = BN_dup(ag)) 186 1.1.1.2 christos || !TEST_true(DH_set0_pqg(b, bp, NULL, bg))) 187 1.1 christos goto err3; 188 1.1 christos bp = bg = NULL; 189 1.1 christos 190 1.1 christos /* 191 1.1 christos * III) simulate a key exchange 192 1.1 christos */ 193 1.1 christos 194 1.1 christos if (!DH_generate_key(a)) 195 1.1 christos goto err3; 196 1.1 christos DH_get0_key(a, &apub_key, NULL); 197 1.1 christos 198 1.1 christos if (!DH_generate_key(b)) 199 1.1 christos goto err3; 200 1.1 christos DH_get0_key(b, &bpub_key, &bpriv_key); 201 1.1 christos 202 1.1 christos /* Also test with a private-key-only copy of |b|. */ 203 1.1 christos if (!TEST_ptr(c = DHparams_dup(b)) 204 1.1.1.2 christos || !TEST_ptr(cpriv_key = BN_dup(bpriv_key)) 205 1.1.1.2 christos || !TEST_true(DH_set0_key(c, NULL, cpriv_key))) 206 1.1 christos goto err3; 207 1.1 christos cpriv_key = NULL; 208 1.1 christos 209 1.1 christos alen = DH_size(a); 210 1.1 christos if (!TEST_ptr(abuf = OPENSSL_malloc(alen)) 211 1.1.1.2 christos || !TEST_int_gt((aout = DH_compute_key(abuf, bpub_key, a)), 0)) 212 1.1 christos goto err3; 213 1.1 christos 214 1.1 christos blen = DH_size(b); 215 1.1 christos if (!TEST_ptr(bbuf = OPENSSL_malloc(blen)) 216 1.1.1.2 christos || !TEST_int_gt((bout = DH_compute_key(bbuf, apub_key, b)), 0)) 217 1.1 christos goto err3; 218 1.1 christos 219 1.1 christos clen = DH_size(c); 220 1.1 christos if (!TEST_ptr(cbuf = OPENSSL_malloc(clen)) 221 1.1.1.2 christos || !TEST_int_gt((cout = DH_compute_key(cbuf, apub_key, c)), 0)) 222 1.1 christos goto err3; 223 1.1 christos 224 1.1 christos if (!TEST_true(aout >= 20) 225 1.1.1.2 christos || !TEST_mem_eq(abuf, aout, bbuf, bout) 226 1.1.1.2 christos || !TEST_mem_eq(abuf, aout, cbuf, cout)) 227 1.1 christos goto err3; 228 1.1 christos 229 1.1 christos ret = 1; 230 1.1 christos goto success; 231 1.1 christos 232 1.1.1.2 christos err1: 233 1.1 christos /* an error occurred before p,q,g were assigned to dh */ 234 1.1 christos BN_free(p); 235 1.1 christos BN_free(q); 236 1.1 christos BN_free(g); 237 1.1.1.2 christos err2: 238 1.1 christos /* an error occurred before priv_key was assigned to dh */ 239 1.1 christos BN_free(priv_key); 240 1.1.1.2 christos err3: 241 1.1.1.2 christos success: 242 1.1 christos OPENSSL_free(abuf); 243 1.1 christos OPENSSL_free(bbuf); 244 1.1 christos OPENSSL_free(cbuf); 245 1.1 christos DH_free(b); 246 1.1 christos DH_free(a); 247 1.1 christos DH_free(c); 248 1.1 christos BN_free(bp); 249 1.1 christos BN_free(bg); 250 1.1 christos BN_free(cpriv_key); 251 1.1 christos BN_GENCB_free(_cb); 252 1.1 christos DH_free(dh); 253 1.1 christos 254 1.1 christos return ret; 255 1.1 christos } 256 1.1 christos 257 1.1 christos static int cb(int p, int n, BN_GENCB *arg) 258 1.1 christos { 259 1.1 christos return 1; 260 1.1 christos } 261 1.1 christos 262 1.1 christos static int dh_computekey_range_test(void) 263 1.1 christos { 264 1.1 christos int ret = 0, sz; 265 1.1 christos DH *dh = NULL; 266 1.1 christos BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL; 267 1.1 christos unsigned char *buf = NULL; 268 1.1 christos 269 1.1 christos if (!TEST_ptr(p = BN_dup(&ossl_bignum_ffdhe2048_p)) 270 1.1 christos || !TEST_ptr(q = BN_dup(&ossl_bignum_ffdhe2048_q)) 271 1.1 christos || !TEST_ptr(g = BN_dup(&ossl_bignum_const_2)) 272 1.1 christos || !TEST_ptr(dh = DH_new()) 273 1.1 christos || !TEST_true(DH_set0_pqg(dh, p, q, g))) 274 1.1 christos goto err; 275 1.1 christos p = q = g = NULL; 276 1.1 christos 277 1.1 christos if (!TEST_int_gt(sz = DH_size(dh), 0) 278 1.1 christos || !TEST_ptr(buf = OPENSSL_malloc(sz)) 279 1.1 christos || !TEST_ptr(pub = BN_new()) 280 1.1 christos || !TEST_ptr(priv = BN_new())) 281 1.1 christos goto err; 282 1.1 christos 283 1.1 christos if (!TEST_true(BN_set_word(priv, 1)) 284 1.1 christos || !TEST_true(DH_set0_key(dh, NULL, priv))) 285 1.1 christos goto err; 286 1.1 christos priv = NULL; 287 1.1 christos if (!TEST_true(BN_set_word(pub, 1))) 288 1.1 christos goto err; 289 1.1 christos 290 1.1 christos /* Given z = pub ^ priv mod p */ 291 1.1 christos 292 1.1 christos /* Test that z == 1 fails */ 293 1.1 christos if (!TEST_int_le(ossl_dh_compute_key(buf, pub, dh), 0)) 294 1.1 christos goto err; 295 1.1 christos /* Test that z == 0 fails */ 296 1.1 christos if (!TEST_ptr(BN_copy(pub, DH_get0_p(dh))) 297 1.1 christos || !TEST_int_le(ossl_dh_compute_key(buf, pub, dh), 0)) 298 1.1 christos goto err; 299 1.1 christos /* Test that z == p - 1 fails */ 300 1.1 christos if (!TEST_true(BN_sub_word(pub, 1)) 301 1.1 christos || !TEST_int_le(ossl_dh_compute_key(buf, pub, dh), 0)) 302 1.1 christos goto err; 303 1.1 christos /* Test that z == p - 2 passes */ 304 1.1 christos if (!TEST_true(BN_sub_word(pub, 1)) 305 1.1 christos || !TEST_int_eq(ossl_dh_compute_key(buf, pub, dh), sz)) 306 1.1 christos goto err; 307 1.1 christos 308 1.1 christos ret = 1; 309 1.1 christos err: 310 1.1 christos OPENSSL_free(buf); 311 1.1 christos BN_free(priv); 312 1.1 christos BN_free(pub); 313 1.1 christos BN_free(g); 314 1.1 christos BN_free(q); 315 1.1 christos BN_free(p); 316 1.1 christos DH_free(dh); 317 1.1 christos return ret; 318 1.1 christos } 319 1.1 christos 320 1.1 christos /* Test data from RFC 5114 */ 321 1.1 christos 322 1.1 christos static const unsigned char dhtest_1024_160_xA[] = { 323 1.1 christos 0xB9, 0xA3, 0xB3, 0xAE, 0x8F, 0xEF, 0xC1, 0xA2, 0x93, 0x04, 0x96, 0x50, 324 1.1 christos 0x70, 0x86, 0xF8, 0x45, 0x5D, 0x48, 0x94, 0x3E 325 1.1 christos }; 326 1.1 christos 327 1.1 christos static const unsigned char dhtest_1024_160_yA[] = { 328 1.1 christos 0x2A, 0x85, 0x3B, 0x3D, 0x92, 0x19, 0x75, 0x01, 0xB9, 0x01, 0x5B, 0x2D, 329 1.1 christos 0xEB, 0x3E, 0xD8, 0x4F, 0x5E, 0x02, 0x1D, 0xCC, 0x3E, 0x52, 0xF1, 0x09, 330 1.1 christos 0xD3, 0x27, 0x3D, 0x2B, 0x75, 0x21, 0x28, 0x1C, 0xBA, 0xBE, 0x0E, 0x76, 331 1.1 christos 0xFF, 0x57, 0x27, 0xFA, 0x8A, 0xCC, 0xE2, 0x69, 0x56, 0xBA, 0x9A, 0x1F, 332 1.1 christos 0xCA, 0x26, 0xF2, 0x02, 0x28, 0xD8, 0x69, 0x3F, 0xEB, 0x10, 0x84, 0x1D, 333 1.1 christos 0x84, 0xA7, 0x36, 0x00, 0x54, 0xEC, 0xE5, 0xA7, 0xF5, 0xB7, 0xA6, 0x1A, 334 1.1 christos 0xD3, 0xDF, 0xB3, 0xC6, 0x0D, 0x2E, 0x43, 0x10, 0x6D, 0x87, 0x27, 0xDA, 335 1.1 christos 0x37, 0xDF, 0x9C, 0xCE, 0x95, 0xB4, 0x78, 0x75, 0x5D, 0x06, 0xBC, 0xEA, 336 1.1 christos 0x8F, 0x9D, 0x45, 0x96, 0x5F, 0x75, 0xA5, 0xF3, 0xD1, 0xDF, 0x37, 0x01, 337 1.1 christos 0x16, 0x5F, 0xC9, 0xE5, 0x0C, 0x42, 0x79, 0xCE, 0xB0, 0x7F, 0x98, 0x95, 338 1.1 christos 0x40, 0xAE, 0x96, 0xD5, 0xD8, 0x8E, 0xD7, 0x76 339 1.1 christos }; 340 1.1 christos 341 1.1 christos static const unsigned char dhtest_1024_160_xB[] = { 342 1.1 christos 0x93, 0x92, 0xC9, 0xF9, 0xEB, 0x6A, 0x7A, 0x6A, 0x90, 0x22, 0xF7, 0xD8, 343 1.1 christos 0x3E, 0x72, 0x23, 0xC6, 0x83, 0x5B, 0xBD, 0xDA 344 1.1 christos }; 345 1.1 christos 346 1.1 christos static const unsigned char dhtest_1024_160_yB[] = { 347 1.1 christos 0x71, 0x7A, 0x6C, 0xB0, 0x53, 0x37, 0x1F, 0xF4, 0xA3, 0xB9, 0x32, 0x94, 348 1.1 christos 0x1C, 0x1E, 0x56, 0x63, 0xF8, 0x61, 0xA1, 0xD6, 0xAD, 0x34, 0xAE, 0x66, 349 1.1 christos 0x57, 0x6D, 0xFB, 0x98, 0xF6, 0xC6, 0xCB, 0xF9, 0xDD, 0xD5, 0xA5, 0x6C, 350 1.1 christos 0x78, 0x33, 0xF6, 0xBC, 0xFD, 0xFF, 0x09, 0x55, 0x82, 0xAD, 0x86, 0x8E, 351 1.1 christos 0x44, 0x0E, 0x8D, 0x09, 0xFD, 0x76, 0x9E, 0x3C, 0xEC, 0xCD, 0xC3, 0xD3, 352 1.1 christos 0xB1, 0xE4, 0xCF, 0xA0, 0x57, 0x77, 0x6C, 0xAA, 0xF9, 0x73, 0x9B, 0x6A, 353 1.1 christos 0x9F, 0xEE, 0x8E, 0x74, 0x11, 0xF8, 0xD6, 0xDA, 0xC0, 0x9D, 0x6A, 0x4E, 354 1.1 christos 0xDB, 0x46, 0xCC, 0x2B, 0x5D, 0x52, 0x03, 0x09, 0x0E, 0xAE, 0x61, 0x26, 355 1.1 christos 0x31, 0x1E, 0x53, 0xFD, 0x2C, 0x14, 0xB5, 0x74, 0xE6, 0xA3, 0x10, 0x9A, 356 1.1 christos 0x3D, 0xA1, 0xBE, 0x41, 0xBD, 0xCE, 0xAA, 0x18, 0x6F, 0x5C, 0xE0, 0x67, 357 1.1 christos 0x16, 0xA2, 0xB6, 0xA0, 0x7B, 0x3C, 0x33, 0xFE 358 1.1 christos }; 359 1.1 christos 360 1.1 christos static const unsigned char dhtest_1024_160_Z[] = { 361 1.1 christos 0x5C, 0x80, 0x4F, 0x45, 0x4D, 0x30, 0xD9, 0xC4, 0xDF, 0x85, 0x27, 0x1F, 362 1.1 christos 0x93, 0x52, 0x8C, 0x91, 0xDF, 0x6B, 0x48, 0xAB, 0x5F, 0x80, 0xB3, 0xB5, 363 1.1 christos 0x9C, 0xAA, 0xC1, 0xB2, 0x8F, 0x8A, 0xCB, 0xA9, 0xCD, 0x3E, 0x39, 0xF3, 364 1.1 christos 0xCB, 0x61, 0x45, 0x25, 0xD9, 0x52, 0x1D, 0x2E, 0x64, 0x4C, 0x53, 0xB8, 365 1.1 christos 0x07, 0xB8, 0x10, 0xF3, 0x40, 0x06, 0x2F, 0x25, 0x7D, 0x7D, 0x6F, 0xBF, 366 1.1 christos 0xE8, 0xD5, 0xE8, 0xF0, 0x72, 0xE9, 0xB6, 0xE9, 0xAF, 0xDA, 0x94, 0x13, 367 1.1 christos 0xEA, 0xFB, 0x2E, 0x8B, 0x06, 0x99, 0xB1, 0xFB, 0x5A, 0x0C, 0xAC, 0xED, 368 1.1 christos 0xDE, 0xAE, 0xAD, 0x7E, 0x9C, 0xFB, 0xB3, 0x6A, 0xE2, 0xB4, 0x20, 0x83, 369 1.1 christos 0x5B, 0xD8, 0x3A, 0x19, 0xFB, 0x0B, 0x5E, 0x96, 0xBF, 0x8F, 0xA4, 0xD0, 370 1.1 christos 0x9E, 0x34, 0x55, 0x25, 0x16, 0x7E, 0xCD, 0x91, 0x55, 0x41, 0x6F, 0x46, 371 1.1 christos 0xF4, 0x08, 0xED, 0x31, 0xB6, 0x3C, 0x6E, 0x6D 372 1.1 christos }; 373 1.1 christos 374 1.1 christos static const unsigned char dhtest_2048_224_xA[] = { 375 1.1 christos 0x22, 0xE6, 0x26, 0x01, 0xDB, 0xFF, 0xD0, 0x67, 0x08, 0xA6, 0x80, 0xF7, 376 1.1 christos 0x47, 0xF3, 0x61, 0xF7, 0x6D, 0x8F, 0x4F, 0x72, 0x1A, 0x05, 0x48, 0xE4, 377 1.1 christos 0x83, 0x29, 0x4B, 0x0C 378 1.1 christos }; 379 1.1 christos 380 1.1 christos static const unsigned char dhtest_2048_224_yA[] = { 381 1.1 christos 0x1B, 0x3A, 0x63, 0x45, 0x1B, 0xD8, 0x86, 0xE6, 0x99, 0xE6, 0x7B, 0x49, 382 1.1 christos 0x4E, 0x28, 0x8B, 0xD7, 0xF8, 0xE0, 0xD3, 0x70, 0xBA, 0xDD, 0xA7, 0xA0, 383 1.1 christos 0xEF, 0xD2, 0xFD, 0xE7, 0xD8, 0xF6, 0x61, 0x45, 0xCC, 0x9F, 0x28, 0x04, 384 1.1 christos 0x19, 0x97, 0x5E, 0xB8, 0x08, 0x87, 0x7C, 0x8A, 0x4C, 0x0C, 0x8E, 0x0B, 385 1.1 christos 0xD4, 0x8D, 0x4A, 0x54, 0x01, 0xEB, 0x1E, 0x87, 0x76, 0xBF, 0xEE, 0xE1, 386 1.1 christos 0x34, 0xC0, 0x38, 0x31, 0xAC, 0x27, 0x3C, 0xD9, 0xD6, 0x35, 0xAB, 0x0C, 387 1.1 christos 0xE0, 0x06, 0xA4, 0x2A, 0x88, 0x7E, 0x3F, 0x52, 0xFB, 0x87, 0x66, 0xB6, 388 1.1 christos 0x50, 0xF3, 0x80, 0x78, 0xBC, 0x8E, 0xE8, 0x58, 0x0C, 0xEF, 0xE2, 0x43, 389 1.1 christos 0x96, 0x8C, 0xFC, 0x4F, 0x8D, 0xC3, 0xDB, 0x08, 0x45, 0x54, 0x17, 0x1D, 390 1.1 christos 0x41, 0xBF, 0x2E, 0x86, 0x1B, 0x7B, 0xB4, 0xD6, 0x9D, 0xD0, 0xE0, 0x1E, 391 1.1 christos 0xA3, 0x87, 0xCB, 0xAA, 0x5C, 0xA6, 0x72, 0xAF, 0xCB, 0xE8, 0xBD, 0xB9, 392 1.1 christos 0xD6, 0x2D, 0x4C, 0xE1, 0x5F, 0x17, 0xDD, 0x36, 0xF9, 0x1E, 0xD1, 0xEE, 393 1.1 christos 0xDD, 0x65, 0xCA, 0x4A, 0x06, 0x45, 0x5C, 0xB9, 0x4C, 0xD4, 0x0A, 0x52, 394 1.1 christos 0xEC, 0x36, 0x0E, 0x84, 0xB3, 0xC9, 0x26, 0xE2, 0x2C, 0x43, 0x80, 0xA3, 395 1.1 christos 0xBF, 0x30, 0x9D, 0x56, 0x84, 0x97, 0x68, 0xB7, 0xF5, 0x2C, 0xFD, 0xF6, 396 1.1 christos 0x55, 0xFD, 0x05, 0x3A, 0x7E, 0xF7, 0x06, 0x97, 0x9E, 0x7E, 0x58, 0x06, 397 1.1 christos 0xB1, 0x7D, 0xFA, 0xE5, 0x3A, 0xD2, 0xA5, 0xBC, 0x56, 0x8E, 0xBB, 0x52, 398 1.1 christos 0x9A, 0x7A, 0x61, 0xD6, 0x8D, 0x25, 0x6F, 0x8F, 0xC9, 0x7C, 0x07, 0x4A, 399 1.1 christos 0x86, 0x1D, 0x82, 0x7E, 0x2E, 0xBC, 0x8C, 0x61, 0x34, 0x55, 0x31, 0x15, 400 1.1 christos 0xB7, 0x0E, 0x71, 0x03, 0x92, 0x0A, 0xA1, 0x6D, 0x85, 0xE5, 0x2B, 0xCB, 401 1.1 christos 0xAB, 0x8D, 0x78, 0x6A, 0x68, 0x17, 0x8F, 0xA8, 0xFF, 0x7C, 0x2F, 0x5C, 402 1.1 christos 0x71, 0x64, 0x8D, 0x6F 403 1.1 christos }; 404 1.1 christos 405 1.1 christos static const unsigned char dhtest_2048_224_xB[] = { 406 1.1 christos 0x4F, 0xF3, 0xBC, 0x96, 0xC7, 0xFC, 0x6A, 0x6D, 0x71, 0xD3, 0xB3, 0x63, 407 1.1 christos 0x80, 0x0A, 0x7C, 0xDF, 0xEF, 0x6F, 0xC4, 0x1B, 0x44, 0x17, 0xEA, 0x15, 408 1.1 christos 0x35, 0x3B, 0x75, 0x90 409 1.1 christos }; 410 1.1 christos 411 1.1 christos static const unsigned char dhtest_2048_224_yB[] = { 412 1.1 christos 0x4D, 0xCE, 0xE9, 0x92, 0xA9, 0x76, 0x2A, 0x13, 0xF2, 0xF8, 0x38, 0x44, 413 1.1 christos 0xAD, 0x3D, 0x77, 0xEE, 0x0E, 0x31, 0xC9, 0x71, 0x8B, 0x3D, 0xB6, 0xC2, 414 1.1 christos 0x03, 0x5D, 0x39, 0x61, 0x18, 0x2C, 0x3E, 0x0B, 0xA2, 0x47, 0xEC, 0x41, 415 1.1 christos 0x82, 0xD7, 0x60, 0xCD, 0x48, 0xD9, 0x95, 0x99, 0x97, 0x06, 0x22, 0xA1, 416 1.1 christos 0x88, 0x1B, 0xBA, 0x2D, 0xC8, 0x22, 0x93, 0x9C, 0x78, 0xC3, 0x91, 0x2C, 417 1.1 christos 0x66, 0x61, 0xFA, 0x54, 0x38, 0xB2, 0x07, 0x66, 0x22, 0x2B, 0x75, 0xE2, 418 1.1 christos 0x4C, 0x2E, 0x3A, 0xD0, 0xC7, 0x28, 0x72, 0x36, 0x12, 0x95, 0x25, 0xEE, 419 1.1 christos 0x15, 0xB5, 0xDD, 0x79, 0x98, 0xAA, 0x04, 0xC4, 0xA9, 0x69, 0x6C, 0xAC, 420 1.1 christos 0xD7, 0x17, 0x20, 0x83, 0xA9, 0x7A, 0x81, 0x66, 0x4E, 0xAD, 0x2C, 0x47, 421 1.1 christos 0x9E, 0x44, 0x4E, 0x4C, 0x06, 0x54, 0xCC, 0x19, 0xE2, 0x8D, 0x77, 0x03, 422 1.1 christos 0xCE, 0xE8, 0xDA, 0xCD, 0x61, 0x26, 0xF5, 0xD6, 0x65, 0xEC, 0x52, 0xC6, 423 1.1 christos 0x72, 0x55, 0xDB, 0x92, 0x01, 0x4B, 0x03, 0x7E, 0xB6, 0x21, 0xA2, 0xAC, 424 1.1 christos 0x8E, 0x36, 0x5D, 0xE0, 0x71, 0xFF, 0xC1, 0x40, 0x0A, 0xCF, 0x07, 0x7A, 425 1.1 christos 0x12, 0x91, 0x3D, 0xD8, 0xDE, 0x89, 0x47, 0x34, 0x37, 0xAB, 0x7B, 0xA3, 426 1.1 christos 0x46, 0x74, 0x3C, 0x1B, 0x21, 0x5D, 0xD9, 0xC1, 0x21, 0x64, 0xA7, 0xE4, 427 1.1 christos 0x05, 0x31, 0x18, 0xD1, 0x99, 0xBE, 0xC8, 0xEF, 0x6F, 0xC5, 0x61, 0x17, 428 1.1 christos 0x0C, 0x84, 0xC8, 0x7D, 0x10, 0xEE, 0x9A, 0x67, 0x4A, 0x1F, 0xA8, 0xFF, 429 1.1 christos 0xE1, 0x3B, 0xDF, 0xBA, 0x1D, 0x44, 0xDE, 0x48, 0x94, 0x6D, 0x68, 0xDC, 430 1.1 christos 0x0C, 0xDD, 0x77, 0x76, 0x35, 0xA7, 0xAB, 0x5B, 0xFB, 0x1E, 0x4B, 0xB7, 431 1.1 christos 0xB8, 0x56, 0xF9, 0x68, 0x27, 0x73, 0x4C, 0x18, 0x41, 0x38, 0xE9, 0x15, 432 1.1 christos 0xD9, 0xC3, 0x00, 0x2E, 0xBC, 0xE5, 0x31, 0x20, 0x54, 0x6A, 0x7E, 0x20, 433 1.1 christos 0x02, 0x14, 0x2B, 0x6C 434 1.1 christos }; 435 1.1 christos 436 1.1 christos static const unsigned char dhtest_2048_224_Z[] = { 437 1.1 christos 0x34, 0xD9, 0xBD, 0xDC, 0x1B, 0x42, 0x17, 0x6C, 0x31, 0x3F, 0xEA, 0x03, 438 1.1 christos 0x4C, 0x21, 0x03, 0x4D, 0x07, 0x4A, 0x63, 0x13, 0xBB, 0x4E, 0xCD, 0xB3, 439 1.1 christos 0x70, 0x3F, 0xFF, 0x42, 0x45, 0x67, 0xA4, 0x6B, 0xDF, 0x75, 0x53, 0x0E, 440 1.1 christos 0xDE, 0x0A, 0x9D, 0xA5, 0x22, 0x9D, 0xE7, 0xD7, 0x67, 0x32, 0x28, 0x6C, 441 1.1 christos 0xBC, 0x0F, 0x91, 0xDA, 0x4C, 0x3C, 0x85, 0x2F, 0xC0, 0x99, 0xC6, 0x79, 442 1.1 christos 0x53, 0x1D, 0x94, 0xC7, 0x8A, 0xB0, 0x3D, 0x9D, 0xEC, 0xB0, 0xA4, 0xE4, 443 1.1 christos 0xCA, 0x8B, 0x2B, 0xB4, 0x59, 0x1C, 0x40, 0x21, 0xCF, 0x8C, 0xE3, 0xA2, 444 1.1 christos 0x0A, 0x54, 0x1D, 0x33, 0x99, 0x40, 0x17, 0xD0, 0x20, 0x0A, 0xE2, 0xC9, 445 1.1 christos 0x51, 0x6E, 0x2F, 0xF5, 0x14, 0x57, 0x79, 0x26, 0x9E, 0x86, 0x2B, 0x0F, 446 1.1 christos 0xB4, 0x74, 0xA2, 0xD5, 0x6D, 0xC3, 0x1E, 0xD5, 0x69, 0xA7, 0x70, 0x0B, 447 1.1 christos 0x4C, 0x4A, 0xB1, 0x6B, 0x22, 0xA4, 0x55, 0x13, 0x53, 0x1E, 0xF5, 0x23, 448 1.1 christos 0xD7, 0x12, 0x12, 0x07, 0x7B, 0x5A, 0x16, 0x9B, 0xDE, 0xFF, 0xAD, 0x7A, 449 1.1 christos 0xD9, 0x60, 0x82, 0x84, 0xC7, 0x79, 0x5B, 0x6D, 0x5A, 0x51, 0x83, 0xB8, 450 1.1 christos 0x70, 0x66, 0xDE, 0x17, 0xD8, 0xD6, 0x71, 0xC9, 0xEB, 0xD8, 0xEC, 0x89, 451 1.1 christos 0x54, 0x4D, 0x45, 0xEC, 0x06, 0x15, 0x93, 0xD4, 0x42, 0xC6, 0x2A, 0xB9, 452 1.1 christos 0xCE, 0x3B, 0x1C, 0xB9, 0x94, 0x3A, 0x1D, 0x23, 0xA5, 0xEA, 0x3B, 0xCF, 453 1.1 christos 0x21, 0xA0, 0x14, 0x71, 0xE6, 0x7E, 0x00, 0x3E, 0x7F, 0x8A, 0x69, 0xC7, 454 1.1 christos 0x28, 0xBE, 0x49, 0x0B, 0x2F, 0xC8, 0x8C, 0xFE, 0xB9, 0x2D, 0xB6, 0xA2, 455 1.1 christos 0x15, 0xE5, 0xD0, 0x3C, 0x17, 0xC4, 0x64, 0xC9, 0xAC, 0x1A, 0x46, 0xE2, 456 1.1 christos 0x03, 0xE1, 0x3F, 0x95, 0x29, 0x95, 0xFB, 0x03, 0xC6, 0x9D, 0x3C, 0xC4, 457 1.1 christos 0x7F, 0xCB, 0x51, 0x0B, 0x69, 0x98, 0xFF, 0xD3, 0xAA, 0x6D, 0xE7, 0x3C, 458 1.1 christos 0xF9, 0xF6, 0x38, 0x69 459 1.1 christos }; 460 1.1 christos 461 1.1 christos static const unsigned char dhtest_2048_256_xA[] = { 462 1.1 christos 0x08, 0x81, 0x38, 0x2C, 0xDB, 0x87, 0x66, 0x0C, 0x6D, 0xC1, 0x3E, 0x61, 463 1.1 christos 0x49, 0x38, 0xD5, 0xB9, 0xC8, 0xB2, 0xF2, 0x48, 0x58, 0x1C, 0xC5, 0xE3, 464 1.1 christos 0x1B, 0x35, 0x45, 0x43, 0x97, 0xFC, 0xE5, 0x0E 465 1.1 christos }; 466 1.1 christos 467 1.1 christos static const unsigned char dhtest_2048_256_yA[] = { 468 1.1 christos 0x2E, 0x93, 0x80, 0xC8, 0x32, 0x3A, 0xF9, 0x75, 0x45, 0xBC, 0x49, 0x41, 469 1.1 christos 0xDE, 0xB0, 0xEC, 0x37, 0x42, 0xC6, 0x2F, 0xE0, 0xEC, 0xE8, 0x24, 0xA6, 470 1.1 christos 0xAB, 0xDB, 0xE6, 0x6C, 0x59, 0xBE, 0xE0, 0x24, 0x29, 0x11, 0xBF, 0xB9, 471 1.1 christos 0x67, 0x23, 0x5C, 0xEB, 0xA3, 0x5A, 0xE1, 0x3E, 0x4E, 0xC7, 0x52, 0xBE, 472 1.1 christos 0x63, 0x0B, 0x92, 0xDC, 0x4B, 0xDE, 0x28, 0x47, 0xA9, 0xC6, 0x2C, 0xB8, 473 1.1 christos 0x15, 0x27, 0x45, 0x42, 0x1F, 0xB7, 0xEB, 0x60, 0xA6, 0x3C, 0x0F, 0xE9, 474 1.1 christos 0x15, 0x9F, 0xCC, 0xE7, 0x26, 0xCE, 0x7C, 0xD8, 0x52, 0x3D, 0x74, 0x50, 475 1.1 christos 0x66, 0x7E, 0xF8, 0x40, 0xE4, 0x91, 0x91, 0x21, 0xEB, 0x5F, 0x01, 0xC8, 476 1.1 christos 0xC9, 0xB0, 0xD3, 0xD6, 0x48, 0xA9, 0x3B, 0xFB, 0x75, 0x68, 0x9E, 0x82, 477 1.1 christos 0x44, 0xAC, 0x13, 0x4A, 0xF5, 0x44, 0x71, 0x1C, 0xE7, 0x9A, 0x02, 0xDC, 478 1.1 christos 0xC3, 0x42, 0x26, 0x68, 0x47, 0x80, 0xDD, 0xDC, 0xB4, 0x98, 0x59, 0x41, 479 1.1 christos 0x06, 0xC3, 0x7F, 0x5B, 0xC7, 0x98, 0x56, 0x48, 0x7A, 0xF5, 0xAB, 0x02, 480 1.1 christos 0x2A, 0x2E, 0x5E, 0x42, 0xF0, 0x98, 0x97, 0xC1, 0xA8, 0x5A, 0x11, 0xEA, 481 1.1 christos 0x02, 0x12, 0xAF, 0x04, 0xD9, 0xB4, 0xCE, 0xBC, 0x93, 0x7C, 0x3C, 0x1A, 482 1.1 christos 0x3E, 0x15, 0xA8, 0xA0, 0x34, 0x2E, 0x33, 0x76, 0x15, 0xC8, 0x4E, 0x7F, 483 1.1 christos 0xE3, 0xB8, 0xB9, 0xB8, 0x7F, 0xB1, 0xE7, 0x3A, 0x15, 0xAF, 0x12, 0xA3, 484 1.1 christos 0x0D, 0x74, 0x6E, 0x06, 0xDF, 0xC3, 0x4F, 0x29, 0x0D, 0x79, 0x7C, 0xE5, 485 1.1 christos 0x1A, 0xA1, 0x3A, 0xA7, 0x85, 0xBF, 0x66, 0x58, 0xAF, 0xF5, 0xE4, 0xB0, 486 1.1 christos 0x93, 0x00, 0x3C, 0xBE, 0xAF, 0x66, 0x5B, 0x3C, 0x2E, 0x11, 0x3A, 0x3A, 487 1.1 christos 0x4E, 0x90, 0x52, 0x69, 0x34, 0x1D, 0xC0, 0x71, 0x14, 0x26, 0x68, 0x5F, 488 1.1 christos 0x4E, 0xF3, 0x7E, 0x86, 0x8A, 0x81, 0x26, 0xFF, 0x3F, 0x22, 0x79, 0xB5, 489 1.1 christos 0x7C, 0xA6, 0x7E, 0x29 490 1.1 christos }; 491 1.1 christos 492 1.1 christos static const unsigned char dhtest_2048_256_xB[] = { 493 1.1 christos 0x7D, 0x62, 0xA7, 0xE3, 0xEF, 0x36, 0xDE, 0x61, 0x7B, 0x13, 0xD1, 0xAF, 494 1.1 christos 0xB8, 0x2C, 0x78, 0x0D, 0x83, 0xA2, 0x3B, 0xD4, 0xEE, 0x67, 0x05, 0x64, 495 1.1 christos 0x51, 0x21, 0xF3, 0x71, 0xF5, 0x46, 0xA5, 0x3D 496 1.1 christos }; 497 1.1 christos 498 1.1 christos static const unsigned char dhtest_2048_256_yB[] = { 499 1.1 christos 0x57, 0x5F, 0x03, 0x51, 0xBD, 0x2B, 0x1B, 0x81, 0x74, 0x48, 0xBD, 0xF8, 500 1.1 christos 0x7A, 0x6C, 0x36, 0x2C, 0x1E, 0x28, 0x9D, 0x39, 0x03, 0xA3, 0x0B, 0x98, 501 1.1 christos 0x32, 0xC5, 0x74, 0x1F, 0xA2, 0x50, 0x36, 0x3E, 0x7A, 0xCB, 0xC7, 0xF7, 502 1.1 christos 0x7F, 0x3D, 0xAC, 0xBC, 0x1F, 0x13, 0x1A, 0xDD, 0x8E, 0x03, 0x36, 0x7E, 503 1.1 christos 0xFF, 0x8F, 0xBB, 0xB3, 0xE1, 0xC5, 0x78, 0x44, 0x24, 0x80, 0x9B, 0x25, 504 1.1 christos 0xAF, 0xE4, 0xD2, 0x26, 0x2A, 0x1A, 0x6F, 0xD2, 0xFA, 0xB6, 0x41, 0x05, 505 1.1 christos 0xCA, 0x30, 0xA6, 0x74, 0xE0, 0x7F, 0x78, 0x09, 0x85, 0x20, 0x88, 0x63, 506 1.1 christos 0x2F, 0xC0, 0x49, 0x23, 0x37, 0x91, 0xAD, 0x4E, 0xDD, 0x08, 0x3A, 0x97, 507 1.1 christos 0x8B, 0x88, 0x3E, 0xE6, 0x18, 0xBC, 0x5E, 0x0D, 0xD0, 0x47, 0x41, 0x5F, 508 1.1 christos 0x2D, 0x95, 0xE6, 0x83, 0xCF, 0x14, 0x82, 0x6B, 0x5F, 0xBE, 0x10, 0xD3, 509 1.1 christos 0xCE, 0x41, 0xC6, 0xC1, 0x20, 0xC7, 0x8A, 0xB2, 0x00, 0x08, 0xC6, 0x98, 510 1.1 christos 0xBF, 0x7F, 0x0B, 0xCA, 0xB9, 0xD7, 0xF4, 0x07, 0xBE, 0xD0, 0xF4, 0x3A, 511 1.1 christos 0xFB, 0x29, 0x70, 0xF5, 0x7F, 0x8D, 0x12, 0x04, 0x39, 0x63, 0xE6, 0x6D, 512 1.1 christos 0xDD, 0x32, 0x0D, 0x59, 0x9A, 0xD9, 0x93, 0x6C, 0x8F, 0x44, 0x13, 0x7C, 513 1.1 christos 0x08, 0xB1, 0x80, 0xEC, 0x5E, 0x98, 0x5C, 0xEB, 0xE1, 0x86, 0xF3, 0xD5, 514 1.1 christos 0x49, 0x67, 0x7E, 0x80, 0x60, 0x73, 0x31, 0xEE, 0x17, 0xAF, 0x33, 0x80, 515 1.1 christos 0xA7, 0x25, 0xB0, 0x78, 0x23, 0x17, 0xD7, 0xDD, 0x43, 0xF5, 0x9D, 0x7A, 516 1.1 christos 0xF9, 0x56, 0x8A, 0x9B, 0xB6, 0x3A, 0x84, 0xD3, 0x65, 0xF9, 0x22, 0x44, 517 1.1 christos 0xED, 0x12, 0x09, 0x88, 0x21, 0x93, 0x02, 0xF4, 0x29, 0x24, 0xC7, 0xCA, 518 1.1 christos 0x90, 0xB8, 0x9D, 0x24, 0xF7, 0x1B, 0x0A, 0xB6, 0x97, 0x82, 0x3D, 0x7D, 519 1.1 christos 0xEB, 0x1A, 0xFF, 0x5B, 0x0E, 0x8E, 0x4A, 0x45, 0xD4, 0x9F, 0x7F, 0x53, 520 1.1 christos 0x75, 0x7E, 0x19, 0x13 521 1.1 christos }; 522 1.1 christos 523 1.1 christos static const unsigned char dhtest_2048_256_Z[] = { 524 1.1 christos 0x86, 0xC7, 0x0B, 0xF8, 0xD0, 0xBB, 0x81, 0xBB, 0x01, 0x07, 0x8A, 0x17, 525 1.1 christos 0x21, 0x9C, 0xB7, 0xD2, 0x72, 0x03, 0xDB, 0x2A, 0x19, 0xC8, 0x77, 0xF1, 526 1.1 christos 0xD1, 0xF1, 0x9F, 0xD7, 0xD7, 0x7E, 0xF2, 0x25, 0x46, 0xA6, 0x8F, 0x00, 527 1.1 christos 0x5A, 0xD5, 0x2D, 0xC8, 0x45, 0x53, 0xB7, 0x8F, 0xC6, 0x03, 0x30, 0xBE, 528 1.1 christos 0x51, 0xEA, 0x7C, 0x06, 0x72, 0xCA, 0xC1, 0x51, 0x5E, 0x4B, 0x35, 0xC0, 529 1.1 christos 0x47, 0xB9, 0xA5, 0x51, 0xB8, 0x8F, 0x39, 0xDC, 0x26, 0xDA, 0x14, 0xA0, 530 1.1 christos 0x9E, 0xF7, 0x47, 0x74, 0xD4, 0x7C, 0x76, 0x2D, 0xD1, 0x77, 0xF9, 0xED, 531 1.1 christos 0x5B, 0xC2, 0xF1, 0x1E, 0x52, 0xC8, 0x79, 0xBD, 0x95, 0x09, 0x85, 0x04, 532 1.1 christos 0xCD, 0x9E, 0xEC, 0xD8, 0xA8, 0xF9, 0xB3, 0xEF, 0xBD, 0x1F, 0x00, 0x8A, 533 1.1 christos 0xC5, 0x85, 0x30, 0x97, 0xD9, 0xD1, 0x83, 0x7F, 0x2B, 0x18, 0xF7, 0x7C, 534 1.1 christos 0xD7, 0xBE, 0x01, 0xAF, 0x80, 0xA7, 0xC7, 0xB5, 0xEA, 0x3C, 0xA5, 0x4C, 535 1.1 christos 0xC0, 0x2D, 0x0C, 0x11, 0x6F, 0xEE, 0x3F, 0x95, 0xBB, 0x87, 0x39, 0x93, 536 1.1 christos 0x85, 0x87, 0x5D, 0x7E, 0x86, 0x74, 0x7E, 0x67, 0x6E, 0x72, 0x89, 0x38, 537 1.1 christos 0xAC, 0xBF, 0xF7, 0x09, 0x8E, 0x05, 0xBE, 0x4D, 0xCF, 0xB2, 0x40, 0x52, 538 1.1 christos 0xB8, 0x3A, 0xEF, 0xFB, 0x14, 0x78, 0x3F, 0x02, 0x9A, 0xDB, 0xDE, 0x7F, 539 1.1 christos 0x53, 0xFA, 0xE9, 0x20, 0x84, 0x22, 0x40, 0x90, 0xE0, 0x07, 0xCE, 0xE9, 540 1.1 christos 0x4D, 0x4B, 0xF2, 0xBA, 0xCE, 0x9F, 0xFD, 0x4B, 0x57, 0xD2, 0xAF, 0x7C, 541 1.1 christos 0x72, 0x4D, 0x0C, 0xAA, 0x19, 0xBF, 0x05, 0x01, 0xF6, 0xF1, 0x7B, 0x4A, 542 1.1 christos 0xA1, 0x0F, 0x42, 0x5E, 0x3E, 0xA7, 0x60, 0x80, 0xB4, 0xB9, 0xD6, 0xB3, 543 1.1 christos 0xCE, 0xFE, 0xA1, 0x15, 0xB2, 0xCE, 0xB8, 0x78, 0x9B, 0xB8, 0xA3, 0xB0, 544 1.1 christos 0xEA, 0x87, 0xFE, 0xBE, 0x63, 0xB6, 0xC8, 0xF8, 0x46, 0xEC, 0x6D, 0xB0, 545 1.1 christos 0xC2, 0x6C, 0x5D, 0x7C 546 1.1 christos }; 547 1.1 christos 548 1.1 christos typedef struct { 549 1.1.1.2 christos DH *(*get_param)(void); 550 1.1 christos const unsigned char *xA; 551 1.1 christos size_t xA_len; 552 1.1 christos const unsigned char *yA; 553 1.1 christos size_t yA_len; 554 1.1 christos const unsigned char *xB; 555 1.1 christos size_t xB_len; 556 1.1 christos const unsigned char *yB; 557 1.1 christos size_t yB_len; 558 1.1 christos const unsigned char *Z; 559 1.1 christos size_t Z_len; 560 1.1 christos } rfc5114_td; 561 1.1 christos 562 1.1.1.2 christos #define make_rfc5114_td(pre) { \ 563 1.1.1.2 christos DH_get_##pre, \ 564 1.1.1.2 christos dhtest_##pre##_xA, sizeof(dhtest_##pre##_xA), \ 565 1.1.1.2 christos dhtest_##pre##_yA, sizeof(dhtest_##pre##_yA), \ 566 1.1.1.2 christos dhtest_##pre##_xB, sizeof(dhtest_##pre##_xB), \ 567 1.1.1.2 christos dhtest_##pre##_yB, sizeof(dhtest_##pre##_yB), \ 568 1.1.1.2 christos dhtest_##pre##_Z, sizeof(dhtest_##pre##_Z) \ 569 1.1.1.2 christos } 570 1.1 christos 571 1.1 christos static const rfc5114_td rfctd[] = { 572 1.1.1.2 christos make_rfc5114_td(1024_160), 573 1.1.1.2 christos make_rfc5114_td(2048_224), 574 1.1.1.2 christos make_rfc5114_td(2048_256) 575 1.1 christos }; 576 1.1 christos 577 1.1 christos static int rfc5114_test(void) 578 1.1 christos { 579 1.1 christos int i; 580 1.1 christos DH *dhA = NULL; 581 1.1 christos DH *dhB = NULL; 582 1.1 christos unsigned char *Z1 = NULL; 583 1.1 christos unsigned char *Z2 = NULL; 584 1.1 christos int szA, szB; 585 1.1 christos const rfc5114_td *td = NULL; 586 1.1 christos BIGNUM *priv_key = NULL, *pub_key = NULL; 587 1.1 christos const BIGNUM *pub_key_tmp; 588 1.1 christos 589 1.1 christos for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) { 590 1.1 christos td = rfctd + i; 591 1.1 christos /* Set up DH structures setting key components */ 592 1.1 christos if (!TEST_ptr(dhA = td->get_param()) 593 1.1.1.2 christos || !TEST_ptr(dhB = td->get_param())) 594 1.1 christos goto bad_err; 595 1.1 christos 596 1.1 christos if (!TEST_ptr(priv_key = BN_bin2bn(td->xA, td->xA_len, NULL)) 597 1.1.1.2 christos || !TEST_ptr(pub_key = BN_bin2bn(td->yA, td->yA_len, NULL)) 598 1.1.1.2 christos || !TEST_true(DH_set0_key(dhA, pub_key, priv_key))) 599 1.1 christos goto bad_err; 600 1.1 christos 601 1.1 christos if (!TEST_ptr(priv_key = BN_bin2bn(td->xB, td->xB_len, NULL)) 602 1.1.1.2 christos || !TEST_ptr(pub_key = BN_bin2bn(td->yB, td->yB_len, NULL)) 603 1.1.1.2 christos || !TEST_true(DH_set0_key(dhB, pub_key, priv_key))) 604 1.1 christos goto bad_err; 605 1.1 christos priv_key = pub_key = NULL; 606 1.1 christos 607 1.1 christos if (!TEST_int_gt(szA = DH_size(dhA), 0) 608 1.1.1.2 christos || !TEST_int_gt(szB = DH_size(dhB), 0) 609 1.1.1.2 christos || !TEST_size_t_eq(td->Z_len, (size_t)szA) 610 1.1.1.2 christos || !TEST_size_t_eq(td->Z_len, (size_t)szB)) 611 1.1 christos goto err; 612 1.1 christos 613 1.1 christos if (!TEST_ptr(Z1 = OPENSSL_malloc((size_t)szA)) 614 1.1.1.2 christos || !TEST_ptr(Z2 = OPENSSL_malloc((size_t)szB))) 615 1.1 christos goto bad_err; 616 1.1 christos /* 617 1.1 christos * Work out shared secrets using both sides and compare with expected 618 1.1 christos * values. 619 1.1 christos */ 620 1.1 christos DH_get0_key(dhB, &pub_key_tmp, NULL); 621 1.1 christos if (!TEST_int_ne(DH_compute_key(Z1, pub_key_tmp, dhA), -1)) 622 1.1 christos goto bad_err; 623 1.1 christos 624 1.1 christos DH_get0_key(dhA, &pub_key_tmp, NULL); 625 1.1 christos if (!TEST_int_ne(DH_compute_key(Z2, pub_key_tmp, dhB), -1)) 626 1.1 christos goto bad_err; 627 1.1 christos 628 1.1 christos if (!TEST_mem_eq(Z1, td->Z_len, td->Z, td->Z_len) 629 1.1.1.2 christos || !TEST_mem_eq(Z2, td->Z_len, td->Z, td->Z_len)) 630 1.1 christos goto err; 631 1.1 christos 632 1.1 christos DH_free(dhA); 633 1.1 christos dhA = NULL; 634 1.1 christos DH_free(dhB); 635 1.1 christos dhB = NULL; 636 1.1 christos OPENSSL_free(Z1); 637 1.1 christos Z1 = NULL; 638 1.1 christos OPENSSL_free(Z2); 639 1.1 christos Z2 = NULL; 640 1.1 christos } 641 1.1 christos return 1; 642 1.1 christos 643 1.1.1.2 christos bad_err: 644 1.1 christos DH_free(dhA); 645 1.1 christos DH_free(dhB); 646 1.1 christos BN_free(pub_key); 647 1.1 christos BN_free(priv_key); 648 1.1 christos OPENSSL_free(Z1); 649 1.1 christos OPENSSL_free(Z2); 650 1.1 christos TEST_error("Initialisation error RFC5114 set %d\n", i + 1); 651 1.1 christos return 0; 652 1.1 christos 653 1.1.1.2 christos err: 654 1.1 christos DH_free(dhA); 655 1.1 christos DH_free(dhB); 656 1.1 christos OPENSSL_free(Z1); 657 1.1 christos OPENSSL_free(Z2); 658 1.1 christos TEST_error("Test failed RFC5114 set %d\n", i + 1); 659 1.1 christos return 0; 660 1.1 christos } 661 1.1 christos 662 1.1 christos static int rfc7919_test(void) 663 1.1 christos { 664 1.1 christos DH *a = NULL, *b = NULL; 665 1.1 christos const BIGNUM *apub_key = NULL, *bpub_key = NULL; 666 1.1 christos unsigned char *abuf = NULL; 667 1.1 christos unsigned char *bbuf = NULL; 668 1.1 christos int i, alen, blen, aout, bout; 669 1.1 christos int ret = 0; 670 1.1 christos 671 1.1 christos if (!TEST_ptr(a = DH_new_by_nid(NID_ffdhe2048))) 672 1.1.1.2 christos goto err; 673 1.1 christos 674 1.1 christos if (!DH_check(a, &i)) 675 1.1 christos goto err; 676 1.1 christos if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) 677 1.1.1.2 christos || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) 678 1.1.1.2 christos || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) 679 1.1.1.2 christos || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR) 680 1.1.1.2 christos || !TEST_false(i)) 681 1.1 christos goto err; 682 1.1 christos 683 1.1 christos if (!DH_generate_key(a)) 684 1.1 christos goto err; 685 1.1 christos DH_get0_key(a, &apub_key, NULL); 686 1.1 christos 687 1.1 christos /* now create another copy of the DH group for the peer */ 688 1.1 christos if (!TEST_ptr(b = DH_new_by_nid(NID_ffdhe2048))) 689 1.1 christos goto err; 690 1.1 christos 691 1.1 christos if (!DH_generate_key(b)) 692 1.1 christos goto err; 693 1.1 christos DH_get0_key(b, &bpub_key, NULL); 694 1.1 christos 695 1.1 christos alen = DH_size(a); 696 1.1 christos if (!TEST_int_gt(alen, 0) || !TEST_ptr(abuf = OPENSSL_malloc(alen)) 697 1.1.1.2 christos || !TEST_int_gt((aout = DH_compute_key(abuf, bpub_key, a)), 0)) 698 1.1 christos goto err; 699 1.1 christos 700 1.1 christos blen = DH_size(b); 701 1.1 christos if (!TEST_int_gt(blen, 0) || !TEST_ptr(bbuf = OPENSSL_malloc(blen)) 702 1.1.1.2 christos || !TEST_int_gt((bout = DH_compute_key(bbuf, apub_key, b)), 0)) 703 1.1 christos goto err; 704 1.1 christos 705 1.1 christos if (!TEST_true(aout >= 20) 706 1.1.1.2 christos || !TEST_mem_eq(abuf, aout, bbuf, bout)) 707 1.1 christos goto err; 708 1.1 christos 709 1.1 christos ret = 1; 710 1.1 christos 711 1.1.1.2 christos err: 712 1.1 christos OPENSSL_free(abuf); 713 1.1 christos OPENSSL_free(bbuf); 714 1.1 christos DH_free(a); 715 1.1 christos DH_free(b); 716 1.1 christos return ret; 717 1.1 christos } 718 1.1 christos 719 1.1 christos static int prime_groups[] = { 720 1.1 christos NID_ffdhe2048, 721 1.1 christos NID_ffdhe3072, 722 1.1 christos NID_ffdhe4096, 723 1.1 christos NID_ffdhe6144, 724 1.1 christos NID_ffdhe8192, 725 1.1 christos NID_modp_2048, 726 1.1 christos NID_modp_3072, 727 1.1 christos NID_modp_4096, 728 1.1 christos NID_modp_6144, 729 1.1 christos }; 730 1.1 christos 731 1.1 christos static int dh_test_prime_groups(int index) 732 1.1 christos { 733 1.1 christos int ok = 0; 734 1.1 christos DH *dh = NULL; 735 1.1 christos const BIGNUM *p, *q, *g; 736 1.1 christos 737 1.1 christos if (!TEST_ptr(dh = DH_new_by_nid(prime_groups[index]))) 738 1.1 christos goto err; 739 1.1 christos DH_get0_pqg(dh, &p, &q, &g); 740 1.1 christos if (!TEST_ptr(p) || !TEST_ptr(q) || !TEST_ptr(g)) 741 1.1 christos goto err; 742 1.1 christos 743 1.1 christos if (!TEST_int_eq(DH_get_nid(dh), prime_groups[index])) 744 1.1 christos goto err; 745 1.1 christos 746 1.1 christos /* Since q is set there is no need for the private length to be set */ 747 1.1 christos if (!TEST_int_eq((int)DH_get_length(dh), 0)) 748 1.1 christos goto err; 749 1.1 christos 750 1.1 christos ok = 1; 751 1.1 christos err: 752 1.1 christos DH_free(dh); 753 1.1 christos return ok; 754 1.1 christos } 755 1.1 christos 756 1.1 christos static int dh_rfc5114_fix_nid_test(void) 757 1.1 christos { 758 1.1 christos int ok = 0; 759 1.1 christos EVP_PKEY_CTX *paramgen_ctx; 760 1.1 christos 761 1.1 christos /* Run the test. Success is any time the test does not cause a SIGSEGV interrupt */ 762 1.1 christos paramgen_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DHX, 0); 763 1.1 christos if (!TEST_ptr(paramgen_ctx)) 764 1.1 christos goto err; 765 1.1 christos if (!TEST_int_eq(EVP_PKEY_paramgen_init(paramgen_ctx), 1)) 766 1.1 christos goto err; 767 1.1 christos /* Tested function is called here */ 768 1.1 christos if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 3), 1)) 769 1.1 christos goto err; 770 1.1 christos /* Negative test */ 771 1.1 christos if (!TEST_int_eq(EVP_PKEY_CTX_set_dhx_rfc5114(paramgen_ctx, 99), 0)) 772 1.1 christos goto err; 773 1.1 christos /* If we're still running then the test passed. */ 774 1.1 christos ok = 1; 775 1.1 christos err: 776 1.1 christos EVP_PKEY_CTX_free(paramgen_ctx); 777 1.1 christos return ok; 778 1.1 christos } 779 1.1 christos 780 1.1 christos static int dh_set_dh_nid_test(void) 781 1.1 christos { 782 1.1 christos int ok = 0; 783 1.1 christos EVP_PKEY_CTX *paramgen_ctx; 784 1.1 christos 785 1.1 christos /* Run the test. Success is any time the test does not cause a SIGSEGV interrupt */ 786 1.1 christos paramgen_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_DH, 0); 787 1.1 christos if (!TEST_ptr(paramgen_ctx)) 788 1.1 christos goto err; 789 1.1 christos if (!TEST_int_eq(EVP_PKEY_paramgen_init(paramgen_ctx), 1)) 790 1.1 christos goto err; 791 1.1 christos /* Tested function is called here */ 792 1.1 christos if (!TEST_int_eq(EVP_PKEY_CTX_set_dh_nid(paramgen_ctx, NID_ffdhe2048), 1)) 793 1.1 christos goto err; 794 1.1 christos /* Negative test */ 795 1.1 christos if (!TEST_int_eq(EVP_PKEY_CTX_set_dh_nid(paramgen_ctx, NID_secp521r1), 0)) 796 1.1 christos goto err; 797 1.1 christos /* If we're still running then the test passed. */ 798 1.1 christos ok = 1; 799 1.1 christos err: 800 1.1 christos EVP_PKEY_CTX_free(paramgen_ctx); 801 1.1 christos return ok; 802 1.1 christos } 803 1.1 christos 804 1.1 christos static int dh_get_nid(void) 805 1.1 christos { 806 1.1 christos int ok = 0; 807 1.1 christos const BIGNUM *p, *q, *g; 808 1.1 christos BIGNUM *pcpy = NULL, *gcpy = NULL, *qcpy = NULL; 809 1.1 christos DH *dh1 = DH_new_by_nid(NID_ffdhe2048); 810 1.1 christos DH *dh2 = DH_new(); 811 1.1 christos 812 1.1 christos if (!TEST_ptr(dh1) 813 1.1 christos || !TEST_ptr(dh2)) 814 1.1 christos goto err; 815 1.1 christos 816 1.1 christos /* Set new DH parameters manually using a existing named group's p & g */ 817 1.1 christos DH_get0_pqg(dh1, &p, &q, &g); 818 1.1 christos if (!TEST_ptr(p) 819 1.1 christos || !TEST_ptr(q) 820 1.1 christos || !TEST_ptr(g) 821 1.1 christos || !TEST_ptr(pcpy = BN_dup(p)) 822 1.1 christos || !TEST_ptr(gcpy = BN_dup(g))) 823 1.1 christos goto err; 824 1.1 christos 825 1.1 christos if (!TEST_true(DH_set0_pqg(dh2, pcpy, NULL, gcpy))) 826 1.1 christos goto err; 827 1.1 christos pcpy = gcpy = NULL; 828 1.1 christos /* Test q is set if p and g are provided */ 829 1.1 christos if (!TEST_ptr(DH_get0_q(dh2))) 830 1.1 christos goto err; 831 1.1 christos 832 1.1 christos /* Test that setting p & g manually returns that it is a named group */ 833 1.1 christos if (!TEST_int_eq(DH_get_nid(dh2), NID_ffdhe2048)) 834 1.1 christos goto err; 835 1.1 christos 836 1.1 christos /* Test that after changing g it is no longer a named group */ 837 1.1 christos if (!TEST_ptr(gcpy = BN_dup(BN_value_one()))) 838 1.1.1.2 christos goto err; 839 1.1 christos if (!TEST_true(DH_set0_pqg(dh2, NULL, NULL, gcpy))) 840 1.1.1.2 christos goto err; 841 1.1 christos gcpy = NULL; 842 1.1 christos if (!TEST_int_eq(DH_get_nid(dh2), NID_undef)) 843 1.1 christos goto err; 844 1.1 christos 845 1.1 christos /* Test that setting an incorrect q results in this not being a named group */ 846 1.1 christos if (!TEST_ptr(pcpy = BN_dup(p)) 847 1.1 christos || !TEST_ptr(qcpy = BN_dup(q)) 848 1.1 christos || !TEST_ptr(gcpy = BN_dup(g)) 849 1.1 christos || !TEST_int_eq(BN_add_word(qcpy, 2), 1) 850 1.1 christos || !TEST_true(DH_set0_pqg(dh2, pcpy, qcpy, gcpy))) 851 1.1 christos goto err; 852 1.1 christos pcpy = qcpy = gcpy = NULL; 853 1.1 christos if (!TEST_int_eq(DH_get_nid(dh2), NID_undef)) 854 1.1 christos goto err; 855 1.1 christos 856 1.1 christos ok = 1; 857 1.1 christos err: 858 1.1 christos BN_free(pcpy); 859 1.1 christos BN_free(qcpy); 860 1.1 christos BN_free(gcpy); 861 1.1 christos DH_free(dh2); 862 1.1 christos DH_free(dh1); 863 1.1 christos return ok; 864 1.1 christos } 865 1.1 christos 866 1.1 christos static const unsigned char dh_pub_der[] = { 867 1.1 christos 0x30, 0x82, 0x02, 0x28, 0x30, 0x82, 0x01, 0x1b, 0x06, 0x09, 0x2a, 0x86, 868 1.1 christos 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x03, 0x01, 0x30, 0x82, 0x01, 0x0c, 0x02, 869 1.1 christos 0x82, 0x01, 0x01, 0x00, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 870 1.1 christos 0xc9, 0x0f, 0xda, 0xa2, 0x21, 0x68, 0xc2, 0x34, 0xc4, 0xc6, 0x62, 0x8b, 871 1.1 christos 0x80, 0xdc, 0x1c, 0xd1, 0x29, 0x02, 0x4e, 0x08, 0x8a, 0x67, 0xcc, 0x74, 872 1.1 christos 0x02, 0x0b, 0xbe, 0xa6, 0x3b, 0x13, 0x9b, 0x22, 0x51, 0x4a, 0x08, 0x79, 873 1.1 christos 0x8e, 0x34, 0x04, 0xdd, 0xef, 0x95, 0x19, 0xb3, 0xcd, 0x3a, 0x43, 0x1b, 874 1.1 christos 0x30, 0x2b, 0x0a, 0x6d, 0xf2, 0x5f, 0x14, 0x37, 0x4f, 0xe1, 0x35, 0x6d, 875 1.1 christos 0x6d, 0x51, 0xc2, 0x45, 0xe4, 0x85, 0xb5, 0x76, 0x62, 0x5e, 0x7e, 0xc6, 876 1.1 christos 0xf4, 0x4c, 0x42, 0xe9, 0xa6, 0x37, 0xed, 0x6b, 0x0b, 0xff, 0x5c, 0xb6, 877 1.1 christos 0xf4, 0x06, 0xb7, 0xed, 0xee, 0x38, 0x6b, 0xfb, 0x5a, 0x89, 0x9f, 0xa5, 878 1.1 christos 0xae, 0x9f, 0x24, 0x11, 0x7c, 0x4b, 0x1f, 0xe6, 0x49, 0x28, 0x66, 0x51, 879 1.1 christos 0xec, 0xe4, 0x5b, 0x3d, 0xc2, 0x00, 0x7c, 0xb8, 0xa1, 0x63, 0xbf, 0x05, 880 1.1 christos 0x98, 0xda, 0x48, 0x36, 0x1c, 0x55, 0xd3, 0x9a, 0x69, 0x16, 0x3f, 0xa8, 881 1.1 christos 0xfd, 0x24, 0xcf, 0x5f, 0x83, 0x65, 0x5d, 0x23, 0xdc, 0xa3, 0xad, 0x96, 882 1.1 christos 0x1c, 0x62, 0xf3, 0x56, 0x20, 0x85, 0x52, 0xbb, 0x9e, 0xd5, 0x29, 0x07, 883 1.1 christos 0x70, 0x96, 0x96, 0x6d, 0x67, 0x0c, 0x35, 0x4e, 0x4a, 0xbc, 0x98, 0x04, 884 1.1 christos 0xf1, 0x74, 0x6c, 0x08, 0xca, 0x18, 0x21, 0x7c, 0x32, 0x90, 0x5e, 0x46, 885 1.1 christos 0x2e, 0x36, 0xce, 0x3b, 0xe3, 0x9e, 0x77, 0x2c, 0x18, 0x0e, 0x86, 0x03, 886 1.1 christos 0x9b, 0x27, 0x83, 0xa2, 0xec, 0x07, 0xa2, 0x8f, 0xb5, 0xc5, 0x5d, 0xf0, 887 1.1 christos 0x6f, 0x4c, 0x52, 0xc9, 0xde, 0x2b, 0xcb, 0xf6, 0x95, 0x58, 0x17, 0x18, 888 1.1 christos 0x39, 0x95, 0x49, 0x7c, 0xea, 0x95, 0x6a, 0xe5, 0x15, 0xd2, 0x26, 0x18, 889 1.1 christos 0x98, 0xfa, 0x05, 0x10, 0x15, 0x72, 0x8e, 0x5a, 0x8a, 0xac, 0xaa, 0x68, 890 1.1 christos 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x02, 0x01, 0x02, 0x02, 891 1.1 christos 0x02, 0x04, 0x00, 0x03, 0x82, 0x01, 0x05, 0x00, 0x02, 0x82, 0x01, 0x00, 892 1.1 christos 0x08, 0x87, 0x8a, 0x5f, 0x4f, 0x3b, 0xef, 0xe1, 0x77, 0x13, 0x3b, 0xd7, 893 1.1 christos 0x58, 0x76, 0xc9, 0xeb, 0x7e, 0x2d, 0xcc, 0x7e, 0xed, 0xc5, 0xee, 0xf9, 894 1.1 christos 0x2d, 0x55, 0xb0, 0xe2, 0x37, 0x8c, 0x51, 0x87, 0x6a, 0x8e, 0x0d, 0xb2, 895 1.1 christos 0x08, 0xed, 0x4f, 0x88, 0x9b, 0x63, 0x19, 0x7a, 0x67, 0xa1, 0x61, 0xd8, 896 1.1 christos 0x17, 0xa0, 0x2c, 0xdb, 0xc2, 0xfa, 0xb3, 0x4f, 0xe7, 0xcb, 0x16, 0xf2, 897 1.1 christos 0xe7, 0xd0, 0x2c, 0xf8, 0xcc, 0x97, 0xd3, 0xe7, 0xae, 0xc2, 0x71, 0xd8, 898 1.1 christos 0x2b, 0x12, 0x83, 0xe9, 0x5a, 0x45, 0xfe, 0x66, 0x5c, 0xa2, 0xb6, 0xce, 899 1.1 christos 0x2f, 0x04, 0x05, 0xe7, 0xa7, 0xbc, 0xe5, 0x63, 0x1a, 0x93, 0x3d, 0x4d, 900 1.1 christos 0xf4, 0x77, 0xdd, 0x2a, 0xc9, 0x51, 0x7b, 0xf5, 0x54, 0xa2, 0xab, 0x26, 901 1.1 christos 0xee, 0x16, 0xd3, 0x83, 0x92, 0x85, 0x40, 0x67, 0xa3, 0xa9, 0x31, 0x16, 902 1.1 christos 0x64, 0x45, 0x5a, 0x2a, 0x9d, 0xa8, 0x1a, 0x84, 0x2f, 0x59, 0x57, 0x6b, 903 1.1 christos 0xbb, 0x51, 0x28, 0xbd, 0x91, 0x60, 0xd9, 0x8f, 0x54, 0x6a, 0xa0, 0x6b, 904 1.1 christos 0xb2, 0xf6, 0x78, 0x79, 0xd2, 0x3a, 0x8f, 0xa6, 0x24, 0x7e, 0xe9, 0x6e, 905 1.1 christos 0x66, 0x30, 0xed, 0xbf, 0x55, 0x71, 0x9c, 0x89, 0x81, 0xf0, 0xa7, 0xe7, 906 1.1 christos 0x05, 0x87, 0x51, 0xc1, 0xff, 0xe5, 0xcf, 0x1f, 0x19, 0xe4, 0xeb, 0x7c, 907 1.1 christos 0x1c, 0x1a, 0x58, 0xd5, 0x22, 0x3d, 0x31, 0x22, 0xc7, 0x8b, 0x60, 0xf5, 908 1.1 christos 0xe8, 0x95, 0x73, 0xe0, 0x20, 0xe2, 0x4f, 0x03, 0x9e, 0x89, 0x34, 0x91, 909 1.1 christos 0x5e, 0xda, 0x4f, 0x60, 0xff, 0xc9, 0x4f, 0x5a, 0x37, 0x1e, 0xb0, 0xed, 910 1.1 christos 0x26, 0x4c, 0xa4, 0xc6, 0x26, 0xc9, 0xcc, 0xab, 0xd2, 0x1a, 0x3a, 0x82, 911 1.1 christos 0x68, 0x03, 0x49, 0x8f, 0xb0, 0xb9, 0xc8, 0x48, 0x9d, 0xc7, 0xdf, 0x8b, 912 1.1 christos 0x1c, 0xbf, 0xda, 0x89, 0x78, 0x6f, 0xd3, 0x62, 0xad, 0x35, 0xb9, 0xd3, 913 1.1 christos 0x9b, 0xd0, 0x25, 0x65 914 1.1 christos }; 915 1.1 christos 916 1.1 christos /* 917 1.1 christos * Load PKCS3 DH Parameters that contain an optional private value length. 918 1.1 christos * Loading a named group should not overwrite the private value length field. 919 1.1 christos */ 920 1.1 christos static int dh_load_pkcs3_namedgroup_privlen_test(void) 921 1.1 christos { 922 1.1 christos int ret, privlen = 0; 923 1.1 christos EVP_PKEY *pkey = NULL; 924 1.1 christos const unsigned char *p = dh_pub_der; 925 1.1 christos 926 1.1 christos ret = TEST_ptr(pkey = d2i_PUBKEY_ex(NULL, &p, sizeof(dh_pub_der), 927 1.1.1.2 christos NULL, NULL)) 928 1.1.1.2 christos && TEST_true(EVP_PKEY_get_int_param(pkey, OSSL_PKEY_PARAM_DH_PRIV_LEN, 929 1.1.1.2 christos &privlen)) 930 1.1.1.2 christos && TEST_int_eq(privlen, 1024); 931 1.1 christos 932 1.1 christos EVP_PKEY_free(pkey); 933 1.1 christos return ret; 934 1.1 christos } 935 1.1 christos 936 1.1 christos #endif 937 1.1 christos 938 1.1 christos int setup_tests(void) 939 1.1 christos { 940 1.1 christos #ifdef OPENSSL_NO_DH 941 1.1 christos TEST_note("No DH support"); 942 1.1 christos #else 943 1.1 christos ADD_TEST(dh_test); 944 1.1 christos ADD_TEST(dh_computekey_range_test); 945 1.1 christos ADD_TEST(rfc5114_test); 946 1.1 christos ADD_TEST(rfc7919_test); 947 1.1 christos ADD_ALL_TESTS(dh_test_prime_groups, OSSL_NELEM(prime_groups)); 948 1.1 christos ADD_TEST(dh_get_nid); 949 1.1 christos ADD_TEST(dh_load_pkcs3_namedgroup_privlen_test); 950 1.1 christos ADD_TEST(dh_rfc5114_fix_nid_test); 951 1.1 christos ADD_TEST(dh_set_dh_nid_test); 952 1.1 christos #endif 953 1.1 christos return 1; 954 1.1 christos } 955
Indexes created Wed Mar 04 05:31:52 UTC 2026