[openssl] master update

Richard Levitte levitte at openssl.org
Sun Nov 15 18:41:09 UTC 2020


The branch master has been updated
       via  e76a696273e472803b156af90fa869bb9aeb798c (commit)
      from  efb4667f72356046a492d8875bd3b02b6fe352e8 (commit)


- Log -----------------------------------------------------------------
commit e76a696273e472803b156af90fa869bb9aeb798c
Author: Richard Levitte <levitte at openssl.org>
Date:   Sat Oct 17 08:59:48 2020 +0200

    test/endecoder_legacy_test.c: new test for legacy comparison
    
    It checks that all of these functions have a corresponding
    OSSL_ENCODER implementation, and that the output is the same:
    
    - i2d_{TYPE}PrivateKey
    - i2d_{TYPE}PublicKey
    - i2d_{TYPE}params
    - i2d_{TYPE}_PUBKEY
    - PEM_write_bio_{TYPE}PrivateKey
    - PEM_write_bio_{TYPE}PublicKey
    - PEM_write_bio_{TYPE}Parameters
    - PEM_write_bio_{TYPE}_PUBKEY
    
    It also checks that all of these functions have a corresponding
    OSSL_DECODER implementation, and that the decoding result matches:
    
    - d2i_{TYPE}PrivateKey()
    - d2i_{TYPE}PublicKey(),
    - d2i_{TYPE}params(),
    - d2i_{TYPE}_PUBKEY(),
    - PEM_read_bio_{TYPE}PrivateKey()
    - PEM_read_bio_{TYPE}PublicKey()
    - PEM_read_bio_{TYPE}params()
    - PEM_read_bio_{TYPE}_PUBKEY()
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/13262)

-----------------------------------------------------------------------

Summary of changes:
 test/build.info                                    |   5 +
 test/endecoder_legacy_test.c                       | 696 +++++++++++++++++++++
 ..._decoder.t => 04-test_encoder_decoder_legacy.t} |   4 +-
 3 files changed, 703 insertions(+), 2 deletions(-)
 create mode 100644 test/endecoder_legacy_test.c
 copy test/recipes/{04-test_encoder_decoder.t => 04-test_encoder_decoder_legacy.t} (89%)

diff --git a/test/build.info b/test/build.info
index 51100d1418..b7fafb7eba 100644
--- a/test/build.info
+++ b/test/build.info
@@ -793,6 +793,11 @@ IF[{- !$disabled{tests} -}]
   INCLUDE[endecode_test]=.. ../include ../apps/include
   DEPEND[endecode_test]=../libcrypto.a libtestutil.a
 
+  PROGRAMS{noinst}=endecoder_legacy_test
+  SOURCE[endecoder_legacy_test]=endecoder_legacy_test.c
+  INCLUDE[endecoder_legacy_test]=.. ../include ../apps/include
+  DEPEND[endecoder_legacy_test]=../libcrypto.a libtestutil.a
+
   PROGRAMS{noinst}=namemap_internal_test
   SOURCE[namemap_internal_test]=namemap_internal_test.c
   INCLUDE[namemap_internal_test]=.. ../include ../apps/include
diff --git a/test/endecoder_legacy_test.c b/test/endecoder_legacy_test.c
new file mode 100644
index 0000000000..1bdbda79fa
--- /dev/null
+++ b/test/endecoder_legacy_test.c
@@ -0,0 +1,696 @@
+/*
+ * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+/*
+ * This program tests the following known key type specific function against
+ * the corresponding OSSL_ENCODER implementation:
+ *
+ * - i2d_{TYPE}PrivateKey()
+ * - i2d_{TYPE}PublicKey(),
+ * - i2d_{TYPE}params(),
+ * - i2d_{TYPE}_PUBKEY(),
+ * - PEM_write_bio_{TYPE}PrivateKey()
+ * - PEM_write_bio_{TYPE}PublicKey()
+ * - PEM_write_bio_{TYPE}params()
+ * - PEM_write_bio_{TYPE}_PUBKEY()
+ *
+ * as well as the following functions against the corresponding OSSL_DECODER
+ * implementation.
+ *
+ * - d2i_{TYPE}PrivateKey()
+ * - d2i_{TYPE}PublicKey(),
+ * - d2i_{TYPE}params(),
+ * - d2i_{TYPE}_PUBKEY(),
+ * - PEM_read_bio_{TYPE}PrivateKey()
+ * - PEM_read_bio_{TYPE}PublicKey()
+ * - PEM_read_bio_{TYPE}params()
+ * - PEM_read_bio_{TYPE}_PUBKEY()
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <openssl/bio.h>
+#include <openssl/evp.h>
+#include <openssl/asn1.h>
+#include <openssl/pem.h>
+#include <openssl/params.h>
+#include <openssl/encoder.h>
+#include <openssl/decoder.h>
+#include <openssl/dh.h>
+#include <openssl/dsa.h>
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+# include <openssl/rsa.h>
+#endif
+#include "internal/nelem.h"
+#include "crypto/evp.h"
+
+#include "testutil.h"
+
+typedef int PEM_write_bio_of_void_protected(BIO *out, void *obj,
+                                            const EVP_CIPHER *enc,
+                                            unsigned char *kstr, int klen,
+                                            pem_password_cb *cb, void *u);
+typedef int PEM_write_bio_of_void_unprotected(BIO *out, void *obj);
+typedef void *PEM_read_bio_of_void(BIO *out, void **obj,
+                                   pem_password_cb *cb, void *u);
+typedef int EVP_PKEY_print_fn(BIO *out, const EVP_PKEY *pkey,
+                              int indent, ASN1_PCTX *pctx);
+typedef int EVP_PKEY_eq_fn(const EVP_PKEY *a, const EVP_PKEY *b);
+
+static struct test_stanza_st {
+    const char *keytype;
+    const char *structure[2];
+    int evp_type;
+
+    i2d_of_void *i2d_PrivateKey;
+    i2d_of_void *i2d_PublicKey;
+    i2d_of_void *i2d_params;
+    i2d_of_void *i2d_PUBKEY;
+    PEM_write_bio_of_void_protected *pem_write_bio_PrivateKey;
+    PEM_write_bio_of_void_unprotected *pem_write_bio_PublicKey;
+    PEM_write_bio_of_void_unprotected *pem_write_bio_params;
+    PEM_write_bio_of_void_unprotected *pem_write_bio_PUBKEY;
+
+    d2i_of_void *d2i_PrivateKey;
+    d2i_of_void *d2i_PublicKey;
+    d2i_of_void *d2i_params;
+    d2i_of_void *d2i_PUBKEY;
+    PEM_read_bio_of_void *pem_read_bio_PrivateKey;
+    PEM_read_bio_of_void *pem_read_bio_PublicKey;
+    PEM_read_bio_of_void *pem_read_bio_params;
+    PEM_read_bio_of_void *pem_read_bio_PUBKEY;
+} test_stanzas[] = {
+#ifndef OPENSSL_NO_DH
+    { "DH", { "DH", "type-specific" }, EVP_PKEY_DH,
+      NULL,                      /* No i2d_DHPrivateKey */
+      NULL,                      /* No i2d_DHPublicKey */
+      (i2d_of_void *)i2d_DHparams,
+      NULL,                      /* No i2d_DH_PUBKEY */
+      NULL,                      /* No PEM_write_bio_DHPrivateKey */
+      NULL,                      /* No PEM_write_bio_DHPublicKey */
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_DHparams,
+      NULL,                      /* No PEM_write_bio_DH_PUBKEY */
+      NULL,                      /* No d2i_DHPrivateKey */
+      NULL,                      /* No d2i_DHPublicKey */
+      (d2i_of_void *)d2i_DHparams,
+      NULL,                      /* No d2i_DH_PUBKEY */
+      NULL,                      /* No PEM_read_bio_DHPrivateKey */
+      NULL,                      /* No PEM_read_bio_DHPublicKey */
+      (PEM_read_bio_of_void *)PEM_read_bio_DHparams,
+      NULL },                    /* No PEM_read_bio_DH_PUBKEY */
+    { "DHX", { "DHX", "type-specific" }, EVP_PKEY_DHX,
+      NULL,                      /* No i2d_DHxPrivateKey */
+      NULL,                      /* No i2d_DHxPublicKey */
+      (i2d_of_void *)i2d_DHxparams,
+      NULL,                      /* No i2d_DHx_PUBKEY */
+      NULL,                      /* No PEM_write_bio_DHxPrivateKey */
+      NULL,                      /* No PEM_write_bio_DHxPublicKey */
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_DHxparams,
+      NULL,                      /* No PEM_write_bio_DHx_PUBKEY */
+      NULL,                      /* No d2i_DHxPrivateKey */
+      NULL,                      /* No d2i_DHxPublicKey */
+      (d2i_of_void *)d2i_DHxparams,
+      NULL,                      /* No d2i_DHx_PUBKEY */
+      NULL,                      /* No PEM_read_bio_DHxPrivateKey */
+      NULL,                      /* No PEM_read_bio_DHxPublicKey */
+      NULL,                      /* No PEM_read_bio_DHxparams */
+      NULL },                    /* No PEM_read_bio_DHx_PUBKEY */
+#endif
+#ifndef OPENSSL_NO_DSA
+    { "DSA", { "DSA", "type-specific" }, EVP_PKEY_DSA,
+      (i2d_of_void *)i2d_DSAPrivateKey,
+      (i2d_of_void *)i2d_DSAPublicKey,
+      (i2d_of_void *)i2d_DSAparams,
+      (i2d_of_void *)i2d_DSA_PUBKEY,
+      (PEM_write_bio_of_void_protected *)PEM_write_bio_DSAPrivateKey,
+      NULL,                      /* No PEM_write_bio_DSAPublicKey */
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_DSAparams,
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_DSA_PUBKEY,
+      (d2i_of_void *)d2i_DSAPrivateKey,
+      (d2i_of_void *)d2i_DSAPublicKey,
+      (d2i_of_void *)d2i_DSAparams,
+      (d2i_of_void *)d2i_DSA_PUBKEY,
+      (PEM_read_bio_of_void *)PEM_read_bio_DSAPrivateKey,
+      NULL,                      /* No PEM_write_bio_DSAPublicKey */
+      (PEM_read_bio_of_void *)PEM_read_bio_DSAparams,
+      (PEM_read_bio_of_void *)PEM_read_bio_DSA_PUBKEY },
+#endif
+#ifndef OPENSSL_NO_EC
+    { "EC", { "EC", "type-specific" }, EVP_PKEY_EC,
+      (i2d_of_void *)i2d_ECPrivateKey,
+      NULL,                      /* No i2d_ECPublicKey */
+      (i2d_of_void *)i2d_ECParameters,
+      (i2d_of_void *)i2d_EC_PUBKEY,
+      (PEM_write_bio_of_void_protected *)PEM_write_bio_ECPrivateKey,
+      NULL,                      /* No PEM_write_bio_ECPublicKey */
+      NULL,                      /* No PEM_write_bio_ECParameters */
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_EC_PUBKEY,
+      (d2i_of_void *)d2i_ECPrivateKey,
+      NULL,                      /* No d2i_ECPublicKey */
+      (d2i_of_void *)d2i_ECParameters,
+      (d2i_of_void *)d2i_EC_PUBKEY,
+      (PEM_read_bio_of_void *)PEM_read_bio_ECPrivateKey,
+      NULL,                      /* No PEM_read_bio_ECPublicKey */
+      NULL,                      /* No PEM_read_bio_ECParameters */
+      (PEM_read_bio_of_void *)PEM_read_bio_EC_PUBKEY, },
+#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+    { "RSA", { "RSA", "type-specific" }, EVP_PKEY_RSA,
+      (i2d_of_void *)i2d_RSAPrivateKey,
+      (i2d_of_void *)i2d_RSAPublicKey,
+      NULL,                      /* No i2d_RSAparams */
+      (i2d_of_void *)i2d_RSA_PUBKEY,
+      (PEM_write_bio_of_void_protected *)PEM_write_bio_RSAPrivateKey,
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_RSAPublicKey,
+      NULL,                      /* No PEM_write_bio_RSAparams */
+      (PEM_write_bio_of_void_unprotected *)PEM_write_bio_RSA_PUBKEY,
+      (d2i_of_void *)d2i_RSAPrivateKey,
+      (d2i_of_void *)d2i_RSAPublicKey,
+      NULL,                      /* No d2i_RSAparams */
+      (d2i_of_void *)d2i_RSA_PUBKEY,
+      (PEM_read_bio_of_void *)PEM_read_bio_RSAPrivateKey,
+      (PEM_read_bio_of_void *)PEM_read_bio_RSAPublicKey,
+      NULL,                      /* No PEM_read_bio_RSAparams */
+      (PEM_read_bio_of_void *)PEM_read_bio_RSA_PUBKEY }
+#endif
+};
+
+/*
+ * Keys that we're going to test with.  We initialize this with the intended
+ * key types, and generate the keys themselves on program setup.
+ * They must all be downgradable with EVP_PKEY_get0()
+ */
+
+#ifndef OPENSSL_NO_DH
+static const OSSL_PARAM DH_params[] = { OSSL_PARAM_END };
+static const OSSL_PARAM DHX_params[] = { OSSL_PARAM_END };
+#endif
+#ifndef OPENSSL_NO_DSA
+static size_t qbits = 160;  /* PVK only tolerates 160 Q bits */
+static size_t pbits = 1024; /* With 160 Q bits, we MUST use 1024 P bits */
+static const OSSL_PARAM DSA_params[] = {
+    OSSL_PARAM_size_t("pbits", &pbits),
+    OSSL_PARAM_size_t("qbits", &qbits),
+    OSSL_PARAM_END
+};
+#endif
+#ifndef OPENSSL_NO_EC
+static char groupname[] = "prime256v1";
+static const OSSL_PARAM EC_params[] = {
+    OSSL_PARAM_utf8_string("group", groupname, sizeof(groupname) - 1),
+    OSSL_PARAM_END
+};
+#endif
+
+static struct key_st {
+    const char *keytype;
+    int evp_type;
+    /* non-NULL if a template EVP_PKEY must be generated first */
+    const OSSL_PARAM *template_params;
+
+    EVP_PKEY *key;
+} keys[] = {
+#ifndef OPENSSL_NO_DH
+    { "DH", EVP_PKEY_DH, DH_params, NULL },
+    { "DHX", EVP_PKEY_DHX, DHX_params, NULL },
+#endif
+#ifndef OPENSSL_NO_DSA
+    { "DSA", EVP_PKEY_DSA, DSA_params, NULL },
+#endif
+#ifndef OPENSSL_NO_EC
+    { "EC", EVP_PKEY_EC, EC_params, NULL },
+#endif
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+    { "RSA", EVP_PKEY_RSA, NULL, NULL },
+#endif
+};
+
+static EVP_PKEY *make_key(const char *type,
+                          const OSSL_PARAM *gen_template_params)
+{
+    EVP_PKEY *template = NULL;
+    EVP_PKEY *pkey = NULL;
+    EVP_PKEY_CTX *ctx = NULL;
+    OSSL_PARAM *gen_template_params_noconst =
+        (OSSL_PARAM *)gen_template_params;
+
+    if (gen_template_params != NULL
+        && ((ctx = EVP_PKEY_CTX_new_from_name(NULL, type, NULL)) == NULL
+            || EVP_PKEY_paramgen_init(ctx) <= 0
+            || (gen_template_params[0].key != NULL
+                && EVP_PKEY_CTX_set_params(ctx, gen_template_params_noconst) <= 0)
+            || EVP_PKEY_gen(ctx, &template) <= 0))
+        goto end;
+    EVP_PKEY_CTX_free(ctx);
+
+    /*
+     * No real need to check the errors other than for the cascade
+     * effect.  |pkey| will simply remain NULL if something goes wrong.
+     */
+    ctx =
+        template != NULL
+        ? EVP_PKEY_CTX_new(template, NULL)
+        : EVP_PKEY_CTX_new_from_name(NULL, type, NULL);
+
+    (void)(ctx != NULL
+           && EVP_PKEY_keygen_init(ctx) > 0
+           && EVP_PKEY_keygen(ctx, &pkey) > 0);
+
+ end:
+    EVP_PKEY_free(template);
+    EVP_PKEY_CTX_free(ctx);
+    return pkey;
+}
+
+static struct key_st *lookup_key(const char *type)
+{
+    size_t i;
+
+    for (i = 0; i < OSSL_NELEM(keys); i++) {
+        if (strcmp(keys[i].keytype, type) == 0)
+            return &keys[i];
+    }
+    return NULL;
+}
+
+static int test_membio_str_eq(BIO *bio_provided, BIO *bio_legacy)
+{
+    char *str_provided = NULL, *str_legacy = NULL;
+    long len_provided = BIO_get_mem_data(bio_provided, &str_provided);
+    long len_legacy = BIO_get_mem_data(bio_legacy, &str_legacy);
+
+    return TEST_strn2_eq(str_provided, len_provided,
+                         str_legacy, len_legacy);
+}
+
+static int test_protected_PEM(const char *keytype, int evp_type,
+                              void *legacy_key,
+                              PEM_write_bio_of_void_protected *pem_write_bio,
+                              PEM_read_bio_of_void *pem_read_bio,
+                              EVP_PKEY_eq_fn *evp_pkey_eq,
+                              EVP_PKEY_print_fn *evp_pkey_print,
+                              EVP_PKEY *provided_pkey, int selection,
+                              const char *structure)
+{
+    int ok = 0;
+    BIO *membio_legacy = NULL;
+    BIO *membio_provided = NULL;
+    OSSL_ENCODER_CTX *ectx = NULL;
+    OSSL_DECODER_CTX *dctx = NULL;
+    void *decoded_legacy_key = NULL;
+    EVP_PKEY *decoded_legacy_pkey = NULL;
+    EVP_PKEY *decoded_provided_pkey = NULL;
+
+    /* Set up the BIOs, so we have them */
+    if (!TEST_ptr(membio_legacy = BIO_new(BIO_s_mem()))
+        || !TEST_ptr(membio_provided = BIO_new(BIO_s_mem())))
+        goto end;
+
+    if (!TEST_ptr(ectx =
+                  OSSL_ENCODER_CTX_new_by_EVP_PKEY(provided_pkey, selection,
+                                                   "PEM", structure,
+                                                   NULL, NULL))
+        || !TEST_true(OSSL_ENCODER_to_bio(ectx, membio_provided))
+        || !TEST_true(pem_write_bio(membio_legacy, legacy_key,
+                                   NULL, NULL, 0, NULL, NULL))
+        || !test_membio_str_eq(membio_provided, membio_legacy))
+        goto end;
+
+    if (pem_read_bio != NULL) {
+        /* Now try decoding the results and compare the resulting keys */
+
+        if (!TEST_ptr(decoded_legacy_pkey = EVP_PKEY_new())
+            || !TEST_ptr(dctx =
+                         OSSL_DECODER_CTX_new_by_EVP_PKEY(&decoded_provided_pkey,
+                                                          "PEM", structure,
+                                                          keytype, selection,
+                                                          NULL, NULL))
+            || !TEST_true(OSSL_DECODER_from_bio(dctx, membio_provided))
+            || !TEST_ptr(decoded_legacy_key =
+                         pem_read_bio(membio_legacy, NULL, NULL, NULL))
+            || !TEST_true(EVP_PKEY_assign(decoded_legacy_pkey, evp_type,
+                                          decoded_legacy_key)))
+            goto end;
+
+        if (!TEST_int_gt(evp_pkey_eq(decoded_provided_pkey,
+                                     decoded_legacy_pkey), 0)) {
+            TEST_info("decoded_provided_pkey:");
+            evp_pkey_print(bio_out, decoded_provided_pkey, 0, NULL);
+            TEST_info("decoded_legacy_pkey:");
+            evp_pkey_print(bio_out, decoded_legacy_pkey, 0, NULL);
+        }
+    }
+    ok = 1;
+ end:
+    EVP_PKEY_free(decoded_legacy_pkey);
+    EVP_PKEY_free(decoded_provided_pkey);
+    OSSL_ENCODER_CTX_free(ectx);
+    OSSL_DECODER_CTX_free(dctx);
+    BIO_free(membio_provided);
+    BIO_free(membio_legacy);
+    return ok;
+}
+
+static int test_unprotected_PEM(const char *keytype, int evp_type,
+                                void *legacy_key,
+                                PEM_write_bio_of_void_unprotected *pem_write_bio,
+                                PEM_read_bio_of_void *pem_read_bio,
+                                EVP_PKEY_eq_fn *evp_pkey_eq,
+                                EVP_PKEY_print_fn *evp_pkey_print,
+                                EVP_PKEY *provided_pkey, int selection,
+                                const char *structure)
+{
+    int ok = 0;
+    BIO *membio_legacy = NULL;
+    BIO *membio_provided = NULL;
+    OSSL_ENCODER_CTX *ectx = NULL;
+    OSSL_DECODER_CTX *dctx = NULL;
+    void *decoded_legacy_key = NULL;
+    EVP_PKEY *decoded_legacy_pkey = NULL;
+    EVP_PKEY *decoded_provided_pkey = NULL;
+
+    /* Set up the BIOs, so we have them */
+    if (!TEST_ptr(membio_legacy = BIO_new(BIO_s_mem()))
+        || !TEST_ptr(membio_provided = BIO_new(BIO_s_mem())))
+        goto end;
+
+    if (!TEST_ptr(ectx =
+                  OSSL_ENCODER_CTX_new_by_EVP_PKEY(provided_pkey, selection,
+                                                   "PEM", structure,
+                                                   NULL, NULL))
+        || !TEST_true(OSSL_ENCODER_to_bio(ectx, membio_provided))
+        || !TEST_true(pem_write_bio(membio_legacy, legacy_key))
+        || !test_membio_str_eq(membio_provided, membio_legacy))
+        goto end;
+
+    if (pem_read_bio != NULL) {
+        /* Now try decoding the results and compare the resulting keys */
+
+        if (!TEST_ptr(decoded_legacy_pkey = EVP_PKEY_new())
+            || !TEST_ptr(dctx =
+                         OSSL_DECODER_CTX_new_by_EVP_PKEY(&decoded_provided_pkey,
+                                                          "PEM", structure,
+                                                          keytype, selection,
+                                                          NULL, NULL))
+            || !TEST_true(OSSL_DECODER_from_bio(dctx, membio_provided))
+            || !TEST_ptr(decoded_legacy_key =
+                         pem_read_bio(membio_legacy, NULL, NULL, NULL))
+            || !TEST_true(EVP_PKEY_assign(decoded_legacy_pkey, evp_type,
+                                          decoded_legacy_key)))
+            goto end;
+
+        if (!TEST_int_gt(evp_pkey_eq(decoded_provided_pkey,
+                                     decoded_legacy_pkey), 0)) {
+            TEST_info("decoded_provided_pkey:");
+            evp_pkey_print(bio_out, decoded_provided_pkey, 0, NULL);
+            TEST_info("decoded_legacy_pkey:");
+            evp_pkey_print(bio_out, decoded_legacy_pkey, 0, NULL);
+        }
+    }
+    ok = 1;
+ end:
+    EVP_PKEY_free(decoded_legacy_pkey);
+    EVP_PKEY_free(decoded_provided_pkey);
+    OSSL_ENCODER_CTX_free(ectx);
+    OSSL_DECODER_CTX_free(dctx);
+    BIO_free(membio_provided);
+    BIO_free(membio_legacy);
+    return ok;
+}
+
+static int test_DER(const char *keytype, int evp_type,
+                    void *legacy_key, i2d_of_void *i2d, d2i_of_void *d2i,
+                    EVP_PKEY_eq_fn *evp_pkey_eq,
+                    EVP_PKEY_print_fn *evp_pkey_print,
+                    EVP_PKEY *provided_pkey, int selection,
+                    const char *structure)
+{
+    int ok = 0;
+    unsigned char *der_legacy = NULL;
+    const unsigned char *pder_legacy = NULL;
+    size_t der_legacy_len = 0;
+    unsigned char *der_provided = NULL;
+    const unsigned char *pder_provided = NULL;
+    size_t der_provided_len = 0;
+    size_t tmp_size;
+    OSSL_ENCODER_CTX *ectx = NULL;
+    OSSL_DECODER_CTX *dctx = NULL;
+    void *decoded_legacy_key = NULL;
+    EVP_PKEY *decoded_legacy_pkey = NULL;
+    EVP_PKEY *decoded_provided_pkey = NULL;
+
+    if (!TEST_ptr(ectx =
+                 OSSL_ENCODER_CTX_new_by_EVP_PKEY(provided_pkey, selection,
+                                                  "DER", structure,
+                                                  NULL, NULL))
+        || !TEST_true(OSSL_ENCODER_to_data(ectx,
+                                          &der_provided, &der_provided_len))
+        || !TEST_size_t_gt(der_legacy_len = i2d(legacy_key, &der_legacy), 0)
+        || !TEST_mem_eq(der_provided, der_provided_len,
+                        der_legacy, der_legacy_len))
+        goto end;
+
+    if (d2i != NULL) {
+        /* Now try decoding the results and compare the resulting keys */
+
+        if (!TEST_ptr(decoded_legacy_pkey = EVP_PKEY_new())
+            || !TEST_ptr(dctx =
+                         OSSL_DECODER_CTX_new_by_EVP_PKEY(&decoded_provided_pkey,
+                                                          "DER", structure,
+                                                          keytype, selection,
+                                                          NULL, NULL))
+            || !TEST_true((pder_provided = der_provided,
+                           tmp_size = der_provided_len,
+                           OSSL_DECODER_from_data(dctx, &pder_provided,
+                                                  &tmp_size)))
+            || !TEST_ptr((pder_legacy = der_legacy,
+                          decoded_legacy_key = d2i(NULL, &pder_legacy,
+                                                   (long)der_legacy_len)))
+            || !TEST_true(EVP_PKEY_assign(decoded_legacy_pkey, evp_type,
+                                          decoded_legacy_key)))
+            goto end;
+
+        if (!TEST_int_gt(evp_pkey_eq(decoded_provided_pkey,
+                                     decoded_legacy_pkey), 0)) {
+            TEST_info("decoded_provided_pkey:");
+            evp_pkey_print(bio_out, decoded_provided_pkey, 0, NULL);
+            TEST_info("decoded_legacy_pkey:");
+            evp_pkey_print(bio_out, decoded_legacy_pkey, 0, NULL);
+        }
+    }
+    ok = 1;
+ end:
+    EVP_PKEY_free(decoded_legacy_pkey);
+    EVP_PKEY_free(decoded_provided_pkey);
+    OSSL_ENCODER_CTX_free(ectx);
+    OSSL_DECODER_CTX_free(dctx);
+    OPENSSL_free(der_provided);
+    OPENSSL_free(der_legacy);
+    return ok;
+}
+
+static int test_key(int idx)
+{
+    struct test_stanza_st *test_stanza = NULL;
+    struct key_st *key = NULL;
+    int ok = 0;
+    size_t i;
+    EVP_PKEY *pkey = NULL, *downgraded_pkey = NULL;
+    void *legacy_obj = NULL;
+
+    /* Get the test data */
+    if (!TEST_ptr(test_stanza = &test_stanzas[idx])
+        || !TEST_ptr(key = lookup_key(test_stanza->keytype)))
+        goto end;
+
+    /* Set up the keys */
+    if (!TEST_ptr(pkey = key->key)
+        || !TEST_true(evp_pkey_copy_downgraded(&downgraded_pkey, pkey))
+        || !TEST_ptr(downgraded_pkey)
+        || !TEST_int_eq(EVP_PKEY_id(downgraded_pkey), key->evp_type)
+        || !TEST_ptr(legacy_obj = EVP_PKEY_get0(downgraded_pkey)))
+        goto end;
+
+    ok = 1;
+
+    /* Test PrivateKey to PEM */
+    if (test_stanza->pem_write_bio_PrivateKey != NULL) {
+        int selection = OSSL_KEYMGMT_SELECT_ALL;
+
+        for (i = 0; i < OSSL_NELEM(test_stanza->structure); i++) {
+            const char *structure = test_stanza->structure[i];
+
+            TEST_info("Test OSSL_ENCODER against PEM_write_bio_{TYPE}PrivateKey for %s, %s",
+                      test_stanza->keytype, structure);
+            if (!test_protected_PEM(key->keytype, key->evp_type, legacy_obj,
+                                    test_stanza->pem_write_bio_PrivateKey,
+                                    test_stanza->pem_read_bio_PrivateKey,
+                                    EVP_PKEY_eq, EVP_PKEY_print_private,
+                                    pkey, selection, structure))
+                ok = 0;
+        }
+    }
+
+    /* Test PublicKey to PEM */
+    if (test_stanza->pem_write_bio_PublicKey != NULL) {
+        int selection =
+            OSSL_KEYMGMT_SELECT_PUBLIC_KEY
+            | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+
+        for (i = 0; i < OSSL_NELEM(test_stanza->structure); i++) {
+            const char *structure = test_stanza->structure[i];
+
+            TEST_info("Test OSSL_ENCODER against PEM_write_bio_{TYPE}PublicKey for %s, %s",
+                      test_stanza->keytype, structure);
+            if (!test_unprotected_PEM(key->keytype, key->evp_type, legacy_obj,
+                                      test_stanza->pem_write_bio_PublicKey,
+                                      test_stanza->pem_read_bio_PublicKey,
+                                      EVP_PKEY_eq, EVP_PKEY_print_public,
+                                      pkey, selection, structure))
+                ok = 0;
+        }
+    }
+
+    /* Test params to PEM */
+    if (test_stanza->pem_write_bio_params != NULL) {
+        int selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+
+        for (i = 0; i < OSSL_NELEM(test_stanza->structure); i++) {
+            const char *structure = test_stanza->structure[i];
+
+            TEST_info("Test OSSL_ENCODER against PEM_write_bio_{TYPE}params for %s, %s",
+                      test_stanza->keytype, structure);
+            if (!test_unprotected_PEM(key->keytype, key->evp_type, legacy_obj,
+                                      test_stanza->pem_write_bio_params,
+                                      test_stanza->pem_read_bio_params,
+                                      EVP_PKEY_parameters_eq,
+                                      EVP_PKEY_print_params,
+                                      pkey, selection, structure))
+                ok = 0;
+        }
+    }
+
+    /* Test PUBKEY to PEM */
+    if (test_stanza->pem_write_bio_PUBKEY != NULL) {
+        int selection =
+            OSSL_KEYMGMT_SELECT_PUBLIC_KEY
+            | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+        const char *structure = "SubjectPublicKeyInfo";
+
+        TEST_info("Test OSSL_ENCODER against PEM_write_bio_{TYPE}_PUBKEY for %s, %s",
+                  test_stanza->keytype, structure);
+        if (!test_unprotected_PEM(key->keytype, key->evp_type, legacy_obj,
+                                  test_stanza->pem_write_bio_PUBKEY,
+                                  test_stanza->pem_read_bio_PUBKEY,
+                                  EVP_PKEY_eq, EVP_PKEY_print_public,
+                                  pkey, selection, structure))
+            ok = 0;
+    }
+
+
+    /* Test PrivateKey to DER */
+    if (test_stanza->i2d_PrivateKey != NULL) {
+        int selection = OSSL_KEYMGMT_SELECT_ALL;
+
+        for (i = 0; i < OSSL_NELEM(test_stanza->structure); i++) {
+            const char *structure = test_stanza->structure[i];
+
+            TEST_info("Test OSSL_ENCODER against i2d_{TYPE}PrivateKey for %s, %s",
+                      test_stanza->keytype, structure);
+            if (!test_DER(key->keytype, key->evp_type, legacy_obj,
+                          test_stanza->i2d_PrivateKey,
+                          test_stanza->d2i_PrivateKey,
+                          EVP_PKEY_eq, EVP_PKEY_print_private,
+                          pkey, selection, structure))
+                ok = 0;
+        }
+    }
+
+    /* Test PublicKey to DER */
+    if (test_stanza->i2d_PublicKey != NULL) {
+        int selection =
+            OSSL_KEYMGMT_SELECT_PUBLIC_KEY
+            | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+
+        for (i = 0; i < OSSL_NELEM(test_stanza->structure); i++) {
+            const char *structure = test_stanza->structure[i];
+
+            TEST_info("Test OSSL_ENCODER against i2d_{TYPE}PublicKey for %s, %s",
+                      test_stanza->keytype, structure);
+            if (!test_DER(key->keytype, key->evp_type, legacy_obj,
+                          test_stanza->i2d_PublicKey,
+                          test_stanza->d2i_PublicKey,
+                          EVP_PKEY_eq, EVP_PKEY_print_public,
+                          pkey, selection, structure))
+                ok = 0;
+        }
+    }
+
+    /* Test params to DER */
+    if (test_stanza->i2d_params != NULL) {
+        int selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+
+        for (i = 0; i < OSSL_NELEM(test_stanza->structure); i++) {
+            const char *structure = test_stanza->structure[i];
+
+            TEST_info("Test OSSL_ENCODER against i2d_{TYPE}params for %s, %s",
+                      test_stanza->keytype, structure);
+            if (!test_DER(key->keytype, key->evp_type, legacy_obj,
+                          test_stanza->i2d_params, test_stanza->d2i_params,
+                          EVP_PKEY_parameters_eq, EVP_PKEY_print_params,
+                          pkey, selection, structure))
+                ok = 0;
+        }
+    }
+
+    /* Test PUBKEY to DER */
+    if (test_stanza->i2d_PUBKEY != NULL) {
+        int selection =
+            OSSL_KEYMGMT_SELECT_PUBLIC_KEY
+            | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS;
+        const char *structure = "SubjectPublicKeyInfo";
+
+        TEST_info("Test OSSL_ENCODER against i2d_{TYPE}_PUBKEY for %s, %s",
+                  test_stanza->keytype, structure);
+        if (!test_DER(key->keytype, key->evp_type, legacy_obj,
+                      test_stanza->i2d_PUBKEY, test_stanza->d2i_PUBKEY,
+                      EVP_PKEY_eq, EVP_PKEY_print_public,
+                      pkey, selection, structure))
+            ok = 0;
+    }
+ end:
+    EVP_PKEY_free(downgraded_pkey);
+    return ok;
+}
+
+int setup_tests(void)
+{
+    size_t i;
+
+    TEST_info("Generating keys...");
+
+    for (i = 0; i < OSSL_NELEM(keys); i++) {
+        if (!TEST_ptr(keys[i].key =
+                      make_key(keys[i].keytype, keys[i].template_params)))
+            return 0;
+    }
+
+    TEST_info("Generating key... done");
+
+    ADD_ALL_TESTS(test_key, OSSL_NELEM(test_stanzas));
+    return 1;
+}
+
+void cleanup_tests(void)
+{
+    size_t i;
+
+    for (i = 0; i < OSSL_NELEM(keys); i++)
+        EVP_PKEY_free(keys[i].key);
+}
diff --git a/test/recipes/04-test_encoder_decoder.t b/test/recipes/04-test_encoder_decoder_legacy.t
similarity index 89%
copy from test/recipes/04-test_encoder_decoder.t
copy to test/recipes/04-test_encoder_decoder_legacy.t
index 2041eb1fb9..9881322628 100644
--- a/test/recipes/04-test_encoder_decoder.t
+++ b/test/recipes/04-test_encoder_decoder_legacy.t
@@ -13,11 +13,11 @@ use OpenSSL::Test::Simple;
 use OpenSSL::Test qw/:DEFAULT srctop_file bldtop_dir/;
 use Cwd qw(abs_path);
 
-setup("test_encoder_decoder");
+setup("test_encode_legacy");
 
 plan tests => 1;
 
 $ENV{OPENSSL_MODULES} = abs_path(bldtop_dir("providers"));
 $ENV{OPENSSL_CONF} = abs_path(srctop_file("test", "default-and-legacy.cnf"));
 
-ok(run(test(["endecode_test"])));
+ok(run(test(["endecoder_legacy_test"])));


More information about the openssl-commits mailing list