diff --git a/test/test_rsa.c b/test/test_rsa.c index 005fdc63..9c511976 100644 --- a/test/test_rsa.c +++ b/test/test_rsa.c @@ -240,6 +240,117 @@ static const unsigned char rsa_key_der_2048[] = 0x56 }; +/* +* 2048 bit RSA private key. Generated as follows: +* openssl genpkey -algorithm RSA -out rsa_key.der -outform der -pkeyopt rsa_keygen_bits:2048 +* openssl pkcs8 -topk8 -in rsa_key.der -outform der -out rsa_key.pkcs8.der -nocrypt +* python ./bin2c.py rsa_key.pkcs8.der +*/ +static const unsigned char rsa_key_der_2048_pkcs8[] = { + 0x30, 0x82, 0x04, 0xbe, 0x02, 0x01, 0x00, 0x30, 0x0d, 0x06, 0x09, 0x2a, + 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x04, 0x82, + 0x04, 0xa8, 0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xb4, 0xe4, 0xc5, 0x13, 0x72, 0x59, 0x10, 0x1c, 0x83, 0xd0, + 0x44, 0x59, 0xf4, 0xf8, 0xf9, 0x54, 0x4f, 0xf5, 0x8b, 0xe8, 0x79, 0xfb, + 0xf7, 0x1d, 0x58, 0x24, 0xfa, 0x4a, 0xd7, 0xd9, 0x29, 0x15, 0x57, 0x1d, + 0x9d, 0x4e, 0x25, 0xad, 0x8d, 0xa9, 0xd7, 0x4e, 0x79, 0x97, 0x2c, 0xe6, + 0x2f, 0x14, 0x8b, 0x7f, 0xbb, 0x87, 0x64, 0x71, 0x38, 0x64, 0x52, 0xa0, + 0x7e, 0x9c, 0xb8, 0x68, 0x1c, 0xff, 0x52, 0xf5, 0x50, 0xd8, 0x97, 0x34, + 0xb3, 0x59, 0x2b, 0x3a, 0x94, 0xdb, 0xac, 0xe1, 0xd3, 0x57, 0x3c, 0x13, + 0x15, 0x35, 0xd4, 0x10, 0xeb, 0x7e, 0x8d, 0x98, 0x73, 0xa7, 0x8a, 0xf8, + 0x32, 0xc1, 0x38, 0x80, 0xc8, 0xa9, 0x30, 0x50, 0x68, 0x1b, 0xcc, 0xc5, + 0x93, 0x8e, 0x79, 0xf3, 0xfe, 0x83, 0x7c, 0x47, 0xb8, 0xf9, 0xb9, 0x07, + 0xac, 0x46, 0x86, 0x8b, 0x02, 0x55, 0x97, 0xb9, 0x1f, 0x63, 0x7b, 0xce, + 0x60, 0x9f, 0xfe, 0x6d, 0x8b, 0x34, 0x8b, 0xb4, 0x75, 0x60, 0x8e, 0x00, + 0x53, 0xf8, 0xcb, 0x4c, 0xa3, 0x33, 0x73, 0xfd, 0x66, 0x6d, 0xd2, 0x5e, + 0x53, 0x3d, 0x9e, 0x2b, 0x68, 0xa7, 0x5b, 0x84, 0x59, 0x94, 0x28, 0x28, + 0x4e, 0xab, 0x14, 0x37, 0xb2, 0xc7, 0xde, 0xab, 0x05, 0x4d, 0xb9, 0x13, + 0x59, 0x38, 0xf6, 0x88, 0x02, 0xf6, 0x5b, 0x53, 0x9a, 0x0f, 0x52, 0x08, + 0xf1, 0xf4, 0x8e, 0xe9, 0xc4, 0x2c, 0x64, 0xfb, 0xad, 0xf4, 0xe9, 0x32, + 0x63, 0xf8, 0x6e, 0x50, 0x97, 0x23, 0xe3, 0xce, 0xed, 0x71, 0xdd, 0x08, + 0x16, 0xa4, 0xcc, 0x98, 0xda, 0xf3, 0xda, 0xc2, 0xa0, 0x2d, 0x51, 0x10, + 0x0b, 0x8c, 0x3b, 0x05, 0x6a, 0x1d, 0x45, 0x5d, 0x7a, 0xdc, 0x64, 0xca, + 0xa0, 0x7c, 0xbf, 0x1a, 0x4f, 0x1c, 0x43, 0x77, 0x0f, 0xcd, 0x8e, 0x21, + 0xae, 0xd2, 0xfb, 0x15, 0x64, 0xc5, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, + 0x82, 0x01, 0x00, 0x19, 0x74, 0xaa, 0x11, 0x13, 0x01, 0xda, 0x85, 0x10, + 0xbd, 0x91, 0xa8, 0xd1, 0x12, 0xea, 0x4f, 0x45, 0x93, 0x49, 0xd5, 0x74, + 0xb9, 0x12, 0xec, 0xd3, 0xb7, 0x1c, 0x6b, 0xc4, 0xd5, 0x3f, 0xf5, 0x4b, + 0x55, 0x95, 0x09, 0xe6, 0xbe, 0x76, 0x15, 0x85, 0x01, 0x7b, 0x95, 0xdd, + 0x11, 0x25, 0x65, 0xf0, 0x3d, 0x90, 0xdf, 0xbc, 0x30, 0x3c, 0x9d, 0xcd, + 0x8c, 0xdd, 0x54, 0x63, 0x94, 0xef, 0x23, 0xb5, 0x02, 0x65, 0x96, 0x9d, + 0x2c, 0xa2, 0xe2, 0x74, 0xf5, 0x60, 0xf6, 0x4a, 0xed, 0x5a, 0x86, 0xc7, + 0xa2, 0xed, 0xd4, 0xad, 0xdb, 0x95, 0xb0, 0x30, 0xef, 0xd7, 0xb2, 0xa7, + 0x99, 0x46, 0xd7, 0x2f, 0x02, 0xdc, 0x7a, 0x06, 0x9d, 0x02, 0x11, 0x8b, + 0x6e, 0xf0, 0x55, 0x57, 0xef, 0x10, 0x8d, 0x63, 0x43, 0x5a, 0x91, 0xf5, + 0xca, 0x51, 0x21, 0x79, 0x94, 0x7d, 0x47, 0x1b, 0x3b, 0x47, 0x61, 0xc4, + 0xab, 0x48, 0x59, 0xf6, 0xb8, 0x66, 0x3b, 0x12, 0xeb, 0x7d, 0x55, 0xe7, + 0x9e, 0xe5, 0xc8, 0x66, 0x17, 0xd6, 0xcb, 0x07, 0xe8, 0x27, 0xb1, 0xeb, + 0xf7, 0xa6, 0xe2, 0x8b, 0x94, 0x49, 0x98, 0x6f, 0x2f, 0x59, 0x97, 0x7d, + 0x47, 0xb0, 0x9d, 0x44, 0x17, 0xda, 0x93, 0x0d, 0x4e, 0x9d, 0x9e, 0xd6, + 0xfc, 0x7a, 0xeb, 0xc6, 0x5a, 0x50, 0x87, 0x6a, 0x7d, 0xbd, 0x0c, 0x88, + 0xf6, 0x6a, 0x44, 0x47, 0xb7, 0xf2, 0xcf, 0x91, 0xe6, 0x7f, 0x70, 0x80, + 0x28, 0xdf, 0xc5, 0xcc, 0x35, 0x95, 0x54, 0xd8, 0x64, 0xc9, 0x8b, 0x3a, + 0x7c, 0xd0, 0xf3, 0x5a, 0x58, 0x39, 0x4c, 0x20, 0xf0, 0x23, 0x30, 0xcf, + 0xe2, 0xd5, 0x3d, 0xed, 0x4a, 0x24, 0x03, 0x5f, 0xd2, 0x67, 0xf5, 0xf8, + 0x27, 0x70, 0xb5, 0x20, 0xf7, 0xe6, 0xae, 0xe9, 0x30, 0x3a, 0xa9, 0xdc, + 0x8d, 0xa4, 0xeb, 0x95, 0x78, 0x4e, 0x4f, 0x02, 0x81, 0x81, 0x00, 0xfd, + 0x9d, 0x1f, 0x8a, 0xb9, 0xf6, 0x03, 0xa3, 0x9a, 0x37, 0xe2, 0x32, 0xff, + 0xd4, 0x8f, 0xf2, 0x57, 0xf0, 0x09, 0xf4, 0xf9, 0x2c, 0x71, 0x61, 0x6a, + 0x40, 0x84, 0xeb, 0x81, 0x66, 0x5a, 0x44, 0x96, 0x6a, 0xc7, 0x58, 0xb2, + 0x31, 0x88, 0x84, 0xf3, 0xd5, 0x93, 0x90, 0x1d, 0x8a, 0x22, 0xea, 0x88, + 0xfe, 0x5f, 0x7b, 0xf2, 0x9a, 0x52, 0xc7, 0xf2, 0x1d, 0x0c, 0xed, 0x7f, + 0x49, 0xde, 0x9b, 0xfb, 0x01, 0xbb, 0x6b, 0x6f, 0xba, 0xae, 0xf2, 0xd8, + 0x81, 0x98, 0x9f, 0x1b, 0x4b, 0xa4, 0x49, 0x52, 0xd1, 0x71, 0x6c, 0x38, + 0xa7, 0xb7, 0x1f, 0x93, 0xd7, 0x43, 0x98, 0x67, 0xc2, 0xfa, 0x09, 0x78, + 0xb9, 0x39, 0x5c, 0xe1, 0x2d, 0x3b, 0x59, 0x73, 0x75, 0xff, 0x8c, 0xc5, + 0x93, 0x97, 0x36, 0xd7, 0xf4, 0x60, 0xb0, 0xa2, 0xda, 0x4d, 0x90, 0x77, + 0x5d, 0x29, 0xc5, 0x2d, 0x45, 0x7d, 0x9f, 0x02, 0x81, 0x81, 0x00, 0xb6, + 0x98, 0x7c, 0x85, 0x3a, 0x68, 0x8a, 0x9e, 0xcd, 0xe9, 0xa8, 0x55, 0x27, + 0x55, 0x12, 0x96, 0x28, 0x84, 0xdd, 0x73, 0x17, 0x01, 0xa7, 0xf9, 0xc6, + 0xc5, 0x14, 0xb9, 0x55, 0x0d, 0xdc, 0x71, 0x52, 0x41, 0x9e, 0x5d, 0xf7, + 0xc1, 0x9e, 0xb8, 0x39, 0xdc, 0xab, 0x74, 0x6f, 0xe7, 0x3f, 0x16, 0x52, + 0x88, 0xec, 0x92, 0xe9, 0x95, 0x5d, 0x69, 0xf0, 0x19, 0x8a, 0xf9, 0x28, + 0x3a, 0xa9, 0x9f, 0x9c, 0x84, 0xda, 0x73, 0xda, 0x90, 0x00, 0x1a, 0xc4, + 0x6a, 0x1f, 0xb3, 0x89, 0xf8, 0x51, 0x4a, 0x05, 0xee, 0x89, 0xd4, 0xd0, + 0x86, 0x4e, 0x71, 0xc4, 0xd5, 0xf9, 0xc7, 0x2c, 0x18, 0xc7, 0xcc, 0x59, + 0x5e, 0x7e, 0x1c, 0xae, 0xc4, 0xd0, 0x1b, 0xea, 0x48, 0x32, 0x81, 0x35, + 0x71, 0xe3, 0x2f, 0xd8, 0x1a, 0x36, 0x91, 0xb7, 0x17, 0xb4, 0x34, 0x4f, + 0xb3, 0x16, 0x9c, 0x91, 0x42, 0xbb, 0x1b, 0x02, 0x81, 0x80, 0x36, 0xb0, + 0x0f, 0x01, 0x27, 0x20, 0x79, 0xa0, 0x69, 0xbc, 0xeb, 0x35, 0xfc, 0x1c, + 0xa5, 0xfd, 0xa8, 0x20, 0xc6, 0xc4, 0xe0, 0x86, 0x48, 0xdc, 0xac, 0xc0, + 0xc4, 0xe8, 0xd3, 0xba, 0x72, 0x74, 0x9f, 0xca, 0xde, 0xb9, 0xad, 0x93, + 0x28, 0xd1, 0x22, 0x93, 0x47, 0x82, 0xa8, 0x1c, 0x05, 0x73, 0x75, 0x9f, + 0x04, 0x90, 0x01, 0xbc, 0x6d, 0x65, 0x58, 0x3c, 0x13, 0x71, 0x93, 0x25, + 0x26, 0xaf, 0x93, 0xec, 0xc7, 0xb1, 0x5f, 0x22, 0x6e, 0x5f, 0x47, 0x78, + 0x8a, 0xa4, 0xa4, 0x8a, 0x27, 0x1e, 0xf8, 0x90, 0xd9, 0x58, 0x70, 0xcf, + 0x19, 0x99, 0xe1, 0x93, 0x65, 0xac, 0x13, 0x93, 0xe3, 0xbe, 0xef, 0x1d, + 0x61, 0xd5, 0x39, 0x69, 0x3b, 0x87, 0x0a, 0x72, 0xc3, 0x6c, 0x63, 0x9e, + 0x73, 0xd9, 0x0b, 0xb0, 0x52, 0xb9, 0x44, 0x24, 0xb6, 0xdd, 0x14, 0x20, + 0x2e, 0xc5, 0xaa, 0x01, 0x76, 0x19, 0x02, 0x81, 0x81, 0x00, 0xab, 0xd3, + 0x0c, 0x82, 0x36, 0x77, 0x7f, 0xd2, 0x76, 0x84, 0x65, 0x22, 0x54, 0x93, + 0xea, 0x9c, 0xa0, 0xde, 0x7e, 0xa1, 0x39, 0xca, 0x16, 0x2e, 0xa6, 0x8c, + 0x78, 0xb6, 0xfa, 0x41, 0xc3, 0xea, 0x63, 0x74, 0x5a, 0x39, 0xa4, 0xd6, + 0x6f, 0xac, 0x7e, 0xce, 0x98, 0x0d, 0x46, 0xec, 0x7d, 0xe2, 0x5c, 0xa2, + 0x7a, 0xb4, 0xb8, 0xd8, 0x14, 0x82, 0x87, 0x2d, 0x12, 0x28, 0xea, 0x61, + 0x61, 0x93, 0x50, 0x2f, 0x78, 0x7e, 0x42, 0xf2, 0xf5, 0x16, 0x3b, 0x34, + 0x7e, 0x46, 0x6e, 0x13, 0xdd, 0x32, 0xe2, 0x28, 0x19, 0x4d, 0xc9, 0x38, + 0x49, 0x83, 0x27, 0xae, 0x0f, 0x91, 0x0c, 0x7e, 0xf9, 0x2c, 0xe4, 0x00, + 0x56, 0x7e, 0x59, 0x3b, 0xdd, 0x76, 0x17, 0x5d, 0xff, 0x20, 0xb5, 0x91, + 0x49, 0x2f, 0x91, 0x95, 0x01, 0x3a, 0xd7, 0xe7, 0x97, 0x6d, 0x0e, 0x7e, + 0xc1, 0x4d, 0x6e, 0x28, 0x34, 0x77, 0x02, 0x81, 0x81, 0x00, 0xfc, 0x7d, + 0x42, 0xab, 0xee, 0xaf, 0xbf, 0x77, 0x67, 0x50, 0x20, 0x35, 0xbf, 0xc0, + 0x86, 0x89, 0x8f, 0xd4, 0x3c, 0x6b, 0x9a, 0xcd, 0x70, 0xbb, 0x44, 0x7a, + 0x45, 0x88, 0x35, 0xc1, 0x80, 0x87, 0x45, 0xe0, 0xd9, 0x85, 0xff, 0xa5, + 0xc3, 0x1e, 0xd4, 0x07, 0xe0, 0x86, 0x8d, 0x82, 0x0b, 0xe1, 0x30, 0xf8, + 0x01, 0x5c, 0x54, 0xa1, 0xc1, 0xa5, 0xbc, 0x0f, 0xfa, 0xe2, 0xd1, 0x34, + 0x17, 0xc7, 0x06, 0x2b, 0x88, 0xae, 0x9f, 0x96, 0xd3, 0x25, 0xcf, 0xac, + 0xa6, 0xab, 0x06, 0x40, 0xc6, 0x79, 0x75, 0xe1, 0xd6, 0xcd, 0x43, 0x42, + 0x80, 0xfe, 0xa0, 0x67, 0xb2, 0x30, 0x9f, 0x4b, 0xaa, 0x09, 0x64, 0xe9, + 0x38, 0xf5, 0x8b, 0xe2, 0x72, 0x24, 0x26, 0x83, 0x7f, 0x3f, 0xa1, 0xff, + 0xc1, 0xd2, 0xd7, 0xc1, 0x3a, 0x6b, 0x89, 0xde, 0x18, 0x0c, 0xe2, 0x1a, + 0x20, 0x74, 0x68, 0x3c, 0x7a, 0x72, +}; + static int test_rsa_sign_verify_pad(int padMode, const EVP_MD *md, const EVP_MD *mgf1Md) { @@ -1175,6 +1286,331 @@ int test_rsa_fromdata(void* data) EVP_PKEY_CTX_free(ctx_wolf); EVP_PKEY_CTX_free(ctx_ossl); + return err; +} + +static int test_rsa_decode_pkcs8(void) +{ + int err = 0; + PKCS8_PRIV_KEY_INFO* p8inf = NULL; + const unsigned char *p = NULL; + int len = 0; + EVP_PKEY* pkey1 = NULL; + const RSA* rsakey1 = NULL; + EVP_PKEY* pkey2 = NULL; + const RSA* rsakey2 = NULL; + + p = rsa_key_der_2048_pkcs8; + len = sizeof(rsa_key_der_2048_pkcs8); + p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, (const unsigned char **)&p, len); + err = p8inf == NULL; + + if (err == 0) { + PRINT_MSG("Decode with OpenSSL and Wolfprovider"); + pkey1 = EVP_PKCS82PKEY_ex(p8inf, osslLibCtx, NULL); + pkey2 = EVP_PKCS82PKEY_ex(p8inf, wpLibCtx, NULL); + PKCS8_PRIV_KEY_INFO_free(p8inf); + err = (pkey1 == NULL || pkey2 == NULL); + } + + /* Pull an old style RSA structure from the decoded pkey */ + if (err == 0) { + rsakey1 = EVP_PKEY_get0_RSA(pkey1); + rsakey2 = EVP_PKEY_get0_RSA(pkey2); + err = rsakey1 == NULL || rsakey2 == NULL; + } + + /* Compare the two RSA keys */ + if (err == 0) { + const BIGNUM *n1, *n2; + const BIGNUM *e1, *e2; + const BIGNUM *d1, *d2; + PRINT_MSG("Compare OpenSSL and Wolfprovider RSA keys"); + RSA_get0_key(rsakey1, + (const BIGNUM **)&n1, + (const BIGNUM **)&e1, + (const BIGNUM **)&d1); + RSA_get0_key(rsakey2, + (const BIGNUM **)&n2, + (const BIGNUM **)&e2, + (const BIGNUM **)&d2); + err = (BN_cmp(n1, n2) != 0 || + BN_cmp(e1, e2) != 0 || + BN_cmp(d1, d2) != 0); + } + + /* Compare RSA factors */ + if (err == 0) { + const BIGNUM *p1, *p2; + const BIGNUM *q1, *q2; + RSA_get0_factors(rsakey1, + (const BIGNUM **)&p1, + (const BIGNUM **)&q1); + RSA_get0_factors(rsakey2, + (const BIGNUM **)&p2, + (const BIGNUM **)&q2); + err = (BN_cmp(p1, p2) != 0 || BN_cmp(q1, q2) != 0); + } + + if (err == 0) { + err = (RSA_get_multi_prime_extra_count(rsakey1) != + RSA_get_multi_prime_extra_count(rsakey2)); + } + + if (err == 0) { + int pnum = RSA_get_multi_prime_extra_count(rsakey1); + BIGNUM **primes1 = malloc(sizeof(BIGNUM *) * pnum); + BIGNUM **primes2 = malloc(sizeof(BIGNUM *) * pnum); + for (int i = 0; i < pnum; i++) { + primes1[i] = BN_new(); + primes2[i] = BN_new(); + if (primes1[i] == NULL || primes2[i] == NULL) { + err = 1; + break; + } + } + if (err == 0) { + RSA_get0_multi_prime_factors(rsakey1, (const BIGNUM**)primes1); + RSA_get0_multi_prime_factors(rsakey2, (const BIGNUM**)primes2); + for (int i = 0; i < pnum; i++) { + err = (BN_cmp(primes1[i], primes2[i]) != 0); + if (err != 0) { + break; + } + } + } + for (int i = 0; i < pnum; i++) { + BN_free(primes1[i]); + BN_free(primes2[i]); + } + free(primes1); + free(primes2); + } + + if (err == 0) { + const BIGNUM *p1, *p2; + const BIGNUM *q1, *q2; + const BIGNUM *d1, *d2; + RSA_get0_crt_params(rsakey1, (const BIGNUM **)&p1, (const BIGNUM **)&q1, + (const BIGNUM **)&d1); + RSA_get0_crt_params(rsakey2, (const BIGNUM **)&p2, (const BIGNUM **)&q2, + (const BIGNUM **)&d2); + err = (BN_cmp(p1, p2) != 0 || + BN_cmp(q1, q2) != 0 || + BN_cmp(d1, d2) != 0); + } + + if (err == 0) { + int pnum = RSA_get_multi_prime_extra_count(rsakey1); + BIGNUM **exps1 = malloc(sizeof(BIGNUM *) * pnum); + BIGNUM **exps2 = malloc(sizeof(BIGNUM *) * pnum); + BIGNUM **coeffs1 = malloc(sizeof(BIGNUM *) * pnum); + BIGNUM **coeffs2 = malloc(sizeof(BIGNUM *) * pnum); + for (int i = 0; i < pnum; i++) { + exps1[i] = BN_new(); + exps2[i] = BN_new(); + coeffs1[i] = BN_new(); + coeffs2[i] = BN_new(); + if (exps1[i] == NULL || exps2[i] == NULL || + coeffs1[i] == NULL || coeffs2[i] == NULL) { + err = 1; + break; + } + } + if (err == 0) { + RSA_get0_multi_prime_crt_params(rsakey1, + (const BIGNUM**)exps1, (const BIGNUM**)coeffs1); + RSA_get0_multi_prime_crt_params(rsakey2, + (const BIGNUM**)exps2, (const BIGNUM**)coeffs2); + for (int i = 0; i < pnum; i++) { + err = (BN_cmp(exps1[i], exps2[i]) != 0 || + BN_cmp(coeffs1[i], coeffs2[i]) != 0); + if (err != 0) { + break; + } + } + } + for (int i = 0; i < pnum; i++) { + BN_free(exps1[i]); + BN_free(exps2[i]); + BN_free(coeffs1[i]); + BN_free(coeffs2[i]); + } + free(exps1); + free(exps2); + free(coeffs1); + free(coeffs2); + } + + if (err == 0) { + const BIGNUM *bn1; + const BIGNUM *bn2; + + PRINT_MSG("Compare OpenSSL and Wolfprovider RSA key fields"); + + bn1 = RSA_get0_n(rsakey1); + bn2 = RSA_get0_n(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + + if (err == 0) { + bn1 = RSA_get0_e(rsakey1); + bn2 = RSA_get0_e(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + if (err == 0) { + bn1 = RSA_get0_d(rsakey1); + bn2 = RSA_get0_d(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + if (err == 0) { + bn1 = RSA_get0_p(rsakey1); + bn2 = RSA_get0_p(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + if (err == 0) { + bn1 = RSA_get0_q(rsakey1); + bn2 = RSA_get0_q(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + if (err == 0) { + bn1 = RSA_get0_dmp1(rsakey1); + bn2 = RSA_get0_dmp1(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + if (err == 0) { + bn1 = RSA_get0_dmq1(rsakey1); + bn2 = RSA_get0_dmq1(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + if (err == 0) { + bn1 = RSA_get0_iqmp(rsakey1); + bn2 = RSA_get0_iqmp(rsakey2); + err = (BN_cmp(bn1, bn2) != 0); + } + } + + EVP_PKEY_free(pkey1); + EVP_PKEY_free(pkey2); + + return err; +} + +static int test_rsa_decode_pkcs8_evp_pkey(void) +{ + int err = 0; + PKCS8_PRIV_KEY_INFO* p8inf = NULL; + const unsigned char *p = NULL; + int len = 0; + EVP_PKEY* pkey1 = NULL; + EVP_PKEY* pkey2 = NULL; + + p = rsa_key_der_2048_pkcs8; + len = sizeof(rsa_key_der_2048_pkcs8); + p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, (const unsigned char **)&p, len); + err = p8inf == NULL; + + if (err == 0) { + PRINT_MSG("Decode with OpenSSL and Wolfprovider"); + pkey1 = EVP_PKCS82PKEY_ex(p8inf, osslLibCtx, NULL); + pkey2 = EVP_PKCS82PKEY_ex(p8inf, wpLibCtx, NULL); + PKCS8_PRIV_KEY_INFO_free(p8inf); + err = (pkey1 == NULL || pkey2 == NULL); + } + + if (err == 0) { + BIGNUM *bn1 = NULL; + BIGNUM *bn2 = NULL; + int err1, err2; + + /* List of parameter keys to compare */ + static const char* keys[] = { + OSSL_PKEY_PARAM_PRIV_KEY, + OSSL_PKEY_PARAM_PUB_KEY, + OSSL_PKEY_PARAM_RSA_BITS, + OSSL_PKEY_PARAM_RSA_COEFFICIENT, + OSSL_PKEY_PARAM_RSA_COEFFICIENT1, + OSSL_PKEY_PARAM_RSA_COEFFICIENT2, + OSSL_PKEY_PARAM_RSA_COEFFICIENT3, + OSSL_PKEY_PARAM_RSA_COEFFICIENT4, + OSSL_PKEY_PARAM_RSA_COEFFICIENT5, + OSSL_PKEY_PARAM_RSA_COEFFICIENT6, + OSSL_PKEY_PARAM_RSA_COEFFICIENT7, + OSSL_PKEY_PARAM_RSA_COEFFICIENT8, + OSSL_PKEY_PARAM_RSA_COEFFICIENT9, + OSSL_PKEY_PARAM_RSA_D, + OSSL_PKEY_PARAM_RSA_E, + OSSL_PKEY_PARAM_RSA_EXPONENT, + OSSL_PKEY_PARAM_RSA_EXPONENT1, + OSSL_PKEY_PARAM_RSA_EXPONENT10, + OSSL_PKEY_PARAM_RSA_EXPONENT2, + OSSL_PKEY_PARAM_RSA_EXPONENT3, + OSSL_PKEY_PARAM_RSA_EXPONENT4, + OSSL_PKEY_PARAM_RSA_EXPONENT5, + OSSL_PKEY_PARAM_RSA_EXPONENT6, + OSSL_PKEY_PARAM_RSA_EXPONENT7, + OSSL_PKEY_PARAM_RSA_EXPONENT8, + OSSL_PKEY_PARAM_RSA_EXPONENT9, + OSSL_PKEY_PARAM_RSA_FACTOR, + OSSL_PKEY_PARAM_RSA_FACTOR1, + OSSL_PKEY_PARAM_RSA_FACTOR10, + OSSL_PKEY_PARAM_RSA_FACTOR2, + OSSL_PKEY_PARAM_RSA_FACTOR3, + OSSL_PKEY_PARAM_RSA_FACTOR4, + OSSL_PKEY_PARAM_RSA_FACTOR5, + OSSL_PKEY_PARAM_RSA_FACTOR6, + OSSL_PKEY_PARAM_RSA_FACTOR7, + OSSL_PKEY_PARAM_RSA_FACTOR8, + OSSL_PKEY_PARAM_RSA_FACTOR9, + OSSL_PKEY_PARAM_RSA_N, + OSSL_PKEY_PARAM_RSA_PRIMES, + OSSL_PKEY_PARAM_RSA_PSS_SALTLEN, + OSSL_PKEY_PARAM_RSA_TEST_P1, + OSSL_PKEY_PARAM_RSA_TEST_P2, + OSSL_PKEY_PARAM_RSA_TEST_Q1, + OSSL_PKEY_PARAM_RSA_TEST_Q2, + OSSL_PKEY_PARAM_RSA_TEST_XP, + OSSL_PKEY_PARAM_RSA_TEST_XP1, + OSSL_PKEY_PARAM_RSA_TEST_XP2, + OSSL_PKEY_PARAM_RSA_TEST_XQ, + OSSL_PKEY_PARAM_RSA_TEST_XQ1, + OSSL_PKEY_PARAM_RSA_TEST_XQ2, + }; + + for (unsigned i = 0; i < sizeof(keys) / sizeof(*keys); i++) { + err1 = EVP_PKEY_get_bn_param(pkey1, keys[i], &bn1); + err2 = EVP_PKEY_get_bn_param(pkey2, keys[i], &bn2); + + PRINT_MSG("Comparing key %s (%d %d)", keys[i], err1, err2); + + if (err1 != err2) { + err = 1; + } + else if (err1 == 0) { + err = BN_cmp(bn1, bn2) != 0; + } + } + + BN_free(bn1); + BN_free(bn2); + bn1 = NULL; + bn2 = NULL; + } + + EVP_PKEY_free(pkey1); + EVP_PKEY_free(pkey2); + + return err; +} + +int test_rsa_decode(void* data) +{ + int err = 0; + (void)data; + + err = test_rsa_decode_pkcs8(); + if (err == 0) { + err = test_rsa_decode_pkcs8_evp_pkey(); + } return err; } diff --git a/test/unit.c b/test/unit.c index 71349e9a..e16db54f 100644 --- a/test/unit.c +++ b/test/unit.c @@ -166,6 +166,7 @@ TEST_CASE test_case[] = { TEST_DECL(test_rsa_load_key, NULL), TEST_DECL(test_rsa_load_cert, NULL), TEST_DECL(test_rsa_fromdata, NULL), + TEST_DECL(test_rsa_decode, NULL), #endif /* WP_HAVE_RSA */ #ifdef WP_HAVE_EC_P192 #ifdef WP_HAVE_ECKEYGEN diff --git a/test/unit.h b/test/unit.h index 9db64f51..d1ab21f4 100644 --- a/test/unit.h +++ b/test/unit.h @@ -245,6 +245,7 @@ int test_rsa_get_params(void *data); int test_rsa_load_key(void* data); int test_rsa_load_cert(void* data); int test_rsa_fromdata(void* data); +int test_rsa_decode(void* data); #endif /* WP_HAVE_RSA */ #ifdef WP_HAVE_DH