mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
ecc920b327
openssl/test/recipes
History
slontis 78c44b0594 Add HPKE DHKEM provider support for EC, X25519 and X448. 
The code is derived from @sftcd's work in PR #17172.
This PR puts the DHKEM algorithms into the provider layer as
KEM algorithms for EC and ECX.

This PR only implements the DHKEM component of HPKE as specified in
RFC 9180.

crypto/hpke/hpke_util.c has been added for fuctions that will
be shared between DHKEM and HPKE.

API's for EVP_PKEY_auth_encapsulate_init() and EVP_PKEY_auth_decapsulate_init()
have been added to support authenticated encapsulation. auth_init() functions
were chosen rather that a EVP_PKEY_KEM_set_auth() interface to support
future algorithms that could possibly need different init functions.

Internal code has been refactored, so that it can be shared between the DHKEM
and other systems. Since DHKEM operates on low level keys it needs to be
able to do low level ECDH and ECXDH calls without converting the keys
back into EVP_PKEY/EVP_PKEY_CTX form. See ossl_ecx_compute_key(),
ossl_ec_public_from_private()

DHKEM requires API's to derive a key using a seed (IKM). This did not sit
well inside the DHKEM itself as dispatch functions. This functionality
fits better inside the EC and ECX keymanagers keygen, since
they are just variations of keygen where the private key is generated
in a different manner. This should mainly be used for testing purposes.
See ossl_ec_generate_key_dhkem().
It supports this by allowing a settable param to be passed to keygen
(See OSSL_PKEY_PARAM_DHKEM_IKM).
The keygen calls code within ec and ecx dhkem implementation to handle this.
See ossl_ecx_dhkem_derive_private() and ossl_ec_dhkem_derive_private().
These 2 functions are also used by the EC/ECX DHKEM implementations to generate
the sender ephemeral keys.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19068)
2022-09-23 09:24:47 +01:00
..
04-test_conf_data
04-test_params_conversion_data
04-test_pem_read_depr_data
04-test_pem_reading_data
10-test_bn_data Add an extra reduction step to RSAZ mod_exp implementations 2022-06-16 15:22:35 +02:00
15-test_dsaparam_data
15-test_ecparam_data Support decode SM2 parameters 2022-08-23 11:08:11 +10:00
15-test_mp_rsa_data
15-test_rsaoaep_data
15-test_rsapss_data Add checks for saltlen and trailerfield to rsa key writer. 2022-06-27 10:58:40 +02:00
20-test_dhparam_check_data Fixes related to separation of DH and DHX types 2021-04-26 19:52:11 +02:00
20-test_dhparam_data
25-test_eai_data
25-test_pkcs7_data Add -quiet option to pkcs7 for -print_certs 2022-02-24 11:21:06 +11:00
25-test_rusext_data
30-test_defltfips test: add a comment indication that a bad MAC is intentional 2021-07-28 10:35:06 +10:00
30-test_evp_data Fix default padding regression against 3.0.0 FIPS provider 2022-09-16 08:34:52 +10:00
30-test_evp_pkey_provided dh_to_text: Print the dh->length if set 2022-07-18 08:06:17 +01:00
61-test_bio_prefix_data
65-test_cmp_client_data
65-test_cmp_msg_data
65-test_cmp_protect_data
65-test_cmp_server_data
65-test_cmp_vfy_data Remove executable mode attributes of non-executable files 2021-07-13 16:04:32 +10:00
66-test_ossl_store_data
80-test_ca_data
80-test_ca_internals_data Add tests for do_updatedb 2022-02-14 10:18:46 +01:00
80-test_cmp_http_data CMP mock server: add -ref_cert option and corresponding ossl_cmp_mock_srv_set1_refCert() 2022-01-04 17:04:56 +01:00
80-test_cms_data
80-test_cmsapi_data Clear incorrectly reported errors in cms_io. 2022-04-21 08:38:13 +02:00
80-test_ocsp_data
80-test_ssl_old_data
80-test_tsa_data
90-test_gost_data gost: remove the internal GOST test. 2021-06-17 08:26:17 +01:00
90-test_includes_data test/recipes/90-test_includes_data/vms-includes.cnf: correct the directory 2021-06-26 06:43:09 +02:00
90-test_sslapi_data SSL_conf_cmd: Allow DH Parameters at any position. 2022-04-12 10:39:09 +02:00
90-test_store_data TEST: Add testing of PVK and MSBLOB files to test_store 2021-07-03 19:41:25 +02:00
90-test_threads_data
91-test_pkey_check_data test_pkey_check: Positive testcase for private key with unknown parameters 2022-06-15 11:02:30 +02:00
95-test_external_gost_engine_data
95-test_external_krb5_data Update krb5 module and re-enable pkinit tests 2021-06-11 12:34:16 +02:00
95-test_external_oqsprovider_data update oqsprovider/liboqs to v0.7.2 2022-09-12 08:40:45 +02:00
95-test_external_pyca_data Update copyright year 2021-05-06 13:03:23 +01:00
95-test_external_tlsfuzzer_data TLS Fuzzer: initial test infrastructure 2022-01-05 11:24:51 +01:00
00-prep_fipsmodule_cnf.t TEST: Add test specific fipsmodule.cnf, and use it 2021-05-26 15:11:01 +02:00
01-test_abort.t
01-test_fipsmodule_cnf.t TEST: Add test specific fipsmodule.cnf, and use it 2021-05-26 15:11:01 +02:00
01-test_sanity.t
01-test_symbol_presence.t Fix the symbol_presence test with a shlib_variant 2021-12-30 16:50:02 +00:00
01-test_test.t
02-test_errstr.t 02-test_errstr.t: print errorcodes in hex (rather than decimal) format 2021-11-22 14:38:18 +01:00
02-test_internal_context.t
02-test_internal_ctype.t
02-test_internal_keymgmt.t Fix a mem leak in evp_pkey_export_to_provider 2022-06-15 10:53:04 -04:00
02-test_internal_provider.t
02-test_lhash.t
02-test_list.t list: add a doubly linked list type. 2022-09-05 16:24:53 +10:00
02-test_localetest.t test/recipes/*.t: setup() doesn't play well with spaces in the argument 2022-06-16 15:43:58 +02:00
02-test_ordinals.t
02-test_priority_queue.t test: add priority queue unit test 2022-06-22 13:05:40 +10:00
02-test_sparse_array.t
02-test_stack.t
03-test_exdata.t
03-test_fipsinstall.t Update copyright year 2022-05-03 13:34:51 +01:00
03-test_internal_asn1_dsa.t
03-test_internal_asn1.t
03-test_internal_bn.t
03-test_internal_chacha.t
03-test_internal_curve448.t
03-test_internal_ec.t
03-test_internal_ffc.t
03-test_internal_mdc2.t
03-test_internal_modes.t
03-test_internal_namemap.t
03-test_internal_poly1305.t
03-test_internal_rsa_sp800_56b.t
03-test_internal_siphash.t
03-test_internal_sm2.t
03-test_internal_sm3.t Apply the correct Apache v2 license 2022-02-14 10:08:21 +01:00
03-test_internal_sm4.t
03-test_internal_ssl_cert_table.t
03-test_internal_x509.t
03-test_params_api.t
03-test_property.t property: add test case for setting default user properties before fetching 2021-05-12 18:20:03 +10:00
03-test_ui.t
04-test_asn1_decode.t
04-test_asn1_encode.t
04-test_asn1_string_table.t
04-test_bio_callback.t
04-test_bio_core.t Update copyright year 2021-05-06 13:03:23 +01:00
04-test_bio_dgram.t BIO_dgram support for BIO_sendmmsg/BIO_recvmmsg 2022-09-01 18:03:10 +10:00
04-test_bio_tfo.t Update copyright year 2022-05-03 13:34:51 +01:00
04-test_bioprint.t
04-test_conf.t Update copyright year 2021-07-29 15:41:35 +01:00
04-test_encoder_decoder_legacy.t Update copyright year 2021-06-17 13:24:59 +01:00
04-test_encoder_decoder.t Enhance the encoder/decoder tests to allow testing with a non-default library context and configurable providers 2021-06-01 12:16:27 +02:00
04-test_err.t
04-test_hexstring.t
04-test_membio.t Add a test for BIO_s_mem() when using datagrams 2022-07-28 08:06:52 +01:00
04-test_param_build.t
04-test_params_conversion.t
04-test_params.t
04-test_pem_read_depr.t
04-test_pem_reading.t test_pem_reading: Test loading a key from a file with multiple PEM data 2021-07-02 15:33:34 +02:00
04-test_provfetch.t Update copyright year 2021-06-17 13:24:59 +01:00
04-test_provider_fallback.t
04-test_provider_pkey.t test: fetching proper signature provider for non-exportable keys 2021-10-27 12:41:51 +02:00
04-test_provider.t Update copyright year 2021-05-20 14:22:33 +01:00
04-test_upcalls.t Update copyright year 2021-06-17 13:24:59 +01:00
05-test_bf.t
05-test_cast.t
05-test_cmac.t
05-test_des.t
05-test_hmac.t
05-test_idea.t
05-test_pbe.t Fix small typo in test/recipes/05-test_pbe.t 2021-06-17 08:20:49 +01:00
05-test_rand.t test-rand: return failure on not enough data, allow parent 2021-10-26 20:02:55 +10:00
05-test_rc2.t
05-test_rc4.t
05-test_rc5.t
06-test_algorithmid.t always use the same perl in $PATH 2021-09-02 12:55:39 +10:00
06-test_rdcpu_sanity.t Add tests for RNDR and combine tests with RDRAND 2021-12-16 12:38:09 +01:00
10-test_bn.t
10-test_exp.t
15-test_dh.t
15-test_dsa.t
15-test_dsaparam.t
15-test_ec.t TEST: Check property query support of apps/pkey 2022-08-17 09:20:41 +02:00
15-test_ecdsa.t
15-test_ecparam.t Support decode SM2 parameters 2022-08-23 11:08:11 +10:00
15-test_gendh.t Update copyright year 2021-05-06 13:03:23 +01:00
15-test_gendhparam.t Update copyright year 2022-05-03 13:34:51 +01:00
15-test_gendsa.t
15-test_genec.t
15-test_genrsa.t APPS: genrsa: Support setting properties 2022-08-17 09:20:41 +02:00
15-test_mp_rsa.t Update copyright year 2021-06-17 13:24:59 +01:00
15-test_out_option.t
15-test_rsa.t test_rsa: Test for PVK format conversion 2021-12-06 16:38:03 +01:00
15-test_rsaoaep.t
15-test_rsapss.t Add checks for saltlen and trailerfield to rsa key writer. 2022-06-27 10:58:40 +02:00
15-test_sha.t Update copyright year 2021-06-17 13:24:59 +01:00
20-test_app.t
20-test_cli_fips.t APPS: dgst: Support properties when signing 2022-08-17 09:20:41 +02:00
20-test_dgst.t SHAKE documentation updates for default output length. 2022-08-17 16:17:42 +02:00
20-test_dhparam_check.t Fixes related to separation of DH and DHX types 2021-04-26 19:52:11 +02:00
20-test_dhparam.t APPS: dhparam: Support setting properties 2022-08-17 09:20:41 +02:00
20-test_enc_more.t
20-test_enc.t Update copyright year 2021-07-29 15:41:35 +01:00
20-test_kdf.t Update copyright year 2021-05-20 14:22:33 +01:00
20-test_mac.t apps/mac: Add digest and cipher command line options 2021-05-08 22:15:56 +10:00
20-test_passwd.t Update copyright year 2021-07-29 15:41:35 +01:00
20-test_pkeyutl.t Add some tests for -inform/keyform enforcement 2021-05-06 11:43:32 +01:00
20-test_rand_config.t
20-test_spkac.t test: add SPKAC command test 2021-06-15 18:26:47 +10:00
25-test_crl.t Update copyright year 2021-05-06 13:03:23 +01:00
25-test_d2i.t
25-test_eai_data.t Add a test for verifying an email with a bad othername type 2021-08-31 20:47:25 +10:00
25-test_pkcs7.t Update copyright year 2022-05-03 13:34:51 +01:00
25-test_pkcs8.t Add support for PBE using hmacWithSM3 2022-09-15 17:03:56 +02:00
25-test_req.t Update copyright year 2022-05-03 13:34:51 +01:00
25-test_rusext.t Tests adjustments for default output change 2021-09-21 14:08:41 +02:00
25-test_sid.t
25-test_verify_store.t test: replace tabs with spaces in test recipes 2021-06-19 15:54:06 +10:00
25-test_verify.t With fips provider 3.0.0 skip tests related to explicit curves handling 2022-09-16 08:34:53 +10:00
25-test_x509.t Add test from "Fix re-signing certificates with different key sizes" 2022-07-22 13:47:03 -04:00
30-test_acvp.t acvp: fix the no-acvp_test build 2021-04-30 17:51:44 +10:00
30-test_aesgcm.t
30-test_afalg.t
30-test_defltfips.t Fix a few tests that fail on VMS 2021-09-07 10:51:54 +02:00
30-test_engine.t tests: Add test for X509_dup with ENGINE based key 2021-10-25 14:32:43 +02:00
30-test_evp_extra.t Update copyright year 2021-04-08 13:04:41 +01:00
30-test_evp_fetch_prov.t
30-test_evp_kdf.t
30-test_evp_libctx.t Add an evp_libctx_test test run for legacy provider 2021-05-26 07:27:25 +10:00
30-test_evp_pkey_dhkem.t Add HPKE DHKEM provider support for EC, X25519 and X448. 2022-09-23 09:24:47 +01:00
30-test_evp_pkey_dparam.t
30-test_evp_pkey_provided.t
30-test_evp.t Implement AES-GCM-SIV (RFC8452) 2022-07-29 08:32:16 -04:00
30-test_pbelu.t
30-test_pkey_meth_kdf.t
30-test_pkey_meth.t
30-test_prov_config.t Add a test for running the config twice 2021-08-27 09:52:19 +10:00
30-test_provider_status.t Add test for provider gettables 2021-07-06 10:55:19 +10:00
40-test_rehash.t
60-test_x509_check_cert_pkey.t test: replace tabs with spaces in test recipes 2021-06-19 15:54:06 +10:00
60-test_x509_dup_cert.t
60-test_x509_store.t
60-test_x509_time.t
61-test_bio_prefix.t
61-test_bio_readbuffer.t
65-test_cmp_asn.t
65-test_cmp_client.t
65-test_cmp_ctx.t Fix ossl_x509v3_cache_extensions(): EXFLAG_NO_FINGERPRINT should not be an error 2022-08-18 09:28:57 +02:00
65-test_cmp_hdr.t Update copyright year 2021-04-08 13:04:41 +01:00
65-test_cmp_msg.t
65-test_cmp_protect.t
65-test_cmp_server.t Use the fips-and-base.cnf config file in CMP tests 2021-06-08 18:53:39 +01:00
65-test_cmp_status.t Update copyright year 2021-04-08 13:04:41 +01:00
65-test_cmp_vfy.t Use the fips-and-base.cnf config file in CMP tests 2021-06-08 18:53:39 +01:00
66-test_ossl_store.t test/recipes/66-test_ossl_store.t: ensure native paths 2021-06-26 06:43:08 +02:00
70-test_asyncio.t
70-test_bad_dtls.t
70-test_clienthello.t
70-test_comp.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_key_share.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_packet.t
70-test_quic_record.t QUIC Demuxer and Record Layer (RX Side) 2022-09-02 10:03:55 +02:00
70-test_quic_wire.t QUIC Frame Encoding and Decoding Functions 2022-07-29 16:28:37 +10:00
70-test_recordlen.t
70-test_renegotiation.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_servername.t
70-test_sslcbcpadding.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslcertstatus.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslextension.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslmessages.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslrecords.t Test that we ignore a bad record version in a plaintext TLSv1.3 record 2022-08-29 12:21:34 +02:00
70-test_sslsessiontick.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslsigalgs.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslsignature.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslskewith0p.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslversions.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_sslvertol.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tls13alerts.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tls13cookie.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tls13downgrade.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tls13hrr.t Update copyright year 2022-05-03 13:34:51 +01:00
70-test_tls13kexmodes.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tls13messages.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tls13psk.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_tlsextms.t Remove OPENSSL_ia32cap overrides in various test scripts 2021-10-06 15:18:09 +02:00
70-test_verify_extra.t Update copyright year 2022-05-03 13:34:51 +01:00
70-test_wpacket.t
71-test_ssl_ctx.t Update copyright year 2021-04-08 13:04:41 +01:00
75-test_quic_ackm.t QUIC ACK Manager, Statistics Manager and Congestion Control API 2022-08-24 14:05:46 +01:00
75-test_quicapi.t First working empty protocol test 2022-06-03 12:07:18 +10:00
79-test_http.t Avoid some MinGW test failures 2021-07-02 17:44:02 +01:00
80-test_ca_internals.t Add tests for do_updatedb 2022-02-14 10:18:46 +01:00
80-test_ca.t test/recipes/80-test_ca.t: Don't force quotes around the config file in $cnf 2021-06-26 06:43:08 +02:00
80-test_cipherbytes.t Update copyright year 2021-09-07 13:35:43 +02:00
80-test_cipherlist.t Update copyright year 2021-09-07 13:35:43 +02:00
80-test_ciphername.t Update copyright year 2021-09-07 13:35:43 +02:00
80-test_cmp_http.t 80-test_cmp_http.t: fix adaption of plan on 'certstatus' aspect of Mock server 2022-07-26 16:21:40 +02:00
80-test_cms.t cms: Create test for for purpose verification in cms application 2022-08-18 10:24:53 +02:00
80-test_cmsapi.t Update copyright year 2022-05-03 13:34:51 +01:00
80-test_ct.t
80-test_dane.t Test for DANE cross cert fix 2021-09-03 00:11:53 -04:00
80-test_dtls_mtu.t
80-test_dtls.t
80-test_dtlsv1listen.t
80-test_ocsp.t Update copyright year 2022-05-03 13:34:51 +01:00
80-test_pkcs12.t Update copyright year 2022-05-03 13:34:51 +01:00
80-test_ssl_new.t 80-test_ssl_new.t: make dependencies on CTLOG_FILE and TEST_CERTS_DIR explicit 2022-09-16 10:07:15 +02:00
80-test_ssl_old.t tls: ban SSL3, TLS1, TLS1.1 and DTLS1.0 at security level one and above 2022-05-08 16:58:00 +10:00
80-test_ssl_test_ctx.t
80-test_sslcorrupt.t
80-test_tsa.t TEST: Prefer using precomputed RSA and DH keys for more efficient tests 2021-05-27 11:06:01 +02:00
80-test_x509aux.t
81-test_cmp_cli.t Avoid some MinGW test failures 2021-07-02 17:44:02 +01:00
82-test_tfo_cli.t Disable 82-test_tfo_cli if tfo is not enabled. 2022-05-23 10:08:38 +10:00
90-test_asn1_time.t
90-test_async.t
90-test_bio_enc.t
90-test_bio_memleak.t
90-test_constant_time.t
90-test_fatalerr.t
90-test_fipsload.t Fix test/recipes/90-test_fipsload.t to use bldtop_file for the FIPS module 2021-09-08 16:33:33 +02:00
90-test_gmdiff.t
90-test_ige.t
90-test_includes.t always use the same perl in $PATH 2021-09-02 12:55:39 +10:00
90-test_memleak.t
90-test_overhead.t
90-test_secmem.t
90-test_shlibload.t Update copyright year 2021-07-29 15:41:35 +01:00
90-test_srp.t
90-test_sslapi.t Update copyright year 2022-05-03 13:34:51 +01:00
90-test_sslbuffers.t
90-test_store.t Update copyright year 2021-07-29 15:41:35 +01:00
90-test_sysdefault.t
90-test_threads.t Update copyright year 2022-05-03 13:34:51 +01:00
90-test_time_offset.t
90-test_tls13ccs.t
90-test_tls13encryption.t
90-test_tls13secrets.t
90-test_traceapi.t Add tests for trace_api. 2022-09-16 08:31:56 +02:00
90-test_v3name.t
91-test_pkey_check.t test_pkey_check: Positive testcase for private key with unknown parameters 2022-06-15 11:02:30 +02:00
95-test_external_gost_engine.t Skip GOST engine tests in out of tree builds 2021-04-28 09:38:31 +02:00
95-test_external_krb5.t Update krb5 module to latest release 2021-04-19 11:46:39 -07:00
95-test_external_oqsprovider.t Add external testing with oqsprovider 2022-03-09 17:57:37 +01:00
95-test_external_pyca.t Update copyright year 2021-04-08 13:04:41 +01:00
95-test_external_tlsfuzzer.t Update copyright year 2022-05-03 13:34:51 +01:00
99-test_ecstress.t
99-test_fuzz_asn1.t
99-test_fuzz_asn1parse.t
99-test_fuzz_bignum.t
99-test_fuzz_bndiv.t
99-test_fuzz_client.t
99-test_fuzz_cmp.t
99-test_fuzz_cms.t
99-test_fuzz_conf.t
99-test_fuzz_crl.t
99-test_fuzz_ct.t
99-test_fuzz_server.t
99-test_fuzz_x509.t
fuzz.pl
ocsp-response.der
tconversion.pl test_rsa: Test for PVK format conversion 2021-12-06 16:38:03 +01:00