diff options
Diffstat (limited to 'deps/openssl/openssl/test')
473 files changed, 64909 insertions, 17213 deletions
diff --git a/deps/openssl/openssl/test/CAtsa.cnf b/deps/openssl/openssl/test/CAtsa.cnf index ab2f84aa0f..d1642879be 100644 --- a/deps/openssl/openssl/test/CAtsa.cnf +++ b/deps/openssl/openssl/test/CAtsa.cnf @@ -144,6 +144,8 @@ tsa_name = yes # Must the TSA name be included in the reply? # (optional, default: no) ess_cert_id_chain = yes # Must the ESS cert id chain be included? # (optional, default: no) +ess_cert_id_alg = sha256 # algorithm to compute certificate + # identifier (optional, default: sha1) [ tsa_config2 ] diff --git a/deps/openssl/openssl/test/README b/deps/openssl/openssl/test/README index ef39d38ac9..37722e79f3 100644 --- a/deps/openssl/openssl/test/README +++ b/deps/openssl/openssl/test/README @@ -29,7 +29,8 @@ The number {nn} is (somewhat loosely) grouped as follows: 60-79 APIs 70 PACKET layer 80-89 "larger" protocols (CA, CMS, OCSP, SSL, TSA) -90-99 misc +90-98 misc +99 most time consuming tests [such as test_fuzz] A recipe that just runs a test executable @@ -38,9 +39,9 @@ A recipe that just runs a test executable A script that just runs a program looks like this: #! /usr/bin/perl - + use OpenSSL::Test::Simple; - + simple_test("test_{name}", "{name}test", "{name}"); {name} is the unique name you have chosen for your test. @@ -49,7 +50,7 @@ The second argument to `simple_test' is the test executable, and `simple_test' expects it to be located in test/ For documentation on OpenSSL::Test::Simple, do -`perldoc test/testlib/OpenSSL/Test/Simple.pm'. +`perldoc util/perl/OpenSSL/Test/Simple.pm'. A recipe that runs a more complex test @@ -57,53 +58,92 @@ A recipe that runs a more complex test For more complex tests, you will need to read up on Test::More and OpenSSL::Test. Test::More is normally preinstalled, do `man Test::More' for -documentation. For OpenSSL::Test, do `perldoc test/testlib/OpenSSL/Test.pm'. +documentation. For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm'. A script to start from could be this: #! /usr/bin/perl - + use strict; use warnings; use OpenSSL::Test; - + setup("test_{name}"); - + plan tests => 2; # The number of tests being performed - + ok(test1, "test1"); ok(test2, "test1"); - + sub test1 { # test feature 1 } - + sub test2 { # test feature 2 } - -Changes to test/Makefile -======================== + +Changes to test/build.info +========================== Whenever a new test involves a new test executable you need to do the following (at all times, replace {NAME} and {name} with the name of your test): -* among the variables for test executables at the beginning, add a line like - this: +* add {name} to the list of programs under PROGRAMS_NO_INST + +* create a three line description of how to build the test, you will have +to modify the include paths and source files if you don't want to use the +basic test framework: + + SOURCE[{name}]={name}.c + INCLUDE[{name}]=.. ../include + DEPEND[{name}]=../libcrypto libtestutil.a + +Generic form of C test executables +================================== + + #include "testutil.h" + + static int my_test(void) + { + int testresult = 0; /* Assume the test will fail */ + int observed; + + observed = function(); /* Call the code under test */ + if (!TEST_int_equal(observed, 2)) /* Check the result is correct */ + goto end; /* Exit on failure - optional */ + + testresult = 1; /* Mark the test case a success */ + end: + cleanup(); /* Any cleanup you require */ + return testresult; + } + + int setup_tests(void) + { + ADD_TEST(my_test); /* Add each test separately */ + return 1; /* Indicate success */ + } - {NAME}TEST= {name}test +You should use the TEST_xxx macros provided by testutil.h to test all failure +conditions. These macros produce an error message in a standard format if the +condition is not met (and nothing if the condition is met). Additional +information can be presented with the TEST_info macro that takes a printf +format string and arguments. TEST_error is useful for complicated conditions, +it also takes a printf format string and argument. In all cases the TEST_xxx +macros are guaranteed to evaluate their arguments exactly once. This means +that expressions with side effects are allowed as parameters. Thus, -* add `$({NAME}TEST)$(EXE_EXT)' to the assignment of EXE: + if (!TEST_ptr(ptr = OPENSSL_malloc(..))) -* add `$({NAME}TEST).o' to the assignment of OBJ: +works fine and can be used in place of: -* add `$({NAME}TEST).c' to the assignment of SRC: + ptr = OPENSSL_malloc(..); + if (!TEST_ptr(ptr)) -* add the following lines for building the executable: +The former produces a more meaningful message on failure than the latter. - $({NAME}TEST)$(EXE_EXT): $({NAME}TEST).o $(DLIBCRYPTO) - @target=$({NAME}TEST); $(BUILD_CMD) diff --git a/deps/openssl/openssl/test/README.external b/deps/openssl/openssl/test/README.external new file mode 100644 index 0000000000..f836b1b499 --- /dev/null +++ b/deps/openssl/openssl/test/README.external @@ -0,0 +1,164 @@ +Running external test suites with OpenSSL +========================================= + +It is possible to integrate external test suites into OpenSSL's "make test". +This capability is considered a developer option and does not work on all +platforms. + + + +The BoringSSL test suite +======================== + +In order to run the BoringSSL tests with OpenSSL, first checkout the BoringSSL +source code into an appropriate directory. This can be done in two ways: + +1) Separately from the OpenSSL checkout using: + + $ git clone https://boringssl.googlesource.com/boringssl boringssl + + The BoringSSL tests are only confirmed to work at a specific commit in the + BoringSSL repository. Later commits may or may not pass the test suite: + + $ cd boringssl + $ git checkout 490469f850e + +2) Using the already configured submodule settings in OpenSSL: + + $ git submodule update --init + +Configure the OpenSSL source code to enable the external tests: + +$ cd ../openssl +$ ./config enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers \ + enable-external-tests + +Note that using other config options than those given above may cause the tests +to fail. + +Run the OpenSSL tests by providing the path to the BoringSSL test runner in the +BORING_RUNNER_DIR environment variable: + +$ BORING_RUNNER_DIR=/path/to/boringssl/ssl/test/runner make test + +Note that the test suite may change directory while running so the path provided +should be absolute and not relative to the current working directory. + +To see more detailed output you can run just the BoringSSL tests with the +verbose option: + +$ VERBOSE=1 BORING_RUNNER_DIR=/path/to/boringssl/ssl/test/runner make \ + TESTS="test_external_boringssl" test + + +Test failures and suppressions +------------------------------ + +A large number of the BoringSSL tests are known to fail. A test could fail +because of many possible reasons. For example: + +- A bug in OpenSSL +- Different interpretations of standards +- Assumptions about the way BoringSSL works that do not apply to OpenSSL +- The test uses APIs added to BoringSSL that are not present in OpenSSL +- etc + +In order to provide a "clean" baseline run with all the tests passing a config +file has been provided that suppresses the running of tests that are known to +fail. These suppressions are held in the file "test/ossl_shim/ossl_config.json" +within the OpenSSL source code. + +The community is encouraged to contribute patches which reduce the number of +suppressions that are currently present. + + +Python PYCA/Cryptography test suite +=================================== + +This python test suite runs cryptographic tests with a local OpenSSL build as +the implementation. + +First checkout the PYCA/Cryptography module into ./pyca-cryptography using: + +$ git submodule update --init + +Then configure/build OpenSSL compatible with the python module: + +$ ./config shared enable-external-tests +$ make + +The tests will run in a python virtual environment which requires virtualenv +to be installed. + +$ make test VERBOSE=1 TESTS=test_external_pyca + +Test failures and suppressions +------------------------------ + +Some tests target older (<=1.0.2) versions so will not run. Other tests target +other crypto implementations so are not relevant. Currently no tests fail. + + +krb5 test suite +=============== + +Much like the PYCA/Cryptography test suite, this builds and runs the krb5 +tests against the local OpenSSL build. + +You will need a git checkout of krb5 at the top level: + +$ git clone https://github.com/krb5/krb5 + +krb5's master has to pass this same CI, but a known-good version is +krb5-1.15.1-final if you want to be sure. + +$ cd krb5 +$ git checkout krb5-1.15.1-final +$ cd .. + +OpenSSL must be built with external tests enabled: + +$ ./config enable-external-tests +$ make + +krb5's tests will then be run as part of the rest of the suite, or can be +explicitly run (with more debugging): + +$ VERBOSE=1 make TESTS=test_external_krb5 test + +Test-failures suppressions +-------------------------- + +krb5 will automatically adapt its test suite to account for the configuration +of your system. Certain tests may require more installed packages to run. No +tests are expected to fail. + + +Updating test suites +==================== + +To update the commit for any of the above test suites: + +- Make sure the submodules are cloned locally: + + $ git submodule update --init --recursive + +- Enter subdirectory and pull from the repository (use a specific branch/tag if required): + + $ cd <submodule-dir> + $ git pull origin master + +- Go to root directory, there should be a new git status: + + $ cd ../ + $ git status + ... + # modified: <submodule-dir> (new commits) + ... + +- Add/commit/push the update + + git add <submodule-dir> + git commit -m "Updated <submodule> to latest commit" + git push + diff --git a/deps/openssl/openssl/test/README.ssltest.md b/deps/openssl/openssl/test/README.ssltest.md index c1edda5aed..3b4bb564f1 100644 --- a/deps/openssl/openssl/test/README.ssltest.md +++ b/deps/openssl/openssl/test/README.ssltest.md @@ -81,6 +81,11 @@ handshake. - Yes - a session ticket is expected - No - a session ticket is not expected +* SessionIdExpected - whether or not a session id is expected + - Ignore - do not check for a session id (default) + - Yes - a session id is expected + - No - a session id is not expected + * ResumptionExpected - whether or not resumption is expected (Resume mode only) - Yes - resumed handshake - No - full handshake (default) @@ -89,6 +94,23 @@ handshake. * ExpectedTmpKeyType - the expected algorithm or curve of server temp key +* ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or + curve of server or client certificate + +* ExpectedServerSignHash, ExpectedClientSignHash - the expected + signing hash used by server or client certificate + +* ExpectedServerSignType, ExpectedClientSignType - the expected + signature type used by server or client when signing messages + +* ExpectedClientCANames - for client auth list of CA names the server must + send. If this is "empty" the list is expected to be empty otherwise it + is a file of certificates whose subject names form the list. + +* ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only. + If this is "empty" the list is expected to be empty otherwise it is a file + of certificates whose subject names form the list. + ## Configuring the client and server The client and server configurations can be any valid `SSL_CTX` @@ -170,6 +192,9 @@ client => { protocols can be specified as a comma-separated list, and a callback with the recommended behaviour will be installed automatically. +* SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to + connect as; for server, this is a known SRP user. + ### Default server and client configurations The default server certificate and CA files are added to the configurations @@ -202,7 +227,7 @@ client => { ``` $ ./config $ cd test -$ TOP=.. perl -I testlib/ generate_ssl_tests.pl ssl-tests/my.conf.in \ +$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/my.conf.in \ > ssl-tests/my.conf ``` @@ -211,7 +236,7 @@ where `my.conf.in` is your test input file. For example, to generate the test cases in `ssl-tests/01-simple.conf.in`, do ``` -$ TOP=.. perl -I testlib/ generate_ssl_tests.pl ssl-tests/01-simple.conf.in > ssl-tests/01-simple.conf +$ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl ssl-tests/01-simple.conf.in > ssl-tests/01-simple.conf ``` Alternatively (hackish but simple), you can comment out diff --git a/deps/openssl/openssl/test/afalgtest.c b/deps/openssl/openssl/test/afalgtest.c index e6e02f03eb..adb2977f30 100644 --- a/deps/openssl/openssl/test/afalgtest.c +++ b/deps/openssl/openssl/test/afalgtest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,6 +10,20 @@ #include <stdio.h> #include <openssl/opensslconf.h> +#include <string.h> +#include <openssl/engine.h> +#include <openssl/evp.h> +#include <openssl/rand.h> +#include "testutil.h" + +/* Use a buffer size which is not aligned to block size */ +#define BUFFER_SIZE 17 + +#ifndef OPENSSL_NO_ENGINE +static ENGINE *e; +#endif + + #ifndef OPENSSL_NO_AFALGENG # include <linux/version.h> # define K_MAJ 4 @@ -27,107 +41,109 @@ #endif #ifndef OPENSSL_NO_AFALGENG -#include <string.h> -#include <openssl/engine.h> -#include <openssl/evp.h> -#include <openssl/rand.h> - -/* Use a buffer size which is not aligned to block size */ -#define BUFFER_SIZE (8 * 1024) - 13 - -static int test_afalg_aes_128_cbc(ENGINE *e) +static int test_afalg_aes_cbc(int keysize_idx) { EVP_CIPHER_CTX *ctx; - const EVP_CIPHER *cipher = EVP_aes_128_cbc(); - unsigned char key[] = "\x5F\x4D\xCC\x3B\x5A\xA7\x65\xD6\ - \x1D\x83\x27\xDE\xB8\x82\xCF\x99"; - unsigned char iv[] = "\x2B\x95\x99\x0A\x91\x51\x37\x4A\ - \xBD\x8F\xF8\xC5\xA7\xA0\xFE\x08"; - - unsigned char in[BUFFER_SIZE]; + const EVP_CIPHER *cipher; + unsigned char key[] = "\x06\xa9\x21\x40\x36\xb8\xa1\x5b" + "\x51\x2e\x03\xd5\x34\x12\x00\x06" + "\x06\xa9\x21\x40\x36\xb8\xa1\x5b" + "\x51\x2e\x03\xd5\x34\x12\x00\x06"; + unsigned char iv[] = "\x3d\xaf\xba\x42\x9d\x9e\xb4\x30" + "\xb4\x22\xda\x80\x2c\x9f\xac\x41"; + /* input = "Single block msg\n" 17Bytes*/ + unsigned char in[BUFFER_SIZE] = "\x53\x69\x6e\x67\x6c\x65\x20\x62" + "\x6c\x6f\x63\x6b\x20\x6d\x73\x67\x0a"; unsigned char ebuf[BUFFER_SIZE + 32]; unsigned char dbuf[BUFFER_SIZE + 32]; - int encl, encf, decl, decf; - unsigned int status = 0; + unsigned char encresult_128[] = "\xe3\x53\x77\x9c\x10\x79\xae\xb8" + "\x27\x08\x94\x2d\xbe\x77\x18\x1a\x2d"; + unsigned char encresult_192[] = "\xf7\xe4\x26\xd1\xd5\x4f\x8f\x39" + "\xb1\x9e\xe0\xdf\x61\xb9\xc2\x55\xeb"; + unsigned char encresult_256[] = "\xa0\x76\x85\xfd\xc1\x65\x71\x9d" + "\xc7\xe9\x13\x6e\xae\x55\x49\xb4\x13"; + unsigned char *enc_result = NULL; - ctx = EVP_CIPHER_CTX_new(); - if (ctx == NULL) { - fprintf(stderr, "%s() failed to allocate ctx\n", __func__); - return 0; + int encl, encf, decl, decf; + int ret = 0; + + switch (keysize_idx) { + case 0: + cipher = EVP_aes_128_cbc(); + enc_result = &encresult_128[0]; + break; + case 1: + cipher = EVP_aes_192_cbc(); + enc_result = &encresult_192[0]; + break; + case 2: + cipher = EVP_aes_256_cbc(); + enc_result = &encresult_256[0]; + break; + default: + cipher = NULL; } - RAND_bytes(in, BUFFER_SIZE); + if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) + return 0; - if ( !EVP_CipherInit_ex(ctx, cipher, e, key, iv, 1) - || !EVP_CipherUpdate(ctx, ebuf, &encl, in, BUFFER_SIZE) - || !EVP_CipherFinal_ex(ctx, ebuf+encl, &encf)) { - fprintf(stderr, "%s() failed encryption\n", __func__); + if (!TEST_true(EVP_CipherInit_ex(ctx, cipher, e, key, iv, 1)) + || !TEST_true(EVP_CipherUpdate(ctx, ebuf, &encl, in, BUFFER_SIZE)) + || !TEST_true(EVP_CipherFinal_ex(ctx, ebuf+encl, &encf))) goto end; - } encl += encf; - if ( !EVP_CIPHER_CTX_reset(ctx) - || !EVP_CipherInit_ex(ctx, cipher, e, key, iv, 0) - || !EVP_CipherUpdate(ctx, dbuf, &decl, ebuf, encl) - || !EVP_CipherFinal_ex(ctx, dbuf+decl, &decf)) { - fprintf(stderr, "%s() failed decryption\n", __func__); + if (!TEST_mem_eq(enc_result, BUFFER_SIZE, ebuf, BUFFER_SIZE)) + goto end; + + if (!TEST_true(EVP_CIPHER_CTX_reset(ctx)) + || !TEST_true(EVP_CipherInit_ex(ctx, cipher, e, key, iv, 0)) + || !TEST_true(EVP_CipherUpdate(ctx, dbuf, &decl, ebuf, encl)) + || !TEST_true(EVP_CipherFinal_ex(ctx, dbuf+decl, &decf))) goto end; - } decl += decf; - if ( decl != BUFFER_SIZE - || memcmp(dbuf, in, BUFFER_SIZE)) { - fprintf(stderr, "%s() failed Dec(Enc(P)) != P\n", __func__); + if (!TEST_int_eq(decl, BUFFER_SIZE) + || !TEST_mem_eq(dbuf, BUFFER_SIZE, in, BUFFER_SIZE)) goto end; - } - status = 1; + ret = 1; end: EVP_CIPHER_CTX_free(ctx); - return status; + return ret; } +#endif -int main(int argc, char **argv) +#ifndef OPENSSL_NO_ENGINE +int global_init(void) { - ENGINE *e; - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - ENGINE_load_builtin_engines(); - # ifndef OPENSSL_NO_STATIC_ENGINE OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_AFALG, NULL); # endif + return 1; +} +#endif - e = ENGINE_by_id("afalg"); - if (e == NULL) { - /* - * A failure to load is probably a platform environment problem so we - * don't treat this as an OpenSSL test failure, i.e. we return 0 - */ - fprintf(stderr, - "AFALG Test: Failed to load AFALG Engine - skipping test\n"); - return 0; - } - - if (test_afalg_aes_128_cbc(e) == 0) { - ENGINE_free(e); - return 1; +int setup_tests(void) +{ +#ifndef OPENSSL_NO_ENGINE + if ((e = ENGINE_by_id("afalg")) == NULL) { + /* Probably a platform env issue, not a test failure. */ + TEST_info("Can't load AFALG engine"); + } else { +# ifndef OPENSSL_NO_AFALGENG + ADD_ALL_TESTS(test_afalg_aes_cbc, 3); +# endif } +#endif - ENGINE_free(e); - printf("PASS\n"); - return 0; + return 1; } -#else /* OPENSSL_NO_AFALGENG */ - -int main(int argc, char **argv) +#ifndef OPENSSL_NO_ENGINE +void cleanup_tests(void) { - fprintf(stderr, "AFALG not supported - skipping AFALG tests\n"); - printf("PASS\n"); - return 0; + ENGINE_free(e); } - #endif diff --git a/deps/openssl/openssl/test/asynciotest.c b/deps/openssl/openssl/test/asynciotest.c index 7e51efb466..5e85cbb044 100644 --- a/deps/openssl/openssl/test/asynciotest.c +++ b/deps/openssl/openssl/test/asynciotest.c @@ -16,10 +16,14 @@ #include "../ssl/packet_locl.h" #include "ssltestlib.h" +#include "testutil.h" /* Should we fragment records or not? 0 = no, !0 = yes*/ static int fragment = 0; +static char *cert = NULL; +static char *privkey = NULL; + static int async_new(BIO *bi); static int async_free(BIO *a); static int async_read(BIO *b, char *out, int outl); @@ -38,7 +42,7 @@ struct async_ctrs { unsigned int wctr; }; -static const BIO_METHOD *bio_f_async_filter() +static const BIO_METHOD *bio_f_async_filter(void) { if (methods_async == NULL) { methods_async = BIO_meth_new(BIO_TYPE_ASYNC_FILTER, "Async filter"); @@ -85,7 +89,7 @@ static int async_free(BIO *bio) static int async_read(BIO *bio, char *out, int outl) { struct async_ctrs *ctrs; - int ret = -1; + int ret = 0; BIO *next = BIO_next(bio); if (outl <= 0) @@ -120,7 +124,7 @@ static int async_read(BIO *bio, char *out, int outl) static int async_write(BIO *bio, const char *in, int inl) { struct async_ctrs *ctrs; - int ret = -1; + int ret = 0; size_t written = 0; BIO *next = BIO_next(bio); @@ -139,21 +143,65 @@ static int async_write(BIO *bio, const char *in, int inl) PACKET pkt; if (!PACKET_buf_init(&pkt, (const unsigned char *)in, inl)) - abort(); + return -1; while (PACKET_remaining(&pkt) > 0) { - PACKET payload; + PACKET payload, wholebody, sessionid, extensions; unsigned int contenttype, versionhi, versionlo, data; + unsigned int msgtype = 0, negversion = 0; - if ( !PACKET_get_1(&pkt, &contenttype) - || !PACKET_get_1(&pkt, &versionhi) - || !PACKET_get_1(&pkt, &versionlo) - || !PACKET_get_length_prefixed_2(&pkt, &payload)) - abort(); + if (!PACKET_get_1(&pkt, &contenttype) + || !PACKET_get_1(&pkt, &versionhi) + || !PACKET_get_1(&pkt, &versionlo) + || !PACKET_get_length_prefixed_2(&pkt, &payload)) + return -1; /* Pretend we wrote out the record header */ written += SSL3_RT_HEADER_LENGTH; + wholebody = payload; + if (contenttype == SSL3_RT_HANDSHAKE + && !PACKET_get_1(&wholebody, &msgtype)) + return -1; + + if (msgtype == SSL3_MT_SERVER_HELLO) { + if (!PACKET_forward(&wholebody, + SSL3_HM_HEADER_LENGTH - 1) + || !PACKET_get_net_2(&wholebody, &negversion) + /* Skip random (32 bytes) */ + || !PACKET_forward(&wholebody, 32) + /* Skip session id */ + || !PACKET_get_length_prefixed_1(&wholebody, + &sessionid) + /* + * Skip ciphersuite (2 bytes) and compression + * method (1 byte) + */ + || !PACKET_forward(&wholebody, 2 + 1) + || !PACKET_get_length_prefixed_2(&wholebody, + &extensions)) + return -1; + + /* + * Find the negotiated version in supported_versions + * extension, if present. + */ + while (PACKET_remaining(&extensions)) { + unsigned int type; + PACKET extbody; + + if (!PACKET_get_net_2(&extensions, &type) + || !PACKET_get_length_prefixed_2(&extensions, + &extbody)) + return -1; + + if (type == TLSEXT_TYPE_supported_versions + && (!PACKET_get_net_2(&extbody, &negversion) + || PACKET_remaining(&extbody) != 0)) + return -1; + } + } + while (PACKET_get_1(&payload, &data)) { /* Create a new one byte long record for each byte in the * record in the input buffer @@ -173,14 +221,16 @@ static int async_write(BIO *bio, const char *in, int inl) smallrec[DATAPOS] = data; ret = BIO_write(next, smallrec, MIN_RECORD_LEN); if (ret <= 0) - abort(); + return -1; written++; } /* - * We can't fragment anything after the CCS, otherwise we - * get a bad record MAC + * We can't fragment anything after the ServerHello (or CCS <= + * TLS1.2), otherwise we get a bad record MAC */ - if (contenttype == SSL3_RT_CHANGE_CIPHER_SPEC) { + if (contenttype == SSL3_RT_CHANGE_CIPHER_SPEC + || (negversion == TLS1_3_VERSION + && msgtype == SSL3_MT_SERVER_HELLO)) { fragment = 0; break; } @@ -189,7 +239,7 @@ static int async_write(BIO *bio, const char *in, int inl) /* Write any data we have left after fragmenting */ ret = 0; if ((int)written < inl) { - ret = BIO_write(next, in + written , inl - written); + ret = BIO_write(next, in + written, inl - written); } if (ret <= 0 && BIO_should_write(next)) @@ -236,30 +286,20 @@ static int async_puts(BIO *bio, const char *str) #define MAX_ATTEMPTS 100 -int main(int argc, char *argv[]) +static int test_asyncio(int test) { SSL_CTX *serverctx = NULL, *clientctx = NULL; SSL *serverssl = NULL, *clientssl = NULL; BIO *s_to_c_fbio = NULL, *c_to_s_fbio = NULL; - int test, err = 1, ret; + int testresult = 0, ret; size_t i, j; const char testdata[] = "Test data"; char buf[sizeof(testdata)]; - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - if (argc != 3) { - printf("Invalid argument count\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &serverctx, &clientctx, cert, privkey))) goto end; - } - - if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, - &serverctx, &clientctx, argv[1], argv[2])) { - printf("Failed to create SSL_CTX pair\n"); - goto end; - } /* * We do 2 test runs. The first time around we just do a normal handshake @@ -267,116 +307,103 @@ int main(int argc, char *argv[]) * all records so that the content is only one byte length (up until the * CCS) */ - for (test = 1; test < 3; test++) { - if (test == 2) - fragment = 1; + if (test == 1) + fragment = 1; - s_to_c_fbio = BIO_new(bio_f_async_filter()); - c_to_s_fbio = BIO_new(bio_f_async_filter()); - if (s_to_c_fbio == NULL || c_to_s_fbio == NULL) { - printf("Failed to create filter BIOs\n"); - BIO_free(s_to_c_fbio); - BIO_free(c_to_s_fbio); - goto end; - } + s_to_c_fbio = BIO_new(bio_f_async_filter()); + c_to_s_fbio = BIO_new(bio_f_async_filter()); + if (!TEST_ptr(s_to_c_fbio) + || !TEST_ptr(c_to_s_fbio)) { + BIO_free(s_to_c_fbio); + BIO_free(c_to_s_fbio); + goto end; + } - /* BIOs get freed on error */ - if (!create_ssl_objects(serverctx, clientctx, &serverssl, &clientssl, - s_to_c_fbio, c_to_s_fbio)) { - printf("Test %d failed: Create SSL objects failed\n", test); - goto end; - } + /* BIOs get freed on error */ + if (!TEST_true(create_ssl_objects(serverctx, clientctx, &serverssl, + &clientssl, s_to_c_fbio, c_to_s_fbio)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; - if (!create_ssl_connection(serverssl, clientssl)) { - printf("Test %d failed: Create SSL connection failed\n", test); - goto end; - } + /* + * Send and receive some test data. Do the whole thing twice to ensure + * we hit at least one async event in both reading and writing + */ + for (j = 0; j < 2; j++) { + int len; /* - * Send and receive some test data. Do the whole thing twice to ensure - * we hit at least one async event in both reading and writing + * Write some test data. It should never take more than 2 attempts + * (the first one might be a retryable fail). */ - for (j = 0; j < 2; j++) { - int len; - - /* - * Write some test data. It should never take more than 2 attempts - * (the first one might be a retryable fail). - */ - for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2; - i++) { - ret = SSL_write(clientssl, testdata + len, - sizeof(testdata) - len); - if (ret > 0) { - len += ret; - } else { - int ssl_error = SSL_get_error(clientssl, ret); - - if (ssl_error == SSL_ERROR_SYSCALL || - ssl_error == SSL_ERROR_SSL) { - printf("Test %d failed: Failed to write app data\n", test); - err = -1; - goto end; - } - } - } - if (len != sizeof(testdata)) { - err = -1; - printf("Test %d failed: Failed to write all app data\n", test); - goto end; - } - /* - * Now read the test data. It may take more attempts here because - * it could fail once for each byte read, including all overhead - * bytes from the record header/padding etc. - */ - for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && - i < MAX_ATTEMPTS; i++) - { - ret = SSL_read(serverssl, buf + len, sizeof(buf) - len); - if (ret > 0) { - len += ret; - } else { - int ssl_error = SSL_get_error(serverssl, ret); - - if (ssl_error == SSL_ERROR_SYSCALL || - ssl_error == SSL_ERROR_SSL) { - printf("Test %d failed: Failed to read app data\n", test); - err = -1; - goto end; - } - } - } - if (len != sizeof(testdata) - || memcmp(buf, testdata, sizeof(testdata)) != 0) { - err = -1; - printf("Test %d failed: Unexpected app data received\n", test); - goto end; + for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && i < 2; + i++) { + ret = SSL_write(clientssl, testdata + len, + sizeof(testdata) - len); + if (ret > 0) { + len += ret; + } else { + int ssl_error = SSL_get_error(clientssl, ret); + + if (!TEST_false(ssl_error == SSL_ERROR_SYSCALL || + ssl_error == SSL_ERROR_SSL)) + goto end; } } + if (!TEST_size_t_eq(len, sizeof(testdata))) + goto end; - /* Also frees the BIOs */ - SSL_free(clientssl); - SSL_free(serverssl); - clientssl = serverssl = NULL; + /* + * Now read the test data. It may take more attempts here because + * it could fail once for each byte read, including all overhead + * bytes from the record header/padding etc. + */ + for (ret = -1, i = 0, len = 0; len != sizeof(testdata) && + i < MAX_ATTEMPTS; i++) { + ret = SSL_read(serverssl, buf + len, sizeof(buf) - len); + if (ret > 0) { + len += ret; + } else { + int ssl_error = SSL_get_error(serverssl, ret); + + if (!TEST_false(ssl_error == SSL_ERROR_SYSCALL || + ssl_error == SSL_ERROR_SSL)) + goto end; + } + } + if (!TEST_mem_eq(testdata, sizeof(testdata), buf, len)) + goto end; } - printf("Test success\n"); + /* Also frees the BIOs */ + SSL_free(clientssl); + SSL_free(serverssl); + clientssl = serverssl = NULL; - err = 0; - end: - if (err) - ERR_print_errors_fp(stderr); + testresult = 1; + end: SSL_free(clientssl); SSL_free(serverssl); SSL_CTX_free(clientctx); SSL_CTX_free(serverctx); -# ifndef OPENSSL_NO_CRYPTO_MDEBUG - CRYPTO_mem_leaks_fp(stderr); -# endif + return testresult; +} - return err; +int setup_tests(void) +{ + if (!TEST_ptr(cert = test_get_argument(0)) + || !TEST_ptr(privkey = test_get_argument(1))) + return 0; + + ADD_ALL_TESTS(test_asyncio, 2); + return 1; +} + +void cleanup_tests(void) +{ + BIO_meth_free(methods_async); } diff --git a/deps/openssl/openssl/test/asynctest.c b/deps/openssl/openssl/test/asynctest.c index eef3c3214c..9728a37911 100644 --- a/deps/openssl/openssl/test/asynctest.c +++ b/deps/openssl/openssl/test/asynctest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -87,7 +87,7 @@ static int blockpause(void *args) return 1; } -static int test_ASYNC_init_thread() +static int test_ASYNC_init_thread(void) { ASYNC_JOB *job1 = NULL, *job2 = NULL, *job3 = NULL; int funcret1, funcret2, funcret3; @@ -123,7 +123,7 @@ static int test_ASYNC_init_thread() return 1; } -static int test_ASYNC_start_job() +static int test_ASYNC_start_job(void) { ASYNC_JOB *job = NULL; int funcret; @@ -151,7 +151,7 @@ static int test_ASYNC_start_job() return 1; } -static int test_ASYNC_get_current_job() +static int test_ASYNC_get_current_job(void) { ASYNC_JOB *job = NULL; int funcret; @@ -178,7 +178,7 @@ static int test_ASYNC_get_current_job() return 1; } -static int test_ASYNC_WAIT_CTX_get_all_fds() +static int test_ASYNC_WAIT_CTX_get_all_fds(void) { ASYNC_JOB *job = NULL; int funcret; @@ -245,7 +245,7 @@ static int test_ASYNC_WAIT_CTX_get_all_fds() return 1; } -static int test_ASYNC_block_pause() +static int test_ASYNC_block_pause(void) { ASYNC_JOB *job = NULL; int funcret; diff --git a/deps/openssl/openssl/test/bad_dtls_test.c b/deps/openssl/openssl/test/bad_dtls_test.c index 2e33010cb4..1c836b9c17 100644 --- a/deps/openssl/openssl/test/bad_dtls_test.c +++ b/deps/openssl/openssl/test/bad_dtls_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -37,9 +37,9 @@ #include <openssl/err.h> #include <openssl/rand.h> #include <openssl/kdf.h> - #include "../ssl/packet_locl.h" -#include "../e_os.h" /* for OSSL_NELEM() */ +#include "internal/nelem.h" +#include "testutil.h" /* For DTLS1_BAD_VER packets the MAC doesn't include the handshake header */ #define MAC_OFFSET (DTLS1_RT_HEADER_LENGTH + DTLS1_HM_HEADER_LENGTH) @@ -118,7 +118,7 @@ static int validate_client_hello(BIO *wbio) long len; unsigned char *data; int cookie_found = 0; - unsigned int u; + unsigned int u = 0; len = BIO_get_mem_data(wbio, (char **)&data); if (!PACKET_buf_init(&pkt, data, len)) @@ -182,7 +182,7 @@ static int validate_client_hello(BIO *wbio) /* Update handshake MAC for second ClientHello (with cookie) */ if (cookie_found && !EVP_DigestUpdate(handshake_md, data + MAC_OFFSET, len - MAC_OFFSET)) - printf("EVP_DigestUpdate() failed\n"); + return 0; (void)BIO_reset(wbio); @@ -259,7 +259,7 @@ static int send_server_hello(BIO *rbio) if (!EVP_DigestUpdate(handshake_md, server_hello + MAC_OFFSET, sizeof(server_hello) - MAC_OFFSET)) - printf("EVP_DigestUpdate() failed\n"); + return 0; BIO_write(rbio, server_hello, sizeof(server_hello)); BIO_write(rbio, change_cipher_spec, sizeof(change_cipher_spec)); @@ -268,7 +268,7 @@ static int send_server_hello(BIO *rbio) } /* Create header, HMAC, pad, encrypt and send a record */ -static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr, +static int send_record(BIO *rbio, unsigned char type, uint64_t seqnr, const void *msg, size_t len) { /* Note that the order of the record header fields on the wire, @@ -284,10 +284,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr, unsigned char pad; unsigned char *enc; -#ifdef SIXTY_FOUR_BIT_LONG seq[0] = (seqnr >> 40) & 0xff; seq[1] = (seqnr >> 32) & 0xff; -#endif seq[2] = (seqnr >> 24) & 0xff; seq[3] = (seqnr >> 16) & 0xff; seq[4] = (seqnr >> 8) & 0xff; @@ -308,8 +306,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr, HMAC_Update(ctx, seq, 6); HMAC_Update(ctx, &type, 1); HMAC_Update(ctx, ver, 2); /* Version */ - lenbytes[0] = len >> 8; - lenbytes[1] = len & 0xff; + lenbytes[0] = (unsigned char)(len >> 8); + lenbytes[1] = (unsigned char)(len); HMAC_Update(ctx, lenbytes, 2); /* Length */ HMAC_Update(ctx, enc, len); /* Finally the data itself */ HMAC_Final(ctx, enc + len, NULL); @@ -333,8 +331,8 @@ static int send_record(BIO *rbio, unsigned char type, unsigned long seqnr, BIO_write(rbio, ver, 2); BIO_write(rbio, epoch, 2); BIO_write(rbio, seq, 6); - lenbytes[0] = (len + sizeof(iv)) >> 8; - lenbytes[1] = (len + sizeof(iv)) & 0xff; + lenbytes[0] = (unsigned char)((len + sizeof(iv)) >> 8); + lenbytes[1] = (unsigned char)(len + sizeof(iv)); BIO_write(rbio, lenbytes, 2); BIO_write(rbio, iv, sizeof(iv)); @@ -365,7 +363,7 @@ static int send_finished(SSL *s, BIO *rbio) /* Generate Finished MAC */ if (!EVP_DigestFinal_ex(handshake_md, handshake_hash, NULL)) - printf("EVP_DigestFinal_ex() failed\n"); + return 0; do_PRF(TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE, handshake_hash, EVP_MD_CTX_size(handshake_md), @@ -428,7 +426,7 @@ static int validate_ccs(BIO *wbio) #define DROP(x) { x##UL, 1 } static struct { - unsigned long seq; + uint64_t seq; int drop; } tests[] = { NODROP(1), NODROP(3), NODROP(2), @@ -443,24 +441,18 @@ static struct { /* The last test should be NODROP, because a DROP wouldn't get tested. */ }; -int main(int argc, char *argv[]) +static int test_bad_dtls(void) { - SSL_SESSION *sess; - SSL_CTX *ctx; - SSL *con; - BIO *rbio; - BIO *wbio; - BIO *err; + SSL_SESSION *sess = NULL; + SSL_CTX *ctx = NULL; + SSL *con = NULL; + BIO *rbio = NULL; + BIO *wbio = NULL; time_t now = 0; int testresult = 0; int ret; int i; - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - RAND_bytes(session_id, sizeof(session_id)); RAND_bytes(master_secret, sizeof(master_secret)); RAND_bytes(cookie, sizeof(cookie)); @@ -470,99 +462,78 @@ int main(int argc, char *argv[]) memcpy(server_random, &now, sizeof(now)); sess = client_session(); - if (sess == NULL) { - printf("Failed to generate SSL_SESSION\n"); + if (!TEST_ptr(sess)) goto end; - } handshake_md = EVP_MD_CTX_new(); - if (handshake_md == NULL || - !EVP_DigestInit_ex(handshake_md, EVP_md5_sha1(), NULL)) { - printf("Failed to initialise handshake_md\n"); + if (!TEST_ptr(handshake_md) + || !TEST_true(EVP_DigestInit_ex(handshake_md, EVP_md5_sha1(), + NULL))) goto end; - } ctx = SSL_CTX_new(DTLS_client_method()); - if (ctx == NULL) { - printf("Failed to allocate SSL_CTX\n"); - goto end_md; - } - if (!SSL_CTX_set_min_proto_version(ctx, DTLS1_BAD_VER)) { - printf("SSL_CTX_set_min_proto_version() failed\n"); - goto end_ctx; - } - if (!SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER)) { - printf("SSL_CTX_set_max_proto_version() failed\n"); - goto end_ctx; - } - - if (!SSL_CTX_set_cipher_list(ctx, "AES128-SHA")) { - printf("SSL_CTX_set_cipher_list() failed\n"); - goto end_ctx; - } + if (!TEST_ptr(ctx) + || !TEST_true(SSL_CTX_set_min_proto_version(ctx, DTLS1_BAD_VER)) + || !TEST_true(SSL_CTX_set_max_proto_version(ctx, DTLS1_BAD_VER)) + || !TEST_true(SSL_CTX_set_cipher_list(ctx, "AES128-SHA"))) + goto end; con = SSL_new(ctx); - if (!SSL_set_session(con, sess)) { - printf("SSL_set_session() failed\n"); - goto end_con; - } + if (!TEST_ptr(con) + || !TEST_true(SSL_set_session(con, sess))) + goto end; SSL_SESSION_free(sess); rbio = BIO_new(BIO_s_mem()); wbio = BIO_new(BIO_s_mem()); - BIO_set_nbio(rbio, 1); - BIO_set_nbio(wbio, 1); + if (!TEST_ptr(rbio) + || !TEST_ptr(wbio)) + goto end; SSL_set_bio(con, rbio, wbio); + + if (!TEST_true(BIO_up_ref(rbio))) { + /* + * We can't up-ref but we assigned ownership to con, so we shouldn't + * free in the "end" block + */ + rbio = wbio = NULL; + goto end; + } + + if (!TEST_true(BIO_up_ref(wbio))) { + wbio = NULL; + goto end; + } + SSL_set_connect_state(con); /* Send initial ClientHello */ ret = SSL_do_handshake(con); - if (ret > 0 || SSL_get_error(con, ret) != SSL_ERROR_WANT_READ) { - printf("Unexpected handshake result at initial call!\n"); - goto end_con; - } + if (!TEST_int_le(ret, 0) + || !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ) + || !TEST_int_eq(validate_client_hello(wbio), 1) + || !TEST_true(send_hello_verify(rbio))) + goto end; - if (validate_client_hello(wbio) != 1) { - printf("Initial ClientHello failed validation\n"); - goto end_con; - } - if (send_hello_verify(rbio) != 1) { - printf("Failed to send HelloVerify\n"); - goto end_con; - } ret = SSL_do_handshake(con); - if (ret > 0 || SSL_get_error(con, ret) != SSL_ERROR_WANT_READ) { - printf("Unexpected handshake result after HelloVerify!\n"); - goto end_con; - } - if (validate_client_hello(wbio) != 2) { - printf("Second ClientHello failed validation\n"); - goto end_con; - } - if (send_server_hello(rbio) != 1) { - printf("Failed to send ServerHello\n"); - goto end_con; - } + if (!TEST_int_le(ret, 0) + || !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ) + || !TEST_int_eq(validate_client_hello(wbio), 2) + || !TEST_true(send_server_hello(rbio))) + goto end; + ret = SSL_do_handshake(con); - if (ret > 0 || SSL_get_error(con, ret) != SSL_ERROR_WANT_READ) { - printf("Unexpected handshake result after ServerHello!\n"); - goto end_con; - } - if (send_finished(con, rbio) != 1) { - printf("Failed to send Finished\n"); - goto end_con; - } + if (!TEST_int_le(ret, 0) + || !TEST_int_eq(SSL_get_error(con, ret), SSL_ERROR_WANT_READ) + || !TEST_true(send_finished(con, rbio))) + goto end; + ret = SSL_do_handshake(con); - if (ret < 1) { - printf("Handshake not successful after Finished!\n"); - goto end_con; - } - if (validate_ccs(wbio) != 1) { - printf("Failed to validate client CCS/Finished\n"); - goto end_con; - } + if (!TEST_int_gt(ret, 0) + || !TEST_true(validate_ccs(wbio))) + goto end; /* While we're here and crafting packets by hand, we might as well do a bit of a stress test on the DTLS record replay handling. Not Cisco-DTLS @@ -570,55 +541,46 @@ int main(int argc, char *argv[]) before, and in fact was broken even for a basic 0, 2, 1 test case when this test was first added.... */ for (i = 0; i < (int)OSSL_NELEM(tests); i++) { - unsigned long recv_buf[2]; + uint64_t recv_buf[2]; - if (send_record(rbio, SSL3_RT_APPLICATION_DATA, tests[i].seq, - &tests[i].seq, sizeof(unsigned long)) != 1) { - printf("Failed to send data seq #0x%lx (%d)\n", - tests[i].seq, i); - goto end_con; + if (!TEST_true(send_record(rbio, SSL3_RT_APPLICATION_DATA, tests[i].seq, + &tests[i].seq, sizeof(uint64_t)))) { + TEST_error("Failed to send data seq #0x%x%08x (%d)\n", + (unsigned int)(tests[i].seq >> 32), (unsigned int)tests[i].seq, i); + goto end; } if (tests[i].drop) continue; - ret = SSL_read(con, recv_buf, 2 * sizeof(unsigned long)); - if (ret != sizeof(unsigned long)) { - printf("SSL_read failed or wrong size on seq#0x%lx (%d)\n", - tests[i].seq, i); - goto end_con; + ret = SSL_read(con, recv_buf, 2 * sizeof(uint64_t)); + if (!TEST_int_eq(ret, (int)sizeof(uint64_t))) { + TEST_error("SSL_read failed or wrong size on seq#0x%x%08x (%d)\n", + (unsigned int)(tests[i].seq >> 32), (unsigned int)tests[i].seq, i); + goto end; } - if (recv_buf[0] != tests[i].seq) { - printf("Wrong data packet received (0x%lx not 0x%lx) at packet %d\n", - recv_buf[0], tests[i].seq, i); - goto end_con; - } - } - if (tests[i-1].drop) { - printf("Error: last test cannot be DROP()\n"); - goto end_con; + if (!TEST_true(recv_buf[0] == tests[i].seq)) + goto end; } - testresult=1; - end_con: + /* The last test cannot be DROP() */ + if (!TEST_false(tests[i-1].drop)) + goto end; + + testresult = 1; + + end: + BIO_free(rbio); + BIO_free(wbio); SSL_free(con); - end_ctx: SSL_CTX_free(ctx); - end_md: EVP_MD_CTX_free(handshake_md); - end: - ERR_print_errors_fp(stderr); - if (!testresult) { - printf("Cisco BadDTLS test: FAILED\n"); - } - - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 0; -#endif - BIO_free(err); + return testresult; +} - return testresult?0:1; +int setup_tests(void) +{ + ADD_TEST(test_bad_dtls); + return 1; } diff --git a/deps/openssl/openssl/test/bftest.c b/deps/openssl/openssl/test/bftest.c index a513660e4a..5abb81d7c9 100644 --- a/deps/openssl/openssl/test/bftest.c +++ b/deps/openssl/openssl/test/bftest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -16,16 +16,11 @@ #include <string.h> #include <stdlib.h> #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_BF is defined */ +#include "testutil.h" -#include "../e_os.h" +#include "internal/nelem.h" -#ifdef OPENSSL_NO_BF -int main(int argc, char *argv[]) -{ - printf("No BF support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_BF # include <openssl/blowfish.h> # ifdef CHARSET_EBCDIC @@ -229,20 +224,6 @@ static unsigned char key_out[KEY_TEST_NUM][8] = { {0x05, 0x04, 0x4B, 0x62, 0xFA, 0x52, 0xD0, 0x80}, }; -static int test(void); -static int print_test_data(void); -int main(int argc, char *argv[]) -{ - int ret; - - if (argc > 1) - ret = print_test_data(); - else - ret = test(); - - EXIT(ret); -} - static int print_test_data(void) { unsigned int i, j; @@ -305,106 +286,71 @@ static int print_test_data(void) for (j = 0; j < strlen(cbc_data) + 1; j++) printf("%02X", ofb64_ok[j]); printf("\n"); - return (0); + return 0; } -static int test(void) +static int test_bf_ecb_raw(int n) { - unsigned char cbc_in[40], cbc_out[40], iv[8]; - int i, n, err = 0; + int ret = 1; BF_KEY key; BF_LONG data[2]; + + BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]); + + data[0] = bf_plain[n][0]; + data[1] = bf_plain[n][1]; + BF_encrypt(data, &key); + if (!TEST_mem_eq(&(bf_cipher[n][0]), BF_BLOCK, &(data[0]), BF_BLOCK)) + ret = 0; + + BF_decrypt(&(data[0]), &key); + if (!TEST_mem_eq(&(bf_plain[n][0]), BF_BLOCK, &(data[0]), BF_BLOCK)) + ret = 0; + + return ret; +} + +static int test_bf_ecb(int n) +{ + int ret = 1; + BF_KEY key; unsigned char out[8]; - BF_LONG len; -# ifdef CHARSET_EBCDIC - ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data)); -# endif + BF_set_key(&key, 8, ecb_data[n]); - printf("testing blowfish in raw ecb mode\n"); - for (n = 0; n < 2; n++) { -# ifdef CHARSET_EBCDIC - ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n])); -# endif - BF_set_key(&key, strlen(bf_key[n]), (unsigned char *)bf_key[n]); - - data[0] = bf_plain[n][0]; - data[1] = bf_plain[n][1]; - BF_encrypt(data, &key); - if (memcmp(&(bf_cipher[n][0]), &(data[0]), 8) != 0) { - printf("BF_encrypt error encrypting\n"); - printf("got :"); - for (i = 0; i < 2; i++) - printf("%08lX ", (unsigned long)data[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 2; i++) - printf("%08lX ", (unsigned long)bf_cipher[n][i]); - err = 1; - printf("\n"); - } - - BF_decrypt(&(data[0]), &key); - if (memcmp(&(bf_plain[n][0]), &(data[0]), 8) != 0) { - printf("BF_encrypt error decrypting\n"); - printf("got :"); - for (i = 0; i < 2; i++) - printf("%08lX ", (unsigned long)data[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 2; i++) - printf("%08lX ", (unsigned long)bf_plain[n][i]); - printf("\n"); - err = 1; - } - } + BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT); + if (!TEST_mem_eq(&(cipher_data[n][0]), BF_BLOCK, out, BF_BLOCK)) + ret = 0; - printf("testing blowfish in ecb mode\n"); - - for (n = 0; n < NUM_TESTS; n++) { - BF_set_key(&key, 8, ecb_data[n]); - - BF_ecb_encrypt(&(plain_data[n][0]), out, &key, BF_ENCRYPT); - if (memcmp(&(cipher_data[n][0]), out, 8) != 0) { - printf("BF_ecb_encrypt blowfish error encrypting\n"); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", out[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", cipher_data[n][i]); - err = 1; - printf("\n"); - } - - BF_ecb_encrypt(out, out, &key, BF_DECRYPT); - if (memcmp(&(plain_data[n][0]), out, 8) != 0) { - printf("BF_ecb_encrypt error decrypting\n"); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", out[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", plain_data[n][i]); - printf("\n"); - err = 1; - } - } + BF_ecb_encrypt(out, out, &key, BF_DECRYPT); + if (!TEST_mem_eq(&(plain_data[n][0]), BF_BLOCK, out, BF_BLOCK)) + ret = 0; - printf("testing blowfish set_key\n"); - for (n = 1; n < KEY_TEST_NUM; n++) { - BF_set_key(&key, n, key_test); - BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT); - /* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */ - if (memcmp(out, &(key_out[i = n - 1][0]), 8) != 0) { - printf("blowfish setkey error\n"); - err = 1; - } - } + return ret; +} + +static int test_bf_set_key(int n) +{ + int ret = 1; + BF_KEY key; + unsigned char out[8]; + + BF_set_key(&key, n+1, key_test); + BF_ecb_encrypt(key_data, out, &key, BF_ENCRYPT); + /* mips-sgi-irix6.5-gcc vv -mabi=64 bug workaround */ + if (!TEST_mem_eq(out, 8, &(key_out[n][0]), 8)) + ret = 0; + + return ret; +} + +static int test_bf_cbc(void) +{ + unsigned char cbc_in[40], cbc_out[40], iv[8]; + int ret = 1; + BF_KEY key; + BF_LONG len; - printf("testing blowfish in cbc mode\n"); len = strlen(cbc_data) + 1; BF_set_key(&key, 16, cbc_key); @@ -413,20 +359,25 @@ static int test(void) memcpy(iv, cbc_iv, sizeof(iv)); BF_cbc_encrypt((unsigned char *)cbc_data, cbc_out, len, &key, iv, BF_ENCRYPT); - if (memcmp(cbc_out, cbc_ok, 32) != 0) { - err = 1; - printf("BF_cbc_encrypt encrypt error\n"); - for (i = 0; i < 32; i++) - printf("0x%02X,", cbc_out[i]); - } + if (!TEST_mem_eq(cbc_out, 32, cbc_ok, 32)) + ret = 0; + memcpy(iv, cbc_iv, 8); BF_cbc_encrypt(cbc_out, cbc_in, len, &key, iv, BF_DECRYPT); - if (memcmp(cbc_in, cbc_data, strlen(cbc_data) + 1) != 0) { - printf("BF_cbc_encrypt decrypt error\n"); - err = 1; - } + if (!TEST_mem_eq(cbc_in, len, cbc_data, strlen(cbc_data) + 1)) + ret = 0; + + return ret; +} + +static int test_bf_cfb64(void) +{ + unsigned char cbc_in[40], cbc_out[40], iv[8]; + int n, ret = 1; + BF_KEY key; + BF_LONG len; - printf("testing blowfish in cfb64 mode\n"); + len = strlen(cbc_data) + 1; BF_set_key(&key, 16, cbc_key); memset(cbc_in, 0, 40); @@ -437,23 +388,28 @@ static int test(void) &key, iv, &n, BF_ENCRYPT); BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]), len - 13, &key, iv, &n, BF_ENCRYPT); - if (memcmp(cbc_out, cfb64_ok, (int)len) != 0) { - err = 1; - printf("BF_cfb64_encrypt encrypt error\n"); - for (i = 0; i < (int)len; i++) - printf("0x%02X,", cbc_out[i]); - } + if (!TEST_mem_eq(cbc_out, (int)len, cfb64_ok, (int)len)) + ret = 0; + n = 0; memcpy(iv, cbc_iv, 8); BF_cfb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n, BF_DECRYPT); BF_cfb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n, BF_DECRYPT); - if (memcmp(cbc_in, cbc_data, (int)len) != 0) { - printf("BF_cfb64_encrypt decrypt error\n"); - err = 1; - } + if (!TEST_mem_eq(cbc_in, (int)len, cbc_data, (int)len)) + ret = 0; - printf("testing blowfish in ofb64\n"); + return ret; +} + +static int test_bf_ofb64(void) +{ + unsigned char cbc_in[40], cbc_out[40], iv[8]; + int n, ret = 1; + BF_KEY key; + BF_LONG len; + + len = strlen(cbc_data) + 1; BF_set_key(&key, 16, cbc_key); memset(cbc_in, 0, 40); @@ -464,21 +420,42 @@ static int test(void) &n); BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]), &(cbc_out[13]), len - 13, &key, iv, &n); - if (memcmp(cbc_out, ofb64_ok, (int)len) != 0) { - err = 1; - printf("BF_ofb64_encrypt encrypt error\n"); - for (i = 0; i < (int)len; i++) - printf("0x%02X,", cbc_out[i]); - } + if (!TEST_mem_eq(cbc_out, (int)len, ofb64_ok, (int)len)) + ret = 0; + n = 0; memcpy(iv, cbc_iv, 8); BF_ofb64_encrypt(cbc_out, cbc_in, 17, &key, iv, &n); BF_ofb64_encrypt(&(cbc_out[17]), &(cbc_in[17]), len - 17, &key, iv, &n); - if (memcmp(cbc_in, cbc_data, (int)len) != 0) { - printf("BF_ofb64_encrypt decrypt error\n"); - err = 1; - } + if (!TEST_mem_eq(cbc_in, (int)len, cbc_data, (int)len)) + ret = 0; - return (err); + return ret; } #endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_BF +# ifdef CHARSET_EBCDIC + int n; + + ebcdic2ascii(cbc_data, cbc_data, strlen(cbc_data)); + for (n = 0; n < 2; n++) { + ebcdic2ascii(bf_key[n], bf_key[n], strlen(bf_key[n])); + } +# endif + + if (test_get_argument(0) != NULL) { + print_test_data(); + } else { + ADD_ALL_TESTS(test_bf_ecb_raw, 2); + ADD_ALL_TESTS(test_bf_ecb, NUM_TESTS); + ADD_ALL_TESTS(test_bf_set_key, KEY_TEST_NUM-1); + ADD_TEST(test_bf_cbc); + ADD_TEST(test_bf_cfb64); + ADD_TEST(test_bf_ofb64); + } +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/bio_enc_test.c b/deps/openssl/openssl/test/bio_enc_test.c index fad1a19013..282e8dac61 100644 --- a/deps/openssl/openssl/test/bio_enc_test.c +++ b/deps/openssl/openssl/test/bio_enc_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,50 +12,73 @@ #include <openssl/bio.h> #include <openssl/rand.h> -int main() +#include "testutil.h" + +#define ENCRYPT 1 +#define DECRYPT 0 + +#define DATA_SIZE 1024 +#define MAX_IV 32 +#define BUF_SIZE (DATA_SIZE + MAX_IV) + +static const unsigned char KEY[] = { + 0x51, 0x50, 0xd1, 0x77, 0x2f, 0x50, 0x83, 0x4a, + 0x50, 0x3e, 0x06, 0x9a, 0x97, 0x3f, 0xbd, 0x7c, + 0xe6, 0x1c, 0x43, 0x2b, 0x72, 0x0b, 0x19, 0xd1, + 0x8e, 0xc8, 0xd8, 0x4b, 0xdc, 0x63, 0x15, 0x1b +}; + +static const unsigned char IV[] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08 +}; + +static int do_bio_cipher(const EVP_CIPHER* cipher, const unsigned char* key, + const unsigned char* iv) { BIO *b; - static const unsigned char key[16] = { 0 }; - static unsigned char inp[1024] = { 0 }; - unsigned char out[1024], ref[1024]; + static unsigned char inp[BUF_SIZE] = { 0 }; + unsigned char out[BUF_SIZE], ref[BUF_SIZE]; int i, lref, len; /* Fill buffer with non-zero data so that over steps can be detected */ - if (RAND_bytes(inp, sizeof(inp)) <= 0) - return -1; + if (!TEST_int_gt(RAND_bytes(inp, DATA_SIZE), 0)) + return 0; - /* - * Exercise CBC cipher - */ + /* Encrypt tests */ /* reference output for single-chunk operation */ b = BIO_new(BIO_f_cipher()); - if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0)) - return -1; - BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp))); + if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) + return 0; + BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE)); lref = BIO_read(b, ref, sizeof(ref)); BIO_free_all(b); /* perform split operations and compare to reference */ for (i = 1; i < lref; i++) { b = BIO_new(BIO_f_cipher()); - if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0)) - return -1; - BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp))); + if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) { + TEST_info("Split encrypt failed @ operation %d", i); + return 0; + } + BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE)); memset(out, 0, sizeof(out)); out[i] = ~ref[i]; len = BIO_read(b, out, i); /* check for overstep */ - if (out[i] != (unsigned char)~ref[i]) { - fprintf(stderr, "CBC output overstep@%d\n", i); - return 1; + if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) { + TEST_info("Encrypt overstep check failed @ operation %d", i); + return 0; } len += BIO_read(b, out + len, sizeof(out) - len); BIO_free_all(b); - if (len != lref || memcmp(out, ref, len)) { - fprintf(stderr, "CBC output mismatch@%d\n", i); - return 2; + if (!TEST_mem_eq(out, len, ref, lref)) { + TEST_info("Encrypt compare failed @ operation %d", i); + return 0; } } @@ -64,53 +87,61 @@ int main() int delta; b = BIO_new(BIO_f_cipher()); - if (!BIO_set_cipher(b, EVP_aes_128_cbc(), key, NULL, 0)) - return -1; - BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp))); + if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, ENCRYPT))) { + TEST_info("Small chunk encrypt failed @ operation %d", i); + return 0; + } + BIO_push(b, BIO_new_mem_buf(inp, DATA_SIZE)); memset(out, 0, sizeof(out)); for (len = 0; (delta = BIO_read(b, out + len, i)); ) { len += delta; } BIO_free_all(b); - if (len != lref || memcmp(out, ref, len)) { - fprintf(stderr, "CBC output mismatch@%d\n", i); - return 3; + if (!TEST_mem_eq(out, len, ref, lref)) { + TEST_info("Small chunk encrypt compare failed @ operation %d", i); + return 0; } } - /* - * Exercise CTR cipher - */ + /* Decrypt tests */ /* reference output for single-chunk operation */ b = BIO_new(BIO_f_cipher()); - if (!BIO_set_cipher(b, EVP_aes_128_ctr(), key, NULL, 0)) - return -1; - BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp))); - lref = BIO_read(b, ref, sizeof(ref)); + if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) + return 0; + /* Use original reference output as input */ + BIO_push(b, BIO_new_mem_buf(ref, lref)); + (void)BIO_flush(b); + memset(out, 0, sizeof(out)); + len = BIO_read(b, out, sizeof(out)); BIO_free_all(b); + if (!TEST_mem_eq(inp, DATA_SIZE, out, len)) + return 0; + /* perform split operations and compare to reference */ for (i = 1; i < lref; i++) { b = BIO_new(BIO_f_cipher()); - if (!BIO_set_cipher(b, EVP_aes_128_ctr(), key, NULL, 0)) - return -1; - BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp))); + if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) { + TEST_info("Split decrypt failed @ operation %d", i); + return 0; + } + BIO_push(b, BIO_new_mem_buf(ref, lref)); memset(out, 0, sizeof(out)); out[i] = ~ref[i]; len = BIO_read(b, out, i); /* check for overstep */ - if (out[i] != (unsigned char)~ref[i]) { - fprintf(stderr, "CTR output overstep@%d\n", i); - return 4; + if (!TEST_uchar_eq(out[i], (unsigned char)~ref[i])) { + TEST_info("Decrypt overstep check failed @ operation %d", i); + return 0; } len += BIO_read(b, out + len, sizeof(out) - len); BIO_free_all(b); - if (len != lref || memcmp(out, ref, len)) { - fprintf(stderr, "CTR output mismatch@%d\n", i); - return 5; + if (!TEST_mem_eq(inp, DATA_SIZE, out, len)) { + TEST_info("Decrypt compare failed @ operation %d", i); + return 0; } } @@ -119,20 +150,83 @@ int main() int delta; b = BIO_new(BIO_f_cipher()); - if (!BIO_set_cipher(b, EVP_aes_128_ctr(), key, NULL, 0)) - return -1; - BIO_push(b, BIO_new_mem_buf(inp, sizeof(inp))); + if (!TEST_true(BIO_set_cipher(b, cipher, key, iv, DECRYPT))) { + TEST_info("Small chunk decrypt failed @ operation %d", i); + return 0; + } + BIO_push(b, BIO_new_mem_buf(ref, lref)); memset(out, 0, sizeof(out)); for (len = 0; (delta = BIO_read(b, out + len, i)); ) { len += delta; } BIO_free_all(b); - if (len != lref || memcmp(out, ref, len)) { - fprintf(stderr, "CTR output mismatch@%d\n", i); - return 6; + if (!TEST_mem_eq(inp, DATA_SIZE, out, len)) { + TEST_info("Small chunk decrypt compare failed @ operation %d", i); + return 0; } } + return 1; +} + +static int do_test_bio_cipher(const EVP_CIPHER* cipher, int idx) +{ + switch(idx) + { + case 0: + return do_bio_cipher(cipher, KEY, NULL); + case 1: + return do_bio_cipher(cipher, KEY, IV); + } return 0; } + +static int test_bio_enc_aes_128_cbc(int idx) +{ + return do_test_bio_cipher(EVP_aes_128_cbc(), idx); +} + +static int test_bio_enc_aes_128_ctr(int idx) +{ + return do_test_bio_cipher(EVP_aes_128_ctr(), idx); +} + +static int test_bio_enc_aes_256_cfb(int idx) +{ + return do_test_bio_cipher(EVP_aes_256_cfb(), idx); +} + +static int test_bio_enc_aes_256_ofb(int idx) +{ + return do_test_bio_cipher(EVP_aes_256_ofb(), idx); +} + +# ifndef OPENSSL_NO_CHACHA +static int test_bio_enc_chacha20(int idx) +{ + return do_test_bio_cipher(EVP_chacha20(), idx); +} + +# ifndef OPENSSL_NO_POLY1305 +static int test_bio_enc_chacha20_poly1305(int idx) +{ + return do_test_bio_cipher(EVP_chacha20_poly1305(), idx); +} +# endif +# endif + +int setup_tests(void) +{ + ADD_ALL_TESTS(test_bio_enc_aes_128_cbc, 2); + ADD_ALL_TESTS(test_bio_enc_aes_128_ctr, 2); + ADD_ALL_TESTS(test_bio_enc_aes_256_cfb, 2); + ADD_ALL_TESTS(test_bio_enc_aes_256_ofb, 2); +# ifndef OPENSSL_NO_CHACHA + ADD_ALL_TESTS(test_bio_enc_chacha20, 2); +# ifndef OPENSSL_NO_POLY1305 + ADD_ALL_TESTS(test_bio_enc_chacha20_poly1305, 2); +# endif +# endif + return 1; +} diff --git a/deps/openssl/openssl/test/bioprinttest.c b/deps/openssl/openssl/test/bioprinttest.c index b2d26225e5..d35bffa840 100644 --- a/deps/openssl/openssl/test/bioprinttest.c +++ b/deps/openssl/openssl/test/bioprinttest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,23 +7,33 @@ * https://www.openssl.org/source/license.html */ +#define TESTUTIL_NO_size_t_COMPARISON + #include <stdio.h> #include <string.h> #include <openssl/bio.h> +#include "internal/numbers.h" +#include "testutil.h" +#include "testutil/output.h" + +#define nelem(x) (int)(sizeof(x) / sizeof((x)[0])) static int justprint = 0; -static char *fpexpected[][5] = { - /* 0 */ { "0.0000e+00", "0.0000", "0", "0.0000E+00", "0" }, - /* 1 */ { "6.7000e-01", "0.6700", "0.67", "6.7000E-01", "0.67" }, - /* 2 */ { "6.6667e-01", "0.6667", "0.6667", "6.6667E-01", "0.6667" }, - /* 3 */ { "6.6667e-04", "0.0007", "0.0006667", "6.6667E-04", "0.0006667" }, - /* 4 */ { "6.6667e-05", "0.0001", "6.667e-05", "6.6667E-05", "6.667E-05" }, - /* 5 */ { "6.6667e+00", "6.6667", "6.667", "6.6667E+00", "6.667" }, - /* 6 */ { "6.6667e+01", "66.6667", "66.67", "6.6667E+01", "66.67" }, - /* 7 */ { "6.6667e+02", "666.6667", "666.7", "6.6667E+02", "666.7" }, - /* 8 */ { "6.6667e+03", "6666.6667", "6667", "6.6667E+03", "6667" }, - /* 9 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" }, +static char *fpexpected[][10][5] = { + { + /* 00 */ { "0.0000e+00", "0.0000", "0", "0.0000E+00", "0" }, + /* 01 */ { "6.7000e-01", "0.6700", "0.67", "6.7000E-01", "0.67" }, + /* 02 */ { "6.6667e-01", "0.6667", "0.6667", "6.6667E-01", "0.6667" }, + /* 03 */ { "6.6667e-04", "0.0007", "0.0006667", "6.6667E-04", "0.0006667" }, + /* 04 */ { "6.6667e-05", "0.0001", "6.667e-05", "6.6667E-05", "6.667E-05" }, + /* 05 */ { "6.6667e+00", "6.6667", "6.667", "6.6667E+00", "6.667" }, + /* 06 */ { "6.6667e+01", "66.6667", "66.67", "6.6667E+01", "66.67" }, + /* 07 */ { "6.6667e+02", "666.6667", "666.7", "6.6667E+02", "666.7" }, + /* 08 */ { "6.6667e+03", "6666.6667", "6667", "6.6667E+03", "6667" }, + /* 09 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" }, + }, + { /* 10 */ { "0.00000e+00", "0.00000", "0", "0.00000E+00", "0" }, /* 11 */ { "6.70000e-01", "0.67000", "0.67", "6.70000E-01", "0.67" }, /* 12 */ { "6.66667e-01", "0.66667", "0.66667", "6.66667E-01", "0.66667" }, @@ -34,6 +44,8 @@ static char *fpexpected[][5] = { /* 17 */ { "6.66667e+02", "666.66667", "666.67", "6.66667E+02", "666.67" }, /* 18 */ { "6.66667e+03", "6666.66667", "6666.7", "6.66667E+03", "6666.7" }, /* 19 */ { "6.66667e+04", "66666.66667", "66667", "6.66667E+04", "66667" }, + }, + { /* 20 */ { " 0.0000e+00", " 0.0000", " 0", " 0.0000E+00", " 0" }, /* 21 */ { " 6.7000e-01", " 0.6700", " 0.67", " 6.7000E-01", " 0.67" }, /* 22 */ { " 6.6667e-01", " 0.6667", " 0.6667", " 6.6667E-01", " 0.6667" }, @@ -44,6 +56,8 @@ static char *fpexpected[][5] = { /* 27 */ { " 6.6667e+02", " 666.6667", " 666.7", " 6.6667E+02", " 666.7" }, /* 28 */ { " 6.6667e+03", " 6666.6667", " 6667", " 6.6667E+03", " 6667" }, /* 29 */ { " 6.6667e+04", " 66666.6667", " 6.667e+04", " 6.6667E+04", " 6.667E+04" }, + }, + { /* 30 */ { " 0.00000e+00", " 0.00000", " 0", " 0.00000E+00", " 0" }, /* 31 */ { " 6.70000e-01", " 0.67000", " 0.67", " 6.70000E-01", " 0.67" }, /* 32 */ { " 6.66667e-01", " 0.66667", " 0.66667", " 6.66667E-01", " 0.66667" }, @@ -54,6 +68,8 @@ static char *fpexpected[][5] = { /* 37 */ { " 6.66667e+02", " 666.66667", " 666.67", " 6.66667E+02", " 666.67" }, /* 38 */ { " 6.66667e+03", " 6666.66667", " 6666.7", " 6.66667E+03", " 6666.7" }, /* 39 */ { " 6.66667e+04", " 66666.66667", " 66667", " 6.66667E+04", " 66667" }, + }, + { /* 40 */ { "0e+00", "0", "0", "0E+00", "0" }, /* 41 */ { "7e-01", "1", "0.7", "7E-01", "0.7" }, /* 42 */ { "7e-01", "1", "0.7", "7E-01", "0.7" }, @@ -64,6 +80,8 @@ static char *fpexpected[][5] = { /* 47 */ { "7e+02", "667", "7e+02", "7E+02", "7E+02" }, /* 48 */ { "7e+03", "6667", "7e+03", "7E+03", "7E+03" }, /* 49 */ { "7e+04", "66667", "7e+04", "7E+04", "7E+04" }, + }, + { /* 50 */ { "0.000000e+00", "0.000000", "0", "0.000000E+00", "0" }, /* 51 */ { "6.700000e-01", "0.670000", "0.67", "6.700000E-01", "0.67" }, /* 52 */ { "6.666667e-01", "0.666667", "0.666667", "6.666667E-01", "0.666667" }, @@ -74,6 +92,8 @@ static char *fpexpected[][5] = { /* 57 */ { "6.666667e+02", "666.666667", "666.667", "6.666667E+02", "666.667" }, /* 58 */ { "6.666667e+03", "6666.666667", "6666.67", "6.666667E+03", "6666.67" }, /* 59 */ { "6.666667e+04", "66666.666667", "66666.7", "6.666667E+04", "66666.7" }, + }, + { /* 60 */ { "0.0000e+00", "000.0000", "00000000", "0.0000E+00", "00000000" }, /* 61 */ { "6.7000e-01", "000.6700", "00000.67", "6.7000E-01", "00000.67" }, /* 62 */ { "6.6667e-01", "000.6667", "000.6667", "6.6667E-01", "000.6667" }, @@ -84,32 +104,96 @@ static char *fpexpected[][5] = { /* 67 */ { "6.6667e+02", "666.6667", "000666.7", "6.6667E+02", "000666.7" }, /* 68 */ { "6.6667e+03", "6666.6667", "00006667", "6.6667E+03", "00006667" }, /* 69 */ { "6.6667e+04", "66666.6667", "6.667e+04", "6.6667E+04", "6.667E+04" }, + }, +}; + +typedef struct z_data_st { + size_t value; + const char *format; + const char *expected; +} z_data; + +static z_data zu_data[] = { + { SIZE_MAX, "%zu", (sizeof(size_t) == 4 ? "4294967295" + : sizeof(size_t) == 8 ? "18446744073709551615" + : "") }, + /* + * in 2-complement, the unsigned number divided by two plus one becomes the + * smallest possible negative signed number of the corresponding type + */ + { SIZE_MAX / 2 + 1, "%zi", (sizeof(size_t) == 4 ? "-2147483648" + : sizeof(size_t) == 8 ? "-9223372036854775808" + : "") }, + { 0, "%zu", "0" }, + { 0, "%zi", "0" }, +}; + +static int test_zu(int i) +{ + char bio_buf[80]; + const z_data *data = &zu_data[i]; + + BIO_snprintf(bio_buf, sizeof(bio_buf) - 1, data->format, data->value); + if (!TEST_str_eq(bio_buf, data->expected)) + return 0; + return 1; +} + +typedef struct j_data_st { + uint64_t value; + const char *format; + const char *expected; +} j_data; + +static j_data jf_data[] = { + { 0xffffffffffffffffU, "%ju", "18446744073709551615" }, + { 0xffffffffffffffffU, "%jx", "ffffffffffffffff" }, + { 0x8000000000000000U, "%ju", "9223372036854775808" }, + /* + * These tests imply two's-complement, but it's the only binary + * representation we support, see test/sanitytest.c... + */ + { 0x8000000000000000U, "%ji", "-9223372036854775808" }, +}; + +static int test_j(int i) +{ + const j_data *data = &jf_data[i]; + char bio_buf[80]; + + BIO_snprintf(bio_buf, sizeof(bio_buf) - 1, data->format, data->value); + if (!TEST_str_eq(bio_buf, data->expected)) + return 0; + return 1; +} + + +/* Precision and width. */ +typedef struct pw_st { + int p; + const char *w; +} pw; + +static pw pw_params[] = { + { 4, "" }, + { 5, "" }, + { 4, "12" }, + { 5, "12" }, + { 0, "" }, + { -1, "" }, + { 4, "08" } }; -static void dofptest(int test, double val, char *width, int prec, int *fail) +static int dofptest(int test, int sub, double val, const char *width, int prec) { + static const char *fspecs[] = { + "e", "f", "g", "E", "G" + }; char format[80], result[80]; - int i; - - for (i = 0; i < 5; i++) { - char *fspec = NULL; - switch (i) { - case 0: - fspec = "e"; - break; - case 1: - fspec = "f"; - break; - case 2: - fspec = "g"; - break; - case 3: - fspec = "E"; - break; - case 4: - fspec = "G"; - break; - } + int ret = 1, i; + + for (i = 0; i < nelem(fspecs); i++) { + const char *fspec = fspecs[i]; if (prec >= 0) BIO_snprintf(format, sizeof(format), "%%%s.%d%s", width, prec, @@ -119,107 +203,100 @@ static void dofptest(int test, double val, char *width, int prec, int *fail) BIO_snprintf(result, sizeof(result), format, val); if (justprint) { - if (i == 0) { - printf(" /* %3d */ { \"%s\"", test, result); - } else { + if (i == 0) + printf(" /* %d%d */ { \"%s\"", test, sub, result); + else printf(", \"%s\"", result); - } - } else { - if (strcmp(fpexpected[test][i], result) != 0) { - printf("Test %d(%d) failed. Expected \"%s\". Got \"%s\". " - "Format \"%s\"\n", test, i, fpexpected[test][i], result, - format); - *fail = 1; - } + } else if (!TEST_str_eq(fpexpected[test][sub][i], result)) { + TEST_info("test %d format=|%s| exp=|%s|, ret=|%s|", + test, format, fpexpected[test][sub][i], result); + ret = 0; } } - if (justprint) { + if (justprint) printf(" },\n"); - } + return ret; } -int main(int argc, char **argv) +static int test_fp(int i) +{ + int t = 0, r; + const double frac = 2.0 / 3.0; + const pw *pwp = &pw_params[i]; + + if (justprint) + printf(" {\n"); + r = TEST_true(dofptest(i, t++, 0.0, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, 0.67, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, frac, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, frac / 1000, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, frac / 10000, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, 6.0 + frac, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, 66.0 + frac, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, 666.0 + frac, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, 6666.0 + frac, pwp->w, pwp->p)) + && TEST_true(dofptest(i, t++, 66666.0 + frac, pwp->w, pwp->p)); + if (justprint) + printf(" },\n"); + return r; +} + +static int test_big(void) { - int test = 0; - int i; - int fail = 0; - int prec = -1; - char *width = ""; - const double frac = 2.0/3.0; char buf[80]; - if (argc == 2 && strcmp(argv[1], "-expected") == 0) { - justprint = 1; - } + /* Test excessively big number. Should fail */ + if (!TEST_int_eq(BIO_snprintf(buf, sizeof(buf), + "%f\n", 2 * (double)ULONG_MAX), -1)) + return 0; + return 1; +} - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - /* Tests for floating point format specifiers */ - for (i = 0; i < 7; i++) { - switch (i) { - case 0: - prec = 4; - width = ""; - break; - case 1: - prec = 5; - width = ""; - break; - case 2: - prec = 4; - width = "12"; - break; - case 3: - prec = 5; - width = "12"; - break; - case 4: - prec = 0; - width = ""; - break; - case 5: - prec = -1; - width = ""; - break; - case 6: - prec = 4; - width = "08"; - break; - } - dofptest(test++, 0.0, width, prec, &fail); - dofptest(test++, 0.67, width, prec, &fail); - dofptest(test++, frac, width, prec, &fail); - dofptest(test++, frac / 1000, width, prec, &fail); - dofptest(test++, frac / 10000, width, prec, &fail); - dofptest(test++, 6.0 + frac, width, prec, &fail); - dofptest(test++, 66.0 + frac, width, prec, &fail); - dofptest(test++, 666.0 + frac, width, prec, &fail); - dofptest(test++, 6666.0 + frac, width, prec, &fail); - dofptest(test++, 66666.0 + frac, width, prec, &fail); - } +int setup_tests(void) +{ + justprint = test_has_option("-expected"); - /* Test excessively big number. Should fail */ - if (BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX) != -1) { - printf("Test %d failed. Unexpected success return from " - "BIO_snprintf()\n", test); - fail = 1; - } + ADD_TEST(test_big); + ADD_ALL_TESTS(test_fp, nelem(pw_params)); + ADD_ALL_TESTS(test_zu, nelem(zu_data)); + ADD_ALL_TESTS(test_j, nelem(jf_data)); + return 1; +} -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; -# endif +/* + * Replace testutil output routines. We do this to eliminate possible sources + * of BIO error + */ +void test_open_streams(void) +{ +} - if (!justprint) { - if (fail) { - printf("FAIL\n"); - return 1; - } - printf ("PASS\n"); - } - return 0; +void test_close_streams(void) +{ } +/* + * This works out as long as caller doesn't use any "fancy" formats. + * But we are caller's caller, and test_str_eq is the only one called, + * and it uses only "%s", which is not "fancy"... + */ +int test_vprintf_stdout(const char *fmt, va_list ap) +{ + return vfprintf(stdout, fmt, ap); +} +int test_vprintf_stderr(const char *fmt, va_list ap) +{ + return vfprintf(stderr, fmt, ap); +} + +int test_flush_stdout(void) +{ + return fflush(stdout); +} + +int test_flush_stderr(void) +{ + return fflush(stderr); +} diff --git a/deps/openssl/openssl/test/bntest.c b/deps/openssl/openssl/test/bntest.c index 686eab8af8..0502497fe3 100644 --- a/deps/openssl/openssl/test/bntest.c +++ b/deps/openssl/openssl/test/bntest.c @@ -1,841 +1,412 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy * in the file LICENSE in the source distribution or at * https://www.openssl.org/source/license.html */ - -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the Eric Young open source - * license provided above. - * - * The binary polynomial arithmetic software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - +#include <assert.h> +#include <errno.h> #include <stdio.h> -#include <stdlib.h> #include <string.h> +#include <ctype.h> -#include "e_os.h" - -#include <openssl/bio.h> #include <openssl/bn.h> -#include <openssl/rand.h> -#include <openssl/x509.h> +#include <openssl/crypto.h> #include <openssl/err.h> +#include <openssl/rand.h> +#include "internal/nelem.h" +#include "internal/numbers.h" +#include "testutil.h" + +#ifdef OPENSSL_SYS_WINDOWS +# define strcasecmp _stricmp +#endif /* - * In bn_lcl.h, bn_expand() is defined as a static ossl_inline function. - * This is fine in itself, it will end up as an unused static function in - * the worst case. However, it referenses bn_expand2(), which is a private - * function in libcrypto and therefore unavailable on some systems. This - * may result in a linker error because of unresolved symbols. - * - * To avoid this, we define a dummy variant of bn_expand2() here, and to - * avoid possible clashes with libcrypto, we rename it first, using a macro. + * Things in boring, not in openssl. TODO we should add them. */ -#define bn_expand2 dummy_bn_expand2 -BIGNUM *bn_expand2(BIGNUM *b, int words); -BIGNUM *bn_expand2(BIGNUM *b, int words) { return NULL; } - -#include "../crypto/bn/bn_lcl.h" - -static const int num0 = 100; /* number of tests */ -static const int num1 = 50; /* additional tests for some functions */ -static const int num2 = 5; /* number of tests for slow functions */ - -int test_add(BIO *bp); -int test_sub(BIO *bp); -int test_lshift1(BIO *bp); -int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_); -int test_rshift1(BIO *bp); -int test_rshift(BIO *bp, BN_CTX *ctx); -int test_div(BIO *bp, BN_CTX *ctx); -int test_div_word(BIO *bp); -int test_div_recp(BIO *bp, BN_CTX *ctx); -int test_mul(BIO *bp); -int test_sqr(BIO *bp, BN_CTX *ctx); -int test_mont(BIO *bp, BN_CTX *ctx); -int test_mod(BIO *bp, BN_CTX *ctx); -int test_mod_mul(BIO *bp, BN_CTX *ctx); -int test_mod_exp(BIO *bp, BN_CTX *ctx); -int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx); -int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx); -int test_exp(BIO *bp, BN_CTX *ctx); -int test_gf2m_add(BIO *bp); -int test_gf2m_mod(BIO *bp); -int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx); -int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx); -int test_kron(BIO *bp, BN_CTX *ctx); -int test_sqrt(BIO *bp, BN_CTX *ctx); -int test_small_prime(BIO *bp, BN_CTX *ctx); -int test_bn2dec(BIO *bp); -int rand_neg(void); -static int results = 0; - -static unsigned char lst[] = - "\xC6\x4F\x43\x04\x2A\xEA\xCA\x6E\x58\x36\x80\x5B\xE8\xC9" - "\x9B\x04\x5D\x48\x36\xC2\xFD\x16\xC9\x64\xF0"; - -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; - -static void message(BIO *out, char *m) -{ - fprintf(stderr, "test %s\n", m); - BIO_puts(out, "print \"test "); - BIO_puts(out, m); - BIO_puts(out, "\\n\"\n"); -} +#define HAVE_BN_PADDED 0 +#define HAVE_BN_SQRT 0 -int main(int argc, char *argv[]) -{ - BN_CTX *ctx; - BIO *out; - char *outfile = NULL; - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - results = 0; - - RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */ - - argc--; - argv++; - while (argc >= 1) { - if (strcmp(*argv, "-results") == 0) - results = 1; - else if (strcmp(*argv, "-out") == 0) { - if (--argc < 1) - break; - outfile = *(++argv); - } - argc--; - argv++; - } - - ctx = BN_CTX_new(); - if (ctx == NULL) - EXIT(1); - - out = BIO_new(BIO_s_file()); - if (out == NULL) - EXIT(1); - if (outfile == NULL) { - BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); - } else { - if (!BIO_write_filename(out, outfile)) { - perror(outfile); - EXIT(1); - } - } -#ifdef OPENSSL_SYS_VMS - { - BIO *tmpbio = BIO_new(BIO_f_linebuffer()); - out = BIO_push(tmpbio, out); - } -#endif +typedef struct filetest_st { + const char *name; + int (*func)(STANZA *s); +} FILETEST; - if (!results) - BIO_puts(out, "obase=16\nibase=16\n"); +typedef struct mpitest_st { + const char *base10; + const char *mpi; + size_t mpi_len; +} MPITEST; - message(out, "BN_add"); - if (!test_add(out)) - goto err; - (void)BIO_flush(out); +static const int NUM0 = 100; /* number of tests */ +static const int NUM1 = 50; /* additional tests for some functions */ +static BN_CTX *ctx; - message(out, "BN_sub"); - if (!test_sub(out)) - goto err; - (void)BIO_flush(out); - - message(out, "BN_lshift1"); - if (!test_lshift1(out)) - goto err; - (void)BIO_flush(out); +/* + * Polynomial coefficients used in GFM tests. + */ +#ifndef OPENSSL_NO_EC2M +static int p0[] = { 163, 7, 6, 3, 0, -1 }; +static int p1[] = { 193, 15, 0, -1 }; +#endif - message(out, "BN_lshift (fixed)"); - if (!test_lshift(out, ctx, BN_bin2bn(lst, sizeof(lst) - 1, NULL))) - goto err; - (void)BIO_flush(out); +/* + * Look for |key| in the stanza and return it or NULL if not found. + */ +static const char *findattr(STANZA *s, const char *key) +{ + int i = s->numpairs; + PAIR *pp = s->pairs; - message(out, "BN_lshift"); - if (!test_lshift(out, ctx, NULL)) - goto err; - (void)BIO_flush(out); + for ( ; --i >= 0; pp++) + if (strcasecmp(pp->key, key) == 0) + return pp->value; + return NULL; +} - message(out, "BN_rshift1"); - if (!test_rshift1(out)) - goto err; - (void)BIO_flush(out); +/* + * Parse BIGNUM from sparse hex-strings, return |BN_hex2bn| result. + */ +static int parse_bigBN(BIGNUM **out, const char *bn_strings[]) +{ + char *bigstring = glue_strings(bn_strings, NULL); + int ret = BN_hex2bn(out, bigstring); - message(out, "BN_rshift"); - if (!test_rshift(out, ctx)) - goto err; - (void)BIO_flush(out); + OPENSSL_free(bigstring); + return ret; +} - message(out, "BN_sqr"); - if (!test_sqr(out, ctx)) - goto err; - (void)BIO_flush(out); +/* + * Parse BIGNUM, return number of bytes parsed. + */ +static int parseBN(BIGNUM **out, const char *in) +{ + *out = NULL; + return BN_hex2bn(out, in); +} - message(out, "BN_mul"); - if (!test_mul(out)) - goto err; - (void)BIO_flush(out); +static int parsedecBN(BIGNUM **out, const char *in) +{ + *out = NULL; + return BN_dec2bn(out, in); +} - message(out, "BN_div"); - if (!test_div(out, ctx)) - goto err; - (void)BIO_flush(out); +static BIGNUM *getBN(STANZA *s, const char *attribute) +{ + const char *hex; + BIGNUM *ret = NULL; - message(out, "BN_div_word"); - if (!test_div_word(out)) - goto err; - (void)BIO_flush(out); + if ((hex = findattr(s, attribute)) == NULL) { + TEST_error("%s:%d: Can't find %s", s->test_file, s->start, attribute); + return NULL; + } - message(out, "BN_div_recp"); - if (!test_div_recp(out, ctx)) - goto err; - (void)BIO_flush(out); + if (parseBN(&ret, hex) != (int)strlen(hex)) { + TEST_error("Could not decode '%s'", hex); + return NULL; + } + return ret; +} - message(out, "BN_mod"); - if (!test_mod(out, ctx)) - goto err; - (void)BIO_flush(out); +static int getint(STANZA *s, int *out, const char *attribute) +{ + BIGNUM *ret; + BN_ULONG word; + int st = 0; - message(out, "BN_mod_mul"); - if (!test_mod_mul(out, ctx)) + if (!TEST_ptr(ret = getBN(s, attribute)) + || !TEST_ulong_le(word = BN_get_word(ret), INT_MAX)) goto err; - (void)BIO_flush(out); - message(out, "BN_mont"); - if (!test_mont(out, ctx)) - goto err; - (void)BIO_flush(out); + *out = (int)word; + st = 1; +err: + BN_free(ret); + return st; +} - message(out, "BN_mod_exp"); - if (!test_mod_exp(out, ctx)) - goto err; - (void)BIO_flush(out); +static int equalBN(const char *op, const BIGNUM *expected, const BIGNUM *actual) +{ + if (BN_cmp(expected, actual) == 0) + return 1; - message(out, "BN_mod_exp_mont_consttime"); - if (!test_mod_exp_mont_consttime(out, ctx)) - goto err; - if (!test_mod_exp_mont5(out, ctx)) - goto err; - (void)BIO_flush(out); + TEST_error("unexpected %s value", op); + TEST_BN_eq(expected, actual); + return 0; +} - message(out, "BN_exp"); - if (!test_exp(out, ctx)) - goto err; - (void)BIO_flush(out); - message(out, "BN_kronecker"); - if (!test_kron(out, ctx)) - goto err; - (void)BIO_flush(out); +/* + * Return a "random" flag for if a BN should be negated. + */ +static int rand_neg(void) +{ + static unsigned int neg = 0; + static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 }; - message(out, "BN_mod_sqrt"); - if (!test_sqrt(out, ctx)) - goto err; - (void)BIO_flush(out); + return sign[(neg++) % 8]; +} - message(out, "Small prime generation"); - if (!test_small_prime(out, ctx)) - goto err; - (void)BIO_flush(out); - message(out, "BN_bn2dec"); - if (!test_bn2dec(out)) - goto err; - (void)BIO_flush(out); +static int test_swap(void) +{ + BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL; + int top, cond, st = 0; -#ifndef OPENSSL_NO_EC2M - message(out, "BN_GF2m_add"); - if (!test_gf2m_add(out)) + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new())) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod"); - if (!test_gf2m_mod(out)) - goto err; - (void)BIO_flush(out); + BN_bntest_rand(a, 1024, 1, 0); + BN_bntest_rand(b, 1024, 1, 0); + BN_copy(c, a); + BN_copy(d, b); + top = BN_num_bits(a)/BN_BITS2; - message(out, "BN_GF2m_mod_mul"); - if (!test_gf2m_mod_mul(out, ctx)) + /* regular swap */ + BN_swap(a, b); + if (!equalBN("swap", a, d) + || !equalBN("swap", b, c)) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_sqr"); - if (!test_gf2m_mod_sqr(out, ctx)) + /* conditional swap: true */ + cond = 1; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap true", a, c) + || !equalBN("cswap true", b, d)) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_inv"); - if (!test_gf2m_mod_inv(out, ctx)) + /* conditional swap: false */ + cond = 0; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap false", a, c) + || !equalBN("cswap false", b, d)) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_div"); - if (!test_gf2m_mod_div(out, ctx)) - goto err; - (void)BIO_flush(out); + /* same tests but checking flag swap */ + BN_set_flags(a, BN_FLG_CONSTTIME); - message(out, "BN_GF2m_mod_exp"); - if (!test_gf2m_mod_exp(out, ctx)) + BN_swap(a, b); + if (!equalBN("swap, flags", a, d) + || !equalBN("swap, flags", b, c) + || !TEST_true(BN_get_flags(b, BN_FLG_CONSTTIME)) + || !TEST_false(BN_get_flags(a, BN_FLG_CONSTTIME))) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_sqrt"); - if (!test_gf2m_mod_sqrt(out, ctx)) + cond = 1; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap true, flags", a, c) + || !equalBN("cswap true, flags", b, d) + || !TEST_true(BN_get_flags(a, BN_FLG_CONSTTIME)) + || !TEST_false(BN_get_flags(b, BN_FLG_CONSTTIME))) goto err; - (void)BIO_flush(out); - message(out, "BN_GF2m_mod_solve_quad"); - if (!test_gf2m_mod_solve_quad(out, ctx)) + cond = 0; + BN_consttime_swap(cond, a, b, top); + if (!equalBN("cswap false, flags", a, c) + || !equalBN("cswap false, flags", b, d) + || !TEST_true(BN_get_flags(a, BN_FLG_CONSTTIME)) + || !TEST_false(BN_get_flags(b, BN_FLG_CONSTTIME))) goto err; - (void)BIO_flush(out); -#endif - BN_CTX_free(ctx); - BIO_free(out); - ERR_print_errors_fp(stderr); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - EXIT(1); -#endif - EXIT(0); + st = 1; err: - BIO_puts(out, "1\n"); /* make sure the Perl script fed by bc - * notices the failure, see test_bn in - * test/Makefile.ssl */ - (void)BIO_flush(out); - BN_CTX_free(ctx); - BIO_free(out); - - ERR_print_errors_fp(stderr); - EXIT(1); -} - -int test_add(BIO *bp) -{ - BIGNUM *a, *b, *c; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - - BN_bntest_rand(a, 512, 0, 0); - for (i = 0; i < num0; i++) { - BN_bntest_rand(b, 450 + i, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_add(c, a, b); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " + "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - a->neg = !a->neg; - b->neg = !b->neg; - BN_add(c, c, b); - BN_add(c, c, a); - if (!BN_is_zero(c)) { - fprintf(stderr, "Add test failed!\n"); - return 0; - } - } BN_free(a); BN_free(b); BN_free(c); - return (1); + BN_free(d); + return st; } -int test_sub(BIO *bp) +static int test_sub(void) { - BIGNUM *a, *b, *c; - int i; + BIGNUM *a = NULL, *b = NULL, *c = NULL; + int i, st = 0; - a = BN_new(); - b = BN_new(); - c = BN_new(); + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new())) + goto err; - for (i = 0; i < num0 + num1; i++) { - if (i < num1) { + for (i = 0; i < NUM0 + NUM1; i++) { + if (i < NUM1) { BN_bntest_rand(a, 512, 0, 0); BN_copy(b, a); - if (BN_set_bit(a, i) == 0) - return (0); + if (!TEST_int_ne(BN_set_bit(a, i), 0)) + goto err; BN_add_word(b, i); } else { - BN_bntest_rand(b, 400 + i - num1, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_bntest_rand(b, 400 + i - NUM1, 0, 0); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); } BN_sub(c, a, b); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " - "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } BN_add(c, c, b); BN_sub(c, c, a); - if (!BN_is_zero(c)) { - fprintf(stderr, "Subtract test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - return (1); -} - -int test_div(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_one(a); - BN_zero(b); - - if (BN_div(d, c, a, b, ctx)) { - fprintf(stderr, "Division by zero succeeded!\n"); - return 0; - } - - for (i = 0; i < num0 + num1; i++) { - if (i < num1) { - BN_bntest_rand(a, 400, 0, 0); - BN_copy(b, a); - BN_lshift(a, a, i); - BN_add_word(a, i); - } else - BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_div(d, c, a, b, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_mul(e, d, b, ctx); - BN_add(d, e, c); - BN_sub(d, d, a); - if (!BN_is_zero(d)) { - fprintf(stderr, "Division test failed!\n"); - return 0; - } + if (!TEST_BN_eq_zero(c)) + goto err; } + st = 1; +err: BN_free(a); BN_free(b); BN_free(c); - BN_free(d); - BN_free(e); - return (1); + return st; } -static void print_word(BIO *bp, BN_ULONG w) -{ - int i = sizeof(w) * 8; - char *fmt = NULL; - unsigned char byte; - - do { - i -= 8; - byte = (unsigned char)(w >> i); - if (fmt == NULL) - fmt = byte ? "%X" : NULL; - else - fmt = "%02X"; - - if (fmt != NULL) - BIO_printf(bp, fmt, byte); - } while (i); - /* If we haven't printed anything, at least print a zero! */ - if (fmt == NULL) - BIO_printf(bp, "0"); -} - -int test_div_word(BIO *bp) +static int test_div_recip(void) { - BIGNUM *a, *b; - BN_ULONG r, rmod, s; - int i; - - a = BN_new(); - b = BN_new(); - - for (i = 0; i < num0; i++) { - do { - BN_bntest_rand(a, 512, -1, 0); - BN_bntest_rand(b, BN_BITS2, -1, 0); - } while (BN_is_zero(b)); - - s = b->d[0]; - BN_copy(b, a); - rmod = BN_mod_word(b, s); - r = BN_div_word(b, s); - - if (rmod != r) { - fprintf(stderr, "Mod (word) test failed!\n"); - return 0; - } - - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - print_word(bp, s); - BIO_puts(bp, " - "); - } - BN_print(bp, b); - BIO_puts(bp, "\n"); - - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - print_word(bp, s); - BIO_puts(bp, " - "); - } - print_word(bp, r); - BIO_puts(bp, "\n"); - } - BN_mul_word(b, s); - BN_add_word(b, r); - BN_sub(b, a, b); - if (!BN_is_zero(b)) { - fprintf(stderr, "Division (word) test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - return (1); -} + BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL; + BN_RECP_CTX *recp = NULL; + int st = 0, i; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(recp = BN_RECP_CTX_new())) + goto err; -int test_div_recp(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - BN_RECP_CTX *recp; - int i; - - recp = BN_RECP_CTX_new(); - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - for (i = 0; i < num0 + num1; i++) { - if (i < num1) { + for (i = 0; i < NUM0 + NUM1; i++) { + if (i < NUM1) { BN_bntest_rand(a, 400, 0, 0); BN_copy(b, a); BN_lshift(a, a, i); BN_add_word(a, i); } else - BN_bntest_rand(b, 50 + 3 * (i - num1), 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_bntest_rand(b, 50 + 3 * (i - NUM1), 0, 0); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_RECP_CTX_set(recp, b, ctx); BN_div_recp(d, c, a, recp, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } BN_mul(e, d, b, ctx); BN_add(d, e, c); BN_sub(d, d, a); - if (!BN_is_zero(d)) { - fprintf(stderr, "Reciprocal division test failed!\n"); - fprintf(stderr, "a="); - BN_print_fp(stderr, a); - fprintf(stderr, "\nb="); - BN_print_fp(stderr, b); - fprintf(stderr, "\n"); - return 0; - } + if (!TEST_BN_eq_zero(d)) + goto err; } + st = 1; +err: BN_free(a); BN_free(b); BN_free(c); BN_free(d); BN_free(e); BN_RECP_CTX_free(recp); - return (1); + return st; } -int test_mul(BIO *bp) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - BN_CTX *ctx; - - ctx = BN_CTX_new(); - if (ctx == NULL) - EXIT(1); - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - for (i = 0; i < num0 + num1; i++) { - if (i <= num1) { - BN_bntest_rand(a, 100, 0, 0); - BN_bntest_rand(b, 100, 0, 0); - } else - BN_bntest_rand(b, i - num1, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_mul(c, a, b, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_div(d, e, c, a, ctx); - BN_sub(d, d, b); - if (!BN_is_zero(d) || !BN_is_zero(e)) { - fprintf(stderr, "Multiplication test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - BN_CTX_free(ctx); - return (1); -} -int test_sqr(BIO *bp, BN_CTX *ctx) +static int test_mod(void) { - BIGNUM *a, *c, *d, *e; - int i, ret = 0; - - a = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - if (a == NULL || c == NULL || d == NULL || e == NULL) { + BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL, *e = NULL; + int st = 0, i; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new())) goto err; - } - for (i = 0; i < num0; i++) { - BN_bntest_rand(a, 40 + i * 10, 0, 0); - a->neg = rand_neg(); - BN_sqr(c, a, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, a); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_div(d, e, c, a, ctx); - BN_sub(d, d, a); - if (!BN_is_zero(d) || !BN_is_zero(e)) { - fprintf(stderr, "Square test failed!\n"); + BN_bntest_rand(a, 1024, 0, 0); + for (i = 0; i < NUM0; i++) { + BN_bntest_rand(b, 450 + i * 10, 0, 0); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); + BN_mod(c, a, b, ctx); + BN_div(d, e, a, b, ctx); + BN_sub(e, e, c); + if (!TEST_BN_eq_zero(e)) goto err; - } - } - - /* Regression test for a BN_sqr overflow bug. */ - BN_hex2bn(&a, - "80000000000000008000000000000001" - "FFFFFFFFFFFFFFFE0000000000000000"); - BN_sqr(c, a, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, a); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_mul(d, a, a, ctx); - if (BN_cmp(c, d)) { - fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce " - "different results!\n"); - goto err; } - - /* Regression test for a BN_sqr overflow bug. */ - BN_hex2bn(&a, - "80000000000000000000000080000001" - "FFFFFFFE000000000000000000000000"); - BN_sqr(c, a, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, a); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_mul(d, a, a, ctx); - if (BN_cmp(c, d)) { - fprintf(stderr, "Square test failed: BN_sqr and BN_mul produce " - "different results!\n"); - goto err; - } - ret = 1; - err: + st = 1; +err: BN_free(a); + BN_free(b); BN_free(c); BN_free(d); BN_free(e); - return ret; + return st; } -int test_mont(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *A, *B; - BIGNUM *n; - int i; - BN_MONT_CTX *mont; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - A = BN_new(); - B = BN_new(); - n = BN_new(); - - mont = BN_MONT_CTX_new(); - if (mont == NULL) - return 0; +static const char *bn1strings[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF00", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "00000000000000000000000000000000000000000000000000FFFFFFFFFFFFFF", + NULL +}; + +static const char *bn2strings[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000FFFFFFFF0000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "0000000000000000000000000000000000000000000000000000000000000000", + "000000000000000000000000000000000000000000FFFFFFFFFFFFFF00000000", + NULL +}; - BN_zero(n); - if (BN_MONT_CTX_set(mont, n, ctx)) { - fprintf(stderr, "BN_MONT_CTX_set succeeded for zero modulus!\n"); - return 0; - } - - BN_set_word(n, 16); - if (BN_MONT_CTX_set(mont, n, ctx)) { - fprintf(stderr, "BN_MONT_CTX_set succeeded for even modulus!\n"); - return 0; - } - - BN_bntest_rand(a, 100, 0, 0); - BN_bntest_rand(b, 100, 0, 0); - for (i = 0; i < num2; i++) { - int bits = (200 * (i + 1)) / num2; +/* + * Test constant-time modular exponentiation with 1024-bit inputs, which on + * x86_64 cause a different code branch to be taken. + */ +static int test_modexp_mont5(void) +{ + BIGNUM *a = NULL, *p = NULL, *m = NULL, *d = NULL, *e = NULL; + BIGNUM *b = NULL, *n = NULL, *c = NULL; + BN_MONT_CTX *mont = NULL; + int st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(m = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(n = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(mont = BN_MONT_CTX_new())) + goto err; - if (bits == 0) - continue; - BN_bntest_rand(n, bits, 0, 1); - BN_MONT_CTX_set(mont, n, ctx); - - BN_nnmod(a, a, n, ctx); - BN_nnmod(b, b, n, ctx); - - BN_to_montgomery(A, a, mont, ctx); - BN_to_montgomery(B, b, mont, ctx); - - BN_mod_mul_montgomery(c, A, B, mont, ctx); - BN_from_montgomery(A, c, mont, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, b); - BIO_puts(bp, " % "); - BN_print(bp, &mont->N); - BIO_puts(bp, " - "); - } - BN_print(bp, A); - BIO_puts(bp, "\n"); - } - BN_mod_mul(d, a, b, n, ctx); - BN_sub(d, d, A); - if (!BN_is_zero(d)) { - fprintf(stderr, "Montgomery multiplication test failed!\n"); - return 0; - } - } + BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */ + /* Zero exponent */ + BN_bntest_rand(a, 1024, 0, 0); + BN_zero(p); + if (!TEST_true(BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL))) + goto err; + if (!TEST_BN_eq_one(d)) + goto err; /* Regression test for carry bug in mulx4x_mont */ BN_hex2bn(&a, @@ -856,309 +427,105 @@ int test_mont(BIO *bp, BN_CTX *ctx) BN_MONT_CTX_set(mont, n, ctx); BN_mod_mul_montgomery(c, a, b, mont, ctx); BN_mod_mul_montgomery(d, b, a, mont, ctx); - if (BN_cmp(c, d)) { - fprintf(stderr, "Montgomery multiplication test failed:" - " a*b != b*a.\n"); - return 0; - } - - BN_MONT_CTX_free(mont); - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(A); - BN_free(B); - BN_free(n); - return (1); -} - -int test_mod(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_bntest_rand(a, 1024, 0, 0); - for (i = 0; i < num0; i++) { - BN_bntest_rand(b, 450 + i * 10, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - BN_mod(c, a, b, ctx); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " % "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, c); - BIO_puts(bp, "\n"); - } - BN_div(d, e, a, b, ctx); - BN_sub(e, e, c); - if (!BN_is_zero(e)) { - fprintf(stderr, "Modulo test failed!\n"); - return 0; - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return (1); -} - -int test_mod_mul(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i, j; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_one(a); - BN_one(b); - BN_zero(c); - if (BN_mod_mul(e, a, b, c, ctx)) { - fprintf(stderr, "BN_mod_mul with zero modulus succeeded!\n"); - return 0; - } - - for (j = 0; j < 3; j++) { - BN_bntest_rand(c, 1024, 0, 0); - for (i = 0; i < num0; i++) { - BN_bntest_rand(a, 475 + i * 10, 0, 0); - BN_bntest_rand(b, 425 + i * 11, 0, 0); - a->neg = rand_neg(); - b->neg = rand_neg(); - if (!BN_mod_mul(e, a, b, c, ctx)) { - unsigned long l; - - while ((l = ERR_get_error())) - fprintf(stderr, "ERROR:%s\n", ERR_error_string(l, NULL)); - EXIT(1); - } - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, b); - BIO_puts(bp, " % "); - BN_print(bp, c); - if ((a->neg ^ b->neg) && !BN_is_zero(e)) { - /* - * If (a*b) % c is negative, c must be added in order - * to obtain the normalized remainder (new with - * OpenSSL 0.9.7, previous versions of BN_mod_mul - * could generate negative results) - */ - BIO_puts(bp, " + "); - BN_print(bp, c); - } - BIO_puts(bp, " - "); - } - BN_print(bp, e); - BIO_puts(bp, "\n"); - } - BN_mul(d, a, b, ctx); - BN_sub(d, d, e); - BN_div(a, b, d, c, ctx); - if (!BN_is_zero(b)) { - fprintf(stderr, "Modulo multiply test failed!\n"); - ERR_print_errors_fp(stderr); - return 0; - } - } - } - BN_free(a); - BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return (1); -} - -int test_mod_exp(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_one(a); - BN_one(b); - BN_zero(c); - if (BN_mod_exp(d, a, b, c, ctx)) { - fprintf(stderr, "BN_mod_exp with zero modulus succeeded!\n"); - return 0; - } - - BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */ - for (i = 0; i < num2; i++) { - BN_bntest_rand(a, 20 + i * 5, 0, 0); - BN_bntest_rand(b, 2 + i, 0, 0); - - if (!BN_mod_exp(d, a, b, c, ctx)) - return (0); - - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " ^ "); - BN_print(bp, b); - BIO_puts(bp, " % "); - BN_print(bp, c); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - } - BN_exp(e, a, b, ctx); - BN_sub(e, e, d); - BN_div(a, b, e, c, ctx); - if (!BN_is_zero(b)) { - fprintf(stderr, "Modulo exponentiation test failed!\n"); - return 0; - } - } - - /* Regression test for carry propagation bug in sqr8x_reduction */ - BN_hex2bn(&a, "050505050505"); - BN_hex2bn(&b, "02"); - BN_hex2bn(&c, - "4141414141414141414141274141414141414141414141414141414141414141" - "4141414141414141414141414141414141414141414141414141414141414141" - "4141414141414141414141800000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000000000000" - "0000000000000000000000000000000000000000000000000000000001"); - BN_mod_exp(d, a, b, c, ctx); - BN_mul(e, a, a, ctx); - if (BN_cmp(d, e)) { - fprintf(stderr, "BN_mod_exp and BN_mul produce different results!\n"); - return 0; - } + if (!TEST_BN_eq(c, d)) + goto err; - BN_free(a); + /* Regression test for carry bug in sqr[x]8x_mont */ + parse_bigBN(&n, bn1strings); + parse_bigBN(&a, bn2strings); BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return (1); -} - -int test_mod_exp_mont_consttime(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - - BN_one(a); - BN_one(b); - BN_zero(c); - if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) { - fprintf(stderr, "BN_mod_exp_mont_consttime with zero modulus " - "succeeded\n"); - return 0; - } - - BN_set_word(c, 16); - if (BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) { - fprintf(stderr, "BN_mod_exp_mont_consttime with even modulus " - "succeeded\n"); - return 0; - } + b = BN_dup(a); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_mul_montgomery(c, a, a, mont, ctx); + BN_mod_mul_montgomery(d, a, b, mont, ctx); + if (!TEST_BN_eq(c, d)) + goto err; - BN_bntest_rand(c, 30, 0, 1); /* must be odd for montgomery */ - for (i = 0; i < num2; i++) { - BN_bntest_rand(a, 20 + i * 5, 0, 0); - BN_bntest_rand(b, 2 + i, 0, 0); - - if (!BN_mod_exp_mont_consttime(d, a, b, c, ctx, NULL)) - return (00); - - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " ^ "); - BN_print(bp, b); - BIO_puts(bp, " % "); - BN_print(bp, c); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - } - BN_exp(e, a, b, ctx); - BN_sub(e, e, d); - BN_div(a, b, e, c, ctx); - if (!BN_is_zero(b)) { - fprintf(stderr, "Modulo exponentiation test failed!\n"); - return 0; - } + /* Regression test for carry bug in bn_sqrx8x_internal */ + { + static const char *ahex[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8FFEADBCFC4DAE7FFF908E92820306B", + "9544D954000000006C0000000000000000000000000000000000000000000000", + "00000000000000000000FF030202FFFFF8FFEBDBCFC4DAE7FFF908E92820306B", + "9544D954000000006C000000FF0302030000000000FFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF01FC00FF02FFFFFFFF", + "00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00FCFD", + "FCFFFFFFFFFF000000000000000000FF0302030000000000FFFFFFFFFFFFFFFF", + "FF00FCFDFDFF030202FF00000000FFFFFFFFFFFFFFFFFF00FCFDFCFFFFFFFFFF", + NULL + }; + static const char *nhex[] = { + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8F8F8F8000000", + "00000010000000006C0000000000000000000000000000000000000000000000", + "00000000000000000000000000000000000000FFFFFFFFFFFFF8F8F8F8000000", + "00000010000000006C000000000000000000000000FFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "FFFFFFFFFFFF000000000000000000000000000000000000FFFFFFFFFFFFFFFF", + "FFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + NULL + }; + + parse_bigBN(&a, ahex); + parse_bigBN(&n, nhex); } - BN_free(a); BN_free(b); - BN_free(c); - BN_free(d); - BN_free(e); - return (1); -} + b = BN_dup(a); + BN_MONT_CTX_set(mont, n, ctx); + if (!TEST_true(BN_mod_mul_montgomery(c, a, a, mont, ctx)) + || !TEST_true(BN_mod_mul_montgomery(d, a, b, mont, ctx)) + || !TEST_BN_eq(c, d)) + goto err; -/* - * Test constant-time modular exponentiation with 1024-bit inputs, which on - * x86_64 cause a different code branch to be taken. - */ -int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *p, *m, *d, *e; - BN_MONT_CTX *mont; + /* Regression test for bug in BN_from_montgomery_word */ + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"); + BN_MONT_CTX_set(mont, n, ctx); + if (!TEST_false(BN_mod_mul_montgomery(d, a, a, mont, ctx))) + goto err; - a = BN_new(); - p = BN_new(); - m = BN_new(); - d = BN_new(); - e = BN_new(); - mont = BN_MONT_CTX_new(); + /* Regression test for bug in rsaz_1024_mul_avx2 */ + BN_hex2bn(&a, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020DF"); + BN_hex2bn(&b, + "2020202020202020202020202020202020202020202020202020202020202020" + "2020202020202020202020202020202020202020202020202020202020202020" + "20202020202020FF202020202020202020202020202020202020202020202020" + "2020202020202020202020202020202020202020202020202020202020202020"); + BN_hex2bn(&n, + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2020202020FF"); + BN_MONT_CTX_set(mont, n, ctx); + BN_mod_exp_mont_consttime(c, a, b, n, ctx, mont); + BN_mod_exp_mont(d, a, b, n, ctx, mont); + if (!TEST_BN_eq(c, d)) + goto err; - BN_bntest_rand(m, 1024, 0, 1); /* must be odd for montgomery */ - /* Zero exponent */ - BN_bntest_rand(a, 1024, 0, 0); - BN_zero(p); - if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) - return 0; - if (!BN_is_one(d)) { - fprintf(stderr, "Modular exponentiation test failed!\n"); - return 0; - } /* Zero input */ BN_bntest_rand(p, 1024, 0, 0); BN_zero(a); - if (!BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) - return 0; - if (!BN_is_zero(d)) { - fprintf(stderr, "Modular exponentiation test failed!\n"); - return 0; - } + if (!TEST_true(BN_mod_exp_mont_consttime(d, a, p, m, ctx, NULL)) + || !TEST_BN_eq_zero(d)) + goto err; + /* * Craft an input whose Montgomery representation is 1, i.e., shorter * than the modulus m, in order to test the const time precomputation @@ -1166,149 +533,96 @@ int test_mod_exp_mont5(BIO *bp, BN_CTX *ctx) */ BN_one(a); BN_MONT_CTX_set(mont, m, ctx); - if (!BN_from_montgomery(e, a, mont, ctx)) - return 0; - if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) - return 0; - if (!BN_mod_exp_simple(a, e, p, m, ctx)) - return 0; - if (BN_cmp(a, d) != 0) { - fprintf(stderr, "Modular exponentiation test failed!\n"); - return 0; - } + if (!TEST_true(BN_from_montgomery(e, a, mont, ctx)) + || !TEST_true(BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) + || !TEST_true(BN_mod_exp_simple(a, e, p, m, ctx)) + || !TEST_BN_eq(a, d)) + goto err; + /* Finally, some regular test vectors. */ BN_bntest_rand(e, 1024, 0, 0); - if (!BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) - return 0; - if (!BN_mod_exp_simple(a, e, p, m, ctx)) - return 0; - if (BN_cmp(a, d) != 0) { - fprintf(stderr, "Modular exponentiation test failed!\n"); - return 0; - } + if (!TEST_true(BN_mod_exp_mont_consttime(d, e, p, m, ctx, NULL)) + || !TEST_true(BN_mod_exp_simple(a, e, p, m, ctx)) + || !TEST_BN_eq(a, d)) + goto err; + + st = 1; + +err: BN_MONT_CTX_free(mont); BN_free(a); BN_free(p); BN_free(m); BN_free(d); BN_free(e); - return (1); -} - -int test_exp(BIO *bp, BN_CTX *ctx) -{ - BIGNUM *a, *b, *d, *e, *one; - int i; - - a = BN_new(); - b = BN_new(); - d = BN_new(); - e = BN_new(); - one = BN_new(); - BN_one(one); - - for (i = 0; i < num2; i++) { - BN_bntest_rand(a, 20 + i * 5, 0, 0); - BN_bntest_rand(b, 2 + i, 0, 0); - - if (BN_exp(d, a, b, ctx) <= 0) - return (0); - - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " ^ "); - BN_print(bp, b); - BIO_puts(bp, " - "); - } - BN_print(bp, d); - BIO_puts(bp, "\n"); - } - BN_one(e); - for (; !BN_is_zero(b); BN_sub(b, b, one)) - BN_mul(e, e, a, ctx); - BN_sub(e, e, d); - if (!BN_is_zero(e)) { - fprintf(stderr, "Exponentiation test failed!\n"); - return 0; - } - } - BN_free(a); BN_free(b); - BN_free(d); - BN_free(e); - BN_free(one); - return (1); + BN_free(n); + BN_free(c); + return st; } #ifndef OPENSSL_NO_EC2M -int test_gf2m_add(BIO *bp) +static int test_gf2m_add(void) { - BIGNUM *a, *b, *c; - int i, ret = 0; + BIGNUM *a = NULL, *b = NULL, *c = NULL; + int i, st = 0; - a = BN_new(); - b = BN_new(); - c = BN_new(); + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new())) + goto err; - for (i = 0; i < num0; i++) { - BN_rand(a, 512, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); + for (i = 0; i < NUM0; i++) { + BN_rand(a, 512, 0, 0); BN_copy(b, BN_value_one()); - a->neg = rand_neg(); - b->neg = rand_neg(); + BN_set_negative(a, rand_neg()); + BN_set_negative(b, rand_neg()); BN_GF2m_add(c, a, b); /* Test that two added values have the correct parity. */ - if ((BN_is_odd(a) && BN_is_odd(c)) - || (!BN_is_odd(a) && !BN_is_odd(c))) { - fprintf(stderr, "GF(2^m) addition test (a) failed!\n"); + if (!TEST_false((BN_is_odd(a) && BN_is_odd(c)) + || (!BN_is_odd(a) && !BN_is_odd(c)))) goto err; - } BN_GF2m_add(c, c, c); /* Test that c + c = 0. */ - if (!BN_is_zero(c)) { - fprintf(stderr, "GF(2^m) addition test (b) failed!\n"); + if (!TEST_BN_eq_zero(c)) goto err; - } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b); BN_free(c); - return ret; + return st; } -int test_gf2m_mod(BIO *bp) +static int test_gf2m_mod(void) { - BIGNUM *a, *b[2], *c, *d, *e; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL, *e = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 1024, 0, 0); for (j = 0; j < 2; j++) { BN_GF2m_mod(c, a, b[j]); BN_GF2m_add(d, a, c); BN_GF2m_mod(e, d, b[j]); /* Test that a + (a mod p) mod p == 0. */ - if (!BN_is_zero(e)) { - fprintf(stderr, "GF(2^m) modulo test failed!\n"); + if (!TEST_BN_eq_zero(e)) goto err; - } } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); @@ -1316,30 +630,30 @@ int test_gf2m_mod(BIO *bp) BN_free(c); BN_free(d); BN_free(e); - return ret; + return st; } -int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx) +static int test_gf2m_mul(void) { - BIGNUM *a, *b[2], *c, *d, *e, *f, *g, *h; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - f = BN_new(); - g = BN_new(); - h = BN_new(); + BIGNUM *a, *b[2] = {NULL, NULL}, *c = NULL, *d = NULL; + BIGNUM *e = NULL, *f = NULL, *g = NULL, *h = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(f = BN_new()) + || !TEST_ptr(g = BN_new()) + || !TEST_ptr(h = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 1024, 0, 0); BN_bntest_rand(c, 1024, 0, 0); BN_bntest_rand(d, 1024, 0, 0); @@ -1351,14 +665,12 @@ int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx) BN_GF2m_add(f, e, g); BN_GF2m_add(f, f, h); /* Test that (a+d)*c = a*c + d*c. */ - if (!BN_is_zero(f)) { - fprintf(stderr, - "GF(2^m) modular multiplication test failed!\n"); + if (!TEST_BN_eq_zero(f)) goto err; - } } } - ret = 1; + st = 1; + err: BN_free(a); BN_free(b[0]); @@ -1369,26 +681,25 @@ int test_gf2m_mod_mul(BIO *bp, BN_CTX *ctx) BN_free(f); BN_free(g); BN_free(h); - return ret; + return st; } -int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx) +static int test_gf2m_sqr(void) { - BIGNUM *a, *b[2], *c, *d; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 1024, 0, 0); for (j = 0; j < 2; j++) { BN_GF2m_mod_sqr(c, a, b[j], ctx); @@ -1396,79 +707,74 @@ int test_gf2m_mod_sqr(BIO *bp, BN_CTX *ctx) BN_GF2m_mod_mul(d, a, d, b[j], ctx); BN_GF2m_add(d, c, d); /* Test that a*a = a^2. */ - if (!BN_is_zero(d)) { - fprintf(stderr, "GF(2^m) modular squaring test failed!\n"); + if (!TEST_BN_eq_zero(d)) goto err; - } } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); BN_free(b[1]); BN_free(c); BN_free(d); - return ret; + return st; } -int test_gf2m_mod_inv(BIO *bp, BN_CTX *ctx) +static int test_gf2m_modinv(void) { - BIGNUM *a, *b[2], *c, *d; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 512, 0, 0); for (j = 0; j < 2; j++) { BN_GF2m_mod_inv(c, a, b[j], ctx); BN_GF2m_mod_mul(d, a, c, b[j], ctx); /* Test that ((1/a)*a) = 1. */ - if (!BN_is_one(d)) { - fprintf(stderr, "GF(2^m) modular inversion test failed!\n"); + if (!TEST_BN_eq_one(d)) goto err; - } } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); BN_free(b[1]); BN_free(c); BN_free(d); - return ret; + return st; } -int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx) +static int test_gf2m_moddiv(void) { - BIGNUM *a, *b[2], *c, *d, *e, *f; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - f = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; + BIGNUM *e = NULL, *f = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(f = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 512, 0, 0); BN_bntest_rand(c, 512, 0, 0); for (j = 0; j < 2; j++) { @@ -1476,13 +782,11 @@ int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx) BN_GF2m_mod_mul(e, d, c, b[j], ctx); BN_GF2m_mod_div(f, a, e, b[j], ctx); /* Test that ((a/c)*c)/a = 1. */ - if (!BN_is_one(f)) { - fprintf(stderr, "GF(2^m) modular division test failed!\n"); + if (!TEST_BN_eq_one(f)) goto err; - } } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); @@ -1491,28 +795,28 @@ int test_gf2m_mod_div(BIO *bp, BN_CTX *ctx) BN_free(d); BN_free(e); BN_free(f); - return ret; + return st; } -int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx) +static int test_gf2m_modexp(void) { - BIGNUM *a, *b[2], *c, *d, *e, *f; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - f = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; + BIGNUM *e = NULL, *f = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(f = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 512, 0, 0); BN_bntest_rand(c, 512, 0, 0); BN_bntest_rand(d, 512, 0, 0); @@ -1524,14 +828,11 @@ int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx) BN_GF2m_mod_exp(f, a, f, b[j], ctx); BN_GF2m_add(f, e, f); /* Test that a^(c+d)=a^c*a^d. */ - if (!BN_is_zero(f)) { - fprintf(stderr, - "GF(2^m) modular exponentiation test failed!\n"); + if (!TEST_BN_eq_zero(f)) goto err; - } } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); @@ -1540,28 +841,28 @@ int test_gf2m_mod_exp(BIO *bp, BN_CTX *ctx) BN_free(d); BN_free(e); BN_free(f); - return ret; + return st; } -int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx) +static int test_gf2m_modsqrt(void) { - BIGNUM *a, *b[2], *c, *d, *e, *f; - int i, j, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - f = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; + BIGNUM *e = NULL, *f = NULL; + int i, j, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(f = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 512, 0, 0); for (j = 0; j < 2; j++) { BN_GF2m_mod(c, a, b[j]); @@ -1569,13 +870,11 @@ int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx) BN_GF2m_mod_sqr(e, d, b[j], ctx); BN_GF2m_add(f, c, e); /* Test that d^2 = a, where d = sqrt(a). */ - if (!BN_is_zero(f)) { - fprintf(stderr, "GF(2^m) modular square root test failed!\n"); + if (!TEST_BN_eq_zero(f)) goto err; - } } } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); @@ -1584,27 +883,27 @@ int test_gf2m_mod_sqrt(BIO *bp, BN_CTX *ctx) BN_free(d); BN_free(e); BN_free(f); - return ret; + return st; } -int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx) +static int test_gf2m_modsolvequad(void) { - BIGNUM *a, *b[2], *c, *d, *e; - int i, j, s = 0, t, ret = 0; - int p0[] = { 163, 7, 6, 3, 0, -1 }; - int p1[] = { 193, 15, 0, -1 }; - - a = BN_new(); - b[0] = BN_new(); - b[1] = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); + BIGNUM *a = NULL, *b[2] = {NULL,NULL}, *c = NULL, *d = NULL; + BIGNUM *e = NULL; + int i, j, s = 0, t, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b[0] = BN_new()) + || !TEST_ptr(b[1] = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new()) + || !TEST_ptr(e = BN_new())) + goto err; BN_GF2m_arr2poly(p0, b[0]); BN_GF2m_arr2poly(p1, b[1]); - for (i = 0; i < num0; i++) { + for (i = 0; i < NUM0; i++) { BN_bntest_rand(a, 512, 0, 0); for (j = 0; j < 2; j++) { t = BN_GF2m_mod_solve_quad(c, a, b[j], ctx); @@ -1617,24 +916,16 @@ int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx) /* * Test that solution of quadratic c satisfies c^2 + c = a. */ - if (!BN_is_zero(e)) { - fprintf(stderr, - "GF(2^m) modular solve quadratic test failed!\n"); + if (!TEST_BN_eq_zero(e)) goto err; - } - } } } - if (s == 0) { - fprintf(stderr, - "All %i tests of GF(2^m) modular solve quadratic resulted in no roots;\n", - num0); - fprintf(stderr, - "this is very unlikely and probably indicates an error.\n"); + if (!TEST_int_ge(s, 0)) { + TEST_info("%d tests found no roots; probably an error", NUM0); goto err; } - ret = 1; + st = 1; err: BN_free(a); BN_free(b[0]); @@ -1642,43 +933,21 @@ int test_gf2m_mod_solve_quad(BIO *bp, BN_CTX *ctx) BN_free(c); BN_free(d); BN_free(e); - return ret; + return st; } #endif -static int genprime_cb(int p, int n, BN_GENCB *arg) -{ - char c = '*'; - - if (p == 0) - c = '.'; - if (p == 1) - c = '+'; - if (p == 2) - c = '*'; - if (p == 3) - c = '\n'; - putc(c, stderr); - fflush(stderr); - return 1; -} -int test_kron(BIO *bp, BN_CTX *ctx) +static int test_kronecker(void) { - BN_GENCB cb; - BIGNUM *a, *b, *r, *t; - int i; - int legendre, kronecker; - int ret = 0; + BIGNUM *a = NULL, *b = NULL, *r = NULL, *t = NULL; + int i, legendre, kronecker, st = 0; - a = BN_new(); - b = BN_new(); - r = BN_new(); - t = BN_new(); - if (a == NULL || b == NULL || r == NULL || t == NULL) + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(r = BN_new()) + || !TEST_ptr(t = BN_new())) goto err; - BN_GENCB_set(&cb, genprime_cb, NULL); - /* * We test BN_kronecker(a, b, ctx) just for b odd (Jacobi symbol). In * this case we know that if b is prime, then BN_kronecker(a, b, ctx) is @@ -1689,406 +958,1330 @@ int test_kron(BIO *bp, BN_CTX *ctx) * is prime but whether BN_kronecker works.) */ - if (!BN_generate_prime_ex(b, 512, 0, NULL, NULL, &cb)) + if (!TEST_true(BN_generate_prime_ex(b, 512, 0, NULL, NULL, NULL))) goto err; - b->neg = rand_neg(); - putc('\n', stderr); + BN_set_negative(b, rand_neg()); - for (i = 0; i < num0; i++) { - if (!BN_bntest_rand(a, 512, 0, 0)) + for (i = 0; i < NUM0; i++) { + if (!TEST_true(BN_bntest_rand(a, 512, 0, 0))) goto err; - a->neg = rand_neg(); + BN_set_negative(a, rand_neg()); /* t := (|b|-1)/2 (note that b is odd) */ - if (!BN_copy(t, b)) + if (!TEST_true(BN_copy(t, b))) goto err; - t->neg = 0; - if (!BN_sub_word(t, 1)) + BN_set_negative(t, 0); + if (!TEST_true(BN_sub_word(t, 1))) goto err; - if (!BN_rshift1(t, t)) + if (!TEST_true(BN_rshift1(t, t))) goto err; /* r := a^t mod b */ - b->neg = 0; + BN_set_negative(b, 0); - if (!BN_mod_exp_recp(r, a, t, b, ctx)) + if (!TEST_true(BN_mod_exp_recp(r, a, t, b, ctx))) goto err; - b->neg = 1; + BN_set_negative(b, 1); if (BN_is_word(r, 1)) legendre = 1; else if (BN_is_zero(r)) legendre = 0; else { - if (!BN_add_word(r, 1)) + if (!TEST_true(BN_add_word(r, 1))) goto err; - if (0 != BN_ucmp(r, b)) { - fprintf(stderr, "Legendre symbol computation failed\n"); + if (!TEST_int_eq(BN_ucmp(r, b), 0)) { + TEST_info("Legendre symbol computation failed"); goto err; } legendre = -1; } - kronecker = BN_kronecker(a, b, ctx); - if (kronecker < -1) + if (!TEST_int_ge(kronecker = BN_kronecker(a, b, ctx), -1)) goto err; /* we actually need BN_kronecker(a, |b|) */ - if (a->neg && b->neg) + if (BN_is_negative(a) && BN_is_negative(b)) kronecker = -kronecker; - if (legendre != kronecker) { - fprintf(stderr, "legendre != kronecker; a = "); - BN_print_fp(stderr, a); - fprintf(stderr, ", b = "); - BN_print_fp(stderr, b); - fprintf(stderr, "\n"); + if (!TEST_int_eq(legendre, kronecker)) goto err; - } - - putc('.', stderr); - fflush(stderr); } - putc('\n', stderr); - fflush(stderr); - ret = 1; + st = 1; err: BN_free(a); BN_free(b); BN_free(r); BN_free(t); - return ret; + return st; } -int test_sqrt(BIO *bp, BN_CTX *ctx) +static int file_sum(STANZA *s) { - BN_GENCB cb; - BIGNUM *a, *p, *r; - int i, j; - int ret = 0; + BIGNUM *a = NULL, *b = NULL, *sum = NULL, *ret = NULL; + BN_ULONG b_word; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(b = getBN(s, "B")) + || !TEST_ptr(sum = getBN(s, "Sum")) + || !TEST_ptr(ret = BN_new())) + goto err; - a = BN_new(); - p = BN_new(); - r = BN_new(); - if (a == NULL || p == NULL || r == NULL) + if (!TEST_true(BN_add(ret, a, b)) + || !equalBN("A + B", sum, ret) + || !TEST_true(BN_sub(ret, sum, a)) + || !equalBN("Sum - A", b, ret) + || !TEST_true(BN_sub(ret, sum, b)) + || !equalBN("Sum - B", a, ret)) goto err; - BN_GENCB_set(&cb, genprime_cb, NULL); + /* + * Test that the functions work when |r| and |a| point to the same BIGNUM, + * or when |r| and |b| point to the same BIGNUM. + * TODO: Test where all of |r|, |a|, and |b| point to the same BIGNUM. + */ + if (!TEST_true(BN_copy(ret, a)) + || !TEST_true(BN_add(ret, ret, b)) + || !equalBN("A + B (r is a)", sum, ret) + || !TEST_true(BN_copy(ret, b)) + || !TEST_true(BN_add(ret, a, ret)) + || !equalBN("A + B (r is b)", sum, ret) + || !TEST_true(BN_copy(ret, sum)) + || !TEST_true(BN_sub(ret, ret, a)) + || !equalBN("Sum - A (r is a)", b, ret) + || !TEST_true(BN_copy(ret, a)) + || !TEST_true(BN_sub(ret, sum, ret)) + || !equalBN("Sum - A (r is b)", b, ret) + || !TEST_true(BN_copy(ret, sum)) + || !TEST_true(BN_sub(ret, ret, b)) + || !equalBN("Sum - B (r is a)", a, ret) + || !TEST_true(BN_copy(ret, b)) + || !TEST_true(BN_sub(ret, sum, ret)) + || !equalBN("Sum - B (r is b)", a, ret)) + goto err; - for (i = 0; i < 16; i++) { - if (i < 8) { - unsigned primes[8] = { 2, 3, 5, 7, 11, 13, 17, 19 }; + /* + * Test BN_uadd() and BN_usub() with the prerequisites they are + * documented as having. Note that these functions are frequently used + * when the prerequisites don't hold. In those cases, they are supposed + * to work as if the prerequisite hold, but we don't test that yet. + * TODO: test that. + */ + if (!BN_is_negative(a) && !BN_is_negative(b) && BN_cmp(a, b) >= 0) { + if (!TEST_true(BN_uadd(ret, a, b)) + || !equalBN("A +u B", sum, ret) + || !TEST_true(BN_usub(ret, sum, a)) + || !equalBN("Sum -u A", b, ret) + || !TEST_true(BN_usub(ret, sum, b)) + || !equalBN("Sum -u B", a, ret)) + goto err; + /* + * Test that the functions work when |r| and |a| point to the same + * BIGNUM, or when |r| and |b| point to the same BIGNUM. + * TODO: Test where all of |r|, |a|, and |b| point to the same BIGNUM. + */ + if (!TEST_true(BN_copy(ret, a)) + || !TEST_true(BN_uadd(ret, ret, b)) + || !equalBN("A +u B (r is a)", sum, ret) + || !TEST_true(BN_copy(ret, b)) + || !TEST_true(BN_uadd(ret, a, ret)) + || !equalBN("A +u B (r is b)", sum, ret) + || !TEST_true(BN_copy(ret, sum)) + || !TEST_true(BN_usub(ret, ret, a)) + || !equalBN("Sum -u A (r is a)", b, ret) + || !TEST_true(BN_copy(ret, a)) + || !TEST_true(BN_usub(ret, sum, ret)) + || !equalBN("Sum -u A (r is b)", b, ret) + || !TEST_true(BN_copy(ret, sum)) + || !TEST_true(BN_usub(ret, ret, b)) + || !equalBN("Sum -u B (r is a)", a, ret) + || !TEST_true(BN_copy(ret, b)) + || !TEST_true(BN_usub(ret, sum, ret)) + || !equalBN("Sum -u B (r is b)", a, ret)) + goto err; + } - if (!BN_set_word(p, primes[i])) - goto err; - } else { - if (!BN_set_word(a, 32)) - goto err; - if (!BN_set_word(r, 2 * i + 1)) - goto err; + /* + * Test with BN_add_word() and BN_sub_word() if |b| is small enough. + */ + b_word = BN_get_word(b); + if (!BN_is_negative(b) && b_word != (BN_ULONG)-1) { + if (!TEST_true(BN_copy(ret, a)) + || !TEST_true(BN_add_word(ret, b_word)) + || !equalBN("A + B (word)", sum, ret) + || !TEST_true(BN_copy(ret, sum)) + || !TEST_true(BN_sub_word(ret, b_word)) + || !equalBN("Sum - B (word)", a, ret)) + goto err; + } + st = 1; - if (!BN_generate_prime_ex(p, 256, 0, a, r, &cb)) - goto err; - putc('\n', stderr); - } - p->neg = rand_neg(); - - for (j = 0; j < num2; j++) { - /* - * construct 'a' such that it is a square modulo p, but in - * general not a proper square and not reduced modulo p - */ - if (!BN_bntest_rand(r, 256, 0, 3)) - goto err; - if (!BN_nnmod(r, r, p, ctx)) - goto err; - if (!BN_mod_sqr(r, r, p, ctx)) - goto err; - if (!BN_bntest_rand(a, 256, 0, 3)) - goto err; - if (!BN_nnmod(a, a, p, ctx)) - goto err; - if (!BN_mod_sqr(a, a, p, ctx)) - goto err; - if (!BN_mul(a, a, r, ctx)) - goto err; - if (rand_neg()) - if (!BN_sub(a, a, p)) - goto err; +err: + BN_free(a); + BN_free(b); + BN_free(sum); + BN_free(ret); + return st; +} - if (!BN_mod_sqrt(r, a, p, ctx)) - goto err; - if (!BN_mod_sqr(r, r, p, ctx)) - goto err; +static int file_lshift1(STANZA *s) +{ + BIGNUM *a = NULL, *lshift1 = NULL, *zero = NULL, *ret = NULL; + BIGNUM *two = NULL, *remainder = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(lshift1 = getBN(s, "LShift1")) + || !TEST_ptr(zero = BN_new()) + || !TEST_ptr(ret = BN_new()) + || !TEST_ptr(two = BN_new()) + || !TEST_ptr(remainder = BN_new())) + goto err; - if (!BN_nnmod(a, a, p, ctx)) - goto err; + BN_zero(zero); + + if (!TEST_true(BN_set_word(two, 2)) + || !TEST_true(BN_add(ret, a, a)) + || !equalBN("A + A", lshift1, ret) + || !TEST_true(BN_mul(ret, a, two, ctx)) + || !equalBN("A * 2", lshift1, ret) + || !TEST_true(BN_div(ret, remainder, lshift1, two, ctx)) + || !equalBN("LShift1 / 2", a, ret) + || !equalBN("LShift1 % 2", zero, remainder) + || !TEST_true(BN_lshift1(ret, a)) + || !equalBN("A << 1", lshift1, ret) + || !TEST_true(BN_rshift1(ret, lshift1)) + || !equalBN("LShift >> 1", a, ret) + || !TEST_true(BN_rshift1(ret, lshift1)) + || !equalBN("LShift >> 1", a, ret)) + goto err; - if (BN_cmp(a, r) != 0) { - fprintf(stderr, "BN_mod_sqrt failed: a = "); - BN_print_fp(stderr, a); - fprintf(stderr, ", r = "); - BN_print_fp(stderr, r); - fprintf(stderr, ", p = "); - BN_print_fp(stderr, p); - fprintf(stderr, "\n"); - goto err; - } + /* Set the LSB to 1 and test rshift1 again. */ + if (!TEST_true(BN_set_bit(lshift1, 0)) + || !TEST_true(BN_div(ret, NULL /* rem */ , lshift1, two, ctx)) + || !equalBN("(LShift1 | 1) / 2", a, ret) + || !TEST_true(BN_rshift1(ret, lshift1)) + || !equalBN("(LShift | 1) >> 1", a, ret)) + goto err; - putc('.', stderr); - fflush(stderr); - } + st = 1; +err: + BN_free(a); + BN_free(lshift1); + BN_free(zero); + BN_free(ret); + BN_free(two); + BN_free(remainder); - putc('\n', stderr); - fflush(stderr); - } - ret = 1; - err: + return st; +} + +static int file_lshift(STANZA *s) +{ + BIGNUM *a = NULL, *lshift = NULL, *ret = NULL; + int n = 0, st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(lshift = getBN(s, "LShift")) + || !TEST_ptr(ret = BN_new()) + || !getint(s, &n, "N")) + goto err; + + if (!TEST_true(BN_lshift(ret, a, n)) + || !equalBN("A << N", lshift, ret) + || !TEST_true(BN_rshift(ret, lshift, n)) + || !equalBN("A >> N", a, ret)) + goto err; + + st = 1; +err: BN_free(a); - BN_free(p); - BN_free(r); - return ret; + BN_free(lshift); + BN_free(ret); + return st; } -int test_small_prime(BIO *bp, BN_CTX *ctx) +static int file_rshift(STANZA *s) { - static const int bits = 10; - int ret = 0; - BIGNUM *r; + BIGNUM *a = NULL, *rshift = NULL, *ret = NULL; + int n = 0, st = 0; - r = BN_new(); - if (!BN_generate_prime_ex(r, bits, 0, NULL, NULL, NULL)) + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(rshift = getBN(s, "RShift")) + || !TEST_ptr(ret = BN_new()) + || !getint(s, &n, "N")) goto err; - if (BN_num_bits(r) != bits) { - BIO_printf(bp, "Expected %d bit prime, got %d bit number\n", bits, - BN_num_bits(r)); + + if (!TEST_true(BN_rshift(ret, a, n)) + || !equalBN("A >> N", rshift, ret)) goto err; - } - ret = 1; + /* If N == 1, try with rshift1 as well */ + if (n == 1) { + if (!TEST_true(BN_rshift1(ret, a)) + || !equalBN("A >> 1 (rshift1)", rshift, ret)) + goto err; + } + st = 1; - err: - BN_clear_free(r); - return ret; +err: + BN_free(a); + BN_free(rshift); + BN_free(ret); + return st; } -int test_bn2dec(BIO *bp) +static int file_square(STANZA *s) { - static const char *bn2dec_tests[] = { - "0", - "1", - "-1", - "100", - "-100", - "123456789012345678901234567890", - "-123456789012345678901234567890", - "123456789012345678901234567890123456789012345678901234567890", - "-123456789012345678901234567890123456789012345678901234567890", - }; - int ret = 0; - size_t i; - BIGNUM *bn = NULL; - char *dec = NULL; + BIGNUM *a = NULL, *square = NULL, *zero = NULL, *ret = NULL; + BIGNUM *remainder = NULL, *tmp = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(square = getBN(s, "Square")) + || !TEST_ptr(zero = BN_new()) + || !TEST_ptr(ret = BN_new()) + || !TEST_ptr(remainder = BN_new())) + goto err; - for (i = 0; i < OSSL_NELEM(bn2dec_tests); i++) { - if (!BN_dec2bn(&bn, bn2dec_tests[i])) - goto err; + BN_zero(zero); + if (!TEST_true(BN_sqr(ret, a, ctx)) + || !equalBN("A^2", square, ret) + || !TEST_true(BN_mul(ret, a, a, ctx)) + || !equalBN("A * A", square, ret) + || !TEST_true(BN_div(ret, remainder, square, a, ctx)) + || !equalBN("Square / A", a, ret) + || !equalBN("Square % A", zero, remainder)) + goto err; - dec = BN_bn2dec(bn); - if (dec == NULL) { - fprintf(stderr, "BN_bn2dec failed on %s.\n", bn2dec_tests[i]); +#if HAVE_BN_SQRT + BN_set_negative(a, 0); + if (!TEST_true(BN_sqrt(ret, square, ctx)) + || !equalBN("sqrt(Square)", a, ret)) + goto err; + + /* BN_sqrt should fail on non-squares and negative numbers. */ + if (!TEST_BN_eq_zero(square)) { + if (!TEST_ptr(tmp = BN_new()) + || !TEST_true(BN_copy(tmp, square))) goto err; - } + BN_set_negative(tmp, 1); - if (strcmp(dec, bn2dec_tests[i]) != 0) { - fprintf(stderr, "BN_bn2dec gave %s, wanted %s.\n", dec, - bn2dec_tests[i]); + if (!TEST_int_eq(BN_sqrt(ret, tmp, ctx), 0)) goto err; - } + ERR_clear_error(); - OPENSSL_free(dec); - dec = NULL; + BN_set_negative(tmp, 0); + if (BN_add(tmp, tmp, BN_value_one())) + goto err; + if (!TEST_int_eq(BN_sqrt(ret, tmp, ctx))) + goto err; + ERR_clear_error(); } +#endif - ret = 1; + st = 1; +err: + BN_free(a); + BN_free(square); + BN_free(zero); + BN_free(ret); + BN_free(remainder); + BN_free(tmp); + return st; +} + +static int file_product(STANZA *s) +{ + BIGNUM *a = NULL, *b = NULL, *product = NULL, *ret = NULL; + BIGNUM *remainder = NULL, *zero = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(b = getBN(s, "B")) + || !TEST_ptr(product = getBN(s, "Product")) + || !TEST_ptr(ret = BN_new()) + || !TEST_ptr(remainder = BN_new()) + || !TEST_ptr(zero = BN_new())) + goto err; + + BN_zero(zero); + + if (!TEST_true(BN_mul(ret, a, b, ctx)) + || !equalBN("A * B", product, ret) + || !TEST_true(BN_div(ret, remainder, product, a, ctx)) + || !equalBN("Product / A", b, ret) + || !equalBN("Product % A", zero, remainder) + || !TEST_true(BN_div(ret, remainder, product, b, ctx)) + || !equalBN("Product / B", a, ret) + || !equalBN("Product % B", zero, remainder)) + goto err; + st = 1; err: - BN_free(bn); - OPENSSL_free(dec); - return ret; + BN_free(a); + BN_free(b); + BN_free(product); + BN_free(ret); + BN_free(remainder); + BN_free(zero); + return st; } -int test_lshift(BIO *bp, BN_CTX *ctx, BIGNUM *a_) +static int file_quotient(STANZA *s) { - BIGNUM *a, *b, *c, *d; - int i; - - b = BN_new(); - c = BN_new(); - d = BN_new(); - BN_one(c); - - if (a_) - a = a_; - else { - a = BN_new(); - BN_bntest_rand(a, 200, 0, 0); - a->neg = rand_neg(); - } - for (i = 0; i < num0; i++) { - BN_lshift(b, a, i + 1); - BN_add(c, c, c); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * "); - BN_print(bp, c); - BIO_puts(bp, " - "); - } - BN_print(bp, b); - BIO_puts(bp, "\n"); + BIGNUM *a = NULL, *b = NULL, *quotient = NULL, *remainder = NULL; + BIGNUM *ret = NULL, *ret2 = NULL, *nnmod = NULL; + BN_ULONG b_word, ret_word; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(b = getBN(s, "B")) + || !TEST_ptr(quotient = getBN(s, "Quotient")) + || !TEST_ptr(remainder = getBN(s, "Remainder")) + || !TEST_ptr(ret = BN_new()) + || !TEST_ptr(ret2 = BN_new()) + || !TEST_ptr(nnmod = BN_new())) + goto err; + + if (!TEST_true(BN_div(ret, ret2, a, b, ctx)) + || !equalBN("A / B", quotient, ret) + || !equalBN("A % B", remainder, ret2) + || !TEST_true(BN_mul(ret, quotient, b, ctx)) + || !TEST_true(BN_add(ret, ret, remainder)) + || !equalBN("Quotient * B + Remainder", a, ret)) + goto err; + + /* + * Test with BN_mod_word() and BN_div_word() if the divisor is + * small enough. + */ + b_word = BN_get_word(b); + if (!BN_is_negative(b) && b_word != (BN_ULONG)-1) { + BN_ULONG remainder_word = BN_get_word(remainder); + + assert(remainder_word != (BN_ULONG)-1); + if (!TEST_ptr(BN_copy(ret, a))) + goto err; + ret_word = BN_div_word(ret, b_word); + if (ret_word != remainder_word) { +#ifdef BN_DEC_FMT1 + TEST_error( + "Got A %% B (word) = " BN_DEC_FMT1 ", wanted " BN_DEC_FMT1, + ret_word, remainder_word); +#else + TEST_error("Got A %% B (word) mismatch"); +#endif + goto err; } - BN_mul(d, a, c, ctx); - BN_sub(d, d, b); - if (!BN_is_zero(d)) { - fprintf(stderr, "Left shift test failed!\n"); - fprintf(stderr, "a="); - BN_print_fp(stderr, a); - fprintf(stderr, "\nb="); - BN_print_fp(stderr, b); - fprintf(stderr, "\nc="); - BN_print_fp(stderr, c); - fprintf(stderr, "\nd="); - BN_print_fp(stderr, d); - fprintf(stderr, "\n"); - return 0; + if (!equalBN ("A / B (word)", quotient, ret)) + goto err; + + ret_word = BN_mod_word(a, b_word); + if (ret_word != remainder_word) { +#ifdef BN_DEC_FMT1 + TEST_error( + "Got A %% B (word) = " BN_DEC_FMT1 ", wanted " BN_DEC_FMT1 "", + ret_word, remainder_word); +#else + TEST_error("Got A %% B (word) mismatch"); +#endif + goto err; } } + + /* Test BN_nnmod. */ + if (!BN_is_negative(b)) { + if (!TEST_true(BN_copy(nnmod, remainder)) + || (BN_is_negative(nnmod) + && !TEST_true(BN_add(nnmod, nnmod, b))) + || !TEST_true(BN_nnmod(ret, a, b, ctx)) + || !equalBN("A % B (non-negative)", nnmod, ret)) + goto err; + } + + st = 1; +err: BN_free(a); BN_free(b); - BN_free(c); - BN_free(d); - return (1); + BN_free(quotient); + BN_free(remainder); + BN_free(ret); + BN_free(ret2); + BN_free(nnmod); + return st; } -int test_lshift1(BIO *bp) +static int file_modmul(STANZA *s) { - BIGNUM *a, *b, *c; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - - BN_bntest_rand(a, 200, 0, 0); - a->neg = rand_neg(); - for (i = 0; i < num0; i++) { - BN_lshift1(b, a); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " * 2"); - BIO_puts(bp, " - "); - } - BN_print(bp, b); - BIO_puts(bp, "\n"); - } - BN_add(c, a, a); - BN_sub(a, b, c); - if (!BN_is_zero(a)) { - fprintf(stderr, "Left shift one test failed!\n"); - return 0; - } + BIGNUM *a = NULL, *b = NULL, *m = NULL, *mod_mul = NULL, *ret = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(b = getBN(s, "B")) + || !TEST_ptr(m = getBN(s, "M")) + || !TEST_ptr(mod_mul = getBN(s, "ModMul")) + || !TEST_ptr(ret = BN_new())) + goto err; + + if (!TEST_true(BN_mod_mul(ret, a, b, m, ctx)) + || !equalBN("A * B (mod M)", mod_mul, ret)) + goto err; - BN_copy(a, b); + if (BN_is_odd(m)) { + /* Reduce |a| and |b| and test the Montgomery version. */ + BN_MONT_CTX *mont = BN_MONT_CTX_new(); + BIGNUM *a_tmp = BN_new(); + BIGNUM *b_tmp = BN_new(); + + if (mont == NULL || a_tmp == NULL || b_tmp == NULL + || !TEST_true(BN_MONT_CTX_set(mont, m, ctx)) + || !TEST_true(BN_nnmod(a_tmp, a, m, ctx)) + || !TEST_true(BN_nnmod(b_tmp, b, m, ctx)) + || !TEST_true(BN_to_montgomery(a_tmp, a_tmp, mont, ctx)) + || !TEST_true(BN_to_montgomery(b_tmp, b_tmp, mont, ctx)) + || !TEST_true(BN_mod_mul_montgomery(ret, a_tmp, b_tmp, + mont, ctx)) + || !TEST_true(BN_from_montgomery(ret, ret, mont, ctx)) + || !equalBN("A * B (mod M) (mont)", mod_mul, ret)) + st = 0; + else + st = 1; + BN_MONT_CTX_free(mont); + BN_free(a_tmp); + BN_free(b_tmp); + if (st == 0) + goto err; } + + st = 1; +err: BN_free(a); BN_free(b); - BN_free(c); - return (1); + BN_free(m); + BN_free(mod_mul); + BN_free(ret); + return st; } -int test_rshift(BIO *bp, BN_CTX *ctx) +static int file_modexp(STANZA *s) { - BIGNUM *a, *b, *c, *d, *e; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - d = BN_new(); - e = BN_new(); - BN_one(c); - - BN_bntest_rand(a, 200, 0, 0); - a->neg = rand_neg(); - for (i = 0; i < num0; i++) { - BN_rshift(b, a, i + 1); - BN_add(c, c, c); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / "); - BN_print(bp, c); - BIO_puts(bp, " - "); - } - BN_print(bp, b); - BIO_puts(bp, "\n"); - } - BN_div(d, e, a, c, ctx); - BN_sub(d, d, b); - if (!BN_is_zero(d)) { - fprintf(stderr, "Right shift test failed!\n"); - return 0; - } + BIGNUM *a = NULL, *e = NULL, *m = NULL, *mod_exp = NULL, *ret = NULL; + BIGNUM *b = NULL, *c = NULL, *d = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(e = getBN(s, "E")) + || !TEST_ptr(m = getBN(s, "M")) + || !TEST_ptr(mod_exp = getBN(s, "ModExp")) + || !TEST_ptr(ret = BN_new()) + || !TEST_ptr(d = BN_new())) + goto err; + + if (!TEST_true(BN_mod_exp(ret, a, e, m, ctx)) + || !equalBN("A ^ E (mod M)", mod_exp, ret)) + goto err; + + if (BN_is_odd(m)) { + if (!TEST_true(BN_mod_exp_mont(ret, a, e, m, ctx, NULL)) + || !equalBN("A ^ E (mod M) (mont)", mod_exp, ret) + || !TEST_true(BN_mod_exp_mont_consttime(ret, a, e, m, + ctx, NULL)) + || !equalBN("A ^ E (mod M) (mont const", mod_exp, ret)) + goto err; } + + /* Regression test for carry propagation bug in sqr8x_reduction */ + BN_hex2bn(&a, "050505050505"); + BN_hex2bn(&b, "02"); + BN_hex2bn(&c, + "4141414141414141414141274141414141414141414141414141414141414141" + "4141414141414141414141414141414141414141414141414141414141414141" + "4141414141414141414141800000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000001"); + if (!TEST_true(BN_mod_exp(d, a, b, c, ctx)) + || !TEST_true(BN_mul(e, a, a, ctx)) + || !TEST_BN_eq(d, e)) + goto err; + + st = 1; +err: BN_free(a); BN_free(b); BN_free(c); BN_free(d); BN_free(e); - return (1); + BN_free(m); + BN_free(mod_exp); + BN_free(ret); + return st; } -int test_rshift1(BIO *bp) +static int file_exp(STANZA *s) { - BIGNUM *a, *b, *c; - int i; - - a = BN_new(); - b = BN_new(); - c = BN_new(); - - BN_bntest_rand(a, 200, 0, 0); - a->neg = rand_neg(); - for (i = 0; i < num0; i++) { - BN_rshift1(b, a); - if (bp != NULL) { - if (!results) { - BN_print(bp, a); - BIO_puts(bp, " / 2"); - BIO_puts(bp, " - "); - } - BN_print(bp, b); - BIO_puts(bp, "\n"); - } - BN_sub(c, a, b); - BN_sub(c, c, b); - if (!BN_is_zero(c) && !BN_abs_is_word(c, 1)) { - fprintf(stderr, "Right shift one test failed!\n"); - return 0; + BIGNUM *a = NULL, *e = NULL, *exp = NULL, *ret = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(e = getBN(s, "E")) + || !TEST_ptr(exp = getBN(s, "Exp")) + || !TEST_ptr(ret = BN_new())) + goto err; + + if (!TEST_true(BN_exp(ret, a, e, ctx)) + || !equalBN("A ^ E", exp, ret)) + goto err; + + st = 1; +err: + BN_free(a); + BN_free(e); + BN_free(exp); + BN_free(ret); + return st; +} + +static int file_modsqrt(STANZA *s) +{ + BIGNUM *a = NULL, *p = NULL, *mod_sqrt = NULL, *ret = NULL, *ret2 = NULL; + int st = 0; + + if (!TEST_ptr(a = getBN(s, "A")) + || !TEST_ptr(p = getBN(s, "P")) + || !TEST_ptr(mod_sqrt = getBN(s, "ModSqrt")) + || !TEST_ptr(ret = BN_new()) + || !TEST_ptr(ret2 = BN_new())) + goto err; + + /* There are two possible answers. */ + if (!TEST_true(BN_mod_sqrt(ret, a, p, ctx)) + || !TEST_true(BN_sub(ret2, p, ret))) + goto err; + + /* The first condition should NOT be a test. */ + if (BN_cmp(ret2, mod_sqrt) != 0 + && !equalBN("sqrt(A) (mod P)", mod_sqrt, ret)) + goto err; + + st = 1; +err: + BN_free(a); + BN_free(p); + BN_free(mod_sqrt); + BN_free(ret); + BN_free(ret2); + return st; +} + +static int test_bn2padded(void) +{ +#if HAVE_BN_PADDED + uint8_t zeros[256], out[256], reference[128]; + BIGNUM *n = BN_new(); + int st = 0; + + /* Test edge case at 0. */ + if (n == NULL) + goto err; + if (!TEST_true(BN_bn2bin_padded(NULL, 0, n))) + goto err; + memset(out, -1, sizeof(out)); + if (!TEST_true(BN_bn2bin_padded(out, sizeof(out)), n)) + goto err; + memset(zeros, 0, sizeof(zeros)); + if (!TEST_mem_eq(zeros, sizeof(zeros), out, sizeof(out))) + goto err; + + /* Test a random numbers at various byte lengths. */ + for (size_t bytes = 128 - 7; bytes <= 128; bytes++) { +#define TOP_BIT_ON 0 +#define BOTTOM_BIT_NOTOUCH 0 + if (!TEST_true(BN_rand(n, bytes * 8, TOP_BIT_ON, BOTTOM_BIT_NOTOUCH))) + goto err; + if (!TEST_int_eq(BN_num_bytes(n),A) bytes + || TEST_int_eq(BN_bn2bin(n, reference), bytes)) + goto err; + /* Empty buffer should fail. */ + if (!TEST_int_eq(BN_bn2bin_padded(NULL, 0, n)), 0) + goto err; + /* One byte short should fail. */ + if (BN_bn2bin_padded(out, bytes - 1, n)) + goto err; + /* Exactly right size should encode. */ + if (!TEST_true(BN_bn2bin_padded(out, bytes, n)) + || TEST_mem_eq(out, bytes, reference, bytes)) + goto err; + /* Pad up one byte extra. */ + if (!TEST_true(BN_bn2bin_padded(out, bytes + 1, n)) + || !TEST_mem_eq(out + 1, bytes, reference, bytes) + || !TEST_mem_eq(out, 1, zeros, 1)) + goto err; + /* Pad up to 256. */ + if (!TEST_true(BN_bn2bin_padded(out, sizeof(out)), n) + || !TEST_mem_eq(out + sizeof(out) - bytes, bytes, + reference, bytes) + || !TEST_mem_eq(out, sizseof(out) - bytes, + zeros, sizeof(out) - bytes)) + goto err; + } + + st = 1; +err: + BN_free(n); + return st; +#else + return ctx != NULL; +#endif +} + +static int test_dec2bn(void) +{ + BIGNUM *bn = NULL; + int st = 0; + + if (!TEST_int_eq(parsedecBN(&bn, "0"), 1) + || !TEST_BN_eq_word(bn, 0) + || !TEST_BN_eq_zero(bn) + || !TEST_BN_le_zero(bn) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parsedecBN(&bn, "256"), 3) + || !TEST_BN_eq_word(bn, 256) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_gt_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parsedecBN(&bn, "-42"), 3) + || !TEST_BN_abs_eq_word(bn, 42) + || !TEST_BN_lt_zero(bn) + || !TEST_BN_le_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parsedecBN(&bn, "1"), 1) + || !TEST_BN_eq_word(bn, 1) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_gt_zero(bn) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_eq_one(bn) + || !TEST_BN_odd(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parsedecBN(&bn, "-0"), 2) + || !TEST_BN_eq_zero(bn) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_le_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parsedecBN(&bn, "42trailing garbage is ignored"), 2) + || !TEST_BN_abs_eq_word(bn, 42) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_gt_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_even(bn)) + goto err; + + st = 1; +err: + BN_free(bn); + return st; +} + +static int test_hex2bn(void) +{ + BIGNUM *bn = NULL; + int st = 0; + + if (!TEST_int_eq(parseBN(&bn, "0"), 1) + || !TEST_BN_eq_zero(bn) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parseBN(&bn, "256"), 3) + || !TEST_BN_eq_word(bn, 0x256) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_gt_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parseBN(&bn, "-42"), 3) + || !TEST_BN_abs_eq_word(bn, 0x42) + || !TEST_BN_lt_zero(bn) + || !TEST_BN_le_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parseBN(&bn, "cb"), 2) + || !TEST_BN_eq_word(bn, 0xCB) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_gt_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_odd(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parseBN(&bn, "-0"), 2) + || !TEST_BN_eq_zero(bn) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_le_zero(bn) + || !TEST_BN_even(bn)) + goto err; + BN_free(bn); + bn = NULL; + + if (!TEST_int_eq(parseBN(&bn, "abctrailing garbage is ignored"), 3) + || !TEST_BN_eq_word(bn, 0xabc) + || !TEST_BN_ge_zero(bn) + || !TEST_BN_gt_zero(bn) + || !TEST_BN_ne_zero(bn) + || !TEST_BN_even(bn)) + goto err; + st = 1; + +err: + BN_free(bn); + return st; +} + +static int test_asc2bn(void) +{ + BIGNUM *bn = NULL; + int st = 0; + + if (!TEST_ptr(bn = BN_new())) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "0")) + || !TEST_BN_eq_zero(bn) + || !TEST_BN_ge_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "256")) + || !TEST_BN_eq_word(bn, 256) + || !TEST_BN_ge_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "-42")) + || !TEST_BN_abs_eq_word(bn, 42) + || !TEST_BN_lt_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "0x1234")) + || !TEST_BN_eq_word(bn, 0x1234) + || !TEST_BN_ge_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "0X1234")) + || !TEST_BN_eq_word(bn, 0x1234) + || !TEST_BN_ge_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "-0xabcd")) + || !TEST_BN_abs_eq_word(bn, 0xabcd) + || !TEST_BN_lt_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "-0")) + || !TEST_BN_eq_zero(bn) + || !TEST_BN_ge_zero(bn)) + goto err; + + if (!TEST_true(BN_asc2bn(&bn, "123trailing garbage is ignored")) + || !TEST_BN_eq_word(bn, 123) + || !TEST_BN_ge_zero(bn)) + goto err; + + st = 1; +err: + BN_free(bn); + return st; +} + +static const MPITEST kMPITests[] = { + {"0", "\x00\x00\x00\x00", 4}, + {"1", "\x00\x00\x00\x01\x01", 5}, + {"-1", "\x00\x00\x00\x01\x81", 5}, + {"128", "\x00\x00\x00\x02\x00\x80", 6}, + {"256", "\x00\x00\x00\x02\x01\x00", 6}, + {"-256", "\x00\x00\x00\x02\x81\x00", 6}, +}; + +static int test_mpi(int i) +{ + uint8_t scratch[8]; + const MPITEST *test = &kMPITests[i]; + size_t mpi_len, mpi_len2; + BIGNUM *bn = NULL; + BIGNUM *bn2 = NULL; + int st = 0; + + if (!TEST_ptr(bn = BN_new()) + || !TEST_true(BN_asc2bn(&bn, test->base10))) + goto err; + mpi_len = BN_bn2mpi(bn, NULL); + if (!TEST_size_t_le(mpi_len, sizeof(scratch))) + goto err; + + if (!TEST_size_t_eq(mpi_len2 = BN_bn2mpi(bn, scratch), mpi_len) + || !TEST_mem_eq(test->mpi, test->mpi_len, scratch, mpi_len)) + goto err; + + if (!TEST_ptr(bn2 = BN_mpi2bn(scratch, mpi_len, NULL))) + goto err; + + if (!TEST_BN_eq(bn, bn2)) { + BN_free(bn2); + goto err; + } + BN_free(bn2); + + st = 1; +err: + BN_free(bn); + return st; +} + +static int test_rand(void) +{ + BIGNUM *bn = NULL; + int st = 0; + + if (!TEST_ptr(bn = BN_new())) + return 0; + + /* Test BN_rand for degenerate cases with |top| and |bottom| parameters. */ + if (!TEST_false(BN_rand(bn, 0, 0 /* top */ , 0 /* bottom */ )) + || !TEST_false(BN_rand(bn, 0, 1 /* top */ , 1 /* bottom */ )) + || !TEST_true(BN_rand(bn, 1, 0 /* top */ , 0 /* bottom */ )) + || !TEST_BN_eq_one(bn) + || !TEST_false(BN_rand(bn, 1, 1 /* top */ , 0 /* bottom */ )) + || !TEST_true(BN_rand(bn, 1, -1 /* top */ , 1 /* bottom */ )) + || !TEST_BN_eq_one(bn) + || !TEST_true(BN_rand(bn, 2, 1 /* top */ , 0 /* bottom */ )) + || !TEST_BN_eq_word(bn, 3)) + goto err; + + st = 1; +err: + BN_free(bn); + return st; +} + +static int test_negzero(void) +{ + BIGNUM *a = NULL, *b = NULL, *c = NULL, *d = NULL; + BIGNUM *numerator = NULL, *denominator = NULL; + int consttime, st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(c = BN_new()) + || !TEST_ptr(d = BN_new())) + goto err; + + /* Test that BN_mul never gives negative zero. */ + if (!TEST_true(BN_set_word(a, 1))) + goto err; + BN_set_negative(a, 1); + BN_zero(b); + if (!TEST_true(BN_mul(c, a, b, ctx))) + goto err; + if (!TEST_BN_eq_zero(c) + || !TEST_BN_ge_zero(c)) + goto err; + + for (consttime = 0; consttime < 2; consttime++) { + if (!TEST_ptr(numerator = BN_new()) + || !TEST_ptr(denominator = BN_new())) + goto err; + if (consttime) { + BN_set_flags(numerator, BN_FLG_CONSTTIME); + BN_set_flags(denominator, BN_FLG_CONSTTIME); } - BN_copy(a, b); + /* Test that BN_div never gives negative zero in the quotient. */ + if (!TEST_true(BN_set_word(numerator, 1)) + || !TEST_true(BN_set_word(denominator, 2))) + goto err; + BN_set_negative(numerator, 1); + if (!TEST_true(BN_div(a, b, numerator, denominator, ctx)) + || !TEST_BN_eq_zero(a) + || !TEST_BN_ge_zero(a)) + goto err; + + /* Test that BN_div never gives negative zero in the remainder. */ + if (!TEST_true(BN_set_word(denominator, 1)) + || !TEST_true(BN_div(a, b, numerator, denominator, ctx)) + || !TEST_BN_eq_zero(b) + || !TEST_BN_ge_zero(b)) + goto err; + BN_free(numerator); + BN_free(denominator); + numerator = denominator = NULL; } + + /* Test that BN_set_negative will not produce a negative zero. */ + BN_zero(a); + BN_set_negative(a, 1); + if (BN_is_negative(a)) + goto err; + st = 1; + +err: BN_free(a); BN_free(b); BN_free(c); - return (1); + BN_free(d); + BN_free(numerator); + BN_free(denominator); + return st; } -int rand_neg(void) +static int test_badmod(void) { - static unsigned int neg = 0; - static int sign[8] = { 0, 0, 0, 1, 1, 0, 1, 1 }; + BIGNUM *a = NULL, *b = NULL, *zero = NULL; + BN_MONT_CTX *mont = NULL; + int st = 0; + + if (!TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(zero = BN_new()) + || !TEST_ptr(mont = BN_MONT_CTX_new())) + goto err; + BN_zero(zero); + + if (!TEST_false(BN_div(a, b, BN_value_one(), zero, ctx))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_mod_mul(a, BN_value_one(), BN_value_one(), zero, ctx))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_mod_exp(a, BN_value_one(), BN_value_one(), zero, ctx))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_mod_exp_mont(a, BN_value_one(), BN_value_one(), + zero, ctx, NULL))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_mod_exp_mont_consttime(a, BN_value_one(), BN_value_one(), + zero, ctx, NULL))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_MONT_CTX_set(mont, zero, ctx))) + goto err; + ERR_clear_error(); + + /* Some operations also may not be used with an even modulus. */ + if (!TEST_true(BN_set_word(b, 16))) + goto err; - return (sign[(neg++) % 8]); + if (!TEST_false(BN_MONT_CTX_set(mont, b, ctx))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_mod_exp_mont(a, BN_value_one(), BN_value_one(), + b, ctx, NULL))) + goto err; + ERR_clear_error(); + + if (!TEST_false(BN_mod_exp_mont_consttime(a, BN_value_one(), BN_value_one(), + b, ctx, NULL))) + goto err; + ERR_clear_error(); + + st = 1; +err: + BN_free(a); + BN_free(b); + BN_free(zero); + BN_MONT_CTX_free(mont); + return st; +} + +static int test_expmodzero(void) +{ + BIGNUM *a = NULL, *r = NULL, *zero = NULL; + int st = 0; + + if (!TEST_ptr(zero = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(r = BN_new())) + goto err; + BN_zero(zero); + + if (!TEST_true(BN_mod_exp(r, a, zero, BN_value_one(), NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont(r, a, zero, BN_value_one(), + NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont_consttime(r, a, zero, + BN_value_one(), + NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont_word(r, 42, zero, + BN_value_one(), NULL, NULL)) + || !TEST_BN_eq_zero(r)) + goto err; + + st = 1; +err: + BN_free(zero); + BN_free(a); + BN_free(r); + return st; +} + +static int test_expmodone(void) +{ + int ret = 0, i; + BIGNUM *r = BN_new(); + BIGNUM *a = BN_new(); + BIGNUM *p = BN_new(); + BIGNUM *m = BN_new(); + + if (!TEST_ptr(r) + || !TEST_ptr(a) + || !TEST_ptr(p) + || !TEST_ptr(p) + || !TEST_ptr(m) + || !TEST_true(BN_set_word(a, 1)) + || !TEST_true(BN_set_word(p, 0)) + || !TEST_true(BN_set_word(m, 1))) + goto err; + + /* Calculate r = 1 ^ 0 mod 1, and check the result is always 0 */ + for (i = 0; i < 2; i++) { + if (!TEST_true(BN_mod_exp(r, a, p, m, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont(r, a, p, m, NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont_consttime(r, a, p, m, NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_mont_word(r, 1, p, m, NULL, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_simple(r, a, p, m, NULL)) + || !TEST_BN_eq_zero(r) + || !TEST_true(BN_mod_exp_recp(r, a, p, m, NULL)) + || !TEST_BN_eq_zero(r)) + goto err; + /* Repeat for r = 1 ^ 0 mod -1 */ + if (i == 0) + BN_set_negative(m, 1); + } + + ret = 1; +err: + BN_free(r); + BN_free(a); + BN_free(p); + BN_free(m); + return ret; +} + +static int test_smallprime(void) +{ + static const int kBits = 10; + BIGNUM *r; + int st = 0; + + if (!TEST_ptr(r = BN_new()) + || !TEST_true(BN_generate_prime_ex(r, (int)kBits, 0, + NULL, NULL, NULL)) + || !TEST_int_eq(BN_num_bits(r), kBits)) + goto err; + + st = 1; +err: + BN_free(r); + return st; +} + +static int primes[] = { 2, 3, 5, 7, 17863 }; + +static int test_is_prime(int i) +{ + int ret = 0; + BIGNUM *r = NULL; + int trial; + + if (!TEST_ptr(r = BN_new())) + goto err; + + for (trial = 0; trial <= 1; ++trial) { + if (!TEST_true(BN_set_word(r, primes[i])) + || !TEST_int_eq(BN_is_prime_fasttest_ex(r, 1, ctx, trial, NULL), + 1)) + goto err; + } + + ret = 1; +err: + BN_free(r); + return ret; +} + +static int not_primes[] = { -1, 0, 1, 4 }; + +static int test_not_prime(int i) +{ + int ret = 0; + BIGNUM *r = NULL; + int trial; + + if (!TEST_ptr(r = BN_new())) + goto err; + + for (trial = 0; trial <= 1; ++trial) { + if (!TEST_true(BN_set_word(r, not_primes[i])) + || !TEST_false(BN_is_prime_fasttest_ex(r, 1, ctx, trial, NULL))) + goto err; + } + + ret = 1; +err: + BN_free(r); + return ret; +} + +static int file_test_run(STANZA *s) +{ + static const FILETEST filetests[] = { + {"Sum", file_sum}, + {"LShift1", file_lshift1}, + {"LShift", file_lshift}, + {"RShift", file_rshift}, + {"Square", file_square}, + {"Product", file_product}, + {"Quotient", file_quotient}, + {"ModMul", file_modmul}, + {"ModExp", file_modexp}, + {"Exp", file_exp}, + {"ModSqrt", file_modsqrt}, + }; + int numtests = OSSL_NELEM(filetests); + const FILETEST *tp = filetests; + + for ( ; --numtests >= 0; tp++) { + if (findattr(s, tp->name) != NULL) { + if (!tp->func(s)) { + TEST_info("%s:%d: Failed %s test", + s->test_file, s->start, tp->name); + return 0; + } + return 1; + } + } + TEST_info("%s:%d: Unknown test", s->test_file, s->start); + return 0; +} + +static int run_file_tests(int i) +{ + STANZA *s = NULL; + char *testfile = test_get_argument(i); + int c; + + if (!TEST_ptr(s = OPENSSL_zalloc(sizeof(*s)))) + return 0; + if (!test_start_file(s, testfile)) { + OPENSSL_free(s); + return 0; + } + + /* Read test file. */ + while (!BIO_eof(s->fp) && test_readstanza(s)) { + if (s->numpairs == 0) + continue; + if (!file_test_run(s)) + s->errors++; + s->numtests++; + test_clearstanza(s); + } + test_end_file(s); + c = s->errors; + OPENSSL_free(s); + + return c == 0; +} + + +int setup_tests(void) +{ + int n = test_get_argument_count(); + + if (!TEST_ptr(ctx = BN_CTX_new())) + return 0; + + if (n == 0) { + ADD_TEST(test_sub); + ADD_TEST(test_div_recip); + ADD_TEST(test_mod); + ADD_TEST(test_modexp_mont5); + ADD_TEST(test_kronecker); + ADD_TEST(test_rand); + ADD_TEST(test_bn2padded); + ADD_TEST(test_dec2bn); + ADD_TEST(test_hex2bn); + ADD_TEST(test_asc2bn); + ADD_ALL_TESTS(test_mpi, (int)OSSL_NELEM(kMPITests)); + ADD_TEST(test_negzero); + ADD_TEST(test_badmod); + ADD_TEST(test_expmodzero); + ADD_TEST(test_expmodone); + ADD_TEST(test_smallprime); + ADD_TEST(test_swap); +#ifndef OPENSSL_NO_EC2M + ADD_TEST(test_gf2m_add); + ADD_TEST(test_gf2m_mod); + ADD_TEST(test_gf2m_mul); + ADD_TEST(test_gf2m_sqr); + ADD_TEST(test_gf2m_modinv); + ADD_TEST(test_gf2m_moddiv); + ADD_TEST(test_gf2m_modexp); + ADD_TEST(test_gf2m_modsqrt); + ADD_TEST(test_gf2m_modsolvequad); +#endif + ADD_ALL_TESTS(test_is_prime, (int)OSSL_NELEM(primes)); + ADD_ALL_TESTS(test_not_prime, (int)OSSL_NELEM(not_primes)); + } else { + ADD_ALL_TESTS(run_file_tests, n); + } + return 1; +} + +void cleanup_tests(void) +{ + BN_CTX_free(ctx); } diff --git a/deps/openssl/openssl/test/bntests.pl b/deps/openssl/openssl/test/bntests.pl new file mode 100755 index 0000000000..9adeaef177 --- /dev/null +++ b/deps/openssl/openssl/test/bntests.pl @@ -0,0 +1,156 @@ +#! /usr/bin/env perl +# Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Run the tests specified in bntests.txt, as a check against OpenSSL. +use strict; +use warnings; +use Math::BigInt; + +my $EXPECTED_FAILURES = 0; +my $failures = 0; + +sub bn +{ + my $x = shift; + my ($sign, $hex) = ($x =~ /^([+\-]?)(.*)$/); + + $hex = '0x' . $hex if $hex !~ /^0x/; + return Math::BigInt->from_hex($sign.$hex); +} + +sub evaluate +{ + my $lineno = shift; + my %s = @_; + + if ( defined $s{'Sum'} ) { + # Sum = A + B + my $sum = bn($s{'Sum'}); + my $a = bn($s{'A'}); + my $b = bn($s{'B'}); + return if $sum == $a + $b; + } elsif ( defined $s{'LShift1'} ) { + # LShift1 = A * 2 + my $lshift1 = bn($s{'LShift1'}); + my $a = bn($s{'A'}); + return if $lshift1 == $a->bmul(2); + } elsif ( defined $s{'LShift'} ) { + # LShift = A * 2**N + my $lshift = bn($s{'LShift'}); + my $a = bn($s{'A'}); + my $n = bn($s{'N'}); + return if $lshift == $a->blsft($n); + } elsif ( defined $s{'RShift'} ) { + # RShift = A / 2**N + my $rshift = bn($s{'RShift'}); + my $a = bn($s{'A'}); + my $n = bn($s{'N'}); + return if $rshift == $a->brsft($n); + } elsif ( defined $s{'Square'} ) { + # Square = A * A + my $square = bn($s{'Square'}); + my $a = bn($s{'A'}); + return if $square == $a->bmul($a); + } elsif ( defined $s{'Product'} ) { + # Product = A * B + my $product = bn($s{'Product'}); + my $a = bn($s{'A'}); + my $b = bn($s{'B'}); + return if $product == $a->bmul($b); + } elsif ( defined $s{'Quotient'} ) { + # Quotient = A / B + # Remainder = A - B * Quotient + my $quotient = bn($s{'Quotient'}); + my $remainder = bn($s{'Remainder'}); + my $a = bn($s{'A'}); + my $b = bn($s{'B'}); + + # First the remainder test. + $b->bmul($quotient); + my $rempassed = $remainder == $a->bsub($b) ? 1 : 0; + + # Math::BigInt->bdiv() is documented to do floored division, + # i.e. 1 / -4 = -1, while OpenSSL BN_div does truncated + # division, i.e. 1 / -4 = 0. We need to make the operation + # work like OpenSSL's BN_div to be able to verify. + $a = bn($s{'A'}); + $b = bn($s{'B'}); + my $neg = $a->is_neg() ? !$b->is_neg() : $b->is_neg(); + $a->babs(); + $b->babs(); + $a->bdiv($b); + $a->bneg() if $neg; + return if $rempassed && $quotient == $a; + } elsif ( defined $s{'ModMul'} ) { + # ModMul = (A * B) mod M + my $modmul = bn($s{'ModMul'}); + my $a = bn($s{'A'}); + my $b = bn($s{'B'}); + my $m = bn($s{'M'}); + $a->bmul($b); + return if $modmul == $a->bmod($m); + } elsif ( defined $s{'ModExp'} ) { + # ModExp = (A ** E) mod M + my $modexp = bn($s{'ModExp'}); + my $a = bn($s{'A'}); + my $e = bn($s{'E'}); + my $m = bn($s{'M'}); + return if $modexp == $a->bmodpow($e, $m); + } elsif ( defined $s{'Exp'} ) { + my $exp = bn($s{'Exp'}); + my $a = bn($s{'A'}); + my $e = bn($s{'E'}); + return if $exp == $a ** $e; + } elsif ( defined $s{'ModSqrt'} ) { + # (ModSqrt * ModSqrt) mod P = A mod P + my $modsqrt = bn($s{'ModSqrt'}); + my $a = bn($s{'A'}); + my $p = bn($s{'P'}); + $modsqrt->bmul($modsqrt); + $modsqrt->bmod($p); + $a->bmod($p); + return if $modsqrt == $a; + } else { + print "# Unknown test: "; + } + $failures++; + print "# #$failures Test (before line $lineno) failed\n"; + foreach ( keys %s ) { + print "$_ = $s{$_}\n"; + } + print "\n"; +} + +my $infile = shift || 'bntests.txt'; +die "No such file, $infile" unless -f $infile; +open my $IN, $infile || die "Can't read $infile, $!\n"; + +my %stanza = (); +my $l = 0; +while ( <$IN> ) { + $l++; + s|\R$||; + next if /^#/; + if ( /^$/ ) { + if ( keys %stanza ) { + evaluate($l, %stanza); + %stanza = (); + } + next; + } + # Parse 'key = value' + if ( ! /\s*([^\s]*)\s*=\s*(.*)\s*/ ) { + print "Skipping $_\n"; + next; + } + $stanza{$1} = $2; +}; +evaluate($l, %stanza) if keys %stanza; +die "Got $failures, expected $EXPECTED_FAILURES" + if $infile eq 'bntests.txt' and $failures != $EXPECTED_FAILURES; +close($IN) diff --git a/deps/openssl/openssl/test/build.info b/deps/openssl/openssl/test/build.info index 2367ab841a..b6bb711c8b 100644 --- a/deps/openssl/openssl/test/build.info +++ b/deps/openssl/openssl/test/build.info @@ -1,24 +1,56 @@ +{- + use File::Spec::Functions; + sub rebase_files + { + my ($base, $files) = @_; + return join(" ", map { "$base/$_" } split(/\s+/, $files)); + } + "" +-} IF[{- !$disabled{tests} -}] + LIBS_NO_INST=libtestutil.a + SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output_helpers.c \ + testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \ + testutil/format_output.c testutil/tap_bio.c \ + testutil/test_cleanup.c testutil/main.c testutil/init.c + INCLUDE[libtestutil.a]=../include + DEPEND[libtestutil.a]=../libcrypto + + # Special hack for descrip.mms to include the MAIN object module + # explicitly. This will only be done if there isn't a MAIN in the + # program's object modules already. + BEGINRAW[descrip.mms] +INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN + ENDRAW[descrip.mms] + PROGRAMS_NO_INST=\ versions \ - aborttest \ + aborttest test_test \ sanitytest rsa_complex exdatatest bntest \ - ectest ecdsatest gmdifftest pbelutest ideatest \ - md2test md4test md5test \ - hmactest wp_test \ + ectest ecstresstest ecdsatest gmdifftest pbelutest ideatest \ + md2test \ + hmactest \ rc2test rc4test rc5test \ - destest sha1test sha256t sha512t \ - mdc2test rmdtest \ - randtest dhtest enginetest casttest \ - bftest ssltest_old dsatest exptest rsa_test \ + destest mdc2test \ + dhtest enginetest casttest \ + bftest ssltest_old dsatest dsa_no_digest_size_test exptest rsa_test \ evp_test evp_extra_test igetest v3nametest v3ext \ - crltest danetest heartbeat_test p5_crpt2_test bad_dtls_test \ + crltest danetest bad_dtls_test lhash_test \ + conf_include_test \ constant_time_test verify_extra_test clienthellotest \ - packettest asynctest secmemtest srptest memleaktest \ + packettest asynctest secmemtest srptest memleaktest stack_test \ dtlsv1listentest ct_test threadstest afalgtest d2i_test \ ssl_test_ctx_test ssl_test x509aux cipherlist_test asynciotest \ + bio_callback_test \ bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \ - ocspapitest fatalerrtest x509_time_test x509_dup_cert_test errtest + pkey_meth_test pkey_meth_kdf_test uitest cipherbytes_test \ + asn1_encode_test asn1_decode_test asn1_string_table_test \ + x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \ + recordlentest drbgtest sslbuffertest \ + recordlentest drbgtest drbg_cavs_test sslbuffertest \ + time_offset_test pemtest ssl_cert_table_internal_test ciphername_test \ + servername_test ocspapitest rsa_mp_test fatalerrtest tls13ccstest \ + sysdefaulttest errtest gosttest SOURCE[versions]=versions.c INCLUDE[versions]=../include @@ -30,114 +62,90 @@ IF[{- !$disabled{tests} -}] SOURCE[sanitytest]=sanitytest.c INCLUDE[sanitytest]=../include - DEPEND[sanitytest]=../libcrypto + DEPEND[sanitytest]=../libcrypto libtestutil.a SOURCE[rsa_complex]=rsa_complex.c INCLUDE[rsa_complex]=../include + SOURCE[test_test]=test_test.c + INCLUDE[test_test]=../include + DEPEND[test_test]=../libcrypto libtestutil.a + SOURCE[exdatatest]=exdatatest.c INCLUDE[exdatatest]=../include - DEPEND[exdatatest]=../libcrypto + DEPEND[exdatatest]=../libcrypto libtestutil.a SOURCE[bntest]=bntest.c - INCLUDE[bntest]=.. ../crypto/include ../include - DEPEND[bntest]=../libcrypto + INCLUDE[bntest]=../include + DEPEND[bntest]=../libcrypto libtestutil.a SOURCE[ectest]=ectest.c INCLUDE[ectest]=../include - DEPEND[ectest]=../libcrypto + DEPEND[ectest]=../libcrypto libtestutil.a + + SOURCE[ecstresstest]=ecstresstest.c + INCLUDE[ecstresstest]=../include + DEPEND[ecstresstest]=../libcrypto libtestutil.a SOURCE[ecdsatest]=ecdsatest.c INCLUDE[ecdsatest]=../include - DEPEND[ecdsatest]=../libcrypto + DEPEND[ecdsatest]=../libcrypto libtestutil.a SOURCE[gmdifftest]=gmdifftest.c INCLUDE[gmdifftest]=../include - DEPEND[gmdifftest]=../libcrypto + DEPEND[gmdifftest]=../libcrypto libtestutil.a SOURCE[pbelutest]=pbelutest.c INCLUDE[pbelutest]=../include - DEPEND[pbelutest]=../libcrypto + DEPEND[pbelutest]=../libcrypto libtestutil.a SOURCE[ideatest]=ideatest.c INCLUDE[ideatest]=../include - DEPEND[ideatest]=../libcrypto + DEPEND[ideatest]=../libcrypto libtestutil.a SOURCE[md2test]=md2test.c INCLUDE[md2test]=../include - DEPEND[md2test]=../libcrypto - - SOURCE[md4test]=md4test.c - INCLUDE[md4test]=../include - DEPEND[md4test]=../libcrypto - - SOURCE[md5test]=md5test.c - INCLUDE[md5test]=../include - DEPEND[md5test]=../libcrypto + DEPEND[md2test]=../libcrypto libtestutil.a SOURCE[hmactest]=hmactest.c INCLUDE[hmactest]=../include - DEPEND[hmactest]=../libcrypto - - SOURCE[wp_test]=wp_test.c - INCLUDE[wp_test]=../include - DEPEND[wp_test]=../libcrypto + DEPEND[hmactest]=../libcrypto libtestutil.a SOURCE[rc2test]=rc2test.c INCLUDE[rc2test]=../include - DEPEND[rc2test]=../libcrypto + DEPEND[rc2test]=../libcrypto libtestutil.a SOURCE[rc4test]=rc4test.c INCLUDE[rc4test]=../include - DEPEND[rc4test]=../libcrypto + DEPEND[rc4test]=../libcrypto libtestutil.a SOURCE[rc5test]=rc5test.c INCLUDE[rc5test]=../include - DEPEND[rc5test]=../libcrypto + DEPEND[rc5test]=../libcrypto libtestutil.a SOURCE[destest]=destest.c INCLUDE[destest]=../include - DEPEND[destest]=../libcrypto - - SOURCE[sha1test]=sha1test.c - INCLUDE[sha1test]=../include - DEPEND[sha1test]=../libcrypto - - SOURCE[sha256t]=sha256t.c - INCLUDE[sha256t]=../include - DEPEND[sha256t]=../libcrypto - - SOURCE[sha512t]=sha512t.c - INCLUDE[sha512t]=../include - DEPEND[sha512t]=../libcrypto + DEPEND[destest]=../libcrypto libtestutil.a SOURCE[mdc2test]=mdc2test.c INCLUDE[mdc2test]=../include - DEPEND[mdc2test]=../libcrypto - - SOURCE[rmdtest]=rmdtest.c - INCLUDE[rmdtest]=../include - DEPEND[rmdtest]=../libcrypto - - SOURCE[randtest]=randtest.c - INCLUDE[randtest]=../include - DEPEND[randtest]=../libcrypto + DEPEND[mdc2test]=../libcrypto libtestutil.a SOURCE[dhtest]=dhtest.c INCLUDE[dhtest]=../include - DEPEND[dhtest]=../libcrypto + DEPEND[dhtest]=../libcrypto libtestutil.a SOURCE[enginetest]=enginetest.c INCLUDE[enginetest]=../include - DEPEND[enginetest]=../libcrypto + DEPEND[enginetest]=../libcrypto libtestutil.a SOURCE[casttest]=casttest.c INCLUDE[casttest]=../include - DEPEND[casttest]=../libcrypto + DEPEND[casttest]=../libcrypto libtestutil.a SOURCE[bftest]=bftest.c INCLUDE[bftest]=../include - DEPEND[bftest]=../libcrypto + DEPEND[bftest]=../libcrypto libtestutil.a SOURCE[ssltest_old]=ssltest_old.c INCLUDE[ssltest_old]=.. ../include @@ -145,178 +153,403 @@ IF[{- !$disabled{tests} -}] SOURCE[dsatest]=dsatest.c INCLUDE[dsatest]=../include - DEPEND[dsatest]=../libcrypto + DEPEND[dsatest]=../libcrypto libtestutil.a + + SOURCE[dsa_no_digest_size_test]=dsa_no_digest_size_test.c + INCLUDE[dsa_no_digest_size_test]=../include + DEPEND[dsa_no_digest_size_test]=../libcrypto libtestutil.a SOURCE[exptest]=exptest.c INCLUDE[exptest]=../include - DEPEND[exptest]=../libcrypto + DEPEND[exptest]=../libcrypto libtestutil.a SOURCE[rsa_test]=rsa_test.c - INCLUDE[rsa_test]=.. ../include - DEPEND[rsa_test]=../libcrypto + INCLUDE[rsa_test]=../include + DEPEND[rsa_test]=../libcrypto libtestutil.a + + SOURCE[rsa_mp_test]=rsa_mp_test.c + INCLUDE[rsa_mp_test]=../include + DEPEND[rsa_mp_test]=../libcrypto libtestutil.a + + SOURCE[fatalerrtest]=fatalerrtest.c ssltestlib.c + INCLUDE[fatalerrtest]=../include + DEPEND[fatalerrtest]=../libcrypto ../libssl libtestutil.a - SOURCE[fatalerrtest]=fatalerrtest.c ssltestlib.c testutil.c - INCLUDE[fatalerrtest]=../include .. - DEPEND[fatalerrtest]=../libcrypto ../libssl + SOURCE[tls13ccstest]=tls13ccstest.c ssltestlib.c + INCLUDE[tls13ccstest]=../include + DEPEND[tls13ccstest]=../libcrypto ../libssl libtestutil.a SOURCE[evp_test]=evp_test.c INCLUDE[evp_test]=../include - DEPEND[evp_test]=../libcrypto + DEPEND[evp_test]=../libcrypto libtestutil.a SOURCE[evp_extra_test]=evp_extra_test.c - INCLUDE[evp_extra_test]=../include - DEPEND[evp_extra_test]=../libcrypto + INCLUDE[evp_extra_test]=../include ../crypto/include + DEPEND[evp_extra_test]=../libcrypto libtestutil.a SOURCE[igetest]=igetest.c - INCLUDE[igetest]=.. ../include - DEPEND[igetest]=../libcrypto + INCLUDE[igetest]=../include + DEPEND[igetest]=../libcrypto libtestutil.a SOURCE[v3nametest]=v3nametest.c INCLUDE[v3nametest]=../include - DEPEND[v3nametest]=../libcrypto + DEPEND[v3nametest]=../libcrypto libtestutil.a - SOURCE[crltest]=crltest.c testutil.c + SOURCE[crltest]=crltest.c INCLUDE[crltest]=../include - DEPEND[crltest]=../libcrypto + DEPEND[crltest]=../libcrypto libtestutil.a SOURCE[v3ext]=v3ext.c INCLUDE[v3ext]=../include - DEPEND[v3ext]=../libcrypto + DEPEND[v3ext]=../libcrypto libtestutil.a SOURCE[danetest]=danetest.c INCLUDE[danetest]=../include - DEPEND[danetest]=../libcrypto ../libssl - - SOURCE[heartbeat_test]=heartbeat_test.c testutil.c - INCLUDE[heartbeat_test]=.. ../include - DEPEND[heartbeat_test]=../libcrypto ../libssl - - SOURCE[p5_crpt2_test]=p5_crpt2_test.c - INCLUDE[p5_crpt2_test]=../include - DEPEND[p5_crpt2_test]=../libcrypto + DEPEND[danetest]=../libcrypto ../libssl libtestutil.a SOURCE[constant_time_test]=constant_time_test.c - INCLUDE[constant_time_test]=.. ../include - DEPEND[constant_time_test]=../libcrypto + INCLUDE[constant_time_test]=../include + DEPEND[constant_time_test]=../libcrypto libtestutil.a SOURCE[verify_extra_test]=verify_extra_test.c INCLUDE[verify_extra_test]=../include - DEPEND[verify_extra_test]=../libcrypto + DEPEND[verify_extra_test]=../libcrypto libtestutil.a SOURCE[clienthellotest]=clienthellotest.c INCLUDE[clienthellotest]=../include - DEPEND[clienthellotest]=../libcrypto ../libssl + DEPEND[clienthellotest]=../libcrypto ../libssl libtestutil.a SOURCE[bad_dtls_test]=bad_dtls_test.c INCLUDE[bad_dtls_test]=../include - DEPEND[bad_dtls_test]=../libcrypto ../libssl + DEPEND[bad_dtls_test]=../libcrypto ../libssl libtestutil.a SOURCE[packettest]=packettest.c INCLUDE[packettest]=../include - DEPEND[packettest]=../libcrypto + DEPEND[packettest]=../libcrypto libtestutil.a SOURCE[asynctest]=asynctest.c - INCLUDE[asynctest]=.. ../include + INCLUDE[asynctest]=../include DEPEND[asynctest]=../libcrypto SOURCE[secmemtest]=secmemtest.c INCLUDE[secmemtest]=../include - DEPEND[secmemtest]=../libcrypto + DEPEND[secmemtest]=../libcrypto libtestutil.a SOURCE[srptest]=srptest.c INCLUDE[srptest]=../include - DEPEND[srptest]=../libcrypto + DEPEND[srptest]=../libcrypto libtestutil.a SOURCE[memleaktest]=memleaktest.c INCLUDE[memleaktest]=../include - DEPEND[memleaktest]=../libcrypto + DEPEND[memleaktest]=../libcrypto libtestutil.a + + SOURCE[stack_test]=stack_test.c + INCLUDE[stack_test]=../include + DEPEND[stack_test]=../libcrypto libtestutil.a + + SOURCE[lhash_test]=lhash_test.c + INCLUDE[lhash_test]=../include + DEPEND[lhash_test]=../libcrypto libtestutil.a SOURCE[dtlsv1listentest]=dtlsv1listentest.c - INCLUDE[dtlsv1listentest]=.. ../include - DEPEND[dtlsv1listentest]=../libssl + INCLUDE[dtlsv1listentest]=../include + DEPEND[dtlsv1listentest]=../libssl libtestutil.a - SOURCE[ct_test]=ct_test.c testutil.c - INCLUDE[ct_test]=../crypto/include ../include - DEPEND[ct_test]=../libcrypto + SOURCE[ct_test]=ct_test.c + INCLUDE[ct_test]=../include + DEPEND[ct_test]=../libcrypto libtestutil.a SOURCE[threadstest]=threadstest.c - INCLUDE[threadstest]=.. ../include - DEPEND[threadstest]=../libcrypto + INCLUDE[threadstest]=../include + DEPEND[threadstest]=../libcrypto libtestutil.a SOURCE[afalgtest]=afalgtest.c - INCLUDE[afalgtest]=.. ../include - DEPEND[afalgtest]=../libcrypto + INCLUDE[afalgtest]=../include + DEPEND[afalgtest]=../libcrypto libtestutil.a - SOURCE[d2i_test]=d2i_test.c testutil.c - INCLUDE[d2i_test]=.. ../include - DEPEND[d2i_test]=../libcrypto + SOURCE[d2i_test]=d2i_test.c + INCLUDE[d2i_test]=../include + DEPEND[d2i_test]=../libcrypto libtestutil.a - SOURCE[ssl_test_ctx_test]=ssl_test_ctx_test.c ssl_test_ctx.c testutil.c - INCLUDE[ssl_test_ctx_test]=.. ../include - DEPEND[ssl_test_ctx_test]=../libcrypto + SOURCE[ssl_test_ctx_test]=ssl_test_ctx_test.c ssl_test_ctx.c + INCLUDE[ssl_test_ctx_test]=../include + DEPEND[ssl_test_ctx_test]=../libcrypto ../libssl libtestutil.a - SOURCE[ssl_test]=ssl_test.c ssl_test_ctx.c testutil.c handshake_helper.c - INCLUDE[ssl_test]=.. ../include - DEPEND[ssl_test]=../libcrypto ../libssl + SOURCE[ssl_test]=ssl_test.c ssl_test_ctx.c handshake_helper.c + INCLUDE[ssl_test]=../include + DEPEND[ssl_test]=../libcrypto ../libssl libtestutil.a - SOURCE[cipherlist_test]=cipherlist_test.c testutil.c - INCLUDE[cipherlist_test]=.. ../include - DEPEND[cipherlist_test]=../libcrypto ../libssl + SOURCE[cipherlist_test]=cipherlist_test.c + INCLUDE[cipherlist_test]=../include + DEPEND[cipherlist_test]=../libcrypto ../libssl libtestutil.a - INCLUDE[testutil.o]=.. INCLUDE[ssl_test_ctx.o]=../include - INCLUDE[handshake_helper.o]=../include + INCLUDE[handshake_helper.o]=.. ../include INCLUDE[ssltestlib.o]=.. ../include SOURCE[x509aux]=x509aux.c INCLUDE[x509aux]=../include - DEPEND[x509aux]=../libcrypto + DEPEND[x509aux]=../libcrypto libtestutil.a SOURCE[asynciotest]=asynciotest.c ssltestlib.c INCLUDE[asynciotest]=../include - DEPEND[asynciotest]=../libcrypto ../libssl + DEPEND[asynciotest]=../libcrypto ../libssl libtestutil.a + + SOURCE[bio_callback_test]=bio_callback_test.c + INCLUDE[bio_callback_test]=../include + DEPEND[bio_callback_test]=../libcrypto libtestutil.a SOURCE[bioprinttest]=bioprinttest.c INCLUDE[bioprinttest]=../include - DEPEND[bioprinttest]=../libcrypto + DEPEND[bioprinttest]=../libcrypto libtestutil.a - SOURCE[sslapitest]=sslapitest.c ssltestlib.c testutil.c + SOURCE[sslapitest]=sslapitest.c ssltestlib.c INCLUDE[sslapitest]=../include .. - DEPEND[sslapitest]=../libcrypto ../libssl + DEPEND[sslapitest]=../libcrypto ../libssl libtestutil.a - SOURCE[ocspapitest]=ocspapitest.c testutil.c - INCLUDE[ocspapitest]=../include .. - DEPEND[ocspapitest]=../libcrypto + SOURCE[ocspapitest]=ocspapitest.c + INCLUDE[ocspapitest]=../include + DEPEND[ocspapitest]=../libcrypto libtestutil.a - SOURCE[dtlstest]=dtlstest.c ssltestlib.c testutil.c - INCLUDE[dtlstest]=../include . - DEPEND[dtlstest]=../libcrypto ../libssl + SOURCE[dtlstest]=dtlstest.c ssltestlib.c + INCLUDE[dtlstest]=../include + DEPEND[dtlstest]=../libcrypto ../libssl libtestutil.a - SOURCE[sslcorrupttest]=sslcorrupttest.c ssltestlib.c testutil.c - INCLUDE[sslcorrupttest]=../include . - DEPEND[sslcorrupttest]=../libcrypto ../libssl + SOURCE[sslcorrupttest]=sslcorrupttest.c ssltestlib.c + INCLUDE[sslcorrupttest]=../include + DEPEND[sslcorrupttest]=../libcrypto ../libssl libtestutil.a SOURCE[bio_enc_test]=bio_enc_test.c INCLUDE[bio_enc_test]=../include - DEPEND[bio_enc_test]=../libcrypto + DEPEND[bio_enc_test]=../libcrypto libtestutil.a + + SOURCE[pkey_meth_test]=pkey_meth_test.c + INCLUDE[pkey_meth_test]=../include + DEPEND[pkey_meth_test]=../libcrypto libtestutil.a + + SOURCE[pkey_meth_kdf_test]=pkey_meth_kdf_test.c + INCLUDE[pkey_meth_kdf_test]=../include + DEPEND[pkey_meth_kdf_test]=../libcrypto libtestutil.a + + SOURCE[x509_time_test]=x509_time_test.c + INCLUDE[x509_time_test]=../include + DEPEND[x509_time_test]=../libcrypto libtestutil.a + + SOURCE[recordlentest]=recordlentest.c ssltestlib.c + INCLUDE[recordlentest]=../include + DEPEND[recordlentest]=../libcrypto ../libssl libtestutil.a - SOURCE[x509_time_test]=x509_time_test.c testutil.c - INCLUDE[x509_time_test]=.. ../include - DEPEND[x509_time_test]=../libcrypto + SOURCE[drbgtest]=drbgtest.c + INCLUDE[drbgtest]=../include + DEPEND[drbgtest]=../libcrypto.a libtestutil.a + + SOURCE[drbg_cavs_test]=drbg_cavs_test.c drbg_cavs_data.c + INCLUDE[drbg_cavs_test]=../include . .. + DEPEND[drbg_cavs_test]=../libcrypto libtestutil.a SOURCE[x509_dup_cert_test]=x509_dup_cert_test.c INCLUDE[x509_dup_cert_test]=../include - DEPEND[x509_dup_cert_test]=../libcrypto + DEPEND[x509_dup_cert_test]=../libcrypto libtestutil.a + + SOURCE[x509_check_cert_pkey_test]=x509_check_cert_pkey_test.c + INCLUDE[x509_check_cert_pkey_test]=../include + DEPEND[x509_check_cert_pkey_test]=../libcrypto libtestutil.a + + SOURCE[pemtest]=pemtest.c + INCLUDE[pemtest]=../include + DEPEND[pemtest]=../libcrypto libtestutil.a + + SOURCE[ssl_cert_table_internal_test]=ssl_cert_table_internal_test.c + INCLUDE[ssl_cert_table_internal_test]=.. ../include + DEPEND[ssl_cert_table_internal_test]=../libcrypto libtestutil.a + + SOURCE[ciphername_test]=ciphername_test.c + INCLUDE[ciphername_test]=../include + DEPEND[ciphername_test]=../libcrypto ../libssl libtestutil.a + + SOURCE[servername_test]=servername_test.c ssltestlib.c + INCLUDE[servername_test]=../include + DEPEND[servername_test]=../libcrypto ../libssl libtestutil.a + + IF[{- !$disabled{cms} -}] + PROGRAMS_NO_INST=cmsapitest + SOURCE[cmsapitest]=cmsapitest.c + INCLUDE[cmsapitest]=../include + DEPEND[cmsapitest]=../libcrypto libtestutil.a + ENDIF + + IF[{- !$disabled{psk} -}] + PROGRAMS_NO_INST=dtls_mtu_test + SOURCE[dtls_mtu_test]=dtls_mtu_test.c ssltestlib.c + INCLUDE[dtls_mtu_test]=.. ../include + DEPEND[dtls_mtu_test]=../libcrypto ../libssl libtestutil.a + ENDIF IF[{- !$disabled{shared} -}] PROGRAMS_NO_INST=shlibloadtest SOURCE[shlibloadtest]=shlibloadtest.c - INCLUDE[shlibloadtest]=../include + INCLUDE[shlibloadtest]=../include ../crypto/include + DEPEND[shlibloadtest]=libtestutil.a + ENDIF + + IF[{- $disabled{shared} -}] + PROGRAMS_NO_INST=cipher_overhead_test + SOURCE[cipher_overhead_test]=cipher_overhead_test.c + INCLUDE[cipher_overhead_test]=.. ../include + DEPEND[cipher_overhead_test]=../libcrypto ../libssl libtestutil.a ENDIF - SOURCE[errtest]=errtest.c testutil.c + SOURCE[uitest]=uitest.c \ + {- rebase_files("../apps", + split(/\s+/, $target{apps_init_src})) -} + INCLUDE[uitest]=.. ../include ../apps + DEPEND[uitest]=../apps/libapps.a ../libcrypto ../libssl libtestutil.a + + SOURCE[cipherbytes_test]=cipherbytes_test.c + INCLUDE[cipherbytes_test]=../include + DEPEND[cipherbytes_test]=../libcrypto ../libssl libtestutil.a + + SOURCE[asn1_encode_test]=asn1_encode_test.c + INCLUDE[asn1_encode_test]=../include + DEPEND[asn1_encode_test]=../libcrypto libtestutil.a + + SOURCE[asn1_decode_test]=asn1_decode_test.c + INCLUDE[asn1_decode_test]=../include + DEPEND[asn1_decode_test]=../libcrypto libtestutil.a + + SOURCE[asn1_string_table_test]=asn1_string_table_test.c + INCLUDE[asn1_string_table_test]=../include + DEPEND[asn1_string_table_test]=../libcrypto libtestutil.a + + SOURCE[time_offset_test]=time_offset_test.c + INCLUDE[time_offset_test]=../include + DEPEND[time_offset_test]=../libcrypto libtestutil.a + + SOURCE[conf_include_test]=conf_include_test.c + INCLUDE[conf_include_test]=../include + DEPEND[conf_include_test]=../libcrypto libtestutil.a + + # Internal test programs. These are essentially a collection of internal + # test routines. Some of them need to reach internal symbols that aren't + # available through the shared library (at least on Linux, Solaris, Windows + # and VMS, where the exported symbols are those listed in util/*.num), these + # programs are forcibly linked with the static libraries, where all symbols + # are always available. + IF[1] + PROGRAMS_NO_INST=asn1_internal_test modes_internal_test x509_internal_test \ + tls13encryptiontest wpackettest ctype_internal_test \ + rdrand_sanitytest + IF[{- !$disabled{poly1305} -}] + PROGRAMS_NO_INST=poly1305_internal_test + ENDIF + IF[{- !$disabled{chacha} -}] + PROGRAMS_NO_INST=chacha_internal_test + ENDIF + IF[{- !$disabled{siphash} -}] + PROGRAMS_NO_INST=siphash_internal_test + ENDIF + IF[{- !$disabled{sm2} -}] + PROGRAMS_NO_INST=sm2_internal_test + ENDIF + IF[{- !$disabled{sm4} -}] + PROGRAMS_NO_INST=sm4_internal_test + ENDIF + IF[{- !$disabled{ec} -}] + PROGRAMS_NO_INST=curve448_internal_test + ENDIF + + SOURCE[poly1305_internal_test]=poly1305_internal_test.c + INCLUDE[poly1305_internal_test]=.. ../include ../crypto/include + DEPEND[poly1305_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[chacha_internal_test]=chacha_internal_test.c + INCLUDE[chacha_internal_test]=.. ../include ../crypto/include + DEPEND[chacha_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[asn1_internal_test]=asn1_internal_test.c + INCLUDE[asn1_internal_test]=.. ../include ../crypto/include + DEPEND[asn1_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[modes_internal_test]=modes_internal_test.c + INCLUDE[modes_internal_test]=.. ../include + DEPEND[modes_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[x509_internal_test]=x509_internal_test.c + INCLUDE[x509_internal_test]=.. ../include + DEPEND[x509_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[tls13encryptiontest]=tls13encryptiontest.c + INCLUDE[tls13encryptiontest]=.. ../include + DEPEND[tls13encryptiontest]=../libcrypto ../libssl.a libtestutil.a + + SOURCE[wpackettest]=wpackettest.c + INCLUDE[wpackettest]=../include + DEPEND[wpackettest]=../libcrypto ../libssl.a libtestutil.a + + SOURCE[ctype_internal_test]=ctype_internal_test.c + INCLUDE[ctype_internal_test]=.. ../crypto/include ../include + DEPEND[ctype_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[siphash_internal_test]=siphash_internal_test.c + INCLUDE[siphash_internal_test]=.. ../include ../crypto/include + DEPEND[siphash_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[sm2_internal_test]=sm2_internal_test.c + INCLUDE[sm2_internal_test]=../include ../crypto/include + DEPEND[sm2_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[sm4_internal_test]=sm4_internal_test.c + INCLUDE[sm4_internal_test]=.. ../include ../crypto/include + DEPEND[sm4_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[curve448_internal_test]=curve448_internal_test.c + INCLUDE[curve448_internal_test]=.. ../include ../crypto/ec/curve448 + DEPEND[curve448_internal_test]=../libcrypto.a libtestutil.a + + SOURCE[rdrand_sanitytest]=rdrand_sanitytest.c + INCLUDE[rdrand_sanitytest]=../include + DEPEND[rdrand_sanitytest]=../libcrypto.a libtestutil.a + ENDIF + + IF[{- !$disabled{mdc2} -}] + PROGRAMS_NO_INST=mdc2_internal_test + ENDIF + + SOURCE[mdc2_internal_test]=mdc2_internal_test.c + INCLUDE[mdc2_internal_test]=.. ../include + DEPEND[mdc2_internal_test]=../libcrypto libtestutil.a + + PROGRAMS_NO_INST=asn1_time_test + SOURCE[asn1_time_test]=asn1_time_test.c + INCLUDE[asn1_time_test]=../include + DEPEND[asn1_time_test]=../libcrypto libtestutil.a + + # We disable this test completely in a shared build because it deliberately + # redefines some internal libssl symbols. This doesn't work in a non-shared + # build + IF[{- !$disabled{shared} -}] + PROGRAMS_NO_INST=tls13secretstest + SOURCE[tls13secretstest]=tls13secretstest.c + SOURCE[tls13secretstest]= ../ssl/tls13_enc.c ../ssl/packet.c + INCLUDE[tls13secretstest]=.. ../include + DEPEND[tls13secretstest]=../libcrypto ../libssl libtestutil.a + ENDIF + + SOURCE[sslbuffertest]=sslbuffertest.c ssltestlib.c + INCLUDE[sslbuffertest]=../include + DEPEND[sslbuffertest]=../libcrypto ../libssl libtestutil.a + + SOURCE[sysdefaulttest]=sysdefaulttest.c + INCLUDE[sysdefaulttest]=../include + DEPEND[sysdefaulttest]=../libcrypto ../libssl libtestutil.a + + SOURCE[errtest]=errtest.c INCLUDE[errtest]=../include - DEPEND[errtest]=../libcrypto + DEPEND[errtest]=../libcrypto libtestutil.a + + SOURCE[gosttest]=gosttest.c ssltestlib.c + INCLUDE[gosttest]=../include .. + DEPEND[gosttest]=../libcrypto ../libssl libtestutil.a ENDIF {- @@ -325,8 +558,10 @@ ENDIF use OpenSSL::Glob; my @nogo_headers = ( "asn1_mac.h", + "opensslconf.h", "__decc_include_prologue.h", "__decc_include_epilogue.h" ); + my @nogo_headers_re = ( qr/.*err\.h/ ); my @headerfiles = glob catfile($sourcedir, updir(), "include", "openssl", "*.h"); @@ -334,6 +569,7 @@ ENDIF my $name = basename($headerfile, ".h"); next if $disabled{$name}; next if grep { $_ eq lc("$name.h") } @nogo_headers; + next if grep { lc("$name.h") =~ m/$_/i } @nogo_headers_re; $OUT .= <<"_____"; PROGRAMS_NO_INST=buildtest_$name diff --git a/deps/openssl/openssl/test/casttest.c b/deps/openssl/openssl/test/casttest.c index c2a0ab584c..179d7d56d3 100644 --- a/deps/openssl/openssl/test/casttest.c +++ b/deps/openssl/openssl/test/casttest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,21 +10,14 @@ #include <stdio.h> #include <string.h> #include <stdlib.h> -#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */ -#include "../e_os.h" +#include <openssl/opensslconf.h> /* To see if OPENSSL_NO_CAST is defined */ +#include "internal/nelem.h" +#include "testutil.h" -#ifdef OPENSSL_NO_CAST -int main(int argc, char *argv[]) -{ - printf("No CAST support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_CAST # include <openssl/cast.h> -# define FULL_TEST - static unsigned char k[16] = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A @@ -41,8 +34,6 @@ static unsigned char c[3][8] = { {0x7A, 0xC8, 0x16, 0xD1, 0x6E, 0x9B, 0x30, 0x2E}, }; -static unsigned char out[80]; - static unsigned char in_a[16] = { 0x01, 0x23, 0x45, 0x67, 0x12, 0x34, 0x56, 0x78, 0x23, 0x45, 0x67, 0x89, 0x34, 0x56, 0x78, 0x9A @@ -63,101 +54,59 @@ static unsigned char c_b[16] = { 0x80, 0xAC, 0x05, 0xB8, 0xE8, 0x3D, 0x69, 0x6E }; -int main(int argc, char *argv[]) +static int cast_test_vector(int z) { -# ifdef FULL_TEST - long l; - CAST_KEY key_b; -# endif - int i, z, err = 0; + int testresult = 1; CAST_KEY key; + unsigned char out[80]; + + CAST_set_key(&key, k_len[z], k); + CAST_ecb_encrypt(in, out, &key, CAST_ENCRYPT); + if (!TEST_mem_eq(out, sizeof(c[z]), c[z], sizeof(c[z]))) { + TEST_info("CAST_ENCRYPT iteration %d failed (len=%d)", z, k_len[z]); + testresult = 0; + } - for (z = 0; z < 3; z++) { - CAST_set_key(&key, k_len[z], k); - - CAST_ecb_encrypt(in, out, &key, CAST_ENCRYPT); - if (memcmp(out, &(c[z][0]), 8) != 0) { - printf("ecb cast error encrypting for keysize %d\n", - k_len[z] * 8); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", out[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", c[z][i]); - err = 20; - printf("\n"); - } - - CAST_ecb_encrypt(out, out, &key, CAST_DECRYPT); - if (memcmp(out, in, 8) != 0) { - printf("ecb cast error decrypting for keysize %d\n", - k_len[z] * 8); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", out[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", in[i]); - printf("\n"); - err = 3; - } + CAST_ecb_encrypt(out, out, &key, CAST_DECRYPT); + if (!TEST_mem_eq(out, sizeof(in), in, sizeof(in))) { + TEST_info("CAST_DECRYPT iteration %d failed (len=%d)", z, k_len[z]); + testresult = 0; } - if (err == 0) - printf("ecb cast5 ok\n"); - -# ifdef FULL_TEST - { - unsigned char out_a[16], out_b[16]; - static char *hex = "0123456789ABCDEF"; - - printf("This test will take some time...."); - fflush(stdout); - memcpy(out_a, in_a, sizeof(in_a)); - memcpy(out_b, in_b, sizeof(in_b)); - i = 1; - - for (l = 0; l < 1000000L; l++) { - CAST_set_key(&key_b, 16, out_b); - CAST_ecb_encrypt(&(out_a[0]), &(out_a[0]), &key_b, CAST_ENCRYPT); - CAST_ecb_encrypt(&(out_a[8]), &(out_a[8]), &key_b, CAST_ENCRYPT); - CAST_set_key(&key, 16, out_a); - CAST_ecb_encrypt(&(out_b[0]), &(out_b[0]), &key, CAST_ENCRYPT); - CAST_ecb_encrypt(&(out_b[8]), &(out_b[8]), &key, CAST_ENCRYPT); - if ((l & 0xffff) == 0xffff) { - printf("%c", hex[i & 0x0f]); - fflush(stdout); - i++; - } - } - - if ((memcmp(out_a, c_a, sizeof(c_a)) != 0) || - (memcmp(out_b, c_b, sizeof(c_b)) != 0)) { - printf("\n"); - printf("Error\n"); - - printf("A out ="); - for (i = 0; i < 16; i++) - printf("%02X ", out_a[i]); - printf("\nactual="); - for (i = 0; i < 16; i++) - printf("%02X ", c_a[i]); - printf("\n"); - - printf("B out ="); - for (i = 0; i < 16; i++) - printf("%02X ", out_b[i]); - printf("\nactual="); - for (i = 0; i < 16; i++) - printf("%02X ", c_b[i]); - printf("\n"); - } else - printf(" ok\n"); + return testresult; +} + +static int cast_test_iterations(void) +{ + long l; + int testresult = 1; + CAST_KEY key, key_b; + unsigned char out_a[16], out_b[16]; + + memcpy(out_a, in_a, sizeof(in_a)); + memcpy(out_b, in_b, sizeof(in_b)); + + for (l = 0; l < 1000000L; l++) { + CAST_set_key(&key_b, 16, out_b); + CAST_ecb_encrypt(&(out_a[0]), &(out_a[0]), &key_b, CAST_ENCRYPT); + CAST_ecb_encrypt(&(out_a[8]), &(out_a[8]), &key_b, CAST_ENCRYPT); + CAST_set_key(&key, 16, out_a); + CAST_ecb_encrypt(&(out_b[0]), &(out_b[0]), &key, CAST_ENCRYPT); + CAST_ecb_encrypt(&(out_b[8]), &(out_b[8]), &key, CAST_ENCRYPT); } -# endif - EXIT(err); + if (!TEST_mem_eq(out_a, sizeof(c_a), c_a, sizeof(c_a)) + || !TEST_mem_eq(out_b, sizeof(c_b), c_b, sizeof(c_b))) + testresult = 0; + + return testresult; } #endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_CAST + ADD_ALL_TESTS(cast_test_vector, OSSL_NELEM(k_len)); + ADD_TEST(cast_test_iterations); +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/certs/client-ed25519-cert.pem b/deps/openssl/openssl/test/certs/client-ed25519-cert.pem new file mode 100644 index 0000000000..5cd01f669a --- /dev/null +++ b/deps/openssl/openssl/test/certs/client-ed25519-cert.pem @@ -0,0 +1,32 @@ +-----BEGIN CERTIFICATE----- +MIICJjCCAQ6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg +Fw0xNzA2MTgxNjMzMjBaGA8yMTE3MDYxOTE2MzMyMFowGTEXMBUGA1UEAwwOQ2xp +ZW50LUVkMjU1MTkwKjAFBgMrZXADIQDWm1IkIasMcyVYSiKuFl6zZMRM4x7h/Qbf +fmpdgcM8/6N9MHswHQYDVR0OBBYEFDAIOfJie9HYZehOjFLE+amS8RH7MB8GA1Ud +IwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQCMAAwEwYDVR0lBAww +CgYIKwYBBQUHAwIwGQYDVR0RBBIwEIIOQ2xpZW50LUVkMjU1MTkwDQYJKoZIhvcN +AQELBQADggEBAFvF2AWOELLBafWwmemtFALQcJbXndS8QyBAkBSPwIp6Q8Oledeh +gynamdc+66c5Ozdl4lNknXPGVGcNaW0RmlkqcqSMksuL11OGba0iIZkiUU2QPA07 +BRunnV4/pgFsy0ewYKEdaSplyfoBoIJwuxPHL1ExlzAmhSYWYYOFMgD302Be4dXr +pm0c4hj1XcJmtsD5wBcBCRrvOj+uCdqIwtWgdwo6poqzsO1AofuAgsjE9WWyi/NQ +ule8nVKIVbwVFP8/dI240v0RF1VLyE+8lPf2nYuFAXbzL/8MRwJeeFVIYNiy+51B +10ZVx5WtbbMjbr7e+xSU5jIAPZQS0r/4M8U= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD +DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd +j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz +n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W +l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l +YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc +ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9 +CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G +A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk +IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6 +AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi +8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6 +uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR +5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/client-ed25519-key.pem b/deps/openssl/openssl/test/certs/client-ed25519-key.pem new file mode 100644 index 0000000000..3f673b311b --- /dev/null +++ b/deps/openssl/openssl/test/certs/client-ed25519-key.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEINZzpIpIiXXsKx4M7mUr2cb+DMfgHyu2msRAgNa5CxJJ +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/client-ed448-cert.pem b/deps/openssl/openssl/test/certs/client-ed448-cert.pem new file mode 100644 index 0000000000..3d6d5e87c9 --- /dev/null +++ b/deps/openssl/openssl/test/certs/client-ed448-cert.pem @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICQDCCASigAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE4MDIyNzE3MTAxN1oYDzIxMTgwMjI4MTcxMDE3WjAXMRUwEwYDVQQD +DAxDbGllbnQtRWQ0NDgwQzAFBgMrZXEDOgB4bFbdmw9IviAHXKt/2/hRDaiEr6JH +bsLr3IPNQq3XIYxYh4AIPx3YffYW3xukHDGWTQ50dptQiwCjezB5MB0GA1UdDgQW +BBTEno3ezhmTYZzGdD65nVRMp3f2hzAfBgNVHSMEGDAWgBSO9SWvHptrhD18gJrJ +U5xNcvejUjAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMCMBcGA1UdEQQQ +MA6CDENsaWVudC1FZDQ0ODANBgkqhkiG9w0BAQsFAAOCAQEAP2/y30iko57i8lUY +ju9Vb4V0TCATKa+HNnzHG1jyWAgiWpPtHe269Cnb8AvdwWKVeppKkG6LeWHo3btP +LOd8xEFhnklM4rPkxMYMCQ0lcw2xagbw3CW12mLs15N3QCjxSnA/kuuftzor9fRl +gzazVh4Kf/jXtlRyBI6R4+bXSGgKhIipdBF5xWmTPvZBViWKxgysQuP1bNzw9AC4 +QMGm4ApOVuY9iE8dPYKgJUVGWc3d9l23fkd422kEgz5euK66HovjYaBj0S0kZhEZ +tWUCRTcv4k40ke2jr8/Zm3Ugab09XWU2T98k/OvXu+Y0AlLMZp2ehC6wXObprEXv +dY5URg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/client-ed448-key.pem b/deps/openssl/openssl/test/certs/client-ed448-key.pem new file mode 100644 index 0000000000..ab4d7ff3de --- /dev/null +++ b/deps/openssl/openssl/test/certs/client-ed448-key.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOWmRn7GCRupyB1q/qQZ+h1lEt+TGtZSNJ5U+Saa+X+hk +gWpeKJP9MTpw7kdMAeAhb6XlhCANH2zV9A== +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/cyrillic.msb b/deps/openssl/openssl/test/certs/cyrillic.msb new file mode 100644 index 0000000000..ec58ac9b2f --- /dev/null +++ b/deps/openssl/openssl/test/certs/cyrillic.msb @@ -0,0 +1,83 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + be:47:3c:53:a6:2a:c0:3a + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=RU, ST=\U041C\U043E\U0441\U043A\U0432\U0430, L=\U041C\U043E\U0441\U043A\U0432\U0430, O=\U0414\U043C\U0438\U0442\U0440\U0438\U0439 \U0411\U0435\U043B\U044F\U0432\U0441\U043A\U0438\U0439, OU=\U042F, CN=Dmitry Belyavskiy, emailAddress=beldmit@example.com + Validity + Not Before: Feb 21 19:35:22 2017 GMT + Not After : Mar 23 19:35:22 2017 GMT + Subject: C=RU, ST=\U041C\U043E\U0441\U043A\U0432\U0430, L=\U041C\U043E\U0441\U043A\U0432\U0430, O=\U0414\U043C\U0438\U0442\U0440\U0438\U0439 \U0411\U0435\U043B\U044F\U0432\U0441\U043A\U0438\U0439, OU=\U042F, CN=Dmitry Belyavskiy, emailAddress=beldmit@example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a4:57:96:36:55:6d:95:21:25:17:f8:85:87:53: + ba:bc:d5:9a:d6:dc:21:66:72:30:36:ca:94:43:3c: + 37:22:81:31:af:bb:8f:31:df:20:e2:6a:04:ee:12: + a1:ea:8c:94:63:84:ab:66:ca:e7:cf:ae:3f:f0:c0: + 38:7f:67:a8:bf:f4:8a:70:65:3d:5c:1f:60:0c:6a: + 86:b9:68:4f:45:37:0c:89:ef:45:e8:ab:c4:bd:1a: + 88:49:05:4b:5f:f4:a2:8d:1c:38:e4:50:54:aa:25: + a6:4d:5c:64:eb:1c:31:91:d1:38:f0:b4:82:4c:c4: + 58:60:4f:21:95:94:56:16:dc:d9:a7:30:46:54:bc: + cd:3a:3f:a4:54:58:a4:ea:0b:b0:7d:72:03:15:49: + 52:22:0f:a1:9b:aa:ca:0b:05:c6:ee:0c:0b:f4:58: + 0d:4c:1a:71:29:93:db:f7:12:f5:dc:df:01:15:18: + 07:d4:e4:f6:e0:c9:a9:09:da:03:23:da:fc:b4:07: + f3:86:18:87:1b:db:3f:50:fe:21:7a:9c:c1:00:5d: + 93:ec:f1:b9:5f:78:14:57:e1:01:b8:a9:e6:07:fd: + d3:77:bb:71:b4:1d:86:65:a8:0a:0a:a3:fe:f9:f5: + 83:a5:5c:cd:5d:ea:29:3c:1a:d8:63:6b:c5:c5:3e: + b2:d1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 11:49:46:19:2A:4E:4D:D1:C8:FB:79:55:3D:81:99:22:EE:34:4F:22 + X509v3 Authority Key Identifier: + keyid:11:49:46:19:2A:4E:4D:D1:C8:FB:79:55:3D:81:99:22:EE:34:4F:22 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 04:8f:c3:77:48:06:29:c0:8d:66:2e:6b:48:a3:b3:e0:dd:5b: + 0a:e7:a4:0b:7e:72:91:fc:37:29:7f:81:1e:60:66:7b:ba:94: + 30:f8:c0:79:56:bc:ed:87:88:d9:bd:d8:7b:dc:1b:87:bb:ef: + 15:d0:77:74:59:d7:3f:30:09:71:86:da:d7:d7:50:cb:ef:8f: + 34:26:76:b5:0a:de:d0:ce:ca:40:57:86:ce:13:24:2a:9e:97: + db:5d:3e:73:8c:24:cc:89:84:42:04:45:62:f9:fd:4b:79:b2: + 1b:a0:01:d7:4c:1f:4d:d1:4c:5b:99:0a:27:5e:c9:79:3c:0f: + b7:3c:09:db:32:d6:ca:56:91:32:0d:7f:79:94:bc:bc:a8:ba: + 54:4b:39:6e:2d:9a:21:77:13:f8:b5:62:5d:a8:8c:c8:8d:ec: + 67:6c:14:2d:f6:ce:e6:d3:a6:fa:37:36:5b:31:7a:80:66:83: + 02:64:82:c1:ec:bf:38:8e:49:b0:e5:ec:09:9b:80:16:e4:32: + 91:4e:72:c4:5f:2d:b3:e9:57:b1:00:36:2d:1a:e9:9f:4a:b1: + 1c:d1:ae:fb:15:79:02:0b:14:97:81:ee:42:01:ed:00:58:38: + b2:30:89:f2:89:11:b7:03:7c:16:95:30:eb:32:9c:9f:00:e5: + 22:12:db:7a +-----BEGIN CERTIFICATE----- +MIIEPTCCAyWgAwIBAgIJAL5HPFOmKsA6MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJSVTEVMBMGA1UECAwM0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQ +utCy0LAxKjAoBgNVBAoMIdCU0LzQuNGC0YDQuNC5INCR0LXQu9GP0LLRgdC60LjQ +uTELMAkGA1UECwwC0K8xGjAYBgNVBAMMEURtaXRyeSBCZWx5YXZza2l5MSIwIAYJ +KoZIhvcNAQkBFhNiZWxkbWl0QGV4YW1wbGUuY29tMB4XDTE3MDIyMTE5MzUyMloX +DTE3MDMyMzE5MzUyMlowgbQxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQ +utCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEqMCgGA1UECgwh0JTQvNC40YLR +gNC40Lkg0JHQtdC70Y/QstGB0LrQuNC5MQswCQYDVQQLDALQrzEaMBgGA1UEAwwR +RG1pdHJ5IEJlbHlhdnNraXkxIjAgBgkqhkiG9w0BCQEWE2JlbGRtaXRAZXhhbXBs +ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkV5Y2VW2VISUX ++IWHU7q81ZrW3CFmcjA2ypRDPDcigTGvu48x3yDiagTuEqHqjJRjhKtmyufPrj/w +wDh/Z6i/9IpwZT1cH2AMaoa5aE9FNwyJ70Xoq8S9GohJBUtf9KKNHDjkUFSqJaZN +XGTrHDGR0TjwtIJMxFhgTyGVlFYW3NmnMEZUvM06P6RUWKTqC7B9cgMVSVIiD6Gb +qsoLBcbuDAv0WA1MGnEpk9v3EvXc3wEVGAfU5PbgyakJ2gMj2vy0B/OGGIcb2z9Q +/iF6nMEAXZPs8blfeBRX4QG4qeYH/dN3u3G0HYZlqAoKo/759YOlXM1d6ik8Gthj +a8XFPrLRAgMBAAGjUDBOMB0GA1UdDgQWBBQRSUYZKk5N0cj7eVU9gZki7jRPIjAf +BgNVHSMEGDAWgBQRSUYZKk5N0cj7eVU9gZki7jRPIjAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBCwUAA4IBAQAEj8N3SAYpwI1mLmtIo7Pg3VsK56QLfnKR/Dcpf4Ee +YGZ7upQw+MB5Vrzth4jZvdh73BuHu+8V0Hd0Wdc/MAlxhtrX11DL7480Jna1Ct7Q +zspAV4bOEyQqnpfbXT5zjCTMiYRCBEVi+f1LebIboAHXTB9N0UxbmQonXsl5PA+3 +PAnbMtbKVpEyDX95lLy8qLpUSzluLZohdxP4tWJdqIzIjexnbBQt9s7m06b6NzZb +MXqAZoMCZILB7L84jkmw5ewJm4AW5DKRTnLEXy2z6VexADYtGumfSrEc0a77FXkC +CxSXge5CAe0AWDiyMInyiRG3A3wWlTDrMpyfAOUiEtt6 +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/cyrillic.pem b/deps/openssl/openssl/test/certs/cyrillic.pem new file mode 100644 index 0000000000..7bf135d4b6 --- /dev/null +++ b/deps/openssl/openssl/test/certs/cyrillic.pem @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIEPTCCAyWgAwIBAgIJAL5HPFOmKsA6MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJSVTEVMBMGA1UECAwM0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQ +utCy0LAxKjAoBgNVBAoMIdCU0LzQuNGC0YDQuNC5INCR0LXQu9GP0LLRgdC60LjQ +uTELMAkGA1UECwwC0K8xGjAYBgNVBAMMEURtaXRyeSBCZWx5YXZza2l5MSIwIAYJ +KoZIhvcNAQkBFhNiZWxkbWl0QGV4YW1wbGUuY29tMB4XDTE3MDIyMTE5MzUyMloX +DTE3MDMyMzE5MzUyMlowgbQxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQ +utCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEqMCgGA1UECgwh0JTQvNC40YLR +gNC40Lkg0JHQtdC70Y/QstGB0LrQuNC5MQswCQYDVQQLDALQrzEaMBgGA1UEAwwR +RG1pdHJ5IEJlbHlhdnNraXkxIjAgBgkqhkiG9w0BCQEWE2JlbGRtaXRAZXhhbXBs +ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkV5Y2VW2VISUX ++IWHU7q81ZrW3CFmcjA2ypRDPDcigTGvu48x3yDiagTuEqHqjJRjhKtmyufPrj/w +wDh/Z6i/9IpwZT1cH2AMaoa5aE9FNwyJ70Xoq8S9GohJBUtf9KKNHDjkUFSqJaZN +XGTrHDGR0TjwtIJMxFhgTyGVlFYW3NmnMEZUvM06P6RUWKTqC7B9cgMVSVIiD6Gb +qsoLBcbuDAv0WA1MGnEpk9v3EvXc3wEVGAfU5PbgyakJ2gMj2vy0B/OGGIcb2z9Q +/iF6nMEAXZPs8blfeBRX4QG4qeYH/dN3u3G0HYZlqAoKo/759YOlXM1d6ik8Gthj +a8XFPrLRAgMBAAGjUDBOMB0GA1UdDgQWBBQRSUYZKk5N0cj7eVU9gZki7jRPIjAf +BgNVHSMEGDAWgBQRSUYZKk5N0cj7eVU9gZki7jRPIjAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBCwUAA4IBAQAEj8N3SAYpwI1mLmtIo7Pg3VsK56QLfnKR/Dcpf4Ee +YGZ7upQw+MB5Vrzth4jZvdh73BuHu+8V0Hd0Wdc/MAlxhtrX11DL7480Jna1Ct7Q +zspAV4bOEyQqnpfbXT5zjCTMiYRCBEVi+f1LebIboAHXTB9N0UxbmQonXsl5PA+3 +PAnbMtbKVpEyDX95lLy8qLpUSzluLZohdxP4tWJdqIzIjexnbBQt9s7m06b6NzZb +MXqAZoMCZILB7L84jkmw5ewJm4AW5DKRTnLEXy2z6VexADYtGumfSrEc0a77FXkC +CxSXge5CAe0AWDiyMInyiRG3A3wWlTDrMpyfAOUiEtt6 +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/cyrillic.utf8 b/deps/openssl/openssl/test/certs/cyrillic.utf8 new file mode 100644 index 0000000000..2096e4fb35 --- /dev/null +++ b/deps/openssl/openssl/test/certs/cyrillic.utf8 @@ -0,0 +1,83 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + be:47:3c:53:a6:2a:c0:3a + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=RU, ST=Москва, L=Москва, O=Дмитрий Белявский, OU=Я, CN=Dmitry Belyavskiy, emailAddress=beldmit@example.com + Validity + Not Before: Feb 21 19:35:22 2017 GMT + Not After : Mar 23 19:35:22 2017 GMT + Subject: C=RU, ST=Москва, L=Москва, O=Дмитрий Белявский, OU=Я, CN=Dmitry Belyavskiy, emailAddress=beldmit@example.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:a4:57:96:36:55:6d:95:21:25:17:f8:85:87:53: + ba:bc:d5:9a:d6:dc:21:66:72:30:36:ca:94:43:3c: + 37:22:81:31:af:bb:8f:31:df:20:e2:6a:04:ee:12: + a1:ea:8c:94:63:84:ab:66:ca:e7:cf:ae:3f:f0:c0: + 38:7f:67:a8:bf:f4:8a:70:65:3d:5c:1f:60:0c:6a: + 86:b9:68:4f:45:37:0c:89:ef:45:e8:ab:c4:bd:1a: + 88:49:05:4b:5f:f4:a2:8d:1c:38:e4:50:54:aa:25: + a6:4d:5c:64:eb:1c:31:91:d1:38:f0:b4:82:4c:c4: + 58:60:4f:21:95:94:56:16:dc:d9:a7:30:46:54:bc: + cd:3a:3f:a4:54:58:a4:ea:0b:b0:7d:72:03:15:49: + 52:22:0f:a1:9b:aa:ca:0b:05:c6:ee:0c:0b:f4:58: + 0d:4c:1a:71:29:93:db:f7:12:f5:dc:df:01:15:18: + 07:d4:e4:f6:e0:c9:a9:09:da:03:23:da:fc:b4:07: + f3:86:18:87:1b:db:3f:50:fe:21:7a:9c:c1:00:5d: + 93:ec:f1:b9:5f:78:14:57:e1:01:b8:a9:e6:07:fd: + d3:77:bb:71:b4:1d:86:65:a8:0a:0a:a3:fe:f9:f5: + 83:a5:5c:cd:5d:ea:29:3c:1a:d8:63:6b:c5:c5:3e: + b2:d1 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 11:49:46:19:2A:4E:4D:D1:C8:FB:79:55:3D:81:99:22:EE:34:4F:22 + X509v3 Authority Key Identifier: + keyid:11:49:46:19:2A:4E:4D:D1:C8:FB:79:55:3D:81:99:22:EE:34:4F:22 + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha256WithRSAEncryption + 04:8f:c3:77:48:06:29:c0:8d:66:2e:6b:48:a3:b3:e0:dd:5b: + 0a:e7:a4:0b:7e:72:91:fc:37:29:7f:81:1e:60:66:7b:ba:94: + 30:f8:c0:79:56:bc:ed:87:88:d9:bd:d8:7b:dc:1b:87:bb:ef: + 15:d0:77:74:59:d7:3f:30:09:71:86:da:d7:d7:50:cb:ef:8f: + 34:26:76:b5:0a:de:d0:ce:ca:40:57:86:ce:13:24:2a:9e:97: + db:5d:3e:73:8c:24:cc:89:84:42:04:45:62:f9:fd:4b:79:b2: + 1b:a0:01:d7:4c:1f:4d:d1:4c:5b:99:0a:27:5e:c9:79:3c:0f: + b7:3c:09:db:32:d6:ca:56:91:32:0d:7f:79:94:bc:bc:a8:ba: + 54:4b:39:6e:2d:9a:21:77:13:f8:b5:62:5d:a8:8c:c8:8d:ec: + 67:6c:14:2d:f6:ce:e6:d3:a6:fa:37:36:5b:31:7a:80:66:83: + 02:64:82:c1:ec:bf:38:8e:49:b0:e5:ec:09:9b:80:16:e4:32: + 91:4e:72:c4:5f:2d:b3:e9:57:b1:00:36:2d:1a:e9:9f:4a:b1: + 1c:d1:ae:fb:15:79:02:0b:14:97:81:ee:42:01:ed:00:58:38: + b2:30:89:f2:89:11:b7:03:7c:16:95:30:eb:32:9c:9f:00:e5: + 22:12:db:7a +-----BEGIN CERTIFICATE----- +MIIEPTCCAyWgAwIBAgIJAL5HPFOmKsA6MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYD +VQQGEwJSVTEVMBMGA1UECAwM0JzQvtGB0LrQstCwMRUwEwYDVQQHDAzQnNC+0YHQ +utCy0LAxKjAoBgNVBAoMIdCU0LzQuNGC0YDQuNC5INCR0LXQu9GP0LLRgdC60LjQ +uTELMAkGA1UECwwC0K8xGjAYBgNVBAMMEURtaXRyeSBCZWx5YXZza2l5MSIwIAYJ +KoZIhvcNAQkBFhNiZWxkbWl0QGV4YW1wbGUuY29tMB4XDTE3MDIyMTE5MzUyMloX +DTE3MDMyMzE5MzUyMlowgbQxCzAJBgNVBAYTAlJVMRUwEwYDVQQIDAzQnNC+0YHQ +utCy0LAxFTATBgNVBAcMDNCc0L7RgdC60LLQsDEqMCgGA1UECgwh0JTQvNC40YLR +gNC40Lkg0JHQtdC70Y/QstGB0LrQuNC5MQswCQYDVQQLDALQrzEaMBgGA1UEAwwR +RG1pdHJ5IEJlbHlhdnNraXkxIjAgBgkqhkiG9w0BCQEWE2JlbGRtaXRAZXhhbXBs +ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkV5Y2VW2VISUX ++IWHU7q81ZrW3CFmcjA2ypRDPDcigTGvu48x3yDiagTuEqHqjJRjhKtmyufPrj/w +wDh/Z6i/9IpwZT1cH2AMaoa5aE9FNwyJ70Xoq8S9GohJBUtf9KKNHDjkUFSqJaZN +XGTrHDGR0TjwtIJMxFhgTyGVlFYW3NmnMEZUvM06P6RUWKTqC7B9cgMVSVIiD6Gb +qsoLBcbuDAv0WA1MGnEpk9v3EvXc3wEVGAfU5PbgyakJ2gMj2vy0B/OGGIcb2z9Q +/iF6nMEAXZPs8blfeBRX4QG4qeYH/dN3u3G0HYZlqAoKo/759YOlXM1d6ik8Gthj +a8XFPrLRAgMBAAGjUDBOMB0GA1UdDgQWBBQRSUYZKk5N0cj7eVU9gZki7jRPIjAf +BgNVHSMEGDAWgBQRSUYZKk5N0cj7eVU9gZki7jRPIjAMBgNVHRMEBTADAQH/MA0G +CSqGSIb3DQEBCwUAA4IBAQAEj8N3SAYpwI1mLmtIo7Pg3VsK56QLfnKR/Dcpf4Ee +YGZ7upQw+MB5Vrzth4jZvdh73BuHu+8V0Hd0Wdc/MAlxhtrX11DL7480Jna1Ct7Q +zspAV4bOEyQqnpfbXT5zjCTMiYRCBEVi+f1LebIboAHXTB9N0UxbmQonXsl5PA+3 +PAnbMtbKVpEyDX95lLy8qLpUSzluLZohdxP4tWJdqIzIjexnbBQt9s7m06b6NzZb +MXqAZoMCZILB7L84jkmw5ewJm4AW5DKRTnLEXy2z6VexADYtGumfSrEc0a77FXkC +CxSXge5CAe0AWDiyMInyiRG3A3wWlTDrMpyfAOUiEtt6 +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/cyrillic_crl.pem b/deps/openssl/openssl/test/certs/cyrillic_crl.pem new file mode 100644 index 0000000000..5ba2b2c977 --- /dev/null +++ b/deps/openssl/openssl/test/certs/cyrillic_crl.pem @@ -0,0 +1,13 @@ +-----BEGIN X509 CRL----- +MIIB6DCB0QIBATANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCUlUxFTATBgNV +BAgMDNCc0L7RgdC60LLQsDELMAkGA1UECgwC0K8xCzAJBgNVBAsMAtCvMSowKAYD +VQQDDCHQlNC80LjRgtGA0LjQuSDQkdC10LvRj9Cy0YHQutC40LkxIjAgBgkqhkiG +9w0BCQEWE2JlbGRtaXRAZXhhbXBsZS5jb20XDTE3MDQyNDEzMjUzMVoXDTE3MDUy +NDEzMjUzMVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQCF5eX+ +1BM/BxoHU2/3pQHJgPSKevN0/K/daiFHiJl7Kb9GCwKY14B1RvbN2rUP/58Mt+aq +jvauf1yBzlaJQeJKZcsCmG9p6Tr1y0BJXhrq5kC0SLyNDsfGUTfuxnwmo+clHXRU ++gKuk+h0WkJL022ZYbJ38w588k4NT3CWVHeE23EDC264p942mlDE7en6MyL152Pe +Ld9YrWiq5iOIOrIbQLErq0EjwxvHG9sMiYFUa6VrwmRf26nyZ7u9RKJDP+o2dltw +diBaSXC3Qt3pZ8BIfv/l81lwp8Dr63SwCII2pIRplyICdQqmX/a+1q8kThXIP2Kx ++X48g7VE2o2X4cfy +-----END X509 CRL----- diff --git a/deps/openssl/openssl/test/certs/cyrillic_crl.utf8 b/deps/openssl/openssl/test/certs/cyrillic_crl.utf8 new file mode 100644 index 0000000000..e55c549d4c --- /dev/null +++ b/deps/openssl/openssl/test/certs/cyrillic_crl.utf8 @@ -0,0 +1,39 @@ +Certificate Revocation List (CRL): + Version 2 (0x1) + Signature Algorithm: sha256WithRSAEncryption + Issuer: C=RU, ST=Москва, O=Я, OU=Я, CN=Дмитрий Белявский, emailAddress=beldmit@example.com + Last Update: Apr 24 13:25:31 2017 GMT + Next Update: May 24 13:25:31 2017 GMT + CRL extensions: + X509v3 CRL Number: + 1 +No Revoked Certificates. + Signature Algorithm: sha256WithRSAEncryption + 85:e5:e5:fe:d4:13:3f:07:1a:07:53:6f:f7:a5:01:c9:80:f4: + 8a:7a:f3:74:fc:af:dd:6a:21:47:88:99:7b:29:bf:46:0b:02: + 98:d7:80:75:46:f6:cd:da:b5:0f:ff:9f:0c:b7:e6:aa:8e:f6: + ae:7f:5c:81:ce:56:89:41:e2:4a:65:cb:02:98:6f:69:e9:3a: + f5:cb:40:49:5e:1a:ea:e6:40:b4:48:bc:8d:0e:c7:c6:51:37: + ee:c6:7c:26:a3:e7:25:1d:74:54:fa:02:ae:93:e8:74:5a:42: + 4b:d3:6d:99:61:b2:77:f3:0e:7c:f2:4e:0d:4f:70:96:54:77: + 84:db:71:03:0b:6e:b8:a7:de:36:9a:50:c4:ed:e9:fa:33:22: + f5:e7:63:de:2d:df:58:ad:68:aa:e6:23:88:3a:b2:1b:40:b1: + 2b:ab:41:23:c3:1b:c7:1b:db:0c:89:81:54:6b:a5:6b:c2:64: + 5f:db:a9:f2:67:bb:bd:44:a2:43:3f:ea:36:76:5b:70:76:20: + 5a:49:70:b7:42:dd:e9:67:c0:48:7e:ff:e5:f3:59:70:a7:c0: + eb:eb:74:b0:08:82:36:a4:84:69:97:22:02:75:0a:a6:5f:f6: + be:d6:af:24:4e:15:c8:3f:62:b1:f9:7e:3c:83:b5:44:da:8d: + 97:e1:c7:f2 +-----BEGIN X509 CRL----- +MIIB6DCB0QIBATANBgkqhkiG9w0BAQsFADCBjjELMAkGA1UEBhMCUlUxFTATBgNV +BAgMDNCc0L7RgdC60LLQsDELMAkGA1UECgwC0K8xCzAJBgNVBAsMAtCvMSowKAYD +VQQDDCHQlNC80LjRgtGA0LjQuSDQkdC10LvRj9Cy0YHQutC40LkxIjAgBgkqhkiG +9w0BCQEWE2JlbGRtaXRAZXhhbXBsZS5jb20XDTE3MDQyNDEzMjUzMVoXDTE3MDUy +NDEzMjUzMVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBCwUAA4IBAQCF5eX+ +1BM/BxoHU2/3pQHJgPSKevN0/K/daiFHiJl7Kb9GCwKY14B1RvbN2rUP/58Mt+aq +jvauf1yBzlaJQeJKZcsCmG9p6Tr1y0BJXhrq5kC0SLyNDsfGUTfuxnwmo+clHXRU ++gKuk+h0WkJL022ZYbJ38w588k4NT3CWVHeE23EDC264p942mlDE7en6MyL152Pe +Ld9YrWiq5iOIOrIbQLErq0EjwxvHG9sMiYFUa6VrwmRf26nyZ7u9RKJDP+o2dltw +diBaSXC3Qt3pZ8BIfv/l81lwp8Dr63SwCII2pIRplyICdQqmX/a+1q8kThXIP2Kx ++X48g7VE2o2X4cfy +-----END X509 CRL----- diff --git a/deps/openssl/openssl/test/certs/dhp2048.pem b/deps/openssl/openssl/test/certs/dhp2048.pem new file mode 100644 index 0000000000..9ee474b820 --- /dev/null +++ b/deps/openssl/openssl/test/certs/dhp2048.pem @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEAoI0V5HKAcsG4LlAnVJhYnnl2ErOcdvz7WN4n+LoSkZVkfPcPExAF +uXnT6v16rYfxCgZDPB/tSYaRhOxpJgaAHGA9PrfwprM4xQm9HLIWtidyIGtkgynQ +rrtxaCculbPOMxc1od7V0jw8/Sj4pdKjijmdvY3VsvuQPu6Lo7qV94u3pYN+WSP9 +ESPcY0lvIV0s0eYxzU5LOU7FZRv6gpe658yxnpaQf13M3sFBqcQEnw+vIjNyaBBK +Nm4jVFeKCN3aIz+yJL8y14HEnV/tnhtIrr33MAJvsG1qFBY7iFvbvlx/gKDW7qyk +V0/iN2uElrJZIGxD2uPMZNXO+dci+EriMwIBAg== +-----END DH PARAMETERS----- diff --git a/deps/openssl/openssl/test/certs/ee-ecdsa-client-chain.pem b/deps/openssl/openssl/test/certs/ee-ecdsa-client-chain.pem new file mode 100644 index 0000000000..ba04fdbd79 --- /dev/null +++ b/deps/openssl/openssl/test/certs/ee-ecdsa-client-chain.pem @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIICXDCCAUSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg +Fw0xNzAyMTUxOTMxMTBaGA8yMTE3MDIxNjE5MzExMFowHDEaMBgGA1UEAwwRRUNE +U0EgQ2xpZW50IEF1dGgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATpeZcBUFBT +zmRIEaNlNcLA3+dvPgc5T3y2/Cut6ixNHjGCM1KzMSyZC2LwBhtKAl1CJxAfPvoP +WECveS18FWXWo4GAMH4wHQYDVR0OBBYEFKP225wj9a3okk5Y2GvNHvJqH8sAMB8G +A1UdIwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQCMAAwEwYDVR0l +BAwwCgYIKwYBBQUHAwIwHAYDVR0RBBUwE4IRRUNEU0EgQ2xpZW50IEF1dGgwDQYJ +KoZIhvcNAQELBQADggEBAG8P/XEQnwHrd3O6GIAE5/Yloxqrjw5CoxbKmmVwrojz +JGMHXPqE+V+RGUUnvP9Za8mIxtTi6hfvPRGNxRUhsPHXcQ52kwYf6r/ZeSXT0yFF +ITVFFXM63p/jfF1NQgeEQ2NgPYJ9H6WTQbOu7EkaF/2E//DPUf93is8DKUgFLtdM +p5Afb4yMul64wS2nHZIa3oR+15BDCQJ0FQtYX5bM2+6AZ0EZZT6q6t1cRRW8Tk4d +YyUS5SSfxEdhdxnLPM5n88IYFhHV5klhgfp42CRXOWgLSBQeBZ8LqgUs7buHSxv5 +duOKJn5+mGvktlxvThrXpKgBx3yApThRKmBvb6Avrq8= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIC7DCCAdSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE2MDExNTA4MTk0OVoYDzIxMTYwMTE2MDgxOTQ5WjANMQswCQYDVQQD +DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd +j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz +n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W +l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l +YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc +ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9 +CLNNsUcCAwEAAaNQME4wHQYDVR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8G +A1UdIwQYMBaAFI71Ja8em2uEPXyAmslTnE1y96NSMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQELBQADggEBADnZ9uXGAdwfNC3xuERIlBwgLROeBRGgcfHWdXZB/tWk +IM9ox88wYKWynanPbra4n0zhepooKt+naeY2HLR8UgwT6sTi0Yfld9mjytA8/DP6 +AcqtIDDf60vNI00sgxjgZqofVayA9KShzIPzjBec4zI1sg5YzoSNyH28VXFstEpi +8CVtmRYQHhc2gDI9MGge4sHRYwaIFkegzpwcEUnp6tTVe9ZvHawgsXF/rCGfH4M6 +uNO0D+9Md1bdW7382yOtWbkyibsugqnfBYCUH6hAhDlfYzpba2Smb0roc6Crq7HR +5HpEYY6qEir9wFMkD5MZsWrNRGRuzd5am82J+aaHz/4= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/ee-ecdsa-key.pem b/deps/openssl/openssl/test/certs/ee-ecdsa-key.pem new file mode 100644 index 0000000000..6844a0b363 --- /dev/null +++ b/deps/openssl/openssl/test/certs/ee-ecdsa-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgi5sKk1Y8QjhMSK6P +69wCABpFCv9/aCaMpLhlzAMfEjOhRANCAATpeZcBUFBTzmRIEaNlNcLA3+dvPgc5 +T3y2/Cut6ixNHjGCM1KzMSyZC2LwBhtKAl1CJxAfPvoPWECveS18FWXW +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/ee-ed25519.pem b/deps/openssl/openssl/test/certs/ee-ed25519.pem new file mode 100644 index 0000000000..3f4b5b2ac7 --- /dev/null +++ b/deps/openssl/openssl/test/certs/ee-ed25519.pem @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE----- +MIIBLDCB36ADAgECAghWAUdKKo3DMDAFBgMrZXAwGTEXMBUGA1UEAwwOSUVURiBUZX +N0IERlbW8wHhcNMTYwODAxMTIxOTI0WhcNNDAxMjMxMjM1OTU5WjAZMRcwFQYDVQQD +DA5JRVRGIFRlc3QgRGVtbzAqMAUGAytlbgMhAIUg8AmJMKdUdIt93LQ+91oNvzoNJj +ga9OukqY6qm05qo0UwQzAPBgNVHRMBAf8EBTADAQEAMA4GA1UdDwEBAAQEAwIDCDAg +BgNVHQ4BAQAEFgQUmx9e7e0EM4Xk97xiPFl1uQvIuzswBQYDK2VwA0EAryMB/t3J5v +/BzKc9dNZIpDmAgs3babFOTQbs+BolzlDUwsPrdGxO3YNGhW7Ibz3OGhhlxXrCe1Cg +w1AH9efZBw== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/ee-pss-sha1-cert.pem b/deps/openssl/openssl/test/certs/ee-pss-sha1-cert.pem new file mode 100644 index 0000000000..b504aea581 --- /dev/null +++ b/deps/openssl/openssl/test/certs/ee-pss-sha1-cert.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDFDCCAfygAwIBAgIBAjANBgkqhkiG9w0BAQowADANMQswCQYDVQQDDAJDQTAg +Fw0xNzA0MjQyMTE5NDlaGA8yMTE3MDQyNTIxMTk0OVowEzERMA8GA1UEAwwIUFNT +LVNIQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lYYYWu3tss +D9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT5Rcf/w3G +Q/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1lDz9mjsI2 +oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1U7OWaoIb +FYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5ep5LR2in +Kcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tniIQPYf55 +NB9KiR+3AgMBAAGjdzB1MB0GA1UdDgQWBBTnm+IqrYpsOst2UeWOB5gil+FzojAf +BgNVHSMEGDAWgBS0ETPx1+Je91OeICIQT4YGvx/JXjAJBgNVHRMEAjAAMBMGA1Ud +JQQMMAoGCCsGAQUFBwMBMBMGA1UdEQQMMAqCCFBTUy1TSEExMA0GCSqGSIb3DQEB +CjAAA4IBAQCC4qIOu7FVYMvRx13IrvzviF+RFRRfAD5NZSPFw5+riLMeRlA4Pdw/ +vCctNIpqjDaSFu8BRTUuyHPXSIvPo0Rl64TsfQNHP1Ut1/8XCecYCEBx/ROJHbM5 +YjoHMCAy+mR3f4BK1827Mp5U/wRJ6ljvE5EbALQ06ZEuIO6zqEAO6AROUCjWSyFd +z9fkEHS0XmploIywH4QXR7X+ueWOE3n76x+vziM4qoGsYxy0sxePfTWM1DscT1Kt +l5skZdZEKo6J8m8ImxfmtLutky2/tw5cdeWbovX3xfipabjPqpzO9Tf9aa4iblJa +AEQwRss+D6ixFO1rNKs1fjFva7A+9lrO +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/ee-pss-sha256-cert.pem b/deps/openssl/openssl/test/certs/ee-pss-sha256-cert.pem new file mode 100644 index 0000000000..cde5089926 --- /dev/null +++ b/deps/openssl/openssl/test/certs/ee-pss-sha256-cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDeDCCAjCgAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa +MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDANMQswCQYDVQQDDAJDQTAg +Fw0xNzA0MjQyMTE5NDlaGA8yMTE3MDQyNTIxMTk0OVowFTETMBEGA1UEAwwKUFNT +LVNIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj/iVhhha7e +2ywP1XP74reoG3p1YCvUfTxzdrWu3pMvfySQbckc9Io4zZ+igBZWy7Qsu5PlFx// +DcZD/jE0+CjYdemju4iC76Ny4lNiBUVN4DGX76qdENJYDZ4GnjK7GwhWXWUPP2aO +wjagEf/AWTX9SRzdHEIzBniuBDgj5ed1Z9OUrVqpQB+sWRD1DMFkrUrExjVTs5Zq +ghsVi9GZq+Seb5Sq0pblV/uMkWSKPCQWxtIZvoJgEztisO0+HbPK+WvfMbl6nktH +aKcpxz9K4iIntO+QY9fv0HJJPlutuRvUK2+GaN3VcxK4Q8ncQQ+io0ZPi2eIhA9h +/nk0H0qJH7cCAwEAAaN5MHcwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4HmCKX4XOi +MB8GA1UdIwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQCMAAwEwYD +VR0lBAwwCgYIKwYBBQUHAwEwFQYDVR0RBA4wDIIKUFNTLVNIQTI1NjA9BgkqhkiG +9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3DQEBCDALBglghkgBZQME +AgGiAwIBIAOCAQEAfKQyXj7HSdUQJA599+SBjalw3dsaxYg6wgLH1IW3GHXPR+c0 +4cugrsPFNRTZL2u/xwHfdxcR3N2vzsdqa+Ep3iyC6egiwxmhIkw0OI+uk/WO9P8Z +42bznkeDjOQ3Y04IIt7a5VbMY7AuWdQfnuVRFiJFAZi7s4+b6QL7+iwydZESVNRL +K+Y6rjMEOrGK7codcRKxrwIt7kxkcT7MI/O7Jt5aa1XDvdSzrieo/CpNVCLCm/zq +Hn1MZ7SAxjTlvwZIj1FhDrFJJppPc5fS7rQDcEaEV6qkBMowtccQR61Iim4834gV +ZTesKQBRtAgW/h4OD5Za98hSEesP6YNhE3GK7A== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/mkcert.sh b/deps/openssl/openssl/test/certs/mkcert.sh index ee31bf0097..bf61548dba 100755 --- a/deps/openssl/openssl/test/certs/mkcert.sh +++ b/deps/openssl/openssl/test/certs/mkcert.sh @@ -1,13 +1,18 @@ #! /bin/bash # +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. # Copyright (c) 2016 Viktor Dukhovni <openssl-users@dukhovni.org>. # All rights reserved. # -# Contributed to the OpenSSL project under the terms of the OpenSSL license -# included with the version of the OpenSSL software that includes this module. +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# This file is dual-licensed and is also available under other terms. +# Please contact the author. # 100 years should be enough for now -# if [ -z "$DAYS" ]; then DAYS=36525 fi @@ -48,6 +53,9 @@ key() { rsa) args=("${args[@]}" -pkeyopt rsa_keygen_bits:$bits );; ec) args=("${args[@]}" -pkeyopt "ec_paramgen_curve:$bits") args=("${args[@]}" -pkeyopt ec_param_enc:named_curve);; + dsa) args=(-paramfile "$bits");; + ed25519) ;; + ed448) ;; *) printf "Unsupported key algorithm: %s\n" "$alg" >&2; return 1;; esac stderr_onerror \ @@ -171,11 +179,11 @@ genpc() { -set_serial 2 -days "${DAYS}" } -# Usage: $0 genalt keyname certname eekeyname eecertname alt1 alt2 ... +# Usage: $0 geneealt keyname certname eekeyname eecertname alt1 alt2 ... # # Note: takes csr on stdin, so must be used with $0 req like this: # -# $0 req keyname dn | $0 genalt keyname certname eekeyname eecertname alt ... +# $0 req keyname dn | $0 geneealt keyname certname eekeyname eecertname alt ... geneealt() { local key=$1; shift local cert=$1; shift diff --git a/deps/openssl/openssl/test/certs/p256-server-cert.pem b/deps/openssl/openssl/test/certs/p256-server-cert.pem new file mode 100644 index 0000000000..f144e11dcd --- /dev/null +++ b/deps/openssl/openssl/test/certs/p256-server-cert.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIByjCCAU+gAwIBAgIBAjAKBggqhkjOPQQDAjAbMRkwFwYDVQQDDBBFQ0RTQSBQ +LTM4NCByb290MCAXDTE3MDIxODE4NTA1NloYDzIxMTcwMjE5MTg1MDU2WjAcMRow +GAYDVQQDDBFQLTI1NiBTZXJ2ZXIgQ2VydDBZMBMGByqGSM49AgEGCCqGSM49AwEH +A0IABBQtneXPCnPgmqOCJdOnixLtRxYCYJoKLMTKpVRHg1toZa5hst1EmlfcIJ2q +0mwDj2N7MZxHCQKrY7h2ussdSuujgYAwfjAdBgNVHQ4EFgQUXkNyi959A0GuCidm +beH0E4OStLYwHwYDVR0jBBgwFoAUJtCPHXtf3B5/QYB9Y8ocdYHWhWkwCQYDVR0T +BAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAcBgNVHREEFTATghFQLTI1NiBTZXJ2 +ZXIgQ2VydDAKBggqhkjOPQQDAgNpADBmAjEA5Bli9loRg3x9jCo/Xyu6pxN9xmaA +GzGrJ+sVfAoKCDPjfvXR3VA+auFR7c65R3lvAjEAuNC6+SIYdp0kOXB9W0s5RcMl +e9e1+PVLCMU9PG1+lfy8cJV4iDymomx/+jX2f0R0 +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/p256-server-key.pem b/deps/openssl/openssl/test/certs/p256-server-key.pem new file mode 100644 index 0000000000..b2ebd6957d --- /dev/null +++ b/deps/openssl/openssl/test/certs/p256-server-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgJ51ke8aiotgRnxNb +le4OYpOA/E5Cuj0+yU8lbeg0GgOhRANCAAQULZ3lzwpz4JqjgiXTp4sS7UcWAmCa +CizEyqVUR4NbaGWuYbLdRJpX3CCdqtJsA49jezGcRwkCq2O4drrLHUrr +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/p384-root-key.pem b/deps/openssl/openssl/test/certs/p384-root-key.pem new file mode 100644 index 0000000000..6556c56e1b --- /dev/null +++ b/deps/openssl/openssl/test/certs/p384-root-key.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDAp+VkMpwM7uCJWk+fo +bSxLtiF2nd/4YDJy2IjO+IjzoEDGJB4Ekr1AGxYmiS57IVWhZANiAAS/4vfY5YBd +dvcJs81VXvm3gqwIvzycNtT48ZQ9bqGJBERMAXkmOgzPVz4cSIr33KfIKGhfgjVK +xSAorUKfc0cWf0dZZh3UxpXeN1x3dxtK3hED1y8pemwuz3tYuuOBbtw= +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/p384-root.pem b/deps/openssl/openssl/test/certs/p384-root.pem new file mode 100644 index 0000000000..df5057f94a --- /dev/null +++ b/deps/openssl/openssl/test/certs/p384-root.pem @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIIBtzCCAT2gAwIBAgIBATAKBggqhkjOPQQDAjAbMRkwFwYDVQQDDBBFQ0RTQSBQ +LTM4NCByb290MCAXDTE3MDIxODEzNDUzN1oYDzIxMTcwMjE5MTM0NTM3WjAbMRkw +FwYDVQQDDBBFQ0RTQSBQLTM4NCByb290MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE +v+L32OWAXXb3CbPNVV75t4KsCL88nDbU+PGUPW6hiQRETAF5JjoMz1c+HEiK99yn +yChoX4I1SsUgKK1Cn3NHFn9HWWYd1MaV3jdcd3cbSt4RA9cvKXpsLs97WLrjgW7c +o1MwUTAdBgNVHQ4EFgQUJtCPHXtf3B5/QYB9Y8ocdYHWhWkwHwYDVR0jBBgwFoAU +JtCPHXtf3B5/QYB9Y8ocdYHWhWkwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQD +AgNoADBlAjEA9ZGtIjZhUPqqyjB2YdfXh7K+AUIXdxmtHmioVNbksIApEzbZ25rI +o1WkqRowwbkNAjAw0TzgEv0q4MtQN0G5Lh/z0aVdaFICpXI6UhDXZyiZeRjt2Lbi +3Da3rKRZdHHswY4= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/p384-server-cert.pem b/deps/openssl/openssl/test/certs/p384-server-cert.pem new file mode 100644 index 0000000000..c6435122a1 --- /dev/null +++ b/deps/openssl/openssl/test/certs/p384-server-cert.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB5jCCAWygAwIBAgIBAjAKBggqhkjOPQQDAjAbMRkwFwYDVQQDDBBFQ0RTQSBQ +LTM4NCByb290MCAXDTE3MDIxODE4NDk1NFoYDzIxMTcwMjE5MTg0OTU0WjAcMRow +GAYDVQQDDBFQLTM4NCBTZXJ2ZXIgQ2VydDB2MBAGByqGSM49AgEGBSuBBAAiA2IA +BNgfdX1zL/wbUQekHkIYpI9KKBDH5oxUbjeHqc0EkEDOLHs7zb3f7UdsqaZ/4Ukn +Wqm8Kmcz5TOYpvg7gn+jPmtVpI2BCfxqYD2WceePkllWENoJFtt/VwOPMGMymeUH +3KOBgDB+MB0GA1UdDgQWBBSY+ffqAKeBpiQl4b6hjUOXuBbIljAfBgNVHSMEGDAW +gBQm0I8de1/cHn9BgH1jyhx1gdaFaTAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsG +AQUFBwMBMBwGA1UdEQQVMBOCEVAtMzg0IFNlcnZlciBDZXJ0MAoGCCqGSM49BAMC +A2gAMGUCMQDD1uzmDMxAmkyokImzX4hW6f2Hxt/iZJhT6C15zCjYfoWcBdP/EiF5 +m2FMPUvxq+0CMAmKOndcfOwQ7OoaEUySx2q10iXgrkE42HsTvFER8FUN7repOUnD +JhC9UKJW7I5A9w== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/p384-server-key.pem b/deps/openssl/openssl/test/certs/p384-server-key.pem new file mode 100644 index 0000000000..438e8f47f9 --- /dev/null +++ b/deps/openssl/openssl/test/certs/p384-server-key.pem @@ -0,0 +1,6 @@ +-----BEGIN PRIVATE KEY----- +MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDBg3D9RcSwjYqyeLmW+ +nw3mGtBTeNFH2heMO4uOl3EAzJAB8Q+1DjD9Prlrsc+JX7yhZANiAATYH3V9cy/8 +G1EHpB5CGKSPSigQx+aMVG43h6nNBJBAzix7O8293+1HbKmmf+FJJ1qpvCpnM+Uz +mKb4O4J/oz5rVaSNgQn8amA9lnHnj5JZVhDaCRbbf1cDjzBjMpnlB9w= +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/root-ed25519.pem b/deps/openssl/openssl/test/certs/root-ed25519.pem new file mode 100644 index 0000000000..e509d54011 --- /dev/null +++ b/deps/openssl/openssl/test/certs/root-ed25519.pem @@ -0,0 +1,9 @@ +-----BEGIN CERTIFICATE----- +MIIBODCB66ADAgECAgkAhPEIPRzjLZUwBQYDK2VwMBkxFzAVBgNVBAMMDklFVEYg +VGVzdCBEZW1vMB4XDTE3MDQxOTIxMzYzOVoXDTQxMDIxMjIxMzYzOVowGTEXMBUG +A1UEAwwOSUVURiBUZXN0IERlbW8wKjAFBgMrZXADIQAZv0QJaYTN/oVBusFn3DuW +yFCGqjC2tssMXDitcDFm4aNQME4wHQYDVR0OBBYEFKKMwfhuWWDT4DrnXJYsl6jU +SCk8MB8GA1UdIwQYMBaAFKKMwfhuWWDT4DrnXJYsl6jUSCk8MAwGA1UdEwQFMAMB +Af8wBQYDK2VwA0EAa6iEoQZBWB1MhCzASv5HuFM7fR5Nz2/KM7GxYjQWsfvK2Ds1 +jaPSG7Lx4uywIndMafp5CoPoFr6yLBkt+NZLAg== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-cecdsa-cert.pem b/deps/openssl/openssl/test/certs/server-cecdsa-cert.pem new file mode 100644 index 0000000000..6446bbf08a --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-cecdsa-cert.pem @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICSDCCATCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE3MDIyNDE3MjgxOFoYDzIxMTcwMjI1MTcyODE4WjAfMR0wGwYDVQQD +DBRFQ0RTQSBjb21wcmVzc2VkIGtleTA5MBMGByqGSM49AgEGCCqGSM49AwEHAyIA +AuI7NNxE483tJyIKT6KOQM5Zlfrigh12BEcHxnzpudgVo4GEMIGBMB0GA1UdDgQW +BBRYM6sJF9MGP6q5g0lxnwQzVozv2DAfBgNVHSMEGDAWgBRwfy6ug2hZmAQjKs3r +PhfNJN0BSTAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB8GA1UdEQQY +MBaCFEVDRFNBIGNvbXByZXNzZWQga2V5MA0GCSqGSIb3DQEBCwUAA4IBAQCEmLt+ +eW36thd16Coscs4LYV8aFS6cyCw1dXUOAsDn8SH6zFkhidahgGY4cXdYeNpffYWZ +yL1ydfL5ce76Ye4liLY0N/3tvsMTdyvtMxzVrC27W7yxfh65tPGhQtZNbzWZPkUr +pBQ5w8pN9go/B/tCmflffzAXz5XOI2dRGxENfHV/6KTjn+ojbgWL2JmkbBuTSk7w +18s5ae+T7rUFPTxlN9vFoFyCf+mjHArRhIHBR1AiZ9/Q1XN44u7EWYbKkiJgki1Q +VBd4jvGz3GsH2DWMm1B1VqO0vddRNFDy7DtMO36VRz0k0k2ysOw1Y82XAniPboS7 +jC8uUGdh3iKWaOb5 +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-cecdsa-key.pem b/deps/openssl/openssl/test/certs/server-cecdsa-key.pem new file mode 100644 index 0000000000..ae157dfe71 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-cecdsa-key.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PRIVATE KEY----- +MFcCAQEEIEyOTc8v2AjaRLgE6+oxbbmQOVbNec21ziVORF5fiQHuoAoGCCqGSM49 +AwEHoSQDIgAC4js03ETjze0nIgpPoo5AzlmV+uKCHXYERwfGfOm52BU= +-----END EC PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/server-dsa-cert.pem b/deps/openssl/openssl/test/certs/server-dsa-cert.pem new file mode 100644 index 0000000000..0ea1894929 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-dsa-cert.pem @@ -0,0 +1,31 @@ +-----BEGIN CERTIFICATE----- +MIIFQzCCBCugAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE3MDIxNzE0MDgxOVoYDzIxMTcwMjE4MTQwODE5WjAVMRMwEQYDVQQD +DApTZXJ2ZXIgRFNBMIIDSDCCAjoGByqGSM44BAEwggItAoIBAQD+P3LcpaA+AYu9 +M1gSsHi8fixl7VPCsKK96oaH7/ZJqvOD0TdASkn+4Td8SPvkc+KG2bBbmp39FCxG +pa4d8CRLKVbIHAFtaKHIDFuMlPuFnsiaU0uWN/s3lROhAHWrTiODhehFM+NiPrAO +JmtXQURBoeQ07t4HoyKz7sUyTF2qotw1JDvBRb6JXw+13Z2a1iZGJopLZN3Ricvo +Hee3rYEsM5AHMS3cntYX2NhQUHjiQ451iL2OkFJtVeaUoX5JV6KYSzz4lzNlYwJf +F/Tzac/+l1aFA1NDbNFcQ1UC0JXscKeT/J2Wo8kRwpx042UKaayw5jkOv3GndgKC +OaCe29UrAiEAh8hMJV/kKTLolNr6kV87KV8eTaJfrnSRS2E3ToOhWH0CggEBAOd/ +YKl8svYqvJtThaOsmVETeXwEvz/MLqpj4hZr029Oqps7z6OmeZ2er7aldxC5+BKM +xCfPlhFo0iQ9XITp+J7UqS3qrRZqAnxMjd6VmEGXKWOoeAc0CpEzR1QNkjKodzgs +tQj5oYbiiPG0SgCtBV4I1b/IuKzkjcLxQaF+8Rob/lzLBwA6pFjZNa6FcDjthmtH +2pC+zI760sv05rbZGcXDj8G0SLsvbkrfiRIn/8LkgBpoTWpKfa8BmvYtt9WI/CYk +beQYIwM9sXUPwRSD1VONSg5bXTW3Sxmzy3Yfy9RYt+suMKzi78oSv81e5BoL1D2H +tfxSAFQbiJU3kipxvhsDggEGAAKCAQEArDidnkCegHb/itBTFeyGsebv+I8Z93V3 +jGcKPOs3s1wqB/+HRL5ERlhQOq/lfYPigUFKhfC8tlCVAM+MtUDqXCzqAkomw0yX +8oVkp9plswxHKlqjzKr6PWLOJGp/NDBAL1ZcUzHB1omvmkUHy9pYiapVVNUuUdL2 +Z5EvDze8jQoiR0k9zgMKiH+MyCfV0tLo8W8djFJPlIM9Ypa7DH4fazcEfRuzq1jv +K/uX4+HWmg3Nswdh5eysb++RqtJSUBtGT3tAQY59WjBf2nXMG0nkZGkT7TCJ6icv +NdbSl1AlAGMV/nZN3PFsFH17L8uMUYS7V5PWiqQTxe5COHqpGumo9KN5MHcwHQYD +VR0OBBYEFDrWNm+9we7UIIpUiKJ8aOrCviIUMB8GA1UdIwQYMBaAFHB/Lq6DaFmY +BCMqzes+F80k3QFJMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwFQYD +VR0RBA4wDIIKU2VydmVyIERTQTANBgkqhkiG9w0BAQsFAAOCAQEAsKn2puy5BLfg +eVnxJiDOxYeHHB82GBZjzG4kmroWqP/yKGLQa0CWw/GNcP2zVNKZ12fzQJRRhiHd +MohKKSHJlmKwP/6qXhRConlIVzVHdAQHxIS6rr/hwctUpX1lFvxd7hUOnwyOlvvq +Qu0R8OIYZVmCdQuoM+nFek25TxUI160/6H7UhY4t2Y0iry+QjQCBLw/yHb2a3iQE +Ho84MDYGNWauDK/rohSRm/CzPSqfZaFyykwRRE47x4XOmtQPRZCIaHSA7LsNqJ42 +OJRAv3kePiW4XSWAbVJ8gRHRFg9wjrMV8zBL00durls1mZVNbh81I3Bdu62y0lY0 +L6LYw0U7GQ== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-dsa-key.pem b/deps/openssl/openssl/test/certs/server-dsa-key.pem new file mode 100644 index 0000000000..fdd1da299c --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-dsa-key.pem @@ -0,0 +1,15 @@ +-----BEGIN PRIVATE KEY----- +MIICZQIBADCCAjoGByqGSM44BAEwggItAoIBAQD+P3LcpaA+AYu9M1gSsHi8fixl +7VPCsKK96oaH7/ZJqvOD0TdASkn+4Td8SPvkc+KG2bBbmp39FCxGpa4d8CRLKVbI +HAFtaKHIDFuMlPuFnsiaU0uWN/s3lROhAHWrTiODhehFM+NiPrAOJmtXQURBoeQ0 +7t4HoyKz7sUyTF2qotw1JDvBRb6JXw+13Z2a1iZGJopLZN3RicvoHee3rYEsM5AH +MS3cntYX2NhQUHjiQ451iL2OkFJtVeaUoX5JV6KYSzz4lzNlYwJfF/Tzac/+l1aF +A1NDbNFcQ1UC0JXscKeT/J2Wo8kRwpx042UKaayw5jkOv3GndgKCOaCe29UrAiEA +h8hMJV/kKTLolNr6kV87KV8eTaJfrnSRS2E3ToOhWH0CggEBAOd/YKl8svYqvJtT +haOsmVETeXwEvz/MLqpj4hZr029Oqps7z6OmeZ2er7aldxC5+BKMxCfPlhFo0iQ9 +XITp+J7UqS3qrRZqAnxMjd6VmEGXKWOoeAc0CpEzR1QNkjKodzgstQj5oYbiiPG0 +SgCtBV4I1b/IuKzkjcLxQaF+8Rob/lzLBwA6pFjZNa6FcDjthmtH2pC+zI760sv0 +5rbZGcXDj8G0SLsvbkrfiRIn/8LkgBpoTWpKfa8BmvYtt9WI/CYkbeQYIwM9sXUP +wRSD1VONSg5bXTW3Sxmzy3Yfy9RYt+suMKzi78oSv81e5BoL1D2HtfxSAFQbiJU3 +kipxvhsEIgIgFadGQ61c3i/D01zXhSsKyE0/BerqJmTrrlVK1o0ZFu8= +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/server-ecdsa-brainpoolP256r1-cert.pem b/deps/openssl/openssl/test/certs/server-ecdsa-brainpoolP256r1-cert.pem new file mode 100644 index 0000000000..bb41f99907 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ecdsa-brainpoolP256r1-cert.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICgzCCAWugAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE4MTAyNDEzNDUwOFoYDzIxMTgxMDI1MTM0NTA4WjAsMSowKAYDVQQD +DCFTZXJ2ZXIgRUNEU0EgYnJhaW5wb29sUDI1NnIxIGNlcnQwWjAUBgcqhkjOPQIB +BgkrJAMDAggBAQcDQgAETYDLIgpvvoxSBJxB5apcNrTZ0vYpVyG18hDEOplqkyln +W7kekN9a83WtIwPRoSwhczgFg/MhvLZ/BHQJW2SU3qOBkTCBjjAdBgNVHQ4EFgQU +it8K0UIpDYE264JfNmQ/44H1WMUwHwYDVR0jBBgwFoAUcH8uroNoWZgEIyrN6z4X +zSTdAUkwCQYDVR0TBAIwADATBgNVHSUEDDAKBggrBgEFBQcDATAsBgNVHREEJTAj +giFTZXJ2ZXIgRUNEU0EgYnJhaW5wb29sUDI1NnIxIGNlcnQwDQYJKoZIhvcNAQEL +BQADggEBAKCEUMQlB+M6crHe2zfGmQJnsEGzY4fJUFYdFfOM359dXR8Xs+JHF2XP +0BHJ64BHLzy+3eoa9w/B+/i6OVJo3VhCoCChcP+gnGzQVQy5Maxq55DlsVdpellS +Tml/BnLcqcZFAP63qEpcuZuC4CytZcHYCU+NLI/3JGzH1/xHxk4UgRTa2B7OhjXt +Ptl3vLaSqJXEmVeCP0hibhhiszs0zR14fJqmVn0V5MKC7twmG8CBlW03ksLjzzvn +m7WAy7q5WcFcAcrFR3zAPqcx4UQSS9FiwJ+OOZGqIasMk9i9zxqh0ic5M5ls7Qaf +roudyLLkkvDFkcb88RwYGKrdVFGDgF0= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-ecdsa-brainpoolP256r1-key.pem b/deps/openssl/openssl/test/certs/server-ecdsa-brainpoolP256r1-key.pem new file mode 100644 index 0000000000..c9d233fa54 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ecdsa-brainpoolP256r1-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGIAgEAMBQGByqGSM49AgEGCSskAwMCCAEBBwRtMGsCAQEEIKZSRhbD6lGhKbIm +5JVgxnN8MHGB0whroUsSf0zmsAz+oUQDQgAETYDLIgpvvoxSBJxB5apcNrTZ0vYp +VyG18hDEOplqkylnW7kekN9a83WtIwPRoSwhczgFg/MhvLZ/BHQJW2SU3g== +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/server-ecdsa-cert.pem b/deps/openssl/openssl/test/certs/server-ecdsa-cert.pem new file mode 100644 index 0000000000..e61026b507 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ecdsa-cert.pem @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE----- +MIICYTCCAUmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE3MDExMjE0NDUwMVoYDzIxMTcwMTEzMTQ0NTAxWjAcMRowGAYDVQQD +DBFTZXJ2ZXIgRUNEU0EgY2VydDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABOI7 +NNxE483tJyIKT6KOQM5Zlfrigh12BEcHxnzpudgVHYA4aL5D5JulYGFzL0LQ5Q55 +GpCub1V2j+AhyBMKPQqjgYAwfjAdBgNVHQ4EFgQUSDzlr0Ayx22BljPtY6YRLTes +qgwwHwYDVR0jBBgwFoAUcH8uroNoWZgEIyrN6z4XzSTdAUkwCQYDVR0TBAIwADAT +BgNVHSUEDDAKBggrBgEFBQcDATAcBgNVHREEFTATghFTZXJ2ZXIgRUNEU0EgY2Vy +dDANBgkqhkiG9w0BAQsFAAOCAQEAOJDgr1hRNuxW1D93yDWFwP1o2KuaI0BMZVFS +6rzzLThCo3FeS6X7DCrBP699PCYcKeyMDmQwg9mVMABSZzox2GBO3hoqtnUXjsK3 +Qxh+4O5EmIXX4v8szdSBP14O2c5krAk4lbVWxLHE78NAc8dL94VORndyTcmaXUTn +FQeBaRJjXto3okPvwYlczPS9sq0AhuBh5hwsLOYwpLf6/loPLjl40iwPQ+iqQ1EV +m0Sac3o+0qI0cKiz4nXgd4NkFvV3G8lwd0Um8KSS/EFuZbgJNKKD6+1+90sibM4a +Y/JiO6weK/VTlqCLn7zV9LcDT4gU18UCn85UV1XlVYKXZlaXYQ== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-ecdsa-key.pem b/deps/openssl/openssl/test/certs/server-ecdsa-key.pem new file mode 100644 index 0000000000..b4d075db13 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ecdsa-key.pem @@ -0,0 +1,5 @@ +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgTI5Nzy/YCNpEuATr +6jFtuZA5Vs15zbXOJU5EXl+JAe6hRANCAATiOzTcROPN7SciCk+ijkDOWZX64oId +dgRHB8Z86bnYFR2AOGi+Q+SbpWBhcy9C0OUOeRqQrm9Vdo/gIcgTCj0K +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/server-ed25519-cert.pem b/deps/openssl/openssl/test/certs/server-ed25519-cert.pem new file mode 100644 index 0000000000..729ccfbd06 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ed25519-cert.pem @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAQWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE3MDYxNDIzMzExOVoYDzIxMTcwNjE1MjMzMTE5WjASMRAwDgYDVQQD +DAdFZDI1NTE5MCowBQYDK2VwAyEACkEMj+SRLjZSth3SIrG013cyYVN9frrVnfbN +M2IqaT6jdjB0MB0GA1UdDgQWBBQqd22ipNHF0d+yJjFDgI/Jruq3rjAfBgNVHSME +GDAWgBRwfy6ug2hZmAQjKs3rPhfNJN0BSTAJBgNVHRMEAjAAMBMGA1UdJQQMMAoG +CCsGAQUFBwMBMBIGA1UdEQQLMAmCB0VkMjU1MTkwDQYJKoZIhvcNAQELBQADggEB +AIdNMPRa2sgUW/qtCBWxmi0iVRoazl5pjU35cRl/ahBpI4pL5+fDVYuBzSOgEh7W +6FUVix9mGvY9CK3ZkqrXCGRKeWnKrmdql5jrra5Qew43B+aZqa63639TGWqtm7Rk +rWT14P7gma4K9Ea8eiXcT5NJ8sT7D2BOL0sL2alUmRT+k3YDUxiih7AiTkpo7f2Q +x5l9f8qoRb6Skec+kuMQ4hIjBIe/3C+j4nqq9kDkJs8+VEaW7+7shSQzv0tnzBOl +v5ty89x7LYAbGKvZNi8Z3814AWBWbYTskF0kW2/f6aZDpt239llYDazdErU1dEsS +cc1gKHOG3zgz9wfih55M0dE= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-ed25519-key.pem b/deps/openssl/openssl/test/certs/server-ed25519-key.pem new file mode 100644 index 0000000000..f9f150e054 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ed25519-key.pem @@ -0,0 +1,3 @@ +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEINa5/E1IzuSLg1rwoHxl1VV7BdcnmMeul9pvsvzKorjm +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/server-ed448-cert.pem b/deps/openssl/openssl/test/certs/server-ed448-cert.pem new file mode 100644 index 0000000000..740f275549 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ed448-cert.pem @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICHTCCAQWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE4MDIyNzE1MDcxM1oYDzIxMTgwMjI4MTUwNzEzWjAQMQ4wDAYDVQQD +DAVFZDQ0ODBDMAUGAytlcQM6ABBicYlhG1s3AoG5BFmY3r50lJzjQoER4zwuieEe +QTvKxLEV06vGh79UWO6yQ5FxqmxvM1F/Xw7RAKNfMF0wHQYDVR0OBBYEFAwa1L4m +3pwA8+IEJ7K/4izrjJIHMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJ +MAkGA1UdEwQCMAAwEAYDVR0RBAkwB4IFRWQ0NDgwDQYJKoZIhvcNAQELBQADggEB +AAugH2aE6VvArnOVjKBtalqtHlx+NCC3+S65sdWc9A9sNgI1ZiN7dn76TKn5d0T7 +NqV8nY1rwQg6WPGrCD6Eh63qhotytqYIxltppb4MOUJcz/Zf0ZwhB5bUfwNB//Ih +5aZT86FpXVuyMnwUTWPcISJqpZiBv95yzZFMpniHFvecvV445ly4TFW5y6VURh40 +Tg4tMgjPTE7ADw+dX4FvnTWY3blxT1GzGxGvqWW4HgP8dOETnjmAwCzN0nUVmH9s +7ybHORcSljcpe0XH6L/K7mbI+r8mVLsAoIzUeDwUdKKJZ2uGEtdhQDmJBp4EjOXE +3qIn3wEQQ6ax4NIwkZihdLI= +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-ed448-key.pem b/deps/openssl/openssl/test/certs/server-ed448-key.pem new file mode 100644 index 0000000000..25a750fec8 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-ed448-key.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOTiHqANC9pFHbs8VAeqZ52cwKi0jPTSM5GjsKW4vbgG6 +BMFSdURqGj2FD02H7xsyrR20pIXI1GbE+A== +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/server-pss-cert.pem b/deps/openssl/openssl/test/certs/server-pss-cert.pem new file mode 100644 index 0000000000..5777c4d296 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-pss-cert.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDGzCCAgOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290 +IENBMCAXDTE3MDkxNDEyNTg0MVoYDzIxMTcwOTE1MTI1ODQxWjAVMRMwEQYDVQQD +DApSU0FTU0EtUFNTMIIBIDALBgkqhkiG9w0BAQoDggEPADCCAQoCggEBAJzIk36B +urRLuRWsMHUzcmoNDYEZw4VMN0ZNVGUYj7RJtCP6wKBcQEkHu667J3XGxUm3RHT8 +EBv2R+XKcVX+VOc8SSb5+k1/QCHXF1qamNFan7wtYjgbAXiA0/Wg9ydlhfwj5gp4 +n5168Lc/DnkFBdyMSylNOESUvtKyu811l+ecakeidUbUnLGF2XbqyK1WKp18t1n1 +rJYi/+oMm8xoJPMtWjoC2zit3wT1k8+9lClxWZFhLmDFy0lmT8FAVvMOk4Y/E+2e +Q0sRrV+REsfyFEoytmoGKlwO9z2gK5n3WaJx+Y15EykMG6CsjBp84iCiFkd6LOND +nXQBBLAvmg1Ci8UCAwEAAaN5MHcwHQYDVR0OBBYEFG+1oaEnl3Bs6E2vHFdWwUY0 +qdlhMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1UdEwQCMAAw +EwYDVR0lBAwwCgYIKwYBBQUHAwEwFQYDVR0RBA4wDIIKUlNBU1NBLVBTUzANBgkq +hkiG9w0BAQsFAAOCAQEAh1MrKKwdpsjT7Q+gfyAXQRgwBz15m08eZip7rznzieE0 ++PuXaGQT9jOEmSKTtEHd07mJ0YMijdGvItrZaodUV0rscdCFd4lUe4uctirjVMIU +OKALZ7HsobWvKWnob2GRQJ/vTB7plUeclFhX1FskiG7kh50cMeeL2Oy7Oy4csf7e +2ab5q1dYri1Yk7HSi/XXGwomvWz8jGqUS9UGJrQQENrogg5Ue315u32lbR+N7gTB +7w3KirvpP+wzJgiTqMJ9BuGo8vSoXA3qrmBaYS/FQ7x4gQ86Jb0oLRuTiyniWC/v +A4exY19iM/j6/IQWM4IY7iuNAU3DMGdXOHkuxryizA== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/certs/server-pss-key.pem b/deps/openssl/openssl/test/certs/server-pss-key.pem new file mode 100644 index 0000000000..6b2d8cc7a2 --- /dev/null +++ b/deps/openssl/openssl/test/certs/server-pss-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADALBgkqhkiG9w0BAQoEggSoMIIEpAIBAAKCAQEAnMiTfoG6tEu5Faww +dTNyag0NgRnDhUw3Rk1UZRiPtEm0I/rAoFxASQe7rrsndcbFSbdEdPwQG/ZH5cpx +Vf5U5zxJJvn6TX9AIdcXWpqY0VqfvC1iOBsBeIDT9aD3J2WF/CPmCnifnXrwtz8O +eQUF3IxLKU04RJS+0rK7zXWX55xqR6J1RtScsYXZdurIrVYqnXy3WfWsliL/6gyb +zGgk8y1aOgLbOK3fBPWTz72UKXFZkWEuYMXLSWZPwUBW8w6Thj8T7Z5DSxGtX5ES +x/IUSjK2agYqXA73PaArmfdZonH5jXkTKQwboKyMGnziIKIWR3os40OddAEEsC+a +DUKLxQIDAQABAoIBAAGf1l9eKrgJfM5rrUjZkprkrbojsTHlW0FANdqiSYLdrJ8e +zvYaXpQjH1+tEriWqZ6c5nmrzuLrR01rLodsjiajKkLcHirFYb24A8btiR3KKZOC +iNz58qbz9r45v7XJyHyXRp/fJhA0oN/VKGo6khf54CF6alXTkLKQJX/4cu10XkJd +lknXMiQsGBzt7WezRzqzbJsMSjhSPBowmapDRYqALIlINY96f3QUALiKh0WwkbEB +MU71Hharv9+jwpu58NcGXHvNfqQYUU6QTXiOKTxt71VChO6lefazaTrCYan9Zpx/ +6rofVqkpZUebNI1gVa/FbzGaMhQYlMWEhvk+sZUCgYEAzftGwnoHbMoyXbw30bAJ +MMEvc892o2qJPPnHJMwKIHDVEnY026c/TO5FSGhKcv9CPKe6bcdA6CtPjSGA484z +ErLo9GfWigN4jVkn3eYKUKFn0+tQ4HKYoPZrBApQ9pm25/KpPSIsVJ6iuEN72CZU +MM1y8NgCF2IlAvi04org8e8CgYEAwtrufdryJHQ+o69fhCMfYe1mCCuGeaueIEfa +ccZUSfe1A7p5mqSjYTw4GW6E64uELUkVGkZpuVj3Qwr2BmCY7u4Hgp5Lg+WWVZt7 +qvHhDnb19ITL1nrXAKBr2XPlkUSnPJ+Dl20F8ErIb4zsnq7xH+AoDIZldh/wCflY +mW7mwYsCgYEAxKs8vocg+8B7IoCJk05PGBv8IMlfb1xTOMMMX5fpu1vANWZjxa4E +hIGj6SSaoP4T0jIbkKGE2agwxoHMvLWukhX80w8qCpCR0/PiWr4/7wiNSAwQJp2E +GXvuZecrsqjFuOU6rcIpLYphtynH33OJQyeGrWqxZH4y9IlevEb5zEUCgYEAudis +PVeVOdWxZNdAp7wEE5ekiEhTMzrPT4SYwYljHUVn3Y1+rFM5DOWtr/vsROhFghfB +S9U6wzAqbURIER8S3lgiy58E8WEJeM8aLZoTiINH5Ra/f+qbpBpdowJaQ6qSQ0z0 +6nluf5gkAdkMWfELQ9a8++03WmntvOWYbocLCi8CgYASTpxnjl62YY201mIkVAKC +b6XK+RQS2ZohTintLqzePwKR3XJrlwAz9smyMqUTFklkmrc6XQABVfnpZOnOZEdV +kzsvLmQin9a9Mr6n1WYz9YQDuS2wY0NAbCzy61YYXO9IdNyQTWolWLmyzwpUXP/D +T28vNzPfGv4WW1OjDtFmQg== +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/setup.sh b/deps/openssl/openssl/test/certs/setup.sh index 018e5fc690..53d4a807a7 100755 --- a/deps/openssl/openssl/test/certs/setup.sh +++ b/deps/openssl/openssl/test/certs/setup.sh @@ -357,3 +357,15 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \ "DNS.1 = www.ok.good.com" "DNS.2 = bad.ok.good.com" \ "email.1 = good@good.org" "email.2 = any@good.com" \ "IP = 127.0.0.1" "IP = 192.168.0.1" + +# RSA-PSS signatures +# SHA1 +./mkcert.sh genee PSS-SHA1 ee-key ee-pss-sha1-cert ca-key ca-cert \ + -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest +# SHA256 +./mkcert.sh genee PSS-SHA256 ee-key ee-pss-sha256-cert ca-key ca-cert \ + -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest + +OPENSSL_KEYALG=ec OPENSSL_KEYBITS=brainpoolP256r1 ./mkcert.sh genee \ + "Server ECDSA brainpoolP256r1 cert" server-ecdsa-brainpoolP256r1-key \ + server-ecdsa-brainpoolP256r1-cert rootkey rootcert diff --git a/deps/openssl/openssl/test/certs/x509-check-key.pem b/deps/openssl/openssl/test/certs/x509-check-key.pem new file mode 100644 index 0000000000..20888d0437 --- /dev/null +++ b/deps/openssl/openssl/test/certs/x509-check-key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCd6jpgFiM/ZW6d +CJlEIxmKk7rH7MRL93wW32o5duTwtT1cs/y+ylfey0l5tYBzGMxjUPNeYGTBqiuz +6ueVyMvbe3wymXPp+zzoaq3if3Jycb+1gurSyiQpF6T1PLmfJDgQQT0XnI7qRwHI +5FJTvKM9mpv3iKohBseT/a8yfdk27zFYrSMZjfaqZc+0a18bHi/SgNN36Lj+vnPc +s2DzS8ymBJ10Zq6icy6xL30sHDKPOKKrD8+EJ6suUm5CpLL4N6jPOmk9Dj7XQv2Y +woX2S0Ys6dFpHuGBJ1NngBW/0Zm9oseDOxxqplPGIYa8nN7BIrTwAJEhkmKTEi9P +8APIi6DVAgMBAAECggEAMWkKnuoOWVXJiIUaP8GjykJzHP8uZH6paxa4zAYxmEd9 +TbZbjO8PE30UHmr2KA1IVoMLwynyHM68Ie2MTMepUaGPuN1e8YVVB3vpsIckLj79 +NzQheZcaPWlSihFYGz1f9WYUUYEBDrjtDAi04dKSWUI5LviqEu9mHx4vZWMPRiqP +mrtp3CH34ViJL4v4TtvEeuOvLf4mYpfWe1Il7U2eYSqcxO0lCwk7nd/JCzpPWA7C +TQZSTtp5AQ4OT7LPFZIgs/87Qi8fuEEvN+6rt07r0j6/gPOVa2xoj4a7MJYsxi9O +s1xA8Q+xjUEnjHth1MLCrmHYbJuWptIqgPTkVvB2OQKBgQDSAywBvs7PDdt+BLTc +6J4g/gOL/17ATysmhUGJ6VxrNulViLtiFeyf3p4vj/fSa2y4ZnP/hHovzfces1Bd +6YXtPGIuRNOnVdlYx2Y/OGrw0baxRAIW8D6Z4ms1n8hesGssteKZeaT4ojIPpJS1 +c1UtextX5OBLYaiFxwTb1Q6bAwKBgQDAfpbrlBN4936glc5uFmKNvFfNB8P30+Bk +DFtth5TMsCL406aUlIl4lkBrXAgUTndRai2cWYD9ffsXQmm+yx1q5kO6akeAaueq +WMo3ViZnxK8Fe4oF4M9OoaEQRcVmV5jFMKH9S268B8/x96lNh/i7M58nB5AeNDlV +AMyHW2vhRwKBgAxduXKk3KKei0UhW9ECNYV1z5mnwNmMD9tlz1Uik5mQky7BLV96 +MQO85Q2h6ZLPVoiJJ91s3JECDMIXBu1wub0daB6XWOsqh/DNVPz2An4JqztG6OSW +4ujGx09SCEdjFfx8/UnSOt+VFWOMamFA2EwkSpjjVj26E2VFMckMA58nAoGADabs +vTh7SREEgg8d3ODpjHPXJktuspzsRSw7L8F15C55zHv2TINcXJkLaJHWYNpPzA5j +vbr7Uv8kV7n2FfoB1BsQop/3AjySwZoafWI2xxVD9HeWimQvT7xW1/iaz29W/mU8 +l+JJsDw9m0OdVkpWcbBvkS0QI5RAnK650r/BHvECgYB6s9Qp5osOCdtPli7MYyD6 +mw+61DSgThUgKa7j96NG2ToYeNWTdf2Fd4Xa7s6MWryaGY+IMSRga24CM+WvaaAL +iGZLY8dfpM/yDr0pva4WF66ARajDhNx1wvOBQJpHnldX0G4gYczIsIWgUhzo4eH8 +37OzKradFq+avGmtCBeV8A== +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/certs/x509-check.csr b/deps/openssl/openssl/test/certs/x509-check.csr new file mode 100644 index 0000000000..179d05a0ad --- /dev/null +++ b/deps/openssl/openssl/test/certs/x509-check.csr @@ -0,0 +1,15 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIICXzCCAUcCAQAwGjEYMBYGA1UEAwwPeDUwOS1jaGVjay10ZXN0MIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneo6YBYjP2VunQiZRCMZipO6x+zES/d8 +Ft9qOXbk8LU9XLP8vspX3stJebWAcxjMY1DzXmBkwaors+rnlcjL23t8Mplz6fs8 +6Gqt4n9ycnG/tYLq0sokKRek9Ty5nyQ4EEE9F5yO6kcByORSU7yjPZqb94iqIQbH +k/2vMn3ZNu8xWK0jGY32qmXPtGtfGx4v0oDTd+i4/r5z3LNg80vMpgSddGauonMu +sS99LBwyjziiqw/PhCerLlJuQqSy+DeozzppPQ4+10L9mMKF9ktGLOnRaR7hgSdT +Z4AVv9GZvaLHgzscaqZTxiGGvJzewSK08ACRIZJikxIvT/ADyIug1QIDAQABoAAw +DQYJKoZIhvcNAQELBQADggEBABN+XkwFoyyN1+b5SYhUzdQFj0ZfhzNxiMXOFR/n +ww0gW7KCAhZd90aPBtQjEORzsCUX2xhllglXaojw+wOaEMaJDMDzojJelan1TEWJ +Vyvklj8OBoH25ur5Y8iWrnMivkb4hU1Mrd4QxF697FVVTniwVyUy8Xfn6D44vEII +gyCUk/jCD6MAD6/hBaexetqrbUQyVrtPewYgXrJokRDGDzFlG3jcXvl3CV2iib2X +hAbiaAJmlgZwIMeu/60YgJoIWwilG7dYq9hvcpyfQhYXa9BbOz62WRsLvT0Ewue9 +81kzAkwhfvGauPh/yjP+6K5HY09KdOtg30xtwUtT4IU5yHQ= +-----END CERTIFICATE REQUEST----- diff --git a/deps/openssl/openssl/test/cipherlist_test.c b/deps/openssl/openssl/test/cipherlist_test.c index d6556e0537..5023c1c487 100644 --- a/deps/openssl/openssl/test/cipherlist_test.c +++ b/deps/openssl/openssl/test/cipherlist_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL licenses, (the "License"); * you may not use this file except in compliance with the License. @@ -9,6 +9,7 @@ */ #include <stdio.h> +#include <string.h> #include <openssl/opensslconf.h> #include <openssl/err.h> @@ -17,7 +18,7 @@ #include <openssl/ssl3.h> #include <openssl/tls1.h> -#include "e_os.h" +#include "internal/nelem.h" #include "testutil.h" typedef struct cipherlist_test_fixture { @@ -27,13 +28,28 @@ typedef struct cipherlist_test_fixture { } CIPHERLIST_TEST_FIXTURE; -static CIPHERLIST_TEST_FIXTURE set_up(const char *const test_case_name) +static void tear_down(CIPHERLIST_TEST_FIXTURE *fixture) { - CIPHERLIST_TEST_FIXTURE fixture; - fixture.test_case_name = test_case_name; - fixture.server = SSL_CTX_new(TLS_server_method()); - fixture.client = SSL_CTX_new(TLS_client_method()); - OPENSSL_assert(fixture.client != NULL && fixture.server != NULL); + if (fixture != NULL) { + SSL_CTX_free(fixture->server); + SSL_CTX_free(fixture->client); + fixture->server = fixture->client = NULL; + OPENSSL_free(fixture); + } +} + +static CIPHERLIST_TEST_FIXTURE *set_up(const char *const test_case_name) +{ + CIPHERLIST_TEST_FIXTURE *fixture; + + if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) + return NULL; + fixture->test_case_name = test_case_name; + if (!TEST_ptr(fixture->server = SSL_CTX_new(TLS_server_method())) + || !TEST_ptr(fixture->client = SSL_CTX_new(TLS_client_method()))) { + tear_down(fixture); + return NULL; + } return fixture; } @@ -47,6 +63,13 @@ static CIPHERLIST_TEST_FIXTURE set_up(const char *const test_case_name) * are currently broken and should be considered mission impossible in libssl. */ static const uint32_t default_ciphers_in_order[] = { +#ifndef OPENSSL_NO_TLS1_3 + TLS1_3_CK_AES_256_GCM_SHA384, +# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) + TLS1_3_CK_CHACHA20_POLY1305_SHA256, +# endif + TLS1_3_CK_AES_128_GCM_SHA256, +#endif #ifndef OPENSSL_NO_TLS1_2 # ifndef OPENSSL_NO_EC TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, @@ -56,7 +79,7 @@ static const uint32_t default_ciphers_in_order[] = { TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384, # endif -# if !defined OPENSSL_NO_CHACHA && !defined OPENSSL_NO_POLY1305 +# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) # ifndef OPENSSL_NO_EC TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305, @@ -89,58 +112,63 @@ static const uint32_t default_ciphers_in_order[] = { # endif #endif /* !OPENSSL_NO_TLS1_2 */ -#ifndef OPENSSL_NO_EC +#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) + /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ +# ifndef OPENSSL_NO_EC TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA, -#endif -#ifndef OPENSSL_NO_DH +# endif + #ifndef OPENSSL_NO_DH TLS1_CK_DHE_RSA_WITH_AES_256_SHA, -#endif -#ifndef OPENSSL_NO_EC +# endif +# ifndef OPENSSL_NO_EC TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA, -#endif -#ifndef OPENSSL_NO_DH +# endif +# ifndef OPENSSL_NO_DH TLS1_CK_DHE_RSA_WITH_AES_128_SHA, -#endif +# endif +#endif /* !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) */ #ifndef OPENSSL_NO_TLS1_2 TLS1_CK_RSA_WITH_AES_256_GCM_SHA384, TLS1_CK_RSA_WITH_AES_128_GCM_SHA256, +#endif +#ifndef OPENSSL_NO_TLS1_2 TLS1_CK_RSA_WITH_AES_256_SHA256, TLS1_CK_RSA_WITH_AES_128_SHA256, #endif - +#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) + /* These won't be usable if TLSv1.3 is available but TLSv1.2 isn't */ TLS1_CK_RSA_WITH_AES_256_SHA, TLS1_CK_RSA_WITH_AES_128_SHA, +#endif }; static int test_default_cipherlist(SSL_CTX *ctx) { - STACK_OF(SSL_CIPHER) *ciphers; - SSL *ssl; + STACK_OF(SSL_CIPHER) *ciphers = NULL; + SSL *ssl = NULL; int i, ret = 0, num_expected_ciphers, num_ciphers; uint32_t expected_cipher_id, cipher_id; - ssl = SSL_new(ctx); - OPENSSL_assert(ssl != NULL); + if (ctx == NULL) + return 0; + + if (!TEST_ptr(ssl = SSL_new(ctx)) + || !TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))) + goto err; - ciphers = SSL_get1_supported_ciphers(ssl); - OPENSSL_assert(ciphers != NULL); num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order); num_ciphers = sk_SSL_CIPHER_num(ciphers); - if (num_ciphers != num_expected_ciphers) { - fprintf(stderr, "Expected %d supported ciphers, got %d.\n", - num_expected_ciphers, num_ciphers); + if (!TEST_int_eq(num_ciphers, num_expected_ciphers)) goto err; - } for (i = 0; i < num_ciphers; i++) { expected_cipher_id = default_ciphers_in_order[i]; cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i)); - if (cipher_id != expected_cipher_id) { - fprintf(stderr, "Wrong cipher at position %d: expected %x, " - "got %x\n", i, expected_cipher_id, cipher_id); + if (!TEST_int_eq(cipher_id, expected_cipher_id)) { + TEST_info("Wrong cipher at position %d", i); goto err; } } @@ -153,17 +181,11 @@ static int test_default_cipherlist(SSL_CTX *ctx) return ret; } -static int execute_test(CIPHERLIST_TEST_FIXTURE fixture) +static int execute_test(CIPHERLIST_TEST_FIXTURE *fixture) { - return test_default_cipherlist(fixture.server) - && test_default_cipherlist(fixture.client); -} - -static void tear_down(CIPHERLIST_TEST_FIXTURE fixture) -{ - SSL_CTX_free(fixture.server); - SSL_CTX_free(fixture.client); - ERR_print_errors_fp(stderr); + return fixture != NULL + && test_default_cipherlist(fixture->server) + && test_default_cipherlist(fixture->client); } #define SETUP_CIPHERLIST_TEST_FIXTURE() \ @@ -172,28 +194,30 @@ static void tear_down(CIPHERLIST_TEST_FIXTURE fixture) #define EXECUTE_CIPHERLIST_TEST() \ EXECUTE_TEST(execute_test, tear_down) -static int test_default_cipherlist_implicit() +static int test_default_cipherlist_implicit(void) { SETUP_CIPHERLIST_TEST_FIXTURE(); + if (fixture == NULL) + return 0; EXECUTE_CIPHERLIST_TEST(); + return result; } -static int test_default_cipherlist_explicit() +static int test_default_cipherlist_explicit(void) { SETUP_CIPHERLIST_TEST_FIXTURE(); - OPENSSL_assert(SSL_CTX_set_cipher_list(fixture.server, "DEFAULT")); - OPENSSL_assert(SSL_CTX_set_cipher_list(fixture.client, "DEFAULT")); + if (fixture == NULL) + return 0; + if (!TEST_true(SSL_CTX_set_cipher_list(fixture->server, "DEFAULT")) + || !TEST_true(SSL_CTX_set_cipher_list(fixture->client, "DEFAULT"))) + tear_down(fixture); EXECUTE_CIPHERLIST_TEST(); + return result; } -int main(int argc, char **argv) +int setup_tests(void) { - int result = 0; - ADD_TEST(test_default_cipherlist_implicit); ADD_TEST(test_default_cipherlist_explicit); - - result = run_tests(argv[0]); - - return result; + return 1; } diff --git a/deps/openssl/openssl/test/clienthellotest.c b/deps/openssl/openssl/test/clienthellotest.c index 38a7637586..10e3b1b1b1 100644 --- a/deps/openssl/openssl/test/clienthellotest.c +++ b/deps/openssl/openssl/test/clienthellotest.c @@ -15,133 +15,236 @@ #include <openssl/evp.h> #include <openssl/ssl.h> #include <openssl/err.h> +#include <time.h> #include "../ssl/packet_locl.h" -#define CLIENT_VERSION_LEN 2 +#include "testutil.h" +#define CLIENT_VERSION_LEN 2 -#define TOTAL_NUM_TESTS 1 +#define TOTAL_NUM_TESTS 4 /* * Test that explicitly setting ticket data results in it appearing in the * ClientHello for a negotiated SSL/TLS version */ #define TEST_SET_SESSION_TICK_DATA_VER_NEG 0 +/* Enable padding and make sure ClientHello is long enough to require it */ +#define TEST_ADD_PADDING 1 +/* Enable padding and make sure ClientHello is short enough to not need it */ +#define TEST_PADDING_NOT_NEEDED 2 +/* + * Enable padding and add a PSK to the ClientHello (this will also ensure the + * ClientHello is long enough to need padding) + */ +#define TEST_ADD_PADDING_AND_PSK 3 + +#define F5_WORKAROUND_MIN_MSG_LEN 0x7f +#define F5_WORKAROUND_MAX_MSG_LEN 0x200 -int main(int argc, char *argv[]) +static const char *sessionfile = NULL; +/* Dummy ALPN protocols used to pad out the size of the ClientHello */ +static const char alpn_prots[] = + "0123456789012345678901234567890123456789012345678901234567890123456789" + "0123456789012345678901234567890123456789012345678901234567890123456789" + "01234567890123456789"; + +static int test_client_hello(int currtest) { - SSL_CTX *ctx = NULL; + SSL_CTX *ctx; SSL *con = NULL; BIO *rbio; BIO *wbio; - BIO *err; long len; unsigned char *data; - PACKET pkt, pkt2, pkt3; + PACKET pkt = {0}, pkt2 = {0}, pkt3 = {0}; char *dummytick = "Hello World!"; - unsigned int type; + unsigned int type = 0; int testresult = 0; - int currtest = 0; - - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); + size_t msglen; + BIO *sessbio = NULL; + SSL_SESSION *sess = NULL; - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); +#ifdef OPENSSL_NO_TLS1_3 + if (currtest == TEST_ADD_PADDING_AND_PSK) + return 1; +#endif /* * For each test set up an SSL_CTX and SSL and see what ClientHello gets * produced when we try to connect */ - for (; currtest < TOTAL_NUM_TESTS; currtest++) { - testresult = 0; - ctx = SSL_CTX_new(TLS_method()); - if (!SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION)) + ctx = SSL_CTX_new(TLS_method()); + if (!TEST_ptr(ctx)) + goto end; + if (!TEST_true(SSL_CTX_set_max_proto_version(ctx, TLS_MAX_VERSION))) + goto end; + + switch(currtest) { + case TEST_SET_SESSION_TICK_DATA_VER_NEG: +#if !defined(OPENSSL_NO_TLS1_3) && defined(OPENSSL_NO_TLS1_2) + /* TLSv1.3 is enabled and TLSv1.2 is disabled so can't do this test */ + return 1; +#else + /* Testing for session tickets <= TLS1.2; not relevant for 1.3 */ + if (!TEST_true(SSL_CTX_set_max_proto_version(ctx, TLS1_2_VERSION))) goto end; - con = SSL_new(ctx); - - rbio = BIO_new(BIO_s_mem()); - wbio = BIO_new(BIO_s_mem()); - SSL_set_bio(con, rbio, wbio); - SSL_set_connect_state(con); - - if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) { - if (!SSL_set_session_ticket_ext(con, dummytick, strlen(dummytick))) +#endif + break; + + case TEST_ADD_PADDING_AND_PSK: + /* + * In this case we're doing TLSv1.3 and we're sending a PSK so the + * ClientHello is already going to be quite long. To avoid getting one + * that is too long for this test we use a restricted ciphersuite list + */ + if (!TEST_true(SSL_CTX_set_cipher_list(ctx, ""))) + goto end; + /* Fall through */ + case TEST_ADD_PADDING: + case TEST_PADDING_NOT_NEEDED: + SSL_CTX_set_options(ctx, SSL_OP_TLSEXT_PADDING); + /* Make sure we get a consistent size across TLS versions */ + SSL_CTX_clear_options(ctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); + /* + * Add some dummy ALPN protocols so that the ClientHello is at least + * F5_WORKAROUND_MIN_MSG_LEN bytes long - meaning padding will be + * needed. + */ + if (currtest == TEST_ADD_PADDING) { + if (!TEST_false(SSL_CTX_set_alpn_protos(ctx, + (unsigned char *)alpn_prots, + sizeof(alpn_prots) - 1))) goto end; - } - - if (SSL_connect(con) > 0) { - /* This shouldn't succeed because we don't have a server! */ + /* + * Otherwise we need to make sure we have a small enough message to + * not need padding. + */ + } else if (!TEST_true(SSL_CTX_set_cipher_list(ctx, + "AES128-SHA")) + || !TEST_true(SSL_CTX_set_ciphersuites(ctx, + "TLS_AES_128_GCM_SHA256"))) { goto end; } + break; - len = BIO_get_mem_data(wbio, (char **)&data); - if (!PACKET_buf_init(&pkt, data, len)) - goto end; + default: + goto end; + } - /* Skip the record header */ - if (!PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH)) - goto end; + con = SSL_new(ctx); + if (!TEST_ptr(con)) + goto end; - /* Skip the handshake message header */ - if (!PACKET_forward(&pkt, SSL3_HM_HEADER_LENGTH)) + if (currtest == TEST_ADD_PADDING_AND_PSK) { + sessbio = BIO_new_file(sessionfile, "r"); + if (!TEST_ptr(sessbio)) { + TEST_info("Unable to open session.pem"); goto end; - - /* Skip client version and random */ - if (!PACKET_forward(&pkt, CLIENT_VERSION_LEN + SSL3_RANDOM_SIZE)) + } + sess = PEM_read_bio_SSL_SESSION(sessbio, NULL, NULL, NULL); + if (!TEST_ptr(sess)) { + TEST_info("Unable to load SSL_SESSION"); goto end; - - /* Skip session id */ - if (!PACKET_get_length_prefixed_1(&pkt, &pkt2)) + } + /* + * We reset the creation time so that we don't discard the session as + * too old. + */ + if (!TEST_true(SSL_SESSION_set_time(sess, (long)time(NULL))) + || !TEST_true(SSL_set_session(con, sess))) goto end; + } - /* Skip ciphers */ - if (!PACKET_get_length_prefixed_2(&pkt, &pkt2)) - goto end; + rbio = BIO_new(BIO_s_mem()); + wbio = BIO_new(BIO_s_mem()); + if (!TEST_ptr(rbio)|| !TEST_ptr(wbio)) { + BIO_free(rbio); + BIO_free(wbio); + goto end; + } - /* Skip compression */ - if (!PACKET_get_length_prefixed_1(&pkt, &pkt2)) - goto end; + SSL_set_bio(con, rbio, wbio); + SSL_set_connect_state(con); - /* Extensions len */ - if (!PACKET_as_length_prefixed_2(&pkt, &pkt2)) + if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) { + if (!TEST_true(SSL_set_session_ticket_ext(con, dummytick, + strlen(dummytick)))) goto end; + } - /* Loop through all extensions */ - while (PACKET_remaining(&pkt2)) { + if (!TEST_int_le(SSL_connect(con), 0)) { + /* This shouldn't succeed because we don't have a server! */ + goto end; + } - if (!PACKET_get_net_2(&pkt2, &type) || - !PACKET_get_length_prefixed_2(&pkt2, &pkt3)) - goto end; + len = BIO_get_mem_data(wbio, (char **)&data); + if (!TEST_true(PACKET_buf_init(&pkt, data, len)) + /* Skip the record header */ + || !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH)) + goto end; + + msglen = PACKET_remaining(&pkt); + + /* Skip the handshake message header */ + if (!TEST_true(PACKET_forward(&pkt, SSL3_HM_HEADER_LENGTH)) + /* Skip client version and random */ + || !TEST_true(PACKET_forward(&pkt, CLIENT_VERSION_LEN + + SSL3_RANDOM_SIZE)) + /* Skip session id */ + || !TEST_true(PACKET_get_length_prefixed_1(&pkt, &pkt2)) + /* Skip ciphers */ + || !TEST_true(PACKET_get_length_prefixed_2(&pkt, &pkt2)) + /* Skip compression */ + || !TEST_true(PACKET_get_length_prefixed_1(&pkt, &pkt2)) + /* Extensions len */ + || !TEST_true(PACKET_as_length_prefixed_2(&pkt, &pkt2))) + goto end; + + /* Loop through all extensions */ + while (PACKET_remaining(&pkt2)) { + + if (!TEST_true(PACKET_get_net_2(&pkt2, &type)) + || !TEST_true(PACKET_get_length_prefixed_2(&pkt2, &pkt3))) + goto end; - if (type == TLSEXT_TYPE_session_ticket) { - if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) { - if (PACKET_equal(&pkt3, dummytick, strlen(dummytick))) { - /* Ticket data is as we expected */ - testresult = 1; - } else { - printf("Received session ticket is not as expected\n"); - } - break; + if (type == TLSEXT_TYPE_session_ticket) { + if (currtest == TEST_SET_SESSION_TICK_DATA_VER_NEG) { + if (TEST_true(PACKET_equal(&pkt3, dummytick, + strlen(dummytick)))) { + /* Ticket data is as we expected */ + testresult = 1; } + goto end; } - } - - end: - SSL_free(con); - SSL_CTX_free(ctx); - if (!testresult) { - printf("ClientHello test: FAILED (Test %d)\n", currtest); - break; + if (type == TLSEXT_TYPE_padding) { + if (!TEST_false(currtest == TEST_PADDING_NOT_NEEDED)) + goto end; + else if (TEST_true(currtest == TEST_ADD_PADDING + || currtest == TEST_ADD_PADDING_AND_PSK)) + testresult = TEST_true(msglen == F5_WORKAROUND_MAX_MSG_LEN); } } -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 0; -#endif - BIO_free(err); + if (currtest == TEST_PADDING_NOT_NEEDED) + testresult = 1; + +end: + SSL_free(con); + SSL_CTX_free(ctx); + SSL_SESSION_free(sess); + BIO_free(sessbio); + + return testresult; +} + +int setup_tests(void) +{ + if (!TEST_ptr(sessionfile = test_get_argument(0))) + return 0; - return testresult?0:1; + ADD_ALL_TESTS(test_client_hello, TOTAL_NUM_TESTS); + return 1; } diff --git a/deps/openssl/openssl/test/constant_time_test.c b/deps/openssl/openssl/test/constant_time_test.c index 3ee6a81d46..e5e3e497c0 100644 --- a/deps/openssl/openssl/test/constant_time_test.c +++ b/deps/openssl/openssl/test/constant_time_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,33 +7,66 @@ * https://www.openssl.org/source/license.html */ -#include "internal/constant_time_locl.h" -#include "e_os.h" - -#include <limits.h> #include <stdio.h> #include <stdlib.h> +#include "internal/nelem.h" +#include "internal/constant_time_locl.h" +#include "testutil.h" +#include "internal/numbers.h" + static const unsigned int CONSTTIME_TRUE = (unsigned)(~0); static const unsigned int CONSTTIME_FALSE = 0; static const unsigned char CONSTTIME_TRUE_8 = 0xff; static const unsigned char CONSTTIME_FALSE_8 = 0; +static const size_t CONSTTIME_TRUE_S = ~((size_t)0); +static const size_t CONSTTIME_FALSE_S = 0; +static uint32_t CONSTTIME_TRUE_32 = (uint32_t)(~(uint32_t)0); +static uint32_t CONSTTIME_FALSE_32 = 0; +static uint64_t CONSTTIME_TRUE_64 = (uint64_t)(~(uint64_t)0); +static uint64_t CONSTTIME_FALSE_64 = 0; + +static unsigned int test_values[] = { + 0, 1, 1024, 12345, 32000, UINT_MAX / 2 - 1, + UINT_MAX / 2, UINT_MAX / 2 + 1, UINT_MAX - 1, + UINT_MAX +}; + +static unsigned char test_values_8[] = { + 0, 1, 2, 20, 32, 127, 128, 129, 255 +}; + +static int signed_test_values[] = { + 0, 1, -1, 1024, -1024, 12345, -12345, + 32000, -32000, INT_MAX, INT_MIN, INT_MAX - 1, + INT_MIN + 1 +}; + +static size_t test_values_s[] = { + 0, 1, 1024, 12345, 32000, SIZE_MAX / 2 - 1, + SIZE_MAX / 2, SIZE_MAX / 2 + 1, SIZE_MAX - 1, + SIZE_MAX +}; + +static uint32_t test_values_32[] = { + 0, 1, 1024, 12345, 32000, UINT32_MAX / 2, UINT32_MAX / 2 + 1, + UINT32_MAX - 1, UINT32_MAX +}; + +static uint64_t test_values_64[] = { + 0, 1, 1024, 12345, 32000, 32000000, 32000000001, UINT64_MAX / 2, + UINT64_MAX / 2 + 1, UINT64_MAX - 1, UINT64_MAX +}; static int test_binary_op(unsigned int (*op) (unsigned int a, unsigned int b), const char *op_name, unsigned int a, unsigned int b, int is_true) { - unsigned c = op(a, b); - if (is_true && c != CONSTTIME_TRUE) { - fprintf(stderr, "Test failed for %s(%du, %du): expected %du " - "(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c); - return 1; - } else if (!is_true && c != CONSTTIME_FALSE) { - fprintf(stderr, "Test failed for %s(%du, %du): expected %du " - "(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE, c); - return 1; - } - return 0; + if (is_true && !TEST_uint_eq(op(a, b), CONSTTIME_TRUE)) + return 0; + if (!is_true && !TEST_uint_eq(op(a, b), CONSTTIME_FALSE)) + return 0; + return 1; } static int test_binary_op_8(unsigned @@ -41,228 +74,341 @@ static int test_binary_op_8(unsigned const char *op_name, unsigned int a, unsigned int b, int is_true) { - unsigned char c = op(a, b); - if (is_true && c != CONSTTIME_TRUE_8) { - fprintf(stderr, "Test failed for %s(%du, %du): expected %u " - "(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c); - return 1; - } else if (!is_true && c != CONSTTIME_FALSE_8) { - fprintf(stderr, "Test failed for %s(%du, %du): expected %u " - "(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8, c); - return 1; - } - return 0; + if (is_true && !TEST_uint_eq(op(a, b), CONSTTIME_TRUE_8)) + return 0; + if (!is_true && !TEST_uint_eq(op(a, b), CONSTTIME_FALSE_8)) + return 0; + return 1; } -static int test_is_zero(unsigned int a) +static int test_binary_op_s(size_t (*op) (size_t a, size_t b), + const char *op_name, size_t a, size_t b, + int is_true) { - unsigned int c = constant_time_is_zero(a); - if (a == 0 && c != CONSTTIME_TRUE) { - fprintf(stderr, "Test failed for constant_time_is_zero(%du): " - "expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c); - return 1; - } else if (a != 0 && c != CONSTTIME_FALSE) { - fprintf(stderr, "Test failed for constant_time_is_zero(%du): " - "expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE, c); - return 1; - } - return 0; + if (is_true && !TEST_size_t_eq(op(a,b), CONSTTIME_TRUE_S)) + return 0; + if (!is_true && !TEST_uint_eq(op(a,b), CONSTTIME_FALSE_S)) + return 0; + return 1; } -static int test_is_zero_8(unsigned int a) +static int test_binary_op_64(uint64_t (*op)(uint64_t a, uint64_t b), + const char *op_name, uint64_t a, uint64_t b, + int is_true) { - unsigned char c = constant_time_is_zero_8(a); - if (a == 0 && c != CONSTTIME_TRUE_8) { - fprintf(stderr, "Test failed for constant_time_is_zero(%du): " - "expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c); - return 1; - } else if (a != 0 && c != CONSTTIME_FALSE) { - fprintf(stderr, "Test failed for constant_time_is_zero(%du): " - "expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8, c); - return 1; + uint64_t c = op(a, b); + + if (is_true && c != CONSTTIME_TRUE_64) { + TEST_error("TRUE %s op failed", op_name); + BIO_printf(bio_err, "a=%jx b=%jx\n", a, b); + return 0; + } else if (!is_true && c != CONSTTIME_FALSE_64) { + TEST_error("FALSE %s op failed", op_name); + BIO_printf(bio_err, "a=%jx b=%jx\n", a, b); + return 0; } - return 0; + return 1; +} + +static int test_is_zero(int i) +{ + unsigned int a = test_values[i]; + + if (a == 0 && !TEST_uint_eq(constant_time_is_zero(a), CONSTTIME_TRUE)) + return 0; + if (a != 0 && !TEST_uint_eq(constant_time_is_zero(a), CONSTTIME_FALSE)) + return 0; + return 1; +} + +static int test_is_zero_8(int i) +{ + unsigned int a = test_values_8[i]; + + if (a == 0 && !TEST_uint_eq(constant_time_is_zero_8(a), CONSTTIME_TRUE_8)) + return 0; + if (a != 0 && !TEST_uint_eq(constant_time_is_zero_8(a), CONSTTIME_FALSE_8)) + return 0; + return 1; +} + +static int test_is_zero_32(int i) +{ + uint32_t a = test_values_32[i]; + + if (a == 0 && !TEST_true(constant_time_is_zero_32(a) == CONSTTIME_TRUE_32)) + return 0; + if (a != 0 && !TEST_true(constant_time_is_zero_32(a) == CONSTTIME_FALSE_32)) + return 0; + return 1; +} + +static int test_is_zero_s(int i) +{ + size_t a = test_values_s[i]; + + if (a == 0 && !TEST_size_t_eq(constant_time_is_zero_s(a), CONSTTIME_TRUE_S)) + return 0; + if (a != 0 && !TEST_uint_eq(constant_time_is_zero_s(a), CONSTTIME_FALSE_S)) + return 0; + return 1; } static int test_select(unsigned int a, unsigned int b) { - unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b); - if (selected != a) { - fprintf(stderr, "Test failed for constant_time_select(%du, %du," - "%du): expected %du(first value), got %du\n", - CONSTTIME_TRUE, a, b, a, selected); - return 1; - } - selected = constant_time_select(CONSTTIME_FALSE, a, b); - if (selected != b) { - fprintf(stderr, "Test failed for constant_time_select(%du, %du," - "%du): expected %du(second value), got %du\n", - CONSTTIME_FALSE, a, b, b, selected); - return 1; - } - return 0; + if (!TEST_uint_eq(constant_time_select(CONSTTIME_TRUE, a, b), a)) + return 0; + if (!TEST_uint_eq(constant_time_select(CONSTTIME_FALSE, a, b), b)) + return 0; + return 1; } static int test_select_8(unsigned char a, unsigned char b) { - unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b); + if (!TEST_uint_eq(constant_time_select_8(CONSTTIME_TRUE_8, a, b), a)) + return 0; + if (!TEST_uint_eq(constant_time_select_8(CONSTTIME_FALSE_8, a, b), b)) + return 0; + return 1; +} + +static int test_select_32(uint32_t a, uint32_t b) +{ + if (!TEST_true(constant_time_select_32(CONSTTIME_TRUE_32, a, b) == a)) + return 0; + if (!TEST_true(constant_time_select_32(CONSTTIME_FALSE_32, a, b) == b)) + return 0; + return 1; +} + +static int test_select_s(size_t a, size_t b) +{ + if (!TEST_uint_eq(constant_time_select_s(CONSTTIME_TRUE_S, a, b), a)) + return 0; + if (!TEST_uint_eq(constant_time_select_s(CONSTTIME_FALSE_S, a, b), b)) + return 0; + return 1; +} + +static int test_select_64(uint64_t a, uint64_t b) +{ + uint64_t selected = constant_time_select_64(CONSTTIME_TRUE_64, a, b); + if (selected != a) { - fprintf(stderr, "Test failed for constant_time_select(%u, %u," - "%u): expected %u(first value), got %u\n", - CONSTTIME_TRUE, a, b, a, selected); - return 1; + TEST_error("test_select_64 TRUE failed"); + BIO_printf(bio_err, "a=%jx b=%jx got %jx wanted a\n", a, b, selected); + return 0; } - selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b); + selected = constant_time_select_64(CONSTTIME_FALSE_64, a, b); if (selected != b) { - fprintf(stderr, "Test failed for constant_time_select(%u, %u," - "%u): expected %u(second value), got %u\n", - CONSTTIME_FALSE, a, b, b, selected); - return 1; + BIO_printf(bio_err, "a=%jx b=%jx got %jx wanted b\n", a, b, selected); + return 0; } - return 0; + return 1; } static int test_select_int(int a, int b) { - int selected = constant_time_select_int(CONSTTIME_TRUE, a, b); - if (selected != a) { - fprintf(stderr, "Test failed for constant_time_select(%du, %d," - "%d): expected %d(first value), got %d\n", - CONSTTIME_TRUE, a, b, a, selected); - return 1; - } - selected = constant_time_select_int(CONSTTIME_FALSE, a, b); - if (selected != b) { - fprintf(stderr, "Test failed for constant_time_select(%du, %d," - "%d): expected %d(second value), got %d\n", - CONSTTIME_FALSE, a, b, b, selected); - return 1; - } - return 0; + if (!TEST_int_eq(constant_time_select_int(CONSTTIME_TRUE, a, b), a)) + return 0; + if (!TEST_int_eq(constant_time_select_int(CONSTTIME_FALSE, a, b), b)) + return 0; + return 1; +} + +static int test_eq_int_8(int a, int b) +{ + if (a == b && !TEST_int_eq(constant_time_eq_int_8(a, b), CONSTTIME_TRUE_8)) + return 0; + if (a != b && !TEST_int_eq(constant_time_eq_int_8(a, b), CONSTTIME_FALSE_8)) + return 0; + return 1; +} + +static int test_eq_s(size_t a, size_t b) +{ + if (a == b && !TEST_size_t_eq(constant_time_eq_s(a, b), CONSTTIME_TRUE_S)) + return 0; + if (a != b && !TEST_int_eq(constant_time_eq_s(a, b), CONSTTIME_FALSE_S)) + return 0; + return 1; } static int test_eq_int(int a, int b) { - unsigned int equal = constant_time_eq_int(a, b); - if (a == b && equal != CONSTTIME_TRUE) { - fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): " - "expected %du(TRUE), got %du\n", a, b, CONSTTIME_TRUE, equal); - return 1; - } else if (a != b && equal != CONSTTIME_FALSE) { - fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): " - "expected %du(FALSE), got %du\n", - a, b, CONSTTIME_FALSE, equal); - return 1; + if (a == b && !TEST_uint_eq(constant_time_eq_int(a, b), CONSTTIME_TRUE)) + return 0; + if (a != b && !TEST_uint_eq(constant_time_eq_int(a, b), CONSTTIME_FALSE)) + return 0; + return 1; +} + +static int test_sizeofs(void) +{ + if (!TEST_uint_eq(OSSL_NELEM(test_values), OSSL_NELEM(test_values_s))) + return 0; + return 1; +} + +static int test_binops(int i) +{ + unsigned int a = test_values[i]; + int j; + int ret = 1; + + for (j = 0; j < (int)OSSL_NELEM(test_values); ++j) { + unsigned int b = test_values[j]; + + if (!test_select(a, b) + || !test_binary_op(&constant_time_lt, "ct_lt", + a, b, a < b) + || !test_binary_op(&constant_time_lt, "constant_time_lt", + b, a, b < a) + || !test_binary_op(&constant_time_ge, "constant_time_ge", + a, b, a >= b) + || !test_binary_op(&constant_time_ge, "constant_time_ge", + b, a, b >= a) + || !test_binary_op(&constant_time_eq, "constant_time_eq", + a, b, a == b) + || !test_binary_op(&constant_time_eq, "constant_time_eq", + b, a, b == a)) + ret = 0; } - return 0; + return ret; } -static int test_eq_int_8(int a, int b) +static int test_binops_8(int i) { - unsigned char equal = constant_time_eq_int_8(a, b); - if (a == b && equal != CONSTTIME_TRUE_8) { - fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): " - "expected %u(TRUE), got %u\n", a, b, CONSTTIME_TRUE_8, equal); - return 1; - } else if (a != b && equal != CONSTTIME_FALSE_8) { - fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): " - "expected %u(FALSE), got %u\n", - a, b, CONSTTIME_FALSE_8, equal); - return 1; + unsigned int a = test_values_8[i]; + int j; + int ret = 1; + + for (j = 0; j < (int)OSSL_NELEM(test_values_8); ++j) { + unsigned int b = test_values_8[j]; + + if (!test_binary_op_8(&constant_time_lt_8, "constant_time_lt_8", + a, b, a < b) + || !test_binary_op_8(&constant_time_lt_8, "constant_time_lt_8", + b, a, b < a) + || !test_binary_op_8(&constant_time_ge_8, "constant_time_ge_8", + a, b, a >= b) + || !test_binary_op_8(&constant_time_ge_8, "constant_time_ge_8", + b, a, b >= a) + || !test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", + a, b, a == b) + || !test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", + b, a, b == a)) + ret = 0; } - return 0; + return ret; } -static unsigned int test_values[] = - { 0, 1, 1024, 12345, 32000, UINT_MAX / 2 - 1, - UINT_MAX / 2, UINT_MAX / 2 + 1, UINT_MAX - 1, - UINT_MAX -}; +static int test_binops_s(int i) +{ + size_t a = test_values_s[i]; + int j; + int ret = 1; -static unsigned char test_values_8[] = - { 0, 1, 2, 20, 32, 127, 128, 129, 255 }; + for (j = 0; j < (int)OSSL_NELEM(test_values_s); ++j) { + size_t b = test_values_s[j]; -static int signed_test_values[] = { 0, 1, -1, 1024, -1024, 12345, -12345, - 32000, -32000, INT_MAX, INT_MIN, INT_MAX - 1, - INT_MIN + 1 -}; + if (!test_select_s(a, b) + || !test_eq_s(a, b) + || !test_binary_op_s(&constant_time_lt_s, "constant_time_lt_s", + a, b, a < b) + || !test_binary_op_s(&constant_time_lt_s, "constant_time_lt_s", + b, a, b < a) + || !test_binary_op_s(&constant_time_ge_s, "constant_time_ge_s", + a, b, a >= b) + || !test_binary_op_s(&constant_time_ge_s, "constant_time_ge_s", + b, a, b >= a) + || !test_binary_op_s(&constant_time_eq_s, "constant_time_eq_s", + a, b, a == b) + || !test_binary_op_s(&constant_time_eq_s, "constant_time_eq_s", + b, a, b == a)) + ret = 0; + } + return ret; +} -int main(int argc, char *argv[]) +static int test_signed(int i) { - unsigned int a, b, i, j; - int c, d; - unsigned char e, f; - int num_failed = 0, num_all = 0; - fprintf(stdout, "Testing constant time operations...\n"); - - for (i = 0; i < OSSL_NELEM(test_values); ++i) { - a = test_values[i]; - num_failed += test_is_zero(a); - num_failed += test_is_zero_8(a); - num_all += 2; - for (j = 0; j < OSSL_NELEM(test_values); ++j) { - b = test_values[j]; - num_failed += test_binary_op(&constant_time_lt, - "constant_time_lt", a, b, a < b); - num_failed += test_binary_op_8(&constant_time_lt_8, - "constant_time_lt_8", a, b, a < b); - num_failed += test_binary_op(&constant_time_lt, - "constant_time_lt_8", b, a, b < a); - num_failed += test_binary_op_8(&constant_time_lt_8, - "constant_time_lt_8", b, a, b < a); - num_failed += test_binary_op(&constant_time_ge, - "constant_time_ge", a, b, a >= b); - num_failed += test_binary_op_8(&constant_time_ge_8, - "constant_time_ge_8", a, b, - a >= b); - num_failed += - test_binary_op(&constant_time_ge, "constant_time_ge", b, a, - b >= a); - num_failed += - test_binary_op_8(&constant_time_ge_8, "constant_time_ge_8", b, - a, b >= a); - num_failed += - test_binary_op(&constant_time_eq, "constant_time_eq", a, b, - a == b); - num_failed += - test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", a, - b, a == b); - num_failed += - test_binary_op(&constant_time_eq, "constant_time_eq", b, a, - b == a); - num_failed += - test_binary_op_8(&constant_time_eq_8, "constant_time_eq_8", b, - a, b == a); - num_failed += test_select(a, b); - num_all += 13; - } + int c = signed_test_values[i]; + unsigned int j; + int ret = 1; + + for (j = 0; j < OSSL_NELEM(signed_test_values); ++j) { + int d = signed_test_values[j]; + + if (!test_select_int(c, d) + || !test_eq_int(c, d) + || !test_eq_int_8(c, d)) + ret = 0; } + return ret; +} - for (i = 0; i < OSSL_NELEM(signed_test_values); ++i) { - c = signed_test_values[i]; - for (j = 0; j < OSSL_NELEM(signed_test_values); ++j) { - d = signed_test_values[j]; - num_failed += test_select_int(c, d); - num_failed += test_eq_int(c, d); - num_failed += test_eq_int_8(c, d); - num_all += 3; - } +static int test_8values(int i) +{ + unsigned char e = test_values_8[i]; + unsigned int j; + int ret = 1; + + for (j = 0; j < sizeof(test_values_8); ++j) { + unsigned char f = test_values_8[j]; + + if (!test_select_8(e, f)) + ret = 0; } + return ret; +} - for (i = 0; i < sizeof(test_values_8); ++i) { - e = test_values_8[i]; - for (j = 0; j < sizeof(test_values_8); ++j) { - f = test_values_8[j]; - num_failed += test_select_8(e, f); - num_all += 1; - } +static int test_32values(int i) +{ + uint32_t e = test_values_32[i]; + size_t j; + int ret = 1; + + for (j = 0; j < OSSL_NELEM(test_values_32); j++) { + uint32_t f = test_values_32[j]; + + if (!test_select_32(e, f)) + ret = 0; } + return ret; +} - if (!num_failed) { - fprintf(stdout, "success (ran %d tests)\n", num_all); - return EXIT_SUCCESS; - } else { - fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all); - return EXIT_FAILURE; +static int test_64values(int i) +{ + uint64_t g = test_values_64[i]; + int j, ret = 1; + + for (j = i + 1; j < (int)OSSL_NELEM(test_values_64); j++) { + uint64_t h = test_values_64[j]; + + if (!test_binary_op_64(&constant_time_lt_64, "constant_time_lt_64", + g, h, g < h) + || !test_select_64(g, h)) { + TEST_info("test_64values failed i=%d j=%d", i, j); + ret = 0; + } } + return ret; +} + +int setup_tests(void) +{ + ADD_TEST(test_sizeofs); + ADD_ALL_TESTS(test_is_zero, OSSL_NELEM(test_values)); + ADD_ALL_TESTS(test_is_zero_8, OSSL_NELEM(test_values_8)); + ADD_ALL_TESTS(test_is_zero_32, OSSL_NELEM(test_values_32)); + ADD_ALL_TESTS(test_is_zero_s, OSSL_NELEM(test_values_s)); + ADD_ALL_TESTS(test_binops, OSSL_NELEM(test_values)); + ADD_ALL_TESTS(test_binops_8, OSSL_NELEM(test_values_8)); + ADD_ALL_TESTS(test_binops_s, OSSL_NELEM(test_values_s)); + ADD_ALL_TESTS(test_signed, OSSL_NELEM(signed_test_values)); + ADD_ALL_TESTS(test_8values, OSSL_NELEM(test_values_8)); + ADD_ALL_TESTS(test_32values, OSSL_NELEM(test_values_32)); + ADD_ALL_TESTS(test_64values, OSSL_NELEM(test_values_64)); + return 1; } diff --git a/deps/openssl/openssl/test/crltest.c b/deps/openssl/openssl/test/crltest.c index 74db9444cd..4d35fd4081 100644 --- a/deps/openssl/openssl/test/crltest.c +++ b/deps/openssl/openssl/test/crltest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,8 +7,7 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> -#include "../e_os.h" +#include "internal/nelem.h" #include <string.h> #include <openssl/bio.h> #include <openssl/crypto.h> @@ -177,25 +176,22 @@ static const char *kUnknownCriticalCRL2[] = { NULL }; +static const char **unknown_critical_crls[] = { + kUnknownCriticalCRL, kUnknownCriticalCRL2 +}; + +static X509 *test_root = NULL; +static X509 *test_leaf = NULL; /* * Glue an array of strings together. Return a BIO and put the string * into |*out| so we can free it. */ -static BIO *glue(const char **pem, char **out) +static BIO *glue2bio(const char **pem, char **out) { - char *dest; - int i; size_t s = 0; - /* Glue the strings together. */ - for (i = 0; pem[i] != NULL; ++i) - s += strlen(pem[i]); - dest = *out = OPENSSL_malloc(s + 1); - if (dest == NULL) - return NULL; - for (i = 0; pem[i] != NULL; ++i) - dest += strlen(strcpy(dest, pem[i])); + *out = glue_strings(pem, &s); return BIO_new_mem_buf(*out, s); } @@ -205,7 +201,7 @@ static BIO *glue(const char **pem, char **out) static X509_CRL *CRL_from_strings(const char **pem) { char *p; - BIO *b = glue(pem, &p); + BIO *b = glue2bio(pem, &p); X509_CRL *crl = PEM_read_bio_X509_CRL(b, NULL, NULL, NULL); OPENSSL_free(p); @@ -219,7 +215,7 @@ static X509_CRL *CRL_from_strings(const char **pem) static X509 *X509_from_strings(const char **pem) { char *p; - BIO *b = glue(pem, &p); + BIO *b = glue2bio(pem, &p); X509 *x = PEM_read_bio_X509(b, NULL, NULL, NULL); OPENSSL_free(p); @@ -242,27 +238,27 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls, STACK_OF(X509) *roots = sk_X509_new_null(); int status = X509_V_ERR_UNSPECIFIED; - if (ctx == NULL || store == NULL || param == NULL || roots == NULL) + if (!TEST_ptr(ctx) + || !TEST_ptr(store) + || !TEST_ptr(param) + || !TEST_ptr(roots)) goto err; /* Create a stack; upref the cert because we free it below. */ X509_up_ref(root); - if (!sk_X509_push(roots, root)) - goto err; - - if (!X509_STORE_CTX_init(ctx, store, leaf, NULL)) + if (!TEST_true(sk_X509_push(roots, root)) + || !TEST_true(X509_STORE_CTX_init(ctx, store, leaf, NULL))) goto err; X509_STORE_CTX_set0_trusted_stack(ctx, roots); X509_STORE_CTX_set0_crls(ctx, crls); X509_VERIFY_PARAM_set_time(param, PARAM_TIME); - if (X509_VERIFY_PARAM_get_time(param) != PARAM_TIME) { - fprintf(stderr, "set_time/get_time mismatch.\n"); + if (!TEST_long_eq((long)X509_VERIFY_PARAM_get_time(param), PARAM_TIME)) goto err; - } X509_VERIFY_PARAM_set_depth(param, 16); if (flags) X509_VERIFY_PARAM_set_flags(param, flags); X509_STORE_CTX_set0_param(ctx, param); + param = NULL; ERR_clear_error(); status = X509_verify_cert(ctx) == 1 ? X509_V_OK @@ -270,6 +266,7 @@ static int verify(X509 *leaf, X509 *root, STACK_OF(X509_CRL) *crls, err: sk_X509_pop_free(roots, X509_free); sk_X509_CRL_pop_free(crls, X509_CRL_free); + X509_VERIFY_PARAM_free(param); X509_STORE_CTX_free(ctx); X509_STORE_free(store); return status; @@ -293,86 +290,89 @@ static STACK_OF(X509_CRL) *make_CRL_stack(X509_CRL *x1, X509_CRL *x2) return sk; } -static int test_crl() +static int test_basic_crl(void) { - X509 *root = X509_from_strings(kCRLTestRoot); - X509 *leaf = X509_from_strings(kCRLTestLeaf); X509_CRL *basic_crl = CRL_from_strings(kBasicCRL); X509_CRL *revoked_crl = CRL_from_strings(kRevokedCRL); - X509_CRL *bad_issuer_crl = CRL_from_strings(kBadIssuerCRL); - X509_CRL *known_critical_crl = CRL_from_strings(kKnownCriticalCRL); - X509_CRL *unknown_critical_crl = CRL_from_strings(kUnknownCriticalCRL); - X509_CRL *unknown_critical_crl2 = CRL_from_strings(kUnknownCriticalCRL2); - int status = 0; - - if (root == NULL || leaf == NULL || basic_crl == NULL - || revoked_crl == NULL || bad_issuer_crl == NULL - || known_critical_crl == NULL || unknown_critical_crl == NULL - || unknown_critical_crl2 == NULL) { - fprintf(stderr, "Failed to parse certificates and CRLs.\n"); - goto err; - } - - if (verify(leaf, root, make_CRL_stack(basic_crl, NULL), - X509_V_FLAG_CRL_CHECK) != X509_V_OK) { - fprintf(stderr, "Cert with CRL didn't verify.\n"); - goto err; - } - - if (verify(leaf, root, make_CRL_stack(basic_crl, revoked_crl), - X509_V_FLAG_CRL_CHECK) != X509_V_ERR_CERT_REVOKED) { - fprintf(stderr, "Revoked CRL wasn't checked.\n"); - goto err; - } - - if (verify(leaf, root, NULL, - X509_V_FLAG_CRL_CHECK) != X509_V_ERR_UNABLE_TO_GET_CRL) { - fprintf(stderr, "CRLs were not required.\n"); - goto err; - } - - if (verify(leaf, root, make_CRL_stack(bad_issuer_crl, NULL), - X509_V_FLAG_CRL_CHECK) != X509_V_ERR_UNABLE_TO_GET_CRL) { - fprintf(stderr, "Bad CRL issuer was unnoticed.\n"); - goto err; - } + int r; + + r = TEST_ptr(basic_crl) + && TEST_ptr(revoked_crl) + && TEST_int_eq(verify(test_leaf, test_root, + make_CRL_stack(basic_crl, NULL), + X509_V_FLAG_CRL_CHECK), X509_V_OK) + && TEST_int_eq(verify(test_leaf, test_root, + make_CRL_stack(basic_crl, revoked_crl), + X509_V_FLAG_CRL_CHECK), X509_V_ERR_CERT_REVOKED); + X509_CRL_free(basic_crl); + X509_CRL_free(revoked_crl); + return r; +} - if (verify(leaf, root, make_CRL_stack(known_critical_crl, NULL), - X509_V_FLAG_CRL_CHECK) != X509_V_OK) { - fprintf(stderr, "CRL with known critical extension was rejected.\n"); - goto err; - } +static int test_no_crl(void) +{ + return TEST_int_eq(verify(test_leaf, test_root, NULL, + X509_V_FLAG_CRL_CHECK), + X509_V_ERR_UNABLE_TO_GET_CRL); +} - if (verify(leaf, root, make_CRL_stack(unknown_critical_crl, NULL), - X509_V_FLAG_CRL_CHECK) != - X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION) { - fprintf(stderr, "CRL with unknown critical extension was accepted.\n"); - goto err; - } +static int test_bad_issuer_crl(void) +{ + X509_CRL *bad_issuer_crl = CRL_from_strings(kBadIssuerCRL); + int r; - if (verify(leaf, root, make_CRL_stack(unknown_critical_crl2, NULL), - X509_V_FLAG_CRL_CHECK) != - X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION) { - fprintf(stderr, "CRL with unknown critical extension (2) was accepted.\n"); - goto err; - } + r = TEST_ptr(bad_issuer_crl) + && TEST_int_eq(verify(test_leaf, test_root, + make_CRL_stack(bad_issuer_crl, NULL), + X509_V_FLAG_CRL_CHECK), + X509_V_ERR_UNABLE_TO_GET_CRL); + X509_CRL_free(bad_issuer_crl); + return r; +} - status = 1; +static int test_known_critical_crl(void) +{ + X509_CRL *known_critical_crl = CRL_from_strings(kKnownCriticalCRL); + int r; -err: - X509_free(root); - X509_free(leaf); - X509_CRL_free(basic_crl); - X509_CRL_free(revoked_crl); - X509_CRL_free(bad_issuer_crl); + r = TEST_ptr(known_critical_crl) + && TEST_int_eq(verify(test_leaf, test_root, + make_CRL_stack(known_critical_crl, NULL), + X509_V_FLAG_CRL_CHECK), X509_V_OK); X509_CRL_free(known_critical_crl); + return r; +} + +static int test_unknown_critical_crl(int n) +{ + X509_CRL *unknown_critical_crl = CRL_from_strings(unknown_critical_crls[n]); + int r; + + r = TEST_ptr(unknown_critical_crl) + && TEST_int_eq(verify(test_leaf, test_root, + make_CRL_stack(unknown_critical_crl, NULL), + X509_V_FLAG_CRL_CHECK), + X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION); X509_CRL_free(unknown_critical_crl); - X509_CRL_free(unknown_critical_crl2); - return status; + return r; +} + +int setup_tests(void) +{ + if (!TEST_ptr(test_root = X509_from_strings(kCRLTestRoot)) + || !TEST_ptr(test_leaf = X509_from_strings(kCRLTestLeaf))) + return 0; + + ADD_TEST(test_no_crl); + ADD_TEST(test_basic_crl); + ADD_TEST(test_bad_issuer_crl); + ADD_TEST(test_known_critical_crl); + ADD_ALL_TESTS(test_unknown_critical_crl, OSSL_NELEM(unknown_critical_crls)); + return 1; } -int main() +void cleanup_tests(void) { - ADD_TEST(test_crl); - return run_tests("crltest"); + X509_free(test_root); + X509_free(test_leaf); } diff --git a/deps/openssl/openssl/test/ct_test.c b/deps/openssl/openssl/test/ct_test.c index 49c46958ee..de374764ef 100644 --- a/deps/openssl/openssl/test/ct_test.c +++ b/deps/openssl/openssl/test/ct_test.c @@ -8,7 +8,6 @@ */ #include <ctype.h> -#include <math.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -19,11 +18,11 @@ #include <openssl/x509.h> #include <openssl/x509v3.h> #include "testutil.h" +#include <openssl/crypto.h> #ifndef OPENSSL_NO_CT - /* Used when declaring buffers to read text files into */ -#define CT_TEST_MAX_FILE_SIZE 8096 +# define CT_TEST_MAX_FILE_SIZE 8096 static char *certs_dir = NULL; static char *ct_dir = NULL; @@ -57,59 +56,51 @@ typedef struct ct_test_fixture { int test_validity; } CT_TEST_FIXTURE; -static CT_TEST_FIXTURE set_up(const char *const test_case_name) +static CT_TEST_FIXTURE *set_up(const char *const test_case_name) { - CT_TEST_FIXTURE fixture; - int setup_ok = 1; - - memset(&fixture, 0, sizeof(fixture)); - - fixture.test_case_name = test_case_name; - fixture.epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ - fixture.ctlog_store = CTLOG_STORE_new(); + CT_TEST_FIXTURE *fixture = NULL; - if (fixture.ctlog_store == NULL) { - setup_ok = 0; - fprintf(stderr, "Failed to create a new CT log store\n"); + if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) goto end; - } - - if (CTLOG_STORE_load_default_file(fixture.ctlog_store) != 1) { - setup_ok = 0; - fprintf(stderr, "Failed to load CT log list\n"); + fixture->test_case_name = test_case_name; + fixture->epoch_time_in_ms = 1473269626000; /* Sep 7 17:33:46 2016 GMT */ + if (!TEST_ptr(fixture->ctlog_store = CTLOG_STORE_new()) + || !TEST_int_eq( + CTLOG_STORE_load_default_file(fixture->ctlog_store), 1)) goto end; - } + return fixture; end: - if (!setup_ok) { - CTLOG_STORE_free(fixture.ctlog_store); - exit(EXIT_FAILURE); - } - return fixture; + if (fixture != NULL) + CTLOG_STORE_free(fixture->ctlog_store); + OPENSSL_free(fixture); + TEST_error("Failed to setup"); + return NULL; } -static void tear_down(CT_TEST_FIXTURE fixture) +static void tear_down(CT_TEST_FIXTURE *fixture) { - CTLOG_STORE_free(fixture.ctlog_store); - SCT_LIST_free(fixture.sct_list); - ERR_print_errors_fp(stderr); + if (fixture != NULL) { + CTLOG_STORE_free(fixture->ctlog_store); + SCT_LIST_free(fixture->sct_list); + } + OPENSSL_free(fixture); } static char *mk_file_path(const char *dir, const char *file) { - char *full_file = NULL; - size_t full_file_l = 0; +# ifndef OPENSSL_SYS_VMS + const char *sep = "/"; +# else const char *sep = ""; -#ifndef OPENSSL_SYS_VMS - sep = "/"; -#endif +# endif + size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1; + char *full_file = OPENSSL_zalloc(len); - full_file_l = strlen(dir) + strlen(sep) + strlen(file) + 1; - full_file = OPENSSL_zalloc(full_file_l); if (full_file != NULL) { - OPENSSL_strlcpy(full_file, dir, full_file_l); - OPENSSL_strlcat(full_file, sep, full_file_l); - OPENSSL_strlcat(full_file, file, full_file_l); + OPENSSL_strlcpy(full_file, dir, len); + OPENSSL_strlcat(full_file, sep, len); + OPENSSL_strlcat(full_file, file, len); } return full_file; @@ -122,65 +113,54 @@ static X509 *load_pem_cert(const char *dir, const char *file) if (file_path != NULL) { BIO *cert_io = BIO_new_file(file_path, "r"); - OPENSSL_free(file_path); if (cert_io != NULL) cert = PEM_read_bio_X509(cert_io, NULL, NULL, NULL); - BIO_free(cert_io); } + + OPENSSL_free(file_path); return cert; } static int read_text_file(const char *dir, const char *file, char *buffer, int buffer_length) { - int result = -1; + int len = -1; char *file_path = mk_file_path(dir, file); if (file_path != NULL) { BIO *file_io = BIO_new_file(file_path, "r"); - OPENSSL_free(file_path); - if (file_io != NULL) { - result = BIO_read(file_io, buffer, buffer_length); - BIO_free(file_io); - } + if (file_io != NULL) + len = BIO_read(file_io, buffer, buffer_length); + BIO_free(file_io); } - return result; + OPENSSL_free(file_path); + return len; } static int compare_sct_list_printout(STACK_OF(SCT) *sct, - const char *expected_output) + const char *expected_output) { BIO *text_buffer = NULL; char *actual_output = NULL; - int result = 1; + int result = 0; - text_buffer = BIO_new(BIO_s_mem()); - if (text_buffer == NULL) { - fprintf(stderr, "Unable to allocate buffer\n"); + if (!TEST_ptr(text_buffer = BIO_new(BIO_s_mem()))) goto end; - } SCT_LIST_print(sct, text_buffer, 0, "\n", NULL); - /* Append null terminator because we're about to use the buffer contents - * as a string. */ - if (BIO_write(text_buffer, "\0", 1) != 1) { - fprintf(stderr, "Failed to append null terminator to SCT text\n"); + /* Append \0 because we're about to use the buffer contents as a string. */ + if (!TEST_true(BIO_write(text_buffer, "\0", 1))) goto end; - } BIO_get_mem_data(text_buffer, &actual_output); - result = strcmp(actual_output, expected_output); - - if (result != 0) { - fprintf(stderr, - "Expected SCT printout:\n%s\nActual SCT printout:\n%s\n", - expected_output, actual_output); - } + if (!TEST_str_eq(actual_output, expected_output)) + goto end; + result = 1; end: BIO_free(text_buffer); @@ -192,55 +172,41 @@ static int compare_extension_printout(X509_EXTENSION *extension, { BIO *text_buffer = NULL; char *actual_output = NULL; - int result = 1; - - text_buffer = BIO_new(BIO_s_mem()); - if (text_buffer == NULL) { - fprintf(stderr, "Unable to allocate buffer\n"); - goto end; - } + int result = 0; - if (!X509V3_EXT_print(text_buffer, extension, X509V3_EXT_DEFAULT, 0)) { - fprintf(stderr, "Failed to print extension\n"); + if (!TEST_ptr(text_buffer = BIO_new(BIO_s_mem())) + || !TEST_true(X509V3_EXT_print(text_buffer, extension, + X509V3_EXT_DEFAULT, 0))) goto end; - } - /* Append null terminator because we're about to use the buffer contents - * as a string. */ - if (BIO_write(text_buffer, "\0", 1) != 1) { - fprintf(stderr, - "Failed to append null terminator to extension text\n"); + /* Append \0 because we're about to use the buffer contents as a string. */ + if (!TEST_true(BIO_write(text_buffer, "\0", 1))) goto end; - } BIO_get_mem_data(text_buffer, &actual_output); - result = strcmp(actual_output, expected_output); + if (!TEST_str_eq(actual_output, expected_output)) + goto end; - if (result != 0) { - fprintf(stderr, - "Expected SCT printout:\n%s\nActual SCT printout:\n%s\n", - expected_output, actual_output); - } + result = 1; end: BIO_free(text_buffer); return result; } -static int assert_validity(CT_TEST_FIXTURE fixture, - STACK_OF(SCT) *scts, - CT_POLICY_EVAL_CTX *policy_ctx) { +static int assert_validity(CT_TEST_FIXTURE *fixture, STACK_OF(SCT) *scts, + CT_POLICY_EVAL_CTX *policy_ctx) +{ int invalid_sct_count = 0; int valid_sct_count = 0; int i; - if (SCT_LIST_validate(scts, policy_ctx) < 0) { - fprintf(stderr, "Error verifying SCTs\n"); + if (!TEST_int_ge(SCT_LIST_validate(scts, policy_ctx), 0)) return 0; - } for (i = 0; i < sk_SCT_num(scts); ++i) { SCT *sct_i = sk_SCT_value(scts, i); + switch (SCT_get_validation_status(sct_i)) { case SCT_VALIDATION_STATUS_VALID: ++valid_sct_count; @@ -248,31 +214,28 @@ static int assert_validity(CT_TEST_FIXTURE fixture, case SCT_VALIDATION_STATUS_INVALID: ++invalid_sct_count; break; - default: + case SCT_VALIDATION_STATUS_NOT_SET: + case SCT_VALIDATION_STATUS_UNKNOWN_LOG: + case SCT_VALIDATION_STATUS_UNVERIFIED: + case SCT_VALIDATION_STATUS_UNKNOWN_VERSION: /* Ignore other validation statuses. */ break; } } - if (valid_sct_count != fixture.expected_valid_sct_count) { + if (!TEST_int_eq(valid_sct_count, fixture->expected_valid_sct_count)) { int unverified_sct_count = sk_SCT_num(scts) - - invalid_sct_count - valid_sct_count; - - fprintf(stderr, - "%d SCTs failed verification\n" - "%d SCTs passed verification (%d expected)\n" - "%d SCTs were unverified\n", - invalid_sct_count, - valid_sct_count, - fixture.expected_valid_sct_count, - unverified_sct_count); + invalid_sct_count - valid_sct_count; + + TEST_info("%d SCTs failed, %d SCTs unverified", + invalid_sct_count, unverified_sct_count); return 0; } return 1; } -static int execute_cert_test(CT_TEST_FIXTURE fixture) +static int execute_cert_test(CT_TEST_FIXTURE *fixture) { int success = 0; X509 *cert = NULL, *issuer = NULL; @@ -284,115 +247,90 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture) size_t tls_sct_list_len = 0; CT_POLICY_EVAL_CTX *ct_policy_ctx = CT_POLICY_EVAL_CTX_new(); - if (fixture.sct_text_file != NULL) { - sct_text_len = read_text_file(fixture.sct_dir, fixture.sct_text_file, + if (fixture->sct_text_file != NULL) { + sct_text_len = read_text_file(fixture->sct_dir, fixture->sct_text_file, expected_sct_text, CT_TEST_MAX_FILE_SIZE - 1); - if (sct_text_len < 0) { - fprintf(stderr, "Test data file not found: %s\n", - fixture.sct_text_file); + if (!TEST_int_ge(sct_text_len, 0)) goto end; - } - expected_sct_text[sct_text_len] = '\0'; } CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE( - ct_policy_ctx, fixture.ctlog_store); + ct_policy_ctx, fixture->ctlog_store); - CT_POLICY_EVAL_CTX_set_time(ct_policy_ctx, fixture.epoch_time_in_ms); + CT_POLICY_EVAL_CTX_set_time(ct_policy_ctx, fixture->epoch_time_in_ms); - if (fixture.certificate_file != NULL) { + if (fixture->certificate_file != NULL) { int sct_extension_index; + int i; X509_EXTENSION *sct_extension = NULL; - cert = load_pem_cert(fixture.certs_dir, fixture.certificate_file); - if (cert == NULL) { - fprintf(stderr, "Unable to load certificate: %s\n", - fixture.certificate_file); + if (!TEST_ptr(cert = load_pem_cert(fixture->certs_dir, + fixture->certificate_file))) goto end; - } CT_POLICY_EVAL_CTX_set1_cert(ct_policy_ctx, cert); - if (fixture.issuer_file != NULL) { - issuer = load_pem_cert(fixture.certs_dir, fixture.issuer_file); - - if (issuer == NULL) { - fprintf(stderr, "Unable to load issuer certificate: %s\n", - fixture.issuer_file); + if (fixture->issuer_file != NULL) { + if (!TEST_ptr(issuer = load_pem_cert(fixture->certs_dir, + fixture->issuer_file))) goto end; - } - CT_POLICY_EVAL_CTX_set1_issuer(ct_policy_ctx, issuer); } sct_extension_index = X509_get_ext_by_NID(cert, NID_ct_precert_scts, -1); sct_extension = X509_get_ext(cert, sct_extension_index); - if (fixture.expected_sct_count > 0) { - if (sct_extension == NULL) { - fprintf(stderr, "SCT extension not found in: %s\n", - fixture.certificate_file); + if (fixture->expected_sct_count > 0) { + if (!TEST_ptr(sct_extension)) goto end; - } - if (fixture.sct_text_file - && compare_extension_printout(sct_extension, - expected_sct_text)) { + if (fixture->sct_text_file + && !compare_extension_printout(sct_extension, + expected_sct_text)) goto end; - } - - if (fixture.test_validity) { - int i; - scts = X509V3_EXT_d2i(sct_extension); - for (i = 0; i < sk_SCT_num(scts); ++i) { - SCT *sct_i = sk_SCT_value(scts, i); + scts = X509V3_EXT_d2i(sct_extension); + for (i = 0; i < sk_SCT_num(scts); ++i) { + SCT *sct_i = sk_SCT_value(scts, i); - if (!SCT_set_source(sct_i, SCT_SOURCE_X509V3_EXTENSION)) { - fprintf(stderr, - "Error setting SCT source to X509v3 extension\n"); - goto end; - } + if (!TEST_int_eq(SCT_get_source(sct_i), + SCT_SOURCE_X509V3_EXTENSION)) { + goto end; } + } + if (fixture->test_validity) { if (!assert_validity(fixture, scts, ct_policy_ctx)) goto end; } - } else if (sct_extension != NULL) { - fprintf(stderr, - "Expected no SCTs, but found SCT extension in: %s\n", - fixture.certificate_file); + } else if (!TEST_ptr_null(sct_extension)) { goto end; } } - if (fixture.tls_sct_list != NULL) { - const unsigned char *p = fixture.tls_sct_list; - if (o2i_SCT_LIST(&scts, &p, fixture.tls_sct_list_len) == NULL) { - fprintf(stderr, "Failed to decode SCTs from TLS format\n"); + if (fixture->tls_sct_list != NULL) { + const unsigned char *p = fixture->tls_sct_list; + + if (!TEST_ptr(o2i_SCT_LIST(&scts, &p, fixture->tls_sct_list_len))) goto end; - } - if (fixture.test_validity && cert != NULL) { + if (fixture->test_validity && cert != NULL) { if (!assert_validity(fixture, scts, ct_policy_ctx)) goto end; } - if (fixture.sct_text_file - && compare_sct_list_printout(scts, expected_sct_text)) { + if (fixture->sct_text_file + && !compare_sct_list_printout(scts, expected_sct_text)) { goto end; } tls_sct_list_len = i2o_SCT_LIST(scts, &tls_sct_list); - if (tls_sct_list_len != fixture.tls_sct_list_len || - memcmp(fixture.tls_sct_list, tls_sct_list, tls_sct_list_len) != 0) { - fprintf(stderr, - "Failed to encode SCTs into TLS format correctly\n"); + if (!TEST_mem_eq(fixture->tls_sct_list, fixture->tls_sct_list_len, + tls_sct_list, tls_sct_list_len)) goto end; - } } success = 1; @@ -406,79 +344,97 @@ end: return success; } -#define SETUP_CT_TEST_FIXTURE() SETUP_TEST_FIXTURE(CT_TEST_FIXTURE, set_up) -#define EXECUTE_CT_TEST() EXECUTE_TEST(execute_cert_test, tear_down) +# define SETUP_CT_TEST_FIXTURE() SETUP_TEST_FIXTURE(CT_TEST_FIXTURE, set_up) +# define EXECUTE_CT_TEST() EXECUTE_TEST(execute_cert_test, tear_down) -static int test_no_scts_in_certificate() +static int test_no_scts_in_certificate(void) { SETUP_CT_TEST_FIXTURE(); - fixture.certs_dir = certs_dir; - fixture.certificate_file = "leaf.pem"; - fixture.issuer_file = "subinterCA.pem"; - fixture.expected_sct_count = 0; + if (fixture == NULL) + return 0; + fixture->certs_dir = certs_dir; + fixture->certificate_file = "leaf.pem"; + fixture->issuer_file = "subinterCA.pem"; + fixture->expected_sct_count = 0; EXECUTE_CT_TEST(); + return result; } -static int test_one_sct_in_certificate() +static int test_one_sct_in_certificate(void) { SETUP_CT_TEST_FIXTURE(); - fixture.certs_dir = certs_dir; - fixture.certificate_file = "embeddedSCTs1.pem"; - fixture.issuer_file = "embeddedSCTs1_issuer.pem"; - fixture.expected_sct_count = 1; - fixture.sct_dir = certs_dir; - fixture.sct_text_file = "embeddedSCTs1.sct"; + if (fixture == NULL) + return 0; + fixture->certs_dir = certs_dir; + fixture->certificate_file = "embeddedSCTs1.pem"; + fixture->issuer_file = "embeddedSCTs1_issuer.pem"; + fixture->expected_sct_count = 1; + fixture->sct_dir = certs_dir; + fixture->sct_text_file = "embeddedSCTs1.sct"; EXECUTE_CT_TEST(); + return result; } -static int test_multiple_scts_in_certificate() +static int test_multiple_scts_in_certificate(void) { SETUP_CT_TEST_FIXTURE(); - fixture.certs_dir = certs_dir; - fixture.certificate_file = "embeddedSCTs3.pem"; - fixture.issuer_file = "embeddedSCTs3_issuer.pem"; - fixture.expected_sct_count = 3; - fixture.sct_dir = certs_dir; - fixture.sct_text_file = "embeddedSCTs3.sct"; + if (fixture == NULL) + return 0; + fixture->certs_dir = certs_dir; + fixture->certificate_file = "embeddedSCTs3.pem"; + fixture->issuer_file = "embeddedSCTs3_issuer.pem"; + fixture->expected_sct_count = 3; + fixture->sct_dir = certs_dir; + fixture->sct_text_file = "embeddedSCTs3.sct"; EXECUTE_CT_TEST(); + return result; } -static int test_verify_one_sct() +static int test_verify_one_sct(void) { SETUP_CT_TEST_FIXTURE(); - fixture.certs_dir = certs_dir; - fixture.certificate_file = "embeddedSCTs1.pem"; - fixture.issuer_file = "embeddedSCTs1_issuer.pem"; - fixture.expected_sct_count = fixture.expected_valid_sct_count = 1; - fixture.test_validity = 1; + if (fixture == NULL) + return 0; + fixture->certs_dir = certs_dir; + fixture->certificate_file = "embeddedSCTs1.pem"; + fixture->issuer_file = "embeddedSCTs1_issuer.pem"; + fixture->expected_sct_count = fixture->expected_valid_sct_count = 1; + fixture->test_validity = 1; EXECUTE_CT_TEST(); + return result; } -static int test_verify_multiple_scts() +static int test_verify_multiple_scts(void) { SETUP_CT_TEST_FIXTURE(); - fixture.certs_dir = certs_dir; - fixture.certificate_file = "embeddedSCTs3.pem"; - fixture.issuer_file = "embeddedSCTs3_issuer.pem"; - fixture.expected_sct_count = fixture.expected_valid_sct_count = 3; - fixture.test_validity = 1; + if (fixture == NULL) + return 0; + fixture->certs_dir = certs_dir; + fixture->certificate_file = "embeddedSCTs3.pem"; + fixture->issuer_file = "embeddedSCTs3_issuer.pem"; + fixture->expected_sct_count = fixture->expected_valid_sct_count = 3; + fixture->test_validity = 1; EXECUTE_CT_TEST(); + return result; } -static int test_verify_fails_for_future_sct() +static int test_verify_fails_for_future_sct(void) { SETUP_CT_TEST_FIXTURE(); - fixture.epoch_time_in_ms = 1365094800000; /* Apr 4 17:00:00 2013 GMT */ - fixture.certs_dir = certs_dir; - fixture.certificate_file = "embeddedSCTs1.pem"; - fixture.issuer_file = "embeddedSCTs1_issuer.pem"; - fixture.expected_sct_count = 1; - fixture.expected_valid_sct_count = 0; - fixture.test_validity = 1; + if (fixture == NULL) + return 0; + fixture->epoch_time_in_ms = 1365094800000; /* Apr 4 17:00:00 2013 GMT */ + fixture->certs_dir = certs_dir; + fixture->certificate_file = "embeddedSCTs1.pem"; + fixture->issuer_file = "embeddedSCTs1_issuer.pem"; + fixture->expected_sct_count = 1; + fixture->expected_valid_sct_count = 0; + fixture->test_validity = 1; EXECUTE_CT_TEST(); + return result; } -static int test_decode_tls_sct() +static int test_decode_tls_sct(void) { const unsigned char tls_sct_list[] = "\x00\x78" /* length of list */ "\x00\x76" @@ -499,14 +455,17 @@ static int test_decode_tls_sct() "\xED\xBF\x08"; SETUP_CT_TEST_FIXTURE(); - fixture.tls_sct_list = tls_sct_list; - fixture.tls_sct_list_len = 0x7a; - fixture.sct_dir = ct_dir; - fixture.sct_text_file = "tls1.sct"; + if (fixture == NULL) + return 0; + fixture->tls_sct_list = tls_sct_list; + fixture->tls_sct_list_len = 0x7a; + fixture->sct_dir = ct_dir; + fixture->sct_text_file = "tls1.sct"; EXECUTE_CT_TEST(); + return result; } -static int test_encode_tls_sct() +static int test_encode_tls_sct(void) { const char log_id[] = "3xwuwRUAlFJHqWFoMl3cXHlZ6PfG04j8AC4LvT9012Q="; const uint64_t timestamp = 1; @@ -516,29 +475,28 @@ static int test_encode_tls_sct() SCT *sct = NULL; SETUP_CT_TEST_FIXTURE(); + if (fixture == NULL) + return 0; - fixture.sct_list = sk_SCT_new_null(); - sct = SCT_new_from_base64(SCT_VERSION_V1, log_id, - CT_LOG_ENTRY_TYPE_X509, timestamp, - extensions, signature); + fixture->sct_list = sk_SCT_new_null(); + if (!TEST_ptr(sct = SCT_new_from_base64(SCT_VERSION_V1, log_id, + CT_LOG_ENTRY_TYPE_X509, timestamp, + extensions, signature))) - if (sct == NULL) { - tear_down(fixture); - fprintf(stderr, "Failed to create SCT from base64-encoded test data\n"); return 0; - } - sk_SCT_push(fixture.sct_list, sct); - fixture.sct_dir = ct_dir; - fixture.sct_text_file = "tls1.sct"; + sk_SCT_push(fixture->sct_list, sct); + fixture->sct_dir = ct_dir; + fixture->sct_text_file = "tls1.sct"; EXECUTE_CT_TEST(); + return result; } /* * Tests that the CT_POLICY_EVAL_CTX default time is approximately now. * Allow +-10 minutes, as it may compensate for clock skew. */ -static int test_default_ct_policy_eval_ctx_time_is_now() +static int test_default_ct_policy_eval_ctx_time_is_now(void) { int success = 0; CT_POLICY_EVAL_CTX *ct_policy_ctx = CT_POLICY_EVAL_CTX_new(); @@ -546,11 +504,9 @@ static int test_default_ct_policy_eval_ctx_time_is_now() (time_t)(CT_POLICY_EVAL_CTX_get_time(ct_policy_ctx) / 1000); const time_t time_tolerance = 600; /* 10 minutes */ - if (fabs(difftime(time(NULL), default_time)) > time_tolerance) { - fprintf(stderr, - "Default CT_POLICY_EVAL_CTX time is not approximately now.\n"); + if (!TEST_time_t_le(abs((int)difftime(time(NULL), default_time)), + time_tolerance)) goto end; - } success = 1; end: @@ -558,20 +514,28 @@ end: return success; } -int main(int argc, char *argv[]) +static int test_ctlog_from_base64(void) { - int result = 0; - char *tmp_env = NULL; - - tmp_env = getenv("OPENSSL_DEBUG_MEMORY"); - if (tmp_env != NULL && strcmp(tmp_env, "on") == 0) - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + CTLOG *ctlogp = NULL; + const char notb64[] = "\01\02\03\04"; + const char pad[] = "===="; + const char name[] = "name"; + + /* We expect these to both fail! */ + if (!TEST_true(!CTLOG_new_from_base64(&ctlogp, notb64, name)) + || !TEST_true(!CTLOG_new_from_base64(&ctlogp, pad, name))) + return 0; + return 1; +} +#endif - tmp_env = getenv("CT_DIR"); - ct_dir = OPENSSL_strdup(tmp_env != NULL ? tmp_env : "ct"); - tmp_env = getenv("CERTS_DIR"); - certs_dir = OPENSSL_strdup(tmp_env != NULL ? tmp_env : "certs"); +int setup_tests(void) +{ +#ifndef OPENSSL_NO_CT + if ((ct_dir = getenv("CT_DIR")) == NULL) + ct_dir = "ct"; + if ((certs_dir = getenv("CERTS_DIR")) == NULL) + certs_dir = "certs"; ADD_TEST(test_no_scts_in_certificate); ADD_TEST(test_one_sct_in_certificate); @@ -582,26 +546,9 @@ int main(int argc, char *argv[]) ADD_TEST(test_decode_tls_sct); ADD_TEST(test_encode_tls_sct); ADD_TEST(test_default_ct_policy_eval_ctx_time_is_now); - - result = run_tests(argv[0]); - ERR_print_errors_fp(stderr); - - OPENSSL_free(ct_dir); - OPENSSL_free(certs_dir); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - result = 1; + ADD_TEST(test_ctlog_from_base64); +#else + printf("No CT support\n"); #endif - - return result; -} - -#else /* OPENSSL_NO_CT */ - -int main(int argc, char* argv[]) -{ - return EXIT_SUCCESS; + return 1; } - -#endif /* OPENSSL_NO_CT */ diff --git a/deps/openssl/openssl/test/d2i_test.c b/deps/openssl/openssl/test/d2i_test.c index 5274270097..afea2dcb9f 100644 --- a/deps/openssl/openssl/test/d2i_test.c +++ b/deps/openssl/openssl/test/d2i_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -20,10 +20,7 @@ #include <openssl/err.h> #include <openssl/x509.h> #include <openssl/x509v3.h> -#ifndef OPENSSL_NO_CMS -# include <openssl/cms.h> -#endif -#include "e_os.h" +#include "internal/nelem.h" static const ASN1_ITEM *item_type; static const char *test_file; @@ -44,18 +41,7 @@ typedef struct { static expected_error_t expected_error = ASN1_UNKNOWN; -typedef struct d2i_test_fixture { - const char *test_case_name; -} D2I_TEST_FIXTURE; - -static D2I_TEST_FIXTURE set_up(const char *const test_case_name) -{ - D2I_TEST_FIXTURE fixture; - fixture.test_case_name = test_case_name; - return fixture; -} - -static int execute_test(D2I_TEST_FIXTURE fixture) +static int test_bad_asn1(void) { BIO *bio = NULL; ASN1_VALUE *value = NULL; @@ -66,12 +52,12 @@ static int execute_test(D2I_TEST_FIXTURE fixture) int derlen; int len; - if ((bio = BIO_new_file(test_file, "r")) == NULL) + bio = BIO_new_file(test_file, "r"); + if (!TEST_ptr(bio)) return 0; if (expected_error == ASN1_BIO) { - value = ASN1_item_d2i_bio(item_type, bio, NULL); - if (value == NULL) + if (TEST_ptr_null(ASN1_item_d2i_bio(item_type, bio, NULL))) ret = 1; goto err; } @@ -82,12 +68,12 @@ static int execute_test(D2I_TEST_FIXTURE fixture) * decoder is called. */ len = BIO_read(bio, buf, sizeof(buf)); - if (len < 0) + if (!TEST_int_ge(len, 0)) goto err; value = ASN1_item_d2i(NULL, &buf_ptr, len, item_type); if (value == NULL) { - if (expected_error == ASN1_DECODE) + if (TEST_int_eq(expected_error, ASN1_DECODE)) ret = 1; goto err; } @@ -95,23 +81,24 @@ static int execute_test(D2I_TEST_FIXTURE fixture) derlen = ASN1_item_i2d(value, &der, item_type); if (der == NULL || derlen < 0) { - if (expected_error == ASN1_ENCODE) + if (TEST_int_eq(expected_error, ASN1_ENCODE)) ret = 1; goto err; } if (derlen != len || memcmp(der, buf, derlen) != 0) { - if (expected_error == ASN1_COMPARE) + if (TEST_int_eq(expected_error, ASN1_COMPARE)) ret = 1; goto err; } - if (expected_error == ASN1_OK) + if (TEST_int_eq(expected_error, ASN1_OK)) ret = 1; err: /* Don't indicate success for memory allocation errors */ - if (ret == 1 && ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE) + if (ret == 1 + && !TEST_false(ERR_GET_REASON(ERR_peek_error()) == ERR_R_MALLOC_FAILURE)) ret = 0; BIO_free(bio); OPENSSL_free(der); @@ -119,44 +106,16 @@ static int execute_test(D2I_TEST_FIXTURE fixture) return ret; } -static void tear_down(D2I_TEST_FIXTURE fixture) -{ - ERR_print_errors_fp(stderr); -} - -#define SETUP_D2I_TEST_FIXTURE() \ - SETUP_TEST_FIXTURE(D2I_TEST_FIXTURE, set_up) - -#define EXECUTE_D2I_TEST() \ - EXECUTE_TEST(execute_test, tear_down) - -static int test_bad_asn1() -{ - SETUP_D2I_TEST_FIXTURE(); - EXECUTE_D2I_TEST(); -} - /* - * Usage: d2i_test <type> <file>, e.g. + * Usage: d2i_test <name> <type> <file>, e.g. * d2i_test generalname bad_generalname.der */ -int main(int argc, char **argv) +int setup_tests(void) { - int result = 0; const char *test_type_name; const char *expected_error_string; - const char *p = getenv("OPENSSL_DEBUG_MEMORY"); size_t i; - static ASN1_ITEM_EXP *items[] = { - ASN1_ITEM_ref(ASN1_ANY), - ASN1_ITEM_ref(X509), - ASN1_ITEM_ref(GENERAL_NAME), - ASN1_ITEM_ref(ASN1_INTEGER), -#ifndef OPENSSL_NO_CMS - ASN1_ITEM_ref(CMS_ContentInfo) -#endif - }; static error_enum expected_errors[] = { {"OK", ASN1_OK}, @@ -166,35 +125,26 @@ int main(int argc, char **argv) {"compare", ASN1_COMPARE} }; - if (p != NULL && strcmp(p, "on") == 0) - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - if (argc != 4) { - fprintf(stderr, - "Usage: d2i_test item_name expected_error file.der\n"); - return 1; + if (!TEST_ptr(test_type_name = test_get_argument(0)) + || !TEST_ptr(expected_error_string = test_get_argument(1)) + || !TEST_ptr(test_file = test_get_argument(2))) { + TEST_note("Usage: d2i_test item_name expected_error file.der"); + return 0; } - test_type_name = argv[1]; - expected_error_string = argv[2]; - test_file = argv[3]; + item_type = ASN1_ITEM_lookup(test_type_name); - for (i = 0; i < OSSL_NELEM(items); i++) { - const ASN1_ITEM *it = ASN1_ITEM_ptr(items[i]); - if (strcmp(test_type_name, it->sname) == 0) { - item_type = it; - break; - } - } if (item_type == NULL) { - fprintf(stderr, "Unknown type %s\n", test_type_name); - fprintf(stderr, "Supported types:\n"); - for (i = 0; i < OSSL_NELEM(items); i++) { - const ASN1_ITEM *it = ASN1_ITEM_ptr(items[i]); - fprintf(stderr, "\t%s\n", it->sname); + TEST_error("Unknown type %s", test_type_name); + TEST_note("Supported types:"); + for (i = 0;; i++) { + const ASN1_ITEM *it = ASN1_ITEM_get(i); + + if (it == NULL) + break; + TEST_note("\t%s", it->sname); } - return 1; + return 0; } for (i = 0; i < OSSL_NELEM(expected_errors); i++) { @@ -205,18 +155,10 @@ int main(int argc, char **argv) } if (expected_error == ASN1_UNKNOWN) { - fprintf(stderr, "Unknown expected error %s\n", expected_error_string); - return 1; + TEST_error("Unknown expected error %s\n", expected_error_string); + return 0; } ADD_TEST(test_bad_asn1); - - result = run_tests(argv[0]); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - result = 1; -#endif - - return result; + return 1; } diff --git a/deps/openssl/openssl/test/danetest.c b/deps/openssl/openssl/test/danetest.c index 7fa6a2f44f..54a79ab51f 100644 --- a/deps/openssl/openssl/test/danetest.c +++ b/deps/openssl/openssl/test/danetest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -22,12 +22,15 @@ #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif +#include "testutil.h" -#include "../e_os.h" +#include "internal/nelem.h" #define _UC(c) ((unsigned char)(c)) -static const char *progname; +static const char *basedomain; +static const char *CAfile; +static const char *tlsafile; /* * Forward declaration, of function that uses internal interfaces, from headers @@ -49,44 +52,22 @@ static int restore_errno(void) return ret; } -static void test_usage(void) -{ - fprintf(stderr, "usage: %s: danetest basedomain CAfile tlsafile\n", progname); -} - -static void print_errors(void) -{ - unsigned long err; - char buffer[1024]; - const char *file; - const char *data; - int line; - int flags; - - while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) { - ERR_error_string_n(err, buffer, sizeof(buffer)); - if (flags & ERR_TXT_STRING) - fprintf(stderr, "Error: %s:%s:%d:%s\n", buffer, file, line, data); - else - fprintf(stderr, "Error: %s:%s:%d\n", buffer, file, line); - } -} - static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) { - int ret = -1; - X509_STORE_CTX *store_ctx; - SSL_CTX *ssl_ctx = SSL_get_SSL_CTX(ssl); - X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx); + X509_STORE_CTX *store_ctx = NULL; + SSL_CTX *ssl_ctx = NULL; + X509_STORE *store = NULL; + X509 *cert = NULL; + int ret = 0; int store_ctx_idx = SSL_get_ex_data_X509_STORE_CTX_idx(); - X509 *cert = sk_X509_value(chain, 0); - if ((store_ctx = X509_STORE_CTX_new()) == NULL) - return -1; - - if (!X509_STORE_CTX_init(store_ctx, store, cert, chain)) - goto end; - if (!X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, ssl)) + if (!TEST_ptr(store_ctx = X509_STORE_CTX_new()) + || !TEST_ptr(ssl_ctx = SSL_get_SSL_CTX(ssl)) + || !TEST_ptr(store = SSL_CTX_get_cert_store(ssl_ctx)) + || !TEST_ptr(cert = sk_X509_value(chain, 0)) + || !TEST_true(X509_STORE_CTX_init(store_ctx, store, cert, chain)) + || !TEST_true(X509_STORE_CTX_set_ex_data(store_ctx, store_ctx_idx, + ssl))) goto end; X509_STORE_CTX_set_default(store_ctx, @@ -95,17 +76,19 @@ static int verify_chain(SSL *ssl, STACK_OF(X509) *chain) SSL_get0_param(ssl)); store_ctx_dane_init(store_ctx, ssl); - if (SSL_get_verify_callback(ssl)) + if (SSL_get_verify_callback(ssl) != NULL) X509_STORE_CTX_set_verify_cb(store_ctx, SSL_get_verify_callback(ssl)); - ret = X509_verify_cert(store_ctx); + /* Mask "internal failures" (-1) from our return value. */ + if (!TEST_int_ge(ret = X509_verify_cert(store_ctx), 0)) + ret = 0; SSL_set_verify_result(ssl, X509_STORE_CTX_get_error(store_ctx)); X509_STORE_CTX_cleanup(store_ctx); + end: X509_STORE_CTX_free(store_ctx); - - return (ret); + return ret; } static STACK_OF(X509) *load_chain(BIO *fp, int nelem) @@ -119,46 +102,39 @@ static STACK_OF(X509) *load_chain(BIO *fp, int nelem) STACK_OF(X509) *chain; typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long); - if ((chain = sk_X509_new_null()) == 0) { - perror("malloc"); - exit(1); - } + if (!TEST_ptr(chain = sk_X509_new_null())) + goto err; for (count = 0; count < nelem && errtype == 0 - && PEM_read_bio(fp, &name, &header, &data, &len); + && PEM_read_bio(fp, &name, &header, &data, &len) == 1; ++count) { - const unsigned char *p = data; - if (strcmp(name, PEM_STRING_X509) == 0 - || strcmp(name, PEM_STRING_X509_TRUSTED) == 0 - || strcmp(name, PEM_STRING_X509_OLD) == 0) { - d2i_X509_t d = strcmp(name, PEM_STRING_X509_TRUSTED) ? - d2i_X509_AUX : d2i_X509; - X509 *cert = d(0, &p, len); - - if (cert == 0 || (p - data) != len) - errtype = "certificate"; - else if (sk_X509_push(chain, cert) == 0) { - perror("malloc"); + || strcmp(name, PEM_STRING_X509_TRUSTED) == 0 + || strcmp(name, PEM_STRING_X509_OLD) == 0) { + d2i_X509_t d = strcmp(name, PEM_STRING_X509_TRUSTED) != 0 + ? d2i_X509_AUX : d2i_X509; + X509 *cert; + const unsigned char *p = data; + + if (!TEST_ptr(cert = d(0, &p, len)) + || !TEST_long_eq(p - data, len)) { + TEST_info("Certificate parsing error"); goto err; } + + if (!TEST_true(sk_X509_push(chain, cert))) + goto err; } else { - fprintf(stderr, "unexpected chain file object: %s\n", name); + TEST_info("Unknown chain file object %s", name); goto err; } - /* - * If any of these were null, PEM_read() would have failed. - */ OPENSSL_free(name); OPENSSL_free(header); OPENSSL_free(data); - } - - if (errtype) { - fprintf(stderr, "error reading: malformed %s\n", errtype); - goto err; + name = header = NULL; + data = NULL; } if (count == nelem) { @@ -167,9 +143,10 @@ static STACK_OF(X509) *load_chain(BIO *fp, int nelem) } err: - /* Some other PEM read error */ + OPENSSL_free(name); + OPENSSL_free(header); + OPENSSL_free(data); sk_X509_pop_free(chain, X509_free); - print_errors(); return NULL; } @@ -182,18 +159,16 @@ static char *read_to_eol(BIO *f) return NULL; n = strlen(buf); - - if (buf[n-1] != '\n') { - if (n+1 == sizeof(buf)) { - fprintf(stderr, "%s: warning: input too long\n", progname); - } else { - fprintf(stderr, "%s: warning: EOF before newline\n", progname); - } + if (buf[n - 1] != '\n') { + if (n + 1 == sizeof(buf)) + TEST_error("input too long"); + else + TEST_error("EOF before newline"); return NULL; } /* Trim trailing whitespace */ - while (n > 0 && isspace(_UC(buf[n-1]))) + while (n > 0 && isspace(_UC(buf[n - 1]))) buf[--n] = '\0'; return buf; @@ -205,13 +180,14 @@ static char *read_to_eol(BIO *f) static ossl_ssize_t hexdecode(const char *in, void *result) { unsigned char **out = (unsigned char **)result; - unsigned char *ret = OPENSSL_malloc(strlen(in)/2); - unsigned char *cp = ret; + unsigned char *ret; + unsigned char *cp; uint8_t byte; int nibble = 0; - if (ret == NULL) + if (!TEST_ptr(ret = OPENSSL_malloc(strlen(in) / 2))) return -1; + cp = ret; for (byte = 0; *in; ++in) { int x; @@ -287,25 +263,22 @@ static int tlsa_import_rr(SSL *ssl, const char *rrdata) for (f = tlsa_fields; f->var; ++f) { if ((len = f->parser(cp += len, f->var)) <= 0) { - fprintf(stderr, "%s: warning: bad TLSA %s field in: %s\n", - progname, f->name, rrdata); + TEST_info("bad TLSA %s field in: %s", f->name, rrdata); return 0; } } + ret = SSL_dane_tlsa_add(ssl, usage, selector, mtype, data, len); OPENSSL_free(data); - if (ret == 0) { - print_errors(); - fprintf(stderr, "%s: warning: unusable TLSA rrdata: %s\n", - progname, rrdata); + TEST_info("unusable TLSA rrdata: %s", rrdata); return 0; } if (ret < 0) { - fprintf(stderr, "%s: warning: error loading TLSA rrdata: %s\n", - progname, rrdata); + TEST_info("error loading TLSA rrdata: %s", rrdata); return 0; } + return ret; } @@ -345,17 +318,16 @@ static int test_tlsafile(SSL_CTX *ctx, const char *base_name, if (sscanf(line, "%d %d %d %d %d%n", &ntlsa, &ncert, &noncheck, &want, &want_depth, &off) != 5 || !allws(line + off)) { - fprintf(stderr, "Expected tlsa count, cert count and result" - " at test %d of %s\n", testno, path); + TEST_error("Malformed line for test %d", testno); return 0; } - if ((ssl = SSL_new(ctx)) == NULL) - return -1; + if (!TEST_ptr(ssl = SSL_new(ctx))) + return 0; SSL_set_connect_state(ssl); if (SSL_dane_enable(ssl, base_name) <= 0) { SSL_free(ssl); - return -1; + return 0; } if (noncheck) SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS); @@ -369,10 +341,9 @@ static int test_tlsafile(SSL_CTX *ctx, const char *base_name, /* Don't report old news */ ERR_clear_error(); - chain = load_chain(f, ncert); - if (chain == NULL) { + if (!TEST_ptr(chain = load_chain(f, ncert))) { SSL_free(ssl); - return -1; + return 0; } ok = verify_chain(ssl, chain); @@ -389,114 +360,69 @@ static int test_tlsafile(SSL_CTX *ctx, const char *base_name, SSL_set_verify_result(ssl, err); SSL_free(ssl); - if (ok < 0) { + if (!TEST_int_eq(err, want)) { + if (want == X509_V_OK) + TEST_info("Verification failure in test %d: %d=%s", + testno, err, X509_verify_cert_error_string(err)); + else + TEST_info("Unexpected error in test %d", testno); ret = 0; - fprintf(stderr, "verify_chain internal error in %s test %d\n", - path, testno); - print_errors(); continue; } - if (err != want || (want == 0 && !ok)) { + if (!TEST_false(want == 0 && ok == 0)) { + TEST_info("Verification failure in test %d: ok=0", testno); ret = 0; - if (err != want) { - if (want == X509_V_OK) - fprintf(stderr, "Verification failure in %s test %d: %d: %s\n", - path, testno, err, X509_verify_cert_error_string(err)); - else - fprintf(stderr, "Unexpected error in %s test %d: %d: wanted %d\n", - path, testno, err, want); - } else { - fprintf(stderr, "Verification failure in %s test %d: ok=0\n", - path, testno); - } - print_errors(); continue; } - if (mdpth != want_depth) { + if (!TEST_int_eq(mdpth, want_depth)) { + TEST_info("In test test %d", testno); ret = 0; - fprintf(stderr, "Wrong match depth, in %s test %d: wanted %d, got: %d\n", - path, testno, want_depth, mdpth); } - fprintf(stderr, "%s: test %d successful\n", path, testno); } ERR_clear_error(); return ret; } -int main(int argc, char *argv[]) +static int run_tlsatest(void) { - BIO *f; - BIO *bio_err; SSL_CTX *ctx = NULL; - const char *basedomain; - const char *CAfile; - const char *tlsafile; - const char *p; - int ret = 1; - - progname = argv[0]; - if (argc != 4) { - test_usage(); - EXIT(ret); - } - basedomain = argv[1]; - CAfile = argv[2]; - tlsafile = argv[3]; - - bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - p = getenv("OPENSSL_DEBUG_MEMORY"); - if (p != NULL && strcmp(p, "on") == 0) - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - f = BIO_new_file(tlsafile, "r"); - if (f == NULL) { - fprintf(stderr, "%s: Error opening tlsa record file: '%s': %s\n", - progname, tlsafile, strerror(errno)); - EXIT(ret); - } - - ctx = SSL_CTX_new(TLS_client_method()); - if (SSL_CTX_dane_enable(ctx) <= 0) { - print_errors(); - goto end; - } - if (!SSL_CTX_load_verify_locations(ctx, CAfile, NULL)) { - print_errors(); - goto end; - } - if ((SSL_CTX_dane_mtype_set(ctx, EVP_sha512(), 2, 1)) <= 0) { - print_errors(); - goto end; - } - if ((SSL_CTX_dane_mtype_set(ctx, EVP_sha256(), 1, 2)) <= 0) { - print_errors(); + BIO *f = NULL; + int ret = 0; + + if (!TEST_ptr(f = BIO_new_file(tlsafile, "r")) + || !TEST_ptr(ctx = SSL_CTX_new(TLS_client_method())) + || !TEST_int_gt(SSL_CTX_dane_enable(ctx), 0) + || !TEST_true(SSL_CTX_load_verify_locations(ctx, CAfile, NULL)) + || !TEST_int_gt(SSL_CTX_dane_mtype_set(ctx, EVP_sha512(), 2, 1), + 0) + || !TEST_int_gt(SSL_CTX_dane_mtype_set(ctx, EVP_sha256(), 1, 2), + 0) + || !TEST_int_gt(test_tlsafile(ctx, basedomain, f, tlsafile), 0)) goto end; - } - - if (test_tlsafile(ctx, basedomain, f, tlsafile) <= 0) { - print_errors(); - goto end; - } - - ret = 0; + ret = 1; end: - BIO_free(f); SSL_CTX_free(ctx); -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(bio_err) <= 0) - ret = 1; -#endif - BIO_free(bio_err); - EXIT(ret); + return ret; +} + +int setup_tests(void) +{ + if (!TEST_ptr(basedomain = test_get_argument(0)) + || !TEST_ptr(CAfile = test_get_argument(1)) + || !TEST_ptr(tlsafile = test_get_argument(2))) { + TEST_error("Usage error: danetest basedomain CAfile tlsafile"); + return 0; + } + + ADD_TEST(run_tlsatest); + return 1; } -#include <internal/dane.h> +#include "internal/dane.h" static void store_ctx_dane_init(X509_STORE_CTX *store_ctx, SSL *ssl) { diff --git a/deps/openssl/openssl/test/destest.c b/deps/openssl/openssl/test/destest.c index 84d753dde9..26c5f83e2a 100644 --- a/deps/openssl/openssl/test/destest.c +++ b/deps/openssl/openssl/test/destest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,34 +7,19 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> -#include <stdlib.h> - #include <openssl/e_os2.h> -#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINDOWS) -# ifndef OPENSSL_SYS_MSDOS -# define OPENSSL_SYS_MSDOS -# endif -#endif - -#ifndef OPENSSL_SYS_MSDOS -# if !defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_VMS_DECC) -# include OPENSSL_UNISTD -# endif -#else -# include <io.h> -#endif #include <string.h> -#ifdef OPENSSL_NO_DES -int main(int argc, char *argv[]) -{ - printf("No DES support\n"); - return (0); -} -#else +#include "testutil.h" + +#ifndef OPENSSL_NO_DES # include <openssl/des.h> +/* In case any platform doesn't use unsigned int for its checksums */ +# define TEST_cs_eq TEST_uint_eq + +# define DATA_BUF_SIZE 20 + /* tisk tisk - the test keys don't all have odd parity :-( */ /* test data */ # define NUM_TESTS 34 @@ -298,507 +283,439 @@ static DES_LONG cbc_cksum_ret = 0xF7FE62B4L; static unsigned char cbc_cksum_data[8] = { 0x1D, 0x26, 0x93, 0x97, 0xf7, 0xfe, 0x62, 0xb4 }; -static char *pt(unsigned char *p); -static int cfb_test(int bits, unsigned char *cfb_cipher); -static int cfb64_test(unsigned char *cfb_cipher); -static int ede_cfb64_test(unsigned char *cfb_cipher); -int main(int argc, char *argv[]) +static char *pt(const unsigned char *p, char buf[DATA_BUF_SIZE]) { - int j, err = 0; - unsigned int i; - DES_cblock in, out, outin, iv3; + char *ret; + int i; + static char *f = "0123456789ABCDEF"; + + ret = &(buf[0]); + for (i = 0; i < 8; i++) { + ret[i * 2] = f[(p[i] >> 4) & 0xf]; + ret[i * 2 + 1] = f[p[i] & 0xf]; + } + ret[16] = '\0'; + return ret; +} + +static int test_des_ecb(int i) +{ + DES_key_schedule ks; + DES_cblock in, out, outin; + char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; + + DES_set_key_unchecked(&key_data[i], &ks); + memcpy(in, plain_data[i], 8); + memset(out, 0, 8); + memset(outin, 0, 8); + DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); + DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); + + if (!TEST_mem_eq(out, 8, cipher_data[i], 8)) { + TEST_info("Encryption error %2d k=%s p=%s", i + 1, + pt(key_data[i], b1), pt(in, b2)); + return 0; + } + if (!TEST_mem_eq(in, 8, outin, 8)) { + TEST_info("Decryption error %2d k=%s p=%s", i + 1, + pt(key_data[i], b1), pt(out, b2)); + return 0; + } + return 1; +} + +static int test_des_ede_ecb(int i) +{ + DES_cblock in, out, outin; DES_key_schedule ks, ks2, ks3; + char b1[DATA_BUF_SIZE], b2[DATA_BUF_SIZE]; + + DES_set_key_unchecked(&key_data[i], &ks); + DES_set_key_unchecked(&key_data[i + 1], &ks2); + DES_set_key_unchecked(&key_data[i + 2], &ks3); + memcpy(in, plain_data[i], 8); + memset(out, 0, 8); + memset(outin, 0, 8); + DES_ecb3_encrypt(&in, &out, &ks, &ks2, &ks, DES_ENCRYPT); + DES_ecb3_encrypt(&out, &outin, &ks, &ks2, &ks, DES_DECRYPT); + + if (!TEST_mem_eq(out, 8, cipher_ecb2[i], 8)) { + TEST_info("Encryption error %2d k=%s p=%s", i + 1, + pt(key_data[i], b1), pt(in, b2)); + return 0; + } + if (!TEST_mem_eq(in, 8, outin, 8)) { + TEST_info("Decryption error %2d k=%s p=%s ", i + 1, + pt(key_data[i], b1), pt(out, b2)); + return 0; + } + return 1; +} + +static int test_des_cbc(void) +{ unsigned char cbc_in[40]; unsigned char cbc_out[40]; - DES_LONG cs; - unsigned char cret[8]; - DES_LONG lqret[4]; - int num; - char *str; - - printf("Doing ecb\n"); - for (i = 0; i < NUM_TESTS; i++) { - DES_set_key_unchecked(&key_data[i], &ks); - memcpy(in, plain_data[i], 8); - memset(out, 0, 8); - memset(outin, 0, 8); - DES_ecb_encrypt(&in, &out, &ks, DES_ENCRYPT); - DES_ecb_encrypt(&out, &outin, &ks, DES_DECRYPT); - - if (memcmp(out, cipher_data[i], 8) != 0) { - printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", - i + 1, pt(key_data[i]), pt(in), pt(cipher_data[i]), - pt(out)); - err = 1; - } - if (memcmp(in, outin, 8) != 0) { - printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", - i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin)); - err = 1; - } - } - -# ifndef LIBDES_LIT - printf("Doing ede ecb\n"); - for (i = 0; i < (NUM_TESTS - 2); i++) { - DES_set_key_unchecked(&key_data[i], &ks); - DES_set_key_unchecked(&key_data[i + 1], &ks2); - DES_set_key_unchecked(&key_data[i + 2], &ks3); - memcpy(in, plain_data[i], 8); - memset(out, 0, 8); - memset(outin, 0, 8); - DES_ecb3_encrypt(&in,&out,&ks,&ks2,&ks,DES_ENCRYPT); - DES_ecb3_encrypt(&out,&outin,&ks,&ks2,&ks,DES_DECRYPT); - - if (memcmp(out, cipher_ecb2[i], 8) != 0) { - printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n", - i + 1, pt(key_data[i]), pt(in), pt(cipher_ecb2[i]), - pt(out)); - err = 1; - } - if (memcmp(in, outin, 8) != 0) { - printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n", - i + 1, pt(key_data[i]), pt(out), pt(in), pt(outin)); - err = 1; - } - } -# endif + DES_cblock iv3; + DES_key_schedule ks; + const size_t cbc_data_len = strlen((char *)cbc_data); - printf("Doing cbc\n"); - if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { - printf("Key error %d\n", j); - err = 1; - } - memset(cbc_out, 0, 40); - memset(cbc_in, 0, 40); + if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) + return 0; + memset(cbc_out, 0, sizeof(cbc_out)); + memset(cbc_in, 0, sizeof(cbc_in)); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); - DES_ncbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, + DES_ncbc_encrypt(cbc_data, cbc_out, cbc_data_len + 1, &ks, &iv3, DES_ENCRYPT); - if (memcmp(cbc_out, cbc_ok, 32) != 0) { - printf("cbc_encrypt encrypt error\n"); - err = 1; - } + if (!TEST_mem_eq(cbc_out, 32, cbc_ok, 32)) + return 0; memcpy(iv3, cbc_iv, sizeof(cbc_iv)); - DES_ncbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, + DES_ncbc_encrypt(cbc_out, cbc_in, cbc_data_len + 1, &ks, &iv3, DES_DECRYPT); - if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data)) != 0) { - printf("cbc_encrypt decrypt error\n"); - err = 1; - } -# ifndef LIBDES_LIT - printf("Doing desx cbc\n"); - if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { - printf("Key error %d\n", j); - err = 1; - } - memset(cbc_out, 0, 40); - memset(cbc_in, 0, 40); + return TEST_mem_eq(cbc_in, cbc_data_len, cbc_data, cbc_data_len); +} + +static int test_des_ede_cbc(void) +{ + DES_cblock iv3; + DES_key_schedule ks; + unsigned char cbc_in[40]; + unsigned char cbc_out[40]; + const size_t n = strlen((char *)cbc_data) + 1; + + if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) + return 0; + memset(cbc_out, 0, sizeof(cbc_out)); + memset(cbc_in, 0, sizeof(cbc_in)); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); - DES_xcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, - &iv3, &cbc2_key, &cbc3_key, DES_ENCRYPT); - if (memcmp(cbc_out, xcbc_ok, 32) != 0) { - printf("des_xcbc_encrypt encrypt error\n"); - err = 1; - } + DES_xcbc_encrypt(cbc_data, cbc_out, n, &ks, &iv3, &cbc2_key, &cbc3_key, + DES_ENCRYPT); + if (!TEST_mem_eq(cbc_out, sizeof(xcbc_ok), xcbc_ok, sizeof(xcbc_ok))) + return 0; memcpy(iv3, cbc_iv, sizeof(cbc_iv)); - DES_xcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, - &iv3, &cbc2_key, &cbc3_key, DES_DECRYPT); - if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { - printf("des_xcbc_encrypt decrypt error\n"); - err = 1; - } -# endif + DES_xcbc_encrypt(cbc_out, cbc_in, n, &ks, &iv3, &cbc2_key, &cbc3_key, + DES_DECRYPT); + return TEST_mem_eq(cbc_data, n, cbc_data, n); +} - printf("Doing ede cbc\n"); - if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { - printf("Key error %d\n", j); - err = 1; - } - if ((j = DES_set_key_checked(&cbc2_key, &ks2)) != 0) { - printf("Key error %d\n", j); - err = 1; - } - if ((j = DES_set_key_checked(&cbc3_key, &ks3)) != 0) { - printf("Key error %d\n", j); - err = 1; - } - memset(cbc_out, 0, 40); - memset(cbc_in, 0, 40); - i = strlen((char *)cbc_data) + 1; - /* i=((i+7)/8)*8; */ +static int test_ede_cbc(void) +{ + DES_cblock iv3; + DES_key_schedule ks, ks2, ks3; + unsigned char cbc_in[40]; + unsigned char cbc_out[40]; + const size_t i = strlen((char *)cbc_data) + 1; + const size_t n = (i + 7) / 8 * 8; + + if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) + return 0; + if (!TEST_int_eq(DES_set_key_checked(&cbc2_key, &ks2), 0)) + return 0; + if (!TEST_int_eq(DES_set_key_checked(&cbc3_key, &ks3), 0)) + return 0; + memset(cbc_out, 0, sizeof(cbc_out)); + memset(cbc_in, 0, sizeof(cbc_in)); memcpy(iv3, cbc_iv, sizeof(cbc_iv)); DES_ede3_cbc_encrypt(cbc_data, cbc_out, 16L, &ks, &ks2, &ks3, &iv3, DES_ENCRYPT); - DES_ede3_cbc_encrypt(&(cbc_data[16]), &(cbc_out[16]), i - 16, &ks, &ks2, + DES_ede3_cbc_encrypt(&cbc_data[16], &cbc_out[16], i - 16, &ks, &ks2, &ks3, &iv3, DES_ENCRYPT); - if (memcmp - (cbc_out, cbc3_ok, - (unsigned int)(strlen((char *)cbc_data) + 1 + 7) / 8 * 8) != 0) { - unsigned int n; - - printf("des_ede3_cbc_encrypt encrypt error\n"); - for (n = 0; n < i; ++n) - printf(" %02x", cbc_out[n]); - printf("\n"); - for (n = 0; n < i; ++n) - printf(" %02x", cbc3_ok[n]); - printf("\n"); - err = 1; - } + if (!TEST_mem_eq(cbc_out, n, cbc3_ok, n)) + return 0; memcpy(iv3, cbc_iv, sizeof(cbc_iv)); - DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, DES_DECRYPT); - if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { - unsigned int n; - - printf("DES_ede3_cbc_encrypt decrypt error\n"); - for (n = 0; n < i; ++n) - printf(" %02x", cbc_data[n]); - printf("\n"); - for (n = 0; n < i; ++n) - printf(" %02x", cbc_in[n]); - printf("\n"); - err = 1; - } -# ifndef LIBDES_LIT - printf("Doing pcbc\n"); - if ((j = DES_set_key_checked(&cbc_key, &ks)) != 0) { - printf("Key error %d\n", j); - err = 1; - } - memset(cbc_out, 0, 40); - memset(cbc_in, 0, 40); - DES_pcbc_encrypt(cbc_data, cbc_out, strlen((char *)cbc_data) + 1, &ks, + DES_ede3_cbc_encrypt(cbc_out, cbc_in, i, &ks, &ks2, &ks3, &iv3, + DES_DECRYPT); + return TEST_mem_eq(cbc_in, i, cbc_data, i); +} + +static int test_input_align(int i) +{ + unsigned char cbc_out[40]; + DES_cblock iv; + DES_key_schedule ks; + const size_t n = strlen(i + (char *)cbc_data) + 1; + + memset(cbc_out, 0, sizeof(cbc_out)); + memcpy(iv, cbc_iv, sizeof(cbc_iv)); + if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) + return 0; + DES_ncbc_encrypt(&cbc_data[i], cbc_out, n, &ks, &iv, DES_ENCRYPT); + return 1; +} + +static int test_output_align(int i) +{ + unsigned char cbc_out[40]; + DES_cblock iv; + DES_key_schedule ks; + const size_t n = strlen((char *)cbc_data) + 1; + + memset(cbc_out, 0, sizeof(cbc_out)); + memcpy(iv, cbc_iv, sizeof(cbc_iv)); + if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) + return 0; + DES_ncbc_encrypt(cbc_data, &cbc_out[i], n, &ks, &iv, DES_ENCRYPT); + return 1; +} + +static int test_des_crypt(void) +{ + if (!TEST_str_eq("efGnQx2725bI2", DES_crypt("testing", "ef"))) + return 0; + if (!TEST_str_eq("yA1Rp/1hZXIJk", DES_crypt("bca76;23", "yA"))) + return 0; + + if (!TEST_ptr_null(DES_crypt("testing", "y\202"))) + return 0; + if (!TEST_ptr_null(DES_crypt("testing", "\0A"))) + return 0; + if (!TEST_ptr_null(DES_crypt("testing", "A"))) + return 0; + return 1; +} + +static int test_des_pcbc(void) +{ + unsigned char cbc_in[40]; + unsigned char cbc_out[40]; + DES_key_schedule ks; + const int n = strlen((char *)cbc_data) + 1; + + if (!TEST_int_eq(DES_set_key_checked(&cbc_key, &ks), 0)) + return 0; + memset(cbc_out, 0, sizeof(cbc_out)); + memset(cbc_in, 0, sizeof(cbc_in)); + DES_pcbc_encrypt(cbc_data, cbc_out, n, &ks, &cbc_iv, DES_ENCRYPT); - if (memcmp(cbc_out, pcbc_ok, 32) != 0) { - printf("pcbc_encrypt encrypt error\n"); - err = 1; - } - DES_pcbc_encrypt(cbc_out, cbc_in, strlen((char *)cbc_data) + 1, &ks, + if (!TEST_mem_eq(cbc_out, sizeof(pcbc_ok), pcbc_ok, sizeof(pcbc_ok))) + return 0; + DES_pcbc_encrypt(cbc_out, cbc_in, n, &ks, &cbc_iv, DES_DECRYPT); - if (memcmp(cbc_in, cbc_data, strlen((char *)cbc_data) + 1) != 0) { - printf("pcbc_encrypt decrypt error\n"); - err = 1; - } + return TEST_mem_eq(cbc_in, n, cbc_data, n); +} - printf("Doing "); - printf("cfb8 "); - err += cfb_test(8, cfb_cipher8); - printf("cfb16 "); - err += cfb_test(16, cfb_cipher16); - printf("cfb32 "); - err += cfb_test(32, cfb_cipher32); - printf("cfb48 "); - err += cfb_test(48, cfb_cipher48); - printf("cfb64 "); - err += cfb_test(64, cfb_cipher64); - - printf("cfb64() "); - err += cfb64_test(cfb_cipher64); +static int cfb_test(int bits, unsigned char *cfb_cipher) +{ + DES_key_schedule ks; + + DES_set_key_checked(&cfb_key, &ks); + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); + DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp, + DES_ENCRYPT); + if (!TEST_mem_eq(cfb_cipher, sizeof(plain), cfb_buf1, sizeof(plain))) + return 0; + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); + DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp, + DES_DECRYPT); + return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); +} + +static int test_des_cfb8(void) +{ + return cfb_test(8, cfb_cipher8); +} + +static int test_des_cfb16(void) +{ + return cfb_test(16, cfb_cipher16); +} + +static int test_des_cfb32(void) +{ + return cfb_test(32, cfb_cipher32); +} + +static int test_des_cfb48(void) +{ + return cfb_test(48, cfb_cipher48); +} + +static int test_des_cfb64(void) +{ + DES_key_schedule ks; + int n; + size_t i; + + if (!cfb_test(64, cfb_cipher64)) + return 0; + + DES_set_key_checked(&cfb_key, &ks); + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); + n = 0; + DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT); + DES_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, + &cfb_tmp, &n, DES_ENCRYPT); + if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) + return 0; + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); + n = 0; + DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT); + DES_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], + sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT); + if (!TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain))) + return 0; memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); for (i = 0; i < sizeof(plain); i++) - DES_cfb_encrypt(&(plain[i]), &(cfb_buf1[i]), - 8, 1, &ks, &cfb_tmp, DES_ENCRYPT); - if (memcmp(cfb_cipher8, cfb_buf1, sizeof(plain)) != 0) { - printf("cfb_encrypt small encrypt error\n"); - err = 1; - } + DES_cfb_encrypt(&plain[i], &cfb_buf1[i], 8, 1, &ks, &cfb_tmp, + DES_ENCRYPT); + if (!TEST_mem_eq(cfb_cipher8, sizeof(plain), cfb_buf1, sizeof(plain))) + return 0; memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); for (i = 0; i < sizeof(plain); i++) - DES_cfb_encrypt(&(cfb_buf1[i]), &(cfb_buf2[i]), - 8, 1, &ks, &cfb_tmp, DES_DECRYPT); - if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) { - printf("cfb_encrypt small decrypt error\n"); - err = 1; - } + DES_cfb_encrypt(&cfb_buf1[i], &cfb_buf2[i], 8, 1, &ks, &cfb_tmp, + DES_DECRYPT); + return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); +} - printf("ede_cfb64() "); - err += ede_cfb64_test(cfb_cipher64); +static int test_des_ede_cfb64(void) +{ + DES_key_schedule ks; + int n; - printf("done\n"); + DES_set_key_checked(&cfb_key, &ks); + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); + n = 0; + DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n, + DES_ENCRYPT); + DES_ede3_cfb64_encrypt(&plain[12], &cfb_buf1[12], sizeof(plain) - 12, &ks, + &ks, &ks, &cfb_tmp, &n, DES_ENCRYPT); + if (!TEST_mem_eq(cfb_cipher64, sizeof(plain), cfb_buf1, sizeof(plain))) + return 0; + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); + n = 0; + DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks, + &cfb_tmp, &n, DES_DECRYPT); + DES_ede3_cfb64_encrypt(&cfb_buf1[17], &cfb_buf2[17], sizeof(plain) - 17, + &ks, &ks, &ks, &cfb_tmp, &n, DES_DECRYPT); + return TEST_mem_eq(plain, sizeof(plain), cfb_buf2, sizeof(plain)); +} + +static int test_des_ofb(void) +{ + DES_key_schedule ks; - printf("Doing ofb\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); DES_ofb_encrypt(plain, ofb_buf1, 64, sizeof(plain) / 8, &ks, &ofb_tmp); - if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { - printf("ofb_encrypt encrypt error\n"); - printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", - ofb_buf1[8 + 0], ofb_buf1[8 + 1], ofb_buf1[8 + 2], - ofb_buf1[8 + 3], ofb_buf1[8 + 4], ofb_buf1[8 + 5], - ofb_buf1[8 + 6], ofb_buf1[8 + 7]); - printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", ofb_buf1[8 + 0], - ofb_cipher[8 + 1], ofb_cipher[8 + 2], ofb_cipher[8 + 3], - ofb_buf1[8 + 4], ofb_cipher[8 + 5], ofb_cipher[8 + 6], - ofb_cipher[8 + 7]); - err = 1; - } + if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) + return 0; + memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); DES_ofb_encrypt(ofb_buf1, ofb_buf2, 64, sizeof(ofb_buf1) / 8, &ks, &ofb_tmp); - if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { - printf("ofb_encrypt decrypt error\n"); - printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", - ofb_buf2[8 + 0], ofb_buf2[8 + 1], ofb_buf2[8 + 2], - ofb_buf2[8 + 3], ofb_buf2[8 + 4], ofb_buf2[8 + 5], - ofb_buf2[8 + 6], ofb_buf2[8 + 7]); - printf("%02X %02X %02X %02X %02X %02X %02X %02X\n", plain[8 + 0], - plain[8 + 1], plain[8 + 2], plain[8 + 3], plain[8 + 4], - plain[8 + 5], plain[8 + 6], plain[8 + 7]); - err = 1; - } + return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); +} + +static int test_des_ofb64(void) +{ + DES_key_schedule ks; + int num; + size_t i; - printf("Doing ofb64\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); memset(ofb_buf1, 0, sizeof(ofb_buf1)); memset(ofb_buf2, 0, sizeof(ofb_buf1)); num = 0; for (i = 0; i < sizeof(plain); i++) { - DES_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ofb_tmp, &num); - } - if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { - printf("ofb64_encrypt encrypt error\n"); - err = 1; + DES_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ofb_tmp, &num); } + if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) + return 0; memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); num = 0; DES_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ofb_tmp, &num); - if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { - printf("ofb64_encrypt decrypt error\n"); - err = 1; - } + return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); +} + +static int test_des_ede_ofb64(void) +{ + DES_key_schedule ks; + int num; + size_t i; - printf("Doing ede_ofb64\n"); DES_set_key_checked(&ofb_key, &ks); memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); memset(ofb_buf1, 0, sizeof(ofb_buf1)); memset(ofb_buf2, 0, sizeof(ofb_buf1)); num = 0; for (i = 0; i < sizeof(plain); i++) { - DES_ede3_ofb64_encrypt(&(plain[i]), &(ofb_buf1[i]), 1, &ks, &ks, + DES_ede3_ofb64_encrypt(&plain[i], &ofb_buf1[i], 1, &ks, &ks, &ks, &ofb_tmp, &num); } - if (memcmp(ofb_cipher, ofb_buf1, sizeof(ofb_buf1)) != 0) { - printf("ede_ofb64_encrypt encrypt error\n"); - err = 1; - } + if (!TEST_mem_eq(ofb_cipher, sizeof(ofb_buf1), ofb_buf1, sizeof(ofb_buf1))) + return 0; memcpy(ofb_tmp, ofb_iv, sizeof(ofb_iv)); num = 0; DES_ede3_ofb64_encrypt(ofb_buf1, ofb_buf2, sizeof(ofb_buf1), &ks, &ks, &ks, &ofb_tmp, &num); - if (memcmp(plain, ofb_buf2, sizeof(ofb_buf2)) != 0) { - printf("ede_ofb64_encrypt decrypt error\n"); - err = 1; - } - - printf("Doing cbc_cksum\n"); - DES_set_key_checked(&cbc_key, &ks); - cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, - &cbc_iv); - if (cs != cbc_cksum_ret) { - printf("bad return value (%08lX), should be %08lX\n", - (unsigned long)cs, (unsigned long)cbc_cksum_ret); - err = 1; - } - if (memcmp(cret, cbc_cksum_data, 8) != 0) { - printf("bad cbc_cksum block returned\n"); - err = 1; - } - - printf("Doing quad_cksum\n"); - cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, - (long)strlen((char *)cbc_data), 2, - (DES_cblock *)cbc_iv); - if (cs != 0x70d7a63aL) { - printf("quad_cksum error, ret %08lx should be 70d7a63a\n", - (unsigned long)cs); - err = 1; - } - if (lqret[0] != 0x327eba8dL) { - printf("quad_cksum error, out[0] %08lx is not %08lx\n", - (unsigned long)lqret[0], 0x327eba8dUL); - err = 1; - } - if (lqret[1] != 0x201a49ccL) { - printf("quad_cksum error, out[1] %08lx is not %08lx\n", - (unsigned long)lqret[1], 0x201a49ccUL); - err = 1; - } - if (lqret[2] != 0x70d7a63aL) { - printf("quad_cksum error, out[2] %08lx is not %08lx\n", - (unsigned long)lqret[2], 0x70d7a63aUL); - err = 1; - } - if (lqret[3] != 0x501c2c26L) { - printf("quad_cksum error, out[3] %08lx is not %08lx\n", - (unsigned long)lqret[3], 0x501c2c26UL); - err = 1; - } -# endif - - printf("input word alignment test"); - for (i = 0; i < 4; i++) { - printf(" %d", i); - DES_ncbc_encrypt(&(cbc_out[i]), cbc_in, - strlen((char *)cbc_data) + 1, &ks, - &cbc_iv, DES_ENCRYPT); - } - printf("\noutput word alignment test"); - for (i = 0; i < 4; i++) { - printf(" %d", i); - DES_ncbc_encrypt(cbc_out, &(cbc_in[i]), - strlen((char *)cbc_data) + 1, &ks, - &cbc_iv, DES_ENCRYPT); - } - printf("\n"); - printf("fast crypt test "); - str = DES_crypt("testing", "ef"); - if (strcmp("efGnQx2725bI2", str) != 0) { - printf("fast crypt error, %s should be efGnQx2725bI2\n", str); - err = 1; - } - str = DES_crypt("bca76;23", "yA"); - if (strcmp("yA1Rp/1hZXIJk", str) != 0) { - printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n", str); - err = 1; - } - str = DES_crypt("testing", "y\202"); - if (str != NULL) { - printf("salt error only usascii are accepted\n"); - err = 1; - } - str = DES_crypt("testing", "\0A"); - if (str != NULL) { - printf("salt error cannot contain null terminator\n"); - err = 1; - } - str = DES_crypt("testing", "A"); - if (str != NULL) { - printf("salt error must be at least 2\n"); - err = 1; - } - printf("\n"); - return (err); -} - -static char *pt(unsigned char *p) -{ - static char bufs[10][20]; - static int bnum = 0; - char *ret; - int i; - static char *f = "0123456789ABCDEF"; - - ret = &(bufs[bnum++][0]); - bnum %= 10; - for (i = 0; i < 8; i++) { - ret[i * 2] = f[(p[i] >> 4) & 0xf]; - ret[i * 2 + 1] = f[p[i] & 0xf]; - } - ret[16] = '\0'; - return (ret); + return TEST_mem_eq(plain, sizeof(ofb_buf2), ofb_buf2, sizeof(ofb_buf2)); } -# ifndef LIBDES_LIT - -static int cfb_test(int bits, unsigned char *cfb_cipher) +static int test_des_cbc_cksum(void) { + DES_LONG cs; DES_key_schedule ks; - int i, err = 0; + unsigned char cret[8]; - DES_set_key_checked(&cfb_key, &ks); - memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); - DES_cfb_encrypt(plain, cfb_buf1, bits, sizeof(plain), &ks, &cfb_tmp, - DES_ENCRYPT); - if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) { - err = 1; - printf("cfb_encrypt encrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); - DES_cfb_encrypt(cfb_buf1, cfb_buf2, bits, sizeof(plain), &ks, &cfb_tmp, - DES_DECRYPT); - if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) { - err = 1; - printf("cfb_encrypt decrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf1[i]))); - } - return (err); + DES_set_key_checked(&cbc_key, &ks); + cs = DES_cbc_cksum(cbc_data, &cret, strlen((char *)cbc_data), &ks, + &cbc_iv); + if (!TEST_cs_eq(cs, cbc_cksum_ret)) + return 0; + return TEST_mem_eq(cret, 8, cbc_cksum_data, 8); } -static int cfb64_test(unsigned char *cfb_cipher) +static int test_des_quad_cksum(void) { - DES_key_schedule ks; - int err = 0, i, n; + DES_LONG cs, lqret[4]; - DES_set_key_checked(&cfb_key, &ks); - memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); - n = 0; - DES_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &cfb_tmp, &n, DES_ENCRYPT); - DES_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]), sizeof(plain) - 12, &ks, - &cfb_tmp, &n, DES_ENCRYPT); - if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) { - err = 1; - printf("cfb_encrypt encrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); - n = 0; - DES_cfb64_encrypt(cfb_buf1, cfb_buf2, 17, &ks, &cfb_tmp, &n, DES_DECRYPT); - DES_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]), - sizeof(plain) - 17, &ks, &cfb_tmp, &n, DES_DECRYPT); - if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) { - err = 1; - printf("cfb_encrypt decrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf2[i]))); - } - return (err); + cs = DES_quad_cksum(cbc_data, (DES_cblock *)lqret, + (long)strlen((char *)cbc_data), 2, + (DES_cblock *)cbc_iv); + if (!TEST_cs_eq(cs, 0x70d7a63aL)) + return 0; + if (!TEST_cs_eq(lqret[0], 0x327eba8dL)) + return 0; + if (!TEST_cs_eq(lqret[1], 0x201a49ccL)) + return 0; + if (!TEST_cs_eq(lqret[2], 0x70d7a63aL)) + return 0; + if (!TEST_cs_eq(lqret[3], 0x501c2c26L)) + return 0; + return 1; } +#endif -static int ede_cfb64_test(unsigned char *cfb_cipher) +int setup_tests(void) { - DES_key_schedule ks; - int err = 0, i, n; - - DES_set_key_checked(&cfb_key, &ks); - memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); - n = 0; - DES_ede3_cfb64_encrypt(plain, cfb_buf1, 12, &ks, &ks, &ks, &cfb_tmp, &n, - DES_ENCRYPT); - DES_ede3_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]), - sizeof(plain) - 12, &ks, &ks, &ks, - &cfb_tmp, &n, DES_ENCRYPT); - if (memcmp(cfb_cipher, cfb_buf1, sizeof(plain)) != 0) { - err = 1; - printf("ede_cfb_encrypt encrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp, cfb_iv, sizeof(cfb_iv)); - n = 0; - DES_ede3_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)17, &ks, &ks, &ks, - &cfb_tmp, &n, DES_DECRYPT); - DES_ede3_cfb64_encrypt(&(cfb_buf1[17]), &(cfb_buf2[17]), - sizeof(plain) - 17, &ks, &ks, &ks, - &cfb_tmp, &n, DES_DECRYPT); - if (memcmp(plain, cfb_buf2, sizeof(plain)) != 0) { - err = 1; - printf("ede_cfb_encrypt decrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf2[i]))); - } - return (err); -} - -# endif +#ifndef OPENSSL_NO_DES + ADD_ALL_TESTS(test_des_ecb, NUM_TESTS); + ADD_TEST(test_des_cbc); + ADD_TEST(test_ede_cbc); + ADD_ALL_TESTS(test_des_ede_ecb, NUM_TESTS - 2); + ADD_TEST(test_des_ede_cbc); + ADD_TEST(test_des_pcbc); + ADD_TEST(test_des_cfb8); + ADD_TEST(test_des_cfb16); + ADD_TEST(test_des_cfb32); + ADD_TEST(test_des_cfb48); + ADD_TEST(test_des_cfb64); + ADD_TEST(test_des_ede_cfb64); + ADD_TEST(test_des_ofb); + ADD_TEST(test_des_ofb64); + ADD_TEST(test_des_ede_ofb64); + ADD_TEST(test_des_cbc_cksum); + ADD_TEST(test_des_quad_cksum); + ADD_TEST(test_des_crypt); + ADD_ALL_TESTS(test_input_align, 4); + ADD_ALL_TESTS(test_output_align, 4); #endif + return 1; +} diff --git a/deps/openssl/openssl/test/dhtest.c b/deps/openssl/openssl/test/dhtest.c index ecf2d9dc70..5b2fd6795f 100644 --- a/deps/openssl/openssl/test/dhtest.c +++ b/deps/openssl/openssl/test/dhtest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,172 +11,192 @@ #include <stdlib.h> #include <string.h> -#include "../e_os.h" - +#include "internal/nelem.h" #include <openssl/crypto.h> #include <openssl/bio.h> #include <openssl/bn.h> #include <openssl/rand.h> #include <openssl/err.h> +#include "testutil.h" -#ifdef OPENSSL_NO_DH -int main(int argc, char *argv[]) -{ - printf("No DH support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_DH # include <openssl/dh.h> static int cb(int p, int n, BN_GENCB *arg); -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; - -static int run_rfc5114_tests(void); - -int main(int argc, char *argv[]) +static int dh_test(void) { + DH *dh = NULL; + BIGNUM *p = NULL, *q = NULL, *g = NULL; + const BIGNUM *p2, *q2, *g2; + BIGNUM *priv_key = NULL; + const BIGNUM *pub_key2, *priv_key2; BN_GENCB *_cb = NULL; DH *a = NULL; DH *b = NULL; DH *c = NULL; - const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL, *priv_key = NULL; - const BIGNUM *bpub_key = NULL; + const BIGNUM *ap = NULL, *ag = NULL, *apub_key = NULL; + const BIGNUM *bpub_key = NULL, *bpriv_key = NULL; BIGNUM *bp = NULL, *bg = NULL, *cpriv_key = NULL; - char buf[12] = {0}; unsigned char *abuf = NULL; unsigned char *bbuf = NULL; unsigned char *cbuf = NULL; int i, alen, blen, clen, aout, bout, cout; - int ret = 1; - BIO *out = NULL; - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - RAND_seed(rnd_seed, sizeof(rnd_seed)); - - out = BIO_new(BIO_s_file()); - if (out == NULL) - EXIT(1); - BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); - - _cb = BN_GENCB_new(); - if (_cb == NULL) - goto err; - BN_GENCB_set(_cb, &cb, out); - if (((a = DH_new()) == NULL) - || (!DH_generate_parameters_ex(a, 64, DH_GENERATOR_5, _cb))) - goto err; - + int ret = 0; + + if (!TEST_ptr(dh = DH_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(q = BN_new()) + || !TEST_ptr(g = BN_new()) + || !TEST_ptr(priv_key = BN_new())) + goto err1; + + /* + * I) basic tests + */ + + /* using a small predefined Sophie Germain DH group with generator 3 */ + if (!TEST_true(BN_set_word(p, 4079L)) + || !TEST_true(BN_set_word(q, 2039L)) + || !TEST_true(BN_set_word(g, 3L)) + || !TEST_true(DH_set0_pqg(dh, p, q, g))) + goto err1; + + /* test the combined getter for p, q, and g */ + DH_get0_pqg(dh, &p2, &q2, &g2); + if (!TEST_ptr_eq(p2, p) + || !TEST_ptr_eq(q2, q) + || !TEST_ptr_eq(g2, g)) + goto err2; + + /* test the simple getters for p, q, and g */ + if (!TEST_ptr_eq(DH_get0_p(dh), p2) + || !TEST_ptr_eq(DH_get0_q(dh), q2) + || !TEST_ptr_eq(DH_get0_g(dh), g2)) + goto err2; + + /* set the private key only*/ + if (!TEST_true(BN_set_word(priv_key, 1234L)) + || !TEST_true(DH_set0_key(dh, NULL, priv_key))) + goto err2; + + /* test the combined getter for pub_key and priv_key */ + DH_get0_key(dh, &pub_key2, &priv_key2); + if (!TEST_ptr_eq(pub_key2, NULL) + || !TEST_ptr_eq(priv_key2, priv_key)) + goto err3; + + /* test the simple getters for pub_key and priv_key */ + if (!TEST_ptr_eq(DH_get0_pub_key(dh), pub_key2) + || !TEST_ptr_eq(DH_get0_priv_key(dh), priv_key2)) + goto err3; + + /* now generate a key pair ... */ + if (!DH_generate_key(dh)) + goto err3; + + /* ... and check whether the private key was reused: */ + + /* test it with the combined getter for pub_key and priv_key */ + DH_get0_key(dh, &pub_key2, &priv_key2); + if (!TEST_ptr(pub_key2) + || !TEST_ptr_eq(priv_key2, priv_key)) + goto err3; + + /* test it the simple getters for pub_key and priv_key */ + if (!TEST_ptr_eq(DH_get0_pub_key(dh), pub_key2) + || !TEST_ptr_eq(DH_get0_priv_key(dh), priv_key2)) + goto err3; + + /* check whether the public key was calculated correctly */ + TEST_uint_eq(BN_get_word(pub_key2), 3331L); + + /* + * II) key generation + */ + + /* generate a DH group ... */ + if (!TEST_ptr(_cb = BN_GENCB_new())) + goto err3; + BN_GENCB_set(_cb, &cb, NULL); + if (!TEST_ptr(a = DH_new()) + || !TEST_true(DH_generate_parameters_ex(a, 64, + DH_GENERATOR_5, _cb))) + goto err3; + + /* ... and check whether it is valid */ if (!DH_check(a, &i)) - goto err; - if (i & DH_CHECK_P_NOT_PRIME) - BIO_puts(out, "p value is not prime\n"); - if (i & DH_CHECK_P_NOT_SAFE_PRIME) - BIO_puts(out, "p value is not a safe prime\n"); - if (i & DH_UNABLE_TO_CHECK_GENERATOR) - BIO_puts(out, "unable to check the generator value\n"); - if (i & DH_NOT_SUITABLE_GENERATOR) - BIO_puts(out, "the g value is not a generator\n"); + goto err3; + if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) + || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) + || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR) + || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)) + goto err3; DH_get0_pqg(a, &ap, NULL, &ag); - BIO_puts(out, "\np ="); - BN_print(out, ap); - BIO_puts(out, "\ng ="); - BN_print(out, ag); - BIO_puts(out, "\n"); - - b = DH_new(); - if (b == NULL) - goto err; - bp = BN_dup(ap); - bg = BN_dup(ag); - if ((bp == NULL) || (bg == NULL) || !DH_set0_pqg(b, bp, NULL, bg)) - goto err; + /* now create another copy of the DH group for the peer */ + if (!TEST_ptr(b = DH_new())) + goto err3; + + if (!TEST_ptr(bp = BN_dup(ap)) + || !TEST_ptr(bg = BN_dup(ag)) + || !TEST_true(DH_set0_pqg(b, bp, NULL, bg))) + goto err3; bp = bg = NULL; + /* + * III) simulate a key exchange + */ + if (!DH_generate_key(a)) - goto err; - DH_get0_key(a, &apub_key, &priv_key); - BIO_puts(out, "pri 1="); - BN_print(out, priv_key); - BIO_puts(out, "\npub 1="); - BN_print(out, apub_key); - BIO_puts(out, "\n"); + goto err3; + DH_get0_key(a, &apub_key, NULL); if (!DH_generate_key(b)) - goto err; - DH_get0_key(b, &bpub_key, &priv_key); - BIO_puts(out, "pri 2="); - BN_print(out, priv_key); - BIO_puts(out, "\npub 2="); - BN_print(out, bpub_key); - BIO_puts(out, "\n"); + goto err3; + DH_get0_key(b, &bpub_key, &bpriv_key); /* Also test with a private-key-only copy of |b|. */ - if ((c = DHparams_dup(b)) == NULL - || (cpriv_key = BN_dup(priv_key)) == NULL - || !DH_set0_key(c, NULL, cpriv_key)) - goto err; + if (!TEST_ptr(c = DHparams_dup(b)) + || !TEST_ptr(cpriv_key = BN_dup(bpriv_key)) + || !TEST_true(DH_set0_key(c, NULL, cpriv_key))) + goto err3; cpriv_key = NULL; alen = DH_size(a); - abuf = OPENSSL_malloc(alen); - if (abuf == NULL) - goto err; - - aout = DH_compute_key(abuf, bpub_key, a); - - BIO_puts(out, "key1 ="); - for (i = 0; i < aout; i++) { - sprintf(buf, "%02X", abuf[i]); - BIO_puts(out, buf); - } - BIO_puts(out, "\n"); + if (!TEST_ptr(abuf = OPENSSL_malloc(alen)) + || !TEST_true((aout = DH_compute_key(abuf, bpub_key, a)) != -1)) + goto err3; blen = DH_size(b); - bbuf = OPENSSL_malloc(blen); - if (bbuf == NULL) - goto err; - - bout = DH_compute_key(bbuf, apub_key, b); - - BIO_puts(out, "key2 ="); - for (i = 0; i < bout; i++) { - sprintf(buf, "%02X", bbuf[i]); - BIO_puts(out, buf); - } - BIO_puts(out, "\n"); + if (!TEST_ptr(bbuf = OPENSSL_malloc(blen)) + || !TEST_true((bout = DH_compute_key(bbuf, apub_key, b)) != -1)) + goto err3; clen = DH_size(c); - cbuf = OPENSSL_malloc(clen); - if (cbuf == NULL) - goto err; - - cout = DH_compute_key(cbuf, apub_key, c); - - BIO_puts(out, "key3 ="); - for (i = 0; i < cout; i++) { - sprintf(buf, "%02X", cbuf[i]); - BIO_puts(out, buf); - } - BIO_puts(out, "\n"); - - if ((aout < 4) || (bout != aout) || (memcmp(abuf, bbuf, aout) != 0) - || (cout != aout) || (memcmp(abuf, cbuf, aout) != 0)) { - fprintf(stderr, "Error in DH routines\n"); - ret = 1; - } else - ret = 0; - if (!run_rfc5114_tests()) - ret = 1; - err: - (void)BIO_flush(out); - ERR_print_errors_fp(stderr); - + if (!TEST_ptr(cbuf = OPENSSL_malloc(clen)) + || !TEST_true((cout = DH_compute_key(cbuf, apub_key, c)) != -1)) + goto err3; + + if (!TEST_true(aout >= 4) + || !TEST_mem_eq(abuf, aout, bbuf, bout) + || !TEST_mem_eq(abuf, aout, cbuf, cout)) + goto err3; + + ret = 1; + goto success; + + err1: + /* an error occurred before p,q,g were assigned to dh */ + BN_free(p); + BN_free(q); + BN_free(g); + err2: + /* an error occured before priv_key was assigned to dh */ + BN_free(priv_key); + err3: + success: OPENSSL_free(abuf); OPENSSL_free(bbuf); OPENSSL_free(cbuf); @@ -187,30 +207,13 @@ int main(int argc, char *argv[]) BN_free(bg); BN_free(cpriv_key); BN_GENCB_free(_cb); - BIO_free(out); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - ret = 1; -#endif + DH_free(dh); - EXIT(ret); + return ret; } static int cb(int p, int n, BN_GENCB *arg) { - char c = '*'; - - if (p == 0) - c = '.'; - if (p == 1) - c = '+'; - if (p == 2) - c = '*'; - if (p == 3) - c = '\n'; - BIO_write(BN_GENCB_get_arg(arg), &c, 1); - (void)BIO_flush(BN_GENCB_get_arg(arg)); return 1; } @@ -496,7 +499,7 @@ static const rfc5114_td rfctd[] = { make_rfc5114_td(2048_256) }; -static int run_rfc5114_tests(void) +static int rfc5114_test(void) { int i; DH *dhA = NULL; @@ -510,74 +513,63 @@ static int run_rfc5114_tests(void) for (i = 0; i < (int)OSSL_NELEM(rfctd); i++) { td = rfctd + i; /* Set up DH structures setting key components */ - dhA = td->get_param(); - dhB = td->get_param(); - if ((dhA == NULL) || (dhB == NULL)) + if (!TEST_ptr(dhA = td->get_param()) + || !TEST_ptr(dhB = td->get_param())) goto bad_err; - priv_key = BN_bin2bn(td->xA, td->xA_len, NULL); - pub_key = BN_bin2bn(td->yA, td->yA_len, NULL); - if (priv_key == NULL || pub_key == NULL - || !DH_set0_key(dhA, pub_key, priv_key)) + if (!TEST_ptr(priv_key = BN_bin2bn(td->xA, td->xA_len, NULL)) + || !TEST_ptr(pub_key = BN_bin2bn(td->yA, td->yA_len, NULL)) + || !TEST_true(DH_set0_key(dhA, pub_key, priv_key))) goto bad_err; - priv_key = BN_bin2bn(td->xB, td->xB_len, NULL); - pub_key = BN_bin2bn(td->yB, td->yB_len, NULL); - - if (priv_key == NULL || pub_key == NULL - || !DH_set0_key(dhB, pub_key, priv_key)) + if (!TEST_ptr(priv_key = BN_bin2bn(td->xB, td->xB_len, NULL)) + || !TEST_ptr(pub_key = BN_bin2bn(td->yB, td->yB_len, NULL)) + || !TEST_true( DH_set0_key(dhB, pub_key, priv_key))) goto bad_err; priv_key = pub_key = NULL; - if ((td->Z_len != (size_t)DH_size(dhA)) - || (td->Z_len != (size_t)DH_size(dhB))) + if (!TEST_uint_eq(td->Z_len, (size_t)DH_size(dhA)) + || !TEST_uint_eq(td->Z_len, (size_t)DH_size(dhB))) goto err; - Z1 = OPENSSL_malloc(DH_size(dhA)); - Z2 = OPENSSL_malloc(DH_size(dhB)); - if ((Z1 == NULL) || (Z2 == NULL)) + if (!TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA))) + || !TEST_ptr(Z2 = OPENSSL_malloc(DH_size(dhB)))) goto bad_err; /* * Work out shared secrets using both sides and compare with expected * values. */ DH_get0_key(dhB, &pub_key_tmp, NULL); - if (DH_compute_key(Z1, pub_key_tmp, dhA) == -1) + if (!TEST_int_ne(DH_compute_key(Z1, pub_key_tmp, dhA), -1)) goto bad_err; DH_get0_key(dhA, &pub_key_tmp, NULL); - if (DH_compute_key(Z2, pub_key_tmp, dhB) == -1) + if (!TEST_int_ne(DH_compute_key(Z2, pub_key_tmp, dhB), -1)) goto bad_err; - if (memcmp(Z1, td->Z, td->Z_len)) + if (!TEST_mem_eq(Z1, td->Z_len, td->Z, td->Z_len) + || !TEST_mem_eq(Z2, td->Z_len, td->Z, td->Z_len)) goto err; - if (memcmp(Z2, td->Z, td->Z_len)) - goto err; - - printf("RFC5114 parameter test %d OK\n", i + 1); DH_free(dhA); - DH_free(dhB); - OPENSSL_free(Z1); - OPENSSL_free(Z2); dhA = NULL; + DH_free(dhB); dhB = NULL; + OPENSSL_free(Z1); Z1 = NULL; + OPENSSL_free(Z2); Z2 = NULL; } /* Now i == OSSL_NELEM(rfctd) */ /* RFC5114 uses unsafe primes, so now test an invalid y value */ - dhA = DH_get_2048_224(); - if (dhA == NULL) - goto bad_err; - Z1 = OPENSSL_malloc(DH_size(dhA)); - if (Z1 == NULL) + if (!TEST_ptr(dhA = DH_get_2048_224()) + || !TEST_ptr(Z1 = OPENSSL_malloc(DH_size(dhA)))) goto bad_err; - bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y, - sizeof(dhtest_rfc5114_2048_224_bad_y), NULL); - if (bady == NULL) + if (!TEST_ptr(bady = BN_bin2bn(dhtest_rfc5114_2048_224_bad_y, + sizeof(dhtest_rfc5114_2048_224_bad_y), + NULL))) goto bad_err; if (!DH_generate_key(dhA)) @@ -592,14 +584,11 @@ static int run_rfc5114_tests(void) } /* We'll have a stale error on the queue from the above test so clear it */ ERR_clear_error(); - - printf("RFC5114 parameter test %d OK\n", i + 1); - BN_free(bady); DH_free(dhA); OPENSSL_free(Z1); - return 1; + bad_err: BN_free(bady); DH_free(dhA); @@ -608,19 +597,28 @@ static int run_rfc5114_tests(void) BN_free(priv_key); OPENSSL_free(Z1); OPENSSL_free(Z2); - - fprintf(stderr, "Initialisation error RFC5114 set %d\n", i + 1); - ERR_print_errors_fp(stderr); + TEST_error("Initialisation error RFC5114 set %d\n", i + 1); return 0; + err: BN_free(bady); DH_free(dhA); DH_free(dhB); OPENSSL_free(Z1); OPENSSL_free(Z2); - - fprintf(stderr, "Test failed RFC5114 set %d\n", i + 1); + TEST_error("Test failed RFC5114 set %d\n", i + 1); return 0; } +#endif + +int setup_tests(void) +{ +#ifdef OPENSSL_NO_DH + TEST_note("No DH support"); +#else + ADD_TEST(dh_test); + ADD_TEST(rfc5114_test); #endif + return 1; +} diff --git a/deps/openssl/openssl/test/drbg_cavs_data.h b/deps/openssl/openssl/test/drbg_cavs_data.h new file mode 100644 index 0000000000..d673375619 --- /dev/null +++ b/deps/openssl/openssl/test/drbg_cavs_data.h @@ -0,0 +1,82 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Known answer tests (KAT) for NIST SP800-90A DRBGs. + */ + +#include <stddef.h> + +#ifndef DRBG_CAVS_DATA_H +# define DRBG_CAVS_DATA_H + +enum drbg_kat_type { + NO_RESEED, + PR_FALSE, + PR_TRUE +}; + +enum drbg_df { + USE_DF, + NO_DF, + NA +}; + +struct drbg_kat_no_reseed { + size_t count; + const unsigned char *entropyin; + const unsigned char *nonce; + const unsigned char *persstr; + const unsigned char *addin1; + const unsigned char *addin2; + const unsigned char *retbytes; +}; + +struct drbg_kat_pr_false { + size_t count; + const unsigned char *entropyin; + const unsigned char *nonce; + const unsigned char *persstr; + const unsigned char *entropyinreseed; + const unsigned char *addinreseed; + const unsigned char *addin1; + const unsigned char *addin2; + const unsigned char *retbytes; +}; + +struct drbg_kat_pr_true { + size_t count; + const unsigned char *entropyin; + const unsigned char *nonce; + const unsigned char *persstr; + const unsigned char *entropyinpr1; + const unsigned char *addin1; + const unsigned char *entropyinpr2; + const unsigned char *addin2; + const unsigned char *retbytes; +}; + +struct drbg_kat { + enum drbg_kat_type type; + enum drbg_df df; + int nid; + + size_t entropyinlen; + size_t noncelen; + size_t persstrlen; + size_t addinlen; + size_t retbyteslen; + + const void *t; +}; + +extern const struct drbg_kat *drbg_test[]; +extern const size_t drbg_test_nelem; + +#endif diff --git a/deps/openssl/openssl/test/drbgtest.h b/deps/openssl/openssl/test/drbgtest.h new file mode 100644 index 0000000000..c11b8a2b4c --- /dev/null +++ b/deps/openssl/openssl/test/drbgtest.h @@ -0,0 +1,579 @@ +/* + * Copyright 2011-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Known answer tests for SP800-90 DRBG CTR mode. + */ + + +/* + * AES-128 use df PR + */ +static const unsigned char aes_128_use_df_pr_entropyinput[] = { + 0x61, 0x52, 0x7c, 0xe3, 0x23, 0x7d, 0x0a, 0x07, 0x10, 0x0c, 0x50, 0x33, + 0xc8, 0xdb, 0xff, 0x12 +}; +static const unsigned char aes_128_use_df_pr_nonce[] = { + 0x51, 0x0d, 0x85, 0x77, 0xed, 0x22, 0x97, 0x28 +}; +static const unsigned char aes_128_use_df_pr_personalizationstring[] = { + 0x59, 0x9f, 0xbb, 0xcd, 0xd5, 0x25, 0x69, 0xb5, 0xcb, 0xb5, 0x03, 0xfe, + 0xd7, 0xd7, 0x01, 0x67 +}; +static const unsigned char aes_128_use_df_pr_additionalinput[] = { + 0xef, 0x88, 0x76, 0x01, 0xaf, 0x3c, 0xfe, 0x8b, 0xaf, 0x26, 0x06, 0x9e, + 0x9a, 0x47, 0x08, 0x76 +}; +static const unsigned char aes_128_use_df_pr_entropyinputpr[] = { + 0xe2, 0x76, 0xf9, 0xf6, 0x3a, 0xba, 0x10, 0x9f, 0xbf, 0x47, 0x0e, 0x51, + 0x09, 0xfb, 0xa3, 0xb6 +}; +static const unsigned char aes_128_use_df_pr_int_returnedbits[] = { + 0xd4, 0x98, 0x8a, 0x46, 0x80, 0x4c, 0xdb, 0xa3, 0x59, 0x02, 0x57, 0x52, + 0x66, 0x1c, 0xea, 0x5b +}; +static const unsigned char aes_128_use_df_pr_additionalinput2[] = { + 0x88, 0x8c, 0x91, 0xd6, 0xbe, 0x56, 0x6e, 0x08, 0x9a, 0x62, 0x2b, 0x11, + 0x3f, 0x5e, 0x31, 0x06 +}; +static const unsigned char aes_128_use_df_pr_entropyinputpr2[] = { + 0xc0, 0x5c, 0x6b, 0x98, 0x01, 0x0d, 0x58, 0x18, 0x51, 0x18, 0x96, 0xae, + 0xa7, 0xe3, 0xa8, 0x67 +}; +static const unsigned char aes_128_use_df_pr_returnedbits[] = { + 0xcf, 0x01, 0xac, 0x22, 0x31, 0x06, 0x8e, 0xfc, 0xce, 0x56, 0xea, 0x24, + 0x0f, 0x38, 0x43, 0xc6 +}; + + +/* + * AES-128 use df no PR + */ +static const unsigned char aes_128_use_df_entropyinput[] = { + 0x1f, 0x8e, 0x34, 0x82, 0x0c, 0xb7, 0xbe, 0xc5, 0x01, 0x3e, 0xd0, 0xa3, + 0x9d, 0x7d, 0x1c, 0x9b +}; +static const unsigned char aes_128_use_df_nonce[] = { + 0xd5, 0x4d, 0xbd, 0x4a, 0x93, 0x7f, 0xb8, 0x96, +}; +static const unsigned char aes_128_use_df_personalizationstring[] = { + 0xab, 0xd6, 0x3f, 0x04, 0xfe, 0x27, 0x6b, 0x2d, 0xd7, 0xc3, 0x1c, 0xf3, + 0x38, 0x66, 0xba, 0x1b +}; +static const unsigned char aes_128_use_df_additionalinput[] = { + 0xfe, 0xf4, 0x09, 0xa8, 0xb7, 0x73, 0x27, 0x9c, 0x5f, 0xa7, 0xea, 0x46, + 0xb5, 0xe2, 0xb2, 0x41 +}; +static const unsigned char aes_128_use_df_int_returnedbits[] = { + 0x42, 0xe4, 0x4e, 0x7b, 0x27, 0xdd, 0xcb, 0xbc, 0x0a, 0xcf, 0xa6, 0x67, + 0xe7, 0x57, 0x11, 0xb4 +}; +static const unsigned char aes_128_use_df_entropyinputreseed[] = { + 0x14, 0x26, 0x69, 0xd9, 0xf3, 0x65, 0x03, 0xd6, 0x6b, 0xb9, 0x44, 0x0b, + 0xc7, 0xc4, 0x9e, 0x39 +}; +static const unsigned char aes_128_use_df_additionalinputreseed[] = { + 0x55, 0x2e, 0x60, 0x9a, 0x05, 0x72, 0x8a, 0xa8, 0xef, 0x22, 0x81, 0x5a, + 0xc8, 0x93, 0xfa, 0x84 +}; +static const unsigned char aes_128_use_df_additionalinput2[] = { + 0x3c, 0x40, 0xc8, 0xc4, 0x16, 0x0c, 0x21, 0xa4, 0x37, 0x2c, 0x8f, 0xa5, + 0x06, 0x0c, 0x15, 0x2c +}; +static const unsigned char aes_128_use_df_returnedbits[] = { + 0xe1, 0x3e, 0x99, 0x98, 0x86, 0x67, 0x0b, 0x63, 0x7b, 0xbe, 0x3f, 0x88, + 0x46, 0x81, 0xc7, 0x19 +}; + + +/* + * AES-192 use df PR + */ +static const unsigned char aes_192_use_df_pr_entropyinput[] = { + 0x2b, 0x4e, 0x8b, 0xe1, 0xf1, 0x34, 0x80, 0x56, 0x81, 0xf9, 0x74, 0xec, + 0x17, 0x44, 0x2a, 0xf1, 0x14, 0xb0, 0xbf, 0x97, 0x39, 0xb7, 0x04, 0x7d +}; +static const unsigned char aes_192_use_df_pr_nonce[] = { + 0xd6, 0x9d, 0xeb, 0x14, 0x4e, 0x6c, 0x30, 0x1e, 0x39, 0x55, 0x73, 0xd0, + 0xd1, 0x80, 0x78, 0xfa +}; +static const unsigned char aes_192_use_df_pr_personalizationstring[] = { + 0xfc, 0x43, 0x4a, 0xf8, 0x9a, 0x55, 0xb3, 0x53, 0x83, 0xe2, 0x18, 0x16, + 0x0c, 0xdc, 0xcd, 0x5e, 0x4f, 0xa0, 0x03, 0x01, 0x2b, 0x9f, 0xe4, 0xd5, + 0x7d, 0x49, 0xf0, 0x41, 0x9e, 0x3d, 0x99, 0x04 +}; +static const unsigned char aes_192_use_df_pr_additionalinput[] = { + 0x5e, 0x9f, 0x49, 0x6f, 0x21, 0x8b, 0x1d, 0x32, 0xd5, 0x84, 0x5c, 0xac, + 0xaf, 0xdf, 0xe4, 0x79, 0x9e, 0xaf, 0xa9, 0x82, 0xd0, 0xf8, 0x4f, 0xcb, + 0x69, 0x10, 0x0a, 0x7e, 0x81, 0x57, 0xb5, 0x36 +}; +static const unsigned char aes_192_use_df_pr_entropyinputpr[] = { + 0xd4, 0x81, 0x0c, 0xd7, 0x66, 0x39, 0xec, 0x42, 0x53, 0x87, 0x41, 0xa5, + 0x1e, 0x7d, 0x80, 0x91, 0x8e, 0xbb, 0xed, 0xac, 0x14, 0x02, 0x1a, 0xd5, +}; +static const unsigned char aes_192_use_df_pr_int_returnedbits[] = { + 0xdf, 0x1d, 0x39, 0x45, 0x7c, 0x9b, 0xc6, 0x2b, 0x7d, 0x8c, 0x93, 0xe9, + 0x19, 0x30, 0x6b, 0x67 +}; +static const unsigned char aes_192_use_df_pr_additionalinput2[] = { + 0x00, 0x71, 0x27, 0x4e, 0xd3, 0x14, 0xf1, 0x20, 0x7f, 0x4a, 0x41, 0x32, + 0x2a, 0x97, 0x11, 0x43, 0x8f, 0x4a, 0x15, 0x7b, 0x9b, 0x51, 0x79, 0xda, + 0x49, 0x3d, 0xde, 0xe8, 0xbc, 0x93, 0x91, 0x99 +}; +static const unsigned char aes_192_use_df_pr_entropyinputpr2[] = { + 0x90, 0xee, 0x76, 0xa1, 0x45, 0x8d, 0xb7, 0x40, 0xb0, 0x11, 0xbf, 0xd0, + 0x65, 0xd7, 0x3c, 0x7c, 0x4f, 0x20, 0x3f, 0x4e, 0x11, 0x9d, 0xb3, 0x5e, +}; +static const unsigned char aes_192_use_df_pr_returnedbits[] = { + 0x24, 0x3b, 0x20, 0xa4, 0x37, 0x66, 0xba, 0x72, 0x39, 0x3f, 0xcf, 0x3c, + 0x7e, 0x1a, 0x2b, 0x83 +}; + + +/* + * AES-192 use df no PR + */ +static const unsigned char aes_192_use_df_entropyinput[] = { + 0x8d, 0x74, 0xa4, 0x50, 0x1a, 0x02, 0x68, 0x0c, 0x2a, 0x69, 0xc4, 0x82, + 0x3b, 0xbb, 0xda, 0x0e, 0x7f, 0x77, 0xa3, 0x17, 0x78, 0x57, 0xb2, 0x7b, +}; +static const unsigned char aes_192_use_df_nonce[] = { + 0x75, 0xd5, 0x1f, 0xac, 0xa4, 0x8d, 0x42, 0x78, 0xd7, 0x69, 0x86, 0x9d, + 0x77, 0xd7, 0x41, 0x0e +}; +static const unsigned char aes_192_use_df_personalizationstring[] = { + 0x4e, 0x33, 0x41, 0x3c, 0x9c, 0xc2, 0xd2, 0x53, 0xaf, 0x90, 0xea, 0xcf, + 0x19, 0x50, 0x1e, 0xe6, 0x6f, 0x63, 0xc8, 0x32, 0x22, 0xdc, 0x07, 0x65, + 0x9c, 0xd3, 0xf8, 0x30, 0x9e, 0xed, 0x35, 0x70 +}; +static const unsigned char aes_192_use_df_additionalinput[] = { + 0x5d, 0x8b, 0x8c, 0xc1, 0xdf, 0x0e, 0x02, 0x78, 0xfb, 0x19, 0xb8, 0x69, + 0x78, 0x4e, 0x9c, 0x52, 0xbc, 0xc7, 0x20, 0xc9, 0xe6, 0x5e, 0x77, 0x22, + 0x28, 0x3d, 0x0c, 0x9e, 0x68, 0xa8, 0x45, 0xd7 +}; +static const unsigned char aes_192_use_df_int_returnedbits[] = { + 0xd5, 0xe7, 0x08, 0xc5, 0x19, 0x99, 0xd5, 0x31, 0x03, 0x0a, 0x74, 0xb6, + 0xb7, 0xed, 0xe9, 0xea +}; +static const unsigned char aes_192_use_df_entropyinputreseed[] = { + 0x9c, 0x26, 0xda, 0xf1, 0xac, 0xd9, 0x5a, 0xd6, 0xa8, 0x65, 0xf5, 0x02, + 0x8f, 0xdc, 0xa2, 0x09, 0x54, 0xa6, 0xe2, 0xa4, 0xde, 0x32, 0xe0, 0x01, +}; +static const unsigned char aes_192_use_df_additionalinputreseed[] = { + 0x9b, 0x90, 0xb0, 0x3a, 0x0e, 0x3a, 0x80, 0x07, 0x4a, 0xf4, 0xda, 0x76, + 0x28, 0x30, 0x3c, 0xee, 0x54, 0x1b, 0x94, 0x59, 0x51, 0x43, 0x56, 0x77, + 0xaf, 0x88, 0xdd, 0x63, 0x89, 0x47, 0x06, 0x65 +}; +static const unsigned char aes_192_use_df_additionalinput2[] = { + 0x3c, 0x11, 0x64, 0x7a, 0x96, 0xf5, 0xd8, 0xb8, 0xae, 0xd6, 0x70, 0x4e, + 0x16, 0x96, 0xde, 0xe9, 0x62, 0xbc, 0xee, 0x28, 0x2f, 0x26, 0xa6, 0xf0, + 0x56, 0xef, 0xa3, 0xf1, 0x6b, 0xa1, 0xb1, 0x77 +}; +static const unsigned char aes_192_use_df_returnedbits[] = { + 0x0b, 0xe2, 0x56, 0x03, 0x1e, 0xdb, 0x2c, 0x6d, 0x7f, 0x1b, 0x15, 0x58, + 0x1a, 0xf9, 0x13, 0x28 +}; + + +/* + * AES-256 use df PR + */ +static const unsigned char aes_256_use_df_pr_entropyinput[] = { + 0x61, 0x68, 0xfc, 0x1a, 0xf0, 0xb5, 0x95, 0x6b, 0x85, 0x09, 0x9b, 0x74, + 0x3f, 0x13, 0x78, 0x49, 0x3b, 0x85, 0xec, 0x93, 0x13, 0x3b, 0xa9, 0x4f, + 0x96, 0xab, 0x2c, 0xe4, 0xc8, 0x8f, 0xdd, 0x6a +}; +static const unsigned char aes_256_use_df_pr_nonce[] = { + 0xad, 0xd2, 0xbb, 0xba, 0xb7, 0x65, 0x89, 0xc3, 0x21, 0x6c, 0x55, 0x33, + 0x2b, 0x36, 0xff, 0xa4 +}; +static const unsigned char aes_256_use_df_pr_personalizationstring[] = { + 0x6e, 0xca, 0xe7, 0x20, 0x72, 0xd3, 0x84, 0x5a, 0x32, 0xd3, 0x4b, 0x24, + 0x72, 0xc4, 0x63, 0x2b, 0x9d, 0x12, 0x24, 0x0c, 0x23, 0x26, 0x8e, 0x83, + 0x16, 0x37, 0x0b, 0xd1, 0x06, 0x4f, 0x68, 0x6d +}; +static const unsigned char aes_256_use_df_pr_additionalinput[] = { + 0x7e, 0x08, 0x4a, 0xbb, 0xe3, 0x21, 0x7c, 0xc9, 0x23, 0xd2, 0xf8, 0xb0, + 0x73, 0x98, 0xba, 0x84, 0x74, 0x23, 0xab, 0x06, 0x8a, 0xe2, 0x22, 0xd3, + 0x7b, 0xce, 0x9b, 0xd2, 0x4a, 0x76, 0xb8, 0xde +}; +static const unsigned char aes_256_use_df_pr_entropyinputpr[] = { + 0x0b, 0x23, 0xaf, 0xdf, 0xf1, 0x62, 0xd7, 0xd3, 0x43, 0x97, 0xf8, 0x77, + 0x04, 0xa8, 0x42, 0x20, 0xbd, 0xf6, 0x0f, 0xc1, 0x17, 0x2f, 0x9f, 0x54, + 0xbb, 0x56, 0x17, 0x86, 0x68, 0x0e, 0xba, 0xa9 +}; +static const unsigned char aes_256_use_df_pr_int_returnedbits[] = { + 0x31, 0x8e, 0xad, 0xaf, 0x40, 0xeb, 0x6b, 0x74, 0x31, 0x46, 0x80, 0xc7, + 0x17, 0xab, 0x3c, 0x7a +}; +static const unsigned char aes_256_use_df_pr_additionalinput2[] = { + 0x94, 0x6b, 0xc9, 0x9f, 0xab, 0x8d, 0xc5, 0xec, 0x71, 0x88, 0x1d, 0x00, + 0x8c, 0x89, 0x68, 0xe4, 0xc8, 0x07, 0x77, 0x36, 0x17, 0x6d, 0x79, 0x78, + 0xc7, 0x06, 0x4e, 0x99, 0x04, 0x28, 0x29, 0xc3 +}; +static const unsigned char aes_256_use_df_pr_entropyinputpr2[] = { + 0xbf, 0x6c, 0x59, 0x2a, 0x0d, 0x44, 0x0f, 0xae, 0x9a, 0x5e, 0x03, 0x73, + 0xd8, 0xa6, 0xe1, 0xcf, 0x25, 0x61, 0x38, 0x24, 0x86, 0x9e, 0x53, 0xe8, + 0xa4, 0xdf, 0x56, 0xf4, 0x06, 0x07, 0x9c, 0x0f +}; +static const unsigned char aes_256_use_df_pr_returnedbits[] = { + 0x22, 0x4a, 0xb4, 0xb8, 0xb6, 0xee, 0x7d, 0xb1, 0x9e, 0xc9, 0xf9, 0xa0, + 0xd9, 0xe2, 0x97, 0x00 +}; + + +/* + * AES-256 use df no PR + */ +static const unsigned char aes_256_use_df_entropyinput[] = { + 0xa5, 0x3e, 0x37, 0x10, 0x17, 0x43, 0x91, 0x93, 0x59, 0x1e, 0x47, 0x50, + 0x87, 0xaa, 0xdd, 0xd5, 0xc1, 0xc3, 0x86, 0xcd, 0xca, 0x0d, 0xdb, 0x68, + 0xe0, 0x02, 0xd8, 0x0f, 0xdc, 0x40, 0x1a, 0x47 +}; +static const unsigned char aes_256_use_df_nonce[] = { + 0xa9, 0x4d, 0xa5, 0x5a, 0xfd, 0xc5, 0x0c, 0xe5, 0x1c, 0x9a, 0x3b, 0x8a, + 0x4c, 0x44, 0x84, 0x40 +}; +static const unsigned char aes_256_use_df_personalizationstring[] = { + 0x8b, 0x52, 0xa2, 0x4a, 0x93, 0xc3, 0x4e, 0xa7, 0x1e, 0x1c, 0xa7, 0x05, + 0xeb, 0x82, 0x9b, 0xa6, 0x5d, 0xe4, 0xd4, 0xe0, 0x7f, 0xa3, 0xd8, 0x6b, + 0x37, 0x84, 0x5f, 0xf1, 0xc7, 0xd5, 0xf6, 0xd2 +}; +static const unsigned char aes_256_use_df_additionalinput[] = { + 0x20, 0xf4, 0x22, 0xed, 0xf8, 0x5c, 0xa1, 0x6a, 0x01, 0xcf, 0xbe, 0x5f, + 0x8d, 0x6c, 0x94, 0x7f, 0xae, 0x12, 0xa8, 0x57, 0xdb, 0x2a, 0xa9, 0xbf, + 0xc7, 0xb3, 0x65, 0x81, 0x80, 0x8d, 0x0d, 0x46 +}; +static const unsigned char aes_256_use_df_int_returnedbits[] = { + 0x4e, 0x44, 0xfd, 0xf3, 0x9e, 0x29, 0xa2, 0xb8, 0x0f, 0x5d, 0x6c, 0xe1, + 0x28, 0x0c, 0x3b, 0xc1 +}; +static const unsigned char aes_256_use_df_entropyinputreseed[] = { + 0xdd, 0x40, 0xe5, 0x98, 0x7b, 0x27, 0x16, 0x73, 0x15, 0x68, 0xd2, 0x76, + 0xbf, 0x0c, 0x67, 0x15, 0x75, 0x79, 0x03, 0xd3, 0xde, 0xde, 0x91, 0x46, + 0x42, 0xdd, 0xd4, 0x67, 0xc8, 0x79, 0xc8, 0x1e +}; +static const unsigned char aes_256_use_df_additionalinputreseed[] = { + 0x7f, 0xd8, 0x1f, 0xbd, 0x2a, 0xb5, 0x1c, 0x11, 0x5d, 0x83, 0x4e, 0x99, + 0xf6, 0x5c, 0xa5, 0x40, 0x20, 0xed, 0x38, 0x8e, 0xd5, 0x9e, 0xe0, 0x75, + 0x93, 0xfe, 0x12, 0x5e, 0x5d, 0x73, 0xfb, 0x75 +}; +static const unsigned char aes_256_use_df_additionalinput2[] = { + 0xcd, 0x2c, 0xff, 0x14, 0x69, 0x3e, 0x4c, 0x9e, 0xfd, 0xfe, 0x26, 0x0d, + 0xe9, 0x86, 0x00, 0x49, 0x30, 0xba, 0xb1, 0xc6, 0x50, 0x57, 0x77, 0x2a, + 0x62, 0x39, 0x2c, 0x3b, 0x74, 0xeb, 0xc9, 0x0d +}; +static const unsigned char aes_256_use_df_returnedbits[] = { + 0x4f, 0x78, 0xbe, 0xb9, 0x4d, 0x97, 0x8c, 0xe9, 0xd0, 0x97, 0xfe, 0xad, + 0xfa, 0xfd, 0x35, 0x5e +}; + + +/* + * AES-128 no df PR + */ +static const unsigned char aes_128_no_df_pr_entropyinput[] = { + 0x9a, 0x25, 0x65, 0x10, 0x67, 0xd5, 0xb6, 0x6b, 0x70, 0xa1, 0xb3, 0xa4, + 0x43, 0x95, 0x80, 0xc0, 0x84, 0x0a, 0x79, 0xb0, 0x88, 0x74, 0xf2, 0xbf, + 0x31, 0x6c, 0x33, 0x38, 0x0b, 0x00, 0xb2, 0x5a +}; +static const unsigned char aes_128_no_df_pr_nonce[] = { + 0x78, 0x47, 0x6b, 0xf7, 0x90, 0x8e, 0x87, 0xf1, +}; +static const unsigned char aes_128_no_df_pr_personalizationstring[] = { + 0xf7, 0x22, 0x1d, 0x3a, 0xbe, 0x1d, 0xca, 0x32, 0x1b, 0xbd, 0x87, 0x0c, + 0x51, 0x24, 0x19, 0xee, 0xa3, 0x23, 0x09, 0x63, 0x33, 0x3d, 0xa8, 0x0c, + 0x1c, 0xfa, 0x42, 0x89, 0xcc, 0x6f, 0xa0, 0xa8 +}; +static const unsigned char aes_128_no_df_pr_additionalinput[] = { + 0xc9, 0xe0, 0x80, 0xbf, 0x8c, 0x45, 0x58, 0x39, 0xff, 0x00, 0xab, 0x02, + 0x4c, 0x3e, 0x3a, 0x95, 0x9b, 0x80, 0xa8, 0x21, 0x2a, 0xee, 0xba, 0x73, + 0xb1, 0xd9, 0xcf, 0x28, 0xf6, 0x8f, 0x9b, 0x12 +}; +static const unsigned char aes_128_no_df_pr_entropyinputpr[] = { + 0x4c, 0xa8, 0xc5, 0xf0, 0x59, 0x9e, 0xa6, 0x8d, 0x26, 0x53, 0xd7, 0x8a, + 0xa9, 0xd8, 0xf7, 0xed, 0xb2, 0xf9, 0x12, 0x42, 0xe1, 0xe5, 0xbd, 0xe7, + 0xe7, 0x1d, 0x74, 0x99, 0x00, 0x9d, 0x31, 0x3e +}; +static const unsigned char aes_128_no_df_pr_int_returnedbits[] = { + 0xe2, 0xac, 0x20, 0xf0, 0x80, 0xe7, 0xbc, 0x7e, 0x9c, 0x7b, 0x65, 0x71, + 0xaf, 0x19, 0x32, 0x16 +}; +static const unsigned char aes_128_no_df_pr_additionalinput2[] = { + 0x32, 0x7f, 0x38, 0x8b, 0x73, 0x0a, 0x78, 0x83, 0xdc, 0x30, 0xbe, 0x9f, + 0x10, 0x1f, 0xf5, 0x1f, 0xca, 0x00, 0xb5, 0x0d, 0xd6, 0x9d, 0x60, 0x83, + 0x51, 0x54, 0x7d, 0x38, 0x23, 0x3a, 0x52, 0x50 +}; +static const unsigned char aes_128_no_df_pr_entropyinputpr2[] = { + 0x18, 0x61, 0x53, 0x56, 0xed, 0xed, 0xd7, 0x20, 0xfb, 0x71, 0x04, 0x7a, + 0xb2, 0xac, 0xc1, 0x28, 0xcd, 0xf2, 0xc2, 0xfc, 0xaa, 0xb1, 0x06, 0x07, + 0xe9, 0x46, 0x95, 0x02, 0x48, 0x01, 0x78, 0xf9 +}; +static const unsigned char aes_128_no_df_pr_returnedbits[] = { + 0x29, 0xc8, 0x1b, 0x15, 0xb1, 0xd1, 0xc2, 0xf6, 0x71, 0x86, 0x68, 0x33, + 0x57, 0x82, 0x33, 0xaf +}; + + +/* + * AES-128 no df no PR + */ +static const unsigned char aes_128_no_df_entropyinput[] = { + 0xc9, 0xc5, 0x79, 0xbc, 0xe8, 0xc5, 0x19, 0xd8, 0xbc, 0x66, 0x73, 0x67, + 0xf6, 0xd3, 0x72, 0xaa, 0xa6, 0x16, 0xb8, 0x50, 0xb7, 0x47, 0x3a, 0x42, + 0xab, 0xf4, 0x16, 0xb2, 0x96, 0xd2, 0xb6, 0x60 +}; +static const unsigned char aes_128_no_df_nonce[] = { + 0x5f, 0xbf, 0x97, 0x0c, 0x4b, 0xa4, 0x87, 0x13, +}; +static const unsigned char aes_128_no_df_personalizationstring[] = { + 0xce, 0xfb, 0x7b, 0x3f, 0xd4, 0x6b, 0x29, 0x0d, 0x69, 0x06, 0xff, 0xbb, + 0xf2, 0xe5, 0xc6, 0x6c, 0x0a, 0x10, 0xa0, 0xcf, 0x1a, 0x48, 0xc7, 0x8b, + 0x3c, 0x16, 0x88, 0xed, 0x50, 0x13, 0x81, 0xce +}; +static const unsigned char aes_128_no_df_additionalinput[] = { + 0x4b, 0x22, 0x46, 0x18, 0x02, 0x7b, 0xd2, 0x1b, 0x22, 0x42, 0x7c, 0x37, + 0xd9, 0xf6, 0xe8, 0x9b, 0x12, 0x30, 0x5f, 0xe9, 0x90, 0xe8, 0x08, 0x24, + 0x4f, 0x06, 0x66, 0xdb, 0x19, 0x2b, 0x13, 0x95 +}; +static const unsigned char aes_128_no_df_int_returnedbits[] = { + 0x2e, 0x96, 0x70, 0x64, 0xfa, 0xdf, 0xdf, 0x57, 0xb5, 0x82, 0xee, 0xd6, + 0xed, 0x3e, 0x65, 0xc2 +}; +static const unsigned char aes_128_no_df_entropyinputreseed[] = { + 0x26, 0xc0, 0x72, 0x16, 0x3a, 0x4b, 0xb7, 0x99, 0xd4, 0x07, 0xaf, 0x66, + 0x62, 0x36, 0x96, 0xa4, 0x51, 0x17, 0xfa, 0x07, 0x8b, 0x17, 0x5e, 0xa1, + 0x2f, 0x3c, 0x10, 0xe7, 0x90, 0xd0, 0x46, 0x00 +}; +static const unsigned char aes_128_no_df_additionalinputreseed[] = { + 0x83, 0x39, 0x37, 0x7b, 0x02, 0x06, 0xd2, 0x12, 0x13, 0x8d, 0x8b, 0xf2, + 0xf0, 0xf6, 0x26, 0xeb, 0xa4, 0x22, 0x7b, 0xc2, 0xe7, 0xba, 0x79, 0xe4, + 0x3b, 0x77, 0x5d, 0x4d, 0x47, 0xb2, 0x2d, 0xb4 +}; +static const unsigned char aes_128_no_df_additionalinput2[] = { + 0x0b, 0xb9, 0x67, 0x37, 0xdb, 0x83, 0xdf, 0xca, 0x81, 0x8b, 0xf9, 0x3f, + 0xf1, 0x11, 0x1b, 0x2f, 0xf0, 0x61, 0xa6, 0xdf, 0xba, 0xa3, 0xb1, 0xac, + 0xd3, 0xe6, 0x09, 0xb8, 0x2c, 0x6a, 0x67, 0xd6 +}; +static const unsigned char aes_128_no_df_returnedbits[] = { + 0x1e, 0xa7, 0xa4, 0xe4, 0xe1, 0xa6, 0x7c, 0x69, 0x9a, 0x44, 0x6c, 0x36, + 0x81, 0x37, 0x19, 0xd4 +}; + + +/* + * AES-192 no df PR + */ +static const unsigned char aes_192_no_df_pr_entropyinput[] = { + 0x9d, 0x2c, 0xd2, 0x55, 0x66, 0xea, 0xe0, 0xbe, 0x18, 0xb7, 0x76, 0xe7, + 0x73, 0x35, 0xd8, 0x1f, 0xad, 0x3a, 0xe3, 0x81, 0x0e, 0x92, 0xd0, 0x61, + 0xc9, 0x12, 0x26, 0xf6, 0x1c, 0xdf, 0xfe, 0x47, 0xaa, 0xfe, 0x7d, 0x5a, + 0x17, 0x1f, 0x8d, 0x9a +}; +static const unsigned char aes_192_no_df_pr_nonce[] = { + 0x44, 0x82, 0xed, 0xe8, 0x4c, 0x28, 0x5a, 0x14, 0xff, 0x88, 0x8d, 0x19, + 0x61, 0x5c, 0xee, 0x0f +}; +static const unsigned char aes_192_no_df_pr_personalizationstring[] = { + 0x47, 0xd7, 0x9b, 0x99, 0xaa, 0xcb, 0xe7, 0xd2, 0x57, 0x66, 0x2c, 0xe1, + 0x78, 0xd6, 0x2c, 0xea, 0xa3, 0x23, 0x5f, 0x2a, 0xc1, 0x3a, 0xf0, 0xa4, + 0x20, 0x3b, 0xfa, 0x07, 0xd5, 0x05, 0x02, 0xe4, 0x57, 0x01, 0xb6, 0x10, + 0x57, 0x2e, 0xe7, 0x55 +}; +static const unsigned char aes_192_no_df_pr_additionalinput[] = { + 0x4b, 0x74, 0x0b, 0x40, 0xce, 0x6b, 0xc2, 0x6a, 0x24, 0xb4, 0xf3, 0xad, + 0x7a, 0xa5, 0x7a, 0xa2, 0x15, 0xe2, 0xc8, 0x61, 0x15, 0xc6, 0xb7, 0x85, + 0x69, 0x11, 0xad, 0x7b, 0x14, 0xd2, 0xf6, 0x12, 0xa1, 0x95, 0x5d, 0x3f, + 0xe2, 0xd0, 0x0c, 0x2f +}; +static const unsigned char aes_192_no_df_pr_entropyinputpr[] = { + 0x0c, 0x9c, 0xad, 0x05, 0xee, 0xae, 0x48, 0x23, 0x89, 0x59, 0xa1, 0x94, + 0xd7, 0xd8, 0x75, 0xd5, 0x54, 0x93, 0xc7, 0x4a, 0xd9, 0x26, 0xde, 0xeb, + 0xba, 0xb0, 0x7e, 0x30, 0x1d, 0x5f, 0x69, 0x40, 0x9c, 0x3b, 0x17, 0x58, + 0x1d, 0x30, 0xb3, 0x78 +}; +static const unsigned char aes_192_no_df_pr_int_returnedbits[] = { + 0xf7, 0x93, 0xb0, 0x6d, 0x77, 0x83, 0xd5, 0x38, 0x01, 0xe1, 0x52, 0x40, + 0x7e, 0x3e, 0x0c, 0x26 +}; +static const unsigned char aes_192_no_df_pr_additionalinput2[] = { + 0xbc, 0x4b, 0x37, 0x44, 0x1c, 0xc5, 0x45, 0x5f, 0x8f, 0x51, 0x62, 0x8a, + 0x85, 0x30, 0x1d, 0x7c, 0xe4, 0xcf, 0xf7, 0x44, 0xce, 0x32, 0x3e, 0x57, + 0x95, 0xa4, 0x2a, 0xdf, 0xfd, 0x9e, 0x38, 0x41, 0xb3, 0xf6, 0xc5, 0xee, + 0x0c, 0x4b, 0xee, 0x6e +}; +static const unsigned char aes_192_no_df_pr_entropyinputpr2[] = { + 0xec, 0xaf, 0xf6, 0x4f, 0xb1, 0xa0, 0x54, 0xb5, 0x5b, 0xe3, 0x46, 0xb0, + 0x76, 0x5a, 0x7c, 0x3f, 0x7b, 0x94, 0x69, 0x21, 0x51, 0x02, 0xe5, 0x9f, + 0x04, 0x59, 0x02, 0x98, 0xc6, 0x43, 0x2c, 0xcc, 0x26, 0x4c, 0x87, 0x6b, + 0x8e, 0x0a, 0x83, 0xdf +}; +static const unsigned char aes_192_no_df_pr_returnedbits[] = { + 0x74, 0x45, 0xfb, 0x53, 0x84, 0x96, 0xbe, 0xff, 0x15, 0xcc, 0x41, 0x91, + 0xb9, 0xa1, 0x21, 0x68 +}; + + +/* + * AES-192 no df no PR + */ +static const unsigned char aes_192_no_df_entropyinput[] = { + 0x3c, 0x7d, 0xb5, 0xe0, 0x54, 0xd9, 0x6e, 0x8c, 0xa9, 0x86, 0xce, 0x4e, + 0x6b, 0xaf, 0xeb, 0x2f, 0xe7, 0x75, 0xe0, 0x8b, 0xa4, 0x3b, 0x07, 0xfe, + 0xbe, 0x33, 0x75, 0x93, 0x80, 0x27, 0xb5, 0x29, 0x47, 0x8b, 0xc7, 0x28, + 0x94, 0xc3, 0x59, 0x63 +}; +static const unsigned char aes_192_no_df_nonce[] = { + 0x43, 0xf1, 0x7d, 0xb8, 0xc3, 0xfe, 0xd0, 0x23, 0x6b, 0xb4, 0x92, 0xdb, + 0x29, 0xfd, 0x45, 0x71 +}; +static const unsigned char aes_192_no_df_personalizationstring[] = { + 0x9f, 0x24, 0x29, 0x99, 0x9e, 0x01, 0xab, 0xe9, 0x19, 0xd8, 0x23, 0x08, + 0xb7, 0xd6, 0x7e, 0x8c, 0xc0, 0x9e, 0x7f, 0x6e, 0x5b, 0x33, 0x20, 0x96, + 0x0b, 0x23, 0x2c, 0xa5, 0x6a, 0xf8, 0x1b, 0x04, 0x26, 0xdb, 0x2e, 0x2b, + 0x3b, 0x88, 0xce, 0x35 +}; +static const unsigned char aes_192_no_df_additionalinput[] = { + 0x94, 0xe9, 0x7c, 0x3d, 0xa7, 0xdb, 0x60, 0x83, 0x1f, 0x98, 0x3f, 0x0b, + 0x88, 0x59, 0x57, 0x51, 0x88, 0x9f, 0x76, 0x49, 0x9f, 0xa6, 0xda, 0x71, + 0x1d, 0x0d, 0x47, 0x16, 0x63, 0xc5, 0x68, 0xe4, 0x5d, 0x39, 0x69, 0xb3, + 0x3e, 0xbe, 0xd4, 0x8e +}; +static const unsigned char aes_192_no_df_int_returnedbits[] = { + 0xf9, 0xd7, 0xad, 0x69, 0xab, 0x8f, 0x23, 0x56, 0x70, 0x17, 0x4f, 0x2a, + 0x45, 0xe7, 0x4a, 0xc5 +}; +static const unsigned char aes_192_no_df_entropyinputreseed[] = { + 0xa6, 0x71, 0x6a, 0x3d, 0xba, 0xd1, 0xe8, 0x66, 0xa6, 0xef, 0xb2, 0x0e, + 0xa8, 0x9c, 0xaa, 0x4e, 0xaf, 0x17, 0x89, 0x50, 0x00, 0xda, 0xa1, 0xb1, + 0x0b, 0xa4, 0xd9, 0x35, 0x89, 0xc8, 0xe5, 0xb0, 0xd9, 0xb7, 0xc4, 0x33, + 0x9b, 0xcb, 0x7e, 0x75 +}; +static const unsigned char aes_192_no_df_additionalinputreseed[] = { + 0x27, 0x21, 0xfc, 0xc2, 0xbd, 0xf3, 0x3c, 0xce, 0xc3, 0xca, 0xc1, 0x01, + 0xe0, 0xff, 0x93, 0x12, 0x7d, 0x54, 0x42, 0xe3, 0x9f, 0x03, 0xdf, 0x27, + 0x04, 0x07, 0x3c, 0x53, 0x7f, 0xa8, 0x66, 0xc8, 0x97, 0x4b, 0x61, 0x40, + 0x5d, 0x7a, 0x25, 0x79 +}; +static const unsigned char aes_192_no_df_additionalinput2[] = { + 0x2d, 0x8e, 0x16, 0x5d, 0x0b, 0x9f, 0xeb, 0xaa, 0xd6, 0xec, 0x28, 0x71, + 0x7c, 0x0b, 0xc1, 0x1d, 0xd4, 0x44, 0x19, 0x47, 0xfd, 0x1d, 0x7c, 0xe5, + 0xf3, 0x27, 0xe1, 0xb6, 0x72, 0x0a, 0xe0, 0xec, 0x0e, 0xcd, 0xef, 0x1a, + 0x91, 0x6a, 0xe3, 0x5f +}; +static const unsigned char aes_192_no_df_returnedbits[] = { + 0xe5, 0xda, 0xb8, 0xe0, 0x63, 0x59, 0x5a, 0xcc, 0x3d, 0xdc, 0x9f, 0xe8, + 0x66, 0x67, 0x2c, 0x92 +}; + + +/* + * AES-256 no df PR + */ +static const unsigned char aes_256_no_df_pr_entropyinput[] = { + 0x15, 0xc7, 0x5d, 0xcb, 0x41, 0x4b, 0x16, 0x01, 0x3a, 0xd1, 0x44, 0xe8, + 0x22, 0x32, 0xc6, 0x9c, 0x3f, 0xe7, 0x43, 0xf5, 0x9a, 0xd3, 0xea, 0xf2, + 0xd7, 0x4e, 0x6e, 0x6a, 0x55, 0x73, 0x40, 0xef, 0x89, 0xad, 0x0d, 0x03, + 0x96, 0x7e, 0x78, 0x81, 0x2f, 0x91, 0x1b, 0x44, 0xb0, 0x02, 0xba, 0x1c, +}; +static const unsigned char aes_256_no_df_pr_nonce[] = { + 0xdc, 0xe4, 0xd4, 0x27, 0x7a, 0x90, 0xd7, 0x99, 0x43, 0xa1, 0x3c, 0x30, + 0xcc, 0x4b, 0xee, 0x2e +}; +static const unsigned char aes_256_no_df_pr_personalizationstring[] = { + 0xe3, 0xe6, 0xb9, 0x11, 0xe4, 0x7a, 0xa4, 0x40, 0x6b, 0xf8, 0x73, 0xf7, + 0x7e, 0xec, 0xc7, 0xb9, 0x97, 0xbf, 0xf8, 0x25, 0x7b, 0xbe, 0x11, 0x9b, + 0x5b, 0x6a, 0x0c, 0x2e, 0x2b, 0x01, 0x51, 0xcd, 0x41, 0x4b, 0x6b, 0xac, + 0x31, 0xa8, 0x0b, 0xf7, 0xe6, 0x59, 0x42, 0xb8, 0x03, 0x0c, 0xf8, 0x06, +}; +static const unsigned char aes_256_no_df_pr_additionalinput[] = { + 0x6a, 0x9f, 0x00, 0x91, 0xae, 0xfe, 0xcf, 0x84, 0x99, 0xce, 0xb1, 0x40, + 0x6d, 0x5d, 0x33, 0x28, 0x84, 0xf4, 0x8c, 0x63, 0x4c, 0x7e, 0xbd, 0x2c, + 0x80, 0x76, 0xee, 0x5a, 0xaa, 0x15, 0x07, 0x31, 0xd8, 0xbb, 0x8c, 0x69, + 0x9d, 0x9d, 0xbc, 0x7e, 0x49, 0xae, 0xec, 0x39, 0x6b, 0xd1, 0x1f, 0x7e, +}; +static const unsigned char aes_256_no_df_pr_entropyinputpr[] = { + 0xf3, 0xb9, 0x75, 0x9c, 0xbd, 0x88, 0xea, 0xa2, 0x50, 0xad, 0xd6, 0x16, + 0x1a, 0x12, 0x3c, 0x86, 0x68, 0xaf, 0x6f, 0xbe, 0x19, 0xf2, 0xee, 0xcc, + 0xa5, 0x70, 0x84, 0x53, 0x50, 0xcb, 0x9f, 0x14, 0xa9, 0xe5, 0xee, 0xb9, + 0x48, 0x45, 0x40, 0xe2, 0xc7, 0xc9, 0x9a, 0x74, 0xff, 0x8c, 0x99, 0x1f, +}; +static const unsigned char aes_256_no_df_pr_int_returnedbits[] = { + 0x2e, 0xf2, 0x45, 0x4c, 0x62, 0x2e, 0x0a, 0xb9, 0x6b, 0xa2, 0xfd, 0x56, + 0x79, 0x60, 0x93, 0xcf +}; +static const unsigned char aes_256_no_df_pr_additionalinput2[] = { + 0xaf, 0x69, 0x20, 0xe9, 0x3b, 0x37, 0x9d, 0x3f, 0xb4, 0x80, 0x02, 0x7a, + 0x25, 0x7d, 0xb8, 0xde, 0x71, 0xc5, 0x06, 0x0c, 0xb4, 0xe2, 0x8f, 0x35, + 0xd8, 0x14, 0x0d, 0x7f, 0x76, 0x63, 0x4e, 0xb5, 0xee, 0xe9, 0x6f, 0x34, + 0xc7, 0x5f, 0x56, 0x14, 0x4a, 0xe8, 0x73, 0x95, 0x5b, 0x1c, 0xb9, 0xcb, +}; +static const unsigned char aes_256_no_df_pr_entropyinputpr2[] = { + 0xe5, 0xb0, 0x2e, 0x7e, 0x52, 0x30, 0xe3, 0x63, 0x82, 0xb6, 0x44, 0xd3, + 0x25, 0x19, 0x05, 0x24, 0x9a, 0x9f, 0x5f, 0x27, 0x6a, 0x29, 0xab, 0xfa, + 0x07, 0xa2, 0x42, 0x0f, 0xc5, 0xa8, 0x94, 0x7c, 0x17, 0x7b, 0x85, 0x83, + 0x0c, 0x25, 0x0e, 0x63, 0x0b, 0xe9, 0x12, 0x60, 0xcd, 0xef, 0x80, 0x0f, +}; +static const unsigned char aes_256_no_df_pr_returnedbits[] = { + 0x5e, 0xf2, 0x26, 0xef, 0x9f, 0x58, 0x5d, 0xd5, 0x4a, 0x10, 0xfe, 0xa7, + 0x2d, 0x5f, 0x4a, 0x46 +}; + + +/* + * AES-256 no df no PR + */ +static const unsigned char aes_256_no_df_entropyinput[] = { + 0xfb, 0xcf, 0x1b, 0x61, 0x16, 0x89, 0x78, 0x23, 0xf5, 0xd8, 0x96, 0xe3, + 0x4e, 0x64, 0x0b, 0x29, 0x9a, 0x3f, 0xf8, 0xa5, 0xed, 0xf2, 0xfe, 0xdb, + 0x16, 0xca, 0x7f, 0x10, 0xfa, 0x5e, 0x18, 0x76, 0x2c, 0x63, 0x5e, 0x96, + 0xcf, 0xb3, 0xd6, 0xfc, 0xaf, 0x99, 0x39, 0x28, 0x9c, 0x61, 0xe8, 0xb3, +}; +static const unsigned char aes_256_no_df_nonce[] = { + 0x12, 0x96, 0xf0, 0x52, 0xf3, 0x8d, 0x81, 0xcf, 0xde, 0x86, 0xf2, 0x99, + 0x43, 0x96, 0xb9, 0xf0 +}; +static const unsigned char aes_256_no_df_personalizationstring[] = { + 0x63, 0x0d, 0x78, 0xf5, 0x90, 0x8e, 0x32, 0x47, 0xb0, 0x4d, 0x37, 0x60, + 0x09, 0x96, 0xbc, 0xbf, 0x97, 0x7a, 0x62, 0x14, 0x45, 0xbd, 0x8d, 0xcc, + 0x69, 0xfb, 0x03, 0xe1, 0x80, 0x1c, 0xc7, 0xe2, 0x2a, 0xf9, 0x37, 0x3f, + 0x66, 0x4d, 0x62, 0xd9, 0x10, 0xe0, 0xad, 0xc8, 0x9a, 0xf0, 0xa8, 0x6d, +}; +static const unsigned char aes_256_no_df_additionalinput[] = { + 0x36, 0xc6, 0x13, 0x60, 0xbb, 0x14, 0xad, 0x22, 0xb0, 0x38, 0xac, 0xa6, + 0x18, 0x16, 0x93, 0x25, 0x86, 0xb7, 0xdc, 0xdc, 0x36, 0x98, 0x2b, 0xf9, + 0x68, 0x33, 0xd3, 0xc6, 0xff, 0xce, 0x8d, 0x15, 0x59, 0x82, 0x76, 0xed, + 0x6f, 0x8d, 0x49, 0x74, 0x2f, 0xda, 0xdc, 0x1f, 0x17, 0xd0, 0xde, 0x17, +}; +static const unsigned char aes_256_no_df_int_returnedbits[] = { + 0x16, 0x2f, 0x8e, 0x3f, 0x21, 0x7a, 0x1c, 0x20, 0x56, 0xd1, 0x92, 0xf6, + 0xd2, 0x25, 0x75, 0x0e +}; +static const unsigned char aes_256_no_df_entropyinputreseed[] = { + 0x91, 0x79, 0x76, 0xee, 0xe0, 0xcf, 0x9e, 0xc2, 0xd5, 0xd4, 0x23, 0x9b, + 0x12, 0x8c, 0x7e, 0x0a, 0xb7, 0xd2, 0x8b, 0xd6, 0x7c, 0xa3, 0xc6, 0xe5, + 0x0e, 0xaa, 0xc7, 0x6b, 0xae, 0x0d, 0xfa, 0x53, 0x06, 0x79, 0xa1, 0xed, + 0x4d, 0x6a, 0x0e, 0xd8, 0x9d, 0xbe, 0x1b, 0x31, 0x93, 0x7b, 0xec, 0xfb, +}; +static const unsigned char aes_256_no_df_additionalinputreseed[] = { + 0xd2, 0x46, 0x50, 0x22, 0x10, 0x14, 0x63, 0xf7, 0xea, 0x0f, 0xb9, 0x7e, + 0x0d, 0xe1, 0x94, 0x07, 0xaf, 0x09, 0x44, 0x31, 0xea, 0x64, 0xa4, 0x18, + 0x5b, 0xf9, 0xd8, 0xc2, 0xfa, 0x03, 0x47, 0xc5, 0x39, 0x43, 0xd5, 0x3b, + 0x62, 0x86, 0x64, 0xea, 0x2c, 0x73, 0x8c, 0xae, 0x9d, 0x98, 0x98, 0x29, +}; +static const unsigned char aes_256_no_df_additionalinput2[] = { + 0x8c, 0xab, 0x18, 0xf8, 0xc3, 0xec, 0x18, 0x5c, 0xb3, 0x1e, 0x9d, 0xbe, + 0x3f, 0x03, 0xb4, 0x00, 0x98, 0x9d, 0xae, 0xeb, 0xf4, 0x94, 0xf8, 0x42, + 0x8f, 0xe3, 0x39, 0x07, 0xe1, 0xc9, 0xad, 0x0b, 0x1f, 0xed, 0xc0, 0xba, + 0xf6, 0xd1, 0xec, 0x27, 0x86, 0x7b, 0xd6, 0x55, 0x9b, 0x60, 0xa5, 0xc6, +}; +static const unsigned char aes_256_no_df_returnedbits[] = { + 0xef, 0xd2, 0xd8, 0x5c, 0xdc, 0x62, 0x25, 0x9f, 0xaa, 0x1e, 0x2c, 0x67, + 0xf6, 0x02, 0x32, 0xe2 +}; diff --git a/deps/openssl/openssl/test/dsatest.c b/deps/openssl/openssl/test/dsatest.c index 3a62eb6934..fa2ec4af12 100644 --- a/deps/openssl/openssl/test/dsatest.c +++ b/deps/openssl/openssl/test/dsatest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -13,23 +13,15 @@ #include <sys/types.h> #include <sys/stat.h> -#include "../e_os.h" - #include <openssl/crypto.h> #include <openssl/rand.h> -#include <openssl/bio.h> -#include <openssl/err.h> #include <openssl/bn.h> +#include <openssl/dsa.h> -#ifdef OPENSSL_NO_DSA -int main(int argc, char *argv[]) -{ - printf("No DSA support\n"); - return (0); -} -#else -# include <openssl/dsa.h> +#include "testutil.h" +#include "internal/nelem.h" +#ifndef OPENSSL_NO_DSA static int dsa_cb(int p, int n, BN_GENCB *arg); /* @@ -71,12 +63,7 @@ static unsigned char out_g[] = { static const unsigned char str1[] = "12345678901234567890"; -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; - -static BIO *bio_err = NULL; - -int main(int argc, char **argv) +static int dsa_test(void) { BN_GENCB *cb; DSA *dsa = NULL; @@ -87,110 +74,68 @@ int main(int argc, char **argv) unsigned int siglen; const BIGNUM *p = NULL, *q = NULL, *g = NULL; - if (bio_err == NULL) - bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - RAND_seed(rnd_seed, sizeof(rnd_seed)); - - BIO_printf(bio_err, "test generation of DSA parameters\n"); - - cb = BN_GENCB_new(); - if (!cb) + if (!TEST_ptr(cb = BN_GENCB_new())) goto end; - BN_GENCB_set(cb, dsa_cb, bio_err); - if (((dsa = DSA_new()) == NULL) || !DSA_generate_parameters_ex(dsa, 512, - seed, 20, - &counter, - &h, cb)) + BN_GENCB_set(cb, dsa_cb, NULL); + if (!TEST_ptr(dsa = DSA_new()) + || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20, + &counter, &h, cb))) goto end; - BIO_printf(bio_err, "seed\n"); - for (i = 0; i < 20; i += 4) { - BIO_printf(bio_err, "%02X%02X%02X%02X ", - seed[i], seed[i + 1], seed[i + 2], seed[i + 3]); - } - BIO_printf(bio_err, "\ncounter=%d h=%ld\n", counter, h); - - DSA_print(bio_err, dsa, 0); - if (counter != 105) { - BIO_printf(bio_err, "counter should be 105\n"); + if (!TEST_int_eq(counter, 105)) goto end; - } - if (h != 2) { - BIO_printf(bio_err, "h should be 2\n"); + if (!TEST_int_eq(h, 2)) goto end; - } DSA_get0_pqg(dsa, &p, &q, &g); i = BN_bn2bin(q, buf); j = sizeof(out_q); - if ((i != j) || (memcmp(buf, out_q, i) != 0)) { - BIO_printf(bio_err, "q value is wrong\n"); + if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i)) goto end; - } i = BN_bn2bin(p, buf); j = sizeof(out_p); - if ((i != j) || (memcmp(buf, out_p, i) != 0)) { - BIO_printf(bio_err, "p value is wrong\n"); + if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i)) goto end; - } i = BN_bn2bin(g, buf); j = sizeof(out_g); - if ((i != j) || (memcmp(buf, out_g, i) != 0)) { - BIO_printf(bio_err, "g value is wrong\n"); + if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i)) goto end; - } DSA_generate_key(dsa); DSA_sign(0, str1, 20, sig, &siglen, dsa); - if (DSA_verify(0, str1, 20, sig, siglen, dsa) == 1) + if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa))) ret = 1; end: - if (!ret) - ERR_print_errors(bio_err); DSA_free(dsa); BN_GENCB_free(cb); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(bio_err) <= 0) - ret = 0; -#endif - BIO_free(bio_err); - bio_err = NULL; - EXIT(!ret); + return ret; } static int dsa_cb(int p, int n, BN_GENCB *arg) { - char c = '*'; static int ok = 0, num = 0; - if (p == 0) { - c = '.'; + if (p == 0) num++; - }; - if (p == 1) - c = '+'; - if (p == 2) { - c = '*'; + if (p == 2) ok++; - } - if (p == 3) - c = '\n'; - BIO_write(BN_GENCB_get_arg(arg), &c, 1); - (void)BIO_flush(BN_GENCB_get_arg(arg)); if (!ok && (p == 0) && (num > 1)) { - BIO_printf(BN_GENCB_get_arg(arg), "error in dsatest\n"); + TEST_error("dsa_cb error"); return 0; } return 1; } +#endif /* OPENSSL_NO_DSA */ + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_DSA + ADD_TEST(dsa_test); #endif + return 1; +} diff --git a/deps/openssl/openssl/test/dtlstest.c b/deps/openssl/openssl/test/dtlstest.c index 8200fac029..772528febf 100644 --- a/deps/openssl/openssl/test/dtlstest.c +++ b/deps/openssl/openssl/test/dtlstest.c @@ -7,6 +7,7 @@ * https://www.openssl.org/source/license.html */ +#include <string.h> #include <openssl/bio.h> #include <openssl/crypto.h> #include <openssl/ssl.h> @@ -17,6 +18,7 @@ static char *cert = NULL; static char *privkey = NULL; +static unsigned int timer_cb_count; #define NUM_TESTS 2 @@ -40,6 +42,16 @@ static unsigned char certstatus[] = { #define RECORD_SEQUENCE 10 +static unsigned int timer_cb(SSL *s, unsigned int timer_us) +{ + ++timer_cb_count; + + if (timer_us == 0) + return 50000; + else + return 2 * timer_us; +} + static int test_dtls_unprocessed(int testidx) { SSL_CTX *sctx = NULL, *cctx = NULL; @@ -47,32 +59,27 @@ static int test_dtls_unprocessed(int testidx) BIO *c_to_s_fbio, *c_to_s_mempacket; int testresult = 0; - printf("Starting Test %d\n", testidx); + timer_cb_count = 0; - if (!create_ssl_ctx_pair(DTLS_server_method(), DTLS_client_method(), - DTLS1_VERSION, DTLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, DTLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) return 0; - } - if (!SSL_CTX_set_cipher_list(cctx, "AES128-SHA")) { - printf("Failed setting cipher list\n"); - } + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES128-SHA"))) + goto end; c_to_s_fbio = BIO_new(bio_f_tls_dump_filter()); - if (c_to_s_fbio == NULL) { - printf("Failed to create filter BIO\n"); + if (!TEST_ptr(c_to_s_fbio)) goto end; - } /* BIO is freed by create_ssl_connection on error */ - if (!create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, NULL, - c_to_s_fbio)) { - printf("Unable to create SSL objects\n"); - ERR_print_errors_fp(stdout); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, + NULL, c_to_s_fbio))) goto end; - } + + DTLS_set_timer_cb(clientssl1, timer_cb); if (testidx == 1) certstatus[RECORD_SEQUENCE] = 0xff; @@ -89,9 +96,12 @@ static int test_dtls_unprocessed(int testidx) mempacket_test_inject(c_to_s_mempacket, (char *)certstatus, sizeof(certstatus), 1, INJECT_PACKET_IGNORE_REC_SEQ); - if (!create_ssl_connection(serverssl1, clientssl1)) { - printf("Unable to create SSL connection\n"); - ERR_print_errors_fp(stdout); + if (!TEST_true(create_ssl_connection(serverssl1, clientssl1, + SSL_ERROR_NONE))) + goto end; + + if (timer_cb_count == 0) { + printf("timer_callback was not called.\n"); goto end; } @@ -105,39 +115,231 @@ static int test_dtls_unprocessed(int testidx) return testresult; } -int main(int argc, char *argv[]) +#define CLI_TO_SRV_EPOCH_0_RECS 3 +#define CLI_TO_SRV_EPOCH_1_RECS 1 +#if !defined(OPENSSL_NO_EC) || !defined(OPENSSL_NO_DH) +# define SRV_TO_CLI_EPOCH_0_RECS 12 +#else +/* + * In this case we have no ServerKeyExchange message, because we don't have + * ECDHE or DHE. When it is present it gets fragmented into 3 records in this + * test. + */ +# define SRV_TO_CLI_EPOCH_0_RECS 9 +#endif +#define SRV_TO_CLI_EPOCH_1_RECS 1 +#define TOTAL_FULL_HAND_RECORDS \ + (CLI_TO_SRV_EPOCH_0_RECS + CLI_TO_SRV_EPOCH_1_RECS + \ + SRV_TO_CLI_EPOCH_0_RECS + SRV_TO_CLI_EPOCH_1_RECS) + +#define CLI_TO_SRV_RESUME_EPOCH_0_RECS 3 +#define CLI_TO_SRV_RESUME_EPOCH_1_RECS 1 +#define SRV_TO_CLI_RESUME_EPOCH_0_RECS 2 +#define SRV_TO_CLI_RESUME_EPOCH_1_RECS 1 +#define TOTAL_RESUME_HAND_RECORDS \ + (CLI_TO_SRV_RESUME_EPOCH_0_RECS + CLI_TO_SRV_RESUME_EPOCH_1_RECS + \ + SRV_TO_CLI_RESUME_EPOCH_0_RECS + SRV_TO_CLI_RESUME_EPOCH_1_RECS) + +#define TOTAL_RECORDS (TOTAL_FULL_HAND_RECORDS + TOTAL_RESUME_HAND_RECORDS) + +static int test_dtls_drop_records(int idx) { - BIO *err = NULL; - int testresult = 1; + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + BIO *c_to_s_fbio, *mempackbio; + int testresult = 0; + int epoch = 0; + SSL_SESSION *sess = NULL; + int cli_to_srv_epoch0, cli_to_srv_epoch1, srv_to_cli_epoch0; + + if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, DTLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + return 0; - if (argc != 3) { - printf("Invalid argument count\n"); - return 1; + if (idx >= TOTAL_FULL_HAND_RECORDS) { + /* We're going to do a resumption handshake. Get a session first. */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_ptr(sess = SSL_get1_session(clientssl))) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + cli_to_srv_epoch0 = CLI_TO_SRV_RESUME_EPOCH_0_RECS; + cli_to_srv_epoch1 = CLI_TO_SRV_RESUME_EPOCH_1_RECS; + srv_to_cli_epoch0 = SRV_TO_CLI_RESUME_EPOCH_0_RECS; + idx -= TOTAL_FULL_HAND_RECORDS; + } else { + cli_to_srv_epoch0 = CLI_TO_SRV_EPOCH_0_RECS; + cli_to_srv_epoch1 = CLI_TO_SRV_EPOCH_1_RECS; + srv_to_cli_epoch0 = SRV_TO_CLI_EPOCH_0_RECS; } - cert = argv[1]; - privkey = argv[2]; + c_to_s_fbio = BIO_new(bio_f_tls_dump_filter()); + if (!TEST_ptr(c_to_s_fbio)) + goto end; + + /* BIO is freed by create_ssl_connection on error */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, c_to_s_fbio))) + goto end; - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); + if (sess != NULL) { + if (!TEST_true(SSL_set_session(clientssl, sess))) + goto end; + } - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + DTLS_set_timer_cb(clientssl, timer_cb); + DTLS_set_timer_cb(serverssl, timer_cb); - ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS); + /* Work out which record to drop based on the test number */ + if (idx >= cli_to_srv_epoch0 + cli_to_srv_epoch1) { + mempackbio = SSL_get_wbio(serverssl); + idx -= cli_to_srv_epoch0 + cli_to_srv_epoch1; + if (idx >= srv_to_cli_epoch0) { + epoch = 1; + idx -= srv_to_cli_epoch0; + } + } else { + mempackbio = SSL_get_wbio(clientssl); + if (idx >= cli_to_srv_epoch0) { + epoch = 1; + idx -= cli_to_srv_epoch0; + } + mempackbio = BIO_next(mempackbio); + } + BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_EPOCH, epoch, NULL); + BIO_ctrl(mempackbio, MEMPACKET_CTRL_SET_DROP_REC, idx, NULL); - testresult = run_tests(argv[0]); + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) + goto end; - bio_f_tls_dump_filter_free(); - bio_s_mempacket_test_free(); + if (sess != NULL && !TEST_true(SSL_session_reused(clientssl))) + goto end; -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 1; -#endif - BIO_free(err); + /* If the test did what we planned then it should have dropped a record */ + if (!TEST_int_eq((int)BIO_ctrl(mempackbio, MEMPACKET_CTRL_GET_DROP_REC, 0, + NULL), -1)) + goto end; + + testresult = 1; + end: + SSL_SESSION_free(sess); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +static const char dummy_cookie[] = "0123456"; + +static int generate_cookie_cb(SSL *ssl, unsigned char *cookie, + unsigned int *cookie_len) +{ + memcpy(cookie, dummy_cookie, sizeof(dummy_cookie)); + *cookie_len = sizeof(dummy_cookie); + return 1; +} + +static int verify_cookie_cb(SSL *ssl, const unsigned char *cookie, + unsigned int cookie_len) +{ + return TEST_mem_eq(cookie, cookie_len, dummy_cookie, sizeof(dummy_cookie)); +} - if (!testresult) - printf("PASS\n"); +static int test_cookie(void) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, DTLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + return 0; + + SSL_CTX_set_options(sctx, SSL_OP_COOKIE_EXCHANGE); + SSL_CTX_set_cookie_generate_cb(sctx, generate_cookie_cb); + SSL_CTX_set_cookie_verify_cb(sctx, verify_cookie_cb); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + testresult = 1; + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); return testresult; } + +static int test_dtls_duplicate_records(void) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, DTLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + return 0; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + DTLS_set_timer_cb(clientssl, timer_cb); + DTLS_set_timer_cb(serverssl, timer_cb); + + BIO_ctrl(SSL_get_wbio(clientssl), MEMPACKET_CTRL_SET_DUPLICATE_REC, 1, NULL); + BIO_ctrl(SSL_get_wbio(serverssl), MEMPACKET_CTRL_SET_DUPLICATE_REC, 1, NULL); + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) + goto end; + + testresult = 1; + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +int setup_tests(void) +{ + if (!TEST_ptr(cert = test_get_argument(0)) + || !TEST_ptr(privkey = test_get_argument(1))) + return 0; + + ADD_ALL_TESTS(test_dtls_unprocessed, NUM_TESTS); + ADD_ALL_TESTS(test_dtls_drop_records, TOTAL_RECORDS); + ADD_TEST(test_cookie); + ADD_TEST(test_dtls_duplicate_records); + + return 1; +} + +void cleanup_tests(void) +{ + bio_f_tls_dump_filter_free(); + bio_s_mempacket_test_free(); +} diff --git a/deps/openssl/openssl/test/dtlsv1listentest.c b/deps/openssl/openssl/test/dtlsv1listentest.c index 91d78e1301..4ce11aacb7 100644 --- a/deps/openssl/openssl/test/dtlsv1listentest.c +++ b/deps/openssl/openssl/test/dtlsv1listentest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,10 +12,8 @@ #include <openssl/bio.h> #include <openssl/err.h> #include <openssl/conf.h> -#ifndef OPENSSL_NO_ENGINE - #include <openssl/engine.h> -#endif -#include "e_os.h" +#include "internal/nelem.h" +#include "testutil.h" #ifndef OPENSSL_NO_SOCK @@ -236,7 +234,7 @@ static const unsigned char verify[] = { 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13 /* Cookie */ }; -static struct { +typedef struct { const unsigned char *in; unsigned int inlen; /* @@ -245,52 +243,18 @@ static struct { * DROP == 0 return value, no output */ enum {GOOD, VERIFY, DROP} outtype; -} testpackets[9] = { - { - clienthello_nocookie, - sizeof(clienthello_nocookie), - VERIFY - }, - { - clienthello_nocookie_frag, - sizeof(clienthello_nocookie_frag), - VERIFY - }, - { - clienthello_nocookie_short, - sizeof(clienthello_nocookie_short), - DROP - }, - { - clienthello_2ndfrag, - sizeof(clienthello_2ndfrag), - DROP - }, - { - clienthello_cookie, - sizeof(clienthello_cookie), - GOOD - }, - { - clienthello_cookie_frag, - sizeof(clienthello_cookie_frag), - GOOD - }, - { - clienthello_badcookie, - sizeof(clienthello_badcookie), - VERIFY - }, - { - clienthello_cookie_short, - sizeof(clienthello_cookie_short), - DROP - }, - { - record_short, - sizeof(record_short), - DROP - } +} tests; + +static tests testpackets[9] = { + { clienthello_nocookie, sizeof(clienthello_nocookie), VERIFY }, + { clienthello_nocookie_frag, sizeof(clienthello_nocookie_frag), VERIFY }, + { clienthello_nocookie_short, sizeof(clienthello_nocookie_short), DROP }, + { clienthello_2ndfrag, sizeof(clienthello_2ndfrag), DROP }, + { clienthello_cookie, sizeof(clienthello_cookie), GOOD }, + { clienthello_cookie_frag, sizeof(clienthello_cookie_frag), GOOD }, + { clienthello_badcookie, sizeof(clienthello_badcookie), VERIFY }, + { clienthello_cookie_short, sizeof(clienthello_cookie_short), DROP }, + { record_short, sizeof(record_short), DROP } }; # define COOKIE_LEN 20 @@ -299,9 +263,8 @@ static int cookie_gen(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len) { unsigned int i; - for (i = 0; i < COOKIE_LEN; i++, cookie++) { + for (i = 0; i < COOKIE_LEN; i++, cookie++) *cookie = i; - } *cookie_len = COOKIE_LEN; return 1; @@ -322,105 +285,73 @@ static int cookie_verify(SSL *ssl, const unsigned char *cookie, return 1; } -#endif -int main(void) +static int dtls_listen_test(int i) { -#ifndef OPENSSL_NO_SOCK SSL_CTX *ctx = NULL; SSL *ssl = NULL; BIO *outbio = NULL; BIO *inbio = NULL; - BIO_ADDR *peer = BIO_ADDR_new(); + BIO_ADDR *peer = NULL; + tests *tp = &testpackets[i]; char *data; long datalen; int ret, success = 0; - long i; - ctx = SSL_CTX_new(DTLS_server_method()); - if (ctx == NULL || peer == NULL) + if (!TEST_ptr(ctx = SSL_CTX_new(DTLS_server_method())) + || !TEST_ptr(peer = BIO_ADDR_new())) goto err; - SSL_CTX_set_cookie_generate_cb(ctx, cookie_gen); SSL_CTX_set_cookie_verify_cb(ctx, cookie_verify); - /* Create an SSL object for the connection */ - ssl = SSL_new(ctx); - if (ssl == NULL) - goto err; - - outbio = BIO_new(BIO_s_mem()); - if (outbio == NULL) + /* Create an SSL object and set the BIO */ + if (!TEST_ptr(ssl = SSL_new(ctx)) + || !TEST_ptr(outbio = BIO_new(BIO_s_mem()))) goto err; SSL_set0_wbio(ssl, outbio); - success = 1; - for (i = 0; i < (long)OSSL_NELEM(testpackets) && success; i++) { - inbio = BIO_new_mem_buf((char *)testpackets[i].in, - testpackets[i].inlen); - if (inbio == NULL) { - success = 0; - goto err; - } - /* Set Non-blocking IO behaviour */ - BIO_set_mem_eof_return(inbio, -1); + /* Set Non-blocking IO behaviour */ + if (!TEST_ptr(inbio = BIO_new_mem_buf((char *)tp->in, tp->inlen))) + goto err; + BIO_set_mem_eof_return(inbio, -1); + SSL_set0_rbio(ssl, inbio); - SSL_set0_rbio(ssl, inbio); + /* Process the incoming packet */ + if (!TEST_int_ge(ret = DTLSv1_listen(ssl, peer), 0)) + goto err; + datalen = BIO_get_mem_data(outbio, &data); - /* Process the incoming packet */ - ret = DTLSv1_listen(ssl, peer); - if (ret < 0) { - success = 0; + if (tp->outtype == VERIFY) { + if (!TEST_int_eq(ret, 0) + || !TEST_mem_eq(data, datalen, verify, sizeof(verify))) goto err; - } - - datalen = BIO_get_mem_data(outbio, &data); - - if (testpackets[i].outtype == VERIFY) { - if (ret == 0) { - if (datalen != sizeof(verify) - || (memcmp(data, verify, sizeof(verify)) != 0)) { - printf("Test %ld failure: incorrect HelloVerifyRequest\n", i); - success = 0; - } else { - printf("Test %ld success\n", i); - } - } else { - printf ("Test %ld failure: should not have succeeded\n", i); - success = 0; - } - } else if (datalen == 0) { - if ((ret == 0 && testpackets[i].outtype == DROP) - || (ret == 1 && testpackets[i].outtype == GOOD)) { - printf("Test %ld success\n", i); - } else { - printf("Test %ld failure: wrong return value\n", i); - success = 0; - } - } else { - printf("Test %ld failure: Unexpected data output\n", i); - success = 0; - } - (void)BIO_reset(outbio); - inbio = NULL; - /* Frees up inbio */ - SSL_set0_rbio(ssl, NULL); + } else if (datalen == 0) { + if (!TEST_true((ret == 0 && tp->outtype == DROP) + || (ret == 1 && tp->outtype == GOOD))) + goto err; + } else { + TEST_info("Test %d: unexpected data output", i); + goto err; } + (void)BIO_reset(outbio); + inbio = NULL; + SSL_set0_rbio(ssl, NULL); + success = 1; err: - if (!success) - ERR_print_errors_fp(stderr); /* Also frees up outbio */ SSL_free(ssl); SSL_CTX_free(ctx); BIO_free(inbio); OPENSSL_free(peer); -# ifndef OPENSSL_NO_CRYPTO_MDEBUG - CRYPTO_mem_leaks_fp(stderr); -# endif - return success ? 0 : 1; -#else - printf("DTLSv1_listen() is not supported by this build - skipping\n"); - return 0; + return success; +} +#endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_SOCK + ADD_ALL_TESTS(dtls_listen_test, (int)OSSL_NELEM(testpackets)); #endif + return 1; } diff --git a/deps/openssl/openssl/test/ecdsatest.c b/deps/openssl/openssl/test/ecdsatest.c index ce73778791..96939a5b72 100644 --- a/deps/openssl/openssl/test/ecdsatest.c +++ b/deps/openssl/openssl/test/ecdsatest.c @@ -1,5 +1,6 @@ /* - * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,33 +8,14 @@ * https://www.openssl.org/source/license.html */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - #include <stdio.h> #include <stdlib.h> #include <string.h> #include <openssl/opensslconf.h> /* To see if OPENSSL_NO_EC is defined */ +#include "testutil.h" -#ifdef OPENSSL_NO_EC -int main(int argc, char *argv[]) -{ - puts("Elliptic curves are disabled."); - return 0; -} -#else +#ifndef OPENSSL_NO_EC # include <openssl/crypto.h> # include <openssl/bio.h> @@ -43,50 +25,36 @@ int main(int argc, char *argv[]) # ifndef OPENSSL_NO_ENGINE # include <openssl/engine.h> # endif +# include <openssl/sha.h> # include <openssl/err.h> # include <openssl/rand.h> -static const char rnd_seed[] = "string to make the random number generator " - "think it has entropy"; - -/* declaration of the test functions */ -int x9_62_tests(BIO *); -int x9_62_test_internal(BIO *out, int nid, const char *r, const char *s); -int test_builtin(BIO *); - /* functions to change the RAND_METHOD */ -int change_rand(void); -int restore_rand(void); -int fbytes(unsigned char *buf, int num); +static int fbytes(unsigned char *buf, int num); static RAND_METHOD fake_rand; static const RAND_METHOD *old_rand; -int change_rand(void) +static int change_rand(void) { /* save old rand method */ - if ((old_rand = RAND_get_rand_method()) == NULL) + if (!TEST_ptr(old_rand = RAND_get_rand_method())) return 0; - fake_rand.seed = old_rand->seed; - fake_rand.cleanup = old_rand->cleanup; - fake_rand.add = old_rand->add; - fake_rand.status = old_rand->status; + fake_rand = *old_rand; /* use own random function */ fake_rand.bytes = fbytes; - fake_rand.pseudorand = old_rand->bytes; /* set new RAND_METHOD */ - if (!RAND_set_rand_method(&fake_rand)) + if (!TEST_true(RAND_set_rand_method(&fake_rand))) return 0; return 1; } -int restore_rand(void) +static int restore_rand(void) { - if (!RAND_set_rand_method(old_rand)) + if (!TEST_true(RAND_set_rand_method(old_rand))) return 0; - else - return 1; + return 1; } static int fbytes_counter = 0, use_fake = 0; @@ -105,9 +73,9 @@ static const char *numbers[8] = { "40041670216363" }; -int fbytes(unsigned char *buf, int num) +static int fbytes(unsigned char *buf, int num) { - int ret; + int ret = 0; BIGNUM *tmp = NULL; if (use_fake == 0) @@ -117,85 +85,79 @@ int fbytes(unsigned char *buf, int num) if (fbytes_counter >= 8) return 0; - tmp = BN_new(); - if (!tmp) + if (!TEST_ptr(tmp = BN_new())) return 0; - if (!BN_dec2bn(&tmp, numbers[fbytes_counter])) { + if (!TEST_true(BN_dec2bn(&tmp, numbers[fbytes_counter]))) { BN_free(tmp); return 0; } fbytes_counter++; - if (num != BN_num_bytes(tmp) || !BN_bn2bin(tmp, buf)) - ret = 0; - else + if (TEST_int_eq(BN_num_bytes(tmp), num) + && TEST_true(BN_bn2bin(tmp, buf))) ret = 1; BN_free(tmp); return ret; } /* some tests from the X9.62 draft */ -int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) +static int x9_62_test_internal(int nid, const char *r_in, const char *s_in) { int ret = 0; const char message[] = "abc"; - unsigned char digest[20]; + unsigned char digest[SHA_DIGEST_LENGTH]; unsigned int dgst_len = 0; - EVP_MD_CTX *md_ctx = EVP_MD_CTX_new(); + EVP_MD_CTX *md_ctx; EC_KEY *key = NULL; ECDSA_SIG *signature = NULL; BIGNUM *r = NULL, *s = NULL; BIGNUM *kinv = NULL, *rp = NULL; const BIGNUM *sig_r, *sig_s; - if (md_ctx == NULL) + if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())) goto x962_int_err; /* get the message digest */ - if (!EVP_DigestInit(md_ctx, EVP_sha1()) - || !EVP_DigestUpdate(md_ctx, (const void *)message, 3) - || !EVP_DigestFinal(md_ctx, digest, &dgst_len)) + if (!TEST_true(EVP_DigestInit(md_ctx, EVP_sha1())) + || !TEST_true(EVP_DigestUpdate(md_ctx, (const void *)message, 3)) + || !TEST_true(EVP_DigestFinal(md_ctx, digest, &dgst_len))) goto x962_int_err; - BIO_printf(out, "testing %s: ", OBJ_nid2sn(nid)); + TEST_info("testing %s", OBJ_nid2sn(nid)); + /* create the key */ - if ((key = EC_KEY_new_by_curve_name(nid)) == NULL) + if (!TEST_ptr(key = EC_KEY_new_by_curve_name(nid))) goto x962_int_err; use_fake = 1; - if (!EC_KEY_generate_key(key)) + if (!TEST_true(EC_KEY_generate_key(key))) goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); + /* create the signature */ use_fake = 1; /* Use ECDSA_sign_setup to avoid use of ECDSA nonces */ - if (!ECDSA_sign_setup(key, NULL, &kinv, &rp)) + if (!TEST_true(ECDSA_sign_setup(key, NULL, &kinv, &rp))) goto x962_int_err; - signature = ECDSA_do_sign_ex(digest, 20, kinv, rp, key); - if (signature == NULL) + if (!TEST_ptr(signature = + ECDSA_do_sign_ex(digest, SHA_DIGEST_LENGTH, kinv, rp, key))) goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); + /* compare the created signature with the expected signature */ - if ((r = BN_new()) == NULL || (s = BN_new()) == NULL) + if (!TEST_ptr(r = BN_new()) || !TEST_ptr(s = BN_new())) goto x962_int_err; - if (!BN_dec2bn(&r, r_in) || !BN_dec2bn(&s, s_in)) + if (!TEST_true(BN_dec2bn(&r, r_in)) || !TEST_true(BN_dec2bn(&s, s_in))) goto x962_int_err; ECDSA_SIG_get0(signature, &sig_r, &sig_s); - if (BN_cmp(sig_r, r) || BN_cmp(sig_s, s)) + if (!TEST_BN_eq(sig_r, r) + || !TEST_BN_eq(sig_s, s)) goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); + /* verify the signature */ - if (ECDSA_do_verify(digest, 20, signature, key) != 1) + if (!TEST_int_eq(ECDSA_do_verify(digest, SHA_DIGEST_LENGTH, + signature, key), 1)) goto x962_int_err; - BIO_printf(out, "."); - (void)BIO_flush(out); - BIO_printf(out, " ok\n"); ret = 1; + x962_int_err: - if (!ret) - BIO_printf(out, " failed\n"); EC_KEY_free(key); ECDSA_SIG_free(signature); BN_free(r); @@ -206,53 +168,54 @@ int x9_62_test_internal(BIO *out, int nid, const char *r_in, const char *s_in) return ret; } -int x9_62_tests(BIO *out) +static int x9_62_tests(void) { int ret = 0; - BIO_printf(out, "some tests from X9.62:\n"); - /* set own rand method */ if (!change_rand()) goto x962_err; - if (!x9_62_test_internal(out, NID_X9_62_prime192v1, - "3342403536405981729393488334694600415596881826869351677613", - "5735822328888155254683894997897571951568553642892029982342")) + if (!TEST_true(x9_62_test_internal(NID_X9_62_prime192v1, + "3342403536405981729393488334694600415596881826869351677613", + "5735822328888155254683894997897571951568553642892029982342"))) goto x962_err; - if (!x9_62_test_internal(out, NID_X9_62_prime239v1, - "3086361431751678114926225473006680188549593787585317781474" + if (!TEST_true(x9_62_test_internal(NID_X9_62_prime239v1, + "3086361431751678114926225473006680188549593787585317781474" "62058306432176", - "3238135532097973577080787768312505059318910517550078427819" - "78505179448783")) + "3238135532097973577080787768312505059318910517550078427819" + "78505179448783"))) goto x962_err; + # ifndef OPENSSL_NO_EC2M - if (!x9_62_test_internal(out, NID_X9_62_c2tnb191v1, - "87194383164871543355722284926904419997237591535066528048", - "308992691965804947361541664549085895292153777025772063598")) + if (!TEST_true(x9_62_test_internal(NID_X9_62_c2tnb191v1, + "87194383164871543355722284926904419997237591535066528048", + "308992691965804947361541664549085895292153777025772063598"))) goto x962_err; - if (!x9_62_test_internal(out, NID_X9_62_c2tnb239v1, - "2159633321041961198501834003903461262881815148684178964245" + if (!TEST_true(x9_62_test_internal(NID_X9_62_c2tnb239v1, + "2159633321041961198501834003903461262881815148684178964245" "5876922391552", - "1970303740007316867383349976549972270528498040721988191026" - "49413465737174")) + "1970303740007316867383349976549972270528498040721988191026" + "49413465737174"))) goto x962_err; # endif ret = 1; + x962_err: - if (!restore_rand()) + if (!TEST_true(restore_rand())) ret = 0; return ret; } -int test_builtin(BIO *out) +static int test_builtin(void) { EC_builtin_curve *curves = NULL; size_t crv_len = 0, n = 0; EC_KEY *eckey = NULL, *wrong_eckey = NULL; EC_GROUP *group; ECDSA_SIG *ecdsa_sig = NULL, *modified_sig = NULL; - unsigned char digest[20], wrong_digest[20]; + unsigned char digest[SHA512_DIGEST_LENGTH]; + unsigned char wrong_digest[SHA512_DIGEST_LENGTH]; unsigned char *signature = NULL; const unsigned char *sig_ptr; unsigned char *sig_ptr2; @@ -264,120 +227,80 @@ int test_builtin(BIO *out) int nid, ret = 0; /* fill digest values with some random data */ - if (RAND_bytes(digest, 20) <= 0 || RAND_bytes(wrong_digest, 20) <= 0) { - BIO_printf(out, "ERROR: unable to get random data\n"); + if (!TEST_true(RAND_bytes(digest, SHA512_DIGEST_LENGTH)) + || !TEST_true(RAND_bytes(wrong_digest, SHA512_DIGEST_LENGTH))) goto builtin_err; - } - - /* - * create and verify a ecdsa signature with every available curve (with ) - */ - BIO_printf(out, "\ntesting ECDSA_sign() and ECDSA_verify() " - "with some internal curves:\n"); + /* create and verify a ecdsa signature with every available curve */ /* get a list of all internal curves */ crv_len = EC_get_builtin_curves(NULL, 0); - curves = OPENSSL_malloc(sizeof(*curves) * crv_len); - if (curves == NULL) { - BIO_printf(out, "malloc error\n"); + if (!TEST_ptr(curves = OPENSSL_malloc(sizeof(*curves) * crv_len)) + || !TEST_true(EC_get_builtin_curves(curves, crv_len))) goto builtin_err; - } - - if (!EC_get_builtin_curves(curves, crv_len)) { - BIO_printf(out, "unable to get internal curves\n"); - goto builtin_err; - } /* now create and verify a signature for every curve */ for (n = 0; n < crv_len; n++) { unsigned char dirt, offset; nid = curves[n].nid; - if (nid == NID_ipsec4 || nid == NID_X25519) + if (nid == NID_ipsec4 || nid == NID_ipsec3) continue; /* create new ecdsa key (== EC_KEY) */ - if ((eckey = EC_KEY_new()) == NULL) - goto builtin_err; - group = EC_GROUP_new_by_curve_name(nid); - if (group == NULL) - goto builtin_err; - if (EC_KEY_set_group(eckey, group) == 0) + if (!TEST_ptr(eckey = EC_KEY_new()) + || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) + || !TEST_true(EC_KEY_set_group(eckey, group))) goto builtin_err; EC_GROUP_free(group); degree = EC_GROUP_get_degree(EC_KEY_get0_group(eckey)); - if (degree < 160) { - /* drop the curve */ - EC_KEY_free(eckey); - eckey = NULL; - continue; - } - BIO_printf(out, "%s: ", OBJ_nid2sn(nid)); + + TEST_info("testing %s", OBJ_nid2sn(nid)); + /* create key */ - if (!EC_KEY_generate_key(eckey)) { - BIO_printf(out, " failed\n"); + if (!TEST_true(EC_KEY_generate_key(eckey))) goto builtin_err; - } /* create second key */ - if ((wrong_eckey = EC_KEY_new()) == NULL) - goto builtin_err; - group = EC_GROUP_new_by_curve_name(nid); - if (group == NULL) - goto builtin_err; - if (EC_KEY_set_group(wrong_eckey, group) == 0) + if (!TEST_ptr(wrong_eckey = EC_KEY_new()) + || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid)) + || !TEST_true(EC_KEY_set_group(wrong_eckey, group))) goto builtin_err; EC_GROUP_free(group); - if (!EC_KEY_generate_key(wrong_eckey)) { - BIO_printf(out, " failed\n"); + if (!TEST_true(EC_KEY_generate_key(wrong_eckey))) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); /* check key */ - if (!EC_KEY_check_key(eckey)) { - BIO_printf(out, " failed\n"); + if (!TEST_true(EC_KEY_check_key(eckey))) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + /* create signature */ sig_len = ECDSA_size(eckey); - if ((signature = OPENSSL_malloc(sig_len)) == NULL) - goto builtin_err; - if (!ECDSA_sign(0, digest, 20, signature, &sig_len, eckey)) { - BIO_printf(out, " failed\n"); + if (!TEST_ptr(signature = OPENSSL_malloc(sig_len)) + || !TEST_true(ECDSA_sign(0, digest, SHA512_DIGEST_LENGTH, + signature, &sig_len, eckey))) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + /* verify signature */ - if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) { - BIO_printf(out, " failed\n"); + if (!TEST_int_eq(ECDSA_verify(0, digest, SHA512_DIGEST_LENGTH, + signature, sig_len, eckey), + 1)) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + /* verify signature with the wrong key */ - if (ECDSA_verify(0, digest, 20, signature, sig_len, wrong_eckey) == 1) { - BIO_printf(out, " failed\n"); + if (!TEST_int_ne(ECDSA_verify(0, digest, SHA512_DIGEST_LENGTH, + signature, sig_len, wrong_eckey), + 1)) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + /* wrong digest */ - if (ECDSA_verify(0, wrong_digest, 20, signature, sig_len, eckey) == 1) { - BIO_printf(out, " failed\n"); + if (!TEST_int_ne(ECDSA_verify(0, wrong_digest, SHA512_DIGEST_LENGTH, + signature, sig_len, eckey), + 1)) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); + /* wrong length */ - if (ECDSA_verify(0, digest, 20, signature, sig_len - 1, eckey) == 1) { - BIO_printf(out, " failed\n"); + if (!TEST_int_ne(ECDSA_verify(0, digest, SHA512_DIGEST_LENGTH, + signature, sig_len - 1, eckey), + 1)) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); /* * Modify a single byte of the signature: to ensure we don't garble @@ -385,10 +308,8 @@ int test_builtin(BIO *out) * one of the bignums directly. */ sig_ptr = signature; - if ((ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len)) == NULL) { - BIO_printf(out, " failed\n"); + if (!TEST_ptr(ecdsa_sig = d2i_ECDSA_SIG(NULL, &sig_ptr, sig_len))) goto builtin_err; - } ECDSA_SIG_get0(ecdsa_sig, &sig_r, &sig_s); @@ -396,12 +317,11 @@ int test_builtin(BIO *out) r_len = BN_num_bytes(sig_r); s_len = BN_num_bytes(sig_s); bn_len = (degree + 7) / 8; - if ((r_len > bn_len) || (s_len > bn_len)) { - BIO_printf(out, " failed\n"); + if (!TEST_false(r_len > bn_len) + || !TEST_false(s_len > bn_len)) goto builtin_err; - } buf_len = 2 * bn_len; - if ((raw_buf = OPENSSL_zalloc(buf_len)) == NULL) + if (!TEST_ptr(raw_buf = OPENSSL_zalloc(buf_len))) goto builtin_err; BN_bn2bin(sig_r, raw_buf + bn_len - r_len); BN_bn2bin(sig_s, raw_buf + buf_len - s_len); @@ -410,30 +330,32 @@ int test_builtin(BIO *out) offset = raw_buf[10] % buf_len; dirt = raw_buf[11] ? raw_buf[11] : 1; raw_buf[offset] ^= dirt; + /* Now read the BIGNUMs back in from raw_buf. */ - modified_sig = ECDSA_SIG_new(); - if (modified_sig == NULL) + if (!TEST_ptr(modified_sig = ECDSA_SIG_new())) goto builtin_err; - if (((modified_r = BN_bin2bn(raw_buf, bn_len, NULL)) == NULL) - || ((modified_s = BN_bin2bn(raw_buf + bn_len, bn_len, NULL)) == NULL) - || !ECDSA_SIG_set0(modified_sig, modified_r, modified_s)) { + if (!TEST_ptr(modified_r = BN_bin2bn(raw_buf, bn_len, NULL)) + || !TEST_ptr(modified_s = BN_bin2bn(raw_buf + bn_len, + bn_len, NULL)) + || !TEST_true(ECDSA_SIG_set0(modified_sig, + modified_r, modified_s))) { BN_free(modified_r); BN_free(modified_s); goto builtin_err; } sig_ptr2 = signature; sig_len = i2d_ECDSA_SIG(modified_sig, &sig_ptr2); - if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) == 1) { - BIO_printf(out, " failed\n"); + if (!TEST_false(ECDSA_verify(0, digest, SHA512_DIGEST_LENGTH, + signature, sig_len, eckey))) goto builtin_err; - } - /* - * Sanity check: undo the modification and verify signature. - */ + + /* Sanity check: undo the modification and verify signature. */ raw_buf[offset] ^= dirt; - if (((unmodified_r = BN_bin2bn(raw_buf, bn_len, NULL)) == NULL) - || ((unmodified_s = BN_bin2bn(raw_buf + bn_len, bn_len, NULL)) == NULL) - || !ECDSA_SIG_set0(modified_sig, unmodified_r, unmodified_s)) { + if (!TEST_ptr(unmodified_r = BN_bin2bn(raw_buf, bn_len, NULL)) + || !TEST_ptr(unmodified_s = BN_bin2bn(raw_buf + bn_len, + bn_len, NULL)) + || !TEST_true(ECDSA_SIG_set0(modified_sig, unmodified_r, + unmodified_s))) { BN_free(unmodified_r); BN_free(unmodified_s); goto builtin_err; @@ -441,16 +363,11 @@ int test_builtin(BIO *out) sig_ptr2 = signature; sig_len = i2d_ECDSA_SIG(modified_sig, &sig_ptr2); - if (ECDSA_verify(0, digest, 20, signature, sig_len, eckey) != 1) { - BIO_printf(out, " failed\n"); + if (!TEST_true(ECDSA_verify(0, digest, SHA512_DIGEST_LENGTH, + signature, sig_len, eckey))) goto builtin_err; - } - BIO_printf(out, "."); - (void)BIO_flush(out); - BIO_printf(out, " ok\n"); /* cleanup */ - /* clean bogus errors */ ERR_clear_error(); OPENSSL_free(signature); signature = NULL; @@ -478,42 +395,15 @@ int test_builtin(BIO *out) return ret; } +#endif -int main(void) +int setup_tests(void) { - int ret = 1; - BIO *out; - char *p; - - out = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); - - p = getenv("OPENSSL_DEBUG_MEMORY"); - if (p != NULL && strcmp(p, "on") == 0) - CRYPTO_set_mem_debug(1); - - /* initialize the prng */ - RAND_seed(rnd_seed, sizeof(rnd_seed)); - - /* the tests */ - if (!x9_62_tests(out)) - goto err; - if (!test_builtin(out)) - goto err; - - ret = 0; - err: - if (ret) - BIO_printf(out, "\nECDSA test failed\n"); - else - BIO_printf(out, "\nECDSA test passed\n"); - if (ret) - ERR_print_errors(out); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(out) <= 0) - ret = 1; +#ifdef OPENSSL_NO_EC + TEST_note("Elliptic curves are disabled."); +#else + ADD_TEST(x9_62_tests); + ADD_TEST(test_builtin); #endif - BIO_free(out); - return ret; + return 1; } -#endif diff --git a/deps/openssl/openssl/test/ectest.c b/deps/openssl/openssl/test/ectest.c index d7b143200d..2703cb4a34 100644 --- a/deps/openssl/openssl/test/ectest.c +++ b/deps/openssl/openssl/test/ectest.c @@ -1,5 +1,6 @@ /* - * Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,38 +8,10 @@ * https://www.openssl.org/source/license.html */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#include <stdio.h> -#include <stdlib.h> -#ifdef FLAT_INC -# include "e_os.h" -#else -# include "../e_os.h" -#endif -#include <string.h> -#include <time.h> - -#ifdef OPENSSL_NO_EC -int main(int argc, char *argv[]) -{ - puts("Elliptic curves are disabled."); - return 0; -} -#else +#include "internal/nelem.h" +#include "testutil.h" +#ifndef OPENSSL_NO_EC # include <openssl/ec.h> # ifndef OPENSSL_NO_ENGINE # include <openssl/engine.h> @@ -50,119 +23,91 @@ int main(int argc, char *argv[]) # include <openssl/bn.h> # include <openssl/opensslconf.h> -# if defined(_MSC_VER) && defined(_MIPS_) && (_MSC_VER/100==12) -/* suppress "too big too optimize" warning */ -# pragma warning(disable:4959) -# endif - -# define ABORT do { \ - fflush(stdout); \ - fprintf(stderr, "%s:%d: ABORT\n", __FILE__, __LINE__); \ - ERR_print_errors_fp(stderr); \ - EXIT(1); \ -} while (0) - -# define TIMING_BASE_PT 0 -# define TIMING_RAND_PT 1 -# define TIMING_SIMUL 2 +static size_t crv_len = 0; +static EC_builtin_curve *curves = NULL; /* test multiplication with group order, long and negative scalars */ -static void group_order_tests(EC_GROUP *group) +static int group_order_tests(EC_GROUP *group) { - BIGNUM *n1, *n2, *order; - EC_POINT *P = EC_POINT_new(group); - EC_POINT *Q = EC_POINT_new(group); - EC_POINT *R = EC_POINT_new(group); - EC_POINT *S = EC_POINT_new(group); - BN_CTX *ctx = BN_CTX_new(); - int i; - - n1 = BN_new(); - n2 = BN_new(); - order = BN_new(); - fprintf(stdout, "verify group order ..."); - fflush(stdout); - if (!EC_GROUP_get_order(group, order, ctx)) - ABORT; - if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, Q)) - ABORT; - fprintf(stdout, "."); - fflush(stdout); - if (!EC_GROUP_precompute_mult(group, ctx)) - ABORT; - if (!EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, Q)) - ABORT; - fprintf(stdout, " ok\n"); - fprintf(stdout, "long/negative scalar tests "); + BIGNUM *n1 = NULL, *n2 = NULL, *order = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL, *S = NULL; + const EC_POINT *G = NULL; + BN_CTX *ctx = NULL; + int i = 0, r = 0; + + if (!TEST_ptr(n1 = BN_new()) + || !TEST_ptr(n2 = BN_new()) + || !TEST_ptr(order = BN_new()) + || !TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(G = EC_GROUP_get0_generator(group)) + || !TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_ptr(S = EC_POINT_new(group))) + goto err; + + if (!TEST_true(EC_GROUP_get_order(group, order, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_GROUP_precompute_mult(group, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, order, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_POINT_copy(P, G)) + || !TEST_true(BN_one(n1)) + || !TEST_true(EC_POINT_mul(group, Q, n1, NULL, NULL, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + || !TEST_true(BN_sub(n1, order, n1)) + || !TEST_true(EC_POINT_mul(group, Q, n1, NULL, NULL, ctx)) + || !TEST_true(EC_POINT_invert(group, Q, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) + goto err; + for (i = 1; i <= 2; i++) { const BIGNUM *scalars[6]; const EC_POINT *points[6]; - fprintf(stdout, i == 1 ? - "allowing precomputation ... " : - "without precomputation ... "); - if (!BN_set_word(n1, i)) - ABORT; - /* - * If i == 1, P will be the predefined generator for which - * EC_GROUP_precompute_mult has set up precomputation. - */ - if (!EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) - ABORT; - - if (!BN_one(n1)) - ABORT; - /* n1 = 1 - order */ - if (!BN_sub(n1, n1, order)) - ABORT; - if (!EC_POINT_mul(group, Q, NULL, P, n1, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) - ABORT; - - /* n2 = 1 + order */ - if (!BN_add(n2, order, BN_value_one())) - ABORT; - if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) - ABORT; - - /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ - if (!BN_mul(n2, n1, n2, ctx)) - ABORT; - if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, Q, P, ctx)) - ABORT; + if (!TEST_true(BN_set_word(n1, i)) + /* + * If i == 1, P will be the predefined generator for which + * EC_GROUP_precompute_mult has set up precomputation. + */ + || !TEST_true(EC_POINT_mul(group, P, n1, NULL, NULL, ctx)) + || (i == 1 && !TEST_int_eq(0, EC_POINT_cmp(group, P, G, ctx))) + || !TEST_true(BN_one(n1)) + /* n1 = 1 - order */ + || !TEST_true(BN_sub(n1, n1, order)) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n1, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + + /* n2 = 1 + order */ + || !TEST_true(BN_add(n2, order, BN_value_one())) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx)) + + /* n2 = (1 - order) * (1 + order) = 1 - order^2 */ + || !TEST_true(BN_mul(n2, n1, n2, ctx)) + || !TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, Q, P, ctx))) + goto err; /* n2 = order^2 - 1 */ BN_set_negative(n2, 0); - if (!EC_POINT_mul(group, Q, NULL, P, n2, ctx)) - ABORT; - /* Add P to verify the result. */ - if (!EC_POINT_add(group, Q, Q, P, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, Q)) - ABORT; - - /* Exercise EC_POINTs_mul, including corner cases. */ - if (EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINT_mul(group, Q, NULL, P, n2, ctx)) + /* Add P to verify the result. */ + || !TEST_true(EC_POINT_add(group, Q, Q, P, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, Q)) + + /* Exercise EC_POINTs_mul, including corner cases. */ + || !TEST_false(EC_POINT_is_at_infinity(group, P))) + goto err; scalars[0] = scalars[1] = BN_value_one(); points[0] = points[1] = P; - if (!EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) - ABORT; - if (!EC_POINT_dbl(group, S, points[0], ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, R, S, ctx)) - ABORT; + if (!TEST_true(EC_POINTs_mul(group, R, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINT_dbl(group, S, points[0], ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, R, S, ctx))) + goto err; scalars[0] = n1; points[0] = Q; /* => infinity */ @@ -176,13 +121,16 @@ static void group_order_tests(EC_GROUP *group) points[4] = P; /* => P */ scalars[5] = n2; points[5] = Q; /* => infinity */ - if (!EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 6, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; } - fprintf(stdout, "ok\n"); + r = 1; +err: + if (r == 0 && i != 0) + TEST_info(i == 1 ? "allowing precomputation" : + "without precomputation"); EC_POINT_free(P); EC_POINT_free(Q); EC_POINT_free(R); @@ -191,1185 +139,981 @@ static void group_order_tests(EC_GROUP *group) BN_free(n2); BN_free(order); BN_CTX_free(ctx); + return r; } -static void prime_field_tests(void) +static int prime_field_tests(void) { BN_CTX *ctx = NULL; - BIGNUM *p, *a, *b; - EC_GROUP *group; - EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, *P_256 = - NULL, *P_384 = NULL, *P_521 = NULL; - EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z, *yplusone; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *scalar3 = NULL; + EC_GROUP *group = NULL, *tmp = NULL; + EC_GROUP *P_160 = NULL, *P_192 = NULL, *P_224 = NULL, + *P_256 = NULL, *P_384 = NULL, *P_521 = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x = NULL, *y = NULL, *z = NULL, *yplusone = NULL; + const EC_POINT *points[4]; + const BIGNUM *scalars[4]; unsigned char buf[100]; - size_t i, len; + size_t len, r = 0; int k; - ctx = BN_CTX_new(); - if (!ctx) - ABORT; - - p = BN_new(); - a = BN_new(); - b = BN_new(); - if (!p || !a || !b) - ABORT; - - if (!BN_hex2bn(&p, "17")) - ABORT; - if (!BN_hex2bn(&a, "1")) - ABORT; - if (!BN_hex2bn(&b, "1")) - ABORT; - - group = EC_GROUP_new(EC_GFp_mont_method()); /* applications should use - * EC_GROUP_new_curve_GFp so - * that the library gets to - * choose the EC_METHOD */ - if (!group) - ABORT; - - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_true(BN_hex2bn(&p, "17")) + || !TEST_true(BN_hex2bn(&a, "1")) + || !TEST_true(BN_hex2bn(&b, "1")) + /* + * applications should use EC_GROUP_new_curve_GFp so + * that the library gets to choose the EC_METHOD + */ + || !TEST_ptr(group = EC_GROUP_new(EC_GFp_mont_method())) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_ptr(tmp = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(tmp, group))) + goto err; + EC_GROUP_free(group); + group = tmp; + tmp = NULL; - { - EC_GROUP *tmp; - tmp = EC_GROUP_new(EC_GROUP_method_of(group)); - if (!tmp) - ABORT; - if (!EC_GROUP_copy(tmp, group)) - ABORT; - EC_GROUP_free(group); - group = tmp; - } + if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx))) + goto err; - if (!EC_GROUP_get_curve_GFp(group, p, a, b, ctx)) - ABORT; - - fprintf(stdout, - "Curve defined by Weierstrass equation\n y^2 = x^3 + a*x + b (mod 0x"); - BN_print_fp(stdout, p); - fprintf(stdout, ")\n a = 0x"); - BN_print_fp(stdout, a); - fprintf(stdout, "\n b = 0x"); - BN_print_fp(stdout, b); - fprintf(stdout, "\n"); - - P = EC_POINT_new(group); - Q = EC_POINT_new(group); - R = EC_POINT_new(group); - if (!P || !Q || !R) - ABORT; - - if (!EC_POINT_set_to_infinity(group, P)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + TEST_info("Curve defined by Weierstrass equation"); + TEST_note(" y^2 = x^3 + a*x + b (mod p)"); + test_output_bignum("a", a); + test_output_bignum("b", b); + test_output_bignum("p", p); buf[0] = 0; - if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) - ABORT; - - if (!EC_POINT_add(group, P, P, Q, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; - - x = BN_new(); - y = BN_new(); - z = BN_new(); - yplusone = BN_new(); - if (x == NULL || y == NULL || z == NULL || yplusone == NULL) - ABORT; - - if (!BN_hex2bn(&x, "D")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { - if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx)) - ABORT; - fprintf(stderr, "Point is not on curve: x = 0x"); - BN_print_fp(stderr, x); - fprintf(stderr, ", y = 0x"); - BN_print_fp(stderr, y); - fprintf(stderr, "\n"); - ABORT; + if (!TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_true(EC_POINT_set_to_infinity(group, P)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_true(EC_POINT_oct2point(group, Q, buf, 1, ctx)) + || !TEST_true(EC_POINT_add(group, P, P, Q, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(z = BN_new()) + || !TEST_ptr(yplusone = BN_new()) + || !TEST_true(BN_hex2bn(&x, "D")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, Q, x, 1, ctx))) + goto err; + + if (!TEST_int_gt(EC_POINT_is_on_curve(group, Q, ctx), 0)) { + if (!TEST_true(EC_POINT_get_affine_coordinates(group, Q, x, y, ctx))) + goto err; + TEST_info("Point is not on curve"); + test_output_bignum("x", x); + test_output_bignum("y", y); + goto err; } - fprintf(stdout, "A cyclic subgroup:\n"); + TEST_note("A cyclic subgroup:"); k = 100; do { - if (k-- == 0) - ABORT; - - if (EC_POINT_is_at_infinity(group, P)) - fprintf(stdout, " point at infinity\n"); - else { - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - - fprintf(stdout, " x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, ", y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + if (!TEST_int_ne(k--, 0)) + goto err; + + if (EC_POINT_is_at_infinity(group, P)) { + TEST_note(" point at infinity"); + } else { + if (!TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, + ctx))) + goto err; + + test_output_bignum("x", x); + test_output_bignum("y", y); } - if (!EC_POINT_copy(R, P)) - ABORT; - if (!EC_POINT_add(group, P, P, Q, ctx)) - ABORT; + if (!TEST_true(EC_POINT_copy(R, P)) + || !TEST_true(EC_POINT_add(group, P, P, Q, ctx))) + goto err; - } - while (!EC_POINT_is_at_infinity(group, P)); + } while (!EC_POINT_is_at_infinity(group, P)); - if (!EC_POINT_add(group, P, Q, R, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINT_add(group, P, Q, R, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, sizeof(buf), ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "Generator as octet string, compressed form:\n "); - for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); - - len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, - sizeof(buf), ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n "); - for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); - - len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf), - ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "\nGenerator as octet string, hybrid form:\n "); - for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); - - if (!EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, ctx)) - ABORT; - fprintf(stdout, - "\nA representation of the inverse of that generator in\nJacobian projective coordinates:\n X = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, ", Y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, ", Z = 0x"); - BN_print_fp(stdout, z); - fprintf(stdout, "\n"); - - if (!EC_POINT_invert(group, P, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, R, ctx)) - ABORT; + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + test_output_memory("Generator as octet string, compressed form:", + buf, len); + + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, + buf, sizeof(buf), ctx); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + test_output_memory("Generator as octet string, uncompressed form:", + buf, len); + + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, + buf, sizeof(buf), ctx); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + test_output_memory("Generator as octet string, hybrid form:", + buf, len); + + if (!TEST_true(EC_POINT_get_Jprojective_coordinates_GFp(group, R, x, y, z, + ctx))) + goto err; + TEST_info("A representation of the inverse of that generator in"); + TEST_note("Jacobian projective coordinates"); + test_output_bignum("x", x); + test_output_bignum("y", y); + test_output_bignum("z", z); + + if (!TEST_true(EC_POINT_invert(group, P, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) /* * Curve secp160r1 (Certicom Research SEC 2 Version 1.0, section 2.4.2, * 2000) -- not a NIST curve, but commonly used */ - if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) - ABORT; - if (!BN_hex2bn(&b, "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn(&x, "4A96B5688EF573284664698968C38BB913CBFC82")) - ABORT; - if (!BN_hex2bn(&y, "23a628553168947d59dcc912042351377ac5fb32")) - ABORT; - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + || !TEST_true(BN_hex2bn(&p, "FFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "1C97BEFC" + "54BD7A8B65ACF89F81D4D4ADC565FA45")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "4A96B568" + "8EF573284664698968C38BB913CBFC82")) + || !TEST_true(BN_hex2bn(&y, "23a62855" + "3168947d59dcc912042351377ac5fb32")) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nSEC2 curve secp160r1 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "0100000000" + "000000000001F4C8F927AED3CA752257")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + TEST_info("SEC2 curve secp160r1 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); /* G_y value taken from the standard: */ - if (!BN_hex2bn(&z, "23a628553168947d59dcc912042351377ac5fb32")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 160) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_160 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_160, group)) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "23a62855" + "3168947d59dcc912042351377ac5fb32")) + || !TEST_BN_eq(y, z) + || !TEST_int_eq(EC_GROUP_get_degree(group), 160) + || !group_order_tests(group) + || !TEST_ptr(P_160 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_160, group)) /* Curve P-192 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) - ABORT; - if (!BN_hex2bn(&b, "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn(&x, "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-192 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "64210519E59C80E7" + "0FA7E9AB72243049FEB8DEECC146B9B1")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "188DA80EB03090F6" + "7CBF20EB43A18800F4FF0AFD82FF1012")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFF" + "FFFFFFFF99DEF836146BC9B1B4D22831")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-192 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); /* G_y value taken from the standard: */ - if (!BN_hex2bn(&z, "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "07192B95FFC8DA78" + "631011ED6B24CDD573F977A11E794811")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 192) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_192 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_192, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 192) + || !group_order_tests(group) + || !TEST_ptr(P_192 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_192, group)) /* Curve P-224 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn - (&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn - (&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) - ABORT; - if (!BN_hex2bn - (&b, "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn - (&x, "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn - (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-224 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFF000000000000000000000001")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")) + || !TEST_true(BN_hex2bn(&b, "B4050A850C04B3ABF5413256" + "5044B0B7D7BFD8BA270B39432355FFB4")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "B70E0CBD6BB4BF7F321390B9" + "4A03C1D356C21122343280D6115C1D21")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF" + "FFFF16A2E0B8F03E13DD29455C5C2A3D")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-224 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); /* G_y value taken from the standard: */ - if (!BN_hex2bn - (&z, "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "BD376388B5F723FB4C22DFE6" + "CD4375A05A07476444D5819985007E34")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 224) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_224, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 224) + || !group_order_tests(group) + || !TEST_ptr(P_224 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_224, group)) /* Curve P-256 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn - (&p, - "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn - (&a, - "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")) - ABORT; - if (!BN_hex2bn - (&b, - "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn - (&x, - "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E" - "84F3B9CAC2FC632551")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-256 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFF000000010000000000000000" + "00000000FFFFFFFFFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFF000000010000000000000000" + "00000000FFFFFFFFFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "5AC635D8AA3A93E7B3EBBD55769886BC" + "651D06B0CC53B0F63BCE3C3E27D2604B")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + + || !TEST_true(BN_hex2bn(&x, "6B17D1F2E12C4247F8BCE6E563A440F2" + "77037D812DEB33A0F4A13945D898C296")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFF" + "BCE6FAADA7179E84F3B9CAC2FC632551")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-256 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); /* G_y value taken from the standard: */ - if (!BN_hex2bn - (&z, - "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "4FE342E2FE1A7F9B8EE7EB4A7C0F9E16" + "2BCE33576B315ECECBB6406837BF51F5")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 256) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_256 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_256, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 256) + || !group_order_tests(group) + || !TEST_ptr(P_256 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_256, group)) /* Curve P-384 (FIPS PUB 186-2, App. 6) */ - if (!BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")) - ABORT; - if (!BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141" - "120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B" - "9859F741E082542A385502F25DBF55296C3A545E3872760AB7")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-384 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" + "FFFFFFFF0000000000000000FFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE" + "FFFFFFFF0000000000000000FFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "B3312FA7E23EE7E4988E056BE3F82D19" + "181D9C6EFE8141120314088F5013875A" + "C656398D8A2ED19D2A85C8EDD3EC2AEF")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + + || !TEST_true(BN_hex2bn(&x, "AA87CA22BE8B05378EB1C71EF320AD74" + "6E1D3B628BA79B9859F741E082542A38" + "5502F25DBF55296C3A545E3872760AB7")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 1, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFC7634D81F4372DDF" + "581A0DB248B0A77AECEC196ACCC52973")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-384 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); /* G_y value taken from the standard: */ - if (!BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A14" - "7CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "3617DE4A96262C6F5D9E98BF9292DC29" + "F8F41DBD289A147CE9DA3113B5F0B8C0" + "0A60B1CE1D7E819D7A431D7C90EA0E5F")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 384) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_384 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_384, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 384) + || !group_order_tests(group) + || !TEST_ptr(P_384 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_384, group)) /* Curve P-521 (FIPS PUB 186-2, App. 6) */ - - if (!BN_hex2bn(&p, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFF")) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFFFFFFFFC")) - ABORT; - if (!BN_hex2bn(&b, "051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B" - "315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573" - "DF883D2C34F1EF451FD46B503F00")) - ABORT; - if (!EC_GROUP_set_curve_GFp(group, p, a, b, ctx)) - ABORT; - - if (!BN_hex2bn(&x, "C6858E06B70404E9CD9E3ECB662395B4429C648139053F" - "B521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B" - "3C1856A429BF97E7E31C2E5BD66")) - ABORT; - if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5" - "C9B8899C47AEBB6FB71E91386409")) - ABORT; - if (!EC_GROUP_set_generator(group, P, z, BN_value_one())) - ABORT; - - if (!EC_POINT_get_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - fprintf(stdout, "\nNIST curve P-521 -- Generator:\n x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, "\n y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + || !TEST_true(BN_hex2bn(&p, "1FF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, "1FF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC")) + || !TEST_true(BN_hex2bn(&b, "051" + "953EB9618E1C9A1F929A21A0B68540EE" + "A2DA725B99B315F3B8B489918EF109E1" + "56193951EC7E937B1652C0BD3BB1BF07" + "3573DF883D2C34F1EF451FD46B503F00")) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_true(BN_hex2bn(&x, "C6" + "858E06B70404E9CD9E3ECB662395B442" + "9C648139053FB521F828AF606B4D3DBA" + "A14B5E77EFE75928FE1DC127A2FFA8DE" + "3348B3C1856A429BF97E7E31C2E5BD66")) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, 0, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, "1FF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA" + "51868783BF2F966B7FCC0148F709A5D0" + "3BB5C9B8899C47AEBB6FB71E91386409")) + || !TEST_true(EC_GROUP_set_generator(group, P, z, BN_value_one())) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + + TEST_info("NIST curve P-521 -- Generator"); + test_output_bignum("x", x); + test_output_bignum("y", y); /* G_y value taken from the standard: */ - if (!BN_hex2bn(&z, "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579" - "B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C" - "7086A272C24088BE94769FD16650")) - ABORT; - if (0 != BN_cmp(y, z)) - ABORT; - - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + if (!TEST_true(BN_hex2bn(&z, "118" + "39296A789A3BC0045C8A5FB42C7D1BD9" + "98F54449579B446817AFBD17273E662C" + "97EE72995EF42640C550B9013FAD0761" + "353C7086A272C24088BE94769FD16650")) + || !TEST_BN_eq(y, z) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(group, P, x, yplusone, ctx)) - ABORT; - - fprintf(stdout, "verify degree ..."); - if (EC_GROUP_get_degree(group) != 521) - ABORT; - fprintf(stdout, " ok\n"); - - group_order_tests(group); - - if ((P_521 = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) - ABORT; - if (!EC_GROUP_copy(P_521, group)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, + ctx)) + || !TEST_int_eq(EC_GROUP_get_degree(group), 521) + || !group_order_tests(group) + || !TEST_ptr(P_521 = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(P_521, group)) /* more tests using the last curve */ /* Restore the point that got mangled in the (x, y + 1) test. */ - if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) - ABORT; - - if (!EC_POINT_copy(Q, P)) - ABORT; - if (EC_POINT_is_at_infinity(group, Q)) - ABORT; - if (!EC_POINT_dbl(group, P, P, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!EC_POINT_invert(group, Q, ctx)) - ABORT; /* P = -2Q */ - - if (!EC_POINT_add(group, R, P, Q, ctx)) - ABORT; - if (!EC_POINT_add(group, R, R, Q, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, R)) - ABORT; /* R = P + 2Q */ + || !TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) + || !TEST_true(EC_POINT_copy(Q, P)) + || !TEST_false(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_POINT_dbl(group, P, P, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(EC_POINT_invert(group, Q, ctx)) /* P = -2Q */ + || !TEST_true(EC_POINT_add(group, R, P, Q, ctx)) + || !TEST_true(EC_POINT_add(group, R, R, Q, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, R)) /* R = P + 2Q */ + || !TEST_false(EC_POINT_is_at_infinity(group, Q))) + goto err; + points[0] = Q; + points[1] = Q; + points[2] = Q; + points[3] = Q; + + if (!TEST_true(EC_GROUP_get_order(group, z, ctx)) + || !TEST_true(BN_add(y, z, BN_value_one())) + || !TEST_BN_even(y) + || !TEST_true(BN_rshift1(y, y))) + goto err; + scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ + scalars[1] = y; + + TEST_note("combined multiplication ..."); + + /* z is still the group order */ + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, R, Q, ctx)) + || !TEST_true(BN_rand(y, BN_num_bits(y), 0, 0)) + || !TEST_true(BN_add(z, z, y))) + goto err; + BN_set_negative(z, 1); + scalars[0] = y; + scalars[1] = z; /* z = -(order + y) */ + + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_true(BN_rand(x, BN_num_bits(y) - 1, 0, 0)) + || !TEST_true(BN_add(z, x, y))) + goto err; + BN_set_negative(z, 1); + scalars[0] = x; + scalars[1] = y; + scalars[2] = z; /* z = -(x+y) */ + + if (!TEST_ptr(scalar3 = BN_new())) + goto err; + BN_zero(scalar3); + scalars[3] = scalar3; + + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; + + TEST_note(" ok\n"); + + + r = 1; +err: + BN_CTX_free(ctx); + BN_free(p); + BN_free(a); + BN_free(b); + EC_GROUP_free(group); + EC_GROUP_free(tmp); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + BN_free(x); + BN_free(y); + BN_free(z); + BN_free(yplusone); + BN_free(scalar3); + EC_GROUP_free(P_160); + EC_GROUP_free(P_192); + EC_GROUP_free(P_224); + EC_GROUP_free(P_256); + EC_GROUP_free(P_384); + EC_GROUP_free(P_521); + return r; +} + +# ifndef OPENSSL_NO_EC2M + +static struct c2_curve_test { + const char *name; + const char *p; + const char *a; + const char *b; + const char *x; + const char *y; + int ybit; + const char *order; + const char *cof; + int degree; +} char2_curve_tests[] = { + /* Curve K-163 (FIPS PUB 186-2, App. 6) */ { - const EC_POINT *points[4]; - const BIGNUM *scalars[4]; - BIGNUM *scalar3; + "NIST curve K-163", + "0800000000000000000000000000000000000000C9", + "1", + "1", + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8", + "0289070FB05D38FF58321F2E800536D538CCDAA3D9", + 1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163 + }, + /* Curve B-163 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve B-163", + "0800000000000000000000000000000000000000C9", + "1", + "020A601907B8C953CA1481EB10512F78744A3205FD", + "03F0EBA16286A2D57EA0991168D4994637E8343E36", + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", + 1, "040000000000000000000292FE77E70C12A4234C33", "2", 163 + }, + /* Curve K-233 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve K-233", + "020000000000000000000000000000000000000004000000000000000001", + "0", + "1", + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126", + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3", + 0, + "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", + "4", 233 + }, + /* Curve B-233 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve B-233", + "020000000000000000000000000000000000000004000000000000000001", + "000000000000000000000000000000000000000000000000000000000001", + "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD", + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B", + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052", + 1, + "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", + "2", 233 + }, + /* Curve K-283 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve K-283", + "08000000" + "00000000000000000000000000000000000000000000000000000000000010A1", + "0", + "1", + "0503213F" + "78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836", + "01CCDA38" + "0F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259", + 0, + "01FFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", + "4", 283 + }, + /* Curve B-283 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve B-283", + "08000000" + "00000000000000000000000000000000000000000000000000000000000010A1", + "00000000" + "0000000000000000000000000000000000000000000000000000000000000001", + "027B680A" + "C8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", + "05F93925" + "8DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053", + "03676854" + "FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4", + 1, + "03FFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", + "2", 283 + }, + /* Curve K-409 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve K-409", + "0200000000000000000000000000000000000000" + "0000000000000000000000000000000000000000008000000000000000000001", + "0", + "1", + "0060F05F658F49C1AD3AB1890F7184210EFD0987" + "E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746", + "01E369050B7C4E42ACBA1DACBF04299C3460782F" + "918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B", + 1, + "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + "FFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", + "4", 409 + }, + /* Curve B-409 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve B-409", + "0200000000000000000000000000000000000000" + "0000000000000000000000000000000000000000008000000000000000000001", + "0000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000001", + "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422E" + "F1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F", + "015D4860D088DDB3496B0C6064756260441CDE4A" + "F1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7", + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5" + "A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706", + 1, + "0100000000000000000000000000000000000000" + "00000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", + "2", 409 + }, + /* Curve K-571 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve K-571", + "800000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000425", + "0", + "1", + "026EB7A859923FBC" + "82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E6" + "47DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972", + "0349DC807F4FBF37" + "4F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA7" + "4FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3", + 0, + "0200000000000000" + "00000000000000000000000000000000000000000000000000000000131850E1" + "F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", + "4", 571 + }, + /* Curve B-571 (FIPS PUB 186-2, App. 6) */ + { + "NIST curve B-571", + "800000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000425", + "0000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000001", + "02F40E7E2221F295" + "DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA5933" + "2BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A", + "0303001D34B85629" + "6C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293" + "CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19", + "037BF27342DA639B" + "6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A57" + "6291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B", + 1, + "03FFFFFFFFFFFFFF" + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18" + "FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", + "2", 571 + } +}; + +static int char2_curve_test(int n) +{ + int r = 0; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL; + BIGNUM *x = NULL, *y = NULL, *z = NULL, *cof = NULL, *yplusone = NULL; + EC_GROUP *group = NULL, *variable = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + const EC_POINT *points[3]; + const BIGNUM *scalars[3]; + struct c2_curve_test *const test = char2_curve_tests + n; + + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(z = BN_new()) + || !TEST_ptr(yplusone = BN_new()) + || !TEST_true(BN_hex2bn(&p, test->p)) + || !TEST_true(BN_hex2bn(&a, test->a)) + || !TEST_true(BN_hex2bn(&b, test->b)) + || !TEST_true(group = EC_GROUP_new(EC_GF2m_simple_method())) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_true(BN_hex2bn(&x, test->x)) + || !TEST_true(BN_hex2bn(&y, test->y)) + || !TEST_true(BN_add(yplusone, y, BN_value_one()))) + goto err; + +/* Change test based on whether binary point compression is enabled or not. */ +# ifdef OPENSSL_EC_BIN_PT_COMP + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (!TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, ctx)) + || !TEST_true(EC_POINT_set_compressed_coordinates(group, P, x, + test->y_bit, + ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, test->order)) + || !TEST_true(BN_hex2bn(&cof, test->cof)) + || !TEST_true(EC_GROUP_set_generator(group, P, z, cof)) + || !TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, ctx))) + goto err; + TEST_info("%s -- Generator", test->name); + test_output_bignum("x", x); + test_output_bignum("y", y); + /* G_y value taken from the standard: */ + if (!TEST_true(BN_hex2bn(&z, test->y)) + || !TEST_BN_eq(y, z)) + goto err; +# else + /* + * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, + * and therefore setting the coordinates should fail. + */ + if (!TEST_false(EC_POINT_set_affine_coordinates(group, P, x, yplusone, ctx)) + || !TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(BN_hex2bn(&z, test->order)) + || !TEST_true(BN_hex2bn(&cof, test->cof)) + || !TEST_true(EC_GROUP_set_generator(group, P, z, cof))) + goto err; + TEST_info("%s -- Generator:", test->name); + test_output_bignum("x", x); + test_output_bignum("y", y); +# endif + + if (!TEST_int_eq(EC_GROUP_get_degree(group), test->degree) + || !group_order_tests(group) + || !TEST_ptr(variable = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(variable, group))) + goto err; + + /* more tests using the last curve */ + if (n == OSSL_NELEM(char2_curve_tests) - 1) { + if (!TEST_true(EC_POINT_set_affine_coordinates(group, P, x, y, ctx)) + || !TEST_true(EC_POINT_copy(Q, P)) + || !TEST_false(EC_POINT_is_at_infinity(group, Q)) + || !TEST_true(EC_POINT_dbl(group, P, P, ctx)) + || !TEST_int_gt(EC_POINT_is_on_curve(group, P, ctx), 0) + || !TEST_true(EC_POINT_invert(group, Q, ctx)) /* P = -2Q */ + || !TEST_true(EC_POINT_add(group, R, P, Q, ctx)) + || !TEST_true(EC_POINT_add(group, R, R, Q, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, R)) /* R = P + 2Q */ + || !TEST_false(EC_POINT_is_at_infinity(group, Q))) + goto err; - if (EC_POINT_is_at_infinity(group, Q)) - ABORT; points[0] = Q; points[1] = Q; points[2] = Q; - points[3] = Q; - - if (!EC_GROUP_get_order(group, z, ctx)) - ABORT; - if (!BN_add(y, z, BN_value_one())) - ABORT; - if (BN_is_odd(y)) - ABORT; - if (!BN_rshift1(y, y)) - ABORT; + + if (!TEST_true(BN_add(y, z, BN_value_one())) + || !TEST_BN_even(y) + || !TEST_true(BN_rshift1(y, y))) + goto err; scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ scalars[1] = y; - fprintf(stdout, "combined multiplication ..."); - fflush(stdout); + TEST_note("combined multiplication ..."); /* z is still the group order */ - if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) - ABORT; - if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, R, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, R, Q, ctx)) - ABORT; - - fprintf(stdout, "."); - fflush(stdout); - - if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) - ABORT; - if (!BN_add(z, z, y)) - ABORT; + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, R, Q, ctx))) + goto err; + + if (!TEST_true(BN_rand(y, BN_num_bits(y), 0, 0)) + || !TEST_true(BN_add(z, z, y))) + goto err; BN_set_negative(z, 1); scalars[0] = y; scalars[1] = z; /* z = -(order + y) */ - if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; - fprintf(stdout, "."); - fflush(stdout); - - if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) - ABORT; - if (!BN_add(z, x, y)) - ABORT; + if (!TEST_true(BN_rand(x, BN_num_bits(y) - 1, 0, 0)) + || !TEST_true(BN_add(z, x, y))) + goto err; BN_set_negative(z, 1); scalars[0] = x; scalars[1] = y; scalars[2] = z; /* z = -(x+y) */ - scalar3 = BN_new(); - if (!scalar3) - ABORT; - BN_zero(scalar3); - scalars[3] = scalar3; - - if (!EC_POINTs_mul(group, P, NULL, 4, points, scalars, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; - - fprintf(stdout, " ok\n\n"); - - BN_free(scalar3); + if (!TEST_true(EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err;; } + r = 1; +err: BN_CTX_free(ctx); BN_free(p); BN_free(a); BN_free(b); - EC_GROUP_free(group); - EC_POINT_free(P); - EC_POINT_free(Q); - EC_POINT_free(R); BN_free(x); BN_free(y); BN_free(z); BN_free(yplusone); - - EC_GROUP_free(P_160); - EC_GROUP_free(P_192); - EC_GROUP_free(P_224); - EC_GROUP_free(P_256); - EC_GROUP_free(P_384); - EC_GROUP_free(P_521); - + BN_free(cof); + EC_POINT_free(P); + EC_POINT_free(Q); + EC_POINT_free(R); + EC_GROUP_free(group); + EC_GROUP_free(variable); + return r; } -/* Change test based on whether binary point compression is enabled or not. */ -# ifdef OPENSSL_EC_BIN_PT_COMP -# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ - if (!BN_hex2bn(&x, _x)) ABORT; \ - if (!BN_hex2bn(&y, _y)) ABORT; \ - if (!BN_add(yplusone, y, BN_value_one())) ABORT; \ - /* \ - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, \ - * and therefore setting the coordinates should fail. \ - */ \ - if (EC_POINT_set_affine_coordinates_GF2m(group, P, x, yplusone, ctx)) ABORT; \ - if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ - if (!BN_hex2bn(&z, _order)) ABORT; \ - if (!BN_hex2bn(&cof, _cof)) ABORT; \ - if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ - if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ - fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ - BN_print_fp(stdout, x); \ - fprintf(stdout, "\n y = 0x"); \ - BN_print_fp(stdout, y); \ - fprintf(stdout, "\n"); \ - /* G_y value taken from the standard: */ \ - if (!BN_hex2bn(&z, _y)) ABORT; \ - if (0 != BN_cmp(y, z)) ABORT; -# else -# define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ - if (!BN_hex2bn(&x, _x)) ABORT; \ - if (!BN_hex2bn(&y, _y)) ABORT; \ - if (!BN_add(yplusone, y, BN_value_one())) ABORT; \ - /* \ - * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, \ - * and therefore setting the coordinates should fail. \ - */ \ - if (EC_POINT_set_affine_coordinates_GF2m(group, P, x, yplusone, ctx)) ABORT; \ - if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ - if (!BN_hex2bn(&z, _order)) ABORT; \ - if (!BN_hex2bn(&cof, _cof)) ABORT; \ - if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ - fprintf(stdout, "\n%s -- Generator:\n x = 0x", _name); \ - BN_print_fp(stdout, x); \ - fprintf(stdout, "\n y = 0x"); \ - BN_print_fp(stdout, y); \ - fprintf(stdout, "\n"); -# endif - -# define CHAR2_CURVE_TEST(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ - if (!BN_hex2bn(&p, _p)) ABORT; \ - if (!BN_hex2bn(&a, _a)) ABORT; \ - if (!BN_hex2bn(&b, _b)) ABORT; \ - if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) ABORT; \ - CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ - fprintf(stdout, "verify degree ..."); \ - if (EC_GROUP_get_degree(group) != _degree) ABORT; \ - fprintf(stdout, " ok\n"); \ - group_order_tests(group); \ - if ((_variable = EC_GROUP_new(EC_GROUP_method_of(group))) == NULL) ABORT; \ - if (!EC_GROUP_copy(_variable, group)) ABORT; \ - -# ifndef OPENSSL_NO_EC2M - -static void char2_field_tests(void) +static int char2_field_tests(void) { BN_CTX *ctx = NULL; - BIGNUM *p, *a, *b; - EC_GROUP *group; - EC_GROUP *C2_K163 = NULL, *C2_K233 = NULL, *C2_K283 = NULL, *C2_K409 = - NULL, *C2_K571 = NULL; - EC_GROUP *C2_B163 = NULL, *C2_B233 = NULL, *C2_B283 = NULL, *C2_B409 = - NULL, *C2_B571 = NULL; - EC_POINT *P, *Q, *R; - BIGNUM *x, *y, *z, *cof, *yplusone; + BIGNUM *p = NULL, *a = NULL, *b = NULL; + EC_GROUP *group = NULL, *tmp = NULL; + EC_POINT *P = NULL, *Q = NULL, *R = NULL; + BIGNUM *x = NULL, *y = NULL, *z = NULL, *cof = NULL, *yplusone = NULL; unsigned char buf[100]; - size_t i, len; - int k; - - ctx = BN_CTX_new(); - if (!ctx) - ABORT; - - p = BN_new(); - a = BN_new(); - b = BN_new(); - if (p == NULL || a == NULL || b == NULL) - ABORT; - - if (!BN_hex2bn(&p, "13")) - ABORT; - if (!BN_hex2bn(&a, "3")) - ABORT; - if (!BN_hex2bn(&b, "1")) - ABORT; + size_t len; + int k, r = 0; + + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_true(BN_hex2bn(&p, "13")) + || !TEST_true(BN_hex2bn(&a, "3")) + || !TEST_true(BN_hex2bn(&b, "1"))) + goto err; group = EC_GROUP_new(EC_GF2m_simple_method()); /* applications should use * EC_GROUP_new_curve_GF2m * so that the library gets * to choose the EC_METHOD */ - if (!group) - ABORT; - if (!EC_GROUP_set_curve_GF2m(group, p, a, b, ctx)) - ABORT; + if (!TEST_ptr(group) + || !TEST_true(EC_GROUP_set_curve(group, p, a, b, ctx)) + || !TEST_ptr(tmp = EC_GROUP_new(EC_GROUP_method_of(group))) + || !TEST_true(EC_GROUP_copy(tmp, group))) + goto err; + EC_GROUP_free(group); + group = tmp; + tmp = NULL; - { - EC_GROUP *tmp; - tmp = EC_GROUP_new(EC_GROUP_method_of(group)); - if (!tmp) - ABORT; - if (!EC_GROUP_copy(tmp, group)) - ABORT; - EC_GROUP_free(group); - group = tmp; - } + if (!TEST_true(EC_GROUP_get_curve(group, p, a, b, ctx))) + goto err; + + TEST_info("Curve defined by Weierstrass equation"); + TEST_note(" y^2 + x*y = x^3 + a*x^2 + b (mod p)"); + test_output_bignum("a", a); + test_output_bignum("b", b); + test_output_bignum("p", p); - if (!EC_GROUP_get_curve_GF2m(group, p, a, b, ctx)) - ABORT; - - fprintf(stdout, - "Curve defined by Weierstrass equation\n y^2 + x*y = x^3 + a*x^2 + b (mod 0x"); - BN_print_fp(stdout, p); - fprintf(stdout, ")\n a = 0x"); - BN_print_fp(stdout, a); - fprintf(stdout, "\n b = 0x"); - BN_print_fp(stdout, b); - fprintf(stdout, "\n(0x... means binary polynomial)\n"); - - P = EC_POINT_new(group); - Q = EC_POINT_new(group); - R = EC_POINT_new(group); - if (!P || !Q || !R) - ABORT; - - if (!EC_POINT_set_to_infinity(group, P)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_ptr(P = EC_POINT_new(group)) + || !TEST_ptr(Q = EC_POINT_new(group)) + || !TEST_ptr(R = EC_POINT_new(group)) + || !TEST_true(EC_POINT_set_to_infinity(group, P)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; buf[0] = 0; - if (!EC_POINT_oct2point(group, Q, buf, 1, ctx)) - ABORT; - - if (!EC_POINT_add(group, P, P, Q, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; - - x = BN_new(); - y = BN_new(); - z = BN_new(); - cof = BN_new(); - yplusone = BN_new(); - if (x == NULL || y == NULL || z == NULL || cof == NULL || yplusone == NULL) - ABORT; - - if (!BN_hex2bn(&x, "6")) - ABORT; + if (!TEST_true(EC_POINT_oct2point(group, Q, buf, 1, ctx)) + || !TEST_true(EC_POINT_add(group, P, P, Q, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P)) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(z = BN_new()) + || !TEST_ptr(cof = BN_new()) + || !TEST_ptr(yplusone = BN_new()) + || !TEST_true(BN_hex2bn(&x, "6")) /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP - if (!EC_POINT_set_compressed_coordinates_GF2m(group, Q, x, 1, ctx)) - ABORT; + || !TEST_true(EC_POINT_set_compressed_coordinates(group, Q, x, 1, ctx)) # else - if (!BN_hex2bn(&y, "8")) - ABORT; - if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) - ABORT; + || !TEST_true(BN_hex2bn(&y, "8")) + || !TEST_true(EC_POINT_set_affine_coordinates(group, Q, x, y, ctx)) # endif - if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { + ) + goto err; + if (!TEST_int_gt(EC_POINT_is_on_curve(group, Q, ctx), 0)) { /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP - if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) - ABORT; + if (!TEST_true(EC_POINT_get_affine_coordinates(group, Q, x, y, ctx))) + goto err; # endif - fprintf(stderr, "Point is not on curve: x = 0x"); - BN_print_fp(stderr, x); - fprintf(stderr, ", y = 0x"); - BN_print_fp(stderr, y); - fprintf(stderr, "\n"); - ABORT; + TEST_info("Point is not on curve"); + test_output_bignum("x", x); + test_output_bignum("y", y); + goto err; } - fprintf(stdout, "A cyclic subgroup:\n"); + TEST_note("A cyclic subgroup:"); k = 100; do { - if (k-- == 0) - ABORT; + if (!TEST_int_ne(k--, 0)) + goto err; if (EC_POINT_is_at_infinity(group, P)) - fprintf(stdout, " point at infinity\n"); + TEST_note(" point at infinity"); else { - if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x, y, ctx)) - ABORT; - - fprintf(stdout, " x = 0x"); - BN_print_fp(stdout, x); - fprintf(stdout, ", y = 0x"); - BN_print_fp(stdout, y); - fprintf(stdout, "\n"); + if (!TEST_true(EC_POINT_get_affine_coordinates(group, P, x, y, + ctx))) + goto err; + + test_output_bignum("x", x); + test_output_bignum("y", y); } - if (!EC_POINT_copy(R, P)) - ABORT; - if (!EC_POINT_add(group, P, P, Q, ctx)) - ABORT; + if (!TEST_true(EC_POINT_copy(R, P)) + || !TEST_true(EC_POINT_add(group, P, P, Q, ctx))) + goto err; } while (!EC_POINT_is_at_infinity(group, P)); - if (!EC_POINT_add(group, P, Q, R, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; + if (!TEST_true(EC_POINT_add(group, P, Q, R, ctx)) + || !TEST_true(EC_POINT_is_at_infinity(group, P))) + goto err; /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP - len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, buf, - sizeof(buf), ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "Generator as octet string, compressed form:\n "); - for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_COMPRESSED, + buf, sizeof(buf), ctx); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + test_output_memory("Generator as octet string, compressed form:", + buf, len); # endif - len = - EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, buf, - sizeof(buf), ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "\nGenerator as octet string, uncompressed form:\n "); - for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); + len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_UNCOMPRESSED, + buf, sizeof(buf), ctx); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + test_output_memory("Generator as octet string, uncompressed form:", + buf, len); /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP len = EC_POINT_point2oct(group, Q, POINT_CONVERSION_HYBRID, buf, sizeof(buf), ctx); - if (len == 0) - ABORT; - if (!EC_POINT_oct2point(group, P, buf, len, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, Q, ctx)) - ABORT; - fprintf(stdout, "\nGenerator as octet string, hybrid form:\n "); - for (i = 0; i < len; i++) - fprintf(stdout, "%02X", buf[i]); + if (!TEST_size_t_ne(len, 0) + || !TEST_true(EC_POINT_oct2point(group, P, buf, len, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, Q, ctx))) + goto err; + test_output_memory("Generator as octet string, hybrid form:", + buf, len); # endif - fprintf(stdout, "\n"); - - if (!EC_POINT_invert(group, P, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, R, ctx)) - ABORT; - - /* Curve K-163 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve K-163", - "0800000000000000000000000000000000000000C9", - "1", - "1", - "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8", - "0289070FB05D38FF58321F2E800536D538CCDAA3D9", - 1, "04000000000000000000020108A2E0CC0D99F8A5EF", "2", 163, C2_K163); - - /* Curve B-163 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve B-163", - "0800000000000000000000000000000000000000C9", - "1", - "020A601907B8C953CA1481EB10512F78744A3205FD", - "03F0EBA16286A2D57EA0991168D4994637E8343E36", - "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1", - 1, "040000000000000000000292FE77E70C12A4234C33", "2", 163, C2_B163); - - /* Curve K-233 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve K-233", - "020000000000000000000000000000000000000004000000000000000001", - "0", - "1", - "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126", - "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3", - 0, - "008000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF", - "4", 233, C2_K233); - - /* Curve B-233 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve B-233", - "020000000000000000000000000000000000000004000000000000000001", - "000000000000000000000000000000000000000000000000000000000001", - "0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD", - "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B", - "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052", - 1, - "01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", - "2", 233, C2_B233); - - /* Curve K-283 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve K-283", - "0800000000000000000000000000000000000000000000000000000000000000000010A1", - "0", - "1", - "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836", - "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259", - 0, - "01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61", - "4", 283, C2_K283); - - /* Curve B-283 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve B-283", - "0800000000000000000000000000000000000000000000000000000000000000000010A1", - "000000000000000000000000000000000000000000000000000000000000000000000001", - "027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", - "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053", - "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4", - 1, - "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", - "2", 283, C2_B283); + if (!TEST_true(EC_POINT_invert(group, P, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(group, P, R, ctx))) + goto err; - /* Curve K-409 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve K-409", - "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", - "0", - "1", - "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746", - "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B", - 1, - "007FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF", - "4", 409, C2_K409); - - /* Curve B-409 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve B-409", - "02000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000001", - "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", - "0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F", - "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7", - "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706", - 1, - "010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173", - "2", 409, C2_B409); - - /* Curve K-571 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve K-571", - "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", - "0", - "1", - "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972", - "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3", - 0, - "020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001", - "4", 571, C2_K571); - - /* Curve B-571 (FIPS PUB 186-2, App. 6) */ - CHAR2_CURVE_TEST - ("NIST curve B-571", - "80000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000425", - "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001", - "02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A", - "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19", - "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B", - 1, - "03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47", - "2", 571, C2_B571); - - /* more tests using the last curve */ - - if (!EC_POINT_copy(Q, P)) - ABORT; - if (EC_POINT_is_at_infinity(group, Q)) - ABORT; - if (!EC_POINT_dbl(group, P, P, ctx)) - ABORT; - if (EC_POINT_is_on_curve(group, P, ctx) <= 0) - ABORT; - if (!EC_POINT_invert(group, Q, ctx)) - ABORT; /* P = -2Q */ - - if (!EC_POINT_add(group, R, P, Q, ctx)) - ABORT; - if (!EC_POINT_add(group, R, R, Q, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, R)) - ABORT; /* R = P + 2Q */ - - { - const EC_POINT *points[3]; - const BIGNUM *scalars[3]; - - if (EC_POINT_is_at_infinity(group, Q)) - ABORT; - points[0] = Q; - points[1] = Q; - points[2] = Q; - - if (!BN_add(y, z, BN_value_one())) - ABORT; - if (BN_is_odd(y)) - ABORT; - if (!BN_rshift1(y, y)) - ABORT; - scalars[0] = y; /* (group order + 1)/2, so y*Q + y*Q = Q */ - scalars[1] = y; - - fprintf(stdout, "combined multiplication ..."); - fflush(stdout); - - /* z is still the group order */ - if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) - ABORT; - if (!EC_POINTs_mul(group, R, z, 2, points, scalars, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, P, R, ctx)) - ABORT; - if (0 != EC_POINT_cmp(group, R, Q, ctx)) - ABORT; - - fprintf(stdout, "."); - fflush(stdout); - - if (!BN_pseudo_rand(y, BN_num_bits(y), 0, 0)) - ABORT; - if (!BN_add(z, z, y)) - ABORT; - BN_set_negative(z, 1); - scalars[0] = y; - scalars[1] = z; /* z = -(order + y) */ - - if (!EC_POINTs_mul(group, P, NULL, 2, points, scalars, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; - - fprintf(stdout, "."); - fflush(stdout); - - if (!BN_pseudo_rand(x, BN_num_bits(y) - 1, 0, 0)) - ABORT; - if (!BN_add(z, x, y)) - ABORT; - BN_set_negative(z, 1); - scalars[0] = x; - scalars[1] = y; - scalars[2] = z; /* z = -(x+y) */ - - if (!EC_POINTs_mul(group, P, NULL, 3, points, scalars, ctx)) - ABORT; - if (!EC_POINT_is_at_infinity(group, P)) - ABORT; - - fprintf(stdout, " ok\n\n"); - } + TEST_note("\n"); + r = 1; +err: BN_CTX_free(ctx); BN_free(p); BN_free(a); BN_free(b); EC_GROUP_free(group); + EC_GROUP_free(tmp); EC_POINT_free(P); EC_POINT_free(Q); EC_POINT_free(R); @@ -1378,89 +1122,41 @@ static void char2_field_tests(void) BN_free(z); BN_free(cof); BN_free(yplusone); - - EC_GROUP_free(C2_K163); - EC_GROUP_free(C2_B163); - EC_GROUP_free(C2_K233); - EC_GROUP_free(C2_B233); - EC_GROUP_free(C2_K283); - EC_GROUP_free(C2_B283); - EC_GROUP_free(C2_K409); - EC_GROUP_free(C2_B409); - EC_GROUP_free(C2_K571); - EC_GROUP_free(C2_B571); - + return r; } # endif -static void internal_curve_test(void) +static int internal_curve_test(int n) { - EC_builtin_curve *curves = NULL; - size_t crv_len = 0, n = 0; - int ok = 1; + EC_GROUP *group = NULL; + int nid = curves[n].nid; - crv_len = EC_get_builtin_curves(NULL, 0); - curves = OPENSSL_malloc(sizeof(*curves) * crv_len); - if (curves == NULL) - return; - - if (!EC_get_builtin_curves(curves, crv_len)) { - OPENSSL_free(curves); - return; + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) { + TEST_info("EC_GROUP_new_curve_name() failed with curve %s\n", + OBJ_nid2sn(nid)); + return 0; } - - fprintf(stdout, "testing internal curves: "); - - for (n = 0; n < crv_len; n++) { - EC_GROUP *group = NULL; - int nid = curves[n].nid; - if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) { - ok = 0; - fprintf(stdout, "\nEC_GROUP_new_curve_name() failed with" - " curve %s\n", OBJ_nid2sn(nid)); - /* try next curve */ - continue; - } - if (!EC_GROUP_check(group, NULL)) { - ok = 0; - fprintf(stdout, "\nEC_GROUP_check() failed with" - " curve %s\n", OBJ_nid2sn(nid)); - EC_GROUP_free(group); - /* try the next curve */ - continue; - } - fprintf(stdout, "."); - fflush(stdout); + if (!TEST_true(EC_GROUP_check(group, NULL))) { + TEST_info("EC_GROUP_check() failed with curve %s\n", OBJ_nid2sn(nid)); EC_GROUP_free(group); + return 0; } - if (ok) - fprintf(stdout, " ok\n\n"); - else { - fprintf(stdout, " failed\n\n"); - ABORT; - } + EC_GROUP_free(group); + return 1; +} - /* Test all built-in curves and let the library choose the EC_METHOD */ - for (n = 0; n < crv_len; n++) { - EC_GROUP *group = NULL; - int nid = curves[n].nid; - /* - * Skip for X25519 because low level operations such as EC_POINT_mul() - * are not supported for this curve - */ - if (nid == NID_X25519) - continue; - fprintf(stdout, "%s:\n", OBJ_nid2sn(nid)); - fflush(stdout); - if ((group = EC_GROUP_new_by_curve_name(nid)) == NULL) { - ABORT; - } - group_order_tests(group); - EC_GROUP_free(group); - } +static int internal_curve_test_method(int n) +{ + int r, nid = curves[n].nid; + EC_GROUP *group; - OPENSSL_free(curves); - return; + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))) { + TEST_info("Curve %s failed\n", OBJ_nid2sn(nid)); + return 0; + } + r = group_order_tests(group); + EC_GROUP_free(group); + return r; } # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 @@ -1469,7 +1165,7 @@ static void internal_curve_test(void) * implementations of several NIST curves with characteristic > 3. */ struct nistp_test_params { - const EC_METHOD *(*meth) (); + const EC_METHOD *(*meth) (void); int degree; /* * Qx, Qy and D are taken from @@ -1531,160 +1227,165 @@ static const struct nistp_test_params nistp_tests_params[] = { EC_GFp_nistp521_method, 521, /* p */ - "1ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "1ff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", /* a */ - "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", + "1ff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffc", /* b */ - "051953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e156193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", + "051" + "953eb9618e1c9a1f929a21a0b68540eea2da725b99b315f3b8b489918ef109e1" + "56193951ec7e937b1652c0bd3bb1bf073573df883d2c34f1ef451fd46b503f00", /* Qx */ - "0098e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", + "0098" + "e91eef9a68452822309c52fab453f5f117c1da8ed796b255e9ab8f6410cca16e" + "59df403a6bdc6ca467a37056b1e54b3005d8ac030decfeb68df18b171885d5c4", /* Qy */ - "0164350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", + "0164" + "350c321aecfc1cca1ba4364c9b15656150b4b78d6a48d7d28e7f31985ef17be8" + "554376b72900712c4b83ad668327231526e313f5f092999a4632fd50d946bc2e", /* Gx */ - "c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", + "c6" + "858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dba" + "a14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", /* Gy */ - "11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", + "118" + "39296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c" + "97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", /* order */ - "1fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", + "1ff" + "fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffa" + "51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb71e91386409", /* d */ - "0100085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eeedf09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", + "0100" + "085f47b8e1b8b11b7eb33028c0b2888e304bfc98501955b45bba1478dc184eee" + "df09b86a5f7c21994406072787205e69a63709fe35aa93ba333514b24f961722", }, }; -static void nistp_single_test(const struct nistp_test_params *test) +static int nistp_single_test(int idx) { - BN_CTX *ctx; - BIGNUM *p, *a, *b, *x, *y, *n, *m, *order, *yplusone; - EC_GROUP *NISTP; - EC_POINT *G, *P, *Q, *Q_CHECK; - - fprintf(stdout, "\nNIST curve P-%d (optimised implementation):\n", - test->degree); - ctx = BN_CTX_new(); - p = BN_new(); - a = BN_new(); - b = BN_new(); - x = BN_new(); - y = BN_new(); - m = BN_new(); - n = BN_new(); - order = BN_new(); - yplusone = BN_new(); - - NISTP = EC_GROUP_new(test->meth()); - if (!NISTP) - ABORT; - if (!BN_hex2bn(&p, test->p)) - ABORT; - if (1 != BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) - ABORT; - if (!BN_hex2bn(&a, test->a)) - ABORT; - if (!BN_hex2bn(&b, test->b)) - ABORT; - if (!EC_GROUP_set_curve_GFp(NISTP, p, a, b, ctx)) - ABORT; - G = EC_POINT_new(NISTP); - P = EC_POINT_new(NISTP); - Q = EC_POINT_new(NISTP); - Q_CHECK = EC_POINT_new(NISTP); - if (!BN_hex2bn(&x, test->Qx)) - ABORT; - if (!BN_hex2bn(&y, test->Qy)) - ABORT; - if (!BN_add(yplusone, y, BN_value_one())) - ABORT; + const struct nistp_test_params *test = nistp_tests_params + idx; + BN_CTX *ctx = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL, *x = NULL, *y = NULL; + BIGNUM *n = NULL, *m = NULL, *order = NULL, *yplusone = NULL; + EC_GROUP *NISTP = NULL; + EC_POINT *G = NULL, *P = NULL, *Q = NULL, *Q_CHECK = NULL; + int r = 0; + + TEST_note("NIST curve P-%d (optimised implementation):", + test->degree); + if (!TEST_ptr(ctx = BN_CTX_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(x = BN_new()) + || !TEST_ptr(y = BN_new()) + || !TEST_ptr(m = BN_new()) + || !TEST_ptr(n = BN_new()) + || !TEST_ptr(order = BN_new()) + || !TEST_ptr(yplusone = BN_new()) + + || !TEST_ptr(NISTP = EC_GROUP_new(test->meth())) + || !TEST_true(BN_hex2bn(&p, test->p)) + || !TEST_int_eq(1, BN_is_prime_ex(p, BN_prime_checks, ctx, NULL)) + || !TEST_true(BN_hex2bn(&a, test->a)) + || !TEST_true(BN_hex2bn(&b, test->b)) + || !TEST_true(EC_GROUP_set_curve(NISTP, p, a, b, ctx)) + || !TEST_ptr(G = EC_POINT_new(NISTP)) + || !TEST_ptr(P = EC_POINT_new(NISTP)) + || !TEST_ptr(Q = EC_POINT_new(NISTP)) + || !TEST_ptr(Q_CHECK = EC_POINT_new(NISTP)) + || !TEST_true(BN_hex2bn(&x, test->Qx)) + || !TEST_true(BN_hex2bn(&y, test->Qy)) + || !TEST_true(BN_add(yplusone, y, BN_value_one())) /* * When (x, y) is on the curve, (x, y + 1) is, as it happens, not, * and therefore setting the coordinates should fail. */ - if (EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, yplusone, ctx)) - ABORT; - if (!EC_POINT_set_affine_coordinates_GFp(NISTP, Q_CHECK, x, y, ctx)) - ABORT; - if (!BN_hex2bn(&x, test->Gx)) - ABORT; - if (!BN_hex2bn(&y, test->Gy)) - ABORT; - if (!EC_POINT_set_affine_coordinates_GFp(NISTP, G, x, y, ctx)) - ABORT; - if (!BN_hex2bn(&order, test->order)) - ABORT; - if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) - ABORT; - - fprintf(stdout, "verify degree ... "); - if (EC_GROUP_get_degree(NISTP) != test->degree) - ABORT; - fprintf(stdout, "ok\n"); - - fprintf(stdout, "NIST test vectors ... "); - if (!BN_hex2bn(&n, test->d)) - ABORT; + || !TEST_false(EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, + yplusone, ctx)) + || !TEST_true(EC_POINT_set_affine_coordinates(NISTP, Q_CHECK, x, y, + ctx)) + || !TEST_true(BN_hex2bn(&x, test->Gx)) + || !TEST_true(BN_hex2bn(&y, test->Gy)) + || !TEST_true(EC_POINT_set_affine_coordinates(NISTP, G, x, y, ctx)) + || !TEST_true(BN_hex2bn(&order, test->order)) + || !TEST_true(EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) + || !TEST_int_eq(EC_GROUP_get_degree(NISTP), test->degree)) + goto err; + + TEST_note("NIST test vectors ... "); + if (!TEST_true(BN_hex2bn(&n, test->d))) + goto err; /* fixed point multiplication */ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; /* random point multiplication */ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; - - /* set generator to P = 2*G, where G is the standard generator */ - if (!EC_POINT_dbl(NISTP, P, G, ctx)) - ABORT; - if (!EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) - ABORT; - /* set the scalar to m=n/2, where n is the NIST test scalar */ - if (!BN_rshift(m, n, 1)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) + + /* set generator to P = 2*G, where G is the standard generator */ + || !TEST_true(EC_POINT_dbl(NISTP, P, G, ctx)) + || !TEST_true(EC_GROUP_set_generator(NISTP, P, order, BN_value_one())) + /* set the scalar to m=n/2, where n is the NIST test scalar */ + || !TEST_true(BN_rshift(m, n, 1))) + goto err; /* test the non-standard generator */ /* fixed point multiplication */ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; /* random point multiplication */ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) /* * We have not performed precomputation so have_precompute mult should be * false */ - if (EC_GROUP_have_precompute_mult(NISTP)) - ABORT; + || !TEST_false(EC_GROUP_have_precompute_mult(NISTP)) /* now repeat all tests with precomputation */ - if (!EC_GROUP_precompute_mult(NISTP, ctx)) - ABORT; - if (!EC_GROUP_have_precompute_mult(NISTP)) - ABORT; + || !TEST_true(EC_GROUP_precompute_mult(NISTP, ctx)) + || !TEST_true(EC_GROUP_have_precompute_mult(NISTP))) + goto err; /* fixed point multiplication */ EC_POINT_mul(NISTP, Q, m, NULL, NULL, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; /* random point multiplication */ EC_POINT_mul(NISTP, Q, NULL, P, m, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) /* reset generator */ - if (!EC_GROUP_set_generator(NISTP, G, order, BN_value_one())) - ABORT; + || !TEST_true(EC_GROUP_set_generator(NISTP, G, order, BN_value_one()))) + goto err; /* fixed point multiplication */ EC_POINT_mul(NISTP, Q, n, NULL, NULL, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; /* random point multiplication */ EC_POINT_mul(NISTP, Q, NULL, G, n, ctx); - if (0 != EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx)) - ABORT; - - fprintf(stdout, "ok\n"); - group_order_tests(NISTP); + if (!TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, Q_CHECK, ctx))) + goto err; + + /* regression test for felem_neg bug */ + if (!TEST_true(BN_set_word(m, 32)) + || !TEST_true(BN_set_word(n, 31)) + || !TEST_true(EC_POINT_copy(P, G)) + || !TEST_true(EC_POINT_invert(NISTP, P, ctx)) + || !TEST_true(EC_POINT_mul(NISTP, Q, m, P, n, ctx)) + || !TEST_int_eq(0, EC_POINT_cmp(NISTP, Q, G, ctx))) + goto err; + + r = group_order_tests(NISTP); +err: EC_GROUP_free(NISTP); EC_POINT_free(G); EC_POINT_free(P); @@ -1700,77 +1401,125 @@ static void nistp_single_test(const struct nistp_test_params *test) BN_free(order); BN_free(yplusone); BN_CTX_free(ctx); + return r; } +# endif -static void nistp_tests() -{ - unsigned i; +static const unsigned char p521_named[] = { + 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23, +}; - for (i = 0; i < OSSL_NELEM(nistp_tests_params); i++) { - nistp_single_test(&nistp_tests_params[i]); - } -} -# endif +static const unsigned char p521_explicit[] = { + 0x30, 0x82, 0x01, 0xc3, 0x02, 0x01, 0x01, 0x30, 0x4d, 0x06, 0x07, 0x2a, + 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x42, 0x01, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0x30, 0x81, 0x9f, 0x04, 0x42, 0x01, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xfc, 0x04, 0x42, 0x00, 0x51, 0x95, 0x3e, 0xb9, 0x61, 0x8e, 0x1c, 0x9a, + 0x1f, 0x92, 0x9a, 0x21, 0xa0, 0xb6, 0x85, 0x40, 0xee, 0xa2, 0xda, 0x72, + 0x5b, 0x99, 0xb3, 0x15, 0xf3, 0xb8, 0xb4, 0x89, 0x91, 0x8e, 0xf1, 0x09, + 0xe1, 0x56, 0x19, 0x39, 0x51, 0xec, 0x7e, 0x93, 0x7b, 0x16, 0x52, 0xc0, + 0xbd, 0x3b, 0xb1, 0xbf, 0x07, 0x35, 0x73, 0xdf, 0x88, 0x3d, 0x2c, 0x34, + 0xf1, 0xef, 0x45, 0x1f, 0xd4, 0x6b, 0x50, 0x3f, 0x00, 0x03, 0x15, 0x00, + 0xd0, 0x9e, 0x88, 0x00, 0x29, 0x1c, 0xb8, 0x53, 0x96, 0xcc, 0x67, 0x17, + 0x39, 0x32, 0x84, 0xaa, 0xa0, 0xda, 0x64, 0xba, 0x04, 0x81, 0x85, 0x04, + 0x00, 0xc6, 0x85, 0x8e, 0x06, 0xb7, 0x04, 0x04, 0xe9, 0xcd, 0x9e, 0x3e, + 0xcb, 0x66, 0x23, 0x95, 0xb4, 0x42, 0x9c, 0x64, 0x81, 0x39, 0x05, 0x3f, + 0xb5, 0x21, 0xf8, 0x28, 0xaf, 0x60, 0x6b, 0x4d, 0x3d, 0xba, 0xa1, 0x4b, + 0x5e, 0x77, 0xef, 0xe7, 0x59, 0x28, 0xfe, 0x1d, 0xc1, 0x27, 0xa2, 0xff, + 0xa8, 0xde, 0x33, 0x48, 0xb3, 0xc1, 0x85, 0x6a, 0x42, 0x9b, 0xf9, 0x7e, + 0x7e, 0x31, 0xc2, 0xe5, 0xbd, 0x66, 0x01, 0x18, 0x39, 0x29, 0x6a, 0x78, + 0x9a, 0x3b, 0xc0, 0x04, 0x5c, 0x8a, 0x5f, 0xb4, 0x2c, 0x7d, 0x1b, 0xd9, + 0x98, 0xf5, 0x44, 0x49, 0x57, 0x9b, 0x44, 0x68, 0x17, 0xaf, 0xbd, 0x17, + 0x27, 0x3e, 0x66, 0x2c, 0x97, 0xee, 0x72, 0x99, 0x5e, 0xf4, 0x26, 0x40, + 0xc5, 0x50, 0xb9, 0x01, 0x3f, 0xad, 0x07, 0x61, 0x35, 0x3c, 0x70, 0x86, + 0xa2, 0x72, 0xc2, 0x40, 0x88, 0xbe, 0x94, 0x76, 0x9f, 0xd1, 0x66, 0x50, + 0x02, 0x42, 0x01, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfa, + 0x51, 0x86, 0x87, 0x83, 0xbf, 0x2f, 0x96, 0x6b, 0x7f, 0xcc, 0x01, 0x48, + 0xf7, 0x09, 0xa5, 0xd0, 0x3b, 0xb5, 0xc9, 0xb8, 0x89, 0x9c, 0x47, 0xae, + 0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01, +}; -static void parameter_test(void) +static int parameter_test(void) { - EC_GROUP *group, *group2; - ECPARAMETERS *ecparameters; + EC_GROUP *group = NULL, *group2 = NULL; + ECPARAMETERS *ecparameters = NULL; + unsigned char *buf = NULL; + int r = 0, len; - fprintf(stderr, "\ntesting ecparameters conversion ..."); + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp112r1)) + || !TEST_ptr(ecparameters = EC_GROUP_get_ecparameters(group, NULL)) + || !TEST_ptr(group2 = EC_GROUP_new_from_ecparameters(ecparameters)) + || !TEST_int_eq(EC_GROUP_cmp(group, group2, NULL), 0)) + goto err; - group = EC_GROUP_new_by_curve_name(NID_secp112r1); - if (!group) - ABORT; + EC_GROUP_free(group); + group = NULL; + + /* Test the named curve encoding, which should be default. */ + if (!TEST_ptr(group = EC_GROUP_new_by_curve_name(NID_secp521r1)) + || !TEST_true((len = i2d_ECPKParameters(group, &buf)) >= 0) + || !TEST_mem_eq(buf, len, p521_named, sizeof(p521_named))) + goto err; - ecparameters = EC_GROUP_get_ecparameters(group, NULL); - if (!ecparameters) - ABORT; - group2 = EC_GROUP_new_from_ecparameters(ecparameters); - if (!group2) - ABORT; - if (EC_GROUP_cmp(group, group2, NULL)) - ABORT; + OPENSSL_free(buf); + buf = NULL; - fprintf(stderr, " ok\n"); + /* + * Test the explicit encoding. P-521 requires correctly zero-padding the + * curve coefficients. + */ + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); + if (!TEST_true((len = i2d_ECPKParameters(group, &buf)) >= 0) + || !TEST_mem_eq(buf, len, p521_explicit, sizeof(p521_explicit))) + goto err; + r = 1; +err: EC_GROUP_free(group); EC_GROUP_free(group2); ECPARAMETERS_free(ecparameters); + OPENSSL_free(buf); + return r; } +#endif -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; - -int main(int argc, char *argv[]) +int setup_tests(void) { - char *p; - - p = getenv("OPENSSL_DEBUG_MEMORY"); - if (p != NULL && strcmp(p, "on") == 0) - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or BN_generate_prime may fail */ +#ifndef OPENSSL_NO_EC + crv_len = EC_get_builtin_curves(NULL, 0); + if (!TEST_ptr(curves = OPENSSL_malloc(sizeof(*curves) * crv_len)) + || !TEST_true(EC_get_builtin_curves(curves, crv_len))) + return 0; - prime_field_tests(); - puts(""); + ADD_TEST(parameter_test); + ADD_TEST(prime_field_tests); # ifndef OPENSSL_NO_EC2M - char2_field_tests(); + ADD_TEST(char2_field_tests); + ADD_ALL_TESTS(char2_curve_test, OSSL_NELEM(char2_curve_tests)); # endif # ifndef OPENSSL_NO_EC_NISTP_64_GCC_128 - nistp_tests(); + ADD_ALL_TESTS(nistp_single_test, OSSL_NELEM(nistp_tests_params)); # endif - /* test the internal curves */ - internal_curve_test(); - - parameter_test(); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; + ADD_ALL_TESTS(internal_curve_test, crv_len); + ADD_ALL_TESTS(internal_curve_test_method, crv_len); #endif - - return 0; + return 1; } + +void cleanup_tests(void) +{ +#ifndef OPENSSL_NO_EC + OPENSSL_free(curves); #endif +} diff --git a/deps/openssl/openssl/test/enginetest.c b/deps/openssl/openssl/test/enginetest.c index 0a8c1855e2..be57f16183 100644 --- a/deps/openssl/openssl/test/enginetest.c +++ b/deps/openssl/openssl/test/enginetest.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -9,36 +9,29 @@ #include <stdio.h> #include <string.h> +#include <stdlib.h> #include <openssl/e_os2.h> -#ifdef OPENSSL_NO_ENGINE -int main(int argc, char *argv[]) -{ - printf("No ENGINE support\n"); - return (0); -} -#else +# include "testutil.h" + +#ifndef OPENSSL_NO_ENGINE # include <openssl/buffer.h> # include <openssl/crypto.h> # include <openssl/engine.h> -# include <openssl/err.h> # include <openssl/rsa.h> -# include <openssl/bn.h> +# include <openssl/err.h> static void display_engine_list(void) { ENGINE *h; int loop; - h = ENGINE_get_first(); loop = 0; - printf("listing available engine types\n"); - while (h) { - printf("engine %i, id = \"%s\", name = \"%s\"\n", + for (h = ENGINE_get_first(); h != NULL; h = ENGINE_get_next(h)) { + TEST_info("#%d: id = \"%s\", name = \"%s\"", loop++, ENGINE_get_id(h), ENGINE_get_name(h)); - h = ENGINE_get_next(h); } - printf("end of list\n"); + /* * ENGINE_get_first() increases the struct_ref counter, so we must call * ENGINE_free() to decrease it again @@ -46,6 +39,144 @@ static void display_engine_list(void) ENGINE_free(h); } +#define NUMTOADD 512 + +static int test_engines(void) +{ + ENGINE *block[NUMTOADD]; + char buf[256]; + const char *id, *name; + ENGINE *ptr; + int loop; + int to_return = 0; + ENGINE *new_h1 = NULL; + ENGINE *new_h2 = NULL; + ENGINE *new_h3 = NULL; + ENGINE *new_h4 = NULL; + + memset(block, 0, sizeof(block)); + if (!TEST_ptr(new_h1 = ENGINE_new()) + || !TEST_true(ENGINE_set_id(new_h1, "test_id0")) + || !TEST_true(ENGINE_set_name(new_h1, "First test item")) + || !TEST_ptr(new_h2 = ENGINE_new()) + || !TEST_true(ENGINE_set_id(new_h2, "test_id1")) + || !TEST_true(ENGINE_set_name(new_h2, "Second test item")) + || !TEST_ptr(new_h3 = ENGINE_new()) + || !TEST_true(ENGINE_set_id(new_h3, "test_id2")) + || !TEST_true(ENGINE_set_name(new_h3, "Third test item")) + || !TEST_ptr(new_h4 = ENGINE_new()) + || !TEST_true(ENGINE_set_id(new_h4, "test_id3")) + || !TEST_true(ENGINE_set_name(new_h4, "Fourth test item"))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + if (!TEST_true(ENGINE_add(new_h1))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + ptr = ENGINE_get_first(); + if (!TEST_true(ENGINE_remove(ptr))) + goto end; + ENGINE_free(ptr); + TEST_info("Engines:"); + display_engine_list(); + + if (!TEST_true(ENGINE_add(new_h3)) + || !TEST_true(ENGINE_add(new_h2))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + if (!TEST_true(ENGINE_remove(new_h2))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + if (!TEST_true(ENGINE_add(new_h4))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + /* Should fail. */ + if (!TEST_false(ENGINE_add(new_h3))) + goto end; + ERR_clear_error(); + + /* Should fail. */ + if (!TEST_false(ENGINE_remove(new_h2))) + goto end; + ERR_clear_error(); + + if (!TEST_true(ENGINE_remove(new_h3))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + if (!TEST_true(ENGINE_remove(new_h4))) + goto end; + TEST_info("Engines:"); + display_engine_list(); + + /* + * Depending on whether there's any hardware support compiled in, this + * remove may be destined to fail. + */ + if ((ptr = ENGINE_get_first()) != NULL) { + if (!ENGINE_remove(ptr)) + TEST_info("Remove failed - probably no hardware support present"); + } + ENGINE_free(ptr); + TEST_info("Engines:"); + display_engine_list(); + + if (!TEST_true(ENGINE_add(new_h1)) + || !TEST_true(ENGINE_remove(new_h1))) + goto end; + + TEST_info("About to beef up the engine-type list"); + for (loop = 0; loop < NUMTOADD; loop++) { + sprintf(buf, "id%d", loop); + id = OPENSSL_strdup(buf); + sprintf(buf, "Fake engine type %d", loop); + name = OPENSSL_strdup(buf); + if (!TEST_ptr(block[loop] = ENGINE_new()) + || !TEST_true(ENGINE_set_id(block[loop], id)) + || !TEST_true(ENGINE_set_name(block[loop], name))) + goto end; + } + for (loop = 0; loop < NUMTOADD; loop++) { + if (!TEST_true(ENGINE_add(block[loop]))) { + test_note("Adding stopped at %d, (%s,%s)", + loop, ENGINE_get_id(block[loop]), + ENGINE_get_name(block[loop])); + goto cleanup_loop; + } + } + cleanup_loop: + TEST_info("About to empty the engine-type list"); + while ((ptr = ENGINE_get_first()) != NULL) { + if (!TEST_true(ENGINE_remove(ptr))) + goto end; + ENGINE_free(ptr); + } + for (loop = 0; loop < NUMTOADD; loop++) { + OPENSSL_free((void *)ENGINE_get_id(block[loop])); + OPENSSL_free((void *)ENGINE_get_name(block[loop])); + } + to_return = 1; + + end: + ENGINE_free(new_h1); + ENGINE_free(new_h2); + ENGINE_free(new_h3); + ENGINE_free(new_h4); + for (loop = 0; loop < NUMTOADD; loop++) + ENGINE_free(block[loop]); + return to_return; +} + /* Test EVP_PKEY method */ static EVP_PKEY_METHOD *test_rsa = NULL; @@ -118,123 +249,91 @@ static int test_redirect(void) int to_return = 0; - printf("\nRedirection test\n"); - - if ((pkey = get_test_pkey()) == NULL) { - printf("Get test key failed\n"); + if (!TEST_ptr(pkey = get_test_pkey())) goto err; - } len = EVP_PKEY_size(pkey); - if ((tmp = OPENSSL_malloc(len)) == NULL) { - printf("Buffer alloc failed\n"); + if (!TEST_ptr(tmp = OPENSSL_malloc(len))) goto err; - } - if ((ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) { - printf("Key context allocation failure\n"); + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL))) goto err; - } - printf("EVP_PKEY_encrypt test: no redirection\n"); + TEST_info("EVP_PKEY_encrypt test: no redirection"); /* Encrypt some data: should succeed but not be redirected */ - if (EVP_PKEY_encrypt_init(ctx) <= 0 - || EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)) <= 0 - || called_encrypt) { - printf("Test encryption failure\n"); + if (!TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0) + || !TEST_false(called_encrypt)) goto err; - } EVP_PKEY_CTX_free(ctx); ctx = NULL; /* Create a test ENGINE */ - if ((e = ENGINE_new()) == NULL - || !ENGINE_set_id(e, "Test redirect engine") - || !ENGINE_set_name(e, "Test redirect engine")) { - printf("Redirection engine setup failure\n"); + if (!TEST_ptr(e = ENGINE_new()) + || !TEST_true(ENGINE_set_id(e, "Test redirect engine")) + || !TEST_true(ENGINE_set_name(e, "Test redirect engine"))) goto err; - } /* * Try to create a context for this engine and test key. * Try setting test key engine. Both should fail because the * engine has no public key methods. */ - if (EVP_PKEY_CTX_new(pkey, e) != NULL - || EVP_PKEY_set1_engine(pkey, e) > 0) { - printf("Unexpected redirection success\n"); + if (!TEST_ptr_null(EVP_PKEY_CTX_new(pkey, e)) + || !TEST_int_le(EVP_PKEY_set1_engine(pkey, e), 0)) goto err; - } /* Setup an empty test EVP_PKEY_METHOD and set callback to return it */ - if ((test_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0)) == NULL) { - printf("Test RSA algorithm setup failure\n"); + if (!TEST_ptr(test_rsa = EVP_PKEY_meth_new(EVP_PKEY_RSA, 0))) goto err; - } ENGINE_set_pkey_meths(e, test_pkey_meths); /* Getting a context for test ENGINE should now succeed */ - if ((ctx = EVP_PKEY_CTX_new(pkey, e)) == NULL) { - printf("Redirected context allocation failed\n"); + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, e))) goto err; - } /* Encrypt should fail because operation is not supported */ - if (EVP_PKEY_encrypt_init(ctx) > 0) { - printf("Encryption redirect unexpected success\n"); + if (!TEST_int_le(EVP_PKEY_encrypt_init(ctx), 0)) goto err; - } EVP_PKEY_CTX_free(ctx); ctx = NULL; /* Add test encrypt operation to method */ EVP_PKEY_meth_set_encrypt(test_rsa, 0, test_encrypt); - printf("EVP_PKEY_encrypt test: redirection via EVP_PKEY_CTX_new()\n"); - if ((ctx = EVP_PKEY_CTX_new(pkey, e)) == NULL) { - printf("Redirected context allocation failed\n"); + TEST_info("EVP_PKEY_encrypt test: redirection via EVP_PKEY_CTX_new()"); + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, e))) goto err; - } /* Encrypt some data: should succeed and be redirected */ - if (EVP_PKEY_encrypt_init(ctx) <= 0 - || EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)) <= 0 - || !called_encrypt) { - printf("Redirected key context encryption failed\n"); + if (!TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0) + || !TEST_true(called_encrypt)) goto err; - } EVP_PKEY_CTX_free(ctx); ctx = NULL; called_encrypt = 0; - printf("EVP_PKEY_encrypt test: check default operation not redirected\n"); - /* Create context with default engine: should not be redirected */ - if ((ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL - || EVP_PKEY_encrypt_init(ctx) <= 0 - || EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)) <= 0 - || called_encrypt) { - printf("Unredirected key context encryption failed\n"); + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)) + || !TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0) + || !TEST_false(called_encrypt)) goto err; - } EVP_PKEY_CTX_free(ctx); ctx = NULL; /* Set engine explicitly for test key */ - if (!EVP_PKEY_set1_engine(pkey, e)) { - printf("Key engine set failed\n"); + if (!TEST_true(EVP_PKEY_set1_engine(pkey, e))) goto err; - } - printf("EVP_PKEY_encrypt test: redirection via EVP_PKEY_set1_engine()\n"); + TEST_info("EVP_PKEY_encrypt test: redirection via EVP_PKEY_set1_engine()"); /* Create context with default engine: should be redirected now */ - if ((ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL - || EVP_PKEY_encrypt_init(ctx) <= 0 - || EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)) <= 0 - || !called_encrypt) { - printf("Key redirection failure\n"); + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL)) + || !TEST_int_gt(EVP_PKEY_encrypt_init(ctx), 0) + || !TEST_int_gt(EVP_PKEY_encrypt(ctx, tmp, &len, pt, sizeof(pt)), 0) + || !TEST_true(called_encrypt)) goto err; - } to_return = 1; @@ -245,164 +344,15 @@ static int test_redirect(void) OPENSSL_free(tmp); return to_return; } +#endif -int main(int argc, char *argv[]) +int setup_tests(void) { - ENGINE *block[512]; - char buf[256]; - const char *id, *name, *p; - ENGINE *ptr; - int loop; - int to_return = 1; - ENGINE *new_h1 = NULL; - ENGINE *new_h2 = NULL; - ENGINE *new_h3 = NULL; - ENGINE *new_h4 = NULL; - - p = getenv("OPENSSL_DEBUG_MEMORY"); - if (p != NULL && strcmp(p, "on") == 0) - CRYPTO_set_mem_debug(1); - - memset(block, 0, sizeof(block)); - if (((new_h1 = ENGINE_new()) == NULL) || - !ENGINE_set_id(new_h1, "test_id0") || - !ENGINE_set_name(new_h1, "First test item") || - ((new_h2 = ENGINE_new()) == NULL) || - !ENGINE_set_id(new_h2, "test_id1") || - !ENGINE_set_name(new_h2, "Second test item") || - ((new_h3 = ENGINE_new()) == NULL) || - !ENGINE_set_id(new_h3, "test_id2") || - !ENGINE_set_name(new_h3, "Third test item") || - ((new_h4 = ENGINE_new()) == NULL) || - !ENGINE_set_id(new_h4, "test_id3") || - !ENGINE_set_name(new_h4, "Fourth test item")) { - printf("Couldn't set up test ENGINE structures\n"); - goto end; - } - printf("\nenginetest beginning\n\n"); - display_engine_list(); - if (!ENGINE_add(new_h1)) { - printf("Add failed!\n"); - goto end; - } - display_engine_list(); - ptr = ENGINE_get_first(); - if (!ENGINE_remove(ptr)) { - printf("Remove failed!\n"); - goto end; - } - ENGINE_free(ptr); - display_engine_list(); - if (!ENGINE_add(new_h3) || !ENGINE_add(new_h2)) { - printf("Add failed!\n"); - goto end; - } - display_engine_list(); - if (!ENGINE_remove(new_h2)) { - printf("Remove failed!\n"); - goto end; - } - display_engine_list(); - if (!ENGINE_add(new_h4)) { - printf("Add failed!\n"); - goto end; - } - display_engine_list(); - if (ENGINE_add(new_h3)) { - printf("Add *should* have failed but didn't!\n"); - goto end; - } else - printf("Add that should fail did.\n"); - ERR_clear_error(); - if (ENGINE_remove(new_h2)) { - printf("Remove *should* have failed but didn't!\n"); - goto end; - } else - printf("Remove that should fail did.\n"); - ERR_clear_error(); - if (!ENGINE_remove(new_h3)) { - printf("Remove failed!\n"); - goto end; - } - display_engine_list(); - if (!ENGINE_remove(new_h4)) { - printf("Remove failed!\n"); - goto end; - } - display_engine_list(); - /* - * Depending on whether there's any hardware support compiled in, this - * remove may be destined to fail. - */ - ptr = ENGINE_get_first(); - if (ptr) - if (!ENGINE_remove(ptr)) - printf("Remove failed!i - probably no hardware " - "support present.\n"); - ENGINE_free(ptr); - display_engine_list(); - if (!ENGINE_add(new_h1) || !ENGINE_remove(new_h1)) { - printf("Couldn't add and remove to an empty list!\n"); - goto end; - } else - printf("Successfully added and removed to an empty list!\n"); - printf("About to beef up the engine-type list\n"); - for (loop = 0; loop < 512; loop++) { - sprintf(buf, "id%i", loop); - id = OPENSSL_strdup(buf); - sprintf(buf, "Fake engine type %i", loop); - name = OPENSSL_strdup(buf); - if (((block[loop] = ENGINE_new()) == NULL) || - !ENGINE_set_id(block[loop], id) || - !ENGINE_set_name(block[loop], name)) { - printf("Couldn't create block of ENGINE structures.\n" - "I'll probably also core-dump now, damn.\n"); - goto end; - } - } - for (loop = 0; loop < 512; loop++) { - if (!ENGINE_add(block[loop])) { - printf("\nAdding stopped at %i, (%s,%s)\n", - loop, ENGINE_get_id(block[loop]), - ENGINE_get_name(block[loop])); - goto cleanup_loop; - } else - printf("."); - fflush(stdout); - } - cleanup_loop: - printf("\nAbout to empty the engine-type list\n"); - while ((ptr = ENGINE_get_first()) != NULL) { - if (!ENGINE_remove(ptr)) { - printf("\nRemove failed!\n"); - goto end; - } - ENGINE_free(ptr); - printf("."); - fflush(stdout); - } - for (loop = 0; loop < 512; loop++) { - OPENSSL_free((void *)ENGINE_get_id(block[loop])); - OPENSSL_free((void *)ENGINE_get_name(block[loop])); - } - if (!test_redirect()) - goto end; - printf("\nTests completed happily\n"); - to_return = 0; - end: - if (to_return) - ERR_print_errors_fp(stderr); - ENGINE_free(new_h1); - ENGINE_free(new_h2); - ENGINE_free(new_h3); - ENGINE_free(new_h4); - for (loop = 0; loop < 512; loop++) - ENGINE_free(block[loop]); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - to_return = 1; +#ifdef OPENSSL_NO_ENGINE + TEST_note("No ENGINE support"); +#else + ADD_TEST(test_engines); + ADD_TEST(test_redirect); #endif - return to_return; + return 1; } -#endif diff --git a/deps/openssl/openssl/test/errtest.c b/deps/openssl/openssl/test/errtest.c index df4cddb096..e464d08bc0 100644 --- a/deps/openssl/openssl/test/errtest.c +++ b/deps/openssl/openssl/test/errtest.c @@ -24,17 +24,16 @@ static int preserves_system_error(void) #if defined(OPENSSL_SYS_WINDOWS) SetLastError(ERROR_INVALID_FUNCTION); ERR_get_error(); - return GetLastError() == ERROR_INVALID_FUNCTION; + return TEST_int_eq(GetLastError(), ERROR_INVALID_FUNCTION); #else errno = EINVAL; ERR_get_error(); - return errno == EINVAL; + return TEST_int_eq(errno, EINVAL); #endif } -int main(int argc, char **argv) +int setup_tests(void) { ADD_TEST(preserves_system_error); - - return run_tests(argv[0]); + return 1; } diff --git a/deps/openssl/openssl/test/evp_extra_test.c b/deps/openssl/openssl/test/evp_extra_test.c index bc02fad4f2..e396b07f5f 100644 --- a/deps/openssl/openssl/test/evp_extra_test.c +++ b/deps/openssl/openssl/test/evp_extra_test.c @@ -16,6 +16,11 @@ #include <openssl/evp.h> #include <openssl/rsa.h> #include <openssl/x509.h> +#include <openssl/pem.h> +#include <openssl/kdf.h> +#include "testutil.h" +#include "internal/nelem.h" +#include "internal/evp_int.h" /* * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you @@ -75,6 +80,102 @@ static const unsigned char kExampleRSAKeyDER[] = { 0x2d, 0x86, 0x9d, 0xa5, 0x20, 0x1b, 0xe5, 0xdf, }; +/* + * kExampleBadRSAKeyDER is an RSA private key in ASN.1, DER format. The private + * components are not correct. + */ +static const unsigned char kExampleBadRSAKeyDER[] = { + 0x30, 0x82, 0x04, 0x27, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, + 0xa6, 0x1a, 0x1e, 0x6e, 0x7b, 0xee, 0xc6, 0x89, 0x66, 0xe7, 0x93, 0xef, + 0x54, 0x12, 0x68, 0xea, 0xbf, 0x86, 0x2f, 0xdd, 0xd2, 0x79, 0xb8, 0xa9, + 0x6e, 0x03, 0xc2, 0xa3, 0xb9, 0xa3, 0xe1, 0x4b, 0x2a, 0xb3, 0xf8, 0xb4, + 0xcd, 0xea, 0xbe, 0x24, 0xa6, 0x57, 0x5b, 0x83, 0x1f, 0x0f, 0xf2, 0xd3, + 0xb7, 0xac, 0x7e, 0xd6, 0x8e, 0x6e, 0x1e, 0xbf, 0xb8, 0x73, 0x8c, 0x05, + 0x56, 0xe6, 0x35, 0x1f, 0xe9, 0x04, 0x0b, 0x09, 0x86, 0x7d, 0xf1, 0x26, + 0x08, 0x99, 0xad, 0x7b, 0xc8, 0x4d, 0x94, 0xb0, 0x0b, 0x8b, 0x38, 0xa0, + 0x5c, 0x62, 0xa0, 0xab, 0xd3, 0x8f, 0xd4, 0x09, 0x60, 0x72, 0x1e, 0x33, + 0x50, 0x80, 0x6e, 0x22, 0xa6, 0x77, 0x57, 0x6b, 0x9a, 0x33, 0x21, 0x66, + 0x87, 0x6e, 0x21, 0x7b, 0xc7, 0x24, 0x0e, 0xd8, 0x13, 0xdf, 0x83, 0xde, + 0xcd, 0x40, 0x58, 0x1d, 0x84, 0x86, 0xeb, 0xb8, 0x12, 0x4e, 0xd2, 0xfa, + 0x80, 0x1f, 0xe4, 0xe7, 0x96, 0x29, 0xb8, 0xcc, 0xce, 0x66, 0x6d, 0x53, + 0xca, 0xb9, 0x5a, 0xd7, 0xf6, 0x84, 0x6c, 0x2d, 0x9a, 0x1a, 0x14, 0x1c, + 0x4e, 0x93, 0x39, 0xba, 0x74, 0xed, 0xed, 0x87, 0x87, 0x5e, 0x48, 0x75, + 0x36, 0xf0, 0xbc, 0x34, 0xfb, 0x29, 0xf9, 0x9f, 0x96, 0x5b, 0x0b, 0xa7, + 0x54, 0x30, 0x51, 0x29, 0x18, 0x5b, 0x7d, 0xac, 0x0f, 0xd6, 0x5f, 0x7c, + 0xf8, 0x98, 0x8c, 0xd8, 0x86, 0x62, 0xb3, 0xdc, 0xff, 0x0f, 0xff, 0x7a, + 0xaf, 0x5c, 0x4c, 0x61, 0x49, 0x2e, 0xc8, 0x95, 0x86, 0xc4, 0x0e, 0x87, + 0xfc, 0x1d, 0xcf, 0x8b, 0x7c, 0x61, 0xf6, 0xd8, 0xd0, 0x69, 0xf6, 0xcd, + 0x8a, 0x8c, 0xf6, 0x62, 0xa2, 0x56, 0xa9, 0xe3, 0xd1, 0xcf, 0x4d, 0xa0, + 0xf6, 0x2d, 0x20, 0x0a, 0x04, 0xb7, 0xa2, 0xf7, 0xb5, 0x99, 0x47, 0x18, + 0x56, 0x85, 0x87, 0xc7, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, + 0x01, 0x00, 0x99, 0x41, 0x38, 0x1a, 0xd0, 0x96, 0x7a, 0xf0, 0x83, 0xd5, + 0xdf, 0x94, 0xce, 0x89, 0x3d, 0xec, 0x7a, 0x52, 0x21, 0x10, 0x16, 0x06, + 0xe0, 0xee, 0xd2, 0xe6, 0xfd, 0x4b, 0x7b, 0x19, 0x4d, 0xe1, 0xc0, 0xc0, + 0xd5, 0x14, 0x5d, 0x79, 0xdd, 0x7e, 0x8b, 0x4b, 0xc6, 0xcf, 0xb0, 0x75, + 0x52, 0xa3, 0x2d, 0xb1, 0x26, 0x46, 0x68, 0x9c, 0x0a, 0x1a, 0xf2, 0xe1, + 0x09, 0xac, 0x53, 0x85, 0x8c, 0x36, 0xa9, 0x14, 0x65, 0xea, 0xa0, 0x00, + 0xcb, 0xe3, 0x3f, 0xc4, 0x2b, 0x61, 0x2e, 0x6b, 0x06, 0x69, 0x77, 0xfd, + 0x38, 0x7e, 0x1d, 0x3f, 0x92, 0xe7, 0x77, 0x08, 0x19, 0xa7, 0x9d, 0x29, + 0x2d, 0xdc, 0x42, 0xc6, 0x7c, 0xd7, 0xd3, 0xa8, 0x01, 0x2c, 0xf2, 0xd5, + 0x82, 0x57, 0xcb, 0x55, 0x3d, 0xe7, 0xaa, 0xd2, 0x06, 0x30, 0x30, 0x05, + 0xe6, 0xf2, 0x47, 0x86, 0xba, 0xc6, 0x61, 0x64, 0xeb, 0x4f, 0x2a, 0x5e, + 0x07, 0x29, 0xe0, 0x96, 0xb2, 0x43, 0xff, 0x5f, 0x1a, 0x54, 0x16, 0xcf, + 0xb5, 0x56, 0x5c, 0xa0, 0x9b, 0x0c, 0xfd, 0xb3, 0xd2, 0xe3, 0x79, 0x1d, + 0x21, 0xe2, 0xd6, 0x13, 0xc4, 0x74, 0xa6, 0xf5, 0x8e, 0x8e, 0x81, 0xbb, + 0xb4, 0xad, 0x8a, 0xf0, 0x93, 0x0a, 0xd8, 0x0a, 0x42, 0x36, 0xbc, 0xe5, + 0x26, 0x2a, 0x0d, 0x5d, 0x57, 0x13, 0xc5, 0x4e, 0x2f, 0x12, 0x0e, 0xef, + 0xa7, 0x81, 0x1e, 0xc3, 0xa5, 0xdb, 0xc9, 0x24, 0xeb, 0x1a, 0xa1, 0xf9, + 0xf6, 0xa1, 0x78, 0x98, 0x93, 0x77, 0x42, 0x45, 0x03, 0xe2, 0xc9, 0xa2, + 0xfe, 0x2d, 0x77, 0xc8, 0xc6, 0xac, 0x9b, 0x98, 0x89, 0x6d, 0x9a, 0xe7, + 0x61, 0x63, 0xb7, 0xf2, 0xec, 0xd6, 0xb1, 0xa1, 0x6e, 0x0a, 0x1a, 0xff, + 0xfd, 0x43, 0x28, 0xc3, 0x0c, 0xdc, 0xf2, 0x47, 0x4f, 0x27, 0xaa, 0x99, + 0x04, 0x8e, 0xac, 0xe8, 0x7c, 0x01, 0x02, 0x04, 0x12, 0x34, 0x56, 0x78, + 0x02, 0x81, 0x81, 0x00, 0xca, 0x69, 0xe5, 0xbb, 0x3a, 0x90, 0x82, 0xcb, + 0x82, 0x50, 0x2f, 0x29, 0xe2, 0x76, 0x6a, 0x57, 0x55, 0x45, 0x4e, 0x35, + 0x18, 0x61, 0xe0, 0x12, 0x70, 0xc0, 0xab, 0xc7, 0x80, 0xa2, 0xd4, 0x46, + 0x34, 0x03, 0xa0, 0x19, 0x26, 0x23, 0x9e, 0xef, 0x1a, 0xcb, 0x75, 0xd6, + 0xba, 0x81, 0xf4, 0x7e, 0x52, 0xe5, 0x2a, 0xe8, 0xf1, 0x49, 0x6c, 0x0f, + 0x1a, 0xa0, 0xf9, 0xc6, 0xe7, 0xec, 0x60, 0xe4, 0xcb, 0x2a, 0xb5, 0x56, + 0xe9, 0x9c, 0xcd, 0x19, 0x75, 0x92, 0xb1, 0x66, 0xce, 0xc3, 0xd9, 0x3d, + 0x11, 0xcb, 0xc4, 0x09, 0xce, 0x1e, 0x30, 0xba, 0x2f, 0x60, 0x60, 0x55, + 0x8d, 0x02, 0xdc, 0x5d, 0xaf, 0xf7, 0x52, 0x31, 0x17, 0x07, 0x53, 0x20, + 0x33, 0xad, 0x8c, 0xd5, 0x2f, 0x5a, 0xd0, 0x57, 0xd7, 0xd1, 0x80, 0xd6, + 0x3a, 0x9b, 0x04, 0x4f, 0x35, 0xbf, 0xe7, 0xd5, 0xbc, 0x8f, 0xd4, 0x81, + 0x02, 0x81, 0x81, 0x00, 0xc0, 0x9f, 0xf8, 0xcd, 0xf7, 0x3f, 0x26, 0x8a, + 0x3d, 0x4d, 0x2b, 0x0c, 0x01, 0xd0, 0xa2, 0xb4, 0x18, 0xfe, 0xf7, 0x5e, + 0x2f, 0x06, 0x13, 0xcd, 0x63, 0xaa, 0x12, 0xa9, 0x24, 0x86, 0xe3, 0xf3, + 0x7b, 0xda, 0x1a, 0x3c, 0xb1, 0x38, 0x80, 0x80, 0xef, 0x64, 0x64, 0xa1, + 0x9b, 0xfe, 0x76, 0x63, 0x8e, 0x83, 0xd2, 0xd9, 0xb9, 0x86, 0xb0, 0xe6, + 0xa6, 0x0c, 0x7e, 0xa8, 0x84, 0x90, 0x98, 0x0c, 0x1e, 0xf3, 0x14, 0x77, + 0xe0, 0x5f, 0x81, 0x08, 0x11, 0x8f, 0xa6, 0x23, 0xc4, 0xba, 0xc0, 0x8a, + 0xe4, 0xc6, 0xe3, 0x5c, 0xbe, 0xc5, 0xec, 0x2c, 0xb9, 0xd8, 0x8c, 0x4d, + 0x1a, 0x9d, 0xe7, 0x7c, 0x85, 0x4c, 0x0d, 0x71, 0x4e, 0x72, 0x33, 0x1b, + 0xfe, 0xa9, 0x17, 0x72, 0x76, 0x56, 0x9d, 0x74, 0x7e, 0x52, 0x67, 0x9a, + 0x87, 0x9a, 0xdb, 0x30, 0xde, 0xe4, 0x49, 0x28, 0x3b, 0xd2, 0x67, 0xaf, + 0x02, 0x81, 0x81, 0x00, 0x89, 0x74, 0x9a, 0x8e, 0xa7, 0xb9, 0xa5, 0x28, + 0xc0, 0x68, 0xe5, 0x6e, 0x63, 0x1c, 0x99, 0x20, 0x8f, 0x86, 0x8e, 0x12, + 0x9e, 0x69, 0x30, 0xfa, 0x34, 0xd9, 0x92, 0x8d, 0xdb, 0x7c, 0x37, 0xfd, + 0x28, 0xab, 0x61, 0x98, 0x52, 0x7f, 0x14, 0x1a, 0x39, 0xae, 0xfb, 0x6a, + 0x03, 0xa3, 0xe6, 0xbd, 0xb6, 0x5b, 0x6b, 0xe5, 0x5e, 0x9d, 0xc6, 0xa5, + 0x07, 0x27, 0x54, 0x17, 0xd0, 0x3d, 0x84, 0x9b, 0x3a, 0xa0, 0xd9, 0x1e, + 0x99, 0x6c, 0x63, 0x17, 0xab, 0xf1, 0x1f, 0x49, 0xba, 0x95, 0xe3, 0x3b, + 0x86, 0x8f, 0x42, 0xa4, 0x89, 0xf5, 0x94, 0x8f, 0x8b, 0x46, 0xbe, 0x84, + 0xba, 0x4a, 0xbc, 0x0d, 0x5f, 0x46, 0xeb, 0xe8, 0xec, 0x43, 0x8c, 0x1e, + 0xad, 0x19, 0x69, 0x2f, 0x08, 0x86, 0x7a, 0x3f, 0x7d, 0x0f, 0x07, 0x97, + 0xf3, 0x9a, 0x7b, 0xb5, 0xb2, 0xc1, 0x8c, 0x95, 0x68, 0x04, 0xa0, 0x81, + 0x02, 0x81, 0x80, 0x4e, 0xbf, 0x7e, 0x1b, 0xcb, 0x13, 0x61, 0x75, 0x3b, + 0xdb, 0x59, 0x5f, 0xb1, 0xd4, 0xb8, 0xeb, 0x9e, 0x73, 0xb5, 0xe7, 0xf6, + 0x89, 0x3d, 0x1c, 0xda, 0xf0, 0x36, 0xff, 0x35, 0xbd, 0x1e, 0x0b, 0x74, + 0xe3, 0x9e, 0xf0, 0xf2, 0xf7, 0xd7, 0x82, 0xb7, 0x7b, 0x6a, 0x1b, 0x0e, + 0x30, 0x4a, 0x98, 0x0e, 0xb4, 0xf9, 0x81, 0x07, 0xe4, 0x75, 0x39, 0xe9, + 0x53, 0xca, 0xbb, 0x5c, 0xaa, 0x93, 0x07, 0x0e, 0xa8, 0x2f, 0xba, 0x98, + 0x49, 0x30, 0xa7, 0xcc, 0x1a, 0x3c, 0x68, 0x0c, 0xe1, 0xa4, 0xb1, 0x05, + 0xe6, 0xe0, 0x25, 0x78, 0x58, 0x14, 0x37, 0xf5, 0x1f, 0xe3, 0x22, 0xef, + 0xa8, 0x0e, 0x22, 0xa0, 0x94, 0x3a, 0xf6, 0xc9, 0x13, 0xe6, 0x06, 0xbf, + 0x7f, 0x99, 0xc6, 0xcc, 0xd8, 0xc6, 0xbe, 0xd9, 0x2e, 0x24, 0xc7, 0x69, + 0x8c, 0x95, 0xba, 0xf6, 0x04, 0xb3, 0x0a, 0xf4, 0xcb, 0xf0, 0xce, +}; + static const unsigned char kMsg[] = { 1, 2, 3, 4 }; static const unsigned char kSignature[] = { @@ -185,7 +286,53 @@ static const unsigned char kExampleBadECKeyDER[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xBC, 0xE6, 0xFA, 0xAD, 0xA7, 0x17, 0x9E, 0x84, 0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51 }; + +/* prime256v1 */ +static const unsigned char kExampleECPubKeyDER[] = { + 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, + 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, + 0x42, 0x00, 0x04, 0xba, 0xeb, 0x83, 0xfb, 0x3b, 0xb2, 0xff, 0x30, 0x53, + 0xdb, 0xce, 0x32, 0xf2, 0xac, 0xae, 0x44, 0x0d, 0x3d, 0x13, 0x53, 0xb8, + 0xd1, 0x68, 0x55, 0xde, 0x44, 0x46, 0x05, 0xa6, 0xc9, 0xd2, 0x04, 0xb7, + 0xe3, 0xa2, 0x96, 0xc8, 0xb2, 0x5e, 0x22, 0x03, 0xd7, 0x03, 0x7a, 0x8b, + 0x13, 0x5c, 0x42, 0x49, 0xc2, 0xab, 0x86, 0xd6, 0xac, 0x6b, 0x93, 0x20, + 0x56, 0x6a, 0xc6, 0xc8, 0xa5, 0x0b, 0xe5 +}; + +static const unsigned char pExampleECParamDER[] = { + 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 +}; +#endif + +typedef struct APK_DATA_st { + const unsigned char *kder; + size_t size; + int evptype; + int check; + int pub_check; + int param_check; + int type; /* 0 for private, 1 for public, 2 for params */ +} APK_DATA; + +static APK_DATA keydata[] = { + {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA}, + {kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA}, +#ifndef OPENSSL_NO_EC + {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC} +#endif +}; + +static APK_DATA keycheckdata[] = { + {kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), EVP_PKEY_RSA, 1, -2, -2, 0}, + {kExampleBadRSAKeyDER, sizeof(kExampleBadRSAKeyDER), EVP_PKEY_RSA, + 0, -2, -2, 0}, +#ifndef OPENSSL_NO_EC + {kExampleECKeyDER, sizeof(kExampleECKeyDER), EVP_PKEY_EC, 1, 1, 1, 0}, + /* group is also associated in our pub key */ + {kExampleECPubKeyDER, sizeof(kExampleECPubKeyDER), EVP_PKEY_EC, 0, 1, 1, 1}, + {pExampleECParamDER, sizeof(pExampleECParamDER), EVP_PKEY_EC, 0, 0, 1, 2} #endif +}; static EVP_PKEY *load_example_rsa_key(void) { @@ -194,73 +341,104 @@ static EVP_PKEY *load_example_rsa_key(void) EVP_PKEY *pkey = NULL; RSA *rsa = NULL; - if (!d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER))) { + if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER)))) return NULL; - } - pkey = EVP_PKEY_new(); - if (pkey == NULL || !EVP_PKEY_set1_RSA(pkey, rsa)) { - goto out; - } + if (!TEST_ptr(pkey = EVP_PKEY_new()) + || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa))) + goto end; ret = pkey; pkey = NULL; - out: +end: EVP_PKEY_free(pkey); RSA_free(rsa); return ret; } +static int test_EVP_Enveloped(void) +{ + int ret = 0; + EVP_CIPHER_CTX *ctx = NULL; + EVP_PKEY *keypair = NULL; + unsigned char *kek = NULL; + unsigned char iv[EVP_MAX_IV_LENGTH]; + static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 }; + int len, kek_len, ciphertext_len, plaintext_len; + unsigned char ciphertext[32], plaintext[16]; + const EVP_CIPHER *type = EVP_aes_256_cbc(); + + if (!TEST_ptr(keypair = load_example_rsa_key()) + || !TEST_ptr(kek = OPENSSL_zalloc(EVP_PKEY_size(keypair))) + || !TEST_ptr(ctx = EVP_CIPHER_CTX_new()) + || !TEST_true(EVP_SealInit(ctx, type, &kek, &kek_len, iv, + &keypair, 1)) + || !TEST_true(EVP_SealUpdate(ctx, ciphertext, &ciphertext_len, + msg, sizeof(msg))) + || !TEST_true(EVP_SealFinal(ctx, ciphertext + ciphertext_len, + &len))) + goto err; + + ciphertext_len += len; + + if (!TEST_true(EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair)) + || !TEST_true(EVP_OpenUpdate(ctx, plaintext, &plaintext_len, + ciphertext, ciphertext_len)) + || !TEST_true(EVP_OpenFinal(ctx, plaintext + plaintext_len, &len))) + goto err; + + plaintext_len += len; + if (!TEST_mem_eq(msg, sizeof(msg), plaintext, plaintext_len)) + goto err; + + ret = 1; +err: + OPENSSL_free(kek); + EVP_PKEY_free(keypair); + EVP_CIPHER_CTX_free(ctx); + return ret; +} + + static int test_EVP_DigestSignInit(void) { int ret = 0; EVP_PKEY *pkey = NULL; unsigned char *sig = NULL; size_t sig_len = 0; - EVP_MD_CTX *md_ctx, *md_ctx_verify; + EVP_MD_CTX *md_ctx, *md_ctx_verify = NULL; - md_ctx = EVP_MD_CTX_new(); - md_ctx_verify = EVP_MD_CTX_new(); - if (md_ctx == NULL || md_ctx_verify == NULL) + if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()) + || !TEST_ptr(md_ctx_verify = EVP_MD_CTX_new()) + || !TEST_ptr(pkey = load_example_rsa_key())) goto out; - pkey = load_example_rsa_key(); - if (pkey == NULL || - !EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) || - !EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))) { + if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)) + || !TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg)))) goto out; - } + /* Determine the size of the signature. */ - if (!EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) { + if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) + || !TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey))) goto out; - } - /* Sanity check for testing. */ - if (sig_len != (size_t)EVP_PKEY_size(pkey)) { - fprintf(stderr, "sig_len mismatch\n"); - goto out; - } - sig = OPENSSL_malloc(sig_len); - if (sig == NULL || !EVP_DigestSignFinal(md_ctx, sig, &sig_len)) { + if (!TEST_ptr(sig = OPENSSL_malloc(sig_len)) + || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len))) goto out; - } /* Ensure that the signature round-trips. */ - if (!EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(), NULL, pkey) - || !EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg)) - || !EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)) { + if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sha256(), + NULL, pkey)) + || !TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, + kMsg, sizeof(kMsg))) + || !TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) goto out; - } ret = 1; out: - if (!ret) { - ERR_print_errors_fp(stderr); - } - EVP_MD_CTX_free(md_ctx); EVP_MD_CTX_free(md_ctx_verify); EVP_PKEY_free(pkey); @@ -273,100 +451,48 @@ static int test_EVP_DigestVerifyInit(void) { int ret = 0; EVP_PKEY *pkey = NULL; - EVP_MD_CTX *md_ctx; + EVP_MD_CTX *md_ctx = NULL; - md_ctx = EVP_MD_CTX_new(); + if (!TEST_ptr(md_ctx = EVP_MD_CTX_new()) + || !TEST_ptr(pkey = load_example_rsa_key())) + goto out; - pkey = load_example_rsa_key(); - if (pkey == NULL || - !EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey) || - !EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg)) || - !EVP_DigestVerifyFinal(md_ctx, kSignature, sizeof(kSignature))) { + if (!TEST_true(EVP_DigestVerifyInit(md_ctx, NULL, EVP_sha256(), NULL, pkey)) + || !TEST_true(EVP_DigestVerifyUpdate(md_ctx, kMsg, sizeof(kMsg))) + || !TEST_true(EVP_DigestVerifyFinal(md_ctx, kSignature, + sizeof(kSignature)))) goto out; - } ret = 1; out: - if (!ret) { - ERR_print_errors_fp(stderr); - } - EVP_MD_CTX_free(md_ctx); EVP_PKEY_free(pkey); - return ret; } -static int test_d2i_AutoPrivateKey(const unsigned char *input, - size_t input_len, int expected_id) +static int test_d2i_AutoPrivateKey(int i) { int ret = 0; const unsigned char *p; EVP_PKEY *pkey = NULL; + const APK_DATA *ak = &keydata[i]; + const unsigned char *input = ak->kder; + size_t input_len = ak->size; + int expected_id = ak->evptype; p = input; - pkey = d2i_AutoPrivateKey(NULL, &p, input_len); - if (pkey == NULL || p != input + input_len) { - fprintf(stderr, "d2i_AutoPrivateKey failed\n"); + if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len)) + || !TEST_ptr_eq(p, input + input_len) + || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id)) goto done; - } - - if (EVP_PKEY_id(pkey) != expected_id) { - fprintf(stderr, "Did not decode expected type\n"); - goto done; - } ret = 1; done: - if (!ret) { - ERR_print_errors_fp(stderr); - } - EVP_PKEY_free(pkey); return ret; } -static int test_EVP_Enveloped(void) -{ - int ret = 0; - EVP_CIPHER_CTX *ctx = NULL; - EVP_PKEY *keypair = NULL; - unsigned char *kek = NULL; - int kek_len; - unsigned char iv[EVP_MAX_IV_LENGTH]; - static const unsigned char msg[] = { 1, 2, 3, 4, 5, 6, 7, 8 }; - int len, ciphertext_len, plaintext_len; - unsigned char ciphertext[32], plaintext[16]; - const EVP_CIPHER *type = EVP_aes_256_cbc(); - - if ((keypair = load_example_rsa_key()) == NULL - || (kek = OPENSSL_zalloc(EVP_PKEY_size(keypair))) == NULL - || (ctx = EVP_CIPHER_CTX_new()) == NULL - || !EVP_SealInit(ctx, type, &kek, &kek_len, iv, &keypair, 1) - || !EVP_SealUpdate(ctx, ciphertext, &ciphertext_len, - msg, sizeof(msg)) - || !EVP_SealFinal(ctx, ciphertext + ciphertext_len, &len)) - goto err; - - ciphertext_len += len; - if (!EVP_OpenInit(ctx, type, kek, kek_len, iv, keypair) - || !EVP_OpenUpdate(ctx, plaintext, &plaintext_len, - ciphertext, ciphertext_len) - || !EVP_OpenFinal(ctx, plaintext + plaintext_len, &len) - || (plaintext_len += len) != sizeof(msg) - || memcmp(msg, plaintext, sizeof(msg)) != 0) - goto err; - - ret = 1; - -err: - OPENSSL_free(kek); - EVP_PKEY_free(keypair); - EVP_CIPHER_CTX_free(ctx); - return ret; -} - #ifndef OPENSSL_NO_EC /* Tests loading a bad key in PKCS8 format */ static int test_EVP_PKCS82PKEY(void) @@ -376,18 +502,16 @@ static int test_EVP_PKCS82PKEY(void) PKCS8_PRIV_KEY_INFO *p8inf = NULL; EVP_PKEY *pkey = NULL; - p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, sizeof(kExampleBadECKeyDER)); + if (!TEST_ptr(p8inf = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, + sizeof(kExampleBadECKeyDER)))) + goto done; - if (!p8inf || derp != kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER)) { - fprintf(stderr, "Failed to parse key\n"); + if (!TEST_ptr_eq(derp, + kExampleBadECKeyDER + sizeof(kExampleBadECKeyDER))) goto done; - } - pkey = EVP_PKCS82PKEY(p8inf); - if (pkey) { - fprintf(stderr, "Imported invalid EC key\n"); + if (!TEST_ptr_null(pkey = EVP_PKCS82PKEY(p8inf))) goto done; - } ret = 1; @@ -399,57 +523,469 @@ static int test_EVP_PKCS82PKEY(void) } #endif -int main(void) +#ifndef OPENSSL_NO_SM2 + +static int test_EVP_SM2_verify(void) { - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + /* From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02#appendix-A */ + const char *pubkey = + "-----BEGIN PUBLIC KEY-----\n" + "MIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAhULWnkwETxjouSQ1\n" + "v2/33kVyg5FcRVF9ci7biwjx38MwRAQgeHlotPoyw/0kF4Quc7v+/y88hItoMdfg\n" + "7GUiizk35JgEIGPkxtOyOwyEnPhCQUhL/kj2HVmlsWugbm4S0donxSSaBEEEQh3r\n" + "1hti6rZ0ZDTrw8wxXjIiCzut1QvcTE5sFH/t1D0GgFEry7QsB9RzSdIVO3DE5df9\n" + "/L+jbqGoWEG55G4JogIhAIVC1p5MBE8Y6LkkNb9v990pdyBjBIVijVrnTufDLnm3\n" + "AgEBA0IABArkx3mKoPEZRxvuEYJb5GICu3nipYRElel8BP9N8lSKfAJA+I8c1OFj\n" + "Uqc8F7fxbwc1PlOhdtaEqf4Ma7eY6Fc=\n" + "-----END PUBLIC KEY-----\n"; + + const char *msg = "message digest"; + const char *id = "ALICE123@YAHOO.COM"; + + const uint8_t signature[] = { + 0x30, 0x44, 0x02, 0x20, + + 0x40, 0xF1, 0xEC, 0x59, 0xF7, 0x93, 0xD9, 0xF4, 0x9E, 0x09, 0xDC, + 0xEF, 0x49, 0x13, 0x0D, 0x41, 0x94, 0xF7, 0x9F, 0xB1, 0xEE, 0xD2, + 0xCA, 0xA5, 0x5B, 0xAC, 0xDB, 0x49, 0xC4, 0xE7, 0x55, 0xD1, + + 0x02, 0x20, + + 0x6F, 0xC6, 0xDA, 0xC3, 0x2C, 0x5D, 0x5C, 0xF1, 0x0C, 0x77, 0xDF, + 0xB2, 0x0F, 0x7C, 0x2E, 0xB6, 0x67, 0xA4, 0x57, 0x87, 0x2F, 0xB0, + 0x9E, 0xC5, 0x63, 0x27, 0xA6, 0x7E, 0xC7, 0xDE, 0xEB, 0xE7 + }; + + int rc = 0; + BIO *bio = NULL; + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *mctx = NULL; + EVP_PKEY_CTX *pctx = NULL; + bio = BIO_new_mem_buf(pubkey, strlen(pubkey)); + if (!TEST_true(bio != NULL)) + goto done; - if (!test_EVP_DigestSignInit()) { - fprintf(stderr, "EVP_DigestSignInit failed\n"); - return 1; - } + pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); + if (!TEST_true(pkey != NULL)) + goto done; - if (!test_EVP_DigestVerifyInit()) { - fprintf(stderr, "EVP_DigestVerifyInit failed\n"); - return 1; - } + if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2))) + goto done; - if (!test_d2i_AutoPrivateKey(kExampleRSAKeyDER, sizeof(kExampleRSAKeyDER), - EVP_PKEY_RSA)) { - fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyDER) failed\n"); - return 1; - } + if (!TEST_ptr(mctx = EVP_MD_CTX_new())) + goto done; - if (!test_d2i_AutoPrivateKey - (kExampleRSAKeyPKCS8, sizeof(kExampleRSAKeyPKCS8), EVP_PKEY_RSA)) { - fprintf(stderr, "d2i_AutoPrivateKey(kExampleRSAKeyPKCS8) failed\n"); - return 1; - } + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; - if (!test_EVP_Enveloped()) { - fprintf(stderr, "test_EVP_Enveloped failed\n"); - return 1; - } + if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(pctx, (const uint8_t *)id, + strlen(id)), 0)) + goto done; + + EVP_MD_CTX_set_pkey_ctx(mctx, pctx); + + if (!TEST_true(EVP_DigestVerifyInit(mctx, NULL, EVP_sm3(), NULL, pkey))) + goto done; + + if (!TEST_true(EVP_DigestVerifyUpdate(mctx, msg, strlen(msg)))) + goto done; + + if (!TEST_true(EVP_DigestVerifyFinal(mctx, signature, sizeof(signature)))) + goto done; + rc = 1; + + done: + BIO_free(bio); + EVP_PKEY_free(pkey); + EVP_PKEY_CTX_free(pctx); + EVP_MD_CTX_free(mctx); + return rc; +} + +static int test_EVP_SM2(void) +{ + int ret = 0; + EVP_PKEY *pkey = NULL; + EVP_PKEY *params = NULL; + EVP_PKEY_CTX *pctx = NULL; + EVP_PKEY_CTX *kctx = NULL; + EVP_PKEY_CTX *sctx = NULL; + size_t sig_len = 0; + unsigned char *sig = NULL; + EVP_MD_CTX *md_ctx = NULL; + EVP_MD_CTX *md_ctx_verify = NULL; + EVP_PKEY_CTX *cctx = NULL; + + uint8_t ciphertext[128]; + size_t ctext_len = sizeof(ciphertext); + + uint8_t plaintext[8]; + size_t ptext_len = sizeof(plaintext); + + uint8_t sm2_id[] = {1, 2, 3, 4, 'l', 'e', 't', 't', 'e', 'r'}; + + pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL); + if (!TEST_ptr(pctx)) + goto done; + + if (!TEST_true(EVP_PKEY_paramgen_init(pctx) == 1)) + goto done; + + if (!TEST_true(EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2))) + goto done; + + if (!TEST_true(EVP_PKEY_paramgen(pctx, ¶ms))) + goto done; + + kctx = EVP_PKEY_CTX_new(params, NULL); + if (!TEST_ptr(kctx)) + goto done; + + if (!TEST_true(EVP_PKEY_keygen_init(kctx))) + goto done; + + if (!TEST_true(EVP_PKEY_keygen(kctx, &pkey))) + goto done; + + if (!TEST_true(EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2))) + goto done; + + if (!TEST_ptr(md_ctx = EVP_MD_CTX_new())) + goto done; + + if (!TEST_ptr(md_ctx_verify = EVP_MD_CTX_new())) + goto done; + + if (!TEST_ptr(sctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx); + EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx); + + if (!TEST_int_gt(EVP_PKEY_CTX_set1_id(sctx, sm2_id, sizeof(sm2_id)), 0)) + goto done; + if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey))) + goto done; + + if(!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg)))) + goto done; + + /* Determine the size of the signature. */ + if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))) + goto done; + + if (!TEST_size_t_eq(sig_len, (size_t)EVP_PKEY_size(pkey))) + goto done; + + if (!TEST_ptr(sig = OPENSSL_malloc(sig_len))) + goto done; + + if (!TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len))) + goto done; + + /* Ensure that the signature round-trips. */ + + if (!TEST_true(EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey))) + goto done; + + if (!TEST_true(EVP_DigestVerifyUpdate(md_ctx_verify, kMsg, sizeof(kMsg)))) + goto done; + + if (!TEST_true(EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len))) + goto done; + + /* now check encryption/decryption */ + + if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + if (!TEST_true(EVP_PKEY_encrypt_init(cctx))) + goto done; + + if (!TEST_true(EVP_PKEY_encrypt(cctx, ciphertext, &ctext_len, kMsg, sizeof(kMsg)))) + goto done; + + if (!TEST_true(EVP_PKEY_decrypt_init(cctx))) + goto done; + + if (!TEST_true(EVP_PKEY_decrypt(cctx, plaintext, &ptext_len, ciphertext, ctext_len))) + goto done; + + if (!TEST_true(ptext_len == sizeof(kMsg))) + goto done; + + if (!TEST_true(memcmp(plaintext, kMsg, sizeof(kMsg)) == 0)) + goto done; + + ret = 1; +done: + EVP_PKEY_CTX_free(pctx); + EVP_PKEY_CTX_free(kctx); + EVP_PKEY_CTX_free(sctx); + EVP_PKEY_CTX_free(cctx); + EVP_PKEY_free(pkey); + EVP_PKEY_free(params); + EVP_MD_CTX_free(md_ctx); + EVP_MD_CTX_free(md_ctx_verify); + OPENSSL_free(sig); + return ret; +} + +#endif + +static struct keys_st { + int type; + char *priv; + char *pub; +} keys[] = { + { + EVP_PKEY_HMAC, "0123456789", NULL + }, { + EVP_PKEY_POLY1305, "01234567890123456789012345678901", NULL + }, { + EVP_PKEY_SIPHASH, "0123456789012345", NULL + }, #ifndef OPENSSL_NO_EC - if (!test_d2i_AutoPrivateKey(kExampleECKeyDER, sizeof(kExampleECKeyDER), - EVP_PKEY_EC)) { - fprintf(stderr, "d2i_AutoPrivateKey(kExampleECKeyDER) failed\n"); - return 1; + { + EVP_PKEY_X25519, "01234567890123456789012345678901", + "abcdefghijklmnopqrstuvwxyzabcdef" + }, { + EVP_PKEY_ED25519, "01234567890123456789012345678901", + "abcdefghijklmnopqrstuvwxyzabcdef" + }, { + EVP_PKEY_X448, + "01234567890123456789012345678901234567890123456789012345", + "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcd" + }, { + EVP_PKEY_ED448, + "012345678901234567890123456789012345678901234567890123456", + "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcde" } +#endif +}; - if (!test_EVP_PKCS82PKEY()) { - fprintf(stderr, "test_EVP_PKCS82PKEY failed\n"); +static int test_set_get_raw_keys_int(int tst, int pub) +{ + int ret = 0; + unsigned char buf[80]; + unsigned char *in; + size_t inlen, len = 0; + EVP_PKEY *pkey; + + /* Check if this algorithm supports public keys */ + if (keys[tst].pub == NULL) return 1; + + memset(buf, 0, sizeof(buf)); + + if (pub) { + inlen = strlen(keys[tst].pub); + in = (unsigned char *)keys[tst].pub; + pkey = EVP_PKEY_new_raw_public_key(keys[tst].type, + NULL, + in, + inlen); + } else { + inlen = strlen(keys[tst].priv); + in = (unsigned char *)keys[tst].priv; + pkey = EVP_PKEY_new_raw_private_key(keys[tst].type, + NULL, + in, + inlen); } + + if (!TEST_ptr(pkey) + || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len))) + || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len))) + || !TEST_true(len == inlen) + || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len))) + || (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len))) + || !TEST_mem_eq(in, inlen, buf, len)) + goto done; + + ret = 1; + done: + EVP_PKEY_free(pkey); + return ret; +} + +static int test_set_get_raw_keys(int tst) +{ + return test_set_get_raw_keys_int(tst, 0) + && test_set_get_raw_keys_int(tst, 1); +} + +static int pkey_custom_check(EVP_PKEY *pkey) +{ + return 0xbeef; +} + +static int pkey_custom_pub_check(EVP_PKEY *pkey) +{ + return 0xbeef; +} + +static int pkey_custom_param_check(EVP_PKEY *pkey) +{ + return 0xbeef; +} + +static EVP_PKEY_METHOD *custom_pmeth; + +static int test_EVP_PKEY_check(int i) +{ + int ret = 0; + const unsigned char *p; + EVP_PKEY *pkey = NULL; +#ifndef OPENSSL_NO_EC + EC_KEY *eckey = NULL; #endif + EVP_PKEY_CTX *ctx = NULL; + EVP_PKEY_CTX *ctx2 = NULL; + const APK_DATA *ak = &keycheckdata[i]; + const unsigned char *input = ak->kder; + size_t input_len = ak->size; + int expected_id = ak->evptype; + int expected_check = ak->check; + int expected_pub_check = ak->pub_check; + int expected_param_check = ak->param_check; + int type = ak->type; + BIO *pubkey = NULL; -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; + p = input; + + switch (type) { + case 0: + if (!TEST_ptr(pkey = d2i_AutoPrivateKey(NULL, &p, input_len)) + || !TEST_ptr_eq(p, input + input_len) + || !TEST_int_eq(EVP_PKEY_id(pkey), expected_id)) + goto done; + break; +#ifndef OPENSSL_NO_EC + case 1: + if (!TEST_ptr(pubkey = BIO_new_mem_buf(input, input_len)) + || !TEST_ptr(eckey = d2i_EC_PUBKEY_bio(pubkey, NULL)) + || !TEST_ptr(pkey = EVP_PKEY_new()) + || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey))) + goto done; + break; + case 2: + if (!TEST_ptr(eckey = d2i_ECParameters(NULL, &p, input_len)) + || !TEST_ptr_eq(p, input + input_len) + || !TEST_ptr(pkey = EVP_PKEY_new()) + || !TEST_true(EVP_PKEY_assign_EC_KEY(pkey, eckey))) + goto done; + break; #endif + default: + return 0; + } + + if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(pkey, NULL))) + goto done; + + if (!TEST_int_eq(EVP_PKEY_check(ctx), expected_check)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_public_check(ctx), expected_pub_check)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_param_check(ctx), expected_param_check)) + goto done; + + ctx2 = EVP_PKEY_CTX_new_id(0xdefaced, NULL); + /* assign the pkey directly, as an internal test */ + EVP_PKEY_up_ref(pkey); + ctx2->pkey = pkey; + + if (!TEST_int_eq(EVP_PKEY_check(ctx2), 0xbeef)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_public_check(ctx2), 0xbeef)) + goto done; + + if (!TEST_int_eq(EVP_PKEY_param_check(ctx2), 0xbeef)) + goto done; + + ret = 1; - printf("PASS\n"); - return 0; + done: + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_CTX_free(ctx2); + EVP_PKEY_free(pkey); + BIO_free(pubkey); + return ret; +} + +static int test_HKDF(void) +{ + EVP_PKEY_CTX *pctx; + unsigned char out[20]; + size_t outlen; + int i, ret = 0; + unsigned char salt[] = "0123456789"; + unsigned char key[] = "012345678901234567890123456789"; + unsigned char info[] = "infostring"; + const unsigned char expected[] = { + 0xe5, 0x07, 0x70, 0x7f, 0xc6, 0x78, 0xd6, 0x54, 0x32, 0x5f, 0x7e, 0xc5, + 0x7b, 0x59, 0x3e, 0xd8, 0x03, 0x6b, 0xed, 0xca + }; + size_t expectedlen = sizeof(expected); + + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL))) + goto done; + + /* We do this twice to test reuse of the EVP_PKEY_CTX */ + for (i = 0; i < 2; i++) { + outlen = sizeof(out); + memset(out, 0, outlen); + + if (!TEST_int_gt(EVP_PKEY_derive_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set_hkdf_md(pctx, EVP_sha256()), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_salt(pctx, salt, + sizeof(salt) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_set1_hkdf_key(pctx, key, + sizeof(key) - 1), 0) + || !TEST_int_gt(EVP_PKEY_CTX_add1_hkdf_info(pctx, info, + sizeof(info) - 1), 0) + || !TEST_int_gt(EVP_PKEY_derive(pctx, out, &outlen), 0) + || !TEST_mem_eq(out, outlen, expected, expectedlen)) + goto done; + } + + ret = 1; + + done: + EVP_PKEY_CTX_free(pctx); + + return ret; +} + +int setup_tests(void) +{ + ADD_TEST(test_EVP_DigestSignInit); + ADD_TEST(test_EVP_DigestVerifyInit); + ADD_TEST(test_EVP_Enveloped); + ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata)); +#ifndef OPENSSL_NO_EC + ADD_TEST(test_EVP_PKCS82PKEY); +#endif +#ifndef OPENSSL_NO_SM2 + ADD_TEST(test_EVP_SM2); + ADD_TEST(test_EVP_SM2_verify); +#endif + ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys)); + custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0); + if (!TEST_ptr(custom_pmeth)) + return 0; + EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check); + EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check); + EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check); + if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1)) + return 0; + ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata)); + ADD_TEST(test_HKDF); + return 1; } diff --git a/deps/openssl/openssl/test/evp_test.c b/deps/openssl/openssl/test/evp_test.c index ea9455374f..e7e376e657 100644 --- a/deps/openssl/openssl/test/evp_test.c +++ b/deps/openssl/openssl/test/evp_test.c @@ -18,98 +18,238 @@ #include <openssl/pkcs12.h> #include <openssl/kdf.h> #include "internal/numbers.h" +#include "testutil.h" +#include "evp_test.h" -/* Remove spaces from beginning and end of a string */ -static void remove_space(char **pval) -{ - unsigned char *p = (unsigned char *)*pval; +typedef struct evp_test_method_st EVP_TEST_METHOD; - while (isspace(*p)) - p++; +/* + * Structure holding test information + */ +typedef struct evp_test_st { + STANZA s; /* Common test stanza */ + char *name; + int skip; /* Current test should be skipped */ + const EVP_TEST_METHOD *meth; /* method for this test */ + const char *err, *aux_err; /* Error string for test */ + char *expected_err; /* Expected error value of test */ + char *func; /* Expected error function string */ + char *reason; /* Expected error reason string */ + void *data; /* test specific data */ +} EVP_TEST; - *pval = (char *)p; +/* + * Test method structure + */ +struct evp_test_method_st { + /* Name of test as it appears in file */ + const char *name; + /* Initialise test for "alg" */ + int (*init) (EVP_TEST * t, const char *alg); + /* Clean up method */ + void (*cleanup) (EVP_TEST * t); + /* Test specific name value pair processing */ + int (*parse) (EVP_TEST * t, const char *name, const char *value); + /* Run the test itself */ + int (*run_test) (EVP_TEST * t); +}; - p = p + strlen(*pval) - 1; - /* Remove trailing space */ - while (isspace(*p)) - *p-- = 0; -} +/* + * Linked list of named keys. + */ +typedef struct key_list_st { + char *name; + EVP_PKEY *key; + struct key_list_st *next; +} KEY_LIST; /* - * Given a line of the form: - * name = value # comment - * extract name and value. NB: modifies passed buffer. + * List of public and private keys */ +static KEY_LIST *private_keys; +static KEY_LIST *public_keys; +static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst); -static int parse_line(char **pkw, char **pval, char *linebuf) +static int parse_bin(const char *value, unsigned char **buf, size_t *buflen); + +/* + * Compare two memory regions for equality, returning zero if they differ. + * However, if there is expected to be an error and the actual error + * matches then the memory is expected to be different so handle this + * case without producing unnecessary test framework output. + */ +static int memory_err_compare(EVP_TEST *t, const char *err, + const void *expected, size_t expected_len, + const void *got, size_t got_len) { - char *p; + int r; - p = linebuf + strlen(linebuf) - 1; + if (t->expected_err != NULL && strcmp(t->expected_err, err) == 0) + r = !TEST_mem_ne(expected, expected_len, got, got_len); + else + r = TEST_mem_eq(expected, expected_len, got, got_len); + if (!r) + t->err = err; + return r; +} - if (*p != '\n') { - fprintf(stderr, "FATAL: missing EOL\n"); - exit(1); +/* + * Structure used to hold a list of blocks of memory to test + * calls to "update" like functions. + */ +struct evp_test_buffer_st { + unsigned char *buf; + size_t buflen; + size_t count; + int count_set; +}; + +static void evp_test_buffer_free(EVP_TEST_BUFFER *db) +{ + if (db != NULL) { + OPENSSL_free(db->buf); + OPENSSL_free(db); } +} - /* Look for # */ +/* + * append buffer to a list + */ +static int evp_test_buffer_append(const char *value, + STACK_OF(EVP_TEST_BUFFER) **sk) +{ + EVP_TEST_BUFFER *db = NULL; - p = strchr(linebuf, '#'); + if (!TEST_ptr(db = OPENSSL_malloc(sizeof(*db)))) + goto err; - if (p) - *p = '\0'; + if (!parse_bin(value, &db->buf, &db->buflen)) + goto err; + db->count = 1; + db->count_set = 0; - /* Look for = sign */ - p = strchr(linebuf, '='); + if (*sk == NULL && !TEST_ptr(*sk = sk_EVP_TEST_BUFFER_new_null())) + goto err; + if (!sk_EVP_TEST_BUFFER_push(*sk, db)) + goto err; - /* If no '=' exit */ - if (!p) + return 1; + +err: + evp_test_buffer_free(db); + return 0; +} + +/* + * replace last buffer in list with copies of itself + */ +static int evp_test_buffer_ncopy(const char *value, + STACK_OF(EVP_TEST_BUFFER) *sk) +{ + EVP_TEST_BUFFER *db; + unsigned char *tbuf, *p; + size_t tbuflen; + int ncopy = atoi(value); + int i; + + if (ncopy <= 0) + return 0; + if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0) + return 0; + db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1); + + tbuflen = db->buflen * ncopy; + if (!TEST_ptr(tbuf = OPENSSL_malloc(tbuflen))) return 0; + for (i = 0, p = tbuf; i < ncopy; i++, p += db->buflen) + memcpy(p, db->buf, db->buflen); + + OPENSSL_free(db->buf); + db->buf = tbuf; + db->buflen = tbuflen; + return 1; +} - *p++ = '\0'; +/* + * set repeat count for last buffer in list + */ +static int evp_test_buffer_set_count(const char *value, + STACK_OF(EVP_TEST_BUFFER) *sk) +{ + EVP_TEST_BUFFER *db; + int count = atoi(value); - *pkw = linebuf; - *pval = p; + if (count <= 0) + return 0; - /* Remove spaces from keyword and value */ - remove_space(pkw); - remove_space(pval); + if (sk == NULL || sk_EVP_TEST_BUFFER_num(sk) == 0) + return 0; + + db = sk_EVP_TEST_BUFFER_value(sk, sk_EVP_TEST_BUFFER_num(sk) - 1); + if (db->count_set != 0) + return 0; + db->count = (size_t)count; + db->count_set = 1; return 1; } /* - * Unescape some escape sequences in string literals. - * Return the result in a newly allocated buffer. - * Currently only supports '\n'. - * If the input length is 0, returns a valid 1-byte buffer, but sets - * the length to 0. + * call "fn" with each element of the list in turn + */ +static int evp_test_buffer_do(STACK_OF(EVP_TEST_BUFFER) *sk, + int (*fn)(void *ctx, + const unsigned char *buf, + size_t buflen), + void *ctx) +{ + int i; + + for (i = 0; i < sk_EVP_TEST_BUFFER_num(sk); i++) { + EVP_TEST_BUFFER *tb = sk_EVP_TEST_BUFFER_value(sk, i); + size_t j; + + for (j = 0; j < tb->count; j++) { + if (fn(ctx, tb->buf, tb->buflen) <= 0) + return 0; + } + } + return 1; +} + +/* + * Unescape some sequences in string literals (only \n for now). + * Return an allocated buffer, set |out_len|. If |input_len| + * is zero, get an empty buffer but set length to zero. */ static unsigned char* unescape(const char *input, size_t input_len, size_t *out_len) { unsigned char *ret, *p; size_t i; + if (input_len == 0) { *out_len = 0; return OPENSSL_zalloc(1); } /* Escaping is non-expanding; over-allocate original size for simplicity. */ - ret = p = OPENSSL_malloc(input_len); - if (ret == NULL) + if (!TEST_ptr(ret = p = OPENSSL_malloc(input_len))) return NULL; for (i = 0; i < input_len; i++) { - if (input[i] == '\\') { - if (i == input_len - 1 || input[i+1] != 'n') + if (*input == '\\') { + if (i == input_len - 1 || *++input != 'n') { + TEST_error("Bad escape sequence in file"); goto err; + } *p++ = '\n'; i++; + input++; } else { - *p++ = input[i]; + *p++ = *input++; } } @@ -121,607 +261,79 @@ static unsigned char* unescape(const char *input, size_t input_len, return NULL; } -/* For a hex string "value" convert to a binary allocated buffer */ -static int test_bin(const char *value, unsigned char **buf, size_t *buflen) +/* + * For a hex string "value" convert to a binary allocated buffer. + * Return 1 on success or 0 on failure. + */ +static int parse_bin(const char *value, unsigned char **buf, size_t *buflen) { long len; - *buflen = 0; + /* Check for NULL literal */ + if (strcmp(value, "NULL") == 0) { + *buf = NULL; + *buflen = 0; + return 1; + } /* Check for empty value */ - if (!*value) { + if (*value == '\0') { /* - * Don't return NULL for zero length buffer. - * This is needed for some tests with empty keys: HMAC_Init_ex() expects - * a non-NULL key buffer even if the key length is 0, in order to detect - * key reset. + * Don't return NULL for zero length buffer. This is needed for + * some tests with empty keys: HMAC_Init_ex() expects a non-NULL key + * buffer even if the key length is 0, in order to detect key reset. */ *buf = OPENSSL_malloc(1); - if (!*buf) + if (*buf == NULL) return 0; **buf = 0; *buflen = 0; return 1; } - /* Check for NULL literal */ - if (strcmp(value, "NULL") == 0) { - *buf = NULL; - *buflen = 0; - return 1; - } - /* Check for string literal */ if (value[0] == '"') { - size_t vlen; - value++; - vlen = strlen(value); - if (value[vlen - 1] != '"') + size_t vlen = strlen(++value); + + if (vlen == 0 || value[vlen - 1] != '"') return 0; vlen--; *buf = unescape(value, vlen, buflen); - if (*buf == NULL) - return 0; - return 1; + return *buf == NULL ? 0 : 1; } /* Otherwise assume as hex literal and convert it to binary buffer */ - *buf = OPENSSL_hexstr2buf(value, &len); - if (!*buf) { - fprintf(stderr, "Value=%s\n", value); - ERR_print_errors_fp(stderr); + if (!TEST_ptr(*buf = OPENSSL_hexstr2buf(value, &len))) { + TEST_info("Can't convert %s", value); + TEST_openssl_errors(); return -1; } /* Size of input buffer means we'll never overflow */ *buflen = len; return 1; } -#ifndef OPENSSL_NO_SCRYPT -/* Currently only used by scrypt tests */ -/* Parse unsigned decimal 64 bit integer value */ -static int test_uint64(const char *value, uint64_t *pr) -{ - const char *p = value; - if (!*p) { - fprintf(stderr, "Invalid empty integer value\n"); - return -1; - } - *pr = 0; - while (*p) { - if (*pr > UINT64_MAX/10) { - fprintf(stderr, "Integer string overflow value=%s\n", value); - return -1; - } - *pr *= 10; - if (*p < '0' || *p > '9') { - fprintf(stderr, "Invalid integer string value=%s\n", value); - return -1; - } - *pr += *p - '0'; - p++; - } - return 1; -} -#endif - -/* Structure holding test information */ -struct evp_test { - /* file being read */ - BIO *in; - /* temp memory BIO for reading in keys */ - BIO *key; - /* List of public and private keys */ - struct key_list *private; - struct key_list *public; - /* method for this test */ - const struct evp_test_method *meth; - /* current line being processed */ - unsigned int line; - /* start line of current test */ - unsigned int start_line; - /* Error string for test */ - const char *err, *aux_err; - /* Expected error value of test */ - char *expected_err; - /* Expected error function string */ - char *func; - /* Expected error reason string */ - char *reason; - /* Number of tests */ - int ntests; - /* Error count */ - int errors; - /* Number of tests skipped */ - int nskip; - /* If output mismatch expected and got value */ - unsigned char *out_received; - size_t out_received_len; - unsigned char *out_expected; - size_t out_expected_len; - /* test specific data */ - void *data; - /* Current test should be skipped */ - int skip; -}; - -struct key_list { - char *name; - EVP_PKEY *key; - struct key_list *next; -}; - -/* Test method structure */ -struct evp_test_method { - /* Name of test as it appears in file */ - const char *name; - /* Initialise test for "alg" */ - int (*init) (struct evp_test * t, const char *alg); - /* Clean up method */ - void (*cleanup) (struct evp_test * t); - /* Test specific name value pair processing */ - int (*parse) (struct evp_test * t, const char *name, const char *value); - /* Run the test itself */ - int (*run_test) (struct evp_test * t); -}; - -static const struct evp_test_method digest_test_method, cipher_test_method; -static const struct evp_test_method mac_test_method; -static const struct evp_test_method psign_test_method, pverify_test_method; -static const struct evp_test_method pdecrypt_test_method; -static const struct evp_test_method pverify_recover_test_method; -static const struct evp_test_method pderive_test_method; -static const struct evp_test_method pbe_test_method; -static const struct evp_test_method encode_test_method; -static const struct evp_test_method kdf_test_method; -static const struct evp_test_method keypair_test_method; - -static const struct evp_test_method *evp_test_list[] = { - &digest_test_method, - &cipher_test_method, - &mac_test_method, - &psign_test_method, - &pverify_test_method, - &pdecrypt_test_method, - &pverify_recover_test_method, - &pderive_test_method, - &pbe_test_method, - &encode_test_method, - &kdf_test_method, - &keypair_test_method, - NULL -}; - -static const struct evp_test_method *evp_find_test(const char *name) -{ - const struct evp_test_method **tt; - - for (tt = evp_test_list; *tt; tt++) { - if (strcmp(name, (*tt)->name) == 0) - return *tt; - } - return NULL; -} - -static void hex_print(const char *name, const unsigned char *buf, size_t len) -{ - size_t i; - fprintf(stderr, "%s ", name); - for (i = 0; i < len; i++) - fprintf(stderr, "%02X", buf[i]); - fputs("\n", stderr); -} - -static void free_expected(struct evp_test *t) -{ - OPENSSL_free(t->expected_err); - t->expected_err = NULL; - OPENSSL_free(t->func); - t->func = NULL; - OPENSSL_free(t->reason); - t->reason = NULL; - OPENSSL_free(t->out_expected); - OPENSSL_free(t->out_received); - t->out_expected = NULL; - t->out_received = NULL; - t->out_expected_len = 0; - t->out_received_len = 0; - /* Literals. */ - t->err = NULL; -} - -static void print_expected(struct evp_test *t) -{ - if (t->out_expected == NULL && t->out_received == NULL) - return; - hex_print("Expected:", t->out_expected, t->out_expected_len); - hex_print("Got: ", t->out_received, t->out_received_len); - free_expected(t); -} - -static int check_test_error(struct evp_test *t) -{ - unsigned long err; - const char *func; - const char *reason; - if (!t->err && !t->expected_err) - return 1; - if (t->err && !t->expected_err) { - if (t->aux_err != NULL) { - fprintf(stderr, "Test line %d(%s): unexpected error %s\n", - t->start_line, t->aux_err, t->err); - } else { - fprintf(stderr, "Test line %d: unexpected error %s\n", - t->start_line, t->err); - } - print_expected(t); - return 0; - } - if (!t->err && t->expected_err) { - fprintf(stderr, "Test line %d: succeeded expecting %s\n", - t->start_line, t->expected_err); - return 0; - } - - if (strcmp(t->err, t->expected_err) != 0) { - fprintf(stderr, "Test line %d: expecting %s got %s\n", - t->start_line, t->expected_err, t->err); - return 0; - } - - if (t->func == NULL && t->reason == NULL) - return 1; - - if (t->func == NULL || t->reason == NULL) { - fprintf(stderr, "Test line %d: missing function or reason code\n", - t->start_line); - return 0; - } - - err = ERR_peek_error(); - if (err == 0) { - fprintf(stderr, "Test line %d, expected error \"%s:%s\" not set\n", - t->start_line, t->func, t->reason); - return 0; - } - - func = ERR_func_error_string(err); - reason = ERR_reason_error_string(err); - - if (func == NULL && reason == NULL) { - fprintf(stderr, "Test line %d: expected error \"%s:%s\", no strings available. Skipping...\n", - t->start_line, t->func, t->reason); - return 1; - } - - if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0) - return 1; - - fprintf(stderr, "Test line %d: expected error \"%s:%s\", got \"%s:%s\"\n", - t->start_line, t->func, t->reason, func, reason); - - return 0; -} - -/* Setup a new test, run any existing test */ - -static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth) -{ - /* If we already have a test set up run it */ - if (t->meth) { - t->ntests++; - if (t->skip) { - t->nskip++; - } else { - /* run the test */ - if (t->err == NULL && t->meth->run_test(t) != 1) { - fprintf(stderr, "%s test error line %d\n", - t->meth->name, t->start_line); - return 0; - } - if (!check_test_error(t)) { - if (t->err) - ERR_print_errors_fp(stderr); - t->errors++; - } - } - /* clean it up */ - ERR_clear_error(); - if (t->data != NULL) { - t->meth->cleanup(t); - OPENSSL_free(t->data); - t->data = NULL; - } - OPENSSL_free(t->expected_err); - t->expected_err = NULL; - free_expected(t); - } - t->meth = tmeth; - return 1; -} - -static int find_key(EVP_PKEY **ppk, const char *name, struct key_list *lst) -{ - for (; lst; lst = lst->next) { - if (strcmp(lst->name, name) == 0) { - if (ppk) - *ppk = lst->key; - return 1; - } - } - return 0; -} - -static void free_key_list(struct key_list *lst) -{ - while (lst != NULL) { - struct key_list *ltmp; - EVP_PKEY_free(lst->key); - OPENSSL_free(lst->name); - ltmp = lst->next; - OPENSSL_free(lst); - lst = ltmp; - } -} - -static int check_unsupported() -{ - long err = ERR_peek_error(); - if (ERR_GET_LIB(err) == ERR_LIB_EVP - && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) { - ERR_clear_error(); - return 1; - } -#ifndef OPENSSL_NO_EC - /* - * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an - * hint to an unsupported algorithm/curve (e.g. if binary EC support is - * disabled). - */ - if (ERR_GET_LIB(err) == ERR_LIB_EC - && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) { - ERR_clear_error(); - return 1; - } -#endif /* OPENSSL_NO_EC */ - return 0; -} - - -static int read_key(struct evp_test *t) -{ - char tmpbuf[80]; - if (t->key == NULL) - t->key = BIO_new(BIO_s_mem()); - else if (BIO_reset(t->key) <= 0) - return 0; - if (t->key == NULL) { - fprintf(stderr, "Error allocating key memory BIO\n"); - return 0; - } - /* Read to PEM end line and place content in memory BIO */ - while (BIO_gets(t->in, tmpbuf, sizeof(tmpbuf))) { - t->line++; - if (BIO_puts(t->key, tmpbuf) <= 0) { - fprintf(stderr, "Error writing to key memory BIO\n"); - return 0; - } - if (strncmp(tmpbuf, "-----END", 8) == 0) - return 1; - } - fprintf(stderr, "Can't find key end\n"); - return 0; -} - -static int process_test(struct evp_test *t, char *buf, int verbose) -{ - char *keyword = NULL, *value = NULL; - int rv = 0, add_key = 0; - struct key_list **lst = NULL, *key = NULL; - EVP_PKEY *pk = NULL; - const struct evp_test_method *tmeth = NULL; - if (verbose) - fputs(buf, stdout); - if (!parse_line(&keyword, &value, buf)) - return 1; - if (strcmp(keyword, "PrivateKey") == 0) { - if (!read_key(t)) - return 0; - pk = PEM_read_bio_PrivateKey(t->key, NULL, 0, NULL); - if (pk == NULL && !check_unsupported()) { - fprintf(stderr, "Error reading private key %s\n", value); - ERR_print_errors_fp(stderr); - return 0; - } - lst = &t->private; - add_key = 1; - } - if (strcmp(keyword, "PublicKey") == 0) { - if (!read_key(t)) - return 0; - pk = PEM_read_bio_PUBKEY(t->key, NULL, 0, NULL); - if (pk == NULL && !check_unsupported()) { - fprintf(stderr, "Error reading public key %s\n", value); - ERR_print_errors_fp(stderr); - return 0; - } - lst = &t->public; - add_key = 1; - } - /* If we have a key add to list */ - if (add_key) { - if (find_key(NULL, value, *lst)) { - fprintf(stderr, "Duplicate key %s\n", value); - return 0; - } - key = OPENSSL_malloc(sizeof(*key)); - if (!key) - return 0; - key->name = OPENSSL_strdup(value); - key->key = pk; - key->next = *lst; - *lst = key; - return 1; - } - - /* See if keyword corresponds to a test start */ - tmeth = evp_find_test(keyword); - if (tmeth) { - if (!setup_test(t, tmeth)) - return 0; - t->start_line = t->line; - t->skip = 0; - if (!tmeth->init(t, value)) { - fprintf(stderr, "Unknown %s: %s\n", keyword, value); - return 0; - } - return 1; - } else if (t->skip) { - return 1; - } else if (strcmp(keyword, "Result") == 0) { - if (t->expected_err) { - fprintf(stderr, "Line %d: multiple result lines\n", t->line); - return 0; - } - t->expected_err = OPENSSL_strdup(value); - if (t->expected_err == NULL) - return 0; - } else if (strcmp(keyword, "Function") == 0) { - if (t->func != NULL) { - fprintf(stderr, "Line %d: multiple function lines\n", t->line); - return 0; - } - t->func = OPENSSL_strdup(value); - if (t->func == NULL) - return 0; - } else if (strcmp(keyword, "Reason") == 0) { - if (t->reason != NULL) { - fprintf(stderr, "Line %d: multiple reason lines\n", t->line); - return 0; - } - t->reason = OPENSSL_strdup(value); - if (t->reason == NULL) - return 0; - } else { - /* Must be test specific line: try to parse it */ - if (t->meth) - rv = t->meth->parse(t, keyword, value); - - if (rv == 0) - fprintf(stderr, "line %d: unexpected keyword %s\n", - t->line, keyword); - - if (rv < 0) - fprintf(stderr, "line %d: error processing keyword %s\n", - t->line, keyword); - if (rv <= 0) - return 0; - } - return 1; -} - -static int check_var_length_output(struct evp_test *t, - const unsigned char *expected, - size_t expected_len, - const unsigned char *received, - size_t received_len) -{ - if (expected_len == received_len && - memcmp(expected, received, expected_len) == 0) { - return 0; - } - - /* The result printing code expects a non-NULL buffer. */ - t->out_expected = OPENSSL_memdup(expected, expected_len ? expected_len : 1); - t->out_expected_len = expected_len; - t->out_received = OPENSSL_memdup(received, received_len ? received_len : 1); - t->out_received_len = received_len; - if (t->out_expected == NULL || t->out_received == NULL) { - fprintf(stderr, "Memory allocation error!\n"); - exit(1); - } - return 1; -} - -static int check_output(struct evp_test *t, - const unsigned char *expected, - const unsigned char *received, - size_t len) -{ - return check_var_length_output(t, expected, len, received, len); -} - -int main(int argc, char **argv) -{ - BIO *in = NULL; - char buf[10240]; - struct evp_test t; - - if (argc != 2) { - fprintf(stderr, "usage: evp_test testfile.txt\n"); - return 1; - } - - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - memset(&t, 0, sizeof(t)); - t.start_line = -1; - in = BIO_new_file(argv[1], "rb"); - if (in == NULL) { - fprintf(stderr, "Can't open %s for reading\n", argv[1]); - return 1; - } - t.in = in; - t.err = NULL; - while (BIO_gets(in, buf, sizeof(buf))) { - t.line++; - if (!process_test(&t, buf, 0)) - exit(1); - } - /* Run any final test we have */ - if (!setup_test(&t, NULL)) - exit(1); - fprintf(stderr, "%d tests completed with %d errors, %d skipped\n", - t.ntests, t.errors, t.nskip); - free_key_list(t.public); - free_key_list(t.private); - BIO_free(t.key); - BIO_free(in); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; -#endif - if (t.errors) - return 1; - return 0; -} -static void test_free(void *d) -{ - OPENSSL_free(d); -} -/* Message digest tests */ +/** +*** MESSAGE DIGEST TESTS +**/ -struct digest_data { +typedef struct digest_data_st { /* Digest this test is for */ const EVP_MD *digest; /* Input to digest */ - unsigned char *input; - size_t input_len; - /* Repeat count for input */ - size_t nrpt; + STACK_OF(EVP_TEST_BUFFER) *input; /* Expected output */ unsigned char *output; size_t output_len; -}; +} DIGEST_DATA; -static int digest_test_init(struct evp_test *t, const char *alg) +static int digest_test_init(EVP_TEST *t, const char *alg) { + DIGEST_DATA *mdat; const EVP_MD *digest; - struct digest_data *mdat; - digest = EVP_get_digestbyname(alg); - if (!digest) { + + if ((digest = EVP_get_digestbyname(alg)) == NULL) { /* If alg has an OID assume disabled algorithm */ if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { t->skip = 1; @@ -729,76 +341,97 @@ static int digest_test_init(struct evp_test *t, const char *alg) } return 0; } - mdat = OPENSSL_malloc(sizeof(*mdat)); - mdat->digest = digest; - mdat->input = NULL; - mdat->output = NULL; - mdat->nrpt = 1; + if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat)))) + return 0; t->data = mdat; + mdat->digest = digest; return 1; } -static void digest_test_cleanup(struct evp_test *t) +static void digest_test_cleanup(EVP_TEST *t) { - struct digest_data *mdat = t->data; - test_free(mdat->input); - test_free(mdat->output); + DIGEST_DATA *mdat = t->data; + + sk_EVP_TEST_BUFFER_pop_free(mdat->input, evp_test_buffer_free); + OPENSSL_free(mdat->output); } -static int digest_test_parse(struct evp_test *t, +static int digest_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct digest_data *mdata = t->data; + DIGEST_DATA *mdata = t->data; + if (strcmp(keyword, "Input") == 0) - return test_bin(value, &mdata->input, &mdata->input_len); + return evp_test_buffer_append(value, &mdata->input); if (strcmp(keyword, "Output") == 0) - return test_bin(value, &mdata->output, &mdata->output_len); - if (strcmp(keyword, "Count") == 0) { - long nrpt = atoi(value); - if (nrpt <= 0) - return 0; - mdata->nrpt = (size_t)nrpt; - return 1; - } + return parse_bin(value, &mdata->output, &mdata->output_len); + if (strcmp(keyword, "Count") == 0) + return evp_test_buffer_set_count(value, mdata->input); + if (strcmp(keyword, "Ncopy") == 0) + return evp_test_buffer_ncopy(value, mdata->input); return 0; } -static int digest_test_run(struct evp_test *t) +static int digest_update_fn(void *ctx, const unsigned char *buf, size_t buflen) { - struct digest_data *mdata = t->data; - size_t i; - const char *err = "INTERNAL_ERROR"; + return EVP_DigestUpdate(ctx, buf, buflen); +} + +static int digest_test_run(EVP_TEST *t) +{ + DIGEST_DATA *expected = t->data; EVP_MD_CTX *mctx; - unsigned char md[EVP_MAX_MD_SIZE]; - unsigned int md_len; - mctx = EVP_MD_CTX_new(); - if (!mctx) + unsigned char *got = NULL; + unsigned int got_len; + + t->err = "TEST_FAILURE"; + if (!TEST_ptr(mctx = EVP_MD_CTX_new())) + goto err; + + got = OPENSSL_malloc(expected->output_len > EVP_MAX_MD_SIZE ? + expected->output_len : EVP_MAX_MD_SIZE); + if (!TEST_ptr(got)) goto err; - err = "DIGESTINIT_ERROR"; - if (!EVP_DigestInit_ex(mctx, mdata->digest, NULL)) + + if (!EVP_DigestInit_ex(mctx, expected->digest, NULL)) { + t->err = "DIGESTINIT_ERROR"; goto err; - err = "DIGESTUPDATE_ERROR"; - for (i = 0; i < mdata->nrpt; i++) { - if (!EVP_DigestUpdate(mctx, mdata->input, mdata->input_len)) - goto err; } - err = "DIGESTFINAL_ERROR"; - if (!EVP_DigestFinal(mctx, md, &md_len)) + if (!evp_test_buffer_do(expected->input, digest_update_fn, mctx)) { + t->err = "DIGESTUPDATE_ERROR"; goto err; - err = "DIGEST_LENGTH_MISMATCH"; - if (md_len != mdata->output_len) + } + + if (EVP_MD_flags(expected->digest) & EVP_MD_FLAG_XOF) { + got_len = expected->output_len; + if (!EVP_DigestFinalXOF(mctx, got, got_len)) { + t->err = "DIGESTFINALXOF_ERROR"; + goto err; + } + } else { + if (!EVP_DigestFinal(mctx, got, &got_len)) { + t->err = "DIGESTFINAL_ERROR"; + goto err; + } + } + if (!TEST_int_eq(expected->output_len, got_len)) { + t->err = "DIGEST_LENGTH_MISMATCH"; goto err; - err = "DIGEST_MISMATCH"; - if (check_output(t, mdata->output, md, md_len)) + } + if (!memory_err_compare(t, "DIGEST_MISMATCH", + expected->output, expected->output_len, + got, got_len)) goto err; - err = NULL; + + t->err = NULL; + err: + OPENSSL_free(got); EVP_MD_CTX_free(mctx); - t->err = err; return 1; } -static const struct evp_test_method digest_test_method = { +static const EVP_TEST_METHOD digest_test_method = { "Digest", digest_test_init, digest_test_cleanup, @@ -806,8 +439,12 @@ static const struct evp_test_method digest_test_method = { digest_test_run }; -/* Cipher tests */ -struct cipher_data { + +/** +*** CIPHER TESTS +**/ + +typedef struct cipher_data_st { const EVP_CIPHER *cipher; int enc; /* EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE or EVP_CIPH_OCB_MODE if AEAD */ @@ -820,19 +457,20 @@ struct cipher_data { size_t plaintext_len; unsigned char *ciphertext; size_t ciphertext_len; - /* GCM, CCM only */ + /* GCM, CCM and OCB only */ unsigned char *aad; size_t aad_len; unsigned char *tag; size_t tag_len; -}; +} CIPHER_DATA; -static int cipher_test_init(struct evp_test *t, const char *alg) +static int cipher_test_init(EVP_TEST *t, const char *alg) { const EVP_CIPHER *cipher; - struct cipher_data *cdat = t->data; - cipher = EVP_get_cipherbyname(alg); - if (!cipher) { + CIPHER_DATA *cdat; + int m; + + if ((cipher = EVP_get_cipherbyname(alg)) == NULL) { /* If alg has an OID assume disabled algorithm */ if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { t->skip = 1; @@ -840,56 +478,53 @@ static int cipher_test_init(struct evp_test *t, const char *alg) } return 0; } - cdat = OPENSSL_malloc(sizeof(*cdat)); + cdat = OPENSSL_zalloc(sizeof(*cdat)); cdat->cipher = cipher; cdat->enc = -1; - cdat->key = NULL; - cdat->iv = NULL; - cdat->ciphertext = NULL; - cdat->plaintext = NULL; - cdat->aad = NULL; - cdat->tag = NULL; - t->data = cdat; - if (EVP_CIPHER_mode(cipher) == EVP_CIPH_GCM_MODE - || EVP_CIPHER_mode(cipher) == EVP_CIPH_OCB_MODE - || EVP_CIPHER_mode(cipher) == EVP_CIPH_CCM_MODE) - cdat->aead = EVP_CIPHER_mode(cipher); + m = EVP_CIPHER_mode(cipher); + if (m == EVP_CIPH_GCM_MODE + || m == EVP_CIPH_OCB_MODE + || m == EVP_CIPH_CCM_MODE) + cdat->aead = m; else if (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) cdat->aead = -1; else cdat->aead = 0; + t->data = cdat; return 1; } -static void cipher_test_cleanup(struct evp_test *t) +static void cipher_test_cleanup(EVP_TEST *t) { - struct cipher_data *cdat = t->data; - test_free(cdat->key); - test_free(cdat->iv); - test_free(cdat->ciphertext); - test_free(cdat->plaintext); - test_free(cdat->aad); - test_free(cdat->tag); + CIPHER_DATA *cdat = t->data; + + OPENSSL_free(cdat->key); + OPENSSL_free(cdat->iv); + OPENSSL_free(cdat->ciphertext); + OPENSSL_free(cdat->plaintext); + OPENSSL_free(cdat->aad); + OPENSSL_free(cdat->tag); } -static int cipher_test_parse(struct evp_test *t, const char *keyword, +static int cipher_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct cipher_data *cdat = t->data; + CIPHER_DATA *cdat = t->data; + if (strcmp(keyword, "Key") == 0) - return test_bin(value, &cdat->key, &cdat->key_len); + return parse_bin(value, &cdat->key, &cdat->key_len); if (strcmp(keyword, "IV") == 0) - return test_bin(value, &cdat->iv, &cdat->iv_len); + return parse_bin(value, &cdat->iv, &cdat->iv_len); if (strcmp(keyword, "Plaintext") == 0) - return test_bin(value, &cdat->plaintext, &cdat->plaintext_len); + return parse_bin(value, &cdat->plaintext, &cdat->plaintext_len); if (strcmp(keyword, "Ciphertext") == 0) - return test_bin(value, &cdat->ciphertext, &cdat->ciphertext_len); + return parse_bin(value, &cdat->ciphertext, &cdat->ciphertext_len); if (cdat->aead) { if (strcmp(keyword, "AAD") == 0) - return test_bin(value, &cdat->aad, &cdat->aad_len); + return parse_bin(value, &cdat->aad, &cdat->aad_len); if (strcmp(keyword, "Tag") == 0) - return test_bin(value, &cdat->tag, &cdat->tag_len); + return parse_bin(value, &cdat->tag, &cdat->tag_len); } if (strcmp(keyword, "Operation") == 0) { @@ -904,30 +539,29 @@ static int cipher_test_parse(struct evp_test *t, const char *keyword, return 0; } -static int cipher_test_enc(struct evp_test *t, int enc, +static int cipher_test_enc(EVP_TEST *t, int enc, size_t out_misalign, size_t inp_misalign, int frag) { - struct cipher_data *cdat = t->data; - unsigned char *in, *out, *tmp = NULL; + CIPHER_DATA *expected = t->data; + unsigned char *in, *expected_out, *tmp = NULL; size_t in_len, out_len, donelen = 0; - int tmplen, chunklen, tmpflen; + int ok = 0, tmplen, chunklen, tmpflen; EVP_CIPHER_CTX *ctx = NULL; - const char *err; - err = "INTERNAL_ERROR"; - ctx = EVP_CIPHER_CTX_new(); - if (!ctx) + + t->err = "TEST_FAILURE"; + if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new())) goto err; EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); if (enc) { - in = cdat->plaintext; - in_len = cdat->plaintext_len; - out = cdat->ciphertext; - out_len = cdat->ciphertext_len; + in = expected->plaintext; + in_len = expected->plaintext_len; + expected_out = expected->ciphertext; + out_len = expected->ciphertext_len; } else { - in = cdat->ciphertext; - in_len = cdat->ciphertext_len; - out = cdat->plaintext; - out_len = cdat->plaintext_len; + in = expected->ciphertext; + in_len = expected->ciphertext_len; + expected_out = expected->plaintext; + out_len = expected->plaintext_len; } if (inp_misalign == (size_t)-1) { /* @@ -954,88 +588,95 @@ static int cipher_test_enc(struct evp_test *t, int enc, in = memcpy(tmp + out_misalign + in_len + 2 * EVP_MAX_BLOCK_LENGTH + inp_misalign, in, in_len); } - err = "CIPHERINIT_ERROR"; - if (!EVP_CipherInit_ex(ctx, cdat->cipher, NULL, NULL, NULL, enc)) + if (!EVP_CipherInit_ex(ctx, expected->cipher, NULL, NULL, NULL, enc)) { + t->err = "CIPHERINIT_ERROR"; goto err; - err = "INVALID_IV_LENGTH"; - if (cdat->iv) { - if (cdat->aead) { + } + if (expected->iv) { + if (expected->aead) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, - cdat->iv_len, 0)) + expected->iv_len, 0)) { + t->err = "INVALID_IV_LENGTH"; goto err; - } else if (cdat->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) + } + } else if (expected->iv_len != (size_t)EVP_CIPHER_CTX_iv_length(ctx)) { + t->err = "INVALID_IV_LENGTH"; goto err; + } } - if (cdat->aead) { + if (expected->aead) { unsigned char *tag; /* * If encrypting or OCB just set tag length initially, otherwise * set tag length and value. */ - if (enc || cdat->aead == EVP_CIPH_OCB_MODE) { - err = "TAG_LENGTH_SET_ERROR"; + if (enc || expected->aead == EVP_CIPH_OCB_MODE) { + t->err = "TAG_LENGTH_SET_ERROR"; tag = NULL; } else { - err = "TAG_SET_ERROR"; - tag = cdat->tag; + t->err = "TAG_SET_ERROR"; + tag = expected->tag; } - if (tag || cdat->aead != EVP_CIPH_GCM_MODE) { + if (tag || expected->aead != EVP_CIPH_GCM_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - cdat->tag_len, tag)) + expected->tag_len, tag)) goto err; } } - err = "INVALID_KEY_LENGTH"; - if (!EVP_CIPHER_CTX_set_key_length(ctx, cdat->key_len)) + if (!EVP_CIPHER_CTX_set_key_length(ctx, expected->key_len)) { + t->err = "INVALID_KEY_LENGTH"; goto err; - err = "KEY_SET_ERROR"; - if (!EVP_CipherInit_ex(ctx, NULL, NULL, cdat->key, cdat->iv, -1)) + } + if (!EVP_CipherInit_ex(ctx, NULL, NULL, expected->key, expected->iv, -1)) { + t->err = "KEY_SET_ERROR"; goto err; + } - if (!enc && cdat->aead == EVP_CIPH_OCB_MODE) { + if (!enc && expected->aead == EVP_CIPH_OCB_MODE) { if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, - cdat->tag_len, cdat->tag)) { - err = "TAG_SET_ERROR"; + expected->tag_len, expected->tag)) { + t->err = "TAG_SET_ERROR"; goto err; } } - if (cdat->aead == EVP_CIPH_CCM_MODE) { + if (expected->aead == EVP_CIPH_CCM_MODE) { if (!EVP_CipherUpdate(ctx, NULL, &tmplen, NULL, out_len)) { - err = "CCM_PLAINTEXT_LENGTH_SET_ERROR"; + t->err = "CCM_PLAINTEXT_LENGTH_SET_ERROR"; goto err; } } - if (cdat->aad) { - err = "AAD_SET_ERROR"; + if (expected->aad) { + t->err = "AAD_SET_ERROR"; if (!frag) { - if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, - cdat->aad_len)) + if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad, + expected->aad_len)) goto err; } else { /* * Supply the AAD in chunks less than the block size where possible */ - if (cdat->aad_len > 0) { - if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad, 1)) + if (expected->aad_len > 0) { + if (!EVP_CipherUpdate(ctx, NULL, &chunklen, expected->aad, 1)) goto err; donelen++; } - if (cdat->aad_len > 2) { - if (!EVP_CipherUpdate(ctx, NULL, &chunklen, cdat->aad + donelen, - cdat->aad_len - 2)) + if (expected->aad_len > 2) { + if (!EVP_CipherUpdate(ctx, NULL, &chunklen, + expected->aad + donelen, + expected->aad_len - 2)) goto err; - donelen += cdat->aad_len - 2; + donelen += expected->aad_len - 2; } - if (cdat->aad_len > 1 + if (expected->aad_len > 1 && !EVP_CipherUpdate(ctx, NULL, &chunklen, - cdat->aad + donelen, 1)) + expected->aad + donelen, 1)) goto err; } } EVP_CIPHER_CTX_set_padding(ctx, 0); - err = "CIPHERUPDATE_ERROR"; + t->err = "CIPHERUPDATE_ERROR"; tmplen = 0; if (!frag) { /* We supply the data all in one go */ @@ -1065,46 +706,41 @@ static int cipher_test_enc(struct evp_test *t, int enc, tmplen += chunklen; } } - if (cdat->aead == EVP_CIPH_CCM_MODE) - tmpflen = 0; - else { - err = "CIPHERFINAL_ERROR"; - if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) - goto err; - } - err = "LENGTH_MISMATCH"; - if (out_len != (size_t)(tmplen + tmpflen)) + if (!EVP_CipherFinal_ex(ctx, tmp + out_misalign + tmplen, &tmpflen)) { + t->err = "CIPHERFINAL_ERROR"; goto err; - err = "VALUE_MISMATCH"; - if (check_output(t, out, tmp + out_misalign, out_len)) + } + if (!memory_err_compare(t, "VALUE_MISMATCH", expected_out, out_len, + tmp + out_misalign, tmplen + tmpflen)) goto err; - if (enc && cdat->aead) { + if (enc && expected->aead) { unsigned char rtag[16]; - if (cdat->tag_len > sizeof(rtag)) { - err = "TAG_LENGTH_INTERNAL_ERROR"; + + if (!TEST_size_t_le(expected->tag_len, sizeof(rtag))) { + t->err = "TAG_LENGTH_INTERNAL_ERROR"; goto err; } if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, - cdat->tag_len, rtag)) { - err = "TAG_RETRIEVE_ERROR"; + expected->tag_len, rtag)) { + t->err = "TAG_RETRIEVE_ERROR"; goto err; } - if (check_output(t, cdat->tag, rtag, cdat->tag_len)) { - err = "TAG_VALUE_MISMATCH"; + if (!memory_err_compare(t, "TAG_VALUE_MISMATCH", + expected->tag, expected->tag_len, + rtag, expected->tag_len)) goto err; - } } - err = NULL; + t->err = NULL; + ok = 1; err: OPENSSL_free(tmp); EVP_CIPHER_CTX_free(ctx); - t->err = err; - return err ? 0 : 1; + return ok; } -static int cipher_test_run(struct evp_test *t) +static int cipher_test_run(EVP_TEST *t) { - struct cipher_data *cdat = t->data; + CIPHER_DATA *cdat = t->data; int rv, frag = 0; size_t out_misalign, inp_misalign; @@ -1167,7 +803,7 @@ static int cipher_test_run(struct evp_test *t) */ if (cdat->aead == EVP_CIPH_CCM_MODE || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_XTS_MODE - || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE) + || EVP_CIPHER_mode(cdat->cipher) == EVP_CIPH_WRAP_MODE) break; out_misalign = 0; frag++; @@ -1180,7 +816,7 @@ static int cipher_test_run(struct evp_test *t) return 1; } -static const struct evp_test_method cipher_test_method = { +static const EVP_TEST_METHOD cipher_test_method = { "Cipher", cipher_test_init, cipher_test_cleanup, @@ -1188,7 +824,12 @@ static const struct evp_test_method cipher_test_method = { cipher_test_run }; -struct mac_data { + +/** +*** MAC TESTS +**/ + +typedef struct mac_data_st { /* MAC type */ int type; /* Algorithm string for this MAC */ @@ -1202,12 +843,15 @@ struct mac_data { /* Expected output */ unsigned char *output; size_t output_len; -}; + /* Collection of controls */ + STACK_OF(OPENSSL_STRING) *controls; +} MAC_DATA; -static int mac_test_init(struct evp_test *t, const char *alg) +static int mac_test_init(EVP_TEST *t, const char *alg) { int type; - struct mac_data *mdat; + MAC_DATA *mdat; + if (strcmp(alg, "HMAC") == 0) { type = EVP_PKEY_HMAC; } else if (strcmp(alg, "CMAC") == 0) { @@ -1217,34 +861,54 @@ static int mac_test_init(struct evp_test *t, const char *alg) t->skip = 1; return 1; #endif + } else if (strcmp(alg, "Poly1305") == 0) { +#ifndef OPENSSL_NO_POLY1305 + type = EVP_PKEY_POLY1305; +#else + t->skip = 1; + return 1; +#endif + } else if (strcmp(alg, "SipHash") == 0) { +#ifndef OPENSSL_NO_SIPHASH + type = EVP_PKEY_SIPHASH; +#else + t->skip = 1; + return 1; +#endif } else return 0; - mdat = OPENSSL_malloc(sizeof(*mdat)); + mdat = OPENSSL_zalloc(sizeof(*mdat)); mdat->type = type; - mdat->alg = NULL; - mdat->key = NULL; - mdat->input = NULL; - mdat->output = NULL; + mdat->controls = sk_OPENSSL_STRING_new_null(); t->data = mdat; return 1; } -static void mac_test_cleanup(struct evp_test *t) +/* Because OPENSSL_free is a macro, it can't be passed as a function pointer */ +static void openssl_free(char *m) { - struct mac_data *mdat = t->data; - test_free(mdat->alg); - test_free(mdat->key); - test_free(mdat->input); - test_free(mdat->output); + OPENSSL_free(m); } -static int mac_test_parse(struct evp_test *t, +static void mac_test_cleanup(EVP_TEST *t) +{ + MAC_DATA *mdat = t->data; + + sk_OPENSSL_STRING_pop_free(mdat->controls, openssl_free); + OPENSSL_free(mdat->alg); + OPENSSL_free(mdat->key); + OPENSSL_free(mdat->input); + OPENSSL_free(mdat->output); +} + +static int mac_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct mac_data *mdata = t->data; + MAC_DATA *mdata = t->data; + if (strcmp(keyword, "Key") == 0) - return test_bin(value, &mdata->key, &mdata->key_len); + return parse_bin(value, &mdata->key, &mdata->key_len); if (strcmp(keyword, "Algorithm") == 0) { mdata->alg = OPENSSL_strdup(value); if (!mdata->alg) @@ -1252,95 +916,117 @@ static int mac_test_parse(struct evp_test *t, return 1; } if (strcmp(keyword, "Input") == 0) - return test_bin(value, &mdata->input, &mdata->input_len); + return parse_bin(value, &mdata->input, &mdata->input_len); if (strcmp(keyword, "Output") == 0) - return test_bin(value, &mdata->output, &mdata->output_len); + return parse_bin(value, &mdata->output, &mdata->output_len); + if (strcmp(keyword, "Ctrl") == 0) + return sk_OPENSSL_STRING_push(mdata->controls, + OPENSSL_strdup(value)) != 0; return 0; } -static int mac_test_run(struct evp_test *t) +static int mac_test_ctrl_pkey(EVP_TEST *t, EVP_PKEY_CTX *pctx, + const char *value) { - struct mac_data *mdata = t->data; - const char *err = "INTERNAL_ERROR"; + int rv; + char *p, *tmpval; + + if (!TEST_ptr(tmpval = OPENSSL_strdup(value))) + return 0; + p = strchr(tmpval, ':'); + if (p != NULL) + *p++ = '\0'; + rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p); + if (rv == -2) + t->err = "PKEY_CTRL_INVALID"; + else if (rv <= 0) + t->err = "PKEY_CTRL_ERROR"; + else + rv = 1; + OPENSSL_free(tmpval); + return rv > 0; +} + +static int mac_test_run(EVP_TEST *t) +{ + MAC_DATA *expected = t->data; EVP_MD_CTX *mctx = NULL; EVP_PKEY_CTX *pctx = NULL, *genctx = NULL; EVP_PKEY *key = NULL; const EVP_MD *md = NULL; - unsigned char *mac = NULL; - size_t mac_len; + unsigned char *got = NULL; + size_t got_len; + int i; #ifdef OPENSSL_NO_DES - if (mdata->alg != NULL && strstr(mdata->alg, "DES") != NULL) { + if (expected->alg != NULL && strstr(expected->alg, "DES") != NULL) { /* Skip DES */ - err = NULL; + t->err = NULL; goto err; } #endif - err = "MAC_PKEY_CTX_ERROR"; - genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL); - if (!genctx) - goto err; - - err = "MAC_KEYGEN_INIT_ERROR"; - if (EVP_PKEY_keygen_init(genctx) <= 0) + if (expected->type == EVP_PKEY_CMAC) + key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len, + EVP_get_cipherbyname(expected->alg)); + else + key = EVP_PKEY_new_raw_private_key(expected->type, NULL, expected->key, + expected->key_len); + if (key == NULL) { + t->err = "MAC_KEY_CREATE_ERROR"; goto err; - if (mdata->type == EVP_PKEY_CMAC) { - err = "MAC_ALGORITHM_SET_ERROR"; - if (EVP_PKEY_CTX_ctrl_str(genctx, "cipher", mdata->alg) <= 0) - goto err; } - err = "MAC_KEY_SET_ERROR"; - if (EVP_PKEY_CTX_set_mac_key(genctx, mdata->key, mdata->key_len) <= 0) - goto err; - - err = "MAC_KEY_GENERATE_ERROR"; - if (EVP_PKEY_keygen(genctx, &key) <= 0) - goto err; - if (mdata->type == EVP_PKEY_HMAC) { - err = "MAC_ALGORITHM_SET_ERROR"; - md = EVP_get_digestbyname(mdata->alg); - if (!md) + if (expected->type == EVP_PKEY_HMAC) { + if (!TEST_ptr(md = EVP_get_digestbyname(expected->alg))) { + t->err = "MAC_ALGORITHM_SET_ERROR"; goto err; + } } - mctx = EVP_MD_CTX_new(); - if (!mctx) + if (!TEST_ptr(mctx = EVP_MD_CTX_new())) { + t->err = "INTERNAL_ERROR"; goto err; - err = "DIGESTSIGNINIT_ERROR"; - if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) - goto err; - - err = "DIGESTSIGNUPDATE_ERROR"; - if (!EVP_DigestSignUpdate(mctx, mdata->input, mdata->input_len)) + } + if (!EVP_DigestSignInit(mctx, &pctx, md, NULL, key)) { + t->err = "DIGESTSIGNINIT_ERROR"; goto err; - err = "DIGESTSIGNFINAL_LENGTH_ERROR"; - if (!EVP_DigestSignFinal(mctx, NULL, &mac_len)) + } + for (i = 0; i < sk_OPENSSL_STRING_num(expected->controls); i++) + if (!mac_test_ctrl_pkey(t, pctx, + sk_OPENSSL_STRING_value(expected->controls, + i))) { + t->err = "EVPPKEYCTXCTRL_ERROR"; + goto err; + } + if (!EVP_DigestSignUpdate(mctx, expected->input, expected->input_len)) { + t->err = "DIGESTSIGNUPDATE_ERROR"; goto err; - mac = OPENSSL_malloc(mac_len); - if (!mac) { - fprintf(stderr, "Error allocating mac buffer!\n"); - exit(1); } - if (!EVP_DigestSignFinal(mctx, mac, &mac_len)) + if (!EVP_DigestSignFinal(mctx, NULL, &got_len)) { + t->err = "DIGESTSIGNFINAL_LENGTH_ERROR"; goto err; - err = "MAC_LENGTH_MISMATCH"; - if (mac_len != mdata->output_len) + } + if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { + t->err = "TEST_FAILURE"; goto err; - err = "MAC_MISMATCH"; - if (check_output(t, mdata->output, mac, mac_len)) + } + if (!EVP_DigestSignFinal(mctx, got, &got_len) + || !memory_err_compare(t, "TEST_MAC_ERR", + expected->output, expected->output_len, + got, got_len)) { + t->err = "TEST_MAC_ERR"; goto err; - err = NULL; + } + t->err = NULL; err: EVP_MD_CTX_free(mctx); - OPENSSL_free(mac); + OPENSSL_free(got); EVP_PKEY_CTX_free(genctx); EVP_PKEY_free(key); - t->err = err; return 1; } -static const struct evp_test_method mac_test_method = { +static const EVP_TEST_METHOD mac_test_method = { "MAC", mac_test_init, mac_test_cleanup, @@ -1348,12 +1034,13 @@ static const struct evp_test_method mac_test_method = { mac_test_run }; -/* - * Public key operations. These are all very similar and can share - * a lot of common code. - */ -struct pkey_data { +/** +*** PUBLIC KEY TESTS +*** These are all very similar and share much common code. +**/ + +typedef struct pkey_data_st { /* Context for this operation */ EVP_PKEY_CTX *ctx; /* Key operation to perform */ @@ -1366,72 +1053,69 @@ struct pkey_data { /* Expected output */ unsigned char *output; size_t output_len; -}; +} PKEY_DATA; /* * Perform public key operation setup: lookup key, allocated ctx and call * the appropriate initialisation function */ -static int pkey_test_init(struct evp_test *t, const char *name, +static int pkey_test_init(EVP_TEST *t, const char *name, int use_public, int (*keyopinit) (EVP_PKEY_CTX *ctx), - int (*keyop) (EVP_PKEY_CTX *ctx, - unsigned char *sig, size_t *siglen, - const unsigned char *tbs, - size_t tbslen) - ) + int (*keyop)(EVP_PKEY_CTX *ctx, + unsigned char *sig, size_t *siglen, + const unsigned char *tbs, + size_t tbslen)) { - struct pkey_data *kdata; + PKEY_DATA *kdata; EVP_PKEY *pkey = NULL; int rv = 0; + if (use_public) - rv = find_key(&pkey, name, t->public); - if (!rv) - rv = find_key(&pkey, name, t->private); - if (!rv || pkey == NULL) { + rv = find_key(&pkey, name, public_keys); + if (rv == 0) + rv = find_key(&pkey, name, private_keys); + if (rv == 0 || pkey == NULL) { t->skip = 1; return 1; } - kdata = OPENSSL_malloc(sizeof(*kdata)); - if (!kdata) { + if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) { EVP_PKEY_free(pkey); return 0; } - kdata->ctx = NULL; - kdata->input = NULL; - kdata->output = NULL; kdata->keyop = keyop; - t->data = kdata; - kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL); - if (!kdata->ctx) + if (!TEST_ptr(kdata->ctx = EVP_PKEY_CTX_new(pkey, NULL))) { + EVP_PKEY_free(pkey); + OPENSSL_free(kdata); return 0; + } if (keyopinit(kdata->ctx) <= 0) t->err = "KEYOP_INIT_ERROR"; + t->data = kdata; return 1; } -static void pkey_test_cleanup(struct evp_test *t) +static void pkey_test_cleanup(EVP_TEST *t) { - struct pkey_data *kdata = t->data; + PKEY_DATA *kdata = t->data; OPENSSL_free(kdata->input); OPENSSL_free(kdata->output); EVP_PKEY_CTX_free(kdata->ctx); } -static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx, +static int pkey_test_ctrl(EVP_TEST *t, EVP_PKEY_CTX *pctx, const char *value) { int rv; char *p, *tmpval; - tmpval = OPENSSL_strdup(value); - if (tmpval == NULL) + if (!TEST_ptr(tmpval = OPENSSL_strdup(value))) return 0; p = strchr(tmpval, ':'); if (p != NULL) - *p++ = 0; + *p++ = '\0'; rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p); if (rv == -2) { t->err = "PKEY_CTRL_INVALID"; @@ -1439,10 +1123,12 @@ static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx, } else if (p != NULL && rv <= 0) { /* If p has an OID and lookup fails assume disabled algorithm */ int nid = OBJ_sn2nid(p); + if (nid == NID_undef) nid = OBJ_ln2nid(p); - if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL && - EVP_get_cipherbynid(nid) == NULL) { + if (nid != NID_undef + && EVP_get_digestbynid(nid) == NULL + && EVP_get_cipherbynid(nid) == NULL) { t->skip = 1; rv = 1; } else { @@ -1454,56 +1140,53 @@ static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx, return rv > 0; } -static int pkey_test_parse(struct evp_test *t, +static int pkey_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct pkey_data *kdata = t->data; + PKEY_DATA *kdata = t->data; if (strcmp(keyword, "Input") == 0) - return test_bin(value, &kdata->input, &kdata->input_len); + return parse_bin(value, &kdata->input, &kdata->input_len); if (strcmp(keyword, "Output") == 0) - return test_bin(value, &kdata->output, &kdata->output_len); + return parse_bin(value, &kdata->output, &kdata->output_len); if (strcmp(keyword, "Ctrl") == 0) return pkey_test_ctrl(t, kdata->ctx, value); return 0; } -static int pkey_test_run(struct evp_test *t) +static int pkey_test_run(EVP_TEST *t) { - struct pkey_data *kdata = t->data; - unsigned char *out = NULL; - size_t out_len; - const char *err = "KEYOP_LENGTH_ERROR"; - if (kdata->keyop(kdata->ctx, NULL, &out_len, kdata->input, - kdata->input_len) <= 0) - goto err; - out = OPENSSL_malloc(out_len); - if (!out) { - fprintf(stderr, "Error allocating output buffer!\n"); - exit(1); - } - err = "KEYOP_ERROR"; - if (kdata->keyop - (kdata->ctx, out, &out_len, kdata->input, kdata->input_len) <= 0) + PKEY_DATA *expected = t->data; + unsigned char *got = NULL; + size_t got_len; + + if (expected->keyop(expected->ctx, NULL, &got_len, + expected->input, expected->input_len) <= 0 + || !TEST_ptr(got = OPENSSL_malloc(got_len))) { + t->err = "KEYOP_LENGTH_ERROR"; goto err; - err = "KEYOP_LENGTH_MISMATCH"; - if (out_len != kdata->output_len) + } + if (expected->keyop(expected->ctx, got, &got_len, + expected->input, expected->input_len) <= 0) { + t->err = "KEYOP_ERROR"; goto err; - err = "KEYOP_MISMATCH"; - if (check_output(t, kdata->output, out, out_len)) + } + if (!memory_err_compare(t, "KEYOP_MISMATCH", + expected->output, expected->output_len, + got, got_len)) goto err; - err = NULL; + + t->err = NULL; err: - OPENSSL_free(out); - t->err = err; + OPENSSL_free(got); return 1; } -static int sign_test_init(struct evp_test *t, const char *name) +static int sign_test_init(EVP_TEST *t, const char *name) { return pkey_test_init(t, name, 0, EVP_PKEY_sign_init, EVP_PKEY_sign); } -static const struct evp_test_method psign_test_method = { +static const EVP_TEST_METHOD psign_test_method = { "Sign", sign_test_init, pkey_test_cleanup, @@ -1511,13 +1194,13 @@ static const struct evp_test_method psign_test_method = { pkey_test_run }; -static int verify_recover_test_init(struct evp_test *t, const char *name) +static int verify_recover_test_init(EVP_TEST *t, const char *name) { return pkey_test_init(t, name, 1, EVP_PKEY_verify_recover_init, EVP_PKEY_verify_recover); } -static const struct evp_test_method pverify_recover_test_method = { +static const EVP_TEST_METHOD pverify_recover_test_method = { "VerifyRecover", verify_recover_test_init, pkey_test_cleanup, @@ -1525,13 +1208,13 @@ static const struct evp_test_method pverify_recover_test_method = { pkey_test_run }; -static int decrypt_test_init(struct evp_test *t, const char *name) +static int decrypt_test_init(EVP_TEST *t, const char *name) { return pkey_test_init(t, name, 0, EVP_PKEY_decrypt_init, EVP_PKEY_decrypt); } -static const struct evp_test_method pdecrypt_test_method = { +static const EVP_TEST_METHOD pdecrypt_test_method = { "Decrypt", decrypt_test_init, pkey_test_cleanup, @@ -1539,21 +1222,22 @@ static const struct evp_test_method pdecrypt_test_method = { pkey_test_run }; -static int verify_test_init(struct evp_test *t, const char *name) +static int verify_test_init(EVP_TEST *t, const char *name) { return pkey_test_init(t, name, 1, EVP_PKEY_verify_init, 0); } -static int verify_test_run(struct evp_test *t) +static int verify_test_run(EVP_TEST *t) { - struct pkey_data *kdata = t->data; + PKEY_DATA *kdata = t->data; + if (EVP_PKEY_verify(kdata->ctx, kdata->output, kdata->output_len, kdata->input, kdata->input_len) <= 0) t->err = "VERIFY_ERROR"; return 1; } -static const struct evp_test_method pverify_test_method = { +static const EVP_TEST_METHOD pverify_test_method = { "Verify", verify_test_init, pkey_test_cleanup, @@ -1562,61 +1246,61 @@ static const struct evp_test_method pverify_test_method = { }; -static int pderive_test_init(struct evp_test *t, const char *name) +static int pderive_test_init(EVP_TEST *t, const char *name) { return pkey_test_init(t, name, 0, EVP_PKEY_derive_init, 0); } -static int pderive_test_parse(struct evp_test *t, +static int pderive_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct pkey_data *kdata = t->data; + PKEY_DATA *kdata = t->data; if (strcmp(keyword, "PeerKey") == 0) { EVP_PKEY *peer; - if (find_key(&peer, value, t->public) == 0) + if (find_key(&peer, value, public_keys) == 0) return 0; if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0) return 0; return 1; } if (strcmp(keyword, "SharedSecret") == 0) - return test_bin(value, &kdata->output, &kdata->output_len); + return parse_bin(value, &kdata->output, &kdata->output_len); if (strcmp(keyword, "Ctrl") == 0) return pkey_test_ctrl(t, kdata->ctx, value); return 0; } -static int pderive_test_run(struct evp_test *t) +static int pderive_test_run(EVP_TEST *t) { - struct pkey_data *kdata = t->data; - unsigned char *out = NULL; - size_t out_len; - const char *err = "DERIVE_ERROR"; + PKEY_DATA *expected = t->data; + unsigned char *got = NULL; + size_t got_len; - if (EVP_PKEY_derive(kdata->ctx, NULL, &out_len) <= 0) + if (EVP_PKEY_derive(expected->ctx, NULL, &got_len) <= 0) { + t->err = "DERIVE_ERROR"; goto err; - out = OPENSSL_malloc(out_len); - if (!out) { - fprintf(stderr, "Error allocating output buffer!\n"); - exit(1); } - if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0) + if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { + t->err = "DERIVE_ERROR"; goto err; - err = "SHARED_SECRET_LENGTH_MISMATCH"; - if (kdata->output == NULL || out_len != kdata->output_len) + } + if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { + t->err = "DERIVE_ERROR"; goto err; - err = "SHARED_SECRET_MISMATCH"; - if (check_output(t, kdata->output, out, out_len)) + } + if (!memory_err_compare(t, "SHARED_SECRET_MISMATCH", + expected->output, expected->output_len, + got, got_len)) goto err; - err = NULL; + + t->err = NULL; err: - OPENSSL_free(out); - t->err = err; + OPENSSL_free(got); return 1; } -static const struct evp_test_method pderive_test_method = { +static const EVP_TEST_METHOD pderive_test_method = { "Derive", pderive_test_init, pkey_test_cleanup, @@ -1624,92 +1308,117 @@ static const struct evp_test_method pderive_test_method = { pderive_test_run }; -/* PBE tests */ -#define PBE_TYPE_SCRYPT 1 -#define PBE_TYPE_PBKDF2 2 -#define PBE_TYPE_PKCS12 3 +/** +*** PBE TESTS +**/ -struct pbe_data { +typedef enum pbe_type_enum { + PBE_TYPE_INVALID = 0, + PBE_TYPE_SCRYPT, PBE_TYPE_PBKDF2, PBE_TYPE_PKCS12 +} PBE_TYPE; - int pbe_type; - - /* scrypt parameters */ +typedef struct pbe_data_st { + PBE_TYPE pbe_type; + /* scrypt parameters */ uint64_t N, r, p, maxmem; - - /* PKCS#12 parameters */ + /* PKCS#12 parameters */ int id, iter; const EVP_MD *md; - - /* password */ + /* password */ unsigned char *pass; size_t pass_len; - - /* salt */ + /* salt */ unsigned char *salt; size_t salt_len; - - /* Expected output */ + /* Expected output */ unsigned char *key; size_t key_len; -}; +} PBE_DATA; #ifndef OPENSSL_NO_SCRYPT -static int scrypt_test_parse(struct evp_test *t, +/* + * Parse unsigned decimal 64 bit integer value + */ +static int parse_uint64(const char *value, uint64_t *pr) +{ + const char *p = value; + + if (!TEST_true(*p)) { + TEST_info("Invalid empty integer value"); + return -1; + } + for (*pr = 0; *p; ) { + if (*pr > UINT64_MAX / 10) { + TEST_error("Integer overflow in string %s", value); + return -1; + } + *pr *= 10; + if (!TEST_true(isdigit((unsigned char)*p))) { + TEST_error("Invalid character in string %s", value); + return -1; + } + *pr += *p - '0'; + p++; + } + return 1; +} + +static int scrypt_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct pbe_data *pdata = t->data; + PBE_DATA *pdata = t->data; if (strcmp(keyword, "N") == 0) - return test_uint64(value, &pdata->N); + return parse_uint64(value, &pdata->N); if (strcmp(keyword, "p") == 0) - return test_uint64(value, &pdata->p); + return parse_uint64(value, &pdata->p); if (strcmp(keyword, "r") == 0) - return test_uint64(value, &pdata->r); + return parse_uint64(value, &pdata->r); if (strcmp(keyword, "maxmem") == 0) - return test_uint64(value, &pdata->maxmem); + return parse_uint64(value, &pdata->maxmem); return 0; } #endif -static int pbkdf2_test_parse(struct evp_test *t, +static int pbkdf2_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct pbe_data *pdata = t->data; + PBE_DATA *pdata = t->data; if (strcmp(keyword, "iter") == 0) { pdata->iter = atoi(value); if (pdata->iter <= 0) - return 0; + return -1; return 1; } if (strcmp(keyword, "MD") == 0) { pdata->md = EVP_get_digestbyname(value); if (pdata->md == NULL) - return 0; + return -1; return 1; } return 0; } -static int pkcs12_test_parse(struct evp_test *t, +static int pkcs12_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct pbe_data *pdata = t->data; + PBE_DATA *pdata = t->data; if (strcmp(keyword, "id") == 0) { pdata->id = atoi(value); if (pdata->id <= 0) - return 0; + return -1; return 1; } return pbkdf2_test_parse(t, keyword, value); } -static int pbe_test_init(struct evp_test *t, const char *alg) +static int pbe_test_init(EVP_TEST *t, const char *alg) { - struct pbe_data *pdat; - int pbe_type = 0; + PBE_DATA *pdat; + PBE_TYPE pbe_type = PBE_TYPE_INVALID; if (strcmp(alg, "scrypt") == 0) { #ifndef OPENSSL_NO_SCRYPT @@ -1723,42 +1432,34 @@ static int pbe_test_init(struct evp_test *t, const char *alg) } else if (strcmp(alg, "pkcs12") == 0) { pbe_type = PBE_TYPE_PKCS12; } else { - fprintf(stderr, "Unknown pbe algorithm %s\n", alg); + TEST_error("Unknown pbe algorithm %s", alg); } - pdat = OPENSSL_malloc(sizeof(*pdat)); + pdat = OPENSSL_zalloc(sizeof(*pdat)); pdat->pbe_type = pbe_type; - pdat->pass = NULL; - pdat->salt = NULL; - pdat->N = 0; - pdat->r = 0; - pdat->p = 0; - pdat->maxmem = 0; - pdat->id = 0; - pdat->iter = 0; - pdat->md = NULL; t->data = pdat; return 1; } -static void pbe_test_cleanup(struct evp_test *t) +static void pbe_test_cleanup(EVP_TEST *t) { - struct pbe_data *pdat = t->data; - test_free(pdat->pass); - test_free(pdat->salt); - test_free(pdat->key); + PBE_DATA *pdat = t->data; + + OPENSSL_free(pdat->pass); + OPENSSL_free(pdat->salt); + OPENSSL_free(pdat->key); } -static int pbe_test_parse(struct evp_test *t, - const char *keyword, const char *value) +static int pbe_test_parse(EVP_TEST *t, + const char *keyword, const char *value) { - struct pbe_data *pdata = t->data; + PBE_DATA *pdata = t->data; if (strcmp(keyword, "Password") == 0) - return test_bin(value, &pdata->pass, &pdata->pass_len); + return parse_bin(value, &pdata->pass, &pdata->pass_len); if (strcmp(keyword, "Salt") == 0) - return test_bin(value, &pdata->salt, &pdata->salt_len); + return parse_bin(value, &pdata->salt, &pdata->salt_len); if (strcmp(keyword, "Key") == 0) - return test_bin(value, &pdata->key, &pdata->key_len); + return parse_bin(value, &pdata->key, &pdata->key_len); if (pdata->pbe_type == PBE_TYPE_PBKDF2) return pbkdf2_test_parse(t, keyword, value); else if (pdata->pbe_type == PBE_TYPE_PKCS12) @@ -1770,50 +1471,53 @@ static int pbe_test_parse(struct evp_test *t, return 0; } -static int pbe_test_run(struct evp_test *t) +static int pbe_test_run(EVP_TEST *t) { - struct pbe_data *pdata = t->data; - const char *err = "INTERNAL_ERROR"; + PBE_DATA *expected = t->data; unsigned char *key; - key = OPENSSL_malloc(pdata->key_len); - if (!key) + if (!TEST_ptr(key = OPENSSL_malloc(expected->key_len))) { + t->err = "INTERNAL_ERROR"; goto err; - if (pdata->pbe_type == PBE_TYPE_PBKDF2) { - err = "PBKDF2_ERROR"; - if (PKCS5_PBKDF2_HMAC((char *)pdata->pass, pdata->pass_len, - pdata->salt, pdata->salt_len, - pdata->iter, pdata->md, - pdata->key_len, key) == 0) + } + if (expected->pbe_type == PBE_TYPE_PBKDF2) { + if (PKCS5_PBKDF2_HMAC((char *)expected->pass, expected->pass_len, + expected->salt, expected->salt_len, + expected->iter, expected->md, + expected->key_len, key) == 0) { + t->err = "PBKDF2_ERROR"; goto err; + } #ifndef OPENSSL_NO_SCRYPT - } else if (pdata->pbe_type == PBE_TYPE_SCRYPT) { - err = "SCRYPT_ERROR"; - if (EVP_PBE_scrypt((const char *)pdata->pass, pdata->pass_len, - pdata->salt, pdata->salt_len, - pdata->N, pdata->r, pdata->p, pdata->maxmem, - key, pdata->key_len) == 0) + } else if (expected->pbe_type == PBE_TYPE_SCRYPT) { + if (EVP_PBE_scrypt((const char *)expected->pass, expected->pass_len, + expected->salt, expected->salt_len, expected->N, + expected->r, expected->p, expected->maxmem, + key, expected->key_len) == 0) { + t->err = "SCRYPT_ERROR"; goto err; + } #endif - } else if (pdata->pbe_type == PBE_TYPE_PKCS12) { - err = "PKCS12_ERROR"; - if (PKCS12_key_gen_uni(pdata->pass, pdata->pass_len, - pdata->salt, pdata->salt_len, - pdata->id, pdata->iter, pdata->key_len, - key, pdata->md) == 0) + } else if (expected->pbe_type == PBE_TYPE_PKCS12) { + if (PKCS12_key_gen_uni(expected->pass, expected->pass_len, + expected->salt, expected->salt_len, + expected->id, expected->iter, expected->key_len, + key, expected->md) == 0) { + t->err = "PKCS12_ERROR"; goto err; + } } - err = "KEY_MISMATCH"; - if (check_output(t, pdata->key, key, pdata->key_len)) + if (!memory_err_compare(t, "KEY_MISMATCH", expected->key, expected->key_len, + key, expected->key_len)) goto err; - err = NULL; - err: + + t->err = NULL; +err: OPENSSL_free(key); - t->err = err; return 1; } -static const struct evp_test_method pbe_test_method = { +static const EVP_TEST_METHOD pbe_test_method = { "PBE", pbe_test_init, pbe_test_cleanup, @@ -1821,7 +1525,10 @@ static const struct evp_test_method pbe_test_method = { pbe_test_run }; -/* Base64 tests */ + +/** +*** BASE64 TESTS +**/ typedef enum { BASE64_CANONICAL_ENCODING = 0, @@ -1829,7 +1536,7 @@ typedef enum { BASE64_INVALID_ENCODING = 2 } base64_encoding_type; -struct encode_data { +typedef struct encode_data_st { /* Input to encoding */ unsigned char *input; size_t input_len; @@ -1837,71 +1544,76 @@ struct encode_data { unsigned char *output; size_t output_len; base64_encoding_type encoding; -}; +} ENCODE_DATA; -static int encode_test_init(struct evp_test *t, const char *encoding) +static int encode_test_init(EVP_TEST *t, const char *encoding) { - struct encode_data *edata = OPENSSL_zalloc(sizeof(*edata)); + ENCODE_DATA *edata; + if (!TEST_ptr(edata = OPENSSL_zalloc(sizeof(*edata)))) + return 0; if (strcmp(encoding, "canonical") == 0) { edata->encoding = BASE64_CANONICAL_ENCODING; } else if (strcmp(encoding, "valid") == 0) { edata->encoding = BASE64_VALID_ENCODING; } else if (strcmp(encoding, "invalid") == 0) { edata->encoding = BASE64_INVALID_ENCODING; - t->expected_err = OPENSSL_strdup("DECODE_ERROR"); - if (t->expected_err == NULL) + if (!TEST_ptr(t->expected_err = OPENSSL_strdup("DECODE_ERROR"))) return 0; } else { - fprintf(stderr, "Bad encoding: %s. Should be one of " - "{canonical, valid, invalid}\n", encoding); + TEST_error("Bad encoding: %s." + " Should be one of {canonical, valid, invalid}", + encoding); return 0; } t->data = edata; return 1; } -static void encode_test_cleanup(struct evp_test *t) +static void encode_test_cleanup(EVP_TEST *t) { - struct encode_data *edata = t->data; - test_free(edata->input); - test_free(edata->output); + ENCODE_DATA *edata = t->data; + + OPENSSL_free(edata->input); + OPENSSL_free(edata->output); memset(edata, 0, sizeof(*edata)); } -static int encode_test_parse(struct evp_test *t, +static int encode_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct encode_data *edata = t->data; + ENCODE_DATA *edata = t->data; + if (strcmp(keyword, "Input") == 0) - return test_bin(value, &edata->input, &edata->input_len); + return parse_bin(value, &edata->input, &edata->input_len); if (strcmp(keyword, "Output") == 0) - return test_bin(value, &edata->output, &edata->output_len); + return parse_bin(value, &edata->output, &edata->output_len); return 0; } -static int encode_test_run(struct evp_test *t) +static int encode_test_run(EVP_TEST *t) { - struct encode_data *edata = t->data; + ENCODE_DATA *expected = t->data; unsigned char *encode_out = NULL, *decode_out = NULL; int output_len, chunk_len; - const char *err = "INTERNAL_ERROR"; - EVP_ENCODE_CTX *decode_ctx = EVP_ENCODE_CTX_new(); + EVP_ENCODE_CTX *decode_ctx; - if (decode_ctx == NULL) + if (!TEST_ptr(decode_ctx = EVP_ENCODE_CTX_new())) { + t->err = "INTERNAL_ERROR"; goto err; + } - if (edata->encoding == BASE64_CANONICAL_ENCODING) { - EVP_ENCODE_CTX *encode_ctx = EVP_ENCODE_CTX_new(); - if (encode_ctx == NULL) - goto err; - encode_out = OPENSSL_malloc(EVP_ENCODE_LENGTH(edata->input_len)); - if (encode_out == NULL) + if (expected->encoding == BASE64_CANONICAL_ENCODING) { + EVP_ENCODE_CTX *encode_ctx; + + if (!TEST_ptr(encode_ctx = EVP_ENCODE_CTX_new()) + || !TEST_ptr(encode_out = + OPENSSL_malloc(EVP_ENCODE_LENGTH(expected->input_len)))) goto err; EVP_EncodeInit(encode_ctx); EVP_EncodeUpdate(encode_ctx, encode_out, &chunk_len, - edata->input, edata->input_len); + expected->input, expected->input_len); output_len = chunk_len; EVP_EncodeFinal(encode_ctx, encode_out + chunk_len, &chunk_len); @@ -1909,48 +1621,47 @@ static int encode_test_run(struct evp_test *t) EVP_ENCODE_CTX_free(encode_ctx); - if (check_var_length_output(t, edata->output, edata->output_len, - encode_out, output_len)) { - err = "BAD_ENCODING"; + if (!memory_err_compare(t, "BAD_ENCODING", + expected->output, expected->output_len, + encode_out, output_len)) goto err; - } } - decode_out = OPENSSL_malloc(EVP_DECODE_LENGTH(edata->output_len)); - if (decode_out == NULL) + if (!TEST_ptr(decode_out = + OPENSSL_malloc(EVP_DECODE_LENGTH(expected->output_len)))) goto err; EVP_DecodeInit(decode_ctx); - if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, edata->output, - edata->output_len) < 0) { - err = "DECODE_ERROR"; + if (EVP_DecodeUpdate(decode_ctx, decode_out, &chunk_len, expected->output, + expected->output_len) < 0) { + t->err = "DECODE_ERROR"; goto err; } output_len = chunk_len; if (EVP_DecodeFinal(decode_ctx, decode_out + chunk_len, &chunk_len) != 1) { - err = "DECODE_ERROR"; + t->err = "DECODE_ERROR"; goto err; } output_len += chunk_len; - if (edata->encoding != BASE64_INVALID_ENCODING && - check_var_length_output(t, edata->input, edata->input_len, - decode_out, output_len)) { - err = "BAD_DECODING"; + if (expected->encoding != BASE64_INVALID_ENCODING + && !memory_err_compare(t, "BAD_DECODING", + expected->input, expected->input_len, + decode_out, output_len)) { + t->err = "BAD_DECODING"; goto err; } - err = NULL; + t->err = NULL; err: - t->err = err; OPENSSL_free(encode_out); OPENSSL_free(decode_out); EVP_ENCODE_CTX_free(decode_ctx); return 1; } -static const struct evp_test_method encode_test_method = { +static const EVP_TEST_METHOD encode_test_method = { "Encoding", encode_test_init, encode_test_cleanup, @@ -1958,84 +1669,99 @@ static const struct evp_test_method encode_test_method = { encode_test_run, }; -/* KDF operations */ +/** +*** KDF TESTS +**/ -struct kdf_data { +typedef struct kdf_data_st { /* Context for this operation */ EVP_PKEY_CTX *ctx; /* Expected output */ unsigned char *output; size_t output_len; -}; +} KDF_DATA; /* * Perform public key operation setup: lookup key, allocated ctx and call * the appropriate initialisation function */ -static int kdf_test_init(struct evp_test *t, const char *name) +static int kdf_test_init(EVP_TEST *t, const char *name) { - struct kdf_data *kdata; + KDF_DATA *kdata; + int kdf_nid = OBJ_sn2nid(name); + +#ifdef OPENSSL_NO_SCRYPT + if (strcmp(name, "scrypt") == 0) { + t->skip = 1; + return 1; + } +#endif + + if (kdf_nid == NID_undef) + kdf_nid = OBJ_ln2nid(name); - kdata = OPENSSL_malloc(sizeof(*kdata)); - if (kdata == NULL) + if (!TEST_ptr(kdata = OPENSSL_zalloc(sizeof(*kdata)))) return 0; - kdata->ctx = NULL; - kdata->output = NULL; - t->data = kdata; - kdata->ctx = EVP_PKEY_CTX_new_id(OBJ_sn2nid(name), NULL); - if (kdata->ctx == NULL) + kdata->ctx = EVP_PKEY_CTX_new_id(kdf_nid, NULL); + if (kdata->ctx == NULL) { + OPENSSL_free(kdata); return 0; - if (EVP_PKEY_derive_init(kdata->ctx) <= 0) + } + if (EVP_PKEY_derive_init(kdata->ctx) <= 0) { + EVP_PKEY_CTX_free(kdata->ctx); + OPENSSL_free(kdata); return 0; + } + t->data = kdata; return 1; } -static void kdf_test_cleanup(struct evp_test *t) +static void kdf_test_cleanup(EVP_TEST *t) { - struct kdf_data *kdata = t->data; + KDF_DATA *kdata = t->data; OPENSSL_free(kdata->output); EVP_PKEY_CTX_free(kdata->ctx); } -static int kdf_test_parse(struct evp_test *t, +static int kdf_test_parse(EVP_TEST *t, const char *keyword, const char *value) { - struct kdf_data *kdata = t->data; + KDF_DATA *kdata = t->data; + if (strcmp(keyword, "Output") == 0) - return test_bin(value, &kdata->output, &kdata->output_len); + return parse_bin(value, &kdata->output, &kdata->output_len); if (strncmp(keyword, "Ctrl", 4) == 0) return pkey_test_ctrl(t, kdata->ctx, value); return 0; } -static int kdf_test_run(struct evp_test *t) +static int kdf_test_run(EVP_TEST *t) { - struct kdf_data *kdata = t->data; - unsigned char *out = NULL; - size_t out_len = kdata->output_len; - const char *err = "INTERNAL_ERROR"; - out = OPENSSL_malloc(out_len); - if (!out) { - fprintf(stderr, "Error allocating output buffer!\n"); - exit(1); - } - err = "KDF_DERIVE_ERROR"; - if (EVP_PKEY_derive(kdata->ctx, out, &out_len) <= 0) + KDF_DATA *expected = t->data; + unsigned char *got = NULL; + size_t got_len = expected->output_len; + + if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { + t->err = "INTERNAL_ERROR"; goto err; - err = "KDF_LENGTH_MISMATCH"; - if (out_len != kdata->output_len) + } + if (EVP_PKEY_derive(expected->ctx, got, &got_len) <= 0) { + t->err = "KDF_DERIVE_ERROR"; goto err; - err = "KDF_MISMATCH"; - if (check_output(t, kdata->output, out, out_len)) + } + if (!memory_err_compare(t, "KDF_MISMATCH", + expected->output, expected->output_len, + got, got_len)) goto err; - err = NULL; + + t->err = NULL; + err: - OPENSSL_free(out); - t->err = err; + OPENSSL_free(got); return 1; } -static const struct evp_test_method kdf_test_method = { +static const EVP_TEST_METHOD kdf_test_method = { "KDF", kdf_test_init, kdf_test_cleanup, @@ -2043,37 +1769,39 @@ static const struct evp_test_method kdf_test_method = { kdf_test_run }; -struct keypair_test_data { + +/** +*** KEYPAIR TESTS +**/ + +typedef struct keypair_test_data_st { EVP_PKEY *privk; EVP_PKEY *pubk; -}; +} KEYPAIR_TEST_DATA; -static int keypair_test_init(struct evp_test *t, const char *pair) +static int keypair_test_init(EVP_TEST *t, const char *pair) { + KEYPAIR_TEST_DATA *data; int rv = 0; EVP_PKEY *pk = NULL, *pubk = NULL; char *pub, *priv = NULL; - const char *err = "INTERNAL_ERROR"; - struct keypair_test_data *data; - priv = OPENSSL_strdup(pair); - if (priv == NULL) - return 0; - pub = strchr(priv, ':'); - if ( pub == NULL ) { - fprintf(stderr, "Wrong syntax \"%s\"\n", pair); + /* Split private and public names. */ + if (!TEST_ptr(priv = OPENSSL_strdup(pair)) + || !TEST_ptr(pub = strchr(priv, ':'))) { + t->err = "PARSING_ERROR"; goto end; } - *pub++ = 0; /* split priv and pub strings */ + *pub++ = '\0'; - if (find_key(&pk, priv, t->private) == 0) { - fprintf(stderr, "Cannot find private key: %s\n", priv); - err = "MISSING_PRIVATE_KEY"; + if (!TEST_true(find_key(&pk, priv, private_keys))) { + TEST_info("Can't find private key: %s", priv); + t->err = "MISSING_PRIVATE_KEY"; goto end; } - if (find_key(&pubk, pub, t->public) == 0) { - fprintf(stderr, "Cannot find public key: %s\n", pub); - err = "MISSING_PUBLIC_KEY"; + if (!TEST_true(find_key(&pubk, pub, public_keys))) { + TEST_info("Can't find public key: %s", pub); + t->err = "MISSING_PUBLIC_KEY"; goto end; } @@ -2084,69 +1812,58 @@ static int keypair_test_init(struct evp_test *t, const char *pair) goto end; } - data = OPENSSL_malloc(sizeof(*data)); - if (data == NULL ) + if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data)))) goto end; - data->privk = pk; data->pubk = pubk; t->data = data; - rv = 1; - err = NULL; + t->err = NULL; end: - if (priv) - OPENSSL_free(priv); - t->err = err; + OPENSSL_free(priv); return rv; } -static void keypair_test_cleanup(struct evp_test *t) +static void keypair_test_cleanup(EVP_TEST *t) { - struct keypair_test_data *data = t->data; + OPENSSL_free(t->data); t->data = NULL; - if (data) - test_free(data); - return; } -/* For test that do not accept any custom keyword: - * return 0 if called +/* + * For tests that do not accept any custom keywords. */ -static int void_test_parse(struct evp_test *t, const char *keyword, const char *value) +static int void_test_parse(EVP_TEST *t, const char *keyword, const char *value) { return 0; } -static int keypair_test_run(struct evp_test *t) +static int keypair_test_run(EVP_TEST *t) { int rv = 0; - const struct keypair_test_data *pair = t->data; - const char *err = "INTERNAL_ERROR"; - - if (pair == NULL) - goto end; + const KEYPAIR_TEST_DATA *pair = t->data; if (pair->privk == NULL || pair->pubk == NULL) { - /* this can only happen if only one of the keys is not set + /* + * this can only happen if only one of the keys is not set * which means that one of them was unsupported while the * other isn't: hence a key type mismatch. */ - err = "KEYPAIR_TYPE_MISMATCH"; + t->err = "KEYPAIR_TYPE_MISMATCH"; rv = 1; goto end; } if ((rv = EVP_PKEY_cmp(pair->privk, pair->pubk)) != 1 ) { if ( 0 == rv ) { - err = "KEYPAIR_MISMATCH"; + t->err = "KEYPAIR_MISMATCH"; } else if ( -1 == rv ) { - err = "KEYPAIR_TYPE_MISMATCH"; + t->err = "KEYPAIR_TYPE_MISMATCH"; } else if ( -2 == rv ) { - err = "UNSUPPORTED_KEY_COMPARISON"; + t->err = "UNSUPPORTED_KEY_COMPARISON"; } else { - fprintf(stderr, "Unexpected error in key comparison\n"); + TEST_error("Unexpected error in key comparison"); rv = 0; goto end; } @@ -2155,14 +1872,13 @@ static int keypair_test_run(struct evp_test *t) } rv = 1; - err = NULL; + t->err = NULL; end: - t->err = err; return rv; } -static const struct evp_test_method keypair_test_method = { +static const EVP_TEST_METHOD keypair_test_method = { "PrivPubKeyPair", keypair_test_init, keypair_test_cleanup, @@ -2170,3 +1886,807 @@ static const struct evp_test_method keypair_test_method = { keypair_test_run }; +/** +*** KEYGEN TEST +**/ + +typedef struct keygen_test_data_st { + EVP_PKEY_CTX *genctx; /* Keygen context to use */ + char *keyname; /* Key name to store key or NULL */ +} KEYGEN_TEST_DATA; + +static int keygen_test_init(EVP_TEST *t, const char *alg) +{ + KEYGEN_TEST_DATA *data; + EVP_PKEY_CTX *genctx; + int nid = OBJ_sn2nid(alg); + + if (nid == NID_undef) { + nid = OBJ_ln2nid(alg); + if (nid == NID_undef) + return 0; + } + + if (!TEST_ptr(genctx = EVP_PKEY_CTX_new_id(nid, NULL))) { + /* assume algorithm disabled */ + t->skip = 1; + return 1; + } + + if (EVP_PKEY_keygen_init(genctx) <= 0) { + t->err = "KEYGEN_INIT_ERROR"; + goto err; + } + + if (!TEST_ptr(data = OPENSSL_malloc(sizeof(*data)))) + goto err; + data->genctx = genctx; + data->keyname = NULL; + t->data = data; + t->err = NULL; + return 1; + +err: + EVP_PKEY_CTX_free(genctx); + return 0; +} + +static void keygen_test_cleanup(EVP_TEST *t) +{ + KEYGEN_TEST_DATA *keygen = t->data; + + EVP_PKEY_CTX_free(keygen->genctx); + OPENSSL_free(keygen->keyname); + OPENSSL_free(t->data); + t->data = NULL; +} + +static int keygen_test_parse(EVP_TEST *t, + const char *keyword, const char *value) +{ + KEYGEN_TEST_DATA *keygen = t->data; + + if (strcmp(keyword, "KeyName") == 0) + return TEST_ptr(keygen->keyname = OPENSSL_strdup(value)); + if (strcmp(keyword, "Ctrl") == 0) + return pkey_test_ctrl(t, keygen->genctx, value); + return 0; +} + +static int keygen_test_run(EVP_TEST *t) +{ + KEYGEN_TEST_DATA *keygen = t->data; + EVP_PKEY *pkey = NULL; + + t->err = NULL; + if (EVP_PKEY_keygen(keygen->genctx, &pkey) <= 0) { + t->err = "KEYGEN_GENERATE_ERROR"; + goto err; + } + + if (keygen->keyname != NULL) { + KEY_LIST *key; + + if (find_key(NULL, keygen->keyname, private_keys)) { + TEST_info("Duplicate key %s", keygen->keyname); + goto err; + } + + if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key)))) + goto err; + key->name = keygen->keyname; + keygen->keyname = NULL; + key->key = pkey; + key->next = private_keys; + private_keys = key; + } else { + EVP_PKEY_free(pkey); + } + + return 1; + +err: + EVP_PKEY_free(pkey); + return 0; +} + +static const EVP_TEST_METHOD keygen_test_method = { + "KeyGen", + keygen_test_init, + keygen_test_cleanup, + keygen_test_parse, + keygen_test_run, +}; + +/** +*** DIGEST SIGN+VERIFY TESTS +**/ + +typedef struct { + int is_verify; /* Set to 1 if verifying */ + int is_oneshot; /* Set to 1 for one shot operation */ + const EVP_MD *md; /* Digest to use */ + EVP_MD_CTX *ctx; /* Digest context */ + EVP_PKEY_CTX *pctx; + STACK_OF(EVP_TEST_BUFFER) *input; /* Input data: streaming */ + unsigned char *osin; /* Input data if one shot */ + size_t osin_len; /* Input length data if one shot */ + unsigned char *output; /* Expected output */ + size_t output_len; /* Expected output length */ +} DIGESTSIGN_DATA; + +static int digestsigver_test_init(EVP_TEST *t, const char *alg, int is_verify, + int is_oneshot) +{ + const EVP_MD *md = NULL; + DIGESTSIGN_DATA *mdat; + + if (strcmp(alg, "NULL") != 0) { + if ((md = EVP_get_digestbyname(alg)) == NULL) { + /* If alg has an OID assume disabled algorithm */ + if (OBJ_sn2nid(alg) != NID_undef || OBJ_ln2nid(alg) != NID_undef) { + t->skip = 1; + return 1; + } + return 0; + } + } + if (!TEST_ptr(mdat = OPENSSL_zalloc(sizeof(*mdat)))) + return 0; + mdat->md = md; + if (!TEST_ptr(mdat->ctx = EVP_MD_CTX_new())) { + OPENSSL_free(mdat); + return 0; + } + mdat->is_verify = is_verify; + mdat->is_oneshot = is_oneshot; + t->data = mdat; + return 1; +} + +static int digestsign_test_init(EVP_TEST *t, const char *alg) +{ + return digestsigver_test_init(t, alg, 0, 0); +} + +static void digestsigver_test_cleanup(EVP_TEST *t) +{ + DIGESTSIGN_DATA *mdata = t->data; + + EVP_MD_CTX_free(mdata->ctx); + sk_EVP_TEST_BUFFER_pop_free(mdata->input, evp_test_buffer_free); + OPENSSL_free(mdata->osin); + OPENSSL_free(mdata->output); + OPENSSL_free(mdata); + t->data = NULL; +} + +static int digestsigver_test_parse(EVP_TEST *t, + const char *keyword, const char *value) +{ + DIGESTSIGN_DATA *mdata = t->data; + + if (strcmp(keyword, "Key") == 0) { + EVP_PKEY *pkey = NULL; + int rv = 0; + + if (mdata->is_verify) + rv = find_key(&pkey, value, public_keys); + if (rv == 0) + rv = find_key(&pkey, value, private_keys); + if (rv == 0 || pkey == NULL) { + t->skip = 1; + return 1; + } + if (mdata->is_verify) { + if (!EVP_DigestVerifyInit(mdata->ctx, &mdata->pctx, mdata->md, + NULL, pkey)) + t->err = "DIGESTVERIFYINIT_ERROR"; + return 1; + } + if (!EVP_DigestSignInit(mdata->ctx, &mdata->pctx, mdata->md, NULL, + pkey)) + t->err = "DIGESTSIGNINIT_ERROR"; + return 1; + } + + if (strcmp(keyword, "Input") == 0) { + if (mdata->is_oneshot) + return parse_bin(value, &mdata->osin, &mdata->osin_len); + return evp_test_buffer_append(value, &mdata->input); + } + if (strcmp(keyword, "Output") == 0) + return parse_bin(value, &mdata->output, &mdata->output_len); + + if (!mdata->is_oneshot) { + if (strcmp(keyword, "Count") == 0) + return evp_test_buffer_set_count(value, mdata->input); + if (strcmp(keyword, "Ncopy") == 0) + return evp_test_buffer_ncopy(value, mdata->input); + } + if (strcmp(keyword, "Ctrl") == 0) { + if (mdata->pctx == NULL) + return 0; + return pkey_test_ctrl(t, mdata->pctx, value); + } + return 0; +} + +static int digestsign_update_fn(void *ctx, const unsigned char *buf, + size_t buflen) +{ + return EVP_DigestSignUpdate(ctx, buf, buflen); +} + +static int digestsign_test_run(EVP_TEST *t) +{ + DIGESTSIGN_DATA *expected = t->data; + unsigned char *got = NULL; + size_t got_len; + + if (!evp_test_buffer_do(expected->input, digestsign_update_fn, + expected->ctx)) { + t->err = "DIGESTUPDATE_ERROR"; + goto err; + } + + if (!EVP_DigestSignFinal(expected->ctx, NULL, &got_len)) { + t->err = "DIGESTSIGNFINAL_LENGTH_ERROR"; + goto err; + } + if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { + t->err = "MALLOC_FAILURE"; + goto err; + } + if (!EVP_DigestSignFinal(expected->ctx, got, &got_len)) { + t->err = "DIGESTSIGNFINAL_ERROR"; + goto err; + } + if (!memory_err_compare(t, "SIGNATURE_MISMATCH", + expected->output, expected->output_len, + got, got_len)) + goto err; + + t->err = NULL; + err: + OPENSSL_free(got); + return 1; +} + +static const EVP_TEST_METHOD digestsign_test_method = { + "DigestSign", + digestsign_test_init, + digestsigver_test_cleanup, + digestsigver_test_parse, + digestsign_test_run +}; + +static int digestverify_test_init(EVP_TEST *t, const char *alg) +{ + return digestsigver_test_init(t, alg, 1, 0); +} + +static int digestverify_update_fn(void *ctx, const unsigned char *buf, + size_t buflen) +{ + return EVP_DigestVerifyUpdate(ctx, buf, buflen); +} + +static int digestverify_test_run(EVP_TEST *t) +{ + DIGESTSIGN_DATA *mdata = t->data; + + if (!evp_test_buffer_do(mdata->input, digestverify_update_fn, mdata->ctx)) { + t->err = "DIGESTUPDATE_ERROR"; + return 1; + } + + if (EVP_DigestVerifyFinal(mdata->ctx, mdata->output, + mdata->output_len) <= 0) + t->err = "VERIFY_ERROR"; + return 1; +} + +static const EVP_TEST_METHOD digestverify_test_method = { + "DigestVerify", + digestverify_test_init, + digestsigver_test_cleanup, + digestsigver_test_parse, + digestverify_test_run +}; + +static int oneshot_digestsign_test_init(EVP_TEST *t, const char *alg) +{ + return digestsigver_test_init(t, alg, 0, 1); +} + +static int oneshot_digestsign_test_run(EVP_TEST *t) +{ + DIGESTSIGN_DATA *expected = t->data; + unsigned char *got = NULL; + size_t got_len; + + if (!EVP_DigestSign(expected->ctx, NULL, &got_len, + expected->osin, expected->osin_len)) { + t->err = "DIGESTSIGN_LENGTH_ERROR"; + goto err; + } + if (!TEST_ptr(got = OPENSSL_malloc(got_len))) { + t->err = "MALLOC_FAILURE"; + goto err; + } + if (!EVP_DigestSign(expected->ctx, got, &got_len, + expected->osin, expected->osin_len)) { + t->err = "DIGESTSIGN_ERROR"; + goto err; + } + if (!memory_err_compare(t, "SIGNATURE_MISMATCH", + expected->output, expected->output_len, + got, got_len)) + goto err; + + t->err = NULL; + err: + OPENSSL_free(got); + return 1; +} + +static const EVP_TEST_METHOD oneshot_digestsign_test_method = { + "OneShotDigestSign", + oneshot_digestsign_test_init, + digestsigver_test_cleanup, + digestsigver_test_parse, + oneshot_digestsign_test_run +}; + +static int oneshot_digestverify_test_init(EVP_TEST *t, const char *alg) +{ + return digestsigver_test_init(t, alg, 1, 1); +} + +static int oneshot_digestverify_test_run(EVP_TEST *t) +{ + DIGESTSIGN_DATA *mdata = t->data; + + if (EVP_DigestVerify(mdata->ctx, mdata->output, mdata->output_len, + mdata->osin, mdata->osin_len) <= 0) + t->err = "VERIFY_ERROR"; + return 1; +} + +static const EVP_TEST_METHOD oneshot_digestverify_test_method = { + "OneShotDigestVerify", + oneshot_digestverify_test_init, + digestsigver_test_cleanup, + digestsigver_test_parse, + oneshot_digestverify_test_run +}; + + +/** +*** PARSING AND DISPATCH +**/ + +static const EVP_TEST_METHOD *evp_test_list[] = { + &cipher_test_method, + &digest_test_method, + &digestsign_test_method, + &digestverify_test_method, + &encode_test_method, + &kdf_test_method, + &keypair_test_method, + &keygen_test_method, + &mac_test_method, + &oneshot_digestsign_test_method, + &oneshot_digestverify_test_method, + &pbe_test_method, + &pdecrypt_test_method, + &pderive_test_method, + &psign_test_method, + &pverify_recover_test_method, + &pverify_test_method, + NULL +}; + +static const EVP_TEST_METHOD *find_test(const char *name) +{ + const EVP_TEST_METHOD **tt; + + for (tt = evp_test_list; *tt; tt++) { + if (strcmp(name, (*tt)->name) == 0) + return *tt; + } + return NULL; +} + +static void clear_test(EVP_TEST *t) +{ + test_clearstanza(&t->s); + ERR_clear_error(); + if (t->data != NULL) { + if (t->meth != NULL) + t->meth->cleanup(t); + OPENSSL_free(t->data); + t->data = NULL; + } + OPENSSL_free(t->expected_err); + t->expected_err = NULL; + OPENSSL_free(t->func); + t->func = NULL; + OPENSSL_free(t->reason); + t->reason = NULL; + + /* Text literal. */ + t->err = NULL; + t->skip = 0; + t->meth = NULL; +} + +/* + * Check for errors in the test structure; return 1 if okay, else 0. + */ +static int check_test_error(EVP_TEST *t) +{ + unsigned long err; + const char *func; + const char *reason; + + if (t->err == NULL && t->expected_err == NULL) + return 1; + if (t->err != NULL && t->expected_err == NULL) { + if (t->aux_err != NULL) { + TEST_info("%s:%d: Source of above error (%s); unexpected error %s", + t->s.test_file, t->s.start, t->aux_err, t->err); + } else { + TEST_info("%s:%d: Source of above error; unexpected error %s", + t->s.test_file, t->s.start, t->err); + } + return 0; + } + if (t->err == NULL && t->expected_err != NULL) { + TEST_info("%s:%d: Succeeded but was expecting %s", + t->s.test_file, t->s.start, t->expected_err); + return 0; + } + + if (strcmp(t->err, t->expected_err) != 0) { + TEST_info("%s:%d: Expected %s got %s", + t->s.test_file, t->s.start, t->expected_err, t->err); + return 0; + } + + if (t->func == NULL && t->reason == NULL) + return 1; + + if (t->func == NULL || t->reason == NULL) { + TEST_info("%s:%d: Test is missing function or reason code", + t->s.test_file, t->s.start); + return 0; + } + + err = ERR_peek_error(); + if (err == 0) { + TEST_info("%s:%d: Expected error \"%s:%s\" not set", + t->s.test_file, t->s.start, t->func, t->reason); + return 0; + } + + func = ERR_func_error_string(err); + reason = ERR_reason_error_string(err); + if (func == NULL && reason == NULL) { + TEST_info("%s:%d: Expected error \"%s:%s\", no strings available." + " Assuming ok.", + t->s.test_file, t->s.start, t->func, t->reason); + return 1; + } + + if (strcmp(func, t->func) == 0 && strcmp(reason, t->reason) == 0) + return 1; + + TEST_info("%s:%d: Expected error \"%s:%s\", got \"%s:%s\"", + t->s.test_file, t->s.start, t->func, t->reason, func, reason); + + return 0; +} + +/* + * Run a parsed test. Log a message and return 0 on error. + */ +static int run_test(EVP_TEST *t) +{ + if (t->meth == NULL) + return 1; + t->s.numtests++; + if (t->skip) { + t->s.numskip++; + } else { + /* run the test */ + if (t->err == NULL && t->meth->run_test(t) != 1) { + TEST_info("%s:%d %s error", + t->s.test_file, t->s.start, t->meth->name); + return 0; + } + if (!check_test_error(t)) { + TEST_openssl_errors(); + t->s.errors++; + } + } + + /* clean it up */ + return 1; +} + +static int find_key(EVP_PKEY **ppk, const char *name, KEY_LIST *lst) +{ + for (; lst != NULL; lst = lst->next) { + if (strcmp(lst->name, name) == 0) { + if (ppk != NULL) + *ppk = lst->key; + return 1; + } + } + return 0; +} + +static void free_key_list(KEY_LIST *lst) +{ + while (lst != NULL) { + KEY_LIST *next = lst->next; + + EVP_PKEY_free(lst->key); + OPENSSL_free(lst->name); + OPENSSL_free(lst); + lst = next; + } +} + +/* + * Is the key type an unsupported algorithm? + */ +static int key_unsupported(void) +{ + long err = ERR_peek_error(); + + if (ERR_GET_LIB(err) == ERR_LIB_EVP + && ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM) { + ERR_clear_error(); + return 1; + } +#ifndef OPENSSL_NO_EC + /* + * If EC support is enabled we should catch also EC_R_UNKNOWN_GROUP as an + * hint to an unsupported algorithm/curve (e.g. if binary EC support is + * disabled). + */ + if (ERR_GET_LIB(err) == ERR_LIB_EC + && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) { + ERR_clear_error(); + return 1; + } +#endif /* OPENSSL_NO_EC */ + return 0; +} + +/* + * NULL out the value from |pp| but return it. This "steals" a pointer. + */ +static char *take_value(PAIR *pp) +{ + char *p = pp->value; + + pp->value = NULL; + return p; +} + +/* + * Read and parse one test. Return 0 if failure, 1 if okay. + */ +static int parse(EVP_TEST *t) +{ + KEY_LIST *key, **klist; + EVP_PKEY *pkey; + PAIR *pp; + int i; + +top: + do { + if (BIO_eof(t->s.fp)) + return EOF; + clear_test(t); + if (!test_readstanza(&t->s)) + return 0; + } while (t->s.numpairs == 0); + pp = &t->s.pairs[0]; + + /* Are we adding a key? */ + klist = NULL; + pkey = NULL; + if (strcmp(pp->key, "PrivateKey") == 0) { + pkey = PEM_read_bio_PrivateKey(t->s.key, NULL, 0, NULL); + if (pkey == NULL && !key_unsupported()) { + EVP_PKEY_free(pkey); + TEST_info("Can't read private key %s", pp->value); + TEST_openssl_errors(); + return 0; + } + klist = &private_keys; + } else if (strcmp(pp->key, "PublicKey") == 0) { + pkey = PEM_read_bio_PUBKEY(t->s.key, NULL, 0, NULL); + if (pkey == NULL && !key_unsupported()) { + EVP_PKEY_free(pkey); + TEST_info("Can't read public key %s", pp->value); + TEST_openssl_errors(); + return 0; + } + klist = &public_keys; + } else if (strcmp(pp->key, "PrivateKeyRaw") == 0 + || strcmp(pp->key, "PublicKeyRaw") == 0 ) { + char *strnid = NULL, *keydata = NULL; + unsigned char *keybin; + size_t keylen; + int nid; + + if (strcmp(pp->key, "PrivateKeyRaw") == 0) + klist = &private_keys; + else + klist = &public_keys; + + strnid = strchr(pp->value, ':'); + if (strnid != NULL) { + *strnid++ = '\0'; + keydata = strchr(strnid, ':'); + if (keydata != NULL) + *keydata++ = '\0'; + } + if (keydata == NULL) { + TEST_info("Failed to parse %s value", pp->key); + return 0; + } + + nid = OBJ_txt2nid(strnid); + if (nid == NID_undef) { + TEST_info("Uncrecognised algorithm NID"); + return 0; + } + if (!parse_bin(keydata, &keybin, &keylen)) { + TEST_info("Failed to create binary key"); + return 0; + } + if (klist == &private_keys) + pkey = EVP_PKEY_new_raw_private_key(nid, NULL, keybin, keylen); + else + pkey = EVP_PKEY_new_raw_public_key(nid, NULL, keybin, keylen); + if (pkey == NULL && !key_unsupported()) { + TEST_info("Can't read %s data", pp->key); + OPENSSL_free(keybin); + TEST_openssl_errors(); + return 0; + } + OPENSSL_free(keybin); + } + + /* If we have a key add to list */ + if (klist != NULL) { + if (find_key(NULL, pp->value, *klist)) { + TEST_info("Duplicate key %s", pp->value); + return 0; + } + if (!TEST_ptr(key = OPENSSL_malloc(sizeof(*key)))) + return 0; + key->name = take_value(pp); + + /* Hack to detect SM2 keys */ + if(pkey != NULL && strstr(key->name, "SM2") != NULL) { +#ifdef OPENSSL_NO_SM2 + EVP_PKEY_free(pkey); + pkey = NULL; +#else + EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2); +#endif + } + + key->key = pkey; + key->next = *klist; + *klist = key; + + /* Go back and start a new stanza. */ + if (t->s.numpairs != 1) + TEST_info("Line %d: missing blank line\n", t->s.curr); + goto top; + } + + /* Find the test, based on first keyword. */ + if (!TEST_ptr(t->meth = find_test(pp->key))) + return 0; + if (!t->meth->init(t, pp->value)) { + TEST_error("unknown %s: %s\n", pp->key, pp->value); + return 0; + } + if (t->skip == 1) { + /* TEST_info("skipping %s %s", pp->key, pp->value); */ + return 0; + } + + for (pp++, i = 1; i < t->s.numpairs; pp++, i++) { + if (strcmp(pp->key, "Result") == 0) { + if (t->expected_err != NULL) { + TEST_info("Line %d: multiple result lines", t->s.curr); + return 0; + } + t->expected_err = take_value(pp); + } else if (strcmp(pp->key, "Function") == 0) { + if (t->func != NULL) { + TEST_info("Line %d: multiple function lines\n", t->s.curr); + return 0; + } + t->func = take_value(pp); + } else if (strcmp(pp->key, "Reason") == 0) { + if (t->reason != NULL) { + TEST_info("Line %d: multiple reason lines", t->s.curr); + return 0; + } + t->reason = take_value(pp); + } else { + /* Must be test specific line: try to parse it */ + int rv = t->meth->parse(t, pp->key, pp->value); + + if (rv == 0) { + TEST_info("Line %d: unknown keyword %s", t->s.curr, pp->key); + return 0; + } + if (rv < 0) { + TEST_info("Line %d: error processing keyword %s = %s\n", + t->s.curr, pp->key, pp->value); + return 0; + } + } + } + + return 1; +} + +static int run_file_tests(int i) +{ + EVP_TEST *t; + const char *testfile = test_get_argument(i); + int c; + + if (!TEST_ptr(t = OPENSSL_zalloc(sizeof(*t)))) + return 0; + if (!test_start_file(&t->s, testfile)) { + OPENSSL_free(t); + return 0; + } + + while (!BIO_eof(t->s.fp)) { + c = parse(t); + if (t->skip) + continue; + if (c == 0 || !run_test(t)) { + t->s.errors++; + break; + } + } + test_end_file(&t->s); + clear_test(t); + + free_key_list(public_keys); + free_key_list(private_keys); + BIO_free(t->s.key); + c = t->s.errors; + OPENSSL_free(t); + return c == 0; +} + +int setup_tests(void) +{ + size_t n = test_get_argument_count(); + + if (n == 0) { + TEST_error("Usage: %s file...", test_get_program_name()); + return 0; + } + + ADD_ALL_TESTS(run_file_tests, n); + return 1; +} diff --git a/deps/openssl/openssl/test/evp_test.h b/deps/openssl/openssl/test/evp_test.h new file mode 100644 index 0000000000..5402e1e806 --- /dev/null +++ b/deps/openssl/openssl/test/evp_test.h @@ -0,0 +1,11 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +typedef struct evp_test_buffer_st EVP_TEST_BUFFER; +DEFINE_STACK_OF(EVP_TEST_BUFFER) diff --git a/deps/openssl/openssl/test/exdatatest.c b/deps/openssl/openssl/test/exdatatest.c index 7998622de8..bc39a145e6 100644 --- a/deps/openssl/openssl/test/exdatatest.c +++ b/deps/openssl/openssl/test/exdatatest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,10 +12,13 @@ #include <stdlib.h> #include <openssl/crypto.h> +#include "testutil.h" + static long saved_argl; static void *saved_argp; static int saved_idx; static int saved_idx2; +static int gbl_result; /* * SIMPLE EX_DATA IMPLEMENTATION @@ -25,28 +28,31 @@ static int saved_idx2; static void exnew(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) { - OPENSSL_assert(idx == saved_idx); - OPENSSL_assert(argl == saved_argl); - OPENSSL_assert(argp == saved_argp); - OPENSSL_assert(ptr == NULL); + if (!TEST_int_eq(idx, saved_idx) + || !TEST_long_eq(argl, saved_argl) + || !TEST_ptr_eq(argp, saved_argp) + || !TEST_ptr_null(ptr)) + gbl_result = 0; } static int exdup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, void *from_d, int idx, long argl, void *argp) { - OPENSSL_assert(idx == saved_idx); - OPENSSL_assert(argl == saved_argl); - OPENSSL_assert(argp == saved_argp); - OPENSSL_assert(from_d != NULL); + if (!TEST_int_eq(idx, saved_idx) + || !TEST_long_eq(argl, saved_argl) + || !TEST_ptr_eq(argp, saved_argp) + || !TEST_ptr(from_d)) + gbl_result = 0; return 1; } static void exfree(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) { - OPENSSL_assert(idx == saved_idx); - OPENSSL_assert(argl == saved_argl); - OPENSSL_assert(argp == saved_argp); + if (!TEST_int_eq(idx, saved_idx) + || !TEST_long_eq(argl, saved_argl) + || !TEST_ptr_eq(argp, saved_argp)) + gbl_result = 0; } /* @@ -64,20 +70,18 @@ typedef struct myobj_ex_data_st { static void exnew2(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) { - int ret; - MYOBJ_EX_DATA *ex_data; - - OPENSSL_assert(idx == saved_idx2); - OPENSSL_assert(argl == saved_argl); - OPENSSL_assert(argp == saved_argp); - OPENSSL_assert(ptr == NULL); - - ex_data = OPENSSL_zalloc(sizeof(*ex_data)); - OPENSSL_assert(ex_data != NULL); - ret = CRYPTO_set_ex_data(ad, saved_idx2, ex_data); - OPENSSL_assert(ret); - - ex_data->new = 1; + MYOBJ_EX_DATA *ex_data = OPENSSL_zalloc(sizeof(*ex_data)); + if (!TEST_int_eq(idx, saved_idx2) + || !TEST_long_eq(argl, saved_argl) + || !TEST_ptr_eq(argp, saved_argp) + || !TEST_ptr_null(ptr) + || !TEST_ptr(ex_data) + || !TEST_true(CRYPTO_set_ex_data(ad, saved_idx2, ex_data))) { + gbl_result = 0; + OPENSSL_free(ex_data); + } else { + ex_data->new = 1; + } } static int exdup2(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, @@ -85,21 +89,22 @@ static int exdup2(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, { MYOBJ_EX_DATA **update_ex_data = (MYOBJ_EX_DATA**)from_d; MYOBJ_EX_DATA *ex_data = CRYPTO_get_ex_data(to, saved_idx2); - - OPENSSL_assert(idx == saved_idx2); - OPENSSL_assert(argl == saved_argl); - OPENSSL_assert(argp == saved_argp); - OPENSSL_assert(from_d != NULL); - OPENSSL_assert(*update_ex_data != NULL); - OPENSSL_assert(ex_data != NULL); - OPENSSL_assert(ex_data->new); - - /* Copy hello over */ - ex_data->hello = (*update_ex_data)->hello; - /* indicate this is a dup */ - ex_data->dup = 1; - /* Keep my original ex_data */ - *update_ex_data = ex_data; + if (!TEST_int_eq(idx, saved_idx2) + || !TEST_long_eq(argl, saved_argl) + || !TEST_ptr_eq(argp, saved_argp) + || !TEST_ptr(from_d) + || !TEST_ptr(*update_ex_data) + || !TEST_ptr(ex_data) + || !TEST_true(ex_data->new)) { + gbl_result = 0; + } else { + /* Copy hello over */ + ex_data->hello = (*update_ex_data)->hello; + /* indicate this is a dup */ + ex_data->dup = 1; + /* Keep my original ex_data */ + *update_ex_data = ex_data; + } return 1; } @@ -107,15 +112,13 @@ static void exfree2(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp) { MYOBJ_EX_DATA *ex_data = CRYPTO_get_ex_data(ad, saved_idx2); - int ret; - - OPENSSL_assert(ex_data != NULL); OPENSSL_free(ex_data); - OPENSSL_assert(idx == saved_idx2); - OPENSSL_assert(argl == saved_argl); - OPENSSL_assert(argp == saved_argp); - ret = CRYPTO_set_ex_data(ad, saved_idx2, NULL); - OPENSSL_assert(ret); + if (!TEST_int_eq(idx, saved_idx2) + || !TEST_long_eq(argl, saved_argl) + || !TEST_ptr_eq(argp, saved_argp) + || !TEST_ptr(ex_data) + || !TEST_true(CRYPTO_set_ex_data(ad, saved_idx2, NULL))) + gbl_result = 0; } typedef struct myobj_st { @@ -124,21 +127,21 @@ typedef struct myobj_st { int st; } MYOBJ; -static MYOBJ *MYOBJ_new() +static MYOBJ *MYOBJ_new(void) { static int count = 0; MYOBJ *obj = OPENSSL_malloc(sizeof(*obj)); obj->id = ++count; obj->st = CRYPTO_new_ex_data(CRYPTO_EX_INDEX_APP, obj, &obj->ex_data); - OPENSSL_assert(obj->st != 0); return obj; } static void MYOBJ_sethello(MYOBJ *obj, char *cp) { obj->st = CRYPTO_set_ex_data(&obj->ex_data, saved_idx, cp); - OPENSSL_assert(obj->st != 0); + if (!TEST_int_eq(obj->st, 1)) + gbl_result = 0; } static char *MYOBJ_gethello(MYOBJ *obj) @@ -149,19 +152,19 @@ static char *MYOBJ_gethello(MYOBJ *obj) static void MYOBJ_sethello2(MYOBJ *obj, char *cp) { MYOBJ_EX_DATA* ex_data = CRYPTO_get_ex_data(&obj->ex_data, saved_idx2); - if (ex_data != NULL) + if (TEST_ptr(ex_data)) ex_data->hello = cp; else - obj->st = 0; + obj->st = gbl_result = 0; } static char *MYOBJ_gethello2(MYOBJ *obj) { MYOBJ_EX_DATA* ex_data = CRYPTO_get_ex_data(&obj->ex_data, saved_idx2); - if (ex_data != NULL) + if (TEST_ptr(ex_data)) return ex_data->hello; - obj->st = 0; + obj->st = gbl_result = 0; return NULL; } @@ -175,19 +178,20 @@ static MYOBJ *MYOBJ_dup(MYOBJ *in) { MYOBJ *obj = MYOBJ_new(); - obj->st = CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_APP, &obj->ex_data, + obj->st |= CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_APP, &obj->ex_data, &in->ex_data); - OPENSSL_assert(obj->st != 0); return obj; } -int main() +static int test_exdata(void) { MYOBJ *t1, *t2, *t3; MYOBJ_EX_DATA *ex_data; const char *cp; char *p; + gbl_result = 1; + p = OPENSSL_strdup("hello world"); saved_argl = 21; saved_argp = OPENSSL_malloc(1); @@ -199,36 +203,63 @@ int main() exnew2, exdup2, exfree2); t1 = MYOBJ_new(); t2 = MYOBJ_new(); - OPENSSL_assert(t1->st && t2->st); - ex_data = CRYPTO_get_ex_data(&t1->ex_data, saved_idx2); - OPENSSL_assert(ex_data != NULL); - ex_data = CRYPTO_get_ex_data(&t2->ex_data, saved_idx2); - OPENSSL_assert(ex_data != NULL); + if (!TEST_int_eq(t1->st, 1) || !TEST_int_eq(t2->st, 1)) + return 0; + if (!TEST_ptr(CRYPTO_get_ex_data(&t1->ex_data, saved_idx2))) + return 0; + if (!TEST_ptr(CRYPTO_get_ex_data(&t2->ex_data, saved_idx2))) + return 0; + MYOBJ_sethello(t1, p); cp = MYOBJ_gethello(t1); - OPENSSL_assert(cp == p); - cp = MYOBJ_gethello(t2); - OPENSSL_assert(cp == NULL); + if (!TEST_ptr_eq(cp, p)) + return 0; + MYOBJ_sethello2(t1, p); cp = MYOBJ_gethello2(t1); - OPENSSL_assert(cp == p); - OPENSSL_assert(t1->st); + if (!TEST_ptr_eq(cp, p)) + return 0; + + cp = MYOBJ_gethello(t2); + if (!TEST_ptr_null(cp)) + return 0; + cp = MYOBJ_gethello2(t2); - OPENSSL_assert(cp == NULL); - OPENSSL_assert(t2->st); + if (!TEST_ptr_null(cp)) + return 0; + t3 = MYOBJ_dup(t1); + if (!TEST_int_eq(t3->st, 1)) + return 0; + ex_data = CRYPTO_get_ex_data(&t3->ex_data, saved_idx2); - OPENSSL_assert(ex_data != NULL); - OPENSSL_assert(ex_data->dup); + if (!TEST_ptr(ex_data)) + return 0; + if (!TEST_int_eq(ex_data->dup, 1)) + return 0; + cp = MYOBJ_gethello(t3); - OPENSSL_assert(cp == p); + if (!TEST_ptr_eq(cp, p)) + return 0; + cp = MYOBJ_gethello2(t3); - OPENSSL_assert(cp == p); - OPENSSL_assert(t3->st); + if (!TEST_ptr_eq(cp, p)) + return 0; + MYOBJ_free(t1); MYOBJ_free(t2); MYOBJ_free(t3); OPENSSL_free(saved_argp); OPENSSL_free(p); - return 0; + + if (gbl_result) + return 1; + else + return 0; +} + +int setup_tests(void) +{ + ADD_TEST(test_exdata); + return 1; } diff --git a/deps/openssl/openssl/test/exptest.c b/deps/openssl/openssl/test/exptest.c index 9bc6e753a7..cde4d6bc45 100644 --- a/deps/openssl/openssl/test/exptest.c +++ b/deps/openssl/openssl/test/exptest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,41 +11,39 @@ #include <stdlib.h> #include <string.h> -#include "../e_os.h" +#include "internal/nelem.h" #include <openssl/bio.h> #include <openssl/bn.h> #include <openssl/rand.h> #include <openssl/err.h> +#include "testutil.h" + #define NUM_BITS (BN_BITS2 * 4) -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; +#define BN_print_var(v) test_output_bignum(#v, v) /* * Test that r == 0 in test_exp_mod_zero(). Returns one on success, * returns zero and prints debug output otherwise. */ static int a_is_zero_mod_one(const char *method, const BIGNUM *r, - const BIGNUM *a) { + const BIGNUM *a) +{ if (!BN_is_zero(r)) { - fprintf(stderr, "%s failed:\n", method); - fprintf(stderr, "a ** 0 mod 1 = r (should be 0)\n"); - fprintf(stderr, "a = "); - BN_print_fp(stderr, a); - fprintf(stderr, "\nr = "); - BN_print_fp(stderr, r); - fprintf(stderr, "\n"); + TEST_error("%s failed: a ** 0 mod 1 = r (should be 0)", method); + BN_print_var(a); + BN_print_var(r); return 0; } return 1; } /* - * test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. + * test_mod_exp_zero tests that x**0 mod 1 == 0. It returns zero on success. */ -static int test_exp_mod_zero() +static int test_mod_exp_zero(void) { BIGNUM *a = NULL, *p = NULL, *m = NULL; BIGNUM *r = NULL; @@ -53,77 +51,64 @@ static int test_exp_mod_zero() BN_CTX *ctx = BN_CTX_new(); int ret = 1, failed = 0; - m = BN_new(); - if (!m) + if (!TEST_ptr(m = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(p = BN_new()) + || !TEST_ptr(r = BN_new())) goto err; - BN_one(m); - a = BN_new(); - if (!a) - goto err; + BN_one(m); BN_one(a); - - p = BN_new(); - if (!p) - goto err; BN_zero(p); - r = BN_new(); - if (!r) - goto err; - - if (!BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY)) + if (!TEST_true(BN_rand(a, 1024, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))) goto err; - if (!BN_mod_exp(r, a, p, m, ctx)) + if (!TEST_true(BN_mod_exp(r, a, p, m, ctx))) goto err; - if (!a_is_zero_mod_one("BN_mod_exp", r, a)) + if (!TEST_true(a_is_zero_mod_one("BN_mod_exp", r, a))) failed = 1; - if (!BN_mod_exp_recp(r, a, p, m, ctx)) + if (!TEST_true(BN_mod_exp_recp(r, a, p, m, ctx))) goto err; - if (!a_is_zero_mod_one("BN_mod_exp_recp", r, a)) + if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_recp", r, a))) failed = 1; - if (!BN_mod_exp_simple(r, a, p, m, ctx)) + if (!TEST_true(BN_mod_exp_simple(r, a, p, m, ctx))) goto err; - if (!a_is_zero_mod_one("BN_mod_exp_simple", r, a)) + if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_simple", r, a))) failed = 1; - if (!BN_mod_exp_mont(r, a, p, m, ctx, NULL)) + if (!TEST_true(BN_mod_exp_mont(r, a, p, m, ctx, NULL))) goto err; - if (!a_is_zero_mod_one("BN_mod_exp_mont", r, a)) + if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont", r, a))) failed = 1; - if (!BN_mod_exp_mont_consttime(r, a, p, m, ctx, NULL)) { + if (!TEST_true(BN_mod_exp_mont_consttime(r, a, p, m, ctx, NULL))) goto err; - } - if (!a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a)) + if (!TEST_true(a_is_zero_mod_one("BN_mod_exp_mont_consttime", r, a))) failed = 1; /* * A different codepath exists for single word multiplication * in non-constant-time only. */ - if (!BN_mod_exp_mont_word(r, one_word, p, m, ctx, NULL)) + if (!TEST_true(BN_mod_exp_mont_word(r, one_word, p, m, ctx, NULL))) goto err; - if (!BN_is_zero(r)) { - fprintf(stderr, "BN_mod_exp_mont_word failed:\n"); - fprintf(stderr, "1 ** 0 mod 1 = r (should be 0)\n"); - fprintf(stderr, "r = "); - BN_print_fp(stderr, r); - fprintf(stderr, "\n"); - return 0; + if (!TEST_BN_eq_zero(r)) { + TEST_error("BN_mod_exp_mont_word failed: " + "1 ** 0 mod 1 = r (should be 0)"); + BN_print_var(r); + goto err; } - ret = failed; - + ret = !failed; err: BN_free(r); BN_free(a); @@ -134,114 +119,73 @@ static int test_exp_mod_zero() return ret; } -int main(int argc, char *argv[]) +static int test_mod_exp(int round) { BN_CTX *ctx; - BIO *out = NULL; - int i, ret; unsigned char c; - BIGNUM *r_mont, *r_mont_const, *r_recp, *r_simple, *a, *b, *m; + int ret = 0; + BIGNUM *r_mont = NULL; + BIGNUM *r_mont_const = NULL; + BIGNUM *r_recp = NULL; + BIGNUM *r_simple = NULL; + BIGNUM *a = NULL; + BIGNUM *b = NULL; + BIGNUM *m = NULL; + + if (!TEST_ptr(ctx = BN_CTX_new())) + goto err; - /* - * Seed or BN_rand may fail, and we don't even check its return - * value (which we should) - */ - RAND_seed(rnd_seed, sizeof(rnd_seed)); - - ctx = BN_CTX_new(); - if (ctx == NULL) - EXIT(1); - r_mont = BN_new(); - r_mont_const = BN_new(); - r_recp = BN_new(); - r_simple = BN_new(); - a = BN_new(); - b = BN_new(); - m = BN_new(); - if ((r_mont == NULL) || (r_recp == NULL) || (a == NULL) || (b == NULL)) + if (!TEST_ptr(r_mont = BN_new()) + || !TEST_ptr(r_mont_const = BN_new()) + || !TEST_ptr(r_recp = BN_new()) + || !TEST_ptr(r_simple = BN_new()) + || !TEST_ptr(a = BN_new()) + || !TEST_ptr(b = BN_new()) + || !TEST_ptr(m = BN_new())) goto err; - out = BIO_new(BIO_s_file()); - - if (out == NULL) - EXIT(1); - BIO_set_fp(out, stdout, BIO_NOCLOSE | BIO_FP_TEXT); - - for (i = 0; i < 200; i++) { - RAND_bytes(&c, 1); - c = (c % BN_BITS) - BN_BITS2; - BN_rand(a, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); - - RAND_bytes(&c, 1); - c = (c % BN_BITS) - BN_BITS2; - BN_rand(b, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); - - RAND_bytes(&c, 1); - c = (c % BN_BITS) - BN_BITS2; - BN_rand(m, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD); - - BN_mod(a, a, m, ctx); - BN_mod(b, b, m, ctx); - - ret = BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL); - if (ret <= 0) { - printf("BN_mod_exp_mont() problems\n"); - ERR_print_errors(out); - EXIT(1); - } - - ret = BN_mod_exp_recp(r_recp, a, b, m, ctx); - if (ret <= 0) { - printf("BN_mod_exp_recp() problems\n"); - ERR_print_errors(out); - EXIT(1); - } - - ret = BN_mod_exp_simple(r_simple, a, b, m, ctx); - if (ret <= 0) { - printf("BN_mod_exp_simple() problems\n"); - ERR_print_errors(out); - EXIT(1); - } - - ret = BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL); - if (ret <= 0) { - printf("BN_mod_exp_mont_consttime() problems\n"); - ERR_print_errors(out); - EXIT(1); - } - - if (BN_cmp(r_simple, r_mont) == 0 - && BN_cmp(r_simple, r_recp) == 0 - && BN_cmp(r_simple, r_mont_const) == 0) { - printf("."); - fflush(stdout); - } else { - if (BN_cmp(r_simple, r_mont) != 0) - printf("\nsimple and mont results differ\n"); - if (BN_cmp(r_simple, r_mont_const) != 0) - printf("\nsimple and mont const time results differ\n"); - if (BN_cmp(r_simple, r_recp) != 0) - printf("\nsimple and recp results differ\n"); - - printf("a (%3d) = ", BN_num_bits(a)); - BN_print(out, a); - printf("\nb (%3d) = ", BN_num_bits(b)); - BN_print(out, b); - printf("\nm (%3d) = ", BN_num_bits(m)); - BN_print(out, m); - printf("\nsimple ="); - BN_print(out, r_simple); - printf("\nrecp ="); - BN_print(out, r_recp); - printf("\nmont ="); - BN_print(out, r_mont); - printf("\nmont_ct ="); - BN_print(out, r_mont_const); - printf("\n"); - EXIT(1); - } + RAND_bytes(&c, 1); + c = (c % BN_BITS) - BN_BITS2; + BN_rand(a, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); + + RAND_bytes(&c, 1); + c = (c % BN_BITS) - BN_BITS2; + BN_rand(b, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY); + + RAND_bytes(&c, 1); + c = (c % BN_BITS) - BN_BITS2; + BN_rand(m, NUM_BITS + c, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ODD); + + if (!TEST_true(BN_mod(a, a, m, ctx)) + || !TEST_true(BN_mod(b, b, m, ctx)) + || !TEST_true(BN_mod_exp_mont(r_mont, a, b, m, ctx, NULL)) + || !TEST_true(BN_mod_exp_recp(r_recp, a, b, m, ctx)) + || !TEST_true(BN_mod_exp_simple(r_simple, a, b, m, ctx)) + || !TEST_true(BN_mod_exp_mont_consttime(r_mont_const, a, b, m, ctx, NULL))) + goto err; + + if (!TEST_BN_eq(r_simple, r_mont) + || !TEST_BN_eq(r_simple, r_recp) + || !TEST_BN_eq(r_simple, r_mont_const)) { + if (BN_cmp(r_simple, r_mont) != 0) + TEST_info("simple and mont results differ"); + if (BN_cmp(r_simple, r_mont_const) != 0) + TEST_info("simple and mont const time results differ"); + if (BN_cmp(r_simple, r_recp) != 0) + TEST_info("simple and recp results differ"); + + BN_print_var(a); + BN_print_var(b); + BN_print_var(m); + BN_print_var(r_simple); + BN_print_var(r_recp); + BN_print_var(r_mont); + BN_print_var(r_mont_const); + goto err; } + + ret = 1; + err: BN_free(r_mont); BN_free(r_mont_const); BN_free(r_recp); @@ -251,20 +195,12 @@ int main(int argc, char *argv[]) BN_free(m); BN_CTX_free(ctx); - if (test_exp_mod_zero() != 0) - goto err; - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(out) <= 0) - goto err; -#endif - BIO_free(out); - printf("\n"); - - printf("done\n"); + return ret; +} - EXIT(0); - err: - ERR_print_errors(out); - EXIT(1); +int setup_tests(void) +{ + ADD_TEST(test_mod_exp_zero); + ADD_ALL_TESTS(test_mod_exp, 200); + return 1; } diff --git a/deps/openssl/openssl/test/fatalerrtest.c b/deps/openssl/openssl/test/fatalerrtest.c index d52daa2de9..66731e6402 100644 --- a/deps/openssl/openssl/test/fatalerrtest.c +++ b/deps/openssl/openssl/test/fatalerrtest.c @@ -28,57 +28,49 @@ static int test_fatalerr(void) 0x17, 0x03, 0x03, 0x00, 0x05, 'D', 'u', 'm', 'm', 'y' }; - if (!create_ssl_ctx_pair(SSLv23_method(), SSLv23_method(), - SSL3_VERSION, TLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Failed to create SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_method(), TLS_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) goto err; - } /* * Deliberately set the cipher lists for client and server to be different * to force a handshake failure. */ - if (!SSL_CTX_set_cipher_list(sctx, "AES128-SHA") - || !SSL_CTX_set_cipher_list(cctx, "AES256-SHA")) { - printf("Failed to set cipher lists\n"); - goto err; - } - - if (!create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, NULL)) { - printf("Failed to create SSL objectx\n"); + if (!TEST_true(SSL_CTX_set_cipher_list(sctx, "AES128-SHA")) + || !TEST_true(SSL_CTX_set_cipher_list(cctx, "AES256-SHA")) + || !TEST_true(SSL_CTX_set_ciphersuites(sctx, + "TLS_AES_128_GCM_SHA256")) + || !TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_AES_256_GCM_SHA384")) + || !TEST_true(create_ssl_objects(sctx, cctx, &sssl, &cssl, NULL, + NULL))) goto err; - } wbio = SSL_get_wbio(cssl); - if (wbio == NULL) { + if (!TEST_ptr(wbio)) { printf("Unexpected NULL bio received\n"); goto err; } - if (create_ssl_connection(sssl, cssl)) { - printf("Unexpected success creating a connection\n"); + /* Connection should fail */ + if (!TEST_false(create_ssl_connection(sssl, cssl, SSL_ERROR_NONE))) goto err; - } ERR_clear_error(); /* Inject a plaintext record from client to server */ - if (BIO_write(wbio, dummyrec, sizeof(dummyrec)) <= 0) { - printf("Unexpected failure injecting dummy record\n"); + if (!TEST_int_gt(BIO_write(wbio, dummyrec, sizeof(dummyrec)), 0)) goto err; - } /* SSL_read()/SSL_write should fail because of a previous fatal error */ - if ((len = SSL_read(sssl, buf, sizeof(buf) - 1)) > 0) { + if (!TEST_int_le(len = SSL_read(sssl, buf, sizeof(buf) - 1), 0)) { buf[len] = '\0'; - printf("Unexpected success reading data: %s\n", buf); + TEST_error("Unexpected success reading data: %s\n", buf); goto err; } - if (SSL_write(sssl, msg, strlen(msg)) > 0) { - printf("Unexpected success writing data\n"); + if (!TEST_int_le(SSL_write(sssl, msg, strlen(msg)), 0)) goto err; - } ret = 1; err: @@ -90,36 +82,13 @@ static int test_fatalerr(void) return ret; } -int main(int argc, char *argv[]) +int setup_tests(void) { - BIO *err = NULL; - int testresult = 1; - - if (argc != 3) { - printf("Invalid argument count\n"); - return 1; - } - - cert = argv[1]; - privkey = argv[2]; - - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + if (!TEST_ptr(cert = test_get_argument(0)) + || !TEST_ptr(privkey = test_get_argument(1))) + return 0; ADD_TEST(test_fatalerr); - testresult = run_tests(argv[0]); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 1; -#endif - BIO_free(err); - - if (!testresult) - printf("PASS\n"); - - return testresult; + return 1; } diff --git a/deps/openssl/openssl/test/generate_buildtest.pl b/deps/openssl/openssl/test/generate_buildtest.pl index 0a9d879eb1..f9a663bea6 100644 --- a/deps/openssl/openssl/test/generate_buildtest.pl +++ b/deps/openssl/openssl/test/generate_buildtest.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -27,7 +27,7 @@ print <<"_____"; # include <openssl/$name.h> #endif -int main() +int main(void) { return 0; } diff --git a/deps/openssl/openssl/test/gmdifftest.c b/deps/openssl/openssl/test/gmdifftest.c index 73c910dd2f..f7aa1a3808 100644 --- a/deps/openssl/openssl/test/gmdifftest.c +++ b/deps/openssl/openssl/test/gmdifftest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,7 +8,8 @@ */ #include <openssl/crypto.h> -#include <stdio.h> + +#include "testutil.h" #define SECS_PER_DAY (24 * 60 * 60) @@ -24,6 +25,7 @@ static int check_time(long offset) int off_day, off_sec; long toffset; time_t t1, t2; + time(&t1); t2 = t1 + offset; @@ -31,51 +33,33 @@ static int check_time(long offset) OPENSSL_gmtime(&t1, &tm1); o1 = tm1; OPENSSL_gmtime_adj(&tm1, 0, offset); - if ((tm1.tm_year != tm2.tm_year) || - (tm1.tm_mon != tm2.tm_mon) || - (tm1.tm_mday != tm2.tm_mday) || - (tm1.tm_hour != tm2.tm_hour) || - (tm1.tm_min != tm2.tm_min) || (tm1.tm_sec != tm2.tm_sec)) { - fprintf(stderr, "TIME ERROR!!\n"); - fprintf(stderr, "Time1: %d/%d/%d, %d:%02d:%02d\n", - tm2.tm_mday, tm2.tm_mon + 1, tm2.tm_year + 1900, - tm2.tm_hour, tm2.tm_min, tm2.tm_sec); - fprintf(stderr, "Time2: %d/%d/%d, %d:%02d:%02d\n", - tm1.tm_mday, tm1.tm_mon + 1, tm1.tm_year + 1900, - tm1.tm_hour, tm1.tm_min, tm1.tm_sec); + if (!TEST_int_eq(tm1.tm_year, tm2.tm_year) + || !TEST_int_eq(tm1.tm_mon, tm2.tm_mon) + || !TEST_int_eq(tm1.tm_mday, tm2.tm_mday) + || !TEST_int_eq(tm1.tm_hour, tm2.tm_hour) + || !TEST_int_eq(tm1.tm_min, tm2.tm_min) + || !TEST_int_eq(tm1.tm_sec, tm2.tm_sec) + || !TEST_true(OPENSSL_gmtime_diff(&off_day, &off_sec, &o1, &tm1))) return 0; - } - if (!OPENSSL_gmtime_diff(&off_day, &off_sec, &o1, &tm1)) + toffset = (long)off_day * SECS_PER_DAY + off_sec; + if (!TEST_long_eq(offset, toffset)) return 0; - toffset = (long)off_day *SECS_PER_DAY + off_sec; - if (offset != toffset) { - fprintf(stderr, "TIME OFFSET ERROR!!\n"); - fprintf(stderr, "Expected %ld, Got %ld (%d:%d)\n", - offset, toffset, off_day, off_sec); - return 0; - } return 1; } -int main(int argc, char **argv) +static int test_gmtime(int offset) { - long offset; - int fails; - - if (sizeof(time_t) < 8) { - fprintf(stderr, "Skipping; time_t is less than 64-bits\n"); - return 0; - } - for (fails = 0, offset = 0; offset < 1000000; offset++) { - if (!check_time(offset)) - fails++; - if (!check_time(-offset)) - fails++; - if (!check_time(offset * 1000)) - fails++; - if (!check_time(-offset * 1000)) - fails++; - } + return check_time(offset) && + check_time(-offset) && + check_time(offset * 1000L) && + check_time(-offset * 1000L); +} - return fails ? 1 : 0; +int setup_tests(void) +{ + if (sizeof(time_t) < 8) + TEST_info("Skipping; time_t is less than 64-bits"); + else + ADD_ALL_TESTS_NOSUBTEST(test_gmtime, 1000000); + return 1; } diff --git a/deps/openssl/openssl/test/handshake_helper.c b/deps/openssl/openssl/test/handshake_helper.c index 41a2c00229..40bfd3ec26 100644 --- a/deps/openssl/openssl/test/handshake_helper.c +++ b/deps/openssl/openssl/test/handshake_helper.c @@ -12,14 +12,21 @@ #include <openssl/bio.h> #include <openssl/x509_vfy.h> #include <openssl/ssl.h> +#ifndef OPENSSL_NO_SRP +#include <openssl/srp.h> +#endif +#include "../ssl/ssl_locl.h" +#include "internal/sockets.h" +#include "internal/nelem.h" #include "handshake_helper.h" #include "testutil.h" -HANDSHAKE_RESULT *HANDSHAKE_RESULT_new() +HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void) { - HANDSHAKE_RESULT *ret = OPENSSL_zalloc(sizeof(*ret)); - TEST_check(ret != NULL); + HANDSHAKE_RESULT *ret; + + TEST_ptr(ret = OPENSSL_zalloc(sizeof(*ret))); return ret; } @@ -31,6 +38,10 @@ void HANDSHAKE_RESULT_free(HANDSHAKE_RESULT *result) OPENSSL_free(result->server_npn_negotiated); OPENSSL_free(result->client_alpn_negotiated); OPENSSL_free(result->server_alpn_negotiated); + OPENSSL_free(result->result_session_ticket_app_data); + sk_X509_NAME_pop_free(result->server_ca_names, X509_NAME_free); + sk_X509_NAME_pop_free(result->client_ca_names, X509_NAME_free); + OPENSSL_free(result->cipher); OPENSSL_free(result); } @@ -52,6 +63,9 @@ typedef struct ctx_data_st { size_t npn_protocols_len; unsigned char *alpn_protocols; size_t alpn_protocols_len; + char *srp_user; + char *srp_password; + char *session_ticket_app_data; } CTX_DATA; /* |ctx_data| itself is stack-allocated. */ @@ -61,6 +75,12 @@ static void ctx_data_free_data(CTX_DATA *ctx_data) ctx_data->npn_protocols = NULL; OPENSSL_free(ctx_data->alpn_protocols); ctx_data->alpn_protocols = NULL; + OPENSSL_free(ctx_data->srp_user); + ctx_data->srp_user = NULL; + OPENSSL_free(ctx_data->srp_password); + ctx_data->srp_password = NULL; + OPENSSL_free(ctx_data->session_ticket_app_data); + ctx_data->session_ticket_app_data = NULL; } static int ex_data_idx; @@ -123,6 +143,68 @@ static int select_server_ctx(SSL *s, void *arg, int ignore) } } +static int client_hello_select_server_ctx(SSL *s, void *arg, int ignore) +{ + const char *servername; + const unsigned char *p; + size_t len, remaining; + HANDSHAKE_EX_DATA *ex_data = + (HANDSHAKE_EX_DATA*)(SSL_get_ex_data(s, ex_data_idx)); + + /* + * The server_name extension was given too much extensibility when it + * was written, so parsing the normal case is a bit complex. + */ + if (!SSL_client_hello_get0_ext(s, TLSEXT_TYPE_server_name, &p, + &remaining) || + remaining <= 2) + return 0; + /* Extract the length of the supplied list of names. */ + len = (*(p++) << 8); + len += *(p++); + if (len + 2 != remaining) + return 0; + remaining = len; + /* + * The list in practice only has a single element, so we only consider + * the first one. + */ + if (remaining == 0 || *p++ != TLSEXT_NAMETYPE_host_name) + return 0; + remaining--; + /* Now we can finally pull out the byte array with the actual hostname. */ + if (remaining <= 2) + return 0; + len = (*(p++) << 8); + len += *(p++); + if (len + 2 > remaining) + return 0; + remaining = len; + servername = (const char *)p; + + if (len == strlen("server2") && strncmp(servername, "server2", len) == 0) { + SSL_CTX *new_ctx = arg; + SSL_set_SSL_CTX(s, new_ctx); + /* + * Copy over all the SSL_CTX options - reasonable behavior + * allows testing of cases where the options between two + * contexts differ/conflict + */ + SSL_clear_options(s, 0xFFFFFFFFL); + SSL_set_options(s, SSL_CTX_get_options(new_ctx)); + + ex_data->servername = SSL_TEST_SERVERNAME_SERVER2; + return 1; + } else if (len == strlen("server1") && + strncmp(servername, "server1", len) == 0) { + ex_data->servername = SSL_TEST_SERVERNAME_SERVER1; + return 1; + } else if (ignore) { + ex_data->servername = SSL_TEST_SERVERNAME_SERVER1; + return 1; + } + return 0; +} /* * (RFC 6066): * If the server understood the ClientHello extension but @@ -144,6 +226,52 @@ static int servername_reject_cb(SSL *s, int *ad, void *arg) return select_server_ctx(s, arg, 0); } +static int client_hello_ignore_cb(SSL *s, int *al, void *arg) +{ + if (!client_hello_select_server_ctx(s, arg, 1)) { + *al = SSL_AD_UNRECOGNIZED_NAME; + return SSL_CLIENT_HELLO_ERROR; + } + return SSL_CLIENT_HELLO_SUCCESS; +} + +static int client_hello_reject_cb(SSL *s, int *al, void *arg) +{ + if (!client_hello_select_server_ctx(s, arg, 0)) { + *al = SSL_AD_UNRECOGNIZED_NAME; + return SSL_CLIENT_HELLO_ERROR; + } + return SSL_CLIENT_HELLO_SUCCESS; +} + +static int client_hello_nov12_cb(SSL *s, int *al, void *arg) +{ + int ret; + unsigned int v; + const unsigned char *p; + + v = SSL_client_hello_get0_legacy_version(s); + if (v > TLS1_2_VERSION || v < SSL3_VERSION) { + *al = SSL_AD_PROTOCOL_VERSION; + return SSL_CLIENT_HELLO_ERROR; + } + (void)SSL_client_hello_get0_session_id(s, &p); + if (p == NULL || + SSL_client_hello_get0_random(s, &p) == 0 || + SSL_client_hello_get0_ciphers(s, &p) == 0 || + SSL_client_hello_get0_compression_methods(s, &p) == 0) { + *al = SSL_AD_INTERNAL_ERROR; + return SSL_CLIENT_HELLO_ERROR; + } + ret = client_hello_select_server_ctx(s, arg, 0); + SSL_set_max_proto_version(s, TLS1_1_VERSION); + if (!ret) { + *al = SSL_AD_UNRECOGNIZED_NAME; + return SSL_CLIENT_HELLO_ERROR; + } + return SSL_CLIENT_HELLO_SUCCESS; +} + static unsigned char dummy_ocsp_resp_good_val = 0xff; static unsigned char dummy_ocsp_resp_bad_val = 0xfe; @@ -203,18 +331,17 @@ static int do_not_call_session_ticket_cb(SSL *s, unsigned char *key_name, } /* Parse the comma-separated list into TLS format. */ -static void parse_protos(const char *protos, unsigned char **out, size_t *outlen) +static int parse_protos(const char *protos, unsigned char **out, size_t *outlen) { size_t len, i, prefix; len = strlen(protos); /* Should never have reuse. */ - TEST_check(*out == NULL); - - /* Test values are small, so we omit length limit checks. */ - *out = OPENSSL_malloc(len + 1); - TEST_check(*out != NULL); + if (!TEST_ptr_null(*out) + /* Test values are small, so we omit length limit checks. */ + || !TEST_ptr(*out = OPENSSL_malloc(len + 1))) + return 0; *outlen = len + 1; /* @@ -227,14 +354,22 @@ static void parse_protos(const char *protos, unsigned char **out, size_t *outlen i = prefix + 1; while (i <= len) { if ((*out)[i] == ',') { - TEST_check(i - 1 - prefix > 0); - (*out)[prefix] = i - 1 - prefix; + if (!TEST_int_gt(i - 1, prefix)) + goto err; + (*out)[prefix] = (unsigned char)(i - 1 - prefix); prefix = i; } i++; } - TEST_check(len - prefix > 0); - (*out)[prefix] = len - prefix; + if (!TEST_int_gt(len, prefix)) + goto err; + (*out)[prefix] = (unsigned char)(len - prefix); + return 1; + +err: + OPENSSL_free(*out); + *out = NULL; + return 0; } #ifndef OPENSSL_NO_NEXTPROTONEG @@ -255,8 +390,8 @@ static int client_npn_cb(SSL *s, unsigned char **out, unsigned char *outlen, ctx_data->npn_protocols, ctx_data->npn_protocols_len); /* Accept both OPENSSL_NPN_NEGOTIATED and OPENSSL_NPN_NO_OVERLAP. */ - TEST_check(ret == OPENSSL_NPN_NEGOTIATED || ret == OPENSSL_NPN_NO_OVERLAP); - return SSL_TLSEXT_ERR_OK; + return TEST_true(ret == OPENSSL_NPN_NEGOTIATED || ret == OPENSSL_NPN_NO_OVERLAP) + ? SSL_TLSEXT_ERR_OK : SSL_TLSEXT_ERR_ALERT_FATAL; } static int server_npn_cb(SSL *s, const unsigned char **data, @@ -300,44 +435,115 @@ static int server_alpn_cb(SSL *s, const unsigned char **out, : SSL_TLSEXT_ERR_ALERT_FATAL; } +#ifndef OPENSSL_NO_SRP +static char *client_srp_cb(SSL *s, void *arg) +{ + CTX_DATA *ctx_data = (CTX_DATA*)(arg); + return OPENSSL_strdup(ctx_data->srp_password); +} + +static int server_srp_cb(SSL *s, int *ad, void *arg) +{ + CTX_DATA *ctx_data = (CTX_DATA*)(arg); + if (strcmp(ctx_data->srp_user, SSL_get_srp_username(s)) != 0) + return SSL3_AL_FATAL; + if (SSL_set_srp_server_param_pw(s, ctx_data->srp_user, + ctx_data->srp_password, + "2048" /* known group */) < 0) { + *ad = SSL_AD_INTERNAL_ERROR; + return SSL3_AL_FATAL; + } + return SSL_ERROR_NONE; +} +#endif /* !OPENSSL_NO_SRP */ + +static int generate_session_ticket_cb(SSL *s, void *arg) +{ + CTX_DATA *server_ctx_data = arg; + SSL_SESSION *ss = SSL_get_session(s); + char *app_data = server_ctx_data->session_ticket_app_data; + + if (ss == NULL || app_data == NULL) + return 0; + + return SSL_SESSION_set1_ticket_appdata(ss, app_data, strlen(app_data)); +} + +static int decrypt_session_ticket_cb(SSL *s, SSL_SESSION *ss, + const unsigned char *keyname, + size_t keyname_len, + SSL_TICKET_STATUS status, + void *arg) +{ + switch (status) { + case SSL_TICKET_EMPTY: + case SSL_TICKET_NO_DECRYPT: + return SSL_TICKET_RETURN_IGNORE_RENEW; + case SSL_TICKET_SUCCESS: + return SSL_TICKET_RETURN_USE; + case SSL_TICKET_SUCCESS_RENEW: + return SSL_TICKET_RETURN_USE_RENEW; + default: + break; + } + return SSL_TICKET_RETURN_ABORT; +} + /* * Configure callbacks and other properties that can't be set directly * in the server/client CONF. */ -static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, - SSL_CTX *client_ctx, - const SSL_TEST_CTX *test, - const SSL_TEST_EXTRA_CONF *extra, - CTX_DATA *server_ctx_data, - CTX_DATA *server2_ctx_data, - CTX_DATA *client_ctx_data) +static int configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, + SSL_CTX *client_ctx, + const SSL_TEST_CTX *test, + const SSL_TEST_EXTRA_CONF *extra, + CTX_DATA *server_ctx_data, + CTX_DATA *server2_ctx_data, + CTX_DATA *client_ctx_data) { unsigned char *ticket_keys; size_t ticket_key_len; - TEST_check(SSL_CTX_set_max_send_fragment(server_ctx, - test->max_fragment_size) == 1); + if (!TEST_int_eq(SSL_CTX_set_max_send_fragment(server_ctx, + test->max_fragment_size), 1)) + goto err; if (server2_ctx != NULL) { - TEST_check(SSL_CTX_set_max_send_fragment(server2_ctx, - test->max_fragment_size) == 1); + if (!TEST_int_eq(SSL_CTX_set_max_send_fragment(server2_ctx, + test->max_fragment_size), + 1)) + goto err; } - TEST_check(SSL_CTX_set_max_send_fragment(client_ctx, - test->max_fragment_size) == 1); + if (!TEST_int_eq(SSL_CTX_set_max_send_fragment(client_ctx, + test->max_fragment_size), 1)) + goto err; switch (extra->client.verify_callback) { case SSL_TEST_VERIFY_ACCEPT_ALL: - SSL_CTX_set_cert_verify_callback(client_ctx, &verify_accept_cb, - NULL); + SSL_CTX_set_cert_verify_callback(client_ctx, &verify_accept_cb, NULL); break; case SSL_TEST_VERIFY_REJECT_ALL: - SSL_CTX_set_cert_verify_callback(client_ctx, &verify_reject_cb, - NULL); + SSL_CTX_set_cert_verify_callback(client_ctx, &verify_reject_cb, NULL); break; - default: + case SSL_TEST_VERIFY_NONE: break; } - /* link the two contexts for SNI purposes */ + switch (extra->client.max_fragment_len_mode) { + case TLSEXT_max_fragment_length_512: + case TLSEXT_max_fragment_length_1024: + case TLSEXT_max_fragment_length_2048: + case TLSEXT_max_fragment_length_4096: + case TLSEXT_max_fragment_length_DISABLED: + SSL_CTX_set_tlsext_max_fragment_length( + client_ctx, extra->client.max_fragment_len_mode); + break; + } + + /* + * Link the two contexts for SNI purposes. + * Also do ClientHello callbacks here, as setting both ClientHello and SNI + * is bad. + */ switch (extra->server.servername_callback) { case SSL_TEST_SERVERNAME_IGNORE_MISMATCH: SSL_CTX_set_tlsext_servername_callback(server_ctx, servername_ignore_cb); @@ -347,8 +553,16 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX_set_tlsext_servername_callback(server_ctx, servername_reject_cb); SSL_CTX_set_tlsext_servername_arg(server_ctx, server2_ctx); break; - default: + case SSL_TEST_SERVERNAME_CB_NONE: + break; + case SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH: + SSL_CTX_set_client_hello_cb(server_ctx, client_hello_ignore_cb, server2_ctx); break; + case SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH: + SSL_CTX_set_client_hello_cb(server_ctx, client_hello_reject_cb, server2_ctx); + break; + case SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12: + SSL_CTX_set_client_hello_cb(server_ctx, client_hello_nov12_cb, server2_ctx); } if (extra->server.cert_status != SSL_TEST_CERT_STATUS_NONE) { @@ -375,77 +589,134 @@ static void configure_handshake_ctx(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, } #ifndef OPENSSL_NO_NEXTPROTONEG if (extra->server.npn_protocols != NULL) { - parse_protos(extra->server.npn_protocols, - &server_ctx_data->npn_protocols, - &server_ctx_data->npn_protocols_len); - SSL_CTX_set_next_protos_advertised_cb(server_ctx, server_npn_cb, - server_ctx_data); + if (!TEST_true(parse_protos(extra->server.npn_protocols, + &server_ctx_data->npn_protocols, + &server_ctx_data->npn_protocols_len))) + goto err; + SSL_CTX_set_npn_advertised_cb(server_ctx, server_npn_cb, + server_ctx_data); } if (extra->server2.npn_protocols != NULL) { - parse_protos(extra->server2.npn_protocols, - &server2_ctx_data->npn_protocols, - &server2_ctx_data->npn_protocols_len); - TEST_check(server2_ctx != NULL); - SSL_CTX_set_next_protos_advertised_cb(server2_ctx, server_npn_cb, - server2_ctx_data); + if (!TEST_true(parse_protos(extra->server2.npn_protocols, + &server2_ctx_data->npn_protocols, + &server2_ctx_data->npn_protocols_len)) + || !TEST_ptr(server2_ctx)) + goto err; + SSL_CTX_set_npn_advertised_cb(server2_ctx, server_npn_cb, + server2_ctx_data); } if (extra->client.npn_protocols != NULL) { - parse_protos(extra->client.npn_protocols, - &client_ctx_data->npn_protocols, - &client_ctx_data->npn_protocols_len); + if (!TEST_true(parse_protos(extra->client.npn_protocols, + &client_ctx_data->npn_protocols, + &client_ctx_data->npn_protocols_len))) + goto err; SSL_CTX_set_next_proto_select_cb(client_ctx, client_npn_cb, client_ctx_data); } #endif if (extra->server.alpn_protocols != NULL) { - parse_protos(extra->server.alpn_protocols, - &server_ctx_data->alpn_protocols, - &server_ctx_data->alpn_protocols_len); + if (!TEST_true(parse_protos(extra->server.alpn_protocols, + &server_ctx_data->alpn_protocols, + &server_ctx_data->alpn_protocols_len))) + goto err; SSL_CTX_set_alpn_select_cb(server_ctx, server_alpn_cb, server_ctx_data); } if (extra->server2.alpn_protocols != NULL) { - TEST_check(server2_ctx != NULL); - parse_protos(extra->server2.alpn_protocols, - &server2_ctx_data->alpn_protocols, - &server2_ctx_data->alpn_protocols_len); - SSL_CTX_set_alpn_select_cb(server2_ctx, server_alpn_cb, server2_ctx_data); + if (!TEST_ptr(server2_ctx) + || !TEST_true(parse_protos(extra->server2.alpn_protocols, + &server2_ctx_data->alpn_protocols, + &server2_ctx_data->alpn_protocols_len + ))) + goto err; + SSL_CTX_set_alpn_select_cb(server2_ctx, server_alpn_cb, + server2_ctx_data); } if (extra->client.alpn_protocols != NULL) { unsigned char *alpn_protos = NULL; size_t alpn_protos_len; - parse_protos(extra->client.alpn_protocols, - &alpn_protos, &alpn_protos_len); - /* Reversed return value convention... */ - TEST_check(SSL_CTX_set_alpn_protos(client_ctx, alpn_protos, - alpn_protos_len) == 0); + if (!TEST_true(parse_protos(extra->client.alpn_protocols, + &alpn_protos, &alpn_protos_len)) + /* Reversed return value convention... */ + || !TEST_int_eq(SSL_CTX_set_alpn_protos(client_ctx, alpn_protos, + alpn_protos_len), 0)) + goto err; OPENSSL_free(alpn_protos); } + if (extra->server.session_ticket_app_data != NULL) { + server_ctx_data->session_ticket_app_data = + OPENSSL_strdup(extra->server.session_ticket_app_data); + SSL_CTX_set_session_ticket_cb(server_ctx, generate_session_ticket_cb, + decrypt_session_ticket_cb, server_ctx_data); + } + if (extra->server2.session_ticket_app_data != NULL) { + if (!TEST_ptr(server2_ctx)) + goto err; + server2_ctx_data->session_ticket_app_data = + OPENSSL_strdup(extra->server2.session_ticket_app_data); + SSL_CTX_set_session_ticket_cb(server2_ctx, NULL, + decrypt_session_ticket_cb, server2_ctx_data); + } + /* * Use fixed session ticket keys so that we can decrypt a ticket created with * one CTX in another CTX. Don't address server2 for the moment. */ ticket_key_len = SSL_CTX_set_tlsext_ticket_keys(server_ctx, NULL, 0); - ticket_keys = OPENSSL_zalloc(ticket_key_len); - TEST_check(ticket_keys != NULL); - TEST_check(SSL_CTX_set_tlsext_ticket_keys(server_ctx, ticket_keys, - ticket_key_len) == 1); + if (!TEST_ptr(ticket_keys = OPENSSL_zalloc(ticket_key_len)) + || !TEST_int_eq(SSL_CTX_set_tlsext_ticket_keys(server_ctx, + ticket_keys, + ticket_key_len), 1)) { + OPENSSL_free(ticket_keys); + goto err; + } OPENSSL_free(ticket_keys); /* The default log list includes EC keys, so CT can't work without EC. */ #if !defined(OPENSSL_NO_CT) && !defined(OPENSSL_NO_EC) - TEST_check(SSL_CTX_set_default_ctlog_list_file(client_ctx)); + if (!TEST_true(SSL_CTX_set_default_ctlog_list_file(client_ctx))) + goto err; switch (extra->client.ct_validation) { case SSL_TEST_CT_VALIDATION_PERMISSIVE: - TEST_check(SSL_CTX_enable_ct(client_ctx, SSL_CT_VALIDATION_PERMISSIVE)); + if (!TEST_true(SSL_CTX_enable_ct(client_ctx, + SSL_CT_VALIDATION_PERMISSIVE))) + goto err; break; case SSL_TEST_CT_VALIDATION_STRICT: - TEST_check(SSL_CTX_enable_ct(client_ctx, SSL_CT_VALIDATION_STRICT)); + if (!TEST_true(SSL_CTX_enable_ct(client_ctx, SSL_CT_VALIDATION_STRICT))) + goto err; break; case SSL_TEST_CT_VALIDATION_NONE: break; } #endif +#ifndef OPENSSL_NO_SRP + if (extra->server.srp_user != NULL) { + SSL_CTX_set_srp_username_callback(server_ctx, server_srp_cb); + server_ctx_data->srp_user = OPENSSL_strdup(extra->server.srp_user); + server_ctx_data->srp_password = OPENSSL_strdup(extra->server.srp_password); + SSL_CTX_set_srp_cb_arg(server_ctx, server_ctx_data); + } + if (extra->server2.srp_user != NULL) { + if (!TEST_ptr(server2_ctx)) + goto err; + SSL_CTX_set_srp_username_callback(server2_ctx, server_srp_cb); + server2_ctx_data->srp_user = OPENSSL_strdup(extra->server2.srp_user); + server2_ctx_data->srp_password = OPENSSL_strdup(extra->server2.srp_password); + SSL_CTX_set_srp_cb_arg(server2_ctx, server2_ctx_data); + } + if (extra->client.srp_user != NULL) { + if (!TEST_true(SSL_CTX_set_srp_username(client_ctx, + extra->client.srp_user))) + goto err; + SSL_CTX_set_srp_client_pwd_callback(client_ctx, client_srp_cb); + client_ctx_data->srp_password = OPENSSL_strdup(extra->client.srp_password); + SSL_CTX_set_srp_cb_arg(client_ctx, client_ctx_data); + } +#endif /* !OPENSSL_NO_SRP */ + return 1; +err: + return 0; } /* Configure per-SSL callbacks and other properties. */ @@ -455,13 +726,17 @@ static void configure_handshake_ssl(SSL *server, SSL *client, if (extra->client.servername != SSL_TEST_SERVERNAME_NONE) SSL_set_tlsext_host_name(client, ssl_servername_name(extra->client.servername)); + if (extra->client.enable_pha) + SSL_set_post_handshake_auth(client, 1); } /* The status for each connection phase. */ typedef enum { PEER_SUCCESS, PEER_RETRY, - PEER_ERROR + PEER_ERROR, + PEER_WAITING, + PEER_TEST_FAILURE } peer_status_t; /* An SSL object and associated read-write buffers. */ @@ -477,17 +752,27 @@ typedef struct peer_st { peer_status_t status; } PEER; -static void create_peer(PEER *peer, SSL_CTX *ctx) +static int create_peer(PEER *peer, SSL_CTX *ctx) { static const int peer_buffer_size = 64 * 1024; + SSL *ssl = NULL; + unsigned char *read_buf = NULL, *write_buf = NULL; + + if (!TEST_ptr(ssl = SSL_new(ctx)) + || !TEST_ptr(write_buf = OPENSSL_zalloc(peer_buffer_size)) + || !TEST_ptr(read_buf = OPENSSL_zalloc(peer_buffer_size))) + goto err; - peer->ssl = SSL_new(ctx); - TEST_check(peer->ssl != NULL); - peer->write_buf = OPENSSL_zalloc(peer_buffer_size); - TEST_check(peer->write_buf != NULL); - peer->read_buf = OPENSSL_zalloc(peer_buffer_size); - TEST_check(peer->read_buf != NULL); + peer->ssl = ssl; + peer->write_buf = write_buf; + peer->read_buf = read_buf; peer->write_buf_len = peer->read_buf_len = peer_buffer_size; + return 1; +err: + SSL_free(ssl); + OPENSSL_free(write_buf); + OPENSSL_free(read_buf); + return 0; } static void peer_free_data(PEER *peer) @@ -503,24 +788,21 @@ static void peer_free_data(PEER *peer) */ static void do_handshake_step(PEER *peer) { - int ret; - - if (peer->status != PEER_RETRY) { - peer->status = PEER_ERROR; - return; - } - - ret = SSL_do_handshake(peer->ssl); - - if (ret == 1) { - peer->status = PEER_SUCCESS; - } else if (ret == 0) { - peer->status = PEER_ERROR; + if (!TEST_int_eq(peer->status, PEER_RETRY)) { + peer->status = PEER_TEST_FAILURE; } else { - int error = SSL_get_error(peer->ssl, ret); - /* Memory bios should never block with SSL_ERROR_WANT_WRITE. */ - if (error != SSL_ERROR_WANT_READ) + int ret = SSL_do_handshake(peer->ssl); + + if (ret == 1) { + peer->status = PEER_SUCCESS; + } else if (ret == 0) { peer->status = PEER_ERROR; + } else { + int error = SSL_get_error(peer->ssl, ret); + /* Memory bios should never block with SSL_ERROR_WANT_WRITE. */ + if (error != SSL_ERROR_WANT_READ) + peer->status = PEER_ERROR; + } } } @@ -537,13 +819,19 @@ static void do_app_data_step(PEER *peer) { int ret = 1, write_bytes; - TEST_check(peer->status == PEER_RETRY); + if (!TEST_int_eq(peer->status, PEER_RETRY)) { + peer->status = PEER_TEST_FAILURE; + return; + } /* We read everything available... */ while (ret > 0 && peer->bytes_to_read) { ret = SSL_read(peer->ssl, peer->read_buf, peer->read_buf_len); if (ret > 0) { - TEST_check(ret <= peer->bytes_to_read); + if (!TEST_int_le(ret, peer->bytes_to_read)) { + peer->status = PEER_TEST_FAILURE; + return; + } peer->bytes_to_read -= ret; } else if (ret == 0) { peer->status = PEER_ERROR; @@ -564,7 +852,10 @@ static void do_app_data_step(PEER *peer) ret = SSL_write(peer->ssl, peer->write_buf, write_bytes); if (ret > 0) { /* SSL_write will only succeed with a complete write. */ - TEST_check(ret == write_bytes); + if (!TEST_int_eq(ret, write_bytes)) { + peer->status = PEER_TEST_FAILURE; + return; + } peer->bytes_to_write -= ret; } else { /* @@ -603,9 +894,23 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) return; } - TEST_check(peer->status == PEER_RETRY); - TEST_check(test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER - || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT); + if (!TEST_int_eq(peer->status, PEER_RETRY) + || !TEST_true(test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_RENEG_SERVER + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_RENEG_CLIENT + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH)) { + peer->status = PEER_TEST_FAILURE; + return; + } + + /* Reset the count of the amount of app data we need to read/write */ + peer->bytes_to_write = peer->bytes_to_read = test_ctx->app_data_size; /* Check if we are the peer that is going to initiate */ if ((test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER @@ -619,7 +924,7 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) if (!SSL_renegotiate_pending(peer->ssl)) { /* * If we are the client we will always attempt to resume the - * session. The server may or may not resume dependant on the + * session. The server may or may not resume dependent on the * setting of SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION */ if (SSL_is_server(peer->ssl)) { @@ -657,6 +962,48 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) peer->status = PEER_RETRY; return; } + } else if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT) { + if (SSL_is_server(peer->ssl) + != (test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER)) { + peer->status = PEER_SUCCESS; + return; + } + + ret = SSL_key_update(peer->ssl, test_ctx->key_update_type); + if (!ret) { + peer->status = PEER_ERROR; + return; + } + do_handshake_step(peer); + /* + * This is a one step handshake. We shouldn't get anything other than + * PEER_SUCCESS + */ + if (peer->status != PEER_SUCCESS) + peer->status = PEER_ERROR; + return; + } else if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH) { + if (SSL_is_server(peer->ssl)) { + /* Make the server believe it's received the extension */ + if (test_ctx->extra.server.force_pha) + peer->ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED; + ret = SSL_verify_client_post_handshake(peer->ssl); + if (!ret) { + peer->status = PEER_ERROR; + return; + } + } + do_handshake_step(peer); + /* + * This is a one step handshake. We shouldn't get anything other than + * PEER_SUCCESS + */ + if (peer->status != PEER_SUCCESS) + peer->status = PEER_ERROR; + return; } /* @@ -678,7 +1025,7 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) peer->status = PEER_ERROR; return; } - /* If we're no in init yet then we're not done with setup yet */ + /* If we're not in init yet then we're not done with setup yet */ if (!SSL_in_init(peer->ssl)) return; } @@ -706,15 +1053,18 @@ static void do_shutdown_step(PEER *peer) { int ret; - TEST_check(peer->status == PEER_RETRY); + if (!TEST_int_eq(peer->status, PEER_RETRY)) { + peer->status = PEER_TEST_FAILURE; + return; + } ret = SSL_shutdown(peer->ssl); if (ret == 1) { peer->status = PEER_SUCCESS; } else if (ret < 0) { /* On 0, we retry. */ int error = SSL_get_error(peer->ssl, ret); - /* Memory bios should never block with SSL_ERROR_WANT_WRITE. */ - if (error != SSL_ERROR_WANT_READ) + + if (error != SSL_ERROR_WANT_READ && error != SSL_ERROR_WANT_WRITE) peer->status = PEER_ERROR; } } @@ -729,18 +1079,42 @@ typedef enum { CONNECTION_DONE } connect_phase_t; + +static int renegotiate_op(const SSL_TEST_CTX *test_ctx) +{ + switch (test_ctx->handshake_mode) { + case SSL_TEST_HANDSHAKE_RENEG_SERVER: + case SSL_TEST_HANDSHAKE_RENEG_CLIENT: + return 1; + default: + return 0; + } +} +static int post_handshake_op(const SSL_TEST_CTX *test_ctx) +{ + switch (test_ctx->handshake_mode) { + case SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT: + case SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER: + case SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH: + return 1; + default: + return 0; + } +} + static connect_phase_t next_phase(const SSL_TEST_CTX *test_ctx, connect_phase_t phase) { switch (phase) { case HANDSHAKE: - if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER - || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT) + if (renegotiate_op(test_ctx) || post_handshake_op(test_ctx)) return RENEG_APPLICATION_DATA; return APPLICATION_DATA; case RENEG_APPLICATION_DATA: return RENEG_SETUP; case RENEG_SETUP: + if (post_handshake_op(test_ctx)) + return APPLICATION_DATA; return RENEG_HANDSHAKE; case RENEG_HANDSHAKE: return APPLICATION_DATA; @@ -748,9 +1122,11 @@ static connect_phase_t next_phase(const SSL_TEST_CTX *test_ctx, return SHUTDOWN; case SHUTDOWN: return CONNECTION_DONE; - default: - TEST_check(0); /* Should never call next_phase when done. */ + case CONNECTION_DONE: + TEST_error("Trying to progress after connection done"); + break; } + return -1; } static void do_connect_step(const SSL_TEST_CTX *test_ctx, PEER *peer, @@ -775,8 +1151,9 @@ static void do_connect_step(const SSL_TEST_CTX *test_ctx, PEER *peer, case SHUTDOWN: do_shutdown_step(peer); break; - default: - TEST_check(0); + case CONNECTION_DONE: + TEST_error("Action after connection done"); + break; } } @@ -804,11 +1181,21 @@ static handshake_status_t handshake_status(peer_status_t last_status, int client_spoke_last) { switch (last_status) { + case PEER_TEST_FAILURE: + return INTERNAL_ERROR; + + case PEER_WAITING: + /* Shouldn't ever happen */ + return INTERNAL_ERROR; + case PEER_SUCCESS: switch (previous_status) { + case PEER_TEST_FAILURE: + return INTERNAL_ERROR; case PEER_SUCCESS: /* Both succeeded. */ return HANDSHAKE_SUCCESS; + case PEER_WAITING: case PEER_RETRY: /* Let the first peer finish. */ return HANDSHAKE_RETRY; @@ -826,6 +1213,11 @@ static handshake_status_t handshake_status(peer_status_t last_status, case PEER_ERROR: switch (previous_status) { + case PEER_TEST_FAILURE: + return INTERNAL_ERROR; + case PEER_WAITING: + /* The client failed immediately before sending the ClientHello */ + return client_spoke_last ? CLIENT_ERROR : INTERNAL_ERROR; case PEER_SUCCESS: /* * First peer succeeded but second peer errored. @@ -850,17 +1242,143 @@ static handshake_status_t handshake_status(peer_status_t last_status, /* Convert unsigned char buf's that shouldn't contain any NUL-bytes to char. */ static char *dup_str(const unsigned char *in, size_t len) { - char *ret; + char *ret = NULL; - if(len == 0) + if (len == 0) return NULL; /* Assert that the string does not contain NUL-bytes. */ - TEST_check(OPENSSL_strnlen((const char*)(in), len) == len); - ret = OPENSSL_strndup((const char*)(in), len); - TEST_check(ret != NULL); + if (TEST_size_t_eq(OPENSSL_strnlen((const char*)(in), len), len)) + TEST_ptr(ret = OPENSSL_strndup((const char*)(in), len)); + return ret; +} + +static int pkey_type(EVP_PKEY *pkey) +{ + int nid = EVP_PKEY_id(pkey); + +#ifndef OPENSSL_NO_EC + if (nid == EVP_PKEY_EC) { + const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); + return EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); + } +#endif + return nid; +} + +static int peer_pkey_type(SSL *s) +{ + X509 *x = SSL_get_peer_certificate(s); + + if (x != NULL) { + int nid = pkey_type(X509_get0_pubkey(x)); + + X509_free(x); + return nid; + } + return NID_undef; +} + +#if !defined(OPENSSL_NO_SCTP) && !defined(OPENSSL_NO_SOCK) +static int set_sock_as_sctp(int sock) +{ + /* + * For SCTP we have to set various options on the socket prior to + * connecting. This is done automatically by BIO_new_dgram_sctp(). + * We don't actually need the created BIO though so we free it again + * immediately. + */ + BIO *tmpbio = BIO_new_dgram_sctp(sock, BIO_NOCLOSE); + + if (tmpbio == NULL) + return 0; + BIO_free(tmpbio); + + return 1; +} + +static int create_sctp_socks(int *ssock, int *csock) +{ + BIO_ADDRINFO *res = NULL; + const BIO_ADDRINFO *ai = NULL; + int lsock = INVALID_SOCKET, asock = INVALID_SOCKET; + int consock = INVALID_SOCKET; + int ret = 0; + int family = 0; + + if (BIO_sock_init() != 1) + return 0; + + /* + * Port is 4463. It could be anything. It will fail if it's already being + * used for some other SCTP service. It seems unlikely though so we don't + * worry about it here. + */ + if (!BIO_lookup_ex(NULL, "4463", BIO_LOOKUP_SERVER, family, SOCK_STREAM, + IPPROTO_SCTP, &res)) + return 0; + + for (ai = res; ai != NULL; ai = BIO_ADDRINFO_next(ai)) { + family = BIO_ADDRINFO_family(ai); + lsock = BIO_socket(family, SOCK_STREAM, IPPROTO_SCTP, 0); + if (lsock == INVALID_SOCKET) { + /* Maybe the kernel doesn't support the socket family, even if + * BIO_lookup() added it in the returned result... + */ + continue; + } + + if (!set_sock_as_sctp(lsock) + || !BIO_listen(lsock, BIO_ADDRINFO_address(ai), + BIO_SOCK_REUSEADDR)) { + BIO_closesocket(lsock); + lsock = INVALID_SOCKET; + continue; + } + + /* Success, don't try any more addresses */ + break; + } + + if (lsock == INVALID_SOCKET) + goto err; + + BIO_ADDRINFO_free(res); + res = NULL; + + if (!BIO_lookup_ex(NULL, "4463", BIO_LOOKUP_CLIENT, family, SOCK_STREAM, + IPPROTO_SCTP, &res)) + goto err; + + consock = BIO_socket(family, SOCK_STREAM, IPPROTO_SCTP, 0); + if (consock == INVALID_SOCKET) + goto err; + + if (!set_sock_as_sctp(consock) + || !BIO_connect(consock, BIO_ADDRINFO_address(res), 0) + || !BIO_socket_nbio(consock, 1)) + goto err; + + asock = BIO_accept_ex(lsock, NULL, BIO_SOCK_NONBLOCK); + if (asock == INVALID_SOCKET) + goto err; + + *csock = consock; + *ssock = asock; + consock = asock = INVALID_SOCKET; + ret = 1; + + err: + BIO_ADDRINFO_free(res); + if (consock != INVALID_SOCKET) + BIO_closesocket(consock); + if (lsock != INVALID_SOCKET) + BIO_closesocket(lsock); + if (asock != INVALID_SOCKET) + BIO_closesocket(asock); return ret; } +#endif /* * Note that |extra| points to the correct client/server configuration @@ -878,57 +1396,92 @@ static char *dup_str(const unsigned char *in, size_t len) static HANDSHAKE_RESULT *do_handshake_internal( SSL_CTX *server_ctx, SSL_CTX *server2_ctx, SSL_CTX *client_ctx, const SSL_TEST_CTX *test_ctx, const SSL_TEST_EXTRA_CONF *extra, - SSL_SESSION *session_in, SSL_SESSION **session_out) + SSL_SESSION *session_in, SSL_SESSION *serv_sess_in, + SSL_SESSION **session_out, SSL_SESSION **serv_sess_out) { PEER server, client; - BIO *client_to_server, *server_to_client; + BIO *client_to_server = NULL, *server_to_client = NULL; HANDSHAKE_EX_DATA server_ex_data, client_ex_data; CTX_DATA client_ctx_data, server_ctx_data, server2_ctx_data; HANDSHAKE_RESULT *ret = HANDSHAKE_RESULT_new(); - int client_turn = 1, client_turn_count = 0; + int client_turn = 1, client_turn_count = 0, client_wait_count = 0; connect_phase_t phase = HANDSHAKE; handshake_status_t status = HANDSHAKE_RETRY; const unsigned char* tick = NULL; size_t tick_len = 0; + const unsigned char* sess_id = NULL; + unsigned int sess_id_len = 0; SSL_SESSION* sess = NULL; const unsigned char *proto = NULL; /* API dictates unsigned int rather than size_t. */ unsigned int proto_len = 0; EVP_PKEY *tmp_key; + const STACK_OF(X509_NAME) *names; + time_t start; + const char* cipher; + + if (ret == NULL) + return NULL; memset(&server_ctx_data, 0, sizeof(server_ctx_data)); memset(&server2_ctx_data, 0, sizeof(server2_ctx_data)); memset(&client_ctx_data, 0, sizeof(client_ctx_data)); memset(&server, 0, sizeof(server)); memset(&client, 0, sizeof(client)); + memset(&server_ex_data, 0, sizeof(server_ex_data)); + memset(&client_ex_data, 0, sizeof(client_ex_data)); - configure_handshake_ctx(server_ctx, server2_ctx, client_ctx, test_ctx, extra, - &server_ctx_data, &server2_ctx_data, &client_ctx_data); + if (!configure_handshake_ctx(server_ctx, server2_ctx, client_ctx, + test_ctx, extra, &server_ctx_data, + &server2_ctx_data, &client_ctx_data)) { + TEST_note("configure_handshake_ctx"); + return NULL; + } /* Setup SSL and buffers; additional configuration happens below. */ - create_peer(&server, server_ctx); - create_peer(&client, client_ctx); + if (!create_peer(&server, server_ctx)) { + TEST_note("creating server context"); + goto err; + } + if (!create_peer(&client, client_ctx)) { + TEST_note("creating client context"); + goto err; + } server.bytes_to_write = client.bytes_to_read = test_ctx->app_data_size; client.bytes_to_write = server.bytes_to_read = test_ctx->app_data_size; configure_handshake_ssl(server.ssl, client.ssl, extra); if (session_in != NULL) { + SSL_SESSION_get_id(serv_sess_in, &sess_id_len); /* In case we're testing resumption without tickets. */ - TEST_check(SSL_CTX_add_session(server_ctx, session_in)); - TEST_check(SSL_set_session(client.ssl, session_in)); + if ((sess_id_len > 0 + && !TEST_true(SSL_CTX_add_session(server_ctx, + serv_sess_in))) + || !TEST_true(SSL_set_session(client.ssl, session_in))) + goto err; + sess_id_len = 0; } - memset(&server_ex_data, 0, sizeof(server_ex_data)); - memset(&client_ex_data, 0, sizeof(client_ex_data)); - ret->result = SSL_TEST_INTERNAL_ERROR; - client_to_server = BIO_new(BIO_s_mem()); - server_to_client = BIO_new(BIO_s_mem()); + if (test_ctx->use_sctp) { +#if !defined(OPENSSL_NO_SCTP) && !defined(OPENSSL_NO_SOCK) + int csock, ssock; - TEST_check(client_to_server != NULL); - TEST_check(server_to_client != NULL); + if (create_sctp_socks(&ssock, &csock)) { + client_to_server = BIO_new_dgram_sctp(csock, BIO_CLOSE); + server_to_client = BIO_new_dgram_sctp(ssock, BIO_CLOSE); + } +#endif + } else { + client_to_server = BIO_new(BIO_s_mem()); + server_to_client = BIO_new(BIO_s_mem()); + } + + if (!TEST_ptr(client_to_server) + || !TEST_ptr(server_to_client)) + goto err; /* Non-blocking bio. */ BIO_set_nbio(client_to_server, 1); @@ -938,21 +1491,30 @@ static HANDSHAKE_RESULT *do_handshake_internal( SSL_set_accept_state(server.ssl); /* The bios are now owned by the SSL object. */ - SSL_set_bio(client.ssl, server_to_client, client_to_server); - TEST_check(BIO_up_ref(server_to_client) > 0); - TEST_check(BIO_up_ref(client_to_server) > 0); - SSL_set_bio(server.ssl, client_to_server, server_to_client); + if (test_ctx->use_sctp) { + SSL_set_bio(client.ssl, client_to_server, client_to_server); + SSL_set_bio(server.ssl, server_to_client, server_to_client); + } else { + SSL_set_bio(client.ssl, server_to_client, client_to_server); + if (!TEST_int_gt(BIO_up_ref(server_to_client), 0) + || !TEST_int_gt(BIO_up_ref(client_to_server), 0)) + goto err; + SSL_set_bio(server.ssl, client_to_server, server_to_client); + } ex_data_idx = SSL_get_ex_new_index(0, "ex data", NULL, NULL, NULL); - TEST_check(ex_data_idx >= 0); - - TEST_check(SSL_set_ex_data(server.ssl, ex_data_idx, &server_ex_data) == 1); - TEST_check(SSL_set_ex_data(client.ssl, ex_data_idx, &client_ex_data) == 1); + if (!TEST_int_ge(ex_data_idx, 0) + || !TEST_int_eq(SSL_set_ex_data(server.ssl, ex_data_idx, &server_ex_data), 1) + || !TEST_int_eq(SSL_set_ex_data(client.ssl, ex_data_idx, &client_ex_data), 1)) + goto err; SSL_set_info_callback(server.ssl, &info_cb); SSL_set_info_callback(client.ssl, &info_cb); - client.status = server.status = PEER_RETRY; + client.status = PEER_RETRY; + server.status = PEER_WAITING; + + start = time(NULL); /* * Half-duplex handshake loop. @@ -967,6 +1529,8 @@ static HANDSHAKE_RESULT *do_handshake_internal( do_connect_step(test_ctx, &client, phase); status = handshake_status(client.status, server.status, 1 /* client went last */); + if (server.status == PEER_WAITING) + server.status = PEER_RETRY; } else { do_connect_step(test_ctx, &server, phase); status = handshake_status(server.status, client.status, @@ -1001,18 +1565,46 @@ static HANDSHAKE_RESULT *do_handshake_internal( ret->result = SSL_TEST_INTERNAL_ERROR; goto err; case HANDSHAKE_RETRY: - if (client_turn_count++ >= 2000) { + if (test_ctx->use_sctp) { + if (time(NULL) - start > 3) { + /* + * We've waited for too long. Give up. + */ + ret->result = SSL_TEST_INTERNAL_ERROR; + goto err; + } /* - * At this point, there's been so many PEER_RETRY in a row - * that it's likely both sides are stuck waiting for a read. - * It's time to give up. + * With "real" sockets we only swap to processing the peer + * if they are expecting to retry. Otherwise we just retry the + * same endpoint again. */ - ret->result = SSL_TEST_INTERNAL_ERROR; - goto err; + if ((client_turn && server.status == PEER_RETRY) + || (!client_turn && client.status == PEER_RETRY)) + client_turn ^= 1; + } else { + if (client_turn_count++ >= 2000) { + /* + * At this point, there's been so many PEER_RETRY in a row + * that it's likely both sides are stuck waiting for a read. + * It's time to give up. + */ + ret->result = SSL_TEST_INTERNAL_ERROR; + goto err; + } + if (client_turn && server.status == PEER_SUCCESS) { + /* + * The server may finish before the client because the + * client spends some turns processing NewSessionTickets. + */ + if (client_wait_count++ >= 2) { + ret->result = SSL_TEST_INTERNAL_ERROR; + goto err; + } + } else { + /* Continue. */ + client_turn ^= 1; + } } - - /* Continue. */ - client_turn ^= 1; break; } } @@ -1026,12 +1618,21 @@ static HANDSHAKE_RESULT *do_handshake_internal( ret->server_protocol = SSL_version(server.ssl); ret->client_protocol = SSL_version(client.ssl); ret->servername = server_ex_data.servername; - if ((sess = SSL_get0_session(client.ssl)) != NULL) + if ((sess = SSL_get0_session(client.ssl)) != NULL) { SSL_SESSION_get0_ticket(sess, &tick, &tick_len); + sess_id = SSL_SESSION_get_id(sess, &sess_id_len); + } if (tick == NULL || tick_len == 0) ret->session_ticket = SSL_TEST_SESSION_TICKET_NO; else ret->session_ticket = SSL_TEST_SESSION_TICKET_YES; + ret->compression = (SSL_get_current_compression(client.ssl) == NULL) + ? SSL_TEST_COMPRESSION_NO + : SSL_TEST_COMPRESSION_YES; + if (sess_id == NULL || sess_id_len == 0) + ret->session_id = SSL_TEST_SESSION_ID_NO; + else + ret->session_id = SSL_TEST_SESSION_ID_YES; ret->session_ticket_do_not_call = server_ex_data.session_ticket_do_not_call; #ifndef OPENSSL_NO_NEXTPROTONEG @@ -1048,25 +1649,56 @@ static HANDSHAKE_RESULT *do_handshake_internal( SSL_get0_alpn_selected(server.ssl, &proto, &proto_len); ret->server_alpn_negotiated = dup_str(proto, proto_len); + if ((sess = SSL_get0_session(server.ssl)) != NULL) { + SSL_SESSION_get0_ticket_appdata(sess, (void**)&tick, &tick_len); + ret->result_session_ticket_app_data = OPENSSL_strndup((const char*)tick, tick_len); + } + ret->client_resumed = SSL_session_reused(client.ssl); ret->server_resumed = SSL_session_reused(server.ssl); + cipher = SSL_CIPHER_get_name(SSL_get_current_cipher(client.ssl)); + ret->cipher = dup_str((const unsigned char*)cipher, strlen(cipher)); + if (session_out != NULL) *session_out = SSL_get1_session(client.ssl); + if (serv_sess_out != NULL) { + SSL_SESSION *tmp = SSL_get_session(server.ssl); - if (SSL_get_server_tmp_key(client.ssl, &tmp_key)) { - int nid = EVP_PKEY_id(tmp_key); + /* + * We create a fresh copy that is not in the server session ctx linked + * list. + */ + if (tmp != NULL) + *serv_sess_out = SSL_SESSION_dup(tmp); + } -#ifndef OPENSSL_NO_EC - if (nid == EVP_PKEY_EC) { - EC_KEY *ec = EVP_PKEY_get0_EC_KEY(tmp_key); - nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); - } -#endif + if (SSL_get_peer_tmp_key(client.ssl, &tmp_key)) { + ret->tmp_key_type = pkey_type(tmp_key); EVP_PKEY_free(tmp_key); - ret->tmp_key_type = nid; } + SSL_get_peer_signature_nid(client.ssl, &ret->server_sign_hash); + SSL_get_peer_signature_nid(server.ssl, &ret->client_sign_hash); + + SSL_get_peer_signature_type_nid(client.ssl, &ret->server_sign_type); + SSL_get_peer_signature_type_nid(server.ssl, &ret->client_sign_type); + + names = SSL_get0_peer_CA_list(client.ssl); + if (names == NULL) + ret->client_ca_names = NULL; + else + ret->client_ca_names = SSL_dup_CA_list(names); + + names = SSL_get0_peer_CA_list(server.ssl); + if (names == NULL) + ret->server_ca_names = NULL; + else + ret->server_ca_names = SSL_dup_CA_list(names); + + ret->server_cert_type = peer_pkey_type(client.ssl); + ret->client_cert_type = peer_pkey_type(server.ssl); + ctx_data_free_data(&server_ctx_data); ctx_data_free_data(&server2_ctx_data); ctx_data_free_data(&client_ctx_data); @@ -1082,12 +1714,14 @@ HANDSHAKE_RESULT *do_handshake(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, const SSL_TEST_CTX *test_ctx) { HANDSHAKE_RESULT *result; - SSL_SESSION *session = NULL; + SSL_SESSION *session = NULL, *serv_sess = NULL; result = do_handshake_internal(server_ctx, server2_ctx, client_ctx, test_ctx, &test_ctx->extra, - NULL, &session); - if (test_ctx->handshake_mode != SSL_TEST_HANDSHAKE_RESUME) + NULL, NULL, &session, &serv_sess); + if (result == NULL + || test_ctx->handshake_mode != SSL_TEST_HANDSHAKE_RESUME + || result->result == SSL_TEST_INTERNAL_ERROR) goto end; if (result->result != SSL_TEST_SUCCESS) { @@ -1099,8 +1733,9 @@ HANDSHAKE_RESULT *do_handshake(SSL_CTX *server_ctx, SSL_CTX *server2_ctx, /* We don't support SNI on second handshake yet, so server2_ctx is NULL. */ result = do_handshake_internal(resume_server_ctx, NULL, resume_client_ctx, test_ctx, &test_ctx->resume_extra, - session, NULL); + session, serv_sess, NULL, NULL); end: SSL_SESSION_free(session); + SSL_SESSION_free(serv_sess); return result; } diff --git a/deps/openssl/openssl/test/handshake_helper.h b/deps/openssl/openssl/test/handshake_helper.h index 4f70592a18..ab6446a490 100644 --- a/deps/openssl/openssl/test/handshake_helper.h +++ b/deps/openssl/openssl/test/handshake_helper.h @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -34,6 +34,7 @@ typedef struct handshake_result { ssl_servername_t servername; /* Session ticket status */ ssl_session_ticket_t session_ticket; + int compression; /* Was this called on the second context? */ int session_ticket_do_not_call; char *client_npn_negotiated; @@ -45,6 +46,27 @@ typedef struct handshake_result { int server_resumed; /* Temporary key type */ int tmp_key_type; + /* server certificate key type */ + int server_cert_type; + /* server signing hash */ + int server_sign_hash; + /* server signature type */ + int server_sign_type; + /* server CA names */ + STACK_OF(X509_NAME) *server_ca_names; + /* client certificate key type */ + int client_cert_type; + /* client signing hash */ + int client_sign_hash; + /* client signature type */ + int client_sign_type; + /* Client CA names */ + STACK_OF(X509_NAME) *client_ca_names; + /* Session id status */ + ssl_session_id_t session_id; + char *cipher; + /* session ticket application data */ + char *result_session_ticket_app_data; } HANDSHAKE_RESULT; HANDSHAKE_RESULT *HANDSHAKE_RESULT_new(void); diff --git a/deps/openssl/openssl/test/heartbeat_test.c b/deps/openssl/openssl/test/heartbeat_test.c deleted file mode 100644 index 906736c37e..0000000000 --- a/deps/openssl/openssl/test/heartbeat_test.c +++ /dev/null @@ -1,378 +0,0 @@ -/* - * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -/*- - * Unit test for TLS heartbeats. - * - * Acts as a regression test against the Heartbleed bug (CVE-2014-0160). - * - * Author: Mike Bland (mbland@acm.org, http://mike-bland.com/) - * Date: 2014-04-12 - * License: Creative Commons Attribution 4.0 International (CC By 4.0) - * http://creativecommons.org/licenses/by/4.0/deed.en_US - * - * OUTPUT - * ------ - * The program returns zero on success. It will print a message with a count - * of the number of failed tests and return nonzero if any tests fail. - * - * It will print the contents of the request and response buffers for each - * failing test. In a "fixed" version, all the tests should pass and there - * should be no output. - * - * In a "bleeding" version, you'll see: - * - * test_dtls1_heartbleed failed: - * expected payload len: 0 - * received: 1024 - * sent 26 characters - * "HEARTBLEED " - * received 1024 characters - * "HEARTBLEED \xde\xad\xbe\xef..." - * ** test_dtls1_heartbleed failed ** - * - * The contents of the returned buffer in the failing test will depend on the - * contents of memory on your machine. - * - * MORE INFORMATION - * ---------------- - * http://mike-bland.com/2014/04/12/heartbleed.html - * http://mike-bland.com/tags/heartbleed.html - */ - -#define OPENSSL_UNIT_TEST - -#include "../ssl/ssl_locl.h" - -#include "testutil.h" -#include <ctype.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#if !defined(OPENSSL_NO_HEARTBEATS) && !defined(OPENSSL_NO_UNIT_TEST) - -/* As per https://tools.ietf.org/html/rfc6520#section-4 */ -# define MIN_PADDING_SIZE 16 - -/* Maximum number of payload characters to print as test output */ -# define MAX_PRINTABLE_CHARACTERS 1024 - -typedef struct heartbeat_test_fixture { - SSL_CTX *ctx; - SSL *s; - const char *test_case_name; - int (*process_heartbeat) (SSL *s, unsigned char *p, unsigned int length); - unsigned char *payload; - int sent_payload_len; - int expected_return_value; - int return_payload_offset; - int expected_payload_len; - const char *expected_return_payload; -} HEARTBEAT_TEST_FIXTURE; - -static HEARTBEAT_TEST_FIXTURE set_up(const char *const test_case_name, - const SSL_METHOD *meth) -{ - HEARTBEAT_TEST_FIXTURE fixture; - int setup_ok = 1; - memset(&fixture, 0, sizeof(fixture)); - fixture.test_case_name = test_case_name; - - fixture.ctx = SSL_CTX_new(meth); - if (!fixture.ctx) { - fprintf(stderr, "Failed to allocate SSL_CTX for test: %s\n", - test_case_name); - setup_ok = 0; - goto fail; - } - - fixture.s = SSL_new(fixture.ctx); - if (!fixture.s) { - fprintf(stderr, "Failed to allocate SSL for test: %s\n", - test_case_name); - setup_ok = 0; - goto fail; - } - - if (!ssl_init_wbio_buffer(fixture.s)) { - fprintf(stderr, "Failed to set up wbio buffer for test: %s\n", - test_case_name); - setup_ok = 0; - goto fail; - } - - if (!ssl3_setup_buffers(fixture.s)) { - fprintf(stderr, "Failed to setup buffers for test: %s\n", - test_case_name); - setup_ok = 0; - goto fail; - } - - /* - * Clear the memory for the return buffer, since this isn't automatically - * zeroed in opt mode and will cause spurious test failures that will - * change with each execution. - */ - memset(fixture.s->rlayer.wbuf.buf, 0, fixture.s->rlayer.wbuf.len); - - fail: - if (!setup_ok) { - ERR_print_errors_fp(stderr); - exit(EXIT_FAILURE); - } - return fixture; -} - -static HEARTBEAT_TEST_FIXTURE set_up_dtls(const char *const test_case_name) -{ - HEARTBEAT_TEST_FIXTURE fixture = set_up(test_case_name, - DTLS_server_method()); - fixture.process_heartbeat = dtls1_process_heartbeat; - - /* - * As per dtls1_get_record(), skipping the following from the beginning - * of the returned heartbeat message: type-1 byte; version-2 bytes; - * sequence number-8 bytes; length-2 bytes And then skipping the 1-byte - * type encoded by process_heartbeat for a total of 14 bytes, at which - * point we can grab the length and the payload we seek. - */ - fixture.return_payload_offset = 14; - return fixture; -} - -/* Needed by ssl3_write_bytes() */ -static int dummy_handshake(SSL *s) -{ - return 1; -} - -static void tear_down(HEARTBEAT_TEST_FIXTURE fixture) -{ - ERR_print_errors_fp(stderr); - SSL_free(fixture.s); - SSL_CTX_free(fixture.ctx); -} - -static void print_payload(const char *const prefix, - const unsigned char *payload, const int n) -{ - const int end = n < MAX_PRINTABLE_CHARACTERS ? n - : MAX_PRINTABLE_CHARACTERS; - int i = 0; - - printf("%s %d character%s", prefix, n, n == 1 ? "" : "s"); - if (end != n) - printf(" (first %d shown)", end); - printf("\n \""); - - for (; i != end; ++i) { - const unsigned char c = payload[i]; - if (isprint(c)) - fputc(c, stdout); - else - printf("\\x%02x", c); - } - printf("\"\n"); -} - -static int execute_heartbeat(HEARTBEAT_TEST_FIXTURE fixture) -{ - int result = 0; - SSL *s = fixture.s; - unsigned char *payload = fixture.payload; - unsigned char sent_buf[MAX_PRINTABLE_CHARACTERS + 1]; - int return_value; - unsigned const char *p; - int actual_payload_len; - - s->rlayer.rrec.data = payload; - s->rlayer.rrec.length = strlen((const char *)payload); - *payload++ = TLS1_HB_REQUEST; - s2n(fixture.sent_payload_len, payload); - - /* - * Make a local copy of the request, since it gets overwritten at some - * point - */ - memcpy(sent_buf, payload, sizeof(sent_buf)); - - return_value = fixture.process_heartbeat(s, s->rlayer.rrec.data, - s->rlayer.rrec.length); - - if (return_value != fixture.expected_return_value) { - printf("%s failed: expected return value %d, received %d\n", - fixture.test_case_name, fixture.expected_return_value, - return_value); - result = 1; - } - - /* - * If there is any byte alignment, it will be stored in wbuf.offset. - */ - p = &(s->rlayer. - wbuf.buf[fixture.return_payload_offset + s->rlayer.wbuf.offset]); - actual_payload_len = 0; - n2s(p, actual_payload_len); - - if (actual_payload_len != fixture.expected_payload_len) { - printf("%s failed:\n expected payload len: %d\n received: %d\n", - fixture.test_case_name, fixture.expected_payload_len, - actual_payload_len); - print_payload("sent", sent_buf, strlen((const char *)sent_buf)); - print_payload("received", p, actual_payload_len); - result = 1; - } else { - char *actual_payload = - OPENSSL_strndup((const char *)p, actual_payload_len); - if (strcmp(actual_payload, fixture.expected_return_payload) != 0) { - printf - ("%s failed:\n expected payload: \"%s\"\n received: \"%s\"\n", - fixture.test_case_name, fixture.expected_return_payload, - actual_payload); - result = 1; - } - OPENSSL_free(actual_payload); - } - - if (result != 0) { - printf("** %s failed **\n--------\n", fixture.test_case_name); - } - return result; -} - -static int honest_payload_size(unsigned char payload_buf[]) -{ - /* Omit three-byte pad at the beginning for type and payload length */ - return strlen((const char *)&payload_buf[3]) - MIN_PADDING_SIZE; -} - -# define SETUP_HEARTBEAT_TEST_FIXTURE(type)\ - SETUP_TEST_FIXTURE(HEARTBEAT_TEST_FIXTURE, set_up_##type) - -# define EXECUTE_HEARTBEAT_TEST()\ - EXECUTE_TEST(execute_heartbeat, tear_down) - -static int test_dtls1_not_bleeding() -{ - SETUP_HEARTBEAT_TEST_FIXTURE(dtls); - /* Three-byte pad at the beginning for type and payload length */ - unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4] = - " Not bleeding, sixteen spaces of padding" " "; - const int payload_buf_len = honest_payload_size(payload_buf); - - fixture.payload = &payload_buf[0]; - fixture.sent_payload_len = payload_buf_len; - fixture.expected_return_value = 0; - fixture.expected_payload_len = payload_buf_len; - fixture.expected_return_payload = - "Not bleeding, sixteen spaces of padding"; - EXECUTE_HEARTBEAT_TEST(); -} - -static int test_dtls1_not_bleeding_empty_payload() -{ - int payload_buf_len; - - SETUP_HEARTBEAT_TEST_FIXTURE(dtls); - /* - * Three-byte pad at the beginning for type and payload length, plus a - * NUL at the end - */ - unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS]; - memset(payload_buf, ' ', MIN_PADDING_SIZE + 3); - payload_buf[MIN_PADDING_SIZE + 3] = '\0'; - payload_buf_len = honest_payload_size(payload_buf); - - fixture.payload = &payload_buf[0]; - fixture.sent_payload_len = payload_buf_len; - fixture.expected_return_value = 0; - fixture.expected_payload_len = payload_buf_len; - fixture.expected_return_payload = ""; - EXECUTE_HEARTBEAT_TEST(); -} - -static int test_dtls1_heartbleed() -{ - SETUP_HEARTBEAT_TEST_FIXTURE(dtls); - /* Three-byte pad at the beginning for type and payload length */ - unsigned char payload_buf[4 + MAX_PRINTABLE_CHARACTERS] = - " HEARTBLEED "; - - fixture.payload = &payload_buf[0]; - fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS; - fixture.expected_return_value = 0; - fixture.expected_payload_len = 0; - fixture.expected_return_payload = ""; - EXECUTE_HEARTBEAT_TEST(); -} - -static int test_dtls1_heartbleed_empty_payload() -{ - SETUP_HEARTBEAT_TEST_FIXTURE(dtls); - /* - * Excluding the NUL at the end, one byte short of type + payload length - * + minimum padding - */ - unsigned char payload_buf[MAX_PRINTABLE_CHARACTERS + 4]; - memset(payload_buf, ' ', MIN_PADDING_SIZE + 2); - payload_buf[MIN_PADDING_SIZE + 2] = '\0'; - - fixture.payload = &payload_buf[0]; - fixture.sent_payload_len = MAX_PRINTABLE_CHARACTERS; - fixture.expected_return_value = 0; - fixture.expected_payload_len = 0; - fixture.expected_return_payload = ""; - EXECUTE_HEARTBEAT_TEST(); -} - -static int test_dtls1_heartbleed_excessive_plaintext_length() -{ - SETUP_HEARTBEAT_TEST_FIXTURE(dtls); - /* - * Excluding the NUL at the end, one byte in excess of maximum allowed - * heartbeat message length - */ - unsigned char payload_buf[SSL3_RT_MAX_PLAIN_LENGTH + 2]; - memset(payload_buf, ' ', sizeof(payload_buf)); - payload_buf[sizeof(payload_buf) - 1] = '\0'; - - fixture.payload = &payload_buf[0]; - fixture.sent_payload_len = honest_payload_size(payload_buf); - fixture.expected_return_value = 0; - fixture.expected_payload_len = 0; - fixture.expected_return_payload = ""; - EXECUTE_HEARTBEAT_TEST(); -} - -# undef EXECUTE_HEARTBEAT_TEST -# undef SETUP_HEARTBEAT_TEST_FIXTURE - -int main(int argc, char *argv[]) -{ - int result = 0; - - ADD_TEST(test_dtls1_not_bleeding); - ADD_TEST(test_dtls1_not_bleeding_empty_payload); - ADD_TEST(test_dtls1_heartbleed); - ADD_TEST(test_dtls1_heartbleed_empty_payload); - ADD_TEST(test_dtls1_heartbleed_excessive_plaintext_length); - - result = run_tests(argv[0]); - ERR_print_errors_fp(stderr); - return result; -} - -#else /* OPENSSL_NO_HEARTBEATS */ - -int main(int argc, char *argv[]) -{ - return EXIT_SUCCESS; -} -#endif /* OPENSSL_NO_HEARTBEATS */ diff --git a/deps/openssl/openssl/test/hmactest.c b/deps/openssl/openssl/test/hmactest.c index a5c6e74e00..ca775773a6 100644 --- a/deps/openssl/openssl/test/hmactest.c +++ b/deps/openssl/openssl/test/hmactest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,7 +11,7 @@ #include <string.h> #include <stdlib.h> -#include "../e_os.h" +#include "internal/nelem.h" # include <openssl/hmac.h> # include <openssl/sha.h> @@ -23,6 +23,8 @@ # include <openssl/ebcdic.h> # endif +#include "testutil.h" + # ifndef OPENSSL_NO_MD5 static struct test_st { unsigned char key[16]; @@ -79,21 +81,11 @@ static struct test_st { static char *pt(unsigned char *md, unsigned int len); -int main(int argc, char *argv[]) -{ + # ifndef OPENSSL_NO_MD5 - int i; +static int test_hmac_md5(int idx) +{ char *p; -# endif - int err = 0; - HMAC_CTX *ctx = NULL, *ctx2 = NULL; - unsigned char buf[EVP_MAX_MD_SIZE]; - unsigned int len; - -# ifdef OPENSSL_NO_MD5 - printf("test skipped: MD5 disabled\n"); -# else - # ifdef CHARSET_EBCDIC ebcdic2ascii(test[0].data, test[0].data, test[0].data_len); ebcdic2ascii(test[1].data, test[1].data, test[1].data_len); @@ -101,202 +93,135 @@ int main(int argc, char *argv[]) ebcdic2ascii(test[2].data, test[2].data, test[2].data_len); # endif - for (i = 0; i < 4; i++) { - p = pt(HMAC(EVP_md5(), - test[i].key, test[i].key_len, - test[i].data, test[i].data_len, NULL, NULL), - MD5_DIGEST_LENGTH); - - if (strcmp(p, (char *)test[i].digest) != 0) { - printf("Error calculating HMAC on %d entry'\n", i); - printf("got %s instead of %s\n", p, test[i].digest); - err++; - } else - printf("test %d ok\n", i); - } -# endif /* OPENSSL_NO_MD5 */ + p = pt(HMAC(EVP_md5(), + test[idx].key, test[idx].key_len, + test[idx].data, test[idx].data_len, NULL, NULL), + MD5_DIGEST_LENGTH); + + if (!TEST_str_eq(p, (char *)test[idx].digest)) + return 0; + + return 1; +} +# endif + +static int test_hmac_bad(void) +{ + HMAC_CTX *ctx = NULL; + int ret = 0; -/* test4 */ ctx = HMAC_CTX_new(); - if (ctx == NULL) { - printf("HMAC malloc failure (test 4)\n"); - err++; - goto end; - } - if (HMAC_CTX_get_md(ctx) != NULL) { - printf("Message digest not NULL for HMAC (test 4)\n"); - err++; - goto test5; - } - if (HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) { - printf("Should fail to initialise HMAC with empty MD and key (test 4)\n"); - err++; - goto test5; - } - if (HMAC_Update(ctx, test[4].data, test[4].data_len)) { - printf("Should fail HMAC_Update with ctx not set up (test 4)\n"); - err++; - goto test5; - } - if (HMAC_Init_ex(ctx, NULL, 0, EVP_sha1(), NULL)) { - printf("Should fail to initialise HMAC with empty key (test 4)\n"); - err++; - goto test5; - } - if (HMAC_Update(ctx, test[4].data, test[4].data_len)) { - printf("Should fail HMAC_Update with ctx not set up (test 4)\n"); - err++; - goto test5; - } - printf("test 4 ok\n"); -test5: - /* Test 5 has empty key; test that single-shot accepts a NULL key. */ - p = pt(HMAC(EVP_sha1(), NULL, 0, test[4].data, test[4].data_len, - NULL, NULL), SHA_DIGEST_LENGTH); - if (strcmp(p, (char *)test[4].digest) != 0) { - printf("Error calculating HMAC on %d entry'\n", i); - printf("got %s instead of %s\n", p, test[4].digest); - err++; - } + if (!TEST_ptr(ctx) + || !TEST_ptr_null(HMAC_CTX_get_md(ctx)) + || !TEST_false(HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) + || !TEST_false(HMAC_Update(ctx, test[4].data, test[4].data_len)) + || !TEST_false(HMAC_Init_ex(ctx, NULL, 0, EVP_sha1(), NULL)) + || !TEST_false(HMAC_Update(ctx, test[4].data, test[4].data_len))) + goto err; + + ret = 1; +err: + HMAC_CTX_free(ctx); + return ret; +} + +static int test_hmac_run(void) +{ + char *p; + HMAC_CTX *ctx = NULL; + unsigned char buf[EVP_MAX_MD_SIZE]; + unsigned int len; + int ret = 0; + ctx = HMAC_CTX_new(); HMAC_CTX_reset(ctx); - if (HMAC_CTX_get_md(ctx) != NULL) { - printf("Message digest not NULL for HMAC (test 5)\n"); - err++; - goto test6; - } - if (HMAC_Init_ex(ctx, test[4].key, test[4].key_len, NULL, NULL)) { - printf("Should fail to initialise HMAC with empty MD (test 5)\n"); - err++; - goto test6; - } - if (HMAC_Update(ctx, test[4].data, test[4].data_len)) { - printf("Should fail HMAC_Update with ctx not set up (test 5)\n"); - err++; - goto test6; - } - if (HMAC_Init_ex(ctx, test[4].key, -1, EVP_sha1(), NULL)) { - printf("Should fail to initialise HMAC with invalid key len(test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Init_ex(ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) { - printf("Failed to initialise HMAC (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Update(ctx, test[4].data, test[4].data_len)) { - printf("Error updating HMAC with data (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Final(ctx, buf, &len)) { - printf("Error finalising data (test 5)\n"); - err++; - goto test6; - } + + if (!TEST_ptr(ctx) + || !TEST_ptr_null(HMAC_CTX_get_md(ctx)) + || !TEST_false(HMAC_Init_ex(ctx, NULL, 0, NULL, NULL)) + || !TEST_false(HMAC_Update(ctx, test[4].data, test[4].data_len)) + || !TEST_false(HMAC_Init_ex(ctx, test[4].key, -1, EVP_sha1(), NULL))) + goto err; + + if (!TEST_true(HMAC_Init_ex(ctx, test[4].key, test[4].key_len, EVP_sha1(), NULL)) + || !TEST_true(HMAC_Update(ctx, test[4].data, test[4].data_len)) + || !TEST_true(HMAC_Final(ctx, buf, &len))) + goto err; + p = pt(buf, len); - if (strcmp(p, (char *)test[4].digest) != 0) { - printf("Error calculating interim HMAC on test 5\n"); - printf("got %s instead of %s\n", p, test[4].digest); - err++; - goto test6; - } - if (HMAC_Init_ex(ctx, NULL, 0, EVP_sha256(), NULL)) { - printf("Should disallow changing MD without a new key (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Init_ex(ctx, test[5].key, test[5].key_len, EVP_sha256(), NULL)) { - printf("Failed to reinitialise HMAC (test 5)\n"); - err++; - goto test6; - } - if (HMAC_CTX_get_md(ctx) != EVP_sha256()) { - printf("Unexpected message digest for HMAC (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Update(ctx, test[5].data, test[5].data_len)) { - printf("Error updating HMAC with data (sha256) (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Final(ctx, buf, &len)) { - printf("Error finalising data (sha256) (test 5)\n"); - err++; - goto test6; - } + if (!TEST_str_eq(p, (char *)test[4].digest)) + goto err; + + if (!TEST_false(HMAC_Init_ex(ctx, NULL, 0, EVP_sha256(), NULL))) + goto err; + + if (!TEST_true(HMAC_Init_ex(ctx, test[5].key, test[5].key_len, EVP_sha256(), NULL)) + || !TEST_ptr_eq(HMAC_CTX_get_md(ctx), EVP_sha256()) + || !TEST_true(HMAC_Update(ctx, test[5].data, test[5].data_len)) + || !TEST_true(HMAC_Final(ctx, buf, &len))) + goto err; + p = pt(buf, len); - if (strcmp(p, (char *)test[5].digest) != 0) { - printf("Error calculating 2nd interim HMAC on test 5\n"); - printf("got %s instead of %s\n", p, test[5].digest); - err++; - goto test6; - } - if (!HMAC_Init_ex(ctx, test[6].key, test[6].key_len, NULL, NULL)) { - printf("Failed to reinitialise HMAC with key (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Update(ctx, test[6].data, test[6].data_len)) { - printf("Error updating HMAC with data (new key) (test 5)\n"); - err++; - goto test6; - } - if (!HMAC_Final(ctx, buf, &len)) { - printf("Error finalising data (new key) (test 5)\n"); - err++; - goto test6; - } + if (!TEST_str_eq(p, (char *)test[5].digest)) + goto err; + + if (!TEST_true(HMAC_Init_ex(ctx, test[6].key, test[6].key_len, NULL, NULL)) + || !TEST_true(HMAC_Update(ctx, test[6].data, test[6].data_len)) + || !TEST_true(HMAC_Final(ctx, buf, &len))) + goto err; p = pt(buf, len); - if (strcmp(p, (char *)test[6].digest) != 0) { - printf("error calculating HMAC on test 5\n"); - printf("got %s instead of %s\n", p, test[6].digest); - err++; - } else { - printf("test 5 ok\n"); - } -test6: - HMAC_CTX_reset(ctx); + if (!TEST_str_eq(p, (char *)test[6].digest)) + goto err; + + ret = 1; +err: + HMAC_CTX_free(ctx); + return ret; +} + + +static int test_hmac_single_shot(void) +{ + char *p; + + /* Test single-shot with an empty key. */ + p = pt(HMAC(EVP_sha1(), NULL, 0, test[4].data, test[4].data_len, + NULL, NULL), SHA_DIGEST_LENGTH); + if (!TEST_str_eq(p, (char *)test[4].digest)) + return 0; + + return 1; +} + + +static int test_hmac_copy(void) +{ + char *p; + HMAC_CTX *ctx = NULL, *ctx2 = NULL; + unsigned char buf[EVP_MAX_MD_SIZE]; + unsigned int len; + int ret = 0; + + ctx = HMAC_CTX_new(); ctx2 = HMAC_CTX_new(); - if (ctx2 == NULL) { - printf("HMAC malloc failure (test 6)\n"); - err++; - goto end; - } - if (!HMAC_Init_ex(ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) { - printf("Failed to initialise HMAC (test 6)\n"); - err++; - goto end; - } - if (!HMAC_Update(ctx, test[7].data, test[7].data_len)) { - printf("Error updating HMAC with data (test 6)\n"); - err++; - goto end; - } - if (!HMAC_CTX_copy(ctx2, ctx)) { - printf("Failed to copy HMAC_CTX (test 6)\n"); - err++; - goto end; - } - if (!HMAC_Final(ctx2, buf, &len)) { - printf("Error finalising data (test 6)\n"); - err++; - goto end; - } + if (!TEST_ptr(ctx) || !TEST_ptr(ctx2)) + goto err; + + if (!TEST_true(HMAC_Init_ex(ctx, test[7].key, test[7].key_len, EVP_sha1(), NULL)) + || !TEST_true(HMAC_Update(ctx, test[7].data, test[7].data_len)) + || !TEST_true(HMAC_CTX_copy(ctx2, ctx)) + || !TEST_true(HMAC_Final(ctx2, buf, &len))) + goto err; + p = pt(buf, len); - if (strcmp(p, (char *)test[7].digest) != 0) { - printf("Error calculating HMAC on test 6\n"); - printf("got %s instead of %s\n", p, test[7].digest); - err++; - } else { - printf("test 6 ok\n"); - } -end: + if (!TEST_str_eq(p, (char *)test[7].digest)) + goto err; + + ret = 1; +err: HMAC_CTX_free(ctx2); HMAC_CTX_free(ctx); - EXIT(err); + return ret; } # ifndef OPENSSL_NO_MD5 @@ -307,6 +232,17 @@ static char *pt(unsigned char *md, unsigned int len) for (i = 0; i < len; i++) sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); + return buf; } # endif + +int setup_tests(void) +{ + ADD_ALL_TESTS(test_hmac_md5, 4); + ADD_TEST(test_hmac_single_shot); + ADD_TEST(test_hmac_bad); + ADD_TEST(test_hmac_run); + ADD_TEST(test_hmac_copy); + return 1; +} + diff --git a/deps/openssl/openssl/test/ideatest.c b/deps/openssl/openssl/test/ideatest.c index 3849670093..c80e18f80a 100644 --- a/deps/openssl/openssl/test/ideatest.c +++ b/deps/openssl/openssl/test/ideatest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,19 +7,12 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <string.h> -#include <stdlib.h> -#include "../e_os.h" +#include "internal/nelem.h" +#include "testutil.h" -#ifdef OPENSSL_NO_IDEA -int main(int argc, char *argv[]) -{ - printf("No IDEA support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_IDEA # include <openssl/idea.h> static const unsigned char k[16] = { @@ -58,121 +51,69 @@ static const unsigned char cfb_cipher64[CFB_TEST_SIZE] = { 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/ }; -static int cfb64_test(const unsigned char *cfb_cipher); -static char *pt(unsigned char *p); -int main(int argc, char *argv[]) +static int test_idea_ecb(void) { - int i, err = 0; IDEA_KEY_SCHEDULE key, dkey; - unsigned char iv[8]; IDEA_set_encrypt_key(k, &key); IDEA_ecb_encrypt(in, out, &key); - if (memcmp(out, c, 8) != 0) { - printf("ecb idea error encrypting\n"); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", out[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", c[i]); - err = 20; - printf("\n"); - } + if (!TEST_mem_eq(out, IDEA_BLOCK, c, sizeof(c))) + return 0; IDEA_set_decrypt_key(&key, &dkey); IDEA_ecb_encrypt(c, out, &dkey); - if (memcmp(out, in, 8) != 0) { - printf("ecb idea error decrypting\n"); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", out[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", in[i]); - printf("\n"); - err = 3; - } - - if (err == 0) - printf("ecb idea ok\n"); - - memcpy(iv, k, 8); - IDEA_cbc_encrypt((unsigned char *)text, out, strlen(text) + 1, &key, iv, - 1); - memcpy(iv, k, 8); - IDEA_cbc_encrypt(out, out, 8, &dkey, iv, 0); - IDEA_cbc_encrypt(&(out[8]), &(out[8]), strlen(text) + 1 - 8, &dkey, iv, - 0); - if (memcmp(text, out, strlen(text) + 1) != 0) { - printf("cbc idea bad\n"); - err = 4; - } else - printf("cbc idea ok\n"); - - printf("cfb64 idea "); - if (cfb64_test(cfb_cipher64)) { - printf("bad\n"); - err = 5; - } else - printf("ok\n"); - - EXIT(err); + return TEST_mem_eq(out, IDEA_BLOCK, in, sizeof(in)); +} + +static int test_idea_cbc(void) +{ + IDEA_KEY_SCHEDULE key, dkey; + unsigned char iv[IDEA_BLOCK]; + const size_t text_len = sizeof(text); + + IDEA_set_encrypt_key(k, &key); + IDEA_set_decrypt_key(&key, &dkey); + memcpy(iv, k, sizeof(iv)); + IDEA_cbc_encrypt((unsigned char *)text, out, text_len, &key, iv, 1); + memcpy(iv, k, sizeof(iv)); + IDEA_cbc_encrypt(out, out, IDEA_BLOCK, &dkey, iv, 0); + IDEA_cbc_encrypt(&out[8], &out[8], text_len - 8, &dkey, iv, 0); + return TEST_mem_eq(text, text_len, out, text_len); } -static int cfb64_test(const unsigned char *cfb_cipher) +static int test_idea_cfb64(void) { IDEA_KEY_SCHEDULE eks, dks; - int err = 0, i, n; + int n; IDEA_set_encrypt_key(cfb_key, &eks); IDEA_set_decrypt_key(&eks, &dks); - memcpy(cfb_tmp, cfb_iv, 8); + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_tmp)); n = 0; IDEA_cfb64_encrypt(plain, cfb_buf1, (long)12, &eks, cfb_tmp, &n, IDEA_ENCRYPT); - IDEA_cfb64_encrypt(&(plain[12]), &(cfb_buf1[12]), + IDEA_cfb64_encrypt(&plain[12], &cfb_buf1[12], (long)CFB_TEST_SIZE - 12, &eks, cfb_tmp, &n, IDEA_ENCRYPT); - if (memcmp(cfb_cipher, cfb_buf1, CFB_TEST_SIZE) != 0) { - err = 1; - printf("IDEA_cfb64_encrypt encrypt error\n"); - for (i = 0; i < CFB_TEST_SIZE; i += 8) - printf("%s\n", pt(&(cfb_buf1[i]))); - } - memcpy(cfb_tmp, cfb_iv, 8); + if (!TEST_mem_eq(cfb_cipher64, CFB_TEST_SIZE, cfb_buf1, CFB_TEST_SIZE)) + return 0; + memcpy(cfb_tmp, cfb_iv, sizeof(cfb_tmp)); n = 0; IDEA_cfb64_encrypt(cfb_buf1, cfb_buf2, (long)13, &eks, cfb_tmp, &n, IDEA_DECRYPT); - IDEA_cfb64_encrypt(&(cfb_buf1[13]), &(cfb_buf2[13]), + IDEA_cfb64_encrypt(&cfb_buf1[13], &cfb_buf2[13], (long)CFB_TEST_SIZE - 13, &eks, cfb_tmp, &n, IDEA_DECRYPT); - if (memcmp(plain, cfb_buf2, CFB_TEST_SIZE) != 0) { - err = 1; - printf("IDEA_cfb_encrypt decrypt error\n"); - for (i = 0; i < 24; i += 8) - printf("%s\n", pt(&(cfb_buf2[i]))); - } - return (err); + return TEST_mem_eq(plain, CFB_TEST_SIZE, cfb_buf2, CFB_TEST_SIZE); } +#endif -static char *pt(unsigned char *p) +int setup_tests(void) { - static char bufs[10][20]; - static int bnum = 0; - char *ret; - int i; - static char *f = "0123456789ABCDEF"; - - ret = &(bufs[bnum++][0]); - bnum %= 10; - for (i = 0; i < 8; i++) { - ret[i * 2] = f[(p[i] >> 4) & 0xf]; - ret[i * 2 + 1] = f[p[i] & 0xf]; - } - ret[16] = '\0'; - return (ret); -} +#ifndef OPENSSL_NO_IDEA + ADD_TEST(test_idea_ecb); + ADD_TEST(test_idea_cbc); + ADD_TEST(test_idea_cfb64); #endif + return 1; +} diff --git a/deps/openssl/openssl/test/igetest.c b/deps/openssl/openssl/test/igetest.c index fe5bbf16e2..fd1089d273 100644 --- a/deps/openssl/openssl/test/igetest.c +++ b/deps/openssl/openssl/test/igetest.c @@ -1,5 +1,5 @@ /* - * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,24 +12,20 @@ #include <openssl/rand.h> #include <stdio.h> #include <string.h> -#include <assert.h> -#include "e_os.h" +#include "internal/nelem.h" +#include "testutil.h" #define TEST_SIZE 128 #define BIG_TEST_SIZE 10240 -static void hexdump(FILE *f, const char *title, const unsigned char *s, int l) -{ - int n = 0; +#if BIG_TEST_SIZE < TEST_SIZE +#error BIG_TEST_SIZE is smaller than TEST_SIZE +#endif - fprintf(f, "%s", title); - for (; n < l; ++n) { - if ((n % 16) == 0) - fprintf(f, "\n%04x", n); - fprintf(f, " %02x", s[n]); - } - fprintf(f, "\n"); -} +static unsigned char rkey[16]; +static unsigned char rkey2[16]; +static unsigned char plaintext[BIG_TEST_SIZE]; +static unsigned char saved_iv[AES_BLOCK_SIZE * 4]; #define MAX_VECTOR_SIZE 64 @@ -145,114 +141,88 @@ static struct bi_ige_test const bi_ige_test_vectors[] = { }; -static int run_test_vectors(void) +static int test_ige_vectors(int n) { - unsigned int n; - int errs = 0; - - for (n = 0; n < OSSL_NELEM(ige_test_vectors); ++n) { - const struct ige_test *const v = &ige_test_vectors[n]; - AES_KEY key; - unsigned char buf[MAX_VECTOR_SIZE]; - unsigned char iv[AES_BLOCK_SIZE * 2]; - - assert(v->length <= MAX_VECTOR_SIZE); - - if (v->encrypt == AES_ENCRYPT) - AES_set_encrypt_key(v->key, 8 * sizeof(v->key), &key); - else - AES_set_decrypt_key(v->key, 8 * sizeof(v->key), &key); - memcpy(iv, v->iv, sizeof(iv)); - AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt); - - if (memcmp(v->out, buf, v->length)) { - printf("IGE test vector %d failed\n", n); - hexdump(stdout, "key", v->key, sizeof(v->key)); - hexdump(stdout, "iv", v->iv, sizeof(v->iv)); - hexdump(stdout, "in", v->in, v->length); - hexdump(stdout, "expected", v->out, v->length); - hexdump(stdout, "got", buf, v->length); - - ++errs; - } - - /* try with in == out */ - memcpy(iv, v->iv, sizeof(iv)); - memcpy(buf, v->in, v->length); - AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt); - - if (memcmp(v->out, buf, v->length)) { - printf("IGE test vector %d failed (with in == out)\n", n); - hexdump(stdout, "key", v->key, sizeof(v->key)); - hexdump(stdout, "iv", v->iv, sizeof(v->iv)); - hexdump(stdout, "in", v->in, v->length); - hexdump(stdout, "expected", v->out, v->length); - hexdump(stdout, "got", buf, v->length); - - ++errs; - } + const struct ige_test *const v = &ige_test_vectors[n]; + AES_KEY key; + unsigned char buf[MAX_VECTOR_SIZE]; + unsigned char iv[AES_BLOCK_SIZE * 2]; + int testresult = 1; + + if (!TEST_int_le(v->length, MAX_VECTOR_SIZE)) + return 0; + + if (v->encrypt == AES_ENCRYPT) + AES_set_encrypt_key(v->key, 8 * sizeof(v->key), &key); + else + AES_set_decrypt_key(v->key, 8 * sizeof(v->key), &key); + memcpy(iv, v->iv, sizeof(iv)); + AES_ige_encrypt(v->in, buf, v->length, &key, iv, v->encrypt); + + if (!TEST_mem_eq(v->out, v->length, buf, v->length)) { + TEST_info("IGE test vector %d failed", n); + test_output_memory("key", v->key, sizeof(v->key)); + test_output_memory("iv", v->iv, sizeof(v->iv)); + test_output_memory("in", v->in, v->length); + testresult = 0; } - for (n = 0; n < OSSL_NELEM(bi_ige_test_vectors); ++n) { - const struct bi_ige_test *const v = &bi_ige_test_vectors[n]; - AES_KEY key1; - AES_KEY key2; - unsigned char buf[MAX_VECTOR_SIZE]; - - assert(v->length <= MAX_VECTOR_SIZE); - - if (v->encrypt == AES_ENCRYPT) { - AES_set_encrypt_key(v->key1, 8 * v->keysize, &key1); - AES_set_encrypt_key(v->key2, 8 * v->keysize, &key2); - } else { - AES_set_decrypt_key(v->key1, 8 * v->keysize, &key1); - AES_set_decrypt_key(v->key2, 8 * v->keysize, &key2); - } - - AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv, - v->encrypt); - - if (memcmp(v->out, buf, v->length)) { - printf("Bidirectional IGE test vector %d failed\n", n); - hexdump(stdout, "key 1", v->key1, sizeof(v->key1)); - hexdump(stdout, "key 2", v->key2, sizeof(v->key2)); - hexdump(stdout, "iv", v->iv, sizeof(v->iv)); - hexdump(stdout, "in", v->in, v->length); - hexdump(stdout, "expected", v->out, v->length); - hexdump(stdout, "got", buf, v->length); - - ++errs; - } + /* try with in == out */ + memcpy(iv, v->iv, sizeof(iv)); + memcpy(buf, v->in, v->length); + AES_ige_encrypt(buf, buf, v->length, &key, iv, v->encrypt); + + if (!TEST_mem_eq(v->out, v->length, buf, v->length)) { + TEST_info("IGE test vector %d failed (with in == out)", n); + test_output_memory("key", v->key, sizeof(v->key)); + test_output_memory("iv", v->iv, sizeof(v->iv)); + test_output_memory("in", v->in, v->length); + testresult = 0; } - return errs; + return testresult; } -int main(int argc, char **argv) +static int test_bi_ige_vectors(int n) { - unsigned char rkey[16]; - unsigned char rkey2[16]; - AES_KEY key; + const struct bi_ige_test *const v = &bi_ige_test_vectors[n]; + AES_KEY key1; AES_KEY key2; - unsigned char plaintext[BIG_TEST_SIZE]; - unsigned char ciphertext[BIG_TEST_SIZE]; - unsigned char checktext[BIG_TEST_SIZE]; - unsigned char iv[AES_BLOCK_SIZE * 4]; - unsigned char saved_iv[AES_BLOCK_SIZE * 4]; - int err = 0; - unsigned int n; - unsigned matches; + unsigned char buf[MAX_VECTOR_SIZE]; - assert(BIG_TEST_SIZE >= TEST_SIZE); + if (!TEST_int_le(v->length, MAX_VECTOR_SIZE)) + return 0; - RAND_bytes(rkey, sizeof(rkey)); - RAND_bytes(plaintext, sizeof(plaintext)); - RAND_bytes(iv, sizeof(iv)); - memcpy(saved_iv, iv, sizeof(saved_iv)); + if (v->encrypt == AES_ENCRYPT) { + AES_set_encrypt_key(v->key1, 8 * v->keysize, &key1); + AES_set_encrypt_key(v->key2, 8 * v->keysize, &key2); + } else { + AES_set_decrypt_key(v->key1, 8 * v->keysize, &key1); + AES_set_decrypt_key(v->key2, 8 * v->keysize, &key2); + } + + AES_bi_ige_encrypt(v->in, buf, v->length, &key1, &key2, v->iv, + v->encrypt); + + if (!TEST_mem_eq(v->out, v->length, buf, v->length)) { + test_output_memory("key 1", v->key1, sizeof(v->key1)); + test_output_memory("key 2", v->key2, sizeof(v->key2)); + test_output_memory("iv", v->iv, sizeof(v->iv)); + test_output_memory("in", v->in, v->length); + return 0; + } + + return 1; +} - /* Forward IGE only... */ +static int test_ige_enc_dec(void) +{ + AES_KEY key; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; - /* Straight encrypt/decrypt */ + memcpy(iv, saved_iv, sizeof(iv)); AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, iv, AES_ENCRYPT); @@ -260,14 +230,16 @@ int main(int argc, char **argv) memcpy(iv, saved_iv, sizeof(iv)); AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT); - if (memcmp(checktext, plaintext, TEST_SIZE)) { - printf("Encrypt+decrypt doesn't match\n"); - hexdump(stdout, "Plaintext", plaintext, TEST_SIZE); - hexdump(stdout, "Checktext", checktext, TEST_SIZE); - ++err; - } + return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE); +} + +static int test_ige_enc_chaining(void) +{ + AES_KEY key; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; - /* Now check encrypt chaining works */ AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); memcpy(iv, saved_iv, sizeof(iv)); AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv, @@ -280,14 +252,16 @@ int main(int argc, char **argv) memcpy(iv, saved_iv, sizeof(iv)); AES_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, iv, AES_DECRYPT); - if (memcmp(checktext, plaintext, TEST_SIZE)) { - printf("Chained encrypt+decrypt doesn't match\n"); - hexdump(stdout, "Plaintext", plaintext, TEST_SIZE); - hexdump(stdout, "Checktext", checktext, TEST_SIZE); - ++err; - } + return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE); +} + +static int test_ige_dec_chaining(void) +{ + AES_KEY key; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; - /* And check decrypt chaining */ AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); memcpy(iv, saved_iv, sizeof(iv)); AES_ige_encrypt(plaintext, ciphertext, TEST_SIZE / 2, &key, iv, @@ -304,15 +278,21 @@ int main(int argc, char **argv) checktext + TEST_SIZE / 2, TEST_SIZE / 2, &key, iv, AES_DECRYPT); - if (memcmp(checktext, plaintext, TEST_SIZE)) { - printf("Chained encrypt+chained decrypt doesn't match\n"); - hexdump(stdout, "Plaintext", plaintext, TEST_SIZE); - hexdump(stdout, "Checktext", checktext, TEST_SIZE); - ++err; - } + return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE); +} - /* make sure garble extends forwards only */ - AES_set_encrypt_key(rkey, 8 * sizeof(rkey),&key); +static int test_ige_garble_forwards(void) +{ + AES_KEY key; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; + unsigned int n; + int testresult = 1; + const size_t ctsize = sizeof(checktext); + size_t matches; + + AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); memcpy(iv, saved_iv, sizeof(iv)); AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv, AES_ENCRYPT); @@ -329,26 +309,24 @@ int main(int argc, char **argv) if (checktext[n] == plaintext[n]) ++matches; - if (matches > sizeof(checktext) / 2 + sizeof(checktext) / 100) { - printf("More than 51%% matches after garbling\n"); - ++err; - } - - if (matches < sizeof(checktext) / 2) { - printf("Garble extends backwards!\n"); - ++err; - } - - /* Bi-directional IGE */ + /* Fail if there is more than 51% matching bytes */ + if (!TEST_size_t_le(matches, ctsize / 2 + ctsize / 100)) + testresult = 0; - /* - * Note that we don't have to recover the IV, because chaining isn't - */ - /* possible with biIGE, so the IV is not updated. */ + /* Fail if the garble goes backwards */ + if (!TEST_size_t_gt(matches, ctsize / 2)) + testresult = 0; + return testresult; +} - RAND_bytes(rkey2, sizeof(rkey2)); +static int test_bi_ige_enc_dec(void) +{ + AES_KEY key, key2; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; - /* Straight encrypt/decrypt */ + memcpy(iv, saved_iv, sizeof(iv)); AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2); AES_bi_ige_encrypt(plaintext, ciphertext, TEST_SIZE, &key, &key2, iv, @@ -359,14 +337,19 @@ int main(int argc, char **argv) AES_bi_ige_encrypt(ciphertext, checktext, TEST_SIZE, &key, &key2, iv, AES_DECRYPT); - if (memcmp(checktext, plaintext, TEST_SIZE)) { - printf("Encrypt+decrypt doesn't match\n"); - hexdump(stdout, "Plaintext", plaintext, TEST_SIZE); - hexdump(stdout, "Checktext", checktext, TEST_SIZE); - ++err; - } + return TEST_mem_eq(checktext, TEST_SIZE, plaintext, TEST_SIZE); +} + +static int test_bi_ige_garble1(void) +{ + AES_KEY key, key2; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; + unsigned int n; + size_t matches; - /* make sure garble extends both ways */ + memcpy(iv, saved_iv, sizeof(iv)); AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2); AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv, @@ -384,12 +367,20 @@ int main(int argc, char **argv) if (checktext[n] == plaintext[n]) ++matches; - if (matches > sizeof(checktext) / 100) { - printf("More than 1%% matches after bidirectional garbling\n"); - ++err; - } + /* Fail if there is more than 1% matching bytes */ + return TEST_size_t_le(matches, sizeof(checktext) / 100); +} - /* make sure garble extends both ways (2) */ +static int test_bi_ige_garble2(void) +{ + AES_KEY key, key2; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; + unsigned int n; + size_t matches; + + memcpy(iv, saved_iv, sizeof(iv)); AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2); AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv, @@ -407,12 +398,20 @@ int main(int argc, char **argv) if (checktext[n] == plaintext[n]) ++matches; - if (matches > sizeof(checktext) / 100) { - printf("More than 1%% matches after bidirectional garbling (2)\n"); - ++err; - } + /* Fail if there is more than 1% matching bytes */ + return TEST_size_t_le(matches, sizeof(checktext) / 100); +} - /* make sure garble extends both ways (3) */ +static int test_bi_ige_garble3(void) +{ + AES_KEY key, key2; + unsigned char iv[AES_BLOCK_SIZE * 4]; + unsigned char ciphertext[BIG_TEST_SIZE]; + unsigned char checktext[BIG_TEST_SIZE]; + unsigned int n; + size_t matches; + + memcpy(iv, saved_iv, sizeof(iv)); AES_set_encrypt_key(rkey, 8 * sizeof(rkey), &key); AES_set_encrypt_key(rkey2, 8 * sizeof(rkey2), &key2); AES_ige_encrypt(plaintext, ciphertext, sizeof(plaintext), &key, iv, @@ -430,12 +429,26 @@ int main(int argc, char **argv) if (checktext[n] == plaintext[n]) ++matches; - if (matches > sizeof(checktext) / 100) { - printf("More than 1%% matches after bidirectional garbling (3)\n"); - ++err; - } - - err += run_test_vectors(); + /* Fail if there is more than 1% matching bytes */ + return TEST_size_t_le(matches, sizeof(checktext) / 100); +} - return err; +int setup_tests(void) +{ + RAND_bytes(rkey, sizeof(rkey)); + RAND_bytes(rkey2, sizeof(rkey2)); + RAND_bytes(plaintext, sizeof(plaintext)); + RAND_bytes(saved_iv, sizeof(saved_iv)); + + ADD_TEST(test_ige_enc_dec); + ADD_TEST(test_ige_enc_chaining); + ADD_TEST(test_ige_dec_chaining); + ADD_TEST(test_ige_garble_forwards); + ADD_TEST(test_bi_ige_enc_dec); + ADD_TEST(test_bi_ige_garble1); + ADD_TEST(test_bi_ige_garble2); + ADD_TEST(test_bi_ige_garble3); + ADD_ALL_TESTS(test_ige_vectors, OSSL_NELEM(ige_test_vectors)); + ADD_ALL_TESTS(test_bi_ige_vectors, OSSL_NELEM(bi_ige_test_vectors)); + return 1; } diff --git a/deps/openssl/openssl/test/md2test.c b/deps/openssl/openssl/test/md2test.c index cb667cbc6b..c5360d68a7 100644 --- a/deps/openssl/openssl/test/md2test.c +++ b/deps/openssl/openssl/test/md2test.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,19 +7,12 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> -#include <stdlib.h> #include <string.h> -#include "../e_os.h" +#include "internal/nelem.h" +#include "testutil.h" -#ifdef OPENSSL_NO_MD2 -int main(int argc, char *argv[]) -{ - printf("No MD2 support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_MD2 # include <openssl/evp.h> # include <openssl/md2.h> @@ -35,7 +28,6 @@ static char *test[] = { "abcdefghijklmnopqrstuvwxyz", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - NULL, }; static char *ret[] = { @@ -48,45 +40,28 @@ static char *ret[] = { "d5976f79d83d3a0dc9806c3c66f3efd8", }; -static char *pt(unsigned char *md); -int main(int argc, char *argv[]) +static int test_md2(int n) { - int i, err = 0; - char **P, **R; - char *p; + char buf[80]; unsigned char md[MD2_DIGEST_LENGTH]; - - P = test; - R = ret; - i = 1; - while (*P != NULL) { - if (!EVP_Digest((unsigned char *)*P, strlen(*P), md, NULL, EVP_md2(), - NULL)) { - printf("EVP Digest error.\n"); - EXIT(1); - } - p = pt(md); - if (strcmp(p, *R) != 0) { - printf("error calculating MD2 on '%s'\n", *P); - printf("got %s instead of %s\n", p, *R); - err++; - } else - printf("test %d ok\n", i); - i++; - R++; - P++; - } - EXIT(err); - return err; -} - -static char *pt(unsigned char *md) -{ int i; - static char buf[80]; + + if (!TEST_true(EVP_Digest((unsigned char *)test[n], strlen(test[n]), + md, NULL, EVP_md2(), NULL))) + return 0; for (i = 0; i < MD2_DIGEST_LENGTH; i++) sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); + if (!TEST_str_eq(buf, ret[n])) + return 0; + return 1; } #endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_MD2 + ADD_ALL_TESTS(test_md2, OSSL_NELEM(test)); +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/md4test.c b/deps/openssl/openssl/test/md4test.c deleted file mode 100644 index 448f9b76ef..0000000000 --- a/deps/openssl/openssl/test/md4test.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include "../e_os.h" - -#ifdef OPENSSL_NO_MD4 -int main(int argc, char *argv[]) -{ - printf("No MD4 support\n"); - return (0); -} -#else -# include <openssl/evp.h> -# include <openssl/md4.h> - -static char *test[] = { - "", - "a", - "abc", - "message digest", - "abcdefghijklmnopqrstuvwxyz", - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - NULL, -}; - -static char *ret[] = { - "31d6cfe0d16ae931b73c59d7e0c089c0", - "bde52cb31de33e46245e05fbdbd6fb24", - "a448017aaf21d8525fc10ae87aa6729d", - "d9130a8164549fe818874806e1c7014b", - "d79e1c308aa5bbcdeea8ed63df412da9", - "043f8582f241db351ce627e153e7f0e4", - "e33b4ddc9c38f2199c3e7b164fcc0536", -}; - -static char *pt(unsigned char *md); -int main(int argc, char *argv[]) -{ - int i, err = 0; - char **P, **R; - char *p; - unsigned char md[MD4_DIGEST_LENGTH]; - - P = test; - R = ret; - i = 1; - while (*P != NULL) { - if (!EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md4(), - NULL)) { - printf("EVP Digest error.\n"); - EXIT(1); - } - p = pt(md); - if (strcmp(p, (char *)*R) != 0) { - printf("error calculating MD4 on '%s'\n", *P); - printf("got %s instead of %s\n", p, *R); - err++; - } else - printf("test %d ok\n", i); - i++; - R++; - P++; - } - EXIT(err); -} - -static char *pt(unsigned char *md) -{ - int i; - static char buf[80]; - - for (i = 0; i < MD4_DIGEST_LENGTH; i++) - sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); -} -#endif diff --git a/deps/openssl/openssl/test/md5test.c b/deps/openssl/openssl/test/md5test.c deleted file mode 100644 index ec6c692407..0000000000 --- a/deps/openssl/openssl/test/md5test.c +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include "../e_os.h" - -#ifdef OPENSSL_NO_MD5 -int main(int argc, char *argv[]) -{ - printf("No MD5 support\n"); - return (0); -} -#else -# include <openssl/evp.h> -# include <openssl/md5.h> - -static char *test[] = { - "", - "a", - "abc", - "message digest", - "abcdefghijklmnopqrstuvwxyz", - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", - "12345678901234567890123456789012345678901234567890123456789012345678901234567890", - NULL, -}; - -static char *ret[] = { - "d41d8cd98f00b204e9800998ecf8427e", - "0cc175b9c0f1b6a831c399e269772661", - "900150983cd24fb0d6963f7d28e17f72", - "f96b697d7cb7938d525a2f31aaf161d0", - "c3fcd3d76192e4007dfb496cca67e13b", - "d174ab98d277d9f5a5611c2c9f419d9f", - "57edf4a22be3c955ac49da2e2107b67a", -}; - -static char *pt(unsigned char *md); -int main(int argc, char *argv[]) -{ - int i, err = 0; - char **P, **R; - char *p; - unsigned char md[MD5_DIGEST_LENGTH]; - - P = test; - R = ret; - i = 1; - while (*P != NULL) { - if (!EVP_Digest(&(P[0][0]), strlen((char *)*P), md, NULL, EVP_md5(), - NULL)) { - printf("EVP Digest error.\n"); - EXIT(1); - } - p = pt(md); - if (strcmp(p, (char *)*R) != 0) { - printf("error calculating MD5 on '%s'\n", *P); - printf("got %s instead of %s\n", p, *R); - err++; - } else - printf("test %d ok\n", i); - i++; - R++; - P++; - } - - EXIT(err); -} - -static char *pt(unsigned char *md) -{ - int i; - static char buf[80]; - - for (i = 0; i < MD5_DIGEST_LENGTH; i++) - sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); -} -#endif diff --git a/deps/openssl/openssl/test/mdc2test.c b/deps/openssl/openssl/test/mdc2test.c index d56bdcd878..0658843ce5 100644 --- a/deps/openssl/openssl/test/mdc2test.c +++ b/deps/openssl/openssl/test/mdc2test.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,23 +7,16 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> -#include <stdlib.h> #include <string.h> -#include "../e_os.h" +#include "internal/nelem.h" +#include "testutil.h" #if defined(OPENSSL_NO_DES) && !defined(OPENSSL_NO_MDC2) # define OPENSSL_NO_MDC2 #endif -#ifdef OPENSSL_NO_MDC2 -int main(int argc, char *argv[]) -{ - printf("No MDC2 support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_MDC2 # include <openssl/evp.h> # include <openssl/mdc2.h> @@ -41,59 +34,45 @@ static unsigned char pad2[16] = { 0x35, 0xD8, 0x7A, 0xFE, 0xAB, 0x33, 0xBE, 0xE2 }; -int main(int argc, char *argv[]) +static int test_mdc2(void) { - int ret = 1; + int testresult = 0; unsigned char md[MDC2_DIGEST_LENGTH]; - int i; EVP_MD_CTX *c; static char text[] = "Now is the time for all "; + size_t tlen = strlen(text); # ifdef CHARSET_EBCDIC - ebcdic2ascii(text, text, strlen(text)); + ebcdic2ascii(text, text, tlen); # endif c = EVP_MD_CTX_new(); - if (c == NULL - || !EVP_DigestInit_ex(c, EVP_mdc2(), NULL) - || !EVP_DigestUpdate(c, (unsigned char *)text, strlen(text)) - || !EVP_DigestFinal_ex(c, &(md[0]), NULL)) - goto err; + if (!TEST_ptr(c) + || !TEST_true(EVP_DigestInit_ex(c, EVP_mdc2(), NULL)) + || !TEST_true(EVP_DigestUpdate(c, (unsigned char *)text, tlen)) + || !TEST_true(EVP_DigestFinal_ex(c, &(md[0]), NULL)) + || !TEST_mem_eq(md, MDC2_DIGEST_LENGTH, pad1, MDC2_DIGEST_LENGTH) + || !TEST_true(EVP_DigestInit_ex(c, EVP_mdc2(), NULL))) + goto end; - if (memcmp(md, pad1, MDC2_DIGEST_LENGTH) != 0) { - for (i = 0; i < MDC2_DIGEST_LENGTH; i++) - printf("%02X", md[i]); - printf(" <- generated\n"); - for (i = 0; i < MDC2_DIGEST_LENGTH; i++) - printf("%02X", pad1[i]); - printf(" <- correct\n"); - goto err; - } else { - printf("pad1 - ok\n"); - } - - if (!EVP_DigestInit_ex(c, EVP_mdc2(), NULL)) - goto err; /* FIXME: use a ctl function? */ ((MDC2_CTX *)EVP_MD_CTX_md_data(c))->pad_type = 2; - if (!EVP_DigestUpdate(c, (unsigned char *)text, strlen(text)) - || !EVP_DigestFinal_ex(c, &(md[0]), NULL)) - goto err; - - if (memcmp(md, pad2, MDC2_DIGEST_LENGTH) != 0) { - for (i = 0; i < MDC2_DIGEST_LENGTH; i++) - printf("%02X", md[i]); - printf(" <- generated\n"); - for (i = 0; i < MDC2_DIGEST_LENGTH; i++) - printf("%02X", pad2[i]); - printf(" <- correct\n"); - } else { - printf("pad2 - ok\n"); - ret = 0; - } + if (!TEST_true(EVP_DigestUpdate(c, (unsigned char *)text, tlen)) + || !TEST_true(EVP_DigestFinal_ex(c, &(md[0]), NULL)) + || !TEST_mem_eq(md, MDC2_DIGEST_LENGTH, pad2, MDC2_DIGEST_LENGTH)) + goto end; - err: + testresult = 1; + end: EVP_MD_CTX_free(c); - EXIT(ret); + return testresult; } #endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_MDC2 + ADD_TEST(test_mdc2); +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/memleaktest.c b/deps/openssl/openssl/test/memleaktest.c index 2b23df788b..d239bd23b8 100644 --- a/deps/openssl/openssl/test/memleaktest.c +++ b/deps/openssl/openssl/test/memleaktest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,12 +7,23 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <string.h> #include <openssl/bio.h> #include <openssl/crypto.h> -int main(int argc, char **argv) +#include "testutil.h" + +/* + * We use a proper main function here instead of the custom main from the + * test framework because the CRYPTO_mem_leaks_fp function cannot be called + * a second time without trying to use a null pointer. The test framework + * calls this function as part of its close down. + * + * A work around is to call putenv("OPENSSL_DEBUG_MEMORY=0"); before exiting + * but that is worse than avoiding the test framework's main. + */ + +int main(int argc, char *argv[]) { #ifndef OPENSSL_NO_CRYPTO_MDEBUG char *p; @@ -25,10 +36,8 @@ int main(int argc, char **argv) CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); lost = OPENSSL_malloc(3); - if (lost == NULL) { - fprintf(stderr, "OPENSSL_malloc failed\n"); - return 1; - } + if (!TEST_ptr(lost)) + return EXIT_FAILURE; if (argv[1] && strcmp(argv[1], "freeit") == 0) { OPENSSL_free(lost); @@ -37,10 +46,11 @@ int main(int argc, char **argv) noleak = CRYPTO_mem_leaks_fp(stderr); /* If -1 return value something bad happened */ - if (noleak == -1) - return 1; - return ((lost != NULL) ^ (noleak == 0)); + if (!TEST_int_ne(noleak, -1)) + return EXIT_FAILURE; + + return TEST_int_eq(lost != NULL, noleak == 0) ? EXIT_SUCCESS : EXIT_FAILURE; #else - return 0; + return EXIT_SUCCESS; #endif } diff --git a/deps/openssl/openssl/test/methtest.c b/deps/openssl/openssl/test/methtest.c deleted file mode 100644 index 11aa2335b7..0000000000 --- a/deps/openssl/openssl/test/methtest.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <stdlib.h> -#include <openssl/rsa.h> -#include <openssl/x509.h> -#include "meth.h" -#include <openssl/err.h> - -int main(argc, argv) -int argc; -char *argv[]; -{ - METHOD_CTX *top, *tmp1, *tmp2; - - top = METH_new(x509_lookup()); /* get a top level context */ - if (top == NULL) - goto err; - - tmp1 = METH_new(x509_by_file()); - if (top == NULL) - goto err; - METH_arg(tmp1, METH_TYPE_FILE, "cafile1"); - METH_arg(tmp1, METH_TYPE_FILE, "cafile2"); - METH_push(top, METH_X509_CA_BY_SUBJECT, tmp1); - - tmp2 = METH_new(x509_by_dir()); - METH_arg(tmp2, METH_TYPE_DIR, "/home/eay/.CAcerts"); - METH_arg(tmp2, METH_TYPE_DIR, "/home/eay/SSLeay/certs"); - METH_arg(tmp2, METH_TYPE_DIR, "/usr/local/ssl/certs"); - METH_push(top, METH_X509_CA_BY_SUBJECT, tmp2); - -/*- tmp=METH_new(x509_by_issuer_dir); - METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts"); - METH_push(top,METH_X509_BY_ISSUER,tmp); - - tmp=METH_new(x509_by_issuer_primary); - METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem"); - METH_push(top,METH_X509_BY_ISSUER,tmp); -*/ - - METH_init(top); - METH_control(tmp1, METH_CONTROL_DUMP, stdout); - METH_control(tmp2, METH_CONTROL_DUMP, stdout); - EXIT(0); - err: - ERR_print_errors_fp(stderr); - EXIT(1); - return (0); -} diff --git a/deps/openssl/openssl/test/ocspapitest.c b/deps/openssl/openssl/test/ocspapitest.c index 42befe71b9..43b03e3f51 100644 --- a/deps/openssl/openssl/test/ocspapitest.c +++ b/deps/openssl/openssl/test/ocspapitest.c @@ -28,15 +28,15 @@ static int get_cert_and_key(X509 **cert_out, EVP_PKEY **key_out) X509 *cert = NULL; EVP_PKEY *key = NULL; - if ((certbio = BIO_new_file(certstr, "r")) == NULL) + if (!TEST_ptr(certbio = BIO_new_file(certstr, "r"))) return 0; cert = PEM_read_bio_X509(certbio, NULL, NULL, NULL); BIO_free(certbio); - if ((keybio = BIO_new_file(privkeystr, "r")) == NULL) + if (!TEST_ptr(keybio = BIO_new_file(privkeystr, "r"))) goto end; key = PEM_read_bio_PrivateKey(keybio, NULL, NULL, NULL); BIO_free(keybio); - if (cert == NULL || key == NULL) + if (!TEST_ptr(cert) || !TEST_ptr(key)) goto end; *cert_out = cert; *key_out = key; @@ -66,13 +66,13 @@ static OCSP_BASICRESP *make_dummy_resp(void) || !ASN1_INTEGER_set_uint64(serial, (uint64_t)1)) goto err; cid = OCSP_cert_id_new(EVP_sha256(), name, key, serial); - if (bs == NULL - || thisupd == NULL - || nextupd == NULL - || cid == NULL - || !OCSP_basic_add1_status(bs, cid, - V_OCSP_CERTSTATUS_UNKNOWN, - 0, NULL, thisupd, nextupd)) + if (!TEST_ptr(bs) + || !TEST_ptr(thisupd) + || !TEST_ptr(nextupd) + || !TEST_ptr(cid) + || !TEST_true(OCSP_basic_add1_status(bs, cid, + V_OCSP_CERTSTATUS_UNKNOWN, + 0, NULL, thisupd, nextupd))) goto err; bs_out = bs; bs = NULL; @@ -101,27 +101,27 @@ static int test_resp_signer(void) */ bs = make_dummy_resp(); extra_certs = sk_X509_new_null(); - if (bs == NULL - || extra_certs == NULL - || !get_cert_and_key(&signer, &key) - || !sk_X509_push(extra_certs, signer) - || !OCSP_basic_sign(bs, signer, key, EVP_sha1(), - NULL, OCSP_NOCERTS)) + if (!TEST_ptr(bs) + || !TEST_ptr(extra_certs) + || !TEST_true(get_cert_and_key(&signer, &key)) + || !TEST_true(sk_X509_push(extra_certs, signer)) + || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), + NULL, OCSP_NOCERTS))) goto err; - if (!OCSP_resp_get0_signer(bs, &tmp, extra_certs) - || X509_cmp(tmp, signer) != 0) + if (!TEST_true(OCSP_resp_get0_signer(bs, &tmp, extra_certs)) + || !TEST_int_eq(X509_cmp(tmp, signer), 0)) goto err; OCSP_BASICRESP_free(bs); /* Do it again but include the signer cert */ bs = make_dummy_resp(); tmp = NULL; - if (bs == NULL - || !OCSP_basic_sign(bs, signer, key, EVP_sha1(), - NULL, 0)) + if (!TEST_ptr(bs) + || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), + NULL, 0))) goto err; - if (!OCSP_resp_get0_signer(bs, &tmp, NULL) - || X509_cmp(tmp, signer) != 0) + if (!TEST_true(OCSP_resp_get0_signer(bs, &tmp, NULL)) + || !TEST_int_eq(X509_cmp(tmp, signer), 0)) goto err; ret = 1; err: @@ -133,36 +133,13 @@ static int test_resp_signer(void) } #endif -int main(int argc, char *argv[]) +int setup_tests(void) { - int testresult = 1; - BIO *err = NULL; - - if (argc != 3) { - printf("Invalid argument count\n"); - return 1; - } - if ((certstr = argv[1]) == NULL - || (privkeystr = argv[2]) == NULL) - return 1; - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - + if (!TEST_ptr(certstr = test_get_argument(0)) + || !TEST_ptr(privkeystr = test_get_argument(1))) + return 0; #ifndef OPENSSL_NO_OCSP ADD_TEST(test_resp_signer); #endif - testresult = run_tests(argv[0]); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 1; -#endif - BIO_free(err); - - if (!testresult) - printf("PASS\n"); - - return testresult; + return 1; } diff --git a/deps/openssl/openssl/test/ossl_shim/async_bio.cc b/deps/openssl/openssl/test/ossl_shim/async_bio.cc new file mode 100644 index 0000000000..cbbabe01ea --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/async_bio.cc @@ -0,0 +1,183 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "async_bio.h" + +#include <errno.h> +#include <string.h> + +#include <openssl/bio.h> +#include <openssl/crypto.h> + + +namespace { + +struct AsyncBio { + bool datagram; + bool enforce_write_quota; + size_t read_quota; + size_t write_quota; +}; + +AsyncBio *GetData(BIO *bio) { + return (AsyncBio *)BIO_get_data(bio); +} + +static int AsyncWrite(BIO *bio, const char *in, int inl) { + AsyncBio *a = GetData(bio); + if (a == NULL || BIO_next(bio) == NULL) { + return 0; + } + + if (!a->enforce_write_quota) { + return BIO_write(BIO_next(bio), in, inl); + } + + BIO_clear_retry_flags(bio); + + if (a->write_quota == 0) { + BIO_set_retry_write(bio); + errno = EAGAIN; + return -1; + } + + if (!a->datagram && (size_t)inl > a->write_quota) { + inl = a->write_quota; + } + int ret = BIO_write(BIO_next(bio), in, inl); + if (ret <= 0) { + BIO_copy_next_retry(bio); + } else { + a->write_quota -= (a->datagram ? 1 : ret); + } + return ret; +} + +static int AsyncRead(BIO *bio, char *out, int outl) { + AsyncBio *a = GetData(bio); + if (a == NULL || BIO_next(bio) == NULL) { + return 0; + } + + BIO_clear_retry_flags(bio); + + if (a->read_quota == 0) { + BIO_set_retry_read(bio); + errno = EAGAIN; + return -1; + } + + if (!a->datagram && (size_t)outl > a->read_quota) { + outl = a->read_quota; + } + int ret = BIO_read(BIO_next(bio), out, outl); + if (ret <= 0) { + BIO_copy_next_retry(bio); + } else { + a->read_quota -= (a->datagram ? 1 : ret); + } + return ret; +} + +static long AsyncCtrl(BIO *bio, int cmd, long num, void *ptr) { + if (BIO_next(bio) == NULL) { + return 0; + } + BIO_clear_retry_flags(bio); + int ret = BIO_ctrl(BIO_next(bio), cmd, num, ptr); + BIO_copy_next_retry(bio); + return ret; +} + +static int AsyncNew(BIO *bio) { + AsyncBio *a = (AsyncBio *)OPENSSL_malloc(sizeof(*a)); + if (a == NULL) { + return 0; + } + memset(a, 0, sizeof(*a)); + a->enforce_write_quota = true; + BIO_set_init(bio, 1); + BIO_set_data(bio, a); + return 1; +} + +static int AsyncFree(BIO *bio) { + if (bio == NULL) { + return 0; + } + + OPENSSL_free(BIO_get_data(bio)); + BIO_set_data(bio, NULL); + BIO_set_init(bio, 0); + return 1; +} + +static long AsyncCallbackCtrl(BIO *bio, int cmd, BIO_info_cb fp) +{ + if (BIO_next(bio) == NULL) + return 0; + return BIO_callback_ctrl(BIO_next(bio), cmd, fp); +} + +static BIO_METHOD *g_async_bio_method = NULL; + +static const BIO_METHOD *AsyncMethod(void) +{ + if (g_async_bio_method == NULL) { + g_async_bio_method = BIO_meth_new(BIO_TYPE_FILTER, "async bio"); + if ( g_async_bio_method == NULL + || !BIO_meth_set_write(g_async_bio_method, AsyncWrite) + || !BIO_meth_set_read(g_async_bio_method, AsyncRead) + || !BIO_meth_set_ctrl(g_async_bio_method, AsyncCtrl) + || !BIO_meth_set_create(g_async_bio_method, AsyncNew) + || !BIO_meth_set_destroy(g_async_bio_method, AsyncFree) + || !BIO_meth_set_callback_ctrl(g_async_bio_method, AsyncCallbackCtrl)) + return NULL; + } + return g_async_bio_method; +} + +} // namespace + +bssl::UniquePtr<BIO> AsyncBioCreate() { + return bssl::UniquePtr<BIO>(BIO_new(AsyncMethod())); +} + +bssl::UniquePtr<BIO> AsyncBioCreateDatagram() { + bssl::UniquePtr<BIO> ret(BIO_new(AsyncMethod())); + if (!ret) { + return nullptr; + } + GetData(ret.get())->datagram = true; + return ret; +} + +void AsyncBioAllowRead(BIO *bio, size_t count) { + AsyncBio *a = GetData(bio); + if (a == NULL) { + return; + } + a->read_quota += count; +} + +void AsyncBioAllowWrite(BIO *bio, size_t count) { + AsyncBio *a = GetData(bio); + if (a == NULL) { + return; + } + a->write_quota += count; +} + +void AsyncBioEnforceWriteQuota(BIO *bio, bool enforce) { + AsyncBio *a = GetData(bio); + if (a == NULL) { + return; + } + a->enforce_write_quota = enforce; +} diff --git a/deps/openssl/openssl/test/ossl_shim/async_bio.h b/deps/openssl/openssl/test/ossl_shim/async_bio.h new file mode 100644 index 0000000000..bb24eadbbf --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/async_bio.h @@ -0,0 +1,39 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_ASYNC_BIO +#define HEADER_ASYNC_BIO + +#include <openssl/base.h> +#include <openssl/bio.h> + + +// AsyncBioCreate creates a filter BIO for testing asynchronous state +// machines which consume a stream socket. Reads and writes will fail +// and return EAGAIN unless explicitly allowed. Each async BIO has a +// read quota and a write quota. Initially both are zero. As each is +// incremented, bytes are allowed to flow through the BIO. +bssl::UniquePtr<BIO> AsyncBioCreate(); + +// AsyncBioCreateDatagram creates a filter BIO for testing for +// asynchronous state machines which consume datagram sockets. The read +// and write quota count in packets rather than bytes. +bssl::UniquePtr<BIO> AsyncBioCreateDatagram(); + +// AsyncBioAllowRead increments |bio|'s read quota by |count|. +void AsyncBioAllowRead(BIO *bio, size_t count); + +// AsyncBioAllowWrite increments |bio|'s write quota by |count|. +void AsyncBioAllowWrite(BIO *bio, size_t count); + +// AsyncBioEnforceWriteQuota configures where |bio| enforces its write quota. +void AsyncBioEnforceWriteQuota(BIO *bio, bool enforce); + + +#endif // HEADER_ASYNC_BIO diff --git a/deps/openssl/openssl/test/ossl_shim/build.info b/deps/openssl/openssl/test/ossl_shim/build.info new file mode 100644 index 0000000000..12250600b9 --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/build.info @@ -0,0 +1,6 @@ +IF[{- defined $target{CXX} && !$disabled{"external-tests"} -}] + PROGRAMS_NO_INST=ossl_shim + SOURCE[ossl_shim]=ossl_shim.cc async_bio.cc packeted_bio.cc test_config.cc + INCLUDE[ossl_shim]=. include ../../include + DEPEND[ossl_shim]=../../libssl ../../libcrypto +ENDIF diff --git a/deps/openssl/openssl/test/ossl_shim/include/openssl/base.h b/deps/openssl/openssl/test/ossl_shim/include/openssl/base.h new file mode 100644 index 0000000000..f725cd9d45 --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/include/openssl/base.h @@ -0,0 +1,111 @@ +/* + * Copyright 1998-2001 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef OPENSSL_HEADER_BASE_H +#define OPENSSL_HEADER_BASE_H + +/* Needed for BORINGSSL_MAKE_DELETER */ +# include <openssl/bio.h> +# include <openssl/evp.h> +# include <openssl/dh.h> +# include <openssl/x509.h> +# include <openssl/ssl.h> + +# define OPENSSL_ARRAY_SIZE(array) (sizeof(array) / sizeof((array)[0])) + +extern "C++" { + +#include <memory> + +namespace bssl { + +namespace internal { + +template <typename T> +struct DeleterImpl {}; + +template <typename T> +struct Deleter { + void operator()(T *ptr) { + // Rather than specialize Deleter for each type, we specialize + // DeleterImpl. This allows bssl::UniquePtr<T> to be used while only + // including base.h as long as the destructor is not emitted. This matches + // std::unique_ptr's behavior on forward-declared types. + // + // DeleterImpl itself is specialized in the corresponding module's header + // and must be included to release an object. If not included, the compiler + // will error that DeleterImpl<T> does not have a method Free. + DeleterImpl<T>::Free(ptr); + } +}; + +template <typename T, typename CleanupRet, void (*init)(T *), + CleanupRet (*cleanup)(T *)> +class StackAllocated { + public: + StackAllocated() { init(&ctx_); } + ~StackAllocated() { cleanup(&ctx_); } + + StackAllocated(const StackAllocated<T, CleanupRet, init, cleanup> &) = delete; + T& operator=(const StackAllocated<T, CleanupRet, init, cleanup> &) = delete; + + T *get() { return &ctx_; } + const T *get() const { return &ctx_; } + + void Reset() { + cleanup(&ctx_); + init(&ctx_); + } + + private: + T ctx_; +}; + +} // namespace internal + +#define BORINGSSL_MAKE_DELETER(type, deleter) \ + namespace internal { \ + template <> \ + struct DeleterImpl<type> { \ + static void Free(type *ptr) { deleter(ptr); } \ + }; \ + } + +// This makes a unique_ptr to STACK_OF(type) that owns all elements on the +// stack, i.e. it uses sk_pop_free() to clean up. +#define BORINGSSL_MAKE_STACK_DELETER(type, deleter) \ + namespace internal { \ + template <> \ + struct DeleterImpl<STACK_OF(type)> { \ + static void Free(STACK_OF(type) *ptr) { \ + sk_##type##_pop_free(ptr, deleter); \ + } \ + }; \ + } + +// Holds ownership of heap-allocated BoringSSL structures. Sample usage: +// bssl::UniquePtr<BIO> rsa(RSA_new()); +// bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_mem())); +template <typename T> +using UniquePtr = std::unique_ptr<T, internal::Deleter<T>>; + +BORINGSSL_MAKE_DELETER(BIO, BIO_free) +BORINGSSL_MAKE_DELETER(EVP_PKEY, EVP_PKEY_free) +BORINGSSL_MAKE_DELETER(DH, DH_free) +BORINGSSL_MAKE_DELETER(X509, X509_free) +BORINGSSL_MAKE_DELETER(SSL, SSL_free) +BORINGSSL_MAKE_DELETER(SSL_CTX, SSL_CTX_free) +BORINGSSL_MAKE_DELETER(SSL_SESSION, SSL_SESSION_free) + +} // namespace bssl + +} /* extern C++ */ + + +#endif /* OPENSSL_HEADER_BASE_H */ diff --git a/deps/openssl/openssl/test/ossl_shim/ossl_config.json b/deps/openssl/openssl/test/ossl_shim/ossl_config.json new file mode 100644 index 0000000000..1e57499065 --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/ossl_config.json @@ -0,0 +1,301 @@ + +{ + "DisabledTests" : { + "*TLS13*":"No TLS1.3 support yet", + "FragmentAlert-DTLS":"Test failure - reason unknown", + "FragmentedClientVersion":"Test failure - reason unknown", + "MTU":"Test failure - reason unknown", + "EmptyCertificateList":"Test failure - reason unknown", + "AppDataBeforeHandshake-DTLS":"Test failure - reason unknown", + "AlertAfterChangeCipherSpec":"Test failure - reason unknown", + "AppDataAfterChangeCipherSpec":"Test failure - reason unknown", + "AppDataAfterChangeCipherSpec-Empty":"Test failure - reason unknown", + "AppDataAfterChangeCipherSpec-DTLS":"Test failure - reason unknown", + "AppDataBeforeHandshake-DTLS-Empty":"Test failure - reason unknown", + "AlertAfterChangeCipherSpec-DTLS":"Test failure - reason unknown", + "FragmentMessageLengthMismatch-DTLS":"Test failure - reason unknown", + "SplitFragments-Header-DTLS":"Test failure - reason unknown", + "SplitFragments-Boundary-DTLS":"Test failure - reason unknown", + "SplitFragments-Body-DTLS":"Test failure - reason unknown", + "SendEmptyFragments-DTLS":"Test failure - reason unknown", + "SendInvalidRecordType-DTLS":"Test failure - reason unknown", + "SendInvalidRecordType":"Test failure - reason unknown", + "FragmentMessageTypeMismatch-DTLS":"Test failure - reason unknown", + "SendWarningAlerts-Pass":"Test failure - reason unknown", + "SendWarningAlerts-DTLS-Pass":"Test failure - reason unknown", + "TooManyKeyUpdates":"Test failure - reason unknown", + "Unclean-Shutdown-Alert":"Test failure - reason unknown", + "V2ClientHello-WarningAlertPrefix":"Test failure - reason unknown", + "BadHelloRequest-2":"Test failure - reason unknown", + "DTLS-SendExtraFinished":"Test failure - reason unknown", + "NoNullCompression-TLS12":"Test failure - reason unknown", + "KeyUpdate-Client":"Test failure - reason unknown", + "KeyUpdate-InvalidRequestMode":"Test failure - reason unknown", + "DTLS-SendExtraFinished-Reordered":"Test failure - reason unknown", + "LargeMessage-Reject-DTLS":"Test failure - reason unknown", + "KeyUpdate-Server":"Test failure - reason unknown", + "SSL3-ECDHE-PSK-AES128-CBC-SHA-server":"Test failure - reason unknown", + "SSL3-ECDHE-PSK-AES256-CBC-SHA-server":"Test failure - reason unknown", + "DTLS1-NULL-SHA-server":"Test failure - reason unknown", + "DTLS1-NULL-SHA-client":"Test failure - reason unknown", + "DTLS12-NULL-SHA-client":"Test failure - reason unknown", + "DTLS12-NULL-SHA-server":"Test failure - reason unknown", + "BadECDSA-1-4":"Test failure - reason unknown", + "BadECDSA-3-4":"Test failure - reason unknown", + "BadECDSA-4-1":"Test failure - reason unknown", + "BadECDSA-4-4":"Test failure - reason unknown", + "BadECDSA-4-3":"Test failure - reason unknown", + "SillyDH":"Test failure - reason unknown", + "VersionNegotiationExtension-TLS1-DTLS":"Test failure - reason unknown", + "NoSupportedVersions-DTLS":"Test failure - reason unknown", + "VersionTooLow-DTLS":"Test failure - reason unknown", + "IgnoreClientVersionOrder":"Test failure - reason unknown", + "VersionTooLow":"Test failure - reason unknown", + "MinimumVersion-Server-TLS1-SSL3":"Test failure - reason unknown", + "MinimumVersion-Server2-TLS1-SSL3":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS1-SSL3":"Test failure - reason unknown", + "MinimumVersion-Server2-TLS11-SSL3":"Test failure - reason unknown", + "MinimumVersion-Server-TLS11-SSL3":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS11-SSL3":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS11-TLS1":"Test failure - reason unknown", + "MinimumVersion-Server2-TLS12-SSL3":"Test failure - reason unknown", + "MinimumVersion-Server-TLS12-SSL3":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS12-TLS1":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS12-SSL3":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS12-TLS1-DTLS":"Test failure - reason unknown", + "MinimumVersion-Client2-TLS12-TLS11":"Test failure - reason unknown", + "DuplicateExtensionClient-TLS1":"Test failure - reason unknown", + "DuplicateExtensionServer-TLS1":"Test failure - reason unknown", + "ALPNClient-Mismatch-TLS1":"Test failure - reason unknown", + "UnsolicitedServerNameAck-TLS1":"Test failure - reason unknown", + "ALPNServer-Decline-TLS1":"Test failure - reason unknown", + "ALPNClient-EmptyProtocolName-TLS1":"Test failure - reason unknown", + "NegotiateALPNAndNPN-Swapped-TLS1":"Test failure - reason unknown", + "NegotiateALPNAndNPN-TLS1":"Test failure - reason unknown", + "TicketSessionIDLength-33-TLS1":"Test failure - reason unknown", + "DuplicateExtensionClient-TLS11":"Test failure - reason unknown", + "DuplicateExtensionServer-TLS11":"Test failure - reason unknown", + "UnsolicitedServerNameAck-TLS11":"Test failure - reason unknown", + "ALPNServer-Decline-TLS11":"Test failure - reason unknown", + "ALPNClient-Mismatch-TLS11":"Test failure - reason unknown", + "ALPNClient-EmptyProtocolName-TLS11":"Test failure - reason unknown", + "NegotiateALPNAndNPN-TLS11":"Test failure - reason unknown", + "NegotiateALPNAndNPN-Swapped-TLS11":"Test failure - reason unknown", + "TicketSessionIDLength-33-TLS11":"Test failure - reason unknown", + "DuplicateExtensionServer-TLS12":"Test failure - reason unknown", + "DuplicateExtensionClient-TLS12":"Test failure - reason unknown", + "UnsolicitedServerNameAck-TLS12":"Test failure - reason unknown", + "ALPNServer-Decline-TLS12":"Test failure - reason unknown", + "ALPNClient-Mismatch-TLS12":"Test failure - reason unknown", + "ALPNClient-EmptyProtocolName-TLS12":"Test failure - reason unknown", + "NegotiateALPNAndNPN-TLS12":"Test failure - reason unknown", + "NegotiateALPNAndNPN-Swapped-TLS12":"Test failure - reason unknown", + "TicketSessionIDLength-33-TLS12":"Test failure - reason unknown", + "ClientHelloPadding":"Test failure - reason unknown", + "Resume-Server-UnofferedCipher":"Test failure - reason unknown", + "Resume-Client-CipherMismatch":"Test failure - reason unknown", + "Resume-Server-ExtraIdentityNoBinder":"Test failure - reason unknown", + "Resume-Server-BinderWrongLength":"Test failure - reason unknown", + "Resume-Server-ExtraPSKBinder":"Test failure - reason unknown", + "Resume-Server-NoPSKBinder":"Test failure - reason unknown", + "Resume-Server-PSKBinderFirstExtension":"Test failure - reason unknown", + "Resume-Server-InvalidPSKBinder":"Test failure - reason unknown", + "ExtendedMasterSecret-NoToYes-Client":"Test failure - reason unknown", + "Renegotiate-Server-Forbidden":"Test failure - reason unknown", + "ExtendedMasterSecret-Renego-NoEMS":"Test failure - reason unknown", + "Renegotiate-Client-SwitchVersion":"Test failure - reason unknown", + "Renegotiate-Client-Upgrade":"Test failure - reason unknown", + "Renegotiate-SameClientVersion":"Test failure - reason unknown", + "Renegotiate-Client-Downgrade":"Test failure - reason unknown", + "Renegotiate-Client-SwitchCiphers2":"Test failure - reason unknown", + "Renegotiate-Client-SwitchCiphers":"Test failure - reason unknown", + "Renegotiate-Client-Forbidden-1":"Test failure - reason unknown", + "StrayHelloRequest":"Test failure - reason unknown", + "Renegotiate-Client-Freely-2":"Test failure - reason unknown", + "Renegotiate-Client-NoIgnore":"Test failure - reason unknown", + "StrayHelloRequest-Packed":"Test failure - reason unknown", + "Renegotiate-Client-Freely-1":"Test failure - reason unknown", + "Renegotiation-CertificateChange":"Test failure - reason unknown", + "Renegotiation-CertificateChange-2":"Test failure - reason unknown", + "Renegotiate-Client-SSL3":"Test failure - reason unknown", + "ClientAuth-SHA1-Fallback-ECDSA":"Test failure - reason unknown", + "ClientAuth-SHA1-Fallback-RSA":"Test failure - reason unknown", + "P224-Server":"Test failure - reason unknown", + "RSA-PSS-Large":"Test failure - reason unknown", + "DTLS-Retransmit-Client-1":"Test failure - reason unknown", + "DTLS-Retransmit-Client-2":"Test failure - reason unknown", + "DTLS-Retransmit-Server-1":"Test failure - reason unknown", + "DTLS-Retransmit-Server-2":"Test failure - reason unknown", + "DTLS-Retransmit-Client-3":"Test failure - reason unknown", + "DTLS-Retransmit-Server-3":"Test failure - reason unknown", + "DTLS-Retransmit-Client-4":"Test failure - reason unknown", + "Renegotiate-Client-Packed":"Test failure - reason unknown", + "DTLS-Retransmit-Server-4":"Test failure - reason unknown", + "DTLS-Retransmit-Client-5":"Test failure - reason unknown", + "DTLS-Retransmit-Server-6":"Test failure - reason unknown", + "DTLS-Retransmit-Client-6":"Test failure - reason unknown", + "DTLS-Retransmit-Server-5":"Test failure - reason unknown", + "DTLS-Retransmit-Client-7":"Test failure - reason unknown", + "DTLS-Retransmit-Server-7":"Test failure - reason unknown", + "DTLS-Retransmit-Client-8":"Test failure - reason unknown", + "DTLS-Retransmit-Client-9":"Test failure - reason unknown", + "DTLS-Retransmit-Server-8":"Test failure - reason unknown", + "DTLS-Retransmit-Server-9":"Test failure - reason unknown", + "DTLS-Retransmit-Client-10":"Test failure - reason unknown", + "DTLS-Retransmit-Client-11":"Test failure - reason unknown", + "DTLS-Retransmit-Server-10":"Test failure - reason unknown", + "DTLS-Retransmit-Server-11":"Test failure - reason unknown", + "CustomExtensions-ParseError-Server":"Test failure - reason unknown", + "CustomExtensions-FailAdd-Server":"Test failure - reason unknown", + "CustomExtensions-FailAdd-Client":"Test failure - reason unknown", + "CustomExtensions-ParseError-Client":"Test failure - reason unknown", + "UnknownExtension-Client":"Test failure - reason unknown", + "UnofferedExtension-Client":"Test failure - reason unknown", + "PointFormat-Client-MissingUncompressed":"Test failure - reason unknown", + "PointFormat-Server-MissingUncompressed":"Test failure - reason unknown", + "Basic-Client-RenewTicket-Sync":"Test failure - reason unknown", + "Renegotiate-Client-Sync":"Test failure - reason unknown", + "Shutdown-Shim-Sync":"Test failure - reason unknown", + "Basic-Client-RenewTicket-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Renegotiate-Client-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Shutdown-Shim-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Client-RenewTicket-Sync-PackHandshakeFlight":"Test failure - reason unknown", + "Renegotiate-Client-Sync-PackHandshakeFlight":"Test failure - reason unknown", + "Shutdown-Shim-Sync-PackHandshakeFlight":"Test failure - reason unknown", + "Basic-Client-RenewTicket-DTLS-Sync":"Test failure - reason unknown", + "Basic-Client-RenewTicket-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-Implicit-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "ClientAuth-NoCertificate-Server-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "ClientAuth-ECDSA-Client-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-RSA-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-ECDHE-RSA-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-ECDHE-ECDSA-DTLS-Sync-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Client-RenewTicket-Async":"Test failure - reason unknown", + "Shutdown-Shim-Async":"Test failure - reason unknown", + "Basic-Client-RenewTicket-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "Shutdown-Shim-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Client-RenewTicket-Async-PackHandshakeFlight":"Test failure - reason unknown", + "Shutdown-Shim-Async-PackHandshakeFlight":"Test failure - reason unknown", + "Basic-Client-RenewTicket-DTLS-Async":"Test failure - reason unknown", + "Basic-Client-RenewTicket-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-Implicit-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "ClientAuth-NoCertificate-Server-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "ClientAuth-ECDSA-Client-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-RSA-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-ECDHE-RSA-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "Basic-Server-ECDHE-ECDSA-DTLS-Async-SplitHandshakeRecords":"Test failure - reason unknown", + "SendUnencryptedFinished-DTLS":"Test failure - reason unknown", + "PartialEncryptedExtensionsWithServerHello":"Test failure - reason unknown", + "StrayChangeCipherSpec":"Test failure - reason unknown", + "PartialClientFinishedWithClientHello":"Test failure - reason unknown", + "TrailingMessageData-ClientHello":"Test failure - reason unknown", + "TrailingMessageData-ServerHello":"Test failure - reason unknown", + "TrailingMessageData-ServerCertificate":"Test failure - reason unknown", + "TrailingMessageData-ServerKeyExchange":"Test failure - reason unknown", + "TrailingMessageData-CertificateRequest":"Test failure - reason unknown", + "TrailingMessageData-ServerHelloDone":"Test failure - reason unknown", + "TrailingMessageData-ClientKeyExchange":"Test failure - reason unknown", + "TrailingMessageData-ClientCertificate":"Test failure - reason unknown", + "TrailingMessageData-CertificateVerify":"Test failure - reason unknown", + "TrailingMessageData-NextProtocol":"Test failure - reason unknown", + "TrailingMessageData-NewSessionTicket":"Test failure - reason unknown", + "TrailingMessageData-ClientFinished":"Test failure - reason unknown", + "TrailingMessageData-ServerFinished":"Test failure - reason unknown", + "TrailingMessageData-HelloVerifyRequest-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ServerHello-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ServerCertificate-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ServerKeyExchange-DTLS":"Test failure - reason unknown", + "TrailingMessageData-CertificateRequest-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ServerHelloDone-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ClientCertificate-DTLS":"Test failure - reason unknown", + "TrailingMessageData-CertificateVerify-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ClientKeyExchange-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ClientFinished-DTLS":"Test failure - reason unknown", + "TrailingMessageData-NewSessionTicket-DTLS":"Test failure - reason unknown", + "TrailingMessageData-ServerFinished-DTLS":"Test failure - reason unknown", + "MissingKeyShare-Client":"Test failure - reason unknown", + "MissingKeyShare-Server":"Test failure - reason unknown", + "DuplicateKeyShares":"Test failure - reason unknown", + "SkipEarlyData":"Test failure - reason unknown", + "SkipEarlyData-OmitEarlyDataExtension":"Test failure - reason unknown", + "SkipEarlyData-TooMuchData":"Test failure - reason unknown", + "SkipEarlyData-Interleaved":"Test failure - reason unknown", + "SkipEarlyData-HRR":"Test failure - reason unknown", + "SkipEarlyData-HRR-Interleaved":"Test failure - reason unknown", + "SkipEarlyData-HRR-TooMuchData":"Test failure - reason unknown", + "SkipEarlyData-HRR-FatalAlert":"Test failure - reason unknown", + "SkipEarlyData-EarlyDataInTLS12":"Test failure - reason unknown", + "SkipEarlyData-SecondClientHelloEarlyData":"Test failure - reason unknown", + "EmptyEncryptedExtensions":"Test failure - reason unknown", + "EncryptedExtensionsWithKeyShare":"Test failure - reason unknown", + "UnknownCurve-HelloRetryRequest":"Test failure - reason unknown", + "UnnecessaryHelloRetryRequest":"Test failure - reason unknown", + "HelloRetryRequest-Empty":"Test failure - reason unknown", + "SecondHelloRetryRequest":"Test failure - reason unknown", + "HelloRetryRequest-DuplicateCurve":"Test failure - reason unknown", + "HelloRetryRequest-DuplicateCookie":"Test failure - reason unknown", + "HelloRetryRequest-EmptyCookie":"Test failure - reason unknown", + "HelloRetryRequest-Unknown":"Test failure - reason unknown", + "SecondClientHelloMissingKeyShare":"Test failure - reason unknown", + "SecondClientHelloWrongCurve":"Test failure - reason unknown", + "HelloRetryRequestVersionMismatch":"Test failure - reason unknown", + "HelloRetryRequestCurveMismatch":"Test failure - reason unknown", + "SkipHelloRetryRequest":"Test failure - reason unknown", + "Peek-Renegotiate":"Test failure - reason unknown", + "Peek-KeyUpdate":"Test failure - reason unknown", + "DTLS-Retransmit-Client-12":"Test failure - reason unknown", + "DTLS-Retransmit-Timeout":"Test failure - reason unknown", + "DTLS-Retransmit-Server-12":"Test failure - reason unknown", + "DTLS-Retransmit-Fudge":"Test failure - reason unknown", + "DTLS-Retransmit-Fragmented":"Test failure - reason unknown", + "TrailingMessageData-ClientHello-DTLS":"Test failure - reason unknown", + "SendFallbackSCSV":"Current runner version uses old draft TLSv1.3", + "VersionNegotiationExtension-TLS11":"Current runner version uses old draft TLSv1.3", + "VersionNegotiationExtension-TLS1":"Current runner version uses old draft TLSv1.3", + "VersionNegotiationExtension-SSL3":"Current runner version uses old draft TLSv1.3", + "ConflictingVersionNegotiation":"Current runner version uses old draft TLSv1.3" + }, + "ErrorMap" : { + ":UNEXPECTED_MESSAGE:":"unexpected message", + ":INAPPROPRIATE_FALLBACK:":"inappropriate fallback", + ":UNEXPECTED_RECORD:":"unexpected message", + ":TLSV1_ALERT_RECORD_OVERFLOW:":"tlsv1 alert record overflow", + ":WRONG_SSL_VERSION:":"no protocols available", + ":BAD_ALERT:":"invalid alert", + ":HTTP_REQUEST:":"http request", + ":HTTPS_PROXY_REQUEST:":"https proxy request", + ":WRONG_CERTIFICATE_TYPE:":"wrong certificate type", + ":WRONG_VERSION_NUMBER:":"wrong version number", + ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:":"decryption failed or bad record mac", + ":DIGEST_CHECK_FAILED:":"digest check failed", + ":TOO_MANY_EMPTY_FRAGMENTS:":"record too small", + ":TOO_MANY_WARNING_ALERTS:":"too many warn alerts", + ":DATA_LENGTH_TOO_LONG:":"data length too long", + ":EXCESSIVE_MESSAGE_SIZE:":"excessive message size", + ":ENCRYPTED_LENGTH_TOO_LONG:":"packet length too long", + ":INVALID_COMPRESSION_LIST:":"no compression specified", + ":NO_SHARED_CIPHER:":"no shared cipher", + ":WRONG_CIPHER_RETURNED:":"wrong cipher returned", + ":HANDSHAKE_FAILURE_ON_CLIENT_HELLO:":"sslv3 alert handshake failure", + ":UNKNOWN_CIPHER_RETURNED:":"unknown cipher returned", + ":BAD_SIGNATURE:":"bad signature", + ":BAD_DH_P_LENGTH:":"dh key too small", + ":PEER_DID_NOT_RETURN_A_CERTIFICATE:":"peer did not return a certificate", + ":UNSUPPORTED_PROTOCOL:":"unsupported protocol", + ":PARSE_TLSEXT:":"bad extension", + ":BAD_SRTP_PROTECTION_PROFILE_LIST:":"bad srtp protection profile list", + ":OLD_SESSION_VERSION_NOT_RETURNED:":"ssl session version mismatch", + ":RESUMED_EMS_SESSION_WITHOUT_EMS_EXTENSION:":"inconsistent extms", + ":RENEGOTIATION_EMS_MISMATCH:":"inconsistent extms", + ":RENEGOTIATION_MISMATCH:":"renegotiation mismatch", + ":WRONG_SIGNATURE_TYPE:":"wrong signature type", + ":BAD_ECC_CERT:":"wrong curve", + ":WRONG_CURVE:":"wrong curve", + ":INVALID_ENCODING:":"invalid encoding", + ":CERTIFICATE_VERIFY_FAILED:":"certificate verify failed", + ":BAD_CHANGE_CIPHER_SPEC:":"bad change cipher spec", + ":ECC_CERT_NOT_FOR_SIGNING:":"ecc cert not for signing", + ":OLD_SESSION_CIPHER_NOT_RETURNED:":"old session cipher not returned", + ":RESUMED_NON_EMS_SESSION_WITH_EMS_EXTENSION:":"inconsistent extms" + } +} diff --git a/deps/openssl/openssl/test/ossl_shim/ossl_shim.cc b/deps/openssl/openssl/test/ossl_shim/ossl_shim.cc new file mode 100644 index 0000000000..90d1f1ef40 --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/ossl_shim.cc @@ -0,0 +1,1300 @@ +/* + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#if !defined(__STDC_FORMAT_MACROS) +#define __STDC_FORMAT_MACROS +#endif + +#include "packeted_bio.h" +#include <openssl/e_os2.h> + +#if !defined(OPENSSL_SYS_WINDOWS) +#include <arpa/inet.h> +#include <netinet/in.h> +#include <netinet/tcp.h> +#include <signal.h> +#include <sys/socket.h> +#include <sys/time.h> +#include <unistd.h> +#else +#include <io.h> +OPENSSL_MSVC_PRAGMA(warning(push, 3)) +#include <winsock2.h> +#include <ws2tcpip.h> +OPENSSL_MSVC_PRAGMA(warning(pop)) + +OPENSSL_MSVC_PRAGMA(comment(lib, "Ws2_32.lib")) +#endif + +#include <assert.h> +#include <inttypes.h> +#include <string.h> + +#include <openssl/bio.h> +#include <openssl/buffer.h> +#include <openssl/bn.h> +#include <openssl/crypto.h> +#include <openssl/dh.h> +#include <openssl/err.h> +#include <openssl/evp.h> +#include <openssl/hmac.h> +#include <openssl/objects.h> +#include <openssl/rand.h> +#include <openssl/ssl.h> +#include <openssl/x509.h> + +#include <memory> +#include <string> +#include <vector> + +#include "async_bio.h" +#include "test_config.h" + +namespace bssl { + +#if !defined(OPENSSL_SYS_WINDOWS) +static int closesocket(int sock) { + return close(sock); +} + +static void PrintSocketError(const char *func) { + perror(func); +} +#else +static void PrintSocketError(const char *func) { + fprintf(stderr, "%s: %d\n", func, WSAGetLastError()); +} +#endif + +static int Usage(const char *program) { + fprintf(stderr, "Usage: %s [flags...]\n", program); + return 1; +} + +struct TestState { + // async_bio is async BIO which pauses reads and writes. + BIO *async_bio = nullptr; + // packeted_bio is the packeted BIO which simulates read timeouts. + BIO *packeted_bio = nullptr; + bool cert_ready = false; + bool handshake_done = false; + // private_key is the underlying private key used when testing custom keys. + bssl::UniquePtr<EVP_PKEY> private_key; + bool got_new_session = false; + bssl::UniquePtr<SSL_SESSION> new_session; + bool ticket_decrypt_done = false; + bool alpn_select_done = false; +}; + +static void TestStateExFree(void *parent, void *ptr, CRYPTO_EX_DATA *ad, + int index, long argl, void *argp) { + delete ((TestState *)ptr); +} + +static int g_config_index = 0; +static int g_state_index = 0; + +static bool SetTestConfig(SSL *ssl, const TestConfig *config) { + return SSL_set_ex_data(ssl, g_config_index, (void *)config) == 1; +} + +static const TestConfig *GetTestConfig(const SSL *ssl) { + return (const TestConfig *)SSL_get_ex_data(ssl, g_config_index); +} + +static bool SetTestState(SSL *ssl, std::unique_ptr<TestState> state) { + // |SSL_set_ex_data| takes ownership of |state| only on success. + if (SSL_set_ex_data(ssl, g_state_index, state.get()) == 1) { + state.release(); + return true; + } + return false; +} + +static TestState *GetTestState(const SSL *ssl) { + return (TestState *)SSL_get_ex_data(ssl, g_state_index); +} + +static bssl::UniquePtr<X509> LoadCertificate(const std::string &file) { + bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_file())); + if (!bio || !BIO_read_filename(bio.get(), file.c_str())) { + return nullptr; + } + return bssl::UniquePtr<X509>(PEM_read_bio_X509(bio.get(), NULL, NULL, NULL)); +} + +static bssl::UniquePtr<EVP_PKEY> LoadPrivateKey(const std::string &file) { + bssl::UniquePtr<BIO> bio(BIO_new(BIO_s_file())); + if (!bio || !BIO_read_filename(bio.get(), file.c_str())) { + return nullptr; + } + return bssl::UniquePtr<EVP_PKEY>( + PEM_read_bio_PrivateKey(bio.get(), NULL, NULL, NULL)); +} + +template<typename T> +struct Free { + void operator()(T *buf) { + free(buf); + } +}; + +static bool GetCertificate(SSL *ssl, bssl::UniquePtr<X509> *out_x509, + bssl::UniquePtr<EVP_PKEY> *out_pkey) { + const TestConfig *config = GetTestConfig(ssl); + + if (!config->key_file.empty()) { + *out_pkey = LoadPrivateKey(config->key_file.c_str()); + if (!*out_pkey) { + return false; + } + } + if (!config->cert_file.empty()) { + *out_x509 = LoadCertificate(config->cert_file.c_str()); + if (!*out_x509) { + return false; + } + } + return true; +} + +static bool InstallCertificate(SSL *ssl) { + bssl::UniquePtr<X509> x509; + bssl::UniquePtr<EVP_PKEY> pkey; + if (!GetCertificate(ssl, &x509, &pkey)) { + return false; + } + + if (pkey && !SSL_use_PrivateKey(ssl, pkey.get())) { + return false; + } + + if (x509 && !SSL_use_certificate(ssl, x509.get())) { + return false; + } + + return true; +} + +static int ClientCertCallback(SSL *ssl, X509 **out_x509, EVP_PKEY **out_pkey) { + if (GetTestConfig(ssl)->async && !GetTestState(ssl)->cert_ready) { + return -1; + } + + bssl::UniquePtr<X509> x509; + bssl::UniquePtr<EVP_PKEY> pkey; + if (!GetCertificate(ssl, &x509, &pkey)) { + return -1; + } + + // Return zero for no certificate. + if (!x509) { + return 0; + } + + // Asynchronous private keys are not supported with client_cert_cb. + *out_x509 = x509.release(); + *out_pkey = pkey.release(); + return 1; +} + +static int VerifySucceed(X509_STORE_CTX *store_ctx, void *arg) { + return 1; +} + +static int VerifyFail(X509_STORE_CTX *store_ctx, void *arg) { + X509_STORE_CTX_set_error(store_ctx, X509_V_ERR_APPLICATION_VERIFICATION); + return 0; +} + +static int NextProtosAdvertisedCallback(SSL *ssl, const uint8_t **out, + unsigned int *out_len, void *arg) { + const TestConfig *config = GetTestConfig(ssl); + if (config->advertise_npn.empty()) { + return SSL_TLSEXT_ERR_NOACK; + } + + *out = (const uint8_t*)config->advertise_npn.data(); + *out_len = config->advertise_npn.size(); + return SSL_TLSEXT_ERR_OK; +} + +static int NextProtoSelectCallback(SSL* ssl, uint8_t** out, uint8_t* outlen, + const uint8_t* in, unsigned inlen, void* arg) { + const TestConfig *config = GetTestConfig(ssl); + if (config->select_next_proto.empty()) { + return SSL_TLSEXT_ERR_NOACK; + } + + *out = (uint8_t*)config->select_next_proto.data(); + *outlen = config->select_next_proto.size(); + return SSL_TLSEXT_ERR_OK; +} + +static int AlpnSelectCallback(SSL* ssl, const uint8_t** out, uint8_t* outlen, + const uint8_t* in, unsigned inlen, void* arg) { + if (GetTestState(ssl)->alpn_select_done) { + fprintf(stderr, "AlpnSelectCallback called after completion.\n"); + exit(1); + } + + GetTestState(ssl)->alpn_select_done = true; + + const TestConfig *config = GetTestConfig(ssl); + if (config->decline_alpn) { + return SSL_TLSEXT_ERR_NOACK; + } + + if (!config->expected_advertised_alpn.empty() && + (config->expected_advertised_alpn.size() != inlen || + memcmp(config->expected_advertised_alpn.data(), + in, inlen) != 0)) { + fprintf(stderr, "bad ALPN select callback inputs\n"); + exit(1); + } + + *out = (const uint8_t*)config->select_alpn.data(); + *outlen = config->select_alpn.size(); + return SSL_TLSEXT_ERR_OK; +} + +static unsigned PskClientCallback(SSL *ssl, const char *hint, + char *out_identity, + unsigned max_identity_len, + uint8_t *out_psk, unsigned max_psk_len) { + const TestConfig *config = GetTestConfig(ssl); + + if (config->psk_identity.empty()) { + if (hint != nullptr) { + fprintf(stderr, "Server PSK hint was non-null.\n"); + return 0; + } + } else if (hint == nullptr || + strcmp(hint, config->psk_identity.c_str()) != 0) { + fprintf(stderr, "Server PSK hint did not match.\n"); + return 0; + } + + // Account for the trailing '\0' for the identity. + if (config->psk_identity.size() >= max_identity_len || + config->psk.size() > max_psk_len) { + fprintf(stderr, "PSK buffers too small\n"); + return 0; + } + + BUF_strlcpy(out_identity, config->psk_identity.c_str(), + max_identity_len); + memcpy(out_psk, config->psk.data(), config->psk.size()); + return config->psk.size(); +} + +static unsigned PskServerCallback(SSL *ssl, const char *identity, + uint8_t *out_psk, unsigned max_psk_len) { + const TestConfig *config = GetTestConfig(ssl); + + if (strcmp(identity, config->psk_identity.c_str()) != 0) { + fprintf(stderr, "Client PSK identity did not match.\n"); + return 0; + } + + if (config->psk.size() > max_psk_len) { + fprintf(stderr, "PSK buffers too small\n"); + return 0; + } + + memcpy(out_psk, config->psk.data(), config->psk.size()); + return config->psk.size(); +} + +static int CertCallback(SSL *ssl, void *arg) { + const TestConfig *config = GetTestConfig(ssl); + + // Check the CertificateRequest metadata is as expected. + // + // TODO(davidben): Test |SSL_get_client_CA_list|. + if (!SSL_is_server(ssl) && + !config->expected_certificate_types.empty()) { + const uint8_t *certificate_types; + size_t certificate_types_len = + SSL_get0_certificate_types(ssl, &certificate_types); + if (certificate_types_len != config->expected_certificate_types.size() || + memcmp(certificate_types, + config->expected_certificate_types.data(), + certificate_types_len) != 0) { + fprintf(stderr, "certificate types mismatch\n"); + return 0; + } + } + + // The certificate will be installed via other means. + if (!config->async || + config->use_old_client_cert_callback) { + return 1; + } + + if (!GetTestState(ssl)->cert_ready) { + return -1; + } + if (!InstallCertificate(ssl)) { + return 0; + } + return 1; +} + +static void InfoCallback(const SSL *ssl, int type, int val) { + if (type == SSL_CB_HANDSHAKE_DONE) { + if (GetTestConfig(ssl)->handshake_never_done) { + fprintf(stderr, "Handshake unexpectedly completed.\n"); + // Abort before any expected error code is printed, to ensure the overall + // test fails. + abort(); + } + GetTestState(ssl)->handshake_done = true; + + // Callbacks may be called again on a new handshake. + GetTestState(ssl)->ticket_decrypt_done = false; + GetTestState(ssl)->alpn_select_done = false; + } +} + +static int NewSessionCallback(SSL *ssl, SSL_SESSION *session) { + GetTestState(ssl)->got_new_session = true; + GetTestState(ssl)->new_session.reset(session); + return 1; +} + +static int TicketKeyCallback(SSL *ssl, uint8_t *key_name, uint8_t *iv, + EVP_CIPHER_CTX *ctx, HMAC_CTX *hmac_ctx, + int encrypt) { + if (!encrypt) { + if (GetTestState(ssl)->ticket_decrypt_done) { + fprintf(stderr, "TicketKeyCallback called after completion.\n"); + return -1; + } + + GetTestState(ssl)->ticket_decrypt_done = true; + } + + // This is just test code, so use the all-zeros key. + static const uint8_t kZeros[16] = {0}; + + if (encrypt) { + memcpy(key_name, kZeros, sizeof(kZeros)); + RAND_bytes(iv, 16); + } else if (memcmp(key_name, kZeros, 16) != 0) { + return 0; + } + + if (!HMAC_Init_ex(hmac_ctx, kZeros, sizeof(kZeros), EVP_sha256(), NULL) || + !EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, kZeros, iv, encrypt)) { + return -1; + } + + if (!encrypt) { + return GetTestConfig(ssl)->renew_ticket ? 2 : 1; + } + return 1; +} + +// kCustomExtensionValue is the extension value that the custom extension +// callbacks will add. +static const uint16_t kCustomExtensionValue = 1234; +static void *const kCustomExtensionAddArg = + reinterpret_cast<void *>(kCustomExtensionValue); +static void *const kCustomExtensionParseArg = + reinterpret_cast<void *>(kCustomExtensionValue + 1); +static const char kCustomExtensionContents[] = "custom extension"; + +static int CustomExtensionAddCallback(SSL *ssl, unsigned extension_value, + const uint8_t **out, size_t *out_len, + int *out_alert_value, void *add_arg) { + if (extension_value != kCustomExtensionValue || + add_arg != kCustomExtensionAddArg) { + abort(); + } + + if (GetTestConfig(ssl)->custom_extension_skip) { + return 0; + } + if (GetTestConfig(ssl)->custom_extension_fail_add) { + return -1; + } + + *out = reinterpret_cast<const uint8_t*>(kCustomExtensionContents); + *out_len = sizeof(kCustomExtensionContents) - 1; + + return 1; +} + +static void CustomExtensionFreeCallback(SSL *ssl, unsigned extension_value, + const uint8_t *out, void *add_arg) { + if (extension_value != kCustomExtensionValue || + add_arg != kCustomExtensionAddArg || + out != reinterpret_cast<const uint8_t *>(kCustomExtensionContents)) { + abort(); + } +} + +static int CustomExtensionParseCallback(SSL *ssl, unsigned extension_value, + const uint8_t *contents, + size_t contents_len, + int *out_alert_value, void *parse_arg) { + if (extension_value != kCustomExtensionValue || + parse_arg != kCustomExtensionParseArg) { + abort(); + } + + if (contents_len != sizeof(kCustomExtensionContents) - 1 || + memcmp(contents, kCustomExtensionContents, contents_len) != 0) { + *out_alert_value = SSL_AD_DECODE_ERROR; + return 0; + } + + return 1; +} + +static int ServerNameCallback(SSL *ssl, int *out_alert, void *arg) { + // SNI must be accessible from the SNI callback. + const TestConfig *config = GetTestConfig(ssl); + const char *server_name = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); + if (server_name == nullptr || + std::string(server_name) != config->expected_server_name) { + fprintf(stderr, "servername mismatch (got %s; want %s)\n", server_name, + config->expected_server_name.c_str()); + return SSL_TLSEXT_ERR_ALERT_FATAL; + } + + return SSL_TLSEXT_ERR_OK; +} + +// Connect returns a new socket connected to localhost on |port| or -1 on +// error. +static int Connect(uint16_t port) { + int sock = socket(AF_INET, SOCK_STREAM, 0); + if (sock == -1) { + PrintSocketError("socket"); + return -1; + } + int nodelay = 1; + if (setsockopt(sock, IPPROTO_TCP, TCP_NODELAY, + reinterpret_cast<const char*>(&nodelay), sizeof(nodelay)) != 0) { + PrintSocketError("setsockopt"); + closesocket(sock); + return -1; + } + sockaddr_in sin; + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + sin.sin_port = htons(port); + if (!inet_pton(AF_INET, "127.0.0.1", &sin.sin_addr)) { + PrintSocketError("inet_pton"); + closesocket(sock); + return -1; + } + if (connect(sock, reinterpret_cast<const sockaddr*>(&sin), + sizeof(sin)) != 0) { + PrintSocketError("connect"); + closesocket(sock); + return -1; + } + return sock; +} + +class SocketCloser { + public: + explicit SocketCloser(int sock) : sock_(sock) {} + ~SocketCloser() { + // Half-close and drain the socket before releasing it. This seems to be + // necessary for graceful shutdown on Windows. It will also avoid write + // failures in the test runner. +#if defined(OPENSSL_SYS_WINDOWS) + shutdown(sock_, SD_SEND); +#else + shutdown(sock_, SHUT_WR); +#endif + while (true) { + char buf[1024]; + if (recv(sock_, buf, sizeof(buf), 0) <= 0) { + break; + } + } + closesocket(sock_); + } + + private: + const int sock_; +}; + +static bssl::UniquePtr<SSL_CTX> SetupCtx(const TestConfig *config) { + const char sess_id_ctx[] = "ossl_shim"; + bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new( + config->is_dtls ? DTLS_method() : TLS_method())); + if (!ssl_ctx) { + return nullptr; + } + + SSL_CTX_set_security_level(ssl_ctx.get(), 0); +#if 0 + /* Disabled for now until we have some TLS1.3 support */ + // Enable TLS 1.3 for tests. + if (!config->is_dtls && + !SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_3_VERSION)) { + return nullptr; + } +#else + /* Ensure we don't negotiate TLSv1.3 until we can handle it */ + if (!config->is_dtls && + !SSL_CTX_set_max_proto_version(ssl_ctx.get(), TLS1_2_VERSION)) { + return nullptr; + } +#endif + + std::string cipher_list = "ALL"; + if (!config->cipher.empty()) { + cipher_list = config->cipher; + SSL_CTX_set_options(ssl_ctx.get(), SSL_OP_CIPHER_SERVER_PREFERENCE); + } + if (!SSL_CTX_set_cipher_list(ssl_ctx.get(), cipher_list.c_str())) { + return nullptr; + } + + DH *tmpdh; + + if (config->use_sparse_dh_prime) { + BIGNUM *p, *g; + p = BN_new(); + g = BN_new(); + tmpdh = DH_new(); + if (p == NULL || g == NULL || tmpdh == NULL) { + BN_free(p); + BN_free(g); + DH_free(tmpdh); + return nullptr; + } + // This prime number is 2^1024 + 643 – a value just above a power of two. + // Because of its form, values modulo it are essentially certain to be one + // byte shorter. This is used to test padding of these values. + if (BN_hex2bn( + &p, + "1000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000000" + "0000000000000000000000000000000000000000000000000000000000000028" + "3") == 0 || + !BN_set_word(g, 2)) { + BN_free(p); + BN_free(g); + DH_free(tmpdh); + return nullptr; + } + DH_set0_pqg(tmpdh, p, NULL, g); + } else { + tmpdh = DH_get_2048_256(); + } + + bssl::UniquePtr<DH> dh(tmpdh); + + if (!dh || !SSL_CTX_set_tmp_dh(ssl_ctx.get(), dh.get())) { + return nullptr; + } + + SSL_CTX_set_session_cache_mode(ssl_ctx.get(), SSL_SESS_CACHE_BOTH); + + if (config->use_old_client_cert_callback) { + SSL_CTX_set_client_cert_cb(ssl_ctx.get(), ClientCertCallback); + } + + SSL_CTX_set_npn_advertised_cb( + ssl_ctx.get(), NextProtosAdvertisedCallback, NULL); + if (!config->select_next_proto.empty()) { + SSL_CTX_set_next_proto_select_cb(ssl_ctx.get(), NextProtoSelectCallback, + NULL); + } + + if (!config->select_alpn.empty() || config->decline_alpn) { + SSL_CTX_set_alpn_select_cb(ssl_ctx.get(), AlpnSelectCallback, NULL); + } + + SSL_CTX_set_info_callback(ssl_ctx.get(), InfoCallback); + SSL_CTX_sess_set_new_cb(ssl_ctx.get(), NewSessionCallback); + + if (config->use_ticket_callback) { + SSL_CTX_set_tlsext_ticket_key_cb(ssl_ctx.get(), TicketKeyCallback); + } + + if (config->enable_client_custom_extension && + !SSL_CTX_add_client_custom_ext( + ssl_ctx.get(), kCustomExtensionValue, CustomExtensionAddCallback, + CustomExtensionFreeCallback, kCustomExtensionAddArg, + CustomExtensionParseCallback, kCustomExtensionParseArg)) { + return nullptr; + } + + if (config->enable_server_custom_extension && + !SSL_CTX_add_server_custom_ext( + ssl_ctx.get(), kCustomExtensionValue, CustomExtensionAddCallback, + CustomExtensionFreeCallback, kCustomExtensionAddArg, + CustomExtensionParseCallback, kCustomExtensionParseArg)) { + return nullptr; + } + + if (config->verify_fail) { + SSL_CTX_set_cert_verify_callback(ssl_ctx.get(), VerifyFail, NULL); + } else { + SSL_CTX_set_cert_verify_callback(ssl_ctx.get(), VerifySucceed, NULL); + } + + if (config->use_null_client_ca_list) { + SSL_CTX_set_client_CA_list(ssl_ctx.get(), nullptr); + } + + if (!SSL_CTX_set_session_id_context(ssl_ctx.get(), + (const unsigned char *)sess_id_ctx, + sizeof(sess_id_ctx) - 1)) + return nullptr; + + if (!config->expected_server_name.empty()) { + SSL_CTX_set_tlsext_servername_callback(ssl_ctx.get(), ServerNameCallback); + } + + return ssl_ctx; +} + +// RetryAsync is called after a failed operation on |ssl| with return code +// |ret|. If the operation should be retried, it simulates one asynchronous +// event and returns true. Otherwise it returns false. +static bool RetryAsync(SSL *ssl, int ret) { + // No error; don't retry. + if (ret >= 0) { + return false; + } + + TestState *test_state = GetTestState(ssl); + assert(GetTestConfig(ssl)->async); + + if (test_state->packeted_bio != nullptr && + PacketedBioAdvanceClock(test_state->packeted_bio)) { + // The DTLS retransmit logic silently ignores write failures. So the test + // may progress, allow writes through synchronously. + AsyncBioEnforceWriteQuota(test_state->async_bio, false); + int timeout_ret = DTLSv1_handle_timeout(ssl); + AsyncBioEnforceWriteQuota(test_state->async_bio, true); + + if (timeout_ret < 0) { + fprintf(stderr, "Error retransmitting.\n"); + return false; + } + return true; + } + + // See if we needed to read or write more. If so, allow one byte through on + // the appropriate end to maximally stress the state machine. + switch (SSL_get_error(ssl, ret)) { + case SSL_ERROR_WANT_READ: + AsyncBioAllowRead(test_state->async_bio, 1); + return true; + case SSL_ERROR_WANT_WRITE: + AsyncBioAllowWrite(test_state->async_bio, 1); + return true; + case SSL_ERROR_WANT_X509_LOOKUP: + test_state->cert_ready = true; + return true; + default: + return false; + } +} + +// DoRead reads from |ssl|, resolving any asynchronous operations. It returns +// the result value of the final |SSL_read| call. +static int DoRead(SSL *ssl, uint8_t *out, size_t max_out) { + const TestConfig *config = GetTestConfig(ssl); + TestState *test_state = GetTestState(ssl); + int ret; + do { + if (config->async) { + // The DTLS retransmit logic silently ignores write failures. So the test + // may progress, allow writes through synchronously. |SSL_read| may + // trigger a retransmit, so disconnect the write quota. + AsyncBioEnforceWriteQuota(test_state->async_bio, false); + } + ret = config->peek_then_read ? SSL_peek(ssl, out, max_out) + : SSL_read(ssl, out, max_out); + if (config->async) { + AsyncBioEnforceWriteQuota(test_state->async_bio, true); + } + } while (config->async && RetryAsync(ssl, ret)); + + if (config->peek_then_read && ret > 0) { + std::unique_ptr<uint8_t[]> buf(new uint8_t[static_cast<size_t>(ret)]); + + // SSL_peek should synchronously return the same data. + int ret2 = SSL_peek(ssl, buf.get(), ret); + if (ret2 != ret || + memcmp(buf.get(), out, ret) != 0) { + fprintf(stderr, "First and second SSL_peek did not match.\n"); + return -1; + } + + // SSL_read should synchronously return the same data and consume it. + ret2 = SSL_read(ssl, buf.get(), ret); + if (ret2 != ret || + memcmp(buf.get(), out, ret) != 0) { + fprintf(stderr, "SSL_peek and SSL_read did not match.\n"); + return -1; + } + } + + return ret; +} + +// WriteAll writes |in_len| bytes from |in| to |ssl|, resolving any asynchronous +// operations. It returns the result of the final |SSL_write| call. +static int WriteAll(SSL *ssl, const uint8_t *in, size_t in_len) { + const TestConfig *config = GetTestConfig(ssl); + int ret; + do { + ret = SSL_write(ssl, in, in_len); + if (ret > 0) { + in += ret; + in_len -= ret; + } + } while ((config->async && RetryAsync(ssl, ret)) || (ret > 0 && in_len > 0)); + return ret; +} + +// DoShutdown calls |SSL_shutdown|, resolving any asynchronous operations. It +// returns the result of the final |SSL_shutdown| call. +static int DoShutdown(SSL *ssl) { + const TestConfig *config = GetTestConfig(ssl); + int ret; + do { + ret = SSL_shutdown(ssl); + } while (config->async && RetryAsync(ssl, ret)); + return ret; +} + +static uint16_t GetProtocolVersion(const SSL *ssl) { + uint16_t version = SSL_version(ssl); + if (!SSL_is_dtls(ssl)) { + return version; + } + return 0x0201 + ~version; +} + +// CheckHandshakeProperties checks, immediately after |ssl| completes its +// initial handshake (or False Starts), whether all the properties are +// consistent with the test configuration and invariants. +static bool CheckHandshakeProperties(SSL *ssl, bool is_resume) { + const TestConfig *config = GetTestConfig(ssl); + + if (SSL_get_current_cipher(ssl) == nullptr) { + fprintf(stderr, "null cipher after handshake\n"); + return false; + } + + if (is_resume && + (!!SSL_session_reused(ssl) == config->expect_session_miss)) { + fprintf(stderr, "session was%s reused\n", + SSL_session_reused(ssl) ? "" : " not"); + return false; + } + + if (!GetTestState(ssl)->handshake_done) { + fprintf(stderr, "handshake was not completed\n"); + return false; + } + + if (!config->is_server) { + bool expect_new_session = + !config->expect_no_session && + (!SSL_session_reused(ssl) || config->expect_ticket_renewal) && + // Session tickets are sent post-handshake in TLS 1.3. + GetProtocolVersion(ssl) < TLS1_3_VERSION; + if (expect_new_session != GetTestState(ssl)->got_new_session) { + fprintf(stderr, + "new session was%s cached, but we expected the opposite\n", + GetTestState(ssl)->got_new_session ? "" : " not"); + return false; + } + } + + if (!config->expected_server_name.empty()) { + const char *server_name = + SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name); + if (server_name == nullptr || + std::string(server_name) != config->expected_server_name) { + fprintf(stderr, "servername mismatch (got %s; want %s)\n", + server_name, config->expected_server_name.c_str()); + return false; + } + } + + if (!config->expected_next_proto.empty()) { + const uint8_t *next_proto; + unsigned next_proto_len; + SSL_get0_next_proto_negotiated(ssl, &next_proto, &next_proto_len); + if (next_proto_len != config->expected_next_proto.size() || + memcmp(next_proto, config->expected_next_proto.data(), + next_proto_len) != 0) { + fprintf(stderr, "negotiated next proto mismatch\n"); + return false; + } + } + + if (!config->expected_alpn.empty()) { + const uint8_t *alpn_proto; + unsigned alpn_proto_len; + SSL_get0_alpn_selected(ssl, &alpn_proto, &alpn_proto_len); + if (alpn_proto_len != config->expected_alpn.size() || + memcmp(alpn_proto, config->expected_alpn.data(), + alpn_proto_len) != 0) { + fprintf(stderr, "negotiated alpn proto mismatch\n"); + return false; + } + } + + if (config->expect_extended_master_secret) { + if (!SSL_get_extms_support(ssl)) { + fprintf(stderr, "No EMS for connection when expected"); + return false; + } + } + + if (config->expect_verify_result) { + int expected_verify_result = config->verify_fail ? + X509_V_ERR_APPLICATION_VERIFICATION : + X509_V_OK; + + if (SSL_get_verify_result(ssl) != expected_verify_result) { + fprintf(stderr, "Wrong certificate verification result\n"); + return false; + } + } + + if (!config->psk.empty()) { + if (SSL_get_peer_cert_chain(ssl) != nullptr) { + fprintf(stderr, "Received peer certificate on a PSK cipher.\n"); + return false; + } + } else if (!config->is_server || config->require_any_client_certificate) { + if (SSL_get_peer_certificate(ssl) == nullptr) { + fprintf(stderr, "Received no peer certificate but expected one.\n"); + return false; + } + } + + return true; +} + +// DoExchange runs a test SSL exchange against the peer. On success, it returns +// true and sets |*out_session| to the negotiated SSL session. If the test is a +// resumption attempt, |is_resume| is true and |session| is the session from the +// previous exchange. +static bool DoExchange(bssl::UniquePtr<SSL_SESSION> *out_session, + SSL_CTX *ssl_ctx, const TestConfig *config, + bool is_resume, SSL_SESSION *session) { + bssl::UniquePtr<SSL> ssl(SSL_new(ssl_ctx)); + if (!ssl) { + return false; + } + + if (!SetTestConfig(ssl.get(), config) || + !SetTestState(ssl.get(), std::unique_ptr<TestState>(new TestState))) { + return false; + } + + if (config->fallback_scsv && + !SSL_set_mode(ssl.get(), SSL_MODE_SEND_FALLBACK_SCSV)) { + return false; + } + // Install the certificate synchronously if nothing else will handle it. + if (!config->use_old_client_cert_callback && + !config->async && + !InstallCertificate(ssl.get())) { + return false; + } + SSL_set_cert_cb(ssl.get(), CertCallback, nullptr); + if (config->require_any_client_certificate) { + SSL_set_verify(ssl.get(), SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + NULL); + } + if (config->verify_peer) { + SSL_set_verify(ssl.get(), SSL_VERIFY_PEER, NULL); + } + if (config->partial_write) { + SSL_set_mode(ssl.get(), SSL_MODE_ENABLE_PARTIAL_WRITE); + } + if (config->no_tls13) { + SSL_set_options(ssl.get(), SSL_OP_NO_TLSv1_3); + } + if (config->no_tls12) { + SSL_set_options(ssl.get(), SSL_OP_NO_TLSv1_2); + } + if (config->no_tls11) { + SSL_set_options(ssl.get(), SSL_OP_NO_TLSv1_1); + } + if (config->no_tls1) { + SSL_set_options(ssl.get(), SSL_OP_NO_TLSv1); + } + if (config->no_ssl3) { + SSL_set_options(ssl.get(), SSL_OP_NO_SSLv3); + } + if (!config->host_name.empty() && + !SSL_set_tlsext_host_name(ssl.get(), config->host_name.c_str())) { + return false; + } + if (!config->advertise_alpn.empty() && + SSL_set_alpn_protos(ssl.get(), + (const uint8_t *)config->advertise_alpn.data(), + config->advertise_alpn.size()) != 0) { + return false; + } + if (!config->psk.empty()) { + SSL_set_psk_client_callback(ssl.get(), PskClientCallback); + SSL_set_psk_server_callback(ssl.get(), PskServerCallback); + } + if (!config->psk_identity.empty() && + !SSL_use_psk_identity_hint(ssl.get(), config->psk_identity.c_str())) { + return false; + } + if (!config->srtp_profiles.empty() && + SSL_set_tlsext_use_srtp(ssl.get(), config->srtp_profiles.c_str())) { + return false; + } + if (config->min_version != 0 && + !SSL_set_min_proto_version(ssl.get(), (uint16_t)config->min_version)) { + return false; + } + if (config->max_version != 0 && + !SSL_set_max_proto_version(ssl.get(), (uint16_t)config->max_version)) { + return false; + } + if (config->mtu != 0) { + SSL_set_options(ssl.get(), SSL_OP_NO_QUERY_MTU); + SSL_set_mtu(ssl.get(), config->mtu); + } + if (config->renegotiate_freely) { + // This is always on for OpenSSL. + } + if (!config->check_close_notify) { + SSL_set_quiet_shutdown(ssl.get(), 1); + } + if (config->p384_only) { + int nid = NID_secp384r1; + if (!SSL_set1_curves(ssl.get(), &nid, 1)) { + return false; + } + } + if (config->enable_all_curves) { + static const int kAllCurves[] = { + NID_X25519, NID_X9_62_prime256v1, NID_X448, NID_secp521r1, NID_secp384r1 + }; + if (!SSL_set1_curves(ssl.get(), kAllCurves, + OPENSSL_ARRAY_SIZE(kAllCurves))) { + return false; + } + } + if (config->max_cert_list > 0) { + SSL_set_max_cert_list(ssl.get(), config->max_cert_list); + } + + if (!config->async) { + SSL_set_mode(ssl.get(), SSL_MODE_AUTO_RETRY); + } + + int sock = Connect(config->port); + if (sock == -1) { + return false; + } + SocketCloser closer(sock); + + bssl::UniquePtr<BIO> bio(BIO_new_socket(sock, BIO_NOCLOSE)); + if (!bio) { + return false; + } + if (config->is_dtls) { + bssl::UniquePtr<BIO> packeted = PacketedBioCreate(!config->async); + if (!packeted) { + return false; + } + GetTestState(ssl.get())->packeted_bio = packeted.get(); + BIO_push(packeted.get(), bio.release()); + bio = std::move(packeted); + } + if (config->async) { + bssl::UniquePtr<BIO> async_scoped = + config->is_dtls ? AsyncBioCreateDatagram() : AsyncBioCreate(); + if (!async_scoped) { + return false; + } + BIO_push(async_scoped.get(), bio.release()); + GetTestState(ssl.get())->async_bio = async_scoped.get(); + bio = std::move(async_scoped); + } + SSL_set_bio(ssl.get(), bio.get(), bio.get()); + bio.release(); // SSL_set_bio takes ownership. + + if (session != NULL) { + if (!config->is_server) { + if (SSL_set_session(ssl.get(), session) != 1) { + return false; + } + } + } + +#if 0 + // KNOWN BUG: OpenSSL's SSL_get_current_cipher behaves incorrectly when + // offering resumption. + if (SSL_get_current_cipher(ssl.get()) != nullptr) { + fprintf(stderr, "non-null cipher before handshake\n"); + return false; + } +#endif + + int ret; + if (config->implicit_handshake) { + if (config->is_server) { + SSL_set_accept_state(ssl.get()); + } else { + SSL_set_connect_state(ssl.get()); + } + } else { + do { + if (config->is_server) { + ret = SSL_accept(ssl.get()); + } else { + ret = SSL_connect(ssl.get()); + } + } while (config->async && RetryAsync(ssl.get(), ret)); + if (ret != 1 || + !CheckHandshakeProperties(ssl.get(), is_resume)) { + return false; + } + + // Reset the state to assert later that the callback isn't called in + // renegotiations. + GetTestState(ssl.get())->got_new_session = false; + } + + if (config->export_keying_material > 0) { + std::vector<uint8_t> result( + static_cast<size_t>(config->export_keying_material)); + if (SSL_export_keying_material( + ssl.get(), result.data(), result.size(), + config->export_label.data(), config->export_label.size(), + reinterpret_cast<const uint8_t*>(config->export_context.data()), + config->export_context.size(), config->use_export_context) != 1) { + fprintf(stderr, "failed to export keying material\n"); + return false; + } + if (WriteAll(ssl.get(), result.data(), result.size()) < 0) { + return false; + } + } + + if (config->write_different_record_sizes) { + if (config->is_dtls) { + fprintf(stderr, "write_different_record_sizes not supported for DTLS\n"); + return false; + } + // This mode writes a number of different record sizes in an attempt to + // trip up the CBC record splitting code. + static const size_t kBufLen = 32769; + std::unique_ptr<uint8_t[]> buf(new uint8_t[kBufLen]); + memset(buf.get(), 0x42, kBufLen); + static const size_t kRecordSizes[] = { + 0, 1, 255, 256, 257, 16383, 16384, 16385, 32767, 32768, 32769}; + for (size_t i = 0; i < OPENSSL_ARRAY_SIZE(kRecordSizes); i++) { + const size_t len = kRecordSizes[i]; + if (len > kBufLen) { + fprintf(stderr, "Bad kRecordSizes value.\n"); + return false; + } + if (WriteAll(ssl.get(), buf.get(), len) < 0) { + return false; + } + } + } else { + if (config->shim_writes_first) { + if (WriteAll(ssl.get(), reinterpret_cast<const uint8_t *>("hello"), + 5) < 0) { + return false; + } + } + if (!config->shim_shuts_down) { + for (;;) { + static const size_t kBufLen = 16384; + std::unique_ptr<uint8_t[]> buf(new uint8_t[kBufLen]); + + // Read only 512 bytes at a time in TLS to ensure records may be + // returned in multiple reads. + int n = DoRead(ssl.get(), buf.get(), config->is_dtls ? kBufLen : 512); + int err = SSL_get_error(ssl.get(), n); + if (err == SSL_ERROR_ZERO_RETURN || + (n == 0 && err == SSL_ERROR_SYSCALL)) { + if (n != 0) { + fprintf(stderr, "Invalid SSL_get_error output\n"); + return false; + } + // Stop on either clean or unclean shutdown. + break; + } else if (err != SSL_ERROR_NONE) { + if (n > 0) { + fprintf(stderr, "Invalid SSL_get_error output\n"); + return false; + } + return false; + } + // Successfully read data. + if (n <= 0) { + fprintf(stderr, "Invalid SSL_get_error output\n"); + return false; + } + + // After a successful read, with or without False Start, the handshake + // must be complete. + if (!GetTestState(ssl.get())->handshake_done) { + fprintf(stderr, "handshake was not completed after SSL_read\n"); + return false; + } + + for (int i = 0; i < n; i++) { + buf[i] ^= 0xff; + } + if (WriteAll(ssl.get(), buf.get(), n) < 0) { + return false; + } + } + } + } + + if (!config->is_server && + !config->implicit_handshake && + // Session tickets are sent post-handshake in TLS 1.3. + GetProtocolVersion(ssl.get()) < TLS1_3_VERSION && + GetTestState(ssl.get())->got_new_session) { + fprintf(stderr, "new session was established after the handshake\n"); + return false; + } + + if (GetProtocolVersion(ssl.get()) >= TLS1_3_VERSION && !config->is_server) { + bool expect_new_session = + !config->expect_no_session && !config->shim_shuts_down; + if (expect_new_session != GetTestState(ssl.get())->got_new_session) { + fprintf(stderr, + "new session was%s cached, but we expected the opposite\n", + GetTestState(ssl.get())->got_new_session ? "" : " not"); + return false; + } + } + + if (out_session) { + *out_session = std::move(GetTestState(ssl.get())->new_session); + } + + ret = DoShutdown(ssl.get()); + + if (config->shim_shuts_down && config->check_close_notify) { + // We initiate shutdown, so |SSL_shutdown| will return in two stages. First + // it returns zero when our close_notify is sent, then one when the peer's + // is received. + if (ret != 0) { + fprintf(stderr, "Unexpected SSL_shutdown result: %d != 0\n", ret); + return false; + } + ret = DoShutdown(ssl.get()); + } + + if (ret != 1) { + fprintf(stderr, "Unexpected SSL_shutdown result: %d != 1\n", ret); + return false; + } + + if (SSL_total_renegotiations(ssl.get()) != + config->expect_total_renegotiations) { + fprintf(stderr, "Expected %d renegotiations, got %ld\n", + config->expect_total_renegotiations, + SSL_total_renegotiations(ssl.get())); + return false; + } + + return true; +} + +class StderrDelimiter { + public: + ~StderrDelimiter() { fprintf(stderr, "--- DONE ---\n"); } +}; + +static int Main(int argc, char **argv) { + // To distinguish ASan's output from ours, add a trailing message to stderr. + // Anything following this line will be considered an error. + StderrDelimiter delimiter; + +#if defined(OPENSSL_SYS_WINDOWS) + /* Initialize Winsock. */ + WORD wsa_version = MAKEWORD(2, 2); + WSADATA wsa_data; + int wsa_err = WSAStartup(wsa_version, &wsa_data); + if (wsa_err != 0) { + fprintf(stderr, "WSAStartup failed: %d\n", wsa_err); + return 1; + } + if (wsa_data.wVersion != wsa_version) { + fprintf(stderr, "Didn't get expected version: %x\n", wsa_data.wVersion); + return 1; + } +#else + signal(SIGPIPE, SIG_IGN); +#endif + + OPENSSL_init_crypto(0, NULL); + OPENSSL_init_ssl(0, NULL); + g_config_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); + g_state_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, TestStateExFree); + if (g_config_index < 0 || g_state_index < 0) { + return 1; + } + + TestConfig config; + if (!ParseConfig(argc - 1, argv + 1, &config)) { + return Usage(argv[0]); + } + + bssl::UniquePtr<SSL_CTX> ssl_ctx = SetupCtx(&config); + if (!ssl_ctx) { + ERR_print_errors_fp(stderr); + return 1; + } + + bssl::UniquePtr<SSL_SESSION> session; + for (int i = 0; i < config.resume_count + 1; i++) { + bool is_resume = i > 0; + if (is_resume && !config.is_server && !session) { + fprintf(stderr, "No session to offer.\n"); + return 1; + } + + bssl::UniquePtr<SSL_SESSION> offer_session = std::move(session); + if (!DoExchange(&session, ssl_ctx.get(), &config, is_resume, + offer_session.get())) { + fprintf(stderr, "Connection %d failed.\n", i + 1); + ERR_print_errors_fp(stderr); + return 1; + } + } + + return 0; +} + +} // namespace bssl + +int main(int argc, char **argv) { + return bssl::Main(argc, argv); +} diff --git a/deps/openssl/openssl/test/ossl_shim/packeted_bio.cc b/deps/openssl/openssl/test/ossl_shim/packeted_bio.cc new file mode 100644 index 0000000000..450baeccdf --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/packeted_bio.cc @@ -0,0 +1,299 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "packeted_bio.h" + +#include <assert.h> +#include <limits.h> +#include <stdio.h> +#include <string.h> + +#include <openssl/crypto.h> + + +namespace { + +const uint8_t kOpcodePacket = 'P'; +const uint8_t kOpcodeTimeout = 'T'; +const uint8_t kOpcodeTimeoutAck = 't'; + +struct PacketedBio { + explicit PacketedBio(bool advance_clock_arg) + : advance_clock(advance_clock_arg) { + memset(&timeout, 0, sizeof(timeout)); + memset(&clock, 0, sizeof(clock)); + memset(&read_deadline, 0, sizeof(read_deadline)); + } + + bool HasTimeout() const { + return timeout.tv_sec != 0 || timeout.tv_usec != 0; + } + + bool CanRead() const { + if (read_deadline.tv_sec == 0 && read_deadline.tv_usec == 0) { + return true; + } + + if (clock.tv_sec == read_deadline.tv_sec) { + return clock.tv_usec < read_deadline.tv_usec; + } + return clock.tv_sec < read_deadline.tv_sec; + } + + timeval timeout; + timeval clock; + timeval read_deadline; + bool advance_clock; +}; + +PacketedBio *GetData(BIO *bio) { + return (PacketedBio *)BIO_get_data(bio); +} + +const PacketedBio *GetData(const BIO *bio) { + return GetData(const_cast<BIO*>(bio)); +} + +// ReadAll reads |len| bytes from |bio| into |out|. It returns 1 on success and +// 0 or -1 on error. +static int ReadAll(BIO *bio, uint8_t *out, size_t len) { + while (len > 0) { + int chunk_len = INT_MAX; + if (len <= INT_MAX) { + chunk_len = (int)len; + } + int ret = BIO_read(bio, out, chunk_len); + if (ret <= 0) { + return ret; + } + out += ret; + len -= ret; + } + return 1; +} + +static int PacketedWrite(BIO *bio, const char *in, int inl) { + if (BIO_next(bio) == NULL) { + return 0; + } + + BIO_clear_retry_flags(bio); + + // Write the header. + uint8_t header[5]; + header[0] = kOpcodePacket; + header[1] = (inl >> 24) & 0xff; + header[2] = (inl >> 16) & 0xff; + header[3] = (inl >> 8) & 0xff; + header[4] = inl & 0xff; + int ret = BIO_write(BIO_next(bio), header, sizeof(header)); + if (ret <= 0) { + BIO_copy_next_retry(bio); + return ret; + } + + // Write the buffer. + ret = BIO_write(BIO_next(bio), in, inl); + if (ret < 0 || (inl > 0 && ret == 0)) { + BIO_copy_next_retry(bio); + return ret; + } + assert(ret == inl); + return ret; +} + +static int PacketedRead(BIO *bio, char *out, int outl) { + PacketedBio *data = GetData(bio); + if (BIO_next(bio) == NULL) { + return 0; + } + + BIO_clear_retry_flags(bio); + + for (;;) { + // Check if the read deadline has passed. + if (!data->CanRead()) { + BIO_set_retry_read(bio); + return -1; + } + + // Read the opcode. + uint8_t opcode; + int ret = ReadAll(BIO_next(bio), &opcode, sizeof(opcode)); + if (ret <= 0) { + BIO_copy_next_retry(bio); + return ret; + } + + if (opcode == kOpcodeTimeout) { + // The caller is required to advance any pending timeouts before + // continuing. + if (data->HasTimeout()) { + fprintf(stderr, "Unprocessed timeout!\n"); + return -1; + } + + // Process the timeout. + uint8_t buf[8]; + ret = ReadAll(BIO_next(bio), buf, sizeof(buf)); + if (ret <= 0) { + BIO_copy_next_retry(bio); + return ret; + } + uint64_t timeout = (static_cast<uint64_t>(buf[0]) << 56) | + (static_cast<uint64_t>(buf[1]) << 48) | + (static_cast<uint64_t>(buf[2]) << 40) | + (static_cast<uint64_t>(buf[3]) << 32) | + (static_cast<uint64_t>(buf[4]) << 24) | + (static_cast<uint64_t>(buf[5]) << 16) | + (static_cast<uint64_t>(buf[6]) << 8) | + static_cast<uint64_t>(buf[7]); + timeout /= 1000; // Convert nanoseconds to microseconds. + + data->timeout.tv_usec = timeout % 1000000; + data->timeout.tv_sec = timeout / 1000000; + + // Send an ACK to the peer. + ret = BIO_write(BIO_next(bio), &kOpcodeTimeoutAck, 1); + if (ret <= 0) { + return ret; + } + assert(ret == 1); + + if (!data->advance_clock) { + // Signal to the caller to retry the read, after advancing the clock. + BIO_set_retry_read(bio); + return -1; + } + + PacketedBioAdvanceClock(bio); + continue; + } + + if (opcode != kOpcodePacket) { + fprintf(stderr, "Unknown opcode, %u\n", opcode); + return -1; + } + + // Read the length prefix. + uint8_t len_bytes[4]; + ret = ReadAll(BIO_next(bio), len_bytes, sizeof(len_bytes)); + if (ret <= 0) { + BIO_copy_next_retry(bio); + return ret; + } + + uint32_t len = (len_bytes[0] << 24) | (len_bytes[1] << 16) | + (len_bytes[2] << 8) | len_bytes[3]; + uint8_t *buf = (uint8_t *)OPENSSL_malloc(len); + if (buf == NULL) { + return -1; + } + ret = ReadAll(BIO_next(bio), buf, len); + if (ret <= 0) { + fprintf(stderr, "Packeted BIO was truncated\n"); + return -1; + } + + if (outl > (int)len) { + outl = len; + } + memcpy(out, buf, outl); + OPENSSL_free(buf); + return outl; + } +} + +static long PacketedCtrl(BIO *bio, int cmd, long num, void *ptr) { + if (cmd == BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT) { + memcpy(&GetData(bio)->read_deadline, ptr, sizeof(timeval)); + return 1; + } + + if (BIO_next(bio) == NULL) { + return 0; + } + BIO_clear_retry_flags(bio); + int ret = BIO_ctrl(BIO_next(bio), cmd, num, ptr); + BIO_copy_next_retry(bio); + return ret; +} + +static int PacketedNew(BIO *bio) { + BIO_set_init(bio, 1); + return 1; +} + +static int PacketedFree(BIO *bio) { + if (bio == NULL) { + return 0; + } + + delete GetData(bio); + BIO_set_init(bio, 0); + return 1; +} + +static long PacketedCallbackCtrl(BIO *bio, int cmd, BIO_info_cb fp) +{ + if (BIO_next(bio) == NULL) + return 0; + return BIO_callback_ctrl(BIO_next(bio), cmd, fp); +} + +static BIO_METHOD *g_packeted_bio_method = NULL; + +static const BIO_METHOD *PacketedMethod(void) +{ + if (g_packeted_bio_method == NULL) { + g_packeted_bio_method = BIO_meth_new(BIO_TYPE_FILTER, "packeted bio"); + if ( g_packeted_bio_method == NULL + || !BIO_meth_set_write(g_packeted_bio_method, PacketedWrite) + || !BIO_meth_set_read(g_packeted_bio_method, PacketedRead) + || !BIO_meth_set_ctrl(g_packeted_bio_method, PacketedCtrl) + || !BIO_meth_set_create(g_packeted_bio_method, PacketedNew) + || !BIO_meth_set_destroy(g_packeted_bio_method, PacketedFree) + || !BIO_meth_set_callback_ctrl(g_packeted_bio_method, + PacketedCallbackCtrl)) + return NULL; + } + return g_packeted_bio_method; +} +} // namespace + +bssl::UniquePtr<BIO> PacketedBioCreate(bool advance_clock) { + bssl::UniquePtr<BIO> bio(BIO_new(PacketedMethod())); + if (!bio) { + return nullptr; + } + BIO_set_data(bio.get(), new PacketedBio(advance_clock)); + return bio; +} + +timeval PacketedBioGetClock(const BIO *bio) { + return GetData(bio)->clock; +} + +bool PacketedBioAdvanceClock(BIO *bio) { + PacketedBio *data = GetData(bio); + if (data == nullptr) { + return false; + } + + if (!data->HasTimeout()) { + return false; + } + + data->clock.tv_usec += data->timeout.tv_usec; + data->clock.tv_sec += data->clock.tv_usec / 1000000; + data->clock.tv_usec %= 1000000; + data->clock.tv_sec += data->timeout.tv_sec; + memset(&data->timeout, 0, sizeof(data->timeout)); + return true; +} diff --git a/deps/openssl/openssl/test/ossl_shim/packeted_bio.h b/deps/openssl/openssl/test/ossl_shim/packeted_bio.h new file mode 100644 index 0000000000..436cf9082f --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/packeted_bio.h @@ -0,0 +1,35 @@ +/* + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_PACKETED_BIO +#define HEADER_PACKETED_BIO + +#include <openssl/base.h> +#include <openssl/bio.h> + +// PacketedBioCreate creates a filter BIO which implements a reliable in-order +// blocking datagram socket. It internally maintains a clock and honors +// |BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT| based on it. +// +// During a |BIO_read|, the peer may signal the filter BIO to simulate a +// timeout. If |advance_clock| is true, it automatically advances the clock and +// continues reading, subject to the read deadline. Otherwise, it fails +// immediately. The caller must then call |PacketedBioAdvanceClock| before +// retrying |BIO_read|. +bssl::UniquePtr<BIO> PacketedBioCreate(bool advance_clock); + +// PacketedBioGetClock returns the current time for |bio|. +timeval PacketedBioGetClock(const BIO *bio); + +// PacketedBioAdvanceClock advances |bio|'s internal clock and returns true if +// there is a pending timeout. Otherwise, it returns false. +bool PacketedBioAdvanceClock(BIO *bio); + + +#endif // HEADER_PACKETED_BIO diff --git a/deps/openssl/openssl/test/ossl_shim/test_config.cc b/deps/openssl/openssl/test/ossl_shim/test_config.cc new file mode 100644 index 0000000000..6e43c8da77 --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/test_config.cc @@ -0,0 +1,195 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "test_config.h" + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +#include <memory> + +#include <openssl/evp.h> + +namespace { + +template <typename T> +struct Flag { + const char *flag; + T TestConfig::*member; +}; + +// FindField looks for the flag in |flags| that matches |flag|. If one is found, +// it returns a pointer to the corresponding field in |config|. Otherwise, it +// returns NULL. +template<typename T, size_t N> +T *FindField(TestConfig *config, const Flag<T> (&flags)[N], const char *flag) { + for (size_t i = 0; i < N; i++) { + if (strcmp(flag, flags[i].flag) == 0) { + return &(config->*(flags[i].member)); + } + } + return NULL; +} + +const Flag<bool> kBoolFlags[] = { + { "-server", &TestConfig::is_server }, + { "-dtls", &TestConfig::is_dtls }, + { "-fallback-scsv", &TestConfig::fallback_scsv }, + { "-require-any-client-certificate", + &TestConfig::require_any_client_certificate }, + { "-async", &TestConfig::async }, + { "-write-different-record-sizes", + &TestConfig::write_different_record_sizes }, + { "-partial-write", &TestConfig::partial_write }, + { "-no-tls13", &TestConfig::no_tls13 }, + { "-no-tls12", &TestConfig::no_tls12 }, + { "-no-tls11", &TestConfig::no_tls11 }, + { "-no-tls1", &TestConfig::no_tls1 }, + { "-no-ssl3", &TestConfig::no_ssl3 }, + { "-shim-writes-first", &TestConfig::shim_writes_first }, + { "-expect-session-miss", &TestConfig::expect_session_miss }, + { "-decline-alpn", &TestConfig::decline_alpn }, + { "-expect-extended-master-secret", + &TestConfig::expect_extended_master_secret }, + { "-implicit-handshake", &TestConfig::implicit_handshake }, + { "-handshake-never-done", &TestConfig::handshake_never_done }, + { "-use-export-context", &TestConfig::use_export_context }, + { "-expect-ticket-renewal", &TestConfig::expect_ticket_renewal }, + { "-expect-no-session", &TestConfig::expect_no_session }, + { "-use-ticket-callback", &TestConfig::use_ticket_callback }, + { "-renew-ticket", &TestConfig::renew_ticket }, + { "-enable-client-custom-extension", + &TestConfig::enable_client_custom_extension }, + { "-enable-server-custom-extension", + &TestConfig::enable_server_custom_extension }, + { "-custom-extension-skip", &TestConfig::custom_extension_skip }, + { "-custom-extension-fail-add", &TestConfig::custom_extension_fail_add }, + { "-check-close-notify", &TestConfig::check_close_notify }, + { "-shim-shuts-down", &TestConfig::shim_shuts_down }, + { "-verify-fail", &TestConfig::verify_fail }, + { "-verify-peer", &TestConfig::verify_peer }, + { "-expect-verify-result", &TestConfig::expect_verify_result }, + { "-renegotiate-freely", &TestConfig::renegotiate_freely }, + { "-p384-only", &TestConfig::p384_only }, + { "-enable-all-curves", &TestConfig::enable_all_curves }, + { "-use-sparse-dh-prime", &TestConfig::use_sparse_dh_prime }, + { "-use-old-client-cert-callback", + &TestConfig::use_old_client_cert_callback }, + { "-use-null-client-ca-list", &TestConfig::use_null_client_ca_list }, + { "-peek-then-read", &TestConfig::peek_then_read }, +}; + +const Flag<std::string> kStringFlags[] = { + { "-key-file", &TestConfig::key_file }, + { "-cert-file", &TestConfig::cert_file }, + { "-expect-server-name", &TestConfig::expected_server_name }, + { "-advertise-npn", &TestConfig::advertise_npn }, + { "-expect-next-proto", &TestConfig::expected_next_proto }, + { "-select-next-proto", &TestConfig::select_next_proto }, + { "-host-name", &TestConfig::host_name }, + { "-advertise-alpn", &TestConfig::advertise_alpn }, + { "-expect-alpn", &TestConfig::expected_alpn }, + { "-expect-advertised-alpn", &TestConfig::expected_advertised_alpn }, + { "-select-alpn", &TestConfig::select_alpn }, + { "-psk", &TestConfig::psk }, + { "-psk-identity", &TestConfig::psk_identity }, + { "-srtp-profiles", &TestConfig::srtp_profiles }, + { "-cipher", &TestConfig::cipher }, + { "-export-label", &TestConfig::export_label }, + { "-export-context", &TestConfig::export_context }, +}; + +const Flag<std::string> kBase64Flags[] = { + { "-expect-certificate-types", &TestConfig::expected_certificate_types }, +}; + +const Flag<int> kIntFlags[] = { + { "-port", &TestConfig::port }, + { "-resume-count", &TestConfig::resume_count }, + { "-min-version", &TestConfig::min_version }, + { "-max-version", &TestConfig::max_version }, + { "-mtu", &TestConfig::mtu }, + { "-export-keying-material", &TestConfig::export_keying_material }, + { "-expect-total-renegotiations", &TestConfig::expect_total_renegotiations }, + { "-max-cert-list", &TestConfig::max_cert_list }, +}; + +} // namespace + +bool ParseConfig(int argc, char **argv, TestConfig *out_config) { + for (int i = 0; i < argc; i++) { + bool *bool_field = FindField(out_config, kBoolFlags, argv[i]); + if (bool_field != NULL) { + *bool_field = true; + continue; + } + + std::string *string_field = FindField(out_config, kStringFlags, argv[i]); + if (string_field != NULL) { + const char *val; + + i++; + if (i >= argc) { + fprintf(stderr, "Missing parameter\n"); + return false; + } + + /* + * Fix up the -cipher argument. runner uses "DEFAULT:NULL-SHA" to enable + * the NULL-SHA cipher. However in OpenSSL "DEFAULT" permanently switches + * off NULL ciphers, so we use "ALL:NULL-SHA" instead. + */ + if (strcmp(argv[i - 1], "-cipher") == 0 + && strcmp(argv[i], "DEFAULT:NULL-SHA") == 0) + val = "ALL:NULL-SHA"; + else + val = argv[i]; + + string_field->assign(val); + continue; + } + + std::string *base64_field = FindField(out_config, kBase64Flags, argv[i]); + if (base64_field != NULL) { + i++; + if (i >= argc) { + fprintf(stderr, "Missing parameter\n"); + return false; + } + std::unique_ptr<uint8_t[]> decoded(new uint8_t[strlen(argv[i])]); + int len = EVP_DecodeBlock(decoded.get(), + reinterpret_cast<const uint8_t *>(argv[i]), + strlen(argv[i])); + if (len < 0) { + fprintf(stderr, "Invalid base64: %s\n", argv[i]); + return false; + } + base64_field->assign(reinterpret_cast<const char *>(decoded.get()), len); + continue; + } + + int *int_field = FindField(out_config, kIntFlags, argv[i]); + if (int_field) { + i++; + if (i >= argc) { + fprintf(stderr, "Missing parameter\n"); + return false; + } + *int_field = atoi(argv[i]); + continue; + } + + fprintf(stderr, "Unknown argument: %s\n", argv[i]); + exit(89); + return false; + } + + return true; +} diff --git a/deps/openssl/openssl/test/ossl_shim/test_config.h b/deps/openssl/openssl/test/ossl_shim/test_config.h new file mode 100644 index 0000000000..b4efa455ae --- /dev/null +++ b/deps/openssl/openssl/test/ossl_shim/test_config.h @@ -0,0 +1,88 @@ +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_TEST_CONFIG +#define HEADER_TEST_CONFIG + +#include <string> +#include <vector> + + +struct TestConfig { + int port = 0; + bool is_server = false; + bool is_dtls = false; + int resume_count = 0; + bool fallback_scsv = false; + std::string key_file; + std::string cert_file; + std::string expected_server_name; + std::string expected_certificate_types; + bool require_any_client_certificate = false; + std::string advertise_npn; + std::string expected_next_proto; + std::string select_next_proto; + bool async = false; + bool write_different_record_sizes = false; + bool partial_write = false; + bool no_tls13 = false; + bool no_tls12 = false; + bool no_tls11 = false; + bool no_tls1 = false; + bool no_ssl3 = false; + bool shim_writes_first = false; + std::string host_name; + std::string advertise_alpn; + std::string expected_alpn; + std::string expected_advertised_alpn; + std::string select_alpn; + bool decline_alpn = false; + bool expect_session_miss = false; + bool expect_extended_master_secret = false; + std::string psk; + std::string psk_identity; + std::string srtp_profiles; + int min_version = 0; + int max_version = 0; + int mtu = 0; + bool implicit_handshake = false; + std::string cipher; + bool handshake_never_done = false; + int export_keying_material = 0; + std::string export_label; + std::string export_context; + bool use_export_context = false; + bool expect_ticket_renewal = false; + bool expect_no_session = false; + bool use_ticket_callback = false; + bool renew_ticket = false; + bool enable_client_custom_extension = false; + bool enable_server_custom_extension = false; + bool custom_extension_skip = false; + bool custom_extension_fail_add = false; + bool check_close_notify = false; + bool shim_shuts_down = false; + bool verify_fail = false; + bool verify_peer = false; + bool expect_verify_result = false; + int expect_total_renegotiations = 0; + bool renegotiate_freely = false; + bool p384_only = false; + bool enable_all_curves = false; + bool use_sparse_dh_prime = false; + bool use_old_client_cert_callback = false; + bool use_null_client_ca_list = false; + bool peek_then_read = false; + int max_cert_list = 0; +}; + +bool ParseConfig(int argc, char **argv, TestConfig *out_config); + + +#endif // HEADER_TEST_CONFIG diff --git a/deps/openssl/openssl/test/p5_crpt2_test.c b/deps/openssl/openssl/test/p5_crpt2_test.c deleted file mode 100644 index 4a40c26c98..0000000000 --- a/deps/openssl/openssl/test/p5_crpt2_test.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright 2013-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> - -#include "../e_os.h" - -#include <openssl/opensslconf.h> -#include <openssl/evp.h> -#include <openssl/err.h> -#include <openssl/conf.h> - -typedef struct { - const char *pass; - int passlen; - const char *salt; - int saltlen; - int iter; -} testdata; - -static testdata test_cases[] = { - {"password", 8, "salt", 4, 1}, - {"password", 8, "salt", 4, 2}, - {"password", 8, "salt", 4, 4096}, - {"passwordPASSWORDpassword", 24, - "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36, 4096}, - {"pass\0word", 9, "sa\0lt", 5, 4096}, - {NULL}, -}; - -static const char *sha1_results[] = { - "0c60c80f961f0e71f3a9b524af6012062fe037a6", - "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957", - "4b007901b765489abead49d926f721d065a429c1", - "3d2eec4fe41c849b80c8d83662c0e44a8b291a964cf2f07038", - "56fa6aa75548099dcc37d7f03425e0c3", -}; - -static const char *sha256_results[] = { - "120fb6cffcf8b32c43e7225256c4f837a86548c92ccc35480805987cb70be17b", - "ae4d0c95af6b46d32d0adff928f06dd02a303f8ef3c251dfd6e2d85a95474c43", - "c5e478d59288c841aa530db6845c4c8d962893a001ce4e11a4963873aa98134a", - "348c89dbcbd32b2f32d814b8116e84cf2b17347ebc1800181c4e2a1fb8dd53e1c63551" - "8c7dac47e9", - "89b69d0516f829893c696226650a8687", -}; - -static const char *sha512_results[] = { - "867f70cf1ade02cff3752599a3a53dc4af34c7a669815ae5d513554e1c8cf252c02d47" - "0a285a0501bad999bfe943c08f050235d7d68b1da55e63f73b60a57fce", - "e1d9c16aa681708a45f5c7c4e215ceb66e011a2e9f0040713f18aefdb866d53cf76cab" - "2868a39b9f7840edce4fef5a82be67335c77a6068e04112754f27ccf4e", - "d197b1b33db0143e018b12f3d1d1479e6cdebdcc97c5c0f87f6902e072f457b5143f30" - "602641b3d55cd335988cb36b84376060ecd532e039b742a239434af2d5", - "8c0511f4c6e597c6ac6315d8f0362e225f3c501495ba23b868c005174dc4ee71115b59" - "f9e60cd9532fa33e0f75aefe30225c583a186cd82bd4daea9724a3d3b8", - "9d9e9c4cd21fe4be24d5b8244c759665", -}; - -static void hexdump(FILE *f, const char *title, const unsigned char *s, int l) -{ - int i; - fprintf(f, "%s", title); - for (i = 0; i < l; i++) { - fprintf(f, "%02x", s[i]); - } - fprintf(f, "\n"); -} - -static void convert(unsigned char *dst, const unsigned char *src, int len) -{ - int i; - for (i = 0; i < len; i++, dst++, src += 2) { - unsigned int n; - sscanf((char *)src, "%2x", &n); - *dst = (unsigned char)n; - } - *dst = 0; -} - -static void -test_p5_pbkdf2(int i, char *digestname, testdata *test, const char *hex) -{ - const EVP_MD *digest; - unsigned char *out; - unsigned char *expected; - int keylen, r; - - digest = EVP_get_digestbyname(digestname); - if (digest == NULL) { - fprintf(stderr, "unknown digest %s\n", digestname); - EXIT(5); - } - - if ((strlen(hex) % 2) != 0) { - fprintf(stderr, "odd hex digest %s %i\n", digestname, i); - EXIT(5); - } - keylen = strlen(hex) / 2; - expected = OPENSSL_malloc(keylen + 1); - out = OPENSSL_malloc(keylen + 1); - if ((expected == NULL) || (out == NULL)) { - fprintf(stderr, "malloc() failed\n"); - EXIT(5); - } - convert(expected, (const unsigned char *)hex, keylen); - - r = PKCS5_PBKDF2_HMAC(test->pass, test->passlen, - (const unsigned char *)test->salt, test->saltlen, - test->iter, digest, keylen, out); - - if (r == 0) { - fprintf(stderr, "PKCS5_PBKDF2_HMAC(%s) failure test %i\n", - digestname, i); - EXIT(3); - } - if (memcmp(expected, out, keylen) != 0) { - fprintf(stderr, "Wrong result for PKCS5_PBKDF2_HMAC(%s) test %i\n", - digestname, i); - hexdump(stderr, "expected: ", expected, keylen); - hexdump(stderr, "result: ", out, keylen); - EXIT(2); - } - OPENSSL_free(expected); - OPENSSL_free(out); -} - -int main(int argc, char **argv) -{ - int i; - testdata *test = test_cases; - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL); - - printf("PKCS5_PBKDF2_HMAC() tests "); - for (i = 0; test->pass != NULL; i++, test++) { - test_p5_pbkdf2(i, "sha1", test, sha1_results[i]); - test_p5_pbkdf2(i, "sha256", test, sha256_results[i]); - test_p5_pbkdf2(i, "sha512", test, sha512_results[i]); - printf("."); - } - printf(" done\n"); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; -# endif - return 0; -} diff --git a/deps/openssl/openssl/test/packettest.c b/deps/openssl/openssl/test/packettest.c index 58fc7525fb..e58d8d8bcf 100644 --- a/deps/openssl/openssl/test/packettest.c +++ b/deps/openssl/openssl/test/packettest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,530 +8,487 @@ */ #include "../ssl/packet_locl.h" +#include "testutil.h" #define BUF_LEN 255 -static int test_PACKET_remaining(unsigned char buf[BUF_LEN]) +static unsigned char smbuf[BUF_LEN]; + +static int test_PACKET_remaining(void) { PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || PACKET_remaining(&pkt) != BUF_LEN - || !PACKET_forward(&pkt, BUF_LEN - 1) - || PACKET_remaining(&pkt) != 1 - || !PACKET_forward(&pkt, 1) - || PACKET_remaining(&pkt) != 0) { - fprintf(stderr, "test_PACKET_remaining() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, sizeof(smbuf))) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 1)) + || !TEST_size_t_eq(PACKET_remaining(&pkt), 1) + || !TEST_true(PACKET_forward(&pkt, 1)) + || !TEST_size_t_eq(PACKET_remaining(&pkt), 0)) return 0; - } return 1; } -static int test_PACKET_end(unsigned char buf[BUF_LEN]) +static int test_PACKET_end(void) { PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || PACKET_remaining(&pkt) != BUF_LEN - || PACKET_end(&pkt) != buf + BUF_LEN - || !PACKET_forward(&pkt, BUF_LEN - 1) - || PACKET_end(&pkt) != buf + BUF_LEN - || !PACKET_forward(&pkt, 1) - || PACKET_end(&pkt) != buf + BUF_LEN) { - fprintf(stderr, "test_PACKET_end() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, sizeof(smbuf))) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN) + || !TEST_ptr_eq(PACKET_end(&pkt), smbuf + BUF_LEN) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 1)) + || !TEST_ptr_eq(PACKET_end(&pkt), smbuf + BUF_LEN) + || !TEST_true(PACKET_forward(&pkt, 1)) + || !TEST_ptr_eq(PACKET_end(&pkt), smbuf + BUF_LEN)) return 0; - } return 1; } -static int test_PACKET_get_1(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_1(void) { - unsigned int i; + unsigned int i = 0; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_1(&pkt, &i) - || i != 0x02 - || !PACKET_forward(&pkt, BUF_LEN - 2) - || !PACKET_get_1(&pkt, &i) - || i != 0xfe - || PACKET_get_1(&pkt, &i)) { - fprintf(stderr, "test_PACKET_get_1() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_1(&pkt, &i)) + || !TEST_uint_eq(i, 0x02) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 2)) + || !TEST_true(PACKET_get_1(&pkt, &i)) + || !TEST_uint_eq(i, 0xfe) + || !TEST_false(PACKET_get_1(&pkt, &i))) return 0; - } return 1; } -static int test_PACKET_get_4(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_4(void) { - unsigned long i; + unsigned long i = 0; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_4(&pkt, &i) - || i != 0x08060402UL - || !PACKET_forward(&pkt, BUF_LEN - 8) - || !PACKET_get_4(&pkt, &i) - || i != 0xfefcfaf8UL - || PACKET_get_4(&pkt, &i)) { - fprintf(stderr, "test_PACKET_get_4() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_4(&pkt, &i)) + || !TEST_ulong_eq(i, 0x08060402UL) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 8)) + || !TEST_true(PACKET_get_4(&pkt, &i)) + || !TEST_ulong_eq(i, 0xfefcfaf8UL) + || !TEST_false(PACKET_get_4(&pkt, &i))) return 0; - } return 1; } -static int test_PACKET_get_net_2(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_net_2(void) { - unsigned int i; + unsigned int i = 0; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_net_2(&pkt, &i) - || i != 0x0204 - || !PACKET_forward(&pkt, BUF_LEN - 4) - || !PACKET_get_net_2(&pkt, &i) - || i != 0xfcfe - || PACKET_get_net_2(&pkt, &i)) { - fprintf(stderr, "test_PACKET_get_net_2() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_net_2(&pkt, &i)) + || !TEST_uint_eq(i, 0x0204) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 4)) + || !TEST_true(PACKET_get_net_2(&pkt, &i)) + || !TEST_uint_eq(i, 0xfcfe) + || !TEST_false(PACKET_get_net_2(&pkt, &i))) return 0; - } return 1; } -static int test_PACKET_get_net_3(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_net_3(void) { - unsigned long i; + unsigned long i = 0; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_net_3(&pkt, &i) - || i != 0x020406UL - || !PACKET_forward(&pkt, BUF_LEN - 6) - || !PACKET_get_net_3(&pkt, &i) - || i != 0xfafcfeUL - || PACKET_get_net_3(&pkt, &i)) { - fprintf(stderr, "test_PACKET_get_net_3() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_net_3(&pkt, &i)) + || !TEST_ulong_eq(i, 0x020406UL) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 6)) + || !TEST_true(PACKET_get_net_3(&pkt, &i)) + || !TEST_ulong_eq(i, 0xfafcfeUL) + || !TEST_false(PACKET_get_net_3(&pkt, &i))) return 0; - } return 1; } -static int test_PACKET_get_net_4(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_net_4(void) { - unsigned long i; + unsigned long i = 0; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_net_4(&pkt, &i) - || i != 0x02040608UL - || !PACKET_forward(&pkt, BUF_LEN - 8) - || !PACKET_get_net_4(&pkt, &i) - || i != 0xf8fafcfeUL - || PACKET_get_net_4(&pkt, &i)) { - fprintf(stderr, "test_PACKET_get_net_4() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_net_4(&pkt, &i)) + || !TEST_ulong_eq(i, 0x02040608UL) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 8)) + || !TEST_true(PACKET_get_net_4(&pkt, &i)) + || !TEST_ulong_eq(i, 0xf8fafcfeUL) + || !TEST_false(PACKET_get_net_4(&pkt, &i))) return 0; - } return 1; } -static int test_PACKET_get_sub_packet(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_sub_packet(void) { PACKET pkt, subpkt; - unsigned long i; - - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_sub_packet(&pkt, &subpkt, 4) - || !PACKET_get_net_4(&subpkt, &i) - || i != 0x02040608UL - || PACKET_remaining(&subpkt) - || !PACKET_forward(&pkt, BUF_LEN - 8) - || !PACKET_get_sub_packet(&pkt, &subpkt, 4) - || !PACKET_get_net_4(&subpkt, &i) - || i != 0xf8fafcfeUL - || PACKET_remaining(&subpkt) - || PACKET_get_sub_packet(&pkt, &subpkt, 4)) { - fprintf(stderr, "test_PACKET_get_sub_packet() failed\n"); + unsigned long i = 0; + + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_sub_packet(&pkt, &subpkt, 4)) + || !TEST_true(PACKET_get_net_4(&subpkt, &i)) + || !TEST_ulong_eq(i, 0x02040608UL) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), 0) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 8)) + || !TEST_true(PACKET_get_sub_packet(&pkt, &subpkt, 4)) + || !TEST_true(PACKET_get_net_4(&subpkt, &i)) + || !TEST_ulong_eq(i, 0xf8fafcfeUL) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), 0) + || !TEST_false(PACKET_get_sub_packet(&pkt, &subpkt, 4))) return 0; - } return 1; } -static int test_PACKET_get_bytes(unsigned char buf[BUF_LEN]) +static int test_PACKET_get_bytes(void) { - const unsigned char *bytes; + const unsigned char *bytes = NULL; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_get_bytes(&pkt, &bytes, 4) - || bytes[0] != 2 || bytes[1] != 4 - || bytes[2] != 6 || bytes[3] != 8 - || PACKET_remaining(&pkt) != BUF_LEN -4 - || !PACKET_forward(&pkt, BUF_LEN - 8) - || !PACKET_get_bytes(&pkt, &bytes, 4) - || bytes[0] != 0xf8 || bytes[1] != 0xfa - || bytes[2] != 0xfc || bytes[3] != 0xfe - || PACKET_remaining(&pkt)) { - fprintf(stderr, "test_PACKET_get_bytes() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_get_bytes(&pkt, &bytes, 4)) + || !TEST_uchar_eq(bytes[0], 2) + || !TEST_uchar_eq(bytes[1], 4) + || !TEST_uchar_eq(bytes[2], 6) + || !TEST_uchar_eq(bytes[3], 8) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN -4) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 8)) + || !TEST_true(PACKET_get_bytes(&pkt, &bytes, 4)) + || !TEST_uchar_eq(bytes[0], 0xf8) + || !TEST_uchar_eq(bytes[1], 0xfa) + || !TEST_uchar_eq(bytes[2], 0xfc) + || !TEST_uchar_eq(bytes[3], 0xfe) + || !TEST_false(PACKET_remaining(&pkt))) return 0; - } return 1; } -static int test_PACKET_copy_bytes(unsigned char buf[BUF_LEN]) +static int test_PACKET_copy_bytes(void) { unsigned char bytes[4]; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_copy_bytes(&pkt, bytes, 4) - || bytes[0] != 2 || bytes[1] != 4 - || bytes[2] != 6 || bytes[3] != 8 - || PACKET_remaining(&pkt) != BUF_LEN - 4 - || !PACKET_forward(&pkt, BUF_LEN - 8) - || !PACKET_copy_bytes(&pkt, bytes, 4) - || bytes[0] != 0xf8 || bytes[1] != 0xfa - || bytes[2] != 0xfc || bytes[3] != 0xfe - || PACKET_remaining(&pkt)) { - fprintf(stderr, "test_PACKET_copy_bytes() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_copy_bytes(&pkt, bytes, 4)) + || !TEST_char_eq(bytes[0], 2) + || !TEST_char_eq(bytes[1], 4) + || !TEST_char_eq(bytes[2], 6) + || !TEST_char_eq(bytes[3], 8) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN - 4) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 8)) + || !TEST_true(PACKET_copy_bytes(&pkt, bytes, 4)) + || !TEST_uchar_eq(bytes[0], 0xf8) + || !TEST_uchar_eq(bytes[1], 0xfa) + || !TEST_uchar_eq(bytes[2], 0xfc) + || !TEST_uchar_eq(bytes[3], 0xfe) + || !TEST_false(PACKET_remaining(&pkt))) return 0; - } return 1; } -static int test_PACKET_copy_all(unsigned char buf[BUF_LEN]) +static int test_PACKET_copy_all(void) { unsigned char tmp[BUF_LEN]; PACKET pkt; size_t len; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_copy_all(&pkt, tmp, BUF_LEN, &len) - || len != BUF_LEN - || memcmp(buf, tmp, BUF_LEN) != 0 - || PACKET_remaining(&pkt) != BUF_LEN - || PACKET_copy_all(&pkt, tmp, BUF_LEN - 1, &len)) { - fprintf(stderr, "test_PACKET_copy_bytes() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_copy_all(&pkt, tmp, BUF_LEN, &len)) + || !TEST_size_t_eq(len, BUF_LEN) + || !TEST_mem_eq(smbuf, BUF_LEN, tmp, BUF_LEN) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN) + || !TEST_false(PACKET_copy_all(&pkt, tmp, BUF_LEN - 1, &len))) return 0; - } return 1; } -static int test_PACKET_memdup(unsigned char buf[BUF_LEN]) +static int test_PACKET_memdup(void) { unsigned char *data = NULL; size_t len; PACKET pkt; - - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_memdup(&pkt, &data, &len) - || len != BUF_LEN - || memcmp(data, PACKET_data(&pkt), len) - || !PACKET_forward(&pkt, 10) - || !PACKET_memdup(&pkt, &data, &len) - || len != BUF_LEN - 10 - || memcmp(data, PACKET_data(&pkt), len)) { - fprintf(stderr, "test_PACKET_memdup() failed\n"); - OPENSSL_free(data); - return 0; - } - + int result = 0; + + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_memdup(&pkt, &data, &len)) + || !TEST_size_t_eq(len, BUF_LEN) + || !TEST_mem_eq(data, len, PACKET_data(&pkt), len) + || !TEST_true(PACKET_forward(&pkt, 10)) + || !TEST_true(PACKET_memdup(&pkt, &data, &len)) + || !TEST_size_t_eq(len, BUF_LEN - 10) + || !TEST_mem_eq(data, len, PACKET_data(&pkt), len)) + goto end; + result = 1; +end: OPENSSL_free(data); - return 1; + return result; } -static int test_PACKET_strndup() +static int test_PACKET_strndup(void) { - char buf[10], buf2[10]; + char buf1[10], buf2[10]; char *data = NULL; PACKET pkt; + int result = 0; - memset(buf, 'x', 10); + memset(buf1, 'x', 10); memset(buf2, 'y', 10); buf2[5] = '\0'; - if ( !PACKET_buf_init(&pkt, (unsigned char*)buf, 10) - || !PACKET_strndup(&pkt, &data) - || strlen(data) != 10 - || strncmp(data, buf, 10) - || !PACKET_buf_init(&pkt, (unsigned char*)buf2, 10) - || !PACKET_strndup(&pkt, &data) - || strlen(data) != 5 - || strcmp(data, buf2)) { - fprintf(stderr, "test_PACKET_strndup failed\n"); - OPENSSL_free(data); - return 0; - } - + if (!TEST_true(PACKET_buf_init(&pkt, (unsigned char*)buf1, 10)) + || !TEST_true(PACKET_strndup(&pkt, &data)) + || !TEST_size_t_eq(strlen(data), 10) + || !TEST_strn_eq(data, buf1, 10) + || !TEST_true(PACKET_buf_init(&pkt, (unsigned char*)buf2, 10)) + || !TEST_true(PACKET_strndup(&pkt, &data)) + || !TEST_size_t_eq(strlen(data), 5) + || !TEST_str_eq(data, buf2)) + goto end; + + result = 1; +end: OPENSSL_free(data); - return 1; + return result; } -static int test_PACKET_contains_zero_byte() +static int test_PACKET_contains_zero_byte(void) { - char buf[10], buf2[10]; + char buf1[10], buf2[10]; PACKET pkt; - memset(buf, 'x', 10); + memset(buf1, 'x', 10); memset(buf2, 'y', 10); buf2[5] = '\0'; - if ( !PACKET_buf_init(&pkt, (unsigned char*)buf, 10) - || PACKET_contains_zero_byte(&pkt) - || !PACKET_buf_init(&pkt, (unsigned char*)buf2, 10) - || !PACKET_contains_zero_byte(&pkt)) { - fprintf(stderr, "test_PACKET_contains_zero_byte failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, (unsigned char*)buf1, 10)) + || !TEST_false(PACKET_contains_zero_byte(&pkt)) + || !TEST_true(PACKET_buf_init(&pkt, (unsigned char*)buf2, 10)) + || !TEST_true(PACKET_contains_zero_byte(&pkt))) return 0; - } return 1; } -static int test_PACKET_forward(unsigned char buf[BUF_LEN]) +static int test_PACKET_forward(void) { - const unsigned char *byte; + const unsigned char *byte = NULL; PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_forward(&pkt, 1) - || !PACKET_get_bytes(&pkt, &byte, 1) - || byte[0] != 4 - || !PACKET_forward(&pkt, BUF_LEN - 3) - || !PACKET_get_bytes(&pkt, &byte, 1) - || byte[0] != 0xfe) { - fprintf(stderr, "test_PACKET_forward() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_forward(&pkt, 1)) + || !TEST_true(PACKET_get_bytes(&pkt, &byte, 1)) + || !TEST_uchar_eq(byte[0], 4) + || !TEST_true(PACKET_forward(&pkt, BUF_LEN - 3)) + || !TEST_true(PACKET_get_bytes(&pkt, &byte, 1)) + || !TEST_uchar_eq(byte[0], 0xfe)) return 0; - } return 1; } -static int test_PACKET_buf_init() +static int test_PACKET_buf_init(void) { - unsigned char buf[BUF_LEN]; + unsigned char buf1[BUF_LEN]; PACKET pkt; /* Also tests PACKET_remaining() */ - if ( !PACKET_buf_init(&pkt, buf, 4) - || PACKET_remaining(&pkt) != 4 - || !PACKET_buf_init(&pkt, buf, BUF_LEN) - || PACKET_remaining(&pkt) != BUF_LEN - || PACKET_buf_init(&pkt, buf, -1)) { - fprintf(stderr, "test_PACKET_buf_init() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, buf1, 4)) + || !TEST_size_t_eq(PACKET_remaining(&pkt), 4) + || !TEST_true(PACKET_buf_init(&pkt, buf1, BUF_LEN)) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN) + || !TEST_false(PACKET_buf_init(&pkt, buf1, -1))) return 0; - } return 1; } -static int test_PACKET_null_init() +static int test_PACKET_null_init(void) { PACKET pkt; PACKET_null_init(&pkt); - if ( PACKET_remaining(&pkt) != 0 - || PACKET_forward(&pkt, 1)) { - fprintf(stderr, "test_PACKET_null_init() failed\n"); + if (!TEST_size_t_eq(PACKET_remaining(&pkt), 0) + || !TEST_false(PACKET_forward(&pkt, 1))) return 0; - } return 1; } -static int test_PACKET_equal(unsigned char buf[BUF_LEN]) +static int test_PACKET_equal(void) { PACKET pkt; - if ( !PACKET_buf_init(&pkt, buf, 4) - || !PACKET_equal(&pkt, buf, 4) - || PACKET_equal(&pkt, buf + 1, 4) - || !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_equal(&pkt, buf, BUF_LEN) - || PACKET_equal(&pkt, buf, BUF_LEN - 1) - || PACKET_equal(&pkt, buf, BUF_LEN + 1) - || PACKET_equal(&pkt, buf, 0)) { - fprintf(stderr, "test_PACKET_equal() failed\n"); + if (!TEST_true(PACKET_buf_init(&pkt, smbuf, 4)) + || !TEST_true(PACKET_equal(&pkt, smbuf, 4)) + || !TEST_false(PACKET_equal(&pkt, smbuf + 1, 4)) + || !TEST_true(PACKET_buf_init(&pkt, smbuf, BUF_LEN)) + || !TEST_true(PACKET_equal(&pkt, smbuf, BUF_LEN)) + || !TEST_false(PACKET_equal(&pkt, smbuf, BUF_LEN - 1)) + || !TEST_false(PACKET_equal(&pkt, smbuf, BUF_LEN + 1)) + || !TEST_false(PACKET_equal(&pkt, smbuf, 0))) return 0; - } return 1; } -static int test_PACKET_get_length_prefixed_1() +static int test_PACKET_get_length_prefixed_1(void) { - unsigned char buf[BUF_LEN]; + unsigned char buf1[BUF_LEN]; const size_t len = 16; unsigned int i; - PACKET pkt, short_pkt, subpkt; - - buf[0] = len; - for (i = 1; i < BUF_LEN; i++) { - buf[i] = (i * 2) & 0xff; - } - - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_buf_init(&short_pkt, buf, len) - || !PACKET_get_length_prefixed_1(&pkt, &subpkt) - || PACKET_remaining(&subpkt) != len - || !PACKET_get_net_2(&subpkt, &i) - || i != 0x0204 - || PACKET_get_length_prefixed_1(&short_pkt, &subpkt) - || PACKET_remaining(&short_pkt) != len) { - fprintf(stderr, "test_PACKET_get_length_prefixed_1() failed\n"); + PACKET pkt, short_pkt, subpkt = {0}; + + buf1[0] = (unsigned char)len; + for (i = 1; i < BUF_LEN; i++) + buf1[i] = (i * 2) & 0xff; + + if (!TEST_true(PACKET_buf_init(&pkt, buf1, BUF_LEN)) + || !TEST_true(PACKET_buf_init(&short_pkt, buf1, len)) + || !TEST_true(PACKET_get_length_prefixed_1(&pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), len) + || !TEST_true(PACKET_get_net_2(&subpkt, &i)) + || !TEST_uint_eq(i, 0x0204) + || !TEST_false(PACKET_get_length_prefixed_1(&short_pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&short_pkt), len)) return 0; - } return 1; } -static int test_PACKET_get_length_prefixed_2() +static int test_PACKET_get_length_prefixed_2(void) { - unsigned char buf[1024]; + unsigned char buf1[1024]; const size_t len = 516; /* 0x0204 */ unsigned int i; - PACKET pkt, short_pkt, subpkt; - - for (i = 1; i <= 1024; i++) { - buf[i-1] = (i * 2) & 0xff; - } - - if ( !PACKET_buf_init(&pkt, buf, 1024) - || !PACKET_buf_init(&short_pkt, buf, len) - || !PACKET_get_length_prefixed_2(&pkt, &subpkt) - || PACKET_remaining(&subpkt) != len - || !PACKET_get_net_2(&subpkt, &i) - || i != 0x0608 - || PACKET_get_length_prefixed_2(&short_pkt, &subpkt) - || PACKET_remaining(&short_pkt) != len) { - fprintf(stderr, "test_PACKET_get_length_prefixed_2() failed\n"); + PACKET pkt, short_pkt, subpkt = {0}; + + for (i = 1; i <= 1024; i++) + buf1[i - 1] = (i * 2) & 0xff; + + if (!TEST_true(PACKET_buf_init(&pkt, buf1, 1024)) + || !TEST_true(PACKET_buf_init(&short_pkt, buf1, len)) + || !TEST_true(PACKET_get_length_prefixed_2(&pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), len) + || !TEST_true(PACKET_get_net_2(&subpkt, &i)) + || !TEST_uint_eq(i, 0x0608) + || !TEST_false(PACKET_get_length_prefixed_2(&short_pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&short_pkt), len)) return 0; - } return 1; } -static int test_PACKET_get_length_prefixed_3() +static int test_PACKET_get_length_prefixed_3(void) { - unsigned char buf[1024]; + unsigned char buf1[1024]; const size_t len = 516; /* 0x000204 */ unsigned int i; - PACKET pkt, short_pkt, subpkt; - - for (i = 0; i < 1024; i++) { - buf[i] = (i * 2) & 0xff; - } - - if ( !PACKET_buf_init(&pkt, buf, 1024) - || !PACKET_buf_init(&short_pkt, buf, len) - || !PACKET_get_length_prefixed_3(&pkt, &subpkt) - || PACKET_remaining(&subpkt) != len - || !PACKET_get_net_2(&subpkt, &i) - || i != 0x0608 - || PACKET_get_length_prefixed_3(&short_pkt, &subpkt) - || PACKET_remaining(&short_pkt) != len) { - fprintf(stderr, "test_PACKET_get_length_prefixed_3() failed\n"); + PACKET pkt, short_pkt, subpkt = {0}; + + for (i = 0; i < 1024; i++) + buf1[i] = (i * 2) & 0xff; + + if (!TEST_true(PACKET_buf_init(&pkt, buf1, 1024)) + || !TEST_true(PACKET_buf_init(&short_pkt, buf1, len)) + || !TEST_true(PACKET_get_length_prefixed_3(&pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), len) + || !TEST_true(PACKET_get_net_2(&subpkt, &i)) + || !TEST_uint_eq(i, 0x0608) + || !TEST_false(PACKET_get_length_prefixed_3(&short_pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&short_pkt), len)) return 0; - } return 1; } -static int test_PACKET_as_length_prefixed_1() +static int test_PACKET_as_length_prefixed_1(void) { - unsigned char buf[BUF_LEN]; + unsigned char buf1[BUF_LEN]; const size_t len = 16; unsigned int i; - PACKET pkt, exact_pkt, subpkt; - - buf[0] = len; - for (i = 1; i < BUF_LEN; i++) { - buf[i] = (i * 2) & 0xff; - } - - if ( !PACKET_buf_init(&pkt, buf, BUF_LEN) - || !PACKET_buf_init(&exact_pkt, buf, len + 1) - || PACKET_as_length_prefixed_1(&pkt, &subpkt) - || PACKET_remaining(&pkt) != BUF_LEN - || !PACKET_as_length_prefixed_1(&exact_pkt, &subpkt) - || PACKET_remaining(&exact_pkt) != 0 - || PACKET_remaining(&subpkt) != len) { - fprintf(stderr, "test_PACKET_as_length_prefixed_1() failed\n"); + PACKET pkt, exact_pkt, subpkt = {0}; + + buf1[0] = (unsigned char)len; + for (i = 1; i < BUF_LEN; i++) + buf1[i] = (i * 2) & 0xff; + + if (!TEST_true(PACKET_buf_init(&pkt, buf1, BUF_LEN)) + || !TEST_true(PACKET_buf_init(&exact_pkt, buf1, len + 1)) + || !TEST_false(PACKET_as_length_prefixed_1(&pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&pkt), BUF_LEN) + || !TEST_true(PACKET_as_length_prefixed_1(&exact_pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&exact_pkt), 0) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), len)) return 0; - } return 1; } -static int test_PACKET_as_length_prefixed_2() +static int test_PACKET_as_length_prefixed_2(void) { unsigned char buf[1024]; const size_t len = 516; /* 0x0204 */ unsigned int i; - PACKET pkt, exact_pkt, subpkt; + PACKET pkt, exact_pkt, subpkt = {0}; - for (i = 1; i <= 1024; i++) { + for (i = 1; i <= 1024; i++) buf[i-1] = (i * 2) & 0xff; - } - - if ( !PACKET_buf_init(&pkt, buf, 1024) - || !PACKET_buf_init(&exact_pkt, buf, len + 2) - || PACKET_as_length_prefixed_2(&pkt, &subpkt) - || PACKET_remaining(&pkt) != 1024 - || !PACKET_as_length_prefixed_2(&exact_pkt, &subpkt) - || PACKET_remaining(&exact_pkt) != 0 - || PACKET_remaining(&subpkt) != len) { - fprintf(stderr, "test_PACKET_as_length_prefixed_2() failed\n"); + + if (!TEST_true(PACKET_buf_init(&pkt, buf, 1024)) + || !TEST_true(PACKET_buf_init(&exact_pkt, buf, len + 2)) + || !TEST_false(PACKET_as_length_prefixed_2(&pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&pkt), 1024) + || !TEST_true(PACKET_as_length_prefixed_2(&exact_pkt, &subpkt)) + || !TEST_size_t_eq(PACKET_remaining(&exact_pkt), 0) + || !TEST_size_t_eq(PACKET_remaining(&subpkt), len)) return 0; - } return 1; } -int main(int argc, char **argv) +int setup_tests(void) { - unsigned char buf[BUF_LEN]; unsigned int i; - for (i=1; i<=BUF_LEN; i++) { - buf[i-1] = (i * 2) & 0xff; - } - i = 0; - - if ( !test_PACKET_buf_init() - || !test_PACKET_null_init() - || !test_PACKET_remaining(buf) - || !test_PACKET_end(buf) - || !test_PACKET_equal(buf) - || !test_PACKET_get_1(buf) - || !test_PACKET_get_4(buf) - || !test_PACKET_get_net_2(buf) - || !test_PACKET_get_net_3(buf) - || !test_PACKET_get_net_4(buf) - || !test_PACKET_get_sub_packet(buf) - || !test_PACKET_get_bytes(buf) - || !test_PACKET_copy_bytes(buf) - || !test_PACKET_copy_all(buf) - || !test_PACKET_memdup(buf) - || !test_PACKET_strndup() - || !test_PACKET_contains_zero_byte() - || !test_PACKET_forward(buf) - || !test_PACKET_get_length_prefixed_1() - || !test_PACKET_get_length_prefixed_2() - || !test_PACKET_get_length_prefixed_3() - || !test_PACKET_as_length_prefixed_1() - || !test_PACKET_as_length_prefixed_2()) { - return 1; - } - printf("PASS\n"); - return 0; + for (i = 1; i <= BUF_LEN; i++) + smbuf[i - 1] = (i * 2) & 0xff; + + ADD_TEST(test_PACKET_buf_init); + ADD_TEST(test_PACKET_null_init); + ADD_TEST(test_PACKET_remaining); + ADD_TEST(test_PACKET_end); + ADD_TEST(test_PACKET_equal); + ADD_TEST(test_PACKET_get_1); + ADD_TEST(test_PACKET_get_4); + ADD_TEST(test_PACKET_get_net_2); + ADD_TEST(test_PACKET_get_net_3); + ADD_TEST(test_PACKET_get_net_4); + ADD_TEST(test_PACKET_get_sub_packet); + ADD_TEST(test_PACKET_get_bytes); + ADD_TEST(test_PACKET_copy_bytes); + ADD_TEST(test_PACKET_copy_all); + ADD_TEST(test_PACKET_memdup); + ADD_TEST(test_PACKET_strndup); + ADD_TEST(test_PACKET_contains_zero_byte); + ADD_TEST(test_PACKET_forward); + ADD_TEST(test_PACKET_get_length_prefixed_1); + ADD_TEST(test_PACKET_get_length_prefixed_2); + ADD_TEST(test_PACKET_get_length_prefixed_3); + ADD_TEST(test_PACKET_as_length_prefixed_1); + ADD_TEST(test_PACKET_as_length_prefixed_2); + return 1; } diff --git a/deps/openssl/openssl/test/pbelutest.c b/deps/openssl/openssl/test/pbelutest.c index e226d43f26..3ed5e96726 100644 --- a/deps/openssl/openssl/test/pbelutest.c +++ b/deps/openssl/openssl/test/pbelutest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,40 +8,43 @@ */ #include <openssl/evp.h> -#include <stdio.h> -#include <string.h> +#include "testutil.h" /* * Password based encryption (PBE) table ordering test. * Attempt to look up all supported algorithms. */ -int main(int argc, char **argv) +static int test_pbelu(void) { - size_t i; - int rv = 0; - int pbe_type, pbe_nid; - int last_type = -1, last_nid = -1; + int i, failed = 0; + int pbe_type, pbe_nid, last_type = -1, last_nid = -1; + for (i = 0; EVP_PBE_get(&pbe_type, &pbe_nid, i) != 0; i++) { - if (EVP_PBE_find(pbe_type, pbe_nid, NULL, NULL, 0) == 0) { - rv = 1; + if (!TEST_true(EVP_PBE_find(pbe_type, pbe_nid, NULL, NULL, 0))) { + TEST_note("i=%d, pbe_type=%d, pbe_nid=%d", i, pbe_type, pbe_nid); + failed = 1; break; } } - if (rv == 0) - return 0; + + if (!failed) + return 1; + /* Error: print out whole table */ for (i = 0; EVP_PBE_get(&pbe_type, &pbe_nid, i) != 0; i++) { - if (pbe_type > last_type) - rv = 0; - else if (pbe_type < last_type || pbe_nid < last_nid) - rv = 1; - else - rv = 0; - fprintf(stderr, "PBE type=%d %d (%s): %s\n", pbe_type, pbe_nid, - OBJ_nid2sn(pbe_nid), rv ? "ERROR" : "OK"); + failed = pbe_type < last_type + || (pbe_type == last_type && pbe_nid < last_nid); + TEST_note("PBE type=%d %d (%s): %s\n", pbe_type, pbe_nid, + OBJ_nid2sn(pbe_nid), failed ? "ERROR" : "OK"); last_type = pbe_type; last_nid = pbe_nid; } + return 0; +} + +int setup_tests(void) +{ + ADD_TEST(test_pbelu); return 1; } diff --git a/deps/openssl/openssl/test/pkits-test.pl b/deps/openssl/openssl/test/pkits-test.pl index ae7279cf2e..2b859b2ae0 100644 --- a/deps/openssl/openssl/test/pkits-test.pl +++ b/deps/openssl/openssl/test/pkits-test.pl @@ -6,7 +6,7 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html -# Perl utility to run PKITS tests for RFC3280 compliance. +# Perl utility to run PKITS tests for RFC3280 compliance. my $ossl_path; @@ -80,7 +80,7 @@ my @testlists = ( [ "4.4.7", "Valid Two CRLs Test7", 0 ], # The test document suggests these should return certificate revoked... - # Subsquent discussion has concluded they should not due to unhandle + # Subsequent discussion has concluded they should not due to unhandle # critical CRL extensions. [ "4.4.8", "Invalid Unknown CRL Entry Extension Test8", 36 ], [ "4.4.9", "Invalid Unknown CRL Extension Test9", 36 ], @@ -705,7 +705,7 @@ my @testlists = ( [ "4.14.29", "Valid cRLIssuer Test29", 0 ], # Although this test is valid it has a circular dependency. As a result - # an attempt is made to reursively checks a CRL path and rejected due to + # an attempt is made to recursively checks a CRL path and rejected due to # a CRL path validation error. PKITS notes suggest this test does not # need to be run due to this issue. [ "4.14.30", "Valid cRLIssuer Test30", 54 ], diff --git a/deps/openssl/openssl/test/randtest.c b/deps/openssl/openssl/test/randtest.c deleted file mode 100644 index 9f7a0371a6..0000000000 --- a/deps/openssl/openssl/test/randtest.c +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <stdlib.h> -#include <openssl/rand.h> - -#include "../e_os.h" - -/* some FIPS 140-1 random number test */ -/* some simple tests */ - -int main(int argc, char **argv) -{ - unsigned char buf[2500]; - int i, j, k, s, sign, nsign, err = 0; - unsigned long n1; - unsigned long n2[16]; - unsigned long runs[2][34]; - /* - * double d; - */ - long d; - - i = RAND_bytes(buf, 2500); - if (i <= 0) { - printf("init failed, the rand method is not properly installed\n"); - err++; - goto err; - } - - n1 = 0; - for (i = 0; i < 16; i++) - n2[i] = 0; - for (i = 0; i < 34; i++) - runs[0][i] = runs[1][i] = 0; - - /* test 1 and 2 */ - sign = 0; - nsign = 0; - for (i = 0; i < 2500; i++) { - j = buf[i]; - - n2[j & 0x0f]++; - n2[(j >> 4) & 0x0f]++; - - for (k = 0; k < 8; k++) { - s = (j & 0x01); - if (s == sign) - nsign++; - else { - if (nsign > 34) - nsign = 34; - if (nsign != 0) { - runs[sign][nsign - 1]++; - if (nsign > 6) - runs[sign][5]++; - } - sign = s; - nsign = 1; - } - - if (s) - n1++; - j >>= 1; - } - } - if (nsign > 34) - nsign = 34; - if (nsign != 0) - runs[sign][nsign - 1]++; - - /* test 1 */ - if (!((9654 < n1) && (n1 < 10346))) { - printf("test 1 failed, X=%lu\n", n1); - err++; - } - printf("test 1 done\n"); - - /* test 2 */ - d = 0; - for (i = 0; i < 16; i++) - d += n2[i] * n2[i]; - d = (d * 8) / 25 - 500000; - if (!((103 < d) && (d < 5740))) { - printf("test 2 failed, X=%ld.%02ld\n", d / 100L, d % 100L); - err++; - } - printf("test 2 done\n"); - - /* test 3 */ - for (i = 0; i < 2; i++) { - if (!((2267 < runs[i][0]) && (runs[i][0] < 2733))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 1, runs[i][0]); - err++; - } - if (!((1079 < runs[i][1]) && (runs[i][1] < 1421))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 2, runs[i][1]); - err++; - } - if (!((502 < runs[i][2]) && (runs[i][2] < 748))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 3, runs[i][2]); - err++; - } - if (!((223 < runs[i][3]) && (runs[i][3] < 402))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 4, runs[i][3]); - err++; - } - if (!((90 < runs[i][4]) && (runs[i][4] < 223))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 5, runs[i][4]); - err++; - } - if (!((90 < runs[i][5]) && (runs[i][5] < 223))) { - printf("test 3 failed, bit=%d run=%d num=%lu\n", - i, 6, runs[i][5]); - err++; - } - } - printf("test 3 done\n"); - - /* test 4 */ - if (runs[0][33] != 0) { - printf("test 4 failed, bit=%d run=%d num=%lu\n", 0, 34, runs[0][33]); - err++; - } - if (runs[1][33] != 0) { - printf("test 4 failed, bit=%d run=%d num=%lu\n", 1, 34, runs[1][33]); - err++; - } - printf("test 4 done\n"); - err: - err = ((err) ? 1 : 0); - EXIT(err); -} diff --git a/deps/openssl/openssl/test/rc2test.c b/deps/openssl/openssl/test/rc2test.c index 2d0a01d596..e64d1a7285 100644 --- a/deps/openssl/openssl/test/rc2test.c +++ b/deps/openssl/openssl/test/rc2test.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,24 +7,10 @@ * https://www.openssl.org/source/license.html */ -/* - * This has been a quickly hacked 'ideatest.c'. When I add tests for other - * RC2 modes, more of the code will be uncommented. - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> +#include "internal/nelem.h" +#include "testutil.h" -#include "../e_os.h" - -#ifdef OPENSSL_NO_RC2 -int main(int argc, char *argv[]) -{ - printf("No RC2 support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_RC2 # include <openssl/rc2.h> static unsigned char RC2key[4][16] = { @@ -52,48 +38,31 @@ static unsigned char RC2cipher[4][8] = { {0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31}, }; -int main(int argc, char *argv[]) +static int test_rc2(const int n) { - int i, n, err = 0; + int testresult = 1; RC2_KEY key; unsigned char buf[8], buf2[8]; - for (n = 0; n < 4; n++) { - RC2_set_key(&key, 16, &(RC2key[n][0]), 0 /* or 1024 */ ); + RC2_set_key(&key, 16, &(RC2key[n][0]), 0 /* or 1024 */ ); - RC2_ecb_encrypt(&(RC2plain[n][0]), buf, &key, RC2_ENCRYPT); - if (memcmp(&(RC2cipher[n][0]), buf, 8) != 0) { - printf("ecb rc2 error encrypting\n"); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", buf[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", RC2cipher[n][i]); - err = 20; - printf("\n"); - } + RC2_ecb_encrypt(&RC2plain[n][0], buf, &key, RC2_ENCRYPT); + if (!TEST_mem_eq(&RC2cipher[n][0], 8, buf, 8)) + testresult = 0; - RC2_ecb_encrypt(buf, buf2, &key, RC2_DECRYPT); - if (memcmp(&(RC2plain[n][0]), buf2, 8) != 0) { - printf("ecb RC2 error decrypting\n"); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", buf[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", RC2plain[n][i]); - printf("\n"); - err = 3; - } - } + RC2_ecb_encrypt(buf, buf2, &key, RC2_DECRYPT); + if (!TEST_mem_eq(&RC2plain[n][0], 8, buf2, 8)) + testresult = 0; - if (err == 0) - printf("ecb RC2 ok\n"); - - EXIT(err); + return testresult; } #endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_RC2 + ADD_ALL_TESTS(test_rc2, OSSL_NELEM(RC2key)); +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/rc4test.c b/deps/openssl/openssl/test/rc4test.c index 7a77b82192..15706ea3f0 100644 --- a/deps/openssl/openssl/test/rc4test.c +++ b/deps/openssl/openssl/test/rc4test.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,23 +7,16 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> -#include <stdlib.h> #include <string.h> -#include "../e_os.h" +#include "internal/nelem.h" +#include "testutil.h" -#ifdef OPENSSL_NO_RC4 -int main(int argc, char *argv[]) -{ - printf("No RC4 support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_RC4 # include <openssl/rc4.h> # include <openssl/sha.h> -static unsigned char keys[7][30] = { +static unsigned char keys[6][30] = { {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, {8, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef}, {8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, @@ -32,9 +25,9 @@ static unsigned char keys[7][30] = { {4, 0xef, 0x01, 0x23, 0x45}, }; -static unsigned char data_len[7] = { 8, 8, 8, 20, 28, 10 }; +static unsigned char data_len[6] = { 8, 8, 8, 20, 28, 10 }; -static unsigned char data[7][30] = { +static unsigned char data[6][30] = { {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xff}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, @@ -46,10 +39,9 @@ static unsigned char data[7][30] = { 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0, 0x12, 0x34, 0x56, 0x78, 0xff}, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xff}, - {0}, }; -static unsigned char output[7][30] = { +static unsigned char output[6][30] = { {0x75, 0xb7, 0x87, 0x80, 0x99, 0xe0, 0xc5, 0x96, 0x00}, {0x74, 0x94, 0xc2, 0xe7, 0x10, 0x4b, 0x08, 0x79, 0x00}, {0xde, 0x18, 0x89, 0x41, 0xa3, 0x37, 0x5d, 0x3a, 0x00}, @@ -61,115 +53,76 @@ static unsigned char output[7][30] = { 0x89, 0x2e, 0xbe, 0x30, 0x14, 0x3c, 0xe2, 0x87, 0x40, 0x01, 0x1e, 0xcf, 0x00}, {0xd6, 0xa1, 0x41, 0xa7, 0xec, 0x3c, 0x38, 0xdf, 0xbd, 0x61, 0x00}, - {0}, }; -int main(int argc, char *argv[]) +static int test_rc4_encrypt(const int i) { - int i, err = 0; - int j; - unsigned char *p; + unsigned char obuf[512]; RC4_KEY key; + + RC4_set_key(&key, keys[i][0], &(keys[i][1])); + memset(obuf, 0, sizeof(obuf)); + RC4(&key, data_len[i], &(data[i][0]), obuf); + return TEST_mem_eq(obuf, data_len[i] + 1, output[i], data_len[i] + 1); +} + +static int test_rc4_end_processing(const int i) +{ unsigned char obuf[512]; + RC4_KEY key; - for (i = 0; i < 6; i++) { - RC4_set_key(&key, keys[i][0], &(keys[i][1])); - memset(obuf, 0, sizeof(obuf)); - RC4(&key, data_len[i], &(data[i][0]), obuf); - if (memcmp(obuf, output[i], data_len[i] + 1) != 0) { - printf("error calculating RC4\n"); - printf("output:"); - for (j = 0; j < data_len[i] + 1; j++) - printf(" %02x", obuf[j]); - printf("\n"); - printf("expect:"); - p = &(output[i][0]); - for (j = 0; j < data_len[i] + 1; j++) - printf(" %02x", *(p++)); - printf("\n"); - err++; - } else - printf("test %d ok\n", i); - } - printf("test end processing "); - for (i = 0; i < data_len[3]; i++) { - RC4_set_key(&key, keys[3][0], &(keys[3][1])); - memset(obuf, 0, sizeof(obuf)); - RC4(&key, i, &(data[3][0]), obuf); - if ((memcmp(obuf, output[3], i) != 0) || (obuf[i] != 0)) { - printf("error in RC4 length processing\n"); - printf("output:"); - for (j = 0; j < i + 1; j++) - printf(" %02x", obuf[j]); - printf("\n"); - printf("expect:"); - p = &(output[3][0]); - for (j = 0; j < i; j++) - printf(" %02x", *(p++)); - printf(" 00\n"); - err++; - } else { - printf("."); - fflush(stdout); - } - } - printf("done\n"); - printf("test multi-call "); - for (i = 0; i < data_len[3]; i++) { - RC4_set_key(&key, keys[3][0], &(keys[3][1])); - memset(obuf, 0, sizeof(obuf)); - RC4(&key, i, &(data[3][0]), obuf); - RC4(&key, data_len[3] - i, &(data[3][i]), &(obuf[i])); - if (memcmp(obuf, output[3], data_len[3] + 1) != 0) { - printf("error in RC4 multi-call processing\n"); - printf("output:"); - for (j = 0; j < data_len[3] + 1; j++) - printf(" %02x", obuf[j]); - printf("\n"); - printf("expect:"); - p = &(output[3][0]); - for (j = 0; j < data_len[3] + 1; j++) - printf(" %02x", *(p++)); - err++; - } else { - printf("."); - fflush(stdout); - } - } - printf("done\n"); - printf("bulk test "); - { - unsigned char buf[513]; - SHA_CTX c; - unsigned char md[SHA_DIGEST_LENGTH]; - static unsigned char expected[] = { - 0xa4, 0x7b, 0xcc, 0x00, 0x3d, 0xd0, 0xbd, 0xe1, 0xac, 0x5f, - 0x12, 0x1e, 0x45, 0xbc, 0xfb, 0x1a, 0xa1, 0xf2, 0x7f, 0xc5 - }; - - RC4_set_key(&key, keys[0][0], &(keys[3][1])); - memset(buf, 0, sizeof(buf)); - SHA1_Init(&c); - for (i = 0; i < 2571; i++) { - RC4(&key, sizeof(buf), buf, buf); - SHA1_Update(&c, buf, sizeof(buf)); - } - SHA1_Final(md, &c); - - if (memcmp(md, expected, sizeof(md))) { - printf("error in RC4 bulk test\n"); - printf("output:"); - for (j = 0; j < (int)sizeof(md); j++) - printf(" %02x", md[j]); - printf("\n"); - printf("expect:"); - for (j = 0; j < (int)sizeof(md); j++) - printf(" %02x", expected[j]); - printf("\n"); - err++; - } else - printf("ok\n"); + RC4_set_key(&key, keys[3][0], &(keys[3][1])); + memset(obuf, 0, sizeof(obuf)); + RC4(&key, i, &(data[3][0]), obuf); + if (!TEST_mem_eq(obuf, i, output[3], i)) + return 0; + return TEST_uchar_eq(obuf[i], 0); +} + +static int test_rc4_multi_call(const int i) +{ + unsigned char obuf[512]; + RC4_KEY key; + + RC4_set_key(&key, keys[3][0], &(keys[3][1])); + memset(obuf, 0, sizeof(obuf)); + RC4(&key, i, &(data[3][0]), obuf); + RC4(&key, data_len[3] - i, &(data[3][i]), &(obuf[i])); + return TEST_mem_eq(obuf, data_len[3] + 1, output[3], data_len[3] + 1); +} + +static int test_rc_bulk(void) +{ + RC4_KEY key; + unsigned char buf[513]; + SHA_CTX c; + unsigned char md[SHA_DIGEST_LENGTH]; + int i; + static unsigned char expected[] = { + 0xa4, 0x7b, 0xcc, 0x00, 0x3d, 0xd0, 0xbd, 0xe1, 0xac, 0x5f, + 0x12, 0x1e, 0x45, 0xbc, 0xfb, 0x1a, 0xa1, 0xf2, 0x7f, 0xc5 + }; + + RC4_set_key(&key, keys[0][0], &(keys[3][1])); + memset(buf, 0, sizeof(buf)); + SHA1_Init(&c); + for (i = 0; i < 2571; i++) { + RC4(&key, sizeof(buf), buf, buf); + SHA1_Update(&c, buf, sizeof(buf)); } - EXIT(err); + SHA1_Final(md, &c); + + return TEST_mem_eq(md, sizeof(md), expected, sizeof(expected)); } #endif + +int setup_tests(void) +{ +#ifndef OPENSSL_NO_RC4 + ADD_ALL_TESTS(test_rc4_encrypt, OSSL_NELEM(data_len)); + ADD_ALL_TESTS(test_rc4_end_processing, data_len[3]); + ADD_ALL_TESTS(test_rc4_multi_call, data_len[3]); + ADD_TEST(test_rc_bulk); +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/rc5test.c b/deps/openssl/openssl/test/rc5test.c index 6567bcb435..d49366d993 100644 --- a/deps/openssl/openssl/test/rc5test.c +++ b/deps/openssl/openssl/test/rc5test.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,24 +7,12 @@ * https://www.openssl.org/source/license.html */ -/* - * This has been a quickly hacked 'ideatest.c'. When I add tests for other - * RC5 modes, more of the code will be uncommented. - */ - -#include <stdio.h> #include <string.h> -#include <stdlib.h> -#include "../e_os.h" +#include "internal/nelem.h" +#include "testutil.h" -#ifdef OPENSSL_NO_RC5 -int main(int argc, char *argv[]) -{ - printf("No RC5 support\n"); - return (0); -} -#else +#ifndef OPENSSL_NO_RC5 # include <openssl/rc5.h> static unsigned char RC5key[5][16] = { @@ -187,90 +175,60 @@ static unsigned char rc5_cbc_iv[RC5_CBC_NUM][8] = { {0x7c, 0xb3, 0xf1, 0xdf, 0x34, 0xf9, 0x48, 0x11}, }; -int main(int argc, char *argv[]) +static int test_rc5_ecb(int n) { - int i, n, err = 0; + int testresult = 1; RC5_32_KEY key; - unsigned char buf[8], buf2[8], ivb[8]; + unsigned char buf[8], buf2[8]; - for (n = 0; n < 5; n++) { - RC5_32_set_key(&key, 16, &(RC5key[n][0]), 12); + RC5_32_set_key(&key, 16, &RC5key[n][0], 12); - RC5_32_ecb_encrypt(&(RC5plain[n][0]), buf, &key, RC5_ENCRYPT); - if (memcmp(&(RC5cipher[n][0]), buf, 8) != 0) { - printf("ecb RC5 error encrypting (%d)\n", n + 1); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", buf[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", RC5cipher[n][i]); - err = 20; - printf("\n"); - } + RC5_32_ecb_encrypt(&RC5plain[n][0], buf, &key, RC5_ENCRYPT); + if (!TEST_mem_eq(&RC5cipher[n][0], sizeof(RC5cipher[0]), buf, sizeof(buf))) + testresult = 0; - RC5_32_ecb_encrypt(buf, buf2, &key, RC5_DECRYPT); - if (memcmp(&(RC5plain[n][0]), buf2, 8) != 0) { - printf("ecb RC5 error decrypting (%d)\n", n + 1); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", buf2[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", RC5plain[n][i]); - printf("\n"); - err = 3; - } - } - if (err == 0) - printf("ecb RC5 ok\n"); + RC5_32_ecb_encrypt(buf, buf2, &key, RC5_DECRYPT); + if (!TEST_mem_eq(&RC5plain[n][0], sizeof(RC5cipher[0]), buf2, sizeof(buf2))) + testresult = 0; - for (n = 0; n < RC5_CBC_NUM; n++) { - i = rc5_cbc_rounds[n]; - if (i < 8) - continue; + return testresult; +} - RC5_32_set_key(&key, rc5_cbc_key[n][0], &(rc5_cbc_key[n][1]), i); +static int test_rc5_cbc(int n) +{ + int testresult = 1; + int i; + RC5_32_KEY key; + unsigned char buf[8], buf2[8], ivb[8]; + + i = rc5_cbc_rounds[n]; + if (i >= 8) { + RC5_32_set_key(&key, rc5_cbc_key[n][0], &rc5_cbc_key[n][1], i); - memcpy(ivb, &(rc5_cbc_iv[n][0]), 8); - RC5_32_cbc_encrypt(&(rc5_cbc_plain[n][0]), buf, 8, - &key, &(ivb[0]), RC5_ENCRYPT); + memcpy(ivb, &rc5_cbc_iv[n][0], 8); + RC5_32_cbc_encrypt(&rc5_cbc_plain[n][0], buf, 8, + &key, &ivb[0], RC5_ENCRYPT); - if (memcmp(&(rc5_cbc_cipher[n][0]), buf, 8) != 0) { - printf("cbc RC5 error encrypting (%d)\n", n + 1); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", buf[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", rc5_cbc_cipher[n][i]); - err = 30; - printf("\n"); - } + if (!TEST_mem_eq(&rc5_cbc_cipher[n][0], sizeof(rc5_cbc_cipher[0]), + buf, sizeof(buf))) + testresult = 0; - memcpy(ivb, &(rc5_cbc_iv[n][0]), 8); - RC5_32_cbc_encrypt(buf, buf2, 8, &key, &(ivb[0]), RC5_DECRYPT); - if (memcmp(&(rc5_cbc_plain[n][0]), buf2, 8) != 0) { - printf("cbc RC5 error decrypting (%d)\n", n + 1); - printf("got :"); - for (i = 0; i < 8; i++) - printf("%02X ", buf2[i]); - printf("\n"); - printf("expected:"); - for (i = 0; i < 8; i++) - printf("%02X ", rc5_cbc_plain[n][i]); - printf("\n"); - err = 3; - } + memcpy(ivb, &rc5_cbc_iv[n][0], 8); + RC5_32_cbc_encrypt(buf, buf2, 8, &key, &ivb[0], RC5_DECRYPT); + if (!TEST_mem_eq(&rc5_cbc_plain[n][0], sizeof(rc5_cbc_plain[0]), + buf2, sizeof(buf2))) + testresult = 0; } - if (err == 0) - printf("cbc RC5 ok\n"); - EXIT(err); - return (err); + return testresult; } +#endif +int setup_tests(void) +{ +#ifndef OPENSSL_NO_RC5 + ADD_ALL_TESTS(test_rc5_ecb, OSSL_NELEM(RC5key)); + ADD_ALL_TESTS(test_rc5_cbc, RC5_CBC_NUM); #endif + return 1; +} diff --git a/deps/openssl/openssl/test/recipes/01-test_test.t b/deps/openssl/openssl/test/recipes/01-test_test.t new file mode 100644 index 0000000000..efc970e7b3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/01-test_test.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Simple; + +simple_test("test_test", "test_test"); diff --git a/deps/openssl/openssl/test/recipes/02-test_internal_ctype.t b/deps/openssl/openssl/test/recipes/02-test_internal_ctype.t new file mode 100644 index 0000000000..daacfe0feb --- /dev/null +++ b/deps/openssl/openssl/test/recipes/02-test_internal_ctype.t @@ -0,0 +1,17 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_ctype"); + +simple_test("test_internal_ctype", "ctype_internal_test"); diff --git a/deps/openssl/openssl/test/recipes/02-test_lhash.t b/deps/openssl/openssl/test/recipes/02-test_lhash.t new file mode 100644 index 0000000000..613a10d0f6 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/02-test_lhash.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Simple; + +simple_test("test_lhash", "lhash_test"); diff --git a/deps/openssl/openssl/test/recipes/02-test_stack.t b/deps/openssl/openssl/test/recipes/02-test_stack.t new file mode 100644 index 0000000000..6f906dbd99 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/02-test_stack.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Simple; + +simple_test("test_stack", "stack_test"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_asn1.t b/deps/openssl/openssl/test/recipes/03-test_internal_asn1.t new file mode 100644 index 0000000000..5f27214e96 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_asn1.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_asn1"); + +simple_test("test_internal_asn1", "asn1_internal_test"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_chacha.t b/deps/openssl/openssl/test/recipes/03-test_internal_chacha.t new file mode 100644 index 0000000000..b115392c20 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_chacha.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_chacha"); + +simple_test("test_internal_chacha", "chacha_internal_test", "chacha"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_curve448.t b/deps/openssl/openssl/test/recipes/03-test_internal_curve448.t new file mode 100644 index 0000000000..4decc98584 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_curve448.t @@ -0,0 +1,19 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_curve448"); + +plan skip_all => "This test is unsupported in a no-ec build" + if disabled("ec"); + +simple_test("test_internal_curve448", "curve448_internal_test"); diff --git a/deps/openssl/openssl/test/recipes/05-test_md4.t b/deps/openssl/openssl/test/recipes/03-test_internal_mdc2.t index 59a815bdd4..dfc06780de 100644 --- a/deps/openssl/openssl/test/recipes/05-test_md4.t +++ b/deps/openssl/openssl/test/recipes/03-test_internal_mdc2.t @@ -6,7 +6,7 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html - +use strict; use OpenSSL::Test::Simple; -simple_test("test_md4", "md4test", "md4"); +simple_test("test_internal_mdc2", "mdc2_internal_test", "mdc2"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_modes.t b/deps/openssl/openssl/test/recipes/03-test_internal_modes.t new file mode 100644 index 0000000000..1f75bd8b6f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_modes.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_modes"); + +simple_test("test_internal_modes", "modes_internal_test"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_poly1305.t b/deps/openssl/openssl/test/recipes/03-test_internal_poly1305.t new file mode 100644 index 0000000000..42f26c124f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_poly1305.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_poly1305"); + +simple_test("test_internal_poly1305", "poly1305_internal_test", "poly1305"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_siphash.t b/deps/openssl/openssl/test/recipes/03-test_internal_siphash.t new file mode 100644 index 0000000000..408a674fc6 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_siphash.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_siphash"); + +simple_test("test_internal_siphash", "siphash_internal_test", "siphash"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_sm2.t b/deps/openssl/openssl/test/recipes/03-test_internal_sm2.t new file mode 100644 index 0000000000..7a3fc41105 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_sm2.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_sm2"); + +simple_test("test_internal_sm2", "sm2_internal_test", "sm2"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_sm4.t b/deps/openssl/openssl/test/recipes/03-test_internal_sm4.t new file mode 100644 index 0000000000..34de203ace --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_sm4.t @@ -0,0 +1,17 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017 [Ribose Inc.](https://www.ribose.com). All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_sm4"); + +simple_test("test_internal_sm4", "sm4_internal_test", "sm4"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_ssl_cert_table.t b/deps/openssl/openssl/test/recipes/03-test_internal_ssl_cert_table.t new file mode 100644 index 0000000000..334e47e7b5 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_ssl_cert_table.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_ssl_cert_table"); + +simple_test("test_internal_ssl_cert_table", "ssl_cert_table_internal_test"); diff --git a/deps/openssl/openssl/test/recipes/03-test_internal_x509.t b/deps/openssl/openssl/test/recipes/03-test_internal_x509.t new file mode 100644 index 0000000000..972ff65fc4 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/03-test_internal_x509.t @@ -0,0 +1,16 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_internal_x509"); + +simple_test("test_internal_x509", "x509_internal_test"); diff --git a/deps/openssl/openssl/test/recipes/03-test_ui.t b/deps/openssl/openssl/test/recipes/03-test_ui.t index b1065d1bdb..cf2f5acdd4 100644 --- a/deps/openssl/openssl/test/recipes/03-test_ui.t +++ b/deps/openssl/openssl/test/recipes/03-test_ui.t @@ -8,23 +8,6 @@ use strict; use warnings; -use OpenSSL::Test; +use OpenSSL::Test::Simple; -setup("test_ui"); - -plan tests => 1; - -note <<"EOF"; -The best way to test the UI interface is currently by using an openssl -command that uses password_callback. The only one that does this is -'genrsa'. -Since password_callback uses a UI method derived from UI_OpenSSL(), it -ensures that one gets tested well enough as well. -EOF - -my $outfile = "rsa_$$.pem"; -ok(run(app(["openssl", "genrsa", "-passout", "pass:password", "-aes128", - "-out", $outfile])), - "Checking that genrsa with a password works properly"); - -unlink $outfile; +simple_test("test_ui", "uitest", "ui"); diff --git a/deps/openssl/openssl/test/recipes/05-test_rmd.t b/deps/openssl/openssl/test/recipes/04-test_asn1_decode.t index b1112e13fb..4a12b765ea 100644 --- a/deps/openssl/openssl/test/recipes/05-test_rmd.t +++ b/deps/openssl/openssl/test/recipes/04-test_asn1_decode.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -9,4 +9,4 @@ use OpenSSL::Test::Simple; -simple_test("test_rmd", "rmdtest", "rmd"); +simple_test("test_asn1_decode", "asn1_decode_test"); diff --git a/deps/openssl/openssl/test/recipes/04-test_asn1_encode.t b/deps/openssl/openssl/test/recipes/04-test_asn1_encode.t new file mode 100644 index 0000000000..dd8121d555 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/04-test_asn1_encode.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_asn1_encode", "asn1_encode_test"); diff --git a/deps/openssl/openssl/test/recipes/04-test_asn1_string_table.t b/deps/openssl/openssl/test/recipes/04-test_asn1_string_table.t new file mode 100644 index 0000000000..041f372157 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/04-test_asn1_string_table.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_asn1_string_table", "asn1_string_table_test"); diff --git a/deps/openssl/openssl/test/recipes/04-test_bio_callback.t b/deps/openssl/openssl/test/recipes/04-test_bio_callback.t new file mode 100644 index 0000000000..1422cb6e21 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/04-test_bio_callback.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_bio_callback", "bio_callback_test"); diff --git a/deps/openssl/openssl/test/recipes/90-test_bioprint.t b/deps/openssl/openssl/test/recipes/04-test_bioprint.t index b86e828f57..b86e828f57 100644 --- a/deps/openssl/openssl/test/recipes/90-test_bioprint.t +++ b/deps/openssl/openssl/test/recipes/04-test_bioprint.t diff --git a/deps/openssl/openssl/test/recipes/04-test_pem.t b/deps/openssl/openssl/test/recipes/04-test_pem.t index 48f62ff897..c321611119 100644 --- a/deps/openssl/openssl/test/recipes/04-test_pem.t +++ b/deps/openssl/openssl/test/recipes/04-test_pem.t @@ -76,7 +76,7 @@ my %dsa_expected = ( "dsa.pem" => 1 ); -plan tests => scalar keys(%cert_expected) + scalar keys(%dsa_expected) + 1; +plan tests => scalar keys(%cert_expected) + scalar keys(%dsa_expected) + 2; foreach my $input (keys %cert_expected) { my @common = ($cmd, "x509", "-text", "-noout", "-inform", "PEM", "-in"); @@ -104,3 +104,5 @@ SKIP: { my @match = grep /00:a0:3a:21:14:5d:cd:b6:d5:a0:3e:49:23:c1:3a:/, @data; ok(scalar @match > 0 ? 1 : 0); } + +ok(run(test(["pemtest"])), "running pemtest"); diff --git a/deps/openssl/openssl/test/recipes/05-test_rand.t b/deps/openssl/openssl/test/recipes/05-test_rand.t index 3b175fac24..3ae254031c 100644 --- a/deps/openssl/openssl/test/recipes/05-test_rand.t +++ b/deps/openssl/openssl/test/recipes/05-test_rand.t @@ -1,12 +1,17 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html +use strict; +use warnings; +use OpenSSL::Test; -use OpenSSL::Test::Simple; +plan tests => 2; +setup("test_rand"); -simple_test("test_rand", "randtest", "rand"); +ok(run(test(["drbgtest"]))); +ok(run(test(["drbg_cavs_test"]))); diff --git a/deps/openssl/openssl/test/recipes/05-test_sha256.t b/deps/openssl/openssl/test/recipes/05-test_sha256.t deleted file mode 100644 index 071a45c68c..0000000000 --- a/deps/openssl/openssl/test/recipes/05-test_sha256.t +++ /dev/null @@ -1,12 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use OpenSSL::Test::Simple; - -simple_test("test_sha256", "sha256t", "sha"); diff --git a/deps/openssl/openssl/test/recipes/05-test_sha512.t b/deps/openssl/openssl/test/recipes/05-test_sha512.t deleted file mode 100644 index 4ce585ce9b..0000000000 --- a/deps/openssl/openssl/test/recipes/05-test_sha512.t +++ /dev/null @@ -1,12 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use OpenSSL::Test::Simple; - -simple_test("test_sha512", "sha512t", "sha"); diff --git a/deps/openssl/openssl/test/recipes/05-test_wp.t b/deps/openssl/openssl/test/recipes/05-test_wp.t deleted file mode 100644 index a042898f38..0000000000 --- a/deps/openssl/openssl/test/recipes/05-test_wp.t +++ /dev/null @@ -1,12 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use OpenSSL::Test::Simple; - -simple_test("test_wp", "wp_test", "whirlpool"); diff --git a/deps/openssl/openssl/test/recipes/06-test-rdrand.t b/deps/openssl/openssl/test/recipes/06-test-rdrand.t new file mode 100644 index 0000000000..24be8ae969 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/06-test-rdrand.t @@ -0,0 +1,22 @@ +#! /usr/bin/perl + +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; + +use OpenSSL::Test; # get 'plan' +use OpenSSL::Test::Simple; +use OpenSSL::Test::Utils; + +setup("test_rdrand_sanity"); + +# We also need static builds to be enabled even on linux +plan skip_all => "This test is unsupported if static builds are not enabled" + if disabled("static"); + +simple_test("test_rdrand_sanity", "rdrand_sanitytest"); diff --git a/deps/openssl/openssl/test/recipes/10-test_bn.t b/deps/openssl/openssl/test/recipes/10-test_bn.t index 13f278e703..a663009ce9 100644 --- a/deps/openssl/openssl/test/recipes/10-test_bn.t +++ b/deps/openssl/openssl/test/recipes/10-test_bn.t @@ -12,73 +12,17 @@ use warnings; use Math::BigInt; -use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test qw/:DEFAULT data_file/; setup("test_bn"); -plan tests => 3; +my @files = ( + "bnexp.txt", "bnmod.txt", "bnmul.txt", "bnshift.txt", "bnsum.txt" + ); +plan tests => 1 + scalar(@files); -require_ok(srctop_file("test","recipes","bc.pl")); - -my $testresults = "tmp.bntest"; -my $init = ok(run(test(["bntest"], stdout => $testresults)), 'initialize'); - - SKIP: { - skip "Initializing failed, skipping", 1 if !$init; - - subtest 'Checking the bn results' => sub { - my @lines = (); - if (open DATA, $testresults) { - @lines = <DATA>; - close DATA; - } - map { s/\R//; } @lines; # chomp(@lines); - - plan tests => scalar grep(/^print /, @lines); - - my $l = ""; - - while (scalar @lines) { - $l = shift @lines; - - last if $l =~ /^print /; - } - - while (1) { - $l =~ s/^print "//; - $l =~ s/\\n"//; - my $t = $l; - my @operations = (); - - $l = undef; - while (scalar @lines) { - $l = shift @lines; - - last if $l =~ /^print /; - push @operations, $l; - $l = undef; - } - - ok(check_operations(@operations), "verify $t"); - - last unless $l; - } - }; - } - -unlink $testresults; - -sub check_operations { - my $failcount = 0; - - foreach my $line (@_) { - my $result = calc(split /\s+/, $line); - - if ($result ne "0" && $result ne "0x0") { - $failcount++; - print STDERR "Failed! $line => $result\n"; - } - } - - return $failcount == 0; +foreach my $f ( @files ) { + ok(run(test(["bntest", data_file($f)])), + "running bntest $f"); } +ok(run(test(["bntest"])), "running bntest"); diff --git a/deps/openssl/openssl/test/recipes/10-test_bn_data/bnexp.txt b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnexp.txt new file mode 100644 index 0000000000..664f1a9af0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnexp.txt @@ -0,0 +1,30 @@ +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Exp tests. +# +# These test vectors satisfy A ^ E = Exp. + +Exp = aa6d7ac431 +A = d0e07 +E = 2 + +Exp = 12d416b110dbb4e467ff0c89a22122f4da8240 +A = 1a18cf6 +E = 6 + +Exp = 49a3b33e23d84f1ce0d5d83f5dcb651d50cf3920f0143da2310d0512a90a06cd8f38977df8a756c30883de38df092000 +A = 2a3acbd2 +E = d + +Exp = 5b4a0d5a956f885f275712b194459980f24708bfb6393d71bd37dce852ce455724f5ee5030775fb86b4295edc98afaafc097e4d82a97c0078ec0eac763db16549c5145c4cf2d3124f88cf9a5c71da0625afb99b26801786fe49a778415dc025954021753d08691947a208b613f0be5c1 +A = 54b3ae461 +E = 1a + +Exp = a0ea5f6a4de49beb8fb7f0dab280d6a32c5a3814c9a5153a7944cec0a9028497846a8a89044348721a0bb5f0c3ded3e980574ea321b0cdb0ead4f4e93841ea7478a7f15d9729b646a8165813a0750e8124f5465dda9b105e1bbeff18fd09c09a2e26610d9176d253b877c3a8908a6be521cbe1e472a7a1b7820e4e890f8f28aacd34609c686e76e15b01bd9324a71290812724ea564d11c874a6765b262c3e57d479da0287a76026a1e8fe53da0b02405da1d379eaa30fc65f +A = fccec0f6df +E = 25 diff --git a/deps/openssl/openssl/test/recipes/10-test_bn_data/bnmod.txt b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnmod.txt new file mode 100644 index 0000000000..5ea4d031f2 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnmod.txt @@ -0,0 +1,2801 @@ +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# These test vectors satisfy A * B = ModMul (mod M) and 0 <= ModMul < M. + +Title = ModMul tests + + +ModMul = ae2ca2ce7addaee2e2b7752e286b2bb6a58b51cfbed5c924f00398e59ec36fe6341cd83da43a33a12410f45f6228079c4aeb3912be87e2e81fa1799151bfa0fea29873097475b2c3efa312145d0bf7e51b2a7c9bc961a4f4dcf0c883ff90b919b87c21099fba40257645be31f95a3a277 +A = 6b18497fed9befdf22a01d988d34213f6687d8a96e86c188dea4172e7c6095a0d18d3c86c0f5a1af9c6e3aaeb6baac2a510930b3ed06ec78ec2e12b +B = 1a058d99397db0d209f01212dd4023ae01b15da04fe62d1f76f21622b2695558c67d706c535ca7f19b36f8ef2d508ffd6cf6fcf25e5 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = c462c7cdd79b7604246a0cd97b40ea5a9a77408f13cbb548b56ee713c690dac0507fd988bf28e77462832f4307b08564a51510d4a951c1ad7564316dbead2b53540090827a8ade8092a6133af0e5fac7310f787dc1472836178ed6992b9f71224da3e884bef8e8379a58e6d4be0fbaf59bc520f786631857213305e23fd5ca65 +A = 16c92f77c139706430f396f72ec7adb045745cd9f5899b0074d9955bd32de66f57c05c7929b575312a7f1c04f19e724d64744bff7b31ad0e6171437763 +B = -8734c4a2361fc530f60b28a5f1c7e93136c5ff6bfc7553965eaca54c61e6befb3c0f8cef4280e780cc5940d21a740debba31f863ded75 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = c462c7cdd79b76042469eb41a7a83115eb84103da4ba438c3e33227631dc185054ba4e607141d1e60990d8aad4e0bb0ceb645ce9ccdfe72d4738cbe1f6a73ed3e070194fa4feca6001c4a853940a227d15c1f1cc153d8c96e90e24805929fb11e0665e0c41c77d5a97fc5903a8b215360e26f6a19922d650f460f7056274ee92 +A = -6715098ab2ba3ea1e6341e89936e3ae913cdd450dc831c8534071f3c362841e47d88f2cd29c0d1239aa0949f3685f12f8519625bbf10b2c7a515e6d00942 +B = 536d4b3e4815ae5ed55bae6950f5a8a61d52439d2800ef1b5ba2285b85ed0f6ec4af9fa0e364a6b14f6f6b8bebce9200467804e787f9f3e9 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 309b3e30f74c58beca8b2c23f64fe1203830db8a7e306e1fa2e2022f0d6d422851da509d1b2936f088f0e35effe12a7463f47ca369bee2f2980bc48dd8e696b2d8c6f35cf55fb8baafc2e613b4c684de26129cf196741aab873f81e498b1e03018a539b5eadffeb5953029f31f8579df7ec0ff3f752491910 +A = -11fec955948e007b59fc50e729941ee9d43d552b9411510b73f6b4faafc0465f261f8381d96f647267f72175883172918b5c866cf1f1ffc43c55f3c96a60c01 +B = -2b3792f39499767e0a8b7a6a406e470a78f97ebb36765beab5fe52e95abf7582736db72a2ebfdb2405e3954c968b350a459ff84ef815dbc5910 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9143ec3e9f74a8eec476cab17ad8636eaa7c60e108e89ae0702dbdb2b255a217ba2530c6fd52658cd931b962054a9c20c8713976ef3b7989c40611cd25b0a9ad0635d61f6dc95dba6e0c4a7d53ff539b623b97ba3d66344fa324f905abb861c6b1e830c4b0fd5f6a4b01f09c8e1408941291b2285c4625267a108c +A = 7713413d87f1e50840255927ff27bad79e5de5898725a876e4647913158cda9f5fa031dd7fc11d2e8130a0ba99e8706341c1a98d5fee3218763ceb1d131e9cdcc +B = 1384e60753dd4bc20cdabf398525e7c4aa40065255c5058cae0b2ec90a3821bea8de672a712431aef5864eab719ba621cbbd8b46fe86fb31286091 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = c462b3b4a0432890d141c0f46a28190a2e30ebb2e4ba90ed132169cd72316b290dbf5c261984d98e63eea6525fa890bf52185ad7f164cf49f67ca91c2f35511f3bef6eb7f3da31a602a78e4752e326d79dea729f4ca6438f2aa65eff44bc60979b42e44f6a301cb5de8fb42abb47bce5633c6ae9479d39c9e8b507d96161e0fc +A = 17d806d7c76aa8acb051fd9c0c782443f1b1b6387455f7cfb737c41658d0459bda5d13587055eafb87ad8d209bccac1fdc392aeca0774ea48799511c1fb9141cad2f +B = -d7c9b6574354e131de4b8643d766641e98554a03238ebfce1112c3da5f049d6c410a7f05758571aa2625f7190b936a214797570539317b32fb94cfd8 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 16c84ed15ec6352a8ce6d5c2bdc0d9f13b333072fc7041146e944a29391f83e346b8ac0bee6dde98a420ba4f8852801d7c5bea6f1177a6cbf799edf2146f8297013e0e796917cc967786788ff12d9c1d07d9ce4b897bd22a1b8a391d3b4ecaa5b5c85d0a03aea5145db6350c42a964a41ee5f83e7d35e14cf442e5d99ccd0ac8 +A = -6d84cdf18a2f53fe496248fafef183914d55c42267af3dd42a39515e80cf29211fd58454986f5fb6afb56170dd9865d3158249090270bb9af341c830522a4dcabfd494 +B = 6f6f3f74187b7d74dee92f79be864d0a2c56d4bca3283742e9cdf15112c8f4208e3ac8ecc98b44b4ad74b0671afa4aa9e48dc31d34224a1f66bb2b4658a +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 8fb782e4883ccf3aaa2d3e020b08993d580c69ec8fe66ecac152c5babc8aeffafe406736cea492450fe6adc25dfa2e12723a3f9baeb02fc0f785b3db760ed28048e1710a78a2ae0c96b67c109c5034375a512b6fc7906847253f66316baa0ef90facc9ab992235153684d49d6939ab9e91086529494d7386f604ed69aca2f53 +A = -1f745c8f0c8fe6ce3f893d77fb274c61b72b2d9f9c5a2eb2467bc00d1f496d0ad469d76bce318bd64ff1107ee5fcad4469f84d658586a5789c068b0cb9b866d8fdcbcac5f +B = -3a2347b491813252e8ebef1bd181534b074a368d076b8c80bde2e54ec3b4ec99001f43080c7857427e069d99b1b65cff998a141ca6963aa5fad1ee632986ad +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 7c0c1c05ae1d6420bd93596a01aa0153000ecce660a8a14d6fde7d4740719cc495fe6681a9a08163b2dfd51659b3ae7db0fbe09504370bfc695457d7b32665a4df53e879ac817bf715d5bd6ca0e242b1ebacb1ffd6698ec90c442910a92b35ec103b345f9a9e5c7b005f8028da4dde80f36f6f6e5675040d19e46aef06040eb3 +A = 4c09264420a9452c6f0b55baee42c076aae5a73697cc6bbb88b7c922f236ee4c18e477f88e2c40cee03f0bbe87d3ac8dffd75f635315f856a3881c6373e8b9a286c813325d3 +B = 10474ece7ddae5c53c4df5b594439124370932dd94aa5d5b4ddaa233b1a55634fb7d72e33bf1b02965fa9d1538f97e1cdb5ec0477cec8ebaf202aff8533211169 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 481543f1556df756ae2e422ffe35aae020c9bde9e9b1f760b43043a4654de363dc67f381c0df1c3c1b90edb4343c47ffb8345a1aaf5dae56f446fee08a0b9ee8c42fff57143e10846610a9925be96418c4c957b4e92af734b96fd6f21974877dba52a0db1fec4aa97640e357434f95ba74b6b8323cbe17118dc489552844602c +A = 11bccd165d9fa2d8b01a48c0ec549a6e600396cd2023f0240056193ad27e971c604eda8aaed6ff6be8be1001f3dbdc8655f1ae84eceb963938ae7bf428eb5c968f584798c1bd8b +B = -cfb6629ddfc98a242e3290959f4d0726c0b1770b52393bc7488a471a90f7f0951362c03e67f443c9ecf4987f5303a789bf65e0fd59cc5eeb9f5d4f40d3e4a14080c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 2a770ccfbcb2bad207d0e2dfaeed04b6e7509daef00a1df88e57509451739a8a0f15106ce8b53d280a4b4e09900420714cb6961ebb0e00e88567c5df50d2f2908b4bf8e0a9a5a8b3c6120503c14f16a99297459543c467dcb67915e0a10e19f72ed5b6891a6121b66abaa602818801d3306630bb04ea57e6b31b2c05e368d398 +A = -442c80289bfbf00db06eafbf06109b55f99786a323fc2c6db5686f99094cc24aef50475841243ec3ade2a1e0ff28b4032fd8afb8bb5e28f3b2863bdb9fc8f033adbaeb5f2ab16fe9 +B = 6d43e3c46f4a55d49e78f40d34033a7f5fcbe50873930e7c5452b6b3b176534e6e70033868c85b4d63052964093214dfd0bda6a84e893b1aae3cc72aa83d039e51c014 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = ba0e8c91a86af1001b13deb115c77609a1e7a3736a6b807255aee898e3100f469ef6222be532dedb1b8d3db4b3b55aa4b5da5629c83e9b2bde76bf2f2a4119a5378b5cde000980b3e58595d988ff776f0388fe025625ccf368e20914fa90dc771c826e4a836b2890e82ac2274471d586b4de5dab3278f0e70207562ac6e6493b +A = -14be403d28c8451cac4dc83fbf895a9d2b74f730c39b0fcb33d7258f99211dde31a78f182ad1d27a559031d67d6f2f94a741f141bab80fc692afb452ee2d502099ebd5760ccec7f7ebf +B = -2742dfd02134594edc6d3025aba5ca4a34dfeb43821ad84164510b43be4fb95748f8d0eed7bbcbeca14efe843fb676882784bb36c889be29bdad9270e0956286552119561 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 20c691d6544912fadfd9894cbfd42745991f39a29cbe3a1cdd302bd0487bf70c0179b9579b77f8481bee13ddbe42f32d734b6118af92884c946ea8576f6dec867c1c251c73777cad7c7c76e90da00ae07f96c8d6a751e5b18157dac4468c05d32eb86e74e0e8312bef85905af8193a3f5c799c5875badbc9eb7ead1258e56d7c +A = 7ae9b4d5151b11bb7bd4d1569a6f4804f3b4d77948e0c6300e4f28d51c9a0afed2ae7503e53489edca5359e2b3d0c82a9cef316cd7e1c1275c31fc9c51a8c1e5fdf23935484e467d6460d +B = 1f46f88d39fbedffa8501fa1268bdf3460aa98e12b629da59676e61852a4d3f8c59f72a2fd717fe2faa09639bc651ba516cd39297e0cac67444ec57c0db47c2a4e250033d02c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = bf21b3cd55c0df8d4d568d00f757b10ef3de782ae71b289cb2b59d36df1341382bdc1825ba13199f2cf279a72968b3bbf5f7e3d13ea9adeb96d81132788231fd988eef04828119dcca21ec1fe844998909cc95a8d01720e883df27f07ef4dc3f09081015dbbdf019b96707c18b0b1db6e689e8f86466a2afea4a9cafc576e10c +A = 1243b14aa3d16a55935f6f8ca49295e35e7f75b03de7192e1e8a479abc0a430e0d340acc05eb9a61a5dcbfe3ce3a4c5c940699f5043e924f282bd21e341edf8b7a6741c6ac72d7587a9e7a60 +B = -bcf08b2153e8ca911096189e35dbdb21b77ce89685484f574c89f1747612f39340bf1b204a23530abb36b2c5e195940b86ef1252d6729393c25d4c73dd434b6dbc3057b05d3f15 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 460539d96c07e72acba5b59c88fe904bf7f1e1648612908444b0b08172d05968b31b43456918b4287dbe01afc3cb4860d9c2fe549a580c989b6507094f6c241eadff910d2603f747f8e289e7a8176ca4a978bba89288a4cf875bf3e03939af966c54e77c28119a39d34a2b7055465f58ef2efe7c82ac547fb675653198e4b504 +A = -5a44cb669c055ba7c28d49f84bf8d12179aa30bbb9db2a48d7a6b09e44dc0e0f7471e3629cd2fb51e5a53346ae025fb49f9591ed1d71bc79daeb3f1254342d8a2b091ae07a758c1555efe59e78 +B = 646cc0f766346aaecbc5147a4488ce157a6d844045b80884eaee9d419087285fa71108b5ab4a05689aacc8d2e3dd0e6714c55eb8f77487a3fc5e56c3c2df0c4acf28a457051118560 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 79b536f4f30f9f7483f90e65e6456ef8072d9a7430405cf8c9377ceea2c676afc338837643436d55ac6af2326ebb362684bccc5092367209822581700d641cb8d331432b761e4c6e22639a27335f45a25ec019d180fc53dfb53d69216d7cfaeaa07db8288adc35b7bbccf2829631c1eebb821e4d3299015c3d462dc17aee5024 +A = -167529b1e8668938ec02a68bf4d76c22dd018c41e19be25e2f821f63c2046085d0af30d8b4212ea0f3f9943be1c14fb2d2a944551107cd2bbf8dda5bf258957325f06277036282977db4575b0deaa +B = -378e1be10a57e03b197bc2b1287d643ba6d89da4bf6a6170816691fb6529c602eced237863ee39659be3729825f032a57eb5de0a87b0894d1a1244523e85b6f50a3d9976dbb038490e46 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 658169197ddd0bfae101c10c3e6a2b10dbb456048e81160b47b197fef439b1e0ed710399cfc80ead8e436f1c0399064f92da50afc335847515686e055fc7bcc0ca721184435955b896b0af4f4d96672ebed2f154538d49fa507b945c0a6ae926793751231980274213c80046666c28ada213a2f87509d1466b8d1b2122e93f8 +A = 49136d37ae8f3da71a6114327833e8aaf3dc8b5a9a27e9d04c953988456e525263f86ba94397321c2093803b789f8db3ed7cdba19c4b796500b979e02952e1625246f8e977e01fccc133f94cb22832c +B = 1dca005663385fc00b4fd58c73adc7589d15ddbcb8cb2fba03a737a320c447a2b21e576ceda73811a31d8277883fd31e22f776bff3261a098ecf8f40f2855b0c723d1265eeafb43f85323e3 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = a49fc8084f3e780537b4038bb769b8db3653a3315298a99c2ede6739a1732a636e9787f2e8b09d0b9bea08fac43cccca71a315e6f4a7d6417d171b4693dbdbee8cd9f95be0847ffd40ff027267125d67b89737e1d0365bef6c4429504d13cd8ddc7810f456d6293c0c57c14a307b94010d79d5c13b92a907f923966fd3c5c8ea +A = 1e7d8de2061cca59d1cc19b356a8fcdf2ccf917e0d81598f014167c5a8de027ccfc8f2cb8c37c396ebaac83ba862c146bb2d551d10ce03de9528f97725804e8a6de57b9d9da811200604c2a032462b6ac1 +B = -e38592f3acd75b575f64ced439d5ef2377d21c61bc70625639b01bf755fa2c6de803ce155744993493debcd4de40860bbfcee86d0b117d7f8c3f8ace68b67cb6fe7a81a145535553896424f7a +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5a99c8a6afaa97d8e7d84f4899803c7786b1bfd2ecabdbfbb3bbb92247ff91ac213a72f6d23c24699d60babe91a7d9cea751e686c027fa1c954474fa5680f0059118426c71299462b11de5f2817d190599cc4b352df4d2e80605f9ad1e32eb13712d3027a2b6a19d52151e37e7fa057d8fe59dfc8a943a42a1756a38f103a75c +A = -7df29221e6a102e32757c18f87927cdc90ecb012ab0557e0ab855daba832d76ddf595b9c5a62988ca968b64fd5bba2a147a5991810c17cae7edfde38bdbb7e13a1fe5206724c05a9fc9276c8d4e503a860c7 +B = 5c586d1aff7dafea3b8ee42e0e8854712c95385374b5bd1fc8ec41a72b296e070940c4160509a4a1699a678533ff3d12299338fc441b0f01e29a48677bfc5aebc644555285756e97c74e1af6aaa8 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 21fd2d881b6a52332dceea42664aeae1ca110512c13bb33e25ba4ec0f39f80eb73b1fa0834c998c23a2453dbff971eadb183c51a30ba78d593f23be9cb6b2b33a554ef31e4a36e0314fc2ec889f18debb956b89d1bf8172553271bd56d89ed0b30abb70e68abaa2c76f73cd5a3de93433747d09c845b5f8843f9fdf9f6c975c8 +A = -19fe3bdddcf08190a037768b77666de803ca4f7f0d7dbe6aaaf334a486dd0da7ca024d1b3df11e0406b0326595a171be30b04574c1a7d04f4d2ccd334663690fd20e4fd168386280510a00a70c1a11e99483048 +B = -33b2400173c057980b0e0cfabbda1a5cb5b83b7ae80708c199f28142237f04b071c6eeb63d42e80eec04b76152250c9e4d4c4f19a048cb9815dce6e66710fad1d27494db5c31d9af37d2aa779d12d7f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 1c45cfacf30682a876cfe253f05b393a2cd4dc065ce73126508ce897a99a723cf5145187643ee62d746f6edf70269ddce3c348a1432316286a648ee9ac31ef87feb14f25c42f2dfc2e84bb5bdb4ec0124e249c526c55ff2cd0ae938555c5f86d856eb181572ed01dc045f1ababa52d249e56aba0ecccda905d7d1e64bf89bfe8 +A = 6a40d948eac2fe5bf6db15d7f6b89fdc0712e32d39a881c21859e8f7722391ce05973efc7c40e2c0d7f56c217d8a986bfdb08bf87bc0435873cfe4d01967c46f7d39464bec411d0369f6f5d1d83f42596fa47451d +B = 12529775e8253ba220d890d4912fb95f91e4edb59610e889431208b6bb42b089cf2aaa12ff9ff98c2482e7f4cbf35b22d15fa28aa288217bf766e937a706fe1e600143087b0a67f668cb7b762c9b9f38c0 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 3b3b08e8eda8be3918bf648227eb0d569dd898729d9cd54deb32b1a1dc69cf7b2c4184c8ae9641f0f75950df263a5e236f428ca86244e617b14a04edd0f31c02bd4d84f25bacfcd4a2786825f0361251475eb6c7e99020dfee4298a1f1bc260d4e364a332bc6f651dde7ce5026dbeb0e5aa75ee98874da54c7930108ad28e3a0 +A = 149d36918fffa682cf90c4d3f3d48e6408e7ddcbeb44e78b9cc7fbb08108f65215761a61d79f37ec8f67cc51e0a9b4bcb3834b0ebcf6734985153f29a2778473b80147eddc813b4fbeb98843f5c1ae6cea68f88dbb4c +B = -ca87f66182e271a69c0964eda92a009d438078b584c3eede28ce1a501838c5f497186d305c09922f32ba858fb55f2a0dbfc9cd0f93b789c1f800cf092726d6d33db19e4f26c7dfca69b83925db14544ebfe2 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = b199655160d88b6b4157ada0e5675f82b33b5592408bb57c46e2f7d8791bfccaa51436dc3b772b83e907c20ce7edc2835ce96595b78c0647d244e9bad6f4184e0003eb0899e7a47ba0be888b9bf795eba95e5073a85c4d20416fcd4a8d4e1e16b403deb38845fb8bf9e9264d68807acf02d579e8cd104cf2bd555e6cf73d0450 +A = -70ccbb73e33a7cec30ef2071f3b1f2e008e70fd6d00fe8b7aa4b9146fc6d0549c57d984cd014c7e0a4ed6d33376998b7c2c9778fb9580d8ca4ba795c88612721c153c186740c58df3fa63b6cf7a4de76e049217218c05c +B = 6cf4168d44a8da8e8446b4420466fefbdeeaf9623a40e10b77547687b25f36916f2c18cf6060c03b3b40e0959479f6aad5e44dcff0ba799262ef53e280f4a7f667d262d472b2e573265774deb5ff8f25dc1822b +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 6ff91af444c61d2e2fe8ad73bdc5377d5becd55074eb60f0f98eca3d8f4be8c02f196b3afea12c36f78b78ae6a5ab677ffb7d9c0bd58987cca816affe468c7fb4b56055f5d2326532d6ed1c00ca2d052ecd103994e8929bce04e067082b4ded7e1973566f99c514b4e0d95b9a8a931ef4f6355066940990fead70208a63841f8 +A = -1c924bea12ad6f8b65abd1796e381fee2cfbec15138191bc22d57165928794bb080c83878fa5fd19a5d657b2fa91165459966f50aabf19440f7d75f027b32e999ff4d3f7a7ce878fe0f33a847d644d86ca19713ca9968d97c +B = -3abd4b281b8f25f5957d1f2fde904457d49a3a7eeceada26b454ceb4ae0e879135d376571f08b5038b7b3d73a9a9fecbe265b72375756a715a523ba66737085e5ef7a4ad988155adc93eadd5d95a0faea56914983b +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = b9076229b1a1241e8b4da3fe143ac31d060785be6ac1e841c2fa9683d2bacff2e2b5dbac33f58b0b1718ad2053c37ee55ea54a9d258ddd8930d2784852844d85db24e4721762839a5c73cfe588efedc8932ccfa585e1b5975083919be9e32a86dbdf5cef84d3d4b2ccaf7a006c0cadca1e35fff2da9da7d7e779494d8f85bf4c +A = 75eb0fe6c07559c2b0c7b2acd7d29b5798f6c4cda64a504ebabdf54bdc773ab28b218f0defc040016178958d5561796230b71edf49bbdcbd3f14494859843c8ca7a0f777cb05827f2839f3982832f4f3e3c5e50af17ecebbbc3 +B = 1b8aa718d61447003fdbaa748a9d86befdd2675a677cf34a1be7c81e4577f665d71135a8a243976a4f6ffa1636695567bde522f8fb1948033a7e0941f833d827e957781cb4349a08c6be418befc8959960fd5fc1b288c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9df82b7c34ca97a3a5d4efa28d5ed4f35484914dd73af9090c4bb31ea3496ece8ec650f4e7b07dc779c97e597e76e43cdadbfc6e72b61ea718c073be1cd204f8ad2bad0df1e530e75705f3d3dc285e9d793c8d42f04dc20773d3fcda8ef3ac1cb10d33d20a91add0358ab8658f49d2fe51d0d2d72684e31c0eef85e5695bb4b4 +A = 1fc2a171445ee6add5c2e4d29e50b91d83338f8d63c111e4d3e95f16d2a33be02bef24dcc3d6ce6bb8f1ef980dbf8fed409a0232c0566153014eef840aff58ed8c33e8d463d408f93e2f5381a26fdea63676c4e5397eba1d39f928 +B = -bdac7a177c77451104852bb99004ce8e617036906667258d85adcbe8cda21ab7d03aa7dcf62cb210a9db8fc750c7e1ad290b35473be0fd607fcdc686de0b78fd9f258f5b25e2ed43c2ad1a38859f882b9f6b293dc258659 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = bd9f3d2e8a1086b177698f87a9860e3a5f030e04a0bf4ee9436ac55e005bda01ff4ac662cb85d39e98a41c723ae542a83a936c3bd0280c6801ffda080ec0aa4230b45dcd0bc5eb41cfcf272028bce3572847637a92d1543bb2b8408e880f5b776e1cf14fa28d15cfb584f025596ff10c9f091c837a3aa622d9e5c856db8ac207 +A = -7fd5357cbee7c5e31fb62ad03bd47b705b574d915200fc7f1013d836b9cb683db020b152ae9464de6aeb8baf14999ac7025dde6173fae6ade325c60ec310eff6dc4130a8efffb15ddae90d760cb7f76a27d0368175d4a44a22f7f223 +B = 5894a0223e4aafe4efd4572752fbde4952c8b09cdfc35137e7e6ed650f8fdcfce9de673853dbf73730b159b2656047e69377d7c5025a6b346fb08831e64bc8bc34b75765012460d8135a4f7a0f41d768fb85abf17f5e2f5c3f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 2c61867bca70e8662c7e5435a5aec020faae86fb079b992bf49d8497fc5f96abbd38a6f04f6ca8510e0160e546b3f68b7baef4ef0f404e881771cc12ec5ed3e3787c2d2ad6bb957cc59f8d56f0afb4bea49cb671cb42f4e8a0ee1dfadb6fa14f84a5b3269dd33e20d658ea4cc39499c7a39a4b5650ad7018d32f97954610f676 +A = -1bf5ae15f24c7c14eb59605136a3f679f303cd5b81e4a27465281d17715afdc2c231d7ccbc59f80ad176f4e0326eb757b52e3695e27c6776d7936da47e3a8a904f735b151422029535045ef489e61ec93f02e6d588491c8dad1cc311f52 +B = -3238dcafb85ce557036d19e42e7e7e473de9f9da6f920e18845dd010546868d2652decc94596cd2c36bd16b02c02559892b9f573bf21ab18c3c75591413d046b385d08aa66d849ab8adc9fbf788e837b047a7ce2b9c63f7fbd263 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = c1d04b831b712d0619db462c3f3fb5973f5984e9a48493ff273a5abe17a548e185d751628899e2851e425a7d4b2c72d4d908dc813cd122b8f497e08e299dca9166f19752ff8cd9840a70155ed9e8c063a3840838b3679f96f1cd5f1cbf0e037d222029e02769dce7fdaea0bbb5417f85497d77c76a387c6b970eac15dcd128ba +A = 7aeb60c134e84f289e419b74f99a5ce5b4aed5fc630d5d591ac7643251ad32d6ca7f052fdf8857f67138262d221de644140e9018f7b84879d74883f8f251303f65e06bb52246ec6a912772cb698b47de41c1826ddd065359f6b9f1ccb0cdf +B = 17f81e53d9fa6201e4d3eeebb32267929cd5258d10f053e7c021c4afd17094f8ecf433b1ca752f8740f6d6bd84f801b1b9fd64bc4787b9ae5e5aba0b4318a63dfe27e92d5a3ade192af7563c74c9d6006ae7701240efdd6021a83cf6 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = aef89874854ed34deae1b77286f9cb0e3017e3ae77fe050bb244acf4f30dc03504c73c1a4d44b769709bdb53811a5d0f8a76a08e6a66fc2cc4e98537ad6a8049f02494305b89a49a55e71fcc3f5fc42d6b478456ada9b19ec0a03f5ccfac5538c0040092771660312be5e51996073ff1a506d7460c57d54e10dc2991c028606a +A = 18d3af14bbffbfcabdaabe44074b407d69abdd80a6eaa5954f0e45fac85af7ced1715c78da872f7a8fabaad3207e31f12b7195cdb25abef0a1e54d3b13349d997f207fe130d7985e2033cfec899a0af310c9827749cd22bd062eb0b1faa254de +B = -85a7d9f08a60031e689b0e611d7f7f46e1178eaa2e6459602e738990c77f4d3783ac43fc04d53504cf67fccbeb02f9846756f8e32fa4a9316b6d3b45f644254077bef096a72bcff17ffa17070a4355121cc5daa2f782fc0d0bb48101db +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 14a85edc6297763547702c212b1a8274b8f85d53ef35cd1b01ed51039bbe030d0a1b9626ae2f571a43f1224d723847a1c6708f2238f6f6fd75db6656e6c703a5acb57f69717efe8ed58a3713ba2720d8c001d026d83de0ce5e24b67c41daacedaadfe404aaa9b672f00562e6901fbd0710c4303fec41ee3338100beb36c9b1ed +A = -44414ec207060d105f599b9a66aafecc5b232b55214c1a5e1922f6b59439b3ff77cd3a327bce4f7406871196b90350e6dca9aae147ce03027dc4de7563c734f111d95171f489105de5ca80047cfa43f7e932917b816ba7d41fb95b4106745d700f +B = 45f2cea1b9b75880ac3ec206740cfe0ecceb488c9155cfacf5885a8cb49be78af8cf221ff8de2328f4880479c031f830a3c9eaebfd83f7de501b7c5cde03c4720c56a676d331b2a13c4689a2e34a43fc11f62825b8776e75d31225ca7ff65 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 7670c1e2e141d8f8f5466de8ae2e0ba2eb3eb7634699eab8415d3a37f8df291d00def88361e9fb64a2f116433dac3ac2764fd62f3201dce4e48a3b7019e5465f82241ffda29d5eb0462fde74dea3168f8993ccd4d090b9c31a5a6cd7e05f725bbc89479836b89379b422250ab049f31c860110df5ed69089716877fb0ad7b0dc +A = -15b4a2f808a85a5bd466a342c4853c04ac0ab73f8e53a4a0477f73dfeb8d7a911ab2eb5d3d192b9b084d0e38db491148947c66f838aa5f460c37341b129137614259efa531c0e6ffdf163ec6851737037a5299060418d96da035e6f583e6ba79d0414 +B = -3e94fdf22004384f7881875b1d8f58019ed8afb1b6a31f5d591e77b0998f3100b34174d6f3466da44b4c7fc8b92ccc5679c26c146b704198a65a88554d24291adcf897bd758a035361f671a82972b5962002c6a828792980f86a64547165327f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 35b49beccd8d2010a8d777c1ff69e28e01a1bb78c6466e717f0a934bb62f9bbcec5ed29f9cd2c14d240a6c33b28c986eb9c8912a4927605532483dcfd31a50876e1819f3d7a0f49bd276ced5c4110470244fca52d2611ed7e31cd8b73e749aa70743b39e92810b3b52320342a65cad3180f6e2966059d15f79e5574348f5f66c +A = 6fd078e3cbcda6a71a710e99204da640edc71a65974fc765999a74ab50a0e4b090d57ed0ee869c8da2cf694b6fab56e87c4af62fbe73eb8890bc066ec3460beba04dac3b8fae7e4f316e8f954c6e8d934e946dfdc9f4cde0f26bb3d40d5c444b03bfc65 +B = 14d8041a3b83468d2f44f150ad8d8d0a1a22035d630f2a17b70d5c3d557d3abc7e4d753e1ebfb3a3ba465520b84746073d211a67e079ec7f47c2cff9c06da69bb5cbafcb6cabe7e0018867c42e07931d6797d4499463e3cf786c6d5d6c8cbd600d8 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 2f6e0fed8a9720fbd83ce950d7545d2c6d5b271582194570424f90309227a51777cac974bca0ad3c1289ceb91cf75af73b0645cc20d71e7789144876b8c1bdd550328d9907accc316189e8ad81310848cddd2dbe362c9398d814a048f93f9368fdbec0f19ab87ad2a59d4066d738c3da3cb71d4716f2cd2336ad35ea1438276c +A = 14bda9e4aac85b0ab7abece728f61450b7779d3b5fb83be813758e742d2ad76597f132aed91e20a75c554f0d61ec4dd118eb733d04942b2548b1efdb4dd22fdb543d9bc1e4bf0574ae2cb2c46fb98cc4835b6a074d6df1a3bc5443beabdc784d542e3349ad +B = -efd765f8ffd72d041ac3244078b8dc4482233e9411b289cbc2cfc26fed2cf28e286835010438ddc9e7021ceb098b10c68bcc4732608ec1f4052df9362176ee14812bbf09ccf7c2882714ecbbf92bbff61c06e9dc35a368208a05dde949fa2cd091ce0 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 1f0c436379f6dff55a59093ff2a0626a9b959e3e3e59365afc33c7a7893f04bca863ec910c446957baa8de4e35a1f4e9c4a776ef41b053f03b775f327eb7e5fbe68bbb478aa4339ae703ee4b573d6931e47e09271d40239d527fe77098a7fbe519f5eda1f26dd6a7d0ee6833efe37187d8a85844690fecf9fdc3a4d80b921130 +A = -51eb34de29ba24d2b1fbeb0a1c324f4ebc69cda2dff971a315c0c2775d988b03ca29891ed0790f3dd507a1d26ead461dade9284613e45df338dd83aebfb66050465d8aee554970b43f7d4e0428e1512289fa1f9b23867b67095c455b66d536b91207b749189c +B = 55259a1122eb7eb611a69118d3d42c2f05dd228d71c0e1e42ae3a8d3d180a95b74150d844e916ac85105805126e4b995f2ed1cd3fcdf28e1fd241dbe3125dfb3e4d90556256eb513a2f7c9b596719c83b26931d92bfd3573560e8bf054138f5d6b9cde72 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = ac321a272d2206df4dcd6ed8ca194a1049c1e3a20bf325fa44809d302170f850721c077bb5d792f86f7ab03ca259567397cc2fa1429771190bb632ac2c92d3fccf6e05e13cd33149994cda5f9c57da155439663f6a13c66f9da553f5038fb92fdba186ed9ca04b8ec87cba4c5a68c8edeedb94e38a6dbe293340dee1a4ecc768 +A = -19ac99d7d51456b00a193b3b04693c7e5436e05763f0154768db078ea5111cfe9eda3451091af213b9c8cc649d341de66c12ab2803ea39655d3d7de182a77355ca444c5d2778f791d39952a7a11839e497f5dfd8a703df49ec4d7628bfc25a992e94a6477e6be39 +B = -286d1d436f113308be594f0f43d7a05120639152b7e2f93058cf602cbdbc016512bfd23f7aa937fb358b7b602d15998ecc150f2b9224c58527c0c1267739e065e24236771e2c683957871637468181e6e896b513569bd004b9845f0f0e4c26a5ca123365e1c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 3466804a1b7d1af8b6060aa93a4c325d9cadb33ebcc8bd991f9e44cc2cca8918411efeed0f005790d649382ec40278c8cff903cf3db177d24466c58cf6a56ffc14e595c36bfefaa2327d37f616b1466eb702f5c49170598bc361d892e18051b8233dbc5b3fd6832befd9a995bcef3b0f3beda6efaf09f7306ec203172e78264f +A = 6710c19330d3f974fc377e28039e0c0ee0a558621fd67fe724c326537c18c66dc5eec60980e07d401ad5556a05688d2dbe7b271f9d5eda3032bf7cb7c420e7b5d65a195bc037090b6fe83064ac3731624ce2baaaa62a6eb07156ca12ee51d4321988026cff573ede9 +B = 137ca18f47a151363a3e8c52dcf024262ba525ec8852e8e406f460fffc2cf88f1999b17a5821849317fcd84d09c88ebb6eb0340120f113d7ca5fbd91c6a40cd790bce7b422552cc0cfd2a6417add2501db1667f2802e5d0f4df824adbd033a90a155cebfbe0b53 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 6f248a70b2cddd9627b32fbd130f05a604866799365f94d97f1eb582b28192959692a870be7c2614536a8de84cd8c1364a75a3927ef9dddbb8c6c87dbf526f2d3a7916384f2daed96002831173fa4a51863c28b4378f99b1b201010581d5eabd66ad1e328cc4e647bf5e0588bb775e130b4a4d029eeeeb5852c5742862ddbc3e +A = 1f014cdd87cb33ffee623cf454edf2c476e91df279b4f0879637eb6e8e5ccab305186de67585595d34ebc195fb150408c4620cf6c7a0b0d9695ba0e0e1d7552ca7d0be3dd678b1cce2beedd11939891a6804770f1c843e16dc2ea6aa8e4043940c37fd3d950caa122845 +B = -8d8d9dedc80994fc5db04d8c935301e47054250fea9020bde8d5fef01f2307cbf458d5afef5210a369c396287c5eb453637a2d721085af3de0d75a5dfb5dfd22fde3b229d438439af7b296b9e68ffc982efc6c825556c52a735f8be12a214a06c4270824d5268fb6 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = a35ff7e232f047e575b200b9fc4c9253de6ac04c612b8a82c275a951075eace5e7d6664fe8f78301d554cebe7b996c1f4ec3ca59d8d12d7196eb3909223de94c220f0445d24233534af1c93433b05c5924799d2c781fdb88c4537bb8d442e6bf76b2d966827bfb4f40378a3f135103513da056bc0d375b1339561700d15a0227 +A = -58346cc8a9a1e5b8babaed8e7f59415388e0db654ea7cd465d96781c57faae7a8af8e7578e46f3a8de7bd1027188e1cc32fd1c0d60be24fa3289a12cd822a6c9a77dcf8799624856c27ba88fbdb047473274e651760581b44457ed048cf76c166d38bb9b2afd3416ac7e45 +B = 61951a16dc6466a9fabae99df29b7229f1ab96b476092dca1e4f8fc8e7404e2fba56ee66486d1f27f89bb3f86f271307228d7d6cbcff943961e177300b6acec1eeb46af1c5725f745a2d2af0fd9642f57a09c9ce6742114be0aa6e939e638bd5c7a92a7c206b2d36e35 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 90b441d8277eb1ed454964acf567067925881b5db0b446a7d554dc61ae87ff979bfb0e58ca1706123453e62ce31284a5a2db1228d259e27abc7fb5cc5848dbeb9a6808fa1b4afa844ab39b652abc41423c2833e1209a1674db518b6df7ebae315dd7f416df54e73088762ef64cc2cd0a08b1cb01c49d9299d149cbe84145a55c +A = -1ebb693ea7d18e0ff4a9a51124ebb78bfa3a4635b75a6387e9fc745a2325409f927324d1289be8a4f5cf2d5c04adc7ead20564f97e453287f03e5ab59a6133584f970446652d05a131d7d382c47b7cb97580ef6710a532dd4f5a0369dd3db500ae5a3c5efb587cf0cd2638382 +B = -3916ebc4653e7d6e0a4f1e234d765d41e9e948b5acd7ebc73cb595559c1b20b037a3c8da0a7aebfa5fd327bdcc922551cdb8db3fb0a581fa0620ca2d2559ccde3ebc44542b4d80926d061e2a35c08c09547e0cd587c396ff2959ee93ea64b1e6b7e2b624cdf445988e1f42 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 3ac61c3a028f4a2df6645acbd36818a2f76a3229d229ce22471760807585a909727411e8b68bfa4e76adc459409a101a1ce83900d46918e8d0903a163de87c07bbafbd60c7f536a62c59370ea53b6cea4384345343146bbf529334b4201ebdc7585b6e5eee42696400c9be9f496406a4eb51d2fd1b40466224f1752b181774ad +A = 5a16d5fb9047949684b80805e5d962bdb939d0d0368b48517a2a826679c37ee0ded4fa83e657192d9ae84294e450f7e2f2773d1f13395169582cbf95860891b9fdf8f3240a16aadd1198e884f22b2718219d478e2410fd4bb98ea534a3626201959af099fa55488f5390791bcc7 +B = 1f67066dd06ed4a49cb556dc2fce22814754885a7cf6c13915d974b46b0e6269c0fafd688f45ed2deeb026a7cbb772c080dfd577d21ed2c81e50e7537a70dd550eb94fcdf626500040da88c43dabce13c82a93769a9e0ef66a471661292dfd3b3af07169e2dc909e43678400b +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 7087dd62eed6ccffc7e1370cca9444dccc4ff160458941aa9f49dec1a2e9ecce4cf50ac2daf06994c5010cf225cc92238cd60e1aed9edb2befb0fb354ffdde94ef5e8ad0415bc95851d59095a5c4850ec52a74c78eab58309f395d3078dc481feb9d30bcd9f113af7a01611b94d085e32193dec738a64c5fe9bdfbf5dbc98cda +A = 13596eeefbf06e9ead8d883113d8ae6cc3da8b6fa13ab66681db5a9c083ef9e49d905ec19c39b149cc09452eea0446b29cc92d4e865e6f681827336945282fa6b276ef552363229a976c503b822e6e4a9862d3fb30dd0c3627ccb97a7046a6a679050a39166388a9daad5ec5555dbf +B = -a4e574363f2e5982cc087b38110d257019962fc166c2d6e6d396220bb308a8a0dc7d90c5cb2ab85faa19b07ed7dc11eae9bf2abde0a5fed279e77a717b43d35e70fec4e18445e37741262d0b0c20dc4375371d87d839d39934f1dc41122e815f3f37352d04d0cf514738b351f02 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 8495eeee238164082240ae1db1e3c1e36fb6621e6b714c9de914f9de8a587d7106b8dc5214f7c60c0ee231d7441e03cc26462e71adf8e29772ac95d0395722d2756f9f64daa8ed41d7ce824a572d7f9fd419112ae823b5b48b8aaae09fe093e9ed05918c4ec88ab159890910837ad0691849b44be95993682b2da2b124de39ec +A = -403f21e1a7911806747bb78a4f20c4e6572d49c6c4ce071db0c8c91ee985e68a16e60093e4628414b2673d25c9f13c4c43600633af95017e3846512197c9515aaf9953570ce5861620716b3d80eae7de0f033772fba82652484cb3ce7cc189d1fafb14e044e07a88da302547f2e623d8 +B = 689d1b4a968b7c00082ae3a29c8571f826c4630c947a7767fe4a71af43a5de84db9b5baec0980eafd0019e09de1b5c56173ede68c9a6acf260bef3d9a03f4c83a33106c94ca7e1a8615b3553088d1d05a62ddab0f1e5a126df5d960f67e3b92981022e1f0358c7970bb2fd5dce7a7c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 397df584bcd3b2e1ec7ed89de624e9d104bd6812901e38c5740755ce91bd54155c0b624c590ded199590be5d98bd1ad4acee56a62d05d6b5fdd1ade12f7db8e3eb08c4a5996450cc1204be7ba61b768af0efd563ea478033324731e24fedada1ad6e564238c891494e85ded4feb2165fda22f75bf120856034a9206511885fd5 +A = -19cc480d1e07523bac502872a971d78bb26955c5453386f5d51767150e229daad3ab2dc85e0fa0cf6e72389391fe627fd2d9f263f105508642eae5a095ec4d88545dc9d0a2c436907460e1ea7db174673000eb2e0b60d57163ced261bd0f6cd8ce54133cfa10591f1fd27996353110060cf +B = -39c45512fc7c9620194fb7ad22abea8f6dbff4a137dc4523115ad7e262934143cf1f320892f8c097a400d4099e787ea7041d0d69b6269d191fcdc8ea28340ecacab71058cb39a9c7362c848826b35ab560c27113fe53c497ca452397891c81365b6e7f07f916d47961e50b8c7c5cab38f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 263ab04c98efac12210beb66b13fec7c260c5b1cbc20cd732a511fb3786b917a617d6622847f4eed70f25982ef5d0b0d13848c62dcf447e3a1d491f4c80e69cec03cd318f6f93134d582210bfa81c1790562053a71091333348c6624d4d793fd6ef971d284a4ebf0be0771efad302015abfaf3edba017907f10ea14a46d9fdc4 +A = 7a354753e39b9ad1c0ad6b65575fc7247487f3ea320fa82d1d333ba8dd5d0ff925331994a6961c9c603be5775ef1842159551f0bfb34920b93d90ca60e6abd514650f77ee8ffff2bac0eecd0fe8ea0fffc6ed0285c9f3c3cfaacf338043975457d62f9c8dda8cce1e99f34529435016fe2ed4 +B = 1a4384f9620567c698ced05870b4dae983d8f0df6aec888353f9dd6ac8ad54340c3ba8346bfa47bac38897f3963fce972f6d55f3407ae03f5c7637be1a34e483e50dcc27148b76ef079f117104162beb191d146ec828ad5c5bde5ee1683a031d554c276d837bf1f2f622cd11baabce10212e +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 91cf4d1899e170bf75dda0d51a6481f79eb94c333b876382c9d04681073e949191223926523f6531f0a45765d7f382221eaa080d7bd05a3c19220ebe18802b15d8009714e8e4e9872223049622ca02040eb041707c7e525f698cc361847c66fe3673a72e4d701466bc374f55fa5437216eb59375c0e2c4f7020149d0118ea72a +A = 12f35c48024e8271e8f9a60a48b5a214bfb6595a837c041b230e6ac87a4c1d4b3f93a2d3a193c750c9857c8627d0f7c454d6c4f224dbf14a865eb83e990b1d9b8bfb729b8d3dedbbe9c95032e4d60676c2baa2aabafa698392590add3b83b521a7a5e7d6f8af207e44ebecd735374acd01ef5822 +B = -8fc18f92c0613d085cf3ee6f586b39b99ecca864bcbe60fffc63c585e5613df68f3534ad46e244916b1f9188507a3692526c9e403b8e93480b0a5a6297f65215f1a5d8e20631a9d559fa1acc15a98c9397761ce18903f393b10444ba51bc92ac44df90d4cf0852da9d75902230c6de6f26dfdb +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9af562a7b61c6c84c91bf979f32ba5d246d2ee2050f07ec2dd5cb3f9496bd37c3922ecb2b5b17085a13e93ab2dac6022077cc18c621cce3a2d2247e5e89de8692a36f596e5dc7a6969a4f3ff0d1580eed380e6550c6218c1938caa2b7ab401ae6f520063c811088504d60a19da3b5018d640ab8d340f35d1337a2ede8bc64bf0 +A = -63bc10b8fbcb391dea305fe61b404d3bebd035514a812d0e1d38daa3d67f9f1bb8f02d2979270cb9147aa51d66ca73d4b5787e472456a13fbe0d568e92b622439d33ad3c357a56dd26806ebda7b3bb592385ca5dba7e5eb5d85eed0a1746441e8d56e22decdbf8f4296e30d222da5af17c427e832b +B = 57a602bbdefcdd00f42ed1e2cbde2ba858d171804da56b0ac87081424ad1569df1308fee7c9ed349eb496d5409c4c46921f09ff0830bc9f57e920e17df16523598fd90314141955ddb84a1522ff3ebfa812cfeb6670525123476a739f64ebe6a5f1fc805a880f8e5a71b908c483a121b38d05cc2c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = b395c9f264172a3653af6637e72c4c8e564d1ce68032a5d761bf546e0c4b51b33cb026bb4256fa639ae98e54e5ff7d8921ae411497272b53d97c2c44b5b9ecc5aba43dde201f64f1d033056f19ceb0cbd04decb486a1d07ab1c64fd213d7eb6db9cd11efd743462e137f368acc4ca0b49a7f85587bbb5ede4be1616889e2699d +A = -1e71df5f04001f6468c3a192086bda948aedd19c5da9a5286856f30524238d95b0ae71940f2af123315ab5d2fc61964d3e970d5858b7c1a78d0f2cfd10cba7ba4830a8c19a09b59794ca5d7da32cd8376b5ab06079b51cd9819c0021ea41a9e43aee147befdbb17a92cac7c7767705fdd908bcd291fbb +B = -394c187308320ba1b14d91d75b8ff993dfd57f9c84e8185f12bf9924e046629ffcd7174879f9925bb643988259cbe9dc9277fa83a25012f91159b012f1964aefddd5a94ac6c2a55a22bbae93085dee079f84cea1d53dc4771901db9a3db5a14eb17c25aaf5377e2beaff6276cbce7cee97a9b8f32737 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 6602ce0fb5002eca37e85b60cc871b7b2eed13d38c20a37a6e0886ee4814f3ce2515f8714c67ad81e8c3abf6a00464e6a51b15e55b6c11296ada43cf459e15915026d3260cce8fb796241fc2b0bdd2b65ec04bee3b7ab6626e10597f3b13b43d16c34afd5b43a219917626c88b24c6f8392bde1b2e65a50b7f1a8dc5eb096702 +A = 4855ce75a3d7dbb72a257f6291e9f6ccc158647aeb2f8beb3e8fb32f6f59af1a46617b77440798562d6f58bfe826d3ea7dd28daee8f5162d7d24ae6c24c2deb2669b15898689ca789e2005903f3a94e991e7d3c8f3ae6181029d959bb15e71d7ba94d2dfd3ddd10f6fc49a65798b5f6ffd64682c78b5d91 +B = 15b3e9992aa3f042fd58ff97a8c04aaebf46b75fdc38caa9224394a1805cc26e4311bfb498d5a04d19396e98d11c8810620979362df82b23a115fc1711b57c7a56b8408e2682a2edca36cf9311addfedd2d0889a78cc1ab170d1379245de6f1f6f4db815fea9130463dfe5283f195e6e81486a1d39634aa +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 6a81ccd82f00d829bac186fb38b85097d52afa3ca83a026856bb83f94d6af6f6c6f3141d433f8fc159d11397df8d2f44c769f255cf8148249d8e9fc4f59ec3bc8e804d7d5189e71e20b8d0e540b59a2854ddd7feeebda5a95f17605e8bd5f311a63cc2e4ce23a51229d0a49ca04982c1bff79c201de6cc6150b690c98106a39c +A = 1f1589c9b5ad9d878631cb03c23ea7e94680220856285668838452a63b726e01709588b38e578da8a4845aa5cc2e4723beafa4f81a1a2e463f67d9a3e432de7064ba8bfcb943cd9efb0e5a136649cdcf5e85a667917075804991b997f318752304f4946d69abf161625ed0c03bf9abeb4ef28034f818e2a643 +B = -909dc7fcbd27d0bf7d6a3d0e2937ce725b5cca0acf78c103d633206cb431e2e2c785aea4bfe2042df32417143de76b71d21587112f36d067f878e556b94ef63d59a07d19647593efdba7f3f5324d64c55f93a283a0dafe080167f6576053f9beb326994f4a1d53e18e3f3e770e69450bb70f276d128e48ecc +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 69139f2e10726f83300505d15dcbad5b5f284d1c06789181683b7b8caf35dff063dfa4968c35facf32a3628dcfc19b3fa4c30ba0e030b06773832a2631529fe0c0c402e05a0c4e9446a8b6c22754c70ef540f90d903d83a2e3592169ce6b5edf939ac5ff25b8bd48aa2425321602a9571661a1109e275a3b3039ff0c2f430b18 +A = -5d02cf3969bff8789850ac898c00fcb3ff1fc49a22cb243ad18703bb8fae25f83502bcdd885417fe46e8237fd0b444712c4fdb8f4972dbf9278a83eb305efc7a8210ce55167c069d1c4136a9b66d0c4dfadbf036c079d12aa082fbb42bfb0098006136a61f3da43aba3d3bcf2f5ac2d7884caddd0cfc28681d33 +B = 50b369234d993721288662d83298d99b9052a0a66336a5a31b76dfb20ec2b5be3aa76f78b2c17c63d78402a15aacb585be5c8d2e7083145e316e71e111fd34f5c79363c4591c247b1a94b20ee042d840c42a3001d6c8dc7cc1e1348e0e3ea8c6551f9d24af2dc2d0c38a54ef065ff048b148ce4f11ed2b549c50 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 87de406a6c957e85c759f8ff684023a0f98e93ad4ffcbc6fb0038c7a7ceed2486f15f36555d286338aab3283aef677118f7cc3f88a7ff0ac9fed31da6786ce895c3c08d3edb652bbc9ac2b44c4cd24ad281ca3a8e8e6e4d730f4f0c25487cfc1b2afe222934eca8b1e1572780dcc149422a88eeb1bf31065c929685a0a97ac3a +A = -1878e0497aa1c2942a2e6956957c876dac73c4bdbf42bc92498f29a006bc92f788c24a4624b87324a7c8aedc6b2c0c8a1a442aa91557aed9bf2c02b6664979e8a9a21330dd839f4ba8f84515fa6f7db9287f7c20f31732b98fc09ee7796dc524870dc35851814bc57e1a8ac49d8935fea04bb08b8760df33a98149b +B = -32f4e94bd073cf3f70810d9af7a873996a0510109bc6fdebb855f27dcd012c59507491152d30849d75f95dd868992c6fbbf29b1d899cfd401e9e7f4e0436732cb4cc9e6a6d6b0cb63fb0bee21e422b7f7b7b14dc5d2b6d10447fc4add390fd3c8e7b06f1d9b181adfa8d04459ed051bbdc9666623b00e3871e597be +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = b456ccf9d066dcf4247a21c7f3820e324ac9cf004cecf8dd1f6c3aa40c2a33e24c423e97190fc71bb9fec21d36c5a687065a7877237a2a05e64cabfb3b20bfff0b1f5ef2e9adb7edcd7140d1047b0919a2c770579ab44a08e5ad9f63a06f90ec7d5885b91de5e524b2e187937609b4b81d40a0b33e31a48d7b9868add75286a6 +A = 6c484e3c6b530dcd3644b19fee66c41c7c2c1dbcde574d87ee13cabef9dccbe5b41e25c32c6a56df23f2e87176afd28249e5fcb918723707fca94d7e2c9623a3493d395db802a1b49d550f52c29666f785652fe81afcab00a60a5b50cbf523cd13dfa06d5a5b0809c68ff7264a2cb35b8d52284172c62ee658e8417e6 +B = 1b4fc753d0530bd07094bae09a02b1ea684fb4e8519086b1e2ed9d59af011f61d1b94ffca6f354a5b428417b328bb1e8af3f6c7ac9121dae58de9f1dcbaa9c73a357f408b870e62b0c7db1a72c4c440f2e6fe90b199b9dab29fc23927190d3f2bf8a7ee926a152e64474283695614ad696c85ea547f5f51d02d1b823e3 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5e7c63276f350f04816a6ed9f98507a78314f1d99081fcd906affa3b8395fb58d029ec657af82e77ef45611bc988095bba9c26f25f8fd404432fecd02398e69635f3315a824d6a98b33eaf6a91f12957a5e80cb48d5b086c795eb3b1e04da5432a7e8be3d683addc586a44b6243ffbb7a979bf9664cc7ec41e75f267d58a7127 +A = 18efe267d4c62576294f4ba44c67a058cdc0bb44c48f4035682b2d6b8a63106081af43d99098ce133f8d7f9cd04d4dd7414f704e32871d43d6e5d73fa9f447873168b43b32d6ad19378d74a967f92ec7629a690d29a62a5a6e734e9ccf5b84857a00d97b9db846b057004b03d88b827dde717fc30e6a5246c752d65dd625 +B = -ebaa580d3eef5361547c692e107439c8391ac0a2d1cec0cd275d0be69133eba8a94bd186ff9a129af3f5a015d5ebd30215643554d7064635dc11ec7a8ed2200fd637b099e534237f0495d2b629abd4c8f84aa1d925d53e98490d02f9fe51bdda08b043f67f0903c0195fcb886c04397d3612e4501ab8c7b7db69f781e169 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 76fcb39f94dd2756e8266c025cebe8e801524a757b976e35ed45e3da3db720061cee9037fdb34776c704ad2059ad8920e400bfbf10eca9bb157eca7750cc31fda06473bd22d4def80189c47ba32e2824c721425f225563df2a2ea1edd090e01c0bf980677db5a5dcad37d21a68e2832d1012586f506480e929b2fd9bb4aaddf0 +A = -75f903ed9bb0b6db8e3be16e797258f6c18f6cb7b16f835f04e3045f7e4974d7a86a63f2ec351c88fadc0635b6dc83a797cdcb5cce1a1674f89e44190991e0930575b19e2aa1512bbbf2ef6f8c3e707b17516756fadb635d8c6bf9caddeba14834b5950a4d1e98bca79a4d15e5fa5fa3c1727d7a49b33d481d32fb14ae4164 +B = 4ccc582c8460f7def2d26167b68788a681c41bdf6dc805dca83127a18bff6f5ebea6db75cd959beb859637b200ccb5c7644d571f436e46a357d027edc9769da226278f7ab947963f7caed1e7e70e572980e960e9764a40c6db67bb526694b084976142471270b2331da563a10427cbbb38e76203d7da5d67487eff701d75188 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5adef30c67aefea4da3884b8a1d0ce6724492bc76b477f1053621e7d19f3cac15448e9401d34e05ac4b508b9d1db9a8d323cf43722e0af6e3c3b6d463c6007449c3bc3236d156cdf988dfc308a1b4911554ecace52938a7b10f463d14f917ec3d9fddcf6d33081745009c59b58aa22bcd7dd8c3bbd489997d4e0bff5473ab9d5 +A = -174e8e057a1d66e22eff88de26f43fde1c8efe5611f6ba4f318f027f5a5818df02ec3f014dfedcdfc8c143c5005c3c5098d409710967c93474f5854c1113fe4030e6682bd56d389ca8b9a4587b8b9262d146bc92fcd81d75c3bfa4281898f394f45d5dd11cd4c7344ee7a933ee346bdaeb6f5188967c388b919a0ce6730c0bbdb +B = -22702bcc4f9d5bc6f803af6af8072780ff7de7a346d6b9293ca751d6ee3a81493fa86738c44cf2b7be4bf14a55a4f8179c35c09dcb1485f4c08ec5e9f9b1efa91f4b5f15a31a46e1ed71cd934ba6bd271bb22bb5703aa468d297f360ecbb48f9fd6c572683e83ebc3d432203347dc62e19fa06f93e087283347950829d4256bf5f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5c2f67b1607776c10fe2c30b112e541c4d8229f5f99f615fa02cf715d3f20556a28eff5c233c58994e9c6c1fcc37b3416b0875b9a62fa5a09a4b8f9e216487203b387ff97fad1f39f674ab19c5e34cb2f162e6b0b0b0084f0618e64928423b73b189c744e3de9fa50d66f45975f68b14866cc16c8c6c722a54420adf027880aa +A = 67056e93b69e8a7b789f1f8b835d9c6ecb7762f844d656b26df9844a60bfbe0d55684f61debeed31a24ef4246485e8a1d43d49eaf97ed9e7b9f2d2916a8d85b8c9e8ad5575cf5a3fea42392e5d1dfb23f7ad41a7b56a4f21e2828aab38a602d560c99783a4f807120292ceae366b1fbfb4be8e5d4561bc8944e7f17ebbcb0fb6296 +B = 1f874f244ed6cff9f910ba9a58db0dc0a7435e8d99ba6412e976b8f64d4106d3c5c57ba079384fced1c261aaa538e131734451fe84fd3cc5cc8b3ab46b2031f888d95084cd3a35a61092672a9118eee4ed1a0df0409e3613b3ef45a8b16b71ec892755dc3f83c5492b67fb9a143ee6102d053078f4875636b20b536d5cf851768cf73 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 7850019c6712f18eab877faa8489daba23cf34b512a3193852508185b13cd5a2e9f503fe8d61b74b5d3930021a5b8c38322aae9b9b1b4814fa4c2c5bc409b58f11fc8fd7854b17baa94a6bff5f234832f9468d90d148fa2bfed774ac03f2dab6a506a70db4ce363f932adcae202f04fdcae968f632dd674416c23d4e21345ef2 +A = 1e378a0f27e6259763890d29e112e3d8d2bdeb9994c49fb67ab680b6e71a52fa0a7db886d3baf52f36d943b5430ae8bcd82e229f4197239c35678eed254c5816722b995e9c311be942f8124e2f80c1e59658433a57f346adfcdb83202e55457308161d2f928b60efc39538a6469f90f1a868cf6077568c8241623896ddc2705cf04e4f +B = -f4ee37e39d4cadb692bab5483ceaf0258b068f2c0354c540438803780c983469ea28324ce7e209c3bf55b91f0a2f4544bf318585e4514333eafb9b8c2f02170c620e9b5280a828ce1d8dfc64ae9c28577e15071825a85a59656c5b47d9a382af6b78a5b3dab1078dd647e0b473174b8415d401543d30a4018cc3eddbfa546d0fad9cbb2 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 4c8f8b671443a3af5ef5749885ce5de8e2afeadef9051bc49c0d7e72922d049b1accdb79d82288e472b07578e8b6d2176d6cbdd7f0caab593dc0fd9224a94920235410501fddd6001b62a7f7d8eceaa7a8e4c0de52029fae68656e8120972b5cc1c2e909c2742e836f2fecfa51e12e4f8a2ec7e69eab061c81785374ac607fbe +A = -5769eae759dd6bf94468eae94189d3396886d4569b0ce264c22d39b623be3abb01bd5008b9fc86701a3373f7764118becadcc69481cbb134c20f669cefeb376dfc489dd4ee91cb333d06afa391dd322abe2b3b715d11ee372666473a473e29dd90fcc97e939049b455be52b3f288db306999019c1177ab5820d94859a9d2f050b7ee1d4a +B = 44adcaf1e2afbfddae19b23cfc0f0ba1f940d32945d0b541db23f3a0a9d06fb1f67ade9a8e620bd96f4005ced99430c7a55eb7e93a701c829fd5b9e55dbb4d3833afbcaa0d9c946916b1a86af4a6393b1155c6439b8b82260e09ccf0ce5d1c4856f4d524983e4b0fa123267694a1c6118beb8be26113a02721a02d7b0ccb01ec6e9c0f9e19 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 51e25767b8d4d7b2b0c2652d9ca6bfdbfea06acba543b1bc8d3d25b2fe5f2998febe1a6e742abc3f482b4267854c2223a5918a9b5c84e0864278283bcb5bace0c046db1d0240443404fb62d70ebff3ccc655e5f5977958df4c878d9859a69731744f3d33978ac31551487270bb4fb56ccbf59402ef9fee42cbc329420180de08 +A = -1966812979042198f70b3f1238c93ac5c6e5749f1108c2bba869b1dac7680f910e56318c9b59be9212e713a348767ba6e75917fb599e929ea2144880d18d4fbda4f4663c7abb49b02245169f385e09098a4e01b56dadfca8c803acb7cc244f3c98bc17440ab2afce318476b80e1d0b4ed9a8d6f2a0be64633f8faad5eb48de2681a38a633ec +B = -2e4f5eb92fc34c753c61dcc826abab6fc4f427c6ac7e73ffdf65b1037464b2a9a0b0290e713d81ab57c0e1dc30e76fdf96046fe10a34cc4511398319ee34bcaf73763a9042fcacf59a100c43d3333ffb3743048e8df0dc61fd0da3f935fadf882ffdfa9f0f42980c1af6edfdf161c4b16087e2b14277f655abe54582de79c51193e13169b55e6 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 33539b5f38a9943b15801d449adabe02da6e21651d96acd9aa40e866bf65015fa40178399254e8af6bb082d021e2a05da0f45b699d193b70112e114f0d25287476dc0c733c5cf9df57667ad0d3ffc4ea2f85b43cd10459cdca9465b0974e578c00a6e275e0b97ef2a4c9886aab7b5947b78a88f84a3f1d8c5f26bd07bcc59886 +A = 531b891fe9e8db322cec59a2115574c7a304c423e6b11516906b840542b2c608785e2c18033262ab9cf68f63edb40ad4f073ce8841db602cf8fae0a6771d741c6392976c9b333ecfcd0c8e9997da40616ae2a9e0c6be93fdc7af0dc0668ded1e42a9f729c70f74500ee76a91d3d993c075c2f645b35792a20edf17c157459e35c0a48da6c4c6f +B = 1a6fdbfed1054a0c5758f92f72db7e5737b0740c4d8c3ae4713366ef6709b21eaecb6b74c92541a9a0c99ae18ac6ef7de79d4c84ce39ad59cea9c203734a99bbb895916275e8778cfcf7fbb7b7d081a677769e4ab96bc7bcf23303100e629fa8e07f5b8fc2e39c7b5724c72907eaad09d3088783b3118e57c9c8ad1799b43a13f73864c5602c478a +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 2eab6018361f557ab06725ad90f6886d4b468ab1a193f8fdcfb4ad15fff781c8681329a27aeb5f03a81d7c404b8017b12fe23165e941ea767c733513a07e921aedf20596763f6f977316e37bed70f6a617e5c2757c229c59b3d7b1fe8755b5f65f7f407f13634aca7c8a267e661ae2f77fc5a95f56cd6c8458119df587478b1b +A = 1cc779145b2b7bf9ef4c9692845e162329940f96eb43e04db8728bfe736698082aae6b6a1b3c32867c293b08547a0941cf4059d2d567840ab6ea526e3724ad59e715a3782ca656cbb739dfdf0c113a18f0dd62423d4edb60057fcaedbb852178d38f1b5a232842b4fc645cbfd97a8cac0b094b870064302dcdf23df2c9e9f736d93409cbb8ce9ab3 +B = -cbba16086b51bd83d3460e51cf193ebc79b826e4f30978274eac3b2dcb04e9d7b56a1449b7cb128bbfeff5c4720bae45271fcc64085d3ee501f0f21fe73cb7db5f275d88be55c339f9180ea21a8cf3755a875331931b75d23f57c2030c89c6f9c1ead431cb4dbd4480564c83f8470610e5673c7eb6c0fe7351ffd7ee460df5db7872c67041aff0227f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 96fd93535728b961b4167be8b304e570cc34e787c12a9a5d76e099b336ed6b837cfc246c5bceb04b0f4744c5da7071fc01d70e342509473e5bd7c60d6046c9b4f21c5ee71c4e678447f837db3a7694fc3936ca733efdb7d387f0f6e263b3ac0b89054a826da9716691c9d580ad38d701d08ca090b6c59be466e1b9833e75d820 +A = -6791fd686f46c3773fc8d7f4753d178a93f6fa4941f4305d9689c2a305bc67840bbef80ff05c7bc6de3a595f73846609327d28540cd705f5aa94a3ae5915ef55304c37c4c43a4b46906889331ee16585629bb303673d439de9c0236f708fd19a977e6e1032e0576a921853f7dd328979ad1f1aa945905dae93a82b3af9451a541f544c18ed2546b66e +B = 6ae062b39c77bebc2fef05743e6d35e14a31c6fe1fdc42d8de2db94ce70a6d60d66263c7414b1081ef2fa6ab511b361b8baa9c71ec628dba5bfd772c440baefc2fbed68d40897878232d9715c4b7e7c9bdd41cfe7b6986d825f68be8cc16d04afb0cf593f3028f3dcd91bc94923f3d7211aa5f0f12d3270e8df8bc191808f0e266c4fce2af97ac7ce06b0 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 949ea5f645ffe5d0d03359d51a663c7dd6e6013812a47be309575e036503126f48677c68c4ef6e7b3f72d76657fa282ad5881263e649b5297da82e24298300d032af3f5e8309ac7eb597b16e257a6f7af3476a264415aa7783433e83be57ffb3fdb404a9ddc3527d6a9c297f8cb7b6674961b3af837ebb65f218147a46c39cba +A = -10f59ba073126d92a201529a5374500612bc59a9e66322c6706b422d35a4f82d97e668b268f5527b4641c6099c80bcea504234f3c1e3fd29eba0f161da97c50aea542becba499f29d4ba5571873d4dd9eb3f48cb26fa6c929a704fe8e49791b2ca3293c2428d9cb453263935c9c90a4a2b39d23a0baa12535845f907d42b729033a0a1e74d18da30a88ed +B = -34fdf9ae6760d4f434d09ce2a7760ca2dda14bc256015809745524dc49d841b07102aefe5a1d0182e3e09d4d45b415e46f653185742b9b8ea6960160752080e5c9577a12182ccf1a293407b534ea8ddd33ad16cd19ba537d8db5b542f86a2a292423d452bf18d82361240a7efa831518184572c5a8b73b108a81d5036b3b530d98bd47c7fb2123418f12e05e +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9ab739ddae55a0d71b39974628d4601122ba6c5035c3ad0439691317f23dc33c0014f3e870a105e4dc1432ec79693bac658433b21cfc218ed411e003990b94ebfa87767f3614ec19f5bc30704adcaf85a9d3d15ea764c8f0bbd52ff388659637746d39859398c79016ace8c6f97d3a5616711a235b85f334fb889b9280ccbea1 +A = 76b15a0aa0f59ec804a5e9a627e1fed524320b29120b6789f8e71b1ac4e00a9a8c826919035b84f87d291e2f35460bee181342136dd9eaeb99ed00c6328b8e44c49ede3921d6275f6e7f03de179fb2374ae2fa6c58852fbb2649e214691daef945ead6c8bd5a53ad2b130e9eab6ad046ddd6b80874ca6515322bc171ee32749333669de0d9c883058423579 +B = 1fe2171056ed4585a143b6b2bb5f44047664f64d710dfc05c18be5840ef9426ef05b6e92e4ecb5544ee4622e9030153dd9827f2f01ef38e62b88ecd6c46b4457d16644ef6d863c226acfd6928a40de614a5853137124fe69127a7f05463eaa49bc742d8f7be300d06b302dfb0ba86801119bcdc01b516afa360aa8b22b7c6c1839cff859ca1bf26e3f7e030512d +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5631048ffdb2767aa04d59d8a5750016b38b983a2d53743ba4de5d93bcfc8ec30183a84bb1e290ef9c72c7ad357728acecfc613a6f9b3d712456d545ed54a337930937f4589fe41e66ee930db3dc10a4fe41481008c69eced65b9d1c46b8574c5ac8f7d94025d8fff00ced17a5e17508527681bf94c2dedd51502a2c4652538c +A = 1aca12b1933f25ea081e12ff4a4f6f9ce379f96d976da2ff7b8eb8ad791fabe31c1148fdec22dfd67828e540c955a1e13f40c5b125e1c7e6bd839bfa84e5bfb58bfed76058c6db77af7a34ffd25fabd60e19f65e1faeeea6371d7785f2e5bddc8650a7492e06691d61f997483661eeff54a30656f1daacf31182486bc40647975151fc05d2f64b50e632f5d5c4 +B = -88ed894287043e7e5cd2eda3c1e5c97f85809f7a246b0c20891fa9a024f3aba4ec1f3d112580fe6ba6b0bdcaa1325ac7ec9508aa88c187af08e4f37631eb6cc97e4481b18f747ce6d35ff355e425a4833834ffb8d34a818bdb015fb818ac9f58feb87020234243aff912da5590ea3f6cba74f1a9fc3ffa2b4aeea25479c55a3b572621e75d86d8c8f6ee4f587e0f5 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 6ce341aa4a571cd5bc110dd436acaa09f409661967de0bd096c77c60db58b2b0ec95cda50acd7fa20ea4266b2c579eeb6ac214a75d40abbb70845db74c4d6c93f8c545add269d45fb15d985e7e630d0425565d06dad4a3ff9835411e51fdd9780c24f466dbf29244cd1b8c3445af181d0928db399bbc8632f7ebcb9d48c0b754 +A = -52c53999b02a92d6254557203cb31a21dcb896495d1f29f3277d19129ee43e521ab9d5a297204a844a9537d63b74686eceba72ea2e7b98ee8895513395cf7c44c99348f5c4eb657874a8115f0027d6a416b8a04a1ec0e6809b7701ee7d41e99996e307bee9c295ab3df1faf674e0067d0ab3bec4da998580203e33760870ae472a3045bbd66e352b8f4d284efc00 +B = 4329d110504caeb71ce0453b0706ff675f646e70a6bd9575791a38f672eff226f4958f8b1fe4123c0001d8f8595d8030d0e9798232942725a9b9d654ecf50546adfba7103fed796b455ffbb4c153e70f941bef7953c8a210d6f2f4ddf5d9a79d9938503ae8f24d69d5d7df1c988630ed960e12dd877bb80a1ab0bcf6db67e0c0578fc0c40408f72b19052534da8d31ed +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 4b9fc1e0eb4be199427c48bbe1b53948d0135bc1965b8aa5421a4ec704b13cf934c650405ba02ad611b0f29d46d82d4a1fc5a84651a29364524e37be2fc7001cbd3c792aa477802999841ff19620cf66dd2453c9b05aac349b9094d43b40e358f32805d87cea3cfa98e05240ff95ec57d88e0a12917628ebd34946eb1ad6799a +A = -15a223b691d8b3696306b0ccdb52c1d62c7c2d1ac71e5f07cd8fba960417b42fb5ebed5eb9469be67f231b5254bb0fcfadf5ac5d2906769e8bf8292f0442986cabd88805a162c0c1f60f9ff0bcc2029ce33452d05f754375c0bd147fba745bf8a0008792d4f90d0e0f2cf391f2d7865705544f4a220ded44732321473c0ae7870394d4e625df11bd0923340cb70b995 +B = -340e5ccd644849d982bdd455ddb3b9a23ca14e168bb87256bcc370ffb6b7fe78fd062b3bcc1ad3c8c3b8cb549f2baaf1b7f0f6522aba02fd35b651f7de52b3aa2e0e40352bfd6ed0f84a2bbc3b3a396dc8512ca1db01cc69611925f1037794c82a418f10e0d994f458d1f19051e8bea32b90ce744d46718f42e711c094ad0a1ee96c88920188078f1b044ccf307e4cad7de +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 31c090e5160faff9a136a7a482b42a43ae3c7d00c215cbdad28804be0e7b12b0b3af820c1350b1622a22c8875f24d48ff16231c826d1a946c66f70aef92d4e6582e3ce9213d907267251ac74fa3cca9f1c8fd53fe9898aec19936a2b797fc345d68f0791cc740199be39c05053d5591d874b415e62653b04a3f41e263d00f230 +A = 5419e87e50b28b6d24927934b541d8de548a8f4ec7e9b00aadb6d23f2d33406177d3fc72d29ad2c2e141ab2916adfd30ec4791c626af61d8d192276d632aaf3b54e2ffe83b44f6f1ac441e6823b6b58cc08fd7a0af945a02eabb5aebb2c7ff0622a17b38077cd0cba906ce23e71ac7f4da40ef6066565b4cb3a62ebda28f3629eaa251dbd9979b123a5447ea20331723e +B = 184782ba4daf429cbd13ac13fe93fe5833f09915cbbc707feca3293e505ce9cf0b4b12ffc8b178e0a4617f809be53d4895a4182e7a8a65043361e654befe8b01429ba4b7420193d1d7d90930ee19cee0316f33a5795335f5fa517e1ffbc99b95101b0f936353afd3bcfec34851ebff1ef02fea991a01b587d28640c935ec91496d1aa3ab8d38a6ac75b3a4198ed27b9019bb3e +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5eb9f3ca660de481968a3c7321281f22fb9273b16fc10d8eff1fe34842364dabcfaee4993c1c8ddb7c8d6e509a8d2afc005075d5fd3c4471f0622753c7797aea900e785ceef905e2606f64f34e47239c40b74f07e2ca70bd5a18cb0a88780489f3e98232221f65ac9c5ce703a256b7b75eb1dd38778d8bc05a37ac9ad8d36b35 +A = 1c73d8e3d5db127a81477a5c4c6d61ac62af446981773ca15a9a01fd5175a2826a8763f91d68df28ee606e8ffc203305875a238d2095345556f12f3b5e10c5bb6ce3f90342ac74b9ac057195c863c4b9d28ca1d958a98649c7f8897bc6abbc39becae963f61b33bab4fd20d9d0e5464f21c2cdf06d00f597dfde45dc5919f5124f26888b12d72cbd2f57de3f2de7c014f891 +B = -e406fb60e35f0abdd313b8431f4cc89fbb034daf71fae0cc727e9a93cdfde53566fc74e48f4cc2111fad158c63293bca0b21b98416381b81d2443d0e91647679481cd6b6869b37112d3b6e575eea7fbb5bdea422558d817b49ac36a829926553202cf9dcef09423c085d26176a89be741ae20a434ea461def090dbffaf2e2ef97bbd4ec779041ed69ec07d125c7b85a2d215bb0f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = acf9d363fc9b76ecf7e61c33270031340e66595e559dd1c9dd4d2243819b660183521a4124558fd4b216dcf5c52c4127fe517c48cef428b9ee0f1bebabab487c968a80b9815e82c12e807c096974ea3893a8d5597f745365c352a6bc6ce92479176092f02907538c5e784bf26dcde7672338f402753b08de8aa21b9480df6955 +A = -7c03ba6e3939ebbeabd35cca277eecaec31f326ab75f1a29e05af50c4e62e0175d4d6a57acab87cf1fa3a51791e9a2b2d4d5db570ec3941263902b0c74544c323c106557cd5139d2a25f3c3ef81ca009d4e3c16f1abf6e2b5196df1b30def46d61eccdcb3741a6dfc8e8c5e6db68ec29c82b0adf6e35ce7aacef8da806b3b58bfa489d319869b20768f8eebb604a9624d048f9 +B = 4e021959da96ebeaad17f9896ed53010d80ed3fd4c3a826a266e82b80ad81b3032303e7c0e58034a652b8aac00c08d42a530039de60d74ad349438f5ecca1256342ded6f30e3bd2aad5bf2b49124cb27f45f697e157550dbbb37f5aef0f04839aaf1ba43bf1e77a1529818d0fa91d940904eda6b748e5c86cd1b37592542c43b7b4afe2b8926fef6dc01784fa431d43900edef27f8b +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 24124c69aaabec7a7b4e7a82245f6cb14b199852a8b314a7b8d9049cb66096d5ac93ac75eb58a2004de8b0fc8375638c0878fb6a45be8bfbcc292e3571df1bb8d6e346d5595fa395fef983a365e4e868154fb3e337d47771419e7f1dd5e4220900c564d7cbe8e7792ab288f99d265aeb296c5ebfdaf08b88d9b30ac660cc3ff8 +A = -167c959417e9566c93e7e05d2a410f4850e3a313e516ec958c3d2fbdecbf58072d05691c68981e176a867d7467091dfeca11f695f750c8c44ebc4d08e39e679d96c4791ceb1ea3b89fa3ce26f7ef214c5368c03ba694f7ae592bcd8ae53a66cb3eb1e0cd3c105faae6eb7e7a8fbc88248be722406f2d35e46c751b5ceabd992091eeba15191ccf6dd61a7ee0c624d43b188c42b6a +B = -343940f3b2a5f73a51d6f609e8af306f44ce7b5c2e79edf6f4dfc07866dc5c4b2e0ba48099b5503af87762a44ae451d166f8914ba25b3cc41a766583bf73d27e40784064582fd9fe952fc00e9aa2d4e4f1ef35818978e725e69c1bcf267fda4d635d1d292d54d3ad10bae9763dc5d7f7226f371184465695f2d384d749fe07967a1bb64df22f294ed88b13600c7068d881f713cb8e3ce6 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 50cac148215963e58cf6d2ebc36fa518c63a0ab8fb136ab84c9657fee459043ee9f42aafec89e8ba5fd1cc5c4495a41e80590ce197e12c087ff7e6ea88ed798735f55a1634562b82f8514488ada526e5dc10700058980885000e266cad55948d1e080f6343f84b12a3698d9ad5427fad4017d931df77ed2e45e2fb8380b7fa39 +A = 6a9833d768a22ea46aab1a1619f30283a1ec254a2de5652981d73146aabe31041ed04d271c6f2e5e2d090cd615518a06563a94ee2b12cf9f142de3f15599998a712974d0ce9b122a2aa65bf8750f54c6324f12e321a888154330f0f9e1e5b7999acd70d4e6da95c2df1da2d19544b7abd2bd3041e3228c7cdba44f7d1cbfbcf968f8fe87fab523eede0485efaf5cc9e56095cec8983 +B = 11e782e2b3f469b1e3d14ccd1b8301ffcde7e371f6e9afc99af5809110c6d70e1cca5c0bbfeb95fc3ef8352581c11ba75c0f8c445ce2aea903769a24289581c95ae5ebd9553fee61a30d155bf6011278807833eb2ce7ee2a98fececa23fabaaa259409e88e3c4f4eb1e04176d44878ad3f6961e0615ade2fe86b6eb02adeaa7c9019d63231a28f84b7dcc8bb0e71e2a717db09301e1dca20f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 7cd49d72bcf5ff4fa2c686f21e1f0146c4f24b9ad2e900dca1c0a5d2fac5047509064e65ac582946b251a3f04850c9abd8b80c92af0fb11ac13debdae8b94927f1de0e4bb217e78f5d04897c6a0762667d3d883cb754dc610442c9dbd44228a7ae4f14fca145550d813655befe3bfeb52f1c76f989ea8a1dd9c10fbc7e9d6574 +A = 109fe33568598972063279b71ba0efdc2e03f770cdec331428fb8ca084c9b20d0fdb5cf9ad7ce90c8cb8f0fef10d219d7dfcc6b4599440db8cff9971da7852880bf004266886eced8763b3569720df3a1fb0dde2717ce0183f2250034871146628430f206c12f5fd87574c206b203d90c0f2c705cad3484c73da8bf4e9f7e1bd433a6f7fd27df63079d30c490aed7161bc594eefad4bc0 +B = -b95da952cabdebe0194b7fba519768e1b56149353cd12023b97397b59e0d7f4dd1d27b65b833948f58e66d3f6928cc3140cced835dbd612cc82a7e9fae1621986f71ddb6707ad57926b03e87e165d30fb145795a70627975bbf9d9ac9bce07492de5227c666663cc28b3e70b19dbaba7f16849535ce5fd61e91cd2875e0a534a10c60d21f919d566a3469d108a35ec3f023210efd5d318c7210 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 98a89cb3c9602fe503c32c44609bd4487b6c8323737b3376dafacc3eff96efcce7a31f1b61ee6799dc9561e77ac058fe5195cc013e72a2864f7e492d9f35244b321d46270a582f6f14f15fa8203d392e81b183a1d64d48b51d70e38d49c93869ffb9d7509f15ccde547d2d9c4dccd50eba49190b6e831a9f4f9000a95dc83f3c +A = -67d7fc8f1766c40bd476cdb65d4dd161c3d4c2c5860a0c559f0e87ada213c9ed33308c36bb1c7d615fa69ec53656bbae6b57181a0134af23ea2a75f8fed3290a2f483392a3745fb57adf2121738c84f6d34325121a702c8ccac0090ea27fe9a5ebb6ba9d4f397e4a7e3151850b3d7d25643398bd3e4c1da081471389799245d986cab825a2e6ca72b38ff978a2753c835299ab4597bc65fc +B = 676ddc4d18960817ff8fd2adffaa68c87d234d62d445d6ba3847ded849356d929d9e4ff01f517d7b1c0778bf90f475923517d855956f17ece1e032e2fd474d2133d6b8a591995454d8b587cb4f6fdd0fa29305f146d340cbe6b6efd28a926c73735621be0c5decb792083b3f063a43dd9f635e03f78c1bb56389a5cc993c8f36134d755a324d4fccc2ac3bafa270df67db0a4ee6ea4497aa33b5a8 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 76c31404854006a7d55554762094df6e11e0393f5b0451d85de2e5b104432df72023a35f44da10dbde01cebf77b8f9d3ad582373c5d32232564729af0d03c5450e439045d96a2f0a38871c922af2bd38c545d219adce0ec80fccd121d6a733bac09253604a8a0b1ecf0f24e44b818ab9e9974181cef10e9eb17684c57d72257c +A = -134e8784878a8f3cf49ccb952075f9f9bcd24a20f8883955f262867045c11a9c566abee00638927e5de924872fb98f6376e321ebf3f567db6cfeede62e04f839617d78b7c9d3487b60a0d3897b3fa49b14c12511d04854bde4a9dbe5f31424a3d05cb75d23b46f6c0819536020880afa5a2c173f6881754b56f82a2864c99c820156f96b5cc4665d603597331d98d90a52f4a30c6215ee5eaa2 +B = -3c5c0d35de5fb21c84d2db228829f43b31132b582556b92b495f59df502a6d00584bb5bacd9b8c1a8c7eab91db0ea24b40f07e62a712842d5c2e1d208a6412a068cd5c6394d715260b67fbc03e3ae7eb4862f74f4d7484f747774fff03830c65fe022d579adb6737f6dfe297db750e6a58d1004e7e2716838befc2ea97179ecd53b7f36e3540e1c3a0f3e044bfe2d0efa9b89d2d308cbd0bd88ab3706 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 5b704b3181e5d0494937b4d6aa8172eea82919fd1d884493197a6a85ff047a7bcd5dcf072bdcef0287be20d4ac49918d1df550d184f86d7220f0a84fc4da3ad05e131c443fb529df01fec9fe4fa6fa2f36e791f9e16b4092759016d2f9b1ae7c3d071c57edf26386aaead767a3109c12a5004c7b9fa595e6d592daaa2dd1df04 +A = 48a0ccd2d14e14e2aa862d306501efe5de239e8ef36ff6251c861a0aee9f739411f402491bd99aebacdc26c4f30306f9137ffe4579c2f13efa81b979ddfffcd23675ac6307c0aa3ba8ee77a2e3a3c8e241bd2ade6484e6ead32ce8d752fb3584d14688f223758c5cb8705cea9c56136b219d87f9904bb56be2ea1c9a035df33455206e6b7972cba32ca4c3db41991117d88da3521780fe65c4023 +B = 160120a35ae3edac3edbede9ff1c6f317d95481227d87785b7ee46cfb80fac9973e418244884caca3211a3f6cd3bb419cf70fbc22d82ba5ab98ad80e1f6c2cda753aaf7be78613ef25577107a47ad1ee3c3645db85c4d29bd77900e99e1f439cb23c6c68662c05322f94feffcd9e37d8665cde984387093a043447de590e7874e6acfa37ed302040df4d5c3dcdf9fed91b3d17ab5c141d4494d0f301b508 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 448c3a64958b82ccaaed3c74706ce0a48c5e059c3610cc03a6b5a03a7de5d4f1d1e4b08a31478fa8edd58401f0171697f0662146ce2b371e335d695f9e4a671255f29fc0b9b7d1b2eca4cc7f8357aa0920b5942e31bcfae84e909828fbe5d02251ddf10dbe4c15351f675e96e2eae6d044da1f0858ce8ba9b7aa146850b85d93 +A = 1b2a52aefe44170376df29d17ae2dc1501c9c296f72f271c21f53db71247e72c3eb2b780190c45343bcc8f548507559ced3bd4a6fb13f9174dbddf965b9c4a56c3d88727736d78be9db2268cd02382e50c6fa28ddaf8eab9f44ad45d5882a5100b3027c150a7f3bb36f29d24a76e40f3820ba116d645800459f06c20679321cf5be72450879462f0eac99ab6ff8d26b464cd0e6d78621c9263394c15 +B = -b7d9bd08d7d8e0e9596851b7e03c78973a502afcc7b5fe5b0db6034ebb8a11df1ef7ed0ae1371eb4111cefd61c61935d768be3e3755e481daced219874cdf0d07a76e7144be626cf1fc21c8a0e9db4389ee213193775e95d4d86741d8d8fc820c239b7a90937000dc3e89b2fcd61b44e1c38c655bb3d31aa7e422b4406c9e4a88e6a2c18ec7c048f4a6b5b270c90d9fb378f64be3b5b351621db48a6c18625 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 2192157490ae044a26c23eea6da51d3a3dd08c7fb67a9beb76d37ee24ac0089863aa7f00849b81bab8259f3a0e1bc744d841e07aa413c286e4bef2ff3356bdbecee756026915894584b4fcef7e49da4012cd9fcb5dbe3f3b867cb6a7ee959a328b0fd56a9eac1f4e40a22bf0a30073cd2d48f99245ac03c373810c54eaf3306c +A = -598eef47b40d1fa1ce260edc561bd1c1ab286a7e068af412ec2baaecd07c5b9cd596505ea1bf0370ea961c4ceeb9be76baec74e6952cb846f20e5da406bd01368b85d59569b403b7a305cd7448f331f10a34def43c738fd633df9a3eb194c32d53aeb567889927271d71d3929d43fb9338248b64f7d23cd1b053239e09cc2ccf5fe9c9ce240f1a10fb151a8583e4b4cbc70ec3082dd20a9962d564544e +B = 559fc917de34bd7dd7a23a432142ed79e3ac4a6caa357eea21e423eb9af7fd94f1eca735d2588ec4c2ff013520c3a0e209627217cc69bd5a07ca46a43ec1f1bdbee5f09ceb1b2c18bd388d3852e51070943f16152a73da624be680c671057677356c6f281a4ba1f7c60609125d7fd9086c907ca5c191820d80e483886b70c1074e2963c49996ee92577334881edafd88270bb967da795aa4fefb739e4367390ae +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 3488bf00f67b852592922fbae64fa56d2e4e7081678e789bbb3b4f48df62576d537da2e99c9bdd721c725b9a828194662bbd51ee20ba73d4ed5562482540880686d9fb1e8ae62d08e39fdbbab1d18e399ebf07b3a6559dda8b043fc25a8152858d39b10ff64776e00a839950e7a9ed5ea95b594b6e9e9d4348ceae08071ec5d9 +A = -1b135d8cec9969561be396323e2f8be0c60903ca59b6c418cb19876e9e3cdcb9ce4f5251eadea11fd6e785476c70822aebdc94617063d161ebe55584a8a774ab230b8228a2b65bd5a6c873bb6b261429eefdc7d0c64c7e78133e739efe57f835ad03ef8f84601e1a2310659db5e0ee706f23e3c5c38c9f8c36e5b15b654d1cc528f1dd392f1b08921af8be6fe4e4e6db774392441883ef867bc729338943b +B = -34fb63435c90018e5843098e379c76ef3ba0615b6b500854b3dda3e77fc5646228fcf3a6e1cd87a506e4959ab05e24474990ad98ad0865942737734c03dc289307f1b1f424b9a8c2264350943449b3d2b0f71f989039131e23095d122ae98c0089a184dc530669e804140134e5b602861a5e61c030fc3d3b3eef0a59f8c0579fc9b0afceaf16698de3fa07c43231312254c04ab11ad7a29efc4597780c2cd1b64b43 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 8ea5fcf7fd41803606c95729d2d910941e43b222f9b0c93a1a803b197fababbd653a92ee34e805906fde29b307a962a294aa4dabebf0d181c046653ad0fe6da1295eef817f3289dcc6579cee8869198c39a9f79992cf6894162d35d812df327a64470c935994aca4985d0e6a783b853ad762338dabd575ca71034e29d768d014 +A = 6858d029a62b0f75e4c59f3ec067e3990b2304c90a097daccaf554abec49a9d297ca14648471dba08f22ebbf8e238c89ea06f188203599aba56611eb3d4df09ea795a7e28f91f4a9a582c6b949c6ffc584a076de653446aff9b24e87202037974aede37aa9a121b5b70a3e9b5ca376c9056c2c91f5d5484baebb64cccb6a09b4f40529afad1ed64b4cc4aca586892693fb5f92edb6b4d5f678f7a2441e51410 +B = 197d6deff7adc30b025e7e418cca0a641e1a1b35f78fb56b9d8847f0690313475e6fbc6f73c3a718b10bf37434dd9fb1eca33a99bbba674195b20d35e3b34ba9d7c8438eede24ebb48e6d39eecd93fcd7dac44235ad32f208919f57b261da70ca378f9b03ae5e5a733f97f0b3f4102d971272015bf50b6f3e50c7b36cdaa14a8a580366c9cb0118ceec6e627827b0b8f614656292675ddb66e1c55355d5a1d78e69ed31 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = a25db977e7a8fa4578fc530995335411432ced67e131fee2cd7ff56970df64a6f0f4a7d225d2f4ccec8e98273ec9a0f1aef01dc0b866e425d64e09cafb9ebe3f80bc0ad71c769f1ecd5efdb4a990ebd3a94303f52f4a97e3a1d615918f8b2df5321c4aa9339b4453d7a710a803106dd0ab49c6cd9aea431f97fea9fcae0bbd90 +A = 13f97ba15ce46ae32147a0aa4c1639b6b555f4d8a1af15ede4f1103f7a0b06b4625bf456d667720adca0c4e26e858f008b012fae63cd89322b33fe51e87714519e7dc3cceea27d968b46ebc04024d063b17901a7ae978591ca6ca41afffd81769f04b714134cfaa6700cf23bfda6ce67313988bba5fd3782bc62f76cf551d140c978dc002a779ae37400d34cbea013a5d1338b203ff267861edd88ab8ee1e4c4d8 +B = -88d8a4c8c680fb01f493f73753c70ee753951d4734627da14962e36449db5490b8c575729fafbd203a125b500b96364e6799d9cfcf0efb4ec877e86865eea5e99e2fe5e7655c1ee0eac641e73b71c66d7a72c2934d1ccfefcf59781035b2c7b89e5de3f7d1e9128cac57947d22e7577832ba374492a2f53be37e17733d8bc625fa77fa5cf093975049a5c477f792fe75e85da26cceec820c8b255df0292824b4c3a8ed455 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = c1f2165a402fe9becea284dae60453965ce327f540bb8969562485fd1bb60372b8689d9c9c97c91bcfd699dc370117ea8b704f06cae3d972dc6e5eaac971597c69d4dc24a68b256f97229e643706aa6d2d844078a5fee2d08270820055ea58155d7bc754f09d0c6f804e55ebe53e3ec418747d4130cec68533f6f0c2f8fd2409 +A = -626a1580e52ba52a877cdcd62b34cbc7f949148671d4a61201e03e98985d704b2975b9a2d9c4557deae065becd662ce8448171ac582894bfa2c59d4ed20c6d0471fcad1d0fed1291df5e4556aba72f3645486580c8bfd0e3c8f6cb34fe17ccdd75fad4d4a2db4e00bb8c2a23ed17a31e95631320590f40416c153efdaf897e3b278a1faf1917554d9292f90c4edd5992748b58492289eecde1af34976ea8ff507fb9 +B = 44c336d7739118340048939d6c198f73f90e13030b69be286ef920902391d87a58df3632091d0ef25340eab395203e8dcf3389e95debb7432165147e145735d2e3226637b4b8cb7d85d68308be07f217f57fe439b31fddf3fd469869a20f1f852e1645b0d4903432ecd1fb6397db4c11f6b6b9c0fd25778b0ff00bab9ff576b16538a6b7da40f01fa7b987af8ead41ecb66b8940c0e8a1208d0026773e711153d99348e92303 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 98eaf476f11168bb63fddf7dbf3347e619f9b580ea6804ab893214e94ebc089cb652e307f1f37ea7ab9052a352e260ff7d1e8c17461bae68c52a8a8f1a57a84c79b2c8fcc2d504ac4f553d2534f2a776ca129ec1942d83c8ae24c772f6a8429bd61949ca1aa714cc3881ed731497b84415c88ad4b9be34197a549737edcfeac8 +A = -15897a5a986641fc2cda42d185d72aa1552eb92f788bb71cc74c0e424bd038e02c620d0686ff88ebdf0bc1632093c0d89e724e7d5b526b0ddc4c7e145aa90b36be0d8574901fdf286df84a6b52674a78cf21ae4865618b4347bd905461d878537b33cc41710ddb290964c48e44d4d2ce2ed82847de75938d23ed418bb9ff1caa03b5c1ac5d65692dd1defbc6013b3270c4314a45dc67883762fda5509b915e8277c1924 +B = -3a7141f54a0bcef68cbc3006166f7e15a5c2394892a428fa417a485981316a537cb3ec757d4a2473fdec2cd61010a9ff865852af8f43afc79a97d394bb6c58643858e2b4dc5cb958c33781b5c35aced7882e8b8d7b4e4249c2b82150adfb0c8f2bbb1cff3d2ea27ed24eae030ef468ae4d6b7462f0b072cd2a2f02426b3290b87b14d14b34e91a94c5bd69e9eda53335cdfa7df90a57f97f3d023ff85537fe0a8bc5d8fd7901722 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 34464b7a50713d17b01b5940b5acfaa7006aa6b9b083bc17e0535b08783761391eaca8703af2edbe13dd0fe9036d38aecfd9faae08c0861042ea1a25b41fa8a15b7721909783de3aca127e955e177987518dd010306a795bb66466fccd55bd9e2bde17470cbd36b1e8f8b63805229754387a5fb40f3ee9a8afb2e51e25c8bea +A = 701ae8c5bafab7f41c999e492f04a7626b2b1054e6dce1b83002b2d3de46717225b018733b0fa8fe3f973202da8a090ae3fd14f48b27097513ecd4ceb1b9729e7783c17fee9be5221fce4ed3860275b3b36b7416594d2b65e198ff564e82301cae23756c878494e57b5ea8fd22ad800a582cae32fbc985d122cbc6e0eac77c1000d3ede45ae7aa087534adfdea8e9f924efa1b19c43dfd3b7bc83d7c40df7c6578a320a19 +B = 18e0256543619a750384d30b6a7afbbcbdcd9a2ce644dbfc97a8ff699e118032558f706502c9b956695cb25a46d7526596b3d0b67b69611009265838bec533a9488d24583e7d7f2284e23c3cc4ccc5920fc57e24f60da0d479d41f5b9c6ad9152903a4f37842176c6257fb1e3e0681d6d583e704c1d1b24cf616fe638106638fe9d79a0c74f0df67cb2df9d99185324ebb037d01ba0066ba947d5345cd3201b19769d438c43292f572 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = bc57cbb3e1051d3a3035f77c2e375c7e3221dd472edb1a5ccaa7521849fc0ccc7568238aea9335a733d839e89ace6f2b66ef238267e0050c065c3d9553cf50cc5cd93d34fb43c3ea1c31b8ebf0b751f595a7e5e3e860b366229de4286b9d3f0267f78c6888ab3f208c55d9292079116ea0eb9f4ec2934c97149aa132c03336ea +A = 1ffb0aac11f6d1d257ef7aa997a030e2a12b0615fb11ff04f344f6ecd550e8e77e9883c246e009af33a51204e4066ed4249950e022a61337848dae17c88317e15ade5b5499c0d7597a69a02b6c18db0f975c19c16d2167c583571e947676ae9c15be60e69d76e78329aed5fa57dc5e616795b5487f3d52bfe74b54bbf93ceda093c2e14104a6d2f017f0d200a9fc89deaa283e04b0bd9015ec67598425312868eeefeae9c996 +B = -9de2d82e25b449b8ca4b02b2d2fc0a023fc5804ea553aa84674a815bd74193a2e549070e2cfa0b90a53070646875282fdf855940905f834f5a07f073093c658cd1813fc5cd7092af592092d789ab5481bfb14b6683139646cff8eb1c5dcdb6a33113d1c97d4b587f15f972c06046730b7e712a8e3dd5f4bfd07cfae289047de31776f222d11510ab6b70a200ceeb6802d6c33f913c509b31b96e2b8dba9e25b0d2250c3b102d814683f1 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9f7f4e010370ec1d76fa83f73c80825c3b71521855fca5db06d7ed830c910d0430375bf319671f6a83bf6b57d9d53cfaaed5bc5d615c5690df0067b18791c33cb9f0ac9fa5f0473e4f4eb7840b0b660962097606b3de5744089ffb37d9c0df1123a91a5896d4deeab8aebec469b099a3a9a4f6d822030ec2fc4d11636706fd0d +A = -7f56093243ec2399548ed95df79363e6ff09de211dfffc314b7cee526535def0f9a8eb9aa6f1736528ee7aae8be55c06645708d576111766ea33e0564c12103edd61ede3128a7a642f968eefd0d7f3768b1325c2dd910d459b15e54145a234225fd29932234e59d3ff5099ec4d5b5c6075f56382ade1101115c7b94e1e2a7bf075dec210fdaf2357c735416dd5d616335002d1cde6056bf7c478f810b78c661a3dbe6e54084bc9 +B = 4df1a6296428d06f51f31a1b0f66d0b77a04db3bb8e1b80d64da649899a1a55d4041bf0bb47d3e3936ee0f3740e1e8c2b235e1b8944d28c7d617d1f968abcde9dce10d6e3c27b2e3607d8df815f5a39da9b5569e95eee1fe5532c0a80011e7415800d8a9ec175fb1d13dad959becf04964b70dabde6d37072dc9f6d914309b850cda33a565515dd6c0181fc48bc7033b314ae0bd5872480e02ffc08dac4e3030d83b33488cf149e19b0021b +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 6da5fcea305cc6eb47fb17190889e6a39c339da1bea2d7c95e997fc538b4aeec8b0edf7c109faad7fb6c656420f4afa104ada7a0d3d14d3ef0fc6774b59aa2687c0b4efe7c3fc83194a89c832f7168346cadc2b1fa6fa9a23a67c91ad731b4cfb9943738c7f9951945b2eabb3743473d9c0444ade756291f53fc7641501597a2 +A = -19dfb98f9f7d20fd331ea749d2019d8367935fb75ecde45d6dabc815ab9e593e51178a72816f85aa678304e6ff3a2c24079a59aca253d76c4ac633fea1070753ce770765bce47428f8f5ae40c26a3ac91ddb551b3d575bad9a3b6fc7954acc93aad2131b78fd212fb0db7cca4195b41651a5311bbd4d8c64f1c93e6520eef8e6308e98caa1cd0d3c9b4041182cbfa131c4948257f1200b1c5351bee77ac8bc8e44680ce64ed0648f3 +B = -2736d5038c60553927f389c0650bb1355b0ce745a7dc5f52c9909039465344af910a5f6a9cc4ec130b9877c1cbb52fc08b20d672e42b853d26a02bc07eabb9e3f91399db8465b6a8b1c9f4a4b9eeeec6e9b6180f1a770c139c8f29ceced61cc7ba182884ae01d14dd85bc924391333e8ef039b586b6a0ae18db3570aa560c2b0226d5e23e7e753873637c25aeb19e74997da4f5d0755571785bebbc7dade57446e0df4cdb8df23c1003533f60a +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = c0265805aa8ab52da5aec06ef7cad2026fa0b18edb27b4903e3c068ca6464465e34d3f3bdb4bcc10a19441040deaf5569645f7e09b36c56631b3a6144d6206d39c9bcac53b54210db6d484cd6a2780bc68c07272de03a9bba7e51c9d86cc8883cd2e1864a2ed711d505930143c883c57545e9c40851c6df8b3314a8c9a0d201c +A = 5622f906b077d243521325be82a43fce321412bdab1f15e4ff0c11a7066a288b7939afc01d30243c8a4150e74286611ac1ca4daf457aa23508a7af869d2d55f54f2746afaec477cd7df0d5711dd636802ae7f673b3f730236ac3899330f89cb71d48c2838322fe856d9d8b4053d9c1e66acdb5e43614ecff954dbe37c5269d7ffe00b34e682c0be3d7cf653ef212daa3d55dff92b329126636e440b0bab55f4810a2849f77c39ebb93e +B = 1ebe0d1800b1fcfb67d7d54568e45dc604450c1dbe103ee21d48dda300c1d9b9415dcd9f5a56cf12c2ede3c862e895efb83621435377387b29b882b2acac78386895c7daa90810092bd3062a3a4867f92d54622d7f0b89b40fabc4709fd507d4002ca80de231596630c234fa418611ede0ae4a9616d570232c1b03329bad02220ef64e455c164aadc16190ce35b78060a6b117b4b0641fa64dd8e8cddb5914e7657573804e63dc7b216b1a9aa175c +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 606d2b6f756548568013bdaba6e811dbae88fb01f5f36d30d15dc1e099d86bdca9fc1eb3a785034ea14cb7f4776586327d57ca5a52ea1b30f26e2a76140bbb0e930c7780673770fe22c5ed443c349510e1494ebe402f2621b1e6bde39b8691edbe5c7242efaa6634553e6af146dd40666edf4a3db5d1e7f9347fa1189c1e5168 +A = 14ea5e6fd612945c71fdb17ec44d95015773edc908a85a6645a8eb823d11226545d05b81791401cefc81ce9765eacea7a619cb482f29d38988d355ce731bc9009969b7487a3acca2d2065c1faadc5d6dd8ca1dcd3f3d4ff61d0a75ef75272e62193618f6b802f70795041de26d6ce367ba996dfb91167cb1fa16c8977f982e1718de7d60275a7f66e4ad72ee55ea06267cc4e8b08f488579825cc674b0bdfd34a01bed08b62004fda15b7c +B = -8a542280f6c8bf4d9fbc96d5bfa6ee0d16a09dffdcbfeaa2dfa1097a760dec7bc540a0b5b2020bab1eaa594117a40a9bb99c3f16fc340c262b29909608740b8e77fe4706a88dc0fc3bcd47998e88fa02f617062393978ac1bfe14235d43f3d5edbdfb9f140412f4fc2dfc05a700f47b1f0f90da7ae07ae781d9ccdbb951f19a8b8a9a7dd8a65942842cf207f3baed3a0b2f08a06ad0d9ab7ad0110346293d51ec53ff8165b925c0e7906be8b7303252 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 512220042f151479a6a8b7c743ba83366cb7733caf37164e9c823422ccbf78b0b83f426a7230f559d50bb0ed3d9486c6a6e25f4cf96c4fdcb2c861566c6a73215b6d08995a14569710cf9e54abded1d77fc7722d06fda4557a3a99862e5ce963e1be25336fb42a4629391cde3aacd47ea5f5426e7185c5df27d9136a6df26f54 +A = -4d108217b778694931088bc255d1f69cf8f5a14252156163f948ae58d58f2ed54f518177d668e795474952c930052c1bcfcae11bcd15af168ec2e881e6ddc8de257d0cff90ff3ad409bb3a080d30fdfda99078cc3ad8302a4bdd77de66ac082b40fddb3cb36c75a86bacaf60984a74a0fd575d751ed2830650d85844aba9e3f781b2dc6b515bdb8d9459b083e1aa653ef177de76282e86c99e97dae9c0b050c9e6456a051e7d99adad7be4e4 +B = 7b9079504c635655a588ac360955fceb10cdea5f3de548ca2db681da38c17a70df5798f72cf18691d14a5f400ac69fbb47e64115cf071466c54bc7077a228249209542683ba57791352ef3409f6a947865d8f234ea9d39491b5c001685487b32130bce9aeade97d9537afe3f2f87e8f3315619ef7f215a73cb724f1adca99b90912aeecdc81485c0d00a74387ea99c965118fc6a9af1163e60d1ee6a1eeb12d7c2bb9a54f747a415beb5873d616fa0eafa +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = e36899d83a143c82e19e11494ba18478c0a9497fc89fd83df38adcb6b33918645a416626409a156899c6583ab9a4426438d9c32cac54b78df579cb7b6b1feb3f39ca4a6183743a4b823082896a89f9f1722be842cb2d2ceb605f84a9f9b61cdc7e184593fc2f9ff2994fe6cc4860d255809d04ab47e154eaec9ecc807ceb298 +A = -1422272d9e91a14b38b3e81cbd9411a0cafca23addf4f33c94a1bca70603db879dd8a9c0b95f5986bcb447731219c4f9b32a1e3253b027b7963ce40279dbf4008e526adc0bd7bcb2b533392a105c6e8e1bddfdd2bde7dfa0d2e3b1c6ffa07fea07ecdb9fc828283e93b0ce4861945562478b1a56de32251b7d31f9a2309488f7cbdcc38cd6b1c951570675ef0d61e1df69fed78979dc755f160d93ab5a3e65dc2944d3333cb85aaf87a153a90fa +B = -2424fc1e71286ce3be684a10dd885e4891b52e9009c3021d90ebcaf68b6db81130bdbb74869cbf142e0f44ae72684fc12c85abb5157987428c7812889beecfd7bb43fcac2eb6298ebf1dbcd2e70e4274841c2703b8685df18f6e5bbaa1422004797defc6ba843e77f891bbb46699a863bc1d77c5e3cab809c247e2975e8170da00fd9c8b232abc3fc6b16951ac4e6c96f9503c1ff2d6832ff9c35b2c8aa408645849c577d2b8599ef520da57fe2a9eccfcba6 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 4e8a59476d47ee2cd0217bae2981cf25a2c38e5f5d5c30c2d8bf95856a6e8f42429e565f1836365e550d85207246514624e7ed932d6f5802a50ff9f15d500dd84b27729c1717a3df0f2d6dfd40f0094208445193ba6500ba03fa3f4bdeaf9251aace8729b32ec3215bcfa170575e26265fe523cf44a071470e3b1547901e9227 +A = 452cfc78cb9597e67aacd4ec83e5b473ab8b7a1dcb6097fab37e25d5a6e25c69c73a6c20de0e2a744375bbfe7f612036e69c7a503255d9e17c6ec1dc6cc6f634d4c79bed4764496e5c7c026fdf9408242d3b234195e67a5681e7d7b861f58eb631ddb9aeeb0e5b3ff7a7657a7fde5975b8a9e1f643893bac47debf7918c7ef8f6d7439320dccaf63b80ec9761559078baa8e35d98fb9dc242ba83536eef7ba9901395ef02b19990d8312203df7dc1 +B = 1dc222e7a737e6d97a703fa232defc6c0a4fb2bafd247c8e547b9c474421cacb7692ec98f94be19a5e40269e1f5713d06a6d081a943dbc667bc867e481b99c55e437061cd44c4482649faf870d9347e0252ba9dbe116fb4992dc2c2a0583c1351e9e01e71e9324f5fa942322485bca93c2d95cf304028e68224fed446966073ec7326c93ae326a7a533a36e053437910418bf1761abd9c4c5ab7e6f538e9bf963903e6c80f21a0a38a683e8166e4626a8d8b743f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = a4d5e9fb7f0d75ce41ffecacd2ee1e4d15f82dfd4decf5ab1bee75fb97792d0d574fee60a30b15af80bd38e6a25b1821e61628dbe456e39fea3f8a9ee6ef3d2332412be1500fada0c1728a1457656eb3e9d94c64fb2d0ac89f10f2b9ff57d73207274ae7e8c7538936cb7241615b830cc9011d4363ef88f51c7b3ed503c25179 +A = 13eeef030b3110451fcb1a258434aeb51d3dc805b38c72ef7c79d4b0e18d600e5dd28b552b59f3dda1898367ec7da5dc6d9089a585cf52002eaf8f9ec64b8d3ec50d0bef7dc3faf203c48583ec89757cfeaf888ec4a91470a6b8ec9f26a6b07f3311b4fe972cac2f2ffe47f5c11d2dca87c62680e2229120cba4de9cfce9f7f5c33af8398c07ffabac1675de1845e05a32536329647214e54e5d9216fc0cbf2730898eae19e425688bf184d16bd1d655 +B = -ea324da99252edb03f40100e528d9a5080c43be97fe4b7e03d9563ba48040d328e57d0defd4b7ffa9bef3ca0d2682aefd2a0ffca8566e755b11f2e3c6c1b707f1b9465592aba6181e583babd5c70588e7123361a8ae77d8c398e33f894ee288babea1d7eb63e2f3de469e502b5048417043c5a9a9a3eb921cea1533162e3ce9c79e6caf62bbe7e17b180b72c59b9ef5fe1a001b733d909a8278029fb4a63077ef9b3545f1159ad73dd75030aad599ea4884677e01f +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 2f096fb8fe2156c41ab695956f13f0fd9a084f87ea5f5b1acb6b60c62617b8d7079f4b072223ba18cde474af3942599fe070ddb0ac1a99f42b9506a2648e1b8f6106015aba0bf7a824842403bd3f4ac8b6fc4a9861bf0e8ac59be0322f0495e4b515fd579dfef273160ddf96e453f4ab663e703609c709fb1f016ca919fb26c +A = -4212bf679cc00adb2ca502604b71dd5dab99cdfaf55ae92aee6bcf8b3b6354a384656c09eec6175a95c8cb4591ce118e783d6344525c25e5b356e45802ea3ce1fe764833132e6b7bec434e4481c9cc2986904988bd8da7dc2e31cdc481fd0e359674bbff524124bab1ba4379885a6cfc1b73d953e6d1aa1b938129d74fac9dc597c31383f2f7e02fd995f7065290a9812ba8e205316ad5bac6fc65c6c7310f1a6b033503ebfe85bf6d3851bea1b65b9c15 +B = 7ad83f97f40d5be508cb394c128764532f0aee9a108eb02840ca1c635860b6d751d5f676e8670e2f61466397e1bc68f97ea52d64b335d07aed22f20bb1ed19e3e42e4205d650e6d37714c2f80d39b111577725e3bc7ce75bd7ed5e44f8377d5fc2b97f05c3c1ed5ca1ec90ba3ff7935a25a8acbcb15fe1fc7aeaa1e444cc2f06c1e6711721d24b8969d465e4958cb87924b3e0fe99ccb371009b5b15747bf6dd5d0fb73b8fdf58d955c8773a55424a34c741406f6f904 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 909626a69c803e9acdca97c56781eb672d6fb31430a53b853f467ca26d4ae96c182d71c0212894b776c88e773acbe9602e3ca56584c39b5947724290def7dbf04c6853a108c1282def95dbd5bdc015b68daeea0ee959b35bc5af98a4ae4cc7486e627bc9432bd009b21ee9af3085f074a3ae1bca879e321018e991e7898f2897 +A = -14eb8e28dd04a159c576eb10578c24fad9eedd3d8b7560b681002a54a4bce2167de05cd061338f63c50b86327a79595a2dbfc1d3f4e76aabaf88cfedb69faf5148c61f8cfb2130511a3bf4a17d846ededd4c08f3b635182dff1854e8c4c48007af028e06f01235fc2becdb32adcb9e2058dcf8f8655624bed9915faa06be972282cfbf8530bc0cf2de5b2057df32e4a6cbc3c772feea0a511cfe3408a6dab0e2714fc4cf15602ba0da03bf0016f1f3f5ddfe1 +B = -388da160568aef9f82fc16f48a22e8d7aeac99121cfac9b748c815e5d3a823b673ddcd20c1168f98ba204df5e52535f61b224fc0374092f8c834321949fa0a812b5e65c492fd9fe8246b74143a943bcdbeba16024e311d673357a3dd3eaef9ae3a72bb06e03e34e091cbe5b6a9eb9fa3d7f36c03baa5c3e242f2c186b58db5dddbd73f6aa54aae027529b8f8f0a536b9b283ab08247b9977a2ac2d0d9f162ad03a2fe247d2c589b1a2d14b5f90d5b9c0a95918ea956e261b +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 128e8844a2f04704a4a60cd33e85cb7ad373ff683abd167894a35a1daf947f504c0abd7a614e293ce10797a5330147c88c4d5e1dad1bdbeaf74095e3f5a515f2af68b7bc11ee1f53b493133905b654318dcfe73118ef1931eac47deb6c4958406b704ce027d9b027803eb8e639b52d5983094b8ff4b54e86a7dc6ea169ff1af4 +A = 75e6b045aa44dd9b8f4b434dd4bb1346fcf558a5e96b00fef9b6cfaca72fe8b1672edc2a64beee8b959683b1861138b297629b44a0caec6bad2ac05665728379cffaf66a129f0ba40aab7c6b1c3fbdabaabc87ed3dd580ba80ec7ee765e9a8fbe845c0d207eee7a1a3a0c39650c75ccb6bcdae2e0d5149991dc3bf899ae9b7626a2baa17b168b260d82fba84a12f10e09234035e08b730cfc230f0d2651c03e34d4952fca6409b5c6ea5d8791c90466bdc4adf2 +B = 102fc193633b0e60a48dcc17aa76f3e52cbbd1012f179736a0ba7a102f8dfadaf434063b0ed1b1528a018b349eaf192fe62f868b538cddd7e8e6fd98b93147727d58561517b2836e4a373bb31fc8d5e42d16126ed80b880c1a37940c138fc1f7255ee0b7fd39b1b799c34e5178580cdc076ef3fbff65fdff7497398fb1cac75e5c09cc7df1168a20f88a16e7b3ac78091a90f1169bccd48c0d06b4707ab79b741a168deae5ced5d48bb5f5dd3f465e43c82b9db7edab24569b2 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9aa9699d1e5d2c6acb21e31890c1899f30a925b834adb5b8bc8cce83a1718944a2c90faa71b34379a21340457478c0c43121dbd65d62e290eda2ba6230bce4e6f18555a1380c7c95c1700793157f7c1cbabeb09460ca28dc596bb17851ab2ba6dc6bf311ea69bdb7fa8eb78df74adf171d4677a154b8536f8104d919bdd58648 +A = 157fb9e1b38f288db78a1a0e22fdd9f48a59779487a9ada2774a094d34536b85993e7b9ab6e24f081c4cdfb64a82271100a054169e4f1c24e3957ae9aa8300e85eb2a45a6d5987eed4f0fba6fe8557cbf6128e018c5f9df028131bbba6c544b2c6312aeddc71405f0e4ce648fbab9e5d51685949408e4ccbe06fe501a36fc13ee65c31f062313135054b7679eef45964c77f5a1556ac09b11c496d0ba8c6057e283bdaebb4e6d9e5c557d975745f9f98a288d5bbe4 +B = -82cb6334479bd997c771e894cac1ead87dcbaf8f5006be5c70ad48ef94303137bdc45f261af91a201b276a17d884a56ff27af7dc06cc5b7b9c94f7c4d4a36f68f8d309c477b4969a6e7cd1b2afab9deec06555cb753d8a0eb00965359ef865a84bfa87b815a42b2050e1635d5ae5e3743c007bd79e820aa37a968702a960fafbddecebe63f022553cadd7a4d4fb27b4dcb981e8b490e80bbbf13af8c4412d158775db71f5fbc9986e7b8a8f9299574abf7bdf9ce7544e8c4e85bc +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 46e401989fbcde9d830dc6e3c42768999f153d44d270d4805c5beefb470bc1e82706aa7173b359763c5e15d146eca91a32a36f0a80802871933cc7f2ed15a5472988849a2d2f57543345b531538db57ab9bcbfbe787efb0a82e61baa505aad628df5f9e881dababb35bc2decff267eaed3d3671757ae1764ec5163b792b4db3a +A = -590c16ea2cf7fa7f63b5cf74804333f22fd2d0e1da7d226da8425abad2b39a4672fcebcf5cc15d220b0ecfeec09665e682fff0140f16889f7a6ade9ec11aae3fa3a369b3fc133babe52e42b7a8bb9a24777521f4d9e0efe7d7977dced9e40784c24d2c6056b3b668ada7856da71af73d2dd33d2e481ddf40999d86a6e236d0d73f31a67c52cc8b38203bb2840c0b92c2612ffe5fdb6be87f9a787d70b3dd506f9a63d144db3417495f0a48523c812d14a89710d95bc6 +B = 5a2865cf2254710a1a51ee3056b0c1f6c5f77d22d7aa8f939e6f48ecec529a169e630c554bbe682a8c4de9ce4daca77a278d7e752cb678141ddefa75ba42e661885a82ab55d699414ffeb75802cb8f4e7583bec8a7ab58803b378bb60fd46f476ea490c9aaba568ec17f3a6afdd6f20ec54a512f7aaf62d2f941e35b4b72dea77095e863dcb38bcaf8777707c1dd437ef2ac6b6a8b2b832f80ad2a6d6f279c053d02058b1a657a1cf5b6b269e15d29087b0cfc0c2d4c3fbf32a167a3 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 1c9649f4540556ae82ffd71b2c71ea8588aeb845c50dab595db9f8faa01a26c809d30d8433b6c0add465e164cda2b6723c942ee87241eb7baf9944cae08babd8e22a0eaf35c09e9efdfb9f8bfa65d53ee6eb23fcbe1d12a66ae05e7592ed788b231b000f895d098a24febcfa4372d249575926a5faf966072f29a62a401ec51c +A = -1bc9ae5fc2f6a3f1274584bac1e145f02c5e8c4779f4df15e98dd34344c988c1437ee4428485a09090d81b18606a6ea5c1b9136872ab5b37373fbffbb5b3fa8fbeca1e112b9f1643658c2f38b9548cd8f0f271779ce0acad403177057ea0a2af2e7435109879941fbf463488a2522b831b95c1cff21d2d816d70c25156369dbcf04a0e28e1d746afb8a77713703fefa512816fe73e203bb4c3428efe09b946b750199bd7a03d30feb90230c219a103ad4528cbe0de1e5f6 +B = -39cae179d955049f830867d4115d3bae25127c945b1fa0c16fa850e8fd77c1b3b9b7916b9983c1659b7cee77b7dc72abfff1c56681b7931c5e58cfe4f1bf0168ae32df0df8f652223885717a98f858a497b1a4be62a2215c39316c34451b0d957791f49139921d9ac8041899b8fdd5d3d443547a26ddf5748147e4c3e93f5043ede42f38a9baa628df65d3d6148ac2ce182056700f0f94029be05d3ea3a218b40f65a87b4baf097fce107c080de24880259f1046175db1297016af76d94 +M = c462c7cdd79b7604246a0cd97c017700feb25908656b4733353af8119ecfa0212e4bd24304edd566adb5c1e9daa40894290a9e2e20d523bfdb5a2603409b312cba43d567a27118c15d4bb2f3867a7ba7594e02859850b77b929823049d43573a881948d674e95c7427e2d04d4ed81b5f4de21e0d5904c8e0359c99d4bdc901a4 + +ModMul = 9fcf6a47addfa336557749821a88ccd2573a5ce2c3094a17d9a29b33e043bea165499e89fd2c939f17a670694aff05e9af46836b62c96e597c83681092d63ab9d6e22751aa8fd4b9ea94a90a373876ef0f6514304a495edb5ca1795c9ade7965c70f9aa92f8ea460ccb670e9a62c81e9c +A = 71b93fbad39b1c2755f2051ff7d532d59c985756410d58aed3947d6ae737ace5aadc35e7e0d29c684b9d4bec9c0fa277996bb30230f70431cb7b905 +B = 167be8381a3392dd4df62e150025e13b388bf366922ba8632614928922cc290772135857d1b5234d51c27862cb1a055c1b86260b6ec +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 8e2ba940fc5165c6c5f7f4cb55cd89d1d5f59e90e78730bd66fb120a814514784879dc43ad4f355030ddb3486a59bc34b601474978a94ddbceafdc0ee23cb18708bdbd824d37cc32577802ac6057fef29a71f168e816309fc80cc46f251e7289c6a57fd222d5868263360af63dd73e7c8b1dd6b3f3b6939849580b9231940a4d +A = 1220ac4bde4feca135268550ddc79d8b05ff72f483b39f77436f348c4f5360c22c598f7dfb76697bf6d2ae86c68e90748b8b729b25f932b2e5fd33f3b5 +B = -bfee56cd412318cd62e7b6cc49217345d3a94e7fbf6fa19053fa685efbc0f8b320b7e43883189396781c49371dffe7d126c032d1ae4b6 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 8e2ba940fc5165c6c5f7bcac0e449b64801e75134a390f120acc58cbee43888f50d07f7aa6dc2b33643c025cf745434d20eb1aeda8fcee5fa3fa5baf10d67c21390297857aa50bbcc4a29a6b10885f97fea60f1b88fc72512c111b938142ee8d67545efe386622162e8fd50418b09769b8c22efe54fdacd652580d609f0528bf +A = -7bc53f6f2e78628678ebc8e35ae4905caeec61acca5c64fdf595689cf005bde2265cd43172802fc133dafd933d7b48def44256868d202727a4aa6c0cde66 +B = 74147c93e729707111d0d531b1c135453f3e59f63a7e082b43dceb8b16cc5debdb6d7c0ce0c00ec9b5ca51e7673e411c3cab34938124db6a +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 43c47d7e319c32a758360dd726a1d91e2cf5c57f73cdf9ad2040e61a9c282a2962d96d300e04288461eb1ed37df19e6b88f104a250f9885898740f6487b081515314e0a217df2d4345d3cf81eabb2bfb346b634b9c251624748f6e9407cb677aff4c53fcf42cc027de267e6ec011e14bc7f3bc6666f693d21 +A = -1e6ce0b44105047d0da0eca7b936980267db41d41319dd5315889fe8fa2329023d7cf54f71ee179b5bfedf442cdad1920d311966f7175cbb953bb42ee105393 +B = -23a330c7e06cdef4b6b121d15a9c0bc774eb5e432e72d04c5f03a0c588e55e010b61f57c03c51edb1211685d8dfd2a35393091fd0e3ad2304fb +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 768293c84c431b9c8dc6e538ca3f856c60ae5e1aaf42325865418b7bed16c7fc2589968319cf41cb370657c8edc7b969de10e0566b64ec796470b630e22477e7aafb38e99b6012f100c9d23d5517d486e3cab1fc60c1568c0228c9b55d2d77d23b1351fe37ad4fbf9c07f29330a539de4a32709d043dfc9e21aa1a +A = 6bbaeec78b6a41818b7eec42fa3be7d639dfd86fbace2bc14e0369dba6dd3f04ede8b808743d809f43f70f1146dfdb1d649546441919e27f1f7a9760da4a3b152 +B = 1199dc2f52868a0cf440f6666b576541c7aec1e9cee14c1d22010ab0f53fe8bbf3029c639ff78d89dce82de85fd8eda4e67395d435df60158623c5 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 8e2b90afbdafa02ce68d537ae807b4e7f3e05a66b20b84cff309941fc3150f99d083841ddaf6f19f5a76886ad5d853c73051a0457e95eeb0fe3776a084a027ee77d14f3825713a59622ea163a679cff904db33bf6ab23b06eb4b31f4e34fb122c8c170321164439db783e7bec1c265eed33f33bd9cb6d1611c00aa18a9b4b90d +A = 1c4821515167f7073d4b7cfa318ead1da1131499c12497447846caa84176a9d4af576fe549fd8b0f77bf8dbebf6c395f84dffd40400101bf28b1dda0bbdcc5da255e +B = -de60cd639044e863c6a49c73213dbc2ca84e4225aefa5f880e829f2d9cb48ae92e3f2680c462ac697dc34da38f65fcdc1b4d8c3c99e8cbe29660b539 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 33e8e8e193b4b99d8bb382c29c1fc5403190d7654f43cd77e28d1bf77bc3a728dde9de9a89c6522ebc7222d25f46833fd1753a44275b04485c77b675d816090280b3541ca61bfa33921a79f7286830131d6eba13acc46cc2c449b3a359f1cb49d67a4d0cc1245f3f8b59b1684aa0c3ff1c928b8e880a3375ed811dffc991fd1d +A = -50ff3e00feeb2efc6df6387d6409a622b7a8297a717b8d94d0dc41c6ec6f29a8455c3580019349660b31dea1e4f66b74147de93535e671c853b604ba06a9b62d34646c +B = 49ff858c7081392defc3ba12ea8869fd61188ff15d9339be72657b00530b851de53b1fcbe16034816e73251fe1ec97bcecd8bccc470373974287ca328af +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2c88dc40414969e8b614bf8db05fbc38fb2b7ce144d7e707f9f8eca40ae2309c1fc67e713a8da5fbb20e808ad20aeb369cb72a77fd285e38a7895ec0fc795ade4ef1f1680f3a3b3cee4569cc9d5e699984daab3385815d2e515ba5d67d21dd1defc12ca81bc8ea645f8f8d103b4a0a9cdc92eb50690c07a037df274bbd5217e4 +A = -167ee0fa8e5d8b569d7848b068df06f6baed80f6fa6a442f9d11d9712622b512249b92c7ccb821ac751fe4ec0a7a47e04ea5571c7cb45a7985749ecdd87f0c0faea01d232 +B = -2207fd8dbf2b8e9a5e3cc515479cde241dd3671803f9fbf7859459ac66705be055fa759c85631ed2a61139657eee7eb08fd963b49e33666e60b7e75dd26b5d +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 674885ca3ef617a53eaedb9564cf96bcde131760ac541a81f4b25c174a6fe1444c2c206f7171e343e1bb43f81610162994c497419e75aaa25b664c122ed2b27640b45bf646fc5da1703fbf1cc66e10a3c306eb69ae5f937081a1a18dfc8db376ea18f4c1c499109b0cf8806eb32cb1f28985da790047bd7b32c1f67bffb9761 +A = 413cbcbbb5851a4ae12555801f7f80ccd888bb82ef1b5c31b99e1901d7e0ab91ee489c84044bc21fa2010f11aac21d0531fac09feb482fda579cb9f224c3149dd6249b0225a +B = 1b6bfea70f1d80350eeb45f9a5cebda954d72cf5cd27a299ef5a42e1ed0b50a541d1657b70e50b0cab69b22e31d0944fd735957b1ff764865d9385af302bb802b +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 8d74ba5fdc67733ced4d468f6eb6ec4c1ebd79c97682c1d4daa06105788ed9c5144992e555d903804d7ed0dd9b29ef2648568ab7ff462a03e0bceb5482485afc3b91448fcfeba435dc587db6f3a022428d37fa0e85392d0e48e7d4ed6b21253084e653da8175587b3b709e28426cddfec8d9dc582d4ac2f3d540305c0fe17327 +A = 17c0b7f0e2cdf316e4d32f040e26d41dbde1e6689d98f0652da1c380daf5dfeb6a511b72d82f1b32d3852e9aa2f594be10776a8fc89a8a35c160e8e41b42a06a342fa1c309fd82 +B = -d7b7701340c5a358455ca5fa314ad83860d9f765978ff652d7f542de2e123bb976930b8fe84b9608648324450d8ed2bac4e44f2fc71711ae813cd8793af8d3796e8 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 57e60f79b4e156ccec4c253e70df8d86e4aef326150d612a5ac4dc285761e88ede412d28d9dfa5a6f5c073d3c91a65ba9c86067d81f296935f0d0ebd2af82e7f6b5b336422429cc3b8427fd8d3f5a6fe936f4208362632093bdd3cec1aa8f4b176d260f605caf4a12cc011f3d1b76135ac2507346674e41673eb16c0f55d8010 +A = -4f1568c207a9ec970b5c26f068f3cc8019e8cb483525d251cd2919b368d072ac8f40017a19fc7437cf88e927c9e7d6f539ee84865f0af24be0d6d98fb33d74e3e0d28020c00bcd61 +B = 723db98a78f42aa45496f31cf78695583526d25e167da48ec310e447ad3540be2636813a2c2f7b8c622795ac451992e91bb8e43e5737f0dd95623282e729d815b08ed8 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 237eb5726e2c628a515104bafd44348dbf099569815784eca5d6a415d3c12421c8c70fee23d6d82f7b5b136b70ffed3b6d9e98cb47854e79239d96c26f2ec955e4ea8dabc29a1b0765c9b7af6ef09ca673d1ee21c680e4b8cfebf47bbc74c993d017ead6cb6f3319ce4de9e9765cdb3ed8fcc57a1b153327e1a6a965e5dfa89 +A = -1fd1f634685eb1470dd9080529a891253a28a0b31e15c662733e20d43fc4cd71f4cfe83c3774adf8293a0fc3bd806d0b31b61c6ed0b4414ccdb91e2994e22797e5771c63defcc0887f1 +B = -3ec0478afdf54c949a097ca411be41f931acb750ef4f0ce97d0f0fc77cf15970cfbe24b170aa332de04836b7a0e6c5d456814182d27c8310d5fb662a818bc421587d95fc5 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2f1d500443fc4f4b86e7ec93e4d0dfd3faabda35a6dd31445021928373be14c37fec369ce80ebcb77aff2151b7ea94d21592da1823ebfa0af196f286d7a69ea54799573bdcd4d09ca4f33b8a3a93b35de5ff7f65099d59367914f1c79440b471ced6773b0802bd8ca99cf531b62892eb1e78d67f8210592208859b0aa1754b14 +A = 572de2984fe2ed0d5ebb5bc3f62b197fd592795d91cb16b48a0c898991ee3e884e5870b92405f248036ef9b3898c5ee6100a09ede5a48bf7edf3a067e4fc77e7e6bf6a6e3d4f538e3d66f +B = 12c379402b18a34dc8b80c0dcd25be16c99d6f76d5d64b6050b90910cce594bc022794640735710c7ded857ebd44fe5b2e51574a2296f7d7a61b59c0123051bf2ba4a168cf8f +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 4001c734e1391a88640007893f167eb79ef61e4717d5eb14b8d80c25ed59c753be63fc8e54bdaded22c9c7d3e49753eb49efa010439807dba0d90ec4f9b498aa97f109af542bb41922936223213ddedac4d0fad8f1446498f4228b758aafdf1d9692f59029c76ca2832125ba50e811cb95f2b982a7a4d87b4726e6dd8b1963fe +A = 16792909716b581a936287d0a8550a1f3e840935f0f3ddca75aa32e3489269b078fd19a16f8d6b2326eebaf46da76e90890c0ead3b35689bfda8c1ead17a4f672588f982cfd3da2c2b9bdad9 +B = -95ab2c47f85001aa852d6999f29644a6a55f9e4e12bf905f911f90d29cd1e4fa4fc9d1a2aa6c215bcb5c5643561499aab8f2678fdc5fa9c6ec138aeb2d62f635c45f239e46b0fa +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 1bfad44b58d3f8bc987116d4cc7ac98f89f838a8712d81d726189e9e1469cf46fe04675dc0b82e6e556b02c350ef4e30ec6203c7f1df937ea80f435af7c10f48538fe7755ba78993f304e64ca0d783b0f46f61bd14fd3fd30768f233c59018ce911a94b495f58eb96438e416ca3c7eba5b1bca9dea5a770c1d2d9f2f62f821e5 +A = -78a6a6ef40e443c52036e75f0b35938d632bd45aebf45a1fff5c2e1b6f601a57382b9a82c3e8b2984e643eb1570cd83f3a6be6daac567ddf9f37bd96785662bc3cfee6f47503d239c77781a8df +B = 4920f870cf9f371050e64a419ebe07ac92dd3525b41e8ecf6939a267e1ba853d54862dfc95dd21b3526eb0a0a7a7f8fb67df2e9472dbec81e15cb13266257177c5f2b92fced4cea5d +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6b0b84505907a5ca37abeff9a5ba169975792c69b5751d9845c0f09dea833fb679c8dfbf3895bc470529e0cc736c9b4a0d08b75d709a1d04525ae583c5ba082d3bca1355055c7bb674aa1b92689cfdec4dbac84a96e81c855280e417f60e7e4931ef4f428420c0b85d2cd11c1030a47788d6ee6af0a76b5364fcf23b270e9d4f +A = -143d843e3b12431fa0d873815a757a214cf731c298db61ab13cb87fe78b0a6184bd1fdcfec0c7661b10775b4ee2c815dede0ed497977c9ec5154f7b24a8a786501ddb8dd257bea51b9fd9401ff760 +B = -25d4da7b64f439987eacbde66abadf0da7c1653c1c1c6d9b2092351fbc714a20d2d7ad8093209da371150b69b3602480595533ecc1f3c5005a8ead10732272246d8cdfbab87c49e65223 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6bce40524278ce242b0b5292d27751a3dc414f962d9c1cacb45fa3ee693ac6890d2ff1647abe578c40ea8d4b326a2e0e2fa7cdec28fe2da089338b5fed91c4277cc5be37537eec2f17edbf48a45fbe38f15c58c3e733d408d001262dbd40c9d246c323e7978df4fb7207aa9270a12921743cee2a483e7e71b221b09a6b2c667a +A = 402671b0cfe14655bc650bd35dd0c36ce7f65de274a0cc4b708c6f6c3e84c2125ab2430e702421904950b29aa8a03b049910305127890457cd0cc97a3e05df67f29d28b0452969986959df02f59d207 +B = 1648c29205f19fe4c646eb62e8ae9b65260c2cb8424a526423c6bc04ed55870cefef9b8ba808f8ed2e1ab170e2e411f68b934abb1a22776969f79f9420f8bcbef28417582942e26646af60a +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 40db38dcdc201648da555f1062bbbb92c632c29b66902eabf90d98dec69ab3f3b28e60cad1571e7246f4c9e6aa62ad26a6d0bc08598c7a8571fa830cae4c2875c5c95a59f3295f998681edba7749b7e38cbece8887a7823b4752165e1a897e638836d408f439f009d0fb6c196e83e83ca3289d2bd0f0eb36b721331e4f9f80fd +A = 14361ace8ec5223bf0165b78913b77ef921b7089bb5e28891d120bd3db6513ddc90404a4e6cd027f9b51fbc02e80d376d59e1f2b043954199ef8218bf26cacdc5e749f668ad3b4ab35cd796f94c06307e6 +B = -851a39d8b0101fdb22ea9e367286e572dd132b8a77a6a14dd0e995131467aee898230f37dc6224e35bed2eaf459aae579181a161450bd7ebe6b62ea7154a8a0ab590ca4a6c2f05531c4e24650 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 4b085796665458b798f824d1c1a88c23ecca456fb88713b433228ca8735141a616633ccec4bc53ea4f6e0c74e4aab6fece2e4cc4c4efb479638cf54caf55d4addf75908076f5fb487ed00d540e5b984acb8f81cae3ef51db926a06382a288092b352793de721c23c371fd0ce7a789486b2e8b867d35f47b5daac2d339d22dbde +A = -511565611538828ff7dbc45c273fe46f4f5105d41ccf5dd343b41e9dc579429e56a9cefc54657ef0422960d1375b72411a5cc93ffa323455e006e242580358d6cfb641f46b9c36fa777a613b17dd4a187454 +B = 4f22597947638b9a9e9b9b7c2a8d37f77259f1bb1c7db65003b6e1a1c807469c84c89a75b80bbe0324fc3aeefaedc6ad9c0d9e470dac9c30bc48f6abbbdce9547ad7624f0ce9ff3cb6be23e47bc7 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2b90a57349ea94ea818207fe15c164f9d3530c7cdffcae178557274552f79c4ab56acd78033a570bd6c3e45789704ef0b0ef586594fe4cae3ccfbf9ceef46e769589b084adcee3ef8345375b7103232465b991273df724964248737d5eccbac558e35e4190112571d3e7c291baa7aa8b1800121bd573b8419f627c0091e1bba8 +A = -170cc62ad57094d307ce1b317ae5e825c2f2e317ad6060437afa105501caea00dc9a86af8729e2f3c3a854387dc3ba368c0a84aab1a527ab34fe27b0a69bc71c728cca87be728457c65eea7d7538ef3aa282615 +B = -3d9da1377a88f647de57ade46dc7caf71b4f42bbfaa5e77f16cfcc90f00b5d3e9e9d82355104c7cd0db4c1dac0496be3aa35706cfc0a30a1329755faa439694e8e9b41fba8f1ebb46140818c7008e27 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 4cd4da762c7576d582572d3427abc4b4297f740705fc14a32b46347541b152d0d1e3a11f27213badcea1e2009e34a63350c7a59e4d43654b28298d2757d6b54c4d82f580e98de4230cd119ba350416452cd4b8adff29b9f35ae0c533f666cfed716838e2b91941dfbea8d6a978a369d5f27554ef411f15e5a89850655d7f3f5a +A = 4f4a28af27b926d8ac347503d6ac0bfec388a6c0b38a577501c3ca4aa709c69601824ddeb5eba4d9e437a97f3e4477e1487d5ce7b4a35b90fb863657a5b2d901bb8c3c838db40b89b495ee9875e8eee607d7b8013 +B = 13ca192603bc8b2da29dae67159e4f8d32f351a503434ed9e4e24f74abb5908ef7da80781c71b1a5ce64fefd13a16cc1eab05a370bfba2a97e6cf90cfe98d3a487ba72dde0762c36c10e1da175f1c1b5fc +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3812e9e835ae355fdf328b29ed8b86dc3f6895e379b8b5d65a5de41eab5fb20ad3e2290c8ca69f9500248ff883d9715f59d0db6257d13c5cd612211bb1fb99867161daffc77968bdffc1fe48bcde0fcce02ca93975b3cd9e93b56974ab4beb59582c3d0ef2a65957f701549f8bf858de0c5bc98af3e5722f1450de391876a2d9 +A = 14ca6101af00d67139b985ac9f149accc260336237dd2dee802b5cc6e506e217b74c1a007ec10c20012f071ddad34e7407012669109ec1f385566ff04cf1a1ab7562353c0af1ba1be0baaef920a188c60db27970f64d +B = -94b683326e9de19e414f653aeb2cb4bd7b17e76a23de6a4d91c43d717a35e08f2155b444a9549dfd01a8aec4dc901ea9f629f16bafd2c84828b12d2f63dc154323eb2d54938895ec4c9efbcaaede274fd4ab +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 5ad7411cef0581b2e675d03b0ecb9969102a283eba5e779bdcbb7646d94e843083a07269c932d18b973b57abe54eaaad0aa76cf7b61f30505a263bc95aa063efb264ae829eb1d1d5f7d380a0b4db59839de9ae6230ba51901e71b3e3d59e8c34a79678e751c8b7ab139123bdb2f04d90a18ed81d2046ae86da1a73c8dae4fc4f +A = -469f61cbff01f0e4124ba69a860ec6dbc75cd758dd8ac7cbfed97645b16488a329adee62d1a66e90ee4212569d56d58b61676262f49dcb68296bbe5d8e23853e3fefe8a304710cea568ca65c183531a992ec5b4d82e226 +B = 4a0d48e31cb8c24a3b2c9c95fd19edbe46823032ef4c97fe65d0a30d5c2cad7a4fbbe89e0ebc9940ed9f9ccb8ab18bac269759a9740a7985809d0f38259e680f0703febe7fa012d1ded47f0cace4a133f59a721 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2b2953981db406ebc544c39dfeb08a8b089064533221536c7fa2bf2a7a0d3a1192859b7dc0ea5036eeab5aa371e3e0070c3980433adb3e3a5202ff257bb546bcb9550423201a35501fd717ed4c0016eb3a675ed399340bac7f058a04e69c1774590fe747ffb9c27e78ba50fcee30ce533a1659fc49dc080a60f21357a6265d24 +A = -122621d97f42b65b060c84df3f0c0da097b5e240731b77a37bb9471e7e398b242db6f1b5e25062a9bed702860ccf6aaf386c1d6fcf60fc31b8c190d3486949c5772b9e621b863a7cbf29449ddd68b7e0c21e669492e58e94a +B = -33978406dd30ec2b192c416e422428683deac210017cac9e4355e8446d6969295b0fbaa8cabc92c1fc0068da70efa047f938a419bac160ed6f794a9f69f53a88648c9725610d5f309b652f5462bd3011cf68ea859b +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2104dfef151526e072c09a4a277eb981a035379de3b1a55a88cb060681706f26131c388f5572c5646826b119c85ed450207f32733487e3c4e1e9d701a65058c4b4ef0cd1db090495643038229ed177b54695ac32110619038f1c1cece14faa693d88476e3d70329b0084d0ba5d547bbaa5b59ba1ce1fad5aa2f1c11a75bc7c0 +A = 7b79e6f1330fefffaf8521089c3348593e40ab7e8d4da3d4346571b43b12740958336580afd13619be3dc2d42eefd9e30599405da3e32e7f3a5655ece8b77a367059668021aa092460de75e627526da08e6206b0f8f539ef40e +B = 156e234931907c0c0970c1fe6bd4b24225ed94d5f5b1be4693c8e141e9a6032425b4a47b6eac6265afbeb9d796eb230efa707d5ac4a73808225181cf814b319142e9d175ac461c75e6d479bb6bea53954bb981062eb16 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2a392c5fc96c29df2f5ae9eaf76e7d981dc1e2f3b47b43a98eaf556a9465ae8727c622188123c64658053ec50c25e54ac5c6c8bc279b134d326e911f14c873357647866eccb4f9038ed0cef5082c2058ebd71e1619f7c8f8f2fb80871ebbca3fbfb7845bd855d307d2efd853f1bfd467fbe030862f165e53a9cfa633d0d3fa23 +A = 1e0430e7cf15173d00592037e83e717c90d7dab4f54a5b2f0f5772762fb5f56bc0b2a53ec1bc3b960afc35e7b043f9d85d0af6c29288486af3e186e52bae6300b58917647231b40a12648cc8c020a797683a9bd7ff34eb6d41b928 +B = -e08372fc766eba6e0ef55a9149d700b503e2e3f978c8a397912e2735d5bcff69c461561ac0822c44160c7c1bbf722df421b74beada57462ac54a9bdcdb42d6a27b86413036ed2282abf62800fb2518a32a4a135bc948053 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2608f68632ef14dc3979725c8cf1a0db10a1651f17d91247edfae9935b53f6364d233b030eb99871a87b7bd876ab2cfd5a643387a7af9d337e81770db04a14f4f8dbda2cff604838c9af9a31e8dccf9277d453176589ba33abf77855b9501e63370b2e6cd22831e1e70ff1815302c0a026c70042957d08e74dfaff940a91a7b9 +A = -5d3568858c05a15bc9777af949eb01d33dfdba58439fb3f7af2ba792efe8e78b16d7fbc2a303a4c4c4be7c9d43f57405e88be54d6ab55268a4739945ef582921d2877019659dadbc76e0939f4b2cfbc91e5356ba2ed531526ed5b9b3 +B = 47f81f65ea1af04f702757c02a175a299b23cd8ad551fdb67020c50cbb4110b5371dc5790b12484e9ce647eeb24c0220a5e62aaec3461a9dcdaf1a22814b6f22d66372cc5ee31944bef33469f905458c172ec7871d9dc9c301 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 5735109bd21d31b5f54e9221bbed78c54cf387e39c13d31557e8173e173f786b2d2f1acf3966c3bf4552fe9bc802d0868a5a7632404cb91609a7a45fe0fb83fea8d83b0319666c1b0ac520169c15be708343359447f2fd37960c1e96d32799ac9394e839b391f59dd347acfb79bcc4e34e76490880d163ac97ee69e3a0a6e68f +A = -175011349a0a1ceba11756bd528f2bd631c106e709aab223032d08d52d7d6724e8c5b055b6f97b48261f4860eae297badc1214cdae9b2500a7a47b4b777dd7b8f1006757754ff1143b637d2a3adc555f38eafbd5478cde0b04e5f46d3f0 +B = -2aa7f75d6801b04ea9f690aa0c5448906595fd28b53775059c01efe54b463f1d87c9fb4b39cb038e770f99bb995a2118b86ff8d004bd964e958c2af82becf362fb0b927c671cc3bd7185990419d26a827a2d81bbc0126e1029556 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3b4ad19b75e1301d19b57ba9b68e0666c28c7c5c99df1d5fbbe0685dc1d3489ff39c919222719c5d8b7ce2d7ff967730d776a02b36a86064ed66a02011bab82eb575390f85f0104715f6e4954a1bb28518450182a8ef58af35d00e2fe417f07ba25dd9c85e00c3451082becd22e3aa0c9bcedaa96e6423c7df6c375b4c799c65 +A = 58e1ce4a9b512eb0632b02cf1207936d6707b802140540fbcbbdd712e5ac1426b4f36e74a9a9ddc812e572855d4fe4fca8a0de6644226f5698fb46a5f2a479dfc8b588aa8e02ddb15acdc79ed3d17143e290f1317274f425b869df54a4807 +B = 14e341cbb5f5a7f3b4dd864172b82ceed2887fcf20aae7d0598b3d8afafd2f10c27bc7456c1488abb570be3df04f43d892dc6a8dbe7621f55bccb0ee3acb1ade989a510b4e0cbe29b6b93968f323f0016d87944c908824d249769f8b +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 7fe0bbbccad6032069b1a335b3f2dac16089051cd9321f903181fad23be6853e2d209958e8c48e008be94a62c6206b34b4e994ca08b8f24a2df0e6394ea65b3b7aadb3bc43d04dc9d35a77e673c4476dedefd4568b4ade5d16f9d89486f3d5ed0566b1eb428cb0b688f10fe3901037744f278385754fca481f937cb630f60308 +A = 1cc0e3ed58090db55063c9ba11401636f89262d6ec096d361f448496e05181c5f7f2604333f26d511c13534618e90637adc807d622097f7eabfc03266135cb626e1bad20997e72da71bf2b3f65a4973dc27d2a594b1fd96b7bf7ec14b9e4b983 +B = -87871b2058d33cb67d83b6a56ab27839c6a6c771bd94e55f200a1257f2c737e39c4a0403fa410ea64e8f442d300df1c19c2f03d07fb74d94f86d26814fca23d4cd2cd3718252cf0cd8a0e36726f6e68827a1dab6bbb1d23b884381c702 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 35d7ac5cbc7e6c262ffa41be168b02a3bde9e112c512d1f68421d705ea34461ce3e0dafde67f44d44cf31d91b38d4d5f2fbf8c6c6a44ec3ed0298dd58f3d45c04346c11e57229dc3d2cdfea02c802732d9a811d7be5e81094d72172cd04caaa3c9d55a951c09f454f42add6e89e2d8a98e124aac86379df377606e7af9bc6baa +A = -4ee01518f6581c560a186fa05c6f4bc26809c4822cc74a0bb74d5a6b0a368aa9bd0108f26113443422b8c589084ad49f919a9e7821d99127bb210670e732b7cdf610e464e300a39d3dfa7c82f90cf00ce329bc6763d7b1d4224a020095112fefa7 +B = 72dc8973f7af7122a05c90df190bbf1e39abca908c197590dc7ac41fd0712f48f838ca62a72a177a293ee6b2afa7a10c21e7993347c3df4f161a5641ff62ba123999bf1eabef29ec0d33ed0919818f4b7c35b5f41e654759fc9abdc0f80e7 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 5d83a9b34631dd6c63c05a0c012adf97b4d0f20f61907e1c2145330211e9a7e38128517b058e0a85e993c385068d1cec768deb814bea1323dbd333de091ad2cad72431f20c1e70ff7e1b119768ba44e14292c38b88dae7e55ac9e10ff98e9bcd5f0ac05af499196b4be0c6222d1a63227ee895fa6a8221a4a182a1323183cd7f +A = -17b3e0c9288be15fda58c8fd228216bc466731d631218a7ddf1d2c9cc858c0219cb0757d3b680bca1b1964eb15031b5b9d761a8bcbd160db89be339067a2ea35e1ac3cfed701912a17ef9ea03999d92e3592e893183ddc05cbb98a656983b54590c72 +B = -269f96a4634eb37cf8a6608408128587ba45958405a29827d0d03d34816fcb1a2297f1319485439d3e8594532545086efbe4d21d31d30e2daf09b74fa8cb27df54e8f9f993630cd9a292c977eee70887158bd3fa3cfef321ef900a0598ac8cea +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 7fc1c65eade94d9de7440eb8dfaecf1004905135efd4f98257c3295b1e76ccf1e2ab6808d158d360b7419c6210c50efe960610973d9ae855c72ec0e81d423e5863c80b542ad455700d2d0dee5fc403dc01eab460c24687401cf6a3179642e59f2a30268df95fa80dcdac230702352bbf6b60acb9ff5d45c5b09a3403b954d173 +A = 7906bd8d3bebb1303c1df1fea0b2503b0abe9c69b4f4f5bd01eec9e314788cb7d44b93428adbcef570477e8ecac2a64822e481bdf520fc381e1bb0b2cdae2fe94e484cef5236dd524e4dc364b72f4c06d57f29dd3c5079e532b1ab1e71dd6a65b3362df +B = 1479ef2807b9c23c094d0416f513894cc92e023b134f44a5333360dbbe98b8161ab899302f4fa11b470b97dca0c4e8ab7ae47e5fd0962834e6cc1763618193f4ee027f667368da580c623080de137b5869c3081128e6081b9d5e2dbafd791773242 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 730c04094b1ce944588e8291f7e6cf763c70b79cf362dc8a1bc63bb8790cd4cfe4eb51cf15a45a8464d69ddc3e1b9383cfbfd643f317108cd9ca6a6eaaea177c5c8b6747bbf40108cbc0437eb8f11bd2a0939da59b70c0c6129e2c249823897f2ee536b0427bc45035f121d2cbe7441c175899b97c490e6c3ca01539bcd05848 +A = 102cf23cc3b81785c73ac3613c816de47fd585c7d5f175185818dbb4bf0bd47d0dda9702bce97b29d66e48bfaae0fd07b47b40be2b48ed702ef21c54b10bb927f9d6b43604bec4f4b2796b44aa6b4e83f8bcd00f2fa3871dd901570e1a32888d8691454c40 +B = -cc5349a9c5280a933e87ca38ce458a711c71ffebb40bb1f7612b42b4684afc495e99c4a5f32eef1c9564c2b7612ea4cda7a0f5df6b3ec9026447dc565ca08563d46aec7ced9fc4cc5645960210d44cdc3944149051d569c9295dc50862f8f6d1f6cd1 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 1cfe1842a53d00e4619265e2fce7cb566ffbd912c9213925d01408a956af304eacb85e29fb6edb812a95e90769bf1c3d62b0cf6cd5bb8f8992391d2ad70f38a14fb9d1d1eb522aa7b7fd9f1b52790beebfc887193882377b7ce567d317d8432e1d9a908d6ccfe8d2de7de497d77b023b3959cc042ae30aefcc0229617fd2a146 +A = -5c3d24fdb193ed83f5f6a825c1716f98e3cde6b32e09659f253ca3fd2a39402b5bc3a6497ed7bc908838e93422559a13cf59156254bd3fe1e3b8600b2a777943cdb39b9d42c58043f1d587424425d3ef5f5538ea157112970ce3e09a87fbb5f7c96f1b5e65fa +B = 675d9d2a05288b438ddcb330acbd59e4639375f3f14ac2d0e9e8b72de6ffc1d217ce62f997577f7eaddbe4603541b132cd41f2f2740363d9c331ef22df92029d143fc8495ed0152b918aed7ff22f564c7cd94fd3fe4178c90365ace43def8fe30ab05c0e +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 83ed1948276d689bb7fde814e67fcea72c4e3509c48873c3e7349a8fa1c08ae11ea4d814d8deb1021eb8b8ceec342cba5002a2ca45d5f340ae1aa500af4c7db120d0402c6cc8a840404be7221bbc46ffa10236043e5ce4415d3ef1355bde26d2d26eb7127326d4b8d671bb96a08e38a2c1dcc281830ac77202903a5e4777ff02 +A = -1be86e7c87827922d2e8a06e3cd6b64ac9a280c525749bcdbfac4856916321a964c9346d17465378251e6eada42dadf38bc9d7d87367bec94ebdc21af6b1302e520db08a64ba6b39920683725ef02b011a3e4ba46ef0eefadb98582cb911d0cbeae9c231b5e432c +B = -352059faf97b433089a688c702b97adefd0c91d51a0395647f822c6762fee3287693e302fc5a5584a12c048dea1a320cb96fa70b5daff7c2ea21d249467d14c6bbee15a1e94c030e908342a939fbe8ae0de58cb6d6eae7758485e392ff6d5d64465b701692c +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 402525e19b6b68942253d1a51fd9b2ca36fc84cf938d80b3d52fd4302de142b9d93d1663e89340fff10c2b5efc8cd47fc3b5cc5ccd49a6ea3038ead6454bf190b7f88f52c56bcf00c6ad5b0f5dfb7615915ee8af137dd99cd3d21172ab772f36d291a6856a8e7912750139c09aa024b930a0a6b9eccc83c2c5c0ee2473ea32c +A = 65e5db532ecae639bd56dd63045bca39b33b4d70b2db82ca3d0ee8ca436e671828cde80217b48eae7487fe110830589ab1be889f1e1463f3b0757d529b2f0cdd2ac92c35e8ec141885bbefb6040a3b5e00e64a541913a38fe05824a929f8c5a2c46568c61989c3ca7 +B = 1d9c73eef8373cbb1e8393feb26d55c33a245c33d7031c234abffb2f06a1601f7f3a79ef1e8664c51ce5dba5f5aaf3b9a9e42470d381219b4616ae93c7f6e64792d23bae523b6a224c1f714ebc82a11f9be42618922b8d2eb7b55e4d45572e68a19fb0ba72228b +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 7a9cdb5dcdfb6e04351057d731fddb9e85f41eb432f01c0d980673d294d05ba9b0180133a89930e74cfce78ed54991b494a19e7f80f310b85904784cebc5639bbc631e80751807868e7fe16719e8ffcd1f2cbd1b9f303c3ed488b647670be3080668b5fa0e53b6342c33c87f0ca1efe1ddb1c877bfe2556aeb61805b06f41343 +A = 1e412c3d66aea2c503f3aa5dbad368a61d969a2951c0094f9da32d2794e47f3bf4c481ae23636baabdebdcf0753d431426b1865e62de8eae7238a9245d62820ad7f17b5380d701f5db776cd4e1ddbdfd542901731ffcea5bcdc247fa9c83f7e08a9389e5a76d38be21bd +B = -afd61df72361260484fade8b432713eb740df83a401d73492883a5139c918d5c911ff5dc00140637da1c6acfbab4b0bc8fc1f337243d90beeb1c2a083ad8069494c73a99372bd38712a5b5393c779ec1915e878600e0b48157bea44ca8e97c6099c4ab07fbda57d1 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 712580a1ffde78c8cf98ba71843c8130e835fee3afbb45e372d04c04cc388e403c9efac742611d7974bbae982c3aadfd1893f5da280afe0c1db1d81a9ed73b6ed9b7f05a20ce828316103259112d7754560d66733041e9470ae0d4dc95fd0484bfd56d66739f38ead7efa4051187ea41f7bea8fe5d958a29af41328246e2bc35 +A = -47c5755ca61ca8b7ea927f6fbe347f1362915548ab38c40f0418f4c9ba4ad520c3b2469d9ba3976669dec0b278461bae80eda53e9d11447512963e797f45460f74678acdd69fb9efe3897913b6568f8e03a6d90b4cb5bfb06af132bf118574b70e6bd2f6d6cb4d0089379d +B = 5bda68c0a64218d3609d75eb4832d5468298f19498507d7d515f4c410f04dee535947571a5e75f1af7f94a5b3b05fb742fde23e7cf3f8b3dbee0a569e5a36d7a3d31a26c4a48a299044fd72339d2cee1a68966c851e76b93ae34130b75f4abe4f2260207d2254d23f56 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 4a1a514aa4d1ada84fa841d0b668930c904783fac521377a7d622201867d773ad23dbb667e0d4181616358f3cb088cd157c8e72bcd03db64647b37aa1813f870cbb0318ae0a3667f8e6c19f6e0706217646ce633f0cc8bf4e8f0f4d7329a8647252ca6d376416d545e73cb9a3cba40f8f9465d85d57c2481b84b6d95dd42d50a +A = -1d68bddd8c3e6b78daa0acfc63a6f39e97f19527a43f6cdec47568d57b47f4e4b7ee88e4a28d683b569e406ecd2510351dba25f10b9f7c82d6da16d848bb970cedf7675e67937921bd334eec4bc8fde83d67aca57eec804ce22bb342167602fbff452d5f0f2a7f38b576e1e50 +B = -34d219765916a4c8ec843ebee9a7aa1162974d41cb4d6b60532513608452da9993749455d9701af6b7b6c7454d7f2fd5c344cc938baa5259301d4b56ae8d25b6f6510ae6bca114cae6791fa5a9551e8a405f5b1c0bbfc27138563b2d64f9a4d7a8f42a23bfacc3f1ec9393 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3fe24e66e381eca525b24cf767215837019f44ed4fac6ab118d02cdbd658066505ee5b0feb7af51859992ecb97d727121e38873f748a61d70201cc43228a7732156a80dbe399e05764be19e37dc1b93222bcdcbc45b1a4817460f7021dcf1d70e632bc6a306628790201222bb522f4cc80adcc907463a539b02f74004d42adff +A = 773454a43f495959dd55b8a064d70b1b1ffe45c084f5f9553582e24fb402b564de68e5379a8d9d02af101594e717a6c6db2e7173e557a64d2f28fd45c4e06041deda040705d99acacf8086830af19c7ab5e27f91738ffbd937dc27e5b7869bb6caa12c2d7930366ff75eadc570a +B = 13d884a2396268f1a8186748a15722156a172a56dd3d8c77b9cb7001b6ee06720653507eba9bb9918f2f699cb37f3b5ae514f5180108a704647f19b0fc075826153edda66dc1105c1008ea8ec6f8c10057f8e8e479e1a1274edfed9ef719b30827a30f26da78820c3696d01aa +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 715bab8708e53f76d2ef2afbb845bdaaf978b54ce25f84dbbf9074f16d30a18733a02a4ba5d7b092fa6c25d3b9b0d8243c743910f1b7b785d9cb02343fc6d59eb0817bcff05646030ce4fbb2b9ff76781cb1af66b46553d365d02c61e677ae97defe92d057d4378dadf8cba9824b0022c086e0d78b5442bf3d3263ba22c643f7 +A = 168186208c734383d472374fbedc2d5d430e85690a4881b740008623120a4f7f83b2cdf85dc28bfaae5870abcd7ff1bc782ef11c78a75c99d41f8aacb52fceeb5f10266dc65eb00b0868937340146d8850887686d54218badb97647a6d82c0c6650ca1f9078d73fc6222aab95c2967 +B = -9711e5b3965654bd9427f79c89a0b3f3cdec1c857f4451eec236c1f221bb6773e5dcc30e7381a18a813ac2b03ff4a4ba679aad41e0e5d7181d4627f682ca2dc8af9a8b4f878771446fb225a979ef9c7e641cac819c307c8dc50d9c1ebadf912ec7c844e416f95b546cf09391f9f +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2714b99dcde70d6c3be8b671d78abc155793f13105fd4b7c5d760a4c68ae89987311dabf2a9238d18299f983b8aca69a9ce398fdf2c9775d90b11b3dba17bcd8edf661efb6e9c50b4e37553cbecb54eb214fed1d0847287732810e550a4c86b51d4e5da1cb7722ce4317e69644620ad806d6d1c94e1e3fb4d87de6178a997453 +A = -75231ed37f1dfa4487c9fc79a6f7b36929fdca086e42ed41f79430b2dff521919236fe415ccce590e1d3b986e16dda866f3f0d29ac1adcf55d87fa5cb67dbf4693293188516e360bac513303769c42181483fbef7abcbc4fea1310c916396d29f37d9058a62aead94511aded7c4b8de8 +B = 5aadfe65df0e5b877fe45d42d7ca02882cb6c686d486374da5ece6f87771675153c84d74b6f40df1db567b7e1e3c60c41d21816f958f5576fd2ce2f84a8c3be4749dfc7e5561266b7c9698c7581292d0d813cb77955458d63bf94ce87472924c4ca79504d1ae9d5f025c7a2504156f +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6613b1c8ccac0cb8fe2f59e76fef4dd05acf1f1b2bfc20aa3f193622ce3e9d4c7824ad544477553bc68f05f0b546e7c1ee87301e111af7929d1f40525291b88e211db7175f4e5c0953141914fcb4fb951dbf77442e7cb28fde495704f1b5141de1e50fbd0e359d0d86ad709c8f564c84dac81c7602717c269219ab1cf12e809c +A = -1bc03897b02d1edb633e2c019e40c20c1d89a210b0733412aab675563fae8bd75dd7e65988cd8df4d9b343586e27f548becdde274f62dd421679554ed9eb127e527a69d69fa8b17aac0424dfa2a7692d1e63617ea45564b55f01a70325bca050862d583cdad96c4a2e123d0ed827348a745 +B = -3d5239dbe7bb3dcfd8027204eccf5e9444e68d322a0b0c535a203a1d0c054e7dc1e588bacb891388241462a5d2b43e6cce34ce46a23e6ef29670603d31001374dfa347dfcc794988e58945d0d2d17da6565cfea559203dec119fc357d396f65b296deb07686b0ad2d25a13fd4fad88d2c +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3a7fc5680aae875b9241200b9f4112a82cd624ffd9044138ae3cd65200631ee9d7b918fbffadcad7e598791a9f0bef3e23005d6bc0048ba92461283492df3bce74c66e417b082ee052fd8f808d71f3ab18f9ffc40f8fb51ebbb936d09c26a3514bf868141f7cf238c1abb3d88e5d50dfc188902254f07d63fb8cb611ef8e4149 +A = 4a30f32d467b29dc83b40bca2fc4ccee5f08a64069cb87f20e63387b2219b12aa312400c4ca59608f50a71d2535cde40a6d248290793fe01693ca40b93a5cded2dcfbc9aeb36e187c9d650782d12bea917daadbc6525f266e074037803e4b2f300778ca8dcb304658cdb502c93c94a16c6261 +B = 1ca5e5218dade077fecb81d579e1c9290431b34df5ec84aefaaf233d68f17dcf60ee010db26320685af13a821b6daa9d73d8f3a30826c3ae7b2bc5e219cadcff826283cd7dddd04cea7a5e0585d6e7c9f23b27f14ff815fe53bcd75fe700b1b91671bddaba737fb43bfecd2a77e5b752a206 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 768d312175ce7d2601f30bb38339f046e4c2ba5c19ae5f7ca5a562cc2462c579fce9985e9e8afe2578db542c8d9e7693e0c74ba161334b249ce720d568e9c18f09c87cd701e6f2080b752362f2fe6252a1d0caaaf1fa18199776e4c6078d89d520b9c63db159d5fba7e0838811e68794b1413c248f3f7173ef29eff28f15b656 +A = 149353e91bdb70cdca8f06648388508511a64d05221305cad7187ea40d9ccef91fe17ceb1e79667bf66e8e6b7a57faa90a83bad119c02984a8f860bc1f23ffd33d4ad84896610301cd2e8e80a5ca7e8d3ee63e7dfa459793c9dbaef3569eb4f8a021c6a3d032a9c94d3f6b8278274d0088a98228 +B = -a7cbbb6a434e4b022d312ecd4a45fc7fc4d3aaca038cca0fc56e529fe7119ccdddc8e76d51a2fb862ad3d27a16ec8a51e5f66b9c7fdfbddcd05a0ddea14172339cee340c8c651eb653c6aab6551c99ae94f26116e15dc62f2c2e63305bbf84590fba1327ee721150d46464d7e22d45d53ffd44 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 763912f4b16549e6ccd60eaf7a0a1f64d9c3bc83e4a9b87e209a3959ba3cf609cf47183bc543f08e346b6e12b8bdd5d1c07c603f74b286ad432d58d7001299ec7a4dcdb56ca875dfc7ee5c75bcfe2aaba14959bf3facaebf8df92bc12937cfd4a4865b3dd74b243ff62ba256d110b01b4089730cf48efdc66fe272f9241014e +A = -4df3899b40d51c83dacb442fb143835bcdb550136921df78800f0515a6cee77fe3236dadd2a0800b79ebdaaf8cf4aba5ebb60cdff3e4b4531ecd0903c1674a4559339123e9f09158080fc53c4c6ae72c961c8da2f357b7c05368157b4956e592c41b25642457651abfecb4fed5d9fc1fc3825b772d +B = 450eff382e73f2f38bc3a4abecd5f8de478f80a6b99fb6252173c90d7099629afe859442bb1f796855ee9a2940f21d1f9dc44f462edd74b479e1f2926ff6faefeb55adbc6152b5c97967b1dc8c44dfb85b5e02e870d2920b75422c8a427e99e35e2a4be92cb0ddc04cb7f4044f716be97b36f045a +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 56ef57d56c6d1b94cf0fcdedd3611a8ee444c2e25522b9ad175587619598da341916b183be03b1e73be300f9969120d8f3a23750cd8c4ffdb87124a2139e8ff2c15d8dc944bc3c3a066aa16dbe6dba4a74925e16acdb2b2e83cd7fd5cedade6a7f7409a509c00dadc182b2860609cc9a375cb8bbdcc350bcb2c0df9b3bff882e +A = -143caf995b7783b1316b5551978727f06512fe114b419c735b3381ec351275fb7fbd6ca88b848c3e8c9faedebd6d084cb8a231636f68f6803d14bafd90534609d4a4ac0fb953417be7fee4e4cfefa452c5ee5d1e1b97ee75f83cca8691a0efeaa8bcc1f1e0f18c0c5d6c7684c9da6c9495d31a32f40a5 +B = -3025fa05c55826c40089b12741b7d406f748cabf692bb0227519a124653160142633700e3c0676000943556f97551171d231c1a35f7b7d8f96b0366eb74942466ceb4660f09aecb2fb2ac050ef699eb05bd8834a2ba959ac71550b5c026b9093c8cbbb7c5fb9390a7818db682b7c11e58996c9d0add5 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 42f363c34c20c443c1ea7a1c54f98c6977b6671164a80308000533b2404a7f280adb1f3b98101cba25249131288f7ac68b0ae2572c7777e7381c1f4d05fd82188c4b1ed5636652e0bfca4d096bbf4189a9358b79f6b6333b99e5c4b7a940c2f7d1413bf9f47a2ef66b620b5e220b2c3dd7267452eb1b9d8d9cfb17bbfcdb6abb +A = 499d05de867bda3118a8cb82b80ac91fc505e0fbc6c7dac5fb61713cb6e715f56a31ae8af4b400461d7ad1687a2631faecd90d7829f67d1b9e36ed7d55704b3f2aea65eac061172d698384daea710ed92cf1140cd4da427174bebd173c2ff1675b2407a84649b0a318602f33105006fe4d5ed8d0e015b99 +B = 17a426a12a0175bb46bf7a7e727eb5238af383cee6f4d5e2bd82b0d29b9fed35f3d8ec95cfdfcac49bee47b25d3b5f375a3340fa83f8dd9330a593a974d208debb7e567e59dbb7251b54e42dab2cd50fc63aab050a41bd88282373f8195c94c35f61bb48aa921f574cb4ff0984ccedc070efea8c46e5cf8 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2f03374e9596cb56cbbd89794090ca7a4b437f4c05fa38a09db60e5ca900b208fb85b52f71c29fd35e62c9f9529d7ffe46fcc54607ccb07f6f8e13fdd4ff1185033ba4fcefb1ed4bfc42c3ea9f05276767d8dc9b7b4aea4c8bc0ce84951d1f590cec0751f73667db19060e2bff64da30fc048a1f5700fe3f489920675cc3540a +A = 1073531f678877ba854fd1e7f857659614c526847ffbe8ed131dc9f2ccf69e1f1e917bb44a7b905f7ff758f61c06dd59ee09567d9f0df2550fcb98b776ed1381ce052988aa08fc5153e31c621c6a51ca61b386e3a9163a5cd69608b3e200476a8ada35d906c41d044bafe71ef5c6f732935f15b53bf36f7ef8 +B = -de3563925474e5408e245184b57f328e265b6cb62eedcaba809d8f257eccc0a457eeb82c451f93af93ce9f36dd1aab386e7c02b356f31c2d170169dbe15e70cf5bb9073b35fe0e7c7fd7faa91c5b2b0740734f12eb741a9d9ac6dcf7cff59f6e16324ea39e1e07dc5b9daea27ac674dfe5d0a5790abaebde9 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 1aa22f9013bc1cdebbdfecedf710c1bcaa41c696a3d7dfc1c8c601fcfcc1c85c8cc24be7df2cf3c7311b3b17a4ef2dbce545dc467d2a92d371e02a196a9977cb9042b236acf99d8c0d34a1c4dd8792d3497cffbc87c397ccee5d01fc2c89ef051324a7061e423720d0a3821a36739797393bdf7a45b5fc600824a17043312bc +A = -4fb2e3fde2a0c653104c077cc6459c9234f86cc2d7b317329b68289826d3e2b975f1a69bed1a53418a0dd86e1b2723f4c4c5a29d003161e667c2315ec24a36f8bb5f2eb0a94f261e791bb829db685cd0ec9e1e301dc140ea57cac1da228124ae029e2b8ab1fa3ab99c55a9ca94dc7b767162c0a24af851fbb984 +B = 63702537a07971e399aa9a1a0795db052d6c8185c79107216babe11d6d8d472b61e604cecf9eaa6d44a2fcdd1ef0b6b52226ea0c6902d929b09e16576e6d1a6921765b2134c5d23c69ed61f36ea9a5552e5819350366240693558fac7a9d09ecd3702076c8c758a4bf6843fa843dfd688bef3f73515db31bfc26 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6acb23ea695d4b60cce53079390da3cb3a4bc3a6486c238c421f3bf6c93c027a0475f656c3e5435f0211e90458ae81772aa956ef284093020f7b58ccd9373f3fdd39fdf4adb8dd64590f4a7fc05238ba20017bdad07f5f9a6f076b71554a7741bdd8c98ec68f8fee88396cb1f47c64d6da4c228caa3dfc7a9a1c032a9ba4fedc +A = -1b2496ef929bc673042996ae80f27c6bbd33fa7c20580240ef8fba985d1a6117d6e746989924e34f281e7d2509175d0773dd999bde16662e88fcef52978d19cc45fbae3997fa580a66171d398f4f0e7605d9f4aa4f728902cb886e6b6dc9f0161e7cf1ebac05a09c5a1bd69a92273280758173fd2c14550ec221275 +B = -28399206ae2820d26a5aa0bddc4903776611d08fc4cb34a22a8bdc2a19e9f8cdab94217f346a8070a4145f989e1dfb49cfd100267635af0e062872cc879c534ff138fca603b5d45a6860ea85b6de37cfca000c81fcda3d14ffe81da919b2a25214209b085bab9cb511889665fc845acbcd038711533da171d8308aa +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = c012c4d17ea4c95a360218adfc3363f6d89f5aa524aec70049ef94c2c05e59a66ce01e25588e164bf2412f9517b7740de53d037e71ec3a1d426f05b18b128c41a878da75421e8c8ef3ebd5effd40735c00818eeb1ec63182b44e817403c9f1f6c1a0155334be63a3a15109be6d45ac0d1b1ef5cc99e9b284b00c487d91e5472 +A = 796fba6276fb7129eef2d1572b305f63d7b8c49371cfb3b2c67b141071e66ccdb5e321fa2c1bcf624c77317e2aa135e1137dfa46a34c3ffefa2fa3e316be81f45614d422bf86fe4518c2fdb7e416bec199de033cb5fef7f193a80c0f0e6ee924a12c8f705f5ed3793ab770914924b45cf2578bdd09c701169f0a881e6 +B = 12cf934763127284e642ddc232b1c889cd86617307b6ad72a9fe0d48befd7c5c5370a0062dfbde2add256dc0af850813b22320ceeaeed347eb9319bf22320b2fcadeb51c4bb26a160f7459fc172c27a91d367d5a232d00cf7bb778fba83afb744177bf1ddf45446baa035fcd0065f9b493d92eda37e9138f4fecf3ec55 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3de123bbd50c35805b943e76e97b7e664eb9feb99860750bf97e275029e836217375cc1910c13269ffbd0bd72bb82ca445ccc4b693742a96d19d3dc23f78e5ccbba46d9ff5975f239551c36403ad5fe86997536456c4a5ce54807c24e3b5317b1c7b2a1661aad85b63859d427f0703b460cf72b9acd3f87e2e69d7f8f15e972d +A = 1d0433d84f1de082d2058475e0168ceb369013a67aa9417f066c29c28272a0b3f8be5ac7190ab78591ae72a1dc8ce628c683281a9ad563e134387b9258b9c96d2df288fc118a8cff068ee49d635343772c2fcc252facdfc93112358414e1734d6948b909b53e46263e9a0cbffa141ef77bc98e7fae8ae2bd85bd875aa7c1 +B = -a31a574d105305e47f4fc00ccea0cdf854556886b524901c22e6f3b59a42915932ab209a8d5da29ab70d1472dd5378d9c79a7447d17665f9d1f1edc1e545e417cb65415cb8a368075c16264f42555d26e83adc704b5c126c6129318a8f394af8bdbb32c8114470d11b2acfe806acdc7b96e1e348a32ff96a988de76d4623 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 770f0c3104c0f3395fabeb75ddfa2c21a111d23438463941239f7c63e4b6e6832b84508ebf3cde1d90cff0a2801beee05cd5118f9a726a987eb58def6780be899b473ea71c697557ff63a4c6db894e9438595acdd98abfb529d75bdf3c1d619d6165a9edb6aaab8ada50b61a3a84de654706a9aedb7321b0523558e8f18116fd +A = -5fafbd498d610e9f29c38a5c6c262b71672fe9e9c84f0f071b549390353e4fd0101a059b7c547007e27df97761767302458f1936395142ce5776b0959fc5ea039429d64ac5d50c2ae0ee45d60c0c50b7ceb4ff9853d57c6e883f588017ffcaddf5a1aa3e23ab068877a114d9a2cf742f01f5f5d611424c8ec0d082f5c165b1 +B = 552155ef110c126afcb87dd20251220c7a43bd0215ecd22249a21c93583e120ba6f046c6fe03086ef3c97311c4d520110a450470a473d8633e3560d2cb44c25559af07516aff50d6d176e8782c06cd9aadd3354cc695c4ea8dbf85e01dad479c8e8438154351fd5fcc6fc7e9d2162ce2f0179247f756f0b9b34b54be74821c5 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2e9ed66317734668c4c354d720a011fc65bb67439b2ac9203dca65a8f567682be40cbad4f55a83e836f1fc135596b624e4327acb085a61b6398237fef5a6e6560b488d4a673b5ae7d734b896d9647d71087621cc81e94d58e01fc2cc2dc775f9ab1b6031840a672fb715b77bd636e3d87b4949ec7bd60721bec8f9907b7c072f +A = -1a6b046d691830d33eecf2c53953676ed3f6fdd20c2252f6e915052ec28ad1fbf7a5f264acf87ef8ecd515ed921ce6b85017f3d8a8f1d14f269f31e3307c6f935ad468cf012a912b0650a15106fb949cbae7b36c9cd496538bb0646a7a28989dfadc719424519bfa43cd8833d3a748c758f813881d83c98f7cb2a63c2a4d06b8e +B = -34f87db0f839af6e4c4bf146789db36b3d0bcebb9bad81db690ccc3a35070d8830c9745b2fe730a1f3a252612e7026bf9889169b57b8984a5479cc4cdd6844ee3e150a2e7bf7680eebbef30e0591c895cc8b2ca488d489554f2339e2f55598717ddd8ce444a060cc95cad9eb478491ee8d3b8358c3762a970224abdc1068af0bde +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6455ff7c12bf3bc37120fe3f1302a9916a6ffdae6ee6a37fc23ca2f3a7ad910dc0e1027d4dc304a8eb4eccbcf3c87cf52a13dde472c07e2df2420c1d36bdd5e88c3d76e774ccd2ecaf6a0ef55b8c60231b1348a738f812a4fd9d0c158fd5a9fb19cc7cf9f000860d4cb6509271c8e43ae4193843324db02a029beb58ec2955ad +A = 54ec203e2ababdb0348135c0679eca2a8e778ed46e53f195331a48d3828e5e40da804ecf95eed819ecefaeb9c5377cc1afb1fb220175990d347981353e7d90637adf8cbb16812af8a3783dd312d967a490f8efe3f23746929cf2a5a8df58e0b878367f6c5e4d3c086f947fc2bf70bfc3a0008a8bb1d7d83f002930640b6ed94c334 +B = 1311b88a05224e15f1465c8da26784dbaeae84f818e029301ea39a982f714c64312f9f02d094c401abb6a89e8537d64c178637364bd261f4a27beeaaa901cc7b3d4e36ebcd9453cda33d47a53c6dd1d121dfb83a222cfd16158eac23482c8abbfaca59e765f6c1fe871d884d281793eb19f6409dd6bbe4083bf762ef24c24f0127613 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 64104f6c06e563ec66de4442d35d88117f2535edf9e012897f44daab5a1b8a8696f84db7a68d64ae24a394debb993bf6734c9df542c7e473b2e497396ce39a064789d5d7b339b65766b002a18096e7fb9f312ea5997c2a85463fbd6fc18f25769ac2a2123ccb0e72f14b0608c4c22add72bda138b83f986e78d5c9da31b15b9d +A = 145f580c2ebc6c0354ebdfdbb1d3d7fa17f0b55493b0b9a11b71001c840a967dc77f0206c3dde161b5a773a6b5fd9471fa08b205cb6f728e3afba440b55268d6a9542e234ec313d53583c580a391d8da5943f4a900b279ec9d8933f2cfbb260b74ab714a8b9a1af3190d914b6e42212df84f933a237728a5fd5473ce2e272eb82bc83e +B = -c67f9b9295dd5844307b8fe3cb9c1875257258e4be6229ab097e148c0175ecd0de4d84fe03c8da6e27153c709c2526092b1abc73b5fb40f1d4da9e0f3d8d2fd5f8a4e6f3c30befd80e189b73fbd77e8547b34010d2aa57072db0f00537cf3ced95eb517b23e0c854b4becce128a575a31037c3a9e106a476d8b0277d26dcee435cebedc +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 11913c40d577f70a5346ff1cfdca492ff52b640eaf257510d311872c8df7ba9756973da5b9206c6e5254bcbbb4bcfdad5fc4594e41ee44e77f168e2d20a4b228480a9908b102dafddd039ba7f7619eed7057e8af3a72ee491a61dd049bd947e5b09a94ef94d5f336945f47104fddb8493ef22fb648ff5376b68e96c0555d74ca +A = -5537630b7cfb8daf76d14e617f7b69f7b75b472801a9a818179d83ef2984d0abc8ea4214ed3d3d2bd785060e9c2819e861d0df760fc1daca8340e8a2c997c9ad201d6d2f12a82ae3883cf9f5c51ff1c25277c28175859a7b8e5b6cdec7cb3875071cbe415bb698b85cb19f617162587516f93c728ba8b2cfc19f238e2cfda115b8ec0431 +B = 597296cb27080f33a24241c1e98fdec32f7a4013a7340d367e4cf2a521cd462a2803109c27fcec353a30dd20053a1f744394fed75829e8396f8de434399bafd6cdb6e0ee81343f0cb99ef3087a7c69bd43bd722745a46cdff0c2c837fd87543c3c63df3896ac101a145b478dc224644996fc72460a89beb5741b91a42f2fbaf0d62c099b32 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 42f420adf5c6b32ce53fe23af4e392517e37013b8c3a7d035a93f6ff45142b0b0bd5525cde85f9b7bd9ce219bd3514617e89ef4d9279cb9a3e89e44f1994d72febd23ffbdb0a4f19cb76448199b31c5cc6d7ec1e46fdb67be1211c0ccd93c123d56ac0d9cd2ad11f0c58c713165003495b75b60665047ef80f6a393474cb727f +A = -1c6ac9565d1950ae6c55025f76e0a040eed0462218e97aea87208ba879acedf413ffd5e63a92dd8658cf5f49d633ce7b126091a55701168ee4932db004dfe8c35c939887fae3a892b0b04d8eb74191bf8fdcf5566b4d3796a5d2596b1e750f64201057ae60aa705edd58aba4b48f6a2e511bf5007a6c44a27e3efd5bf2708f7046c1fff7864 +B = -244f2a90a57e5d066fe22f4d52f91b44882b8ef76d1dafc3387abcb224eda4a2100239e729bbc745237f8129d457e98eafb2ede2f3afb81e63520493da2a5730f1170b31fcac21259e90c894f8bc488c5e5dab2c2635bc7b1ff56c3685607f6fead73a09f83a7a168c4245729ce5b06e482d7d3d72eff33d14cfe2f32f72175484ffa292a9af6 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2239459025b257fd0b6659f54b8874f93f07f4d6240f8ad761c9da288cf1537d8bd001eced284bddf78edd611c7f28f1393c6fb879aab6e7df8eefd347d63628b1ae086148f488b01272f67ca19db71a2b284eb17e17aaf1e3e8f23ea253595de474d5cf47c16aecfae360eab7855868b8af361491f6ad96f893f9d3eb66d07d +A = 558613de283911aea1ee21d6b926f531f778c5226e978ce329860682b5375fe5e5328ae27b00f504f2a2d24470d16c1edcb8e76b4d1a740e55538e79ac7da4b45c5299993513ec3bba7e7395dc829a00d4e228618dd348fbf838eaf0bd50f6c70253fb1c1c734a07d0813915be25d3163df13511f3675022cb85af7646c14ba5d13f615ded8e5 +B = 1f3c3c468146c29408d9207e15b25186d3b06b3fbf9556eff7ed7ef7788032d87ae1a4d2a0983902d4c70936c615d8c9ee26c89af8b58d60231ede54e859763237d5ac59af686300a3e92f456484ce77700557ddc0f93bb40e5d2e5117f2356ac7ffca26dcafb3ce7a5573e07ee97515b6b082fe75fcc9dccd76b4fd416e69a247fab2b30965d9be +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 7650985e7c6e5461268867dfa9782cd8154bd6a4bb5857d6555e9d9746ee79b37e44638940bf8d5e974911327f0e53bbcfda0739056bae2248015c35839f35e7e359e93d3a339e7af38c0cb43eac5b41e1406e34cdd4afd458a5d126f70b5d683415b490e0ad61269ffe7ea8972eda6addd447d97e60891e5099ee920e18f233 +A = 184845d3762ad1a9c925c51fabc7b9e15570a84a06ecef994910845d56869264273d75fbb84a31c97c27eb9779e8b39f6829638a78b266326b60546507f65128caaaf36d4e7f85939b75cfb3145e2b1bd8372531cda579f59efa0da9c95a8efc72faf326d35c660b4444627d328bedf50a919029dd164de051a4c0c924103e365cd640b9637d8244 +B = -977390f52af784b52c1d54e82131b072a1c308406e9b82587102e67c6f7145f0020952231a5f0ce9d130677bb5a7a37d5a06dc570a13a29673c8a9068f06242ac438806c37ec46136e7c1c1487ca2d330fc1f3c1f42ea51ba2805b74c44a61fb2fac109710dc3dae78a07057a753898d4e849b910f035bfd807178f0108812778345b256c7b59f8883 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 35d48c3e43070a10dac0e256afb83b219aacc0036f554bd998b9092ce3bf87bb5d3b00947f2c86fd4e7ab830502d15fb2d4e47ead087f5c779a9ba56e272ea86116e2c81345d379dda6b581e9c8f4df8ea56c78f04d4f7412d245e00ac645847af6ae97d5d2ab27e48cc878d8b510c2dc753f6ceb1b9e7bdd923e0e065a6c11e +A = -76e575cc79d7f0c313a489b255e85d114f3933383cdfe75cfef649f639921eefb9b3b3184351fd0ad252c6e477e153ee586a0ff6da1e1b2bfd7e953e6dd778c849843fa5cc355b31f5529ca45aec81ba67a1e364d5a74a4656d266f7decdd47b2fc2d81d6c298afa2d1c39b5e8eed519a9997a14513537cdcddde0b5b41314476264d59b7d3f0e9a65 +B = 6b7faa437b4e8db8fba56c62eddb8a81e9090d1b6655a2185d656b2db0e85225992297381d653e707aa15f3017880b0f07abf3dc455cb09c4e551b3df3516c6db4ead79b88339fc33dda96bba76ff7c388363c36b67fd5dd0ee63f92f67549dd77e37e9902ae51cb58057579f03286fc48e3b7fba763fc5844c222e6a1eed9e1634d0bd034cff222bf147 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 445039f359b55eec647296fbff4f22beac09cad32cae79c13d591e314fafc2b77839816aa4f641250938865b0a2c30a10e23da71a6dff5985ebf3df4429fe64c327557b12d987ad9e9971f7c7b1e4ad01c94e1e5322dbcbc4707a959a401624619029558fd6f5b14564469b13146f9a2555916491e4d77caa70f51716b299135 +A = -18ddf976fec2090f7d1f4d41b8f875e56c813c04338f595d6e591b3eabf9e105be792f45354ee9beff997e6c0e8ec3fdc714c07b3466ad1a949b9d30da0115f5484c3b9e00c7cf0c117db57c3c6cd7434371c6d9ac7a5da1a0e2d705bacfc22f62785222d59bb5bcd3e3bf2df8e845953c6ddf1b546cb75b1698dc8e20bc611294ff288056723f1e46ec9 +B = -2cbaff39103570df7d85a5673b50fb8818434bbc19ab4e33bcc8289a4047d85de1b7029a5cda3976ab12e1d891b7efe3d5576bcb3713c597771f93532853290068761bea04200fcaf9b05d8553b960ef5e28064de89d9e5097d12b26af0b64beb40b33ff82a55af7c5838b44282917fd4342e2065942c724f3cca515d9142fb8e46652242e8f0ee5ae07b6cb +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6727c0d0ecb4a375d0fd1bc52146da1242099d445ed9e87b1fad4daf8369fbeeec49027d88bd98efb425c1e3f73e412fb327680068ae57d4a53992f3759af0ac1b96a92f56c2cf552e6682d1fa90c3910bbc5c0b1754862ee13c5ebd62d5b98bfe8dbbf9bf53bf9ed0b967f3c9da24d4334b9f3f75314b429b05b8e27142623c +A = 5cb6c49efc6767cf956885690ef740337aa71b90c1d4b9b0a9e4734de0c0c50f2358fd45aeedaca6e1dd0fb510bf097bf46513ee09f3343bbd1c11f507eb61d51ada40c5d6b730561756480063f60caf05141bec9a769c241d367cb92fa8e229ba2e471fc73f48812a25bfc7553c395ca77b80443ccaa82fbb7198f8c35c3b5a2fff977d8b2a29cf9358ee1 +B = 16ff229a0e67a410555dbd4b687f1470ec854ef67db73a902f2d19953c55071c4a26dc320baa8571586f1fd54fa490b0d87dc83e5bf20b78956084275518b307ce69aa4ca1079e3aa753d97fa1cff62e0b5f3b99d96a24e411fc3a3e375ea21b7b35a578a72df68d28286fd9a324c06930905f696424780083715f77961532bad061f3901ed276a9eb6e81ad4b4 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6e9947beae4d934253e481d27e854a59c4047eeee4fdc7df7e174a8f045776109c148ba3721685195b8fb59263def88891c5953b5a0ae85fcdbf02abc76f4d3c0f5d9496327d063ce8b3ba875b4f119dcd8beefb3ac884c25955af61c35a69d0670c3c349564e5b84f7df4252d6d3b29d9a75f09e9ef79f0fa9f797bf75b8ccb +A = 188785951a3befcab56128cb6fb9576bee2412e6cdd7dd1bf5643babae83c8011af99aada405e119c3be33653862440005be994bf37d3802cb6c73cc312824c56841004c8e871ffb560e93a1d222c93d63684e90a91394b9c8ba8cac27b414bf818ee0de7217bc2faf099783800485ce2e93612ce39fc7e2f1db708bf9bb032d92b66159073fecdb2e0257058f +B = -8dddf094f30284c213577ceb7f1b2efb1e4213a548e6aa840f801cd6382fb6d4995908b7827078dc3f46fccdb9e071bb8531ea8971de0ddbb714d678bb71ba9d961e58cdd5f41b8472146ff9b814a5d1d6368bd94812f8d38f235f39aeb2421a57499fe7102c1ab167df7d33b32a6dc7c8eb8f4babdd6b6c929d1ebd9bf4774aa40cefbf136feda7b6e10ba4dbef1 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3f4a8d90017dbe8e77205e65fa7a0875a1ace6f3f215c2974e47dbac779804143da3dbce92db391c2614c078997c7d1a15439ffb51a5787f5bbaf98a4dcef576a6317b9b92dd8141a8fadc05d3be7c150630668e620a4e07b4b00519f34e422610a160de112f1ab8adf09a9169ba95b60242c89196ac6e155021dd84b3054511 +A = -65ff4322f8e46e03aa6c1fd10a207a5e51db6991bdca232c0dbc9d73ba77fc485d881868be7b14c25b05bb59b7f5bb6c4b2a7d53f35d2d7af282a0423285c5de656429ab7d3af7d92837e41ca701f527845e98c2bfcb51647512e6abc6675cec2a7d34ce55ea4dcfe9e7a8397d45a7a3e73bdff06e303a8f04ab6285eeb1bb78b1455931cae203078eaae826a6e5 +B = 4d936b603eba3aeec3d3f1f9acff02a0ecc28a8ec64b6bfd9b153b1bbacf4f1e186d3deda8c1c81e759237921cec53251250e3e838f5063c4a1eb6cc93637f35aca10b965533d18b713617a312e74c446d63eccee93cc97e3723ab27357ae9b3cbfcb3e2bfc589a1bd582480e776198df047c3ad85f611ca6fa480c70aeb98af02f57d56dc9659b2a6bee222dc3e0566 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 8a7f3cde3230af1f1fc25e0c0e9ebeb69161d3864fa5a03e5d7f8c82d9940ded285df35c008f61cc151b4578e2677b2f2cff3236935de5bb1d113597eee448496fe29bb18343687f6e9f1c783863e949a0954de2993d47a03607423b458bfd18c844ab57e9e2a43930df159ce8564edb5a2a37a06425626502e3ff9363b73c79 +A = -100f2984dc1451fd7b71e5d290e4b7de2d26175a47b9bed524fae02bd5abf96faba06e955107329559bff3805689633a4a57275732bc42183acdc792cbf7b6b24dbdc8921b73c0308d0c0ce5d8aad75f7eb16352e67116e859b323deccfe5d9ffdd1f0265297bc9eede073146a06acc3c330458b07b8fd0bb652c7325cafdcfa165f69cd0de8b145d49ddd576fdde15 +B = -21ac4953e54347a56800d75f6feb6ad660b0442174cf3c5dcbcf6528e2b5da95a614d3a8399da14507df4b8eacaddcddd627b10ec2dc5fb8c43d96a38e6dff37189ba275afb9484df800587f4953e327af71dbd58780bd5885b4cdab15ea0f2864f961bbfa9bba6b2d9448443af87c0cf178990254c1ae6e19003b1621f3240a6e5d0a3be2deb5dd253f5e1f88dbb60b522 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 76f8b44df8d8547f8b3d8537393d2805c699eb37d19bd115bd5539adb6b6a00d004def3b7793d5c71e0ccd2b7e9fb87103c1a5f56a8f18ede1bfe1607a346297166596aa78dc584c7c32832e11b72fb4f2d40ae1591f341919bc0157080ee8febb7fee5461a918d2178fa407c37a8243e24206ce2c19c3addcc2b7c3c1912b6e +A = 56f4d397530f5c90203df1ec799f82a0096888fd370d543e33b5a2c8042108bb75a86265204c40fa5a9a44965ad2fb41896b134ea56c79699a230f38c0e3fa4e5d346cda70e0253b9993c9da5642f4e645a0d96cb732f8f04c99a83d1f1360a385c6e1a972b89915489245ce58830788ce23b9e62d6b48a7ff9a486614d6979033f7914a0735d201c6f29e512374088db +B = 10fe818f6af7a95cfefb0ea0726f9a3e0e7c30dc9785b1fdf6e2b810515448386c7efc656479794d389e109ef3efe37fa6124c5a7db3164268da0d98538606c57bd2f7df9482860e81f272a27c727d7d81a66fc1a9bc8c385cf02b7ca6bc7ec2d8d6ba1dc992caa216d02c9bf0fba8ee754af77567c6e275ac1b6b1b36b065760761300d156e40da8445712b8fb206c0df346a +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = f580f9d2438b22700c3ebb23d1dc296f3d33deae2d32dea51c7ed3a0ce7b06af11046bc1cc279bb744bc31e7f822c17ffcc5dcbbdabe213bf97bb85c7e19ee71a513bf59b25b3b5787e42e9f3ef6aa1acb8705d69924a107b4f88e0cf9276c2c7c47fa4bf56c4900b557aa5587418f0ddd899630ad3ff678b5b907c07247b2b +A = 1017a4fdce8bf41ce804b7c9c836d85ff6ee899807e1736bf0357b015b701b9675297e5ebf588ac6c295feed3c6a367987e192be0d89523ac7d64b0b9576f311b5b2705c5398276a52f06085027480c2ca72884ad7be34967bcc6c8cb4ec4fb761e88c16866a2e284b40180eb14536810eeeb180ab701ec47ece62af65a0753f95ca657e7d04ebf3c3a7db02993da9089840 +B = -aeb03379fcd4e87cfd18957a72fce42e016951a72b673a9e81f666b3cb20d2bba81400ecc2b38601bc3270eac46a633a1a6b55c50f00e9d7fc8a20176b93e971cfaa4f41573b17b8ccc498f8a3230825afd0d7f102daee347a9d59cc0914ac8689c1d8b39ccef1f3def44054307a7cb7706535f0cf4007231ba21696424c3d5b42c8e85c278f7c2e8b7d1787effa601ad357eeff +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = be05efeee19cc91e30a9277a6551aaea63aa3861b63f6061efbb0b92296e09f4709529eb849d9f40406fc59c526a4697144cef9661b556040458940ffd6a87ed56cb073d2ee0e6d1f05936fddd1b9a8974a3088577847ddde6bbdfb3d69158d5b3899c13ec78fb5cb6aa7204efe308bbe0b52f18381fe838536707a8a27ba0d +A = -669660e75eae9930dcbdb99c477c980869417ec9c0e8c4053f0bd8ae62d496daf7539f37af96fd1cfcf3149bc02b8182a46b413e3397b49d4b4d204491440eea65505cf5d33a8e797af08f3da41f5a0804214846bd95d730260c6545d51126278181719ddd396c55f119e84da71f0683eb6db8393b098b3a0c5999862644e073b4918b5c8aff17efe860744d85bc94b582d45c +B = 6045f903a750b69b709cfd6a1c8ec9fc0d7da9c53a9d26fdb0ce9a17c6a0ed5ba633d6fc01f004f4a48cf247d61f7df609008ca5bdc8eafe06dcfa06bb67efa6a584b5a2f02768718a908978edd475a2d2926af2a6e523549a5cbecedc78323c5c295bc0b8d3e14053078492e82e339ea2c6301412a5dd7efc20da0aad0577a37d853eed820776e672bc6d23dc821b5855eabcceb18 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 705bf20b7d92e68a69019cfd721b27373c7ff22f911066907f556321371fba70dbcb9774d3a26ca43e44ab20c586a3c1546fc3152ce011be66e04a59c6631bc8bde18efb7bf1743b9ed75a7a6c5bf5a4117368b81b112a3cd4e1c44a621f534a11c426451ea5fde880939ee5bb28d9843730e284520a976cd9f60c94751050ec +A = -17c1dbc1ad1d2d33dfe1af7b4cdc7b69fefec5a92656957e111aac292e44719c7c752ace33dc74a6568be38b576a5ba174bcba77a034af5fe101699c99ca39f8a3b0a20679e6d0180868a232fd8fc775089e185e5eb81585403f32619a2f4d857bb091a824a89de2e84529e5b0702b45771a5816c5a823d81ddc89f8a70cc3d3a0c6bd6d85e9d72b69d2713b61c46161f7f4700bf +B = -2252b54c602456c5deb86a0f249f3982c3836b70a946f636b22fe00c6e3b91b94e19200a33087fe734ce9a3f92a6099ad03a95ca523b7edb9e1ed3464d38fb96c470464e1c54790cd48769677efc5e1d22f5be4c15288bc5ea1dc184a05fddd5e576b3b4962f37437b4f9709dcec374377db44c8ba1d8611c0c3ec35f9bba213eac59a047e78195ebbbeff941c7f862e8c80eafb72b1e8 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 7306e3172929c00c29ca1db360eb4ce82066f237e9cf6aae368d1f531620e9b61eb64f5b3e2b735a3b565587d7e955d052df94a20e4aaabe493dba2c18e85fcfb65df166cc48733632d165129b112598bf5e4c58dff662e558e5f71b25f36708d3ab6536b1cbdb5aa2ee56d9e019a9c3629185b188af909831629ffceab634fc +A = 6b31ef80767a7693e7d0a9ecce54beaf5848120f036923d80b7a0245aa6a46135e32314f3b227268e0bfa1f45b4dce83bea890526c7ac3efdc8e485189ce2c51597c2864c2d3664584be23559c03670622a53edc2c17b3f1a92640078ec35189dd7953e55e4da0290ff1e2996d164d69f1bbe6f5285ae89209d611a7d760e413e23285066eab8e126c320bb6130a91d67ef26d4dabd +B = 183f06828033287497322b05ac08f62dcc5fa67b7a10c6c5a319c9a1e642754230c6d9809dcfd2de4bb9e360d6e6e1180f6ec6e0d4c6185e34ed299b6171e653521d0f7b8975ed5e7d2c51d27f9784a4b6f9b5e97379fcdb42e4df981462cd5bb9d0501f93f217d954f6baf70343ec710065eacbd2b778430ddc36a7ef0515f29d5fe78d8708d8ffb6c3391c6f632cb1bacb4ec52972ce0a5 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 361ce44d153f4d251952c0b90681a19b7d2d8df7a6c5d459691a80c06107b2e818f93f30f8dad352d2dd87b01530d51fd1c67cede9b1a6167697098e41bdc5dc5e7a3c310116aed0c7b5fd99dfcdb3517c13daaba6ad10879f600eab846cdc110d392d9bdc0e8ab34b317840a725a7a12ceb48c75e8dfeffe2947aa85b2a5158 +A = 1e1f2e44bc7c79a00afc3b2570d5cd27ad5ec9f45aa94f63f2ec3fa6b69077480212a1cbde25ded7ab1c6cb1ec26d5905948e5c1d6d109bd5047b1e038666054606b42e880b609f6f00a219dcfb504d481d6fe709f4362940f6c4b6f2e05d243722cb32bee5508ec94eeebb53b5befa551d3ab5dff9cba3daebdbc97179e56cb778aefdda6a0c24265728ff9e59ca3c2d615398d97e66d +B = -e018708df037aa2918850fabcad82731487fb812213b1c067d0688462a4d518e5ec7c4c84f2cb2017aa6bc960e2faabbe361ad8f66355366cae869d366f06d7cc32ea08dc51631e7f36a4c775611095d8aed06a0086d0a471749246d7157947a1eb5d5503f207723a7062382b3e45bb84c6f555e48f6d63aaa1c04fe13c0108507c0ced669a5296bcc16debf18e03c32eefd177bbc1dd2f19cd +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3aeb3ff6e797d271fd2271499a740a91569f300d7392a7b5898084012a3c5ad379a57d5169e43089cd58fc7210314758d5368dabca2f0ec5cf6786801bc99b45cd60403c732d9f98936aed76da724bd3e7d4b622dc690778f11fb0310fd4cd980b220627f7a864e107f93a6259081c6581e5dddba4890508af8057c1af29a745 +A = -75e06b47f60edd23148c3736c9c125a617beea7c8fd47e662c9d9be883ae925b7801a0030df3f4bdd3c9fc386f18c4e002e5daf4a6f7fa27b2f71252c83d5f1695e50d62a10b99e1900987b342290decf681a064f789e11bc3fd75d64e2e78ace56e7491fbe0eddd6f9958a5f95775c920ad6c051ebe7750fa76891ab00f42c910550a42bbc1c1e5aea0ae13b7e6f916a5d228bd57e854f7 +B = 434c8e4767d0d7df2125def75a978bb1509a26bf8305cd03df748c6c12b6dc580a2c1ca9a4526eaf3936fbc4ec797d0733217a54ffc9e1d7c6ca04fb39679859d5bd3fa64cd0a09cf1a056094b9c20ddf1f00e134533ba9892c2ca7346ac8d0655250eb45df9f0b7983bbf71102c6f1a2d9497e7a45eea7b3095cac037b7aa755beeea8a6191da268780179a652d94a732a2a5c7b626c0de3145f4 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 734a429c91f5b0f06fd47725ded06222c0193dd407e9daf136696f203e153c9bf6df59016849284cef93fbd35edef2cd31c9b956fbe562d2a22100f177254144718ac7d22c99783fd523b642984794bd7beb0d0b363e28d3f3469ee332ee364faaafef25c1d4a11b5e517e44a412ba717a113ea9e1e8f2d6db8fad6f10d06950 +A = -18dcd213e9938fe4b6a64abee3b9867f65e47e5b0365d45a8dee14ddf787f34072ce32f38d4d48ccad236005a23c5fcdc02b72cf27001495663fc56f428072d3f1bf5e33ab2c5f9dd9facf122f7225ea03c2f67321530a642803f65a2e9428f32d0d974e68a25f705e4f8140568f7e4b132942b49f9ff53f04f241feaa29aa353925fcade33a0cc192fee2628c2111da1e652cace9d304d0f1d +B = -2e5397658a5e6db9d30f09e93e67a30dc84b1e17c25786e041fca48ab710e1d0497ce615264f1abcb23d5aae8412b58430bd801775acdce06cd362438898697940712062b611c92ae6ad10da31784207c5e7b9362b20d7254da0df8caafe0736002dd466d76b1a03e91a8dbe8a71107abd5f07b00fcdca2017391c7c3263881a3d02a89b0e16a2a765a32d24ae6584cf44a88975c539402db9a301dca +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 427609751f28edb62c717bd98ddf999cfcf65128b652be1b5aac0dfe1bc0f7687c580ec70c8290455a9448c69dcb550c0cfdd109af561ece2ec8707c1d02e8097e780f32ddd932e706f81f68711acda0e7610f4dd0fd55f6ac7ca3a3184f655b0b29d2d62974739b43ded96b413b9e3f0033ca1edace24b6bb610bf06b5d940a +A = 6576c31d48daaf7d6bc3658952c4ba18095f1a0d73726f6fe59381af45a2a6b592adc79fbc3b597e1eea711ab295cd991441fb5fc4ce5f047e571a7d949c709e0d31156184be4b8a6a49691ef93d7d3b120193f6ee82246aeb896b8b7b4c74c27c02cb39fe0335883a3f088a71ab42b947a0cd59dd2155c65a0274ec0836bb8c2fe394500724ef84d869bee40291363389e7012d672b1eab6696b +B = 1ba2888f30be283b588cddf00eb3ae3c641e35fc0bb3a9fc85d7fac1e81052129f499afd3e8458d4cf893d51fe4a2bcddf70f28c8edef16c7bbfb791daedf1a8248faebe36953560498af652d1f1c7aa0e9a5a667d9c94f7d9525cbd5a82147d58b738dfbba5aa162858c2c66d0dd7d8db38d41a2261e6efc7d0c8b2dd2d6962be0fc796705cec8e87a13092e4a3febdda3d4dbed9d11a1d5f92d7dafcd6 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 533d6d8d7384e6e65569ba0daae0a8cffbec1d20e417a6edb42d401a59de0a91a7e6854db081ce33b76faa63f6d866993c245e69ddbe6c86d339f7107a4807856cbca23cee2bf5496388ae8fd8d7c78767d0775acd7bd6202dd75451b424034e2766185969b5663b638d539f718e50a9f752f406c224c000bf1ae1fdd60a2a82 +A = 111940235b144a42a13201a41a3f9e4ff02948f8e9127d9a3007906988a50b36d7622d1221155f2516812074a7888b1d8334a01c02ee33b3164d761d02b36729c299ce2455a462bf18471fca42e5b01615d53723c3fefa5aaf4a039a6caad35c348a0a4dd3f0204f084f35c0b93ab233c4066dc50c5fd3897a769a7c5bf309f7a9c30e905466c8394d509b79d62a69b58c73d8d3f1665ecd9a8a4dd5 +B = -e2633e43c38c0b4b8713c20bf4e2b8ccba680ecfc1139954fc42724277beadea438596942fea1094091671c2060dfccd0351b2fba8cbed35dc963cc18f8e8835052da884799d88ec1887712000a0726b17cbc4302421011d5be8d234440eecc363f09e2c04bc9cded3cbbac9a5bdf0b6d418822fdd90dead20e5bbbb3566ca94ab85f3a00d32842eee6521edd18b9aa6872340b2f47deb961f58bf231e01f9 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 33960d7ceac73f342d46275e04fed56563decf2fa4c0e9307c90288e911ac8782f8e1354fb051a9da8e2db83d7c710b5d2b611495e72ed42259ce783a7e7a8f601c07061ec749481d39a082f29dda1f9c7f444a33ae1c1055d37a677b848af371cd3bd41c851d31a07e144d7add66df39576b8200a8b918201630b3da8e664c3 +A = -402034484e499a8efd610200790d443c5d3be35d19d8808da85954d42dca3f24177de48f55fa2efd7e4f7f624d806a8d461c3bbe0b626fa1f3cad2145746464108b367b13f3537ff395262256bfccce5f0414e1f98b59ed29940171d46ebc4bfa1a27802cc30d9221cfbceeb92abdfa6e84ab4a54965568aa10ea631e82067ae358a1a93a3a3fe3a5ed5636a0c4cb373b4d49f46f8fbbaa665a19200b7 +B = 78ec7dbfa2b28e268619ba6db34a23adab25e7f8690aa9464a7d8fb7c6b87d5dd9d33d4c023bb665f2d96febf2638fc087ed30796fe7517fd58e4120c0d319688e67a32bbeaf62a987a9764be75384bd499b0e00a850f27e303f615031299c631844d10abc571f9f2a0f742cc0e8df2fe3c244bd825bf1d9134b2f1059e2a1b61985ae8daf9bfbd9eb24ba268ca58553891945ff1a314a78fdebb5444677ac081 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3a1ea3fccd6f336e6d444d68af1753b83145131954c20f1e3c433a89eeb7e267425a34d91f67fd65191dce85769ece2fc7ab12d032f3e30f8509095ecc05148e47a85391b21a18257c338a6a3ca9816987abc8143fe443342b34afd8a52fff00dda2e42b1b39322bd38c6a1f711051f791d6cad2a47ebd423a9b933485fd5861 +A = -1869c53f86755aa350115a9f49d6248cedd42a339506b8ff59cb878b7745956f142fc4387322c41f369773ed375b72665026771d4ed1b9ece08f84e4782d4c3b0177853cf9ac3a55f7e52f39c1b82aa42b30628a4fa6a838754ec6ff9809308f675e455bca6f44e298394888d85fee29d8a0c8e9cdb9aa08d68cd70e13a243b5804a3ec199f52ccd462ba6594d856602cf1d5efa509047633923d31f78da3 +B = -2023c544b6cdd8d971bbb345300f7a101f6dd44dede6bfb5f4e6b4eafb7a40728a3063f6d4bdd0f606ddecf062828cf889b2f632d0c9254c28f36dd974aef116b73cabeb2bba98635841c2b4d2aea833e35eb1db9fa9a9d33bf7b51c49a14907dbc6036b027a039192b47406bcc56bccf375fbdf40b82ac4b3c660a43d5a6eb656868d383cebd099d2a73506f675cf29649617fe06097a46de93c13d1e590ef2cc71 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 4331f18a94c169cf0253136bc4eb7480c9fa4401c18db1194371dd53e5f7b75f07ec2e1e1c4116a5d2a8b2cded4b22925b67a88af9b8479c6e821d58cec7ed9f780a4c41e729982cb33f69b87d01c11cb9a8f7952db1920b6eb2124fd5d820555a99327117d7e8e26d18e748fea3ebc17e1d07161fda57a21a70c7f4e251612c +A = 5e7d4ef7d6ace6cb106e38d96085d3f3505983fd952498af3c1d9b2af61e4ba10e14961b339c6e64e11ac758d5fa18c3222138290866970d67d0a4f4e19f453503eb8dfb85b44d1050c86943e7c5d6faf7851bedf7d0cb6b13d2acee25372243591d37dd230907457fb440f83b62395f80f59a2d02b87134887406a78efd77614f3193e517f234434ab3be084f1484d3f2c1f68c67c0d6e863585a8a5ddd0be +B = 114b6e6726433ea88a2ba965f0881beb3ff4d377526e4e099741f069abfaf29e129a1f5fd243c6599f725a389728f755f9cad767ca1d6ae5c8b3a32102e47af211e86d67574bddfa42b2cb466d968f38b47333b1b55211fd9a315acd5ef62cfd3e83c13ee9d3fa20a06b2292177961dddc7dc39abad9ea31ead1fedd3d699f651b656edceebb0bace11bebd0cfa581dad577b8b42f0a844bcd8c8227880876dd7b0aad1 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2468cdb1a26eaee34db3d2724e37f023c8a1788526b3dca99321b574685cc8303c609c85401a58fe6da181daf4111fe8c6d4b7428b1cd301cdb9bf8cb6f33140756c8b490d3b2e538ff294fd6471c4d17b9d9e4adeae0df088cb9daee18e825a368be57af4a096056b9e76b94c8d3b911b6a074ed41082926773a585007752ce +A = 1e6a59efe0b14fa017c32ffd0962700fa9752242b06ffd0b604b9bfd125114d4e0909534ede704cdf1c9e88a6567f4a2989df752510d087d7b7afb515ad594627ece54b8a8e539074386121c9a3e1c12eb2641ded8719e56d42ef50e2f3b5d7d59f8a6f897174cc00a7449d2b91f33e9df07902a95479731a44fc4ebe8048c449bd515ef6cffed70ae78c832cd43491203a247fcfe0a403862266777947fc2542a +B = -8a9d3646831dcc852fecc8e2335549e8baa2e2d82fcb90846ee82bcc715c716d4a9f62be29d5e1531db73c2186a4d2f118266de33d966b78f989600d772ffc55b1364117d6750cef67f4bae851e7e3f8fbdae7b79de7eab54cc1fee56e25d0632b2929e352c882ce78fd64dd0a1473e80b6572f0d4eb67f6bd6e45c7617314219d6f7de5e505a9b395096cd36650d23e8d57d6abfa9faaf0ddbff90d32865bf5ddddcaf28 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2909d3aef7a21244efc9b5b16626e260907ac11f3d00647f2170ba37197e47b9767030195c2f6d5eda717a83a152141bffed2e26777417ecd8e27aed8666698c2e85a414dddd52b07b52b0da7e08b3217fa6a331f84820d21086a4424974e1e8cfed3501eb054242a9f8bf0803a94981b7b81776eca6d07cd50c050dddf81d68 +A = -73ecc8a6a1507fb5dad40677dc6ec75f0d130ea704d1e87b00d2bd56a6be21714bb30202739170b8dd3605f0553ff57439051efea2a97def70a6d2cc3fa2b9ec27a00c1338bbd588513f0f320272b8933fdf6635e585d1e79203efb5c95a454fcd7f33aa2aeac08902107e9bfb29587ce8610d50cdb7f2033c5b726742fa9f7f20b4780cf9244e6abf6b812171a64b870c3ca4c9e898d4c15e9f5b0194ae736c3783 +B = 4049ae926bb52e862606842bbcb4a5148bd1063b6a56f331cf10000c524b4aaa80b3bd914cd697ebc98d68bd3c2bd5c87fac4ec68606c264c56e25b19d118dc9f2eca19bebca07269714f2955e107b3fbf85530b1fe99c42d33031958280b8e8abea5a918a41cc7e6980149ad68fbf1c0041798d2046d7f88a395348b295858c61c2f33d8512b6fe75aa8fbad62e2f9b0b7876ef95af8a7b7338a2d6b25ec6355c276fc6ce23 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 22407e4fe280ff5a10eaf46d8e1f5a1e77a07410cba4106466d703b11764c60124fa355733b47327e952a12869476306926cabbd797fc80b4a6dedfbec0b7718ee754d447825cc405a98b85f1e09ebb9294c4a4636aebfc61af4545b921cbe759d3f389beece3f29c2c7c07691a4c46a1a72ce418a239fdec80df48732627866 +A = -1e165ca7e1eabd2ad1264d5ed9c3d2b687f2db5b507a0e4d21d9e042cd46e93c2444c6aea8491b5caba2d8146bac656b7754b7b1ae0f6216029c7167fd3b1c3ba2e20469d386d8566ebbc05cb51bf1f1eb2cad9dc4fa454b07cc1bcdb9b8f5a43e354c4e0f4e62d52798f667080a0e0a15414391269fe8c92f06da74f6209a3b215adafa1eb6866f8b3e419468e2e5b4db0d0ada80514249320cecf034477977bcceb91 +B = -3f314681eaa4cb41a3feae8467f7d76b8b05939731fdfc943235aa4d67bdca30e64de541d17a8971e829bc0159384643672bdffbc93b3eaded7844d824604f46aa58b1f1b9d788106aff53438954af015a0387268266a6ba262e2fe7a4c51b5af6ff7f918674b7407ce8282f66e84fd2582edd809b465e4401c67e5faaa9e5748c06e3bb8ddb23fa649ccaf9657dbf79b937eb8959aae8d5bd9513c1e601c0e536cf60c4fc3802d +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 385ba217033463cd9cb882fe30373c2d8e8475dee54aba1ca9713a709f40844905c2544ad792784cc8eafbb412dd68de6f98522dfca1c3de8e3bf4cbd09bee4656c4341153b17c98f9ac09411d16ec9880835cae772bdd8eee51eaba7c02ca6a1034c2c5d2d48e7ae3eb0e22f59bf69537ab6f1e49e58a71c64b8934113eb069 +A = 5137226623f4ce4dc9b80a783777ef4e53ad3c2ec648264db472c517a96383ba1173e52c2659a97ce36341a11e832f4ad293b89696f91a051c35bb1db6182260d4a276d1a9b4be848c206899f87a361d318d38b4073a7470c5743b816cbbc3bc1b20dfd7971b11ad4e20d947e352d42760104a5a3cc590b985ee3b5e98c779e38d2581413a2208d31873f9644ec979602671c9da72fa6f66c603c1bb6d8e690dba8bf4933 +B = 13b45d4105e3f5e8e0ba36c812faeafccea2f1a30e2ce8ffad57ffe0dadeae3a23e813758f270423ecda3da083b42432eead7f04842db8865f9f1e2226a3d298ec1895ae69adc55d1d338c3fb787f0676664564eefe46ca95206e81678cf1a2f173c52d809b1e06641a9b467f191ea09fcdc597271eb43da1a9a856784972ce0eeedd49ad363dee882438f09863ba5af063925871c525c6c0ffdca428054e039e149a424c6d1b5b2b4 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 7865f718cb30026837ca006f5cd997c5b917726ac6d9bd8c3fb9eabda0854d528d6cfc10e4cd3f93f6848582690c6a83955072daefc6959d33192fcf42a111650e50776ba9ae43d3d26e0ef2c6b60c3871aec33eda8c56353903e7ae96592fbf350b88d2f56e03f7f327022a2aa9b7c484a000135b85bbaba6f8836cbfc81901 +A = 16978c06a03276fa2e0bea45740a98d55fccc9d27321fd0a5b8522298a2a90d391c06c5c59e7eca85efeb9b4c91d4a1e9178adf816d597311f004ef98d209b59a2d4b901fa14c57b7297861ee58b89c9b2e931e4ce5818dd4006f3c40168bb4d3dbbd059c1f1cc24ecdc64d37df16b8e8d0529247c06f905ca88a5d283ca1b9e6856fbe8115a326061905b369791772a47900974339722d19b3aac16a0bedd93e1e4e4289bb8 +B = -de6dad276dcc0a9e271ad523620ec570fe6e3b350b934932ebbe36dd571edcde968b6590be14326e0f6394c0a2172052ff8dbc3ff15d94fb6e36a098286333768a84fd0404dfa354173d01f98484fb20897c439c48952b7f1791209fed94e9e72bfb3df5f368d420d587ae8bf036db6700f77b130459e9de2a541ed885c69c5641defa9436a4f7a69d2848d0e5d1074f77fa688b6dcc4d4c7de25a3b1b040546ef7f418112127cff173b +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2d3dfd14e7ec60f842d1db83e29a0f6b052990fe8900887dc44476ed3948870c57e72e91e1941c476baa6aa86f76dd8ab6e6ea41707242c46d39b54215bebdb1f28e59d719fde18bea9994610214ea68ad9f2da24e1ad8a06f8bc698f8e76379ff332a2745af472d52a4b8e57d60280e19f93d5be669e0832824321e9ad8e76b +A = -5144d5ca834f7bbb35d3fb95818c1f89ebe08efdffd35993a7691c05aa1b67f6a28e219b27fdcb66e516097c9ef5f00e4257c561b1f94c52c577471cfcd7a55314d3b0fa308b59449a36adc884c48ef5f34753bea746bd6fab2f20b86814c9fe50e8abaab742916313a50e3c390c67fda8e3729ee3329dc5e4b7d3107083aa3a07daf7952ebbcfea15fae7338cd0b114e9ab2f81dc2e80f90abff7a7ac59e3aecf76fab87633ec +B = 48b927a46dbc4e23d714b256084fdc7cb9d4c96a988a71c956e0bf98785ebc9bf22b9d5c6ba0c419e60afbef7b96cc0c4a13e397aa2d2dd7995875d2ccb127169423455d138131199a263151f28d232ff4ae24e316907ace1fedd02a02cb5ff9c831de33e6702010fee2232bbe3c1c193ce792eadcad0c81e7d7c17e49168377b68690bc61f22dfddb17d82a3b993804726037cfac8aabe8548befc52a3c6c6baaec89a392133cd9c45b1b5 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 3f66970f600a9d09d73fd1ff813e977f539d69fe1784b8a2f99506d868418e4b47338ee0cbceed555f88824f98ffed39befb69e8907a5822ef7cd2a9950a070aec8fe4db9d68e1c0620f9eab4ab529c7e69466e325fe1c6c011bf7ab62bfd1a136597d7d5c47e8eb161ea048477bedc88fa30e4f7ddab2cfeec3fd0bb3fb61a3 +A = -1343c391be3f2b72c4b79d8d6091389c9602e97774b18eabeaae81fc0539336cd8c899341cf75fa758421c7f32eba9df474c934642003408b32db66cfa92e6e414b42b1d49c7e655ffb4c80f5bbff8d2774ee4f7198839680175e1ffec0428939653c6697eb3681d0f92634cab1cabc63f423d5a71d65fc7150aaeea74f9e0153923a1c65dee4a165e6a01a88655fbecd2db7697f4d2b49fca2508e2b8f84129785d36d88bcf59f4e +B = -225a0a4afdde6f6450f28736c3ef6e67d67ec6206a63b11763bc6e69b03f1494b275ac504868caa6d56d684a12dc1098ab0d030583e73a2f45a42b8607c0f19031b9c5f07fb71919868911806d210d43aaaced5894e844881e89bab85a203af9ec3adb105e50b4250343ca50c26df14c46d73a22c2e4804d26d44ff0bbcc13d0dc7e326c9e4eb441f493c9743ae0eea0de045e05d19ac32d2379196a165e63ba640ca42e4861caa24c29cbfabc +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 54e95e86e87bc220c8f53f8485402327885be34e34063a1b81e52a23fc3056758cea1c039ac4e513f70ed9d394f5806fb771dca8e342368184e674e6296b9a705c6380bdaf11550cffc73f9f55b9385c85fb648f105f11138a3e1f9dc0a39a0f9755f8328701484d45784e3e4b2ebddb32c9d9132867c6513201116428b791cf +A = 5f1239e0b5dbfefaba906bfd9003336489ffdf634333cec2484c582dbc19b66782ba40942d047c3749597ec4d89ef61b7803d33a9842f0c903461be37c679ca213aea894d36c1e12bbcaa1c679599d2adda9bd23e712dd0d0bd3f91d146e7a04f3e7ddec8b0db7e12377ab32ba241ed1e01da070c1f3ec85efd8387a7b9421453969ecba8cbdeeeaae6ddb098084bcd250601af780960c32f0a1ad7d7e61fb19f40dff1060c5f332830 +B = 1113f145de014bb6dd6ca05de159b97e9736c45bd3bbd8477f739daf79615fe329ce948cab9787838d7daf797218af5ba7925685ea341b802690bc9588ba3e916145cd3ae9d0c4a149637b890cf50fdfa8f89a62e508eec68f9332787733aacdd57ec1f359ff7fde76138d5b33d32e64cf7d252f2bcff14be3adb1afd8da9dc930f5261e6d715ac75752b29f083bb1de7b0b89ddba633b8137f3fd299a7f77abf79781a10d897e7bf2c958a097227 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 6e0160eaac8e1c31cd3cb6c5fb91ba086d033b4b69e41dfffce7569e61770f6629f23e12f0074c47c46653bbba94701ca798e1a242f7c4e25708d3acb5af6ea307b95cfa220f8879cb4cfff96b843d6eeed2b15c8f1bb21bb2b511cefbad0618d49d9ba33cade6da6ab3b846a6a24e35fb36d41201d3b85be831522b9bf509e0 +A = 14f4e24627c773527ed2243c0d1947395aba5c9cf95ae62a48827ffc1477614ad9c7aaea4b4fdd97e3272d3e220601565aebf87928c301656e9edb08d6e680de845615bb3a81c61ed043adb9d708ec1447f057087211673fa6ad8977166a2b4a8079a4f29d48e7fdd6875ccad05d2c219922b814589996cd9642ea2b798197407acd274da30d3ca008fefb40a25b38cb6042a581393283d6448cc69df9a5dc2b0777052566a8608a1010d7 +B = -b4188ebc5bf3ba31cf7c5e100e79806e92ff6f863c3d68a66aeb3ae8385f596dabe6f627f3812d0f2baea319d93ae00de41ab65e42eae7d396cc8fd0a2dfd35f303117fde4db5e8438df0c2b3b680dca538b42a7c844a9bf0d3697fc89ad0a73594627578dabdc214e0f4aa06b40987aed473e7f42d318bebf7392d9c898b4b8d73a94726aef65807b2ff746d4a9aa76303ed7b4fefbab34f5c87c2df82d20457f68289f7b96dbeab581294974e322c +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 8dd91f390c1f85f153f332de17e5de82979755d835398cdf3dbda1ee73c68f8e7565a964ae33fd5b1f1060572bb3af67eec79c4c3e2eb4de118d471f74351b80a5dcafc682bc3cfde642e611ac1d5bc2c49b308c30985b1161c4d78cf7621b503e2dfaceed886befc004f3a729b4a9bcbb8f13791d973bf38fb8101d6b7a4d4d +A = -70e99398673324ee83495aa0aadfffd7bb9c94ee5251fff365124fabc50175d794fa84509f034c2b86d83607789338b0eebdbbf709a129a0ed0afd21c130d94b279c56f1c7c1eacfc6cd13f724a9352b2b37412242a47b23ec61ef0040a8855371aaf238003c45ab9d18a66cc7dab9653b93c323815e5404762d3f964d4654a6995af507bb2db2149eea59acd72af4d034217eaec0be5ba1d23890081a6a234e125572e3bcf68a6ea52d9437 +B = 661d8832671a4974b493e5d71e547cd46b36730f4017e50c5d1a7520fbb75f0314cbc2ac948744dd494d566ba580a2108106b120a797cfeb1fbfdefdab6bd6b2e073f90c77e814cafd0b7f79afeecd59778b1dfee3446fb32139b2311011576674f96f151f896b477c631237995e11e61e715dd8dd38e802af93124c66eee735c472972000cb4788b26752a630ba63b45e8ebbd979f0a4da5b359abd2905f0b7f3a21b1d381cd02ac08e284218ce41c907 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2b591d2c57f6a5484b43cd7ca247c48a1b38319e843257331c8807d499c7763de4eefed529e70d4c144e5e843ac00ee8d106d0d82163cfb7afe528a7daad8e7ed105942d1128a67e38d59325cffc0c3dab9185247e0082e3ccca82a900d917c9bd0f892d4b518a752f8e9d38eab2acaf3b3b59f15b0fe4cb9a3dabe6e0191493 +A = -1896f67485a740720e23e1642ef02742ce5f10a92e51af19e112cc99c0fbddb60d7190086c942d293d076b474d056e74ec9f0c42055d745a57ba370c51ab2b761d889b766cec909811e2b2fd11d6916b753ae00622f038a4bc55b813a5d06e6ac136e81689407de721ee852cd21ea989ea7c8cbd00b64614caf0974a62097b2eb865f46fdb0c1a2e4f2d839066b797e51392e5ebd14dd92630c070acb546dc7438631fef01594878643a4cf77f6 +B = -3a8e2f3b8378a2605f5affa21c4fadcc655f2f8357a3427d2cec0118e55fc2bbc25931259e294d91bde8dcbacd39e6cbc125683da7d0dcbbc67d7c5866f08e7c4732cd4384d9366868370ea40a75beb23b81306303da4a3e26ad357c5c743d0a4ae775a472afddf8f21cb4a1a3350bb6aa71037607c334a0c79468668d3e727cf1d0610e49f27780901c68aecf1d145953e45f5b090855be714cb39aba2efb0f7db2786b331dd9bb8843de8c73c95ab13b6b1 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2f53bdd643b5b22445e2af3667a93de52f8bc7bc151e196c0ab0bf3b4e4dc0e5dae9e507508711a9e3de52e2aeece6aff7fc8a1db65588de3272839390a35a847e29204d3b9b70e10352c88a10c86cd33e067fb530d20a3a5ffe67938c5a7a9218f1164f36a73324adef64da64d5fa5540d29a76a87ce010fb7d73a59b109280 +A = 75e31ab221c08b3bd73bed03f878bf7742f9b36a89bbfa7e90f9b05ec11edeb0140dcff6e9ad1d62cd7af34bb4284b3a52bf1b48a40f744b561d9ece056a9405ab15f508700b14914e4f427ea1df3093497410a0108066e9b259c1a26ea72082b3cf0e3a99ad054804da7bfa0200d93d65354b75e605b47a4e1e17ef851a37c59a95e1b5172801e6ecabf70f1e6e382740998fcfd8a297aaaba7d04b668e3d6eed40358247767323a8393ec359628 +B = 107aca18938a9cb244ad646a37a212859b3dda7518a5827aa2146b47bfb3bd08d772eb7a866e1f674aab7a1c74cfdc2bc6e9ad1a365686213655b2c7b1977855bcd42ccecb804bc01d92bd7d2667069d853f18a0f0661f028955e39f71ee82b9ce6a81dfb2951b33b123e71264e819bba4d0a8c53a1d99964ad9ffb58b7cb5cfcd3e30b1baf5aa5b3cbd20a0df7ec37563e2b32b4cba91bbf3bb6fd1cbfb2fe0f84d720efdf36e9645c7e9ec70442ea5174528bb +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 32d16f7ae2632b5cec2e90c34d191599acd9a1b5f97845595988c1d0d4ceb9acfafbc4aeee9924ce55e109ec88c57610fddc664316e0f9a5e3ed56ea447111c0383ecdf117ab42351b80e72720a4b1d98d4c73f5235507c5b4f7849d5e9b527d054858c0436ac3d2de2704c4bc25de4cc702f5880d5ae34094766938bee555c8 +A = 133a439cf006c753c132a8559ea13c64f598c5f8bd5043b89d04d7ecbf0ec58b225551c8df8dcb341198fb0b487774867e5b68f9058f58b3cc98168fbed0d0ffa86bf74b4fb0d4235976fa86d52b8dc7e82df176d70892954223cc484ae58b6a60459a9a0803ab856ff9699789172b163615e322e193bd758016f634c83cf50403e416ae241d9b1e44add17c2a663771ac88cf8b9dd94622d80d879ae41f0f4e7a1a32a1ab164f981900fc159aa85d82 +B = -fef33e21c07dc26a47d692c3094205bf4efae6af32f1c0f46ee579c1a22746a3663d66f2919f46f973fe558c61264157d531e66bb9ea10b4b49d9f6ad3ad8762a6ea8169a9cfe01d3dd65518c2e6e58e8c88d1b2f42d207399d7326752560cd45d0ff571309301683770793fe3765c1337d14021d39ea6980934c5fefadb93047ef07c807d0ea5625ae0cefd098988d6eb7af993c062ba313e23176e7abdebcc6e566304a5f9e03da05bc1cc58dfbbc898a67a5941 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 20877c7f53fca97f8e484ba31f23dcf51ac0f4fe4c5121eec576e043c6ec5492725f1b9f9ecfa64195f71909500a69fab2e591377cc2120bd5f60d3fb3812f9e80b2f6c787e0081c1439dbea76b819ab44bf6bffe87dffd771a870e4f5502609249c5260f91175fb217a9eece4166540be877d564049389306e0d6b313706297 +A = -534042b0811c9afca04d20d83898e7653f91a73de1e4b516f3228c6d6d9b963c7f8f4c36e05383da90f4edd072a7eda382c47b84b46b4dfa16f269c2d9ad0fc53ed2ce51cd31e4e32d0c1ee21604d3c7eed2deb35cf8df6fe1c0740a1515e4c702a2074ad6c0fcd403603b4a4e2195d19b265958ae854ccb0b41cf22480389a053f71544cf594f6833f3e4d91fd3d9091df0978d04d3922ed72a4fa3579c5fff50eee812dfb2a334148227a0f5739f8ac6 +B = 6935a3444434b0b03d27545721e253e4281884da027246e46ddefb01fa7cf7a9a030581dfe618431a68ef6d79b03b34f3ed598e7c8ac030e2b4cc887dd31664604fb8afe4e71fbc3135d6d3b4e596044d6b615de7184ebf8dae8fd58506286ae4d3b797aea911eb59ada39dac756d0e9eb6a6c767ab77b9348929a00f8e311f639d19ed88c86eb91f0d4cfddd34e98130eb520fcd2b77507c24b6804d3d65d1b21e6f6d55d1f6e92bba0544829687a096be79eaad7d88 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 24823628d4fe9540103ce5f611f8a6ccf18788120280179a40c2636f30a13e5076503e8a4b6b6ffca21da5b0f9f0d85feb2ce10b51292ed069f35289ebf5130972d720d20dfb8e6ee80c3ac598570d38e57ba33dbd75f1b03eab7847d865c3e8e471ccaf302461a6136dd13b8d31c9f163799a3c24c7284b8826608a9543816d +A = -1d476cc98529efe5b926aba3160b261723b009e9b880bdea04e9b5b03f173040ffafd1627b38be8e00840e85d7acd3abbae2f7a60b305256b920c2b25a8a4373ebbf1a0c69f6e74792cb0d849872500519b6d1c190da30c572e26b44590b7ffdb464a900fc38db013feecf909b43bea549e05f1b7e70d6ad879c613293cf61f0cecdba1a6565eff1bfcdf740bf553ffd5bb7d74f7e9537897184c527b990dea20387bab0dec3e32727786bb14975b23ff09f8 +B = -2b6e12c87ad91a2fa878b9245875209cbfef400e637b557c868ccbd6e94dae65f1ef8caab61f292d739b139e384137a747210c09ee6f3b2ceb6dd212e14525852b8c54215191e116b7097f6729f6426a8bebdff86cdc16effa08d932ab512d7265cc0f57303aa5e6fd2afe0a45180557935c230558d02c3030b38ca88de5fc75c1240d25a22fe32c4e5096aad0078d50989812d7dd0cbb02c736fa563efd32d14109c44297cdb3d4fa3b93a2e15bbb6eb678e93e943979c2 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 2c4bc23d0b4b1f79141be9149ee20cc9f1b58ee0a76d5f4205e0862492c18daa20171285d6ff0b600c358be487e78cb5450d151efcff8d53004eece94c5a37f49a15fb2b5f62a79568382cf0a4232407b139e1ec5a9595bee8435b4f138dd72fdc2946b03817e49864812b7b61f179bdd8389791178a95bb6311df0a5c60db2 +A = 5b0a181f07068af6e1e4b715d92c1b8391949a1e3cf0fe0aa49f3333c826f5582615d39ec28b1367804c1ef54f15fb83b3c578ef3ae957fc89ef22a343175df3ef2fd425f724ec1c3363aa000ef624d64c6d678a4cbd90b41cf7d69a7e03dd60c5d3470dbb75228b34d35469847772ff3d74b1a89a2c492c082d3ddb45ba4df6e3f228de6c64913b79679cbbbc36a2924e722c2c640d0c5a0e90ae86b5364dfbfae80df3d75823aa58ac6c1da78e988a11831bf +B = 19567bbcf615b777b35fa7030db7da18126cd695ca7dda67f5146c97beeb20df24ba0fda4a4f03523a0d9b9f85d9acbdb5793ecf9c1f4ceac81299a1aa34417779175a4bddc0e95ac68309da51e4f115dad6fec33a75d0c5520692a38df64e8d684c9304f9e2e6ac6a66d2e16a03c19a30efcac712aed2b9ee774ea28af4f37c45609464289de3f9be379c733d711875216bc223f2f468a0c9b4a8277bfe49c590ebce2e027102537bddbf2856c3b6e9389c4d1f5390cb0f346 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 36e1e0b44e5afc35d1e19e88e75f030569eb99d326721ced9bd7416ea7367a98305354eeafd204f1f8a652a8442eb0823d2e6644e6320933ac481a3709777381dce8a7c165b23aebf31b2ea2745ce5b352acdf0707234c824da9e1af98bbedf80e940fba00c229539f310838bd625f1fc103f267265ac1243855622c5df72c17 +A = 1dba8bd9d1e6cdc117a5a01b5046353084946fdddf2696f831a942d9db4637a5ee76b84d4ba63156b8cbc72e40559a2fe9b8e2682d8ba1db0cea042bb86f8ed71f6609df52526c42e7494f6114bb62263d36784dd55d396018b8fa47fa49ca6e5c76ebb0b00e6c764e36cb3ec75e3af6a2c14dee01fab78070239638521743d04f184dae79d49a2bf209ddeb4cc72e0c94a93a47c107f5369070ad95ffce034c554fe2a8391e67f817c6cab5b88ae9748072da5c9c +B = -849602ea3b79b33af2bd3ef9d1250c507d332e759d428902dbee054fdbcdcdc0a357a51d00aaafdacd696a15a64cbbdb7e1fdb347be5ddb1f609a4390a6f29f79ccdb51bd1f0547d0d9a2780517f8753a906428fd236f8ee1b433e57f2810d0ad51846304a5729f53a871d8b0e14355d24d3f092e50de4f044e2b8aa14cd8a51fbb2ff36b0b37defa7be768c56fbd4f5169d9d4698fb9072cbb0a037c219552728587d7c35f27456c02020f5f9374b6c53bcf8eeaa14be51899d3 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 77eb3cb5277ced02b72368e41f04a35796c2c6cc1273f109336fdfa745aba7c755b6ff3833e9b124d9c78584f6bfda1c94273522f020371107870c288592b7c23964320729d2308bac8813586e72078119852e1d7706d8e15c195486b8d94358736869b15d59c037ba4dc8032ceaa31eac3a9e3dc51ee17706a6956cff8537b8 +A = -6a0753edddef8b74f762bf802d7fe9b38638923ee2d81bfdda354d40df4422e6ac43724de1715c4088da2e68b63c10c90b236d7dcab39b9a0ecbce57628f4c2950c79cc88a89daa20d7a8679232c8ce5fa30525c56011570107697222e0eaee6871adced52ba01a3aea0ccc9901cb3a09eb4db2f93aba0083180bb41f3f9eaae00fb458381213dad01997e9b88f21b0a79ada1ec3837ac2b63611455fab6839363b796b105c3be6106ff284544bda2a32352bbce6ef8 +B = 542c5fde65111ec8a38d76d8c5735cee17329dc41cfd0f13bf47e6d0e0093a129f3449db380ee9a70ec1e44640839ff18b950c8fd89346cb4701ef753e6ef49dfd9bd27d9987e572bf8e68df399cf945813582fa1d33e07be938a7729efd9a5e7d730bf61c537770a0727f6bb9ea6add5aac9267bf910eac1b7d92ab4184734ef8b1d184c292b2b4295ec1bfd17b8a2a2e4d315a8b37b8ff9bf6a1e94a4772267195c5a7ea6f0a0c267337fb97a023f1b50ad697ea31451192cebcbb +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = 660a1f378a23fc3b47f693a347d90640fef43add9729d74546933f4b78a26968cc9a70ad6fe8d85bf28164881bf7a99e8b96683c6f4fb54162c144f99a27e3feb736f0d382d7e5b934cfa835c723191e5692b7672cf6918c4a7a93b24af00b1beaf1b80320b14cf2d1539e3376779872542406a5df961f765e59f3480e1cd40b +A = -1cd74c052e62ee8156ba5d97f28aada75211979b1c5925ed015ea75f693a04c4dd0a705f6a723ae7b79958884c96fc07f81fca064ce2affc70768923bfbca6049952eea3ae048425b7c6ad1611ed4b8b77f7605629b9d198a77a27f25eff2f82867845cc868edee4ae31afc5d022b2ffbf43c14fa01bef8d7cd9d0e58362a0ff9abbf250e43ea5065512cd707791ea4868e95d8fd2357b3b3aec1a06888ae940751ceab01cf9e49015d42371fac30d48ef5853b6894ca83 +B = -2ac904d3632e25a4d536097d80a157791a6aca6eb10246ea21f4cae07aafe907c6e4c726694e14ce12e376c02d326f4bfc02ed539a5b4615a3cf5c838ffa52124f9b843598a3821cf9f1fe94e7206d6a525fad1ef77e7e77162e8c6d3d860d4f568e8f81153dc47f167860cd52c1ca59b15f1eaac6b9023c8b375bb63b6adf6972af8ca62b39f044378b11c4a969f3939d9fed5cbe18c06749956c7acbf963f640a1e1ceab73fc4c77463ee8d1575d018f49bf0f08161ce4f88aaab5a70 +M = 8e2ba940fc5165c6c5f7f4cb56a6fde2fab687651099c880d38f6eff2889f6a3b2a3a186d1fee05ed452d11ac712cfd30340d22da763af7b2ff65a3f6e202e8b4f42cf5652c625fd9913b4a032ea9448591b9a839b8c25d2323cc2d0d3bf7a6d15896aa85237b6ac4c9c9a854a23449e30e6a2b7c4a2aee199bc20d30af280fb + +ModMul = cbbeda9c467ca801ec66fce801c6765a20148787dc6becb199a15c58fae8d20c1d391a1d9d57e1c74bb412e1b8f271dc2cc53c3355c83f3e2f00f15eaf0df735160a48e2273fd1bd75533cf94c5175ce67e79fa6c1422996fae36ba288a658a7a5422a59d39dd81ddea50979e933efc02 +A = 7ea551efeccda23622a1a5029e5525f46d5ccb83c28ec9adb7a3e97c2b7d936238c483a4a9bc92fe0e21208d5703611e2795b91fd5019272d255eeb +B = 19bd92c534f56dc4235dfb7efff6d941112d66acf81b079382c86fb10dc5473bb8adebfa53ea3fe6e4df8412e7807aed029694ca786 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = b18a9cd6a0a89578ea773fbfbf642e05935a995a38bbd54480ea3ecea1751370ef95ff5ad0e3203613f0ef6833237d549676a95b720848c5e9897cda82642a2f373951d5746b559bae2d98ac00fae26e5957c61ac1de95318b1b1aa6d5c64a6ceb6575f1b807060f9e2a241e378e6ebd72ade7d2df18d5353db7737caf52f888 +A = 13c68e450e9e091ae45863f6c1faed25906dcd90a43620b1a40e7a506e7a954256bab0225f3678e7ce6c4ba6e3a83c8f04a3491d9bf097adbd98fa6e78 +B = -ddef76382342178fa6636e62887fce6e19590065c766b047073329ea15fbba96f2cf088fa5a989f6ee3f6a513fbf66f621c6ea6ef2fe8 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = b18a9cd6a0a89578ea772021f58ce74cbdd8c44a09b3937b198adbd8e95e8e35541eca26438351bfdcd8600b4f9b71616e1f16cee707c712d40da9a440681f8c8647bc90ba4c68b08ce4cbca458bebd5110222f06b2ca980a2e9419e71064324e8c36289eff9c67f6d5d011e6db8538a54aeff8c20800b0949fa42c38fbabfa1 +A = -6d7e88715e9854b435876fc9bb2d25218a1451efb73ad9cc5f52b2bee929530e6618a858000b3f24fa5f47b5f461c84eca971e38cda6e1f475f6612ec32f +B = 49eb76e4614ac7b0ed3f534811a4ea6da5ea24be925ffeaa38bb228fa117ed56ae976b590d6c9d9a7a8546d8a6ebe4bba771d6587ac44f09 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 44f8596fc06afdb72a6e4f876b70b8d5d734589f41089c510b0da60ade642fd79cf8e705f09910912624fa1f646da596c137f124ec1a327beccba62a44f228f3c0977fda2af631e249b2a4de17d170df07bd812c233a96d17e1e93910267682d24c5c485f99aeeddceb658a7db258a2fdf73eb0266d26b92e +A = -122231b14c249820f0dae625342415f0c6e7f93787b4206b79e9ecaeb09623636730810c7936e17a1eece68edc7c97218efb17c069bc59bdb9681a79c910c4a +B = -3cdaed858523fd55553ef85d018c1097d7b88f6c30060d1e77b84821ca20b5625723c7d4331ccad1a70371eacc7f7aa11220f83f1bf3595650b +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 6de7efcfbc1e8d2cb14cbe4465c4ef71f0d1d7e80a1d80d9ac2d0b161d45fc9d915c54e33131591e8daeaa11ce02404c9b8494added1bd83e344ad4de7c04f626315caa56fcc5ca2ddd4e1ff064a2957afeb5d280477bf1f1195c7294d89049024fe821dceb53c7d270a8b4653e2fc0a4d8a3863a854bc3794753a +A = 47423c4fec1eb6779fd23e3d4070d0a7bf9a946f5610eb469876797a39c58577242daef8c34926f6974089fc595508d9c573d0a275cbeaf37172f10b8c849a493 +B = 18ad789cf09e9ea182eaf43b28b4f2540e533f0fccad325430b73101c00e440bb64b70ce0f2680184aa8caea2f6f6517e9b80285fea8b61887a41e +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = b18a906994d3247bf8a00f20e4b349a500159d086aa863772e71a68f91af9d19e4c021843f8bb6eeed1df708d55047dc8faf219e00d559517632dbd1cbf4bda61651b9644481d052903be1970f04bb4ee8faab9adbbf858324e6cf5aa9384ceba655a1a107210a9497552ba8a56d5e0e70b0c757baa71d1613683707357827f0 +A = 122773509ee608cd9ab3ff6763629a18eae41be64bcfb05122e0b3e112db48c64d2a5a515d96a042850c1c848ae5fd5f0ccc57b273d25bd8d68568cb00bb17b1589c +B = -af398208c01ec9700e332f3e694894c7cc412a73bde8a79e08764ded92f0d58db8056883972c79a0c9e0ce810786cdaa3629baeb9e5c370a5a59d3ba +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 64ef5e7063a1d95226569a27218e35e93d870a19a43fba9889a2ca98ca5c573fa56ebd77f1403b3bcad17c1351803a809c245a97bbe32b45e21768f28c5b11ad542f5e687a17f7811df6c8735e1778e94d9313c19fa32a6703af7ccbd88b489c96632d10eebb580cde3b905f6345a2a2b86a871b4fab36fa4b0dab9a6c1c5096 +A = -7dbdc37a51b601417efdda2516aba15827a40ffc304c523a47c544d5c0bba6c1367a20d8a6268a5c3f723b1b68de57eceabbb00d44185ec4ba7ecdce5d80456f8cfe7e +B = 641cf85fcb5fbacd6214be4b7b06fda1b80f4683c21c1d08311f6e23a15434b42d30a51912898a1c46b46c00aef7ab7663ecba683897825a4b07d2b7dd7 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 370f20360ac844bf4275f78b7fe71ba5db6f0bbabfbac3384c04b256eddaf04725d2d57b31afa48f047aade156c34441b4a41c0b2146790a2e15d13b584021ad55965588c6e55ed3b5cf5c36b780a27c5dfb72678d57528ab17ca2ac696aed3d9abb0ca448d9d5789fe37e632fa9709f3bb924c4ce34244d239a940dcddd9c77 +A = -1a0cc5b07271098a23f01b3c0d47cab8b294794b74a8b162ff3b313fcf85ea81fc99433cdf4450970311e1d5ff81e9ba27eb867073ed250aaa7795e44ba8d4000e879bf31 +B = -308f93984acb78c5dac2426d9bccc2e3ac361143807c7d34c24ef8f8db5e68a904ac8bfed1edf3cc90d21c87ae4d224b8c46fa42eea77797f94aa848160fef +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4c8f466d1d9829aaca1a22fb6ca5bdba885606b9264933ac2b4c18e3afc0c406aa71ee7ff490fcaa804f457096e44576ff8096fb1d2b3c68450a8bc36d1a2797ab8b621ddc91d75e7d6ba01d86e959171fa428a5bb1f26766f94a553c94f6dcc2e0af90d7776ed3d9fb67e842e88f7d7342afd86e2f5d159db7304ae4d204a3f +A = 57e894e37159cf3c161be9c97a946454e43bf09a7ae8e1437570a86c6b06f84005c1463d27d726afd2e25aebb1657eb78957a9a12c8749049d12007a81d766dbe008aad6d83 +B = 16dba5cf077403ff4af47438f5840f65fa4e058c5cab3cb730154ae0fcc982ea097c6d0e75bbd635e97314f33ec7e31f0e41cf285ecfafaf36382b33d5e83cd55 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 29d13ec304f26247a45ab6869720720fe019d6cf370b9e2df9a65828214aeb4f8b17969b8dd54339d08eb99bbc66720ed78ef79033fdce6da33501fa8588af86ec18be4c4ecfe01781f9d1379865100dbbc020b892e77027d1f04f8171ca51fb73129dd9a96568904eb44e19f56f842b223724a9ffe28826803185e4208f0ff0 +A = 135ebb133a0beb909101da896e3aad7e26ea72b23e60802e54cc6c58a07b1205e2ba1fef6eb86c420f011b70e3f725aaf9fd1873b6e1c1cc7005c7c09e55550414875cfe846357 +B = -e8cbf3feb7be7fd12b01d5bd024e47538f434b496613320ad71f48a8972f687992f97e4b69b5842d2d6a4176a5701327c40325e98b27e4c0f8fee5a457d92181e40 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4309b728306535bafa6787dd79e58324b3f86eb5409d772018cce2159f75832b87909a672b8b4b14342b352e76ec5a6dd66737cb0a20b81c5ce222133bfddfea878b132b6f9fd557133973a0b44aa41a01d54ab565d6b9c62da67378a4058255047a95923daf5f0f7adff2a3f06074ab1facd986d7d26cb475ee818199a390b6 +A = -7a63e108bc9790ab687e0fb8a1cbe1e9ff876e7b5eccfbc136ba05fed93412dbc2ffb1ec49518e9fb867429cea1d7f82e2b159b75bd40eb8370e8a54bf0e0ac0ff24aa3662774bae +B = 51ee025b2ee8abf9dc5ebf1a4600131c00ae4b6bff966dae5c49ab5b9017e6b1abd6434736df6daabb2bde254022783764c94e66743dc752c9040563df7016a1581fe7 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = b9ddcb9ab858d2229cbfab87d87236e8206cf5e1a042eb5ddde201d56e2695a3d0b2a42bda6a284fbd2a5b2c2b80446ce88c024137780c277ec80bfa6e9d15397cc5bac98e58c9130756ed0fde58d475a033fd94b1fe0ecc6fd91a8b42177abf3f77e87c0847a4244b9fd4980f3b42c7c955836bc994f2babfdf9c5b43315ca +A = -1f971ee9a7c966d1e82166503681afc280fab255665b850645321f67da8934baba1226e9efb59e0ac4483c8724f63556a213f2224b993e4e082eefff0056f7aa8a3cf5b655e0f72ddd6 +B = -39309313b04bda1103ca6f56514026538b4a29ae258a2a66424abe2c652b959f5c1dc4755ea37ebbfe404839505c2807ebe069c9abb9150205fe35bc286ca12b64ac46133 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 47555924c31f040619681d4a12064790e981db2c7853efa17e4d20f741f33c56d80862caf86bfe0730870b6c0afa9caf66e15047e60256fec29469d1760d5e9b77d79a84fcf7a1dcd0168a59f870f1635eb033e0ae0ac17bdb73da803206d48cfc1da48507cb812bea540daa2393321ccb0d88b57abdbf3a3bb765692a2c2ebe +A = 754d78d5608fe8c7ed8e26a174fa27833a24c48d23f0e702454b7eb578cb107da537dda11027dd6b41daad329e036794de562d7623bed8d9b0e909cb3fa38d4d21a95c5f4246e0b030a32 +B = 1839baa8b8fb6575832136f1d4632f72f36cdbbdcbd00f197fff3cdb88b851cbd74910ef6d43cfae9d3248e9c85662d7fb596ae45a460feaf308823f06345bc5fae8823230af +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 9b2f026b11d0674e9ec060fdb24b45fceade3070db4405b363d53df1219a02a664882819fe602f430636fc0bda935b14c55c8a0bbcc9b6683417e3ffe7f5d58fae229122ac6e42e76899254295dc5a08ed43c79120a5e5e4124b8fa6048ee90836bd2de51bbd2c6b9b53212e913cde871f11bf32f91b3a78575a006da36627f0 +A = 11402b3b1a45d67cde9730062e38aafe1d04fb1f8bb1975f25cd9098813efa2727cb229adf9490267bd437220d9ffa05bb993e45d2f889f140faed3ac3c7b53216455a830d6edceb02e8db92 +B = -d8e011f18bde068badedce8106f6602429fbcac4766334a0101b57fe94603203a4a8975fa499d8a68198aefd9e68f28e68914f920eea1083e37c67d59476bca9819a8bd628b89c +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 3a74066e7eebd9b63a1dd28548be60573c95f29816f3b3ceef68a5f6bb797d7eb0b0f4ee612dca794ff82f5d7461d995b9dcc09649e2587639ea017865328bb5deef17b5283691724e8aa331d75c635d5e19ebfd268fe5471714aaca8b48aeb846f241c1675e18d35f029b132f81128f19028b0a471b3f75a530321135e35fbc +A = -6c5dca3fb7b85573d1c8899868940794e428171e207b5f9f89fce4b7159236c0755e2959d870754e902e9c40dc1fddeeff6364f898ec0dd669283e6d26a612d9af3c3ab04468707bb8a7827756 +B = 5446269bbeb613e69286f1012ff62ea767965533624542f3b5c866cfb569d6193aa603061701992cb4873ea8b766606da1b57d7b37cf52f52bf85b58309387200b0ed36164f30d52e +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 2a4e727ac67451ca9dcba648050a085196460e4aa4836c5652de863c3e2a76213e0f590de3aee8639304c54a9dcd5f7d5d3592f647e3d07d322708e1e26329f4a31d66c7f2e9d482f22cd9823074dd57d14040a4f00ac2af9677a2c98d58ee1e094b1a8c40092e77eae454638bc3655e77441d4f218c637f95c147776f5bdac1 +A = -19fa688008a12cae228c6ac4982ecbc88da248d7ec785bf2289dc9103bfa3a91eb1e5fd6afe9e0cc035d3312e9ba64028fa6a229db6d0eaf8af43d8c410be7c689c3e557137ebd60d3fa04edb60cf +B = -3e8c87fba4a41c3a84874c987acee9f560b9f027338b584a775c1fcabb766700f758c4d451077a9427257334a569037b0bd006375f71223add62eca19b1e26b86dde0cc251e48d3b60ef +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 52e4a3f6892b425b935c6f9d1396d2034eb0331cbc5241e1d745a9619fa0cf0fc521585cb9d6b1034c5fbbbbecdc81c757f768c7a82f6ca291cf5afc98500c579f82ccf0be233066730f738c205c3c188f94b878c11268871ba42a5d950dc8a399887997cef2b6b68badec1ca641b88d1455e6d97a2841da49df7eeb766b7be6 +A = 67df01e34a26e8239c8edc7ddfccc3850f39864ed237d4dd67588efbeaaed1f884105508f69e20ff6a5cfae1516f6179ae6fb515a66ef0a7d633ba4218c30875287ecd0cfeb5bafafc492619942f97a +B = 19f5076405b3c81519c0863d0c963d545b2834343e42bb3c779788cbb46d89be3f775b62f4114268a0ca0e6af6c0dd659607d40071dfe7f1ad0df9a5c53b741c04612158de396e9c96f7523 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 8ac1d96abd2cbcaa8f7e3267b716f675aebd23694d24c112d202653979636d4d47e27cc36f850355cfc5ca16b78cd1848944f8759fbf6b03fbb7eb347536a9328a5cbb778a6bcd983081374a3f543b1380add14a9468358009ec2baa7ecdf13e7260968eea74083459406e8889936b2fb98c8b9a3597e5f9ca10b76e1dd0337f +A = 1c9ab23ea37f324544280d176cc02762db7a39935f1ede9695b53a3ee2db49d0485c6a3742a3b5cfb51f3c21711bf89ed05afd0886bbf61cbd57b23439a8a165484ee8e4c0e1c0ca2b6478776aa2897d87 +B = -e30d28dd01655b7a419d939e3e7530258a667420fc759bad585802c63fe5efbb309cb502babdad0afb208aff5ce5830071c5a974604c69ee47f76fd87e2460a5b03a57ef0185881502625886f +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5df0700adbd880a5730d8c0637a362a9d42c64503c3b9784046b946c2459a619b5bf804a41c92ed6370bba730c7d39fb2e01558f7ec38511b0449d6e9db8df2cece4ed348782ff1582396ca8b3196474e7e5817f8c197c44d771923b6e286e41e7e23c33fcd8765e06793169999544a310f2e080ffe13640b85f21a18fa11928 +A = -5c01fc52e86f3a344180bac284d2376d1bd693f20a46479c77fa57077df62f83b1e81c94e577d1d6733d276f9cf70555b20e3afcb97534e4e0108a6cce87e9292d78b2d7367ff15fb33d2c3289d2a2913b58 +B = 6bbc39283be06382ea91ad6b1630b38f32385ec90019d2ded7ca6fdaa39defbe22585be0df9c0cf613f6f146c71f901adf525336f6573f7f43e661c44b7097f110d4551e8c75449da8fd39201ca0 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 2a01005f1f387c4d8d24a365708e2506b044f86dfc011262d3577f7313a8f51ab943037361bed1858e021f8a46491a5c73284c666eb65cea1392a780219f13d7188721d7d4b975272293a5eef63480f30cc9618aa74bc51f4175246301a46fdbd34a6ec72d5974aa920be5f321a97b8f19c0ec56ba10eaf2e61f2b45f134b304 +A = -108bbd8824e8c16b81dfdd4dfee691e012e578cb9cc80cf050c0ec4cebf71a968732da36552979ffaccce6667e46c29144dab75132cb087681d5549dc5508f3719e129553fdc97f545d7ddb7d3a4fc575ea67c5 +B = -2ad4d4078c47a3c8f5f9b48e10d52d72349ecf0f54abc60bad63bbbf4d8efb185de90e5e1a686859e1c429e30977fca492aedbf084019e9ceb4490aa471776ed2e8a09151b37c5caed9ede66922b7ec +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a1b1b2d33cb610f1b398e03f274ef39a583d13af14b79e6766859b9ca748237b481a3cfd5d490a073e82e3c53d3ff5cb6219b2b2f71927f27ab6f567547a22dd35fb5919e1ed2b6dfae4d536d6d44fa6216d94d26b33f52db06c4ecb29702588b73ebce87569639f786df4fcf569bb07d5379bf8b83743327248c2d71b5dec6a +A = 5bc53b3895cff2bf7bf10e24fbdc43d17d277a982d5d92f17b9b5a2b9ed8b6104229292ef3997591e2e6a116fca21ad5d061ce438f33b7f7110293770f8313077152c7546cd522ef4054147edbe1878072b1043e6 +B = 1599b541c9809779df3ef40971e7a83f21564bd5d6596d51a3d96defa4dff41e83ca6247969a3dd9a746ab72ce21137f2d7ea015ac6b2ffa8a32997e8b821064d35afde3435b23e47cccafa74d5192535b +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4fe8897417446c493725521c0ea5b2110f91a1b5ba236cbb6ff3f52b0036a49fc82274ca949ac2b592fa4bcc792114bf2f2a78a2cb44cb22c6fe7e4bee7981604de47f6da2ed1fc6a8eb32cd9b8aaca0f2feec76a2438126ae6f409645d897769a6d340308f82dbc6a98ac059fca6f903c5aecd668fa838b67300c654d4013e3 +A = 1717c6503d069103f10bb4b36427fbdd2371b30793e492e4161fe185b2e27469fef6a25566d6b46f6a7f97446315a22d1f1f662f912b17e71feb2c82411ed7eebb84d4f594deffee14934b75a845d83761f36141ecb7 +B = -8808f540521c20eefaa037fc5da782c891fdfc668b955eaa2e4edb592e027a964b4cfbc94c548d785d92992abe282d90dd137c4d76419926740ce138d567da7350d89f2e56772d8f5bcc9ca8d7076540fab3 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 8b9311808bef497d8a5d14f7d851567a196a051610246964917a1f9d4f4449357d2411ba9fd93983f6edd76b8a8e1501146b08b6e1fcdd97b6a41cf637b6ff0cff7a2d6351aa1ded93f8fc1cedc81879eef751bebfbd1559d5d0320595c79e3eb1db0951d7c67c663bc57a672faed9e14c7da6be6b0c6bcab3d4d515e51a0b5d +A = -511312fce1849c3d177d42088e55d534f9f7096282916e16b041f66ea90e2cccddab5cec0ba8ebf0b047ccce72da349f420cc28ab19bc156c1cccdcf5216f19ea922698127f090e97444751dd58fe7a2c90197a9ab3d35 +B = 6a5cab5e322d5f651f798aebf43a62af772fa2cc379905e72d253c49be8193a07ae6164f21cf08baff906ef800e361e1cdf1604f454483e10c8b2bfdcce77c12b0320dea63f9ac0afbb86115b656d0198aa883f +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 665e16ba6cba87c646637a233ae04805a302ef4a10d79c5b65b146cbab8c9ccd491faa32937d0ee955dff7dd0ea3f79fa43c133021c8680490b91d9c1d8a8102ab709ada7508bd59042940b2bd3a4f8c195f781313e45fa8d3abda1f8e13b35811b638b2ab101d1caaa92188d2b75b2b10d596ab159583135b0d4d15fcd3d882 +A = -1375af024e9974cf8170801f4a709b4e5862ab7d18464077727bfc2581e557cada991e9484a1acf80182458158c44871e67e783f7573f214ee4ea1f1821a65068f2bbbed7575f03a4bba36b0fa8cb6dc58c73b100a6c4a6ce +B = -2d64b6bd987d496a3c121e89f4b0c88b6ebc6e30fa9d47981b52862551f3b7251a3fc376db0f2d6daab6e6fc5ea8fa10b040d0dce334ee91d8cfa6db9648df907b199bb11b2b5c41c67d72b760c404b0451f70fccf +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 49e9709810d9f3fef159e5cb45211453e7a94878dfdece19af839b89c0e43b226d7cfd46859963c7ccc753350e74c2501131474e3b8e0edcda18583b0392ee15f1dedcb7144000fc7fa7eabcbc83d12983d2ade477b4687d75b723c1a98a951d21b2e8ed95735aaec77e00de288d16422fd259c665a08a34331cb99299ac11e2 +A = 4e550ba2fc2a44452f068860ce2a59230738a7a15f5de0aeb4d15bda8c61ee3003568dc5971e48343d402112d7a86860a7f08f5cdc0de21fb1aa064ee5df26fa23839b5ff6adaf64a4a18c07efb3582c2fc9612d2208fe99f8a +B = 16f31365545772f276d8ac952506bf4033a884edf1ce583a63d8d9f6809e29d9cce3b3d227f839e6c09b459951465ab4570d2d36127c0f677fc0a63975801896f2fd17887ca16ff7f265e2e7adab1516ce56ee1ee9de1 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 89ca20a3fa109a65b9449edcc729fe97ed45a9bd69eeb31d4a566ec1787b24cb7a2c25b3f89b36fef1cb3645b17c69ac8ae243cdba35e17f5738b35278478bcc391add0b5ec42db9ec1eeffa63a3ecd2ac0338db57cde9d2eb9ca4bb1df84f1a62245c4e585c4f20f26c98fa1957df34409a99a18bb442ac14f0bd309266a35a +A = 1fd8a096be30e4435ce8cc604ded337a3d9d2fbc9666d1893c38546c4e155315b536d1bc323c1e7be162bb0fcd58440915b053ca0d0896e99265241f2afd46605a2a7486e1394a07b23f3382cd190e943e596c747b6529b04bdb13 +B = -a3960a51af5ecaaa70146ce55d639005e9b6b9b58592441d5876fa71470ade6d1e2cdde17bb80532551bee0dbbb71a0cb24dc8a129c1f6e28920055d87e9c66be27fc4b425737f36add7d72e39bc83aabee5534637e2e22 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 654d9c55d4a62976670a5ecac3a6165734a65f1edcc1ca81a8c444dbc98c3409ac8c4f6fbb92f122045fef8b7971a276c7dc4eaba21f7be7495394053d4f9bb14b63fc02c8a55ad8fa9bb9aa26aca5c47968ea1b7646ec606f53606d5529ded83639984683b8a020e8ded4b2d9f668ceadeaa8160245b36a819db14e58cf2bf1 +A = -67abdbc70db183b8c25b0664805ada269922556bf15aa80a47d31f215e216673b8d59edfa10a74f3f09d066055c3b9abd5434ce95eba91dd51576adcfbc7e2556df95fd6642a3b7e0486a635ed5699eb7fb285589c887c8659a2b7db +B = 6ad3e854ea57aafb8980f1e99ab9cda24f183dbbc513e1fc92d4e239077816843f47927bac28e41d3f31c9ef134b72c09dcf14e2e9677a430d43002ae70c577d9958341243030fe58a800a068d6b01fd377e61844f0d434dfd +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 74bb23f7b0cde7924ee52e58bc0680f151e6898cc1bd4a2eaaa05faf218b419a19ebf85b0219f924a26002f9251b83506684af659e5b680e05138432ba227977f38a479ad9d1f3cf68a86ea214645fc4bd1a032f995307e9c9ee432e816fd852655ef20214e24522c17799ef41d1eebc6e097b9792757f7fc43124c609ef9696 +A = -19d3e6fd6de9092cbea55d65154208a0c93ae409c3ee35569cf774b8c8b7b1c9dfdd52e9f408e14ea3153073ed8d92746474e524a903a45a882fe46af92b033f2c41eacdd7e3c1ff661dcc5349ed6bd1aa845eb1762f27593708aa185c7 +B = -3d466d29e8c0008ee6f402551e3d62fe044787bc9f243db9252ea97da9bb75f5be416def97f13cbb008fee77f2eeda672bccce1f36fbcd26e1f1299619535da0a3fa3ffa0c6fee82a494efd7407cc770cf46ed1b8b143f42790a2 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 197eaeb8221b431d5fed3d701a175abc146a9fedf8060e8e611a54f8da2fb27d2fee4539ddce1f3481e6a64435f09a2d5012540d6069900a332461471b22192fb87b63221c7822d3f2fcc35cc38feb6b3e49b5b0fceb52b0ccbdb4e1fd7b0f3eef3d582a6ae194c249ebc52f215b568712b3e50bb8e01c64b114955ebac2da48 +A = 7bd216d0acd4ee392258a7341cd56bfb0968492fe75da0c9d935713a6ac883525a4a520b5b7940b05e3f5e0c40372cb11b7ca193e93f0d3883fe5840e66346aff0f38829322bbc1f0a0e63ce5e528ba5b13596ad7ca19d20b2a7c9bea4214 +B = 1ed4805e53630b886cd733e5281f6d2699b3c79da615f4056120165cc63858ed2ddfcfd0af0c5fc54662aad90f26c55dcf70a30d04ce05bdf61028730b900587716e690dc0c6e02419622ab8c115078b92315e7c7a5ffe38c4a404a2 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 40f69f2d1660eeb6e1840164817621dc95eb930875333bc3f62a644ca5910c1080505de0d54fc9fb6404a61bb2c03b3981e558abf9e86f2047c3928599b529ef3d91c7ccd13c1d69431fb9ea3f02b001427cf519d9fd8182219ad904f47b3785fa05ed24cb0ceafd537311633a2e26c27e61be92eefb28a49d7f583cb6e072c2 +A = 155fb75044fc54a6ba6c46972e2f97531861b8d6afbc358db456bac33a44bb0545deea2fc83023c08b7be473eb68accf5b65b3c5d6af88bc6d8ce722c80d5d1527e475905226b01ab9d7b5a6557250cf8be935339db330df2dff92f2e88e80da +B = -8c6016966a2cdea4b2d8625aa367e1d079638870f1b61e6b3c3a1e6281ece41018d2ce93684d1f0088d021107fb595390664c11435c6c0a7b93c2c6895217a89c469a37d3250dfa457b928ba6119b5c9ca5f2d47b36e60e4325bcb4383 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 9b9e6e1727326fea099eeb008a36539f3d47e3882b77d6089032b99c6cd36ad79fa75b7c19d1509b3ff022ef781b6a8c16fa6881f9ee2c4e00a4dbc93a49829622f4ce6ba9c55639656102d81167ab8a5e1fcf14d71caa60be732f1fbc71250256520c7c5a4579c3fdafc39356a2bbf2c7ecc526dacc0293c7578424c939ab6e +A = -54cc11ea9806ef27911ba721f19e2ccb111045711d301863792f0cfac798758f0a29111e3a0f84d294a79721067f50858767abf507cc10ec9ea3eb27a91f06e7f6b7b4be7001b548cb7fb734166bad6739935081bdf6d35d58ef56180d377e5fda +B = 7263e8b9a6f5387f44c55af64b64160efe97ec8a8159e723ca8977bc17c861e22041ea227c9c9bb467faaacfe352b03cc620eceecabb6db2db108b49c69752bd0cc61a5e998ac2f404ad052a51286ccbcfaa214ea8ec14cd9a2a6db56c3d9 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a18a7498ac9194f600cea3d66615595c27a3efa7ea196ba12a80b5f608f85fa72afc366d23f5ca98452dd190b8f86031a9dc097f94a217b29fa676a6042a3aed2355cc8e767d464a8adb888491c8cb82dbec8f117f57c4a07b41e7e6f6cbd7dc25418603b1d1d865dd2140a649c9d52019ef39dbb6809d1b28b3c1ae64fc6813 +A = -1b663403c73e4a9003467ed12766f16354f79073ce89b66066857d19f3b42791eb360004d23e02874254bc6db54662717739eced153944c4776f334576746c5c4145b21a23caa2b2a137498554c7b749efcaf3393c5457b2bb87ee2ca3bef5f191107 +B = -21d12aad97a5c6e639a2ea0a82b1292aebd418567718014465a22b9ac5c8c927963a2a4530c41d5a7a6c14805e56a7092c8716e4767b54a393d8552c5d3c366b39fb3b8667c60e6075e9293bc938e407c53afdd1174843b76aed187f56bb4be5 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 1983576ed73d4d87d8b94cd3f70c149c0273e966176b85fbbbb7b3202e2c843bf1f8f4546ad7a4916ea4c731a22bd337b6177fcd2da8bd301f3af9bdcad800449b57986e7cbcbc7eb313d6512b2894c0cbb6cd753a870860a49d6a682c20b5e883b8c4839b3321aede51bfc42bca163a924191feaf05e196d8dcb7fdd9941a60 +A = 576759af0f02406e8dafa330babe9473d9d970bf371ceab30d2f98f4470f669e042e1708e2677d52cb9f99deb9b53f30727d16c389bb63e71e923475314b615762c7612269b5ad7bcb5108068bb5159cb8dbb8d08de2bd4fa4d9db6cf6e3f5997b9b416 +B = 1a4e34794747cf4aa626e964b839ac497b1357090ff63088f9fd4399312df894e41b395d17b8ca1806baec6115b1476912ca9c4309f00a46d5f7a52c8f640075422af06d6d6d796359132f4955072ce90e61b40c992a155b2bc31c262e753aa7d00 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 3448648ff9f7425937b6faa54551ce14dd15566e5d41b2bdb1a8db62037459235a5b9546d289cc2295b0ed584fab2e1a798bc25a0c114238f61ad3381a5b441cb67f92cbf66007c980db3351adb9cfd2cfc769b5b9b0bd1701425ce1ee8d4b9f438ce1207fa850aaa1d3d1f970aef874c2b2499a150d29c2ceb7bac375009b77 +A = 1fb54cec882c274b98913e76342a9b8e631bf1d381fd8a4f7e0eaef475642ab3f5da70ca2e38741bd0182a959e5e985f1e0e7d737beb8c725c9b5ea22f7ec25b6e564809601e8405a5b1362e7792791f55ab64a57c03a99a8518d7f65feb0e21be619a6a95 +B = -8180d172d3afe00e0423245f47591d5f750f20d2cedd8ba6ab6f9aa24f74498a96c9001a0124c4f98dbd402b63e71eaa3a7af8b0d2fa417fb1d45f64e10030232b9155169153496aa202745a432e547002954eedda7cc9c1ca76811bd902b192f1a1d +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = ae0fd585408a99643271eef575285a6261a4c4a92c1956b1ab436d3cacc8d4cffc07044e57b357ffa43bfa9aaea57824319579c5c3e2fe4dd48bc818178beb5fc1ed60afa08828657d00bb88894c975378b1dfb452a5b88fc3c1d81099644a998a47a497c8a2b12c444fd2a088f47576b7f4fa40f34a208fbc3348ce33e59150 +A = -7dc7dfb753c0bc3ab4d07d5aa78664a7f57d64be4d4780ea81e3efc967fbf1bd1390248bbe259da32108ad96bd8b39f2c9f118bfdc96bd06147f812af831288bb687e4e1742dcd1dbf2b7adc41afa28d07dfb8df8bb2da5359e66330f5c65964096a96b31dd8 +B = 756f3e407a3ae698f103fa37759e90554f38378a9b8eb38581e0970ec8f9c00f8392612c61aca5fd37d1063b78c19e3109f35c0684ce523c634190b3164ef06959cc42e2b77e1bb2fd50eb59c3dccdb6090beb809ecb0ca30457a5c5948328eb218e219d +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a2aa4550e855623a8ed488bb63db8fa4ac374c1ae953781aac590f78a364fc33380ca2806445fca5bb9ca2fc7ec4db5819dcd5769e3b746286c49a7c80149e7fe276d095929e2cac6ae57e8102f7d4c96261ca44cb6f1601f429528495b6c3169e15f9babc5be696074d45559d5abdac42393094c450d6a4a45bbf60ed7847da +A = -16d0aea9c752b2e6e4e13f7ab1f0a2c1776874967b0dfeeef7e00f8d9edd1e11d2aa702be45fffc284c47811c51dcee184a134b8f6d1874026eb51e2ec80c94837af4602cac3efde556ebfff578fcc56c00de99a43638ab68387ec087ee269ca64233eb5b1762ae +B = -3c6b60b0ce4b13a5d6d9ccd67c76ec6b71b94ea7205e408eea099c7ced2f3a462954741d353d0af850b10ffede8ce0bf80b6893288413674504829793d7ae0cba53b163e3f26cd99beb0a9ad540f6d2cd5097beac604b1694a9a2f4c48b28338f9d6a63e75b +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 8a1a8fcb68c53846b3edae33ec070ef5cdcc1346ab3a98a116344e6d2810e2e3f60f0fe435fe7ff257c7ef4c122b3c34c776f4912a9621b6949308e2cfe2e0827536c7464371ce804bd7cac1d76c5bf8b4a6fd4ed56b65434c3fcf0ac7be543fe2d09ac01c564d7b9b463740dcdfa9068d4d8e33f29297ab452e6ec55c263de +A = 7c4878334ccd9e20cb11a643b206626ea5d0b20973f18535cd8f0fc2f0325a67d3558e4cc9cceed0d88c6d2215c220b8d0ce230fd701502b02081e3f6548e58e02bc2e79e4991f8ef188a84b0a367758b4e534b72cd87de7f82a26de14fafd162a50b359574812cda +B = 117d8b1d2a3e2049e6edbb9494c68a97145ac3e658aeaa05e8ecec4b090d5f467cde34e05fa7f5fbfa32f1d9dad70955f22130c358468eb371555fdf57a40e1df398c166a22a9df2e1f4e18590b00856b4f880f6629f1a4296056dc66a29b6f0f25490c6a8209b +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 2cd3de06953acb87b773b8bb28172b24adb283d6adada676f5f4548990827635c51506c85670767828dc5b4b91b45a7ab89a700d70bdba4e0355da32b52c173305767721d18dd2cb6c55f890611e7abc854277a453c7500efc4cd4fb8e6c9bb7a73fe5c77045e715fd35d415b3496f7463ec902cbdc18f9f6f67c33fd78c3210 +A = 1a20ad042f46330df937b879c72ef00dcf39fb85b59186b8e7a9d40723288677ff6ab2b9bce95f34f2de37887c8a9cdcaf231254bd00c7e25b6042695d7dfc05a11765120d1dbce29dc74f35aa1492ba0c5ee65114d9a246b57dcc2eb2ea4a310be98383fb934121db20 +B = -f8ec67323cff9d53499ceb3afd44b28f0538c39dae8c965ea27d645b430c2f8a4965eadc8ed864f2549eb636ec558419be71f986f4c5783d0dd5253738b876d9034735bd13b18fc670438387f84848308d9357ec2aa4f6a453bdd36ff08d54a6800bb41df416b17d +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 1aebe2bc35eb2e449bda63513b1bfb55988cc8e6ec8b3c8fed5ce4dcf53b95f1b438c41e3b2348412b35e1f734edba30273935b03d16efaede429960442a01849c352349e23b4af88de4d01e9ddb53ae900418d49a84b7fadd2669261a574557c4fbd782f8e8f400895f6a6c9679b72983ce01bcfdb641f5067c94694e9eb80 +A = -5f97994c39265b5389526e3847876a10aa3699e3c3762a127d1a9f892180cce68ca6139a6f71b235da26c287bd3e1aaa1436746d983c23c3105c33ed2e06baa1e880f1744d81a80b98ee1f16220940d721a92118a9b949d4da7d1477db8f5b357b3ceb7df34eb5f62078cf +B = 4bb4f8f4f4c8e63238e8774ed61a7eeafb3fe9a6e19cffa648defe82f4846e3378c892d223957564fcce79596151658a726031a6921cdca0adf0f5325d858c048a6b94312ebfd19b803eefcb93bbfaaddef120ec3b8c366b6d978524d5c74218da77e4c3b5ebbc66cf8 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5d64678a32c163874d1c81824d628a1051bce3b55c37055acc47a8630d3fee648df5d319e50b4c56f465bbf696433409b89c07e442425d3018a059ec757d77b3a40d516ca3148010036b003721ec9c999665915a3c442d95ec3c01c232feb201be08c88fa3c6b0769e3da30f1d73b66f98e31f4306bf4e23de78e74743b224ab +A = -178d81e419f0473c426e24428caf25d61b648bbf963f7fb753ae15e5ea3706b53b00bfc8fe917ac9fd6c7096518584566ff71e6d35197f9aa25107a235678cf9ff8ae1501c1d5a15d2a27d39d066e169745e1e8c808209bcede0d732423d0c9cfbea322ba3201ebefc5315c0d +B = -27ed464895b65d9518923fde5caaac0c72aad0d1b38fcb7827d6ad4e0c8dc09e119b8b98183f0ef8d5d1133f3f108e951caee035bed0d48bbeee6d1ddbff5864bc192b84eb8a500cefd223972ed51c7f720d1736646825f95f2f10ce6ad47a267bdd8c80f65d644df158d7 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 52dfb6bcbbc5cff46942d76ba45301cbff76e9b894703a6a7fd1af29d615336372d147c3932589affe5c6533f28d3e6a57ce2d3cd7448bbd81e09a13266ea31630cf044f654b87ec3fa3294eb65873964110fd42d86e78d128bead5f117cac98145051552cc3a86c193d738b973f866d068a8994a49df3fc7c7314fbd9805e80 +A = 797c67ebdc083f3c8b3ddf9847b7f3c2a39e35ce2119f746ec87fd5d86671d8fcf2b4f6d440c43e93f45019032e629879799eb58adea729d43d2e40ede6485143bd35979609a12faae7e4393879c40c0511c886c66a24454e4f9912bea944eaa417c9942f09ddfb227feb14e4b4 +B = 1a599d1cd0ab3614f50b71b93c999942bd3d4cbfe7900122d5083151c71d9e0c299bd927095c5c3291418424a7c12947389bd4e0a3c2fdf67b3f512094ec0ce5b52695e527de2b3804dca2edaeb1ea4b487911053272ea926cf2fb3386dc4b1dc268b808bbcf4eaedd21168ca +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 99bb9082e4537426c61f3b813f8c97675c44ba9ca418960ca6e2464cf61ad4eabb01ba00798463567ed3d829d3f14201c740f19fca623b1e9b57b534a65df0f070a2130489afae89b91003cee432fab11426c4d13b7721e6f9db1bbaf0adc0064b33e4b9f4b795511a0744b52f93e3db7bc9c0a991e4e122c463ff344fe14cba +A = 187a8144a0045a92dcad94f0bae7285309ec8fac7dc864b08914e5a4dc3b1a6bb9212161a18c22682ace16a4bf3c03dbaef088b09844902a3255fd6adc0b7c6397dda86d6ab67204d8061c36ca20fd4bb348202037b249f6c110c31580148db46dc5b1bfffa38a683a27054c35326b +B = -e93ff16817b725016279a32dac247961ae9bb00af890fb49c4fd8cf5e815cf98b58cfa1e3735095e6034c9a2f2b5d8030ab30e2271abb45b347d755cd9ab5ab5ce37950380cb306bbec42b6b8056793a0955bcaeb23e2d6a9548684030566eca2d34c458f224c8e337cb8e3c252 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 631f53d02c031f592b3dfaeed106160488c08e0672083ff195b22a2c0b006f11165a245acad6f35dfb15a871a9a2b45c544111f71f86c920b42fdb6551e56c55199e6173c00e27c9f47256349a80236bcfd3acd1730f823031ff9ef594725cb9429ea183a7fb2e03124ebdd98d435313e43819d995c4fe81fdd4ba718aeade94 +A = -72e20f1aa2b5f2c4218fb9e11ced3f45a218f4c83a2017d97d0cfbbf227c9082cd43f939c8909e52c8795cfaa75d80392d3649dd85ddc35bf1cc54ba389bed9e9dcf867da1c05eda080274beb6b868b54fc85e12ae127dcbfffeb043f9d59333d0ab3374c24971e1bc7269450b418c8b +B = 61cb021a3a957703d14061c21d3b0fc19598e19a17df9d6f2418c76d4d37b3f62bd4037aeeb1eda37f83df44c440f5e49924cc72ec5b153856c6b621350ec89d98859d9d1ec7ac4f0c418c6599674322e7d618c5ca588d5a873d5af356d4771c6cd375f5dbbbc69f50b982b8c4d1ec +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4654a62d9491f28599a976288cd2068d8e3228da12f645413a92f482efc66d1737495cd4a4c733f147eb5414a2ef6266a116ce264491a3463c9df1b030d83b315f76f3bef8cbccb5c538478a65092547b91e991e6be91ce4549c3a6e34aa7b466e63eb3b88054f6714083695c616a078ed54e1ae46e00f3593af845fcd0ff51a +A = -1a342c154aad619e567fd32e7053aef8d98335a4fa0e35bf06acd7998c43d821de1076dc1fb67dfa1156d7ff30203ec736384a9aa7f5f08cfb302eb3a2a7179b2664094c2cc0df73fa05bf2af24a62b8e394fc76014dd83b434df26f8a67a624884a0b9b4f08f33e9828ae64f5d0c8cdc2b +B = -2c57e15889c3dc9c94361c17585d506933a72fa954ce44dda9f5e33408552ebf49cae87bd0be35197f887fc6c7deca1452a4345eb67d19bd2e7d3dcf651667a8900388e4d5ec71e9433e3b01d2b3d91bb94d0fc3c51c70793f978e4b5ef93a9c6356c0b2f7accb9e4eb457a2174b50dc6 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 6124d9ce4de2880ae3811836235d6d89a1a4b710f1d5a517153ed7729dfb5b56b0ac10a4bbc811db9b26465f03cda355701f9f28c5257fe288743cc0789cc54a8661f46e36eec357580b00a84f1d4c8e3d689bbc18242f1cac30a87cb7a47ea06f80d7c5633cde4c8cd8a1a7e27acdc3a2aacd608cce9e2efe7864d41a56ceb8 +A = 7b48a9663d914e0225d7275e965d866ee6649d7267474d5336d28d54027ffe8572f4aa26230dc7abe9957d211e6c2c8f3185cae962b878cfdfaaf6cfe32058c299247f372ae170a1f7cf71380787f6e90995da9ca5a4be8ab1ddfa8e6e5dc65b6f168b9b8e29e0257e0eec853a6e1911b1afa +B = 1fc4dc77f4a18d4406a4ba536e500aff68d133c6e7725717ae6537b527c6f40f93202a2292522fe7d04e0ef804d1a7013b04cd3d88462fba31534770b56d2e5672e8a6ec7a723186024c40b4717defd1433b9967bd692ef81d5d4e39ba10a3223d250ab6e71d5d253dd0a732ed386ad57e54 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 6443de73e1c826c90aa36fd7ec5d0c3324c42058b1c35d3adeda1685470d363732d23cceb08c3f973034c24fe65506bd33dc45d7d617a53048dcc103d3d1b4fd0534586c2fb7489ff5ffb98303bb068fc14b1bb6bb43f763dca2c891095e613bb7b6920163aa6cbce8cd93d9d39f4512b6e0b28d361ae11cf76037eab4cbc819 +A = 13f739846ed2c3aa0a1923168cbb46f4f0a2f3942ba57bfa5c426cb4d4b3d80d9530405a31bda329a1814c560d54defa3e03fc4f808606a598607783d539dbb1338d5bc0c2e272a7ff6ee6f93e1665d6f5a0ade30308fa047db086646c763106cb875e014e2c18ff8837e4d4d86861b85a5b7197 +B = -ba019333046f76325fa9f258006a7c10d27e89f6d482b95c79296c07a65b8e3bff4a9c9fa7e5d0038da129390ac851f8c0651dcf655a3d4164a731cd20a701895c12a906c732906038a8e459aaeb293fda21346964a6d53fa3e370ebf43c7ec8f66229405095c6a509d0fa15dcf45de8d0e901 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = d3a6fdf4a26993edd175de9a0f012e1eb15a5a1c4dd2741dfc6d0f9177cd5645508b8ab09c7fb34066ba893c38144c7f2ecadfc2b0d15728b407e5db4fcbbaf1871580426400433f14dceac43d28f03376e791b7ad01a112981f29ff4b66102305f0ecc4fd134c2cdc79a5e9d9f085bfcb7e6c187980e68b6c7639c12e8d200 +A = -464cb16fdd395e32fdc613c63ab4768f8cf72a5b74a0a5b0cc581ee4aad1972cd97db7966d3124e30c9a1c80d85c46da2d36eecd7c3bba5866f9eab4d0fa55b2d440a311654466432c681372a80a7896c9163c12314ac51f652aad68fd9012dc63fae6c7673c5da8faafcfa1b4ed5550f2baede5cc +B = 40389ba4d2f5fc152308c9e8a8c36258c770fb2d03e6189b96c4f8dee97ccbe426cc14595c8482e9e22486b61fc570f0e7aeddad2f4e3a480d4b75d14294a3b912928da5692043bd98ab88ece87a9bbd973ec82f990c0ae6091245318c2810187d69c38fa80e835300ed06c0723fe475f3fb22de6 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 8a0f9eff3a210912828fd7b5f2d72479cc9ccdcfd3e8d21739e301de02dd5c257c7ce4bee2def06c9d0c90d5a86bc45fa9f31e456d353775916b3d5684759e4500f99ca1f91f6767a5e2f4b735ae4b756d56c358a06447fa2c2ccf0ce667be4ed143e9e1dc627a561d92ae53a62477270a7944482cbf671138bd2a85fce92b08 +A = -1da555639228fc6ead68049d836d60a4927ee77472fa0ffd3c787d55b6067012560f5b1c2ef8bbf6119345dc6419444c675c1c9cd50602a93ba3718a5b3e1a30bc108d796998b24474cdad19bc2960b295fee97e03f2ca7589a3daf35bd28eb37a67b5d2cb35a30998d5f8622bd7e6b7d3fddd1ae9670 +B = -291fea1ae6dd1c66c62ae3a3d22904f4b4adb2a48cb795d50074095345d661a033f67b20c5d7231236dab871892deaa9458c235c342bc81457cca3f014a75f5124ff4da005dcc1108e75527528e5cc9c051a97fc6cd202bb9166f9e72e366bdd77c965a70592e5684fcaaf2e03421a2025ca190fe158 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 50f4d25875150bab63e4162265a632109d6b4743f9d6b55306858034732a4895ffb3720286acceff287c38320ee9945dcd0a1bbe5ae1456b7f36337cb7d22b679a6821a450765471257d52b6ab7d59a763e75e9e64581a93aa54761f6a760866d6baf186cdf4ad2b1a6af26a3e76cdc261d1f07b0a7122c8ffdef595812e7208 +A = 78a1609a7f08c93c9bf9090ca7c93459aef815719b5dde5f217567a9f68ceca05594f6ab17a4666ce1c0c4434e0f4f38ca1f33e501d6958a10da47211cc011da219d4373d2bec4b7c6477b1ab3b00b6c45279212db39bcc11d1e7ba49916c4271adca7eea531adad509ae119348f374ef1203c5af8bc019 +B = 152b46095d3f8db5e6e1a9e3f35c085da00e52764b261c3aa775ecfcd38572d2e86bab2f4bf29c2de4fd2fb6f35f66e8685714634e1be980773526bdbf9c43b1335c5d59f4dffe1a1fe2495ff9b7a3fae3e53e7c3208968e1ad1dd1dc8cf2e2415cc76dfe5df9e2e1eb63f7c7687d539706502d56247728 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5a3ad8d6f1b0763b77f5d40169ff0013de638b459e401f50f4cfb505565c8a4465e28ca1bf988071701dbf52ac456e01e170788ebd2b7cccb50dbfe1a65a89a8aee18b3c11986c9d6e6571f964f376f322e10a1ddd9310bbb40f14b0680385c40975aba43153970237c535c6b0e2cbf6bec918a8fa26cb2f69e98d77215c23a6 +A = 1d5c14b0b51cf31e9d97b7c49cd26097d40454978663f8a74095fcbf9c63e533708befb1a467f94cf599a41220ce13493a273fc30c49275412c5205db712d5e1832b39e65c150c3a4b251e2aab853e4ecb4f00ee5ce6982ef9215775a33565bde3ddbd932665aae506941d3ee31b3f9e4ffc0651f1fb4a5c6d +B = -93cae5dd84584a2a3d88028d6d4cec4146cc5e350b4d92c52ba2393ab69fc1dba96e244f98e2f93f31230904169641aff30dfbdd3dc5fb1f3489d63aae1efd29335345a79ded546e42f2ee4a70ed932699fad17a771ba65fe6e689664bdd1135219aaa905c962d39531eba3e82c3425c24041e17858cbbcf2 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 61211c706730a1b98c628b3c8cb070a42e2ccf9fc6302bb1c2960fb165087f210e9d93416ad9fa21634a05dd0723cc23b8d2a846ab7c3bc402999138433725e737102094db5792249b4b5b1514a416b80c804ecfb04653c5ab18b0a34d8777f6c2955ac66fef62c9ec2819f0e3c075920f951f86b32e02bc43239d9218580067 +A = -46c8c68f492d8f7ac7834f89bc76098146432c59b3301d4eb70d9861a6e24c7c9073f910108c7b35538a79de10640291b54e5755359baf47482b97af56475211573576e9412ee017dcf961a090a6ffb5cd995992ab68e3fe60b6186f7595bd9b8acf8695c4f7359cb2ac709f032fb993d16a74822b4935536453 +B = 46953f424d988fd20700ea08880e7e09ac22d60cfc294bd4aefe637408a3cacfcd0ea6822a679b68b665d6bebed3506d25edc83cc7154b83e22953f9d91157cebd219cd5177fede28c63a15710d0f92bd9e542a7586855bbe57a94c520408fc920b3f8d65b194af2b2a580c90db1cdb27ec26ba929de4573c6eb +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 50a063fff02f2cdc68edccc23976f4b3db99641073c85709626292b9475b9a988fb8509a6223f0a517dbae0cf7cd39dcf1e8ae75196d9f5008c661d8b5153cbdb9520c71068e4719820bffda4c393032edabacf99339e0cbafddb6042ef887b8c498e87e16b62417934015172e63e7457242b864a47aa10e203f47320f03c0e5 +A = -1740e8be7b4775725516d37ba643fc64203f3a61e6b0164d112af56666ad97afb0059c2c4981fa81d72264f8669db4e50e11865907655b1f669c88f5935cacf1b12c1db63cc84507af12cf0210f990994055d04d93f148f213e3d4fdcfe9dc42117c059897697914e3e3fa8fdbf0eebbbb9c3b9fdaa7efa0c9d5c93 +B = -226308f8fbb35b5f9d129c0f6a2bd3e5c272a408bf32020905acc6d02d7e506191e76a3a2ac47cf7a63e6306b256f489ca5cdf76c7c3eede175ee4a7acedf922955e92599647b69d463cc14f2b178b88cd471b8a1c1512caa66b6d5fd8840b98b8d070e6593136e98cce9643e006b714388768920a79944be36624f +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 747cba0d1cde75dfcc0b2af9072c5027986b3e3917845870c73c452858ba21d6d1615eb71ae1b5a03ca44e22845d5432b368541b52a4bb02498668e8b99dfa2eb90ec1948d90564e6ebc388ee9816e329e1d8da0d3e2b12d901d47e22e8a1fabc37408be0f89e7a4ab0f30a03f7e2ed817006809e69c21104d0efe548165f64c +A = 5fa76e37aaf0eb3d34d4f4c590e02b6c63fc62b1d4c9e172cb0dd82409df87ecb43a1680a2764f62d13a5e919db2db08feaf98d5cb92a859dd42bca1047ff57b8fe5974fb3ac11ba2c0d8e2203750f30650db4b2cbd31d07fe18c4df84a0dfdb30f9e528932c097e89d8f8be6ff029dd970a7d2c2551529455b9131e7 +B = 111199f91b3749f8cecfe90e9b9b6951472cb701beb39d63068c064cbb2a1e1d30736026f781836a52ad0d828be6c20303c6c0bd03ad664dbf6044a5bfb67fc20a049fd37c62ab0795d836487b883768ef7c8f427eb98e5ab6621fece77b4955822f8efd190c417ced398c221215b50e9532a869eceeb605fa1c936554 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 646cdb3ed472a7b4599f02329054846a8da173000eee7533240ade4dba82ee3d7a6a92baa3783c19dbd3f76fce6b5bdd83f1f229b1c71a6faa18602e368f1b0b9f8c62bd8c854844af85c2081924c9a153e27853b2a48147950fb614028e090e2198e613631c95e565c2b9b64a43237fd4052089f9d1dd2c00525dd35fa946ca +A = 1c8438247c0ca376f508ccef7933724df512f9e0877596f7f4ea73dcd824809bbc472749833b537eec01ab23656e9758da22ab8a4aaca1aab3fe8d2cffa6672ca0c44ac029c2ca6c3e71780c28c31b5f154c8dee782f6ba009a69d83b1a3a03a2d6275bb8bc3932a1170470fb7e405ae081f4770b535edf49f73a12ba589 +B = -e365c8edbca8dcc4cc11986a5a901e4ed0adbe89b0ab70a53aaf5821862432a1320cf1850b515177b630e12692cb025e3aa43e9acee0d8ad5e48bb15e9a3f34cbfd39d285127b52dde58751f572ae68ad98692899ab12d35e33652c4426ec60c5029e51f7e32ec3d2031032aa7b6b2b63f84fb0023c81d031773f3652cd6 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 7a3e22f4a3f7ae7512ed73a07abb5ce291bc90bad507a5ccc0c17185804b9d231b0ae2e72bf270dbd60170f34b240f716529a449abea0b3d98ea2890a4ce3d9e2214819aefd070e00201e9f271de925c4ba59651e55174c97a13a30197e46997c6c2b152548111aa98df120a617c54b71f8eb8b0c8b4dbd5251f5509fdb8a1a8 +A = -78a99d206b4f095847e9a21de273aa6c47034c9afd4c081a8e93c2d75f4ae5b090921ff5108c863785c413e2f7b4a361506fb66b7561b8b1c5cd537e90274bddaa4e91ce74ad81c6dfbfe1a34a631dbe455d74ed9d041a9183da3bc469bdb214d2ffe893f89c3ae30f8ab99c3aac4d2fe864b891fbf4f537745fddcc60504e +B = 5c41274e9590c1ea44c113ce505931758f2cef80ba3b10440941ec9aa2ac984b29868bece2922eaa225555dde84a8334f1caede99091165151a39538e5b7390e81df757f521236314239c213e9b874e396a022f04629c09bfaf929a0e9fe0b0c7386b0541446f6a2570491067f64e662d8611c4fd6d1c78a9f3ae69f34d14fc +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 7fd27b6549494c9bc860146a3e8ceee785ca03faa94b0ce0a964844e7871e813414cf3f111da49fed1ede5e71e5539f34173d41f9a17ed129016bb9b04c86487f5def9fe350fd4dffc67b6e181e3cb26378ea15ff9b9ebdf1fc86c072c82ecd8bcdc241301daf1b774af5f90f37e45e6126c5da7dd3753a1e5b366038af6ae31 +A = -1930548d105661dc25a5ee303b61b559c4bc1f2e28b2c40cf3e25f98dfe01a7dcca0f3dead6463b55a5b2e0440a651cc9e08e125535e081c742bb3b2f8955ae897909cfca683a4822896d8a4a7073c29a80571445c6a0d53d2efe4a30a79d2fb5d08c0f95b735a1cab17ba40d71b054c9270ba6bc870e58591fb1bf9dc9b7ee8f +B = -3e2a4c1509494f94406e3843c9446edaf0a6060144637234c6d9ce84d70fac54ed163d77d210bf557bbea0404922c8aebec67a0475a3c7b74bfa2f226403ce987c705c712bb8eb0934c2b390a173c3836378fe71a6939e48d187b27cc7236ac115309fbeabd9ffd0396fb7fcd6d46a1dc683606c757ddc3212f5d2ff3f2e450fc7 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 2078bb5c82a394c30a287aedcfdc5271eb3246be05954181ae4f86ad2880ce674640ecd55c2ee3f4e89e2762139586516a28558481303e3071cc9ccb9a538f887553bf5726f3849fc41ab027fb1c680ce7dee3982587ec71b3760e5da6956d6894ad8c4526d8de953c0e681ecd44883a21f0abef1544fe601743efd3e5eadb8e +A = 40b4ba1e977825b7accb941fe0c0a49936a8a47429dfff53502fc0680d705b9fa0efe003eea3ff0b649998fdbae8d0831bea7f34159aa4c7add6bc7cd56fea97d25fb9a6a10f4572c26d792b76c18ada19b0ba06b6142c420dbb40d66be669b7c51d8cd2a5022fe1a8aef7b60965c0176eee69c32ca5023782c5410adc1b15dbdc7 +B = 1bb2f18d7c8d306bf80ae1901115c8dc3d286baf537b812ce06d6872b61e5bd44f3c53d7f31ca8461b3628b255f85338cc325856fda5a6248b7c476532c1bcdf9713dff9932a50e52a9441aff96092d3fb0fd76046a8d88288d0cd55741083a1bdb20fc6e9c20e82490273354bd826bfe001322dde9a15763f2c0e6ffd2cf60019aea +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = ef21dcee9eadceaeab13287d6e3c9741811f6ea9d5bd111799ae05260b1de2ffbc192818fa45dd7befc3baf6840e3b9d24cecbcb2cb1c3d653c4aec6531b941d926fb6692f548cf81526acd0b6b0289d70dd11ba50ca8de6e174f502eddf47e57440142c7f74f594a9abcb48ce1873df057b132ccce8b364de3edf411089d28 +A = 19d0109e0c47ad45f57b8bb8519265a4390534d2ea07f969d84ad33556518b6234d40d1631be3c3cce6d59b7be14750aed114008458f50a6a84ff75b4ee7e4b826ddcb2d2293842ed29e4e484260a92199c5c66367c402bdff0f1a8057127c6ffe452498bb352802e0005e6cb084663bcfa82783a3d72f3a2a341b8075983892e86756 +B = -81fce71491eda139ed996f6a289dde8635a3a257ad6756e844c768e66746011fd797658184fb44b0e3f3c5600c56238ac7687b5be42529d5c9b97c3ce10f3219e1e451bb2dfbbb44cae0828ef894eff3b52b8dba4c115c3b471984441045f2c2db426cf5f86949d5bb7662cd40bb3b3172a19ca3fb6858315d688f13c17550e700cd5dc +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 8a5f90344071790373044193cc4fd92116248aacf05ce639b6aac4461ec3ccb0805ff9876ef44fa71088c295db14fc820f7ae2c0aeeffca055f8f7238c6c90db706d02f2cc43b4960abe3ca4b6dec8bba55327b958e75c60c5d1f43fcf9136f12481c267481a725eecc403a16aa6221346df680560ff316a63ec8b51dc37aad6 +A = -7a54e7ca04b9a22e2b986e72e634317ffa20f6f4ee90353d559db3f3c1bc6b3b92ac6b364f6c5929090373962b49b59cb5d87554387761164982955470cb45dd00c4a8982dbaae3a1ffe700e8903a4a8e4a21eff9d00fa496d475e0e1a205be267499dacecd31551f8a9d437f37dacfdf5a2754f0876a3e02509b78674e7ea2169c43f29 +B = 652001f073d63ddd526abc957bbb48ca74154c8f9698b988178b3313dcde9acbb19ea11a935184fcbcc31e0117d8d2ec695ac56b5a71614a12cf90f21c8882187428755b6a5f11c314ac8b952ced0f65db0987f0f87e20b82a811599f4160e65c7418af7f33604e7b8952b70581e3e02dafa025cecda970d04383ee552abc620dfb9c5df9a +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 67f903e0e5623258826b681506f3e94cc0b086e262bafaa1395294aefc9f6b6323410a44427010d5e8d8288993973ad9939199b85cf02ae0a09dfb69801536a3fa6af5ac373add7efd25ba5fee6d8f040e97056f9f6fbb45795c0bac94c51ffeaf496710b00bc9ddd8e445261d976168771060c9bd9d83838a84ee9428f59d6f +A = -19c695ee3a4ada840a7e3626e61047c5081867b15843ee9a6506ce45540d23ad25ff23b72f988bf26ab8b98363d9a2997773604f43fa732f59a4b16ddf3a45acdbc7976a1fce01b3dd55559c20acfbb7501730f794bc45fc09b1f035d60413bbcf32a83fd3c41599049a674f165ac5283c42aef213d777ae47eea960f7727f5758146efe5bf +B = -210697d47beb73f45207340a183a729a1e78d84bdde1c7d8f80bc84559c4aa4572ab0e6927ea175acc7a268d05616201cb235e610d1012500c8ba9351a37bd68b4ec42227bea55cef5ba7d12ffb180873ab9d33d09e6e969df99fca728dc12dda6903169acbad38388fa9b001edb09056a2ee2aecfab0468822bca14a4bcdd3a4122290ec5ce1 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5fbaff0ffcfb2330283fe59611ef51cf045bc2690e31f2ad3265046fedaa990b5d5060b3c38f17bbe8b2696e527fd77ead8650d329c2e0c1f3b2f5bec4dd85641022f3e0ae6f66ce98cde1a785bb52eca796ae45c33142e8264621ab447cafe988de926544e1a7036710128c42fe8b574f7ad69d830894237d95a55d1bc7f5ec +A = 482db04e35f9fc1d87b42bc5efe25a049ed924f816e1b0f9c8ebe34bc771e67e26d6057563fd5d5320681e1207c0b0f4b7df547cd6d5be6a2e0f2bfb088f990b0303d0ef263cf45681e0e9a1147c29f2ca5251faa633ca53f6e0b109ba69bbe20c58a76a22789243d1acf128dcc936602e832a20a2bfbfedf963bc1027650f483814d7f5e6905 +B = 105aaf563d4c1d436c6a4552770a527776f40bbb844b7701313c5ada95180160e7cd4b7175ddb943e5a22c910585dfc184b52935f06b12c84b6431395f28af2eb9ccfa66b2ee8f40fd44d753c6a83d67a6f3fe3658fecc7fb2f4a8f357c5d244422e48a33d0e2971059695a59d0d39b235d5194e919facbae7623ffc92d771532b6b0cf771912c24 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a9d204c1a497f350fa1300cbaf682c947eaeba8b3aa0450c1db9120852a2edd2a0249dedef3b3746298ee42834d869e9f765ce987a2aa4712a1f35ed10d0f7ba9cdef938b073c3a526e5bf45f3510c94ff1fb84bc77b08e2aa50f5cc75e2f4da37a8a711f8aed5e92f7e486877229cb4ff2a4d0755029972323c0b51a14fd1e5 +A = 13fd3d7cc9d6d6821d2f2b1c40c8e070bfa85b994ee8f3e0baab544dc71328a1a57b7ee57392ab6d24bd85f9ea0f2a312148fc4f4b22c589e9a265d97e73c7a5b420bee180409ec179c438a67abf37eba61ac76197f3c9ea5edf2d4b8aab91e9bb1a432ef1f214c043664a51ceed1f2854880dd458ca253f09d6f6acafafec310774a672d07147b1 +B = -8c90ecd56d6c7cb129d1c9c26e94cf919c5747450542cab52281d11d8fbfcf9ea797b29588340d146cc40e77dce007b68c0c24356d4b75513b75eccbef6e22a5b88417cb6c516578d17d871e7d0957c09795f9a0f19b811db75d61c27e1827fa2773846857fec020f98444e307d3e52af501114b962ea705cb0cdf815109054abd00810dcc270d7bd3 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 57aef35a3f5388c810f576dbc30d4e4e5a39248b319b7766311157179d8bc1d7ef019cdd8c2c0175a8424abe7b33565afc0128724fa38f0900140b6f96bda2e78d7c803124cec8c2f2d6649afde4030c76cd33394fb386342d1ce97a4ecd180872134fd4e22667a687915bb4fda21f7e0bc9100ed8cd3a6668ed3a235d7b15a8 +A = -673bb11795d9d20a1e4ce8ae71d041705990463964505befce5949f895fa31c92d53f91fbc110df4e789b3f3f01f184c55df92927b8b680cc92864466ce5590ed2e98901cfb78b32ea79bf68b57a14cddb53209e08a7f430fee23f4a1475fd2640a515f8b609e98c760b4301747ecb61f1e6209b07455f1c8a7bb4e20c269e17937f39c6a2fb7b2990 +B = 46beea6005cf96a2acb16f37e357bc8975f4dad502fc3aefb4666344dde456c0ee7ea43ec493b6aecbc7aecc7d4cd107aa09e874ff564f5d59d7e12047b048c1da1faea36a7e2d02d0567bc4db41b54a75110626d13597db698fffd577a5810286ea8bf50625296ee8070419345fa269a354ca2eb47fa3108387f6a4b2c0ea3e779908a14469106eefc14 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5cdb7c451b2950c9d87638857407276959142958b06241b2010a9f93625f9106f065798f79ce5c534b9e5a31fbcbfc63cd200fc1cf10217096aa0194acb9043ccf7ced30d9f0bf66e0dfe27ee2ecc40bcd8de66fe2ed6f8cb0d874ff7b5fe71951412731fe4e19c34bee64c9312577b9e7b2ac08ed15aea753a6cd3e286192ec +A = -1eee9d5d3854db52f9b43698e05d6a0f1d1f8df5f32884a775b25110309c46ec5c7e112eb64b2d7f948868bb9670068779b0a78bfc7e17860ee02692ec6790222b4384b9bd7db5abf29c46261c10d95f503b821a4694c45553e0dbaaa977892b916cb8990ac9ec29ab5c3d63ed77138fa1e95f395b3b233d039ab5daecb0296203166e9386d1071c61cb1 +B = -34587c2bf3473a2c5d7f3399d5ba2bb09be8105a0b9f3d8737d67b03d8b91b1c869f4e223d6246abd36d99d84052ae5894e58288a614a0da8d69f1aa57428632c2b059ba99315ea2f68ee210e65a741e94125ee4a723a7828bcc410aa2dae06ea8ed6cd23f66ccca7e85d2e071055787f230ee405e50d1519377cfe0cab4e5f97b6cb893b01134813a7c2c6c +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 95d0b209654de56bd7d6f74afaabed2cbb3247f449d80511d2d3c689f84c9b79587d78abdf0eb37f1b89f1f8dc8a83f7f9fac2c8cda1fd3fd64e16f5597b7f0a1df6da6db9e828ce7be0e876012bd52f5a74ca73ff8ca4611dd9f342bf77b485305ac28a1f8ac7538169f2bf3e4ff4dc5fdb9dedb97fa743fd8ac8791b8e288a +A = 7821d4b65d529c30b8747e184e450cefb11b5ac5dc77905e6fcd3df64336661c82ea68d588ba616d23df485ff0658fb3376d5276027a40b392f47219edc5ecbf510cf0c5b431b02c65e5f432092f941d32ac5f71ce3496e403c7637f63a23b91e3326d01d2d32e99e0ab265108dc5e7919d3983839b3c7541848dbcd420a594e850e587f1846951852ed76d +B = 1adf5c428f2a95c27a943637758d5dcd7ca36592fcb9d52ac0b7d27adddad5804e3edef257aa51c716801ad0c731e13c5dd000f11b5ff1b69c198f236695c1b2f99c0afffb5d084f80fdc534de3b0df4597404b50c7e784c3c55dfc9753c414d145eb0ca4d07e2f65b63f3eef8d391250a5500ef64d9bf963d7250d6906694e7670f92e3d5a7930f0f85964a21a +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 46914b197b84fa99addeaf55dd803182083a7ae34d6d4d3a55d6272af40a600563cc8d9f6b48110d0521b8b99751235bd5a340b1743497ef1cc459dccf5d6da970c4c3103c978ad2d513298f1fb3e68b24a9c7b0795f47d8f7f6ca9caaab9a9d80f15982599d764f8738217f9158517806fded5f3552fef8b7dcd2e725ee04d5 +A = 1c9f5f2a0d72806dcca92dac1450a50cba05b5dd571c2b3b988d33528d90ecc83444e3ea8df80802c30fbd5a6ec2ad9969be73aba6dd27e0dd2c842b95371d7547768916c0cb036964d041284cd323c8073095b2a8cb8797add5cd80f03595de9d18af8df7dee0d250ea7048faa47ae0131ba3f350d82864dc95e5829b88eeaf2681433dd4d58b2c6f70426af3 +B = -aa1e1b3cfd5ca0facc75e46d872584d55144620f849ab05931210b4e1526f12679bbd9cf00efdbd8863970e2abe8fc9fa7bbd21afa9e364e3c9e32f51fe66844fea4bab7f3b1bd278fd803f6bdbd0d296321e67751a0b894da338ab431871adf1514269ba05e0cea5558cd5691920fbc18237914f3dbe4b253f774e5dc1dc57023c080a3b90a004b809d237658ca1 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = ada55d93c533716ebd8c16e23603071950aa714deb942ebbf77206753d2676a7aaf61673c03a4db69d67faf6273828594d85e3c8cbf38460fa2af603fe9c1b6ce104854e7281757b26589f079da80685aec153fc5fd1a223004cdf30247f8398b8e92899857dd199d5d5c32412bedbf9d55f20e52895fc1dbd04c84cabfe1264 +A = -7d22392a8da1966e6cc5ef50d7409c614f8c8f8e5791778f68a00b4a056d0002707933043d05e48347bbd4d0dc1b6ca32a1aa4bab9992e7e620263283eb68d97af13b90a29c1b7dce39ec0b8a63878e8d65aebfb3bff4e67129e3b3725f999f1ec9ae92007911f2cdf738499661c5b6c9bf27712d0f29e871b17318e95c3d14b2e472cf9e466bea91fb71a493b2d +B = 40279eefe59f954aa8c51c9c214fa07707b1d095f697ca40edb820401a45c472d1d7bb413eeddb64c14ce6144b4863fe9337ae4ae8698db92facacd6a56f3b33129c5b608eafa29e9d92dea620113051b926b80b75f320d7ca3d2ab597168c68774e68c47670458f5ef2ffd4604f20bffcc7817eb09c9057fd9989a6786a7e067ebe6724a89e7d1580f94ee4ed502cd4 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4dcae9def5467526b0ff071003e56f5537852cc0bde9d86eaed2c15e36e6429c68c061e12d321bad12e29626b5013c28f118ee59624ae2f35d2c53bfd89e6afdb6db79f0321ad5c55cab03e6a1a97ff7bd58c760d0e9fd7507de987ed2f94f9c79569fe7f03652cd53c67ebc6bd3c9e6c5672891a9d2ee11b300ed3b19753c0f +A = -127f5ca6924851faa2340c4c8f425b1dcf41b313c5c2910e5eff8ef2faaeaa43305de2b3a65a75fe54c00fb30c0ce3e8007db1ea222521190ff1de6d0cf2e777ed61ce8211dc167bf115a77890d0bd1ca786e967a04f077c89939ce484bbb1c560f669aacf7756a4338d97cbd7f09a376d2dfd4d632bb451f52c03c05762f050ebbf112f8dc5acdd9b631292fd7073b +B = -3bc5e9c352c46449a9155b7ce5478c771293599cd2dda58a962010f1f21d094aa6bee03f9311545e8dc6213f6aa73c08b55bcdf4d1d84fecb9eda35c83eae5fedee75b2d15a003f8a82b2b788ea19f7460fdd8f447d973c950b3b250a3022c19ff312ccdc86b6ab50c4ba627b15968c8a66d306bbdae8e88fe28c1853fdfb3fde92353f46b5bc448ae42306a4c91202f03d +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 62a812e35f46e04b3afa7d26c8fd4eb168b6b64cdc839ebd0a46bf2a3a712af8e97380cdf0bfa8a274f7b73e887bb4cc73c6104a176d425aaf5352f14ee51ba549a6926bd8d059b8e3826b174385d4635b0c36df75a4e7da44c34e51eb82322b34ae00e8c712eb75b3882822bce5a2f2f5fd74355319ebe1973284c690bed2af +A = 71c57b08127a956f0c17fd3c639bd1923ba19bfdb83c0cb9dd78e62b8fe4b7e0019cd0a6b73a334c622118f96fd6d91c1e06d4dcef8a3d0d6bf8f5beb6389226c50d14d3947ce9f24f7e0e6a7befad2e4e92dc9ed8fbb9811d908c03ac074b2a5c67b67831a350c4d548ac70810bb5617d261a045e53cdc48117b9fe86d35950d0a181b73c8cfd35edd31af031178523b +B = 1cda2a51a707f8c4d2cbff6337c3f63519705614c26a489b545b1faf366b705af1d953701b568a684856fd3186c035f878788f7e5dbea16b5e7b6e767cf611452a4272abf2a9c5e72b7251a1ebea5098c60cc5bf649cb70980b97d48580967ffe2913309b6b78cc12d91025ae403928851902dcdaaa60f5b323a1302a5ce114cbe174e3eb3c2fb5eafc44076396c23d53b028d +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a9213cd809d41b6bbfc2123bb84860788ce22d5b91f8e24fb616efc286a218ae9652b42912a58bf8ce596a1b48e4c72f27e52c36be1940f7d2138eb895ee36bbb917a59f73e0b6c3266bf4759ffe2ffaee3f6179492658e0778bb43c4df4bfa1a46300c9da496033142ae2c1e33333fd7e82c5a14686b255e224c51aecc2a590 +A = 1cf4e2d5924510a5fd06ff4eeb94a740e430613277149993004b8de1a2b96ada54b05365f305e896df5fdffd3d7bcb54f9a9dba9689e5ad498012f7a684d083c31d7017aaaee720bbd42382e526a35d2add21d9369f7faa41dbcfe3dae426948a402635771a977e19d5c353ec7c1abd279975f2effc0b7bc19990154b723f2f8c29e606581ab9d3966702f68d8bb8065e9d8 +B = -cdab60f9b8e1add4c54427b638ec5f76b30654d3649b500f833b2943bf6cd5d8647549657a8ff999eaffe413ed87e06267b97bfc1b77637b57f29039235548a7569fe6d4bb16ae9c6cfd38c0b8c73aa60797d0d69b03d5a98314f7f7ee25df8b896ecdfc782cf8057f038b6c3e79c99df52f839fd4eff302ddd1256e51eb31cee24585782a0439da3db2eee79a58f889d8847fe2 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4dde3d63aeeee47441a7e733bcccbd4f2e495ca3c746468e9855177f7672d5d82e51da8e268ac24e8971d802e25d842a16a6b8d76b8e46a7724108c02d38a4830453408ca5ced7093676a1db4bf4c94b9b7a9531ab7c26f8de520bafe4431a55a5f5d8c7576427a0f5bf2081b998b82da2e8e959f2ec4d5141b55e40bf6ddeef +A = -5770ea0a75ff451fc2c86d428f2569884b2c88cb6d9d407cc22b191849d389f57a5765b83adcea21c350b37bc6d750d4859f547da22ea8a3698a5cb6154b946331ae2ca18e7eaace951dcd49405bf8d8a716f7762eb242b8bf5e4c53a662c906c3be89e53ddf7a706ee2406c7d0ac17b54ff259c1bd5a092325938832763ac4caf0232e80a016cd1994441808d8db7e546de3f +B = 7e4246ad4af268695a51912053ab6628969af4fcaf7f1e97dd977984a1604e8c9fe6b920f39a764c27d89f75986a4bbc122f92ccd1860f24677cf346474fd9441f572f769daf834e6a00cbc027e15d6aa7ec2030becad41e1068740cde82abed768de7e2cfd325848f6063e2186faa76982b9ca73ef22434a28bd2e3a5ac477af50f258140bff938d3fa02fb904a8ee0ef3c1f6fed7 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 3d8bde8d0625fc46dec46fc657c49c8ab12a988cec4ec1c24e6f4d8ff94514c8d8fee4a08399c6bd23fb6464a38bb5f249591456c283325e343cc289c85df0ff2c1707a6e407ff7a24383b66ab603b75e2dc3835ffe9274eafea148f20764b8ca30cbe483c1cefd51f82dfb93d7793b3ec19a57f2ba03d884f345bcc3188fe28 +A = -1680dd51d8be6069c86ae157922d55df3b58ee6f53738677bcf7332d6e7ef304ecc7ff7c5a5e1f525459d77202f3e815c68f17f9a6bf358654a92f9f9acb252ed8e9e6a849da7491f26d0e33900541ab67ce966d042607258b4382b8108729a703b429babc34496528f198a7e0f814db80fad4900fbccdfb64908febf5e09805d3a3049c0f164f0bcdaaa9bbb06df8f05309be83c +B = -2c6c6b3c89f6e1d1cdd9abd1a9706e4f642a25738aebbc97cbd60e1f4ad79b419dd54bd14f2bd147b1d8e9bfcf92faccee61a43dbd1a2c084bf06a2ca476b3d169fa2c99794fc827b7f4dd010c0534e7cdd03d00456033ae0203b78a7ed229afcec2d1cb96892eb18898bf53584dde56b4316b3bc5186d97e3a9edcd059d7fe14561eefe4881beb8519c1cb7c3ba22cd2e13d874aab77e +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5b4fbf0445807c8feec7efa3c2bf8dd86b1070638f3c87f1e173ee980412a28847b263a266506e70381aae919ae05d306d3a67a6c1e72c8ccf1c27d6296526e87f0f436c98fd1391f83440b58fadd4fb1905a484bfe8f516661e7176a268660387fe6a7266ef02e5fad91ffa69247bb11cfc1b5c3a88c76b7923a26f8a31ece4 +A = 65fe4d55bfcbba2bbfbdae831aef3dc8c8746e1d04cea174c1d336974d81d026f562225b4a297b1c3b044ccc5dc9c830a805a399bf26c0369b52ab0dd2c0ad19e723fcf9f5de2990ebe5a1266653195a2aefd9a392fd3da8c22c523a362f195babbbf5329018e3b454221b3e77cd0dee79f612f86332b1d104aeae7d8d84ad06b107715bb76bce20220d1340ecfc666b2bfce812814 +B = 12f775dbabf1c112523feab443f6e95d773e8220d66fd87bb7fc702588136a048e17ab6845a9c784dca275cfa445d007e8d8383740b156df7048650f89c5ef1a84148488fc405898f9e326cb8052f626c8881abeb70f3a0f52dd83e3ae0cb82d178cbfe8c393449caa2a87e7c8e2901a87e276b49b6d012f3cbb65641add3694fed3e3177777e78fe375f3a3b378091bb8d2998286562faef +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 4f0af7cb0c4e82d0e6589b24b55528818bf2164d41f58505a2b302a8f677df146f8077945dad3790c323e19b37e3379eb95de8abdadfbe4417f8bf8da643768a622ad4898513fdbc72d3b1d2791ec9ff40634678faf0e17d6e0851f08c39405907db85b74937ac403a9a3a1004013c7bd95a585728010689fcaf63b2031bc8c0 +A = 156dcadeca94985ea8bc0d1378daf1e85ecc4c7f8b6d6c7a5cb9f9ac368a97c07e381004023bc575691c082b5e9e13a02fe813a55e76196e4ad4b0f9b1e089bb71a0d5c94254b66e3e645fea25d69bbc5af266e730482a60105306d664f0ddecbd76d54e7235979aa2d806b809b3468078b5d90aa22cbd2c441198d4a52f6259972cf3d02003dc39dafdf3581638e56d08c5181d36e9e4 +B = -9a54586072d093939ad86df11fcd3337ad7e9e478dcbefb2b89d7555883fe8565abcd5b0a9c88ab135ce5327b2a326db645bc7c0e3ce24f902544675ff9d946abf30302f123aeed0f4e28edc72758ffa760277caaf4817a3ae8615784c81896d2404e2cf47c06b09085cd0ad1ec46cfc1f04d0272eac29e774b30f19939d08c036b185983c93ba15d1d27aebe4a357b9f6a298acca3940d2730 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 7c3ac09486a6fb518b98a9bc8a8b382bf2293e2c1154470ff7961212430fe2dd28697e49256b1ad8add082ee27b6ecc016b120e971665be801b720069d30c0a8c6ea4795613017e8883e5c0d0e68f982c328379d7a0afb7825c553e087b33e9d78f90e0b95a6597076b8ec2c1d375e2143bb778c318ca0680a64072cf9a4fc08 +A = -71d8e7ef13d63b4f417c01ec1241020a8ff4c9b2db531500984fd3e45d22b2bd581894c8a248ed7cc345e70a5698407df8f0e4ac71ed2c0d42122a4f92279346f463aed899253206786928a0eb7c37f2e51e1cde7f97cf9288d85c3ed7f49e62af0bf9abf062d2c6544d83b9d3438b3881e0d07b1fa0f2a4446fd43ab3b4f81fa2cdaff199c87965e298943c68cc15f2f3f3225efad68b73 +B = 64d52de221f102af62ab1e9526935b005c81658f8fefa019bc58e641023fa785798ed0dff8f7f999dbcc2ecfa47d5314ac6676c82170d6f2b18122c17c1e1ec1b9b54e333a184a46ad35b2150c8165f0de19a24b98327715e5a641c1b6d3ff9d247c89c8749e775e6fcf5f967c6eb5e73523d4f1ec12db7321b14398f26201a364e1371f0ac922781ee252c6d2b3c657ef259ab73cb7992a370598 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = cd08b388ffd41d0aa29a3dbde74106c57b18d325be8f446a2d9ae95fa4144037dbd41eccd50fa34096984cb11bce555c117c5568d76a8f79d308ce11043fe2413d37d6aa60c366af6c1da93d525e4b2d79fc82c0a53ed62fbf72c919db8a3ae11f5ff8057d7501f5f6dfc9ae461c308d21919d0de9e31b759d1d8e3526fee58 +A = -12e58708c30c93383cfe6e99ee3c5caf1900a7e610605706e77d8f428fd59db2884f5021d7a382cb18b75ed22528961cf43be1c700c581ceac3877e83eabd860583e6e94f3f2989c179ee5047c82b53d37054c9cb7ae08be60a91b10d49510e9f0b90ddf89f93790c3e18cccad5a9d223c605a6c567550e2b4950e184fd97dd68bf30681d3f9c585365de2cadf36a43f5a5305dae555396dd50 +B = -26ea5079ba7ed137a14d00d413d6f818e911cc183c88764de4d91d7a9b4cc7af3fad703142dc7905992eb8bf489f6d8231bdb25603ddf3c31fda8bd9bc4d78835f9ddc1e6445037f05125cb1ccd92eea2e927297e5eb915d5d965a25e5d58feb8d79a890e6036c80ee91e7469d9eb672d7a8db68905d06f5981fc40bf486575a067d35cf14ceee3ccb79b72871bf8f52b92e4910ab17e5e59ab3ae6f9 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 34714506322dccb91308c403c267f1ec75f80faf3cc4272dff4a84c13eb1e6133af6681387006c61e7e087046b64e7ae74eea8a3c0564a7c1f381e1c940d92b2c766fffdaa7318d07dbeb877943a73b50517b49e5117778b8a60212284fb92f29a9f5304f8f537e88acf8afaf01fdf64773f988cfa9551d6884baa70587ab76a +A = 638b7c549ed14256956bad532945ef9e11a50313172965386635a2fc7db79deb0cb5c157e9854117c17f1509d505d01a0e138d2e510dfcca45b4f7ec968b5214a6699b61b8ac68adf64d5394f50d577a154c013612090e2045462160d1f552592197d7da78e03491ae284dc9faf643805f2674af8652bae93ff230fc3eaa833dc62781e5f74d0f0b90290d51d481b0a94ae6e972197c6e84ad7ae +B = 141f62297ee88ad527fd1e0e09d9ab5dd80e17b32f34a674a27b00d719839701664ccca1b00da2613396cf633b0bdc4482ad3a0c3e209eaea7c22f33706ae44155f527c9ca4e341e651760d1c39f65d5e99e649d013730d2502b6b65adb8a73e6bc734b7d879b430798dcd53fa6c0badd57896cb566d9f1e0a7b3a9161e9808e762ca819330ce9319dbe7f49bd663a9f57ac53d65c6851dc7bc4ee66e08f +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 7adf54c77eaea2a1743bc5011ace45b7651846e77f90402297f117d8b1c0377f93f49e92a2457f3d3debec3022a96c74c166d01b2279553ef518ec0e612bd7b382529184640c55b89255b2679da9cf370913351592de39f804f1724de36db90c045fa644e8ff20627f67d6afd4546f00d7af093f668629f9a06c07fab5654ac8 +A = 19c491d5b55aa25f2e18cfb7fda18ed4b020e3f63244eb9f6c4dfa86eb8a70875cc898e305a7acdd3eee081300edb3e4c837940bbc1927f5ed9f651e46581639e133515457464e9c451390828e5e7e00a688daaea74620363706cb69e02717489ba9ad05774c424c18e295278caf4df4ced80b4cbd20cd631df43f2e16ec0334564d9dc03dfbc7111e4252504fb449d5a25cb13630b7c0c565a82ea9 +B = -c3f765349639beb80f888d9c8b7b335ab46b55064ce2a88180c80ad280c6b7314df52b7e73095dfd82896e24604854a48121353aa1de663eff07882771803010005905896357cd5a56a59f0db0045f1aa2c0b5626e132c169abc64b9893f95932f54c1d8cc25f215a9ef6e4cfdd6dba85f6faefeca81793b2258ae1d1427e81e458482aab87f6563abf435be69a05b195d1eda90146a8cc92748ca6f798b10 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 32ba5fc81a7747c3d812cf036bc0edc49f08824d53b91a65a6d41edfb1651d99c11ccb4c074d7f04e652276ae3fdc8d6eedb72c6e46cbb1f7f4070dc9d179ce3e21a3826f7dd2c27943a8d26b192d7f5c4aee9ba0647e406133e3e89c262d37cf468aa3ab8c5dd1b8900dd06cd600abc6d372d9408497d9e20c86a9a6a4ad9d1 +A = -73958019a5a52357b9c1d954c9b14f51ddaced32a4d7b7c95730697cf90029564118ea168d23a54381f7bbd6718a6b662e4c87410e48ac53b7767148582b0bd6a3d35f488e7fcf2b128e0a58b5d468dedabde4d624f4a82e808dd7b175af0d3658c6df1ac0da6495bc9a8dc012f8de55c2003da9b2d478e1a089fab776d99026684026968fc309dae46a6ef2412039a8207c3084f96b4e38e4fa01d131 +B = 4330fdf00bc6d13ffc267073b68aea7419ebef257d63f8f244accb9ee46edd04fe5481292de69d377ba6b6304804ba7ec0a063b42339e6e37867261b9945ec705d3a0029c6f499420e02a773476546993b3c5e1efc2417f51afcec7145a9c2625496865c11636e285d4c8b053ffe66887333c51a712fe9c8ea57606103fd689dc88f1fe37dbc33ae4e92067c5bf51b53e2f8205164c800e5abd677c73949b00ef +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 69b850a99b471003a56931f7856da357a2254ac50ed81dfae019c9b722b95af16047a0d5422cf7ab66ccd898e85caf0e03e74cc8a5a413661e5da483b3f0363e63a7031bb30626c8f73d6e99e290071094b7fe5bbaf4d303192e59acb5e53fc7cdee78576b51595d9f7a25ccf3c7f8889de68b9deec167778ca27ac9d4c71c3e +A = -1976b3bbbf92acbfddbc05b5d9e7b62a7666b239c1e6270db7ec6dc2929bad1024e745b897840853d14cd815aabb01aed580e1cc66ce37f9d1cc4c9bef8ddd35d28285faa29f2003d2a4623ead7d73302ea9f380f16b3fc06b7c2b8bb4ce4c8b03bfb6056a61c620e4decc6048cdda5e2d3ed8a13b779b8829e2bbab91e9f6b0304b1c08bf8fd85e0f3cd7ee72255e5342e077ababdbb545d7f809bdf8145 +B = -2cab554f7a5d21c499a1025f61e6c81ab0fc68a874bf60470cfac57425a451365be62c380ddd31f6e202f29769e2b6106868da7c81522e03fa6f0704522a5f8bfadbd007bac65595e149f6c585d7fc022db016bab32819049e7547bf85d4232a7fe19084907c528e7eb0434f2e5a375ad9b7d463821bef2f6a721a635252576c176ba42519bfa5d97d0e47facb4426aea0d755507dac81ccf1537b1003ddbb0727f6 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 2ce33adf34f2249f8a2d2e073976cb4c78b71414e027657fcefd56fceb022a06c1969dfafd519eb9e2542662c7647102f5c528734dd005fca666be57b46234123bc3db286cfce07bcbb399eb6764daf2b9aafbc2898a5ff43ddfae849c7549289640edc4ab7c4b9fcf5e159623e5497f509ad6f0270a41fd864c9437302ce380 +A = 509f5d5b160e923b4fdd72f4d522a713d780daa4bfd10ddbd62b26497a2e7925c495afc2abf0ecfcb7980e588f96c4078bde51c7b2c19d86d15bbdad5de72fec2e0a284dd693ce0902b40e54af87ac5a5df38ae6d1d882ea6299fbe6910121ebfebd06b454ec5f855bf3e7cd544a4b0d9a764428662e824e2a6185723534f5e6ad829734347d240c48c2c0f8bd6be6ae8a495a9e383fbc7402a4096b8c2c214 +B = 1a3b7f55307031609afc974857a6cc75821e73a1a9535bd6b8e141437c3fd4a6871c904e22c5d9289df7525ac69a0341d3620bcfc5f04b38ae540e26beadbce0002a8a8bfd0f6a270007e4c52aec2fab11fb2a831b9886997256e4b7e7ad3b0ec64c0f31fb0d637869143712291f5073a5756466d7c82c31e08e09683478229bccdedc2cabb7e426af9025185d8dd5124e08afa4e981236180e0a390004adb7918de6ba +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a81fcf9a18ce476a839c896cc5d9b639fb1d74610e2f618c25310147b57cd77806c2aab90be7be4ed10f0122baf9b862b141ee8e4be5e0c23ea776267f14c31e50b119bdd33f2b41f6a4c43d35bf6f095864593e0d8c0f1fd4656d8371af844d197308bbff14e5a28b7181eb6e6a2b31ead7361e287f3b4550ab0484bf7baaac +A = 19f1ce60ca50bfdf8e02313f1c9a45496720a2ce467f1e8bdedbb32525d762878b61476989c7f6ae8dd29c983ea596e521bd4cbf74dba4d505dd9ea5df423474fa9725d5b65f1575d26ead95725e2a59a6c8a5397ebd6b54123e42bca44781b84c014b8e5d2c1a86cf34d764b242baaad5be285cec72ba8ace808058a0226c04f95eb2b53a828d0ac41e6b40e5a4c4092788d9f7e988752f175f075d545f421205 +B = -b115a1101d97664759538d22154de4b000c008e551e2ab10ad05f12274b10a4cbfee762d232df5188fa1161f37ba61d146e8b95fa715d98e016da8beb0600de65216cecf8b8816f6e7e73e2a2bfa7d0bac74b517b906bbc43357fca69de9cb5507bd95205515b97b3a4d6842f3d7b09606cce1c7436c462f49dd05e915d04ab6fe2748ccaf025bd5d19749cc468d228ba43452ccc479c146ac6d781717bb9966bf3835dec +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 1473f092540ae30de595666beb33e430cbec42d7a28d4f7982e62f58025cdb617cfc33f1e5ab93d2ebefd7345561b81271bdc50bfbb0db6381dc0ea023ff7c72605da26dc7da2b5664d2ad7967426ca97b3745f82528964bb68e70087e14dcf2d71d30fa0d1f7b3f10b19b357e7053fdf22bccc5188c6919eff1e5c402b750a4 +A = -68f280cecc512d51ae534f30aa198cf7b170c346c1159fa9cf158d0127d43e50a8d4704ec54b8b4295dd7f51c6771cb5767fe0c975414cbe6d2bb58ae66a095e8832d5f443498b1ade1f5bf249da58595ebd878677b34e3b4c99ba6124e2b71d86a8d99727a16746469de51b0a61d9d981459a6cebe206cd36a09f00ffce7f532e2c31999847ba000b9e01a4b84f454544b6362a5c093b9abe9d583716f4534f2de4 +B = 5b79684387f18d7de6eec3a63d737490dc2a46c0616ec16388dca2be60adcda11ae13063ede3fec177171a51dbef430f8c4b3f6d297b9d6c020fc44e3ffab891d0d751d033fda813861bc067c181118dc613335ce89c5960f952e5fd28bc72c41b7b6e374ec29b837f1e00271cab646c794579d315260921dbc3b984b86d98b8f8816aca4f16de50657e4102f34d9e29ec3a03e0da06e70f69952339bf2ec4a7e74daca82239 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5e4b3f4aea7115d592bde9bf7c6594fee77372ffb19f7745b4de878a4024f81e8290c77d2915424df20004a7abb64c214104a3123e7c8f230c159ccb99bd937521b433dcfb065b186a685fc40f9166bad9380a02e297ffd6a307ce8d2c8f2f1330447a9c06c327b74f3cfc2e98f3351a8b385bae855941228969d1c29e9da3e4 +A = -11c1d396693139df5bd91825c119d1241c3f57b7ce95b46472dd82081738cdeb0868d18eb7c8ee7808016b3311f982adebd5a2e5f4e201ec4a34f3037d260fe580e771222de5a1a67947a4552cc03c5c59f9e60e25063a702ad3c3aa43f061a22567f938a91f1dd697c3e3978fa11ab1d65030bf327f8049bda745658bdd4ba8f3e34b060c6a2c6c5a8be54c7cb5f6b106f54a37d2be9f674f7747744d4350b3acdf373 +B = -25a65b6acda692ba3330d70dbc3ea4dfe208c0df358c50b7872245a909c5ac19ec568b1a1340e1a094f5b8e7d1e3b7e04bb4df002558aefd4540135d62d75bd5ce959128c1300b9d98429d7369610866d98b22c345e531f2beb80b042b6ad48da077043401a82e223e9e529e7407bfa466dd2680973006d047d837c26a60cabc36a7ef538f603ba19f8e923f168ebfc3834df8f77a559c9e0342e33df245f551bb242e5a66e5904 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 47872b544fa0425981ae17bb450ea346135e6ed7a9de0572ae14a6e85e8319f27cfab778cdd8cb5f93b417d9c66ae0fb7bcc6652620f7f3f74acc2bc9f2c090129fa8315aeec9ca7adc5356484474ee803883ba4695d7bc47c87eec508d16a15150cf3f757c4713de71366e958d6af045b2d282b6ce96976692c80b1e0b6f846 +A = 7e8f55c040862f12d8cc6e506608eeca65ce38e9e8ab18ef7007e3cf0f1c9a0696795bd10f8e1e1f55bb4f4f3a35c2e0ad18289e250571ccc26a961f730346efb1e29fb143ed97cf72deaab19834fa2e98e9c12ae4cd23b9c5ecef4a04c439f7d42e110b30caedc4334372ca24cfe4171ef1430528f7b57bbc823fd606fbd30915c5817e6c57c967c4c404a0847b1455da17effeebbec3f9357358e00001239aae209228f +B = 1cc00b95f6bd3abfa697400c98110725a7e109aa9b8cbbe9ae16327c4fc8e5bc93afc7a94da32e98e85e4fd5eb545192c73007d97a4e84ba64fe187ef61d17f0941e165c9fe64c7b8054e24dad30f92b50d1f526b4bb031e6b1b9058be24884b170a145212273c51692b71bc57ee53176d8702b975bb6ba96284b462da2ce38e12d86b342c7f4d3cd489fbce88a309c7df1121d7bbbaab6814cd1e54953e5cc46813ead98f02360372 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5d193b085e57c3f1e825cf3b36c8bdc936c603136bb782a244b04a79fa713dc7b08436b85ca3b483d2e100a012d6430679b30c8e4101c8f08ca0f9010dc0f27fb37be842054dfdd99362e03a7f55ae58db7b47f694bd35d91a58975ae1f255c41617e773f91c2640f768bc702a213f073682dc761e056b34c57edd85585fe04 +A = 1bb1c759ea94b61a1721ef5680f42af30fa31444b27591a03b7c9bf5b90845ab965339f463a78bddedcd62fa21197c32d6850c61bae195f86e1c7a23e7a20dc618c59ce3a1c6ea6306c0b01b11a36d0fadf8214c36a133d689438021ce7c78b20c85256ec607360cce14f139513d9f3ea6eab067b1ffd0935d7c43419b93ecfadf2c5a902b7c39a69bdc023173bdad574adc77706c1a666d66f69578a5bffdc7cd6eee28ad8a +B = -e8072c49cea603d48f20276df188fd2fb28f8721d578220cef7db1e56379c04a6b372e56a047cbe59ea84ad026adc5d0aa930011db63bf4959f15781e060e0240dfac0e2a2c26be12a21e5650d12140bb49a2a8e0f6a86e4b1eb79d9b8aab3202bfd339096529170cfe3e0c18263128686bd9305e92a3c43e1523f97d8a6a2707773e3d441da162a79089c9ea1e094cd5a23474121188013c8c287965a5e77599f6a7d64174b06cc165e +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = aa79c899c2b9518857c9e4f96523a44607c3f6a97d1f40d6474ec79deb2feadd955fe92d789df4d362c828084559fab56b5e33a971abc5449208d31671c7e220c5945886e33ed1d804c059a8e439a92524a785076f9730732bc5a152aeffb5b9ecf3a7e4b55983016355c4c29827496fd4d7e6532c270cb9ef263573e4c63074 +A = -41b326c2b86e7ac14a2050bff67bb5bf9697f02594789c4a2b3e8455df4522546278d0620f28a680f6a88ab545de5829305485422f4e70a5ebf0ad15508dfe3f16ac556436d8fe8a8cde83ead549d88e0bb24dee52ebbb49159ae71589d918d3fac8011cfc3afad613ea09173856b7b79b55a2e43e0f7cd21eb9122d5f6a1fc5408414f5aafcff863b870c67b740256d317a0c58af9a81d8025a086a1f3d79f7408d4bfa06b9dc +B = 4730f03c389f9bdd92fd864177e06140c9dcc02d01fe7d37b51d44de140696f116d11bb67adf7db797edeb7c304386a7f5e37bfac46a5462a6d4c49b1bc034c2e0dfa56f14bbd2a4bfaf86bbad4f6d0dfa13c782fe680847d4b43373d7137f5c2ebe4ad58c695a7d4c407bfd888ce04abaaec60a3fd33db10eaba6b6acf0e16cb61d1beb9212c2b07921bfb5595ef1eb389200b356eafe8b5288d8f0e2cf252b38301de65190d56bfadf57f +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 23f9850dccd2af799f18268c3a2918a69019513c55268faf2477c50677fce277d8ce58a0cc06dfe389170faf5f0ae13ffc4954c746eebae66efc14eaef2c2ac9001f3c7ef7e32fdc31dd725b6a8093e33daa6d19808908e0c2d3e7c1c58e0fe9ed92f4d7cf3cc222393ca4f95feab5d34fe29116410a1882dff7cd92acb87590 +A = -10a75953e5fb9903411869a2949f8f04144d6e2d61f95704ff55a02f40c4f283add405353a68bf7d6acc1b8cce738f0c6f9271a538b4c688dbeface58eef0a0a1d491a9e66958750db97bd01466edfd245cef03bb6a3acb81acc63c38538e7f15deefd15afc422a8641c357c31a069258dc0ebb63f06094ed8fe7d4d420246b40302361967c81f0a9ca542fd1de01967514ff2565de7ae3b4a200d63feaa22fb99a251cad66624df4 +B = -351242b6e6d0122f7120deb8357c3bcf25d221a15f83579883bfb4dc2e6099e6b7b95fd08f6e573d93354b0676f7bc9fad563d6eb0f3567ef43efe3d874b9c7733e4fe1ef491043e1f80aab6094cc9b9c236570972233ea74e8779a6eecda23a65d08d878850cab6005159265893dc0f66920a12c26dfb421ec326a1ac09e9ab8085825c31aba488af02cd51f96b205c50e692dbf2d844ff0a989c3ba9f1c2bc7f2e7dd9458a72d310eb28d490 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 69c7fa326630d7de69249807cd8bc55c9315acac26fed3caa3c8a9c6b51ee96a7dd0b3bacd5cc13c15f199e268c5eb91d1ec36c085f83b437b9906caa6e39ed7bf09778610b621426cc8d36d96f541d0bfcc7693525d33e0c2ecd77ccfe80289a11155b37c7ea7791b5c2be3f9b954e230c19d746575afe9a1a3a9677d23c5bb +A = 7cb78ca8e5d903096630744c85975719c16333e2e44931956d8c45b001d35ed4e184dec88c9e2167d2f338fe6f25540a144cc419590a4ac7caedea3bbbc565365d3357baa62fdccef2c5ea616614e0bff60e81916eb4abde0c9725b1bf6869e8b1e11f6d0d08fd712bc68003e55ed462ad4946f7f982e663f65d45c07c659d9620d5139d2b3332a68d33aec36e21716a3b75f44272a19f860e6ab3864f06def9a5ddeed340ac0733353 +B = 16d5b074e008fdd30e73ea95cb5fb87de806319388b3a44f33c94d38be0e6f1a92103dbdfb3d23b6e1d19bdb29ac14833003e9482cb7524d0d7b4c377f4911e3372f2cea6f84c938d84e3994e80f0d68e7e385ca29e02f70294c921dce7cd3829c5854ce51d1f4fcf7dba910b51b48a3f53cb1f187182435f21f6981cf8440f9c8287a9749c92c0304cc2bc91eef32d8e6526be802de8aa16684e8854cb0b67d9f7ea00f6f0145d14e3c251f70881 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 72192604b2f3f68b9ed3e261120ea52b06a05869f6abd21828ce8abadb3a71c360a14947bc738e5d1d530b9636d796f785bb44508477eefa80c4b77d4e8e35463e15ea2a48c682d3288c5abeb66181e4bed7d5b4e0db20fdf5ed68513aa5ae7e0978ec1c4646368f206636ec90e808817bd1d03acf9adb9ba57dc153873fec11 +A = 1112d291463b28ef45e879412e6607a3e20d50dba5044e71883bb3cdfe9bc694a577fd7d896dfb836a171f3a4d8fd025d3a979b43e41baafaf7b535d9050e47f4880828640e952435648960bbb74a3c25dd90bccb3fedd254dfc0f031d0e8a468e93bb69f771ed35f1653cffea1a763491fdf6efa21aefc287cb611f5ea0085f64cc3705c784f87ce00846901833d01a3c45ce047d822ba390b538f0a24720155409f60ca0d90e13991aa1 +B = -d553fa2dff0265cd9d083ad097af87a99af3d8d93a9f4c07440a28a427082004ae5c81d22bda1dd2429f540de8df175c1b4d0d50f0227489ba570b28baa35055df951d05b584ae6b051a135d7eb2a501b2441f82c135a8ec0eb81d379b96ef8f2fd526ee62293bcb934c76ef8083727a4b28bbfc9f515ebcc2bb7ed9594a106e137ce94e9105b2e2f4776aa9c6abdf426a181181fece3251c3ef4f8eecb634e6bd47c5878663fd51c74a66b92713fb7 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 459e19faf105ab17ff794927aff86196b3cc3461e69cada53ab8c8c81e2b1820408421ea1af6ae10257e8cd9dc16386906410761fed62cf9ddcf0da2a92800d99563fbb9cb1ab0ba46a17cb9dee3f2b68992c2b832a5932e4533fbd5c4487d870f3fb5d7a1c358f4aef02993360915a9e9cfde234df5f51c761d84568400b618 +A = -7a964c62e38e4124cd2bad727138dd12a086a2bf01c095b078ce2f81288d3c8435ccce0c8e00229184091130989434bcd107a3a0787a2f5f4b0e8c23b1cee9a8f39ea279fb6081efb6c3df1704fae9e87d63ac6eac4c6687b3551ab7ddac5ca0541e12047d04c2fc760fda0916cd2b585a90d25880fcc1bde8f0a1a413969938d42e8b3b5f73118798e85b901c2e15860e29e2ee8b1c95336b97dc10a21f5300e0352adb60b40a8a99333380 +B = 743ff4d91ea3e0f9c4f72e5daecb4fb00b15b86e30bacebbe4384324523d14e22abe29b00573733f594d652a88d98c987f8db08b27b4dc68577784fde02dd410ebdbfaad9e9afc6a22a8cbb13a780222bd212fc61e38faf409e940fba35ed909e6938e83b0fdf5b5e3ce138604823e788efc3aa0df924554fb70fd2faf8249e17a827c5d85942005b328bed97e5ea1f1810219d77f2fe121ce66518e37c84d64aebda3c397684212384deebd520a776b95 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 183950095d9424b0ed09985aafbbd2e5d64bf541a56b68b42ea8cf9b2c051615ee7bb6c0687ca6fb0036888fbc927cb7aeb303750871442ff2c0087a95f4efad568f48b03bd2b9a9ac26af8c259a3fa97cd2af7e3d8f36148c26785489cda6c00a21e7eca219d1f41b2e82ba8e2c1cd752eb08a2fd50c6f9077f3096e2eba05e +A = -1d2fc778cf44c6992d1f3a056860eeb12f969358cadb087dcaebf5f96bec42bc0aa98672260adf1732da057e9e0d22081e33f5fa71f248cf89dd361036ad58692637cdfff584a191279f178242ec0ad397efc52e99462f496caa0f3133c4238aaa877fa7094662f080eb284c4cbeb992a368c2d157ac5c8c9160c167716406190fa39ce0abcdac52c8020969b87a4f84bc09a51f7b2ca288c93b1aac64e19623a7d9e69976a31074f637e4c82aa +B = -2f188f1245b75cd21d052ec76edeb5881944a143fee31c67370fab0420a748f3f1957bb8332ffefdeabd0ca806169629f130c86c99bab490a9668fd8200f4a9b1704c589e75b5c8c855f133d50b2ce06191875e2872b36c78438d6032d53004c047f49e4cb81e19fa84da16d053e6cbc7c8eec0b9129a8831eba690e0542ca3fefd204258624e92844c8b7bcdccab986475a47c8b22e89079ea6580ef8f496099cc24dc2911dcb1921d1451e2163b55bbb7db +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a02c38d5df9ff7055ff84122342ccdf6ed7f7d54fe8227af091371f5ae62844645586adaae99c11f4ccd828103a81471bac72dc20625962e41d603e760591bb3569a21f45bf062b86b5fd1c617a4769a4d767a0ee14d104084c12ae875316a8f2be7adec0104381dc02c20b5851efdf7d4bef0d68076975e0ada3e58e101e8b4 +A = 5daf37d616da184acb278a75fda4e4fa49e544eadcf373c054b203a309ba198233f2285a1b55dc92e05d0213b26c82e261d8383a845813077b2e1b5f4553400f09410987c8dd21d4383e0f05747d0482d1a89f160a5220b22c78393873564fc5b1e4d5627ef3d4a05612709f301381df35606e99560fba07a917d7ea7413110fb5a8290e114d5200cfecb00b6c53b2ee29911bcb2fb2930eadba0ab9dfaf46443370307d9c3b61a329f0b8b8cbe7d +B = 1d9539fdb1afabeb9be6e774dc7c7cc4bb4fd63af7abb557a5fc80a3fd23a4600de3c7fae89b91f3d441b61d3e24b2fd3d7803cd71620e7313917b4afb89ef5171a3d8a68c3c74aa3dfc8058d555eac429dfb6db40a9e0c25aacd2050418d6f32bf21cbb76981269dcd5883178d4b69a931a0338b93022a2ed0f78f3d8877989cc406f19d6d082ea344309318c56be7946412ea0867c78418ec32b9fa3a61017c10939c9345021133116933a3d1eb86a3ef16424 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 5fca287abf1f487e0ec18c230860eed4a2e550228b1500b1e33bcd6675646b5afe505b55073129f22352dc2b113c584ea1b98808214b6916933e90e036b129b61657cdea9026e1fa087ee300e055ae8f94ffca933a2d70453ed220468a5a3cf1a65d81eca11cf570d7d038722397f487af60531f24a5f069671354882c8bd2c1 +A = 1d9fe15171dce97475f4ad329fc8fb5469fb2b8086e4b01eddb6ceffe5324cfbd28d791705848569739b6758ca7e7d7d49adf0c11d891b0a5879ca870d1ca5ff475513322ff218cd26024f97623bb8a53084594e1fd64154e1db702522883fcf4c0d677a7fe90096fc76dc3800816996308d8f0be2dbf3b879f8a000c0ac534511437e2ce2d7ebcf42fd1698a829eb846b3afa581c24d5bf97abc6e247f110f4e872a2474e3acca6c8c0d518104c3375 +B = -dc0da8f7adb8e9f7b0e3f293cf623528dc8e9668317910417e52301c50c62e7d30e77ec7e38d6817d1f5a93e851f8560f642f23a0b9f836812d27b1b41c0867088a3108332b8711047560052ea30c8840f03a25c65b227a175d8f340095823788adb5bdf2b7ebb801e20f6b6435e154f78d17b8fc4373aecee56ec7b8f5686a7d22c8571797fde85cec884d45ddc4b1f2cc47ebf56a879bf286f349a0edfb531168b733d43de3b86b49eacb10b06a432c96c63440b +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 6222c1a14c6390d73944cead58eae5e7a6c19d19e4563c36cf624f5b61d99991bed7dbf6a0723abc56469eedfb1f7982987c2c7af6191178cf0933ed5f191b8117c9d726cdfa8b82a2fb25ca5436023f5860aff5fd482c611f134569ae87395dd99e5e9d400b5ab1e3064210ded096411654518110ea45899f4be2516e35a229 +A = -7f6766be6c6ca9bd1fd7ea1f80bfe68693f7ee4b5ba2946846839060d6028eabbb9079a165c1a07eb6a01239f3f14095225b8617753a1cc3d9c1e69b516d8705cfda396f4f0d05b0944a0f08b478d261e968c06918914ba87c8e7b7adef5cc2a875917d00585571542af219bd726e502b7f3f0bdf0cb1dfc6796be2e22e8ffb5b8bfac7e15e991022974e75d3a5eba214ab8a1aab2fcfcdbc6ded2abf834d1899d2e3ff94bad9c696aece045212531773f +B = 49c6f869745983cae44d33cb7ba141234905441ca53172abd1a2dd8bfeeac4b236605cd2dc5b04ff9aa13de84872145b935b85479136065d2d57fd15fbd97480c25c6354636c17ffbca33c9319d65e82523e39fab49321380a130fc160857a451a69b1d0509d5718a9cff8b49c2d677c1f66bf77333d2511f58d3eb2fb47b3c162cc9be8b012d8df70278f0e21123a69724a1f126369a236d54da026ebe222c513f24b577707b5ab4b90ab0e22b4e38ceb4181d4ca101 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 9e9cc8c5342dc6d6daf55fc9aa9f79ec18592e8b9724a66881c379245c91f06a7df50a6ba0964603a6dac97e77a55d06efff17c93d5faf107fe65788d0f56483915f6ea0f1ccbda7656eb58fc032b5771600beafdc12c2076110a9b9670bd0754ff6a72c5d6e1a9e4e42c688e1cc96d7aecd815bdf5dcb16fcd1be1275ce7282 +A = -11635fe16dafce21efb1c599305e9a16eb5651187cbf054cd9d911c13e8eafbb738013e212f9c2b3662ea15ac9bd82b5751d43a38e4475d2310945a812262309094ae9cf59e0e9f3d02c92d8ab01f5733a20f051054a240bcbe3a7b6bb3f7c434229f631c4af239d33bd3ce30a372a480fdb49b2716091d26071aef372b8bd8ee8eb7f2965a372a836000b3737d2a833a39230e721e4844e16031ad69cd45ced60a64510c1248fd776611934d8d2a913d965e +B = -3bb2cde9d3fda96fd7e6b24645f8e00b43affb223f2b5c3f4b7cfee905ddd6703a9d6c01f1f099ad1174da215a645ca4707d8156e762e2a253d7cfddd05ca19823ada9d33924013f677cfe4d86bde025391e0aaf91c6b776a9cf8a09dcad7cea59ee7aea1cf5f5bfe67c9d4456332d1f98e5310db9a0230381e1867a8f75b8757283f911f1a5e0d4afe5d544afa8d86637f9c9d87428fdcf8b4eb8f477e617960948253b24565b2f23081c47e211cd3c788a92732a49077f +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 30dc89bad4b449d1df9ea9b8f9d40b323c71d7e1133bc44d33bdb87c38cddedf83bb849e83436e4c92a06546fcf3e24ce6cc89d2e97a48aff2c7e3703da1b167a112f662a89742355e11e131e41052f1b379753cfa32cb0efa3a07465a258c585cd68c86bc9a473f5262c86c50992aeccbb9725b69ea8b3a7ebd2b6a24db52dc +A = 60463fae1e9354559160d55a453c12d75775a53d1606d1fd16bef7e4ad1c78f9568954112f9280c46781180951534c5372dd5aaff3f33ac9c2e0ce4934d7009aad2ab5d6a5e5a141a36846e8925c7a28d116c68fb78aa9a687ec9bef173c1b69e0d7261f96eacacf237e1fe5874e5d553985b0fe7692ce8f2a5feab9ad9a2ad9c4bbf050b73b8030ebc36b94af8c6ecb67f8c94607d80cf600efd4ce4aa006f9b1832da8a1fdf8a564be0b4369149e8639e1714 +B = 15bfc50290b771ad147695a4c6701c47f2e8aec0657a4ef999eb45685200981b0ab5f8abc143d64878b85e9548651a1afd0913e3b14d11d3a26ab9793596801662a67b0062fdc8888feb029266f71d170518b6a4a040f59996bd4f257f221e830d0faaa9688aaa6afbc1f9b40d25097eab9d71d80aabc085f3a07e48bcfb37119aa00de60be55fd07d5b1281adf7b98bb589cdf2026252edf2f075ee176e23afa6b1f924c9fcf3c34c76752e833278a2e6b62017b88b77eece5 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 8b506c9bfb75ab7ab420ae6c9b371ef035fab512188d9df76f0b31831573b44cb08266186a04d20cc761d61b6df3e33ecb86c269205c2c79ae6aa4d3ebacac8ec71d9bce1d7ab146530b131c9038041c6ce8152a6f1c09b9bec8eea4462dda0f08d75edf296eacbcefd62a0c197ed30f799343268bf6edfee4995958db7e0420 +A = 11c16713fbf8bc9696782cb5a88174cddbe68a04e8fe93dd074aab33dcd85f92baa178b2f3b8817be0cecb802cfd3ebb06734c9d399a1f090e3a8a2110aebbba0e920427bcda74bf11700b945985bd532286d44a1a615cf7c501412e454edd647f8371cb8149474557a0d47cbb782f460de7a3cc28991491ea0fc510286711b882987b09341c079565414f2c930e7c3c3a3e3e0f1d786260a7f45c70e0fa20dfc63849906af61707cfdf5a9b7a4291a1c1586d16b8 +B = -cf5638af39c6da3757a09a92e0bd54f852742682dc91c71dcdc6e72f7825a0979a1ead2e158479ce5565d22472dc3853e6bf7ba43296a5e0e0a355f0703cecc02ec79da83e3e9de10a6eccb858dedf7d4c400c27486a5b8cb34d787cde6a5fd271e83a6cf66057838fe30db1f30663cdfc22ef5d002b0b5a05831228ea200f95382a58d0d8aba36523d9b5cb7506f193131916f3ab66ac9552c26cd0c2ab1c449eaeb8fde752f4f3c3f9b060cc1f8a1e37c4fe5ec306674b66158 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 347706abeb168205cef9b0b8c6b9d6449ac501af7dfbdfbd41a20a6a47872cbd7d4cd32f7b0805ecf1573d534418b7cce98181e079d5061b02639fdf0161cea5314dbbb2ef39ec841f695281f3c7de45f33664e0dd1658f645adc1dd225f781a3fb1634517c556403587b2aecd56dceca9ec19b930cead2b1d303aa056d28bc7 +A = -5e1c869e5dbcc684c245d5c69093bfeaadf388cbf928d33a8ae2148a2b5145937e4f654c5f6a36de1124bad1de8bcc9067fe1f9a44fc6ffe55ce7ed5cd0dbb6337b0e1e96bac1eb2a3606dd97b0bdb975ea59448be50191cc7ea36481ca9fc85c1c3e1c97378dbcd6b355622046888df2ab3d18d805f4d31d464f62a8e630e955beeeb5e00c70242b8f8df708705abbeb95dea3561756298b5f3f7fe16e965294eeeea4546f5e8bacf9d6b4f2136d2e206a87dad1f47 +B = 70225f0cadd328be36ece2172c836405db3fe80ef99ec74fca25406b73a537adf5073f2b550abfc4c0fcc2c2850dace0da9a266768cb4d5ff7fc6c1c248ad74f47592101b61ef96c1302924381abbd96cf49f50c44bf7e0551721a8ae85abdf9925548d13b8c5d1a27be8a40d0f43eec3136bc3035057b75aea779b4262cc66e6bc68da93c218f1920979291105d4b02117d66deb92c3e511aa588b27130202acc9f69521957f79c7e731bbd5461552b9b6b24240dd71ac449be9777 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = a2cb238f326d47f95869e2dcb295eba819a443dcc7c2785461389b58327742702f4c86e47af129f1fd4611cda93631f9333c358a29121d58286333083d13e66f30a9533b77ba3e26089e7eff7baf19bef8054af4e24735525908864ea9c4756b42a69c897003cab7b63cfd9a5927ed562e29845308eb2a55e7f8f03c87a5b7ce +A = -1aa7ae6f56c38b654b281525b9da953ef366c2b9cffd3042105ed428dc7e5f2f2d53ef90b468bb471753606cc7a3775d86bcd2f4d5119cdde3c487cd39bf31752c5ba297e529c1b8121487e0e1de702156d0166ccaf51888a24fe7b48624eefaec855e2200929c21858676ec9bf4ceed0a832b69efd5065af544e49a3d209b85a77b0953652cbf0aa897527c52c9a98de9ae4c827f762e251478c88d410123625ea52b3478b52f6b9987d42009ae427763357ab53195772 +B = -226630b6fcdb5e274a25066ae2ca2c803549dbb935a97c0d7f6ab2c971d74cf6acd265c9d6815a6b2dd23dcb3c23b390fe8b1bed92b8c64c76c0ce62d5e7ddd7ce445bab0ca905dcfd0f128e5f4ffe966f3903d7ff1c61fe174e373cfe35a6d83249ec40b4a354d46fa1c90682efe468e895ea3da710838c262e8a47752dc6e7a79fe20051f51180173b58e0aa37b22eb8efee5b6dc264459ce4d135f430cb15afbf8c53f0de894bd2aca1f7ea32b4209a22a075f7b3b18e86f778a9e47 +M = b18a9cd6a0a89578ea773fbfc0767c8ab817cdd585c16afad3600540d056c323d83e7756b1b74e4c2a84df7edd562e011412a0e2eb6b64178a9e04f67550f3081797873f444dbd03d776835d696e464443a0a6f48d509228fe976c54cb82925e8a80ee65c01ad9a5f56784c54192112fbca30a76ce579d3eb6e783643e971d48 + +ModMul = 9ea62ef634 +A = 55cc58c9d8 +B = 6b49179821 +M = f753311ac9 + +ModMul = e9ab3a2aa60edd30108 +A = 5134a36c2bad180dd5bf +B = 2ba6485656d041690666 +M = 9b9cc4409e86c8b0fbbf + +ModMul = 621f9b797e866028b7bd1ff828bf29 +A = a202338dffe171c99434d84f3 +B = fb71eee7045b3e3ab5dd809dd +M = b3e6e8d53b7249df670e3c59c55d33 + +ModMul = 808d463d06b7b7f98e3cb2783e2196c349d62672 +A = c669426a92d3cb5b316e2b5b9 +B = ccaea3874008dcc92450d8b2f +M = b04dd2bb325baed1940cd000e8cb2d786009ccd5 + +ModMul = 872164b92b9426b237858c4cdafe1694f96b0e0e4c19e894a0 +A = c3255cb24a813e27c3dc410f0 +B = b144f39e7c2d33605ba7bee16 +M = f3639f4dfb782f3107eb402fabb5fc878903acb5e02e129077 + +ModMul = 6124d7d171 +A = 235b938139 +B = 3a56a22a28 +M = 83eb4af4e5 + +ModMul = 9c006f56095d442ba98c +A = 207e14237c42e3764e5e +B = 8a495a26872432fa8e33 +M = d0cf2b8ae5c67d6736b9 + +ModMul = 97387cfaef652932a230c82de59cac +A = 82ae0fc5e943af5bb8c4adebb +B = db1279be12d59ba3a9c036a61 +M = aa36dc1d13390169cd54d711eb511b + +ModMul = 32ee73c98da657464c6fed4274df20b099689e00 +A = 9baf08248ee24bcb17714e420 +B = a7f0428147bfe098666180749 +M = ce0bc198331c9ed1d21f0d498326e8185d3d602d + +ModMul = a8b3fc0b53df3b92753edecd6fbcc5f4840dad3a44da704e34 +A = b36249e259b303e453757721c +B = f0c1db50670d92abd93bdc84b +M = b05cf978bf2dc7e093d7d164e46d547219c480382df32b33d9 + +ModMul = 2663b741ff +A = 58c8e7f7f6 +B = c84681fc87 +M = e0a50dcb45 + +ModMul = 21af3c0b42328f41b81e +A = 1f79f5b5bf78c9700d +B = 5bd1734ba0f0e59c2a25 +M = 9ff3fdfb5c089244f327 + +ModMul = cbc280b5106c2c36cb31ad7e7c986c +A = cadf6482b769e83ce7f7277dd +B = f9862a06da1a9c89547b76c61 +M = cc36144c88139ce921d2fd1740bc4b + +ModMul = 3813f2fabe016e19fd8e70687ff473651a5fbb4b +A = 9c51a5bacb5d9f055a9ac2962 +B = bfed5625b21b4e82d1f105a0b +M = a47977acad7c5deeb683ccd265cb30cb193f22a9 + +ModMul = 76ff291a02715fc87ebfb3e99153c04e53358dbd7beae43478 +A = 997c4a7b537d9500d73a205a4 +B = c679ce666af284a459ae5a26e +M = d0d0fd4922953941acad8beb65c00603b19eb44fb8ca51e3c9 + +ModMul = 1a90c92fdb +A = 94fa7bb475 +B = 564b0a3339 +M = a1501bdc75 + +ModMul = 5e7ae5470686bad7996a +A = c725797912c6c5f30d94 +B = 3a7f4c99ee3f5fa9582c +M = cc50c8b7408f09a74973 + +ModMul = 72a15b13bcd1b63747342a6be8f0f2 +A = c33357af48a2df569e3c11ce6 +B = a4b4c5c14d7796adab54b6cae +M = e22a0fdca62a37f4c8a61c96a429b9 + +ModMul = 31e179bfbf65b0695dde36a4fb72d131830dcdd6 +A = ce8d3adab8cbf15c332c0b289 +B = 9333f94eeb7d7a86b82becc51 +M = a532a76bd5cff409b580d54d12ef75ad8179b381 + +ModMul = 8f4b8a585415adff3a7bc35fa88891ba31e4a82672c664fb14 +A = 9a2b56a54bd0727ab4be57ff2 +B = edf1781b4296567990773005a +M = c5a7c3b97ba00d6f174a019c6d37eda52036c528f351bef0f1 + +ModMul = 917bcdb402 +A = 55c7dbd314 +B = 997b29ef79 +M = af5b4cbd0f + +ModMul = 660c4bb2b771f523a4fd +A = 43fe52461d5139620a11 +B = 1f8ec4b67de1db54ddda +M = d0458e215b7e6903d96f + +ModMul = 7aeff02c143e4426fcbcf32bd1277b +A = a2671586369a990dde7829f36 +B = c7ff67937c900daccc0ab1d8c +M = 8ad9c1d4d3cce681d1ae27c27982df + +ModMul = 4b153d57433f0f7276674d3484e9bd0d25227d07 +A = aea36cf51dd2ce06c66b7a407 +B = 80c9fe5bb0afd2bf8b3644f96 +M = 8cc22a67ed7e5a7a2322aaa09ec2be94998494f9 + +ModMul = 7f8447dd983b113f04c6288f9539e53a2e9cddbca8b2fefcc0 +A = f67636b03821c8f13f21217a5 +B = 8473a29f4ae33f36a0d2c6dc0 +M = b829af37b557c3ddbb5257c8b19144b90708a45a274d6655f5 + +ModMul = 17fe4644a2 +A = 912611576f +B = 7a10d36b80 +M = c5fa605133 + +ModMul = 8159b23d4fd697b4fd35 +A = be2d646e76494439e60 +B = 60fa770d05ebc69772b2 +M = a6e7c940cd749925a85b + +ModMul = 7c412dad5c9fff91357bf181caf2bf +A = 80f476ed5acae75b34ed54c52 +B = fb818e2bdab3b5f4bd84db3d0 +M = d0339f7ee41337d8462d1a9c207d1d + +ModMul = 70432c749da4ade2c38237545ebfe6c4c6a92f6b +A = ee9c92de52210e61adaa6eb4a +B = 8ab55a85b1abab62d33e75fe3 +M = cd3faa6de4cb62fece4c3f94492d457834a6a041 + +ModMul = 9fef1c18778a8691c5e71c0b5208e82778e9bfb632da0b7e28 +A = bd162c90bed25e84dd5b6b77c +B = d887ee03020c5df356f091db6 +M = a2c2d45fe9decd93a0ca3edab8fee46d27ba23fad9b5294d5f + +ModMul = 958951bd0f +A = 12bd0d3375 +B = 668bb65b4e +M = 9c617dfaad + +ModMul = 8a109ebc9cbf86613e43 +A = a3e7019f1bbc35689a77 +B = 3189ecd3fd4ffd0229ef +M = ddadc50600dff2abc1af + +ModMul = 2b4d9f85a398c852b3a0cc82524619 +A = c244fd157267f707319ba6c6d +B = 8a07018a748992429bbdbf326 +M = bf3813fb54f749ea5627f59ce30e07 + +ModMul = 28cab7d574e6dc56a6a622f8a7523cbb8dcc5e0f +A = c9909dcfd3a59a3cfa538b267 +B = 8bbf89cd5a4e24adc2d8c646b +M = c8f02682b9d480ea98faaca53b747ced33ed0419 + +ModMul = 69b2dfb3f1d8dbb13e9e479f38edcc427d5968acb7751a226a +A = 8019266c548982a520ab48eff +B = d33c3e3b13576dcdb3ffaa796 +M = e6255103732475604df7c6f7ef7e6b49a8ef9e2b0c717925a1 + +ModMul = 3eaa4c99fd +A = 6fc42faa85 +B = dd0b4e318e +M = fd7f22301b + +ModMul = 56b6b811ced3433755cb +A = 145573d17cb0c996c69 +B = 9d3297d5ccc184896822 +M = dcfb3b383506239e83e1 + +ModMul = 34315b6bc6d3690c28060485ae331f +A = b963a26973894cfb42fcb2d22 +B = e8523304bbcdff1a0ed4141bb +M = d7a379aeac7d8cf94f19e7924d35d1 + +ModMul = 2ec9466e8b3357496f07e37ba24d36a237883846 +A = a75f3904e564997695b6707eb +B = f9f47bd779834dc1f5fba0654 +M = b3ae5abed45d09c4dc5abcadc3ac9abebe1949ed + +ModMul = 88b4d86b2c1e1bd780e8d2499c2221e05fab4f9b7047c2a044 +A = a38eceb9c551f0e69a544072c +B = d5f8e7c2d534b2b8985bfd213 +M = ff81809b84fb8eed3508ad891d3d8208249d8a902a12d6acf7 + +ModMul = 172f2e2e22 +A = 1584ff1055 +B = 2e0aee014d +M = b904cb0bc9 + +ModMul = 122c10d3200270b9eaa1 +A = 86fd189e62a6dc1e4ba0 +B = 5235635f7b0336f5f235 +M = c93da97d0e95fb63dc4d + +ModMul = 3e461e10ac4eb749512097fbf76616 +A = cf4ce10cbca07164f3812f89c +B = b7e4639c233fbb0f923fb5104 +M = 949647857e1406871593fad5c30101 + +ModMul = 88117b59d9fed79dd6aaf083ee938215a995a221 +A = 94c888795567d434123d441a7 +B = c60ca79e61a352e34e0f78bee +M = d2553a7c5dccd639a3927697a2e1af03845f2f25 + +ModMul = bc5f0076a8c2f6cc8f4e61540d2d6f6d6b13b775b363dcd71c +A = c170eaddca5295d6ec6272dc2 +B = f94a5685ced7661df2efbd34e +M = fa6bc46aa05033af72aa42793e9174af2e3ba38992f33572fd + +ModMul = 1110cdbe5b +A = 5db02b38f3 +B = 3369537903 +M = a8863f7979 + +ModMul = 90fcc5f3a346d3d4ea4c +A = b93373680ea0feeb31d8 +B = 37f9dfaf0e180be64bd5 +M = d595cc29237d1c19e2db + +ModMul = 8623a9997e514cf3c1d06c33c14053 +A = b396f5ede6212f1fdfc7e7b77 +B = 81a1ddc18306f2d2e84030148 +M = a6be32a91b34857842255ef8b1aafd + +ModMul = 63f8f0254df06356f5cab8941b77619ad58025ed +A = 806b2627b08d987438f920bae +B = 83297039f4aa8efc1a185fea3 +M = bb8a7e7c19be02c25cf5682a0eee655fcd5b69a5 + +ModMul = 697238dbe3d395e81f20c9fcc8db30c234a1f75f3b2bc27438 +A = 930b04224bc097ac1d8bae8be +B = b79496a80e45212c4663e5b64 +M = 8ff7e19d967d317c255380411898d73e3786269f09079f19f1 + +ModMul = cd93b5b8b1 +A = 47a51b2d5a +B = 86d6ba5155 +M = efb0ad3643 + +ModMul = 2037821ea789118bde0a +A = a92215dcae19be637ff +B = 93b9a3664a406737958f +M = 9df360b69ed26f610253 + +ModMul = 3bf11785d28ceb668dc55b870faf7b +A = bc8758854dc48e057cb6210de +B = f03ca689620a77ecd8a6f0de3 +M = f3ff0747d6e5f34a0ba4200f579259 + +ModMul = 7b30b44f75ed12f54136858ce4fe77d00e0952cf +A = 993cd09f3e46423a8ba2053df +B = feabee384158032dd013dc08d +M = cd0b21388cb2033b1e792ec4078334df70b6c8f9 + +ModMul = 8ce1e17972f1a9d2e9437d0c5219354728a5f31337808d7650 +A = 90e5d18b017118177ffb080da +B = f8e7e09032574f6c66e623ec8 +M = da795e6ef63ff7dc4baef5c327022ccf65d44e3c4e24823f11 + +ModMul = 8fcd412054 +A = 2e7f9b1a +B = 6283de2c9a +M = 9bff560ae7 + +ModMul = 57d0d3b79f1e2f3632fc +A = 2f8cc403de5af54cfa39 +B = 3b798c3ead52878dfb2f +M = 805e6cbde400d4b4bc9b + +ModMul = 23331614e88633af879201f568c359 +A = f21f19da4b20980979a645dac +B = ea752050b79883dcd69222536 +M = aed3faf4c88f7c4afe257c5ed90599 + +ModMul = 56dcf9ae1c787e773774df3c8762babb4675a212 +A = 9accf901fa599da05fa6ab5ff +B = f7f6b9b1d7bae06237532e39f +M = b5bcd776bb2eb0805ade3c8b47e883962d3cbdf5 + +ModMul = 61d0ee0786963906a028a1df01f836841ab6d39d88ca2717c0 +A = 8e57680f213d088ff1a1e7db3 +B = afebecc9943b0093f87022940 +M = b6201f68a45265d7e9183c3255feb4c110c05dadbcb13881bb + +ModMul = 143ae78a29 +A = 334abb952a +B = 74203e7a50 +M = c9535a9505 + +ModMul = 897a2b57e69f5a1469ea +A = 1ec8ca0ea4fed52bdbbf +B = 3a6273cab05e478a57b8 +M = dcb33163a8ea42c1ae6d + +ModMul = 4a2c10e90e2d37111db79a44d3e31b +A = a90e7bbd63fc4af6de83029ee +B = cf09c3dd50b41afc7045e057b +M = 8ab85d47e4270116a64f97dc4f0f15 + +ModMul = 70f94276c9d85fd3f71edfaad6051456f754da85 +A = fa3e9ff6e1aa1fb78e51711cb +B = b115ed197c50b7ec4040ca255 +M = ad63f69ef1346e7549ba71c13b24b279f53bc9bd + +ModMul = 861e7ef401866f815b983ba18a612913ecc20a67016d79cfac +A = fc41a9ce06e882942f751be7a +B = 881c05a51d1ba8134d126a48e +M = b12200b39526c33b70e8aa23ebc400dea0d4d8fe42be103d5f + +ModMul = 4e0051898a +A = 2a06523f70 +B = 651b5044f0 +M = 9da4eb09b5 + +ModMul = cc8274c88d6affc3742f +A = 9ccf0133f9628532f4f6 +B = c1d80907057be7a67b01 +M = d6e76e362da831f32685 + +ModMul = 568f15bed5c4405be9dd04673a9c46 +A = dd6029c3196feb6da7f0f4a48 +B = a5f6745f2cb64913d1d3236d8 +M = f62f02c9b9ca8993e3be9a02b444bf + +ModMul = a629452d5ed19df040eca26eaca37d82c0fb1d8f +A = 963c51a9415b03e85ccb09f25 +B = b1cffe333afe44311cb968ffe +M = ab2128698d498e8d75455033cfbbf4487535773f + +ModMul = 814030123025d287aaa8b826792999d72f2d589e0c7f7f3dbf +A = c3b33f391e78bee97ceddf313 +B = a9136f3af450fdeb245eff425 +M = b6aa9c517eaecb70781e597b907583bbb569e970d229235a35 + +ModMul = 8735bd486d +A = 563e15c52a +B = 31293264e1 +M = 92f4b193df + +ModMul = a541f69ca163b288dd0e +A = a608b48c1dcaa18424b2 +B = 891b0b296e911068b00c +M = d4140921f4b2c84f1eb1 + +ModMul = adc1b7cf65967b013d046866b4ed9d +A = e97941448f65060cf63ecd486 +B = ca68936f76cb87a8fbdd37311 +M = ebbca2482fb82eeca2866057cf1179 + +ModMul = 44aa9f0dd58d4510a7364e130698b34eda23a632 +A = c11f83f01bb964ffac93a2e30 +B = e05ee40eea39f4538d735193d +M = b5e8b511738979dc740a6a1f7291cf4561787be7 + +ModMul = 8b16b82f064f471983c7154abc9f9ba355111bacb90400372a +A = acff8da571e1c96810bf95707 +B = cdd23e5504cc26d0c34a62b06 +M = f38902a99190ae0b5ef26849a6e943d651925666fea271fee7 + +ModMul = 193f453197 +A = 8cb3078675 +B = a8fb003a87 +M = b60ff22f4b + +ModMul = 849c26c8cf5cae426a80 +A = 5d1e3d2b4d038a0a34be +B = 34f70325565bf0523314 +M = cbc189f9a732cad8f425 + +ModMul = 9a4e64ff530c53a4c6c5b6b5021920 +A = f53b81723cf74f520a61e614e +B = 9d8ac2e6b839143fdd079a2ff +M = a115375435151798f3644bede9d863 + +ModMul = aac303a4623e80158af1cb3331965cc8e3184edd +A = cce0a88606ff962fdc37e72c9 +B = 9840a500a2051625c517104db +M = b99dafdbd91ec3c05791031df5e193c03d6a441d + +ModMul = a31401dfa761bbe82b66b5f094151865b18a4ba75bb9b3dedf +A = e6f48c027284856aaf3b96425 +B = b4c326f72a6a22fd4b93ba5b3 +M = e57d9608ac6e5b129b2c014958bfc59137f63838b1ba88a4ab + +ModMul = 8b0929adbf +A = 61fdf77ac0 +B = 8892f05400 +M = f12b3766eb + +ModMul = 91b57f353307b173679d +A = 33f8e73752072b4b5cfa +B = b4c730f79f4f2c07945d +M = d41be1d8d2e5753e3ae9 + +ModMul = af04c564adfeb120bc4770bc8c650c +A = af151333b3d4cd1d29fd801db +B = 9ccaac44ff91be11b30bdcdd0 +M = e0bd6e70d5f5ce08fbbfd48d43101f + +ModMul = 1b8d623796a5065d9e993a53a9587a0fdbea1bbd +A = a2fd08df2d4eab0cd6d29e213 +B = 92c9d26ae7c215b52199ee28b +M = cd529f4cfa46f3bd3e7fadf167fdc02f6f881da3 + +ModMul = 4a8573dd8dc50a4fa39f3579d3869745eb8c1153ca508deefd +A = 855f941d085305725da617f5d +B = 8f09b7d2c36e0340523da5421 +M = fd8caa05edeaa81beefa01957eed97a981ab34bdeb6d8c704b + +ModMul = 2d278e089 +A = 59d20a1716 +B = 8e2a58bc75 +M = b3d61ef699 + +ModMul = 2f937ce359d0f6cedd1 +A = 1019d11d26040ffd5b1d +B = 7cdb6252087423d43e08 +M = e8f537323004447e669f + +ModMul = 6567332e25af83089f7458786ab0ca +A = bf9565e9f8a098894447b58fb +B = fc867626f268c24cc0ab7bf8b +M = 930f39183353363dcd822933a438ef + +ModMul = 3692e73ad1d91ddc19cad3808eba2c5fc88e2bf9 +A = d0a42ce512629f0ffd233a9aa +B = 97f6d3c4c655c7353a62d6ac4 +M = eac2ea84851f880214b8f40f881a2e56a6ba6f2d + +ModMul = 81df390c9e51b30bd639db15adb464c7cb1d011cb5e260be58 +A = c237eb242c40960861c938c08 +B = ab2f481f0d768eebd90d2574b +M = 8697d7a28a5f42c9a7b31949b8b568f861142f44fe66c6cd3f + +ModMul = c952f9aef +A = 81973bbcb3 +B = 28ddee3bf7 +M = c4a40993c9 + +ModMul = 241dd53d93f7bdbbb2ee +A = 2136eda4495c45c9f96c +B = e74c4baa8ca3f6b7cd5b +M = fff4594e7a5f0a1d3e15 + +ModMul = 5f861ed8b0aa835761613e6c869cfd +A = bfc5c1572086079f5f5d18d1b +B = 95902e14923c8010b7e905178 +M = a819c6c109d623f9b845aa23712c9b + +ModMul = 5b8ab089c4e4c6804e48a2bc1d218718b3a32598 +A = fbe65d3852224a812c432672a +B = d57a3f38da966d2471d70a048 +M = b9e6a626d3ad026d14248fc90c882bedd64a1f13 + +ModMul = 761438baf5b02dc095b7040e082da7b167c2b9ace956284ed +A = fd91701ed2151f8e994bf4ee1 +B = 88b66e735b76972bccd9db182 +M = 8008b2d1274456aa68dc627b1ec3e1762c6ed2d660c64a1a55 + +ModMul = cb743c97a1 +A = 9c69ca9b60 +B = 7488f48f5 +M = d67040ed0d + +ModMul = 931b2bee1bc30725a31 +A = 650f567b544ce02303d4 +B = 5858da30dd1fae88a675 +M = 91ce30234bb29fb9e833 + +ModMul = 5b4f262cec958a20390b5e568ccdaf +A = f7e240e8a077e8e87506db2f1 +B = f8653fe64e3bd414782f51634 +M = fdb8225eefc1620648737d31dfe1f7 + +ModMul = 4c011d1ddfa30c901793cc6ce74db47584cebbd1 +A = eda8e9a9ea3cdae17bd50b1b4 +B = 992e8ef4a45593e4ceff67876 +M = 95e2f120cfcefbada1058af6c8853cbebedd5763 + +ModMul = 6e99aa5b8107399848cf24fbd88ed6350efb68d737e505b466 +A = ca6c51ba2f410d09bf71d60fe +B = 8bdfa8fe5ef3b2ad02bc63c4d +M = 84daecf412b8c50ad6dfdb546c3eb783dcc6f32003eda914bb + + +# These test vectors satisfy A ^ E = ModExp (mod M) and 0 <= ModExp < M. + +Title = ModExp tests + +# Regression test for carry propagation bug in sqr8x_reduction. +ModExp = 19324b647d967d644b3219 +A = 050505050505 +E = 02 +M = 414141414141414141414127414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141414141800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001 + +ModExp = 208f8aa0 +A = 86b49 +E = 2 +M = 30d26ecb + +ModExp = 27308229 +A = 17591bb +E = 6 +M = 30d26ecb + +ModExp = 2bdf498f +A = 21292626 +E = d +M = 30d26ecb + +ModExp = 11317167 +A = 4a655df24 +E = 10 +M = 30d26ecb + +ModExp = 2e1b88e +A = da6b761a86 +E = 35 +M = 30d26ecb + +ModExp = 20a12ec3 +A = ea811 +E = 2 +M = 23bc042f + +ModExp = c42ced +A = 1011a6a +E = 4 +M = 23bc042f + +ModExp = 4637d79 +A = 28d9a601 +E = 8 +M = 23bc042f + +ModExp = 20e5669b +A = 72fe6bc20 +E = 11 +M = 23bc042f + +ModExp = 142ab9e3 +A = 9a07b9363c +E = 29 +M = 23bc042f + +ModExp = 14c64646 +A = 822df +E = 3 +M = 30915765 + +ModExp = 160e35a2 +A = 15ea542 +E = 5 +M = 30915765 + +ModExp = 2f23a488 +A = 34d2e02e +E = e +M = 30915765 + +ModExp = 28e67f93 +A = 636a32703 +E = 14 +M = 30915765 + +ModExp = 29bfeaa5 +A = c8646998e6 +E = 2c +M = 30915765 + +ModExp = 30959e22 +A = 81dad +E = 3 +M = 326dd68d + +ModExp = 1a1da4fa +A = 116adb9 +E = 5 +M = 326dd68d + +ModExp = 272bf0d8 +A = 2d21ef08 +E = 8 +M = 326dd68d + +ModExp = 29f5054b +A = 76989850a +E = 16 +M = 326dd68d + +ModExp = e6c7b77 +A = b88ee70d2a +E = 3e +M = 326dd68d + +ModExp = 369605e1 +A = cf26f +E = 2 +M = 3ce082eb + +ModExp = 168a3c5d +A = 1f82caf +E = 5 +M = 3ce082eb + +ModExp = 125c4bb8 +A = 2e9c4c07 +E = 9 +M = 3ce082eb + +ModExp = 1c5fe761 +A = 523ab37f1 +E = 14 +M = 3ce082eb + +ModExp = 21703009 +A = dc832165e8 +E = 20 +M = 3ce082eb + +ModExp = 1228d1e +A = a5555 +E = 3 +M = 24665b27 + +ModExp = 5226af4 +A = 1077bd6 +E = 4 +M = 24665b27 + +ModExp = 1b14eac1 +A = 2db3a834 +E = f +M = 24665b27 + +ModExp = 161727bc +A = 6bd962cb6 +E = 19 +M = 24665b27 + +ModExp = 10d61d0d +A = c10caed407 +E = 28 +M = 24665b27 + +ModExp = 233da406 +A = b125f +E = 3 +M = 33509981 + +ModExp = 24032799 +A = 1656b7c +E = 6 +M = 33509981 + +ModExp = 129ecebe +A = 2e671504 +E = a +M = 33509981 + +ModExp = 20c20bac +A = 4d7a2de44 +E = 1f +M = 33509981 + +ModExp = 2e3ce9d3 +A = c53b3def4d +E = 31 +M = 33509981 + +ModExp = 12fadfd6 +A = b4cf8 +E = 2 +M = 36e9d4ae + +ModExp = 457ac85 +A = 1b1c7e9 +E = 7 +M = 36e9d4ae + +ModExp = 31debef4 +A = 3a973028 +E = d +M = 36e9d4ae + +ModExp = 2333ad93 +A = 552b97c45 +E = 11 +M = 36e9d4ae + +ModExp = 99ba1fb +A = 8bfb949cbb +E = 28 +M = 36e9d4ae + +ModExp = 27b691de +A = 93492 +E = 3 +M = 298fdb16 + +ModExp = 3c2b70f +A = 14e7b0d +E = 4 +M = 298fdb16 + +ModExp = 1486cda7 +A = 29acff81 +E = c +M = 298fdb16 + +ModExp = 11725275 +A = 507489205 +E = 13 +M = 298fdb16 + +ModExp = 24d14627 +A = e71c55606d +E = 35 +M = 298fdb16 + +ModExp = 222b8d14 +A = 9b1a0 +E = 3 +M = 3db59d12 + +ModExp = 3b8bd47d +A = 13f4e8d +E = 7 +M = 3db59d12 + +ModExp = 17e72356 +A = 334774ce +E = a +M = 3db59d12 + +ModExp = 306447ca +A = 47079ddd2 +E = 12 +M = 3db59d12 + +ModExp = 90bef3b +A = a75d62616d +E = 37 +M = 3db59d12 + +ModExp = 1 +A = cddd44f47e84b3276cc36a5c0d742cc703e61c4756168601fbb1b6eb598c161019562344dd56ab6f603d920a12c360b285e6496a3605a2f8d691c3598233ee9366b5f2692554893bdeb67b7bdaf35ab7273ac593145e26bed82c70ba5793bf4bc5cac4c80b01785d1496beede493806e4f4aa89fd8d41de80dd6d0a3e2742678 +E = 0 +M = c95943186c7567fe8cd1bb4f07e7c659475fd9f38217571af20dfe7e4666d86286bc5b2bb013197f9b1c452c69a95bb7e450cf6e45d46e452282d5d2826978e06c52c7ca204869e8d1b1fac4911e3aef92c7b2d7551ebd8c6fe0365fad49e275cc2949a124385cadc4ace24671c4fe86a849de07c6fafacb312f55e9f3c79dcb + +ModExp = 0 +A = 0 +E = 8de689aef79eba6b20d7debb8d146541348df2f259dff6c3bfabf5517c8caf0473866a03ddbd03fc354bb00beda35e67f342d684896bf8dbb79238a6929692b1a87f58a2dcba596fe1a0514e3019baffe1b580fc810bd9774c00ab0f37af78619b30f273e3bfb95daac34e74566f84bb8809be7650dec75a20be61b4f904ed4e +M = c95943186c7567fe8cd1bb4f07e7c659475fd9f38217571af20dfe7e4666d86286bc5b2bb013197f9b1c452c69a95bb7e450cf6e45d46e452282d5d2826978e06c52c7ca204869e8d1b1fac4911e3aef92c7b2d7551ebd8c6fe0365fad49e275cc2949a124385cadc4ace24671c4fe86a849de07c6fafacb312f55e9f3c79dcb + +ModExp = 5150fb769d5c5d341aaf56639a7bcc77c415fe46439938a2190283409692f29cd080bfe3433005d98d24718a03a3553c8560c5e9c8ed0f53b8945eb18290e1c1a83d919302510f66dd89b58acc2de79ad54b8a30d3e1019d4d222556beefca0821b094ecf104b5e4cfce69d2d520d2abf54f3e393d25ed3d27e8c2e3ca2e5ff9 +A = ead8c5a451541c50cab74de530c89376d9a55c723e0cac3c84b25f0093c08a2961e49ab48966361c42c9f99111587252d98395b76788400d75c66ef208ea2767a28d6f8dc3a859f39c95765d57f139e7fc14f47c908c62df051e7216d379f52028843b4d82ef49133cce8fe671ae179423ac8da5be43b01caaf425cd969300cd +E = 8de689aef79eba6b20d7debb8d146541348df2f259dff6c3bfabf5517c8caf0473866a03ddbd03fc354bb00beda35e67f342d684896bf8dbb79238a6929692b1a87f58a2dcba596fe1a0514e3019baffe1b580fc810bd9774c00ab0f37af78619b30f273e3bfb95daac34e74566f84bb8809be7650dec75a20be61b4f904ed4e +M = c95943186c7567fe8cd1bb4f07e7c659475fd9f38217571af20dfe7e4666d86286bc5b2bb013197f9b1c452c69a95bb7e450cf6e45d46e452282d5d2826978e06c52c7ca204869e8d1b1fac4911e3aef92c7b2d7551ebd8c6fe0365fad49e275cc2949a124385cadc4ace24671c4fe86a849de07c6fafacb312f55e9f3c79dcb + +ModExp = 1 +A = 935561297d1d90255aef891e2e30aa09935409de3d4a5abc340ac9a9b7dce33e9f5ce407f3a67ec30e0dc30481070823f8542463e46828d9cafb672a506d6753688cbad3d2761079f770c726c0b957071a30876c4d448e884b647833befbcd6b582787bf769d63cf55e68c7b869a0b86374f8920516cf5d528f348b6057450a1 +E = 0 +M = dcc24236a1bb94c71d9ec162a6aa4697b932717e82b667cad08b6bd1bbcbddf7cd167b7458de2b0b780486b39574e749d6405f9ede774a021d6b547271523e9e84a6fdd3a98315607ccf93356f54daa9c75e1e311e1672d0dc163be13f9ed6762f7dd301f5b0a1bb2398b608f40ac357ae34fc8a87d4fef3b961cbdb806d9061 + +ModExp = 0 +A = 0 +E = bb552be12c02ae8b9e90c8beb5689ffefe3378d2c30f12a6d14496250ecce30317c642857535a741642c3df689a8d71a276d247ed482b07b50135357da6143ac2f5c74f6c739c5ff6ada21e1ab35439f6445a1019d6b607950bffb0357c6009a2bfc88cd7f4f883dc591d4eb45b1d787e85aba5c10ee4fe05ea47bf556aec94d +M = dcc24236a1bb94c71d9ec162a6aa4697b932717e82b667cad08b6bd1bbcbddf7cd167b7458de2b0b780486b39574e749d6405f9ede774a021d6b547271523e9e84a6fdd3a98315607ccf93356f54daa9c75e1e311e1672d0dc163be13f9ed6762f7dd301f5b0a1bb2398b608f40ac357ae34fc8a87d4fef3b961cbdb806d9061 + +ModExp = bbad67352704a6321809f742826bf3d1c31c0ad057bf81432abeb30dc9913c896c03e69eb1cde6b78ffcb320c4625bd38ef23a08d6c64dc86aec951b72d74b097e209ce63092959894614e3865a6153ec0ff6fda639e44071a33763f6b18edc1c22094c3f844f04a86d414c4cb618e9812991c61289360c7ba60f190f75038d0 +A = 855144760f2be2f2038d8ff628f03a902ae2e07736f2695ec980f84a1781665ab65e2b4e53d31856f431a32fd58d8a7727acee54cc54a62161b035c0293714ca294e2161ea4a48660bf084b885f504ad23ea338030460310bd19186be9030ab5136f09fe6a9223962bce385aaaf9c39fe6ed6d005fa96163fe15cdfa08fc914d +E = bb552be12c02ae8b9e90c8beb5689ffefe3378d2c30f12a6d14496250ecce30317c642857535a741642c3df689a8d71a276d247ed482b07b50135357da6143ac2f5c74f6c739c5ff6ada21e1ab35439f6445a1019d6b607950bffb0357c6009a2bfc88cd7f4f883dc591d4eb45b1d787e85aba5c10ee4fe05ea47bf556aec94d +M = dcc24236a1bb94c71d9ec162a6aa4697b932717e82b667cad08b6bd1bbcbddf7cd167b7458de2b0b780486b39574e749d6405f9ede774a021d6b547271523e9e84a6fdd3a98315607ccf93356f54daa9c75e1e311e1672d0dc163be13f9ed6762f7dd301f5b0a1bb2398b608f40ac357ae34fc8a87d4fef3b961cbdb806d9061 + +ModExp = 1 +A = 9d92629c1ab181c50c31619e8acd0d235a1f5fc7a0bef4d4fd54b4f1968d45921f8522efe88e69c6c14c576c564592b9feb00d1554b88b038934eaf4a8ce81a2582732387490181ef158360c8b2d9ccb326ffe043f776a50cb8202837f08ca743b562eefa007150ab7012c341b16248478d4775c02ad71ea13d5e82b71e2d600 +E = 0 +M = cd607549668469b792f495c141e500871880b0611c8004293a561ec7f9ab6561f8a9b90872742386adafb5cd1890e8204ae12aec529cca0a9e382c96439137f09de9973b12c8492c62847e107deabb7dd946ffbb9d0ac73b462c481092bd65326a17f21d8d6527c47a5dba50aaa20c7048b8788a49eb3ea5f29bd5cfce24eb3b + +ModExp = 0 +A = 0 +E = 9f43dcb641f3ecf4dbc97450f2bdf3b7ec6a2f3e8e96bb1df2bf34b8d2d78e1a9018d04d960ffd0e932cfc60d3b9b923e3f9f29b3f3d61cae3a9f7245078143475c7fcb896ff200f7d94c4f2708bb42750e37c185a31c876814e4f06a00771707654e1da2fb69c16b6500b16385e3b933e2276ad3569977473f699b1c7926c3b +M = cd607549668469b792f495c141e500871880b0611c8004293a561ec7f9ab6561f8a9b90872742386adafb5cd1890e8204ae12aec529cca0a9e382c96439137f09de9973b12c8492c62847e107deabb7dd946ffbb9d0ac73b462c481092bd65326a17f21d8d6527c47a5dba50aaa20c7048b8788a49eb3ea5f29bd5cfce24eb3b + +ModExp = 24eaead5b57883c2f454928f8edd470a344bfe07a953194f7d635d705ef13ddfc64140c8ad6f363d4c828e7c7891a6b6d4df37335de4552c319dafd1c06d1f743240082a3535df4da1475d3eea3fead20e40815fd5a0876c881c162ab65a1eda494280c258901ca953d1d039a998bf0e9aa09273bbef4865f3054663b72d75ff +A = a31618b4532f53729ba22efb2221432fab1dbb70853d6a1159b42fd19fc949965c709b209de106a652aa422d88922ce51dae47f7f6deaf0055202e13db79ee84fc3d3c6f4c003ef96597c49d6895fa53c22ac9e4819f7048146b5272f6279424fdb389819a0b251c823c76f4bebf4f1246de455aafe82a0d34454f5039e90839 +E = 9f43dcb641f3ecf4dbc97450f2bdf3b7ec6a2f3e8e96bb1df2bf34b8d2d78e1a9018d04d960ffd0e932cfc60d3b9b923e3f9f29b3f3d61cae3a9f7245078143475c7fcb896ff200f7d94c4f2708bb42750e37c185a31c876814e4f06a00771707654e1da2fb69c16b6500b16385e3b933e2276ad3569977473f699b1c7926c3b +M = cd607549668469b792f495c141e500871880b0611c8004293a561ec7f9ab6561f8a9b90872742386adafb5cd1890e8204ae12aec529cca0a9e382c96439137f09de9973b12c8492c62847e107deabb7dd946ffbb9d0ac73b462c481092bd65326a17f21d8d6527c47a5dba50aaa20c7048b8788a49eb3ea5f29bd5cfce24eb3b + +ModExp = 1 +A = a8558e7f455b27c0c46d7d0862eb409cdefbeca945e0284b5bf425b7ac0f3d316bc365594cc1639decffc621214d61479bc75135120d4ac09ea8b742ad7ec1822091b62b1c6f564fe5e2f4f5b7def92cbaaa9a898549207ab01b91c2324fbd306a87f7d6379b6fb6493c5fca76729767f136120da9c90bdc7d364f7d242d5acc +E = 0 +M = 88f3c87ac5e3272a21b8a858da640d6939fb8113a95412c38663a0f352686d69a5d7927e60b484b9fcb8ef12978fe25ff2ebc9b61c5450e04222ef20ba3cbbdc5ec45581ce0f58e10be7bb9de7fa08752303a7a1db23b2ac9c6692ec63bf09ecd6639e06c5491ba568ea886620d71da32d329615f0e1443a75d09ae35b8a2d7f + +ModExp = 0 +A = 0 +E = a5524b41dfc6b570df1d8f6633ac7777c1131abe3a99c6166b0d29d3b8883c41b00a0c53cdd6f42820bf05c810b6ec53e77a8c1b9344ea0c91d4f410a2f204c369f3db33bf8c88217fc2cf802a9d9bce8119242d8e781875b85431be170076498c0963574ee423551aec9557e2fc672ab1ab5d0cbb1c400535df9481e7934d8f +M = 88f3c87ac5e3272a21b8a858da640d6939fb8113a95412c38663a0f352686d69a5d7927e60b484b9fcb8ef12978fe25ff2ebc9b61c5450e04222ef20ba3cbbdc5ec45581ce0f58e10be7bb9de7fa08752303a7a1db23b2ac9c6692ec63bf09ecd6639e06c5491ba568ea886620d71da32d329615f0e1443a75d09ae35b8a2d7f + +ModExp = 292f0b39ca0f1c850b1a00cffd2d54924fcd5fc7e7504c9d593e6c0ff74760b1f4bdd81679fe06c50248336f3108c593fa111072ee87d0fcc89a63243a1dc89044503663eee9bc18f51c3e0193d9108303e12ac90ff78f6ec752a4386af09c42db524a7cbe9a3d4fcccd56c34d283bcc9debc17158b5fe8df0c1888a9841bf8f +A = b4fde2908745ff92cc5826a27dcfdda09e8fffee681844fa4c7f1354d946d5d84e0e0c7a4a4cb20943d9c73dd707ca47d796945d6f6b55933b615e2c522f5dfc33e0652917b4809bab86f4fa56b32b746c177764895492d0a6a699812b2827fe701d40ef7effd78ea8efe1cac15ff74a295a09614bf04cae1a5017872ba22efe +E = a5524b41dfc6b570df1d8f6633ac7777c1131abe3a99c6166b0d29d3b8883c41b00a0c53cdd6f42820bf05c810b6ec53e77a8c1b9344ea0c91d4f410a2f204c369f3db33bf8c88217fc2cf802a9d9bce8119242d8e781875b85431be170076498c0963574ee423551aec9557e2fc672ab1ab5d0cbb1c400535df9481e7934d8f +M = 88f3c87ac5e3272a21b8a858da640d6939fb8113a95412c38663a0f352686d69a5d7927e60b484b9fcb8ef12978fe25ff2ebc9b61c5450e04222ef20ba3cbbdc5ec45581ce0f58e10be7bb9de7fa08752303a7a1db23b2ac9c6692ec63bf09ecd6639e06c5491ba568ea886620d71da32d329615f0e1443a75d09ae35b8a2d7f + +ModExp = 1 +A = e2845c572b46496ac158a731f612fd40ef626fa7134755c25b1b7614f4d7b29164e6142ddb7985e4c7ebc575855ff901e95927fe98a5aea2ad3a4720c75782323bea1518b2c57790f44efd9411be4e95b3896bad1e73c59658290b309e5a7eb5ef8be08125063e57336b80f17eacee88966d12bbaaa15a25929c82e027cf696f +E = 0 +M = cf0dee80177869a532f0c6c3a0bda3aad79bdb6b70b6c227b32d75c26e394a90c1f2a6c2bb841ba9f6556b15654a79d8b1dd0c90709a093497bf40be0807cdbb378a74de5893c25067224d3ea8d37387ed6c4a981138853cb89caa9ce6cd0f6a1e95de24d558e90960f93844db4d01e372650350d45a9d34a36042b4d4b9e78d + +ModExp = 0 +A = 0 +E = a55703a72ca3f6074b939ed3d748196a684a3c8e411c2b39a9beb98993b6eb7ea3fa16f41bc5b5c3710b91c0fc74a8072793052f872f61695db3a2df872eaa427a110f1a8d568c85d58bd350d0df8eced7a10be80f7567360c1a8047b9c44aa2967cd0d9dd2caea2c1492358c2db4f0214da343fdf2e34272865dc5c63be2ae4 +M = cf0dee80177869a532f0c6c3a0bda3aad79bdb6b70b6c227b32d75c26e394a90c1f2a6c2bb841ba9f6556b15654a79d8b1dd0c90709a093497bf40be0807cdbb378a74de5893c25067224d3ea8d37387ed6c4a981138853cb89caa9ce6cd0f6a1e95de24d558e90960f93844db4d01e372650350d45a9d34a36042b4d4b9e78d + +ModExp = c90e4c69df92e26549b016950b59080947f5403430698e128477782480dd70be96bed2b9042dd8c708eb432e02710555b97af11ce6fa9b53395022851c32d1f53f04237fb0763563b440ca6e81a50d909d907d9c26b7d3c420dbf88f7dadd488666848135f8cdc608dcfb0691989289fb54379c2e84c262f9765f68c012ca1b9 +A = 882ea1b9b6c79a3b1bdfd284658cb6227ad825e0178cab713c7413c2ec34f03cfaec470c4f5c521f5e9899a2123878ff0f5b36a4196c08ad1b04d03746c4bfb5d126f5eefbfe172627d6732710a8ac8890cedbd4fdef69a19f2b3253a5aa0e5dd5484f72d59b17bdd1dad3db209a3ab839368ed3975069685911d7b35e41a9e6 +E = a55703a72ca3f6074b939ed3d748196a684a3c8e411c2b39a9beb98993b6eb7ea3fa16f41bc5b5c3710b91c0fc74a8072793052f872f61695db3a2df872eaa427a110f1a8d568c85d58bd350d0df8eced7a10be80f7567360c1a8047b9c44aa2967cd0d9dd2caea2c1492358c2db4f0214da343fdf2e34272865dc5c63be2ae4 +M = cf0dee80177869a532f0c6c3a0bda3aad79bdb6b70b6c227b32d75c26e394a90c1f2a6c2bb841ba9f6556b15654a79d8b1dd0c90709a093497bf40be0807cdbb378a74de5893c25067224d3ea8d37387ed6c4a981138853cb89caa9ce6cd0f6a1e95de24d558e90960f93844db4d01e372650350d45a9d34a36042b4d4b9e78d + +ModExp = 1 +A = d7a99e65b8af86b1c51d851f0447e43cd4f343cb0ada7236283e69aa7ebd383826acc9809e5dbc4002d0f2430022cb026458189db3805ce2de1142a31ba71a6c064ab51f0059eb4b931b8bcbaef023c38d57aa5f3e14f5df77e547fc028702071b58bd57338be1e1e4f98d3553484e4de359cefa29c5f58d3fa5d823f389dbef +E = 0 +M = 8315dacf124bd473c578946347e83d1b20c750a7d9533d6215591be40bc78bcca77821f8c8f95375bbd6372515ada63d22bed2fa49bd6fabb0040c538d08db25b09d2fda02a93ab086cd1c27df93c37ee9c6a0527d089179b8f92b5dc3acf5ef1c75906fb80b03f5c2442a7a4088640f66376575ecfa4c697c1a571397ee5a0d + +ModExp = 0 +A = 0 +E = 95793fe33696f53e37498b2b65aaf27079e27acf1da97dda2c3e0803e8a02139f574e04ee03f7d1ddd029f528e3f3644515ad6f10f0beac2767f23d9cd8a8b9b6c6e376e36b64a0ae2711d7d31a5a75011641935b503110edbefe9f0ff2da27b5c5f6bb8cc151fdc86f67191bb99160c6cacc86ca368d5bdfafd3f3ff5161b1e +M = 8315dacf124bd473c578946347e83d1b20c750a7d9533d6215591be40bc78bcca77821f8c8f95375bbd6372515ada63d22bed2fa49bd6fabb0040c538d08db25b09d2fda02a93ab086cd1c27df93c37ee9c6a0527d089179b8f92b5dc3acf5ef1c75906fb80b03f5c2442a7a4088640f66376575ecfa4c697c1a571397ee5a0d + +ModExp = 186c50ae259aa0fd31859cbcfea534e626a254de33956d5d719334bb32e7cf37cf199a21f079a5b90497228994d05efe19ccd8c769cd81f896286e8ae557cacd1630a928c629ecdfece29ab3697794aa707734e007318fa7029b050bb09ebbe6986187c6ca843f55266d275620b3f0fec0ad5f847ce8b314d929d128b33a249e +A = 9d5e345793faddca9867f23eeddf6816c1e837f7a2cf96fa077212514acb6be87ac01a237d8f2f1d07d27a8ddd1b0ae0d97e1bda4f205a89435017284cdedea3e407b1b940d6f52112b6359b3e86e4c83074b17c210ae2c8856b42b169b4a7a6dfa65b368a7959496cf9bb1ee93d019dbd79101830e3f5ed08604ab90890b914 +E = 95793fe33696f53e37498b2b65aaf27079e27acf1da97dda2c3e0803e8a02139f574e04ee03f7d1ddd029f528e3f3644515ad6f10f0beac2767f23d9cd8a8b9b6c6e376e36b64a0ae2711d7d31a5a75011641935b503110edbefe9f0ff2da27b5c5f6bb8cc151fdc86f67191bb99160c6cacc86ca368d5bdfafd3f3ff5161b1e +M = 8315dacf124bd473c578946347e83d1b20c750a7d9533d6215591be40bc78bcca77821f8c8f95375bbd6372515ada63d22bed2fa49bd6fabb0040c538d08db25b09d2fda02a93ab086cd1c27df93c37ee9c6a0527d089179b8f92b5dc3acf5ef1c75906fb80b03f5c2442a7a4088640f66376575ecfa4c697c1a571397ee5a0d + +ModExp = 1 +A = e6a079bdf7b0638d50b183475e9ddfd5cbdebfb29f5fae8e9be402a0bd36085737b556492ea7fb4b1000ae9ce59db66098129b757cfb29224275fdaa46b8b7eb18a93ca7d3e446dc38c734b683d7ba7927b008d993aab01f44239d3c76be76d1503908e9b5e73b36c43ae0771368b01f39c042693bd92c4fc50810f059e1b332 +E = 0 +M = 81dd561d5d5327fc5ed7c9236b5fb21ef713c6d5e36264ba65ccc801b8eb107b714aad65bb503bb1f4721c0a6f97e5ab89300f049f42a4616ae43d29c089c286687484d18629c1be1b5befbdd0b3cfc86b1d28add89df4cc5e68dac3f56f2490a9068ca9c634ec258c030ec5023baa9133fd2af32fd1112895f9da549d410247 + +ModExp = 0 +A = 0 +E = f0460c5ca9b3a5c2d1b93c201d020dc43e1c81d1daba432e2cd310902da23eb81a5172b0b357484eb8fa2c04c270893b8198c8ad35453405dadaf05195b3aeb5ec0ccacecb4b6227ca43b27b97e240a4148a472670ed60f304302f757495fd4a91af0fe09800db0c3043a6ae213bee6703ad80523ca433d99ca0eab1e0b7c929 +M = 81dd561d5d5327fc5ed7c9236b5fb21ef713c6d5e36264ba65ccc801b8eb107b714aad65bb503bb1f4721c0a6f97e5ab89300f049f42a4616ae43d29c089c286687484d18629c1be1b5befbdd0b3cfc86b1d28add89df4cc5e68dac3f56f2490a9068ca9c634ec258c030ec5023baa9133fd2af32fd1112895f9da549d410247 + +ModExp = 60719701a2dc0bcde281a93ce0b8421d1a718adee43c1b5d9fe9e697a48ab3db4f9f33c73cff305ab6b6c300c149b05c6b289dce4580860dc56bc59de81ac074ecebdc65aa3ca040b44e5b3c80ddba1658d78b9abbc4c77e5f171f5582e70ab4438a8e1e2f062d618c4ad09c70c73b5b5fbc9f8f0bbdf1d530a933b705f85af8 +A = e1b400cd3b1f2f1c6b437adfdb970d2c8108f1b39bdbb13582179552011c6c97cba6bff2c463212b7f62776aa3e3aff9f175990e79395e819c144350b0a23d61638d500ecc97726b098e1af334aece23a851c718612442c04eb7b3805a24cc8f5b90042145eb5e5d6a408092832b6bbeb8a621419a9282fb5c075f41c7f1fdc1 +E = f0460c5ca9b3a5c2d1b93c201d020dc43e1c81d1daba432e2cd310902da23eb81a5172b0b357484eb8fa2c04c270893b8198c8ad35453405dadaf05195b3aeb5ec0ccacecb4b6227ca43b27b97e240a4148a472670ed60f304302f757495fd4a91af0fe09800db0c3043a6ae213bee6703ad80523ca433d99ca0eab1e0b7c929 +M = 81dd561d5d5327fc5ed7c9236b5fb21ef713c6d5e36264ba65ccc801b8eb107b714aad65bb503bb1f4721c0a6f97e5ab89300f049f42a4616ae43d29c089c286687484d18629c1be1b5befbdd0b3cfc86b1d28add89df4cc5e68dac3f56f2490a9068ca9c634ec258c030ec5023baa9133fd2af32fd1112895f9da549d410247 + +ModExp = 1 +A = 9dd1e6f2d3ff24096b54e0ebf0f10e283e484a1cbafc0431adda1296ed97692f3ba99440fd4f67c96dd8bab850e1123361c99362df9ea205ff8e90d1b329459f54730992d5a360e46fcc5f5a909e691abb9a06613d6991bd7c2aa609f0d7b441d7ded0c07b8c394327672d38a905efb2d76aa3be5bb14d0c002aa37e287aee79 +E = 0 +M = fda6f9d8588e3614f5a68ce867a5619f6ddbb8d64450ff402e1c4f1a08b518f79dca21e5983c207c5b7324c16895a1e9f1282fc6cf60b0645f6b02b652ed5b129e67c939e854ab492dec30ea878c3edde10a4b7d1d14c57100c6cbcc5fc085a0d7308715ed132fb917251919c727487fedb66500d5610b0014a43419acfbb92f + +ModExp = 0 +A = 0 +E = 8622c37631e428402343dccf8ed09d47b3f4201e95058910289a62707c3ce0b7113c390056cc4796cc9893e471b12cb3f63f900f3356ffd25c8b2fed6f6a7fba2c684eb241ca706c76cecbf72473d8a58c02338e40714b5610465cc319f0a529a7aa3898d9e638b247abd1380c6e8f7fa210c9f1a1a2164db6db83a6bba79436 +M = fda6f9d8588e3614f5a68ce867a5619f6ddbb8d64450ff402e1c4f1a08b518f79dca21e5983c207c5b7324c16895a1e9f1282fc6cf60b0645f6b02b652ed5b129e67c939e854ab492dec30ea878c3edde10a4b7d1d14c57100c6cbcc5fc085a0d7308715ed132fb917251919c727487fedb66500d5610b0014a43419acfbb92f + +ModExp = 86fb0b8dc161c41de2adb0f3ddcc8ad49c1efd729a52793a3ac987d4011c9c1dadb18657dca718df75c8ddcc49d60f152c46ab85ae9076ee7bfd405679a7da3a5195a1bbfd7d2b998c7b135ea91f8c445cbafe1276fa502c2a85477716829a2e0d24ba02623405a3654bed8f355bc7ccdb67c3f9a01e249e358b60d7699498a9 +A = 816610e6018ca47074d55750dd16a281019dbf95dc752605794cbb8ea8d75775317ce685737859728320b529fb3b4414b40bf3a93d08d8994a21ae54682cc1c357eb529837a7b0129a0843eebd9341c9bee3a8ae30475bdbff517e885a0c9f2b6a680643bd981efb53bf9dd49f3dc3cb757e117895fb34b1b4336d9bf8384558 +E = 8622c37631e428402343dccf8ed09d47b3f4201e95058910289a62707c3ce0b7113c390056cc4796cc9893e471b12cb3f63f900f3356ffd25c8b2fed6f6a7fba2c684eb241ca706c76cecbf72473d8a58c02338e40714b5610465cc319f0a529a7aa3898d9e638b247abd1380c6e8f7fa210c9f1a1a2164db6db83a6bba79436 +M = fda6f9d8588e3614f5a68ce867a5619f6ddbb8d64450ff402e1c4f1a08b518f79dca21e5983c207c5b7324c16895a1e9f1282fc6cf60b0645f6b02b652ed5b129e67c939e854ab492dec30ea878c3edde10a4b7d1d14c57100c6cbcc5fc085a0d7308715ed132fb917251919c727487fedb66500d5610b0014a43419acfbb92f + +ModExp = 1 +A = 9edfce4691f46eadaa2043c7b1092b831ed50f3429f0bca02f985c0b77c686d951be84d772ae4b55f08935bed6e3206c8441574f215736b5c1c1b7595b3b789b55cf56db83741b10144d6767ba2b97b23a5e83504c60e06ab22834b0145655aa0463108317a379cbfc8a93de8a66925a999b8b02bf88dd85fb9898cefe9c95c8 +E = 0 +M = dcb68f6aa530ae9b31d078e2e82670adcc98228e7cf1aa59f81e66426ef14b1591b833d889463564c75b5fd5551ea295a0da581dd80f62c7008ff0f26a1c9f4f756431d48198af157149be8698336b306b0a8b8635d3fc2c4c2194ecc4d2af31ca1892917cc2e621d702eaaeed0d9a0c3dca575451eb8bc5487e313988cae745 + +ModExp = 0 +A = 0 +E = a3be10ef04535fca6784e5dbf3733d677dedd50fabbc3a860496628950b4747a328c2ce0d903cbe1e700f0af30f59fb917202257815097a2b516df5d0a82642faeffdfc3b7883766c78fc4be5901ebef891a9ca27f3bcf00960729e659bb3fddd54a19ce628e95ab86e4c7a168588bc9f67b05dd21a583acd8dc36e615945648 +M = dcb68f6aa530ae9b31d078e2e82670adcc98228e7cf1aa59f81e66426ef14b1591b833d889463564c75b5fd5551ea295a0da581dd80f62c7008ff0f26a1c9f4f756431d48198af157149be8698336b306b0a8b8635d3fc2c4c2194ecc4d2af31ca1892917cc2e621d702eaaeed0d9a0c3dca575451eb8bc5487e313988cae745 + +ModExp = 442866609915aa6f1bae9dfb59e721e1b63f42c0f75fbf0a88344120fbbd7aacf15208fb7c9d8bb8477d553cbd826d7e685ad764a8423e81c2131c040ee83a03cab8d5ce50866a941b48c78e9f1330794d908562d4141cfbf26e8c80c69551339eec41e37e2b37b54330f7bd75748f8d26d56ab9eb3b0c127540484c6445a7fa +A = 8ff65e2cbcbcd8697cc3ce9a26855d6422ac7eb4e66500648c08be697e005cc3c854a54cfab91d43489cd60be8b516a9b3c9688e5e009a1689c6b164a133859a5464ef422c86344fef42cc477c9df27768377c126a066d1b62f593b7f6d6e906feaee16addb7cfbfc043d741b7dc81a87c17f167b7b8ef1b1fb3dfd1eb14102d +E = a3be10ef04535fca6784e5dbf3733d677dedd50fabbc3a860496628950b4747a328c2ce0d903cbe1e700f0af30f59fb917202257815097a2b516df5d0a82642faeffdfc3b7883766c78fc4be5901ebef891a9ca27f3bcf00960729e659bb3fddd54a19ce628e95ab86e4c7a168588bc9f67b05dd21a583acd8dc36e615945648 +M = dcb68f6aa530ae9b31d078e2e82670adcc98228e7cf1aa59f81e66426ef14b1591b833d889463564c75b5fd5551ea295a0da581dd80f62c7008ff0f26a1c9f4f756431d48198af157149be8698336b306b0a8b8635d3fc2c4c2194ecc4d2af31ca1892917cc2e621d702eaaeed0d9a0c3dca575451eb8bc5487e313988cae745 + +ModExp = 1 +A = fe9f77f7d0475e00ec964c0effb9b8e079c32e376ce77a9c40ce4018c3df44a77b4f294d9565502b2b79accb30cb58dda6d15e1543b6d4a53296543ed11c7f51baab60283ef03fae37dfeacb431392487ec2839551a933895c4dbf18844f7b375d3e6f558d3c39993cea1bbf7fb743a6a07bd3753c03eb7298811476d7f3ff1d +E = 0 +M = e7a96cf6fa930f73c8bdc2726bbba246001a9d27f39cc2b978c99dc6f15af0e8aaf26b565302f1112e607e2df4066948baba931b89cd9bbdea2072e05b9a4968fdf282c43d997987c3a3a0434e925a679ac81f316b7a7b724b79be3d6888b66f4512759bf66cfaaa88b9513dd27a44aaea75437268a014c4eb50ba2e50093511 + +ModExp = 0 +A = 0 +E = a0bc148ed50a9b54036bb8fa1f214979052ebd47db8b347af3bb03b806bb457b468ba34781f8a25f289a7a90af4903dc14809a166df2f4c3527de2ea6911cb1afb9071a4afbb522a7d50634d66fd584c73f32d05217dc9f7f16394c68a692a953492ca85f89cc11da95fd8cac6231647923ced48a1b3b0ee68c010286d452836 +M = e7a96cf6fa930f73c8bdc2726bbba246001a9d27f39cc2b978c99dc6f15af0e8aaf26b565302f1112e607e2df4066948baba931b89cd9bbdea2072e05b9a4968fdf282c43d997987c3a3a0434e925a679ac81f316b7a7b724b79be3d6888b66f4512759bf66cfaaa88b9513dd27a44aaea75437268a014c4eb50ba2e50093511 + +ModExp = 91fd879d02f95a9f40fcd1037726f73892caf84e9b43b4aa4126d9062a0d22c464e7af2fbd91aa849612d99d9519b724a7fb1cb018fffdcff321d883ab2519953c9f174f09dd8f13ac87339887385966eb4a94842276637b2c36c0a5036b1d3bbea438bc6efd4b4851c7ec06879d60694df894717569bcd31c4b13d80df6cbca +A = cdec5edc1cb3ea974342b85aabc0f9385cf877ca328747d40dd4d297623ad69ab6582653faeed5aef225208305135cfbee32e066cb43e18afacea3a32acc8aabbc49617ac33e741651924ae56dd6aa044a12a1ea50fef573b5befb2f4b21b9cf83ab2aaa6fd153580a0761666ade8fb94f202a3c3dc4f33297eabb4564374168 +E = a0bc148ed50a9b54036bb8fa1f214979052ebd47db8b347af3bb03b806bb457b468ba34781f8a25f289a7a90af4903dc14809a166df2f4c3527de2ea6911cb1afb9071a4afbb522a7d50634d66fd584c73f32d05217dc9f7f16394c68a692a953492ca85f89cc11da95fd8cac6231647923ced48a1b3b0ee68c010286d452836 +M = e7a96cf6fa930f73c8bdc2726bbba246001a9d27f39cc2b978c99dc6f15af0e8aaf26b565302f1112e607e2df4066948baba931b89cd9bbdea2072e05b9a4968fdf282c43d997987c3a3a0434e925a679ac81f316b7a7b724b79be3d6888b66f4512759bf66cfaaa88b9513dd27a44aaea75437268a014c4eb50ba2e50093511 + +# Craft inputs whose Montgomery representation is 1, i.e., shorter than M, in +# order to test the const time precomputation scattering/gathering. + +ModExp = 9442d2eca2905ad796383947b14ddfcc341f5be8fec079135c36f6f0d9b8b2212f43e08bf29c46167ff0fe16b247cd365df4417d96cc31c94db1cf44b73b0ee3ebcc4920d9b0d003b68e49c1df91e61bc7758a8a1d2d6192ff4e1590b1a792f8be3a1b83db3ad9667d14398d873faf5d885ec3a2bef955026fae6dbf64daea2b +A = 3a4b4c57e62c5e9d1a9065191f8268fed9d5f6f424d071acef66f0662b8210f4c029ed991512e40c9c912043c816d2c4c5b53fa0e5c253e16808aad4225130dafbbb89fd4f30cdfc1c2f2179b636a7ddc4be579795820b4b9377637bd8a21a0ef5a90d0e0f865321eee23d9be2a3b7320b4012d02941b892df2c40bdc85c1898 +E = a2c56ea1362511cac0301918e15a9afe7d37edd438a5c3538d258ea01f0a6df758de07111e868b3ad8fc89b629b4955d78a1b3af902be1806410ddde25ccc6a196ba5949395c1ad5d8725b18815dc1cd5ac1c7dd17773f571e3f2e628255af14476e0494be23a4a4dfd18e23142f33d7a59c236fec61660e360d9676a747c69f +M = ede35a3a7afac817d413373a2032abbc067b1493f709ae6e1282ee5469743391d891b904938857168802b7872d3cd7ac18ab249a9e540a86f970b1d0f310a4cc29df1cc9d4063d98c554f1a32f4ca5eba3523cdfb142e0fc609907c7a92bb0187009d97ec471db3545f42dd5fd29c07b7816085d09477ba31fcf90084660116d + +ModExp = a7f5844fa9e7202d4b70ee252c9846e63d3d091b0387768ded872cec53458e19df0d9b4960226e269b8ca5dd4c4eda423a67b6dbb48235c08c12c6c7c78db47287756d3ed9cecb9232f7d18d5d80b9676cb68ba4a290c97e220beb1a069976b5e6022a4c1e5ddbeec86b62dda24ffea1deda37695c9f61a8817218e6370c0679 +A = 7d6d0cc947ceb949cdc4e9e1044f5deca5bb05a491041e0d85bc4b92a0944a57c72845fad91e59010c61ad1712bd2f612d53a846a044632262a9f2e3373b062fde2484e0c165ff947f2469f743ab6e2e5e13c640fc4029b1c9213eb8473c674e7f9e95a4a5c5636d4656c1e696962340d77b322daba47d6fc894f2a2cd9e0afc +E = b78012afe806e2344d004c739c97324256850980ac97d88c4ed9a838517639ca112e235978d21a176c33f5a68703aba0f2a05501bbe3fc8d49a000fbf530cdb431581dfaf8683cb15a2aee5e239cbc542827100da3b47babf4a16ca7c588aff9912e674abb449e0b767a15e415f4e7f2bbd6380d7131da3df8d49b13bfd35ce3 +M = b72d5c55bd2998472f1965e75a51be6155c1ba04656da8f66bcb34db36a7b1db66a89d1d05b1bde10206acf85be7b474ab689220faf1bb52ab39d8dc00512dd4e26df1179c11b973e1274db85a88c7cc2a17113abdffe58cb930ddc5f3ccc4d68b4e65c913730509f7ce5656e8bbaba9b1be177ab9f766678f018fea05da9cdf + +ModExp = 465ff295786a88496828fdc763e9292d557957544e9322b7996807b87fdbfa7a11614bffeec557ca831c4824c8e4ca3b1a1c7f3f4f95ec3fd6a86b73bb13d78b73af2b3c7e76954d0cc03bcb0cd606867ebb3765a8b3d0108cbe4f343a14016be9c33f6d200f0dc547e7d6b02bfab1e79dcdf9c9835a814cc6c855a12ebeb66d +A = 89ad02bea3e9ab839a6e23f20122409daba52c68e1e893034b30d321c0305434a6af940015e3fa5ca9c35230da34beeb1ed4fbce6c1da3a8bfe3f3ae172276c1d1723b47ee61e6f8fcfdafad102d6f7ee2a79f510c7edb93096205a40a6c9e665b88b18f39a979e2e61286d939952a6f02fe8148b7515bb25f4252337cb6e60d +E = cbd6ac628cc7afa3c61bee9c22a06a395087ec1811fe9681b55216700c435996c815e7cec8aaa90016dd2382d0306a5414630124e14f3d396a4ba02ee17851bf720f1607ff813e4bbddf01338983db12f59bd6371a738eee3eeb716f21051d6174d2d6c77602942b9edaac18d4b3a723096c0d00dd23a8a605c585022f311560 +M = fa7a3e40364c8a8d0f14f0213a3f3e035222ca0ea19d46d10ba41580e5dd2805c8a133f3856d7d5d97f922ea540e5eb0d10ad04dfdbb74f518f58da0099a6fc2b3f3def92985176e07fc78aff2faebccca10a429794e5f15ff92f75fe90f527c60ddea8093a9078c703c372ca09f7aeb27ade02f3595308c61dd9c44e62fd101 + +ModExp = cf08bf00261402102e9fe03f3074471dcf0e9b3c96d4d1503f099f24ec85e1901b023e9e048c1ad042244f5f70b38b25a99f4c0a7b57d5844bb0d0137367f45f4ce2cc7746105b77414768cb97648dc5721149aed2d4c682408cc0d50d26dd0bd77e848911f8625c727cac5f32e63bcb548f41a57d718d772f23983a42f603bd +A = a419646a6631c2c69b18f7aa65011825eb31692eecaee9d74f92d92203811b68e9764bda31a1585bdf69b6273fc6f9f508c395ac081336506525dad88473512f08a205621ac8b16e9864c7a7c5a4f17435de00d0b32badec6ce4897e3e1076c562b6d9523f63d0b2079eaa416cb090471657763f24931d955d1fa2720c80a9c9 +E = d5a6f4a1842aaee39805356dc8d0d678ee03b2c81277345beccb2742f899132feb43271f95968a01ae68aa8277201851992dc0aa7a71c90aae71b124d873ee264ea400fb131be0fc6c4ce8c04c45f6bdaca89ac743635caf6158983d257e21cef6800d7f990e912ba21bbfb8fb779afa4abd19e07e7e07eee9908493d1ca502c +M = e739689b6cc6def1d45fb1a2ab551643beeb303f4aaa4da47ee5e4948510f8445b4c40e99ae8354dede60b2ba6694e93bc4d573b7e8adf871b7a9a9636eb7d70f2e49328e2d7978143b177cee8374ef01bd1ee2d95862765883f5e7971668b53ef0ff41b6539faf63c397522b0bdce916388e72e26c8d3d2e58dadeb9eb5d479 + +ModExp = 827e6312ec3b14600203bb83f5b277ded197b2967363630ef673240df05edd3ba8ab2b11c86251a612206569c6c33952b31e264f129909bfe723bd0ee1624b36cfcfaa893a6ec8b5a1f7de79f83e79b459a3350f89f412ad1cfd6bc4c2a7a29272c783d6ecceeb1398fa17041835643f4debef9b5e87b098d104bb8912dddf7c +A = b8e49c637829021d32db3a39a0c1e58cdd4c6e4eda7e8e9293be379e9c2e2d184f929d278598a81ae231cfedcf69cce4a6e31cda3c8ac14d753a7311f2436e29795f0dfb60259a0f61a997918ff984aa2284b43a9d64c974059e9682adfffd018305835f74eda8c75fe4877d811c1620f654ec9f7f32d1af5ce59115e2f41785 +E = 80e0febf369d234bf1aaad4f82df2e2ff02882c3184781f6ccdf4f7cd93b6887af86830077c84dfb02109ada05b40970b1c65228b0c19030bd6361c3537fee22a8155c03b4e7007ca006c6daa3659518d05bb81ea0079456d0ef6116df248dffdb0c935f321f5a1034deefd5a9414a0652aa6548de33325b474b9e5a8507a082 +M = d5eb1d14af842a9973274f7463d90cf0ccff19c47d710edbae184478d4f29b02693ed7958bd487054327b9e6d8879e24c9af7730b92f323eeac05558da6c1b952e5dbf13de236050a77628bb5325fe0d14cc5773bf73338759d5ab43c212b414581280f1cee250007e53791b800b61c90de0328acd7bc43fbdda48158939392d + +ModExp = 4a1efd29c7e78549f5cd4deed1454b37462c7810ee6a8a2493b764dfa479be13b314cf9ff98259517d61865567ef499a511630c0038c97914625df181c6fe07892f329f98b344a78d751e9471483eebaa7977371bf97bb25187ae7e93a9227d6c124ccb4644423c961a11ae59c4354f89d5a95164c23d9aa256e289e9cc0858e +A = bd86c9211fa6a47a06e5016c46cb8a99e34a043a29e22f8c3196fa7197c26b38927b8d9bc0ddc11a5fa4bcc44deb69dbf37cbe7ebc9a2fad6c74e09ab5a9dd929fa04ab4319b6caad1035739be78ba631fb0748d9e53944836d37ccda6e6a62823c696d8f31139ccd7f2f86b22fa026ecf433cfb1271a3539ac4f1c83aaac059 +E = c40b9972006d28a84c2769a86e526a2b274f73afc7c5c6a2742166757f61b5f5fdbb228afa157af62af989ffe966f232bba9e6beef5403d1690ade31a6410f7f349a35bc4267a129afd647993df7d45cc0e1a1ba4678d7f1b6e8a344d8ff7037679e1f4db25a454e4246f6b55c416567fcfa188e8a3865115851d9edf0aa8902 +M = cf424d7af75ce7eef90cad75ae55ca8810cc7b4703fdb5bce701e7bac07e0c371cae06df2aa8facb55a0faa6793e4d2bd9d7969703743b9be170be82792aeea55e2bc0f7ab7617b276486bf474dee2f4556aab595ff3ef115139cfe5e21ccd4ee05c0e1cf901bd85df86cc17195a783b0be836d00bee82ce064077f9191188f9 + +ModExp = 3137a3049fd4ad2e26d870f5c998cf11bfe82101884a82e85e43facd0928cd7434a2e346ca124619769fa141bbe92ad6f36b99231032ddaec3b349a410f82b5ca36f45e56e5fb85dc63d32053dc90805d3f1854ab385281a71a57726bf97158494e7476057214ca7379ab8b70f5bdc15f70bdad3adf33c3a1f9cd1b6bbbad556 +A = 39a1dc6a4c3f14d9c350ee968d5ce139ef725952c967a2d1bedf48ace22091283525be03807e2e263d2640be77f0525247bcd07149bba50568cec5a082c87d72962cf9e43bcb5cdb1e7e9a650fb53e0ec2fad37f09a9f036c0d7dfa528fef846769f80a9a60854910ca1b4ee05dba82ed2ee018348d6b3e52a764b8ffae61e0 +E = deaee3a3f80c9f684ed7110c0653847ccc7be5ff6d982fd4b49f59b5dd35f7210b1077babbcedbc127df35cd469dc6e569a0f84e58149b5605c94b09fd7f0b098d02b4a04631328b3fae39e6c2fce25334225cab71829abdb9507cb903701559660f2c08c3b743336119d1260a0db27054cad3f28bc1b04b2289baa58fb33965 +M = 938388927d06ed3bb1286c0f06d3054cb0ee16dc7a0bbbf13a45293c09a5f40f1d611b2e1a1b0ec2ef109b508e27af4274954905cae52034f8740a744153b4d22059f0dd262ea51785522098ecacced6da07709ee6b5acc8c4e99331379a7c3de7f4e2d1431e43b19570140955b7bcba118dfbaa552cbfa2be531e8f781166ed + +ModExp = c15ae334455d9f4d1030cd33e734726a27c63624c2afc576238cce5e0498298a4a0c93090a0d19568b41290303c4b558f3d9dd74f9cde8798710f68569ea0d6fd971ce67ec5b54495031de3d8842b8b49288725bee5c9f72b99054d64986ccd4e18d70d5f33943f08cd694eff538f84438ea993ebaba0910c95b3a694f213510 +A = def633b955a917569df3ba8517455eef0655e7a35985edda27097a063e0d82c7c3a76dc36c5d8a71ba9d540790ddd0ea514aaed98925f9a1808eb288d387aaf9605a9ef8a333ebee7ad7057bca012efd619d5867f02266f65976ef4b16da17468426ac4f99b3e8921707e01b4de20f6f9a068e6a19d872079a27f3a44449db83 +E = a465c47b0d15d48e01bb8b1d8e3b3253e11515f6874dbed6c25818adf1a8fd927124d5593beb367f685c11e46f18415be73ccdf16fa2e93a600b728163d21d232849e5278c3749d903edad3f1c4535a2f55a2ab65e7ebc64888bd2a0527e876ecf38cec3ab1980d08138709fad8eb88ae65d960adc3f0f8e92f784fe96fcb693 +M = e43cb9ac1446154356cdc31ec771c79b0e461e22d95185bbe1a279c0945e3af07903a0cb54d553380716fcdcafb4b7cf5dc6da481dc74a8c583d75ff6c1f8e429182d200246ebc473bb56e173787987c1b7fb2dd23f5b2e438a97bc4a1df628bc044fdd1e80c0cf37030adb7b04784dab827d0dcd64f0dbf37c980612570ce11 + +ModExp = 75c3f79ab7c991b98e65505342a8a563cfb08b5d3ccf8664c7db1de50256b1d17ebf7096dc98c7bb5d7f027a894ae5cbb14dee04d5d445e775ad7e239acc82673b0ac2d819a69c83864f34e73d9a636f05de8279619a067b4c90ad038db5910447e03841d2034635018f08cbcd21efa00994247763a249082594128112f95232 +A = 34def7d76f6f158a359fd12759fb889cdf6af0a24830dc3e84283a1ab4e9b2647a6a36b86482f829b2cdf3e3d6028f9a884b1f64f7262315446bea8b0231828e2f3d990fb103c17f820b39e4b8427c85643ceeca8f5dc8f191d1255768300e859bd7d88c770319ef38269660d221cb3bc061389b6fc0783485ef042b1c7d6fef +E = c6c46453dd5aac6b37277a446b1d0c69cbe476eeff55b3ac35edb89ba97116b0e7783660f2c7b31b2a2d6c4709d0ab45d01a838100694b0777c9c9c14c959b07c437c73a5eabb7402f1001e802d797a2e7707285834fb6440a1c2f727f7bb84ddb2a49312d32fa0ce620c43872655cb5c394749c9e75d7fa25be00efe50d47d6 +M = fbbab6698a9142095c46b38a732592e4366c1838b84bf40f8c8fc7b630f73380a0d09765562365798f8c8030ed1b6728329d8bb06e882c35a1d59bfe84146a9db2afe42a414014e247390281c782fce806d62adb54778d2bcb49555459429d6ed446af5359657667f6aa19e8e3e0e24ab2bc312b2d90b5cb1ce6f2f15af15d9d + +ModExp = ba16d7f3f6e162ce248490d164a13c00e7720d8a667e2d3ebeb13f1663e15ef5408d5b56cbc7bc793a8ca787cc50f8e15e0e9d4ee764531d04a9114eea556bb3e206ed7d85267151a056b6e68fbf35e03f2cf829708ffe1de13e95ecfe365aff1eea36340ffcd3892dee659fb1ecbe50f5080e54737c10f9c1ba638b14ef537e +A = 9025e6183706105e948b1b0edf922f9011b9e11887d70adb00b26f272b9e76a38f3099084d9cccf12d04b1a99c0f654f8b9ed90c6dff9478c60bf05d58d734ab60eaefa14a22230ec60c90dc1f0704b61eef0bef345785ae0e6a9af7db069cf6bd2b4e0fe58a0ade83c7e46a04b9fe1d24cb9b65c6f80de713e61d70eae5b286 +E = d7e6df5d755284929b986cd9b61c9c2c8843f24c711fbdbae1a468edcae159400943725570726cdc92b3ea94f9f206729516fdda83e31d815b0c7720e7598a91d992273e3bd8ac413b441d8f1dfe5aa7c3bf3ef573adc38292676217467731e6cf440a59611b8110af88d3e62f60209b513b01fbb69a097458ad02096b5e38f0 +M = e4e784aa1fa88625a43ba0185a153a929663920be7fe674a4d33c943d3b898cff051482e7050a070cede53be5e89f31515772c7aea637576f99f82708f89d9e244f6ad3a24a02cbe5c0ff7bcf2dad5491f53db7c3f2698a7c41b44f086652f17bb05fe4c5c0a92433c34086b49d7e1825b28bab6c5a9bd0bc95b53d659afa0d7 + + +# These test vectors satisfy (ModSqrt * ModSqrt) mod P = A mod P with P a prime. +# ModSqrt is in [0, (P-1)/2]. + +Title = ModSqrt + +ModSqrt = 1 +A = 1 +P = 2 + +ModSqrt = 1 +A = 1 +P = 2 + +ModSqrt = 1 +A = 1 +P = 2 + +ModSqrt = 1 +A = -1 +P = 2 + +ModSqrt = 1 +A = -1 +P = 2 + +ModSqrt = 0 +A = 0 +P = 3 + +ModSqrt = 0 +A = -3 +P = 3 + +ModSqrt = 0 +A = -3 +P = 3 + +ModSqrt = 0 +A = 0 +P = 3 + +ModSqrt = 0 +A = 0 +P = 3 + +ModSqrt = 0 +A = 0 +P = 5 + +ModSqrt = 1 +A = -4 +P = 5 + +ModSqrt = 0 +A = -5 +P = 5 + +ModSqrt = 2 +A = 4 +P = 5 + +ModSqrt = 0 +A = -5 +P = 5 + +ModSqrt = 3 +A = -5 +P = 7 + +ModSqrt = 0 +A = 0 +P = 7 + +ModSqrt = 0 +A = 0 +P = 7 + +ModSqrt = 2 +A = 4 +P = 7 + +ModSqrt = 3 +A = -5 +P = 7 + +ModSqrt = 4 +A = 10 +P = b + +ModSqrt = 0 +A = 0 +P = b + +ModSqrt = 3 +A = -2 +P = b + +ModSqrt = 3 +A = -2 +P = b + +ModSqrt = 2 +A = 4 +P = b + +ModSqrt = 2 +A = 1e +P = d + +ModSqrt = 2 +A = 1e +P = d + +ModSqrt = 0 +A = -d +P = d + +ModSqrt = 0 +A = -d +P = d + +ModSqrt = 3 +A = 9 +P = d + +ModSqrt = 8 +A = d +P = 11 + +ModSqrt = 6 +A = df +P = 11 + +ModSqrt = 4 +A = 10 +P = 11 + +ModSqrt = 5 +A = 90 +P = 11 + +ModSqrt = 3 +A = 80 +P = 11 + +ModSqrt = 9 +A = -e +P = 13 + +ModSqrt = 7 +A = 7d +P = 13 + +ModSqrt = 6 +A = 37 +P = 13 + +ModSqrt = 1 +A = 1 +P = 13 + +ModSqrt = 8 +A = 1a +P = 13 + +ModSqrt = 54d4cf0fafe265056a29016778cea6b712bc66a132fb5e6b6865e9b49e4c97ec +A = 599c10484b22d0b5a115268c7538ca99b3253a311a4ab1ca11c3665b0bec393a1167d1ad94fb84cb2c7ad7e2c933e8f613bdd08fe1f1aa4a9b0b9de0c8a7c9d4 +P = cfc4ccae35458ab5be1a1bc0664188253301f8702af4f8fb19fed12de0c653b1 + +ModSqrt = 38a7365a15365e911286c1be2a7afe76ef390234d76269e04dee17313f6ea54d +A = 1c4aabb4d8369710131c664ecf2849e963c1bc31d66e0b939bacf99a870c71f24ed71bdddcf566f3908271fee43fc1ebb51eac7e3153efae641b49d2e796a12a +P = cfc4ccae35458ab5be1a1bc0664188253301f8702af4f8fb19fed12de0c653b1 + +ModSqrt = 35ab18a560dece04725667f640ca61d1d59f14d191f94c79f58531acd097d444 +A = 685168ae855d60eba220d803f5296459b30a289580668db9ed51bca51cc2d453a937e13819ae34f7a9a143ac96d17420c53919167e46279b562b550be1cd9abc +P = cfc4ccae35458ab5be1a1bc0664188253301f8702af4f8fb19fed12de0c653b1 + +ModSqrt = 288370029e87024175e5bec0eab0929179f42e16995e7f6194eefc61061e54f4 +A = 2a14ab77c045bdc48220ba9c463e1a4b4049cb01edb53be0937767eb2ec19b7d719855052281250a36a0b76d9a5d967d0756e1ded7a052f7056191ad66bcfc9 +P = cfc4ccae35458ab5be1a1bc0664188253301f8702af4f8fb19fed12de0c653b1 + +ModSqrt = 32255cf01dc943577ec2bcb221b98491d7a1130d046d6c68e95fedff643ce3a4 +A = e26f6dd46a513a1dd3fb14b71be1d4c9e9d79eda1cde10ea4d1eb8abfd4d5857572205e247184dd0cbefa37b5c0bf680ba2bd28c5741f725cfe2aae37419baf +P = cfc4ccae35458ab5be1a1bc0664188253301f8702af4f8fb19fed12de0c653b1 + +ModSqrt = 5172345e801ada63fbc4782e32583cc3b4fea88b9e6dfd542f3542f8538ade66 +A = 40dafa8342b302bb04b1f3ddb3b9015a8fc1b597857c115b40631c7be9e22de89358fca23b331596ee5ff304dad7811e6d8e8822f7aa533c9e7c882634ea550 +P = a6813d316f9aca30f98b4f864b8b4b8f51493af930bd4d3a1b205a710e99add3 + +ModSqrt = 4dcf63c423bf0e39aca2293d57f6792d023db649d6719fe936446904b9f7e60d +A = 5bcdb514bbe84261e169203e8017909b60c9bb330400c766ee01b0189378e70e61867a164a12643ddc9e94b61e09e5b158cbe85be228a3cc48f95a552958b8f2 +P = a6813d316f9aca30f98b4f864b8b4b8f51493af930bd4d3a1b205a710e99add3 + +ModSqrt = cf77c5c2d12a500b75cbfb1f3e66ee75d886b9365cf4f8b4d1bd18a6be0f387 +A = 4652ddc2ea7b460d8ec3c9059b8f9b5dae6cac55b51f2ad86fcb336b25235737965cc515e2ff0b54835015b7ebeeda6fadd986471d8cb424d309fc353d1e269 +P = a6813d316f9aca30f98b4f864b8b4b8f51493af930bd4d3a1b205a710e99add3 + +ModSqrt = 1e0549e4c5a26023e9d24fd8c67419960746f82b1ecd113bdac66f570a475d87 +A = 5f4a6d450ab1390d96ab1deaa0ba18f897cb63daf0c9e1ef6c08e804c26b5e842f6c08f13db5d4a6e88f07af2a3cb04fa06fc3e59c410b9356f025ed81acc74 +P = a6813d316f9aca30f98b4f864b8b4b8f51493af930bd4d3a1b205a710e99add3 + +ModSqrt = 144481a781d831c1ca046ca9e322d79ad4d2c6dd9f780bea9d1ced9cd20b7b23 +A = 4c254fabca441017132b9eacd4ca40a336db3e5c09715773fa07af095989a91cc968ff07a9ff56ed06b0ce0c5269f7b2ab68564ecab9f4467a7e96b6cc6b21b7 +P = a6813d316f9aca30f98b4f864b8b4b8f51493af930bd4d3a1b205a710e99add3 + +ModSqrt = 216fecc7667f488a3d2d102a38b46b4860ab858300b8638af4f34e1103fd73ba +A = 17878f8048227573a9d70f53c0e76ff13fe9f56e9c984c92514d3d13dec23c816661f0618d21371b80dfd885cb59551bdf80046f65f22ea9b89c78645a6e455a +P = bd37c850cf7d702bac879f3c21a51a5a4df2b8eb0935861e0753a6eb62261a95 + +ModSqrt = 458e5e789ccd2417174f7e30bb31914b9656bd8cf2b9f5a9752a8737a67707bc +A = 5c7d39a4bb04e69201aa519f80ee7e62ea14ca55e13656d1da3f45367e2fb2d061aa2940708d02ac67d35cd2ccf54a1bf95bcbc759779e692cfdcbb3aa1a05b +P = bd37c850cf7d702bac879f3c21a51a5a4df2b8eb0935861e0753a6eb62261a95 + +ModSqrt = 543125a16c2bb8b8f8a2c39c497e5224ec77533602d7dbe24002e32dcbd2ef1a +A = 3413afae333b2ad9ff45c7f3c7e5934b3127e8b1a55225958ee6ccf42423e81559bf070ad3f3353b78c0ffd41475af49f59d268ef78bdae879f5155e8d1cc07 +P = bd37c850cf7d702bac879f3c21a51a5a4df2b8eb0935861e0753a6eb62261a95 + +ModSqrt = 10e16859c67bdb2eaab52a7c847dbf37162eda258a9f6262ebacfe4cbbbc1080 +A = 21ce7905894faf220bdf4a82a2d855994ca2dc9feaecaa53c7f146e1f49934215695e9bb46ba370b7005a90c399674caa8969eb442e7914d90f749774d7fd194 +P = bd37c850cf7d702bac879f3c21a51a5a4df2b8eb0935861e0753a6eb62261a95 + +ModSqrt = 32a00586adc6f6cc2b1a04e1be0ab569fde235e1436c38b6af92bc5ebd60bc1c +A = 350da4fd8cf03c12f7dd6ac6d3ab801a3413964083e374662aaf878d6838b97d4feb9e52cd307a25b113e101661a865463ee2480c626aa4e2ec437d72e7bae4c +P = bd37c850cf7d702bac879f3c21a51a5a4df2b8eb0935861e0753a6eb62261a95 + +ModSqrt = 971f75bc7afa8b4b50f1d4b05e52deac7d4836a08d30546f29649bf1ca6a247 +A = 655ed4c5d8d0afb4f9360372ee1ef1303898d2423e585108a3303faedb55064d2ef25666ed4c4d71fe6063fea1f3142b435714b0e30b339dd791d347c884654 +P = 9810151ad4bc9c5d68fc326395b509f2625bfebca1c3801ad4da7539fdbaa6f7 + +ModSqrt = 48fa882b7cb6a29de9e3769f72eb67f1efd4d2af56f0c7e410c610efcbce2065 +A = 14f3503f33b243800eac1defaab33e04c01e80163fb3efd03860970cc016832431ca4fc6d1b760f4f40166b0b8b3c40dbebc81460cc10890172243770338f090 +P = 9810151ad4bc9c5d68fc326395b509f2625bfebca1c3801ad4da7539fdbaa6f7 + +ModSqrt = 236fd7e397ea7f8bc2a288eb7236ca41936fa702b7dccca56c8852e147511f7d +A = 1bbd0980feac854782813bcde4da85e8a054549a1b515e065da4236528035e756882e29e762cf60453e375cca9dc6ff637f9558bf86646e3b928f68f82af7efe +P = 9810151ad4bc9c5d68fc326395b509f2625bfebca1c3801ad4da7539fdbaa6f7 + +ModSqrt = 693f0cbe8c81b0afde0cd2f83e53795dcae6b0cc4ba930ab5c752400d787f14 +A = 7b20f9664b23907e152ab8c9a907f72e8670c1c38ab4cd1411ea7c2159c09aa131afe068929b8e6ad1409b74c04975180d1cd0a9fa74e923c3fd451e8da2c34 +P = 9810151ad4bc9c5d68fc326395b509f2625bfebca1c3801ad4da7539fdbaa6f7 + +ModSqrt = 4a086c50b0bad576501ddb6280743b2c9d247841eb7f14d90561432ff7dca6f0 +A = 4367431ec0cd0d7626538b93a090c30fe0c97c18ca03b97ddae304b619112b5b4d02bf0f041fa3fd673f9ef2ceb07eb2079d11c56dd903b1a87e8252a97b8079 +P = 9810151ad4bc9c5d68fc326395b509f2625bfebca1c3801ad4da7539fdbaa6f7 + +ModSqrt = 18f8433fa468d8065157708f1f1e53b8e31d39c6011fbc2bad93de1b5548e19c +A = 739c032bb4139c199c40f548d37234298772e4ccb9d3ba28412b60ad23b4c465b0787e2382f1c5a4a87af2d20eb978b7dcbe73f2112249477d15c8a85e54a79 +P = adcd56924f73836ebe4dccfe006ad3b1e5076562cd11b161642cab7af2284659 + +ModSqrt = 49e3c8eef5e067cabd51a7c01384ce05ab8f4342f655559d8a689eb7b20e0106 +A = 18400c2cc3e06b99b4e39c77b9af5ff0e9c683f1708321afa4cd5b6988d13b36b1d9eb4379b7902d9ceb40c03f814b2b6a01b90509bbb4532f13ab1571c4d04a +P = adcd56924f73836ebe4dccfe006ad3b1e5076562cd11b161642cab7af2284659 + +ModSqrt = 35548c530745f440329325cc8a5fbd90c16a7f0788879a4869bc4d4f73acda0e +A = 181a3c5ab02566e7166c4d6d2f2bd4a8ecc25991a98d270bde80cf4332766a7068b14240bf5f5dcd45e90ef252596da3eb05b11d68b2063f7b3a825742593ca9 +P = adcd56924f73836ebe4dccfe006ad3b1e5076562cd11b161642cab7af2284659 + +ModSqrt = 1ab7046e6af061ade5f9719008fa4d989007e2a579a134a5b9f19ec410984096 +A = 1008a03e211fab0d45856377079bc96b0776c2d4c0175661f3493246cea2ab0a02a706c85314fb707ad9906bedb2cfd577d62092ae08ff21d7b949373ea954c7 +P = adcd56924f73836ebe4dccfe006ad3b1e5076562cd11b161642cab7af2284659 + +ModSqrt = 2be9e3e7515960d90f115b89f60dedc173a73ce163b4036e85b7b6a76fd90852 +A = 392053a9f0100540a8e1a0c353e922068a84dad3a4a8e8962fbc0bee2b6a06e20d08ade16eb1409a16acfcac3db5c43c421505e07035ca308b15c4a6db0864c0 +P = adcd56924f73836ebe4dccfe006ad3b1e5076562cd11b161642cab7af2284659 + +ModSqrt = 5b301bb93bdcf050183107e36258b53b4805918114ea1c2227b0911d5b4dc077 +A = 55e55e5f94dc3d7aabc921f6469d85fa2e1e92a87347c57afad5872306ae69f9fb99297d1e3e793dd9e8632244208154de5da7114fd876383bf1422f7ece024 +P = d43280ac150f725f4a2a1dceb1c79bcac57855a4eba72ae93762d09bcb2444fb + +ModSqrt = 2df9609e2f5a5156c3260461b2ee52eacdef00bd8b091479813143a6c5283f71 +A = 2099325b7f12fe77353ddf3f2b2c5ef77b49671b150af954cf84e9675e3ecde3e057084641a633d19533b4712ab49924c8b5c31d591abcc88291f51253fa2a7 +P = d43280ac150f725f4a2a1dceb1c79bcac57855a4eba72ae93762d09bcb2444fb + +ModSqrt = dfab751710e9008e25e422d1199d6fbec4dc7fba35b4da9d225a746eb4126a0 +A = c006af53d4737fb293584df6ffe2e4cb3fd8dc77fb7c1f13b97bb9c249e3ee5fb9feff7488265b3093906c08a4946f142ac7b491937d24bfba6413366ce371d +P = d43280ac150f725f4a2a1dceb1c79bcac57855a4eba72ae93762d09bcb2444fb + +ModSqrt = 26bc030008d6c60a09fb0e16093a649fcb40c6c21a8e2da2353ba4b07c4f85d5 +A = 1eaabcfad2ed349ac9356e6f4da0b301266ddde811cb0f817aba8f5c10fb8b8ba9d0ef2dd386b668f16eac296118fdb8cb7afe1b865648c81c2fa3cf21f2711b +P = d43280ac150f725f4a2a1dceb1c79bcac57855a4eba72ae93762d09bcb2444fb + +ModSqrt = 35051b1482ec2578f3dc0000a422cb5111e43c37f1ac20b1844d3de2128c4556 +A = 315ff9de178681116f2a5fa78eebf4818e1d680435eacdfaf9d0e5c4fc01fc034b352c82fd52c81ca30d68864952dacc99d08269c9dd7ca99ccf22da98c3840 +P = d43280ac150f725f4a2a1dceb1c79bcac57855a4eba72ae93762d09bcb2444fb + +ModSqrt = a5474252885cacf004c460a7793ff0b0a2187bb1a9ed700ae3470199faef71f +A = 19856fc1351c4b02abf573bb2fc6ff92355fa369d62bb8f2260fa772fb1693f509a56cad661930abcac049dd70f4b16bed4a4c172e73e772504c9990ce7f92f +P = dc315fd52684fba79e577a204de9053b11a5d7a414263fec9eff6ff62188829d + +ModSqrt = 12daf4722387ecf47de1b0b6b110a062dc5ea2685bc9dbde66b8d15622985029 +A = fb8479787069116abc42abfd7dc0c24d2ad04fe0c04b42a6dff714af715d17e0fd77855f950f264542b06d48e8818de813ddb7975798b7debefcdaa5ff86beb +P = dc315fd52684fba79e577a204de9053b11a5d7a414263fec9eff6ff62188829d + +ModSqrt = 397996ed5c0ac6ad32e43c337e9de421b87774cc162bf7ac7bbedf4a9029255e +A = 5aa04353321bd2de92481be740357f979da464b53aa39111fdbb734cf7af6b3857d1baa08d3a126a3dd34a2fbae2bf2b84e900686c1d31505b390185acef5fe5 +P = dc315fd52684fba79e577a204de9053b11a5d7a414263fec9eff6ff62188829d + +ModSqrt = 2cf4b844a54ba359dc592ef1b49f43fcfeae84d1087edfefdd0b9174b43c0a3c +A = 365a8650510bcfd8fa87432f167cf487234c215857403b9270b5eebeafa48cd6da47fd60dc311b94d1d72baad0447c31f0b212d755f46c256e16e5e015e6546e +P = dc315fd52684fba79e577a204de9053b11a5d7a414263fec9eff6ff62188829d + +ModSqrt = 9277c73043ff767c3fa606f0cd66b9d854a600c8c18287f191ce277758c3f31 +A = 62cec3901626d03e8df66299a87c54b1f7a55cafc99f0b6bba1b5d51a3d2b7d2171c9135a9d8a5346d436e0136b12e515e703e3cd84ecfe154eb94c6772a6d72 +P = dc315fd52684fba79e577a204de9053b11a5d7a414263fec9eff6ff62188829d + +ModSqrt = 4189e5a90c1b1abdc1c7c05b3587e6f362e06f927b6cf5f0d271aab3d6f90765 +A = 336b8d0f9dac842c696bc020f49c6aa023842c16f2052eb02f17959006554ca0012042c80c72590f21c6bf5a3714c9cb552aa69730e33db93a56a909b273f39 +P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f + +ModSqrt = 36ccd38cb5a6bd8a73bca55936a2227c503664422c2296faf7e2b1c6a375a43a +A = fecfd60a376befbe48d2c4f6d070d716d2f403cd5daefbce62b720df44deb605162c8f20f49fd7ec30d4f8e70d803d45b3a44b5d912baa3410d991165d7c507 +P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f + +ModSqrt = 198fc8569be172dc9b71023ed3d42d2ba94bae4099643f6517ab03f540527fdb +A = 65bebdb00a96fc814ec44b81f98b59fba3c30203928fa5214c51e0a97091645280c947b005847f239758482b9bfc45b066fde340d1fe32fc9c1bf02e1b2d0ec +P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f + +ModSqrt = 21b7f74c30ded681d6138cf8e6fd798f32a049e94138e982f1845df3dc9e686f +A = 9a30b791c1ba4f394b4e3dcd5837e474237f4fe8987b255c098a47b2c14c598ec69d2beae444dd4fe9c4ede8173d2b187677cc706a3c28f3b81627d8a5fb6fd +P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f + +ModSqrt = a1d52989f12f204d3d2167d9b1e6c8a6174c0c786a979a5952383b7b8bd186 +A = 2eee37cf06228a387788188e650bc6d8a2ff402931443f69156a29155eca07dcb45f3aac238d92943c0c25c896098716baa433f25bd696a142f5a69d5d937e81 +P = 9df9d6cc20b8540411af4e5357ef2b0353cb1f2ab5ffc3e246b41c32f71e951f diff --git a/deps/openssl/openssl/test/recipes/10-test_bn_data/bnmul.txt b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnmul.txt new file mode 100644 index 0000000000..dc13a9229e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnmul.txt @@ -0,0 +1,2678 @@ +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# These test vectors satisfy A^2 = Square. + +Title = Square tests. + +# Regression test for a BN_sqr overflow bug. +Square = 4000000000000000800000000000000240000000000000000000000000000001fffffffffffffff8000000000000000400000000000000000000000000000000 +A = 80000000000000008000000000000001fffffffffffffffe0000000000000000 + +# Regression test for a BN_sqr overflow bug. +Square = 40000000000000000000000080000001fffffffe000000004000000200000001fffffff800000004000000000000000000000000000000000000000000000000 +A = 80000000000000000000000080000001fffffffe000000000000000000000000 + +Square = c2fa18e1d110a4639781 +A = -df6a253c3f + +Square = 4805f01d379f4ce8dc86ed269 +A = 21f253ddb5a6d + +Square = 57def107babc1c2bffeff858947e69 +A = -95fbaee5a09c86d + +Square = f3b01f7941961b3f5cc3361e3ac82423690 +A = -3e71292dd4ad3ed3b4 + +Square = 5e2d9c36d498ad1e8b6113f442ac513eaca74601 +A = 9b45cf6c7a43d910dcff + +Square = 7b7c2eb3fe55615e422b41c6f725341527626398cdee4 +A = 2c7314e72a2ffeef170de2a + +Square = af57c0ed328886642ed5d631b375fc89c03a99f1b427c6bbd1 +A = d3de077f8286a04daa9c497c9 + +Square = 4d9eac3058e6cbc0d12e639ced961c02ec1870afed62fdd44c67ce4 +A = -233da7e87ea4421ee8fe7e00c856 + +Square = 83c292d277fae28cfede74e8e80eba11dc132e16f78cdf64595c12c7dee4 +A = -b7a8aa7452678abd45d2ae6c349e2a + +Square = c80e07dd01f9d19a5cf7f3c328ccf4de70fdd113de69382701294dd29674b9a90 +A = 389387eead58fef2c76b5cf920f35c5cc + +Square = b9f69ca47ac855830fd7ed39c81822c520880c51c3ea60d3ccc106db37fc2b04c47831 +A = -da307c28ea67ca8d3117364ba93f0731bf9 + +Square = 81bbe3a13a22a73778233294ba0c132d9dddec111f768300f177468c204f8eab69b98e62d99 +A = -2d8f715bb32d410b4f475c4d000d56fec7cfc5 + +Square = f815ce34e9bc2e31e36e75cf49b2d15306d438a2a713b2a85b3ea156ba60c867c28cc65aa58fdf11 +A = fc02f2e1a26cd69f6a0e54cca4bbced739b43597 + +Square = 5f968707f58ea15c492ec9677be09c309d91164aafa754ab16ca47a411b5b2249858fb6f96135992e8a04 +A = 271b8eae3e96cc4900d4413d6c00b73736a5d89ed7e + +Square = 4aa616aabcdc7ad48dcfd40d71e00a3789bbf549ff39b3e2ebb52017cb56014941961a5a6d52d7a9980fc99b49 +A = 8a3d3f15e6d7d2130aebd8cb99767defbe4c7704e3c1d + +Square = 845e46db8c40f3f6f6f4928b5748618f021f9064c6522bcf2df004f8d2105e90cd354785c15a6cc32fcc77da2ea3001 +A = -2e0543ac8b8255ce30253cf2047a0ff353dea55a58551801 + +Square = 5dc5706dde9b326feb79941f08bd296ec3b6fb67270516b70fad9921438b9175f395310fb756b60d72d8e73e84ee8673cc40 +A = -9aefd7dfa709dec9e721f5c22867229435b2d6366462d0e438 + +Square = 63dc6565adba27974a66bdcc626596e16cf399541d679f754d9063ceeb320649bec09a940309dd1eae5fbba0b558939afae9689c9 +A = 27f8e071f70b0053d70eca9c6d1e28303b8da2d3c58083c2cc45d + +Square = cf2176449bb8b215fc37288b904ca27d5d410780fd054d2a190a94b405f6aa41970b41ba3cc43eaabb97c2248e1e21457949070ec0f6a4 +A = -e645c7edc27512d4b3170d3c5430d0712a25c13afcc09c9b30bb11a + +Square = 43194e5f12e828db6735824c194985108269ddec12c49a14658be3c2b7d298c2846da1aa3ecb7064e73c317af595601de59035faab6dc0fd911 +A = -20c3fb73a03217893fd4a9db6e53a3d83a8414d900213d0460dc91bf69 + +Square = fcee79e598f061157ca9416491f2eb069bb95a4d78a1d0538dab5c8008653db71b90ce3139e693ba284846be7b75d6b7aa80228420fe75599c12f090 +A = fe760dd61798c8f78e52b328fa27cfbe41b898de6e6bb4f4a684f038b5f4 + +Square = 4f0db9f9e6eff9fe7fc938f6d6f5e4fb017ffea0cea0f7c57f4fc1e5b2bdc00a1cb9c1e6c865e53309b6b73c4339b0bd485860ca9edde3019804902da6b61 +A = 23909968dd5d139994fe9baa0a7bbfa009b013df3859ff294c5872366eb7ecf + +Square = 4441ff36d785d18208481470a5b8ba8cd65a45436c39190dde0b8a2b7d00bf67b185d98ab5c4a7853423778d6333abf6b115dc9567a9f9c71916d3f9db3af82c41 +A = 84307277f79cfdf33d83d7093f1fd8aeb94499a7075ca32733b68fcf88e819421 + +Square = 50ee0dba369b0fb61d75706652487ca08043eee712ebb51399122353f77f13745ce2ef0d8f0ea7b3fd94e928b0b2b42c2c9141b5697b13b6d1f3d66c6a9186625b87e40 +A = -23fc02d45c820c3a4250124cc457fa3886beabb41d3c1e26f711309604eb253c6da8 + +Square = da11876b316d4891a2d650692ca776f77afd32a1db08f591c9579fd1053a4a46cf78b4e4cf417eb99eb067ff701dbe3483dff22e7878d2ef2b234244cf7a29d93f62d6d6b611 +A = -ec463653389de3689fe1881679b83ca65134a1498a3543168dd4833a51b23edd3fb617 + +Square = b342b4aff7e5bad38f7f532f0f32a3672f7ea6521d23652fa09ef7aeffcffe52f056ab1b54a0f3a2147f43330fd199d1f290988c866f61360dc4928c84b3dcde8f395120008472100 +A = 358e27805e2a56195fab2ccbe3f931a4bd14023ee56c8a191697926f387c40decc578cef0 + +Square = bf4045fd680caa514e9c410fb4404e5e3a381abee023d5b509d6dc0b97386421f55090af8bab5ac08e9b2eb8a36a64c55960be9179d564c5429f4ec595d03d12111defafb7359b418902b1 +A = -dd450a0fa0914f0d65a1b555baaaf9380eaf8d58b272bf9d95435bad53b01337ac8de562cc7 + +Square = 86abcdf183ca059257c2f6bb91efc9853f4ab42801d3cde88df72d4c904be184e93d6bd1af6fc21a6836c93c4e0a1f728b3722d568572f7ade418274ef2e6ac3463c5cc50990f1017e01cfb91a9 +A = -2e6b4d9eeede7a72b8d0fcf6429c7e30cf291352e1bb43e92c14236716aadc02c02f75c7e6aa8d + +Square = d5f37112733b097cab2bb11daa3d9481255060abd7bce42b752a7641a98e140922c375fcb68bf13d4326b374eabe3b01de0f8f6324b7b3e4142051c02d2f18ae2e748cf3c4bcc3fe157bc94227631d21 +A = ea087236372fbb01b80e57b1ae4edeeaa776355457e18165a5dc60ef4b6ddc0b127ef494dc44ae11 + +Square = 9e4db7885fa5f928ef236f99df3e7c8d17a5a21983ff882032817edd5658575f443eb9c5c97d95ee798a3809cda76d7a0ab9fde757a310e2f5cbb299ab88e92a5771027ab9f26816c02d0c97894da5976ec90 +A = 3253d712d4ada4c12dab41036fcf79b02e80d1a632ff6ccc44d3c1d08467a019cd6221507459b231c8c + +Square = cf9c50ee8773ba94c9e943989a35513fc370adc3622beb125252bb92ff9b258b81a497700e3bb15bcb23a5b3082c095f7a5d6eef20433d689c20a5427b661d43fb0f9b7d1b16d1b73b8fd59ed319a26c5eb92fce90 +A = e68a0812d2de2a922f24c4e63b4c33e62f93943b7673e900d12405dedd0bc2a906daf8b4bc336bdeb52b4 + +Square = f3aa49c906844692d3bc0cf101adcba80351c2e744be01762a8c24804a9d8d5a4cc3c113ccf529eb79cb3304aefa74178afa53f235c5211192d4cd8610c3b42e246621acb3e5d1f9d86ff39a20a7fa9c568356de5b86919 +A = -3e7069ce11472563b0dbeb9a936884df66db83273a690c40e5d3b5f8926fb502d3988591abfaea7b7bd76a85 + +Square = 7c9a5057ca8095cdfa289b2d60eec80548f9ab2f3a996137ff9be403b529c4672e003d1eb074c76c0086e3d875cfbc90a40ccb61b799cc0401ba160d8d6b6ee46b2f14ed31c83de54cdf83458dcfc01e3234d9717b5f2c7e5079 +A = -b299da84ef84095d8191fd1cfe847b960729a3d1857082f05b2fa30ac45e90d2fdc778013b023f38db2c8e780b + +Square = 488294b528e2c2da0145217ec69de2d021ca27f145f7321f06c03316fcc14bd4a9a900bd6a144086acad6d5ad32a6245f5a655e007742aa336430c6bfbe174278884d19fd93916ef57215069268ade899cb92dfed29628327b84d8240 +A = 220fa6eaae0238e78a91e43fd8c2fbd5db0c8501cb96d66265c8edcbd376814c39e4a6f21ec9a6472c6abe8c04818 + +Square = ebd685edd991dd5180706b72ce20ec4f6c5d9ce038cc8768f2ae2d0e676bd549d6d3f97f6c26f6e36bb664e8a7e6102192bccb354c024670085711db30159c6b7badab7c7c0b91925675ece3e23126ea6feaa28e977598a890e4e476ead100 +A = -f5b657cc38fd11ad2f1b188c61721b5ec6c9762c09dcbfac3edc1f07e675bc058e77eacd01a2b4139b1b00c40a6cb70 + +Square = d1b3ac1d7042c0200f80a989e053dee31cdddc835889a57482a0988afd82b0fe8d3667270a72967401c3e8d80dae349ccd4063f11cb24dd7f9a5aeaaa7c0bd7bf7991367b0d7b4d374dc9c5017da81ba39fadfc3b760f68da95ae1eaa2eea3fb040 +A = -39eca1bf5e4807fd6a9ccc9e3138a6fb390b10a330f0027f0ba9868beb77c93160b623de58054a4522183fb3e4e2d86b08 + +Square = 41c5e4bc851d48673e0a16336f0decbcb59dad36959b310cd1a042d24de00c587db47058c2d91d7f9982bdbf470c73f86e591a122b3fda71796e465513e10e3cdbd5e6bf035595644d588c091e23a57cc47b5173743b0dca965902918d61875f88735a59 +A = 81c2caee75e98f1822c854448302243feec55a5247bba948647f12d7e0bcde4b1dd6af63eb1ef948eec22a87d2f3213de75b + +Square = e712c3705ef2779ec997c430f1f8b7689d7edbf2daa733dca89612bcb298180b882cdfe8e5cc1104b9f5d6d8f0978b46eef4f297dcc83fce4c39821ed3205e399328d69ad484d8b3189e207193203ef79b763f5e11778dc24839b4feaab291a0464cc66edbe10 +A = 3ccdebe5106ff5642b4ac0751bb799c27454f904fb72863d1055d1412b2359120ad196b768f6137dce4cb85cd29a990838a95c4 + +Square = b5063c05ac122d0d4b1e0d15c913f70f1309933ba737fccbc02d13a6c712e7b75fa757ac0e4fbe65977f17bbefde31c8fcf51f867a698233bf25bbdb1f03c104dcdbf1173886a48eb5a8b4d27cd841196de0b53466a3f1d28500fb4dbcee8d3458662443eb2aaa5de9 +A = d745c04ed95d4090ed66784339202f9d0e57bdc1a6f6b6ca09337153f0236cdf99b61db85604791b3a373885210f6aade8530c8d3 + +Square = 974463573c968f1734741dde2a800761fa749b553dd6499b920d3af9bab73a87f40c9cad39c51cfabcfa0895f1970281af063d80f89f4103624a75bcb0d23f5ef6c1cd9a10930118e1459ee8732728ceb7961f7d83cd2344a51e6229fe708bda46382e142706137facf7161 +A = -31323f98f0f73fb66e541471774ce0e0fff53d69b2b726480b9ec7b0775b345ec4ec57c4334ab8ff4b388f4c7fbdfa3beeba0f3e0bcf + +Square = 673a62011d769ff0333f69f10f00b28781fece47ddeed25fb0bf4f8d95dde4efff60690076aa520ebaa3ba63e6d445541b9586241141ecc37cd75b178389265224533055ec82a393e5dd61640d3f442adaab917c8fee1f8fc0ff8ca8d577e1d2d976c2a8b873f699aa92c272c164 +A = -a28fdafefdd393f993a8fc1ae321e420451dd0c5071410367d5a911b2a3a668bcae4452e134159e0b1974505f99865cd97cdb020bab0b6 + +Square = c4f34585a29667b582a3ee69b1a5f6c04746d105a57bc92763958c5add45c64b5c1cfeb1a321fc5194aab818c92ede5408afae0a2a74ed4c7757dae0bcc602169a805d525c5a63ca97391a9a7987a3eaf04bc44c89547c5d312f7193fc571851b1a8f8f091849f649ae91e15a050f5799 +A = 3822b607fccfbf0c5be97d4358bc682784e6453c71781fd3eef9d247485211c55d742279a35bf35e64ba8ec8cfe20dc0889688e2bc81fe0c5 + +Square = cfdf0eb68dc27d60840b8afa8daf96bf831002dadb2801c5d6f7ca558256bf3c7c5372fa00f2b3e300287745f8664dcf8e679fa35adfcac93839cec53b349553f31058a4db05af40b047bb367234dd78717aaeb80334f0deabb09d2d4d90394ec28cc3589b0aa78cf227ce8678b8bb5cd775e9 +A = -e6af13779d5a5eedfecb7c4d34009affee1f0bb65934ea9656ed6eae02271ac8a29104439000650a3a8cd7fecb171a7154c0e2bb2b1cb908cd3 + +Square = 6ec1b1333481c37be059ed7e088c862f869bb559b34360781f7263eeb206a210b90321aca198aa41c2a79e3a8d7df4336c75c87ba2ed4b02052a07b234afd9d2cb55413d4296645cd0dc8f987120acbc82fbfb089190f50e55eb1f509c86734dc14b2e8ae42ce880023dc7a014b02727b53d0e5f779 +A = -2a18acca3306bf06fd90da4ec2cbce995fb08beaec6d1cf4b30694d682c83e04b39f9a569eec52782b9eda7db0680165c77a1b0f54a1b995f8bd75 + +Square = 5382be4ee86b9d80dc2d4ec58606ac538ba7074d57e2011346f0dfb9a9d6677fe015e4015ed607906e9068a3c5601f0bb77186a9d147416ac68e344318cbae5c70c437c5e1dfc2d6c3c8725198937ac2d8e796f749bfe95c7fe6d0e460a633be2d86462d48290a2f8b344ebcda2f6ad353d6fd5f3355d819 +A = 9236f7ad22da9cdd8c187082c630098bf3a558b04856e876433c570a63d39863416c9890dd089f7665d6ba073b2ce90f88e7d04af96f1c82287903fb + +Square = d68e15e8a46e001e47022daf63d2b33fee0f9d3dfefe9d204b0de6daea31dca4b287a60827bda9de2860c433b77186aca10bf3ac1d02a204ddf8bf070c3c20ea69d9638a865c8843e8e63211951e10a844f8527345c5bb5417e3301a19c929e6fc48902f0e0be8e393ecb3fe0e9de6188a72d102fbae846d05dc1 +A = 3a973dd50d4239f05d86ba25ee6ca8f8ef46424951a8bb89e7d1d6e066d6fcbabb3758ad9e1647a440e51976c0ce628d78b59a4d9e42fab0c723182b31f + +Square = f03a448bc7405d2d54c0ea1a9016d8757d4af893024e542df80fcce448491d07a4b451d67c9e7d9a6c7c5a6155bf156d3cdf8103162d8e0265111655fc0ae46f4be944fdf275221b217274357977abf64316615dafb6ec84c5466f617c4e8d9ad4739f3e5050e583892db75366a4a7d2c4558436ed036a79084c7f9100 +A = f7fd0a9634d14d540daea21c7b804d37de49b7c13bde85c045859ddae1dd3142994e385f455becb7ee30576d55d4dc2f3d9d82e86032e170da1730b2c8a90 + +Square = af945dc2241029744548517dfd7858d42097076b06427419e74ab08071a23aaaa1f5daa6290287ce8e832a0524ba5581d64abf054408ecf6ed21a4f8289c1e4c7a8087384d268a1ccf7ed40e74922a619b5c1f2c08d810065710046190b7cfff33d4f67e58927477500eec54ba4f63a57532ed10c6b861fca9d46bfc3d32640 +A = -3500a8b6d244f1a21e10de7cfbeeb75d57ffa62e9dfbbdba8fe93d17488c56dc89787f13e660d0d7c7755242f8412d00988bfc7d3f6704782324c48691e7ca28 + +Square = a466e34dc7875aaf945c088bac23f3347a41f7cd039b0c9120c2517ada94b96bdd72d7c9bb55539af12931a3a39f6e09a4cd4311fba57dbfcc51bd17b03905e2560275c8bb3d786defeb131a634e86ecb793867355b048dbaf2db8b654a4d50aace6bc9d60de6934ce25ab58381f6ddbd1c063652e283c30a2dcd61d9d776d60e209 +A = -cd26a0c3d84e83d9f14dbe95cc39e3ed2e8861b76f4bf55ab120ea636d8f9efb0b6198986eb52075108d0a5c6ae0ee762f834f3db802c3f20bedf938f47b8bfb03 + +Square = 9f3f4d5110ea1bad21fae923825ba869a9982b753284f1946edea19f22cf0a49485b9336a2af7df8bf2641cb2083f4dce82202162d85a5779a4394213bf3bb3e47356bfc1150e66ddb6cd945092c9af14eeefd2d08b76c5e4a585ed8ef39202c42dbbceb25697f22f9508e7d954d3c1da103818aa6f63121f895e2c26d3d7463aea7ca749 +A = 327a2f6607c41ce920c14e9c9e8a059a931d71aeebc3e05e93107265a2810ec286819a4b2af9d2b70b754bdab6022b10ee6b81b32a7382cee99fb2bbcf6fe85af05e3 + +Square = 50ac4c46f2014a7a382b0d5ec9db4a67f34ffe9fd5410995810d3ea8d7d87d47442d0253c7eceb1799272bb5f5e7bd63174959f9844e5b4b65b6a4920166d83d01a5c2638b4d3b6db7fed99e28b9128dcb7c10be539114c5887842f8e5a7fb743298ec9642e50bd0979156cc6aea9ce802a0c1b14a2a1b7afe28dba534c9933209f14474b6e484 +A = -8fb585e01a0c62367dfa8a1953e553476b1564e843bdc2c5d964864ab2da56e0bfa7f5ce5b7850398451619a061de02ffbe0c336ecbeae818d32dcd40355fd11a7a3822 + +Square = 9214e31bb62f62a7f92d6c7f1453bc4430595a1765b7223a1e50ec30f934908c19fe82d7bb8ef1174bb6787aba9df1a38a84203630ae9f62e08fb4ac55ed329282315937d193992e9e12adec9727ef91df5a065cc5858062c765f34bd2630fd3f654a8f8421b75dc384477744efef3d6f0d15820c9328bf43a43409f6527dce48a92c3e1ef145b5e284 +A = -30587ef092cb9456caa844be9629d77ef1bfe21d2ffd5625ea353beb1f294e38a7fdddd5bf77cffe5caffaf609b8976756c9eb4908ca77b1630ac0d706503c46177c5d905e + +Square = 54bf52644a244276ad3dac90661a1e21468f23a117a1fcc904c66119d86ce98a0b90fd4096708bcefa7a9df87c6bb85149305f193cf5505802172ef9ec343f662a4c895a9d19edeeed5d91e20abc894948fe59c1869928616392f3694d82aabee325b651e1170006ca1fc355212308442a5ec8a8fda4f5f90b7fef2aa731f3fe0f028143ead04490d78b2151 +A = 934b16f56700b455d5791ee8c119b5921976a829bb5d1fedb201e63c9ebb82afe4e29aaf0ae27148e4d34269c48dfa42131cc8b3b78e23ac3e7292eb0d715247a345c800f377 + +Square = 63b7884fbb6d5521c38f7deea5cc131ec6bea15a362322a8e27c762880836cffb69a069a168663908707bee9d83aad41c045bc84dadc6cd927ad62140f8c2fd001d34f0a7462bc939cc8996e17ebabafda95a73483c70191311a6fb7c670c76c9e2ed7e589e464617888d30cb7793e91672d7de9b3b4b1811b2c009dd1c690d44710bbab832d91f16f9b3564a0c49 +A = 27f17f0865513350381ea1aa1545439fde427ccc64385979bc787cfc4c7e6b624b2c77140da2c4176c55dbe43c506fac14b4cd7815e87f3120330dd3003bee087a371f85d6f4e9d + +Square = 9d1c4239accb286c3c7868ad3b4dd97b93774fd0c65e04ca8dd405c0298ec6d1f52d60be6ddb5f8f0389cde756b49b23dd2f0de568a432fb99dbbd40db798261d1dd39bf5017e6dc74cb9ca91f8b2f892c7eaa28485c04a96add206c7c38943912de065be17b65292db5a144f82427016b5e0eb4ded2e4d0b7d12b01cb0b2b61e5e1bf22dcf1567a8b149cc0ef5299a8b1 +A = c88cc5a46bc1cffedad4f45e66fb55dc4347eb2a24a09878358d40fbdb03e738ca1d54a1d26a777915248fd730daffb0d3b5305684709db0f258f581fde06b11a33a3f76b3fa53e39 + +Square = 789545f15fded8fbf0b4275cec30c3ac65eb42ab8cc75670fbb2ab0b4cd90ed41a1290383b5f14bf87a88c67ff1e04d0f478fb11fefa64e86eae5777855ddeae451e166e23ec30227fb4021d51ec7cfe4ce531c78ba1bf6c797dc73f093b0a5a5aa59ad8de3234808e776d690007c8c332b3f03331dbdbb8645b91552091afc36c28c3229220b1a7966c7cf13db6bdbd4673440 +A = -2bec94112014c1a506417e659157192dca1df58f933510d7a8d6f6feda5031d799a66d2746c09f827199ad9fcbf11f323a636feff5806c9fecb2ac684c2870d60c8a72358562c4eaddb8 + +Square = caa64c9f6bd66f76c99604d1f2b8a29a9a10c0d6a41cf32b5bc40edd7a1d97b295c63aa62c30498f15d70e427d5612ec3f6a2c1f2997fa9283f48018435fa6092269dc2e4ad524cc6da9689302f5c398d79e2b2d19470ea8240db9df0bc0bdc911c4d53f4f24a7ce44ec76378794d16d367434b4f8b6184c7651db77fcbebb8fcc5d3a51ee9739922cf20d4a8888139fe4669a164400 +A = -e3c4a10a64b7e67d786aeb81bb7ea14655637ce963f46cce59bc0cb6b5a9cb9c92afec3d527119db97bd2605d315cf28198992b4b2206e5616d3c560bc8163f56cb1f5626a7ac6d8427520 + +Square = 429e4283af7f895fe732ee88e4904348ed01bf579a93cffb7aa8e135d41cb9be218f8b9a9cb4f556124105cf042de51f34c8162fdc7a981de88e005a014149c955068e87214c174daa40fbc618c536a6e507ebd313763fba197059d68c69bd39933d614b2c32f235cc955e335c4a37b9e98cd7f98c7f26ea2da932c7f82ffd95be22a7741da423123f8908cb188abc26afaf4ba6d47b56e11 +A = 20a5e2a911627544219a1639c3321bbcd6192a32129b248cf62351f85b7a719cb275a4e44368a74f4d1a307ffd27ea2cae4d8584a57070609a30fb4e365564908f3d501b53c1a54f0e37745e9 + +Square = 9bcc8d423c3fdfaaaabe24a910e6ac3619eaa15e23b9f317c844d39d164c952fdf5c4bd270a83f3902e54d3817fd78c96018a706c1f652025dde0b98afe35597e0d8782deaeed23337ef6b3edc9317d54e3c8a57e4e7e2695f9d2681bf82927bab193ca1f135bd0e542696772f08520faab61fb4ea6ff0d15bb91f21e68bd7f084a6b8f24a47ecc30a779ee86610387b29a1de94de517f81318001 +A = -c7b60f4c355f2ca3937ba3c124eea2cd8d3536226a44afcaa3d17abe931c09ccaabf25a1986b172fcf46fb02a0fc36f2c163b6e42cee047c54ab05e9d30f03f6943b9fbab83aa6da12d7898c001 + +Square = 45df25540de94883dbc182009c29fec43627d3e5758e6a07cf40064e0befa0df184528a84757b445dd079c2b0feded48b651ab18b4bede2a81796be45caad0125c3692560d19cd9a6c8c0de8383fea0bc1ab46f6aca4e9c36b26575cff88fdf1eb1e13182308295457374968fe3a9ca34c6acd24c753fb84d41246614789dfe154faf34fc684cd15035dc9c1c6b0ea171e089e0f3236840e355bd123ac4 +A = -216f8a9a3e54d4afadf368c2693743efd3eaa4cbda7a87cd07f5b1a713eefd2548343e7f091ee4d9d6ed1d4343c06a0597db0eb5194b91bf2c858210557a8288c1aa7b0e0607a24dcff9de04146d8e + +Square = 5cc707d97eb107c5c40c0f19fd432cbac9855f280082802dbe4deb45bfd193ac7a9149fd12c4ae6e9282411e2f1f2ca92135424f215b800634092ed4ff2859d16ab9fb8619ece41b50f8888d3e13773d38789e19158e18396096dd57fa5470f50b391c22378d980e59b4585f013e6db52c1e24c14ad83262fd37d42f52323896f7d4cb3e38868abea8a07e7ad3f90512eea001c5147645bf00396cb0e7a553f1 +A = 9a1d1b0beea76e7f32bde9f4f2c8bcff9094db2d32c04fb7ff43624b61033646e482aa0fadb9f8b4225b47121070b4ee5d6818d3606ed775aa631e0ed42da68c2a09dab26b6a4d09ac226cc09321fed9 + +Square = a32fd053eb90c365e77ff47573a24add3b25b4c301f4c662dfc1fa635af8e18e7947381989b37a9c9de2713ca438b9f85890b7b160fe251933aa7dad1c3839d502debb42ddc927fa0e9b40c80dc3d408889be567699a856b1c9cf3a393b3b818432e95feea825c17d0981b942236b3779f2acaaccaf9a5817ca47bd03045fc4de454d8f1d4377e218c5f7ece369aacc35369ab57a71652dd42621491834119afbe729 +A = 33190b787a2c3327b122d1f5823bdee5c93b19b586ce1bf79d801a19b2558aafc8f6274d0908bb7a8362f7f71d3fb52b8ffc87d458249caba7af3a516ce868e8a620e3126ad43d6aeffee11866fe77677b3 + +Square = 74215d33fa398e21c34034af6f9c7af6a3e01982320ec8cf23074a938f1a31543f80e6aece01de247668fe67f276cb4411db27666e1dc8fb2bfa4eb68cfd3563167d1ac4efa3361f920d8dd0fbb7f06362167f5ab5ecfb72956c20db934f67ff1c75aabb594c853fa61f43d219a3f5d0d45274005e3b167cfff5493b0f26d15f85d8e906a0a6e7645eac1f40c6dc637e6d1e061e5b9071a1227469cfb2c0f17ff983684100 +A = ac6c0b9c69785f35dbe244dc85a54313ef836ac67c853531ef5db45b28835ffe61dd258c5528b0acea50f5aa5c0f5d08dcb8d82ee19bc432fa8a45badadb50693fedc1cc79a17d63aa73fe9597f1d4ce8ddf0 + +Square = dce5cac967c47b8a58ed6f1bb1d1e6185e849400228afa2bfa05b9c2dd327b04a86f2a4da2d02ea102868ea0c4da0f3e5a40bd02c87a08aaa5cd8d9358b3a5ebd8c9fc2dbb1268c261f46d6717b0307b993deff0adc8190d32b4f2bf695eb2cc74a6a9a712c5a621c673219ff8a24ded0997508f8f9eb1ea872008c46e71fa97f55b839950e63130c38b49c0ce3ce724a0e8faa9738d2e28ce6e7fc7eab62b3561d2981f314f751 +A = -3b735400064b15fad81b08362b8557f8318c20656839ffb4d2513512015036ab0039442032f1cf515f8c10c9933afe4206a2f309e933d1561b06bc665af2f04f4d064e073eed2280053f56cbeb137a9482c0a077 + +Square = 6b619bcaf632f0d8b1d715e8850c0cbbd29ac6373a9a5e93dd1bbd2b82744a8a50a7446b48c6e215911ffafcda9ed7becaf5d26b7d6df7dc8798d53239f62a482f974bdb654750def1c941c49a24fcdfcfe73881b556a7b528d88daeeaea8d62b357211a1946c81cbf0819ad8d0188f60aaaab4ea2dfef7e9012ade7abeaaa4a23d7403c1248c36aa26b43b8e7de8a5aea639a0449f50359e9b4c1b125a548383af33703f8dfbc2528e4 +A = -a5ccc69663a8712c15f96e6fc746252af89a8c2a6317caef905dd2d8a6d4fe878ac7aa66cdb3c3721ba7dd36da310753dde9801b31d759339ac919a464ab52541bb2e0dc938752bf0f1ff7a9524eb98340d62576aa + +Square = 77ea5b715823045afe13d10416dfd46a511141a7d1279ebd624f1de428cc04a4f246246e65c3f84344cebfa32864de9264b2e54d4b3010c4de9d3e6a27aae8f5f9e9d8e49fe26b73ac7e65bb216aa6a42db36ac03d749b5dc04192df819631593202a58264714628686507fc5655f169483b0ffecf45995cbc12faa105895564d287a9f4b220947d6c93786c85b2ee84a0a29183483f7c241d6a67fd0b1c38c7f74421355a14c6d9ed5720e24 +A = 2bcd67e6bde3f54c4ce0ea428418fc5c97272217c6c7de90549238ee322810dcc1bb9385967673aa3f9f5a5c05d987c6445135cf1efc26b3c17e55b93cc052761a77c9dcb5c22927b09e90a92e053ec1bc799bbe7597a + +Square = 40d113460ca3e70545bf3613c2ba5de5d8485641ebf531a43b6b8bb76884ff4f348727ac6606e026981d2116ef1e60d4b37b44ed7e2003410d7d636b58aed2f92e962003f28342aa5f059d23b3d58a1ddfb47833ffe1d1deee0a7e78b8f7d9d6487f22376664f1ed9ddb5ee3d17f43afda296bead11680fd17576a122c2599fa9802ddd84a2115f9fda03aba898f66e303895f452077c920a322b6aaa0965f51fbb36f01b1d412c6ccf390da050d24 +A = -80d0699a46619db033461aa6060983def7deeb976d1a71f5c6ddb85e8b46dc70b7ddb1d254971d38ca87c7ee3905e63506c6db105dd683375f4239523cbf1874069266c2c0f4b37edcdd261c51088081d25813758bdbfc6 + +Square = ace99f98cba0d1dc1c758dc7211aa4078a2aeb6d3fff19bdfa6981ded0982b15bac792e6b542ae48a86f9b40c6de937e402e230fcfc390b10c3e60202dee1337ab39da7a342999487b8d8b0e494f2809cd1bfdb39209da5daa590f78ded211b6bbd3fca9013300b951d8906c9ce8d1c0dd9554d5d1d352f9784f822c928dd9700ef8a5fecf3771966abb1dc6a70b301461eb6b6087d6ab80a4b624205489584224cf6578f75acd8091fd621d02306504389 +A = -349936d60c9d77a0974dc8985930d8674976db6b3cbaa067554ca6b30b1de33f2d4e1c9564ce102ac6387755aabf42916f63632a375d995913f9d45ebda54bee3fdb7cedee46ebb5c8ae7764e4de323c17c797d3b529230cbd + +Square = db6c73be2a59bdd35dd312240aef18dde4231c72aa28551bb370a87dded587accec2279bea24c930236f06f24d537fcf242497aafcbf72f085fd3ecf030cd750fb382efea0f82ad9d3195680324d73fa99d48802d085c150164aec0d29fdcc3262264bbe72311f89989cc71a4afdac6ab103ab4fbb6e973a42a1f8711bee463d198f727dc7bad848ff8fa77cd3b2f612d142ba46e95bd79a86a1fe4c2b8f9181be84825d05989695842113828a83b826e7d2c8c1 +A = ed01dd49d2e5d51fd30e9c578259cf107771b4ded6bf21f8b9b632fd360e34da740e0b1af6b5a67789fda5a44025af0f1547271ca8accc7a975d98ea7ec3d41c9697018d84ffb5d49b88d884ccdb011f715a199ddc44a4109261 + +Square = d6e38250ab89ffe11abaf8c5d07ba11e9053f1924ee1228f834111af16ed282389d04330cb0f47dbb186dee577aed82878ecb065b759312eaf167c4698eab5ed03a8657341bf5fb14a8e28e3b443a6b657c1f4379ff2549498a33922ea84f1fb19d10866fb0ad07ce1cc44c93cd4d9ec6bbb0e61c797750c6b5d7e8d55499655dde112f4747798f0e985fc2b937a44da9b04c2dc4b0816cfc57da1f80179db653c1ce287e786ed7eff7ad6d1383fc6de8c941d4af7bd1 +A = 3aa2e696ee570160b2a869c3f21c3f223959a185cda2274feea1c829af2234c70a504c959bcc49fe0313f4f5ffd27448e28aa0fc6ce24f36943d334c626459d7e6017339e787ab074879ebf697a93ad93835d69ab09294d007a0837 + +Square = fc39360cc0fe040b6f8340e0728c650e5e74cf1664f7b301e79986fe066f36e8df34d38d1a06b74a1bdc76867baeb3f39a9161acd200bc7532fa4aa0ea829377659646f073db82ee044279ae5fd797edd37d3261970819589853cb320887a085c4011c23d0da9b6d6f1b5911bb3399146c2912a967ab3b3f611f0bd52e00f418e6a6f0297fcf5c4a1f71c6bb8cc8e1c76694bb7301502d1d00c8b6c05bfabbf5d350590561abf3e2b1a82e98b56583e2e4e25cf707320a0e40 +A = fe1acf3d7b54e718c901c53f365894c22c8bb4182fee8a4c2558731e01e1519bfd1bf6e353483b8c4219453fa66f06063c6c99050068c15cd13cd1648ffc42b5badfc70f6fd4a0a5552fe637e54c4f92ca45c60cf9a0163978ac08d58 + +Square = 9abf1324ef65c726330f64643a024c466fad37604f4dd3dfc404d31c2a430fcfaa0c78283666c15a094d494b96d3c12de6e29a34d2c99f4f8cae8217bcd2a989d59807ac68c46d60600238a86155de499eeb35642d0f581045481b40e4f0a76905f9b6bc5b9585f77f8410b99333f7ea983c3f29f3fe66ca7b793b784a5a6a4f74512aa4385dd1e996832b1f41bb3af965be58c4ac5e867cdf8dc6a4f9d20a6f1e16e153fcbb45ae5fe8a798cb06a4ffe467d6b6aca2b31f335a344 +A = -31c243593ea611dffecc65d1439db345b2e89941113f9792c91a76b4890db6e4dbaf1482ee812e295d27956e48d07a14de38357f15b5931c5cc08d1d248df7bfee1cae5b5ce98984c5043a3e1a2b449ba1671bf1cfef91011e12bab94b6e + +Square = 66aee3e4f43c672e0478c76e2092bef33e7c60afee5d4c7defbcc5c0c86d8fe956c90a740cebe604224cc3f518463b1208699b8ea2316315474991d0f120ae905a67028492cf46fff2ae244869db2a02d06aac6ac6eb054fb3c14c756d8a3e7ca64f06586e3e86e4477f185ed527a8aea6a3c741f3fd4b64a2ee77ff140190260c431cc53f411fb227377c02f85d0258a75bf6d44dccbb8bd04ebdafa115dd55b176b6eff5567e5b1bedcae15110826574053681fe25a695ac4540186e90 +A = -a221dfee30286adc076673cbcebd24a41a438a0a7a6a547c75d33149cb1a094a8425feaa5a23cc234a722db4cca8d5912fe1dfb6db4e92bd87c12f0d06b6d954fdb9b172955412b2eb5c9fa3b4df2933390384fd1f929a2b1a8dac479ec94c + +Square = e880f8655b51739e34393c3e6d69d63e0256b1a887f7e69f40c78d21133b17e92277a136f5e37da2533ed599efad189975d22ad0340005ef58db0b471651d749dfbd48b3f7b3b8a42d4677048a855e99dae6c729d8bd7eef86911feca9f5490dd216b06d9e8d1ab695c1081e72449baad28dfe113744853382901e6bdab5413c67c52d6cbbb2e0bea711edbb3a219a4046e8739c04729cf8c8210028dbc4087737bc6c1d7e0c15ecf16774690168342b1372d3646d4d8696384bc932144c98529 +A = 3cfe075d4525a3c780d6d05f7bb708b2fdf7277a0f9967e0a209fee9d42136a0bbf98660d8ee8cb4720a8042da09f6271c45ad13db24eaac465f8207f78629e9085c1c890675f441c78efa38e5022b1b80afde5e3fd08e55648f2817631eb6cb3 + +Square = 8d6cf4eaf58099b1323fc598b7554b371f4afef5ab501dd162ab8429333d46916fe15dfc4ed6a99ca7fa7fc1aaa0cec3533b41e291fb7f69b560259507226eca87aabd07b1ae2eb93bb53f98fec508f051cc04db4a172901e06b74229c4fa3f550a81626c7a63fa99d41e46c2cf792287a5cf7bb68946971bd43c7c0356312cdc25e524665dd39a24b6464bbbe64fe8e87ee313b860639728a9143c3a6118bc8b150dde6c10a13bea637fa8873c393e6338319c506aec6ee973b4b52a272a74bb62084 +A = -be46a8072aa44b3bff0f90c81474dd576756fca624c15f55a17e1d0bd2842467ae000b04f79f561690c93ca7118ce17ecf830a8da3678c15436876d2a74324d9714dc8ad8181904be657d7f1da3313b78448cc06e32299a09ed59bfc1961e8bd722 + +Square = fbaa4fcf9800673fbd3a132305ed3e14f4889518fb56ab82aa5e9b3529b74d7f9a467626d68f4709a2030264aaebcf05c0a0edb511e81f357d85b79d925a24605f1bcd4645915bb75d363654b676266329df532cdb39152fb360df1b9500e0c296014289650ff77faa78a604397a82b34d16484e94a8de123fe720e514c88f11ec276725111563db91477480c3245542ec6bd0bb2f4aaec02c6c4eb1769030a31b05da3798c224c9117f7c38d3e98a343fca03ab584ec2d7e6db60fdc4273c3d8e23cc1ce09 +A = -3f74b25f2a9c4d8d977e69a4e067f9fcec281136a508e365b282e5fc3b1d097bc6a0f59f7827fb90d4890b08840a0a1919032c67448f8f1a771f785a0f125a4aa4137c154fdb489dc1099d57bfcfc75f4ca5e69f93f2bb87ed09cc0dc620d3e76ecd03 + +Square = 5135becca97d93dd4b16a5a1105ba3a3e3fe02bd6a7c3cd182186fc63ed4351641182a2727ab6715e9672458dfbc31aded4781fa345054eb4c317872e2af6d4ed64b2ca7e8c25e1e664b5349df937118632a64e4ce439ffc625a5ad3358270dc83fdfa73c7afba03406094fa36d87517e5e2e1fee5526fd2dc00d9210a0f6c3745b3d4bceee5f8b03d976d696c57a09d1e08e4ce780972eca4f2ed6500c23bf5782c31f13059e48246180fd09db693d2fb5d48d51846ece8beee45cef7efc87c003b44d7b137a900 +A = 902fbe2127354a7df5cb7fd057f3d080a7bebbdb83c86a50560b8c287a37a841bb9c8421c63d359078d2948b6b57559f98fad8f8014f93c912cb70a6701c4dc4fc5e88aa413fcfb685c32975a8b72424742eeff8262d28cebad00c5fcf88baeafe8f6730 + +Square = b5976cf6a6560412aefa6704b126e0d987dfcedbb4da436c08ce17b1bf1b6e0bab9f934abb5c4186a5415fa38724fb8fa341d381319e7d768209ab108c8debd99075d31deb3e03ff7d23957d4f3204d543b7d9079cf337be3037b1cb4908fd8c104d92e52f041b4cb27c045a741f4d64009980e8d27af75d9493920ed98c7234777592d6577f2d1b3a0eec645ab4cee2f28d9e4efd3e4514db6796487ba68a462fa0e316e1420d6604db2b901de46553546cab42976fd0d459afd81196275cd88ec4dd448ff331bb35499 +A = 35e700e034950bdd7318d5b3c17e90a4772ecdacdb055b9391b31538eb823fc8a4599f029e78e4fe5299ba1a423a449dc257a431d189dd5dca275c02cc1f12417e111c73b731631d8a1741b907dd8f24de226ddf9e3044cf4064e8e51ebd55be774be7ad2bb + +Square = b7de0f73397893a97928e266bc56299cc8d43b16a251992662646072b58fa578ca80f7be1e12619012b130e9514be803dc166b12ddfd26f558d36c2053ee6209b01458379e49469753300ef20f6b3dcd5383b121861c76ab25debb28c448ec33a81250d05f7eff80a5a4133d522d270fab29f739b607395a77278609aa5e1a55ef58d1d48492b71ee30a24a6505aab1a3ac22b9d143c9d6781fae14bbb980fe3a99dfa9a1a406611d7d0304493342f53faf5fd79f9c96b9583a219a1b22aad02dd58f32ee98146b3a8cf054bf9 +A = d8f4d3bcfc7eebd7068b851858c3668ce062a834927e165679b49132d4f780ca682876c65c7cf2e7ce34ed10e43696477da6301d13f92abb8c76e2424c4bc28a6565f15e59563d607b852dc946652b68fbfda1c3200ecc2976400ce7296b96e75fb059a4c8eb5 + +Square = 5ec02661f49fb9807bb73debc3c6eccdac1df1735e0d61fa7e0eee07471068a5809796a2af490c46a77d61f618b44a3168dde67aae1cf9e530382411056958d55bd18f0e76fe2c31c98b00f87fcb7f5691ed5b65424f82204156dc361ef6dec5d44cf690582599b3994ee47ef42850d5d2370a4169c5f73942657f85422ca24f66943877f73af493c865fbeb29574cc1cc730e9bbb097b598574f6b90257748e950bff867bcc01bf62f8df67d7aee1b6dc1d5db88826e86a3f9fcd8663e09cf8393ee71a09c43d0d38ba6ef643f4ab1 +A = -26ef9b6708a80d00f4d01e0f0a5546ed217085ff23519819ee89af430580ea1f086beb0eb51982682c6d3b922a2c92752dce63657836223a9d94964bd584bc8e37c6e30fdcaffbdb128344d51a92705e1c9f94205ca36452c15a08f7e62e0e02479ecd48085de8c7 + +Square = f6364409467a829abc2b13c93979dec84984caa12154b7cda2f4c8d91bf24ad7c45a968ffaac8d6722cc26e6aaf52dd29ea2f09370ba46d79684b7a06faedcd17136f35a58e5b550f3a2caef7b195d8409914fedd3c3154101bd735155098e8b10fbbb1b2e13555d2ab5d5b52b203d4efb27e498b240f37178f2e89b413f94859b0e8b2ec10b926c8c0b6f2937ee2d0355445364841c7e0539f7073b88c7d568edf1b253f3c10627e22c2ed731b7d4d199449cb0b5e7a66109932fe2c9cd741d75170deb9f98469049549c10a7a622bf6e91 +A = -fb0eec3246e99212879e51b17ea6615275818ecc5ea3058b13dbaba2576ef90e1519e3629b09fdaeb02661091c395c862b848f6326b9f536f7af45718c4412f09f19261b537bca36742d3ec66f964343516aae2ac27e249a15beb545b447e37b4062180f6c82809429 + +Square = bc4193ecb5dac900191e02be06297106155c6840c4908fbf6e41e9aae137d53c3d4ffb87f334f49837dc4ab7a66299994e4f5c9bf6ea03e7db663bdef066e94c610580a8896a9ae9c8f6587eb83d789683f5d6391bbac3a1dc1de60b4108428e6f5fdeaed6cd3e74fa01f85c6368023b61a413b69b14276b66f22653491e4f25790985053d075387cb13c79dcf963b6d880d01174314921afe1cc700c02efd2979dcbc59c417a6316db9ac45a2d60d2a036571bfbd75f9f5e42048ca086cfb4b818a9beca4a6e0ed51afa320ef3549151fb39e100 +A = 36e1f16043b4c9b4a304496c39dd63459d6521d2ac92916d348daca3f972835973fc8d21b07b09d8f5e3197b39a8f3fd0011168b815d67c48143c413e169ffe0f56ff2cf8b6596bd0a3b5b7a6b9a14ffb797f350b7e6aa7020d84d1d1b8006850139795abe2c74f03b8f0 + +Square = 4cbb5bc1dd7112326e2c94581f19efc8fb25339a299fa9c007114c3a22b395e9d39a8ffe21134e97ad1b87b97e667ba48b2a40af61afc81fb1e20e8e38c7ba666b146016af4dff3faf5de306591e5ce6eddc1173fdda6fe241a9f2fc6e054c41e56d296f8954377df0d140096b9e9d6a5a23a231db4dfab0cabfb11190c7a0d1c55ae35203836d433da96ca7339682bac0a7edb8b5b4dc267c6e83ac9b67a0d0d564717ee3c20aaf52c0a750f3aad94a12537c6971ee009d0f82ff576e984b06c7f7b357f5c049454e31326b952af17aa62104780e9ca1 +A = -8c279ebe466de3115b8740f3ff9c1f605b4eaa75512d82fdc8ca5ce84e11a68688154fd603ae1d607807dbfcbb822a8dc259098842c6a7b7ec350be29a3daa20fd5b093a56692e9d42e7a389c4ad2122a74205f835e268c9742d09ad36238c34e143f6e2ec69c0f490d29d1 + +Square = 4f771ade09cbd1a033d2bfc6036fe46ae6c12acc6f2b9bd52e7781693fa6358cf93089f23d1f0ee6fca476a43093b9b52446f3a7abd72ed0ce9b562dc438822ffd84bcd898ef9d092f1b0b7ff89c4fdb33d8715dd4a0d68ec49ad41338fbb62ca87867d847a4d99310641a37ea78b04c85606069d0c0950484ddbeedac8ec6f95124e7fd83da4e942d40103bc14474f5cb125fa0b06cf167f076979948003dd8dc3711923f5af5beb5f56c0a48ac0c5240b62738c1cdb06b87ac3dfa17befbe938ddc7281f6c248c41a1c7b99b93f69fac83a46eb298a9fd8b9 +A = -23a845bf2007ba8480e3ece0a1bbaf8bfccba6bf061e3fe1d8bcbcd6c761e650891c0958bac68618a1f55b27d2bc6e1e1b50afc29f58e2e034bdda8405e5378cb5bff0d84efcb458c5428fc607597d89d589d85d90f3da4b89a64c9d1623b98b10518a6f2e7d2295c37527026b + +Square = ab45d12a4e15a294830741f4b9d4a14cc7dbed1c3454612047f890211c749d92ae0418f11cd44acbf1585b1f7323b33ac9a4b13c44e1a7e31b0dcc1c6dd4eaa12a655b5de08f3b948270a152db7d9e04dc54677075797bfad6a9a0e3958458d40e3df5e15028954bae99518de4dd3adfb2ec4b38897a8a4e4807849e1416aa4040c95a0e49a8d2889f6fb0537875f87516c3723e8d3b46da8da855929c67c0eb83daad62ceced52b4f52d2bf1c4e34f26bf16aa7da3afe0f5df76c0858ed98f21e1fc3d01e1572715b774bd5c2faabec5fa3fa59a7a1f32565a4f1f9 +A = d164d875e1f766b4567e9228241213e69d6b6c58620600166fac56938c5d9643932d01f1f4a2263dca4b9ad26dca1548e4b5b7e27581a63375d0e624f4e4c99b7fb9aeb25307c61142760bc4771e48c7ce38f5eb2408def632096fe40b80d488fe17a455d80edfc1c23c429775b5 + +Square = 5ae4e7dc5727543af39ed3d5e9ac086d1a2220421231b82f6f41caee7b9815b4049aea0d43ff499c6c9e1f226f8641351d03f37731c64686d9a9ce68e9234d6a762efcffdecd42f81044111599963d9b6873cc20bf4c8284fae03d2e4f238a14a74df4388fdc80fad0375a5d0d974da7854ede5896ed2ab25d2b49a3c39093600f73120e4fd2faf75381854f6ae80f81b977f62fc72f1fd01c278d183544052b77bd753dd88ffdf5c01745521fb8474b5c23b0b7dc709bafeb91cee0863a0c23ad7192c43cf15fc181d629853cb9b8334082c915dd3d04e3a0a81511d2e84 +A = 2622a7bf45ccd3cd567c757f4c5796b5a0fbca555bd0ac2759c24083172d82d6a887dcf93d9788fde052cb20a8963cb6db22bf5eee6151600f9d1896a7606b11a1b100cbc0925bce037bcea57e361efcc560a9abc495d7f7f45831c6429ac8f979dedc08c304f4da9c0d4d687376d5e + +Square = 473cc933f5a650a4ae358c7f486d325c0e20c83b54838fc08b6ac3ff010f7c4b6a609bdf472974dfc5abda0c6b33c5ec7dc4628d85cb4276108e2b0bc4e19cba135533b3d7bb6a94332aea3165dccb230860d2353166b9905635e606185b014730e9dcf2c433e18cba83859fb2eac4aabef68c8314ef86dec2d534a184ebc4cb193643add0897341690cbe18bc2e775327fd7d71ffc7ebc49bad83cd68394eb276b2e615ec430180303010a454ef73b6a8f02bc48a1fc8a32f8150ef1b733f07da752b8e808000329f4924976bc8b8573927f18ca7c88c210845de6dcd0dee2904 +A = 870b2c4b054076d0d02877b19fe1210a8fad3422b00905a6db748239b8e807716ed9fee0d8c25496593717917edceb5db57f9960bddc1956b6652868d6ace82827bbbada5ae8c15efa26fda22657126c6300906f90e8fabfd58ddf312ce0eee760e0090fac44f00378c676115cd0639be + +Square = b151124402d2f04b0e6599222d380dcf67b9716ef50d2d9ded0b21521b34a7294171f71b41762511b7cca93d9f50e9e30083ef19144882928011dbb143807d1b88c55eea6b19f0c4180023be6da63a59b6bc027aff3f5abe2f65c73b2de1e71c5f4b248bc4547040764e83a860cb3f882bb8b5f7821f92802808fa37c50f2f94d8f56daca841f42d3362762ba843aedbd03d3cdda887f75ba92423965ab4256eb842ad755aa7a2af331b488186f891065b07f5a299c807dc24fc176e085a8024bbbf12f386ef49ccc91bd4ada0936b6de78088cf5952ae6c04f6916799378bc0ede0da4 +A = -35439da9e361700152a35ebdea253378a1febec5f288e5b2bb0bdf25b84751b47e4da5aad7453b70cfd6640d5832237d2115575c738482ac6036c5fc21a981c0a7f979c8d621a92c02166b777475618aa6362a0e225dd6138ead3b2766ed9785ee01e4950a863d2fa0b7f5cb4c9a108bb626 + +Square = 4ed7263ae5beb0069f24318b38afe951a5a058a2e960e67f086c9680d0cc6d713f943812070bf94152f7926bdab9e5908941261244542b832f458f05ed5dc048c8b9eb84c2a85efe717e257796b4ca816948a6c8ea209c0675efb2fb5af4622b44e36066593db01b17f4dee21d7c1337ff41436cd0e5a8d01e4030dcd3d49839e59996fbbf1d39bd205343a424f2395b4d3eacdeb9ed3235d8df0dd00a2573260af63db3116a7c65d1dc69684a05caebff34e3d2cba9d4869a953a7b1fce10ebd008cba021008ac3187bba846abd7b39a1b97c9c07d8080549e313dd58b716022de3c1920329 +A = -8e1141dcebae61d5c4d81697f001d792ee2e847c589816f923f0ed42bb4de0d8f911b8ca47ffe77f80b9da6896a9b42f0030a3276218868bbe1a3fa64fb0a577704339af5dd82e66780da6f58900da3f1d75ebfcc302f78ed66ea3c7a737898a29b1f2500686b43bae1e6571addd2842cdce4d + +Square = b09f5e9472cbb75070a67d025957fd5ac3be89c41e4acbcd5f75780ca459562461082c3f19c5a4a416a668b0a55f31f74cf2ec44555ddc43fde64da0ba781adfac4520dd0f78d04d9d2fd33d8b49c72663a6bc845015523e2e4e7ccc69e5b748b8b891e4089420bf0a3f6032602824c7230b5ff95f85a688dcdcfc890af3384710a9fe32ecf9ad7c6cc5761f13079b19d7b2906c7e63c14b64fc88c6f4bd7c41c0356c777d35c3626d49db8cb2d1e89ce682c7fccc3a459b08c20c4e5fc3a8eced9b37d01bed5af6ce9baff0d2b435e6e62871fcb20cf9ec10d1897a5c76e73a441e07fbcc2d9f4e4 +A = 3528e6581de547de385c93ccf1086a17614f23356a918b25bc6d73656a2302b318963bb679c9a93357f4a4f614e74f2e5e88e9c8aed8a6fdd8434630f664ed15ebb6095cbff1593f188a12f4dd6087a85b202f6c24df68ac3b137406c88c5098faf47d1eeec0743b35baaec7dae29b5a44eb09daa + +Square = 5d5dc40783411475a4aac7c1a1eb760f76fcc6ec68dfebb754251cf499870654cd309422935ec841e6be4f5a15078356235c2b8cbe1ae755cd6d814e811072bdb76156b83c7d2064a202ff90af1e0f88f5889e5729a3cffa9faf33c463b74d0ad21fbb4473d4d3ebfa8a52e9c209ded5ce5131b12b69747c365146fa17ee5810e0dbab992f9da28b6c323062484d62472232721d608cdb9b5a341a677e2d7a6e5a983247d9a4001e16687b489b10b18bbf205f982b7ceee27cc3e9c6641827ab7952373f15d36e5f177b82d7eebb3f5054e12cec82c5f520a2675afdec6cbf6235d358c2fe73344002e400 +A = -9a9a19fcdf11bba84b0395088c5d187d84d69b68b77bc6418f63c88bbd8dbbccfe02917d814f9e2241fa0709817a0c85bd554fe887babae7439d96248514c12d71587c906247b3e965e954cdd57f1e51f1979f73c3237509863169efdf281c1359488daad3d9eb990a50ecf4d3fd25d4820077832a0 + +Square = a4d69ed4c4c9c08116ec5cc49ad458f0fb2ca00f356aeb148f18037bc49621e14820f325af39f3954bddc9cf01de7ba1e443088545883a94c04ff41a7ed5f65676109c5b711b4115775489667e00aa1b77f6dee5ac5c1789bc71c9fc797abf41c7c5ae3e2c1cf82d5b49b6c0da25190dfa9360b99b2f63444d21ec6114038b8284bf598eed24a2ab2b9802d6edd5b0fdb52f60621a87a14612844ffc71ca98180ff0915cf75f47432f73d28dfd7a932a125095655f07f50722b1673df2cc4f7566a1c6035792ff3f02356b9b9d25e905121df768dc6a1884cf5483eeb813c1c009fe4ed043febd61800ba978a40 +A = -335b12e40bfe0b847ed6ec143490df33d2e64ef4363869cb78dec008cb5cd66ea671dba964a53e48267da288ef4040e06371e1209691b81df02f2c86a79cac85fdcbb6732a1e5309fbbdbcd899fdfed18518d47258c9e63ff7f116ef4a8f5c4867aedd907ccc7d222cf8087afebc108f2a0f197c717198 + +Square = 74dcdacc1a4f02a99e3642f54f9d917b117d2ae8d9c392f8b6dee53fac66ebe1680c8e8cc29f5330e0eed3f63d10980060799bc37b34c93dd7b384d4ba30a5b5d42a145acc412ae838d7b9b7137637546d1118f7cf3eadf88b785f0aa01da8638f027c56faa16aba8591b64b45dae6138c9a40309b2ad29c5029a867465f9c6de8fbc5fc4b0442c8a8946272667c7622454ed6f2a236103bed7697dba20db84b5154ff3fbc6b4b9eb67ee43bcaae741d87ee2093ee67defb8eebc4a4a22d97a4e2aa7d4c31a1c88abf4a440ba4e2a5e40c4d903ba5ee4d80b4e8dffb8864bcb9806e015c1ce16490068df87282393111 +A = acf70350e554732c1972903cce269b215e985ecb8d6eeaa67fd5398d0a1b57c0db63368c0f8c2288c3a0466e2b3db081106b90920c46462faf00b5bd654f7140a689b78ef656a26b82af8dd1988f166ea04e9aa777a094d892bc7da4bc7bcf0618526f496cddea6d67df7bb0de9e99a35a0b1b210ff07497 + +Square = 9668b9e40a8bdde3c93943a918ca71fa0009cb05a1f592b2bb2c6c6172b2950719bfd80cddaf45d044cbb6aa99715046088f40ec6812945885679231c07f4200023548ead086b834abd8c8f8294db28b203329553242fd2f778ef5cc5ed0b48c7356d8c2d782a01809ccdb6b012896617f11d963300e7bd38ff512829514d94343476818ddf9d712bc70cffe7f767a9fc75a5630e6250ed45e6831b4660eb49d47dd1b8b6a0dddf3fb3ff0e12834337f145f741f70a2aa43769af50f099e004269ac47fab79e060800dc74da88141adbc46c15c7330931e3a2bed9b958f78b30214f81a64d121f96fbcebf7569fec0cdc6b11 +A = 310e7a40667d9d5dc29744b123cdf6a663a1b995f62fa9d4d853cbae0dd23669f4778bb2040317ebf6a06ac6299b21067aece5c5c1afbe6e789d656745ad66464991cada0eb237c6ffe991cac4670bfc90eed5f8c75073f4f846ea244bca0e9502ff56f8e9bc9b6caf275aaef38e26566fef35329ca45392069 + +Square = 49e677c8b052b7db97542948542449af47e14248021f8d3d3f92b9af41c803072f71050f16dd848aebb270affc47e85427a7c73f227f0d63f140d0d293157af0d972eb5b38de494fbc78ad3a4c3d1ab40197bc4427752b6102d1ced6d6cbc9d7caa0d1bcc57e708535822180055ecc9d9667e0590274b778480a3720823e931ff6daef358b1a1a9092f1f05fbb5b10ad5707a124e8be63bc696f083eb74e5b4f0e3110de8f297ecd30dfd2bcb010dcad4e387520d3d00365fc51c2a3dfe064b1ac77a9295f66beffbe5dd4333e5cd823b0f36b0b94d66507b1d9381060980f62f38a62e38e5a75203233bb8d64089bfd100f3205f1 +A = 898b5f3655de74cec3b0fde2ab03fd18cdbcfc3eeea48ba39317d26917130c2b78e05237cb0454ece268f091cab699fbcd51ce341b53d6ec0cda5d0d5388bac25c6517214a39d03450ef8502e1675bfe8e57bb6086f10ce4cf8ce65eadc865b5bd8a00dc26394f3adb2ace609149e3582cf44246184b2adc0ffd9 + +Square = ad00f10fed55175159b2409dc80899f9113ba7c8099d0402ec0f520ab4aeeb46d36369494a4e6fa23675adb38148fd2efa082df5094c0acfb77a9ab6ba7a299298d69b04b58011c35325f46b765e580b5c05eca721904f1fcc355dbe39faa92af5c9a6dbc4ab80e62b815b45983d9506ebd52b9efa7a6b9da352d1e4fd6ffa81d3b4596a0c14fb825297da361461ff2240e4378340d2ae529932d78f3d9f6b3c6d65d717e66122e5f590c50ce0a5d81ad8e0f24e104c0913cd8d0eb2de4c8cf62a7535bab5502df3fba08bb4dfe73d89c8b00edaa7d5f3274be9959e7ab6b6dde54f2491728a1dc11fa8e1c6a95e67eb7617e9b7471ee40 +A = -349cc2a5658fdbe9ba5c350d3b25baa38b1ede01926694bd550d36883e53d8758e8f1ebe83e2f4560605510413a7d880929e2d9cbc2730b1736dc2689cf7bbcdc68a342b6398e547a9bd67cabe298796d76b98ed4c1dd9c22e36145892e8fcf2258529aed24252a70b6ca8fd2aad8a84becf7e1bf98b1e9bb024b8a8 + +Square = daa3835d3189ec9ade592e6076e76d441838077a9431273bdec02379b3a6ac38aecbbd57c3755ea58ddef8105ac28f2ecc8598ec0c4bfc9c1c80222fffc776722eb0621cdd8a0d55f08767fc2922282a76e529d81e4d6e21a2542b8c9a403709ed1132e3b52786b81e684591438fdddb5df2f0b72e6b39cd2db6c0cc55c759c2dc1b6ccc20a5cfd10c6fd345fc766035c7478570d4ac534db3fdb718e2bdad3d096b137bfc09a562043800957e2afe4fdcfe292881f6189edfce52370c0438c2822ce3b14d73b3eff32f7e5ca97e989326b4e3a8fa35544193f8590bbb0ddb1f914894ab87998090771a0be1fd23917cd792be86ea0b98e6eb24 +A = -ec953f1b7ba7d561edaaa23076987daf86f50e9a66c36f0993290549a9006dd9d424885c0fa77295cfe34fc81c5edce9e2371b3039ea18d8f998d1956196284e6d81eb1c62ecaa8cf3fcaca28ca7e64342803c8dc3c139080bdd4a1ff30d7288b085a579d9e90903bd363b48f2072bb6fbfbd9ba2cab30a8a63784d246 + +Square = b33f4f3ae453058f4e865ec78f0844bab7af66a97dc2f265ca73ae2232777474bfdda39e10652d7386c16f145272192af728893c3d8a8e92c60d77722b924c30269ff5a399a2449ce15e50320c528c22655ad06227ac4efe5a993179ec61c2fc9115f89d75b53961fd16f7797657f6fbf55662b019608a1d30f64a2c0838e0018b7526921fdd34fd462bfcb2462b7065e2bc7abd57d71371e45dfd8fcfcc00a71f7e45430820747c9a060b72e4f6d2919cbffd00beb0c31a2bdc32afe2cc540b38dd04a2b73ae5ba481a6e535f37a757bbd6aaa972986213afadfa47cb7a15a6f1d443f93cb0ed824a10b4b7d82cae524a096b65ccb39be3c37c07f59 +A = 358da59ef65f62f633675764e292e5a68879df24a4727eca1fc4d232b3a6d936976c92eeb11456b5e8c11319838c145c6529d2f3acc828e55b8274bfe9afb5db241b102715f8e8164e454ef39f13ff1b37cf367a5a66c4f743c750896b7c3c29026e448bb36c6c06b0d9a3d048086ef0c3cd922a02e794223f388b5d646db + +Square = cd4246489f6f221f920acbd8bdcdd17f47d2b77268f72254de4190685c123e8c5eab8517fded1852e8316c9e549d3fa355142d91b2921a3c94aafd8862cd2235429340da38a2af131b8d002f17662354f5805f6a7af7afb6dbd2f641036600614cea42bd8b24d86a5109eed29c0865a5f30c5291b1d1ef3223f9b9826dee773d98ce972da92daa19e843f84ca5f1cd77925a3c1117242ab0fb509b94a83f8de4fc8d21f856f37a4d025b3024bd0dbb6d8acfda4ab2993fd6eb7a7448d4f66ec725d37f0eb14eb242c0ff3f0c4572ba6b98a4ce905fe1b7ca3daca56c225171428c56af938fb66b37e99e54139157bbf41f536989ef813af738837afcd62290 +A = -e53ad05c88568f09f616797f0b7f2756fb543d691ec2a5b645c1e5892a247302826419a35b1348cfd2c1c569c23c31b4c46d6c57d4a488c29ab5beb77904d4adfcd0a01ea0a26bb0cc8790441cc2c8c900f030d7315b4319f1a3cf5685a140e03abe6b94730ad79e8de1f4a0cded86a3d6cfe2db267fa7dc9b2bb32872a90cc + +Square = eea8028b26e0df090504d54da714a6f5f2695202e53cff479c78aedd47a8dc676243ec586740fde53b3eca9ca02b91031ce766242184109503fbe25b1b6d318e3cd5970fabd16dfa22984dd2e9f1e0f14c189170fc69c031d66663703e6235a942d51a4545bd7b0769d01d302ce2b00b83f01568a1e378f61fd0ca6201b0490330580cd9de85719e174a71915d7efbf65cd73d8f4e66f27e0dd3144d58ec09ed0f7ed7d1238ee596922807100fb7a11127944ddcdec6a9ca3bbf6df7301e354f3f049bfb7c275b43c3d8cda5907a932fba507c9145ea3166081c1b48fcc710ee32cd931f936c796b14f8a78a592e67753a7c9e428a01719c8ba82652f3a89fae110 +A = -3dcb44be1e54c5a5d7db48055ca9afa1ebe2ae648aa6e16ac497502a7deee09ffa124720fad0ab163ce8b3ea6a90f110ea52b67dbc424d0cf1e8c9726dfd9e45bebcefaa5cd5706edeed27896525f31c6bbea3d67ee97badefabf3e2532470b66e3ae3100f66ddf50cf02fc3a8e3f44c304251d3b6a7ca3a6e4bd5d16a41bd97a4 + + +# These test vectors satisfy A * B = Product. + +Title = Product tests + +Product = 5befab3320f8f90542f3120235abd926aac3805a19e343f690 +A = b057af553afb120db6b7764f8 +B = 857734c4c27a1d17f7cf59dee + +Product = -ab1ce167f4b2945c55ae3f87df50ad07d4be87cf9f8aa07b0c +A = ae7a6a87ea8981a567d0b3ecc +B = -fb0fed5f8c737bcacef4d6cb1 + +Product = -c2606cd48e6b075c8da79eb4668e7157f1f175c2860fd4c475 +A = -c28dc31984d4583e9d45424c3 +B = ffc4581a5c3f885cf42767e67 + +Product = aa6805b5408aff7f914472756da07830dcad902834dbdd6944 +A = -ffa07ff9f503511954e5dd3f9 +B = -aaa7af472ad8957763f5a7c64 + +Product = 58ca2569173389df29b5ce4b784086055dee821a7243db7210 +A = af417d936f4690008811a1ae8 +B = 81b26b80b43aa65aa55ded52a + +Product = -a043d31dfce8bd01724d31c863d0a64f1bf013509d77737c42 +A = fb5fae5edefb6997d44a1ecd6 +B = -a336e50c6f7845a1686cc88a3 + +Product = -b5d6a45ffce851b201239d938ba551bab7dcb59fc11fc35fce +A = -f918faa58bb57a2ffb8b01f05 +B = bae08c3006fade695029a1df6 + +Product = 6f2fde7d1a18625d727c6345ed85e597d546d9228bf7f0564a +A = -8d108d7a16f0696d4ceb24445 +B = -c9c764cae465207097ef8d2c2 + +Product = 93808b1140841dc9735cd61c6f855ddbbb83066689b0d7e1a0 +A = b386d08daf3fa2154e9c768d6 +B = d2557dceb2d02d04d9c578670 + +Product = -ad04212ca8cadb1f7861c5130ba3a747046a2a7e4a0c72b69a +A = e4e5f7d1311e0c5f2e404d55b +B = -c18057a328d8c7375afdfd4ee + +Product = -685e75c232f2b4a0e455fe5ee8aea52f292ad8b8178320e692 +A = -a683312f132b2320632e74ef6 +B = a0758f12791453b4af354730b + +Product = 6f588c53185c503dc5b0dc3002d3817ca2e7eb2370b3e9a647 +A = -d70c9b93170261091f0c53f27 +B = -848c86c51a186ac4c9080d3e1 + +Product = 5e3bc5a04e054a9a244bf7c86cae215072fdb70e9199989427 +A = 898b64ef09d7cf63966e1a3b5 +B = af638b12f26aa5d12e97439eb + +Product = -8d8372b235b16108285203c03a8aef6fdd3c0e1a9fd31d4f68 +A = f6003dc83818c14fbe36c9998 +B = -9343f6cbcc81fa4c9399dce5f + +Product = -5ee6509abeeb7af7fc5caef40d1822ad3150c8d74f522dc7c8 +A = -875ff6f56ca72cbdf614bb9ca +B = b375a68a21dfb1f159c22fa14 + +Product = ada25be404a17385af5a330da799e5909da81bfa0715baa6f4 +A = -c9b8df392e76abc3eb7d5ce04 +B = -dc5ab818c70594dd917b4243d + +Product = bb24422ee4656ddfcd50ec38201b15baf679d3b75e5cb878ca +A = f8e12cf4defe388b78510f687 +B = c07ee817b4ae95c2915b88966 + +Product = -93da296ba164c7220a17330647aef0980c94eddd2cfa2a3b2d +A = bc5dc74ddf7a1363d1c2b1f25 +B = -c8f069bad7f93cbfe6df51169 + +Product = -6b2e1d132c4e0b0dc9b7e7de7d424fda5180480cb5ff47c755 +A = -a8048acb66a8bb88df39266e7 +B = a34e0b265d71435ae8c92a463 + +Product = 6ccb2cd93783576a8602ae43f41c786008b6623a4cca0a010a +A = -b071f1f54790c951c1dd2a1cf +B = -9dd89bb4d9b546207e282e2d6 + +Product = 5c742ba47d0d64bd97509927ce957deedb855766cc24c60016 +A = b44f3f252c368096fa62747f2 +B = 83439b97dbac579fa4f7b7d23 + +Product = -7347ba65691c913286c2fb55e45b177f031c1d86ae0e9f654f +A = 937cf0643ffa53cdea24d642f +B = -c81881f78243dd5737a7d28e1 + +Product = -9bc0649a703674e59f83ff9b8a560e5cbf51f65ca310f80f95 +A = -b536f8d9769be6f62da941ae5 +B = dc0746fb101881ae0cacde6f1 + +Product = bf4992fc3a124de350f9fb90ea825cf663b1fa051282ef22e2 +A = -ff7eacc7de1bb01d668c693aa +B = -bfaa6627f9fc7ba68ae41bb2d + +Product = 7c8992d34cc0b63f1c953f68d4e12a99d3f3a34d16bd76caa9 +A = 9e0d5a850d078890a983c0ec9 +B = c9b72c118b3e1f1023a696ce1 + +Product = -a75840c95082b9a0ae0d6e0a4eb5e09288e4e2a66e9697d9cd +A = b2b042a21045a74ef1a5091d9 +B = -efbf8b120b384e869692a1b15 + +Product = -a510b333bdb4ed7479c142e8fbe2b12f7671a42acbe16c0998 +A = -e7fd5e0bb5496b9d876c27f65 +B = b6262653b2be44501af1d85b8 + +Product = a1c1e90afc4684754155526e307fc6ed798746f347bae2c880 +A = -b84674832b26ded0a690a8ff0 +B = -e0b7bdf2fd05a038ed3640b78 + +Product = 5588e0c33bffbefcc5695ca0615abd383343f21a8a0d22b222 +A = 80cad81ad9a66ab6a1c2e5669 +B = aa0453a77c8af1584f54750d2 + +Product = -6460c2fcd6cf3304ab163ea883ac48e2031cd10f2e9014c0ab +A = c49ad3d7c8848d4fbf913b10b +B = -82b3dedbe3cc7cd532ad632e1 + +Product = -a18717330b711669e85abde8c4dce426529aa621ba3da2a477 +A = -cab4a9c0a331a5a5e826dda1f +B = cbfee5041c13075dfe3399aa9 + +Product = 8ab6282ee892b53c083d319a9dcab48af97a1ac8493c0bfcad +A = -f7d13e47f9aaac8c25f9bf75b +B = -8f4aa95231c1e2336aa092297 + +Product = 8f2d1c23c78777ed371f13155445ca3c88cbc0a9b299bdf9d3 +A = 9d8248d00defce1ad081337c3 +B = e8b479295ecd9cef7301f24b1 + +Product = -86d5e0c5b581fe59819730b4b71e33d1f85f9ab504c7dbe2d6 +A = b21b45e88acff48562a19729a +B = -c1cdfebccc763beeac394b997 + +Product = -484ca05aefa113bdfcb1bc623f730c9f9555b462a8ab4c9606 +A = -8c12b406c02c4417163c0956b +B = 8422b15c80c1c087b17eedd92 + +Product = 614c3c91f60050c785fd229a3ad74674577a90cacb654e0a5c +A = -93d45bce155a23a397506d96a +B = -a87e339c3fd5aebede5fb1b36 + +Product = 9683285f194a7e4feeab196a36bdfc4f828035fd184b9cc692 +A = f196d8fe760fdcae7eb60e2f7 +B = 9f7d88a2163ad818bf3a6377e + +Product = -988a64599c19cc64f3cadc1a83fea6550185f6cc3ab82af822 +A = d0584b2a306671e4d2c9d0c7b +B = -bb6e7559df199c68d6df3a3c6 + +Product = -68456814cb0edd951196d04c853172afdd5787a5bd69a57876 +A = -cefce1b0a1fb22862418bb597 +B = 80f614139947aea5e76cd55fa + +Product = b4b1cbf5d6566e7a57aee0cc5c9c8ec4ad885e8766aa7662a4 +A = -d68ed1bea046c6cad057e21db +B = -d7988b9be54f6e332d019032c + +Product = 6b09212675ff5257a1384371e17b37dcc268bbb141577902e4 +A = a8208053adc20a609d5d01404 +B = a2fa927c5458c4fe662d7a3b9 + +Product = -8361bc26f9bcf55f677e047d822d3004027da0d0455b244d10 +A = e82b6410b29020c2d6810a977 +B = -90ddfe0e7f0d6b9cdc0815f70 + +Product = -f1b6da00923fd513a83e32040a515649fbd362f69ebc016d9f +A = -f9b697d9ec774a8d1ee5ea905 +B = f7ccb46a8869cb028492bed53 + +Product = d06206963f2e150bacdb32c823c3a47f013d5a267c3c0d0c88 +A = -ea8e63afa99c719897ad7f2ab +B = -e36f11f55b6148d1b4f46e598 + +Product = af774a5eae6084df5ca499ef005642730adabf6a4f9533e2fd +A = e4c7af7eea3ec9cc2443b7319 +B = c457bc264c8461789931baf85 + +Product = -76350f428bfbb95e6c253ec0f457aa84cebe8c7cb1af2a2120 +A = 8fd1ff97465775d44dee58ae0 +B = -d268a7d328f44baf80e35119f + +Product = -787ae3f114f9a8dd4d249d5d3f3b0897b02564b9469416cefe +A = -bc0b398bd0ec045b0cf147b7e +B = a4050955c234e473257d0c641 + +Product = 9d6320b3d4aabac097a079b9bd2aca7f1898bcab0f23409fd0 +A = -9d7a4ebac630cc0662b816fb5 +B = -ffda517d3eb3214986b04e290 + +Product = 80bab8bd800ac8c9dc3bb57dca306f10af6fd88c5d8314833c +A = 834bc50140d6c6ab938dc58b6 +B = fafee47793cbc533b3c66af3a + +Product = -b08920f5922226b1dec87151ae087d8a7e5c1aea8c9be148b6 +A = bfd5b1ad323c79428cb2db36a +B = -eb956a10edebdd658e6810fcf + +Product = -6d428e08e8350bb4b0fae3b662c82df2aef7beadaa17430dbb +A = -a57da276998c548101f514e9f +B = a9040c1909712e1149d295765 + +Product = a57da276998c548101f514e9f +A = -a57da276998c548101f514e9f +B = -1 + +Product = 14afb44ed3318a90203ea29d3e +A = a57da276998c548101f514e9f +B = 2 + +Product = -295f689da6631520407d453a7c +A = a57da276998c548101f514e9f +B = -4 + +Product = -867614005cc204a8d19720fe13 +A = -a57da276998c548101f514e9f +B = d + +Product = 12bf3b676f64e5929d38c35e803 +A = -a57da276998c548101f514e9f +B = -1d + +Product = 24d8f92c68303ed0b96f91a8167 +A = a57da276998c548101f514e9f +B = 39 + +Product = -49b1f258d0607da172df23502ce +A = a57da276998c548101f514e9f +B = -72 + +Product = -6fd5e6ca25c3d51b2e529f22173 +A = -a57da276998c548101f514e9f +B = ad + +Product = 1276d4705b81b82da4c7e82559d7 +A = -a57da276998c548101f514e9f +B = -1c9 + +Product = 1ddb9abfc5d4017f068a67b5f4fd +A = a57da276998c548101f514e9f +B = 2e3 + +Product = -3a8b41c914b1b4a4e341433601f7 +A = a57da276998c548101f514e9f +B = -5a9 + +Product = -97c0f4ba414d6e7d4c8b7ced84d4 +A = -a57da276998c548101f514e9f +B = eac + +Product = 1198739e0c23639c176d46d13f7c8 +A = -a57da276998c548101f514e9f +B = -1b38 + +Product = 159150954ee0dedf541e4dbac0ec3 +A = a57da276998c548101f514e9f +B = 215d + +Product = -441d4bc44c86f02ff12c3d91a1562 +A = a57da276998c548101f514e9f +B = -695e + +Product = -64726b76005ebee27592237ba5dde +A = -a57da276998c548101f514e9f +B = 9b62 + +Product = bbe4ec7cf7c5bbd198e0ea86bb658 +A = -a57da276998c548101f514e9f +B = -122a8 + +Product = 21f717d05681fd2eb1796776a69ef7 +A = a57da276998c548101f514e9f +B = 348a9 + +Product = -396ac788a1748bc6955f99be4d2c64 +A = a57da276998c548101f514e9f +B = -58d1c + +Product = -54a213eb083aed1a04f3d1b2da62e7 +A = -a57da276998c548101f514e9f +B = 82eb9 + +Product = 1366fb9c20fb14b8b9a9be4b3e3dde1 +A = -a57da276998c548101f514e9f +B = -1e037f + +Product = 238d65fd26da4733e5d93ab2485d40b +A = a57da276998c548101f514e9f +B = 36ff15 + +Product = -38272a99be154d531e922be405aee9a +A = a57da276998c548101f514e9f +B = -56dd26 + +Product = -64651b62b6a454c08951632c7f2c398 +A = -a57da276998c548101f514e9f +B = 9b4d68 + +Product = fb272e3597b816144f8b945ae6130e0 +A = -a57da276998c548101f514e9f +B = -1848320 + +Product = 280d9f5ed7243712ecb9a7c6358bcb8b +A = a57da276998c548101f514e9f +B = 3df5795 + +Product = -2fbb6bb8e1ba78cefc47fbbc20e188ee +A = a57da276998c548101f514e9f +B = -49d6652 + +Product = -57f29c13691ffa1642d2860dab9d288e +A = -a57da276998c548101f514e9f +B = 880c2b2 + +Product = 139c19d7668e6aabf2d7206cb0723ed34 +A = -a57da276998c548101f514e9f +B = -1e55aa4c + +Product = 2950ce04bf0cf836d4fe94b88fb757d0a +A = a57da276998c548101f514e9f +B = 3fe968b6 + +Product = -5175239488dad05a58414251496d2a06c +A = a57da276998c548101f514e9f +B = -7e020414 + +Product = -945ff0ed38bc6020cf679cbd3e0758c6d +A = -a57da276998c548101f514e9f +B = e585e573 + +Product = 11c69ae98f6b27e95477986f796bc67c8c +A = -a57da276998c548101f514e9f +B = -1b7f653f4 + +Product = 209afe75e8fb5ac76d13c06b545f5d4d73 +A = a57da276998c548101f514e9f +B = 3270154ad + +Product = -386d64b215e41506514f4988ed237e4da2 +A = a57da276998c548101f514e9f +B = -5749c891e + +Product = -6c13cccdb1d140d0babd52707ea72fa278 +A = -a57da276998c548101f514e9f +B = a72fb6288 + +Product = 136228a8a45540372b9b3cd7f82021f6546 +A = -a57da276998c548101f514e9f +B = -1dfc08a2fa + +Product = 1f0ad3babf9d132eaa08cf5cdb8f19dbf01 +A = a57da276998c548101f514e9f +B = 30050f2e5f + +Product = -50d615ce183258e95af77319b766fac81e2 +A = a57da276998c548101f514e9f +B = -7d0bf92cde + +Product = -817d358293b86a56a4e881e50257c549471 +A = -a57da276998c548101f514e9f +B = c84efb12ef + +Product = f09b9e80be251de474d726b16e25a6865fc +A = -a57da276998c548101f514e9f +B = -1743322a484 + +Product = 22996cb0f9c60e35dce49f3825f8a479db26 +A = a57da276998c548101f514e9f +B = 3585acec11a + +Product = -2b307a37c91791a61c0691858f5f783e4678 +A = a57da276998c548101f514e9f +B = -42cf6be3e88 + +Product = -8826698fcba6c30d755fc523de1cc25301ae +A = -a57da276998c548101f514e9f +B = d29cc8af592 + +Product = ae37fc99fd419809310782714530d7428d77 +A = -a57da276998c548101f514e9f +B = -10d8059d4a29 + +Product = 1d544a20f9bc7d95ab67d1f65743979f23bba +A = a57da276998c548101f514e9f +B = 2d5eadef1c06 + +Product = -367897184e9929a0294d320f10278889fbeb7 +A = a57da276998c548101f514e9f +B = -54431582d0e9 + +Product = -943a509076a00060a2e7fa1cddb7468d734a1 +A = -a57da276998c548101f514e9f +B = e54bb102f4bf + +Product = fcce6e42879af5ad13545c0bcaab85b690cea +A = -a57da276998c548101f514e9f +B = -18711db522cd6 + +Product = 258c49f86d0cbb14ae9edbd3456be8cede2022 +A = a57da276998c548101f514e9f +B = 3a1562c7c269e + +Product = -4a8bbce59ad7daa51136d557f7fa16e9a2faad +A = a57da276998c548101f514e9f +B = -7350e780b0f33 + +Product = -82f53ec9333275d5cc271876a7db936db49280 +A = -a57da276998c548101f514e9f +B = ca94ad312dd80 + +Product = 11daee4fcc713db5b2806e47fa5dff3b5b770eb +A = -a57da276998c548101f514e9f +B = -1b9ed6758f9635 + +Product = 17038cac4f0c94dc24985ea108ae6682e175752 +A = a57da276998c548101f514e9f +B = 2399b8a9b1116e + +Product = -37e5f14394bf347a3ed061769fe8e6424af4348 +A = a57da276998c548101f514e9f +B = -567840a7569fb8 + +Product = -9253d4a32a88d8f725984514d969012ead7cc9a +A = -a57da276998c548101f514e9f +B = e25b246f733f26 + +Product = ace3648371c16a931d29004e79f5b9678391da5 +A = -a57da276998c548101f514e9f +B = -10b717b27b6a13b + +Product = 1faa5b45d04c143c339b09d3aad94d39b94ef960 +A = a57da276998c548101f514e9f +B = 30fbd672e106aa0 + +Product = -3fdfe246d27aae0d08d63b2bc501461d2bff3b8d +A = a57da276998c548101f514e9f +B = -62cef5f078a8253 + +Product = -5b792bfaeff04ee3d948cb343a249d49eb344f57 +A = -a57da276998c548101f514e9f +B = 8d805ac65649c49 + +Product = c5f824406161eec321da5a58e3e00d393b55abe9 +A = -a57da276998c548101f514e9f +B = -1323dd41d2e1e077 + +Product = 2226dec8a57be8e84e42559007e2d101ccbe67f8d +A = a57da276998c548101f514e9f +B = 34d47842b5d0be53 + +Product = -340f50f812c7420b502000940788a700f6769788a +A = a57da276998c548101f514e9f +B = -508836d8e1193d36 + +Product = -a00f1d96e19c590479625c5329a87774b5964cc78 +A = -a57da276998c548101f514e9f +B = f798fc858657f888 + +Product = cb94f830cba8997331912a6a31c34f1bef826d121 +A = -a57da276998c548101f514e9f +B = -13aec7a5c52a0883f + +Product = 16b45140b048d6dc0b9fc811df7ce7dd88357fff04 +A = a57da276998c548101f514e9f +B = 231f27f3e347bd67c + +Product = -2aa94179351b4e87de5849ab619d94f47450640199 +A = a57da276998c548101f514e9f +B = -41fe3ec2189599cc7 + +Product = -5489401d3da93158d4284e557d74016c0a7cfd935a +A = -a57da276998c548101f514e9f +B = 82c5281df41bfc066 + +Product = ae04d5b212ecfc9a6d7df07794d565df52991fb70e +A = -a57da276998c548101f514e9f +B = -10d3139229f5d02432 + +Product = 27821bc811f45d63089790b41d307be978d4b19564c +A = a57da276998c548101f514e9f +B = 3d1da85cc012b3e234 + +Product = -3de3c9e9d7fa3020a578706339314890dccf63096c2 +A = a57da276998c548101f514e9f +B = -5fbcfb28bfc9044bfe + +Product = -627dcb299a6720044abcf11469bdfd3f951edbb5bf7 +A = -a57da276998c548101f514e9f +B = 985b930517b78e6ba9 + +Product = cc0622441497a37fddf1856d5e2c99df52b99ea4573 +A = -a57da276998c548101f514e9f +B = -13b9b88948fb7e95cad + +Product = 1a5168e1a492210591ad1ed660adde9110390e4caf32 +A = a57da276998c548101f514e9f +B = 28b631c6e04b6ab0d8e + +Product = -4d8ec27b7460ce616421b9f5cae708c2ac241daa59b4 +A = a57da276998c548101f514e9f +B = -77f99bdf1eb09da6dcc + +Product = -55afd796db7bce822a00073fc8926d3bd0c79772f036 +A = -a57da276998c548101f514e9f +B = 848cdd6212b9bb3620a + +Product = dc494b0d73e8ec07cd2bb6dd8191d2b4d48e7700cc34 +A = -a57da276998c548101f514e9f +B = -154c39567bd8be5f6b4c + +Product = 240e9301b4345b914ecd91a49a0e651524dcecb6fdc6c +A = a57da276998c548101f514e9f +B = 37c6e7ee89cf87674814 + +Product = -39002ecfd6d96661b336157ccef6536756ad2e9219be3 +A = a57da276998c548101f514e9f +B = -582cdab09915a652203d + +Product = -695f49fc891d53f396f0593efae3973082b76d4f9e944 +A = -a57da276998c548101f514e9f +B = a30074dbce2246af043c + +Product = bba2b7b45b97cb0d7fb30fed95089870742ad69e7aed7 +A = -a57da276998c548101f514e9f +B = -1224195afc7b394ae8cc9 + +Product = 1910edc278515ab7d4cc09b496dc3c06c32c75bc7368af +A = a57da276998c548101f514e9f +B = 26c6701c39334169e7bf1 + +Product = -3670b7f9b661aba35ce50984d83173c84c8fa60e04d100 +A = a57da276998c548101f514e9f +B = -5436e84b4a29858a68f00 + +Product = -7fa0d3e0082b37475342b7e22e5dbad7b8d4cb5d64f871 +A = -a57da276998c548101f514e9f +B = c56e0f44fc63bca242eef + +Product = da7fe3367ce640fa5941c033ac1874312f10ba5950da75 +A = -a57da276998c548101f514e9f +B = -15200043166ff309f0426b + +Product = 1871d72481f66b1d413100edd6b339cbbaa67b3b2b3cd57 +A = a57da276998c548101f514e9f +B = 25d057879db26fa29a5e49 + +Product = -3cf1dd1e2df3456757d72f35353c3c7a659b2ef844ad857 +A = a57da276998c548101f514e9f +B = -5e46be70de21949df67349 + +Product = -5e861cbe47aefab2a7ea59292aab1258932b9a322f66e63 +A = -a57da276998c548101f514e9f +B = 9238670897685a6c9cbdbd + +Product = f623344788efb857db55c924e95a437effa4dc8bb2bcd24 +A = -a57da276998c548101f514e9f +B = -17cc0ec84c228225a7cf45c + +Product = 15514c916b0ae7cde6add16c629d3e19ba52a101d75dff72 +A = a57da276998c548101f514e9f +B = 20f9f925b3ed307edbb154e + +Product = -460cf5b14f9d0b547c3084bf44207bf881745c409b08d07f +A = a57da276998c548101f514e9f +B = -6c5cbfd29f3dae1dce99221 + +Product = -5ddf7fb91d765af97dfda5333d8779e80837c2b51cfb4f43 +A = -a57da276998c548101f514e9f +B = 9136aa79080defd1bcf90dd + +Product = 12c1a0edfb6ab6a0caae2553fb3743827e1470a8954e0a3fd +A = -a57da276998c548101f514e9f +B = -1d03b512470dc3052779f3e3 + +Product = 28388a244214abf046488a8d95308d95f021eae4b994a5a52 +A = a57da276998c548101f514e9f +B = 3e37dce784274962ff862e6e + +Product = -4da476e76119deef291c0f56934a912a0877278a19a561ee0 +A = a57da276998c548101f514e9f +B = -781b2f2dc40094a7f8fed520 + +Product = -5792496d33dd45e225f9dfca17419a04e075ffc0c90b37b82 +A = -a57da276998c548101f514e9f +B = 87772a4fb582acafd3e4ef3e + +Product = dd3a3506a7d748de16fb43d666928a87de0354d8e8a1bcaaa +A = -a57da276998c548101f514e9f +B = -1563841bf7851ff158a395716 + +Product = 24e8fb09a9ab0808ff643122479dea5ed41060c6c5b74e8752 +A = a57da276998c548101f514e9f +B = 3918c30b5568318a58e9be16e + +Product = -366c125f96b38b58d01c939c27c4100af3377eabb792b5491a +A = a57da276998c548101f514e9f +B = -542fb814f45924aa09a16f2a6 + +Quotient = 0 +Remainder = -1 +A = -1 +B = 2 + +Quotient = 1 +Remainder = 0 +A = 8cdaaa7c422f3c2bb0ace2da7d7ff151e5bdefb23e6426cf3e6b21491e6e80e977bfa6c65931a8dee31fc7992c0c801d5d7c +B = 8cdaaa7c422f3c2bb0ace2da7d7ff151e5bdefb23e6426cf3e6b21491e6e80e977bfa6c65931a8dee31fc7992c0c801d5d7c + +Quotient = -2 +Remainder = 1 +A = 107f0e6cebfe22ac11294a06fed2b994d01c9b3610d50bdd254adafd08c93be8ebdd1e85e1286fe9c9e682a90cbbd6351681b +B = -83f873675ff11560894a5037f695cca680e4d9b086a85ee92a56d7e84649df475ee8f42f09437f4e4f34154865deb1a8b40d + +Quotient = -4 +Remainder = -2 +A = -3d8746ae2123c2d3f1d35910b42af1f86f5e81f8e98986cea20b2a1bdb8af6cf111f1258f112c837accdf4868463fe9eba536 +B = f61d1ab8848f0b4fc74d6442d0abc7e1bd7a07e3a6261b3a882ca86f6e2bdb3c447c4963c44b20deb337d21a118ffa7ae94d + +Quotient = 8 +Remainder = -3 +A = -5645d65662eaac73050de06f8f982a9b2ae680467712284be3e2b0e58ef4bf4d72b5be5e12ee1fd803b47f161759662ff5c4b +B = -ac8bacacc5d558e60a1bc0df1f30553655cd008cee245097c7c561cb1de97e9ae56b7cbc25dc3fb00768fe2c2eb2cc5feb89 + +Quotient = 10 +Remainder = 4 +A = 813bc46ee19ffeab364073a89f96913f340d43ee72129ea9edac1beb4ebe1336450d2eabc7b26e51c400cec60d6ee459033b4 +B = 813bc46ee19ffeab364073a89f96913f340d43ee72129ea9edac1beb4ebe1336450d2eabc7b26e51c400cec60d6ee459033b + +Quotient = -20 +Remainder = 5 +A = 12805392c55ffa0e27e85e15f2b339872793664e9ed3074cd2600aa52459a57197130d1ea46775ef43115c9413248cc7b34805 +B = -94029c962affd0713f42f0af9599cc393c9b3274f6983a669300552922cd2b8cb89868f5233baf7a188ae4a09924663d9a40 + +Quotient = -40 +Remainder = -6 +A = -3579fc4d6083394c691b060cf9e20318fe17da0487337f76710bd11512578830ba94ac7b587a2d5ab7cb4afe611e349cdcfb86 +B = d5e7f135820ce531a46c1833e7880c63f85f68121ccdfdd9c42f4454495e20c2ea52b1ed61e8b56adf2d2bf98478d27373ee + +Quotient = 80 +Remainder = -7 +A = -74ebad4b39ebaaff82cd91082408c979527907c363d8f0f75db410523f8477c074c45ff85851b6275b1ebc5279029818e78d87 +B = -e9d75a9673d755ff059b2210481192f2a4f20f86c7b1e1eebb6820a47f08ef80e988bff0b0a36c4eb63d78a4f2053031cf1b + +Quotient = 100 +Remainder = 8 +A = d2d8a4419fb3b1c22bfca04ca08c2ee066ccbc9fce2f41861b5eef91efd3c13eeb7eae5abea0ef1849662cfdfef7bbff892c08 +B = d2d8a4419fb3b1c22bfca04ca08c2ee066ccbc9fce2f41861b5eef91efd3c13eeb7eae5abea0ef1849662cfdfef7bbff892c + +Quotient = -200 +Remainder = 9 +A = 1bf534da2f4365c96fc5dd4928e73ac24b157b5136ead90cf6596033ec387a2c14bca828000ae1725f3a5ace8ad67a8c07a0a09 +B = -dfa9a6d17a1b2e4b7e2eea494739d61258abda89b756c867b2cb019f61c3d160a5e5414000570b92f9d2d67456b3d4603d05 + +Quotient = -400 +Remainder = -a +A = -3a172cc9483774544311a1366659d9e61cc9fac7dc11c68e36aa991ef4d5e96becf5bac3e0967c904d926617ea11bb9551b980a +B = e85cb32520ddd1510c4684d9996767987327eb1f70471a38daaa647bd357a5afb3d6eb0f8259f2413649985fa846ee5546e6 + +Quotient = 800 +Remainder = -b +A = -5ecff3a3e47fa615b6e3ce2dedfdeefbfe1d437c394631820968a9650b59dc3a2dd1c9a0b06537e4e5c408a59e580921503580b +B = -bd9fe747c8ff4c2b6dc79c5bdbfbddf7fc3a86f8728c630412d152ca16b3b8745ba3934160ca6fc9cb88114b3cb01242a06b + +Quotient = 1000 +Remainder = c +A = d3ef80fca0ab3ac3432b22e2b485131d816810c39d02a9c82dcc05ec5e6406bc216026de3abe53ab103ea3b2ddbc2ea377ae00c +B = d3ef80fca0ab3ac3432b22e2b485131d816810c39d02a9c82dcc05ec5e6406bc216026de3abe53ab103ea3b2ddbc2ea377ae + +Quotient = -2000 +Remainder = d +A = 163956bc32325f28f48d41d32bb08d2a9c4ccbb0d818368fb13941e82b27da21d04094f7e897ce79c2d0ff8470505f1ef63fc00d +B = -b1cab5e19192f947a46a0e995d846954e2665d86c0c1b47d89ca0f41593ed10e8204a7bf44be73ce1687fc238282f8f7b1fe + +Quotient = -4000 +Remainder = -e +A = -3763f8e43bd05e6ffeec6d509bbe6ff9a9022ced8cb191c9abaf5fd0e0b75a53e2ad581455e3af09e702a77b164ed3fb54ae000e +B = dd8fe390ef4179bffbb1b5426ef9bfe6a408b3b632c64726aebd7f4382dd694f8ab56051578ebc279c0a9dec593b4fed52b8 + +Quotient = 8000 +Remainder = -f +A = -531dd44dfa9e79a5aec8fa7c84bd3b753c146770d22d2c14a6d2125f7ab95e9b320e84c31cf3e0d883e1295a220f2a546550800f +B = -a63ba89bf53cf34b5d91f4f9097a76ea7828cee1a45a58294da424bef572bd36641d098639e7c1b107c252b4441e54a8caa1 + +Quotient = 10000 +Remainder = 10 +A = 900996b61f58713f0755e68bbdfa4e0bb47f034bb0304f77829847923d14715def1771f43b526c41b9667438b434d2b966c20010 +B = 900996b61f58713f0755e68bbdfa4e0bb47f034bb0304f77829847923d14715def1771f43b526c41b9667438b434d2b966c2 + +Quotient = -20000 +Remainder = 11 +A = 179d7ede3db0c105525286551331d5b9e1f97a7883f0c13cf250afe9765bb5aaa527af7945c19cdd4596565cbc8532a3cfa5c0011 +B = -bcebf6f1ed86082a929432a8998eadcf0fcbd3c41f8609e792857f4bb2ddad55293d7bca2e0ce6ea2cb2b2e5e429951e7d2e + +Quotient = -40000 +Remainder = -12 +A = -293dc443c294c6a6c53dd49e84f58305d59a432afb6c7ea2039cd02a513231239571ae07f29b5427e869b9faa485511ca45980012 +B = a4f7110f0a531a9b14f7527a13d60c1756690cabedb1fa880e7340a944c8c48e55c6b81fca6d509fa1a6e7ea921544729166 + +Quotient = 80000 +Remainder = -13 +A = -5b637eb8aa51ef15a18d9b144031c9756527fc0fb96c84b6df03700e5079ae1b3e96940a2c1e07f3b47ad8a9b2b8ca99171a00013 +B = -b6c6fd7154a3de2b431b3628806392eaca4ff81f72d9096dbe06e01ca0f35c367d2d2814583c0fe768f5b153657195322e34 + +Quotient = 100000 +Remainder = 14 +A = 87c846f5469d4c5819aed0c7e77797209b2c1b83a7a0e2be70280b9f30946b5db9bd0f25a06cf4bdba1c7183a1b9eb75c19400014 +B = 87c846f5469d4c5819aed0c7e77797209b2c1b83a7a0e2be70280b9f30946b5db9bd0f25a06cf4bdba1c7183a1b9eb75c194 + +Quotient = -200000 +Remainder = 15 +A = 11c2a4509f419aa977c3d37fa446fcf21b4b3b9f983fbaddeba4f51c285ac4032200711a54cc6edf24297b1f3d46ad020131a00015 +B = -8e152284fa0cd54bbe1e9bfd2237e790da59dcfcc1fdd6ef5d27a8e142d62019100388d2a66376f9214bd8f9ea356810098d + +Quotient = -400000 +Remainder = -16 +A = -39e37ae0edd92b957e84682358039f5e432c42492a44f3de01cdf74d643760260f2837946608663e12291e9b0695449c1153800016 +B = e78deb83b764ae55fa11a08d600e7d790cb10924a913cf780737dd3590dd80983ca0de51982198f848a47a6c1a551270454e + +Quotient = 800000 +Remainder = -17 +A = -72f725edd5a3dd6f20b5e9ca7da08a99f8ec9214c80588182c0d42e03bcff34b488b28c03cdf41813a6193c10672a8ee68f6000017 +B = -e5ee4bdbab47bade416bd394fb411533f1d92429900b1030581a85c0779fe6969116518079be830274c327820ce551dcd1ec + +Quotient = 1000000 +Remainder = 18 +A = 966df62c26acab2d3d1dbe729e48d0181c68e9f5eba45f6caefa38d60e34057d09fe620abb8640cec8cac755957aaad7c6fd000018 +B = 966df62c26acab2d3d1dbe729e48d0181c68e9f5eba45f6caefa38d60e34057d09fe620abb8640cec8cac755957aaad7c6fd + +Quotient = -2000000 +Remainder = 19 +A = 190790727c1514b4ef83a1c6aa07493c0af7087fbc8a675bfd9a1e97b8ef80ef684219d6c6f1a5fb5b919f105fd7717cdd5aa000019 +B = -c83c8393e0a8a5a77c1d0e35503a49e057b843fde4533adfecd0f4bdc77c077b4210ceb6378d2fdadc8cf882febb8be6ead5 + +Quotient = -4000000 +Remainder = -1a +A = -22d115ab02f8663d8c009960086a0275d301d358cd3b250bb9e7c16cc6ebed4a8fbe43bbced856d93be64a17377d95f5f9c8800001a +B = 8b4456ac0be198f63002658021a809d74c074d6334ec942ee79f05b31bafb52a3ef90eef3b615b64ef99285cddf657d7e722 + +Quotient = 8000000 +Remainder = -1b +A = -41f2e708ba47494a13607223b08e6d99c0b4247436632961d873804e83446dc97139ffaef3e25969950bd4b5bb4ff73b1a25000001b +B = -83e5ce11748e929426c0e447611cdb33816848e86cc652c3b0e7009d0688db92e273ff5de7c4b2d32a17a96b769fee76344a + +Quotient = 10000000 +Remainder = 1c +A = e4b52f78179039499c2f6b500840f41103fbd60eac0d7082297236f25189c18a8301a92f533945047fbb83427dcade334336000001c +B = e4b52f78179039499c2f6b500840f41103fbd60eac0d7082297236f25189c18a8301a92f533945047fbb83427dcade334336 + +Quotient = -20000000 +Remainder = 1d +A = 10888959278661bc36089519a215bda60f9ce24ff7c0ac1f543b6e652f94dbff1f32aa40cad2b4b4d676f16948551501c29f2000001d +B = -84444ac93c330de1b044a8cd10aded307ce7127fbe0560faa1db73297ca6dff8f99552065695a5a6b3b78b4a42a8a80e14f9 + +Quotient = -40000000 +Remainder = -1e +A = -3ada453530a180fda58533ab8c62beb4f693a134f512e4d23e487dac3b575e5390c0a90992400e402bb47aac93d46ded55f54000001e +B = eb6914d4c28603f69614ceae318afad3da4e84d3d44b9348f921f6b0ed5d794e4302a42649003900aed1eab24f51b7b557d5 + +Quotient = 80000000 +Remainder = -1f +A = -57879eb5d92d565daac3ac5173639bfe44b6ecc69ff770af57bd79c9b93841c5677042cb362b794f3d8b24b0d3b73ed1cba58000001f +B = -af0f3d6bb25aacbb558758a2e6c737fc896dd98d3feee15eaf7af3937270838acee085966c56f29e7b164961a76e7da3974b + +Quotient = 100000000 +Remainder = 20 +A = 89a2f1792afc54467955839eddc9ef2e37d391ce7a1a4a205291220c1f49f59ee31fc7a7a7f7706c199bf5c8c951a0d0743d00000020 +B = 89a2f1792afc54467955839eddc9ef2e37d391ce7a1a4a205291220c1f49f59ee31fc7a7a7f7706c199bf5c8c951a0d0743d + +Quotient = -200000000 +Remainder = 21 +A = 1c267719338a4562e934bc57fabe6da86ca534a34244bd38c15032f01f47c2fd498c83f644b345c5c661ada0e586a096bb63000000021 +B = -e133b8c99c522b1749a5e2bfd5f36d436529a51a1225e9c60a819780fa3e17ea4c641fb2259a2e2e330d6d072c3504b5db18 + +Quotient = -400000000 +Remainder = -22 +A = -250249f2185d4b428fa9534f03ef3cbed535bd31c56c0b273e6c3d35e0266f7777a6e59a99da5738b8e3af8ac60061d6716ac00000022 +B = 940927c861752d0a3ea54d3c0fbcf2fb54d6f4c715b02c9cf9b0f4d78099bdddde9b966a67695ce2e38ebe2b18018759c5ab + +Quotient = 800000000 +Remainder = -23 +A = -710b30c23c3c4e646ba90da33d2ce35af2ff181c40b02e3ffa607966730c6b6e274dd4c3c78e578e0b10f431f2d832274bf6800000023 +B = -e216618478789cc8d7521b467a59c6b5e5fe303881605c7ff4c0f2cce618d6dc4e9ba9878f1caf1c1621e863e5b0644e97ed + +Quotient = 1000000000 +Remainder = 24 +A = 877f1caf75e7166ef18484d0718947893fd1ec016984387debc55c19e378a487a5ddbb03a80a88316f6fca16ae148933e719000000024 +B = 877f1caf75e7166ef18484d0718947893fd1ec016984387debc55c19e378a487a5ddbb03a80a88316f6fca16ae148933e719 + +Quotient = -2000000000 +Remainder = 25 +A = 1ed1b7d9e4cf3d44ee98ef69850e61a39f54cc407c6795c07c887374441fd9ec258c21193f8a8c55802fb8f8c579cf94cb0ce000000025 +B = -f68dbecf2679ea2774c77b4c28730d1cfaa66203e33cae03e4439ba220fecf612c6108c9fc5462ac017dc7c62bce7ca65867 + +Quotient = -4000000000 +Remainder = -26 +A = -35d324ba37d2000f960ca1c9e1ab96e341a2ae6a5ea5cef014c73a39dde000d8ad9606b817ad67e4e4593cc5894d354854898000000026 +B = d74c92e8df48003e5832872786ae5b8d068ab9a97a973bc0531ce8e777800362b6581ae05eb59f939164f3162534d5215226 + +Quotient = 8000000000 +Remainder = -27 +A = -7039477c3e0a6f415e25e9f9b1dab1edcd8a23f984e7e3bc149c206a3b756b1be001450af4049cd4535e4243d7032afcf6790000000027 +B = -e0728ef87c14de82bc4bd3f363b563db9b1447f309cfc778293840d476ead637c0028a15e80939a8a6bc8487ae0655f9ecf2 + +Quotient = 10000000000 +Remainder = 28 +A = d6c59dd07409da98f7bbc7ee471b6e06c4d9e832e9f4d04ed9da63564d37d3072a950564cf549bb5d6e7dc85565d3cc8ba340000000028 +B = d6c59dd07409da98f7bbc7ee471b6e06c4d9e832e9f4d04ed9da63564d37d3072a950564cf549bb5d6e7dc85565d3cc8ba34 + +Quotient = -20000000000 +Remainder = 29 +A = 14d27a16a9cf2fdbc85b88a604dd8f0e57b5b34a27089d75d805e05fbb367dfa61c085aa98b896e3e53b85ef774a3fa52417a0000000029 +B = -a693d0b54e797ede42dc453026ec7872bdad9a513844ebaec02f02fdd9b3efd30e042d54c5c4b71f29dc2f7bba51fd2920bd + +Quotient = -40000000000 +Remainder = -2a +A = -3bd0119619fbb5b260c44050d61e6b1925a49713d754ceb06bafb1d730a93f199df654b153c40e75096ebbaf5a6ce3c801820000000002a +B = ef40465867eed6c9831101435879ac6496925c4f5d533ac1aebec75cc2a4fc6677d952c54f1039d425baeebd69b38f200608 + +Quotient = 80000000000 +Remainder = -2b +A = -61a283fe41d965ee770704bb453f689cb82a81089422d6d904a91776a06d32857220286e6ef6327807b724062dda143b46890000000002b +B = -c34507fc83b2cbdcee0e09768a7ed139705502112845adb209522eed40da650ae44050dcddec64f00f6e480c5bb428768d12 + +Quotient = 100000000000 +Remainder = 2c +A = 87bd03a64d9c56fe340137065ba36bd07b556119546dd1fc3ae087ead32bc79ca7efb5c7230ea7bfb00ad419096d9279fbe10000000002c +B = 87bd03a64d9c56fe340137065ba36bd07b556119546dd1fc3ae087ead32bc79ca7efb5c7230ea7bfb00ad419096d9279fbe1 + +Quotient = -200000000000 +Remainder = 2d +A = 1eb7cfb197d19f56ad994eca52d1af6466fd09da07d68d63067602046b2d42d3063ef5eda6b58afd69fd92b0b727a0ecde1420000000002d +B = -f5be7d8cbe8cfab56cca7652968d7b2337e84ed03eb46b1833b01023596a169831f7af6d35ac57eb4fec9585b93d0766f0a1 + +Quotient = -400000000000 +Remainder = -2e +A = -3ab858b3329e5bd0469118be52a867b2febbe2894d962cedeb3a5be1738db1cea106cd0710c9f6937348c2c63b109ae623d500000000002e +B = eae162ccca796f411a4462f94aa19ecbfaef8a253658b3b7ace96f85ce36c73a841b341c4327da4dcd230b18ec426b988f54 + +Quotient = 800000000000 +Remainder = -2f +A = -6137bae6cf7573afcbb6fd5c066ba37648cba8db0ecafe9dbc66959b19deabf42f3083719a2268b7602bafa2140a1ee8ce7d80000000002f +B = -c26f75cd9eeae75f976dfab80cd746ec919751b61d95fd3b78cd2b3633bd57e85e6106e33444d16ec0575f4428143dd19cfb + +Quotient = 1000000000000 +Remainder = 30 +A = d00fec043edadc093673e5f5abef0c6bacdf1f3faa49a831a645bf80db7539d657f69403b122a5c6f879eb8e63be54d35ed7000000000030 +B = d00fec043edadc093673e5f5abef0c6bacdf1f3faa49a831a645bf80db7539d657f69403b122a5c6f879eb8e63be54d35ed7 + +Quotient = -2000000000000 +Remainder = 31 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -940693131e2ba7b2af531803794983337dd526f0d84d08d58723edf002a388d55c8502d88c2a2a6e78233a2a1b1c8d339a13 + +Quotient = -611b743a0e2acb1043bb33de50a59eaa0405b37bf6b622075dd69291fe5b53305dbfcc377d1f3082319c153d0c1ffb3b3346 +Remainder = -16e346b6a4297 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 30c77f3380ccf + +Quotient = b9e34073d5e6e5b9e5d2d7250150f8ad86870faeb88d5aed5029fb25c176de216e2388e0f5d33f7c3b56102873eb40b06f2 +Remainder = -16ebc86eb88339 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -197b6f6ad5b75c + +Quotient = 141bc8752e846cd63743e6fce4a22efc3eb5f0ce46ba81b8f578c94c516288ec3610fc9923f45d4af2b94c0b0a20b48ed0a +Remainder = 9bab19f12d81c3 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = eb90162ecae18b + +Quotient = -381bd85c951e1dd775b0d7fab344aadf06b1b592c643b5852fa44aa55159eedf3b3e47fe0d9f399ad92da85ab2bfd18240 +Remainder = 1e4f817a2f52b71 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -546c109fa8a9d7b + +Quotient = -5e385a83b56830626cf8306acc232f955178080e86384bbcf92eec3a8961360223c4cfc1d8d118022972e61866cbfc46b +Remainder = -292e149300fdd1ad +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 3246242094394c8c + +Quotient = 9af0246f4b49316df43f61ae3795a764fe9b1d071ce227982ebda7988a7a7a98129c94a76635c6913cb15e4f75ea1608 +Remainder = -dd3b3e32ddc79cb9 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1e928618913898b2f + +Quotient = 1fe40099811c648aa4e84e4fbb8cbc19706774a11391fc03a9667d8dc72dd0b26c4a46d0bae56ba90fe4bfac1517d241 +Remainder = 16e021603d30dde2 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 948887c1634f4b08f + +Quotient = -3f4fa4c179dab02ad461bbea8f890292c934496db560f72878323a4463d77ae261363f4dc8f53eab145fcc3815d3253 +Remainder = 407ccb4f0b814dc5c5 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -4ad17434071e1ce664 + +Quotient = -4d17d19f7f6861189a520776339a1e425876808111c303e391118714370111151ef4ad2e6e84250f59b0fe09ab3293 +Remainder = -36f745b0f421d16db7 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 3d71635bcc25183cdde + +Quotient = b976d544af44e711351c6618106d3a002c42ebbe22fe939a2457d24e8dcc35c95dde5c7c77af6b4545344a198be82 +Remainder = -107334ab98e5099fec5f +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -198a54e35fa0cfa328a9 + +Quotient = 1307bb8e89aaff7466bc238d32672fbbde7be19d15423bcfa14f9a23fe85af9739b72807fd4bc420ad0b0fac37a42 +Remainder = 170ebe9b83d4c43b79ab +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = f8e923a8bbc0242eafe3 + +Quotient = -3925a167c1c4d2fae265f277302b989466e309a7211e0b7173031cbbb91ab7fac8dfe43c9d832764e222e9d8581d +Remainder = 4d404e93edb435dbd60af +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -52e36cee22274556059ea + +Quotient = -4d5a6ef346a872142b999ff9a5429198b3c2a97e968f55aa2c01583efe30e9687c57e2bca2372db4d3d443052b6 +Remainder = -3a2ea5f9d204dc31f21833 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 3d3c79a115d9071b573d2d + +Quotient = a49dee54430f1737a04543d5f549efafab25f0f28f5e304f1bbca191f99521c2c4be1b9927bde19e1ec2060bb2 +Remainder = -17d02758f8fcadca911a95f +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1cc65a75211f2826c9d0811 + +Quotient = 1808ab7c0ccac2ff8f7cb61248bf4624fb60352a356fdd1408904f8c6fb0cc52b7642ec59183bcaf5dd89ca0ac +Remainder = 5c95323f3b8861261dc31ed +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = c516e6e3fa6e3dc52cf5933 + +Quotient = -437e04d7076794850aada0cb4ca7a1055df103e74e00766be6a2fdb2631bf294cdbf2695d0a2f8f9eb5587aa5 +Remainder = 1fc63797594c56160536faa9 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -462ee529b488d1db2b6c60e8 + +Quotient = -5dde5497accc4575a412e7232ce75bdf7905936e09e382d5c9f133faf82a05ad9dcc94ad858aed34cc14c714 +Remainder = -15e79293d5e055f906381a899 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 32765b0a34c88864d39bedaae + +Quotient = 11ac52a9287472e1d3b8577b3d50c95076e190714796761322b3ce869d96b44387e190e824849ee345d0a22b +Remainder = -a158ccc7c055d64e7df3fbcf0 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -10c061a37f6cbd11bf0c327643 + +Quotient = 1ff5cda1551867577c5ca72c86516a82fb8fc5f59ce967b73c6bcc1b85168389872c9a747ddf044d6dba174 +Remainder = 21e766a0020ba429b330a325d5 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 9435cd2dc2a92c950bb9e69b83 + +Quotient = -2719c892fa3f4dbc9951b2095056a16159adaf32dff902e20a800a0cc2e858ccae408f2161aae25d3e1f6d +Remainder = cafbe9caa1f83fd0dd3d5a6881 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -7924e4dcf8f96da61f54bf83870 + +Quotient = -5080dc99dba295f4a2d9a474c2ddfa3b232a82fe629fe62177514988983eff8195b37d3fee3afa343b497 +Remainder = -94ae72f78982ac1ff83f300cfe8 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 3ad70d4b6b9b5f5b2eb65da67e1f + +Quotient = e475eebcfc53d49ffad2e0c2a4ba48fe7ce02c42ff107e01ab3fe5b26eee45c83c4f58c181d77c259155 +Remainder = -c83ac7582a02b47ee734e0f24dc5 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -14bbcff5423a260b21895327b18bc + +Quotient = 201308a421b85291d23465d648ad2a8d6f3393efc16fb675a42ea7bbca635ddd8c2449b1b34e5db30a03 +Remainder = 8e07efb8ae4c9df39533042362081 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 93aebb72a81ba68e8881fd1a56a90 + +Quotient = -2584cc534f88f091fe471c652ac66a695906a7cde1fc1cde9be3ee09026b690c1a899378ff31f6acb90 +Remainder = 794801d9d5770a60e312b99d6b9f91 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -7e408caf387a0ce9bbf4309c80755a + +Quotient = -63f7bfc0fe5a5421bc0a19fa6c87713a72eeb2a33e5eadee8c2f32c20d14f403ab8bdc424b9e8e0c68 +Remainder = -24227c242afedee2473c1a66a5cc29 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2f622c665af7f8126eabfd90df8e9c5 + +Quotient = e557e6d2180aeeee5d2cef453fbdf38e84cc148f4608ade8836045498be2d318520ffadcea6319432 +Remainder = -dd290149e0e159f9ba6bb9f5a4b003d +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -14a7623d1d9dfc177e913d3119d0d30a + +Quotient = 1651d852316d472b41ba0460566e43fabb9257861859ad0fb6ea5a6433a4164299e078f4d50c58afb +Remainder = fb60aff5fdd2a2b794b0d973ac4d92a +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = d439da27b5e70342aa5cb365ece15665 + +Quotient = -3ae357761a8ff43d3b1bc53eb336260342a39d22f8fac44eeeac96c2f6de32580dd6a688faa9c515 +Remainder = 4fa6f7ee4faf2f6be99c5ce4b65cd642f +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -50700f9c0da59482165a47a3eda2bf07a + +Quotient = -543b4390e4e254226683aa0b83b2ca176ec27a373969fb88f766ac72adc9125ff83b2652e46afd3 +Remainder = -12ff398d9a7d9e97a7f63a0bb293c8fb0 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 383c5a4f1767e83fc382ad4f1c7c2b7ddb + +Quotient = ecb72c14c59d49287fb6b2cacdf04619ee617d5f3f0f1b2890fd4e79746a4fbd848613cf5eb437 +Remainder = -1035512a2717a89062d48f1bfd213333ed0 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1402b751a1e5f3fc46e22b43240d6ce9b27 + +Quotient = 1e800ddc5d5126f322298383f32fd593623eb88a91b2d68c5d9f56e20c16ffe2cefabe873570ab +Remainder = 72935d534bed5ba557b91ea023601f50b1d +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 9b4df766c608ff3efe5ea1f65cc850fa73c + +Quotient = -2c2dc2378abceb983904cdf6728f361d279b4c821710ae785724a7251c43fe4f705f023afa7e2 +Remainder = 249f6433af4e8e224eb570fd438197af62f3 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -6b382f812816c77d65c94c0c660b31a69b8f + +Quotient = -5f3ced1e42fbd3c6b2c6f1e16953e0c1bb6efb4e49566f974a968f69a1a66a3d7558f5a802a8 +Remainder = -317a7fb1af65982fe4641fbb1e5837e6ea3e1 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 31bc97372d17038fd842b72eaba2abb26df62 + +Quotient = af3fef8111c449b9e0858e7e53e1d00b764232f7a077d75043249c387ece30af351c8a40335 +Remainder = -a1493bcbf57a8480461d62796aa8f8541ece4 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1b076b2f7b78b4a0f0e24ba3a05d6c697efab9 + +Quotient = 196734cefb08f09cb32ffefc07da8d9545d3451d5a08736757184bad94c73be71311cf1e01c +Remainder = 273e33521f4d74840a96b3fffe169f79d32855 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = ba7746f4400f812919a3dc86b00642e1487691 + +Quotient = -3c5989cf33145057a9c8e904435d12939db519cc6b9ca1c0a11934399cb139a73613950f2f +Remainder = 456ebf56c636d54e37709b9e799e83b7a08cb93 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -4e7d4f389423f42e980eda55b4a6a45f6f4bdc2 + +Quotient = -8432cf3338bce1d12586f83025aea50cff3864af3eb2103a36bbb0aba10b0ba4831641633 +Remainder = -4f62c678137df301c4bef216e6aa910104e76ff +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 23d4c57b5a8162aae8d937be12efbcfd7b96ec06 + +Quotient = 9f94c4399eef16dfc65a1e015e0786c86470299865932c4d564b71c9b1551a9c0308af38 +Remainder = -168b74a6073b4a5b54fa14aacb5c3bb7897ed0fe1 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1daecf01ec633610373b79e04c22cd7499012bc66 + +Quotient = 1d5b838dce6c0324f157ad125adefde6e1045dce9ff97cf8d1d39b79bce02128e3433ffe +Remainder = 3aa816216d55fc3c910a030fd10fbda1e12f2ac2d +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = a1598a12a84e9cba42ea0e200e88d4599c9f615fe + +Quotient = -3edb182b53890ca8762f3039d2d71a8a27c36cc884d0879e0635e6326af0182bc47cad7 +Remainder = 4610b2b1305220bc0de584dd3f87d90109012a8077 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -4b5c2f1ba3a82047c9de61d47cbf1bec86b6ef90d6 + +Quotient = -7571ed4c509630886483f6ca0923859e644063acb38cfb338bf3a681fe449501262516 +Remainder = -21c579846594fc3e5efc53ab01576a7b32d69faf41f +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 28550e1f7c6492f4cb682c37b105f92b049c13fc03b + +Quotient = 9ed8fb31327a110ef4377258681c5287de8ef9dbe62aa4fe84a7f2a94bb69607cbdb2 +Remainder = -1b7bb759dd0ebc346cbe216e56be8063f063490c17c5 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1dd1e61caed1efc07d21ce05d889de1ad65808cae026 + +Quotient = 1aa716227d1ca6af68286062b2d6dafd7ade16abbd5d6fa4ada0365832fe18f73bf35 +Remainder = 32e714b0c4ecefb38735cb88cd5e07c21c81be858cae +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = b1b959a7b3262d7f4dff488315903aeaffd982b726d7 + +Quotient = -2a9979a530046939e0b43a25edfbea6775784eb5cf346a9fc3a2d22e1aad473cdada +Remainder = 4edeb91a2472e80068b1883cf2cc45d68ff9bbed1756b +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -6f31bbe097587a68fdf01d0bf93830bd03a23920ccc0f + +Quotient = -566ff76814e1c7d31ad53bfb9f3c0607ef1f7d1cf9bdee6e1cfb78b3ad7018f8bbd +Remainder = -1eac095d6d84021c33aa9b219d191bd0637f20b5920eed +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 36ccf5bdece624b4f54c729a8cde13325d8dd764f44894 + +Quotient = aee4f377611179d8b6315811dd94639aaaee63e99bddcfa8eee297ce1dc04daf8e +Remainder = -59cb3ba7efa1637c46b21795872e8deaff90f13402cfaf +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1b157ad838684b45065aa77ca3238a4d8c5427f719cdfb7 + +Quotient = 1c72d32cb83cf4a9043d3bb5002f61b03e29c34e44a9fc5cc4d613726f5e618546 +Remainder = 7312d11fb5828c7f1a0060a5152a7644fc1e6a59de28d03 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = a681444c4d47d829f7b629b561ffaa0c3be1232346c907d + +Quotient = -2702afc4095a0396215e3ca36e2a59725f743b30de0dd8d4ec4d943fef6c37162 +Remainder = 223dd3080ede3a64744b14df8742cedd71388b0df99073bd +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -796c9ea38ccf516a2054a1e584c18b64b996c9679960585a + +Quotient = -805585c6a7badc933bced6f8373ffdfe9796e963d3fc90e85b1a22c38f842062 +Remainder = -a6ebff3f651644915d5c466cc2915d104f0f85a44e08fd6f +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 24e8fb7a6a3057ddcafff92916c46f7e4038b98c3104ae831 + +Quotient = 10383ff8feeb180d4fde925b534be97ec3d5f1f1dab5d8cd9ab5d8ea646cfcdf +Remainder = -a7efdd0401c74a69cf74442fe3da907acf92e8edc51668828 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1240a71ed8d81e86fd9b16e1d64f438b35d6f8eff672494017 + +Quotient = 195d95a520fd22317492117dc756ff97806c48c1aac67a41ae56fe503a60cec +Remainder = 8b8692bee56f8a1ada9ffd8b3583eae33a0df9b73a7d8585f1 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = babe02063b61cb90634ac0493174073d2419e00728d46ad2b0 + +Quotient = -37791adae674b866e4791c107a697363847dee4a58a37806391426ea48b8c9 +Remainder = 33986fc6a5f5c4f4e31458fc7de55e08a4e9320509d90299b93 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -5563bb852e7338c65aa21c516eecf47f498e5788c608ed46cae + +Quotient = -68a30494eceff55e4f54a556dd9b30025ccfa22c0952fd746adfd13d31d00 +Remainder = -1b511d0ab81d528d00a1058850bef48df2e9ae9357e779bb9231 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2d44e919fd27bb3fd2093062d11830c30fa77febafe0a2082cc6 + +Quotient = bd30999592dbeabb8871b76aa04cc1c6c3794a83f0178c2ad505d8189485 +Remainder = -b0dbce286df5faccf0bdb40ca60f508d436f9410c5e49c3f1360 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1909930e2d16fc877c15895a3ec8b2125858bfa1c5a1b8776bedd + +Quotient = 2171694ef4a9d57b83b09357a511d4e11cecbab5e9387928b480d686a0e9 +Remainder = 29abc8898d5ef85f87323c2a6fa36ab6e1bdbcc0ca742b1a2347e +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 8da37bc9c7c9bdc62f49cadcd40e156e776b7f4c8f7ad543f463b + +Quotient = -267d470f32911150d9944e684c14e1834734b15475bee968748dd5f6502 +Remainder = 53a2ffef61709bd7143c4c876e021f20a99ba481f2b11abcd45da3 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -7b117ddccee97816c2ca2f1a612cc0d94ac67f5a79ed41744c8fc7 + +Quotient = -5a21a3bdd3a3d4f1361a978706ba1cec409c296a5b3c369e91fc8317bb +Remainder = -2cdc818f1e445fb3772d2a56833aefb2f5565a5fca80662e6fc1845 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 348dfba3c793f0018d7d3a70c4060c3148b4a3163ba60af9d6f8b04 + +Quotient = b301b4050fdf4ede8f9c746b26d968110e1eb119ca42cd9c9bd8d4fab +Remainder = -17993daf81711fe59204ec82e363d2b91971129af9206ff9506d3cb1 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1a76328184b9bea8770c91cfccf8ab98e75b2224d666af58022aca80 + +Quotient = 19c401336dd43c221a61264f8b91791d250e6c99c61850efe6d1e3532 +Remainder = 6c9e547a77c98eaba1b021777dbd98ea88f7fd37c95a2b182f2b9067 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = b7d7b1f95f4fe2f267af88b81af88fbdf603e54ab6de73ccd000c32d + +Quotient = -38a77853de88a8db14612884b515e3cd7c673175779d4ab71ba58f83 +Remainder = 51851549cfa00dbfae388cc3b46fd4824268e00e12fba288acceab339 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -539c0171f48e4160e5c308ee9e74f35d8b6d032e946dbcf748b1335a8 + +Quotient = -79a7eab82e5b65f4f6734e8803fa7c30852ea3ae56e801c5dd11778 +Remainder = -f89592eedcbcc68d5df80663b3cdc638d9d779707d4ae5a552d97d009 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 26efac15401a945ffd37066bc5af23191292765164a0f1e4fd537fd64b + +Quotient = d33afb58753a21581c5b2351a74f3d220599ed56ebeacf1d43eeb2 +Remainder = -f699437f44af44b3ddc080f5b74f753d35f70baf3866040ba3c64b30f +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -166cc6a3c60facfa0d8d318f26c6514c7eb9113f6b625c1de804ad379f9 + +Quotient = 19e55bdaaa5a375c36e6869700f8677db563e5cf985be2a8d1b012 +Remainder = 7bccc3a653f29f3f45b52b8de2449c868c64d976666c01bff2dca03a8d +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = b6eae7a82b5dd1554795573cbf558d7cfed813eec270c326bf290adccc2 + +Quotient = -297530094c3e4270ab5cf67e60fa5af6a32eb41b18b050fa6d46d +Remainder = 62d8b502e172da7bce53fbb7c1ae376b6c21b3a3a47523aa0023406e353d +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -7241ae5f1aaee9340d437ad2dab94b70dd29fc6fff7fe31b100aa5001644 + +Quotient = -640f3c38230962c6d6fca459afe0e46137525e8d62dd9b84da73 +Remainder = -16fcadd5155910764ecf0b4bd0afc3707e2ce49cedcbd5414f1c7d860e95c +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2f570d2da7a4e62097eb494ca43f7bde33e36525308dc864ffbaeb5d48f97 + +Quotient = b3895ebba13c8f383ac0482be02e1f5518511420cb4513426bb +Remainder = -21bc847fdfd48c7a4c36c778681ea20481081cbb7af6b281c8b8ebf2b2c3b +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1a6233954b3480af5f911a6bb8ad33967d5e0446c3e56f521e892c986b6b82 + +Quotient = 243f3fbefbf842c79c5e96162fc42fe4f177a59d27681c54b3a +Remainder = bbfaf15a90e744dc4a1caceda3cb339e5491e4507a1118613c5e9739f976b +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 82ae783b8a13e2e65d52dd3a6d6b057163347872f4d72245ff364dbf2421ff + +Quotient = -30f7cef2948c9ebed8fa3c5ea9a9bfa96ee4e9729c9b18e9d3 +Remainder = 1feb3fd887629cca60c664e385dddf538d9bf7fff2d34ca9e0e7614946d807f +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -60bba60d69093c0134fcb90aefdb9c190e7bf037ecc13dab3cc7915d7893046 + +Quotient = -6b6f0183c1f598a68683ba7435c05d700d74681fe472669a1 +Remainder = -1f4d58f81a8c18523918d31791a00ea9aafbbb87792d90a5392273ec4e405da2 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2c17372a5128d7c403a3b94838072ecf9aff88d164764b12bfbf6261df957e2f + +Quotient = c4347fe42b2a7d9d5a650b72724369c5c1f59262a7be3fc2 +Remainder = -1103ec9c4a15373949cae4e34b7b42e242da41edbf5ad8362ce5e5426d3154a1b +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1824671758069b7660bad819f06c86fc76a9344ea38412058380363e5c5b4086b + +Quotient = 15e8c8d6847dfe974cefeef5fee93da9e58b74d640c6c413 +Remainder = 61dac240f2b39832903d5ecad9cfda5162bf8ebb0610545f259b75c3dc6ab8771 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = d83386fb9682576cc70cf84520c53169e391b414f5421cddca6e257bd77753c40 + +Quotient = -3572711bf994e6ad48535cc4d65ac323ef1ccff530b4337 +Remainder = b5899d4cb879e37022c539962959339d055900cca16153da09b54c658753cf50e +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -58a05faf5c61f85ac5a090b6bb045c851ea17332d9bfad4309ce2b7a79ad3cc575 + +Quotient = -6931ebfc6e34305e5d7cba5284829d088d1ec0abdde508 +Remainder = -1b09eafde481064bab3a5c7fd895edceca40b1e62a9cf953eae1061dfbe00936391 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2d0769f392ca9ec629ef1bfbdf08cd8cc9219330ffe3c05343df792dd94b1147714 + +Quotient = 9a4800f0cb2bfbe8d234410deb510103b7da30cbac7d9 +Remainder = -971e4a529e439a1b96b942001631027ff2fbe40b8939e224adb7f2ed30faff64d1c +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1eb3d7971125a036c3a67d9f5ce580a4ef4c469a492be53a55bafd2eafd4032b5b9d + +Quotient = 23116704b7a1a86cfa2ee5707ee46268634db5d50dc0f +Remainder = 467c6b64c8121e4f250492191ea36a27119a0a6d19af519bf7ccdc2436c885c99d85 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 87134e98f73470e23a96c6a9139af3d4d21574de8aa9ea1d720df8940bcbda343694 + +Quotient = -3b7f72ecf4f55c02366c52f38a827f5773b7cdebb9ba +Remainder = 194b334b2046a66be3ddd7c6df01c88967fcb11e97b8206d000bcf6043c6e9ccb13f5 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -4f9d0341cadfb1f0bc38184d93503faa196fb8170f8ba2b5d3b512c09d39b7f79a5b6 + +Quotient = -6db1d69019dd4cb26fd65d5b88a31bb6413b30278a1 +Remainder = -2042a060391e181882dc0c8d91c3b03c1ea35e2eff01babb3ae876ba1e57a505d44856 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2b2e8f445c0c3aaef0285945e4ca37a700310e003086f34d02c891b94b117f3d3032fb + +Quotient = c0e5b9a5853bb21b5e2e37f469764579d5cb2bf984 +Remainder = -154669d4bce7914cdc8d79f2b8d1faa43e8cc3b20fb0767e1c9a47c9e1daed4b665cfdd +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -188e619dbb719381e701363de874fe168529c10f30d3ff184e4356991fdec1649f72235 + +Quotient = 180054f8c36833d44cab9dd61e6d89d28605c564af +Remainder = 59192ec5c6fbd9773b8b7dd7d8ab1800dfecc8eb01c29997d15ad75b79575d9e26e1fc9 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = c55b5eb165c63ac2794bfac21980ebacadb93f1e059309fd2b855621572e8d9b3f29018 + +Quotient = -31412e97045c19ec38951b0e3884c66d1d7479437 +Remainder = 56f1425227bfc6eb1ecda7bfae0e5cb59e92a2cc5306b28465c8739e40893dc5c1e94cbc +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -602b8c25ded1ab3877f58cb048c733649c7dcadf87b2652e35c4e5544d2306107ebff7b3 + +Quotient = -8da1489ccf7203ecead94c67a5750884122b6e75 +Remainder = -15162026586a1e55dda72785f31c9e6140d166a1fd34c87a7d8c78f8d8f87bbdcf8f75b1e +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 2171ee4a6f7f67d5a33d0a08c367184d70ffe39da28562655e75f6b66c866b1c2ac93e467 + +Quotient = e635f8bdbf80e99723aa5718d3fade4e573be2c +Remainder = -ffbd73bfe05f95bc2b135f12682288c620215eac3d6d56503d93a90e06f236e597d1df975 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -149375d478a096e724b84faf795c589ef0d772c4623f5be38da99006cd833dc5b28363faed + +Quotient = 20f76f5c6d0c8284764a10f6936c22bfba5f851 +Remainder = 82e3fb3f7252dd87b5370d26d9e8b9e98c7d333701f0ce8a05c337054c7aeb343d04d7e342 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 8faf8c0a3ef94ab1069394998e5412a7d84f44aff97edf63abc46d96f897172c38faa0b13f + +Quotient = -382586dfe93872abbe3a504fc62a8973913f96 +Remainder = 4d407323ef56093eea2f3993334215950f4e1a85ba18cdcd77d819d92b8b292c3ec8edea425 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -545d81ed25602b158bc79aadf98a8f655fc399fb8652ae94333bf54c8c9ffaf8c6b3f2a9d52 + +Quotient = -7d179efc493eaceaf46572a1f3a62bdfc4a38 +Remainder = -3de3d817a9cf7d529b5229a503e8ebbbd2c53215ac3c584c010947f780198dee16ffbf47791 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 25dddb00f65d6a1ba8caf7815a8063c5da656d775eae9e0108c68ce11dc925183810888dd04c + +Quotient = a9f7e5f235bae0e3e29393ac5c99d510b009 +Remainder = -150478b4a0df3eb20dcd1be8da283a00636c021c5c6337e7732aae9c4b49853b95f6d2475ea7 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1bde6cae7f5ced9006c0b1a61fb50982a433e4e2050aa486298f456556d8e909e96933e2ba3ba + +Quotient = 16de125df5936181981b4c2d0051a8b4d211 +Remainder = 29ac7c8a11f9beb9ad649257994216146b663bf4f237c561bf315d95778fcdb1010283475ebf1 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = cf24735a60ff5906410be5c4d98e3c9247919b57e404aeabc7eaefbf07bd64762bc61b96c9040 + +Quotient = -268a52cd10ab4814268f66d9f44f71a98eb +Remainder = 20293699f12fbfef2e391963866fc082a7884cd13b1c9bd8d5d203558feed2b889720be936451a +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -7ae7d548212830013b7d653072c33f0dd54a6ebd8792bf75809d29a8c798dbc67c3edd99a69b85 + +Quotient = -8f051067ccb82b6a3dffedd0ff2ee97c46 +Remainder = -100dac0d3bf5aacc5fade281c071eb2399560a65349566567ce1c0c34e43f175a575ed1eeeb3b07 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 211ebb5dc59a051fdfa3b18ac491971e863f2086cdc099672c1215af4ec877e29950efa4f487be7 + +Quotient = 9b7ee4c499386f922432fcb1a453ee2ec +Remainder = -f410122a74386d724cdd45b2e548645ac5ee4a44cbfecb82aad34ae470526674da44ebbf557bb75 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -1e76750814dec1ecbb1af0fa2281ab3185e94e47fc16a77fed312f23f261ad7709ad7c9f85862c1d + +Quotient = 23efb26228d7bcf281cd45f54572e2b3a +Remainder = 65bf2ef1c2f8e94d98060aa305f85e6cb869c74eabad99877010d30654aa2e578ef6aa3c5f1122e3 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 83cfc25e90a61cf8686e3d5857b2f958674d478622c54cf8427275ca5e9312ed24e44ed4a1b5e413 + +Quotient = -2cfcae0e922f2d884bfa0a3346dc9812 +Remainder = 14de2725b11a9c6784d9608c52770d29b9fbf824ecd4890bf28f3ec0dc6c52e4df9be540332b8882d +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -694b057ff381badb37c7c15c81e74cbd6774e8d61c9e7d450811c36262ea834fc1287fa59708ee072 + +Quotient = -4c0238ff3c18d4d58e543f020002802 +Remainder = -2ddef796c50817e82ea6f64a02a8c6b30ab40070ff5401c2d39ca14b9c4d99de33834bfe566a0c2efb +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 3e51c9ab14f522b55e8f9d3ba995c0846a864dfa2d568ea211b0cac1463ce6a1da72d0a15746fdcc9b + +Quotient = d41f9102a7785ce64f76b7d7b870b0 +Remainder = -106eaafdd518c658bd371164ee43ccd915a01b513fc7d220900039ff840ba36450e16ce9987e08e7141 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -16549c5d57b531528dd4d781f03cf275b66cb94eba038b782b739c3ab30b8631c8706abac06004a942d + +Quotient = 1616b432b3277e774aad92b0cf544c +Remainder = 2c89373720b834d718ff3df985ae47c3a7cde0e0309f682f5fd48dc97a1ff3d69fa0dcaa1245e956445 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = d6721300e877a8145d05f4f3d8085697c2ca5f34a5357fed0bdb7169f83b6f8d855232eeea594846b79 + +Quotient = -320fd6a7375a42a3961362ae196d1 +Remainder = 5336711bf81237ea3449f4e9f4e6358dc250f8ebd86082cab92a8079f2c8f835bc783082efb0ed7e3f66 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -5e9e8e1d446fdd314d487cac1226088696e33161d923acb67d3c75e87e428bdbc193e02f53200610fcdb + +Quotient = -4bd06daed3f30345d269f51e4381 +Remainder = -1f3513bdefa40662f0f50a04b418a833aa2f85522dc6c399298b1b147662ef2164ddbfb7247ba9511b8ec +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = 3e7ab7ffe5f63a6c1e109b95b83af470ff820cdedbb3c90c398ec42e44a45e1ca894870a7fa51f17ad5c5 + +Quotient = d6fd01a0c5b55fbe36e58bbe77b +Remainder = -c51af3e8b430870388357cb366ea888bd7b4ccde09ad3a1d2ee1426af060245c6d6b5980ae87fb66c4642 +A = -1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -16086df3dd5e665f2631a294563c68931faa19ee67d6a2153d262940a648ae71bb3c1745daca5ea977331d + +Quotient = 18bd9a8f5678d28cefd955cf99d +Remainder = e193f2fece67b7abe16373c3f84f18dfedcf654d951bf47585fccfaf67ee04f5037354d057c9f5eaa8eef +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = bf758acacd11f3f3e6665cd740517c9ab2384266f3c7ff9afd0888cdad2f6c9401c24d6c11fc3949aabbaa + +Quotient = -371239db55c79521206c9e60c0 +Remainder = 93773085af7582dd298b09d7098835787978d820289ea6850f27d0d77eecce8614785e32b228f46ca4b371 +A = 1280d26263c574f655ea63006f2930666fbaa4de1b09a11ab0e47dbe0054711aab90a05b1185454dcf046745436391a673426000000000031 +B = -56033fd85be464301f10177b58d895fbb6df6154da5c2a2a7cfc3a24d83a96f5295fb17a08148a4e51dde91 + +Quotient = 696d8e378d12221e2d970c53bf63a20ef381db8566701972c22fe067cdba99c57b68706a5c6e52f21bb3de861e49ed2141b3036f07d1fd0ee +Remainder = 9f0e50ca76031b +A = b2668f5fbcf4170820ed3fc9b12a61862acf8e3cb17175482efe23c5cfd3556e77634d407b6d1f98a73437a8d6066319a7a860afcab2338a1b1313037e30f4d9 +B = 1b1313037e30f4d9 + +Quotient = babe271ea266bc7bc16d193097903037819f82366c7e9ff8f2cb14157b40433c6ee327038d5dcc44140b070d823befaefbee5e13419f6f17 +Remainder = 93d7c547a9ba0a4a +A = 74b1a591f449377836f378e05d2902b29964df59c6926e5a9182cc09ce3111783cb7021a185340b4880d56635de268d6f3855c4d9997373b9ff8df899ee3b3f1 +B = 9ff8df899ee3b3f1 + +Quotient = 890139fef28aa3b77814e1122b9c7f26e746ee3c507e6082b508fcbe380de83b06a01f735239c6847c30eae44749fc8c5e3bd97eb40ba297 +Remainder = 6c97aace900389d0 +A = 7e89adea82b4cb6feb41297b6dc8d948e72c3d5554a987900e7fae48cfb38fb5282b13d9a1f5793cf7cbf1ef551865041c3ffe0e287714a6ec7123556af55a48 +B = ec7123556af55a48 + +Quotient = 1fdeead441e2d7a6ce3cce2389b2a22248ddca7970ae3f7e7d8453052fd08534ff7c46f6a4537fb6f28df6c5fc8a7d384336e679b74205315 +Remainder = 2903c7cc2651bfa8 +A = 9ca66de3d83f0a747fe986464522bde5e42aeac20e8ace1ea13fa6bc9514c58517479a4281d4128c6d775489b85dfd114ad184613f308f6c4ea484a22ab0ad1e +B = 4ea484a22ab0ad1e + +Quotient = 12f16c8f9f898a08853982e2ac5a906d784c5ab8d74007ba3ab311e861d7c1ac115efe694cab7583f75a4a59ceff2887dab53b2f1022aa452 +Remainder = 4bdaf1f352e87aa5 +A = 6e6a97b358b591b78db43772378dc084a11836ddc9dd4607f263ce620714e8fdf6bf67387c163b6f2999f84270802b4bd5c0f0377e949fbd5d42fe145e66ffeb +B = 5d42fe145e66ffeb + +Quotient = 14e0c06c8cff1f9f5dd8afb6fa6c340f0953a18ba7d2b26b22d8e7f946ef20fd5ac277ceb59cbd4ce3e8213803c3b5b0452ed449e22bf2c29 +Remainder = 55422f1caf4a9a00 +A = bc9c054ff568af73e301e0751bc1ee055e82826cdc53449f2d9f45feda2ba227bedd6df9b74fb58a85917d60b087bef04a156a571716e9bc908ae83784ee35c0 +B = 908ae83784ee35c0 + +Quotient = a457ea94da3237c0dd15ee30e9c13e7b4ca1dc90fcd67951b873787206babaed837a3eb17e298d74cae92d1059636f9aefe11aef9ffa31053 +Remainder = 124768541b600598 +A = ea6dc82b1906c277526ed867fe8b0fbe32feecfb935dbab860aef59a7d72799fd4e952e70b4c9304c7b2a06af8badcd6cfa12d0b6c9db38d16d2c4a24099ca14 +B = 16d2c4a24099ca14 + +Quotient = da0a37eece8972a0e2e8817c54e67c4d9f92373340488539d5051984bce0ae3300ef6ca9d0902daa4d485dec3b4db6c8b1ffd2c5d08b18ae +Remainder = 1ba15c46023500b9 +A = 36ca8763e20e6ebf07a55cdfdd83892bef0bab68ac092093bfdac1a49c1da015541196a24249bb2262e70f7ed53e0fbae61f02ebac4b61f740548136ce50f243 +B = 40548136ce50f243 + +Quotient = 3d8c433daedfbf681b528f88d610204d33bbe74d0b13978c34a617ae94177e07a757519b5a8f1a93a73d0751c7b5b72b4bdf475a9708fecac +Remainder = 4cdfd72349c6110 +A = e0dd7e73b2a64dc017da65992176e2535c43b6fc14f2f7b0a7d894d768bbc77507eac0112b2dc3ca83d70989a1b949ccf374be6a012d80a23a74bba39671fcd0 +B = 3a74bba39671fcd0 + +Quotient = 39d084b444e39c32f2883e9968301151802da15141f65893f37b8b834eb01c074aa1e1a978c5c99732c87ae106bf8db09e1728c8bf2aae88 +Remainder = 2950443357cd7477 +A = 16df31dc290559c3b6a3d192cf15d825cfe79f8dbd5c9848eac7fa90eea5d87f8b430cccf9baab3e8e4dc33467a4234d8551ff25e33af175654686ff1368e96f +B = 654686ff1368e96f + +Quotient = bbead8f70c8e61114f22d36e97861f16037efabe1347613e78c51d7f539065421a66c907faddaed13ad2a0f0b00f8fd594e917799cd937e5 +Remainder = 3013136f5f728b68 +A = ba5e688ab4f8ab5c25592bc4334b6dc2b7a06d491d0f919b716bf1cf109b62a30d9dd59dd4bdf870dd2687894edab303277a5f3e3a537cc8fde3ee3bb61767d6 +B = fde3ee3bb61767d6 + +Quotient = 42aefe467ff2a5614efef1edce25a1acba9c476b3abbcd680140a3aecf8f51c1ebaab8912de217451bfaca2842c0bae717b8a030b6318c0 +Remainder = 1f130dd2ead0d35e +A = 17bd50b5322c51ac883852ad2a4446c039dbc210ca3aa0313065fc88cce6819b324e93b036bd0c71be58586cd2b243d01a4a918c10ea0cc5b22f9d795df09de +B = 5b22f9d795df09de + +Quotient = 13de73dcd72a3638fe2a907fd7f6574bbb228698fa60e4ecffb082911c5f09c74bb4f50564d3d4035d07eedea38b634a3e3acc26c8e9aeff8 +Remainder = acb8702f0113e0c4 +A = e0327b2e59236a3f91ccf960490cc69b2afc854de9299ad2edff9618f9fe24251886afc65f5c581a9bc86013f356d599e98b8b10f5236a51b48a6b29025983a4 +B = b48a6b29025983a4 + +Quotient = 27d11481f00519b786eaee96220afd45bc51700f7366fb5e7da35bbc84891aac3d9d2b709dddae371a6b78439fef810c68eef586e1d68350d +Remainder = 3d1890c5e1555d74 +A = f3504d5d96c9e27a1527725ced337f1cd0a183531642051e166507432c01e8d44c4e8918701c2a05eb8a9d7e26bf04993f9adeef2826ae4e61c602477f849121 +B = 61c602477f849121 + +Quotient = 10bdeac209c67b023044186704735c7291423054bcddc24b731ad601b49372f4d5ce6e9d85002f8dddf0411efce943f81a5e42cee2d0c9fe5 +Remainder = a93a0c5bd51004e4 +A = fa29e37b0d0410d19fd180149b14f94ec2edccd347da65f6832850aa06a61b7b78c96faf64dcb347893c93c560b8043466419864a382c6f2ef1412873b2d8cbf +B = ef1412873b2d8cbf + +Quotient = 1c9b6cffe44241292320c0660b89f2f77aaadc8d36e33f5ac3da0f12b3c114a156870a92079f7192d237f8bf49aeee6282531c929cc56d75 +Remainder = 1ce3e5eb13ac7958 +A = 144325a641463ed6bddfcbd73e50620a44c606d71fac38efb1c9d2747b4903f7b51fdedacfb66db022aea09b43c7c2ad7b851035165ebe59b552d4f7eee617b2 +B = b552d4f7eee617b2 + +Quotient = 1b4ad18dc0e634053beb3cf840b53e35117ea06309ea8ca22e37123fd7e1d391c96c792e5125e322c27daa73301024080d73ba3491484b659 +Remainder = 3286bdce6dc3a828 +A = e3a2b90d3ef446f6bde30d3e726cf3e78212324054b40deb0b18fe00645568fb0a6234b6bded6240977373731bb30d1349e25cefd54b7a9985735e9b78002691 +B = 85735e9b78002691 + +Quotient = 28f5e8da6733240cc2f18e3cf4d42a50d92816062af33a9e1871fa89bdb39a0d905c49faf51cc1c1378741bea34d25ac2c8e522881a6f6087 +Remainder = 135784870eb40c68 +A = 593206f9367b72f9cc59b3e37d2eb23b2061422859162ee53656899c2471017474f500c6e23efe1f6b1e57852cd4229329dc182ba01a257122d76a26aaf9b844 +B = 22d76a26aaf9b844 + +Quotient = 1ab276448d16c533b6e90b5b5ca266e13ec27b5a58c80b7657df963ec2d1fe4eb1c1d24873eff6408bcb3d0cf97c31e85240eedf0efcc1e5a +Remainder = 27b105741264f875 +A = d84fde3d851b52ed3b2a1268e9b765ec6c09c5768bba709b3b799802fadac30a6c3184185e6d57249b1c34619f3c9d2b90bc0c348b22537281a39fcadf738083 +B = 81a39fcadf738083 + +Quotient = 84a87678485b3e60ee1cae3701ebdf0a29ee44115a492c34a0c8e84090e14070eb2ad0abfe2c339f26b5099327515104fe3d1c5546feea98ed +Remainder = 95f7434941f9d8 +A = f79a0643bcd9c28cc22cc7b4178b3340e4685dd2672792516d6fc08567d2de2d3e25d43f100a58826edb146ac94acac4213bb09bdf8a258001ddd0ab110b89fe +B = 1ddd0ab110b89fe + +Quotient = 516a2ac26e5b3afa502c7f3c6f15376f7a380e5842c229443343b5b74dc3de84db3ae99a0c57043e32a504ded19943c0310cababb3e92cf8 +Remainder = 327cf78eed336523 +A = 17c0d5814e1020d5d69674bdf6b9df193a16c0c8567a589d014e8eb7f6c9c36560791f7acbbbacee7c456eb51a4cdd7ca88011e9d8d9f2d64ab08ad74f7be5cb +B = 4ab08ad74f7be5cb + +Quotient = f0da0beebcfaa716f494cf3fc81fe65117c90adde3b3942e8e66986fe8050fd5c9ebe1c88c5db04cea4c4c14779555d70cafb53870671f95 +Remainder = 3b2f844440d7be00 +A = ebba8c393c2a22b094d824ed95b4acf6875719fc165f73ee6d359e1134949169fdacbb42d5deb8cea96e11e3aac985635b5bcc6c02a6778cfa8e03d9ce6fc680 +B = fa8e03d9ce6fc680 + +Quotient = 56527f07593774f0fa642241400985d0bb9b41d3dc9e025ca069130d93afc972d75e3fe0f798e127c3e1b4e925000459a3a5a83b15186e516 +Remainder = b620b7a3b752b78 +A = 5d6cad9e26267abb480b2b9ac5ea323bc4c3c53e0de8ce40c89c85accf0499aea5b11703a04296519047585ff12f8795f98da0546c20016a115100eddabfb468 +B = 115100eddabfb468 + +Quotient = 294dca3b56ce9529aed2c132a9bd6c0c61de7a58ac50582f396b4fadcf7873b502bb869f801a9ab1f12384631cefee72b3e6050a7f69eba4 +Remainder = 53a0fcf5486c7a6f +A = 24aa73803f270185d23310df2cf3ef67b18d7800bc41aad2ca13f372a27ef0a9217194f3f512e79f545a903895def195a5eb9a1a1b6b3f4de340e9da9b305d3b +B = e340e9da9b305d3b + +Quotient = 16bf4dab1c29bd284c9b6649de65a4ee58f21d6a8b51627ca133fa817872b1a4a9956662db0aead5898ed0eda08511be7c47449638f2fab95d +Remainder = e7751deb047d98 +A = 77b04d93272491322ed2fe651044e28cadb2ae7825f02b55aeb0f73b8b8a8b336802416fe08c718ab681581ac04d87116323f61f50bfd2180542fcd4a46dcff6 +B = 542fcd4a46dcff6 + +Quotient = 388ae1c243bc9111e663c0c80495c36e8767bafe188b532b7ac84b5160d902af1b638aec6e4c66955d16bd8ce94ce6027a7bf95910f705ad0 +Remainder = 7c667ea307017c2 +A = 52f357e9a57722a867d8199242e100f06e8df810ee913d6992bfd9dc03ed78bcf44d692aaa7be806df0c9e0802851d7ae8405f76114e6322177907198f85cb62 +B = 177907198f85cb62 + +Quotient = 33dc2fcceef7dce92e3a9df58566c6e28d03b58ff6ecbbb31e43936cda6380a56788285d37b5e8f11487afd78c39cb2150cc98d9d78a0c6cb +Remainder = 429a380c9f8eeeba +A = d99cf9a0bfc347c9631ae8c69defe1f1509c3ecaeeee5dbc61317bb73fa5cc6e704f64c865cf4d898f8a2f63214dbd511f61aa6e09856222432376698f8d2f67 +B = 432376698f8d2f67 + +Quotient = 18ecac9e5539a014cffd8310ceb1170577cb23aa9cb3c523d57ad83069d1609ff743cd3c275b67097a038b85afcd7105ad21672f9ecbbc7df +Remainder = 37924fea665f5c92 +A = f87aa8b6e62b09291e0e9b832ad71d8f85d60501a8d89d2638dccd4022e89bc4932c186a198557282527dfa86dfacc2f90fe0656695b61429f8220509f5106b9 +B = 9f8220509f5106b9 + +Quotient = 37c0649a53c8cab91a7458702870bf64cb1de9fc1c6b9a3b92444119d368501b62d3a5138af72bdb7752eab8af6bf4e3bdb9e3beb1805b88 +Remainder = de179463e3e91ad +A = 995c04c1f24c4efe88393bab7a7545e39193662d5db7c8e557d6c554ed4367f5af82c463d0ba6bc3148620481140add5677937989e03fb52c0323980d8841d5 +B = 2c0323980d8841d5 + +Quotient = a6d193cfe7d8983768ff29908ee6e07fee99927a4bc4ef41d01f63f3b4a2e7029630b7d925d0979458cdaa903771286af672253cd99593b3 +Remainder = 6bf69921db298b3e +A = 55c856daa8110599cc4fde0a44acbd69a68eb177e0438f7d843ba0fb74caab2a7e0c8a6f176f5555779e65c555e9157a16a1497edf36ccb583a458f0372a57c9 +B = 83a458f0372a57c9 + +Quotient = 63f379bef9866b59f8bfd6bb0120a75dc03506b0034e7440764afc8ec14d8d735aa6f03a568ea98d0a74ab9bbe9c6e11b288467e5f79a2539 +Remainder = 11c077beb8667d88 +A = ff1fc3ea60fb37ff23e2f2f4e207a86e055cca41eebcc5bd6376904b51fb3d233cb04666fdc92be33239b5ee552870e45717890e35fdbe3728d6ff55d5662419 +B = 28d6ff55d5662419 + +Quotient = 285ba8cdfbf00b112e496ce65cdba2271c82a273b3d30bed82ef2d360790c5deb97f3311bd5eb9876a61e33b3a37782d00c2d5ffbeec752ca +Remainder = 1672a8aa119c3a1d +A = d614352268930d301aa4046cd38e2eda4dcfcc52eac984943f2c863de5c4f8a44473a8ecebf12cb8f4da4722d305e5c9c3eddc0109d416e854df334dbfcfdd4b +B = 54df334dbfcfdd4b + +Quotient = 358178128648fa9ea28dcfe68b4cecc7071e129e3ce4d113f5d1e387f7e5a412e9d2dfe5ff16d9987a544004d213ade9c134cc240eeb6871 +Remainder = 44c3fdb374bc0c30 +A = 18b973dd011969e29a1f4a5b8f118313f715c2e31dfebd9fe0957cf23cf36eded89c38637a8d3512bb23324ff2a3627d5b942300200c823d764b7a6c12d1c91b +B = 764b7a6c12d1c91b + +Quotient = 19ea7212f6604d423b308fe3f2f4986f31aea9d6a117a3e207e38ce5bbd8d7a866285ac60433630de547fc84e364c451457fbf864a82c6613 +Remainder = 2718de2dd0796f08 +A = 83577f755a448d5586e19486b04de7836818223ea920465c4eee979a9ce5696ad8e2fd5253b5d5dcfdf355465e8c0819658ccc5580fd29b351169b54c62b779c +B = 51169b54c62b779c + +Quotient = 13e0c5b9905770b60a6f978d1c983cbc84dccfaed0f4222f534df80c7d3d129f5e8f74f19581332a7f6d383915424c71db4ca19bde2591fcd +Remainder = abf5f6c8ab6ed4f4 +A = e2bf43c91cdbb244790eb165cc13feafea36f5187cc9bf8aa8cf202042efd5441e3822a1164992da5be750aaac0bb11f09375bdfbd4a39e3b682c7ee6ab5f5f1 +B = b682c7ee6ab5f5f1 + +Quotient = 3919f31521e87f90df3a4463d0c83fa31e3f569449009d307962d26f07d854e8d3f0badbf55311c206bf34e6227949327a93b1a5ada7a930 +Remainder = 6c3802d44dd4668f +A = 2546880cc6f97fb379afbc4a2664115ba7909414f35a5bf88be2ed5187bd1a24afaf82eeceb0b438d4999ebf9b7ec752236669425bd3cce6a71d9ad67ff2ff5f +B = a71d9ad67ff2ff5f + +Quotient = 121d5ad4115c2768b962e51d09f426d61624e0f203ac6c923289b4e7964e165b34f3dc1ff938a7cf37478d407de251c64db71d3ee629c1035 +Remainder = 660a35e1c1245910 +A = a36d3250c123697adbbbdf489e6cb40be57febaff654ca951c9fa0b396b1714c55ed6e05e468153ac443dabca29de9b43cc0cc4e62cdf24690593662c86fb5ac +B = 90593662c86fb5ac + +Quotient = ad81debaa02f6e60da58b46e76ce041fc4da64138634ea7b3c165b8fbda027eb64b6b5339e70babbb83430d60383c2cfe22029e617fd03a7 +Remainder = 2e4aeafa2ad76832 +A = 8992cd131757ba5cbe54aa58be115723ea3438ddc782a4d1996980b7b312fa76e4483584df744b10340e5fc9e468690cef538920a732a8f0cafb4e30846cad1d +B = cafb4e30846cad1d + +Quotient = 67a71b9ebaec91121a8cf6bc2932b6be01af7954eca69c5202d771c2c2d13683cdf90ec942a3445771ccfe484f947f078de825ea88b3c05a +Remainder = 8395953f744cfb31 +A = 4f8ada84096198175174896167405b85cbc03fe0642f6b263a70f9a22f19ad6c9aef38da8ac036d409e6fd925023c95312cebe04eb653e0ec473dc8dfed98967 +B = c473dc8dfed98967 + +Quotient = 9416326e2347a541b777a0fa1b0c35d8fe76c940d24c6f6806d6ae8ac1e280c16e480786478bda3f780ee92f3f3c361574efc2ed5ca98e26 +Remainder = b8ff45f31bdb58d8 +A = 902f5e48b96b9b1fd16c3b21292ed495987ddac4e1d92b2ab10378f2966c4399d6a41eef622a4991ccd1f647531dcd145de4ac99b3036779f9414ed2f4ba7e08 +B = f9414ed2f4ba7e08 + +Quotient = 403c651b4e571e8301c4158fc185396554bf61d900708d2af5c2bdf495b3cb539b0b9b5acd0d71654b3aa68024961d5a7bc9e2788e6c822b6 +Remainder = 7856ec047cec8dc +A = bdd6d846983fbf140173a26d2b709b9f31b4fee1eac9d25fdf0ef3523be0e6afb372acab470cfe1806b36d84017ec99302eb9eb5eb2862222f4916d8b6201d14 +B = 2f4916d8b6201d14 + +Quotient = 1b6d967173f9777cb6194c8f69289b91da731456fe5a1515a49e4463cd906c84f97381cabdf9f358d97fad5d3cb140e3a3de397e7f9f683157 +Remainder = 83649246ade8bb4 +A = e3da80658acd53ada7c2dc57178e697f2907c5b0c64f4a87a794ca7521105a0568a32874207646df3768ee60964b7d1d2e29ea6bf7fbaa7e084eabd4ea553a72 +B = 84eabd4ea553a72 + +Quotient = 27b8f1e49e404455cc68217a20766590e749507976a3a6de25a7cf2c32593aaabb04d84deba1ec6bbe048a2959ffd747243c396dc53c9c811 +Remainder = 3daa032278ce53d0 +A = ff3ead7c7b27f607d16f1ef4ffa91b6cc28301b9256cfcb0c22b6818371ce648ae8812dc50a86e4bdc0d0b1e5b0d55c6ba07b240886a6d5766cfb3ed0937a543 +B = 66cfb3ed0937a543 + +Quotient = bf987f58700508356fb6274f64a9f78d455e4c436fc6fcc980ec0800287ab3789b91c29a8a72b16645ecfeec926b6f8242f3c7dc3adb40cd +Remainder = c007da44faa80584 +A = 971aa67c9af10f70977f600e10f9278b8e66d2471956da38e5f4b3fedce9a5fc7ff42b800bb4a78314c70bb59394d0880383f5182b6c1960c9e5b47ef8e63be5 +B = c9e5b47ef8e63be5 + +Quotient = 7332104442474715d7c4cdac15fc1731240f8b4dd0e6ff3284a15a62a8f9a071dedb87f2220efcc5839cb7e6933a8f65d767819db26e134dd +Remainder = ef65a7789f54174 +A = bcea2ae4b1edfebf905a5820f0481b6c58d76a69df9dbe84764add3f49496a5d7005d645eaee3754e0ed105c13a114e6a0eae5cc4efab6aa1a3d3a0050fa86f5 +B = 1a3d3a0050fa86f5 + +Quotient = 3f6182804a7ff12fe7ed3c8521b55564559b1a47a78e1fd56597b9470e7e0f6e7e48c58bc8841c9d118718ccd5e0c0bf9a08d8e244ae60da5 +Remainder = 398e30aff5bd284 +A = 2b877181a960c5e29ab1b2672ee22539256a82369e8f6cb5bcfb69e5e4a41f782e89b58fc0ef6ca336469ff929729f8492b44f12199f0e1c0afd12b2c999e787 +B = afd12b2c999e787 + +Quotient = 1a80a681d2c42edbcbde552323dac3a1c03b43251a99b5549da6cb39ec6947daa0d574f0df68512984fa8e269b0b27a5576b3aaccb76ebc23 +Remainder = 378e44fdc7a5ec4c +A = d37e62f44de27a1418f348139eac5ab9fcc1ada21ea6d7695273daf638b4d7eee6745f54b99a9678cf742d304736ee356f66d16d874f8cc67fae9be5dfd41a3a +B = 7fae9be5dfd41a3a + +Quotient = ee982a63816d56758c29d284c19b9b984908cf0a9ae3f1f926e162a2cae4f88703aa477c5c14042247635c103494d11593c2c3839baf4d93 +Remainder = 39afe3275c01aae6 +A = 9a0b0476cd33861d2fc3137df292728e1f636f6fcba5105f384533723231a3104e7c77df46f7f34a4bdc63d5c67b418cafcf106b26ad020ea547d34edac1d3a5 +B = a547d34edac1d3a5 + +Quotient = fb3f4a39a661e5c31228a6b7b4c27e6e52d1954e8ce262b98b61650efffd762cf2a1aec228bec5d5787683cad6b2e6e49a0de91c15c81874 +Remainder = 63e5ed36ff73a42 +A = 4453712f56467328401a69d4d749a0771732734a760a74094e50a62a030cb604e735bfe0bf0641754edff94ac0e0549e8c10941255f0f21f459e52a6cfe4d9ca +B = 459e52a6cfe4d9ca + +Quotient = 7af60a7c0f995178be76c070cf49eee311e6d1e3afaf50c8c93ff200c1b3fe742b23259b4fc0b9ed0947be4fc9a6c212d86de9a0f7dbb5279 +Remainder = 19657d8ce516a138 +A = c9c92a31ad0f3cfb56a294c42a26eaecb77edf33ed40a7e6797927a0c996a7c0a701b484741163df388bb082e3daebf4e1b7a99002632d6f1a41c1d517238557 +B = 1a41c1d517238557 + +Quotient = c890c55a8e2a3105b9bf9344a57a9b9fab5fa1fd57083d52431b695553bfbe7a44a9b6cd1f83958224f351f8511b14215d1648e88e938573 +Remainder = 1bab5b03c372daee +A = 88341550e470016c7ab600b9f6cb410071a77f907a58cb6da4ce3e955d1e859534c2c1098fcfd91b9fa66926e51896733c36a824c3a20844add94e27f30ca651 +B = add94e27f30ca651 + +Quotient = 34c240c42da400317f66f5151630493a2f200ee418d5ca3300cab10dfb429c2acd7280bf066fe19115f86db83d8f5b93cda714533b16abfdc +Remainder = 18cd326996ccebc1 +A = 7e96d7b90ff09b114dd4393e9bdfb13d8ff517681126c566e18dd6369d87d248734d94bd02a1f19cca90be7642822b636369c51dee441a9d2663ec896e1d6c6d +B = 2663ec896e1d6c6d + +Quotient = 10d18159e75efa8204e325e6be830b4ee8d2c07419e8276edeac6cc286488fc0c888300db3ebb5f935aa82654d3b932540f0093d1880e1d6d +Remainder = fe9b6b8ba7c30f8 +A = 731aa6e2fb2ad1e1f80d7668c7b0642203af24af382abd207a5ffb588209e8b5caf953e9a96b478f39ec03a397d1433998e3c95e382d93376d80cf0c957788e6 +B = 6d80cf0c957788e6 + +Quotient = 450d1f4a105ff8d1a3efbb12165ca98c67ae70404472e4862db479e03313b08783ecc42104780c9d57df0ddf19c5b4547ee9ba52ea82dd0c7 +Remainder = 169e15b4d5aa180a +A = 902bcb1904b80183656dcbd51879e2982e2b46a547c9ae3119ffc12c6a003e4321b519289b7f22fad19d16480182d1d797c3045b2d29dcc12167f9ce5e233d89 +B = 2167f9ce5e233d89 + +Quotient = a426f71cb3d75365cd076a6c35c10765bbc3f4bd317fb83a70083b0f7dc43a4e0b95508e60dc1dedb780e9b485f4f7a8870960de669b73af2 +Remainder = da381ae5c97a506 +A = bd59dcdefcbaecd9292c4c3685fb87d3a94c0f0ed01e43e63e1f36fb65d6c5eab3b584f3d1f76d31458c9f6b4c69869d96e943c61df102771274c5b4d821469a +B = 1274c5b4d821469a + +Quotient = 26ccd4b7be090af22221729b0ca51a5e66435c2d33f8d88f94405f6c0123ccbbbbc8080cd8448a977946019ccbf5d267ac3f151ebe686720 +Remainder = c41f9e7bf20b376c +A = 212dbeff03f14b5825f0d7cf8a7501db21b60581a01a26d522ee44e7fe69545cfcaaac64dbc76c7e3027ac39ddc2d80af6f3fca1824c6ff6dae90967d9ab48ec +B = dae90967d9ab48ec + +Quotient = 801df28f4fd987b4e980760f4f2625276a2a7191d453095c82aa98a2253324ad2873abae70cd98c28ef3ce102fdd53469b9f01889f3ba8b0 +Remainder = 8e435da582e59809 +A = 48341b28138dd04807e522e341f74ac46b0449fa45f96d7fc586997c056a21eb3c399752a6a6c023509f042cf9e879f397a34af9aa2ec2e8904674f2ea3ff739 +B = 904674f2ea3ff739 + +Quotient = d3857b72b70adff9b5dec3cbc63de7c90ccd7aab6595339b2de39bd6b9789045141d224aa4e6bf9a06e017aa3edd00e716a771b3f5b97771 +Remainder = 14135c686d2e9f70 +A = c1cea45dd46409d5e24fb7ed7d849dbb079247af2d312e01083754ed07f65f090e4dd50d23a973488702ef00936c5d78af603ec0fdf03dceea8f939c922b1e7f +B = ea8f939c922b1e7f + +Quotient = abe20c90896e261e7d31bf40e7f3136d36b0b78006d12225a4dbef6aaf2062b609379eefe7e5af5bcec17126286f196f1330da8477096763 +Remainder = 230307c44cd55896 +A = 19a637e4f3051be0f7c4d35513bca4a91ca9b8082fe3c73899b70b6805a7aa0458512495cb6ee1ade55ecd5851be1dba96d65202f06bc7122633a0d905017545 +B = 2633a0d905017545 + +Quotient = 5ed3765c4a777a903e182f7c9ce39d19c01460f389b904c3ce1d3525edf25ffe7dc0f4d9e24f0bc8b7e01bef19c83e74f17884bd7bfabb2c +Remainder = 40f5346f8775e20 +A = 546578393e914be30581e24508a33f6560a5805dfb1c675d1ff1d6f5eaa7ee638b9e0265f543413e04e3f1f3b0895dec271c9897a48d9ce9e3d7df32c15b75a0 +B = e3d7df32c15b75a0 + +Quotient = ed73a67932746985465fb0606fb0e81595514f1647c911c303d4d31eb0306e3b2aece07320f6fea57a7071d73150591ab2a82a7d53968a81 +Remainder = 2e495a881876da00 +A = 8976445bc318921f7e12c8d4e8e50596849a1503b5efb65e939c291de136597c05a1fd16137f0bbbd7197df943cd612118d1e55a50ee097c94331c1cfb1e941c +B = 94331c1cfb1e941c + +Quotient = 5dce24b7a16d847b0c43cf365ea20bee9679fa0e8732813e827cf6ef3c9bdb7fd8846b5689ce8b80a7dc0dd05721cb06d2700aeeb7ff04d6 +Remainder = d8ead1ae3126aded +A = 59b99e5d028e6771d27004bc19830a5fcb347f7ae04c0ba7c49130bfb198c5b16821e425c979e6d2dddc14889ae58475bb52c6cdefecf2a8f4dd6e462bbc8f47 +B = f4dd6e462bbc8f47 + +Quotient = 170e10b399a4c5fe354b536fe59d53602102f215d5107493680ab6e181f67d75ffd45bf49ffb23cf9269b856156b5ac6b1c5def4ab1abb18a +Remainder = 57131776937c5df9 +A = aeb35966e2a616762768b7f63ce3aee5e81561080617bbabd7846b3ca03fafaaef83dd05b8d16cef40db0a56f3b0ef6eca5e236681cb57c8793dc0907d9aa30f +B = 793dc0907d9aa30f + +Quotient = 1acdb88f047f9bf679c50ed67ba01dd24dca92103f8ea2677215b6142083b64f9fd2a365499dc8f2bc61e29fa176f7d76b55557fa58e34f9 +Remainder = 5065b726dc6b3758 +A = 15a6292c9fb66c6770a8dbc6fd431d2a4b57338581f78d0860fda90182cca563eb2272a79fb4f5a6fc72c90dc23e8a95713b65988b5b3f9bcec4f0466c1c47cb +B = cec4f0466c1c47cb + +Quotient = add8127c0a27c961203ea0351aed5b3c75aa816e9c2684574e55f55c7140adcbf69d2cff843e5f53c157bd60b43c45c8b6658de72062fbba +Remainder = 67f48d3584cf4fe5 +A = 4e8938c8cc46d34e3369c5d8536b18c963dbde56020678f77cebac5f8777e0afc62ca2ba4f533cf6cf7561bdce77b6f495bc1b05f1416d1173a6a288012c7c73 +B = 73a6a288012c7c73 + +Quotient = 688ddf883a0bcc1ff9bd582119c2fea7c059e19aded8c048390a1d8fd7d769666987418bbe0d4cf4b67009a342958928769375c1c0d558acf +Remainder = a5356d04b64ee12 +A = e0c9e32056977aeca72e229d83f0d320fbaf5cd8bf3e033289f46101c75ef59a854982f33bcbcfd200034e8ff439d669a03fa404e7dbfea822664967d67dd5f1 +B = 22664967d67dd5f1 + +Quotient = 39d4d94587fd1445f31457c275fd6294fcb69ba155e7da3e6cfef38ed1272d6c95755bca49007ca62cc101b038d264876f18594b8fd4c329 +Remainder = a34980d5046e2ed0 +A = 2efcb12fb55c923f5c6ca7ae076765059e15d9e75240a6e5fc3db92de184143fab1934c7450c3a380a9851846c9f43d67bc199a314e82e72cffee795d695f82e +B = cffee795d695f82e + +Quotient = 145ea82eff186b7db4b11fa1514674fb9d41c698efb33227eb1abbc4eb78bdb2a280c0c4c47adaf4e010a4336cbb5650becd1ef544e223e53 +Remainder = 36052bba2867f5f4 +A = f6a6c7e33fd4c664652d696c495df387b85b132cfdfe34bbd35759477b4a3c052f610df57e49e85720489e4bb8dc923696400a4a28dd000cc1bd491446a50b96 +B = c1bd491446a50b96 + +Quotient = 35d0c9d870348b113868282aaba22b21ec87cf421519a23b288b150604729356f924090ba038d7400c0ccd4932836c65902b4d3c46a202a0 +Remainder = dc8c7d087bf24b0 +A = 22228c8a5966ebdec64007704a373b0596ae702d62e29e468653b21a890ace2f02c27f26b043f48495687ce8c2ca8092ead21aa250ce0f6ca26129615a2432b0 +B = a26129615a2432b0 + +Quotient = 52fc995a486c4bfd17ed9722948e9ede1c4ac2fe80e6bd7482fc47944c4337a185a506a9ca473d49073e1b813ad742f19b13d57914888d5f +Remainder = 75c703f654ad630a +A = 3473041ae301dd2806da30dcf06b9c09600086d6873cf3ee9d5a0be638849afb56bce2664f797de4123f6f8fe3e12acd32e33a285bb7f493a1cc13a7108327f5 +B = a1cc13a7108327f5 + +Quotient = 1744946730b2789977620f2e7439641125dd338d1b31fc50813b34dea70b83d209330bd17fd527db9a402ad9752c26b8823082ec9971f4ae65 +Remainder = 453a3d59303ec3c +A = c0f592d83649bcafb7e2de1a8a71fa863c1f51b595bfa638c8fe30731c6fca36da975b6f19c657e3ca29efff6febfb311c003ec68189998c084afe4979b5bb19 +B = 84afe4979b5bb19 + +Quotient = 468f3eece20aa9d6473f3c559760793e702758a3d9cc19d7817216392c7cc7c3968778cf2fe0c3f0c1424d7512cee19ac0717952f18aa287 +Remainder = 5904e71034e3a02 +A = 1f0c99a128c757d76ae6dfcd01012f0453c8f89b00476ec46321ecb872f99a48b4da29a4abffd0bbff2b727dfa182652ca85350b4ce100fb70a6a40ab6c41d95 +B = 70a6a40ab6c41d95 + +Quotient = 12198913ef16c1cfc7c1be13f1cc5991a61ff74935e09f0c46d26456b7cf2825403b9851d07d27e0197c1fa2ac5e32e836979a184f14cd94a +Remainder = 33431c3df719f946 +A = fbfbf5494a9c5384c7ae3df6c02a5e1f9f32dc31cd7f437832696bba164bae1a9d95daefb8bc08e0e8e637436fb747084460697b5ef5ac9ddec06757dbe61aea +B = dec06757dbe61aea + +Quotient = 376c2f902566d83c21eb7c3aa3a6fa0482ed52c253f67f00d5b915d0183c2d9a2891c2ff837fcb426a4c990c48bda4f90e0bf69d13558696 +Remainder = 31540f5e05e8b4df +A = 2527f8cafaf7e8319ca53104229199188ab1ca5fe592bde8ecf605e17ca6446414e06898a85e177d6985b5cc6d4eeabd6b222b5f44b4fc1baba050665c090b5d +B = aba050665c090b5d + +Quotient = b8fdd5cd7b2d9295258bd99e2780921cb2ea70627a79088039fc3ab1c62bcfc6307e86db4a7803f18e5339f152063f9e41d370e97b1ba2f5 +Remainder = 4ed4f2d12e4f4ba0 +A = a25bd113c5a8c67ef65aa80f1512de43c9441fec0c41250048d29c406fbdae80912eb3970457d621c552e3af7ef2d6bc1b5448e7df5be724e0adf6f71df7eef8 +B = e0adf6f71df7eef8 + +Quotient = 5421daac8cdeb6acc2b8b0dd85b592f255ee4fedb3a9e90f2a5bedfb0f9f033d7c562c96958346bcdda4664c67848b9d9fa7d3892bc4e9af +Remainder = 7e5661558c345eea +A = 490aef65c81b32f5df76dd58decdec3e3f73bc1fcbdb6aee0c93cd98725056153b572509e75d2cc4b042bbeb0a77d27fbca1e39efbc765adde41a7dfc5c3576d +B = de41a7dfc5c3576d + +Quotient = 156a8a24e7804c5f576cd1757dba44cb4185bc13cb56603b54ee3b70fa35cd98db1992904d4f7d99a63b3a486e6fb31141a9d39cc0301f897 +Remainder = 29e9c1627537e5a4 +A = 5e4a10e772de8dd2c96acd714f7d3880ae8ab460095a01038f3aa9b8ac8165889403b42019a1e70e0e7f32e77fb388eae3579dbcb690729c4671868b0526aeca +B = 4671868b0526aeca + +Quotient = 1b0eff2ff0aeb2c02ee3cc9e0bff808f4d616eb290293b13a6b58a84127972bb417d55e1d001a9720ec72562ef3ea688e64c4f32c7e26cc87 +Remainder = 664d57c57d4952e +A = 806b8504abfbeec4d5923f83ddc071be88e11c4394168854448df96160b95adb1fd9c288852e2f3df3e36916ba5118815ca2e83a6a7d9e074bef9c961e2958e3 +B = 4bef9c961e2958e3 + +Quotient = 2e363b13b0457a0e9effc2d7e297df78f35e5d24d0f8ad4525b573fb2f66f374871291ee8a8ee3d15a823b560156d474c678f79ee480bbe4 +Remainder = 5ba8f49e0ca36ab4 +A = 2e1bb261d98ec405dbb068daac5efeb0a51f08149181864e9dd6bf6cfcb617b76d8facaee2ef468807e0403bc550d58e8ad9e5cc0f094b02ff6d0277fe642f44 +B = ff6d0277fe642f44 + +Quotient = 149a5b1a81b9e47ed36be76252055bb202dc25f8fe7beaa1ce59c279b32941cfbaf8fe4555867850b2fba43b10b74534db82398320f9786d25 +Remainder = 1ef621737e81780 +A = 63de892cf5df40c98de78c755c99e94e0e76cd5dc0b49b8856fe69dd0abcdc535bb1416f0d02b4eeb54e8a939cf7ad4edfb7de4dac87523e04d8ea8637e50920 +B = 4d8ea8637e50920 + +Quotient = dea8a9211974758752d89965eeeb93cc616f88ce757ec2809f829cbb8d99b4ffdc3f0f643779fc5e0bb53b5273a5b15965f4a364863592f +Remainder = 9ae7de3edb6c7edc +A = acd5cebd069f7febc38c318867ba3a562bbf8ea9b19a6b33538ba107e49439f8ac6e880c6267c29b39141dbe2273d93062464de307efdb7c6b738c0bb282c3e +B = c6b738c0bb282c3e + +Quotient = e9149b347cdea84d740be70060b239af000c4336ddf36fd5159083b795c4763588c87a959df0104212a04cc928baf60b0ea72e8cccc6d477 +Remainder = 3ef5c6ee67e6f5da +A = 6ccf1b8b406e6a106160e73ac4122a04c0814ef5a47708a6776eb52002d52772d3fce3fc05398172bba191390aba925bb23aa1eee626410877822f27d1e3cb09 +B = 77822f27d1e3cb09 + +Quotient = 1606c2fe44cd0b780ee474a9c7daf0b2bebf62db0ba8ef5a99fe22036019890a4c7dff73e678965bb0e2a6e61d00a74a1d33dc1106842115a +Remainder = 7cf920ba2897f714 +A = ef9a3983f26237576311a871e4a3df0538593dd0cfda58ab90b889fdb35c700f7d158abafad127605057ca0532e846992c41ec06902ce58cae0c1fe238c726cc +B = ae0c1fe238c726cc + +Quotient = 8ccf17de5068451fef1c2808c62e19997c7f920d5cc0fde1f5a247cc57c6d730df553cf33094b786597a343a0ce9e4bffef568247e904343 +Remainder = 2689c40a54df34bc +A = 8435babd279b7a3833d01988c58005d4557f7689ea9b7168ef42ce2b31a1a3c32a982aff654f271a651085335496dd826ee4b3bc27f58920f05dc6676e51c662 +B = f05dc6676e51c662 + +Quotient = a9e78c48c779140b1d15843089765ce9ece3855537ce88cad3eb7aa7bd6ec72df65adacba2bdf6c491066406bdc3dd3dd734a70e93eed958 +Remainder = 53da0b15ac079ccd +A = 78550cb7b58b58d6878b615dfa25a5b90a1ff631740e631c7f8829962446903c686c810c46a1551b6c1f7a89ae898435bb8e36d1bae24a80b54edbf4bbc9af85 +B = b54edbf4bbc9af85 + +Quotient = 1e3b41304ee07f6baf1ca061e0e28a3740991c6ca2749eba70d3ea1f9cba8adec45cb69a31cbff22784a9e056e884713c0812e8c7981e49328 +Remainder = 3d051148ec43a72 +A = 76b9453d315e7a9c592e1f2640f5b6b90a65e7f2ff8ac24b9b47e35abb76fa5d303be6d501b341a882bdd9d2a1c81a9280724673f87fbe9803ed5a2e7edaeec2 +B = 3ed5a2e7edaeec2 + +Quotient = 1921410e1a538a71d33d9c5de95593fada116200c399fa7590ebc374282570477f5f4abdd5166784ccee9671a1a23b96378df62168049f6b8 +Remainder = 1a1f4aeb882d7546 +A = e4aa84f782a65d376b10e7789a7d56695885aae274db6cb37e0a34414397a57b4a5f76dced11376af5fd11d31828203e685861a6dea239789196fe73d0e46116 +B = 9196fe73d0e46116 + +Quotient = ed2afbd2e63617a651911017d9d02224d521e99275ab642ad1a941827983b17ef0f2067b5405b20e8e97f2ae6099150a1989df94276aadee +Remainder = 4578107045b9cb81 +A = b547cd987638ff7e3c30fec9b728bc10c3b8cf16e7040bfe0fe9a26e44d2898c4c4d28ef525cde2b4007b2ffb3aa80fc4514a99b9aa2e112c3acc56b72ddbe9b +B = c3acc56b72ddbe9b + +Quotient = 56181509251931afca3bb9dca21eedd6ed4226be67497d8d1bd0ec052af146993e7358f132e842f9b6c4934cf1b4501f5d6c5912e65c8d3ce +Remainder = 1b9861df51429a6 +A = 32988a4e0769a5aca200f6f6f1498512e13b4904a9a311cd8a962fdd688de0c6e50b04f42cdd2cf8bf9b0a6922657f9ad195773e1250f85509672452618da9c2 +B = 9672452618da9c2 + +Quotient = 1fa45bb973dd1d2df0002772afba55284a1e41f6aa4b0d1a6c6a4beb8ae00b52e88a9889037b8bfa9b7ee38036c57b713b48af156c3f9e8d8 +Remainder = 2525d52ecdec8814 +A = bda657ddeabe24c82c883e85822941bf64448b7cbb368468078101289b6fca36680b3884e35edc1fce5a5cdbdfc11359a1ba8ac0785c09ba5fe5cdbd30726df4 +B = 5fe5cdbd30726df4 + +Quotient = 63e21f5568d07976aa81a2690b9e81b76fc3291cdeb010d1693d0e80191186815c7b2f83551a5f1b172640425d4733f06f4df1b2c8a7e6ed7 +Remainder = 14781a368471ecae +A = 9f3dad0b3b56de15ac46cde1d79aba6a2f3b34d685cc810e9fa3f2d865bea4afb480d58653630319a258e9e8ded9be93cda3bc52b80a9359198221221724cc3b +B = 198221221724cc3b + +Quotient = aae37878db016dd758003b85ef52acc7288b7b74c4723e3876a710baed4751d3be2ae49123b248f2b2c55a5be702c4428b1dba9b8a6ae8a9 +Remainder = 6c754d5c167e1228 +A = 4b93a98eb7b92cea0a4f5c2223e77abdfbd332b39f295b4ac40f71625d88e4add7e482adf3010082d8dd8854cf714a54fba0887de87946e97137cf7eabda038f +B = 7137cf7eabda038f + +Quotient = 9881f551c4b7e67611f37df29e77cbe4e2d9fd5e17b7da3d013d6f3d4312e53dd26dfe3a2a12525cfef1ef81e6ebeeb7ef8fb4f918bf15ee +Remainder = b14595005716bfe3 +A = 7737f8e7337160c14cfa8411236ca0354d8aeabf389b9fc4b14bb2ec3bb68286f3d82eb394dbd8062862b955e9fc8e86eb646317d1315d09c81ef51b30288cf1 +B = c81ef51b30288cf1 + +Quotient = 4c8519d4d85ccf845fc5b8f31c27c60f0893ffda29ba86e8a3fd5fe67de5d29cb29362679abde996039b8febda2ecf71f6b9e1c1874361464 +Remainder = 10fae644af084f8a +A = 900f7846e927760d9986894de6489e53cbbcdd59f7707917e7581422508f2ce79b77bd2c56d964a41e60baa927ca679faedcd9cd8102dde91e1f583ae834b092 +B = 1e1f583ae834b092 + +Quotient = 16ef17b40bb73063f3cd0929cfe2405ca0ff2d3d426ac05f8a8dfadc85659105f7f728e113baab59247c4c7936ab975c08d6f1c72c12c532 +Remainder = baff11e6961c72e3 +A = 130b212cb6f3d854e4f17524953fd8592f5e59dfe92fc7d955e2899d1dde1ae4aa20d749caa349ca8d1bda7eeec2310532a7af54660e2a1fd4929335a1623bad +B = d4929335a1623bad + +Quotient = 1cdd7ee2eff733b83beda5b862673177e2f2151ee0fd9ac0bf0ec5b7e05516f1d1b59ea754b0483d0e4bfb7668bb99117907a58a8ceb78028 +Remainder = 29e33e0c2a515780 +A = b0131ec2c1ffe9a523591a9453d2fc740bf885e7efc1a0158905da1e646745ef1bbf39b406564cb3da2f842bee307b36219bdee5991c969d6199279c25d4e380 +B = 6199279c25d4e380 + +Quotient = 20bfcd06f9c54c537ae563e33dab31047aa30a6bc4e7eb0902bfbab3bbb7e65df442c46625c39e08c88310116348e9ebca2450ab463727f90 +Remainder = 11d8f2f6d4c1f55c +A = cefafbaa2990eaa88184162ecb118d20e5999e5a8fdd25ae7f6248650ea74a8cfb92c58efecdd5d31eceb618f1596d7a6bfd31d092cf86da651f629975faf91c +B = 651f629975faf91c + +Quotient = 37204c5735e4ba5e47e845d8b652cfc2b1dc715abf21ea0ecf5b1c6c8b9e596591fd7a7f41787be1a028c147a721ebb891b0abe3bd079b589 +Remainder = 1ee700ffb0ea02d8 +A = ce22d36b3cb913b32bd0e25cc14c7270d3f7b8e600a9b6732377f846adafd7fbd8a09d12fb7011f2283d988fc29aa25948dd4a0f24512b4a3bd460ee19887d35 +B = 3bd460ee19887d35 + +Quotient = 191051194e4362bb201f5471d4bfaf92f79b6fbd119ca3dc1afffba334869ed9f8acd14fc42a2d8f616d652610a483ad90f5140e9a5ca4172 +Remainder = 74785b6874d8fa37 +A = f3c79f9a6af1c5bec72218d969620149afe8bf068cf7a7aceda977076665bb5a2c30729ac3aa976c9be379c6a5458f1501db8802652ef69d9b9f4f097027ddd9 +B = 9b9f4f097027ddd9 + +Quotient = 6c46c17fdb03d192f75d636e1e2ab4e858d55f0f205cffd75550c4347726b5cfe036c6c901782cbe5a04f1985d9fd1dd39d747d25a6a7a88 +Remainder = 9a836be71a24e72e +A = 4f6cf6e357b4985442a25b5c84e2cc0a5e685e2f5ff71ceba439b81f4123e16db2296dd4333fff23eea92bdbb812daf1d27c721412fa9847bbc9a0bf08879b1e +B = bbc9a0bf08879b1e + +Quotient = -4984390f93e11c9a77880cfbe157dc41d43fe901c8895ac5091c5367a77370b16d42e8cc260058adf4d3fc8ee8cc6c0099804f4c319f15561b0a2b1caa7d703db82a726c9eab569c +Remainder = -19374dcf21822188d720d6ec892bda2c084e8af84f38012da7029a3c3660c7e813fd4f7644ca80373575ff98ab6d743e939269c51bf62e04f +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 330af318ce0ffdaa92448777ed117de9c104e0f975651322c8e01b1c470f3cfb7a78b11f7daeea57614cec37d18b89155f19babeda0016171 + +Quotient = 1a56f7d6c06a316a9a466319cbd558a99f06843782673a54775d859768a61933de3fc410068d00d5f6ab13fafc9228fd40ad41434501f8827bd7461441140eb6977f18d102d446 +Remainder = -3c3d566cd48a909292be2ce30f88ebb68e9122a3359f52d1d7b0189c467b829a9f226c0b64845715020dee12d179913ddb7f17da2db86d854bd +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -8e770450768d07ce20ff8f5f6af464b1ee5f1d0e8faaf927a19d3ff801f6089378133e822b8e63cf29c4c9ed721adfc91d3355a3c7bbde77bdd + +Quotient = 42131cf8f52a6a3f189697ce402a8c9439bf05cb3dc1cf8bc49dc2f07cef15b3bf0102c941b5b3bde6440abc6eacfbf77ea8da06ce932fffb226b33dedf001e9657464b0f06 +Remainder = 4cd483574fce075404dd22072abe61200fc455c15b382c7f2962ffd82c38ec1e2c60f71267cbc35fcf77fe1f9301d6b5f884f1c416304aa9f4d4b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 38caa64e74b29a7e9bbf341edbab112a730b17103831a9ecb70ef077e9660b2dd1fbf71d7f6bb4cdae2ed7cdbe9070ec9fde996c91b9bca5b83450 + +Quotient = -11d6883fcd705ac97cae5bb7f8a2929d6f636f4f232ae9a4af9769183dfce9a9296fa0714c3f4fa1eea467a5c96a484a59d0cdd87496b9398e7a818daf89a58add3a39e80 +Remainder = a6b7984fd80d719ffe2e6eb756e4e3bd7ab51f6088e04ac8fecdc744b0385294dd23b5007910109abf40cfca814c10addcb5330e422b6f5eab6efa2b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -d25d50f53c694cddd56aadda2654ae5888603b39cdbace93d19c117af5505750aa24e615f95446862bd693f5b444e2a876eb2cf49f6c7acd007eae02 + +Quotient = -3fa898b02c621915f44b213ba4e80b8e85c7a2f4c78df2bda7d99494bbca3eb2d9354965d83e1c9001f10aad9b3f3ed837a630b329f5a4b28935158fbd9d291a120b08 +Remainder = -320d41a3875da2e83ea9a83947f5abb1a7026c84020e983381722bf7aa87d5987ab088cb2c37fc3781c82c81bef3263fec560023e236a747030618e9d2b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3af2721aad4b18db27842b5e539d8cada9dcd7ac4c5b885065dd2496a6f76fa73c8a51b239b5c068ea6feffda22d8ea806fb488ad5a94210264597edb40 + +Quotient = 179307c3e14de14a744d082825ed723b996a4e15f156ac473960583138c43f4275b4436c50ef8f21a7b450a969819b81c15bc355fbc5fb55cdd8e124d931d142851a +Remainder = -9c8eabd36a25e995c1811b79a2a0357f6aeef4477cac0ffdd130046cb2a647f928a34d91d9b489d394965719cd58604b957c693a93145328e5568d33d88a9 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -9f2d3da1da77914df66bc889a40847a0d705d4648a11f282e09173d170e96d84b5a45092d995318fe7a954b54b88b784423402519a38bb521e84a4f6c5485 + +Quotient = 6c0f316406afb4cc2aebe34f7948422de0b612a02dc47f4ae59419c579fc465ceae1980a3e524fdfdbdfad4862f168a9851664688c9ba01a8bc1ac156a6276643 +Remainder = bf52a2fb6493eac22fc8b334ccd8e8fa347620539d9189d535373f94503310a027c5423197c7279bb51ab8c459e27f548d57b55740320e80b753290d077aa7f +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 22b9e55639ad3ff4f071a49c8bba6bd9047e162fb31882421db8ec5ce46f28fbc35040bbc74ead5a948c47c43e9c7adc32fa52046b53f12b07b5224e0d8e93e4 + +Quotient = -1008fcb6894d8c411905136fb3e05b38ec5d8df35db06379fc2d6d3e3579bcb34fa6e021b98b899d9d082c111b1a6ac8e50418fcd5968ade6aff8828d8e4777 +Remainder = 3d7dca387b00c677d855fc4af4d86d86331fe4309929039e828765f0937990bffa964d3ffc5d4f2f4b8bea978329e7cedb847c7cc341ee52217f903ddcf9446ce4 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -ea045323f406bd7ce25b3ab4993b5f6dd92ca80e3a02607a862deb13470ccef229fad67ae958cd87fecf4f08d9609595077d0d1360d9fe48c4566e237aa877e7b1 + +Quotient = -42a50301031962754ebf9c4b1e125e6df3dd40ffbe09c044b1cf4b62ffb4f92d298b05933a450bcef65e86398da80740a610ba45928000a5c12d26e9f6a4 +Remainder = -c5485b82cfefb3f980e0fc7c6cd89b1345a8fb942299bdc36ed4ff8916016315a0da84ca0ee2824dce3c7e5ed49d517c45173c9c8e30b224940af6cf828c73db8db7 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 384e523d5a687bd1a90101e43334894b6a27e8c6809a8bf5bffabc34d558a8309997dd6f2a3b7c1a63100dcc0b6647b444ef7e5aa4a9c52c7caba1ebd096c3fae6f95 + +Quotient = 1054439945ccb5bc5461fed04e364c7a36d5dd2c0428872676debe07654b2ce31e435a90c81f2bac1032143acb0c49ad101398feee8426bf270bdc0229 +Remainder = -7bf919e14b2559ab82b3c1bf428d083a4c851a7a1fea44718377e9e945caa5cf48e0b1ad727e251bbb330292402a75ecd96a56db4ad07146533a3ab5a717d0a25a3a7c9 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -e5cd83a644ec86b94f5e33d4dc307a2f14ee8653288145dabb2b5f894560c164470197fb9e37749656f47df343c245258627aeea17965fea10a57336bdc6b4a47443492 + +Quotient = 62675274798218da426a54ed7158f8f737b7b3c328a9c351371f0cf61f41712f9b28741f187eb635ce45866762fb5fc5051776151d202e2556c5845 +Remainder = 1aeb5d1fde3c259917e430e6790b00484d0d9508391ba6ebab0f6299190d4b34f5f7d8ea2174974471a1e28ee2c15e05da645db971f699d5d0e80569b7eba7908ae579f5ed +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2622350611b486e6be7a7c1c073c230d604d782c2696038a3233ebcc3f01c6a711969094e47f49e294f2c5bcd04fb1b7c0934f19bf6e7aa519a8d4ec2c172ac59cc1a57b26 + +Quotient = -12970cdd96b92c37787971cd8dd166999ff241be881eb9543ff29165a9c1a3beeb38b1910a5724ffe2b73ab95ac1ca88d3989aa531374d4ec6122 +Remainder = 627455cb555398150e5b4c1c53ee16dac8d80d9616ed1ef40031424287f8028a9cad1a10bdd8430f6f65368cfd00390c8d4355aa5ecdbd1ff0266a1ade235f33cb5309446961 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c9dac93cfb7abaa3fcde359e09a92ab0b5c06359bc09ae9bade3c6783064dba90b233b4c8d5c6236a13ef96c7a223e37bbdd931eae61e845e5a10088f75b3ff5f1158e833b15 + +Quotient = -6742b3871dece5986d4e219bf5f43c101da8896f247521fa286fde696e0b71ffeb3b6a3e4f33710c9ab150b7a1f747cee76839c5e7f2509f62 +Remainder = -203b2d6eec9d485f7b439fe9d4c640bb31170af38418faf4daad577c30e44ca06efda55ceea4fbd959b3809fa2002b6e2cb891decb09334ed89ac66ff05502036b2155ff62f8aeb +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2457088096865cd052e9cd9349c6e5e34e46c89d6e860a36f8e2a0bb1e5d983e07d05e6f6b31edc67e4793cb4d40979c029c80a13e654b66c8acf6b894f615a3ac800bbd09ce020 + +Quotient = 15eafc416460d757d0abbda8d094eb535262a71dd033c25e704a6df54265b6123247e5625da476e0c220ba88582a1ed94265135bf8bf1fb1 +Remainder = -64ccd9a0ae0b0abcb5507d51b2e6c8e52e67907474605c439796febda06eabd8a3185fdfc0bd088cc49fdf564b5b45890b07269c15b1aa2f993cd9872b97aa6cc37dea2f03444b3ed +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -ab34d3906d8a2b806b22c73d44948d703c1e05a9337f75cb0b5df5205c5e2d23f8a92d8381372f9398c9ac2f7b9302b83e48b26512ccd0b06e6b8ef1b930ec2678d71e2eddbf7349e + +Quotient = 3b22916d9fe3145fcc3b8872bebf5aee4e14235f618e0aed09199852c6bed80df39256d8407d334c06f4479f230913370b7d451fad99d +Remainder = 1b02a7b97f9ac1f6306aa00fff0e59f55fce463ffdc640364a950df29474e08b67cdfcec0628e973d42fa1e4f98e988ec4c47e4915651a1731b71d5e36a10a0d1b3420427dbb79ba7d52 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3f74cafe9ab0c1b307cd7571fd442665fa3205fb2f45b3811b92d1d38b096a2025b8170663a29c52ca84da102e62048e583fba96a594c0b23952fec587814857c25221ff2cd0533cba6d + +Quotient = -12ffa4b6fc369404968911c17358012b993c18c2ff34122e06f450d3d441926b5f5638b40efb012d76d8bcd3c0012d0a0ce5d55c596 +Remainder = 64548684fd5f6c816bd296234740a4eed772570bd4a48852462f9cddf14f1350ce7c7c6a58aee8f66ad7df87927458db09e3af08eb5376de08444f35e5171cfa0992fb27f70b81574f6e8f +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c58383afca9e1c480ee75d3cb6b0b99ea42e827d39fc96bab6b0dddc97e3eaaaec02a74847f9f7d49937f5ade3580bfcd491990737d172d4079437067251ab403c36a9826e974b113e2d2a + +Quotient = -4964410c2b038573107b0151b36177cdd62495e0dbef536b59c8aacb8836bb45e7bb014e5022360621e8e82a273d0d462b8eb6fc +Remainder = -1250c42f8c9b129a5c477be446b86356edd1b19409d362c3a5fb5d59c30f1c3fdc1424a88a0d6ce20bae885905d98c8a5a6495931f73edf4c60112ed78834e3bff6de3ed54c867fbf16a1cd53 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 33212ef4a8e80daf1049ac6f639f8e1990142ac32f7ebc97675ec90f8eb1a2814dfdd295ae67317253d0187ad33f3932a3a7efb056d0a3c87d28e64e23e9f1de751ee6f0f61c6f39d08d72f0a + +Quotient = 17f77efddeed52ef2e423bc2c10d2ae15c97384b766f4108474964c2a44789e61249103d9f5fe00b4d612772dc6ea12a42e395 +Remainder = -1ec95323b7b95169d5ec0667f3cbf683e98c15dd0fe44df4ed9de9586e43f1f69337e41a6d11d889452665dc0b03cf8d9ef2effe0b350eeb9f6468751b8a2c42608ba2a33192b770cb62381a966 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -9c91fdf2dd1827ed103a102db254630c278bf8b47bb12a342a92f081acbdd8ae5f5476ae194e24b187011ac25b19fd09e6e690777f9d3efb6b3a32c8f5905e1478a27fe4b1adf17a70abb4e7571 + +Quotient = 4f5dec525ffc737094f40d27446ca0be5b7a2aff02d51d99609165c4cea0dbbc1d92bc0a8680782b616c149bbef7f5ca912 +Remainder = 1bc84ce56a9a0c74962681c02ac927051c81f3824d9f3f0f91465df333ecdb449473d9c26ae3abb9509add5795e89ba5eba6ec7c89b114c86e6991ca0c185b34d6e66925a14fd82809dbc4936d273 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2f47be01e6dc6a86097676fbd472c2af0c83a2f743fcaa885e44fda7e9f350e9fb7a8cd07fda59ccb7963f1e95e6a1236f5f94939decdc85afc0e523c711b24641c844cd3113c17fe35ca988ba407c + +Quotient = -163cafed5bcfdeda88555f30bd4cc2da2cefe2bcec9a7c19c36ccd04a45121a5a0dc28d0bf6ab7fa4b78933c47a5d5286 +Remainder = 93f856077f5b2907cefcddc4d767ffeb0acb7af64bb9dd8a15dcfdda6c244c24fb8404ff9ea2fe1dc337faa05930d33cac4f61e171d0236e222374cb3da76396ae1329a407fb4ac652fcbdc568d0fafb +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -a8bfcac452a5e48fee9132b73bc2fef771450143ab80aabd8690ce54c9b52c2b5a669076a7a35fa6d926268077bec6d90b722b5d074f28ce3843fb0147e567c45f4e91a11416c082762e71b5c6129c08 + +Quotient = -617dbaeb8c6f9d584e8eae923c872048f9f9bf039ec6b50cf8f09c061bf79acc3311b37c2502e560848c05ab316fe8 +Remainder = -1ab4613767c4f1f7d127e848f2bb7c72a3a9e1dd6173b63198b80d3bbebce6a31494f19b53ad9e3a77248e6f9b26fc59060e2759a20dcdbe785297bbd912da9a1819527fac550d64bfd20ed1f96450c30f3 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 267d9397138fd0374a7a58593d41627ba1203a646ec2c04997acf607e9d217b8f40183d2f9304447d6f7e727a476e636ded4697a5ff30a9ae3d249baf97969658209c1b32ddc0edf920b0b278e9b5464313 + +Quotient = 10ad85703fd51870306c5e36b51512341d6d39e0bac47a03732787b2f62e49c76666f7f49b2596de6cb5c5b2f31b +Remainder = -846b4479713bb19ebb8c1f1b75d2be0f39fc1095a3d2ca149b5565146bc19382b86e5ab0d098ab1fca1ce701d582400190fee34b602845c3c0c498925710f0b9e3af2412ed5ead1fe03d77e9b2b407ac83823 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -e0ffa4e120f2f46fd1430b6022fd03f71a22f9b120f8d40e901279be235b32d94760fb8c2403d23cdeb728ae73e2b16af7322d6ebd5f5673187668c99805e700f1e997423886bbcb851448dc1ed4cd66d6598 + +Quotient = 41567bbf616ab41da51108d7edcb5a8a4877c5a8663b3aed7559421b1fcf4b535a54989efedfcc935b3917fcd +Remainder = fc026e554a0821e0d36b796fe6a676fcd7383a55fd6158d78ace4edfc3d8aa87c65f0eb41baa2aafadc51218b0562ff4b5c9b17bbe84afc491d9e309217a5138ad48dd51e1b1a9aa51d69963b608ec47d63fcd3 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 396e9b45ce43d3f89386cfad8ddef4b483ecb5173234530c67447ab74629d246c18b9da09522c77f598957e3fd2a1c0c9417399912fd547fb1023ba6b90d63d223bcbf3e7ba155e51bba7e8635aa5c39d2b9dbb8 + +Quotient = -18f1f395347ce8df530d9330c61c0e30ac9531b50a0af2ae7809db1258285c15ba7a436121287990fcdbda2 +Remainder = 51417b9e9995de34316a66a2f70c146df8e36952fe64124819607bd8691a465f4fde98e590dcd56f0faeb95d1b67751081c2393626713c27ec2a2123aec2a4ec3761e5ace4aaeb612d46e52e16d72a186d2ec8a7ff +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -966dfc779cbf9c388a84e947d1128e2392399ff45d9491259c7cb19589154f82f41e852e0c6bb5a728f6e87ff4ff95abcb9b2b57af1b6b7fc125497775ecc1338e4bbcb5315f7afde4e283347184b908545211afb6 + +Quotient = -3fd962e88dc1d501fe9335fff8b6b2d50eea967c3035a3dcbcdc9599b81f9a445ed5a6ae7413b8865fd4 +Remainder = -97f06f6155f8d0ee6850728192e0b4fcf55fbd9ba982c5f1d598ddcbc4e1c4be0e209fefa6ab3b7eb2b4c645e4dc40217202285ab0a7270d085dd9d4fd24e5293faf6797b4c3c79bbf3ec63fd82942549f9e8f862297 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3ac566d6b2d18572360fbdc626ec488aa316a74f33d71a17a2d0e1d2bf26395623eb91dc4abebf2f944e9bc3d669fae2e4332088e9ff9d9f43927a7888b1390ef60f05efd6e63ec606ecb3e164ed6dbdc9d088586aa71 + +Quotient = fb5ce21bcf28490afb64e6746a1a81792c90eae17407c0b4c5ebf2464eeea43e516be2c615f84901d +Remainder = -3d255bf94c3d610c32266fd472d070c0f5e7dddb88d32723b2e1a20709aed2faf28701e0d0227c2b33ecfa9e708e5ac354a97be732b786210d86f1f05d191513386c580b1ad1f4ac6890f87fd0d4270f23cc5c2064502c6 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -eedb64a6e204ee3d6df508830704f1d5b2d2e627698d38a114c07458ea0befd593a80dfd2e08fcb1893adf57061ec4fbcd3130692de7c46f5ca51361e9b79bb7a91963618b8e5b7591392a5f0e3be954e8b9978c97f12e9 + +Quotient = 6933a3123d0b32693351a834751345300c49324b861a663e8700bdb3b70ad996747b284a8ea5c02 +Remainder = 13849ef93cbc77460c3c496e8f31f7e01a98c21cdfcd6877547161f9601680665b394933d3a0824f0d32854508c89f0e4a0873280c779c7ca636cd89cf6ee5d42a917b4f382be3b9654039f623c11b43164827f870fa0f0781 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 23ab6042240a7709d43de7ee17332a9710bd0d913c42b3591341527bf48d5bc30abb962482292d45a15cb03c9457cc8d78d1e00aaa63358427b000e59e4260bfe1e2cc603e175d7fcf02bd9f61fae3740cb8e10a510ea3d1d5 + +Quotient = -10e67cbb33dc6e24765893a047252766c2bfad8385150689dd4fec9ef495dff63ede1fdf78bb6 +Remainder = 9dabe2cbc734b910fa1bd25616daee5657d25b6e4dbc2cd93cf8549715c87974a8336fc5070d86c11f6b670d4b3bd5ee8ae3af2bb321fbb4f8fade3f5c6c2d6c366b4d800dd13ce897f13b0d3fb79f1d9ca525b4e7286c56ff29 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -de093dba98747499f2876c8b6b7a6b9587284835ae35f0716dd594c826cdf5b9179f2c6b08d800a77a6936602ff2b64ee0b7c94493bd5009633f5bbe423454b7f018ae96c21230510ab4bf5db394ff153b0e9eda3ef90eb4c253 + +Quotient = -521f5e35300b9ec2742ff472cf61235dfe2e449772afa638b1adb812cccf269afd164b7602 +Remainder = -2ad10e8758e1d358d4744ad344ce319617027107c0b8db195d1b58c6e6035450c9b377f026fdf9e5737750af5615cff2ac3ccee623c060d779373136d48a735b353d64bcc5f2e6ea1e46083fd799b5f57dd5ad0ff3e6df9764af977 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2db1990ba1e353a1a62de1b914ccb691380b6ea937c13621a29f0a40ecef460cea52cfbc77d98706fb3c9939ceaaf962fb8003b0cfb40535e0dee22e8e7d04b5648fce2e58803242c199421cc4b26cae776d3603f2ce410ddd1e0da + +Quotient = 1d45aa6fe6837a1b7ac95efd55d1690b66487202949a286fc85da7ac0b50b860215e44fb +Remainder = -7984639b596f1d4e6efea9d8b4719215588620ac959034b303584679a44fa84a4be0c89fd2e29f54e62959f9b7a858c06b0cc051176af82d4b85e7334555ba11c39e6cfa1829995c383ba81dbc220e527e90a1d440c1d069703cc1370 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -80316fdc405bb002990d3ef7d0e98defcd1f0e370d1e51db2d21ecbd96230baf69d00b168afcb7b8da9edc3ef7f6621ae5c5a0d7797e5c92283342e42468dba1036fcb2ffef1f493ff97826477364f6b5a41dc56d6389a01b83eee041 + +Quotient = 3c0c3f7a777e611d1bd0d17d669a1ef7920b72ea8de06d4b415a73b836e37d6cf0780 +Remainder = d8c77134a75584ecd5ab29e97a909ec139464901f9cfcb1d3d9e29a63d204615b6845d466c8710873980f107c40ab54eca9f8933ef6d726f9bd0f3e9e97eade5eb1a9bcaa7b01b6ad51ff3ecf67d6e4d345f128e990494a2db434fcd3ab +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3e7dd961be36c0c286eb9e78bf3b33e6f9bdf2c2137a0c660f1d21dea31ac9a044e526bf47ec8190e137a60f1f55e947046b9cd04a2485679e48cac80a1bb064a915208889289d63a6e338cf7069ad799861c31ec6eafe02a4ef2c2641c9 + +Quotient = -178d749de2dae3a2ea4898c59aaba98ad9f340762040f5aea13cad45a793f1256ef +Remainder = 6c5d9b19aed9f099255b6e3d251aa50d1e534e6c86d82eebe097dc8dd0748201e48ac62eec070a999c21f5c7684e5a700212e9079b5fb731321dd1e16ca82ce80c1f5c17fd1720f1353bb90997f47f5fce335a43a6f59facff0b3724423393 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -9f52ead13916f9807d0cf0c6699578af52c54816828f22de62328fbd7b4fd6c3740ffc82af4e24892092c7ecac44b5e775944445e6615fce25610984030a345731f944128f5734e6e315a0ea97aafd7563105695d026880d065761687b75e8 + +Quotient = -4fe43bfa9417839ee408b254603c3dd176653b6915a89de5b781b400162fbed6 +Remainder = -1c15816e03751a203ae23c48965c8541849b09996bc81d28e28d7871fa87d1c3b2d383c056d3084d7d01d853bebe270fe2c0839e71851e169d417c47caacab2aff8a8e05f65dfb20eb17ed8f67475702fa83087bd868246cbb885d52639797b85 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2ef8419306ebfd215d9079c7a2b959a53ca2f4553845e3cd32caab2635c0e77fee8c5c016c121e3cbedfac57f810c132486ba78df9e719a976e0112516893f14cf9b89f95a89aaabf31cce509ac8e7e62ec3833f0be4336afe6d7d73518141d39 + +Quotient = 127e8c06e12943017f9dd57ca24dca0ead230092811d307386c81b6efe009c +Remainder = -24f3431858d5aee412443feab243b465b849f5dc97e4de4db88c7adf774d9bdda65fa0a28cf6b18eac6078b00cbeed2ac406f8426aef868d4b59ab045825d4b0a18af6c9105e32abc72fadef55b221278d329ff6fb9019630411bec143c4156df7f +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -cae6399216401dec0f8ff5eaca884ab061469082ee3a18e49e0b4d5f9cfc98a598c373249a8ad2374e0b3de71370e93a98650684fbb931aa5d8b4482cb0be142492bb71743c251346df66896806f926a4a5dd4c16ca3294f01bb998835e6583d29d + +Quotient = 3f180694e59df85f48ac02b6d4faa26278af9641db18d79f198da5d802f +Remainder = 36cf82dcf8c7ec783b4de68e0627a4a4b2a508637c176de09feef62dcf382bfa5d8b88539b5ca2cab6cbbdbbd0e54c092f00ee13f4a352cb570034cb0a012cc0fbdb6ed32967f3b81d146f352139bd3d9a5c27789468b7d79b84d6a8f6085f859532f7 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3b7983bfaf565c5ca444367654a07b8bc2bf7fdc04ef12128c392bef2f6b67d9475b4d2f0ce1c380913aa98616fbe1d74dc5c9d64df15f5c9b87a8bfbcadf335a6e8f863c7a01ac175a7d79645ababa5f961fad7d1b9926f7284e254fed33765339e0c + +Quotient = -11f635baf7b7d613e84dc38978a21ade2f4cd741d0c4f6ae592d93af9 +Remainder = 4317c686dfd56216bc4865f8dcb6a3446e13d8b33861e74d6c4a3223c387ffb8caeea0141049898609ed1abfc2adbd21756cf64a72272aab6c0b8f2177419abcbf9086635dfbea80a7b884181f2f2ec9a402cb0505e8208909fe062d5e6dc7094d66af62 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -d0ea50558197566f22704e66a70328cacd6f4b7ca9b00c16b7c4b4e7dcbd47c9b2526b3858ebb4de7a571ac570872f3b44ba1fec655c0778a8a87ca24851f6072c5c0b7591b5e67a8cdaca78fa46f201e02379fcb9a8470e4a4971acde36cf501d369751 + +Quotient = -64a078497f85588d3402355bf3e83d25ca1f0ed2c24a395ef6de6b +Remainder = -87fc31ac66a24ebd629a26209ccac1b2c85e52dc83c5240269ae5a27333f33d31152c9470efd41472af034e8536bbe94b0a49e892b1d23db3c13fd84b7395d7e3f19d7d4cb4a4c07dd1860826696cf7202483446452aed2b4980388e7eda0ccac792d77a33 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 254a85bf512d9159b00a70678239902ee7e15ac2790ce5747c4a4743c6a0851e6a179b64c75acf312dd37a7b82a729246f79196b8a399ff476c48a05f89c29fb106bb06ef0300c4b330a7b2bcd4ea1e82584c7a96b99ec2131c885c5851343cfa6ae4d384e8 + +Quotient = 116a06b1d38067cef9f55875fee1254c8ce39b42c19fb232a287 +Remainder = -c15a797fed3810e4f536e9509564b2142ffbfc0c961ee5aa923d43a824765c05d2a99fef79bfcb6310c77a91d9bc6d0762bd687493865de270c99989e891fbf6da7ea5c7c7a1032449457eb73222a011bb755ff44e4bdce8e86f8aa9f687840c0832f7fd8ce48 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -d77c14100d19fbaff6334ca6aa504001a1d56f274632dc89d48e1d517935503c26b60c047cab9e186a55b72439761c884f63fdd2a38ca1acc653f6ccbb4b7262e6215e6d00c8829b448b7ac8716fe0bfdbf8088c8c61eee8f8db43b7b5551f6278081ac2eb1c5 + +Quotient = 6fc9533f6d0e6c55494cb1b319ec47bde8e621aa92d91155e +Remainder = a1a70f674cb141a896c4adace0dc58cdcbe2503fd0ad36ce348dc5b8afc96d0f2f8c65bbbadabf2920012798b7ccaedbe8d896dd2674082ad3cc75b54c5c190ad56ff34e8cb5dd29c031656497d48571295d6da396d5f4cdb652732d874a79a674d06a1d7b979f5 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 21917f48bb8e65646c618068fd9069c06e22ce8c679a845f9c4ec843849010abeee12e2d3c61fb963297abca30813c446f2ae82e909ca6ac7839fb58974fa65f3b5d91fb8b3f99d948519ed56653d50026d694060208cf48e3c757f64885b4ed4328c6f071e9f5d5 + +Quotient = -1abc689fd19523d2e295f260d248041bd00ad3009cc7581 +Remainder = 1ab5af1478fe7373d012befb319b53ff9e36899c1749ea763fb74f7d24624e70ee78faf3115c2a423629528f45295e4adec7b122b993b5c29260558be4831df06468bb1c63e8afcfb1b9b533ec6acf754563d2ae25e2adb4cfe5ee3024611e03a156484a130ee01f3c +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -8c5a7b6bc8ed6ac015ec24efff607b0446c1b736dc8b409e2f433e69d0ca015d70c64b4c924175d0e0102ebc3e1dd96dd4d5bb01cccad229e699f9d8f9ad0e04339d70cd113e93d50c10c03083a81264396f5db2d979d272798ed30efa15d52289d0c72f42582ea56f + +Quotient = -4aa210fbc0457fa7366a8aa9a3acb3f9fce812303ec9 +Remainder = -737bc4fdd3d5496fc7f936ccf14bfc3d93f5b7caf4718c444db7a3228b41015c67aed304fec7704ea8238ba6cccb1e94cac3bcf4764a44bafb49e5fcb0339ae44c0114cc304b9c4370363657cd2bec09bf962ccb21f6091b081e71d2bff8556600576e18d4f78fc68b12 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 324774e49bb429553c10156e8db122670d6dcaf6ef5291f515c517d7ffaee36ec5ec5ccb4d12dff71ae7a05bdfbb03ebaf4dc6c4e8bfdc165b77cae20153c27d53bf27d92ff25643b4888cb586e773955a1c02ecbf0fa6958a8ec0b832332eab2e449be6e72c48d2f1ad1 + +Quotient = 1c8631a18d189f1fb689f896005f2dd2098e0dae9e +Remainder = -1a1ac9612fc3354056a5378de5b315f12591ee71f0fa9d8a6b2ea2b1c4eca9947e5c4f5ed3d4b78e69ef7a1f5a9894b9c7d85f6e2244ae76881eb06584eaa98c78b60b46084b517f4882758691f91d9e2acfd580d5e901dae14ff4a4fd6b0d7c73450e4928fc6f02fb5463 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -838df2a27bbb033fa0e581073b879d6e8747fff38539801a1870f2e52d91bc84cf10f2560e93784650fba080304244dbfe9da679f207b6920be46b0214a1e490537e56d99beef3f58b30f311a12283501ad79a5407ff209d19a6efd0421aa144e0cd427380d89bfae5d1f5c + +Quotient = 4213d04b9f0b30026bd355404bee887b22b2cf9 +Remainder = c2bc097d1c20f050e88912f066b658446cacc7a4d510343a8d88ed007a8c0cfd5d44fe5f067a0e81536d121b39f2d0feb8dd053bb5632e3f9c04be5f6bf4091d646860cd38c96271cdba466ef8b7e2377a51d5669117e664269fe3c08a51b10e1e019ac063d670a3c7db12563 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 38ca0c2f03a5c56676a2f95cd7a69d4aa2085343af6b1d2a71e0d1c54157ec0e8f9125df2a499cdd484c04feb23b1e0042ca908db74744584036c79f21c25c40401d551a65afed0ef35f1ea000fa1a99cb29e6307f6ca0304145f7e483d008cf9efb028ebb654115a8c6b87a08 + +Quotient = -134e043b3b88b31f89ff4bc709cfa1bd2c1a8 +Remainder = 99c1c846cbce5e9a26c5afcc0186bb1e43b2501ab3205d13fdf01dccb9b1a935bc1cf8adf74d58f1c316381577366b6d126da49991a0d5e02acaa678085f335ff8b8e975e5bf2e52a05488ebfc21a3e0d0bc5bbe67442f77bfc3c1f0c03b7f7ce42bd0fedd8a498f018d8cbea47b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c261a6c562fcdd56e67fbd2b91027f17c95da43175eaca6e4069c16d240ebbd240582dcde953eea739a4668fbfcdc6af8ff3ab58674c95de90fdb43f64a61108b030d644a44b0319b912bb563f61e520dca9c88f411b32e99c872cf00a01f5badad584636352913b7429b99ecfbe + +Quotient = -448c4922b7a7d5e1efec2c3f41d0264b76 +Remainder = -2599e928027d10d3a11056eb719768e5edb1a625fc0b8a1dd4439ebd30a82bfdf89e617ac7c71622058cc64ba32dc242d96fe3ecb856f1b146f831334af562cf88139a99410dcb869b9ad6ac4826563b400b59f55d8fff262dc920fe525b12b2fa167ec237028a098c9117cb77bc3f3 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 36be11eb72832f8ae7b6bdf689f794f62cc1c885e64706d14a77a11df9761c2e9cd81d8f6a0ad0cb1696c69afd80c8bb992cda5100cf1162d600515568b9dc9c81a518da9d240888d4984df65c129ac0b4c557b4e63ee5be79a27473ff5bca58e559cb04c4ac93b61545e7351bb6514 + +Quotient = 152474a1a76700598c18d9301866ec00 +Remainder = -274a2f9e2bc5f9d75f9897b28f840b71bb10a3e4e7a35ee1dc1150be61130b4e0e987e8742c5edb75a1ce3158eb8bdb7d657b8ba39436d7c88fbff160c7488ddff2f13b3b95ffe149a3d0d2d406b1737a7671f69c0e5d7074a151cb2776b2d13ca24bec261662f2967fd22339ed6c3f2b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -b17c79a31d5085b49793b6a6d628109a6047e3b1afc947e5212d0a9ae32b1955cfd6fed07fc60634ad15f32a9e402d7d5f750fb6d1ad958211f9e8ecda8990689e5212cf72b24e9b51bd07a6e0477dd4c02381d0ab6c0ad3cac1f620f723ab004880800736804751349f6bb19d3db48da + +Quotient = 5665f53d5a7405c83a5ff382ec376 +Remainder = 252d055186ec896cb3142c9e4e49c441e2ddad365b86ad21ae4ef1c522d3306c2834d6993a5e1f8c64a1ed582bad8ab746f7e773fc004b1c47814f73560db72f7237ef6e2f671d3b19a8777be2e4c662a76db87ea64f32c48ea371b1ffb15df26726854a417e18afcf49054c6d2e0e337e71 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2b6eb2caa3ca650be02fa199e9ea6c48646a76434e268713753a547e49571f9817ad396f2cb7b16d307801fc8892f0af3e7f93ce08f7955a8acfbc0b56add4b4c7ef7351f60e402b9a8ef7fe02ccdcb4b00b7ffe78c7009268dbcf1d606c3a1b5307d9a8ee6121c6a635a742b8bf36b56cc7 + +Quotient = -eeda035247bb13860f228d8f2c +Remainder = 3976edf710ab42bf069e5829de7e16962d1b765f6ae6ad0ffabe723e21ab01cb9f3f5f4edb1d8c13cafc0556c0aa93d72dbcff754ae9260abd294647b71785bb049bbb865a26bba22defc458a14af019a796e942e77d03484028aac2b3798fa730ae0193d89728bf80a8728715a0807b3c497b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -fb5e55f261aa96f54983869d58b3e9f0757d363b9c43aca5580b7c0380096f396ec79d1b30037702c19be5889fc6376793cad51975100f33ebf43e0897dfabcb9adf3adf8d845aa7589ba1f6d155b25f73dae3b2f835595ad6050401fd4e6392012d06194af415b810b0c10a53bc56350bfcc4 + +Quotient = -5b37eb0c3e3f8f8d9ac6f4e4 +Remainder = -28fde388257b9a11441c592580cd38caf2d69e2ba57d43151c77d26535226e05e08a9e6d8ed470d4354e9f46b7626e5f2b22b652a2d78f817bb51598c727a765941fba63510b58fb3dd5f30717f237da43b42d20bc260b06d488c9c912bfcea1e7808544c58960a3e1355c50c889cefe75d4d9937 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 29232a3fb059242cae6e0b419ff13c479048cfe46a9063188706c6a3842674b16a1aeaf771c5b0ef401d2dc8a57f6fb4fe1b3c7bb545c18ae763e39421e6a07c4469d234f9fc737ac21ca67a5553c7ed693eede4325dbd132dbd9889d815c02f426801eff1f46e7a52f72845234acc6c153f34065 + +Quotient = 1c7ac058af2e7bfbda9484 +Remainder = -54d7aa6dace87e61e24d87053b9d094bd160916b720d7cf4f740a4fc5a7f03909773d0456c530ea0204427146fd44d3ecec51d8627b5768de1494bf42081a8a4fa97163b0b93b59e70e533f3257723e441cafa4aab471ec4086601021c4462e1f74bebf298ef45fec98fa8e6ea97415f84c93c12633 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -83c2cdca7577b32c20e9e20fb498a2bceb7174ea9aca09d4dd2fc7a1d3b922797b4e9640c7eb9dbdb4d93c7fb9daadd680c1c7645d8102d77e9c877a9f65b13239f9a650dceefc1fd41ea9bd2b38a622bbec99cfddbc6e88f377cd51cc29fd17a27f3d0d970403a2aeeac6ff9fd69c3bbc5c2b0fe7e + +Quotient = 472df5f4393f33cc382 +Remainder = 16579a289cc776a47611353e158c43dadf0a78833396f8419fcbbe47d90c7e840e2c90e73e563e6c505bfcf691120ab0f1e9ef9c31db608cade70eb8e487b1113a46e2b5c7f4a172ad99b502eacdc0f91c295fe608389e61d030607a94d09d349fe1a0cc46d1e07c8db533cedebcb4a3b89afd8b924993 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 34b7f6780620246f5a0a92a768072185f02e57a52db1d865c21c952f4386ddb7e2dc1df076316cb4f2f394397cbcde1af0197fcf33e6428e6f5d42a9ccf623f75fae5940873097d4591d9b1a4cbd00074d134272700ab06d901742da695c3ca9d4f917a808113336f883e769fa8051cdcb0cad7cabd1cc + +Quotient = -12b4e74d76bd306d9 +Remainder = 8768fbe8ddbf60b548938d8b4a74c4a326ef335257e5f513e65a7d2cfbe9d456425ceb719407bde3cbc74c9c978970597b5663a0ec61962e77eb351adaee2d2d37f1fb55b5d2ceccf282ea3a0d398be1dd1b166d55dce04a39ef434fa392893618003adcfa61401276ce4e599051ad93152e3477ff524f0c +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c898a753745f0fc178227a7004d917557cf3dcae2e85e95aee51e137b29c895755853ce2d61f214b80070174cad8ebc2795a7d070790acd335b383f9dc88c01227eeab85f1f29d76c1136ffcc7b9fdc073a3a03d8812c7c561b32d8e69754fff64acfd64994b7e9574d2a7cae6bfd5a6fd61dee7ee993bb7 + +Quotient = -548c97fd02eca7 +Remainder = -939e90e281f97a433eb1c6510668d0fc448f03d737d92693b6362c692167add7e4442105d60ff3db29c03ed06c3121aa4a53c4625906519a4092e4821c918d2264ed0cf088b7da43a222877f3ad9a9fe8ec06fc66b9cfbb44e0fdca1dbe4e461dda9b85231b5b9733e0c78852da83bae557755de3680ab61d4 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2c61dce04200e725ab0ecc5016f66044218391bdf650bc0bd31f3749ac06c24707e79526ee459ccfd4bc22834f8d23f391f2e99135f92b5abd0b04079ab75a263c0e98e46edfb440cd865269ed7872e8c1ada312df1bfd6a5fcd2ebf548d7b7d1d75bc36f62e5e9d15262bb8652a8041e5c8f4d673eecb777d1 + +Quotient = 14622572f311 +Remainder = -6d197a84d2ed486327790059adb5c073218c56345f48c15caf6892734fff0aa7af4782738bebf24d984bc8adb3056f67e57f9960001a67fa462afd8c57ac9d60ae6517d58ffb4773b637ebe6bf2473a5490511fcdc576a4c40ed03b3afcb2fd27c57b66a26f6d3f9b2bb101502b1117ba3ce7214c9db6302fe20b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -b818674faf69bc92085b7230d9335d7bead0413f2905539a54e8d1233843ef13f07cb5538e0787097cb24f152cf54a92e62ef143e31cfbbaf3c09650b14229a4f61a783eead26430949c88a87f1618788abab9728aa52dd8419f5d568e6a109f278b2afdea91cdedca43e562d4bb8fb7f1b7aef13992fa7edc320 + +Quotient = 5cdbb03ee +Remainder = 1cfa68d5da7a600a7ac598b9ca1a0759f972fd9a46ba62e5e96d8f6f00fbccd0ab26ca03d14470b43793411ea9803c9409908625fd74ef8f9b2d7c2064b2e3439adcb684e6f01432a1feb0f492fcdd2b8b5a6cdbd0bf460272218bcf763974be8784e5306c219ee535baf5541b8580952e3690b585fd99f77c46d69f +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2869338cd16322409d3efbd328b27e2ba53cbf71816ff5c093849b1d866b8cdecbd6bd8ffea0b7787251acb760f85c277ded21e56acef05d29bc728cf44f55be87cb4c8913408a01a1ad53461058a1cf94538f05ec14a6d3eba804264df957de7eb1a61b794a1141218966463dd42402c260c229241ec46afdb5a06a + +Quotient = -f16da1 +Remainder = d8b66b622b5a54963c2c84aa186bfde5b67a3562e07a23a5f6843bdb615a3c5d4f007ad8b275ad7e4c5b1436252efe35699cff2e0546e6dd8c7230d6ad560c51cd54db6d312be32ae4c708e9047c3a25c211e2566c58d6b9291de31612006d4e847c6916702be99b3f7ce40e1ac842908acb7f03dc120aa8998c60737 +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -f8af8fb7002a9d2218dcd0f0c139b8e3dbbd48e25a5c910f6d0b6684bca224f62768b64955580306bac6bfd45b99ad77483563fc7dbe015edc06bee3ff93b0afa8f5866c23c7a7570b366550490c97ad84062c2495cff30717aaa965a8e15e270b504dbd4fa943be4f97a7fd1f3b589bc9fcf4f907a7690d99c978a374 + +Quotient = -71bc +Remainder = -13316e9b053a06520526f579718c326402d2a9686d51a340375cb53d7cebba99c8d1ae93388db0a41cf55d5753dd1174014ff3305fcdbd5b02de9e90c45ec0d2900ebf6ef847c2a045eab7f80f07f01c81b9fff093a779a280ae42239df79de8d2ec4bff6723788c86786fe276ae6a4dc1472442b552258e1e5b597305187 +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 20fe256859a2e4c4f77db6adef78b2aa4758b29ad0787ce7e277bc68391d5949bb4dd07a9b1a79fe890c8a760871d81adfd3858e27d1bd6de33fd31b8aa6131fef9130a50f995c3be1d615d1bfb9878804b7f6494237d8ad78ac219488f17335ae54b494532f03a3fc8e9576cab6facd90c662658878fec86db66bacda3a7 + +Quotient = 10 +Remainder = -23e09736f469c83f280052ff01071b1bdb52b7e2b061e8a1a8c6a4e091fcd7ca0b33ade885d928a11a3375599aedfe554d1c2289795daba08f07327a19a8adfc219592bcdf9fc5aee5961a48b3b1b5fc380eff5ed2ba7d7e564462397fb6c6187254ee41c74602b141d7adba99205d2e0b35da57efa96397b3a5d112751cf7b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -e849bc0bfd9560cb90e42c8e4e88df175133c14466e530716d89ad0326b660b0e617b4efe8df6b000f517d3cc24d9dd4cafa2773dafd4c6bace0aba54e43c17e8e3ff9497a97ed83e6408aa0aee0e6485dd1d89d52520d1acf4d587422b0c5cd2d5e7e81fdcf842d6331779e800f96628206e8be020ad4021789008a641f67b + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 22004040a65f9b6f120bb7243c638cf3a4cf6fc58c230da932c79568f68e31af7a7b8569aae77af671f8335ae68d6dc1698baa9d6ba9cd633a662101b45bde51d55098b50fabde8546f317ecc2ae7a39521bc075942e3751a349f51ca3c371f3b8a6cbbea3e11a334d677c07612bcdca767194c07fca78ea8a06cc3b0dc6dcb8ba + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -cad46f410062dc33ad4d712c3b743ae2b7613576b2bd7c346a8479ed679a08e3644c7ee4f23b95f1cc9111905714b170abc37ee1003956f64f0a7e876b38d524fbb2436ed56069479d8d2e4029770f7801a7278fff99b3dc76280f35c7d43ee594073f725554a92eaf4f785c18a7cf6669dce5adb0995233241f3294cfb5bd8f4741 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2fef69f9745646aa13e0c38d77951161a1f881a7ceef032698da3fce00764959f11140bec7d7f53d6777c3622453d4525fb068da48047609d18d463a8fbacde1d21035963b668ca11d5b9ae66db13de7a7a5b66a40608dfb56d9f9f0c8880426641083a05b5ff9e6ba0d6da3a04af1af01dc218e9b4f6ad7b1d3a4d1d26a5c906093b2c + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c50a24e5ddafb768f64677233c5cf09da1b4f06894bd68e194b23feb5c5d6844320a12a02d13ad012f13b1438eedd6313bac9c1f9bb4548fcd314988d8fe0ce6458306735307afe08a96a0c2bcd9cf126f529e48b7ff4b8266caa28c40b5c3d2a473ab8805c860d27d7ee9c032423148d96fad019490ea019d40679de7a2a3323e80979f9 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3a8682d0e5a4efa985dfa8bbddc2c0d72a4400b8b070a8cf7450aa8f831d8a91c9ae3542641b7a4ad793e232a0d301b82664fe2c7f20bd9bf8275828a2a20027d6056b211638b9b0220fa4252d058bb485dd3c4622b1eac97d54b9634b558ff1bd5bd11085d4f3d288f7965af52beaa922b23ac0207d5763c24c085076128e0ef7370eeaa19d + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -f00fb238bc9383079c7ecad9b9f6efc622d58a76f2d5d40ec7cd7c3c083c459fbcf3d128df4d20ead5f585505515aab11c36584ca622d28e0cf037419a649d598346063a07e29c61b7a8e76d1949dbce3720d45576763aa0d391b39dd6b694c7cc60a1b4f4f107d87130402985695e1847e82cce39b8d0fb5c88bcf3b37d6dbb90baf5a8553c3a + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2b809f6baacecf61198856d9edbb768ca2df2abe9b7b8ce1669fd9259732c8569c0cafde2e32d253094480ed281a8db230f84e780c6e8bbf3657c0b0baaf19ea973fd8daa2870c9d79f3695d78e063f9130fe07ce806a088ca267fd2820f10dac34b5b32aebec20e4362dce26eee0c29d2fedc1e020d452bc2499234d07a2a6e54314e3fd6dd85fe5 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -90ed75629073df816ec1d6dfedd1cdbed9239661e362db706288dc4d774d806bfacfd4b32c3013ec67d8c2af133b46989f12f809fe202d33d5ba53659bd2a9a85d3fa542de4a5c656aacbbf8899aa66ba816b809f2629f37b0444cd3a6dfc99103bcf2a5ee87790b8401be806b5d7fb7064ff0a6fc8ec769d0ccbddbc3d35f7dc4d388d8d28021c95b6 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3f60052c9dfe0bac797a674ca7f11377a24c28a1396ffa0f46acab7909543086aee1995cf51852ea4a21ff4bbf6e7309cba9848a7b2e3b33dbe660bdc58d513d16bc709f1f2253648b46daa7aa037332552db1da81b4ab9850ac4ec66621648fc856a71eee3cedc6617071600ecbc5ac8636233f288ec249b7ae0bac942a5fd539d03990c4fb28a46653aa + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c12fc156d9345cdfcff94bdd324429530ad8caf8afaaa1a82297eb3a8aecf2ac021384036749e489fae05e8776da0deca7e4325436bc8f383bed579c2d67a456c4e23871489780d760d63d0bc0d1d0ab41f06a091b44f602bcdc0bd4e817202e39ca6a934c0c9405adb5a14d24da895c58a81d1c7ce52734183e00d80a414ddd8869998822364e029b3f42cc + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 205dc6227dbd3adf8ee49dffd43f835882822b1c94f92cf38f5efc62f943075d80b33588973a0e0a8ff5e800ede21d394736ba98d4eedc53a9122f8c262cd09fe9e91cedfd0237003b0124d757797ee13cd03e7a3a257bd8df756940a4d22face9287edca00ca23e7d5e629966ef710b07e54241dbace041aa6d9f82687c3ecba818203adb376ec0b201894a500 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -82c30a9ef6a83d81b77825c71ddc563939b8508f1b7e44c725ae0f61006646ba9b86507ec9a4dfd3755ecd8bfb451c2d43a61599732b8aaeedff7a304ce0a9327e2333f75e9a010556ecbc3abaed02214f25e1c8373bfafc2c288ea36b8d5f848b76295a141d8f633609a6656c07f3d98177f5fa83833476dcd111aad179001f81d6013ca3a54cddcd8dc0ce7eb24 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 33aeafda3cfc20710f0b4a3d9ace4817eed80ca57ce6c82dc2e7946058a40983c9204ac95a1399fa633bc96cb10af3ddeee3ad2337c64391a42dc7794fca629e3e1e4e03a2ae24a000e7113b91c1b6230cce9592e45b6ee7984680b45aa0aabd7f56cab1a64ec310cefe5211821a75deef2e0c8e43eb467dea79dc8c03d2d523734498d079d5493c904a2ebfd8a3a9bd + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -b897bc87a40211ef8f93645b1f6c981fa00ab3b12e117a89375400ab5f4c64bfbba01d265c7bc6f5e3a8e26de5de9df3b8f70f4a39c0eba577db5e4b7a68f751b4a69ff4a38915983cbf70dd7e066779405d572f5bbe0719c978b6865ea1a72d90d3ec8a8c146f20d98595036b3de88a7500d7b476644913e4b63e85c4e2632048e9600d553e560759770a902cca680b17 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 20604e080549e1c503049ebf4a56cf9447d90fe699a9773915b0a65588890e15bd58f55ad7b52bd7b7992a8b24704f1dfd5fd07c70aae4ccba5646405ff8a9cbf542dc334cc0c27a790c05420b552539fbf0a155861bec0e4d9e3fbf045720ea3aed58307d5738b64252a963f3fd5ecd0587cb4d7e159b4980dcb112e26c9c34f10a192e090ade157eac1d7a6f970871eaa69 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -f11fc9682601cab97c25533b2599f50edb1ac65d46f1969bd9c3cb3717461627621c8cd401a0a0b91f3645b8804e095aecab31c1bab0c26df556adafdd7e7f4f0510e0bceefa3619e26b8c9a1bc613db03857f53e9eb5d4b8f75a8cd1429feb81edc705e5a779d5f95373d2243368ce17ef22da79a6a2672496bdf629171b7973fc4659c8eae9ae867cf38d6d7617029bf59d2e + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3cb0ffbd9ad21d0e86e4e4dab4d237e2a17d97356bdd305fda772fdd99acefcfb8309d813643c852f66e1c6c7fa41ffd44f8335ef7333b2b3e846139fa9be2c4ea762afba4e11263c0b5fab18c5efff2a18d83ee89844f5f4db2c1325f0f55e066a9e01030c07a85e2c9bbd37b5e767ebcc9b95f474ecff24df9ae52a19edeb66546a3a28980f616eb5a351cd399e5f8436f17faf6 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -b8aaffe779855c6ae51807f8cba780aa64bc22e8fa5e33f7f1dcb084fc476791565bc33eb37b4f791ef5cf46d64576f48b5fadc9f096f20c798355861ce5d24a7be1450bb871f9821099f98213d74a5e5cf83b895ae65e0e0fd096698463906a112e6e169a1cc0769df7a5ba6812300fdd33611761b6339385e1a70f8f8b2be7679ca216f5b183140e69586a27aaa9f2fac118118875 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2b7ee3ee34347dd89ba4a81415aa1269d0390346597b07444f0febb71d490a01b6fee174634bd88e8aa180409549b2726d044b4690353de2fb2294c8f69c612485aa066f68fdb89466760a85901cbc7312bfe5a6f656e67dfd2d4ee099ff97694b01d6d5b8626ab1650eac5267be53f5f3ced5dda1aa86bf42ae132a28fddb94902a515da40e0fd0586dc8b17a34af8eb03d06f70ab89df + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -bf8213944ba785e01b8d37a12de77b2ce1492f34bf6f67406cb51da89675b4f70f4d4f314f30ca8d65cbc48ee2fa1f0a3e4ac0de3a87d2c4c589b6812e850623d78ef2e46fbb555f6d3c69b211892c11a4a2dc3d8a9a19e96a07952602ed5ffc0232c140c3e828acf990e5425d8dd9ce0c1107ad1c6f96c8fbc90ffa457abab0d843094dca3c8a45ddad81b7850190625613a4851485f38fd + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3083421e375f0722b9397e156de47f77635d62ba1d51794469371b473b71c02e3722841bca2ca06b5d1cf1492bbacfa0abfe394dfdaa7bb8787550ddbd953540e9c97631d9a1efe0c8f8e14f395c82d20245cec6d8021f8564b4d66e7779c3245734c56fb74481172f4e349d9a113cd0ee5263c69ebf746c5285cd4c0fa91d9531f769fea3610c2972ccfe9a22c00aa62ebf52b3a4c6135f3069 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -d736bce537f47ae4797faad797af8cfeaf8a4fd42df1f7e61febf8ebf6e47dabc48252ff7948f3dbf8cc369b6952dc58f64cf09b4c53447d135c7a753c21b6052a9726a47a61e13628edf0f2bdb357f2e780ac1ae1f28f211296c8961c2955b773d7dc2904dfea96780b2877af133c9591a0dd54cb20884f014f363862478ee7ec45236bfdcf0321af0692e68f744af28fbcca827ebdc7b210da38 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2cf1708f1e675ba688c0d19eb61a05d2c8642528ea6b1512375faa732acc59ec04ea0aa55e0049144be09eae1292b6cba6db7a9823f1e912df6a5032bb9674f4f26c0c8244ea0dde7acfda566574956cdc33e4a27bcdea25fe255c19f218cc4316ae8428ea61d1bf865197a066b959c5fcbd7c9596207997d05fc38e32322aa189ea06cf5139522571661745c0d72b740dc6d842f1dd8481e318b5792 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -a9180e44a284b5bbe72fff46e55869f749b626ac33c8cb17be1fc260d7c6f460f24a89e1367112e00d0da4d213a821d09f103f35bc4eade5605bef23c5d048b1cfb45dace8b9c637af626a85fc773cf51e6602a7a5999a030030cf114ed6a4ed7583465b9303a72e7f60824c12329517c6763b0f64abd8ba2b9b26cebe882a51f05ef8076e527d53a213db910a5f42be5fb78729a3dcd08d69a709920a2 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2f26e156b3b1117f7cec542b20fcc06ca66cec03a19b6f5eeebf22b4c0fc265df5ff06fc9dcac569735135bdc142b526b295225711efb71577b10aacda2fa446f5208487c725407c2188b3185237740c813e4455a6f1dde4f62916237f23164a3471aac0fcfe24ad1ce1dd81a6144f5861ad0cf22dc337abe10fc4a88b36116dc4929602ab48eb971fdd7a5ff747d6b9e0b2bff75c59621550991966a0a19f + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -9fe18ae697576dd36ebdb621d14cac1cfdfd1f5cbb7cfa8962c5a7dace96f9f54fb4f4cf2e650dbec5d1ba89ba53d251ecef7dcc1cab8c2ff3d77903f5fb5f29a4e8e3a2a3c05c105d5733b5132f2f8d88f99d17de86ca1191c32ad8ed469bb649ef188306f69f183bd0fcc32759e4f855170f88c0a3f6745aa98f6225536821bfa056a42b37535a622f42b009859c974cabf2e14f75c749d0fe5a01fb3ab0c0 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 33ab185854b20a8126884eed85181b14e75d4ee452958cc1043b099bc16c24b9c2f3e0b792744f230013907844496e600389800e45fd55133fff0cf19c9c152b9d031039eb90da568f9c5212a3ba283f4d1353ff8ff9dd04d292c265bdcb77c3e411716f471930bccbb8ddb819ebb0e0036dc1a18457cd97f4f5909a725baabbd15e8ce33875895aa8dce77a4dbedeb0271a2a4a17f77f5920c3776caa4a75ac650 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -e7ca0c037bf8bad5f8d9c5a2737e044d9f7284c616156d142612a53eb217f57f4aa00b6daa424e6c0d9163939e1ad0510a1cd64fbd576f3e54c59d7aa6228fb3caaba7cdcc951e00ed141ac3a68abb9780bf46bf544fe0e347f677288e962fb69782741df49b27cbbe8720c6f8f2e769147d89df6e17e3c592bede2e696d384b9f01b99b31c505d67eb6193a8844f8c4cdadc9fe45dd446a0dc572c9da6e58ed303f2 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 22b76d6973e37aff4a09216e57662f186c0a0748c4375d6bed370ea61d1f6fac2d9bbe04487a629118b6b0b0c8cc4179fff7bedcf048cc529498bbd9cc81ef3a103d6cac49d58bc41c83f961b6df7f00c7171fb7d9359e03c76e4364cffae5f67321ce646e9b05f9c04aa16ea65389e940022eda6dc740ddc070bfc7e589b86fd1559dc320701c39de20d54d0483fdeef6c4fd012850630b982c2e243ac1ff918377ceb4 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -e6e4d69a82b83e26ef8ac0f4c3a211153ea6655b7ca12840e7b866510d114693049c5b8b22c3a097eac832bbd1986e60564298e54dba3316807ad64bd6c18903a0f22660c9e8d5dac180f57cbb90b176b842d5b58d6dd9f47499a037833a92a18f397238a8bcdc4afd129382fd6d200d3d267ca1e6bcc2cc65950831cb8e30bcc01665c8149b874c9f11168153c187341afdc43e4d8652ce4fbed9f9eac75db40d64344ade + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 319a81f052db21ee213c536db2cb8a71e0dcd0a9b2ce780a9588c38b717c5e487a337f82b5223f638fb552e92b826192e6a1c27771d1e86584bc6c7cbc5d9a6ce6edf2ea2ccf6939485959ccbf3183b40e410768c4665adf90a0ae2792fb4b5d8aaa06c6294e31893620decc3bc72fb4eb68f1e56b48e39c59abe869d07509b7564268d0b7f178ef09ef5dcde6e7dbd2a20fd1d4fcd707943dd63adf590a117ead1ad10ff85cb + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -eced809145e696ceaa0ee8f831eca67049509b31a1b15e7fc86cdd97a73a2ca05bfea5f4b283d287e49906463ef36f2f8ea23c2aa12d5534c08e9769055e04822be0f8ac85f404f5c025a6833b4115f78da9470451c852ba0f24062397d20385f58c5aca10f3f09072b2592e5672ffb989a390abf86cbce74268aef1f4ffde730b3b962df1088bf8745105a7462379ce142f819c2538d9bba99e094ffbc4478625bc54df16c5e1a + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2c1ffbbb30e71d5fa77b5473392f95297b489c85f83013262abbe948842473154e00c86b2e354278844083f960fd746a3b7cb9baecb9c66932774b3a28f678d50dd8fe52fbeead43d8c8adad7c0fcdbe5e02664b0feb0ce214c5fa007c5fa2d08c5fe96787b95639311cc4b7eb2a7217c9c38c6d93444fa60c1f52ddae9bb2ec1a49a593e210e47377d3623cd2c4994ad9343863443911062e12233176f4a65ec715b3c9731c4a0cec + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c3bf056b905c0392a7b5fa57446ed350f325eb67d59f1784c744b04c7f4d8f5397db913407aa8a7f1dd0225c1a9673828db0d8bf3d4908ef53307131bf5b5c4c6068ad73b874aab98e8db33b0a758532172acd8b2c830d0679a8226537090166317b8eea91e8ee4a7282c0ab0ab6f2b7b63d728d22b534fdc88294c376a8d036ba9a644c2489bcc84f6aec83afbac08067a7b93f3897f8dadfb68c327b751841927a728faba47dc44ec4 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 23fcf9510caa531a304eee8d0b2d49050fca83abbf287b6b6dea06501c5afc6d87d2924df1d45b1bf6c4bf77b563a3013cfb4ad9094f8ee9892d33f6ee1c70131cd5721c5af804a9da7654510e8591aa185ee723f8caa78046d9e6fbb891e6024d2ec70110ae61c3969995e35941d2c7f3779d5bb71ce5b693bc9ce4b087068adbb554acc4ab23624e060f7cea169ab512a06ff3d2a36c2b6e3bd9a75f1a9ad30a6a16b0256c42eaff2c3f4 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -c32d5e643b12db6616554116299c1da672efff1eee394378c5e9e5f702ea4ad64f0dac8904bd2751d2cef91adcb283599f6c661967dbab27059e94dd50025489cf74c6897a22e95013669aa3063fcdd4b73aa6a9a1ba5cad3956bb26346e22df6741cd0ba1c0ab87fbe74035618a394383823216df47b910cae495b8fe7ac5feb3b2cf0d0ef6c75db477160b75324db8eeac48a0fce72b9abbd7079ce6f529a89025a03a3777cc7d1deaf3e4a + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2a8f2c530342bb6ce683a760540e956a1155c0fe065476e400caec59861ca97ca71e51a11b3213b2baea1a41a29449998778e0f533fcc181698d293f05e28bff2750ef4095170de98a19a36ddcf59a65f3789a3808ead51680245070262c9544e446f23652eba47065a2bc4701c55378bd49733619ed2c213f8ed12a4a317c465f37efe07ff2df8e88fc33d3eb42cde9408dda28215702bfa607030839285a8bbf89b5e8842fa7d7f50d83fd4ab5 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -bcd2b2362aa146cd120b729e81c98ae598804006d046a7ed0f9782baa10a85e37c7c22288dc61c24830a1b42b123d63779e88d7555028292fed5ada1793264b35e961b608bdd7398e421c5474c33a65059ef13787e0cedf4f8f032beac48c4b5e5a67417109142a43b198ab617d1de1a38d6fb4922c6ef70a5aad3faf6f8d5da3af9679c94cf61ee760ba792d2972376425e2ec9c4109e969e3d9c3dd90cdbaeaeb7382cb7bd024b75a1fd6d621c13 + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 3940430ace4b5b87bf4baa2673582db3d27307ca4cd8e55e976ea3e10da72b6deb7de932253bc9228c85cd4ae7766cd0264004c658a66d81e60bb9bf4dd66e2afe11057b7f7b53a1ec222510748be53a93970fb056e8082631b2b77413fccb6e61cdc6f224b7903d75345afed8a4f194b4bcedfee1f16dc256c2bb9f4a129fab6a9fe752895a93937a3d087ab7ca212991ff34f1bf1c55987a574674af43986312bbc3bad3280bbddf4ab0217440f851b + +Quotient = 0 +Remainder = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = -ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -f0dc20b88450f45381791e85d080e4f2cf38837391e16e608b8cb5e0ac0ca75e9f72cc04bf2f56f130d46aff31efbabc0ab14f0c0ad680d6899797297152be85ac012644c8d0927b5b6c70dc3e5a8d79ef92a0873ec22af3d9683bb5db1ffd5ebfb698c5ea64cbe2b6a8b9f14d4c18624be1b78b19eca14942ae9542012692cd0d5289ebf75fcf5486596f92659143e9f952af3622137e633376fb95e628055e0fb1ba3a37ccdf0af69a4c0d6b0793078e0 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = 2f2135850715f623909e41a745eaf7b37593567fa8be2d1ccf76d10b93a096e244b91d8700cca37a2ec1bff7c3d21cc3211ea8b03a3594921dec32faa185e7f3d9d17e98cbf8d881fd2abb944181659242ede21df7e5e8784f541cad678df1ef6ca4a5fa91f7856c62fe593c4d24436810cf4fbd11125bcb571f6975d82afeb81bd0c7700e053fc175fb5fc7b329c438479a863b8d5fbe6b4436b67355c51d0306e8847a27a30c9e61f0e08232673cdf0ba4e0 + +Quotient = 0 +Remainder = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +A = ea87c57f6cdbfd4f836431be3e9950c90ee8ecc291eb4efb881617512fd62e2d86caefce713cfd8a20f4b4925bfc7dba1fcbe99c72932725b5d11eccefde4c5e505952754891e9ded499ec453a1c01a82152c8933f7db4f2b4b19e97baac322eb483cd661a43e458774ef27a29a19c3562ba466381056a3b92c35d9b8b71372b +B = -cf429f101a2e19a65af1e238f6745215cf476ff2609c846f10289f1ef21b89af2aec53def3f4ec07ea42041f8b5862dc37fd03b2df12adaa8c9f1933cc69b526d47797b40f49545fd093b8ceddee3c55721d1fa19b336218de0cac56d410cc6cff4e620578cf820f5cdaadc367dc4d6372aab1e0ae3831a6d153c14920b1dcf09e7629b7442a06385420d79742e409677e3b82ec58bcbfa668ca072e981e20728a983d84a432605389c855a6668e0ee0d2b67449 diff --git a/deps/openssl/openssl/test/recipes/10-test_bn_data/bnshift.txt b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnshift.txt new file mode 100644 index 0000000000..db30a2405c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnshift.txt @@ -0,0 +1,2427 @@ +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# These test vectors satisfy A * 2 = LShift1 + +Title = Lshift1 tests + +LShift1 = 0 +A = 0 + +LShift1 = 13116120bca5df64e13f314254 +A = 988b0905e52efb2709f98a12a + +LShift1 = -13116120bca5df64e13f314254 +A = -988b0905e52efb2709f98a12a + +LShift1 = 2622c241794bbec9c27e6284a8 +A = 13116120bca5df64e13f314254 + +LShift1 = -2622c241794bbec9c27e6284a8 +A = -13116120bca5df64e13f314254 + +LShift1 = 4c458482f2977d9384fcc50950 +A = 2622c241794bbec9c27e6284a8 + +LShift1 = -4c458482f2977d9384fcc50950 +A = -2622c241794bbec9c27e6284a8 + +LShift1 = 988b0905e52efb2709f98a12a2 +A = 4c458482f2977d9384fcc50951 + +LShift1 = -988b0905e52efb2709f98a12a2 +A = -4c458482f2977d9384fcc50951 + +LShift1 = 13116120bca5df64e13f3142544 +A = 988b0905e52efb2709f98a12a2 + +LShift1 = -13116120bca5df64e13f3142544 +A = -988b0905e52efb2709f98a12a2 + +LShift1 = 2622c241794bbec9c27e6284a8a +A = 13116120bca5df64e13f3142545 + +LShift1 = -2622c241794bbec9c27e6284a8a +A = -13116120bca5df64e13f3142545 + +LShift1 = 4c458482f2977d9384fcc509514 +A = 2622c241794bbec9c27e6284a8a + +LShift1 = -4c458482f2977d9384fcc509514 +A = -2622c241794bbec9c27e6284a8a + +LShift1 = 988b0905e52efb2709f98a12a28 +A = 4c458482f2977d9384fcc509514 + +LShift1 = -988b0905e52efb2709f98a12a28 +A = -4c458482f2977d9384fcc509514 + +LShift1 = 13116120bca5df64e13f31425450 +A = 988b0905e52efb2709f98a12a28 + +LShift1 = -13116120bca5df64e13f31425450 +A = -988b0905e52efb2709f98a12a28 + +LShift1 = 2622c241794bbec9c27e6284a8a0 +A = 13116120bca5df64e13f31425450 + +LShift1 = -2622c241794bbec9c27e6284a8a0 +A = -13116120bca5df64e13f31425450 + +LShift1 = 4c458482f2977d9384fcc5095142 +A = 2622c241794bbec9c27e6284a8a1 + +LShift1 = -4c458482f2977d9384fcc5095142 +A = -2622c241794bbec9c27e6284a8a1 + +LShift1 = 988b0905e52efb2709f98a12a286 +A = 4c458482f2977d9384fcc5095143 + +LShift1 = -988b0905e52efb2709f98a12a286 +A = -4c458482f2977d9384fcc5095143 + +LShift1 = 13116120bca5df64e13f31425450c +A = 988b0905e52efb2709f98a12a286 + +LShift1 = -13116120bca5df64e13f31425450c +A = -988b0905e52efb2709f98a12a286 + +LShift1 = 2622c241794bbec9c27e6284a8a18 +A = 13116120bca5df64e13f31425450c + +LShift1 = -2622c241794bbec9c27e6284a8a18 +A = -13116120bca5df64e13f31425450c + +LShift1 = 4c458482f2977d9384fcc50951430 +A = 2622c241794bbec9c27e6284a8a18 + +LShift1 = -4c458482f2977d9384fcc50951430 +A = -2622c241794bbec9c27e6284a8a18 + +LShift1 = 988b0905e52efb2709f98a12a2862 +A = 4c458482f2977d9384fcc50951431 + +LShift1 = -988b0905e52efb2709f98a12a2862 +A = -4c458482f2977d9384fcc50951431 + +LShift1 = 13116120bca5df64e13f31425450c6 +A = 988b0905e52efb2709f98a12a2863 + +LShift1 = -13116120bca5df64e13f31425450c6 +A = -988b0905e52efb2709f98a12a2863 + +LShift1 = 2622c241794bbec9c27e6284a8a18e +A = 13116120bca5df64e13f31425450c7 + +LShift1 = -2622c241794bbec9c27e6284a8a18e +A = -13116120bca5df64e13f31425450c7 + +LShift1 = 4c458482f2977d9384fcc50951431e +A = 2622c241794bbec9c27e6284a8a18f + +LShift1 = -4c458482f2977d9384fcc50951431e +A = -2622c241794bbec9c27e6284a8a18f + +LShift1 = 988b0905e52efb2709f98a12a2863c +A = 4c458482f2977d9384fcc50951431e + +LShift1 = -988b0905e52efb2709f98a12a2863c +A = -4c458482f2977d9384fcc50951431e + +LShift1 = 13116120bca5df64e13f31425450c7a +A = 988b0905e52efb2709f98a12a2863d + +LShift1 = -13116120bca5df64e13f31425450c7a +A = -988b0905e52efb2709f98a12a2863d + +LShift1 = 2622c241794bbec9c27e6284a8a18f4 +A = 13116120bca5df64e13f31425450c7a + +LShift1 = -2622c241794bbec9c27e6284a8a18f4 +A = -13116120bca5df64e13f31425450c7a + +LShift1 = 4c458482f2977d9384fcc50951431e8 +A = 2622c241794bbec9c27e6284a8a18f4 + +LShift1 = -4c458482f2977d9384fcc50951431e8 +A = -2622c241794bbec9c27e6284a8a18f4 + +LShift1 = 988b0905e52efb2709f98a12a2863d2 +A = 4c458482f2977d9384fcc50951431e9 + +LShift1 = -988b0905e52efb2709f98a12a2863d2 +A = -4c458482f2977d9384fcc50951431e9 + +LShift1 = 13116120bca5df64e13f31425450c7a4 +A = 988b0905e52efb2709f98a12a2863d2 + +LShift1 = -13116120bca5df64e13f31425450c7a4 +A = -988b0905e52efb2709f98a12a2863d2 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4a +A = 13116120bca5df64e13f31425450c7a5 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4a +A = -13116120bca5df64e13f31425450c7a5 + +LShift1 = 4c458482f2977d9384fcc50951431e94 +A = 2622c241794bbec9c27e6284a8a18f4a + +LShift1 = -4c458482f2977d9384fcc50951431e94 +A = -2622c241794bbec9c27e6284a8a18f4a + +LShift1 = 988b0905e52efb2709f98a12a2863d2a +A = 4c458482f2977d9384fcc50951431e95 + +LShift1 = -988b0905e52efb2709f98a12a2863d2a +A = -4c458482f2977d9384fcc50951431e95 + +LShift1 = 13116120bca5df64e13f31425450c7a56 +A = 988b0905e52efb2709f98a12a2863d2b + +LShift1 = -13116120bca5df64e13f31425450c7a56 +A = -988b0905e52efb2709f98a12a2863d2b + +LShift1 = 2622c241794bbec9c27e6284a8a18f4ae +A = 13116120bca5df64e13f31425450c7a57 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4ae +A = -13116120bca5df64e13f31425450c7a57 + +LShift1 = 4c458482f2977d9384fcc50951431e95c +A = 2622c241794bbec9c27e6284a8a18f4ae + +LShift1 = -4c458482f2977d9384fcc50951431e95c +A = -2622c241794bbec9c27e6284a8a18f4ae + +LShift1 = 988b0905e52efb2709f98a12a2863d2ba +A = 4c458482f2977d9384fcc50951431e95d + +LShift1 = -988b0905e52efb2709f98a12a2863d2ba +A = -4c458482f2977d9384fcc50951431e95d + +LShift1 = 13116120bca5df64e13f31425450c7a576 +A = 988b0905e52efb2709f98a12a2863d2bb + +LShift1 = -13116120bca5df64e13f31425450c7a576 +A = -988b0905e52efb2709f98a12a2863d2bb + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aee +A = 13116120bca5df64e13f31425450c7a577 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aee +A = -13116120bca5df64e13f31425450c7a577 + +LShift1 = 4c458482f2977d9384fcc50951431e95de +A = 2622c241794bbec9c27e6284a8a18f4aef + +LShift1 = -4c458482f2977d9384fcc50951431e95de +A = -2622c241794bbec9c27e6284a8a18f4aef + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbc +A = 4c458482f2977d9384fcc50951431e95de + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbc +A = -4c458482f2977d9384fcc50951431e95de + +LShift1 = 13116120bca5df64e13f31425450c7a577a +A = 988b0905e52efb2709f98a12a2863d2bbd + +LShift1 = -13116120bca5df64e13f31425450c7a577a +A = -988b0905e52efb2709f98a12a2863d2bbd + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef4 +A = 13116120bca5df64e13f31425450c7a577a + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef4 +A = -13116120bca5df64e13f31425450c7a577a + +LShift1 = 4c458482f2977d9384fcc50951431e95dea +A = 2622c241794bbec9c27e6284a8a18f4aef5 + +LShift1 = -4c458482f2977d9384fcc50951431e95dea +A = -2622c241794bbec9c27e6284a8a18f4aef5 + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6 +A = 4c458482f2977d9384fcc50951431e95deb + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6 +A = -4c458482f2977d9384fcc50951431e95deb + +LShift1 = 13116120bca5df64e13f31425450c7a577ac +A = 988b0905e52efb2709f98a12a2863d2bbd6 + +LShift1 = -13116120bca5df64e13f31425450c7a577ac +A = -988b0905e52efb2709f98a12a2863d2bbd6 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5a +A = 13116120bca5df64e13f31425450c7a577ad + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5a +A = -13116120bca5df64e13f31425450c7a577ad + +LShift1 = 4c458482f2977d9384fcc50951431e95deb4 +A = 2622c241794bbec9c27e6284a8a18f4aef5a + +LShift1 = -4c458482f2977d9384fcc50951431e95deb4 +A = -2622c241794bbec9c27e6284a8a18f4aef5a + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6a +A = 4c458482f2977d9384fcc50951431e95deb5 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6a +A = -4c458482f2977d9384fcc50951431e95deb5 + +LShift1 = 13116120bca5df64e13f31425450c7a577ad6 +A = 988b0905e52efb2709f98a12a2863d2bbd6b + +LShift1 = -13116120bca5df64e13f31425450c7a577ad6 +A = -988b0905e52efb2709f98a12a2863d2bbd6b + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5ae +A = 13116120bca5df64e13f31425450c7a577ad7 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5ae +A = -13116120bca5df64e13f31425450c7a577ad7 + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5e +A = 2622c241794bbec9c27e6284a8a18f4aef5af + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5e +A = -2622c241794bbec9c27e6284a8a18f4aef5af + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6be +A = 4c458482f2977d9384fcc50951431e95deb5f + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6be +A = -4c458482f2977d9384fcc50951431e95deb5f + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7e +A = 988b0905e52efb2709f98a12a2863d2bbd6bf + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7e +A = -988b0905e52efb2709f98a12a2863d2bbd6bf + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5afe +A = 13116120bca5df64e13f31425450c7a577ad7f + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5afe +A = -13116120bca5df64e13f31425450c7a577ad7f + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5fe +A = 2622c241794bbec9c27e6284a8a18f4aef5aff + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5fe +A = -2622c241794bbec9c27e6284a8a18f4aef5aff + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bfe +A = 4c458482f2977d9384fcc50951431e95deb5ff + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bfe +A = -4c458482f2977d9384fcc50951431e95deb5ff + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe +A = 988b0905e52efb2709f98a12a2863d2bbd6bff + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe +A = -988b0905e52efb2709f98a12a2863d2bbd6bff + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc +A = 13116120bca5df64e13f31425450c7a577ad7fe + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc +A = -13116120bca5df64e13f31425450c7a577ad7fe + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff8 +A = 2622c241794bbec9c27e6284a8a18f4aef5affc + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff8 +A = -2622c241794bbec9c27e6284a8a18f4aef5affc + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff0 +A = 4c458482f2977d9384fcc50951431e95deb5ff8 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff0 +A = -4c458482f2977d9384fcc50951431e95deb5ff8 + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0 +A = 988b0905e52efb2709f98a12a2863d2bbd6bff0 + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0 +A = -988b0905e52efb2709f98a12a2863d2bbd6bff0 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc0 +A = 13116120bca5df64e13f31425450c7a577ad7fe0 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc0 +A = -13116120bca5df64e13f31425450c7a577ad7fe0 + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff82 +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1 + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff82 +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1 + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06 +A = 4c458482f2977d9384fcc50951431e95deb5ff83 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06 +A = -4c458482f2977d9384fcc50951431e95deb5ff83 + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0c +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06 + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0c +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1a +A = 13116120bca5df64e13f31425450c7a577ad7fe0d + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1a +A = -13116120bca5df64e13f31425450c7a577ad7fe0d + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836 +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836 +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06c +A = 4c458482f2977d9384fcc50951431e95deb5ff836 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06c +A = -4c458482f2977d9384fcc50951431e95deb5ff836 + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0da +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06d + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0da +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06d + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b6 +A = 13116120bca5df64e13f31425450c7a577ad7fe0db + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b6 +A = -13116120bca5df64e13f31425450c7a577ad7fe0db + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836e +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7 + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836e +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7 + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06de +A = 4c458482f2977d9384fcc50951431e95deb5ff836f + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06de +A = -4c458482f2977d9384fcc50951431e95deb5ff836f + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbe +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbe +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7c +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbe + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7c +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbe + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fa +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7d + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fa +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7d + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6 +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6 +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbec +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6 + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbec +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7da +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7da +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb6 +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb6 +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb6 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb6 + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbed8 +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbed8 +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db0 +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed8 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db0 +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed8 + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb60 +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db0 + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb60 +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db0 + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c0 +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb60 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c0 +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb60 + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbed82 +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c1 + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbed82 +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c1 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db06 +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed83 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db06 +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed83 + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb60c +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db06 + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb60c +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db06 + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c18 +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb60c + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c18 +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb60c + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbed832 +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19 + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbed832 +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db066 +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833 + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db066 +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833 + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb60ce +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067 + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb60ce +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067 + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19e +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cf + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19e +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cf + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833e +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833e +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067c +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833e + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067c +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833e + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cfa +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067d + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cfa +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067d + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f6 +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cfb + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f6 +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cfb + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833ee +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7 + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833ee +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7 + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067de +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833ef + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067de +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833ef + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbe +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067df + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbe +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067df + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7e +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbf + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7e +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbf + +LShift1 = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833efe +A = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7f + +LShift1 = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833efe +A = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7f + +LShift1 = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067dfc +A = 13116120bca5df64e13f31425450c7a577ad7fe0dbed833efe + +LShift1 = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067dfc +A = -13116120bca5df64e13f31425450c7a577ad7fe0dbed833efe + +LShift1 = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbf8 +A = 2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067dfc + +LShift1 = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbf8 +A = -2622c241794bbec9c27e6284a8a18f4aef5affc1b7db067dfc + +LShift1 = 988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7f0 +A = 4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbf8 + +LShift1 = -988b0905e52efb2709f98a12a2863d2bbd6bff06df6c19f7f0 +A = -4c458482f2977d9384fcc50951431e95deb5ff836fb60cfbf8 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e0000000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c0000000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c8380000000000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b41386190700000000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e00000000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c00000000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c83800000000000000000000000 + +LShift1 = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000000 +A = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000000 + +LShift1 = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000000 +A = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b413861907000000000000000000000000 + +LShift1 = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000000 +A = 1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000000 + +LShift1 = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000000 +A = -1569d01c96acaadb32211d67966be2fa35d07b46768270c320e000000000000000000000000 + +LShift1 = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000000 +A = 2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000000 + +LShift1 = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000000 +A = -2ad3a0392d5955b664423acf2cd7c5f46ba0f68ced04e18641c000000000000000000000000 + +LShift1 = ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000000000 +A = 55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000000 + +LShift1 = -ab4e80e4b56556d99108eb3cb35f17d1ae83da33b4138619070000000000000000000000000 +A = -55a740725ab2ab6cc884759e59af8be8d741ed19da09c30c838000000000000000000000000 + + +# These test vectors satisfy A * 2^N = LShift. + +Title = LShift tests + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 6 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 7 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 8 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 9 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = a + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = b + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = c + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = d + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = e + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = f + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 10 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 11 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 12 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 13 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 14 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 15 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 16 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 17 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 18 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 19 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1a + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1b + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1c + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1d + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1e + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 1f + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 20 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 21 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 22 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 23 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 24 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 25 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 26 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 27 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 28 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 29 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2a + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2b + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2c + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2d + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2e + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 2f + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 30 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 31 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 32 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 33 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 34 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 35 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 36 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 37 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 38 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 39 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3a + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3b + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3c + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3d + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3e + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 3f + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 40 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 41 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 42 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 43 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 44 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 45 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 46 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 47 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 48 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 49 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4a + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4b + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4c + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4d + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4e + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 4f + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 50 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 51 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 52 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 53 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 54 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 55 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 56 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 57 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 58 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e00000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 59 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c00000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5a + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b27800000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5b + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5c + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5d + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5e + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b278000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 5f + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 60 + +LShift = 18c9e860855d594dcb06d00b7d1933608ba906d85fa2d92c9e0000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 61 + +LShift = 3193d0c10abab29b960da016fa3266c117520db0bf45b2593c0000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 62 + +LShift = 6327a182157565372c1b402df464cd822ea41b617e8b64b2780000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 63 + +LShift = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f00000000000000000000000000 +A = c64f43042aeaca6e5836805be8c99b045d4836c2fd16c964f0 +N = 64 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 6 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 7 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 8 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 9 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = a + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = b + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = c + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = d + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = e + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = f + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 10 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 11 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 12 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 13 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 14 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 15 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 16 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 17 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 18 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 19 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1a + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1b + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1c + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1d + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1e + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 1f + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 20 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 21 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 22 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 23 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 24 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 25 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 26 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 27 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 28 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 29 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2a + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2b + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2c + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2d + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2e + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 2f + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 30 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 31 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 32 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 33 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 34 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 35 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 36 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 37 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 38 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 39 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3a + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3b + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3c + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3d + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3e + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 3f + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 40 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 41 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 42 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 43 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 44 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 45 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 46 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 47 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 48 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 49 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4a + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4b + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4c + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4d + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4e + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 4f + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 50 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 51 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 52 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 53 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 54 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 55 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 56 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 57 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 58 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c0000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 59 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b2380000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5a + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f300551844764700000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5b + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e00000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5c + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c00000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5d + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b23800000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5e + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f3005518447647000000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 5f + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e000000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 60 + +LShift = 1d1cf8b5ccbae667bd05797fbaf9d4c1ff623cc01546111d91c000000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 61 + +LShift = 3a39f16b9975cccf7a0af2ff75f3a983fec479802a8c223b238000000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 62 + +LShift = 7473e2d732eb999ef415e5feebe75307fd88f30055184476470000000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 63 + +LShift = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e0000000000000000000000000 +A = e8e7c5ae65d7333de82bcbfdd7cea60ffb11e600aa3088ec8e +N = 64 + + +# These test vectors satisfy A / 2^N = RShift, rounding towards zero. + +Title = RShift tests + +Rshift = 0 +A = -1 +N = 1 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97b36380 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cbd9b1c0 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365ecd8e0 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c70 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97b3638 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cbd9b1c +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 6 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365ecd8e +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 7 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c7 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 8 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97b363 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 9 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cbd9b1 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = a + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365ecd8 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = b + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = c + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97b36 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = d + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cbd9b +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = e + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365ecd +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = f + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 10 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97b3 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 11 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cbd9 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 12 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365ec +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 13 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f6 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 14 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97b +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 15 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cbd +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 16 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365e +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 17 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 18 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd97 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 19 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66cb +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1a + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b365 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1b + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1c + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd9 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1d + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66c +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1e + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b36 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 1f + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 20 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596cd +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 21 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb66 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 22 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b3 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 23 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 24 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596c +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 25 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb6 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 26 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565b +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 27 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2d +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 28 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d596 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 29 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806acb +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2a + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403565 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2b + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab2 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2c + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d59 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2d + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806ac +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2e + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa5740356 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 2f + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01ab +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 30 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d5 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 31 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806a +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 32 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa574035 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 33 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01a +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 34 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00d +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 35 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae806 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 36 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57403 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 37 + +RShift = d9ce8dff4f2f39c216ea39a461080552ba01 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 38 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d00 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 39 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae80 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3a + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa5740 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3b + +RShift = d9ce8dff4f2f39c216ea39a461080552ba0 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3c + +RShift = 6ce746ffa7979ce10b751cd2308402a95d0 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3d + +RShift = 3673a37fd3cbce7085ba8e6918420154ae8 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3e + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa574 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 3f + +RShift = d9ce8dff4f2f39c216ea39a461080552ba +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 40 + +RShift = 6ce746ffa7979ce10b751cd2308402a95d +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 41 + +RShift = 3673a37fd3cbce7085ba8e6918420154ae +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 42 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa57 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 43 + +RShift = d9ce8dff4f2f39c216ea39a461080552b +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 44 + +RShift = 6ce746ffa7979ce10b751cd2308402a95 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 45 + +RShift = 3673a37fd3cbce7085ba8e6918420154a +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 46 + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa5 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 47 + +RShift = d9ce8dff4f2f39c216ea39a461080552 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 48 + +RShift = 6ce746ffa7979ce10b751cd2308402a9 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 49 + +RShift = 3673a37fd3cbce7085ba8e6918420154 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4a + +RShift = 1b39d1bfe9e5e73842dd47348c2100aa +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4b + +RShift = d9ce8dff4f2f39c216ea39a46108055 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4c + +RShift = 6ce746ffa7979ce10b751cd2308402a +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4d + +RShift = 3673a37fd3cbce7085ba8e691842015 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4e + +RShift = 1b39d1bfe9e5e73842dd47348c2100a +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 4f + +RShift = d9ce8dff4f2f39c216ea39a4610805 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 50 + +RShift = 6ce746ffa7979ce10b751cd2308402 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 51 + +RShift = 3673a37fd3cbce7085ba8e69184201 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 52 + +RShift = 1b39d1bfe9e5e73842dd47348c2100 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 53 + +RShift = d9ce8dff4f2f39c216ea39a461080 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 54 + +RShift = 6ce746ffa7979ce10b751cd230840 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 55 + +RShift = 3673a37fd3cbce7085ba8e6918420 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 56 + +RShift = 1b39d1bfe9e5e73842dd47348c210 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 57 + +RShift = d9ce8dff4f2f39c216ea39a46108 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 58 + +RShift = 6ce746ffa7979ce10b751cd23084 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 59 + +RShift = 3673a37fd3cbce7085ba8e691842 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5a + +RShift = 1b39d1bfe9e5e73842dd47348c21 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5b + +RShift = d9ce8dff4f2f39c216ea39a4610 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5c + +RShift = 6ce746ffa7979ce10b751cd2308 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5d + +RShift = 3673a37fd3cbce7085ba8e69184 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5e + +RShift = 1b39d1bfe9e5e73842dd47348c2 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 5f + +RShift = d9ce8dff4f2f39c216ea39a461 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 60 + +RShift = 6ce746ffa7979ce10b751cd230 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 61 + +RShift = 3673a37fd3cbce7085ba8e6918 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 62 + +RShift = 1b39d1bfe9e5e73842dd47348c +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 63 + +RShift = d9ce8dff4f2f39c216ea39a46 +A = d9ce8dff4f2f39c216ea39a461080552ba01ab2d9b2f66c701 +N = 64 diff --git a/deps/openssl/openssl/test/recipes/10-test_bn_data/bnsum.txt b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnsum.txt new file mode 100644 index 0000000000..2d90067de8 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/10-test_bn_data/bnsum.txt @@ -0,0 +1,2626 @@ +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# Sum tests. +# +# These test vectors satisfy A + B = Sum. + +Sum = 0 +A = 0 +B = 0 + +Sum = c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d +A = c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d +B = 0 + +Sum = -c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d +A = -c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d +B = 0 + +Sum = 0 +A = c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d +B = -c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d + +Sum = c590e57ee64fced3ca84d4bb013bba7d633e68b2ff4e27bf1db43f386dbfcce501f112b7fff6fb9436a576ccfccce12867becf02b91961453ea41f414764407d +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 23f85668bf4d0fa273d8c7f63c5fee57811062a674111e295a73a58e08dd0fd58eda1f473960559d5b96d1862164e96efded31f756df3f57c + +Sum = c590e57ee64fceccd54e0bdc52476a756d32e794922dca0acc780d2c6af8852351102b40dfb97009f95e019a5bf38e5d127aa78bc34425edf96f763084a8b09f +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4b5b16252ba2355e0b87f01baa721783c403607a4c1b5652c09a68e96926c8e314fa580bf0ad3f8f59bd70f14df86a4676661899b54c79a62 + +Sum = -c590e57ee64fcec882fef3ffd015a3fd9024d8f5f6d53eb537d6abdb0ff5e76a8fb08d5feed113fc9e74745d957adf32704a08339ba42efd5746c5d478e3f57b +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 908007a2f3c551c58958d1059427a0391d4d768f61cb802e4cb062c778354ea3eaa8f0dfbd14ca8203e07ae6d07269b58088a39f7608c5586 + +Sum = -c590e57ee64fceeb242f8a0893eaa0d2ccc3dc57ec40fe917cfde66618fba678ce0c8fffc566d4e8c7944d6443def8014fe8ee410a1b8dfd06cb0b436619e0dd +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1999301bd9877fe07ca711f308b2f1bc4a704fd194ec4dbc297355d6285340d6ad7e90cb0add1770aea19737a06750c3a7a6fa0b778ca995dc + +Sum = c590e57ee64fcef321395bba088ca0a867e1e85a1ea77478f8783e6a6cf8f3e582bff83cb2d7d9fd549fcbb40dea22ac140351007030059500bdca81413600e9 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 219639ed8afc21e052422fff0ae5583231ebca2999404b099628093e6540b1dbc20b9c495aa7229b5965b19a5fcd653b3fa0eccab567c5b5e8 + +Sum = c590e57ee64fce834a00cc6282cb0eef49eac7a8d5b51988cb49253ed85ae261c76f2327a691fc63eceab02614807048b2816cdb9b89ca66a17b6ed1abdab580 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4e40fea1cc899fb166dbc721a6639a28be4164ef92545307ed934796afcb9401d75c18d23352471709fbd049c50740ffeebe5590fa2d959581 + +Sum = -c590e57ee64fce1a17609c61ce02f1020c6eb6e241e3fdd01546ce7247725589de32db95f36718d410f9ce9a94fecc8fb205e876fde75ce83f4d01e1bd5d818d +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = b7739ed1cd3e67cf541943326cf76b4476f767465ee53b94c57c83de417ebee5673809b3bed1c8bac2fc4bce29a4e36d6d2083fdea1c12c974 + +Sum = -c590e57ee64fd03e2d08c3d8e5110d08e3d36557d82e0e49b408337a8c9d4298802ae5f0145a9587531a70d2f8af932b8262245428b5c549817d333f2dfaeeec +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -16ca20955a9d8a64cb2be217c089edecc02a75a1ea95fef584925742c18a234974c0a16ee7991e80bd8d4106db385eafaf421ac3373548aa3eb + +Sum = c590e57ee64fd1bcac71b5b055e5934ba15dd7f56370063369c36e57a6b753269e085d0f4d38bfb711d5579dd1d89d07f266e727b232a497d5b0d9bfbc02d8a5 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 2eb21724781497ad2f57babeea62a20c3ec5d1559867a0968d74351a337db12c17bc8d1d5446b1115b5441530870f67da4275dfd9f3e2928da4 + +Sum = c590e57ee64fc7860b0be6ce861bc2f099db7fb623912b7b0729c019a8183c669c73efe02b195483a4cd2c78244cd59678ac4d62f6887fe686a3eed37ed460ff +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -74b7ff38760864efd658bd6699915be16cc058454b78495ade8be42c9f7470ca9b7a43655e1427ab1bc35a5693dac424a6ed92d10f85a9bea02 + +Sum = -c590e57ee64fc3126776e79d9fca06233bd2ef5570a65e4521183627bdbdbc555e9118508cf63f519bc0caedbffd5b1a913ee8c3603804820a9ce54b1207bdef +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = bbf238886916ca0ba32e9def9f9c8a8e401eb95dea96ef02df9fc25a186e52fbee9ad42b76ba6ca2c381d12cddd4292c5d355341a80c7688d12 + +Sum = -c590e57ee64fe6dfd728dfbe45aee52380b5a00cf1e05e9f09ac582e2714bb589caf2ad038111c5b1b5573a45706ab1f6fd5d5a1ee7ef4a9bf186dca8a9ede12 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -180e4c29718f394424cd5b03b6bdb8911c57fcfe435cfa66d10941f870f8c5eb1e1fd251f14af03f23ccc1841f014bb42a545f476dfeb12e9311 + +Sum = c590e57ee65004b3e18a5820de4a6d25e7c3d310003e0b8716bbfd51d5f0f3e87fdf8e00599d713397255281e66ef419a9d9bb228e8f052764f5f861ccca656f +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 35e2568ae9f1d1dfaccfc211e9c0c6eec9400a0de880a94309992528d428e77772f84e21d0287fa76cc6fb880481ebc43ad20524f895f35a1a6e + +Sum = c590e57ee64f84896a5f11f575d34b6001f27d4b4d6e7cd9485260629f8f7f1c6ca6f6115b98d776774295dde4d59cdbbceccad097a0a054b501bfb47d81e85c +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4a4820a05c39969774f623bf6c03ebe0c56dc45bb46e8d1e6b32ee0fc3c6168d26c4d1c0ec7b81f1ea76f164ebd00b2a2a00aacf40175bee62a5 + +Sum = -c590e57ee64edf1b2b57b4cbb92d778ea6b9d9878a0374d4ea81691b09811b105bb6dbf23a57d89264f0e6c83f8d00fe00681644feed56e15fc81103ab9b7dd6 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = efb65fa7b963533d48c77ef80fc7af4bcd72222cabb6232ccf3efeffdde537ce25a8e4129b91273a8654ade9a05ba3dd73740008eec82dd4cd2b + +Sum = -c590e57ee650e25da7b60146e014f472bfff9809aa8f519db7943f69d9ad09ee75a3427c6127cce7bd27f224b9dec03111fb066956b4903f9f9740cce1aa4ba7 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1138c1cb69317d3aa341c9a4daeba71400f56aae62a98acff1f9f1aec88a4ef01ceac74246fcb531738de63a94fc8b3e9c5ea3fc64101083a00a6 + +Sum = c590e57ee653af8752322840ed720f628f9674c81073b58372e49ef26d4a2a9d46a0391bc170336614b27849de98709a4b321da4ddfb978e9f10df29154edb9f +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3e0b5c732ba11e1074f0c69e48b78d724733c66368a21409c404debe97f444f4a352acbaef5f077d0e9479ce067043b30cd393f3fdf5d3bde909e + +Sum = c590e57ee64bc13634cbd149aae35ee47bde6ea3663f74ff300cfdb2d845f902f017586c6d4f83f08c3b4f0c035055d13fc9d340b7b9ed164432aed44e8f4d7c +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -40d9b56339ce561876171a9d37aabd30fcd47dca1171e5467f14c6a9f616b04d67a4abcc8334d637731816e87e35feb10dd3f1b9e50f78ae0fd85 + +Sum = -c590e57ee6477eb692705f8da1357e71591336907a5e0a6e39715088d53b2610882765357563fd101bcf05ca545a0c718f52879fdf4f80cb9a12cf108eca60ed +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 8501af88f0ea16b3541e4cc9eb2bebef137d8d33cc4485772c43ed28f54a1fcc2012b2d347c8f126d7ae11eff2f00c37b4989c5be30bb4aa5ea14 + +Sum = -c590e57ee669b662e37f5abf13d00d2f0c1c9a8b99ec546361aad255f375bc2742a3487c351c5ba00efef09c77331577460a47c57125c620b643e9eaf36a146b +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -19e791587fec9007654cd8e66ab13c609d121c54fcbd84c6c7d1d7e7ec8ea4c2f65d64c5fb6e43106b8e2497b89124ce5afbcb5672ea1f19f9c96a + +Sum = c590e57ee681dcbf1554f22c0b1ffead917dd414299cb37ce6967ffec9c333931e70358729843c8130ac95aba47fa1fa5da74000eff25eecae176f093a4effca +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 320ded8a5583fcfeb53e576bcbeac4f04d7135d9e86b2d9d154943c3b97bafb75e3e45e7a913523db81aa7af5589604d2794974e466f3d60deb4c9 + +Sum = c590e57ee5e505ae4a2e1f25a1ae9b7b4d17dd2cccc09f2416d964e55af6d0d31fe259c160f87646a72e6732d5110256b3b35425225d622b81418435c9dd8cc4 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -6ac92340d14f096abc24dad89a0c226c8ea322f5d4afebd1b7197c3ad46016112d87f4a1d51b2691b684fbfa9e627b806d6829de8f7b960f92be3d + +Sum = -c590e57ee58c3ef1582bf7a516e36f92b60f5a587e2c8cb071d1d52ff215854e52de1519fd5204fa52292dfdc397d8d76b78005941358b63a3e6ca41b0eb09b7 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = c38fe032d37689f58750c36fa28ef6bb22b5969adc3fa13a98650107d8a4bd74d3f940f6da545ba32fae7b42d9b64761953ef1bbea358a2885414a + +Sum = -c590e57ee80262967da4038a143f8ff2e78646108f25ff7183444ba507d76f9b05a34c8310e682c05495d0863ceff264964dbfa7c064adf6d26d2dca6e22ab13 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1b293c4f2a4955b07d4cf9cc1d45cc155d6bd2a769636d3db29854baaec92ab9ec084850b924e2cd6286b11e7fc09071d99e3a1729c2dfe94b26012 + +Sum = c590e57ee85427f08e8c89ffebfcc05c73370ad4cb77696c2b2f3878e6f6df341d4d931b5097aba49f14ac0312e7da1c843d6fd08119822e75e6e7a8c7bcb7b0 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 204591f038d1bd0df9200064d852185922827251e8123a7ba48f4e4c296d943de71ad69561129a9ac2052c9d5ebb92fde4eb7d91615e7dcee4c6caf + +Sum = c590e57ee051ca1a363c47a4cc016c3de7f7e17985009b545528289e9fbc9086f4b42a73826eca0c278b0d1b4ef6d74b9a0bfcb7855d40fdb201fbad1074b927 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -5fe04b754c3268a406954183dba07d5b44ea6f2b785ec328cf159c866028f63efb7342f2178753e17d0b0071445b9e91d6d8957adcf041ec8fb91da + +Sum = -c590e57edcd6e9ef06fe33f3817ba3d0c50c8122b77615c4b8fa50c5514f113d7ba53ce057d487bcbc373c4384d07b29a527b7ef785ca609474879b42a9a4c3a +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 978e4e284013a3b8aef1c8560a5682c81d92c8253b3c40bdb5ed911df117cf71a51767e8ccc4615e1f70c290929feb12a6e244c18888617aed5fec7 + +Sum = -c590e57f0436bdceb586a093522eb1630e0fc08f8790957aba1875a42b7676f9ca936e8f6f3478d6ef5cd590bf6ded0700440dcd769496822af8015f0a6ba2b6 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1de6eefd2a87326445c3f10ce85dd7404e415333ad6a60d2fec88caa6fdcb4b7fd0e7a9ba659533758a665b451f2572cd3c9cc2ccb27019330fb57b5 + +Sum = c590e57f1df3f004d5e49f49fa28603b26659f1fd35e0d8d7a2753591dbc12c51e6b588427dbe3faba2f0c1f2f0a2aea9ba1fcb2fe71c6ff40555058d23c8661 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 37a421334ae5311aedbd9fe500b3b5d09a0ecb466d793e87f10e2875c3b49eacb5b5e5bf712b89c5c842a397ed5046125ba6fca9e084508cf8cc3b60 + +Sum = c590e57e9a4abf4572fa7c4c9f73e9d3fd1227646fd6d15b51924bd7a5d417b01fe6b4273eaa6ece387422b81c8116f29702d7d66d2f6e8c3454807b3b7d413c +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4c050f8c1804f1e26cf6d682289fc1eac97870ebbb1bc8f986d9d29f3ad005b0337b8f6d108f5fa14a467060174edeca359b5bc92b7c7f509df309c5 + +Sum = -c590e57e64216c306f17017ac9dd7085113e16c83168664dbb77c7ad3ddfc79b09f9ea0c474a0b497ca15e7fb258eed9666fd009f691a3b2d691c2c6b22ba3b3 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 822e62a11be86cb4428d4fd11473d28707e6dbf951364d23eece22b450bccfcb2adbf2f1cc6223d9b46e987947e1e696ac3926a2893f3d052744a74e + +Sum = -c590e5806ab4d09773c4f94a4aac09f6ed7609eec1d0bafecb09e30f032f706e9adadc191ff9e6d7dccc821f7a8666a590e521749d24912c5a5ffeff246f7c85 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1846501c5e8c58b1b3e4149a0c7c4209f888178b7be5bce3dd681861f40242241add3e89c93c8ffc613bedf52e2936ad3fa59c6d6fa8eff334aff3184 + +Sum = c590e58248cbf5dd61ec57994fc862ab479dc6cda51cc17356c45cef66bbfdd12f5cc421940a561581c123fb17483beb7a1cce2596fa9ca76e722a6f4621eae9 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3627c270bd6ece96a435da25521ebdd7e6bcd7f2c4a16481e3a0e1381d4a60a4a21e457da38bda1a1b080b498cbcb1784f42fd2520ea12aa36cb19fe8 + +Sum = c590e5771a85bdb1f26c0386ce837bec4b0af5656496efdf4f134d875f066dd6d477ca8f87ffb275da07da4dd1bed4232849a526836b47f2d69f2d53b6b3e2f1 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -7cbca111f98936aa83de74469daa6f3e9d4b85267bd9ac749cda77c78863eef47ea264bc56efba80b9508b32f8608117a1f5f82628931d27822bc6810 + +Sum = -c590e571c76afad23439f904e8a80fc28dcabb6cb732e361ed3eef471be6fa755e3fe746edbfe448c1f289ffed7dfc01fe9066d780564f57f93abbca9b9a995a +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = d1ee4d3ff56c5752a23c2b09397e72de2821c5ee51f6f258a10c6efd9fc76d290846619f28710f85979498b50afc14fc922747afd669644013dd5b1a7 + +Sum = -c590e598cd5d4a59ff5d6c97c6370fb517f1d492a7776f90063b0ddd6702e37c60fc78bb12857911cea37b7263584d7dc815676de6b8880200acea154b59b08b +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -19e70d7b88745dfe68b9cc4f5ef23feb436e282d48f98cf90c3a54f92d0645bee3a05f7ad6859ff918fc90c62b19c3b0cd43edbdaca0dbea4971e9658a + +Sum = c590e5b5829e6fceb77830fbe999a98127b50302fd0f6a86ea4aea27b846747a07e6fcf5457676e6446137d6bdd8ff4fb7ca747b650b066d65d7dc1e172488e7 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 369c4ea0fd2c78c2ccdd2ee92b020319b3c3c0283fdd9cd5568b988a2aad30431dd35078aafb5db57d571177fd0978bddac2403c180606dc523db43de6 + +Sum = c590e52a3ab5d5c458634254e2f672a322000750741e969d2f6cd12d172480ad1455300e3a0575b068b85d50b58f9737be13073188d0f03b71494bd0fd2fea16 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -54ab99f90d329c2bda29744db303b1e1fec530aba9dd4143a4158969a2466189c93820888ae04b2508b137f01af03eaf6f19f9da19ee87b3fadc4060eb + +Sum = -c590e4880579ef7241bde94e8c7847badc705f53828751f9975f0e66371d2ddff8740b143f32e88be8e686e2bf5a3ce03d864d7699a813b1777b9239af242c7d +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = f6e0d5df5f494184e07ff2789b494189fbb6c7f04d754f066af590bc6f6242aec332f315af601cfb76a76d4a7270cb692a0922b6a3e8556d922a4c1e84 + +Sum = -c590e6dbe54098694155509e38c61d503ab7e5237d2cdfc2b87fb57e3a8420fe37fe50a0dad4f0eae3d38fad6198e4ecaeae183a12078f53d09ac8099c715242 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -15cfef0c997b655e26f2c5b5cfa1505fbd443dd9d7babd1a0ad0dd636aedd4796c968aef2af9ad00d53fad15d9a005c61996f3cc4fe70c9c83dc3010741 + +Sum = c590e906254d013be2021ad591e76e26706a6815b8c484b6528fec65416e1066957002713e1183f1005f565983aad7aa031e549e6fc57094ca3e4383e7fdbc15 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3873efd326a5702aca6857cadd04ab87ec67f75426f45e1d79414c026173ab94899cbeb85b5b75bd4001ce3505754cc9dfdccfaa63f6a6d43b80e8d7114 + +Sum = c590e0e0079190d7afd80acd6326fe93cc00903318608df31ee4493d11271dac7291bd142cca0e5dd7dda59dabd460a69b7855d9c2acb5f062de76665e07cbd7 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -49edebe3df9db276361a943c1c259b1591c20eeb453edc9cb941b86cca2e824fcc3455befdd7125dcbbbaf326ac12d960c6e01e1464fcf289657b687f2a + +Sum = -c590d9ae456d66c1b132d844eb223867ba4560b36f53c42a616cf8cc657e6d252f813847fb9fc50127227684e5c0f5cd890eceb341d21e788e42f843e9b64080 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = bd0a0e2680fd9cc95ea214887ee6b6c889bc9fb7e1cab411c04c72f7d2a2b35818f7686393a21e10bd4810691852542e7ed60f8abdcd18e0787efba0a81 + +Sum = -c5910498291472fe1d0047d5bdd9e46deb3f26000e943fce8d83d700d9ae233ab3a28849bbb346803da142db6a471e9f79cd49571f40dbc46f7b727a4bb3016a +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1f1942c4a42c9200d9a6b16f2417c58d3cb0d544fd8780d5c22fad0038eb58ebce72498d4844f49dc082037f974ccb7b92b67c76116f0faa72ae7242b669 + +Sum = c59112d841ea109440e78563d9eefef201c81e86ae967083f8b7db80d1eaf58551d30519ca6dd79164fe69a29cf1ba22446cb2999f73292241005bf17b37528e +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 2d595b9a41c2b5e81734cd843e9bdc16353775472e3cec09c6afa53d0b35f71c4b425847d9561bfae749362a32cf961afbf8fca85ecce12f5c25a1c7078d + +Sum = c590671f890ca06c74ac6d2c4d75aabeaaa55312e85a5e1ea9cef0e08e154e2b090eaba869e9f6e4a47ae10b9c1eb0f6ae4fb3ef12b3121d96066c6c8e592b6e +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -7e5f5d432e6516530102bef515977b0c963c50f4e42862df23f09e989c2451a80e2f083c0756a488a14dcaa8d65c000202b19017b837c9ca935f4b171f93 + +Sum = -c58ff0ae92ab03072154949a7143d45278ef77a0ba71a785d5a370e0d30a9b4b4f7e96a395d13e6afeebbd717365d471ee56ba11c472a63c0532558104bedfc5 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = f4d053a4cbca69aad9949b26ec03acc271ae7edd9ac1370aa3f059a34f040b382333dc54bfd04a17c4e7f361b2e0bffafc8ede5824195a9eaa4ad4b16b3c + +Sum = -c5927a5fcc3b31abeca3998ad99c07626112288a6ad95b24929fed581040757fdce73881c48b02daf09986ea436a3f5ceb6833c31fa2e1691567601a26c7a6c9 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -194e0e5eb62da61a42b5bcd31470c3b603f3b318a18dd85f1d886e3928b3082307eaa5265049fa7960490dca2b80a3d167d227cd81713b596604e4d575bc8 + +Sum = c59395e94d495451e3fea153f3e4361a088004a7d5426c1b94aec44108ad6f5cecc3a80dda0cea9f51b882747258137e171bf021b4fc59f4dcf0106d4ba952fa +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 2b06a66f9858058ff3324e77975c3e2ce1b589bf329d48800af6fdbff850d920cee3667e6ec6408b5001b0b908c2b68ca398112318f9f7d1f10a1723907f9 + +Sum = c58bdb26c0fd6766f3affea389cbe7db25c06d5d56356d3d945347775bddf479ffc9e279e7d1ee88eddb239906749815ae4502fbbc6fe978a001ccdafd89cb10 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -50a582552676a974f6f8b829ed87afff17bf1e319d509785acd59d0cff5d55aecd75d8a540fb25b285ec06052ef3d000cb3a4e65ae0dcbfcf32f0dbe67ff1 + +Sum = -c581afe9b7ae86d4b7053f19649beea6cb935799a553f035f9b9a7fba6d5559e4ecdcd1637c73c8052c6cc52ee1c28d1e5aed9db7261b7356afd6e3dbc213684 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = f35952ea147fcd3fa2f15a7ced1af5a1e91b593fb521112f46cd585d894b10be8ecc13a5ec1baf63cb60678ab5e80c8a2dcc53069131ff4d3918e1d4f147d + +Sum = -c5a19f36a65a6a8d52a53a63f99a1b957d6e376b7010ad14695d78d67b0d7c86881006188bd27bbf205c8c9c200dc8f5c08ab6b97dcd512f6cb93ed9a361ff9f +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -10b9b7c00a9bbbc7a5cc34ed2f5b3f57bc4e1c36c16acd5caf64054e5f92372d594c4119ac7d83d7590a42b94641a312390018db0286da0ce83f0dc9f1b49e + +Sum = c5cd0e5da24b67a894402b0eee5dd586ab70e5beb0693e263a54995193663a9b770141379c1f097a49d1a889bbf0c348c6f40ed50bd7bdc11a7869c6106c6d80 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3c28debbfb98d70940bcdfe1f3153085befc6f7719fbdf2da6848066b8504c1c4a876029f90b3f00ce263055293bf618a25834690cf36bbaa769fa36fc227f + +Sum = c54e2c560a00226701b76cf03d5de27a8c69b38a6b85dad9f7c903d2e87f9a7d247522e72491460f6a529e5ca2aaaf690cb238b873ffb49d9fb0ecacfedd4e90 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -42b928dc4fac6a8948013ecf0cdddb994835c4cdc9676d14e510fe442e4fd2364196f04d94b82bdeb0e3fcc41cd7e9a19f7de82ecb15b7c020131eda92fc71 + +Sum = -c4bfb037f6e6e861efb090ee610c33e7568790259f747dc6e55d442aadd68c0cc93c7617f83980e8813c0fb7dd28c8aaca6ad8fdde5d2bfec9ae096faa9ef54e +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = d13546ef68e66f9b4edd40ab5e8c6ecf2a592999dac4802750d0a67ed75e42917a43bf79ec7d52c7c772a1899ebea7e3e6dda2c46d9e569622f65c2ed155b3 + +Sum = -c6aa2af8c9ae8be4aada83f66b7f31a8bce5e92c67d8938424a1405903e5502bffc4ee1e333da4bcfd0cb383b19a566372f877a8344b66dbceabc9786dd0e4f2 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1194579e35ebd131fdb15c75f1471529733ffdd2e89513d17f32b87d73765dca50e3446c117a681b409312a4ad2cf10c4a6c10791809c866edac9ac946099f1 + +Sum = c8aff66c9bdaa49eafac0f65d3ddff223b7a5471f7400431ca3a54615d600fc4a163f8fb648bddb5fd6915db1991611805040e0f86f152c8fd3333ef70d632e4 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 31f10edb58ad5cd24aca136c7733ecc15c86b22bdf0c1eabd8c3f9030b2257546ad3f23f265df7ab4659381b2c9d9c556b2576ee42688739d6234239765e7e3 + +Sum = be1b6eb768e2cef388eebe31f9b21e51b38b351cc8175eba06d49eef04c2936f32167174dcb82297fd4180d0afb5da2c455d158c7a5bf01bdef8c295a4f20390 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -77576c77d6cffde0210affd12b8a2047226b4327137e38d05d975e227eb56e028a04862956ddba34bc20188b711ad2668f4a114286eda3980d83d36347e4771 + +Sum = -ba32fca1d5cc5f31ecaf5407f376d3aef9f4abc04fd4c6893721d3e50e9141abf356eb2ff6f7a4f9b42983148670d2918e1dff7aa7ae33a6e9dadcb708b4f9dc +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = b5de8dd10836f9f9e501a2718f3eca72bbd3d8ee97a7bbdd58c40ec1e1ca8a3675fcea77b2e594194d9ff44e056b4c12033b725fb1c96ae75f62314d0bb5125 + +Sum = -e388afbf17c495f86aa7298a45f848eb57e5baaee42b1f7de8c2311bfbb8f74549712c05fd3bd11ab8874fb55abb22a37ba3512e733ecd5c472842e8e6f7b179 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1df7ca403174c726dfa7bb5b398d88953233d15faadbdd36dc141c4acf0b0cf5eeba722e8b15d2df6f83cd5bf3f39b50cd519a8dd0740306e757431d0d876678 + +Sum = e891babe65ee02c02e7e876c0df3dc3bb37491008f3642ca7affe2d623fa82a6d5a9e5400944a374ab70fbb8f952dad0c8b27c77475b0dfec7b0694051dcd1f4 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 2300d53f7f9e33eea37f193d01891be58dc2a7b155e700836e51ce04f74c98577af32b68971ea539626d795f928b537e1a60c5d6a49043a967df6974786c86f3 + +Sum = 4dfc2f63d60f83fb1d397d2406b02a3b25c1a57c09c2fe02c76696b7c956e44facdef11470074d8fd8220c7bf8e647ba873fe9c3f9e77d6aae7b5fb64f1cf566 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -7794b61b10404ad66dc5f10b05ba961afff043d32f8c444445477e19635705ffadd7c8c3021eb0ab70e175dd6de13f982711ccdca8e34ceab155a0158a53559b + +Sum = -3c19bedc60e7d7dc3daaa36795e453d810c952dd5185fcdc857e2be806e520068dbedb91c4a1131b9eb6dcdfd500045209514e3e9f6e6df41d2ec67fba20e10a +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 897726a28567f6f54d54cac776866c7e14e89671e7c9456a872fe8e925c8ca48ccf7de45ad84eb1faa4ca57991c78300a5006862035c5c6142a2394c1f4f69f7 + +Sum = -28c2bddfeffbdbdb1ec6f06aa310d1bb6f0c4b88d0106a1b381ae6fe8f65c18bd9895fcba6931ecf06d9dab6c7a3ac9e00361bf165f16bd16af25230d040cd842 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1c69af880196deee0616f987b24a25b60cb12cf3dc7b75f6c75005b17c9ae2e6e3ddf42e2f70beeb5249a29131373428d55100875bc4bf2c14f5423412a9c8d41 + +Sum = 372ea360832e30b16a3c30a2157c8bddc4408ce0428169deb09bf68113e4b8482d887de1a7cfc80272e597c3f3f104e6825a1fd2a68b41cbc307caaae17d453e6 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 2ad5950894c933c4518c39bf24b5dfd861e56e4b4eec75ba3fd115340119d9a337dd124430ad681ebe555f9e5d848c71577504689c5e95266d0abaae23e6408e5 + +Sum = -5b29f4991cad86845a50949f25ad6cd7c883d71ceec9795cc528f58a4a4aef9dc139e8e87cb82071e112b2d256181eaad0a98fa36b25b67dc673608939b48e08a +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -678302f10b12837173008b82167418dd2adef5b1e25e6d8135f3d6d75d15ce42b6e55485f3da805595a2eaf7ec84971ffb8eab0d755263231c707085f74b92b8b + +Sum = 98b37ecc0b42a15f52c8fc8bc2aba294031bc2dfa37dcba0fdf1f5f5da00b8b3daece033b47bf254e8b5e201bae24995034673800d53213f6ee0796be1ca93845 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = a50c8d23f9a79e4c6b78f36eb3724e996576e1749712bfc56ebcd742eccb9758d0984bd12b9e52389d461a27514ec20a2e2b8eea177fcde4c4dd89689f6198346 + +Sum = -1c15985f3ee941d7ab6bedad88143cf497681424e7456fe30eafbdedfcdf1e927db124c775b87f36cefff17a35972ac40d498c4be818883bfc206f44c5e5eec23b +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1b500779c002f208d9e0ee3f5907d2344142623b980c20a0c7a30fd92bb270a82e566e0d9e46593893b6edf7dc30633cba9b3a954775bd71a6c09e44fa0c7e773a + +Sum = 34ab71257e63b234258027e26bd35dfa5e07f67385b6772c5ed445438478bef5a835e87c9de413e23839849a71f5af99a67427098b682bfb6becb66d20eaecb2e7 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 33e5e03fff7d626553f528743cc6f33a07e2448a367d27ea17c7972eb34c110b58db31c2c671ede3fcf08118188ee81253c5d552eac56131168ce56d55117c67e6 + +Sum = -44f9508e3430f93d4e2c8be1b856f46c01d6940e1bfda8515c747a1a95239547322999e500e718ec98ed211ae04ffc76b0e6f2364ce9d913ffb80397f24ee8d64e +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -45bee173b317490c1fb78b4fe7635f2c57fc45f76b36f793a381282f665043318184509ed8593eead436249d39b6c3fe039543eced8ca3de5517d497be2859214f + +Sum = bea59d2cb0bf556876d4f8a248339af69644a12d3dc1d9a3d83929929b8db5aa26289bd06e2488a96820ea8f59168cc82f19b5dfaab20d245495d6e24bfb260a3a +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = bf6b2e122fa5a537485ff810774005b6ec6a53168cfb28e61f45d7a76cba63947583528a4596aea7a369ee11b27d544f81c807964b54d7eea9f5a7e217d496553b + +Sum = -166abef6a1682bef78d4c5905a833b81a03c0bf0f3735973bf7f02181a8ce5c7f125f41fcbb10c7f5905e492fc3f6b172f23d041620f8a7ac6f76e0c8a53d3cb5e8 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -165e65e84979c6f28bbc1599779274d59ad9b0d25e7fc47f9b0e3736cd7a1ae94c3048b42e39ea1f7551545ad6a8fe9eb9f8eb25f8055dce21a170fc8d963cc6ae7 + +Sum = 3245e002843eb7116b987b5cf9160e6891a74a6843039f8517fbda68b0e6ad87fd0aa836a2b6aacabcd67d45d327e6cab43ef569f488354e22f4553eed09e83d601 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 323986f42c5052147e7fcb66162547bc8c44ef49ae100a90f38b0f8763d3e2a95814fccb053f886ad921ed0dad917a523f14104e8a7e08a17d9e582ef04c5138b00 + +Sum = -464684d68716498baaa3744d20c112a854e148e6d004e4142c79f4e25a36c0acbff72c047925377f377ad690c63fd21a3f05911d11fb8bb79bec4ea68fef9f1d575 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4652dde4df04ae8897bc244403b1d9545a43a40564f8790850eabfc3a7498b8b64ecd770169c59df1b2f66c8ebd63e92b43076387c05b86441424bb68cad3622076 + +Sum = bb90e9e393538df233d499955020b8f3c9789b1f18fd5ba31cdcca6afe24842166e6cbf1985f7f9e002335be46de06ce11ffbf6dbfe743642cdeefca1a856219fe4 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = bb9d42f1eb41f2ef20ed498c33117f9fcedaf63dadf0f097414d954c4b374f000bdc775d35d6a1fde3d7c5f66c747346872aa48929f17010d234ecda1742f91eae5 + +Sum = -1804d154182f4b71cab3529447ced41ac310a1d14121847816c74171759998b707db0f1f3a9d6f6e01a2de48ec83a45e5dc7d0ac9133c8e00ec41814e3d2818834f4 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -18040bc332b06521fbe1c794d99fc7b002ba7c1f57d24b28d48034c360c86c091d8bb46880c5fd48036795456a2a3d96d675225ada932615446eb843e406a817e9f3 + +Sum = 3b75f0b892eb00075eb21961cc018a2d297764bf560cede3290cab6682a56931b831380b72a9afc3dff88f042ed5bd5d8468d8a1e267b36e508c09ccac2a565936e0 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3b752b27ad6c19b78fe08e625dd27dc269213f0d6cbdb493e6c59eb86dd43c83cde1dd54b8d23d9de1bd4600ac7c5695fd162a502bc710a38636a9fbac5e7ce8ebdf + +Sum = -4b4bf674436c9b1079c2b24cdda19247d0db44061c562ab6f5300eac53556fbe758151824b6bc6bb63a958895fd7c4205cde5484a9fcbbe787fe38c3d36f4549dc23 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4b4cbc0528eb816048943d4c4bd09eb2913169b805a5640637771b5a68269c6c5fd0ac39054338e161e4a18ce2312ae7e43102d6609d5eb252539894d33b1eba2724 + +Sum = dd8af6a278a84889cab2d444efb282a7259a608117db26583287f051bca1b70c21f8c3d95b2f4e0b7d25b6966771a5c41414c386bf4491ef7b055b07455c12b5d8d5 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = dd8bbc335e272ed999845f445de18f11e5f08633012a5fa774cefcffd172e3ba0c481e901506c0317b60ff99e9cb0c8b9b6771d875e534ba455abad84527ec2623d6 + +Sum = -16cac44109b24fd5d47dfb5994caecbbd534ee11178aaea4a100d9e63bb2c5ecdcafce1e2080eafdda00d26c29e01980166d8db67800e33027f5260d154efe1a98973 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -16cab7e7fb5a6170d790e2a99de7fbf5292f8bb5f8f5bb0facdc691b5a65b321fe0ad872b4e373db7a1d1ddbf1ba83139df862d15c96d9037b4fd0100552408393e72 + +Sum = 22db04aa783edd3e1a55d263262805f2892c013f78ebb86239f2e5981090158f57bdf3bb171c2e0c1c7bf9bc88ab62683581f8b02c5bec8f631bb24ade9be235108bb +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 22daf85169e6eed91d68b9b32f45152bdd269ee45a56c4cd45ce74cd2f4302c47918fe0fab7eb6e9bc98452c5085cbfbbd0ccdcb10f1e262b6765c4dce9f249e0bdba + +Sum = -4c8c0b74eb7a79a12ecaecf885b9672ac717b1c8db5ad251f1551ce80af89acf3a495066c85a96e6430be8e5888ab1ef3edd5e76645b5914ab55d221c34d07f8d5ce0 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4c8c17cdf9d268062bb805a87c9c57f1731d1423f9efc5e6e5798db2ec45ad9a18ee461233f80e08a2ef9d75c0b0485bb752895b7fc5634157fb281ed349c58fda7e1 + +Sum = e3718adf0c2546c8cceb0e8c7d909deaa50b50f51d7b80f8040763eafbf581c017e7e12325b258503fe651ffa4c3d3ff9200515d816dfa3ba372dc937480d121ef056 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = e37197381a7d352dc9d8273c74738eb15110b3503c10748cf82bd4b5dd42948af68cd6ce914fcf729fca068fdce96a6c0a757c429cd8046850183290847d8eb8f3b57 + +Sum = -18dd84a4e54a29c1b3106ef2f2d92be21ba64d2e26b3f4c2ea68685557d01a07f9229365c6d109205fa116fee59cf385cdd61b7fa5de8de751f02f1dc0eeb304babb4e +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -18dd83df5464aadb63419d67f36afcd5b0e5f70874caa5899b262148a9bb48db4b38440b101731ae39a2dbb5e21a9a1f064ec8d15427ed448725d9bdefeee72b4a704d + +Sum = 3ce64e7953aff0e057cdd6c17499461666f5bf8dc3a929ba7ba919486c1631c25c0e142584470d3f759157c045f9f488502a76024b6b7b2bf84c0adcce8dd7c6d6898f +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3ce64db3c2ca71fa07ff0536752b1709fc35696811bfda812c66d23bbe016095ae23c4cacd8d35cd4f931c7742779b2188a32353f9b4da892d81b57cfd8e0bed663e8e + +Sum = -6a392e555c2ae89dd73f86e11fd98d1d59ed03072a0dd61add633b317d5638d67984a55e51f01a2db94ad6eb6488fa80cf4f25a32d436886599c33b5287a9525f41a4a +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -6a392f1aed106784270e586c1f47bc29c4ad592cdbf725542ca5823e2b6b0a03276ef4b908a9f19fdf491234680b53e796d678517efa092924668914f97a60ff64654b + +Sum = 8202089b883a5e77457036254c2a73aaf32f03eb1e61fae428926028b499b7d0a4f4e5256094f34bc2478f0595aa01aa79b5d36d7f30136d3af2be93b70552fc6e988e +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 82020961191fdd5d953f07b04b98a2b75def5a10d04b4a1d77d4a73562ae88fd52df3480174ecabde845ca4e992c5b11413d261bd0e6b41005bd13f388051ed5dee38f + +Sum = -13a2e13d675e3fa89489c870cda617ae92ccb7d2f6b6405eafcad9c89a682b63364c333476adf0322febffad973f3dbddb7cbaa41a64b1ea24dcb2bc2196a0af42eac3f +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -13a2e1310e4fe7ba2f8cdb581daf34bdcc20b2709b97ab6b1ad6b557cf86de506b6d8e3ecb4252bb0d8c1bf9070718276f044579354947dff8300d662486a3f1abe613e + +Sum = 2bf9f45c817a8f5c589a208c57c30b52866e75a9b6ee0fb7c3f0c7ec3761f2c114858241a189e331aa9ab440132dc8f5ab7dac0891a69d5573dbe42fda019d30610f07b +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 2bf9f450286c376df39d3373a7cc2861bfc270475bcf7ac42efca37b6c80a5ae49a6dd4bf61e45ba883ad08b82f5a35f3f0536ddac8b334b472f3ed9dcf1a072ca0a57a + +Sum = -40557025ab86f90705fc86e3ab3d8494255bee490822e27c5551037f36f9ca834fd33c11a1a162357cb21eb83254c4da56b9f8f54aca29b95283ac03732a849258e7c41 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -40557032049550f56af973fc5b346784ec07f3ab6341776fea4527f001db17961ab1e1074d0cffac9f12026cc28cea70c3326e202fe593c37f305159703a814fefec742 + +Sum = d2985750cb9579d3f5dc3db7d2229f06e2a0d57d195819b3646f84c08eafc093def93748aaedf1f430eedb90c1694d894339caa4141ef5f07708e1a3607c5793df599b5 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = d298575d24a3d1c25ad92ad0821981f7a94cdadf7476aea6f963a93159910da6a9d7dc3e56598f6b534ebf4551a1731fafb23fcef93a5ffaa3b586f95d8c5451765e4b6 + +Sum = -13a024fb88eba47aea55fb69680479058efda97b81fb1e6e7cfe520e8dd8ad12deffb69662852f9a94f3b029a37befc620d792a8589660e2ebc7d6e1bc8c0c8f35ac1216 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -13a024fac35abefc04062c97dd050ad68292e9255c49351f43af0fc7812a9841b251cc4707ce75c322cdb1ee5a786d6cba100b55aa44aa4248fd0c8c5cbb0cc35c3bc715 + +Sum = 22701a8dfb82a2ddc8a5485b05362205a549bcdd24bbd660f2041a6672732824bbcac4ff58605ccf1d8ee066204a4a639828c41b722fb4a1e6c9bc3f82a89d85fd042f85 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 22701a8d35f1bd5ee25579897a36b3d698defc86ff09ed11b8b4d81f65c513538f1cdaaffda9a2f7ab68e22ad746c80a31613cc8c3ddfe0143fef1ea22d79dba2393e484 + +Sum = -4f73fdc6540686b350c859bdbe8f22340786ddb04b7ddb8858d33ce8931bcf660269129607f77dbc1db38d8186d8bae7ebb4ec8716c6eb26342ec8290d8d8988b1f5fb0d +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4f73fdc719976c323718288f498e906313f19e06712fc4d792227f2f9fc9e4372f16fce562ae37938fd98bbccfdc3d41527c73d9c518a1c6d6f9927e6d5e89548b66460e + +Sum = dcbcb3df6508052fd0d1cfb0a6088fe978227066c58317cc359f508bce9f45987ce3152022e19ef068b0381ce7d781ae3e7c04243541744c9f374a3f28dbd746acd3b9fa +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = dcbcb3e02a98eaaeb7219e823107fe18848d30bceb35011b6eee92d2db4d5a69a990ff6f7d9858c7dad6365830db0407a5438b76e3932aed4202149488acd712864404fb + +Sum = -163f4ba6595207387ef0956796ac29e3c6862b5344abdce3db4ff7e960b7727fa0a2870dbbe17bd8c446000b3074c1145368d4b84b39029110f915b61916fc29555d7d800 +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -163f4ba64cf8f8e0908b987a7dfc3300d5bf7f4de250be4ee7bb03c4efec91328dd7a868c636103b4d23a0277be488eebcfc5c432053e72706cc6910c319ec2c97c678cff + +Sum = 3588d982604f471ff0ff784942bd43d85cad820864e0b9ee80cc9a9e3807d2739eb58d447830f73fc8cadc88d864f98577e43adf5150b2eb104e75939caa7de02419b6575 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 3588d98253f638c8029a7b5c2a0d4cf56be6d60302859b598d37a679c73cf1268beaae9f82858ba251a87ca523d4c15fe177c26a266b97810621c8ee46ad6de36682b1a74 + +Sum = -4d51ba5f184e5d20b30f8e41d663d14dbe4f692f1a0749789c02290af4c889268c319fad8b9b7c9cc71e8d9878039931447fd6ede967c5c82c1915631f3237aaacf4a1763 +A = c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -4d51ba5f24a76b78a1748b2eef13c830af1615347c62680d8f971d2f65936a739efc7e528146e83a3e40ed7c2c93d156daec4f63144ce1323645c208752f47a76a8ba6264 + +Sum = 9d7a5610dcfc50699e6bc065584fed73fddbd58dfbefe377eaacc024e33e6b4fd361fac0844489fdf13efd8dca7fae0747603f4b26bb2a9bab9de5241a3af4a935ac940aa +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = 9d7a5610e9555ec18cd0bd5270ffe456eea281935e4b020cde41b44954094c9ce62cd96579eff59b68615d717f0fe62cddccb7c051a04605b5ca91c9703804a5f34398bab + +Sum = -1258b397182002c966f064c2cdadb06910e2042d0f51b4af494338c12b6efff052fe564a00e581c5aac0ea79fd8a1ff68ed92b7f74baabb03a51337d4b9b01a2f64ac803cd +A = -c590e57ee64fced18aff6e2f0c6ac05625b1e94f394f42470cae14d12cadea4f5ab6b9d77225fe3b4903825966c78752ae51b6a0a2caca555fd0ffcbd9704b01 +B = -1258b397175a71e3e80a14f3fc22b0fae1d5996cb92c02c5fa09e97ee46251db81d1a85fb18acb0bd34ec47bc2411c74357263f8220c59f999ae68b2f63b30a32a7157b8cc + +Sum = a1eea50170df6807aef40929a52c097081e1755b575a49548ee5868281973a141920234cd0176d64f84a5874dc417cdc8a5c338cb54bca390538e1014d638b51 +A = a1eea50170df6807aef40929a52c097081e1755b575a49548ee5868281973a141920234cd0176d64f84a5874dc417cdc8a5c338cb54bca390538e1014d638b50 +B = 1 + +Sum = c7c26d68246f16d9d9996fe67616d2fd48809916e8121a5ef95b17bb9b8333d84e2416bf2a5eb3b686c936b9722e0a92a376f357aea7719610e864d9e2a5a677 +A = c7c26d68246f16d9d9996fe67616d2fd48809916e8121a5ef95b17bb9b8333d84e2416bf2a5eb3b686c936b9722e0a92a376f357aea7719610e864d9e2a5a676 +B = 1 + +Sum = 80d5de21acc1eb10fff4e534d23b5cd39e1eebc3d7f03aea438bb6e5237ced9955bf86898e93c74565c9a197e3ed2ff8edd3acc41ecef97c4fcfd52e1cdbb07e +A = 80d5de21acc1eb10fff4e534d23b5cd39e1eebc3d7f03aea438bb6e5237ced9955bf86898e93c74565c9a197e3ed2ff8edd3acc41ecef97c4fcfd52e1cdbb07c +B = 2 + +Sum = e020b9bd8d194468f8b563c8f586f6959533be8507bd4d3d7e494ef3733007c062caaa65da5c51b52f18cec4894966352f948517ee92d5f9b5ed00f020b1d1dd +A = e020b9bd8d194468f8b563c8f586f6959533be8507bd4d3d7e494ef3733007c062caaa65da5c51b52f18cec4894966352f948517ee92d5f9b5ed00f020b1d1d8 +B = 5 + +Sum = dad6af803cf2f40e75cbb564e8229c0d25465930d2ceea73715682c26d582148a943c1c767ac5167c0425975ff75a66eec5ad418ded078569dea2f77359c1cf8 +A = dad6af803cf2f40e75cbb564e8229c0d25465930d2ceea73715682c26d582148a943c1c767ac5167c0425975ff75a66eec5ad418ded078569dea2f77359c1cfc +B = -4 + +Sum = de90e3172430754f80e116cc8c848bee88c8e31810c6ef0ded5b05bbef6d5b81f9bf6593622ebfcb2b41be2e87d62ab7fd566763b74428275a16d1da482e5f76 +A = de90e3172430754f80e116cc8c848bee88c8e31810c6ef0ded5b05bbef6d5b81f9bf6593622ebfcb2b41be2e87d62ab7fd566763b74428275a16d1da482e5f7b +B = -5 + +Sum = c153ce69e35411c7f1e52809773ce03ce8d2af10b5c7aa3f4c9354de5ca044b7ef25089f1e96bd14d6c62c88b3c39951df19c73751ba25dc758534adba7faddc +A = c153ce69e35411c7f1e52809773ce03ce8d2af10b5c7aa3f4c9354de5ca044b7ef25089f1e96bd14d6c62c88b3c39951df19c73751ba25dc758534adba7fade2 +B = -6 + +Sum = f0c843f86e227571d67cfc34ac00d0e6f87f4cbd3273af68562657ae5ca82ddf5fd63476d56d5cccf62dd93f8320c0ba88658493dde282abc22bd09a01f6f2be +A = f0c843f86e227571d67cfc34ac00d0e6f87f4cbd3273af68562657ae5ca82ddf5fd63476d56d5cccf62dd93f8320c0ba88658493dde282abc22bd09a01f6f2c5 +B = -7 + +Sum = c5ba28844b8947aa0c2933f06aa88f0b34e0e10ca9baf1cc3bd5ff2dc0590e3ac5a2f2d3a1408009e1b35e08426bdda001adf93e872b03f4f6df28d34a3355e5 +A = c5ba28844b8947aa0c2933f06aa88f0b34e0e10ca9baf1cc3bd5ff2dc0590e3ac5a2f2d3a1408009e1b35e08426bdda001adf93e872b03f4f6df28d34a3355ed +B = -8 + +Sum = 84da246c2485e335d1f3b7e31c2408365f2afe7bff7b596440281c1618bbc8bf7a3896ece480fac4a29070539a95f1d718c151ffbfafbb82629bef9d2afbaaf7 +A = 84da246c2485e335d1f3b7e31c2408365f2afe7bff7b596440281c1618bbc8bf7a3896ece480fac4a29070539a95f1d718c151ffbfafbb82629bef9d2afba900 +B = 1f7 + +Sum = 9673d93165b5be256689ba4e750243537f85bc28daac7f65338074081f114b3a83871683c89fae3c87d44da053557aa16dd074b1bdc16c02a74c5b495f875449 +A = 9673d93165b5be256689ba4e750243537f85bc28daac7f65338074081f114b3a83871683c89fae3c87d44da053557aa16dd074b1bdc16c02a74c5b495f875453 +B = -a + +Sum = fce022b2dd492a96f8b095712803f318a45a9a8f00a48dec06accaf793e54e59daa14c56c2fce011e30e6394937f7bd6fa6afa1b6dc3b5359ec7bb4f757c5d89 +A = fce022b2dd492a96f8b095712803f318a45a9a8f00a48dec06accaf793e54e59daa14c56c2fce011e30e6394937f7bd6fa6afa1b6dc3b5359ec7bb4f757c5594 +B = 7f5 + +Sum = f04028fafffb1aee499812d12f9fcbb23e6a872b3f69fe7a7a246d8f98ba2aa954f78506b39c023397855ead87854412c881fdd16267c07ee12f085b055c7c71 +A = f04028fafffb1aee499812d12f9fcbb23e6a872b3f69fe7a7a246d8f98ba2aa954f78506b39c023397855ead87854412c881fdd16267c07ee12f085b055c6c7d +B = ff4 + +Sum = 9c008016815a6580728b3f690eddc7695fed44171557df8a4a6e8c0d5e7c3296832b4ba9ee4a4cd7e6a8ef23cf8c64fcd0518664289c4e72105b404cd6c0ab6d +A = 9c008016815a6580728b3f690eddc7695fed44171557df8a4a6e8c0d5e7c3296832b4ba9ee4a4cd7e6a8ef23cf8c64fcd0518664289c4e72105b404cd6c0ab7a +B = -d + +Sum = c12bf7e503d2c5845c60886ad5ef87d24e002498003b44922e462f36592a52c878123a6d1037896ce9fb7d2c680d008e80009da72c8e1415e957b2fefb52c34b +A = c12bf7e503d2c5845c60886ad5ef87d24e002498003b44922e462f36592a52c878123a6d1037896ce9fb7d2c680d008e80009da72c8e1415e957b2fefb52c359 +B = -e + +Sum = febba964e2548ed1474dac7c1eb9b1cd169ac913530b7fb358d67197517266707e5a176a814ec82cf8945214b30c36ca7ac0b1ade1848573e72d408dbede8f53 +A = febba964e2548ed1474dac7c1eb9b1cd169ac913530b7fb358d67197517266707e5a176a814ec82cf8945214b30c36ca7ac0b1ade1848573e72d408dbede8f62 +B = -f + +Sum = 8a3f9eeb76e96f13446c593fe2cabd4215e0debc54025df7791d924d8afc08dc8f607b82a3d07d75897bfeee0c42b9a32e0e77a098c1cce9c001aabe0481996d +A = 8a3f9eeb76e96f13446c593fe2cabd4215e0debc54025df7791d924d8afc08dc8f607b82a3d07d75897bfeee0c42b9a32e0e77a098c1cce9c001aabe0481997d +B = -10 + +Sum = be825a00c3c6b192d04863b0719ee1e687dbbf2cfc0c331c00b8b947c17fecb7700c9e534bbc49bd61978754ffae1e57d80aab34f5fd23a267e10a4b5a13a9d8 +A = be825a00c3c6b192d04863b0719ee1e687dbbf2cfc0c331c00b8b947c17fecb7700c9e534bbc49bd61978754ffae1e57d80aab34f5fd23a267e10a4b5a11a9e9 +B = 1ffef + +Sum = d1c861822ba0e93be81fc78a2628756480146225c79b4a389588a9c3bff9a7500660e99c28807d9ae7bf8c1e89e81d4f9ff2f72d35ea6b34d09df053d46dd294 +A = d1c861822ba0e93be81fc78a2628756480146225c79b4a389588a9c3bff9a7500660e99c28807d9ae7bf8c1e89e81d4f9ff2f72d35ea6b34d09df053d469d2a6 +B = 3ffee + +Sum = 98ac65b4c06400baeb40ed137ecdd930a3607423caecbe1f1a936a8210c28fd84b53324e5bb73b7e4b71209b1a4d106796d57a4a23fad2c23abc0c039539080d +A = 98ac65b4c06400baeb40ed137ecdd930a3607423caecbe1f1a936a8210c28fd84b53324e5bb73b7e4b71209b1a4d106796d57a4a23fad2c23abc0c0395390820 +B = -13 + +Sum = da02949862a4b26a4fb4bff43b21c2cdd048189199612616303d3ab34dc6f201be256f5889e368867a0da200a0b03e904048d6ba5caee1dafa16f4fdb1f00029 +A = da02949862a4b26a4fb4bff43b21c2cdd048189199612616303d3ab34dc6f201be256f5889e368867a0da200a0b03e904048d6ba5caee1dafa16f4fdb1e0003d +B = fffec + +Sum = ea9523fdde49d481c9f449969fd8e191e118058e0593f2a27ef0ade666ff478c50acb274a6c77d9ec4ca628ab0d7f3dc18708327423de28616235187acb197f8 +A = ea9523fdde49d481c9f449969fd8e191e118058e0593f2a27ef0ade666ff478c50acb274a6c77d9ec4ca628ab0d7f3dc18708327423de28616235187acb1980d +B = -15 + +Sum = dab5613ae3756d29f22bc30213363900e3fdced153a3c20852d51c71cbb9af41aba6a16d0b72926192ef48f25e8975881ca7973a69590dc6f0224395e6f3684d +A = dab5613ae3756d29f22bc30213363900e3fdced153a3c20852d51c71cbb9af41aba6a16d0b72926192ef48f25e8975881ca7973a69590dc6f0224395e6f36863 +B = -16 + +Sum = c442f3e574310f78e0ac187af96550d4999b79da9c9d6ffa9eb9437a2ac01479003d8e795ce68dfc0f87a4fd9b00b6c172c72c7f580a32af015a3a3375b85285 +A = c442f3e574310f78e0ac187af96550d4999b79da9c9d6ffa9eb9437a2ac01479003d8e795ce68dfc0f87a4fd9b00b6c172c72c7f580a32af015a3a3375b8529c +B = -17 + +Sum = b9ac1e23fbfe179d9d3ff99b2ad8399754ea5531e6fce5dad997e2c961110d49d0e3d9c2ec03289edeb39e5a6b4744dd4b3cdd6c43f4e8f4c8e91617772e7fd0 +A = b9ac1e23fbfe179d9d3ff99b2ad8399754ea5531e6fce5dad997e2c961110d49d0e3d9c2ec03289edeb39e5a6b4744dd4b3cdd6c43f4e8f4c8e91617762e7fe8 +B = ffffe8 + +Sum = e087174c20cba6c4e1e8ffc2ecfeeee770898916454724c24b56d8619c27db123078d406d6b7b836b0dd3092b34b736c472f1afd983971230f1e2b729b00acd4 +A = e087174c20cba6c4e1e8ffc2ecfeeee770898916454724c24b56d8619c27db123078d406d6b7b836b0dd3092b34b736c472f1afd983971230f1e2b729900aced +B = 1ffffe7 + +Sum = ba66837e8e8bdefa4c3df73ba5ee65d1ab45a68f51072bf2997446b13b6c73b29c26d15ddff186c9621e156bd3b650caa267dffa54abb782734c443bf502b276 +A = ba66837e8e8bdefa4c3df73ba5ee65d1ab45a68f51072bf2997446b13b6c73b29c26d15ddff186c9621e156bd3b650caa267dffa54abb782734c443bf102b290 +B = 3ffffe6 + +Sum = fc461dea452aaf0e2c1df10b7cb4293fbc498d40caa7a917a741c6d3534914fc039bb7a62d14cc3e9ea6cc8d2b41228628ad56687d18858c3867c75ae83a3216 +A = fc461dea452aaf0e2c1df10b7cb4293fbc498d40caa7a917a741c6d3534914fc039bb7a62d14cc3e9ea6cc8d2b41228628ad56687d18858c3867c75ae03a3231 +B = 7ffffe5 + +Sum = d109e7982ffd500ed77702054ccbfa49bb47b5cdb2220988ef58af3cbe0ac90bb3b2ac8a2c558fe744231bf227bf35343e12ecb312242ce50a85fe461e73b601 +A = d109e7982ffd500ed77702054ccbfa49bb47b5cdb2220988ef58af3cbe0ac90bb3b2ac8a2c558fe744231bf227bf35343e12ecb312242ce50a85fe461e73b61d +B = -1c + +Sum = babcba83c01843f6448fc3f91c006a673e514c9626c6399d43c016c31a8fd1a9fc58d1c63ba5b9565dd7320c4a04fe4331fbb79de1e03d68db331bbe2b4b9036 +A = babcba83c01843f6448fc3f91c006a673e514c9626c6399d43c016c31a8fd1a9fc58d1c63ba5b9565dd7320c4a04fe4331fbb79de1e03d68db331bbe0b4b9053 +B = 1fffffe3 + +Sum = c52e7fb27c4f670109b32cb6d3f705e1685e2cb7474a90d3815e486de77dd2584a0b65d22040059ae5279450682a189eb1b0f847e0d3fe022628a73eeb99c54c +A = c52e7fb27c4f670109b32cb6d3f705e1685e2cb7474a90d3815e486de77dd2584a0b65d22040059ae5279450682a189eb1b0f847e0d3fe022628a73eab99c56a +B = 3fffffe2 + +Sum = b5f074f655dbe68df022b0093534b609b23c17eefcfdc9b1b150c8cfdafe1d320fff7452c147c7d9f9cbe16be25970a23e6499bc90e689497c8bf2d38219e4f4 +A = b5f074f655dbe68df022b0093534b609b23c17eefcfdc9b1b150c8cfdafe1d320fff7452c147c7d9f9cbe16be25970a23e6499bc90e689497c8bf2d38219e513 +B = -1f + +Sum = a1a41b6638409305ab9ffa22bb3cb9434f587d4ce6f6da47c0ad6f8f720f397c37cd61254f35fc9f0cda36476ca6d95f233604b9ae5ea2f1a1207caf15682e81 +A = a1a41b6638409305ab9ffa22bb3cb9434f587d4ce6f6da47c0ad6f8f720f397c37cd61254f35fc9f0cda36476ca6d95f233604b9ae5ea2f1a1207cae15682ea1 +B = ffffffe0 + +Sum = f187feee94925d57f65f9b1200193d8e9359340d670bab27c022d6d63a54635e4573593790e6c6b779becb9e5ea81c9b075baa2d3bc95493b0c5a2da1fccebbd +A = f187feee94925d57f65f9b1200193d8e9359340d670bab27c022d6d63a54635e4573593790e6c6b779becb9e5ea81c9b075baa2d3bc95493b0c5a2d81fccebde +B = 1ffffffdf + +Sum = dc9c51e1313cb655969b4a069f2e8edd850d4fbc5bbc36f05df42a526f4e5b3ed18886263d86231193442b3ac3e7a71e5a6377021e71ad07dd9411953dbeedc5 +A = dc9c51e1313cb655969b4a069f2e8edd850d4fbc5bbc36f05df42a526f4e5b3ed18886263d86231193442b3ac3e7a71e5a6377021e71ad07dd9411913dbeede7 +B = 3ffffffde + +Sum = f2b5e665a6a2e7009bff8b2750b5fb11576bfd49dee5dd7f32b02c46430923b0ec95c3fcee0006b0c2591cbf1fb18dde331d8fb119d92f3196a7dfd8178be33e +A = f2b5e665a6a2e7009bff8b2750b5fb11576bfd49dee5dd7f32b02c46430923b0ec95c3fcee0006b0c2591cbf1fb18dde331d8fb119d92f3196a7dfd0178be361 +B = 7ffffffdd + +Sum = fb0f545b752979151bc6004b3db33bad63230c26d060ba00f5b82e7bee7e2c854b09b2a7c6b4186776c6b3cc45afbc50ef35df7abad11fec62523a12be1cb7a1 +A = fb0f545b752979151bc6004b3db33bad63230c26d060ba00f5b82e7bee7e2c854b09b2a7c6b4186776c6b3cc45afbc50ef35df7abad11fec62523a02be1cb7c5 +B = fffffffdc + +Sum = fc197e83249b069fb34552188cd6d06a7e0b42c6a6a9869ede485328a0fabd0c0ec2f79b81747129ccd70ee5c0f9efea62c36d1a4e1fb2b80393fe636469c25a +A = fc197e83249b069fb34552188cd6d06a7e0b42c6a6a9869ede485328a0fabd0c0ec2f79b81747129ccd70ee5c0f9efea62c36d1a4e1fb2b80393fe636469c27f +B = -25 + +Sum = aaf9a8ecbbfee9c3092d9887ec35118a9614a9fa84fc50b79b11d03a4967066c361f67cbf7a8e5beb620c7da55f4bc7dc50ad44b22c9128994781c7816a439af +A = aaf9a8ecbbfee9c3092d9887ec35118a9614a9fa84fc50b79b11d03a4967066c361f67cbf7a8e5beb620c7da55f4bc7dc50ad44b22c9128994781c7816a439d5 +B = -26 + +Sum = e74e32fc45d099ed147bcf7d798bd3aef9b046291038d98431698e90d22cf944a92bdcd8a5cf378e9a3aa0001150cf6e4dc37fa4e54a25e13c75099c64b9350f +A = e74e32fc45d099ed147bcf7d798bd3aef9b046291038d98431698e90d22cf944a92bdcd8a5cf378e9a3aa0001150cf6e4dc37fa4e54a25e13c75099c64b93536 +B = -27 + +Sum = a3486d022ef4d0a0c72170f05300cee78df844db19c63754c2d631d3d9ae20a0205cfe0fe947f8f4d2f9fa34e2081f448a938a446e8764ac2141157cab01dfa0 +A = a3486d022ef4d0a0c72170f05300cee78df844db19c63754c2d631d3d9ae20a0205cfe0fe947f8f4d2f9fa34e2081f448a938a446e8764ac2141147cab01dfc8 +B = ffffffffd8 + +Sum = 8952cb3f70b1344facdd7fe79747773f9c101bc2a083fa8fdef0679c24ba93218d14d4d7e848d293ce431119d1542833e9a0624b812f0b31b2b9f7ed9455e8b9 +A = 8952cb3f70b1344facdd7fe79747773f9c101bc2a083fa8fdef0679c24ba93218d14d4d7e848d293ce431119d1542833e9a0624b812f0b31b2b9f5ed9455e8e2 +B = 1ffffffffd7 + +Sum = de9cb4d4cdd1d58572fa1052edf72bb9241555bdb967bd8cefb26cb12c6622d6147385dc3f72e110b17afbdebc5feb959cb6c320a2ba01f36585b53fb1c5f07f +A = de9cb4d4cdd1d58572fa1052edf72bb9241555bdb967bd8cefb26cb12c6622d6147385dc3f72e110b17afbdebc5feb959cb6c320a2ba01f36585b13fb1c5f0a9 +B = 3ffffffffd6 + +Sum = d37f2e1638c0b3bd624104d244d9770ae05bf37f7a6ec32db552af413c0006fdcfc312cf281190eb6738370f3a8c4655beddb6b39b342f0a67cc9af92a2c7fdc +A = d37f2e1638c0b3bd624104d244d9770ae05bf37f7a6ec32db552af413c0006fdcfc312cf281190eb6738370f3a8c4655beddb6b39b342f0a67cc92f92a2c8007 +B = 7ffffffffd5 + +Sum = 831aca9ef43bea89f048250aab79b06207458647ce347c68f91013695299c80d610c6e49e2dcd46eb02dd56573d31720efc277469e573f6ecfb71b12886653ac +A = 831aca9ef43bea89f048250aab79b06207458647ce347c68f91013695299c80d610c6e49e2dcd46eb02dd56573d31720efc277469e573f6ecfb70b12886653d8 +B = fffffffffd4 + +Sum = da95fd2d2438a79843bdf92c1cadd0e9165d002d22dcacbe4118cc3cf7d5de2fd2106aaefc790aa1559b28b641f83e4e5aa0f8446b57fde5c3663c13efbc04fb +A = da95fd2d2438a79843bdf92c1cadd0e9165d002d22dcacbe4118cc3cf7d5de2fd2106aaefc790aa1559b28b641f83e4e5aa0f8446b57fde5c3661c13efbc0528 +B = 1fffffffffd3 + +Sum = bf9e3169dd4b6d336848e744231d1ca85678aa3d1d62d42eac0b16500ef527e028757da54a456b3d684199f3bb3c866a002ee3885c86d2a79180487f4e8a45f1 +A = bf9e3169dd4b6d336848e744231d1ca85678aa3d1d62d42eac0b16500ef527e028757da54a456b3d684199f3bb3c866a002ee3885c86d2a79180087f4e8a461f +B = 3fffffffffd2 + +Sum = b5880868d947554eeb536246c312c9765ca8c96888817f3ffdc16cdbafb41fe8f7c151cb316da27562d3b82b2d45abf7c9304f488538386e84c6a23e3dc375fa +A = b5880868d947554eeb536246c312c9765ca8c96888817f3ffdc16cdbafb41fe8f7c151cb316da27562d3b82b2d45abf7c9304f488538386e84c6223e3dc37629 +B = 7fffffffffd1 + +Sum = 84b1e4079d09df569a1623b990d917871b1197723b30b19fcf3c063b0e84c9cef1c3ffed16f33aa9bede08b4831bb3ecdadae1622c93e1f86b474a4989496fa4 +A = 84b1e4079d09df569a1623b990d917871b1197723b30b19fcf3c063b0e84c9cef1c3ffed16f33aa9bede08b4831bb3ecdadae1622c93e1f86b464a4989496fd4 +B = ffffffffffd0 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30c6365e1eeb044 +B = 1ffffffffffcf + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 80695b879bb74400c107619981f3bcb3c9987c76d545f6485ed128082377799534508a83112fbde2ee5558c246332c656455 +B = f6446ca2883d7e27209eeaa01fdec632d4027113b81bb47dacc8f10eadc3b3ffc26d84135d91e70deb8aec84c7820332e8cf786e2af9b4217a4c1d32b5894bbe + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1b510bc480138145e2a142fce8330ee5f4030dccaf6017a1dd85bc5bbe9b2fee4f9d8fb484661a839dc9613652bcca11a00eb +B = f6446ca2883d7e27209eeaa01fe0fbacebd20e03107a9f993e30f63358d6bdc91baf4f5acdf81e3ad94ef9af3ffc315c6e9acfff91167f0ce6738f328308b0fe + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 219f59352ebda4cfb785a18834ec1c99145a6647265baf5d8f3b405f29a746785a5e70777d528ff1526688c01b9eee288e6cd +B = -f6446ca2883d7e27209eeaa01fe16091c2dcf8a54917eddf26e5c1c43408c33ea356bf1449b339931985aa70a89cdd6a7aca5ec6e7f1c8df5f101d54c47796e0 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -7e5a2ec59519143f7bda2829cfee4ae75cc8038f31303ff9bbb1e2cbfe93c46a1367c9d6a2a3d9cb40f1a6930c18c78f85724 +B = -f6446ca2883d7e27209eeaa01fd760f94330bb39b824b7e28bc5741dbc01b11805f14655543e8ac0e6d326bffa760106d5e85f604c28935c69dda1d968f658ef + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 9f580ff614b449cf9c46c91256c20983f5c70200739de72b917344db81c1aa1bf3927c38c22d026d6ce38ac746ada2948e538 +B = f6446ca2883d7e27209eeaa01fd5511b3028c1865f22b1187d3d06e1d23821281edd1f7ae1212eaac5daf3e19f57fe5bafc666cdc205d43e2699f88bb8a5cadb + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -15773d29ba363a15a0cb31ac4a60c0c228967e857d7d11c1ebb0a8db855c0d0797c0e409899a50e1b1c989a7dcea6f26238d27 +B = f6446ca2883d7e27209eeaa01ff4bdd95944430511bd40b6baacd3c32ca01416c461d66b15c5f687ef186c0948aef8677cdc23eeca8e6c007aeb4dd508123d3a + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 2f90f72f59dd7738f5572e31d41b91599ed500d59537bf5c21a1bedad709303cba0d5bf1b5e4eaac1a85c261ce94c45b64646e +B = -f6446ca2883d7e27209eeaa0200ed7935ee3ea423511ccb340368e93c416529914799118affbe79dee6a192c7dd144df65086e8894f7283934dcf82a3d531481 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -73978eee2b2a4ac8ef12b3042dd5e1ae8724a0a676d0a52035e801d741a61b92c638a3b0cece6a81bfd2703e3c502ad1fa784c +B = -f6446ca2883d7e27209eeaa01f6baf0d415ee280332d62d20a349d20bbf058f7986d88b433a45ddd3c5169e0ae50fedfc283bb33671cd00694d2133b0ff437c7 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = a462699ec5214f0d7860974a669d1728b4983a1c3c440213d12b2da58bba9dd1caf1d5ed391a3ebd80aa6e9ef0396e62260a1f +B = f6446ca2883d7e27209eeaa01f3ae43290c4eb7beea414edc3fbd5eb41c2e55e22a8155740091ab16e07555e6f4c45ad86196f5f2b5bf808341e29f77fc8a5f4 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -130f7a12825a6c5b6b109b91e2506505a261c9f7c1a62fdfbe252275d3f6844dda2aca2d0ff6d8406ac5c679c80ab6d29817b4d +B = f6446ca2883d7e27209eeaa021103e3d57afb390b2cd7f3e2c877952c49d9a37bafebc574fbc980670d278411eb9e4264451f721ef88fede6f8f0ed30b702b60 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 2863fa82289aff06fb16bd1b866da9ac0ae0f411a8d8c2c084cf78b81d6713a9a4700248ef61d5e52ca7470f1f251380368df10 +B = -f6446ca2883d7e27209eeaa0226586445213bcbb6bcde156c6c94d9d2b258cd95971e5855c273d6a95698136db5e37a80248a6fc3ba716e7c500b49de5578f23 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -6176f648b54dc4e2d11ba7e32d2d9d3f400fbafa489fbe7f126daf1f929ef8f219c78ff1063dd27650d4751c63b6e7ad7d9a588 +B = -f6446ca2883d7e27209eeaa019c7d737a435307ccf0abb06db8f992e767681e89a5a5d7162b36aed1a69206d1f7abe8462eeac7683cf5b250cd2f4eb0a150a8b + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = ccff1ed8726e309c4e0f2e166c497cd718a8eac347674ca57b6f317ea491b743a89d25f87c37f379f6239b13d848eee1ffa9328 +B = f6446ca2883d7e27209eeaa0130f54aea86329c1373b82a3a79ddb34f8eceeec0a6de48efc2352c72949f488068d6523eb8f0a66497a68c59589d477c1f41ceb + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -13d1c041415fbc18179c970fe989ad9e1f10e4ff658c1bc550e93f6ab9f9cc9832fd49cf6f2e75af72a71dbd7b121111ee0d4098 +B = f6446ca2883d7e27209eeaa033b106dd70e9c8e313b90c94f7ec20a089886297a470751ea4c38549cd8cdc9474148152e280ff4d5b83c0344e207477cffbf0ab + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 27ede3a23479dcc5447bc3b64df32c121761de88086204484cea0782b8d63d72b57192f2b20dd3dff395e937c91e21cdbd13b68b +B = -f6446ca2883d7e27209eeaa047cd2a3e6403e9904098393b5c559f1481d95c2047465da1a0c44d61cc694d6ef688ca7625605d7ddc728bae9c2c85339f02669e + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -4ad10e7f5637cc48b04d4b250e4ca00a0d102c91caaaf6291f1248b7a1cec979f87b7251c50db8e5e49206bebb30b7f3f25c8577 +B = -f6446ca2883d7e27209eea9fd50e381cd95240824bcf2a600015d2f85d6751067439633034c7fd2771c44682489bc531ae44d0b8044a9bb817ddab71ef922a9c + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = c6b77c2c932d9d5ec6175def706d6e9c411216fe12ac52043c617761d3a37804487f158de60a9c18e7a19646c455804a65bd80f2 +B = f6446ca2883d7e27209eea9f5927ca6f9c5c6f6c360517959df504662965669a2c3807551778ce7d3fef97f7f89821f58d47ed85013b0c300eb8e31b7c312f21 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -187976849837d4ad4cfc9764fd0e3f865fa9d1d9f20d98ccd52a6b3652277100bcfff85fb8414c2967dacd26f269502d3c2caff12 +B = f6446ca2883d7e27209eeaa1a776aee5b307579fcbe5ebd4df466b6865149b375fbde626a680f944360a20081116bd7ef7674c34668974e5f9a36639a4b9af25 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 33913efb99088ab80c706ee229e7a6ea6b274097f6ed3734452dabe0865eb86fcf20c9c6ae0e613b72dbfb8b126383e7d10e8bbb4 +B = -f6446ca2883d7e27209eeaa358f33655c012b84bc32363a7acdce1a91ceb8717adb7cc9da6b503e7797e96f93323d3ee54389d55169c5b27f946a1e2f2d76bc7 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -5d84033a924ff84666d3ee1a1342ac118224264c439bc658213b9762586e8dbdef141024d757175f30bec23a960ab145832dee9af +B = -f6446ca2883d7e27209eea9a479f12f30a8a88648edd93e3da37b1ea483518d40527f3d74020cfb98caa341d4fd63535fde113aadcf07ecd72634f0daf0fc664 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = a2aeba6a0d6142f527358ffd4c9139c390c9dfab07947c902085d1f3c367035db0f22f249295b974b1d9ebe7add3dfac7ec237f72 +B = f6446ca2883d7e27209eea95f4f39ffb5975dd7888c375b0454ed6c95dd982e7c59c90574b7d26a2dd22da2131f4453a49f6f252cb3de3fbf5d0689df5cb30a1 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1e545f433c1bda45a7900793d2cd18ba630fcb11d4a2c88bc7a0fb392d270088a1ad126743b80342bcfcfa9e939c9ccdccb7f4f198 +B = f6446ca2883d7e27209eeabe743e89d84b6452728c240957db7b2d657a428f6ce1ace520f4d57f0c3a93989dee299ec72b55cc5ae5d7410a6fab313299e3a1ab + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 244bf1eb701c53bc7847a644269277f53b58dc23b55a2f996faaceff22666eece40fe14644aaa2ab0197a5a915fefa394a5c357db4 +B = -f6446ca2883d7e27209eeac46bd1320c4bddc94343c2b9aba0da683dc353a14d9913f2c8fea945017a01fce050f87dc81df5349f80824b8cd2089cb03e242dc7 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -7e3419b44f3596c6486e095c3fc9a84b5599868abd292354278a2520f54929d5bc325dc3d095e84431960265dcae84f0815ef5beb9 +B = -f6446ca2883d7e27209eea21ebc5924cf9f346828e13194544ba27acd0f0f2db15c10531c9b524e9ca693a400eb973b2dd6a456c52da3c9a248972e482f8f15a + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 81fae0f8555d46ede9e74a93b8a7c6273c9bee0eef0f51b4575aad5cbdc0e10a3d03d53cf2a42e6a3625074c812cd0ae41d94d34ee +B = f6446ca2883d7e27209eea1e24fe4e46d2431ee114d1e1cc669c4bc5ce896ea92f92a501f92ce92152b205bf3d41fa90cf241f67c3d555f5a63db52408a17b25 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1558c919b3dcd4cc2eacfee2ae98a3b4286bdb6aa67db97ce35df3ac72f6c6418df10444ce791109a9a71250896f20d4dbf19d559f0 +B = f6446ca2883d7e27209eebf5ac70e1d9fcd6cfb5cc0aa06e989db589282e28001a7c278f33150d0e7ff728db515b846b046324385a01ab0dc51bb124fbc40a03 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 3a9c8b150408b2449466b8328ccb0a5334f2340479203cb790780e71b6609f7999c691ba19f947d8cac4329a4e45377fd6bf226fed2 +B = -f6446ca2883d7e27209eee49e89096dcbaae5611679f9e51bf07a6518db7c52a42afd260d4c161451d8aa998aa32d92307d0164a2c06475b268660d1d415aee5 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -450c41a9cca23287b6448a0b248d24075ed20bec41c600279fd86869b1a51e1842cb7f4d59144436edc1c052f44428965b3b2d98757 +B = -f6446ca2883d7e27209ee64f5bc4a9d20c619166b37bc33c3c21fd1549b8b97bdee1df5bcd53aac4c1b18bcf892261f22f0f1ac1ccd773329084fdb22f1528bc + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 9d48745690ee5aa8fc448371f9236153c584466583aa30d999461a3defac314356230a763c204c2595794db93fcd3917f25b83d1b85 +B = f6446ca2883d7e27209ee0cb9899dd8d49df7d06b3e555f2d84d36aa2611255d9bd6bfc4f23666e4507eda9a106fd3c16e90304654010e79ff7ce44029b1948e + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1a3f8af71d423da8c007022421f09a53034c6e9d7d23572b8b4b273b091a6f024ea4216ebbca25daa4e9e83fb46a1d9e65fea344bcd4 +B = f6446ca2883d7e27209f04dfaad663de6d32ccd1fe409775a8b5764ed914fabb960fe4a47b154ef982955ea06285f34d992d2e87d11c56e0f0acc96485336ce7 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 3cd13ae384718065169d7e6b600ea1d1a514832649029f92f1d2b5bebbf83454fcde0133f3bb4716cf452a3f930d28f30e7f22f21982 +B = -f6446ca2883d7e27209f27715ac2cb0dafef23687a87d593b0341816ed9dc69ade774b2c099901d747e80cda424b2b3eba6958e3131c3583fc0171e504e0c995 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -5849ade77039ed0b15524c08929a4553a6c0825178f6522915592ffa9638a8143fe8426df9757e8c06aabc97a2ef87b4a58869d1df4d +B = -f6446ca2883d7e27209e925671f7d662427ef778b013e2eac90ecc41e82604a1ecbb440023dfafa66b7ed013fea93e0df4c682f32c44ff874b59bddd781cd0c6 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 9c4b4b4800fe2f11e1897ee8c8e147b143a252847548145e77d9a9d3e4e3a79283f833e760bdc69d5f75fc1d0356615b0c10b1e34f9f +B = f6446ca2883d7e27209e4e54d497459e00782b417d33aca3c6b12f6017f308502a85e17faa0660fb6c008c040d2fd6c5acb52a27ecbf9f2071b35755300b6074 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1bbe5a805b857ccd9dae7cba6f3dab95d22f7d2e1621a2ab382898bfb2b4efccb263929f752397da4ad030e6d5c8773dde8fe04c42f97 +B = f6446ca2883d7e2720a0a685c7e4fef3fc63e7b2c7c3695fc7bf95fa3d58dfb26997dbe2dfd5712e105e36356b0e89bcf0f736a0f749fefe46ec4c63e6b2dfaa + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 255c9a10ee08acfe197fecdc7b6cbae27f8dd38887f135cc5adb1b9276c94ccce420887a7476b2d17c2708c84b7e9a8b4160f676f8d1e +B = -f6446ca2883d7e2720a14069c0ee2726ff6ba4c9c9e42c50bc8a6bdfa2fffcab9baa070b0d01b273e0615204c8be7eeea06a4c0e75615a607bc27975495e3d31 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -4bb5296b4ce3e960ecadc3f15de0a3a0dacf12d34f690cafaa8f2e31b0e9e69d42a3b16bce84361c81b7584be32210daaddefd7184659 +B = -f6446ca2883d7e27209a2f4d892a785d997b41eebd06977ad454c6113d42870773e9b06670bf3740a9bee5c12a5a4f40118a6e28641e7055c56385760ad669ba + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = efb45966d1f6d79c9b4c72c3a584e26e7b7136295fb79a911433a10ef649b47b14b8d76cc42e54852176ef7da7d08b86186cbe6e98b23 +B = f6446ca2883d7e27208fef5a8972272eb5c05803cfe21d36e77abbef07e1821e95d3161f42eae143cbe1c46eca4af49e2b00722ef102256e1aacdc99fb0524f0 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1e30bf701cd589fa3d2adff0217e8f748d1a254b771d77d342fffe3e3138aa3d4a75ca8c1e6636919636d4d96d8b04d583af4dc208b51b +B = f6446ca2883d7e2720bd1b5f8ffc1c2629c737aaec3df41482ef8d27b5ee9b1012275957920b7e8950dd85c6cd359dba04e8c072c24a2d7ba89212b3a3f7652e + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 320eee30dae44f272fc9606477927bac85b677c3333fa55f4c5b5c7e71bc02266a906d8838a096551a8b5b94980cd819ac721a6ca70a71 +B = -f6446ca2883d7e2720d0f98e50ba2aeb56b9d62b60940800bae8297a2daabd3d9e30b4b5d24c01e139fda069c94fd819c86d14f97d74af4eecbad5804e95ba84 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -5819f4921a515433459006c62df3be1c4e642a52340381b5954df3f9dd0ed5f73f8dc9a17e536b88090ae8d5fbc411f16eeca2449ffb96 +B = -f6446ca2883d7e272046d0ab8dc4f547fc447cc435ee81c6f2140ed818437a16894f0b6559fd37091c5382329f98e417eb497eb512e0de64e19f76c39d4eb47d + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = f238bbcd9701966bc4482fb8df8ca395ad15e2b83c014e59898e33a36623580e9c91faa3873eb26a0e97c4d29ff209e22c4faa0a1295a0 +B = f6446ca2883d7e271facb1e452484505c3c5c49b433ce8e178b55d1fb23b7c49e55acb25b074228704f67e019d8ff8d10943f1d9163cb06cf0e213bbd7dc1a73 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1e00b3b3bab1081231e0f1a2029b146f8391869dad416f6c8443c124ea7c908ee402f6b6fe06d883c2d232713512ed5d8636a07898523f3 +B = f6446ca2883d7e27227ef5db5b8a571d52a81be51c4626cc069b8b6c454b948f0728956ba2820ee801d33f67b0f7a50baf7facc4fc2dd14cab71cd6d6b73d406 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 2030dfab0a9e0af1764f416171c8eee2d0b87bd5b80e6cddee4ee2a7509a301956050b6e3bb067f827d13c33abf31693d4101951d4a0b96 +B = -f6446ca2883d7e2722a1f89ad089274b46ef00e1133904733b6dfabfc5f864661dc94783c8e3e8e0a8f360b324d23e02f5cf9d61239bd3e0104f64faff38bba9 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -7427bfdba61a57b644fdd11b2a3ea1d3507cdf4ea1389436bade3fbaf751724000774127923658c7b090f182d1d7e320aeaeb1e3dc0b30a +B = -f6446ca2883d7e27195c6ea2657da120cb3a2fb949788b67d95aa50d8063f454d336755da4652ebb138b9be9c7f3d1f6f8497a85bbbf2444c8237847a42dfd09 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = d23891ab621e6ee43b3b250d66ab139cc97db21429da33e01910635969af402b6792f6d741292a0e1bb6bc30b2a7b32fcce9f5e8c2e48bd +B = f6446ca2883d7e27137b618569bd5fadebd65a7a25b1c44b41ca97e127d9da5a3d535323bd3f51dc5d19e08ecd04a4e291971ddaddb22743d63fc40755c06756 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1d6d78b7e83cedb64f0afa17c56360a58eb5ccc4e647bd3c594feb6695531f9434adb169ce314d4c93b4efc260fc92b268ca22143fb7e994 +B = f6446ca2883d7e273e0c6358081c34527e9506e2c17fd62a9d183fc750bf3ad4983444bfe92d65734840c1660f4884d00707796049d935293bd8857a21a699a7 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 255261901144afcf37c28015f4ec493bfc06cbabf851997d06cdc2fa742a97e234085ce67dcd867451a19d3427acc5ac2fb5b919f1514e06 +B = -f6446ca2883d7e2745f14c303123f66b674c8ce0f108bec10a693eae62c9171545b21c53c804ddc1479b6ce2bee4bdf7c4f426d21089682302c41c7fd33ffe19 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -4c222346b39b4b87631fb26dd9b3a8942374f10ec577d0aced5cada7bb0fb34d9c85bd06b6d52a4229ec662ca5605aff7896f7d74483fe99 +B = -f6446ca2883d7e26d47cc7596c43fb14cc6a5a5d2268ccf0eaed81f3a4ffaceb5187abb198ca9291770d52f58a420d4149662371437c47775a776b8e9d6ab17a + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = b832106ab8bf5c27886927f67c5bb95d81280a5b4a3a044c39c816dfa5c5a4c6e8058d34c3e44bab649194932e42c197b40d16213f6565e4 +B = f6446ca2883d7e26686cda35671fea74a720e4d47fc0bc278d3a68a7203d794c051c4279ae14a1182b8d82c77d32ebd80ec0f50aba99e0df1f014d44a2894a2f + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1e4bd432a98b6d68d35627f4a46b56f04b378a535b50c7287ec949008e8ace3ed04a128043cbac7a49c6c1cb98dc27b684c4f971d69b51268 +B = f6446ca2883d7e29055c2dcab8961d2964ec8c1542d1e489c1db18381f83f0202b78e9623c8729cc183438007dd1ff280fbea657769f1ddf1f5dfa834ba3c27b + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 2af2a9aa0364d970115f35b6ab676f4baf1f4ed52d07cd808dcc7fc7bcdf2268f917a7e4476e429200a37b246e786e85a2b62d6b52de13135 +B = -f6446ca2883d7e29cfc98540562cdd9d457d6835b2936a40005760553af455a11bac55d521cc6c6ea50d8e40b7fb60a37d8a3be4d0638ad0fe713a1b0fcfe148 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -5dcc7b06c24160a67934f3adf5f5a468f10b0bfe1b82e133c797674c941c9480bb1e71ceddd1151f88244bebc63c2da41557670132848e482 +B = -f6446ca2883d7e2143d73a33fbc93c349c3ad1eb9cc22ef5fdb1b320b2496a5bc56de4901210fdd361abf30e6405e58af10dcae18519c8357d97f352b9a5cb91 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = fe6a6b7e6ee19b5e4e2a4cef85f637a5b0a76007bf1080fcdc86c952a49adce824573dbb3c0d3f94d519698968594e0b840b6c91ec9153aa8 +B = f6446ca2883d7e1739f832b931c590b74ce53dd29cb8fb2a03ec7286796f6dca7677c42f0a2c775cce1f344880433e3621bbf1076347c1be92579a4718d9756b + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1f219dbf1e789d4d74f10ff27fb947bf6cc94bf1e742ba203caf33810589005f8326704b8414819d90698fe08d9b3c16bd261beb922a9af9a5 +B = f6446ca2883d7e46423ca9be987c94112099ff4ab56434f1d7ae64e9ad319dd4ee17da5edcdaa5623a035b805598d513dce26a2b8418b933f92a4ef80c89a9b8 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 25bbd6ed7646662f6dd8481ac4c4a531174bcd05123889d4cf904d12d8d2bcad5425074d9c7fa1ba70ac5c8a3723fe6b20e064fb4a9999e716 +B = -f6446ca2883d7e4cdc75d8166645760a07d2278fc0c1a69c5a2f7814a3015267cf316c322696f333389a5d98c0b8f1f41faf13d50cdb0d97b3735eb07b889729 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -74af822547dd8aa99da2b3b60b1aa5d45c33cbbdca0d2876531b31a25cec244482832671c861b749effc1cf5e150aeb9d8e88583953aacd577 +B = -f6446ca2883d7db2711cc55842549cfe8cd656bfe176a128da96b5385d4f074523b2b6fc67b6015c906c9e33df5fed93773593bc982de89dea88dfd0a741da9c + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = d35d55e21fdf90fb0abaea71ae6d7f44401f615e7dc6761713ec45650b94c02f85e7bca8c2f43ada8975617eb7ae6fa41f4eadedaeb544654f +B = f6446ca2883d7d53c3490880404e4b91749f9b1c8e9d3144ef011484a4016684529ef44dbf1a16592bd667394cdc5cf9fdf10ae63a6cfe57846075b72caa4ac4 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -14872666f07cb43b47b4b82ef6df5b7696c2ff49a88ec9308e27d27736df05f79d452957297271756ca1afbc47ad011f1b77f32bbff831bb941 +B = f6446ca2883d7f6f930559a7eb22fb177b0cfc38f1d3def13e570d8b570a867abc0bccc74439bfb366288293682e8e4d8e4e4e18b8ee942e52411f65650a6954 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 2d2316a87167a23eff9da00b857c9423e44feb69620852e9e8d87ac70d96367a8947729b57804ab1d54022442f5504d23ea42a6cb0eddad04c3 +B = -f6446ca2883d80f9520971b69a033696098ac522c55eb3ca0d190922efa61c25c690ca32b741ee738abcc57445c254d77576cc933929c66115b52e74bf9bb4d6 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -4a296521345e531b059bd7bedbdee650280008947bb0de4012c11281d92be141b2d29b92812a4843eafc296fa69c55a697b4e9620a79fa8fd6d +B = -f6446ca2883d79848a4cd75a3aad9642720e1f0d0db773050dd92b475c937c6c2dbc3bc695c62ab1e9d9e7e99c92f8d3b0bb8f34238238fb847842be4245b2a6 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = a29d4661e53bde02d72f6e0e3d19ccbd85d8c0a0392d7153ed330ff11e6f75c9880dd1f77a89be8c4e48b10bc7b43b46fbffb592a9a2f23b932 +B = f6446ca2883d73fd4c38cc4c61ff192938a928f95f509d2782586f6f93623ec50de547725c7dad5e36739853a52e729ee841cd22a52832b6d7b538cbb2caf6e1 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1c7a1c6185b0a2d7c02f3a7884e5a11513785520f1a27e8c29cc30707300edbaaef99509e9c4f578d086b2a8c593d0a04d32682c7c71f6a3d025 +B = f6446ca2883d9aa13d007050c2b706cb6a0291b09d3188fd638364a4e903a7646f54cc5a4194f4d8a89cf9c13690080a25fb4f31b97cefa93b3adfd7d8928038 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 21eaee9881dff114d10dad6acbb6e712c6d1acc6b878ec60253c44ad7e9272bb5ab0e2ceb2023fa9f427a23ebb464b2c8c411bd86032c6873ef9 +B = -f6446ca2883da0120f376c8010f417a9dcf4d881e32f3c56bb292b7b56d7a2d48391d7ebc695a08ff661c1fe80c12bab159144e434092eb7eee6c398a875ef0c + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -46f16fa8b7a3b6ecf476f8cdf5f77ea3a7c9be958ced5db6c6a9e11e6bcf3a156b3fb60bd5ff862c80d7c3e3f23c15df57a8fd7822d4c7d9738a +B = -f6446ca2883d3735b0f632fc68f2522536bc16d37d78cdbb4fcce6150cc0b6ee5dc5ed8a19c4da9f5d8739fcbaeab6abaf6e9761d2fd4acdd59640911a153c89 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = bdd97dea2fd68c602862b0fdcbbe47d5e2e23ec1a10925cf34e9773d09d90caf70b5beed3ae1509392289be0ee66b649d45b3dc880ce4f48bb4c +B = f6446ca2883cc04da2b4bac9937f1e397e8c410cb44692a2cfa0d1f944a848aec7a74f80472ad52954a5d51af083a55ad7719b373292ce1b9545e29792a5f4c7 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -145dd43715b37e7df4b56e5afa79caff8668de6fe4c2f725866d0f84522682f38694a26bea588a576900862dee9c9498df909fe788d72db324f6f +B = f6446ca2883ec404641045d807be91f31539b467ac14dc12f560bf31dccfe46937297bc18312af293a51b584e68dc78bd6317367326a9b80d186f0d8bd20ff82 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 35094bde0256df169828d23a250e3a10f35f1fe30f168d463ccd8389197b8aaeb326ca86fd09b3d8a29769ac3c6ed856c34f10cb0d993e38252d5 +B = -f6446ca28840cebbde7f100e1148c929532c5dae9d2bab770c93646b3edb4a707775f111fec5784bbc02e0977ea160fa0e16508b6e48d767dfbf3cf9c57102e8 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -578294d2b3d43ffd19b79a65778710da245eb96fda50d50a3aa6ae3295dc50d8f7da1f5c8b98f4a9905ee840dcd139a62697eb45678259d7639ff +B = -f6446ca2883805fdd373ad5c200dab2289329459ee7a2f997764cdf519d3d32d5bbafb94464ac83d1dca566cf67e3194ef44bc8a4e7a38f81eb7eb4044787614 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = ab192cde88b1cb3e6b094409c1e81ff84715d64ddb7413f6fc5dc1182abfcaca481c8035d16e0d698476d7094f2bf7cb3de1b1210ba68701168a3 +B = f6446ca28832cc9452b65f836bf89607eeedee48fc980427a984bbc12b07b7bc2d61ad5ca735c4171035f91b6a7ef01602bd96de6c28c45bc0fda8fd71dd4770 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -19a7abdefad11d1c9b6c4e0c4c1ff1194c490f63086ede1e4c43d964555a2f5e561a9bf5dc3a670b7ddfe8894271197747860c78949e6c9e357460 +B = f6446ca2885725d2ff99bbbd3c7ab2ea3bd62cbc1568be94716ae1e088c3c171a339b388b230607b096f4a634c95176bfc94fab7602428834ba301d280242473 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 275ce169251250a596ac64ac6e23ae05f8785db63b9cb83a9dec067472d059ea3aef07cf9fc20b846b3292899a8d3fe1aed5b92f21a89c1d924bbd +B = -f6446ca28864db0889c3fcf0c575f300dbf830790214ede2c49e0fbaa515699eb35729b33e1534e6e332d207c5826a15fced16ddca8b783002300c01ff80fbd0 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -61039a571c78308b819da54c1849d8d6169a82e25f61f26e30ab16b545080417f2008ef89116e002660f95863c47ac02bc161bbb7aa8817457eade +B = -f6446ca287dc7a8cc982726f945da8f6e371c2f22605db022c03110ffc46d281899f51553be845501b01f91c3eb127eded1641f1e6208c5b1793bae46d96c535 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = fca0b32bf9e248320b8c10128ff4368a766dd34fbfbf77e66cb2298fa3833bbf24451f508a50afd0131ad49c9ac8e851d4fb53f2fe33675f5e6b34 +B = f6446ca28740dd73f4a50857edd3ba8c1cfa189471a607b1bea2b38a840acb6eaf40d61d94b600bfc308bf4c71041caed6b7c0b59707a722e0102ffe829044df + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1c6f81990e54d6894188d5b872009c3eb5b2f10137bf7a27999d918790b587594afab3950330296979c354851164f95938d1df77995f6c0a9a3edef +B = f6446ca28a047640b1843808b3f7d3f7b6aa168ee777a49521de6aa4e41156b0b7efb1cee889f11863c61292d8b36ccbc468d9337c69c06e4ca45a268b929e02 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 310b6086b85bf12c7e391184e070f623c9cfe07a8e495010fc13d584d748098f070ac4b7c31cbd28acd32ab6270e2a98f48d8d31525ada808858785 +B = -f6446ca28b4e342f8c24a9b2e7c2d7b47d911c2d38b9738cb74708037a38baf08c58d9f2444af22a8fc4dbcecbe46a2ed5c36c4778257b49e834110dea743798 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -4a51109cf8c033e683b1bff229f081d71cd5cafde15dc2d5f8ad0457e79b9b2e015659ee564de59f27204c685ef58977e13e19fe36a2d017fe6860b +B = -f6446ca283986d1d5112e761b7a42a9d0ceb04ad8a4f18d5304c96d50aecad52c06a9fa673c4e0402e2e31a24ea532bced6331066ac8c0d6efa4366462082a08 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = f3e425af6aa16899624f20b49c4e9115034aa4d06ce9db9aa742a6e60d59d6ce0a067f5645b8e7f896c8561315ef1f7151e073d115f8e38df274438 +B = f6446ca278ff3bcc29f4d41689ba5490e5c523b9abe7cb380793d548c0035329de0ebbec7339dde9af37817cb7aab22241f397a6d3be9b39c1aed52d02c76bdb + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -18b2de417fc4bef91b5dd82b0e93315b306bf3a7f7bf0a486a567e9cd1370587b7e47adcb9accba03a8dfda5871b0bb1bdb569a90c079f7a9a4e87d2 +B = f6446ca2a0f05c68a063a9993b3d1ec73e1d3e262c88692d06217d4ad4cdfc35101b5ee10bbec0bbcd3fdb9c7ba53528fa6d954fa6920c1fdf1602e07c3d37e5 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 26b556807e84a9bf7cdf2697050cbd7145a42b8ef6fe10666da7a2e69827ad04880bb97ab3108a27da5fcc29a041bd6aebbaf00ab25a841674ff9f1e +B = -f6446ca2aef2d4a79f23945f9cbe6d333496ca3c41c0a11405608368d81f207ed70c065ddbe5ff59c6a39a241b7703ad13944708d49792818568e77c56ee4f31 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -40b258c2211cc2cb9e2614ab4b23cb9eadb1ddcae903c93646e9f5e5afcaf912a2fdef26c864d83dcdd6f434ca2b0aa7f8ea7a21e790a9e4601de110 +B = -f6446ca2478b2564ff8227d481b931f0e466412c4e6a97ba255ea9cc238d87b28f196046b0dc56b84b2e37be7340434ea9277ef5eff22854eb7db98181d0cf03 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 97631efbd149bb0fdecce09d14aedf2efe30407c01c68e000be9c7be954999375e1f7720e8e5f1edfc48b92f9a063f6b2b378996459bffeae3d362e3 +B = f6446ca1f0da5f2b4f552f90411265ff1adb2d9bfdec35090c9be5025e8db5d9a99ac021f5bacebe2aad1e0e44ce7e53d94c4a32bda518e08d72637afe1b4d30 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -15f4c3634bbbd1ce04fdf96a69b2b8263290e188ca83956b74c6d190e7b877dbd176657a19ea125dfe9c95d2764002ca5d98e28315cb391779d56fcb2 +B = f6446ca3e789b45bdc5c07806fbedd42cab58f2e252a8e11b69bc9b9b6e496a6ba6bd7166b409d80b23435dc2ae094aad752b643c26acaa82fc1f4dd7f45acc5 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 39ecc3b285eb99a2ac91329da615e581f791eaebd477d87c7739dd961a2c5c6cf86a34c73856efcf3b812909d830186c910f8f053192cac9fca8ab7a3 +B = -f6446ca62709b94f7f5884cae8f2707690e864ea753b244255dffac9de1556f9e1aa2028da7d925299020ceff929c820f6541066f9d592c9ec3b1005ac7967b6 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -707e64f8bee7a679d9b72bd04b231cda716f5dc1b7a404f8c0679770c46fc944470ee2a221d1e3d166619ba6a430d0349e7e75c0ee021ed027dab5d74 +B = -f6446c9b80572e9b32248302846c89977d583f23e52699699422237663fe068bf7e7c514e2ec1bbcf674d2e5dafd7d193045865400f54667f2ec76636443529f + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 9ca2c37f4b1a392c34551f570ff06a74c5f027170815454c5ed3535d5232df54fb1f65f2304e32b4995bb77ccd4ece69db98452f182dbeda98d525a19 +B = f6446c98be1146326efb57dcda8d512b3083657e9d1a04148d0e1e3c7d4247c31bb66409a1e3e6bc0eafe4b2ab5bbfb69e65a3002f584f85503275bc549c55fa + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1190fea35b9a1ba1c280d57888664aa7db5f9d6d4325b35a6276bf61291d67e6e14e3001f5af1753faff61fa53861ab8ed15d15965e0dcb05718bdecc6 +B = f6446cb4193c2182baba8c62a0b4bf2495d4b4a65bb9e2c83415cd64e136dec15c4c403aa20a47d4c2aa63f7407931d6f96d428afeadfbdcb3eb13bcfaac9cd9 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 209797b717f068e5f808dd2b4e12576fa056879da881bfcc1819228e4f9dc6f84347edbdbe273657d533d7c928e51b68a82c59d93dfb038514c104c1bc +B = -f6446cc31fd5353f1107d09828bc71ea41e17c6b52a4132d90223f1a839a0be7dcab519c9bc8039d3ac967d174ef00ac586df24615367bb4ce11e87aa2f371cf + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -7198b6aa26be42e97cad682aaa63d68d51952dae52d4cfe5f9a6acef93f35b6d7b7be87a1f2a944cf7fa9483cd6c3df7599d44c5b56e5ff38cd43d23c0 +B = -f6446c30ef86d400625c012372771bf1cbb37f7966eec73239928d08c3ca8e044b88ebddd7f1cbbfe8fec3044682b3b6071492444b97dcc164ae6fd90db18c53 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = cb788549eee4fa559118f0bd66b68d94845bdb7d07b2042d53a64921f3e3df76a2b143e9e9ad39dacaf405cec5fed9fd59050c5d27322142e4e11d4ede +B = f6446bd70fb834383ba4950f06ee893578fc7846a040f87d5c5e45aec42e5ba45b04e2b6a2965bf5665935314d1168bd74788c44e3d0454fa0ed208100d16135 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1122c39c2c252ec96e9274bdf713bfa8200e35ed9f18dd087fedd2005e5898b6f8ed37e1cd7e1f7b0c5be137a71a27b7e4e4669b1f412e154e6ad2ad567 +B = f6446db4b47740e9738b8189472b260d6b848ecbdf7b4f769c32fb014797837dc86fc8e8275862b6f58ac0c1ff2ab1f515ce07ec2f46546ae5efb84c8f19857a + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 2d57e15c8039f8367d2e0198d9fc27616e53efdc9cb0adc0b0199362d08f5698af1f07499cd2b72005f1c09900c71b677e57cd62094743a9b3ae541e74d +B = -f6446f780653462ac0225272fff8d43bf20023b03b1a3f50193e7e0403adaaa1344de44b444edfac3f05105b5d20c78fe509018365b2c30b4748fea0c7309760 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -539b4413477ef77c15fd53e202d8e5d183eb1c91fecf5b89959bb8d60d3f7907e95c5dd045d698a6a17f0150861b43bfeb2e5d40bdc970839b0712ee17f +B = -f6446768d3fc49af312729404aa1266ea12cf48c4a53559818a9d9a8aeea1cc44753dac38dfd4181aa08a5e451022f21bf168aeb0308969a3c0629b570bfce94 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = fe46dc4f55346ee27d6ced0256b0ec64f82d5150c3b49d4cc7d56a60ae5d10bb649a57f4c97acc146388a6a9d25d3c3c7e42372e46bb4f8a72171ea5979 +B = f6445cbe1a7888d3d9b0c2c9510f213120c3bd4827076949c48da68513d172b26dd8a30fae5af94766d1c9c3b6ac9a5d9f8ec1b9c569be0b1e15bc447004569a + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1fbd702bd26d37bb1fa554ad261f1e7161ea438f49b41aab950884c5c87eb1e0b9a3a69807b759a1440ef9e5683c1a13b9d610fd87fb131619cb63997891 +B = f6448c5ff8695094585a0a45748c6cbb4dfb6eb53fabbf39290e080aef3d4616f0c512fcfa724d966d34540b3afc9fbf8d664373f9da2a71e6247d31458828a4 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 260abc8cb124b3c17698ee342bdbe4b1513a085effb4f79aca252c98c8799ad203dccc9c305cdccd2edc16159d0e2c7a125c50f8abff9e12dbe8d93c655d +B = -f64492ad44ca2f4bd46061390e137278143b5e05047b753a05fd3d2797104611d9b65d362076763bf0603ed8572cd4919fcc9bfa39d54e7671213f4ebb2b1570 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -6f961198d2039a92d24c53bfcafd73251b575d5e06565db36666545d5994e511c4c3905cc0b93586f05916c08b8f51a0e0fe1b6253fcfa41bfec25196482 +B = -f643fd0c76a4ac23860c1853cc1f7b9ebc64f1739ebe6f2eb0af0c9c161a240359d29495c37d8525de0c1fa32a56abf421b1a89fcd7a4e79d8cca379bcd54b91 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = ed86313f32aabf2f7487dd9f587431e17b9a46e1a78fe89b0ebe81c737a73c2a8fef92c0963fc36e9808309d00c3bd14612fdf4fb236e06add8fe9329252 +B = f6437f1c56fe4b7c616f7618423fee27fda89130b53acdf525c76443e8b045f102b9c969c119af9f502477f4107a36bfb63e286e098cf03ff2a385d5f8bc1dc1 + +Sum = f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -1741bce7ae27a7b3effa5b08b39f9d03d69efe7b0716cc57dc106aac17925a2d77c18386f7398db17f813c9c6f2dfcc9347e9f55de76b11475fcf77bbedb1 +B = f645e0be56b860a19bddea45d06a8095ffc776bae3cce6f1d3e034091538f6bde1bbd5718c49b977eeab08100ade2a633fe5d187de3a89e1e455c33559aa9dc4 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = 20bd41a0d6d691e8554ee8b90a775e04f086f318b7afdc7b5d6d7c3b7ab6b955aa286809856e1bd195dace84b18b2d0365edc8e066d2e8db9ae8325d00843 +B = -f6467876a24aeb903f243f8eab6fee120fd9153a2da7f082d61849da2e2f2903d43efbdfd4729cc0d0ac6da9296250364388e87a76e30fa560c811e907beb856 + +Sum = -f6446ca2883d7e27209eeaa01fdf469c2f8a0ccafc1c75850e6273026a777d983ee4595953da45df13930ffc411737837352899de8dca276d30e6365e1eeb013 +A = -685147a1e74dab824bc6cb7fb30a773fbe5e380f46189574038d2d2f3983ced8777a080af6b06e9bb3c2d134a3302fa099b4bc78a4f01a4c157424ee3c773 +B = -f63de78e0e1f094c687a2e3367e415f4bb8e26e77b2813fbb7223a2f9783e55b515ce1b8d32adad829d7d3cf2dcd04807948ee52215253752e4d0c23930ae8a0 + +Sum = 1 +A = 0 +B = 1 + +Sum = 2 +A = 1 +B = 1 + +Sum = 4 +A = 3 +B = 1 + +Sum = 8 +A = 7 +B = 1 + +Sum = 10 +A = f +B = 1 + +Sum = 20 +A = 1f +B = 1 + +Sum = 40 +A = 3f +B = 1 + +Sum = 80 +A = 7f +B = 1 + +Sum = 100 +A = ff +B = 1 + +Sum = 200 +A = 1ff +B = 1 + +Sum = 400 +A = 3ff +B = 1 + +Sum = 800 +A = 7ff +B = 1 + +Sum = 1000 +A = fff +B = 1 + +Sum = 2000 +A = 1fff +B = 1 + +Sum = 4000 +A = 3fff +B = 1 + +Sum = 8000 +A = 7fff +B = 1 + +Sum = 10000 +A = ffff +B = 1 + +Sum = 20000 +A = 1ffff +B = 1 + +Sum = 40000 +A = 3ffff +B = 1 + +Sum = 80000 +A = 7ffff +B = 1 + +Sum = 100000 +A = fffff +B = 1 + +Sum = 200000 +A = 1fffff +B = 1 + +Sum = 400000 +A = 3fffff +B = 1 + +Sum = 800000 +A = 7fffff +B = 1 + +Sum = 1000000 +A = ffffff +B = 1 + +Sum = 2000000 +A = 1ffffff +B = 1 + +Sum = 4000000 +A = 3ffffff +B = 1 + +Sum = 8000000 +A = 7ffffff +B = 1 + +Sum = 10000000 +A = fffffff +B = 1 + +Sum = 20000000 +A = 1fffffff +B = 1 + +Sum = 40000000 +A = 3fffffff +B = 1 + +Sum = 80000000 +A = 7fffffff +B = 1 + +Sum = 100000000 +A = ffffffff +B = 1 + +Sum = 200000000 +A = 1ffffffff +B = 1 + +Sum = 400000000 +A = 3ffffffff +B = 1 + +Sum = 800000000 +A = 7ffffffff +B = 1 + +Sum = 1000000000 +A = fffffffff +B = 1 + +Sum = 2000000000 +A = 1fffffffff +B = 1 + +Sum = 4000000000 +A = 3fffffffff +B = 1 + +Sum = 8000000000 +A = 7fffffffff +B = 1 + +Sum = 10000000000 +A = ffffffffff +B = 1 + +Sum = 20000000000 +A = 1ffffffffff +B = 1 + +Sum = 40000000000 +A = 3ffffffffff +B = 1 + +Sum = 80000000000 +A = 7ffffffffff +B = 1 + +Sum = 100000000000 +A = fffffffffff +B = 1 + +Sum = 200000000000 +A = 1fffffffffff +B = 1 + +Sum = 400000000000 +A = 3fffffffffff +B = 1 + +Sum = 800000000000 +A = 7fffffffffff +B = 1 + +Sum = 1000000000000 +A = ffffffffffff +B = 1 + +Sum = 2000000000000 +A = 1ffffffffffff +B = 1 + +Sum = 4000000000000 +A = 3ffffffffffff +B = 1 + +Sum = 8000000000000 +A = 7ffffffffffff +B = 1 + +Sum = 10000000000000 +A = fffffffffffff +B = 1 + +Sum = 20000000000000 +A = 1fffffffffffff +B = 1 + +Sum = 40000000000000 +A = 3fffffffffffff +B = 1 + +Sum = 80000000000000 +A = 7fffffffffffff +B = 1 + +Sum = 100000000000000 +A = ffffffffffffff +B = 1 + +Sum = 200000000000000 +A = 1ffffffffffffff +B = 1 + +Sum = 400000000000000 +A = 3ffffffffffffff +B = 1 + +Sum = 800000000000000 +A = 7ffffffffffffff +B = 1 + +Sum = 1000000000000000 +A = fffffffffffffff +B = 1 + +Sum = 2000000000000000 +A = 1fffffffffffffff +B = 1 + +Sum = 4000000000000000 +A = 3fffffffffffffff +B = 1 + +Sum = 8000000000000000 +A = 7fffffffffffffff +B = 1 + +Sum = 10000000000000000 +A = ffffffffffffffff +B = 1 + +Sum = 20000000000000000 +A = 1ffffffffffffffff +B = 1 + +Sum = 40000000000000000 +A = 3ffffffffffffffff +B = 1 + +Sum = 80000000000000000 +A = 7ffffffffffffffff +B = 1 + +Sum = 100000000000000000 +A = fffffffffffffffff +B = 1 + +Sum = 200000000000000000 +A = 1fffffffffffffffff +B = 1 + +Sum = 400000000000000000 +A = 3fffffffffffffffff +B = 1 + +Sum = 800000000000000000 +A = 7fffffffffffffffff +B = 1 + +Sum = 1000000000000000000 +A = ffffffffffffffffff +B = 1 + +Sum = 2000000000000000000 +A = 1ffffffffffffffffff +B = 1 + +Sum = 4000000000000000000 +A = 3ffffffffffffffffff +B = 1 + +Sum = 8000000000000000000 +A = 7ffffffffffffffffff +B = 1 + +Sum = 10000000000000000000 +A = fffffffffffffffffff +B = 1 + +Sum = 20000000000000000000 +A = 1fffffffffffffffffff +B = 1 + +Sum = 40000000000000000000 +A = 3fffffffffffffffffff +B = 1 + +Sum = 80000000000000000000 +A = 7fffffffffffffffffff +B = 1 + +Sum = 100000000000000000000 +A = ffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000 +A = 1ffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000 +A = 3ffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000 +A = 7ffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000 +A = fffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000 +A = 1fffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000 +A = 3fffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000 +A = 7fffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000 +A = ffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000 +A = 1ffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000 +A = 3ffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000 +A = 7ffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000 +A = fffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000 +A = 1fffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000 +A = 3fffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000 +A = 7fffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000 +A = ffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000 +A = 1ffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000 +A = 3ffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000 +A = 7ffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000 +A = fffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000 +A = 1fffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000 +A = 3fffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000 +A = 7fffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000 +A = ffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000 +A = 1ffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000 +A = 3ffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000 +A = 7ffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000 +A = fffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000 +A = 1fffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000 +A = 3fffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000 +A = 7fffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000 +A = ffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000 +A = 1ffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000 +A = 3ffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000 +A = 7ffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000 +A = fffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000 +A = 1fffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000 +A = 3fffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000 +A = 7fffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000 +A = ffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000 +A = fffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 200000000000000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 400000000000000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 800000000000000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 1000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 2000000000000000000000000000000000000000000000000 +A = 1ffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 4000000000000000000000000000000000000000000000000 +A = 3ffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 8000000000000000000000000000000000000000000000000 +A = 7ffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 10000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 20000000000000000000000000000000000000000000000000 +A = 1fffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 40000000000000000000000000000000000000000000000000 +A = 3fffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 80000000000000000000000000000000000000000000000000 +A = 7fffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffffff +B = 1 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffffe +B = 2 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffffc +B = 4 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffff8 +B = 8 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffff0 +B = 10 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffffe0 +B = 20 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffffc0 +B = 40 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffff80 +B = 80 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffff00 +B = 100 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffe00 +B = 200 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffffc00 +B = 400 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffff800 +B = 800 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffff000 +B = 1000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffe000 +B = 2000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffffc000 +B = 4000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffff8000 +B = 8000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffff0000 +B = 10000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffe0000 +B = 20000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffffc0000 +B = 40000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffff80000 +B = 80000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffff00000 +B = 100000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffe00000 +B = 200000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffffc00000 +B = 400000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffff800000 +B = 800000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffff000000 +B = 1000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffe000000 +B = 2000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffffc000000 +B = 4000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffff8000000 +B = 8000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffff0000000 +B = 10000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffe0000000 +B = 20000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffffc0000000 +B = 40000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffff80000000 +B = 80000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffff00000000 +B = 100000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffe00000000 +B = 200000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffffc00000000 +B = 400000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffff800000000 +B = 800000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffff000000000 +B = 1000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffe000000000 +B = 2000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffffc000000000 +B = 4000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffff8000000000 +B = 8000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffff0000000000 +B = 10000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffe0000000000 +B = 20000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffffc0000000000 +B = 40000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffff80000000000 +B = 80000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffff00000000000 +B = 100000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffe00000000000 +B = 200000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffffc00000000000 +B = 400000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffff800000000000 +B = 800000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffff000000000000 +B = 1000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffe000000000000 +B = 2000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffffc000000000000 +B = 4000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffff8000000000000 +B = 8000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffff0000000000000 +B = 10000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffe0000000000000 +B = 20000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffffc0000000000000 +B = 40000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffff80000000000000 +B = 80000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffff00000000000000 +B = 100000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffe00000000000000 +B = 200000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffffc00000000000000 +B = 400000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffff800000000000000 +B = 800000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffff000000000000000 +B = 1000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffe000000000000000 +B = 2000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffffc000000000000000 +B = 4000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffff8000000000000000 +B = 8000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffff0000000000000000 +B = 10000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffe0000000000000000 +B = 20000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffffc0000000000000000 +B = 40000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffff80000000000000000 +B = 80000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffff00000000000000000 +B = 100000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffe00000000000000000 +B = 200000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffffc00000000000000000 +B = 400000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffff800000000000000000 +B = 800000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffff000000000000000000 +B = 1000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffe000000000000000000 +B = 2000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffffc000000000000000000 +B = 4000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffff8000000000000000000 +B = 8000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffff0000000000000000000 +B = 10000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffe0000000000000000000 +B = 20000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffffc0000000000000000000 +B = 40000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffff80000000000000000000 +B = 80000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffff00000000000000000000 +B = 100000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffe00000000000000000000 +B = 200000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffffc00000000000000000000 +B = 400000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffff800000000000000000000 +B = 800000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffff000000000000000000000 +B = 1000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffe000000000000000000000 +B = 2000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffffc000000000000000000000 +B = 4000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffff8000000000000000000000 +B = 8000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffff0000000000000000000000 +B = 10000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffe0000000000000000000000 +B = 20000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffffc0000000000000000000000 +B = 40000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffff80000000000000000000000 +B = 80000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffff00000000000000000000000 +B = 100000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffe00000000000000000000000 +B = 200000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffffc00000000000000000000000 +B = 400000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffff800000000000000000000000 +B = 800000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffff000000000000000000000000 +B = 1000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffe000000000000000000000000 +B = 2000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffffc000000000000000000000000 +B = 4000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffff8000000000000000000000000 +B = 8000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffff0000000000000000000000000 +B = 10000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffe0000000000000000000000000 +B = 20000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffffc0000000000000000000000000 +B = 40000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffff80000000000000000000000000 +B = 80000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffff00000000000000000000000000 +B = 100000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffe00000000000000000000000000 +B = 200000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffffc00000000000000000000000000 +B = 400000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffff800000000000000000000000000 +B = 800000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffff000000000000000000000000000 +B = 1000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffe000000000000000000000000000 +B = 2000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffffc000000000000000000000000000 +B = 4000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffff8000000000000000000000000000 +B = 8000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffff0000000000000000000000000000 +B = 10000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffe0000000000000000000000000000 +B = 20000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffffc0000000000000000000000000000 +B = 40000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffff80000000000000000000000000000 +B = 80000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffff00000000000000000000000000000 +B = 100000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffe00000000000000000000000000000 +B = 200000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffffc00000000000000000000000000000 +B = 400000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffff800000000000000000000000000000 +B = 800000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffff000000000000000000000000000000 +B = 1000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffe000000000000000000000000000000 +B = 2000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffffc000000000000000000000000000000 +B = 4000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffff8000000000000000000000000000000 +B = 8000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffff0000000000000000000000000000000 +B = 10000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffe0000000000000000000000000000000 +B = 20000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffffc0000000000000000000000000000000 +B = 40000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffff80000000000000000000000000000000 +B = 80000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffff00000000000000000000000000000000 +B = 100000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffe00000000000000000000000000000000 +B = 200000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffffc00000000000000000000000000000000 +B = 400000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffff800000000000000000000000000000000 +B = 800000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffff000000000000000000000000000000000 +B = 1000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffe000000000000000000000000000000000 +B = 2000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffffc000000000000000000000000000000000 +B = 4000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffff8000000000000000000000000000000000 +B = 8000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffff0000000000000000000000000000000000 +B = 10000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffe0000000000000000000000000000000000 +B = 20000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffffc0000000000000000000000000000000000 +B = 40000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffff80000000000000000000000000000000000 +B = 80000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffff00000000000000000000000000000000000 +B = 100000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffe00000000000000000000000000000000000 +B = 200000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffffc00000000000000000000000000000000000 +B = 400000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffff800000000000000000000000000000000000 +B = 800000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffff000000000000000000000000000000000000 +B = 1000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffe000000000000000000000000000000000000 +B = 2000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffffc000000000000000000000000000000000000 +B = 4000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffff8000000000000000000000000000000000000 +B = 8000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffff0000000000000000000000000000000000000 +B = 10000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffe0000000000000000000000000000000000000 +B = 20000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffffc0000000000000000000000000000000000000 +B = 40000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffff80000000000000000000000000000000000000 +B = 80000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffff00000000000000000000000000000000000000 +B = 100000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffe00000000000000000000000000000000000000 +B = 200000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffffc00000000000000000000000000000000000000 +B = 400000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffff800000000000000000000000000000000000000 +B = 800000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffff000000000000000000000000000000000000000 +B = 1000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffe000000000000000000000000000000000000000 +B = 2000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffffc000000000000000000000000000000000000000 +B = 4000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffff8000000000000000000000000000000000000000 +B = 8000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffff0000000000000000000000000000000000000000 +B = 10000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffe0000000000000000000000000000000000000000 +B = 20000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffffc0000000000000000000000000000000000000000 +B = 40000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffff80000000000000000000000000000000000000000 +B = 80000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffff00000000000000000000000000000000000000000 +B = 100000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffe00000000000000000000000000000000000000000 +B = 200000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffffc00000000000000000000000000000000000000000 +B = 400000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffff800000000000000000000000000000000000000000 +B = 800000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffff000000000000000000000000000000000000000000 +B = 1000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffe000000000000000000000000000000000000000000 +B = 2000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffffc000000000000000000000000000000000000000000 +B = 4000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffff8000000000000000000000000000000000000000000 +B = 8000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffff0000000000000000000000000000000000000000000 +B = 10000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffe0000000000000000000000000000000000000000000 +B = 20000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffffc0000000000000000000000000000000000000000000 +B = 40000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffff80000000000000000000000000000000000000000000 +B = 80000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffff00000000000000000000000000000000000000000000 +B = 100000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffe00000000000000000000000000000000000000000000 +B = 200000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffffc00000000000000000000000000000000000000000000 +B = 400000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffff800000000000000000000000000000000000000000000 +B = 800000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffff000000000000000000000000000000000000000000000 +B = 1000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffe000000000000000000000000000000000000000000000 +B = 2000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffffc000000000000000000000000000000000000000000000 +B = 4000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffff8000000000000000000000000000000000000000000000 +B = 8000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffff0000000000000000000000000000000000000000000000 +B = 10000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffe0000000000000000000000000000000000000000000000 +B = 20000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fffc0000000000000000000000000000000000000000000000 +B = 40000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fff80000000000000000000000000000000000000000000000 +B = 80000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fff00000000000000000000000000000000000000000000000 +B = 100000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffe00000000000000000000000000000000000000000000000 +B = 200000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ffc00000000000000000000000000000000000000000000000 +B = 400000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ff800000000000000000000000000000000000000000000000 +B = 800000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = ff000000000000000000000000000000000000000000000000 +B = 1000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fe000000000000000000000000000000000000000000000000 +B = 2000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = fc000000000000000000000000000000000000000000000000 +B = 4000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = f8000000000000000000000000000000000000000000000000 +B = 8000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = f0000000000000000000000000000000000000000000000000 +B = 10000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = e0000000000000000000000000000000000000000000000000 +B = 20000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = c0000000000000000000000000000000000000000000000000 +B = 40000000000000000000000000000000000000000000000000 + +Sum = 100000000000000000000000000000000000000000000000000 +A = 80000000000000000000000000000000000000000000000000 +B = 80000000000000000000000000000000000000000000000000 diff --git a/deps/openssl/openssl/test/recipes/15-test_dsa.t b/deps/openssl/openssl/test/recipes/15-test_dsa.t index 2fd236e875..6ef06af11b 100644 --- a/deps/openssl/openssl/test/recipes/15-test_dsa.t +++ b/deps/openssl/openssl/test/recipes/15-test_dsa.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -21,7 +21,7 @@ plan tests => 6; require_ok(srctop_file('test','recipes','tconversion.pl')); ok(run(test(["dsatest"])), "running dsatest"); -ok(run(test(["dsatest", "-app2_1"])), "running dsatest -app2_1"); +ok(run(test(["dsa_no_digest_size_test"])), "running dsa_no_digest_size_test"); SKIP: { skip "Skipping dsa conversion test", 3 diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam.t b/deps/openssl/openssl/test/recipes/15-test_ecparam.t new file mode 100644 index 0000000000..47a1a4f20c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam.t @@ -0,0 +1,34 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Glob; +use OpenSSL::Test qw/:DEFAULT data_file/; +use OpenSSL::Test::Utils; + +setup("test_ecparam"); + +plan skip_all => "EC isn't supported in this build" + if disabled("ec") || disabled("ec2m"); + +my @valid = glob(data_file("valid", "*.pem")); +my @invalid = glob(data_file("invalid", "*.pem")); + +plan tests => scalar @valid + scalar @invalid; + +foreach (@valid) { + ok(run(app([qw{openssl ecparam -noout -check -in}, $_]))); +} + +foreach (@invalid) { + ok(!run(app([qw{openssl ecparam -noout -check -in}, $_]))); +} diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/c2pnb208w1-reducible.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/c2pnb208w1-reducible.pem new file mode 100644 index 0000000000..915b58676b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/c2pnb208w1-reducible.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIGiAgEBMCUGByqGSM49AQIwGgICANAGCSqGSM49AQIDAzAJAgEBAgECAgE9MB8E +AQAEGshhntRaYuYhLhFgNJ4r+oREOfr8Kj/RY4+eBDUHSf375Kvhk9+VWezwesDO +eFVOJ4TrjB7RpXoPVbUaBueOmsOKA1/1INiwF4G+saa7CGF94wIZAQG6+VyXI8V7 +bCHaLv8tXtWIvdVxfiEvnQIDAP5I +-----END EC PARAMETERS----- + diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-nonprime.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-nonprime.pem new file mode 100644 index 0000000000..a06cf7a0bb --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-nonprime.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP////////// +/////jBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6 +k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+ +kARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK +fA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz +ucrC/GMlUQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-offcurve.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-offcurve.pem new file mode 100644 index 0000000000..d4df6ae6bf --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-offcurve.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP////////// +/////zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP//////////////+AQgWsY12Ko6 +k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+ +kARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK +fA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz +ucrC/GMlUQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-wrongorder.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-wrongorder.pem new file mode 100644 index 0000000000..315e68efd8 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/invalid/nistp256-wrongorder.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP////////// +/////zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6 +k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+ +kARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK +fA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz +ucrC/SMlUQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v1-explicit.pem new file mode 100644 index 0000000000..d7bc1c2cab --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIG3AgEBMCUGByqGSM49AQIwGgICAKMGCSqGSM49AQIDAzAJAgEBAgECAgEIMEQE +FQclRrVDUjSkIuB4lnX0MsiUNd5SQgQUyVF9BtUkDTz/OMdLILbNTW+d1NkDFQDS +wPsVdghg3vHu9NaW5naHVhUXVAQrBAevaZiVRhA9eTKfzD10iA8zu+gDywHsIyEb +WWat6h0/h/fqWEiu8LfKnwIVBAAAAAAAAAAAAAHmD8iCHMdNrq/BAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v1-named.pem new file mode 100644 index 0000000000..b69cdb0624 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v2-explicit.pem new file mode 100644 index 0000000000..130621998b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v2-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIG4AgEBMCUGByqGSM49AQIwGgICAKMGCSqGSM49AQIDAzAJAgEBAgECAgEIMEUE +FQEIs553xLEIvtmB7Q6JDhF8URzwcgQVBmes6zivTkiMQHQz/65PHIEWON8gAxUA +U4FMBQ1E1pbmdodWFRdYDKTin/0EKwQAJCZuTrUQbQqWTZLEhg4mcdubbMUHn2hN +32aExc0liziQAhsjht/Rn8UCFQP////////////99k3hFRrbt48QpwIBAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v2-named.pem new file mode 100644 index 0000000000..371f08cacf --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v3-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v3-explicit.pem new file mode 100644 index 0000000000..fe6a07b09c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v3-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIG4AgEBMCUGByqGSM49AQIwGgICAKMGCSqGSM49AQIDAzAJAgEBAgECAgEIMEUE +FQelJsY9PiWiVqAHaZ9UR+Mq5Fa1DgQVA/cGF5jrmeI4/W8b+VtI/utIVCUrAxUA +UMvx2VypTWluZ2h1YVF18Wo2o7gEKwQC+fh7fFdNC97PiiLmUkd1+YzevcsFuTVZ +DBVeF+pI6z/zcYuJPfWaBdACFQP////////////+Gu4UDxEK/5YTCQIBAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v3-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v3-named.pem new file mode 100644 index 0000000000..712f73c817 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb163v3-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAAw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb176v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb176v1-explicit.pem new file mode 100644 index 0000000000..9c362b0020 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb176v1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGnAgEBMCUGByqGSM49AQIwGgICALAGCSqGSM49AQIDAzAJAgEBAgECAgErMDAE +FuTm2ymVBlxAfZ05uNCWe5ZwS6jpyQsEFl3aRwq+ZBTejsEzrijpu9f87Arg//IE +LQSNFsKGZ5i2APnwi7So6GDzKYzgSleYb6RTnC2t3da6tRZ9YbQ24dkrsWpWLAIV +AQCSU3OX7KT2FFeZ1isKGc4G/iatAgMA/24= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb176v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb176v1-named.pem new file mode 100644 index 0000000000..76091177eb --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb176v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMABA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb208w1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb208w1-explicit.pem new file mode 100644 index 0000000000..88772e6209 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb208w1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGiAgEBMCUGByqGSM49AQIwGgICANAGCSqGSM49AQIDAzAJAgEBAgECAgFTMB8E +AQAEGshhntRaYuYhLhFgNJ4r+oREOfr8Kj/RY4+eBDUEif375Kvhk9+VWezwesDO +eFVOJ4TrjB7RpXoPVbUaBueOmsOKA1/1INiwF4G+saa7CGF94wIZAQG6+VyXI8V7 +bCHaLv8tXtWIvdVxfiEvnQIDAP5I +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb208w1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb208w1-named.pem new file mode 100644 index 0000000000..1bb91a2be3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb208w1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMACg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb272w1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb272w1-explicit.pem new file mode 100644 index 0000000000..02a433c074 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb272w1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHjAgEBMCUGByqGSM49AQIwGgICARAGCSqGSM49AQIDAzAJAgEBAgEDAgE4MEgE +IpGgkfA7X7pKssz0nE7dIg+wKHEtQr51KyxACU26zbWG+yAEInFn78krsuPOfIqq +/zThKpxVcAPXxzpvrwA/mfbMhILlQPcERQRhCLq7LO6894cFigVsvgz+Yi13I6KJ +4IoHrhPvDRDRcd2NEMdpVxaFHu9rp/aHLmFC+9JBuDD/Xvys7MqwXgIAXd6dIwIh +AQD69RNU4OOeSJLfbjGccsgWFgP6Rap7mYoWe48eYpUhAgMA/wY= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb272w1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb272w1-named.pem new file mode 100644 index 0000000000..d1117958f3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb272w1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAEA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb304w1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb304w1-explicit.pem new file mode 100644 index 0000000000..f11db414b9 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb304w1-explicit.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIH3AgEBMCUGByqGSM49AQIwGgICATAGCSqGSM49AQIDAzAJAgEBAgECAgELMFAE +Jv0NaTFJoRj2Uebc5oAghTd+X4gtG1ELRBYAdMEogHg2WgOWyOaBBCa925flVaUK +kI5DsBx5jqXapniPHqJ5Tvz1cWa4wUA5YB5VgnNAvgRNBBl7B4Rem+LZatsPXzx/ +LP+9ej64tv7DXH/Wfybd9ihaZE90CiYU4Z++t24NoXFRfs9AG1Aom/AUEDKIUnqb +QWoQXoAmC1Sf3BuSwDsCJQEB1VZXKqusgAEB1VZXKqusgAECLVyR3Rc/j7Vh2miZ +FkRDBR0CAwD+Lg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb304w1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb304w1-named.pem new file mode 100644 index 0000000000..282364e500 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb304w1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAEQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb368w1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb368w1-explicit.pem new file mode 100644 index 0000000000..19828f8072 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb368w1-explicit.pem @@ -0,0 +1,9 @@ +-----BEGIN EC PARAMETERS----- +MIIBHwIBATAlBgcqhkjOPQECMBoCAgFwBgkqhkjOPQECAwMwCQIBAQIBAgIBVTBg +BC7g0u4lCVIG9eKk+e0inx8lbnmg4rRVlw2NDYZb2Ud4xXbWLwq3UZzNKhqQauMN +BC78EhfUMgqQRSx2CljtzTDI3QabPDRFODejTtUMtUkX4cIRLYTRZPRE+PdHhgRq +BF0EEIXidVOB3MzjwVV6+hDC8MDCglZGxbNKOUy8+ovBayLn54npJ74hbwLh+xNq +X3s+sb3cumLV2LIFm1JXl/xzgixZBZxiOkX/OEPO6Ph80YVa2qgeKgdQuA/aIxAC +LQEAkFEtqa9ysINJ2Ypd1MewUy7KUc4D4tEPO3rFeb2H6QmuQKbxMenPzlvZZwID +AP9w +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb368w1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb368w1-named.pem new file mode 100644 index 0000000000..d971120963 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2pnb368w1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAEw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v1-explicit.pem new file mode 100644 index 0000000000..8b8c147e1a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIG/AgEBMB0GByqGSM49AQIwEgICAL8GCSqGSM49AQIDAgIBCTBLBBgoZlN7Z2dS +Y2po9WVU4SZAJ2tknvdSYmcEGC5F71cfAHhvZ7AIG5SVo9lUYvXeCqGF7AMVAE4T +ylQnRNaW5naHVhUXVS8nmoyEBDEENrPa+KIyBvnE8pnXshqcNpE38shK4aoNdlvn +NDOz+V4zKTLnDqJFyiQY6g75gBj7AhhAAAAAAAAAAAAAAAAEog6Qw5BnyJO7uaUC +AQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v1-named.pem new file mode 100644 index 0000000000..a8745e544b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMABQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v2-explicit.pem new file mode 100644 index 0000000000..6830246986 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v2-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIG/AgEBMB0GByqGSM49AQIwEgICAL8GCSqGSM49AQIDAgIBCTBLBBhAECh3TXd3 +x7dmbRNm6kMgcSdPif8B5xgEGAYgBI0ovL0DtiScmRgrfIzRlwDDYsRqAQMVAAhx +7y/vJNaW5naHVhUXWL7g2VwVBDEEOAmyt8wbKMxah5JqrYP9KHiegeLJ478QF0ND +hmJtFPPb8Bdg2SE6PhzzeuxDfWaKAhggAAAAAAAAAAAAAABQUIy4n2UoJOBrgXMC +AQQ= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v2-named.pem new file mode 100644 index 0000000000..85a7fe8aeb --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMABg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v3-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v3-explicit.pem new file mode 100644 index 0000000000..62d43cb4fa --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v3-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIG/AgEBMB0GByqGSM49AQIwEgICAL8GCSqGSM49AQIDAgIBCTBLBBhsAQdHVgmR +IiIQVpEcd9d+d6d35+fnf8sEGHH+Gvkmz4R5ie/vjbRZ9mOU2Q8yrT8V6AMVAOBT +US3GhNaW5naHVhUXUGeueG0fBDEEN11M4k/eQ0SJ3odG5xeGAVAJ5m44qSbdVFo5 +F2GWV12YWZk2bmrTTOCnfNcSewa+AhgVVVVVVVVVVVVVVVVhDAsZaBK/tiiKPqMC +AQY= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v3-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v3-named.pem new file mode 100644 index 0000000000..5131440fc9 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb191v3-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMABw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v1-explicit.pem new file mode 100644 index 0000000000..c66246bd2b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHdAgEBMB0GByqGSM49AQIwEgICAO8GCSqGSM49AQIDAgIBJDBXBB4yAQhXB3xU +MRI6RrgIkGdW9UNCPo0nh3V4Eld4rHYEHnkECPLu2vOSsBLt77M5LzD0MnwMo/Mf +w4PEIqqMFgMVANNLmk1pbmdodWFRdcpxuSC/77BdBD0EV5JwmPqTLnwKltP9W3Bu +9+X1wVbha358hgOFUukdYdjuUHfDP+z28aFrJo3kacPHdE6pqXFkn8epYWMFAh4g +AAAAAAAAAAAAAAAAAAAPTUL/4UkqSZPxytZm5EcCAQQ= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v1-named.pem new file mode 100644 index 0000000000..68bfd3fed9 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMACw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v2-explicit.pem new file mode 100644 index 0000000000..862b027ce0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v2-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHdAgEBMB0GByqGSM49AQIwEgICAO8GCSqGSM49AQIDAgIBJDBXBB5CMAF3V6dn ++uQjmFabdGMl1FMTrwdmJmR5t1ZU5l8EHlA36mVBls/wzYKywUovzy4/+HdShbVF +ci8D6s23SwMVACqmmC/fpNaW5naHVhUXXSZnJyd9BD0EKPnQTpAAacjcR6CFNP52 +0rkAt9fvMfVwnyAMTKIFVmczTEWv87WgO62d114scamTYlZ9VFP3+m4ifsgzAh4V +VVVVVVVVVVVVVVVVVVU8byiFJZwx4/zfFUYkUi0CAQY= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v2-named.pem new file mode 100644 index 0000000000..15e84078b1 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMADA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v3-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v3-explicit.pem new file mode 100644 index 0000000000..2b0ca1e4ab --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v3-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHdAgEBMB0GByqGSM49AQIwEgICAO8GCSqGSM49AQIDAgIBJDBXBB4BI4d0Zmpn +dm1mdvd45na2aZkXZmbmh2Zth2bGap8EHmqUGXe6n2pDUZms/FEGftWH9RnF7LVB +uORBEd4dQAMVAJ4Hb01pbmdodWFRdeEen913+SBBBD0EcPbp0E0onE6JkTzjUwv9 +6QOXfUKxRtU5vxveTpySLloOr25eEwW5AE3OXA7X/lmjVgjzODfIFtgLefRhAh4M +zMzMzMzMzMzMzMzMzMysSRLS2d+QPvmIi4oOTP8CAQo= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v3-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v3-named.pem new file mode 100644 index 0000000000..dd33a5ff4e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb239v3-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMADQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb359v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb359v1-explicit.pem new file mode 100644 index 0000000000..0b548ee441 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb359v1-explicit.pem @@ -0,0 +1,9 @@ +-----BEGIN EC PARAMETERS----- +MIIBKAIBATAdBgcqhkjOPQECMBICAgFnBgkqhkjOPQECAwICAUQwdQQtVmdnamVL +IHVPNW6pIBfZRlZ8RmdVVvGVVqBGFrVn0iOl4FZW+1SQFqlmVqVXBC0kcuLQGXxJ +Nj8f5/W22wddUraUfRNdjKRFgF05vDRWJgiWh3QrYynnBoAjGYgDFQArNUkgtyTW +luZ2h1YVF1hboTMtxgRbBDwljvMEd2fn7eDx/ap52u44QTZqEy4WOs7U7SQB35xr +3N6Y6OcHwHoiObGwl1PX4IUpVHBIEh6clfN5HdgEljlI80+ue/ROqCNl3Hho/lfk +ri3iETBaQHEEvQItAa8oa8oa8oa8oa8oa8oa8oa8oa8oa8n7j2uFxVaJLCCn65ZP +53GedPSQdY07AgFM +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb359v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb359v1-named.pem new file mode 100644 index 0000000000..d8a6e5e271 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb359v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAEg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb431r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb431r1-explicit.pem new file mode 100644 index 0000000000..1b139de32e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb431r1-explicit.pem @@ -0,0 +1,9 @@ +-----BEGIN EC PARAMETERS----- +MIIBPgIBATAdBgcqhkjOPQECMBICAgGvBgkqhkjOPQECAwICAXgwcAQ2GoJ+8A3W +/A4jTK8EbGpdioU5WyNsxK0s8yoMrb3J3fYgsOuZBtCVf2xv6s1hVGjfEE3ils2P +BDYQ2bSj2QR9ixVDWav7G39UhbBM64aCN93J3tqYKmeaWpGbYm1OUKjdcxsQepli +OB+12Ae/JhgEbQQSD8BdPGepneFh0vQJJiL+ynAb5PUPR1hxToqHu/KmWO+MIefF +7+llNh9sKZnAwkew29cM5rcg0K+JA6lvjV+iwlV0XTxFGzAsk0bZt+SF57zkH2tZ +Hz6Pat3LsLxML5R6feGom2JdalmLN2ACNQNANANANANANANANANANANANANANANA +NANANAMjwxP6tQWJcDtexo01h/7GDRYcwUnBrUqRAgInYA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb431r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb431r1-named.pem new file mode 100644 index 0000000000..078c73a90f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/c2tnb431r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMAFA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v1-explicit.pem new file mode 100644 index 0000000000..6c6427da5b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHHAgEBMCQGByqGSM49AQECGQD////////////////////+//////////8wSwQY +/////////////////////v/////////8BBhkIQUZ5ZyA5w+n6atyJDBJ/rje7MFG +ubEDFQAwRa5vyEIvZO1XlSjTgSDq4SGW1QQxBBiNqA6wMJD2fL8g60OhiAD0/wr9 +gv8QEgcZK5X/yNp4YxAR7WskzdVz+XehHnlIEQIZAP///////////////5ne+DYU +a8mxtNIoMQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v1-named.pem new file mode 100644 index 0000000000..0a9dd4ed62 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v2-explicit.pem new file mode 100644 index 0000000000..32a580d3b5 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v2-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHHAgEBMCQGByqGSM49AQECGQD////////////////////+//////////8wSwQY +/////////////////////v/////////8BBjMItbfuVxrJeScDWNkpOWYDDk6ohZo +2VMDFQAxqS7iAp/RDZAbET6ZBxDw0hrGtgQxBO6iuufhSXhC8t53ac/pyYnAcq1p +b0gDSmV00R1ptux6Zyu4Kgg98vKwhH3pcLLeFQIZAP///////////////l+xpyTc +gEGGSNjdMQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v2-named.pem new file mode 100644 index 0000000000..6bd311f1ca --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v3-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v3-explicit.pem new file mode 100644 index 0000000000..f38e9d95a6 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v3-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHHAgEBMCQGByqGSM49AQECGQD////////////////////+//////////8wSwQY +/////////////////////v/////////8BBgiEj3COVoFyqdCPa7MyUdgp9RiJWvV +aRYDFQDEaWhENd6zeMS2XKlZHipXYwWaLgQxBH0pd4EAxlodoXg3FliNziuLSu6O +Io8YljipDyJjczczS0nctmptyPmXisp2SKlDsAIZAP///////////////3pi0DHI +P0KU9kDsEwIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v3-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v3-named.pem new file mode 100644 index 0000000000..ebdea34f39 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime192v3-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBAw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v1-explicit.pem new file mode 100644 index 0000000000..1795f2391b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHpAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAAAAAH////// +/zBXBB5///////////////9///////+AAAAAAAB///////wEHmsBbDvc8YlB0NZU +khR1ynGp2y+yfR03eWGFwpQsCgMVAOQ7tGDwuAzAwLB1eY6UgGD4Mht9BD0ED/qW +PNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvfevo5OkKXa5uQFTKUwugRlSzaBjO +Ims5/Mt7AvGuAh5///////////////9///+eXpqfXZBx+9FSJoiQnQsCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v1-named.pem new file mode 100644 index 0000000000..32d2c92d68 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v2-explicit.pem new file mode 100644 index 0000000000..d7b7c2d390 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v2-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHpAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAAAAAH////// +/zBXBB5///////////////9///////+AAAAAAAB///////wEHmF/q2gyV2y7/tUN +mfAknD/uWLlLoAOMeuhMjIMvLAMVAOi0ARYECVMDyjuAmZgr4J/LmuYWBD0EOK8J +2YcncFEgySG7Xp4mKWo83PLzV1eg6v2HuDDnWwEl5NvqDscgbaD8AdmwgTKftVXe +bvRgI33/i+S6Ah5///////////////+AAADPp+hZQ3fUFMA4IbxYIGMCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v2-named.pem new file mode 100644 index 0000000000..b673ca7d01 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v3-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v3-explicit.pem new file mode 100644 index 0000000000..bf488d9ccc --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v3-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHpAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAAAAAH////// +/zBXBB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZUsfTL +A9anUKMMJQEC1JiHF9m6FattPgMVAH1zdBaP/jRxtgqFdoahlHXTv6L/BD0EZ2iu +jhi7ks/PAFyUmqLG2UhT0OZgu/hUsclQX+laFgfmiY85DAa8HVUrrSJvO2/P5Itu +gYSZrxjj7WzzAh5///////////////9///+XXetBs6YFfDxDIUZSZVECAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v3-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v3-named.pem new file mode 100644 index 0000000000..082f731ea0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime239v3-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime256v1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime256v1-explicit.pem new file mode 100644 index 0000000000..4419839f48 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime256v1-explicit.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP////////// +/////zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6 +k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+ +kARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK +fA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz +ucrC/GMlUQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime256v1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime256v1-named.pem new file mode 100644 index 0000000000..a76e47d959 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/prime256v1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r1-explicit.pem new file mode 100644 index 0000000000..2c97cb413c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r1-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGLAgEBMBoGByqGSM49AQECDwDbfCq/YuNeZoB2vq0gizA3BA7bfCq/YuNeZoB2 +vq0giAQOZZ74ugQ5Fu7eiRFwKyIDFQAA9QsCjk1pbmdodWFRdSkEcng/sQQdBAlI +cjmZWl7na1X5wvCYqJzlr4ckwKI+Dg/3dQACDwDbfCq/YuNedijfrGVhxQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r1-named.pem new file mode 100644 index 0000000000..5b7a770c15 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQABg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r2-explicit.pem new file mode 100644 index 0000000000..927ac3a828 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r2-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGKAgEBMBoGByqGSM49AQECDwDbfCq/YuNeZoB2vq0gizA3BA5hJ8JMBfOKCqr2 +XA7wLAQOUd7xgV217XT8w0yF1wkDFQAAJ1ehEU1pbmdodWFRdVMWwF4L1AQdBEuj +CrXokrThZJ3QkoZDrc1G9YguN0fe826VbpcCDjbfCq/YuNdZfKEFINBLAgEE +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r2-named.pem new file mode 100644 index 0000000000..dfaed7480b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp112r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQABw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r1-explicit.pem new file mode 100644 index 0000000000..93732d63bf --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGXAgEBMBwGByqGSM49AQECEQD////9////////////////MDsEEP////3///// +//////////wEEOh1ecEQefQ92CSZPCzuXtMDFQAADg1NaW5naHVhUXUMwDpEc9A2 +eQQhBBYf91KLiZstDChgfKUsW4bPWsg5W6/rE8AtopLd7XqDAhEA/////gAAAAB1 +ow0bkDihFQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r1-named.pem new file mode 100644 index 0000000000..bcf16a01a4 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAHA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r2-explicit.pem new file mode 100644 index 0000000000..2bcbebcb9b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r2-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGWAgEBMBwGByqGSM49AQECEQD////9////////////////MDsEENYDGZjRs7v+ +v1nMm7/5ruEEEF7u/KOA0CkZ3CxlWLttil0DFQAATWluZ2h1YVF1EtjwNDH85juI +9AQhBHtqpdheVymD5vsyp83rwUAntpFqiU067nEG/oBfw0tEAhA/////f////74A +JHIGE7WjAgEE +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r2-named.pem new file mode 100644 index 0000000000..3d1a30f57d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp128r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAHQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160k1-explicit.pem new file mode 100644 index 0000000000..de0464ce18 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160k1-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MHICAQEwIAYHKoZIzj0BAQIVAP////////////////////7//6xzMAYEAQAEAQcE +KQQ7TDgs43qhkqQBnnYwNvT13U1+u5OM+TUxj9zta8KChlMXM8PwPE/uAhUBAAAA +AAAAAAAAAbj6Ft+rmsoWtrMCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160k1-named.pem new file mode 100644 index 0000000000..2029fed02a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQACQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r1-explicit.pem new file mode 100644 index 0000000000..6ddb9c4e46 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGvAgEBMCAGByqGSM49AQECFQD/////////////////////f////zBDBBT///// +////////////////f////AQUHJe+/FS9eotlrPifgdTUrcVl+kUDFQAQU83kLBTW +luZ2h1YVF1M78/gzRQQpBEqWtWiO9XMoRmRpiWjDi7kTy/yCI6YoVTFolH1Z3MkS +BCNRN3rF+zICFQEAAAAAAAAAAAAB9Mj5J67TynUiVwIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r1-named.pem new file mode 100644 index 0000000000..3546d99574 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQACA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r2-explicit.pem new file mode 100644 index 0000000000..120728ae7e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r2-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGvAgEBMCAGByqGSM49AQECFQD////////////////////+//+sczBDBBT///// +///////////////+//+scAQUtOE00/tZ64urVydJBGZNWvUDiLoDFQC5m5mwmbMj +4CcJpNaW5naHVhUXUQQpBFLcsDQpOhF+H0/xGzD3GZ0xRM5t/q/+8uMx8pbgcfoN ++Zgs/qfUPy4CFQEAAAAAAAAAAAAANR7nhqgY86GhawIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r2-named.pem new file mode 100644 index 0000000000..fc9f9670b6 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp160r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAHg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp192k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp192k1-explicit.pem new file mode 100644 index 0000000000..0b58fcf3b0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp192k1-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGCAgEBMCQGByqGSM49AQECGQD//////////////////////////v//7jcwBgQB +AAQBAwQxBNtP8Q7AV+muJrB9AoC39DQdpdGx6uBsfZsvL22cViinhEFj0BW+hjRA +gqqI2V4vnQIZAP///////////////iby/BcPaUZqdN79jQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp192k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp192k1-named.pem new file mode 100644 index 0000000000..4f9fc32de2 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp192k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAHw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224k1-explicit.pem new file mode 100644 index 0000000000..76ac8ed02f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224k1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGSAgEBMCgGByqGSM49AQECHQD///////////////////////////////7//+Vt +MAYEAQAEAQUEOQShRVszTfCZ3zD8KKFppGfp5HB1qQ9+ZQ62t6Rcfgif7X+6NEKC +yvvW9+MZ98CwvVniykvbVW1hpQIdAQAAAAAAAAAAAAAAAAAB3OjS7GGEyvCpcXaf +sfcCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224k1-named.pem new file mode 100644 index 0000000000..aba6bf93f0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAIA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224r1-explicit.pem new file mode 100644 index 0000000000..17baec7a48 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224r1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHfAgEBMCgGByqGSM49AQECHQD/////////////////////AAAAAAAAAAAAAAAB +MFMEHP////////////////////7///////////////4EHLQFCoUMBLOr9UEyVlBE +sLfXv9i6Jws5QyNV/7QDFQC9cTRHmdXH/NxFtZ+juauPapSLxQQ5BLcODL1rtL9/ +MhOQuUoDwdNWwhEiNDKA1hFcHSG9N2OItfcj+0wi3+bNQ3WgWgdHZETVgZmFAH40 +Ah0A//////////////////8WouC48D4T3SlFXFwqPQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224r1-named.pem new file mode 100644 index 0000000000..9728ddda99 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp224r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAIQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp256k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp256k1-explicit.pem new file mode 100644 index 0000000000..72f7f06ad3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp256k1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGiAgEBMCwGByqGSM49AQECIQD////////////////////////////////////+ +///8LzAGBAEABAEHBEEEeb5mfvncu6xVoGKVzocLBwKb/NstzijZWfKBWxb4F5hI +Otp3JqPEZV2k+/wOEQio/Re0SKaFVBmcR9CP+xDUuAIhAP////////////////// +//66rtzmr0igO7/SXozQNkFBAgEB +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp256k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp256k1-named.pem new file mode 100644 index 0000000000..32d952ea91 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp256k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQACg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp384r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp384r1-explicit.pem new file mode 100644 index 0000000000..8f5598ed05 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp384r1-explicit.pem @@ -0,0 +1,10 @@ +-----BEGIN EC PARAMETERS----- +MIIBVwIBATA8BgcqhkjOPQEBAjEA//////////////////////////////////// +//////7/////AAAAAAAAAAD/////MHsEMP////////////////////////////// +///////////+/////wAAAAAAAAAA/////AQwszEvp+I+5+SYjgVr4/gtGRgdnG7+ +gUESAxQIj1ATh1rGVjmNii7RnSqFyO3T7CrvAxUAozWSaqMZonodAIlqZ3OkgnrN +rHMEYQSqh8oivosFN46xxx7zIK10bh07Younm5hZ90HgglQqOFUC8l2/VSlsOlRe +OHJ2Crc2F95KliYsb12emL+Sktwp+PQdvSiaFHzp2jETtfC4wApgsc4dfoGdekMd +fJDqDl8CMQD////////////////////////////////HY02B9Dct31gaDbJIsKd6 +7OwZaszFKXMCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp384r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp384r1-named.pem new file mode 100644 index 0000000000..ceed209a52 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp384r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAIg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp521r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp521r1-explicit.pem new file mode 100644 index 0000000000..f92a1211b9 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp521r1-explicit.pem @@ -0,0 +1,12 @@ +-----BEGIN EC PARAMETERS----- +MIIBwgIBATBNBgcqhkjOPQEBAkIB//////////////////////////////////// +//////////////////////////////////////////////////8wgZ4EQgH///// +//////////////////////////////////////////////////////////////// +/////////////////ARBUZU+uWGOHJofkpohoLaFQO6i2nJbmbMV87i0iZGO8Qnh +Vhk5Uex+k3sWUsC9O7G/BzVz34g9LDTx70Uf1GtQPwADFQDQnogAKRy4U5bMZxc5 +MoSqoNpkugSBhQQAxoWOBrcEBOnNnj7LZiOVtEKcZIE5BT+1Ifgor2BrTT26oUte +d+/nWSj+HcEnov+o3jNIs8GFakKb+X5+McLlvWYBGDkpaniaO8AEXIpftCx9G9mY +9URJV5tEaBevvRcnPmYsl+5ymV70JkDFULkBP60HYTU8cIaicsJAiL6Udp/RZlAC +QgH///////////////////////////////////////////pRhoeDvy+Wa3/MAUj3 +CaXQO7XJuImcR667b7cekThkCQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp521r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp521r1-named.pem new file mode 100644 index 0000000000..cdca78c8e2 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/secp521r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAIw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r1-explicit.pem new file mode 100644 index 0000000000..2cd45a8c4f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGPAgEBMBwGByqGSM49AQIwEQIBcQYJKoZIzj0BAgMCAgEJMDcEDjCIJQym58f+ +ZJzoWCD3BA7ovuTT4iYHRBiL4OnHIwMVABDnI6sU1pbmdodWFRdW/r+Py0mpBB8E +AJ1zYW819KsUB9c1YsEPAKUoMCd5WO6E0TFe0xiGAg8BAAAAAAAAANnM7Io55W8C +AQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r1-named.pem new file mode 100644 index 0000000000..f39d6cad8f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQABA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r2-explicit.pem new file mode 100644 index 0000000000..4fca872b48 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r2-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGPAgEBMBwGByqGSM49AQIwEQIBcQYJKoZIzj0BAgMCAgEJMDcEDmiZGNvsfloN +1t/AqlXHBA6V6ansmyl71L824FkYTwMVABDA+xV2CGDe8e701pbmdodWFRddBB8E +AaV6ansmyl71L824FkeXALOtyU7R/mdMBuaVurodAg8BAAAAAAAAAQh4mySWr5MC +AQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r2-named.pem new file mode 100644 index 0000000000..c27c9c58c7 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect113r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQABQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r1-explicit.pem new file mode 100644 index 0000000000..cc8264cbf3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGkAgEBMCUGByqGSM49AQIwGgICAIMGCSqGSM49AQIDAzAJAgECAgEDAgEIMD0E +EQehGwmna1YhREGP8/+MJXC4BBECF8BWEIhLY7nGxykWePnTQQMVAE1pbmdodWFR +dZhb06262iG0OpfiBCMEAIG6+R/fmDPED5wYE0Njg5kHjG5+o4wAH3PIE0sbTvnh +UAIRBAAAAAAAAAACMSOVOpRktU0CAQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r1-named.pem new file mode 100644 index 0000000000..4aa4244ca8 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAFg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r2-explicit.pem new file mode 100644 index 0000000000..2bfb918bb4 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r2-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGkAgEBMCUGByqGSM49AQIwGgICAIMGCSqGSM49AQIDAzAJAgECAgEDAgEIMD0E +EQPlqIkZ18r8v0FfB8IXZXOyBBEEuCZqRsVWV6xzTOOPAY8hkgMVAJhb06261NaW +5naHVhUXWiG0OpfjBCMEA1bc2PL5UDGtZS0jlRuzZqgGSPBthnlApTZtniZd6esk +DwIRBAAAAAAAAAABaVSiMwSbqY8CAQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r2-named.pem new file mode 100644 index 0000000000..c9c2a7c30d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect131r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAFw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163k1-explicit.pem new file mode 100644 index 0000000000..3438927e61 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163k1-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MHkCAQEwJQYHKoZIzj0BAjAaAgIAowYJKoZIzj0BAgMDMAkCAQMCAQYCAQcwBgQB +AQQBAQQrBAL+E8BTe7wRrKoH15PeTm1eXJTu6AKJBw+wXTj/WDIfLoAFNtU4zNqj +2QIVBAAAAAAAAAAAAAIBCKLgzA2Z+KXvAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163k1-named.pem new file mode 100644 index 0000000000..d9ae41c97b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r1-explicit.pem new file mode 100644 index 0000000000..78320dc9fc --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGhAgEBMCUGByqGSM49AQIwGgICAKMGCSqGSM49AQIDAzAJAgEDAgEGAgEHMC4E +FQe2iCyq76hPlVT/hCi9iOJG0ngq4gQVBxNhLc3ctAqrlGvaKcqR9zr5WK/ZBCsE +A2mXlperQ4l3iVZniVZ/eHp4dqZUAENe20Lvr7KYnVH+/OPICYj0H/iDAhUD//// +/////////0iqtonCnKcQJ5sCAQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r1-named.pem new file mode 100644 index 0000000000..45dbad0ddd --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r2-explicit.pem new file mode 100644 index 0000000000..817155013b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r2-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGNAgEBMCUGByqGSM49AQIwGgICAKMGCSqGSM49AQIDAzAJAgEDAgEGAgEHMBoE +AQEEFQIKYBkHuMlTyhSB6xBRL3h0SjIF/QQrBAPw66FihqLVfqCZEWjUmUY36DQ+ +NgDVH7xscaAJT6LN1UWxHFwMeXMk8QIVBAAAAAAAAAAAAAKS/nfnDBKkI0wzAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r2-named.pem new file mode 100644 index 0000000000..ecf7a7124e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect163r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQADw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r1-explicit.pem new file mode 100644 index 0000000000..93d166dc34 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHCAgEBMB0GByqGSM49AQIwEgICAMEGCSqGSM49AQIDAgIBDzBLBBgXhY/repiX +UWnhcfd7QIfeCYrIqRHfewEEGP37Sb/mw6ifrK2qeh5bvHzBwuXYMUeIFAMVABA/ +rsdNaW5naHVhUXV3f8Wxke8wBDMEAfSBvF8P+Ep0rWzfb970v2F5YlNy2MDF4QAl +45nykDcSzPPqnjoa0X+wsyAbavfOGwUCGQEAAAAAAAAAAAAAAADH80p3j0Q6zJIO +ukkCAQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r1-named.pem new file mode 100644 index 0000000000..4fe58aa048 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAGA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r2-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r2-explicit.pem new file mode 100644 index 0000000000..3e96cc77bf --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r2-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHDAgEBMB0GByqGSM49AQIwEgICAMEGCSqGSM49AQIDAgIBDzBMBBkBY/NaUTfC +zj6m7YZnGQsLxD7NaZd3AnCbBBjJu56JJ9TWTDd+KrKFalsW4++39h1DFq4DFQAQ +t7TWluZ2h1YVF1E3yKFv0NoiEQQzBADZtn0ZLgNnyAPznhp+gsoUplE1Cq5hfo8B +zpQzVgfDBKwp59772coB9Zb5JyJM3s9sAhkBAAAAAAAAAAAAAAABWqtWGwBUE8zU +7pnVAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r2-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r2-named.pem new file mode 100644 index 0000000000..0c2956b22a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect193r2-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAGQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233k1-explicit.pem new file mode 100644 index 0000000000..d318fcb8c0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233k1-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGMAgEBMB0GByqGSM49AQIwEgICAOkGCSqGSM49AQIDAgIBSjAGBAEABAEBBD0E +AXIyuoU6fnMa8SnyL/QUlWOkGcJr9QpMnW7vrWEmAdtTfezoGbf3D1VaZ8QnqM2b +8Yrrm1bgwRBW+uajAh4AgAAAAAAAAAAAAAAAAAAGnVu5FbzUbvsa1fFzq98CAQQ= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233k1-named.pem new file mode 100644 index 0000000000..97be94b254 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAGg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233r1-explicit.pem new file mode 100644 index 0000000000..c6da580866 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233r1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIG/AgEBMB0GByqGSM49AQIwEgICAOkGCSqGSM49AQIDAgIBSjA5BAEBBB1mZH7e +bDMsf4wJI7tYITszOyDpzkKB/hFffY+QrQMVAHTVn/B/a0E9DqFLNEsgotsEm1DD +BD0EAPrJ38usgxO7ITnxu3Vf72W8OR+LNvj463Nx/VWLAQBqCKQZAzUGeOWFKL6/ +igvv+GenyjZxb34B+BBSAh4BAAAAAAAAAAAAAAAAAAAT6XTnL4ppIgMdJgPP4NcC +AQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233r1-named.pem new file mode 100644 index 0000000000..ba065e7ed4 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect233r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAGw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect239k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect239k1-explicit.pem new file mode 100644 index 0000000000..8e23a4c87e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect239k1-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGNAgEBMB4GByqGSM49AQIwEwICAO8GCSqGSM49AQIDAgICAJ4wBgQBAAQBAQQ9 +BCmgtqiHqYPpcwmIpocnqLLRJsRMwsx7KmVVGTA13HYxCATxLlSb2wEcEDCJ5zUQ +rLJ1/DEqXca3ZVPwygIeIAAAAAAAAAAAAAAAAAAAWnn+xny26R8cHagA5HilAgEE +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect239k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect239k1-named.pem new file mode 100644 index 0000000000..9f26dd8ab7 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect239k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAAw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283k1-explicit.pem new file mode 100644 index 0000000000..5ebcb8620d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283k1-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGmAgEBMCUGByqGSM49AQIwGgICARsGCSqGSM49AQIDAzAJAgEFAgEHAgEMMAYE +AQAEAQEESQQFAyE/eMpEiD8aO4Fi8YjlU80mXyPBVnoWh2kTsMKsJFhJKDYBzNo4 +DxyeMY2Q+V0H5UJv6H5FwOgYRpjkWWI2TjQRYXfdIlkCJAH///////////////// +/////+muLtB1dyZd/3+URR4GHhY8YQIBBA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283k1-named.pem new file mode 100644 index 0000000000..8ab88df209 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAEA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283r1-explicit.pem new file mode 100644 index 0000000000..f1fffd5c12 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283r1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHgAgEBMCUGByqGSM49AQIwGgICARsGCSqGSM49AQIDAzAJAgEFAgEHAgEMMEAE +AQEEJAJ7aArIuFltpaSvihmgMD/Kl/12RTCfoqWBSFr2Jj4xO3mi9QMVAHfisHNw +6w+DKm3Vti38iM0Gu4S+BEkEBfk5JY233ZDhk0+McLDf7C7tJbhVfqycgOLhmPjN +vs2GsSBTA2doVP4kFBy5j+bUsg0CtFFv9wI1Dt2wgmd5yBPw30W+gRL0AiQD//// +///////////////////vkDmWYPyTipAWWwQqfO+tswcCAQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283r1-named.pem new file mode 100644 index 0000000000..527459c3f5 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect283r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAEQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409k1-explicit.pem new file mode 100644 index 0000000000..e781a6e87e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409k1-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHNAgEBMB0GByqGSM49AQIwEgICAZkGCSqGSM49AQIDAgIBVzAGBAEABAEBBGkE +AGDwX2WPScGtOrGJD3GEIQ79CYfjB8hMJ6zPuPn2fMLEYBietaqqYu4iLrGzVUDP +6QI3RgHjaQULfE5CrLodrL8EKZw0YHgvkY6kJ+YyUWXp6hDj2l9sQunFUhWqnKJ6 +WGPsSNjgKGsCM3/////////////////////////////////+X4Oy1OogQA7EVX1e +0+PnyltLXIO44B5fzwIBBA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409k1-named.pem new file mode 100644 index 0000000000..ef4c82e008 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAJA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409r1-explicit.pem new file mode 100644 index 0000000000..937ce1bd4c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409r1-explicit.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIIBFwIBATAdBgcqhkjOPQECMBICAgGZBgkqhkjOPQECAwICAVcwTwQBAQQzIaXC +yO6f61xLmnU7e0drf9ZCLvHz3WdHYfqZ1qwnyKmhl7Jygi9s1XpVqk9QrjF7E1Rf +AxUAQJm1pFf51p95IT0JTEvNTUJiIQsEaQQBXUhg0Ijds0lrDGBkdWJgRBzeSvF3 +HU2wH/5bNOWXA9wlWoaKEYBRVgOuq2B5TlS7eZanAGGxz6tr5fMrv6eDJO0QanY2 +ucWnvRmNAViqT1SI0I84UU8f30tPQNIYGzaBw2S6AnPHBgI0AQAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAB4qrWphLzMwe+X6R8PJ4FL4OBZM032aIRcwIBAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409r1-named.pem new file mode 100644 index 0000000000..5ef828d71d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect409r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAJQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571k1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571k1-explicit.pem new file mode 100644 index 0000000000..32119057ad --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571k1-explicit.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +MIIBEwIBATAlBgcqhkjOPQECMBoCAgI7BgkqhkjOPQECAwMwCQIBAgIBBQIBCjAG +BAEABAEBBIGRBAJut6hZkj+8ghiWMfgQP+SsnKKXABLV1GAkgEgBhBykQ3CVhJOy +BeZH2jBNtM6wjLvRujlJR3b7mItHF03KiMfilFKDoByJcgNJ3IB/T783T0rq3jvK +lTFN1YzsnzB6VP/GHvwAbYosnUl5wKxErqdPvru593Ku3LYgsBp7p68bMgQwyFkZ +hPYBzUwUPvHHowJIAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +ExhQ4fGaY+SzkajbkX9BOLYw2Evl1jk4HpHetFz+d49jfBABAgEE +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571k1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571k1-named.pem new file mode 100644 index 0000000000..9804e9cfcf --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571k1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAJg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571r1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571r1-explicit.pem new file mode 100644 index 0000000000..b81ab3c78e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571r1-explicit.pem @@ -0,0 +1,10 @@ +-----BEGIN EC PARAMETERS----- +MIIBcQIBATAlBgcqhkjOPQECMBoCAgI7BgkqhkjOPQECAwMwCQIBAgIBBQIBCjBk +BAEBBEgC9A5+IiHyld4pcRe389YvXGqX/8uM7/HNa6jOSpoYrYT/q72O+lkzK+et +Z1ambilK/RhaeP8SqlIOTec5usoMf/7/fylVcnoDFQAqoFj3Og4zq0hrD2EEEMU6 +fxMjEASBkQQDAwAdNLhWKWwWwNQNPNd1CpPR0pVfqAql9A/I23sqvb3lOVD0wNKT +zdcRo1tn+xSZrmADhhTxOUq/o7TIUNkn4ed2nI7sLRkDe/JzQtpjm23M//63PWnX +jGwnpgCcu8oZgPhTOSHopoRCPkO6sIpXYpGvj0YbsqizUx0vBIXBmxbi8VFuI908 +GkgnrxuKwVsCSAP//////////////////////////////////////////////+Zh +zhj/VZhzCAWbGGgjhR7H3ZyhFh3pPVF01m6Dgum7L+hORwIBAg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571r1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571r1-named.pem new file mode 100644 index 0000000000..20b18d6eba --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/sect571r1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgUrgQQAJw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls1-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls1-explicit.pem new file mode 100644 index 0000000000..5da128a99c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls1-explicit.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PARAMETERS----- +MF4CAQEwHAYHKoZIzj0BAjARAgFxBgkqhkjOPQECAwICAQkwBgQBAQQBAQQfBAFm +eXmkC6SX5dXCcHgGFwD0S0rx7MJjDgh4XOvMFQIPAP/////////9v5GvbepzAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls1-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls1-named.pem new file mode 100644 index 0000000000..c327f6f069 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls1-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls10-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls10-explicit.pem new file mode 100644 index 0000000000..d318fcb8c0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls10-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGMAgEBMB0GByqGSM49AQIwEgICAOkGCSqGSM49AQIDAgIBSjAGBAEABAEBBD0E +AXIyuoU6fnMa8SnyL/QUlWOkGcJr9QpMnW7vrWEmAdtTfezoGbf3D1VaZ8QnqM2b +8Yrrm1bgwRBW+uajAh4AgAAAAAAAAAAAAAAAAAAGnVu5FbzUbvsa1fFzq98CAQQ= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls10-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls10-named.pem new file mode 100644 index 0000000000..05ed402101 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls10-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEECg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls11-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls11-explicit.pem new file mode 100644 index 0000000000..c6da580866 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls11-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIG/AgEBMB0GByqGSM49AQIwEgICAOkGCSqGSM49AQIDAgIBSjA5BAEBBB1mZH7e +bDMsf4wJI7tYITszOyDpzkKB/hFffY+QrQMVAHTVn/B/a0E9DqFLNEsgotsEm1DD +BD0EAPrJ38usgxO7ITnxu3Vf72W8OR+LNvj463Nx/VWLAQBqCKQZAzUGeOWFKL6/ +igvv+GenyjZxb34B+BBSAh4BAAAAAAAAAAAAAAAAAAAT6XTnL4ppIgMdJgPP4NcC +AQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls11-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls11-named.pem new file mode 100644 index 0000000000..247ba8216e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls11-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEECw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls12-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls12-explicit.pem new file mode 100644 index 0000000000..355fd5b09a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls12-explicit.pem @@ -0,0 +1,7 @@ +-----BEGIN EC PARAMETERS----- +MIHIAgEBMCgGByqGSM49AQECHQD/////////////////////AAAAAAAAAAAAAAAB +MDwEHP////////////////////7///////////////4EHLQFCoUMBLOr9UEyVlBE +sLfXv9i6Jws5QyNV/7QEOQS3Dgy9a7S/fzITkLlKA8HTVsIRIjQygNYRXB0hvTdj +iLX3I/tMIt/mzUN1oFoHR2RE1YGZhQB+NAIdAP//////////////////FqLguPA+ +E90pRVxcKj0CAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls12-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls12-named.pem new file mode 100644 index 0000000000..afc6bd7e17 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls12-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEDA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls3-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls3-explicit.pem new file mode 100644 index 0000000000..3438927e61 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls3-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MHkCAQEwJQYHKoZIzj0BAjAaAgIAowYJKoZIzj0BAgMDMAkCAQMCAQYCAQcwBgQB +AQQBAQQrBAL+E8BTe7wRrKoH15PeTm1eXJTu6AKJBw+wXTj/WDIfLoAFNtU4zNqj +2QIVBAAAAAAAAAAAAAIBCKLgzA2Z+KXvAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls3-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls3-named.pem new file mode 100644 index 0000000000..859329078d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls3-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEAw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls4-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls4-explicit.pem new file mode 100644 index 0000000000..2cd45a8c4f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls4-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGPAgEBMBwGByqGSM49AQIwEQIBcQYJKoZIzj0BAgMCAgEJMDcEDjCIJQym58f+ +ZJzoWCD3BA7ovuTT4iYHRBiL4OnHIwMVABDnI6sU1pbmdodWFRdW/r+Py0mpBB8E +AJ1zYW819KsUB9c1YsEPAKUoMCd5WO6E0TFe0xiGAg8BAAAAAAAAANnM7Io55W8C +AQI= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls4-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls4-named.pem new file mode 100644 index 0000000000..9a7887b2f0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls4-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEBA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls5-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls5-explicit.pem new file mode 100644 index 0000000000..d7bc1c2cab --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls5-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIG3AgEBMCUGByqGSM49AQIwGgICAKMGCSqGSM49AQIDAzAJAgEBAgECAgEIMEQE +FQclRrVDUjSkIuB4lnX0MsiUNd5SQgQUyVF9BtUkDTz/OMdLILbNTW+d1NkDFQDS +wPsVdghg3vHu9NaW5naHVhUXVAQrBAevaZiVRhA9eTKfzD10iA8zu+gDywHsIyEb +WWat6h0/h/fqWEiu8LfKnwIVBAAAAAAAAAAAAAHmD8iCHMdNrq/BAgEC +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls5-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls5-named.pem new file mode 100644 index 0000000000..9f834d0c2e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls5-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEBQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls6-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls6-explicit.pem new file mode 100644 index 0000000000..2c97cb413c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls6-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MIGLAgEBMBoGByqGSM49AQECDwDbfCq/YuNeZoB2vq0gizA3BA7bfCq/YuNeZoB2 +vq0giAQOZZ74ugQ5Fu7eiRFwKyIDFQAA9QsCjk1pbmdodWFRdSkEcng/sQQdBAlI +cjmZWl7na1X5wvCYqJzlr4ckwKI+Dg/3dQACDwDbfCq/YuNedijfrGVhxQIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls6-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls6-named.pem new file mode 100644 index 0000000000..0678777d4d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls6-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEBg== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls7-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls7-explicit.pem new file mode 100644 index 0000000000..120728ae7e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls7-explicit.pem @@ -0,0 +1,6 @@ +-----BEGIN EC PARAMETERS----- +MIGvAgEBMCAGByqGSM49AQECFQD////////////////////+//+sczBDBBT///// +///////////////+//+scAQUtOE00/tZ64urVydJBGZNWvUDiLoDFQC5m5mwmbMj +4CcJpNaW5naHVhUXUQQpBFLcsDQpOhF+H0/xGzD3GZ0xRM5t/q/+8uMx8pbgcfoN ++Zgs/qfUPy4CFQEAAAAAAAAAAAAANR7nhqgY86GhawIBAQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls7-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls7-named.pem new file mode 100644 index 0000000000..690b9375a4 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls7-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEEBw== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls8-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls8-explicit.pem new file mode 100644 index 0000000000..d8c3ef8bf4 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls8-explicit.pem @@ -0,0 +1,4 @@ +-----BEGIN EC PARAMETERS----- +MFoCAQEwGgYHKoZIzj0BAQIPAP////////////////3nMAYEAQAEAQMEHQQAAAAA +AAAAAAAAAAAAAQAAAAAAAAAAAAAAAAACAg8BAAAAAAAAAezqVRrYN+kCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls8-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls8-named.pem new file mode 100644 index 0000000000..4737cbcc4a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls8-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEECA== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls9-explicit.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls9-explicit.pem new file mode 100644 index 0000000000..383c5dce8f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls9-explicit.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PARAMETERS----- +MHICAQEwIAYHKoZIzj0BAQIVAP///////////////////////ICPMAYEAQAEAQME +KQQAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAACAhUBAAAA +AAAAAAAAAc3JiuDi3ldKvzMCAQE= +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls9-named.pem b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls9-named.pem new file mode 100644 index 0000000000..0212b4a4d8 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_ecparam_data/valid/wap-wsg-idm-ecid-wtls9-named.pem @@ -0,0 +1,3 @@ +-----BEGIN EC PARAMETERS----- +BgVnKwEECQ== +-----END EC PARAMETERS----- diff --git a/deps/openssl/openssl/test/recipes/15-test_genrsa.t b/deps/openssl/openssl/test/recipes/15-test_genrsa.t index 766ea4f0aa..e16a9a4042 100644 --- a/deps/openssl/openssl/test/recipes/15-test_genrsa.t +++ b/deps/openssl/openssl/test/recipes/15-test_genrsa.t @@ -52,4 +52,3 @@ ok(run(app([ 'openssl', 'genrsa', '-f4', '-out', 'genrsatest.pem', $good ])), "genrsa -f4 $good"); ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'genrsatest.pem', '-noout' ])), "rsa -check"); -unlink 'genrsatest.pem'; diff --git a/deps/openssl/openssl/test/recipes/15-test_mp_rsa.t b/deps/openssl/openssl/test/recipes/15-test_mp_rsa.t new file mode 100644 index 0000000000..9271dba042 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_mp_rsa.t @@ -0,0 +1,111 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017 BaishanCloud. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT data_file/; +use OpenSSL::Test::Utils; + +setup("test_mp_rsa"); + +plan tests => 31; + +ok(run(test(["rsa_mp_test"])), "running rsa multi prime test"); + +my $cleartext = data_file("plain_text"); + +my @test_param = ( + # 3 primes, 2048-bit + { + primes => '3', + bits => '2048', + }, + # 4 primes, 4096-bit + { + primes => '4', + bits => '4096', + }, + # 5 primes, 8192-bit + { + primes => '5', + bits => '8192', + }, +); + +# genrsa +run_mp_tests(0); +# evp +run_mp_tests(1); + +sub run_mp_tests { + my $evp = shift; + + foreach my $param (@test_param) { + my $primes = $param->{primes}; + my $bits = $param->{bits}; + my $name = ($evp ? "evp" : "") . "${bits}p${primes}"; + + if ($evp) { + ok(run(app([ 'openssl', 'genpkey', '-out', 'rsamptest.pem', + '-algorithm', 'RSA', '-pkeyopt', "rsa_keygen_primes:$primes", + '-pkeyopt', "rsa_keygen_bits:$bits"])), "genrsa $name"); + } else { + ok(run(app([ 'openssl', 'genrsa', '-out', 'rsamptest.pem', + '-primes', $primes, $bits])), "genrsa $name"); + } + + ok(run(app([ 'openssl', 'rsa', '-check', '-in', 'rsamptest.pem', + '-noout'])), "rsa -check $name"); + if ($evp) { + ok(run(app([ 'openssl', 'pkeyutl', '-inkey', 'rsamptest.pem', + '-encrypt', '-in', $cleartext, + '-out', 'rsamptest.enc' ])), "rsa $name encrypt"); + ok(run(app([ 'openssl', 'pkeyutl', '-inkey', 'rsamptest.pem', + '-decrypt', '-in', 'rsamptest.enc', + '-out', 'rsamptest.dec' ])), "rsa $name decrypt"); + } else { + ok(run(app([ 'openssl', 'rsautl', '-inkey', 'rsamptest.pem', + '-encrypt', '-in', $cleartext, + '-out', 'rsamptest.enc' ])), "rsa $name encrypt"); + ok(run(app([ 'openssl', 'rsautl', '-inkey', 'rsamptest.pem', + '-decrypt', '-in', 'rsamptest.enc', + '-out', 'rsamptest.dec' ])), "rsa $name decrypt"); + } + + ok(check_msg(), "rsa $name check result"); + + # clean up temp files + unlink 'rsamptest.pem'; + unlink 'rsamptest.enc'; + unlink 'rsamptest.dec'; + } +} + +sub check_msg { + my $msg; + my $dec; + + open(my $fh, "<", $cleartext) or return 0; + binmode $fh; + read($fh, $msg, 10240); + close $fh; + open($fh, "<", "rsamptest.dec") or return 0; + binmode $fh; + read($fh, $dec, 10240); + close $fh; + + if ($msg ne $dec) { + print STDERR "cleartext and decrypted are not the same"; + return 0; + } + return 1; +} diff --git a/deps/openssl/openssl/test/recipes/15-test_mp_rsa_data/plain_text b/deps/openssl/openssl/test/recipes/15-test_mp_rsa_data/plain_text new file mode 100644 index 0000000000..60d11c0f69 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_mp_rsa_data/plain_text @@ -0,0 +1,4 @@ +It was the best of times, it was the worst of times, +it was the age of wisdom, it was the age of foolishness, +it was the epoch of belief, it was the epoch of incredulity, +it was the season of Light, it was the season of Darkness. diff --git a/deps/openssl/openssl/test/recipes/15-test_out_option.t b/deps/openssl/openssl/test/recipes/15-test_out_option.t new file mode 100644 index 0000000000..9c2a95482b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/15-test_out_option.t @@ -0,0 +1,73 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_out_option"); + +plan tests => 4; + +# Test 1 +SKIP: { + # Paths that should generate failure when trying to write to them. + # Directories are a safe bet for failure on most platforms. + # Notably, this isn't true on OpenVMS, as a default file name is + # appended under the hood when trying to "write" to a directory spec. + # From observation, that file is '.' (i.e. a file with no file name + # and no extension), so '[]' gets translated to '[].' + skip 'Directories become writable files on OpenVMS', 1 if $^O eq 'VMS'; + + # Note that directories must end with a slash here, because of how + # File::Spec massages them into directory specs on some platforms. + my $path = File::Spec->canonpath('./'); + ok(!run(app([ 'openssl', 'rand', '-out', $path, '1'])), + "invalid output path: $path"); +} + +# Test 2 +{ + my $path = File::Spec->canonpath('randomname.bin'); + ok(run(app([ 'openssl', 'rand', '-out', $path, '1'])), + "valid output path: $path"); +} + +# Test 3 +{ + # Test for trying to create a file in a non-exist directory + my $rand_path = ""; + do { + my @chars = ("A".."Z", "a".."z", "0".."9"); + $rand_path .= $chars[rand @chars] for 1..32; + } while (-d File::Spec->catdir('.', $rand_path)); + $rand_path .= "/randomname.bin"; + + my $path = File::Spec->canonpath($rand_path); + ok(!run(app([ 'openssl', 'rand', '-out', $path, '1'])), + "invalid output path: $path"); +} + +# Test 4 +SKIP: { + skip "It's not safe to use perl's idea of the NULL device in an explicitly cross compiled build", 1 + unless (config('CROSS_COMPILE') // '') eq ''; + + my $path = File::Spec->canonpath(File::Spec->devnull()); + ok(run(app([ 'openssl', 'rand', '-out', $path, '1'])), + "valid output path: $path"); +} + +# Cleanup +END { + unlink 'randomname.bin' if -f 'randomname.bin'; +} diff --git a/deps/openssl/openssl/test/recipes/15-test_rsapss.t b/deps/openssl/openssl/test/recipes/15-test_rsapss.t index 34accaa286..f10625d4cd 100644 --- a/deps/openssl/openssl/test/recipes/15-test_rsapss.t +++ b/deps/openssl/openssl/test/recipes/15-test_rsapss.t @@ -20,14 +20,14 @@ plan tests => 5; #using test/testrsa.pem which happens to be a 512 bit RSA ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha1', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', '-sigopt', 'rsa_mgf1_md:sha512', '-out', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign"); with({ exit_checker => sub { return shift == 1; } }, sub { ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', '-sigopt', 'rsa_mgf1_md:sha512', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign, expect to fail gracefully"); ok(run(app(['openssl', 'dgst', '-sign', srctop_file('test', 'testrsa.pem'), '-sha512', @@ -35,14 +35,14 @@ with({ exit_checker => sub { return shift == 1; } }, '-sigopt', 'rsa_mgf1_md:sha1', srctop_file('test', 'testrsa.pem')])), "openssl dgst -sign, expect to fail gracefully"); ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha512', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify, expect to fail gracefully"); }); ok(run(app(['openssl', 'dgst', '-prverify', srctop_file('test', 'testrsa.pem'), '-sha1', - '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-2', + '-sigopt', 'rsa_padding_mode:pss', '-sigopt', 'rsa_pss_saltlen:-3', '-sigopt', 'rsa_mgf1_md:sha512', '-signature', 'testrsapss.sig', srctop_file('test', 'testrsa.pem')])), "openssl dgst -prverify"); diff --git a/deps/openssl/openssl/test/recipes/20-test_enc.t b/deps/openssl/openssl/test/recipes/20-test_enc.t index 88a589041a..32a30165f1 100644 --- a/deps/openssl/openssl/test/recipes/20-test_enc.t +++ b/deps/openssl/openssl/test/recipes/20-test_enc.t @@ -27,20 +27,21 @@ my $test = catfile(".", "p"); my $cmd = "openssl"; +my $ciphersstatus = undef; my @ciphers = map { s/^\s+//; s/\s+$//; split /\s+/ } - run(app([$cmd, "list", "-cipher-commands"]), capture => 1); + run(app([$cmd, "list", "-cipher-commands"]), + capture => 1, statusvar => \$ciphersstatus); -plan tests => 1 + (scalar @ciphers)*2; - -my $init = ok(copy($testsrc,$test)); - -if (!$init) { - diag("Trying to copy $testsrc to $test : $!"); -} +plan tests => 2 + (scalar @ciphers)*2; SKIP: { - skip "Not initialized, skipping...", 11 unless $init; + skip "Problems getting ciphers...", 1 + scalar(@ciphers) + unless ok($ciphersstatus, "Running 'openssl list -cipher-commands'"); + unless (ok(copy($testsrc, $test), "Copying $testsrc to $test")) { + diag($!); + skip "Not initialized, skipping...", scalar(@ciphers); + } foreach my $c (@ciphers) { my %variant = ("$c" => [], diff --git a/deps/openssl/openssl/test/recipes/20-test_enc_more.t b/deps/openssl/openssl/test/recipes/20-test_enc_more.t new file mode 100644 index 0000000000..2691060c75 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/20-test_enc_more.t @@ -0,0 +1,61 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use File::Spec::Functions qw/catfile/; +use File::Copy; +use File::Compare qw/compare_text/; +use File::Basename; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_evp_more"); + +my $testsrc = srctop_file("test", "recipes", basename($0)); + +my $cipherlist = undef; +my $plaintext = catfile(".", "testdatafile"); +my $fail = ""; +my $cmd = "openssl"; + +my $ciphersstatus = undef; +my @ciphers = + grep(! /wrap|^$|^[^-]/, + (map { split /\s+/ } + run(app([$cmd, "enc", "-ciphers"]), + capture => 1, statusvar => \$ciphersstatus))); + +plan tests => 2 + scalar @ciphers; + +SKIP: { + skip "Problems getting ciphers...", 1 + scalar(@ciphers) + unless ok($ciphersstatus, "Running 'openssl enc -ciphers'"); + unless (ok(copy($testsrc, $plaintext), "Copying $testsrc to $plaintext")) { + diag($!); + skip "Not initialized, skipping...", scalar(@ciphers); + } + + foreach my $cipher (@ciphers) { + my $ciphername = substr $cipher, 1; + my $cipherfile = "$plaintext.$ciphername.cipher"; + my $clearfile = "$plaintext.$ciphername.clear"; + my @common = ( $cmd, "enc", "$cipher", "-k", "test" ); + + ok(run(app([@common, "-e", "-in", $plaintext, "-out", $cipherfile])) + && compare_text($plaintext, $cipherfile) != 0 + && run(app([@common, "-d", "-in", $cipherfile, "-out", $clearfile])) + && compare_text($plaintext, $clearfile) == 0 + , $ciphername); + unlink $cipherfile, $clearfile; + } +} + +unlink $plaintext; diff --git a/deps/openssl/openssl/test/recipes/20-test_passwd.t b/deps/openssl/openssl/test/recipes/20-test_passwd.t index cf9c2cc8eb..32aa7a3171 100644 --- a/deps/openssl/openssl/test/recipes/20-test_passwd.t +++ b/deps/openssl/openssl/test/recipes/20-test_passwd.t @@ -15,25 +15,111 @@ use OpenSSL::Test::Utils; setup("test_passwd"); -plan tests => disabled("des") ? 4 : 6; +# The following tests are an adaptation of those in +# https://www.akkadia.org/drepper/SHA-crypt.txt +my @sha_tests = + ({ type => '5', + salt => 'saltstring', + key => 'Hello world!', + expected => '$5$saltstring$5B8vYYiY.CVt1RlTTf8KbXBH3hsxY/GNooZaBBGWEc5' }, + { type => '5', + salt => 'rounds=10000$saltstringsaltstring', + key => 'Hello world!', + expected => '$5$rounds=10000$saltstringsaltst$3xv.VbSHBb41AL9AvLeujZkZRBAwqFMz2.opqey6IcA' }, + { type => '5', + salt => 'rounds=5000$toolongsaltstring', + key => 'This is just a test', + expected => '$5$rounds=5000$toolongsaltstrin$Un/5jzAHMgOGZ5.mWJpuVolil07guHPvOW8mGRcvxa5' }, + { type => '5', + salt => 'rounds=1400$anotherlongsaltstring', + key => 'a very much longer text to encrypt. This one even stretches over morethan one line.', + expected => '$5$rounds=1400$anotherlongsalts$Rx.j8H.h8HjEDGomFU8bDkXm3XIUnzyxf12oP84Bnq1' }, + { type => '5', + salt => 'rounds=77777$short', + key => 'we have a short salt string but not a short password', + expected => '$5$rounds=77777$short$JiO1O3ZpDAxGJeaDIuqCoEFysAe1mZNJRs3pw0KQRd/' }, + { type => '5', + salt => 'rounds=123456$asaltof16chars..', + key => 'a short string', + expected => '$5$rounds=123456$asaltof16chars..$gP3VQ/6X7UUEW3HkBn2w1/Ptq2jxPyzV/cZKmF/wJvD' }, + { type => '5', + salt => 'rounds=10$roundstoolow', + key => 'the minimum number is still observed', + expected => '$5$rounds=1000$roundstoolow$yfvwcWrQ8l/K0DAWyuPMDNHpIVlTQebY9l/gL972bIC' }, + { type => '6', + salt => 'saltstring', + key => 'Hello world!', + expected => '$6$saltstring$svn8UoSVapNtMuq1ukKS4tPQd8iKwSMHWjl/O817G3uBnIFNjnQJuesI68u4OTLiBFdcbYEdFCoEOfaS35inz1' }, + { type => '6', + salt => 'rounds=10000$saltstringsaltstring', + key => 'Hello world!', + expected => '$6$rounds=10000$saltstringsaltst$OW1/O6BYHV6BcXZu8QVeXbDWra3Oeqh0sbHbbMCVNSnCM/UrjmM0Dp8vOuZeHBy/YTBmSK6H9qs/y3RnOaw5v.' }, + { type => '6', + salt => 'rounds=5000$toolongsaltstring', + key => 'This is just a test', + expected => '$6$rounds=5000$toolongsaltstrin$lQ8jolhgVRVhY4b5pZKaysCLi0QBxGoNeKQzQ3glMhwllF7oGDZxUhx1yxdYcz/e1JSbq3y6JMxxl8audkUEm0' }, + { type => '6', + salt => 'rounds=1400$anotherlongsaltstring', + key => 'a very much longer text to encrypt. This one even stretches over morethan one line.', + expected => '$6$rounds=1400$anotherlongsalts$POfYwTEok97VWcjxIiSOjiykti.o/pQs.wPvMxQ6Fm7I6IoYN3CmLs66x9t0oSwbtEW7o7UmJEiDwGqd8p4ur1' }, + { type => '6', + salt => 'rounds=77777$short', + key => 'we have a short salt string but not a short password', + expected => '$6$rounds=77777$short$WuQyW2YR.hBNpjjRhpYD/ifIw05xdfeEyQoMxIXbkvr0gge1a1x3yRULJ5CCaUeOxFmtlcGZelFl5CxtgfiAc0' }, + { type => '6', + salt => 'rounds=123456$asaltof16chars..', + key => 'a short string', + expected => '$6$rounds=123456$asaltof16chars..$BtCwjqMJGx5hrJhZywWvt0RLE8uZ4oPwcelCjmw2kSYu.Ec6ycULevoBK25fs2xXgMNrCzIMVcgEJAstJeonj1' }, + { type => '6', + salt => 'rounds=10$roundstoolow', + key => 'the minimum number is still observed', + expected => '$6$rounds=1000$roundstoolow$kUMsbe306n21p9R.FRkW3IGn.S9NPN0x50YhH1xhLsPuWGsUSklZt58jaTfF4ZEQpyUNGc0dqbpBYYBaHHrsX.' } + ); -ok(compare1stline([qw{openssl passwd password}], '^.{13}\R$'), +plan tests => (disabled("des") ? 9 : 11) + scalar @sha_tests; + + +ok(compare1stline_re([qw{openssl passwd password}], '^.{13}\R$'), 'crypt password with random salt') if !disabled("des"); -ok(compare1stline([qw{openssl passwd -1 password}], '^\$1\$.{8}\$.{22}\R$'), +ok(compare1stline_re([qw{openssl passwd -1 password}], '^\$1\$.{8}\$.{22}\R$'), 'BSD style MD5 password with random salt'); -ok(compare1stline([qw{openssl passwd -apr1 password}], '^\$apr1\$.{8}\$.{22}\R$'), +ok(compare1stline_re([qw{openssl passwd -apr1 password}], '^\$apr1\$.{8}\$.{22}\R$'), 'Apache style MD5 password with random salt'); -ok(compare1stline([qw{openssl passwd -salt xx password}], '^xxj31ZMTZzkVA\R$'), +ok(compare1stline_re([qw{openssl passwd -5 password}], '^\$5\$.{16}\$.{43}\R$'), + 'SHA256 password with random salt'); +ok(compare1stline_re([qw{openssl passwd -6 password}], '^\$6\$.{16}\$.{86}\R$'), + 'Apache SHA512 password with random salt'); + +ok(compare1stline([qw{openssl passwd -salt xx password}], 'xxj31ZMTZzkVA'), 'crypt password with salt xx') if !disabled("des"); -ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -1 password}], '^\$1\$xxxxxxxx\$UYCIxa628\.9qXjpQCjM4a\.\R$'), +ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -1 password}], '$1$xxxxxxxx$UYCIxa628.9qXjpQCjM4a.'), 'BSD style MD5 password with salt xxxxxxxx'); -ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -apr1 password}], '^\$apr1\$xxxxxxxx\$dxHfLAsjHkDRmG83UXe8K0\R$'), +ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -apr1 password}], '$apr1$xxxxxxxx$dxHfLAsjHkDRmG83UXe8K0'), 'Apache style MD5 password with salt xxxxxxxx'); +ok(compare1stline([qw{openssl passwd -salt xxxxxxxx -aixmd5 password}], 'xxxxxxxx$8Oaipk/GPKhC64w/YVeFD/'), + 'AIX style MD5 password with salt xxxxxxxx'); +ok(compare1stline([qw{openssl passwd -salt xxxxxxxxxxxxxxxx -5 password}], '$5$xxxxxxxxxxxxxxxx$fHytsM.wVD..zPN/h3i40WJRggt/1f73XkAC/gkelkB'), + 'SHA256 password with salt xxxxxxxxxxxxxxxx'); +ok(compare1stline([qw{openssl passwd -salt xxxxxxxxxxxxxxxx -6 password}], '$6$xxxxxxxxxxxxxxxx$VjGUrXBG6/8yW0f6ikBJVOb/lK/Tm9LxHJmFfwMvT7cpk64N9BW7ZQhNeMXAYFbOJ6HDG7wb0QpxJyYQn0rh81'), + 'SHA512 password with salt xxxxxxxxxxxxxxxx'); +foreach (@sha_tests) { + ok(compare1stline([qw{openssl passwd}, '-'.$_->{type}, '-salt', $_->{salt}, + $_->{key}], $_->{expected}), + { 5 => 'SHA256', 6 => 'SHA512' }->{$_->{type}} . ' password with salt ' . $_->{salt}); +} -sub compare1stline { + +sub compare1stline_re { my ($cmdarray, $regexp) = @_; my @lines = run(app($cmdarray), capture => 1); return $lines[0] =~ m|$regexp|; } + +sub compare1stline { + my ($cmdarray, $str) = @_; + my @lines = run(app($cmdarray), capture => 1); + + return $lines[0] =~ m|^\Q${str}\E\R$|; +} diff --git a/deps/openssl/openssl/test/recipes/25-test_crl.t b/deps/openssl/openssl/test/recipes/25-test_crl.t index e8ce5f8552..456accbc2d 100644 --- a/deps/openssl/openssl/test/recipes/25-test_crl.t +++ b/deps/openssl/openssl/test/recipes/25-test_crl.t @@ -15,10 +15,14 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_crl"); -plan tests => 5; +plan tests => 7; require_ok(srctop_file('test','recipes','tconversion.pl')); +my $pem = srctop_file("test/certs", "cyrillic_crl.pem"); +my $out = "cyrillic_crl.out"; +my $utf = srctop_file("test/certs", "cyrillic_crl.utf8"); + subtest 'crl conversions' => sub { tconversion("crl", srctop_file("test","testcrl.pem")); }; @@ -32,6 +36,12 @@ ok(compare1stline([qw{openssl crl -noout -fingerprint -sha256 -in}, srctop_file('test', 'testcrl.pem')], 'SHA256 Fingerprint=B3:A9:FD:A7:2E:8C:3D:DF:D0:F1:C3:1A:96:60:B5:FD:B0:99:7C:7F:0E:E4:34:F5:DB:87:62:36:BC:F1:BC:1B')); +ok(run(app(["openssl", "crl", "-text", "-in", $pem, "-out", $out, + "-nameopt", "utf8"]))); +is(cmp_text($out, srctop_file("test/certs", "cyrillic_crl.utf8")), + 0, 'Comparing utf8 output'); +unlink $out; + sub compare1stline { my ($cmdarray, $str) = @_; my @lines = run(app($cmdarray), capture => 1); diff --git a/deps/openssl/openssl/test/recipes/25-test_req.t b/deps/openssl/openssl/test/recipes/25-test_req.t index bcc10257d4..17a98dc9d1 100644 --- a/deps/openssl/openssl/test/recipes/25-test_req.t +++ b/deps/openssl/openssl/test/recipes/25-test_req.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -15,23 +15,38 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_req"); -plan tests => 4; +plan tests => 9; require_ok(srctop_file('test','recipes','tconversion.pl')); open RND, ">>", ".rnd"; -print RND "string to make the random number generator think it has entropy"; +print RND "string to make the random number generator think it has randomness"; close RND; -subtest "generating certificate requests" => sub { - my @req_new; - if (disabled("rsa")) { - @req_new = ("-newkey", "dsa:".srctop_file("apps", "dsa512.pem")); - } else { - @req_new = ("-new"); - note("There should be a 2 sequences of .'s and some +'s."); - note("There should not be more that at most 80 per line"); - } +# What type of key to generate? +my @req_new; +if (disabled("rsa")) { + @req_new = ("-newkey", "dsa:".srctop_file("apps", "dsa512.pem")); +} else { + @req_new = ("-new"); + note("There should be a 2 sequences of .'s and some +'s."); + note("There should not be more that at most 80 per line"); +} + +# Check for duplicate -addext parameters, and one "working" case. +my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem", + "-config", srctop_file("test", "test.cnf"), @req_new ); +my $val = "subjectAltName=DNS:example.com"; +my $val2 = " " . $val; +my $val3 = $val; +$val3 =~ s/=/ =/; +ok( run(app([@addext_args, "-addext", $val]))); +ok(!run(app([@addext_args, "-addext", $val, "-addext", $val]))); +ok(!run(app([@addext_args, "-addext", $val, "-addext", $val2]))); +ok(!run(app([@addext_args, "-addext", $val, "-addext", $val3]))); +ok(!run(app([@addext_args, "-addext", $val2, "-addext", $val3]))); + +subtest "generating certificate requests" => sub { plan tests => 2; ok(run(app(["openssl", "req", "-config", srctop_file("test", "test.cnf"), diff --git a/deps/openssl/openssl/test/recipes/25-test_sid.t b/deps/openssl/openssl/test/recipes/25-test_sid.t index b13cb5c23a..863024dbd7 100644 --- a/deps/openssl/openssl/test/recipes/25-test_sid.t +++ b/deps/openssl/openssl/test/recipes/25-test_sid.t @@ -12,9 +12,13 @@ use warnings; use File::Spec; use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; setup("test_sid"); +plan skip_all => 'test_sid needs EC to run' + if disabled('ec'); + plan tests => 2; require_ok(srctop_file('test','recipes','tconversion.pl')); diff --git a/deps/openssl/openssl/test/recipes/25-test_verify.t b/deps/openssl/openssl/test/recipes/25-test_verify.t index 11f54d0486..6c3deab7c6 100644 --- a/deps/openssl/openssl/test/recipes/25-test_verify.t +++ b/deps/openssl/openssl/test/recipes/25-test_verify.t @@ -12,6 +12,7 @@ use warnings; use File::Spec::Functions qw/canonpath/; use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; setup("test_verify"); @@ -20,17 +21,13 @@ sub verify { my @args = qw(openssl verify -auth_level 1 -purpose); my @path = qw(test certs); push(@args, "$purpose", @opts); - for (@$trusted) { - push(@args, "-trusted", srctop_file(@path, "$_.pem")) - } - for (@$untrusted) { - push(@args, "-untrusted", srctop_file(@path, "$_.pem")) - } + for (@$trusted) { push(@args, "-trusted", srctop_file(@path, "$_.pem")) } + for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) } push(@args, srctop_file(@path, "$cert.pem")); run(app([@args])); } -plan tests => 129; +plan tests => 134; # Canonical success ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), @@ -165,16 +162,13 @@ ok(verify("ee-cert", "sslserver", [qw(root-cert ca+anyEKU)], [qw(ca-cert)]), "accept wildcard trust"); ok(verify("ee-cert", "sslserver", [qw(root-cert sca-cert)], [qw(ca-cert)]), "accept server purpose"); -ok(verify("ee-cert", "sslserver", [qw(root-cert sca+serverAuth)], - [qw(ca-cert)]), +ok(verify("ee-cert", "sslserver", [qw(root-cert sca+serverAuth)], [qw(ca-cert)]), "accept server trust and purpose"); ok(verify("ee-cert", "sslserver", [qw(root-cert sca+anyEKU)], [qw(ca-cert)]), "accept wildcard trust and server purpose"); -ok(verify("ee-cert", "sslserver", [qw(root-cert sca-clientAuth)], - [qw(ca-cert)]), +ok(verify("ee-cert", "sslserver", [qw(root-cert sca-clientAuth)], [qw(ca-cert)]), "accept client mistrust and server purpose"); -ok(verify("ee-cert", "sslserver", [qw(root-cert cca+serverAuth)], - [qw(ca-cert)]), +ok(verify("ee-cert", "sslserver", [qw(root-cert cca+serverAuth)], [qw(ca-cert)]), "accept server trust and client purpose"); ok(verify("ee-cert", "sslserver", [qw(root-cert cca+anyEKU)], [qw(ca-cert)]), "accept wildcard trust and client purpose"); @@ -182,26 +176,19 @@ ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-cert)], [qw(ca-cert)]), "fail client purpose"); ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-anyEKU)], [qw(ca-cert)]), "fail wildcard mistrust"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-serverAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca-serverAuth)], [qw(ca-cert)]), "fail server mistrust"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert ca+clientAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert ca+clientAuth)], [qw(ca-cert)]), "fail client trust"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert sca+clientAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert sca+clientAuth)], [qw(ca-cert)]), "fail client trust and server purpose"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert cca+clientAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca+clientAuth)], [qw(ca-cert)]), "fail client trust and client purpose"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-serverAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-serverAuth)], [qw(ca-cert)]), "fail server mistrust and client purpose"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-clientAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert cca-clientAuth)], [qw(ca-cert)]), "fail client mistrust and client purpose"); -ok(!verify("ee-cert", "sslserver", [qw(root-cert sca-serverAuth)], - [qw(ca-cert)]), +ok(!verify("ee-cert", "sslserver", [qw(root-cert sca-serverAuth)], [qw(ca-cert)]), "fail server mistrust and server purpose"); ok(!verify("ee-cert", "sslserver", [qw(root-cert sca-anyEKU)], [qw(ca-cert)]), "fail wildcard mistrust and server purpose"); @@ -242,58 +229,49 @@ ok(!verify("pc1-cert", "sslclient", [qw(root-cert)], [qw(ee-client ca-cert)]), ok(verify("pc1-cert", "sslclient", [qw(root-cert)], [qw(ee-client ca-cert)], "-allow_proxy_certs"), "accept proxy cert 1"); -ok(verify("pc2-cert", "sslclient", [qw(root-cert)], - [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), +ok(verify("pc2-cert", "sslclient", [qw(root-cert)], [qw(pc1-cert ee-client ca-cert)], + "-allow_proxy_certs"), "accept proxy cert 2"); -ok(!verify("bad-pc3-cert", "sslclient", [qw(root-cert)], - [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), +ok(!verify("bad-pc3-cert", "sslclient", [qw(root-cert)], [qw(pc1-cert ee-client ca-cert)], + "-allow_proxy_certs"), "fail proxy cert with incorrect subject"); -ok(!verify("bad-pc4-cert", "sslclient", [qw(root-cert)], - [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), +ok(!verify("bad-pc4-cert", "sslclient", [qw(root-cert)], [qw(pc1-cert ee-client ca-cert)], + "-allow_proxy_certs"), "fail proxy cert with incorrect pathlen"); -ok(verify("pc5-cert", "sslclient", [qw(root-cert)], - [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), +ok(verify("pc5-cert", "sslclient", [qw(root-cert)], [qw(pc1-cert ee-client ca-cert)], + "-allow_proxy_certs"), "accept proxy cert missing proxy policy"); -ok(!verify("pc6-cert", "sslclient", [qw(root-cert)], - [qw(pc1-cert ee-client ca-cert)], "-allow_proxy_certs"), +ok(!verify("pc6-cert", "sslclient", [qw(root-cert)], [qw(pc1-cert ee-client ca-cert)], + "-allow_proxy_certs"), "failed proxy cert where last CN was added as a multivalue RDN component"); # Security level tests -ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], - "-auth_level", "2"), +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), "accept RSA 2048 chain at auth level 2"); -ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], - "-auth_level", "3"), +ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "3"), "reject RSA 2048 root at auth level 3"); -ok(verify("ee-cert", "sslserver", ["root-cert-768"], ["ca-cert-768i"], - "-auth_level", "0"), +ok(verify("ee-cert", "sslserver", ["root-cert-768"], ["ca-cert-768i"], "-auth_level", "0"), "accept RSA 768 root at auth level 0"); ok(!verify("ee-cert", "sslserver", ["root-cert-768"], ["ca-cert-768i"]), "reject RSA 768 root at auth level 1"); -ok(verify("ee-cert-768i", "sslserver", ["root-cert"], ["ca-cert-768"], - "-auth_level", "0"), +ok(verify("ee-cert-768i", "sslserver", ["root-cert"], ["ca-cert-768"], "-auth_level", "0"), "accept RSA 768 intermediate at auth level 0"); ok(!verify("ee-cert-768i", "sslserver", ["root-cert"], ["ca-cert-768"]), "reject RSA 768 intermediate at auth level 1"); -ok(verify("ee-cert-768", "sslserver", ["root-cert"], ["ca-cert"], - "-auth_level", "0"), +ok(verify("ee-cert-768", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "0"), "accept RSA 768 leaf at auth level 0"); ok(!verify("ee-cert-768", "sslserver", ["root-cert"], ["ca-cert"]), "reject RSA 768 leaf at auth level 1"); # -ok(verify("ee-cert", "sslserver", ["root-cert-md5"], ["ca-cert"], - "-auth_level", "2"), +ok(verify("ee-cert", "sslserver", ["root-cert-md5"], ["ca-cert"], "-auth_level", "2"), "accept md5 self-signed TA at auth level 2"); -ok(verify("ee-cert", "sslserver", ["ca-cert-md5-any"], [], - "-auth_level", "2"), +ok(verify("ee-cert", "sslserver", ["ca-cert-md5-any"], [], "-auth_level", "2"), "accept md5 intermediate TA at auth level 2"); -ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert-md5"], - "-auth_level", "0"), +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert-md5"], "-auth_level", "0"), "accept md5 intermediate at auth level 0"); ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert-md5"]), "reject md5 intermediate at auth level 1"); -ok(verify("ee-cert-md5", "sslserver", ["root-cert"], ["ca-cert"], - "-auth_level", "0"), +ok(verify("ee-cert-md5", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "0"), "accept md5 leaf at auth level 0"); ok(!verify("ee-cert-md5", "sslserver", ["root-cert"], ["ca-cert"]), "reject md5 leaf at auth level 1"); @@ -302,17 +280,13 @@ ok(!verify("ee-cert-md5", "sslserver", ["root-cert"], ["ca-cert"]), # between the trust-anchor and the leaf, so, for example, with a root->ca->leaf # chain, depth = 1 is sufficient, but depth == 0 is not. # -ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], - "-verify_depth", "2"), +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], "-verify_depth", "2"), "accept chain with verify_depth 2"); -ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], - "-verify_depth", "1"), +ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], "-verify_depth", "1"), "accept chain with verify_depth 1"); -ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], - "-verify_depth", "0"), +ok(!verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"], "-verify_depth", "0"), "accept chain with verify_depth 0"); -ok(verify("ee-cert", "sslserver", ["ca-cert-md5-any"], [], - "-verify_depth", "0"), +ok(verify("ee-cert", "sslserver", ["ca-cert-md5-any"], [], "-verify_depth", "0"), "accept md5 intermediate TA with verify_depth 0"); # Name Constraints tests. @@ -353,34 +327,47 @@ ok(!verify("badalt6-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), ok(!verify("badalt7-cert", "sslserver", ["root-cert"], ["ncca1-cert"], ), "Name Constraints CN BMPSTRING hostname not permitted"); -ok(!verify("badalt8-cert", "sslserver", ["root-cert"], - ["ncca1-cert", "ncca3-cert"], ), - "Name constaints nested DNS name not permitted 1"); - -ok(!verify("badalt9-cert", "sslserver", ["root-cert"], - ["ncca1-cert", "ncca3-cert"], ), - "Name constaints nested DNS name not permitted 2"); - -ok(!verify("badalt10-cert", "sslserver", ["root-cert"], - ["ncca1-cert", "ncca3-cert"], ), - "Name constaints nested DNS name excluded"); - -ok(!verify("many-names1", "sslserver", ["many-constraints"], - ["many-constraints"], ), - "Too many names and constraints to check (1)"); -ok(!verify("many-names2", "sslserver", ["many-constraints"], - ["many-constraints"], ), - "Too many names and constraints to check (2)"); -ok(!verify("many-names3", "sslserver", ["many-constraints"], - ["many-constraints"], ), - "Too many names and constraints to check (3)"); - -ok(verify("some-names1", "sslserver", ["many-constraints"], - ["many-constraints"], ), - "Not too many names and constraints to check (1)"); -ok(verify("some-names2", "sslserver", ["many-constraints"], - ["many-constraints"], ), - "Not too many names and constraints to check (2)"); -ok(verify("some-names2", "sslserver", ["many-constraints"], - ["many-constraints"], ), - "Not too many names and constraints to check (3)"); +ok(!verify("badalt8-cert", "sslserver", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ), + "Name constraints nested DNS name not permitted 1"); + +ok(!verify("badalt9-cert", "sslserver", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ), + "Name constraints nested DNS name not permitted 2"); + +ok(!verify("badalt10-cert", "sslserver", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ), + "Name constraints nested DNS name excluded"); + +ok(verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], ), + "Certificate PSS signature using SHA1"); + +ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], ), + "CA with PSS signature using SHA256"); + +ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), + "Reject PSS signature using SHA1 and auth level 2"); + +ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), + "PSS signature using SHA256 and auth level 2"); + +ok(!verify("many-names1", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Too many names and constraints to check (1)"); +ok(!verify("many-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Too many names and constraints to check (2)"); +ok(!verify("many-names3", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Too many names and constraints to check (3)"); + +ok(verify("some-names1", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Not too many names and constraints to check (1)"); +ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Not too many names and constraints to check (2)"); +ok(verify("some-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Not too many names and constraints to check (3)"); + +SKIP: { + skip "Ed25519 is not supported by this OpenSSL build", 1 + if disabled("ec"); + + # ED25519 certificate from draft-ietf-curdle-pkix-04 + ok(verify("ee-ed25519", "sslserver", ["root-ed25519"], []), + "ED25519 signature"); + +} diff --git a/deps/openssl/openssl/test/recipes/25-test_x509.t b/deps/openssl/openssl/test/recipes/25-test_x509.t index 98a8d324e9..f5ef0f9963 100644 --- a/deps/openssl/openssl/test/recipes/25-test_x509.t +++ b/deps/openssl/openssl/test/recipes/25-test_x509.t @@ -15,10 +15,25 @@ use OpenSSL::Test qw/:DEFAULT srctop_file/; setup("test_x509"); -plan tests => 5; +plan tests => 9; require_ok(srctop_file('test','recipes','tconversion.pl')); +my $pem = srctop_file("test/certs", "cyrillic.pem"); +my $out = "cyrillic.out"; +my $msb = srctop_file("test/certs", "cyrillic.msb"); +my $utf = srctop_file("test/certs", "cyrillic.utf8"); + +ok(run(app(["openssl", "x509", "-text", "-in", $pem, "-out", $out, + "-nameopt", "esc_msb"]))); +is(cmp_text($out, srctop_file("test/certs", "cyrillic.msb")), + 0, 'Comparing esc_msb output'); +ok(run(app(["openssl", "x509", "-text", "-in", $pem, "-out", $out, + "-nameopt", "utf8"]))); +is(cmp_text($out, srctop_file("test/certs", "cyrillic.utf8")), + 0, 'Comparing utf8 output'); +unlink $out; + subtest 'x509 -- x.509 v1 certificate' => sub { tconversion("x509", srctop_file("test","testx509.pem")); }; diff --git a/deps/openssl/openssl/test/recipes/30-test_afalg.t b/deps/openssl/openssl/test/recipes/30-test_afalg.t index c8cb67b758..7f60ca61d8 100644 --- a/deps/openssl/openssl/test/recipes/30-test_afalg.t +++ b/deps/openssl/openssl/test/recipes/30-test_afalg.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -18,6 +18,6 @@ plan skip_all => "$test_name not supported for this build" plan tests => 1; -$ENV{OPENSSL_ENGINES} = bldtop_dir("engines/afalg"); +$ENV{OPENSSL_ENGINES} = bldtop_dir("engines"); ok(run(test(["afalgtest"])), "running afalgtest"); diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpcase.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpcase.txt index 9f0955b97d..69828eec51 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpcase.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpcase.txt @@ -15,7 +15,8 @@ # These tests exercise the case insensitive handling of object names. # They are contrived -# Some name is case insensitive tests +Title = Case insensitive AES tests + Cipher = Aes-128-eCb Key = 2B7E151628AED2A6ABF7158809CF4F3C Plaintext = 6BC1BEE22E409F96E93D7E117393172A @@ -42,6 +43,12 @@ Tag = ab6e47d42cec13bdf53a67b21257bddf Plaintext = 00000000000000000000000000000000 Ciphertext = 0388dace60b6a392f328c2b971b2fe78 +Title = Case insensitive digest tests + +Digest = Sha3-256 +Input = "" +Output = A7FFC6F8BF1ED76651C14756A061D662F580FF4DE43B49FA82D80A4B80F8434A + Digest = shA512 Input = "abc" Output = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt index 7e78e08fc2..d117455052 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt @@ -19,6 +19,8 @@ # -K 000102030405060708090A0B0C0D0E0F1011121314151617 -iv 0001020304050607 | # xxd -ps -u +Title = DES Tests (various sources) + Cipher = DES-EDE3-CFB1 Key = 000102030405060708090A0B0C0D0E0F1011121314151617 IV = 0001020304050607 @@ -32,7 +34,57 @@ Operation = DECRYPT Plaintext = "Hello World" Ciphertext = 3CF55D656E9C0664513358 -# AES 128 ECB tests (from FIPS-197 test vectors, encrypt) +Cipher = DESX-CBC +Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4 + +# DES EDE3 CBC tests (from destest) +Cipher = DES-EDE3-CBC +Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210 +IV = fedcba9876543210 +Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 +Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 + +# DES ECB tests (from destest) + +Cipher = DES-ECB +Key = 0000000000000000 +Plaintext = 0000000000000000 +Ciphertext = 8CA64DE9C1B123A7 + +Cipher = DES-ECB +Key = FFFFFFFFFFFFFFFF +Plaintext = FFFFFFFFFFFFFFFF +Ciphertext = 7359B2163E4EDC58 + +Cipher = DES-ECB +Key = 3000000000000000 +Plaintext = 1000000000000001 +Ciphertext = 958E6E627A05557B + +Cipher = DES-ECB +Key = 1111111111111111 +Plaintext = 1111111111111111 +Ciphertext = F40379AB9E0EC533 + +Cipher = DES-ECB +Key = 0123456789ABCDEF +Plaintext = 1111111111111111 +Ciphertext = 17668DFC7292532D + +Cipher = DES-ECB +Key = 1111111111111111 +Plaintext = 0123456789ABCDEF +Ciphertext = 8A5AE1F81AB8F2DD + +Cipher = DES-ECB +Key = FEDCBA9876543210 +Plaintext = 0123456789ABCDEF +Ciphertext = ED39D950FA74BCC4 + +Title = AES (from FIPS-197 test vectors) Cipher = AES-128-ECB Key = 000102030405060708090A0B0C0D0E0F @@ -94,6 +146,9 @@ Ciphertext = 8EA2B7CA516745BFEAFC49904B496089 # For all ECB encrypts and decrypts, the transformed sequence is # AES-bits-ECB:key::plaintext:ciphertext:encdec # ECB-AES128.Encrypt and ECB-AES128.Decrypt + +Title = AES tests from NIST document SP800-38A + Cipher = AES-128-ECB Key = 2B7E151628AED2A6ABF7158809CF4F3C Plaintext = 6BC1BEE22E409F96E93D7E117393172A @@ -586,8 +641,8 @@ Operation = DECRYPT Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 Ciphertext = 0126141D67F37BE8538F5A8BE740E484 +Title = AES Counter test vectors from RFC3686 -# AES Counter test vectors from RFC3686 Cipher = aes-128-ctr Key = AE6852F8121067CC4BF7A5765577F39E IV = 00000030000000000000000000000001 @@ -659,751 +714,6 @@ Operation = ENCRYPT Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F Ciphertext = A2D459477E6432BD74184B1B5370D2243CDC202BC43583B2A55D288CDBBD1E03 -# DES ECB tests (from destest) - -Cipher = DES-ECB -Key = 0000000000000000 -Plaintext = 0000000000000000 -Ciphertext = 8CA64DE9C1B123A7 - -Cipher = DES-ECB -Key = FFFFFFFFFFFFFFFF -Plaintext = FFFFFFFFFFFFFFFF -Ciphertext = 7359B2163E4EDC58 - -Cipher = DES-ECB -Key = 3000000000000000 -Plaintext = 1000000000000001 -Ciphertext = 958E6E627A05557B - -Cipher = DES-ECB -Key = 1111111111111111 -Plaintext = 1111111111111111 -Ciphertext = F40379AB9E0EC533 - -Cipher = DES-ECB -Key = 0123456789ABCDEF -Plaintext = 1111111111111111 -Ciphertext = 17668DFC7292532D - -Cipher = DES-ECB -Key = 1111111111111111 -Plaintext = 0123456789ABCDEF -Ciphertext = 8A5AE1F81AB8F2DD - -Cipher = DES-ECB -Key = FEDCBA9876543210 -Plaintext = 0123456789ABCDEF -Ciphertext = ED39D950FA74BCC4 - -# DESX-CBC tests (from destest) -Cipher = DESX-CBC -Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210 -IV = fedcba9876543210 -Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 -Ciphertext = 846B2914851E9A2954732F8AA0A611C115CDC2D7951B1053A63C5E03B21AA3C4 - -# DES EDE3 CBC tests (from destest) -Cipher = DES-EDE3-CBC -Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210 -IV = fedcba9876543210 -Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000 -Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675 - -# RC4 tests (from rc4test) -Cipher = RC4 -Key = 0123456789abcdef0123456789abcdef -Plaintext = 0123456789abcdef -Ciphertext = 75b7878099e0c596 - -Cipher = RC4 -Key = 0123456789abcdef0123456789abcdef -Plaintext = 0000000000000000 -Ciphertext = 7494c2e7104b0879 - -Cipher = RC4 -Key = 00000000000000000000000000000000 -Plaintext = 0000000000000000 -Ciphertext = de188941a3375d3a - -Cipher = RC4 -Key = ef012345ef012345ef012345ef012345 -Plaintext = 0000000000000000000000000000000000000000 -Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 - -Cipher = RC4 -Key = 0123456789abcdef0123456789abcdef -Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678 -Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf - -Cipher = RC4 -Key = ef012345ef012345ef012345ef012345 -Plaintext = 00000000000000000000 -Ciphertext = d6a141a7ec3c38dfbd61 - -# Camellia tests from RFC3713 -# For all ECB encrypts and decrypts, the transformed sequence is -# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec -Cipher = CAMELLIA-128-ECB -Key = 0123456789abcdeffedcba9876543210 -Plaintext = 0123456789abcdeffedcba9876543210 -Ciphertext = 67673138549669730857065648eabe43 - -Cipher = CAMELLIA-192-ECB -Key = 0123456789abcdeffedcba98765432100011223344556677 -Plaintext = 0123456789abcdeffedcba9876543210 -Ciphertext = b4993401b3e996f84ee5cee7d79b09b9 - -Cipher = CAMELLIA-256-ECB -Key = 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff -Plaintext = 0123456789abcdeffedcba9876543210 -Ciphertext = 9acc237dff16d76c20ef7c919e3a7509 - -# ECB-CAMELLIA128.Encrypt -Cipher = CAMELLIA-128-ECB -Key = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 00112233445566778899AABBCCDDEEFF -Ciphertext = 77CF412067AF8270613529149919546F - -Cipher = CAMELLIA-192-ECB -Key = 000102030405060708090A0B0C0D0E0F1011121314151617 -Operation = ENCRYPT -Plaintext = 00112233445566778899AABBCCDDEEFF -Ciphertext = B22F3C36B72D31329EEE8ADDC2906C68 - -Cipher = CAMELLIA-256-ECB -Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -Operation = ENCRYPT -Plaintext = 00112233445566778899AABBCCDDEEFF -Ciphertext = 2EDF1F3418D53B88841FC8985FB1ECF2 - - -# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt -Cipher = CAMELLIA-128-ECB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 432FC5DCD628115B7C388D770B270C96 - -Cipher = CAMELLIA-128-ECB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 0BE1F14023782A22E8384C5ABB7FAB2B - -Cipher = CAMELLIA-128-ECB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = A0A1ABCD1893AB6FE0FE5B65DF5F8636 - -Cipher = CAMELLIA-128-ECB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = E61925E0D5DFAA9BB29F815B3076E51A - - -# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt -Cipher = CAMELLIA-192-ECB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = CCCC6C4E138B45848514D48D0D3439D3 - -Cipher = CAMELLIA-192-ECB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 5713C62C14B2EC0F8393B6AFD6F5785A - -Cipher = CAMELLIA-192-ECB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = B40ED2B60EB54D09D030CF511FEEF366 - -Cipher = CAMELLIA-192-ECB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 909DBD95799096748CB27357E73E1D26 - - -# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt -Cipher = CAMELLIA-256-ECB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = BEFD219B112FA00098919CD101C9CCFA - -Cipher = CAMELLIA-256-ECB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = C91D3A8F1AEA08A9386CF4B66C0169EA - -Cipher = CAMELLIA-256-ECB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = A623D711DC5F25A51BB8A80D56397D28 - -Cipher = CAMELLIA-256-ECB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 7960109FB6DC42947FCFE59EA3C5EB6B - - -# For all CBC encrypts and decrypts, the transformed sequence is -# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec -# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt -Cipher = CAMELLIA-128-CBC -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 000102030405060708090A0B0C0D0E0F -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 1607CF494B36BBF00DAEB0B503C831AB - -Cipher = CAMELLIA-128-CBC -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 1607CF494B36BBF00DAEB0B503C831AB -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = A2F2CF671629EF7840C5A5DFB5074887 - -Cipher = CAMELLIA-128-CBC -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = A2F2CF671629EF7840C5A5DFB5074887 -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 0F06165008CF8B8B5A63586362543E54 - -Cipher = CAMELLIA-128-CBC -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 36A84CDAFD5F9A85ADA0F0A993D6D577 -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 74C64268CDB8B8FAF5B34E8AF3732980 - - -# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt -Cipher = CAMELLIA-192-CBC -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 000102030405060708090A0B0C0D0E0F -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 2A4830AB5AC4A1A2405955FD2195CF93 - -Cipher = CAMELLIA-192-CBC -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 2A4830AB5AC4A1A2405955FD2195CF93 -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 5D5A869BD14CE54264F892A6DD2EC3D5 - -Cipher = CAMELLIA-192-CBC -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 5D5A869BD14CE54264F892A6DD2EC3D5 -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 37D359C3349836D884E310ADDF68C449 - -Cipher = CAMELLIA-192-CBC -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 37D359C3349836D884E310ADDF68C449 -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 01FAAA930B4AB9916E9668E1428C6B08 - - -# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt -Cipher = CAMELLIA-256-CBC -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 000102030405060708090A0B0C0D0E0F -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = E6CFA35FC02B134A4D2C0B6737AC3EDA - -Cipher = CAMELLIA-256-CBC -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = E6CFA35FC02B134A4D2C0B6737AC3EDA -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 36CBEB73BD504B4070B1B7DE2B21EB50 - -Cipher = CAMELLIA-256-CBC -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 36CBEB73BD504B4070B1B7DE2B21EB50 -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = E31A6055297D96CA3330CDF1B1860A83 - -Cipher = CAMELLIA-256-CBC -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = E31A6055297D96CA3330CDF1B1860A83 -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 5D563F6D1CCCF236051C0C5C1C58F28F - - -# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt -# For all CFB128 encrypts and decrypts, the transformed sequence is -# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec -# CFB128-CAMELLIA128.Encrypt -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 14F7646187817EB586599146B82BD719 - -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 14F7646187817EB586599146B82BD719 -Operation = ENCRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = A53D28BB82DF741103EA4F921A44880B - -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = A53D28BB82DF741103EA4F921A44880B -Operation = ENCRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96 - -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 9C2157A664626D1DEF9EA420FDE69B96 -Operation = ENCRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 742A25F0542340C7BAEF24CA8482BB09 - - -# CFB128-CAMELLIA128.Decrypt -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 14F7646187817EB586599146B82BD719 - -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 14F7646187817EB586599146B82BD719 -Operation = DECRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = A53D28BB82DF741103EA4F921A44880B - -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = A53D28BB82DF741103EA4F921A44880B -Operation = DECRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96 - -Cipher = CAMELLIA-128-CFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 9C2157A664626D1DEF9EA420FDE69B96 -Operation = DECRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 742A25F0542340C7BAEF24CA8482BB09 - - -# CFB128-CAMELLIA192.Encrypt -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = C832BB9780677DAA82D9B6860DCD565E - -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = C832BB9780677DAA82D9B6860DCD565E -Operation = ENCRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 86F8491627906D780C7A6D46EA331F98 - -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 86F8491627906D780C7A6D46EA331F98 -Operation = ENCRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 69511CCE594CF710CB98BB63D7221F01 - -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 69511CCE594CF710CB98BB63D7221F01 -Operation = ENCRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = D5B5378A3ABED55803F25565D8907B84 - - -# CFB128-CAMELLIA192.Decrypt -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = C832BB9780677DAA82D9B6860DCD565E - -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = C832BB9780677DAA82D9B6860DCD565E -Operation = DECRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 86F8491627906D780C7A6D46EA331F98 - -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 86F8491627906D780C7A6D46EA331F98 -Operation = DECRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 69511CCE594CF710CB98BB63D7221F01 - -Cipher = CAMELLIA-192-CFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 69511CCE594CF710CB98BB63D7221F01 -Operation = DECRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = D5B5378A3ABED55803F25565D8907B84 - - -# CFB128-CAMELLIA256.Encrypt -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 - -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93 -Operation = ENCRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B - -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B -Operation = ENCRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4 - -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 555FC3F34BDD2D54C62D9E3BF338C1C4 -Operation = ENCRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA - - -# CFB128-CAMELLIA256.Decrypt -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 - -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93 -Operation = DECRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B - -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B -Operation = DECRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4 - -Cipher = CAMELLIA-256-CFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 555FC3F34BDD2D54C62D9E3BF338C1C4 -Operation = DECRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA - - -# For all OFB encrypts and decrypts, the transformed sequence is -# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec -# OFB-CAMELLIA128.Encrypt -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 14F7646187817EB586599146B82BD719 - -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 50FE67CC996D32B6DA0937E99BAFEC60 -Operation = ENCRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 25623DB569CA51E01482649977E28D84 - -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = D9A4DADA0892239F6B8B3D7680E15674 -Operation = ENCRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = C776634A60729DC657D12B9FCA801E98 - -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = A78819583F0308E7A6BF36B1386ABF23 -Operation = ENCRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = D776379BE0E50825E681DA1A4C980E8E - - -# OFB-CAMELLIA128.Decrypt -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = 14F7646187817EB586599146B82BD719 - -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = 50FE67CC996D32B6DA0937E99BAFEC60 -Operation = DECRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 25623DB569CA51E01482649977E28D84 - -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = D9A4DADA0892239F6B8B3D7680E15674 -Operation = DECRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = C776634A60729DC657D12B9FCA801E98 - -Cipher = CAMELLIA-128-OFB -Key = 2B7E151628AED2A6ABF7158809CF4F3C -IV = A78819583F0308E7A6BF36B1386ABF23 -Operation = DECRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = D776379BE0E50825E681DA1A4C980E8E - - -# OFB-CAMELLIA192.Encrypt -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = C832BB9780677DAA82D9B6860DCD565E - -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = A609B38DF3B1133DDDFF2718BA09565E -Operation = ENCRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339 - -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 52EF01DA52602FE0975F78AC84BF8A50 -Operation = ENCRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = BDD62DBBB9700846C53B507F544696F0 - -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = BD5286AC63AABD7EB067AC54B553F71D -Operation = ENCRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = E28014E046B802F385C4C2E13EAD4A72 - - -# OFB-CAMELLIA192.Decrypt -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = C832BB9780677DAA82D9B6860DCD565E - -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = A609B38DF3B1133DDDFF2718BA09565E -Operation = DECRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339 - -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = 52EF01DA52602FE0975F78AC84BF8A50 -Operation = DECRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = BDD62DBBB9700846C53B507F544696F0 - -Cipher = CAMELLIA-192-OFB -Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B -IV = BD5286AC63AABD7EB067AC54B553F71D -Operation = DECRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = E28014E046B802F385C4C2E13EAD4A72 - - -# OFB-CAMELLIA256.Encrypt -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 - -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A -Operation = ENCRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 127AD97E8E3994E4820027D7BA109368 - -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = E1C656305ED1A7A6563805746FE03EDC -Operation = ENCRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E - -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 41635BE625B48AFC1666DD42A09D96E7 -Operation = ENCRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20 - - -# OFB-CAMELLIA256.Decrypt -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 6BC1BEE22E409F96E93D7E117393172A -Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 - -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A -Operation = DECRYPT -Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 -Ciphertext = 127AD97E8E3994E4820027D7BA109368 - -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = E1C656305ED1A7A6563805746FE03EDC -Operation = DECRYPT -Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF -Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E - -Cipher = CAMELLIA-256-OFB -Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 -IV = 41635BE625B48AFC1666DD42A09D96E7 -Operation = DECRYPT -Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 -Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20 - - -# Camellia test vectors from RFC5528 -Cipher = CAMELLIA-128-CTR -Key = AE6852F8121067CC4BF7A5765577F39E -IV = 00000030000000000000000000000001 -Operation = ENCRYPT -Plaintext = 53696E676C6520626C6F636B206D7367 -Ciphertext = D09DC29A8214619A20877C76DB1F0B3F - -Cipher = CAMELLIA-128-CTR -Key = 7E24067817FAE0D743D6CE1F32539163 -IV = 006CB6DBC0543B59DA48D90B00000001 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -Ciphertext = DBF3C78DC08396D4DA7C907765BBCB442B8E8E0F31F0DCA72C7417E35360E048 - -Cipher = CAMELLIA-128-CTR -Key = 7691BE035E5020A8AC6E618529F9A0DC -IV = 00E0017B27777F3F4A1786F000000001 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 -Ciphertext = B19D1FCDCB75EB882F849CE24D85CF739CE64B2B5C9D73F14F2D5D9DCE9889CDDF508696 - -Cipher = CAMELLIA-192-CTR -Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515 -IV = 0000004836733C147D6D93CB00000001 -Operation = ENCRYPT -Plaintext = 53696E676C6520626C6F636B206D7367 -Ciphertext = 2379399E8A8D2B2B16702FC78B9E9696 - -Cipher = CAMELLIA-192-CTR -Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A -IV = 0096B03B020C6EADC2CB500D00000001 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -Ciphertext = 7DEF34F7A5D0E415674B7FFCAE67C75DD018B86FF23051E056392A99F35A4CED - -Cipher = CAMELLIA-192-CTR -Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE -IV = 0007BDFD5CBD60278DCC091200000001 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 -Ciphertext = 5710E556E1487A20B5AC0E73F19E4E7876F37FDC91B1EF4D4DADE8E666A64D0ED557AB57 - -Cipher = CAMELLIA-256-CTR -Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104 -IV = 00000060DB5672C97AA8F0B200000001 -Operation = ENCRYPT -Plaintext = 53696E676C6520626C6F636B206D7367 -Ciphertext = 3401F9C8247EFFCEBD6994714C1BBB11 - -Cipher = CAMELLIA-256-CTR -Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884 -IV = 00FAAC24C1585EF15A43D87500000001 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -Ciphertext = D6C30392246F7808A83C2B22A8839E45E51CD48A1CDF406EBC9CC2D3AB834108 - -Cipher = CAMELLIA-256-CTR -Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D -IV = 001CC5B751A51D70A1C1114800000001 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 -Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D - -# SEED test vectors from RFC4269 -Cipher = SEED-ECB -Key = 00000000000000000000000000000000 -Operation = DECRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F -Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB - -Cipher = SEED-ECB -Key = 000102030405060708090A0B0C0D0E0F -Operation = DECRYPT -Plaintext = 00000000000000000000000000000000 -Ciphertext = C11F22F20140505084483597E4370F43 - -Cipher = SEED-ECB -Key = 4706480851E61BE85D74BFB3FD956185 -Operation = DECRYPT -Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D -Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A - -Cipher = SEED-ECB -Key = 28DBC3BC49FFD87DCFA509B11D422BE7 -Operation = DECRYPT -Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7 -Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122 - -Cipher = SEED-ECB -Key = 00000000000000000000000000000000 -Operation = ENCRYPT -Plaintext = 000102030405060708090A0B0C0D0E0F -Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB - -Cipher = SEED-ECB -Key = 000102030405060708090A0B0C0D0E0F -Operation = ENCRYPT -Plaintext = 00000000000000000000000000000000 -Ciphertext = C11F22F20140505084483597E4370F43 - -Cipher = SEED-ECB -Key = 4706480851E61BE85D74BFB3FD956185 -Operation = ENCRYPT -Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D -Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A - -Cipher = SEED-ECB -Key = 28DBC3BC49FFD87DCFA509B11D422BE7 -Operation = ENCRYPT -Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7 -Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122 - - # AES CCM 256 bit key Cipher = aes-256-ccm Key = 1bde3251d41a8b5ea013c195ae128b218b3e0306376357077ef1c1c78548b92e @@ -1867,7 +1177,8 @@ Ciphertext = 09A4FD29DE949D9A9AA9924248422097AD4883B4713E6C214FF6567ADA08A967B21 Operation = DECRYPT Result = CIPHERFINAL_ERROR -# AES XTS test vectors from IEEE Std 1619-2007 +Title = AES XTS test vectors from IEEE Std 1619-2007 + Cipher = aes-128-xts Key = 0000000000000000000000000000000000000000000000000000000000000000 IV = 00000000000000000000000000000000 @@ -2109,6 +1420,7 @@ Plaintext = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F Ciphertext = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21 Result = CIPHERUPDATE_ERROR + # AES wrap tests from RFC5649 Cipher = id-aes192-wrap-pad Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8 @@ -2120,6 +1432,933 @@ Key = 5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8 Plaintext = 466f7250617369 Ciphertext = afbeb0f07dfbf5419200f2ccb50bb24f +Title = RC4 tests + +Cipher = RC4 +Key = 0123456789abcdef0123456789abcdef +Plaintext = 0123456789abcdef +Ciphertext = 75b7878099e0c596 + +Cipher = RC4 +Key = 0123456789abcdef0123456789abcdef +Plaintext = 0000000000000000 +Ciphertext = 7494c2e7104b0879 + +Cipher = RC4 +Key = 00000000000000000000000000000000 +Plaintext = 0000000000000000 +Ciphertext = de188941a3375d3a + +Cipher = RC4 +Key = ef012345ef012345ef012345ef012345 +Plaintext = 0000000000000000000000000000000000000000 +Ciphertext = d6a141a7ec3c38dfbd615a1162e1c7ba36b67858 + +Cipher = RC4 +Key = 0123456789abcdef0123456789abcdef +Plaintext = 123456789ABCDEF0123456789ABCDEF0123456789ABCDEF012345678 +Ciphertext = 66a0949f8af7d6891f7f832ba833c00c892ebe30143ce28740011ecf + +Cipher = RC4 +Key = ef012345ef012345ef012345ef012345 +Plaintext = 00000000000000000000 +Ciphertext = d6a141a7ec3c38dfbd61 + +Title = Camellia tests from RFC3713 + +# For all ECB encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-ECB:key::plaintext:ciphertext:encdec +Cipher = CAMELLIA-128-ECB +Key = 0123456789abcdeffedcba9876543210 +Plaintext = 0123456789abcdeffedcba9876543210 +Ciphertext = 67673138549669730857065648eabe43 + +Cipher = CAMELLIA-192-ECB +Key = 0123456789abcdeffedcba98765432100011223344556677 +Plaintext = 0123456789abcdeffedcba9876543210 +Ciphertext = b4993401b3e996f84ee5cee7d79b09b9 + +Cipher = CAMELLIA-256-ECB +Key = 0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff +Plaintext = 0123456789abcdeffedcba9876543210 +Ciphertext = 9acc237dff16d76c20ef7c919e3a7509 + +# ECB-CAMELLIA128.Encrypt +Cipher = CAMELLIA-128-ECB +Key = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 00112233445566778899AABBCCDDEEFF +Ciphertext = 77CF412067AF8270613529149919546F + +Cipher = CAMELLIA-192-ECB +Key = 000102030405060708090A0B0C0D0E0F1011121314151617 +Operation = ENCRYPT +Plaintext = 00112233445566778899AABBCCDDEEFF +Ciphertext = B22F3C36B72D31329EEE8ADDC2906C68 + +Cipher = CAMELLIA-256-ECB +Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Operation = ENCRYPT +Plaintext = 00112233445566778899AABBCCDDEEFF +Ciphertext = 2EDF1F3418D53B88841FC8985FB1ECF2 + + +# ECB-CAMELLIA128.Encrypt and ECB-CAMELLIA128.Decrypt +Cipher = CAMELLIA-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 432FC5DCD628115B7C388D770B270C96 + +Cipher = CAMELLIA-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 0BE1F14023782A22E8384C5ABB7FAB2B + +Cipher = CAMELLIA-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = A0A1ABCD1893AB6FE0FE5B65DF5F8636 + +Cipher = CAMELLIA-128-ECB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = E61925E0D5DFAA9BB29F815B3076E51A + + +# ECB-CAMELLIA192.Encrypt and ECB-CAMELLIA192.Decrypt +Cipher = CAMELLIA-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = CCCC6C4E138B45848514D48D0D3439D3 + +Cipher = CAMELLIA-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 5713C62C14B2EC0F8393B6AFD6F5785A + +Cipher = CAMELLIA-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = B40ED2B60EB54D09D030CF511FEEF366 + +Cipher = CAMELLIA-192-ECB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 909DBD95799096748CB27357E73E1D26 + + +# ECB-CAMELLIA256.Encrypt and ECB-CAMELLIA256.Decrypt +Cipher = CAMELLIA-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = BEFD219B112FA00098919CD101C9CCFA + +Cipher = CAMELLIA-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = C91D3A8F1AEA08A9386CF4B66C0169EA + +Cipher = CAMELLIA-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = A623D711DC5F25A51BB8A80D56397D28 + +Cipher = CAMELLIA-256-ECB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 7960109FB6DC42947FCFE59EA3C5EB6B + + +# For all CBC encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-CBC:key:IV/ciphertext':plaintext:ciphertext:encdec +# CBC-CAMELLIA128.Encrypt and CBC-CAMELLIA128.Decrypt +Cipher = CAMELLIA-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 1607CF494B36BBF00DAEB0B503C831AB + +Cipher = CAMELLIA-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 1607CF494B36BBF00DAEB0B503C831AB +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = A2F2CF671629EF7840C5A5DFB5074887 + +Cipher = CAMELLIA-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A2F2CF671629EF7840C5A5DFB5074887 +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 0F06165008CF8B8B5A63586362543E54 + +Cipher = CAMELLIA-128-CBC +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 36A84CDAFD5F9A85ADA0F0A993D6D577 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 74C64268CDB8B8FAF5B34E8AF3732980 + + +# CBC-CAMELLIA192.Encrypt and CBC-CAMELLIA192.Decrypt +Cipher = CAMELLIA-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 2A4830AB5AC4A1A2405955FD2195CF93 + +Cipher = CAMELLIA-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 2A4830AB5AC4A1A2405955FD2195CF93 +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 5D5A869BD14CE54264F892A6DD2EC3D5 + +Cipher = CAMELLIA-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 5D5A869BD14CE54264F892A6DD2EC3D5 +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 37D359C3349836D884E310ADDF68C449 + +Cipher = CAMELLIA-192-CBC +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 37D359C3349836D884E310ADDF68C449 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 01FAAA930B4AB9916E9668E1428C6B08 + + +# CBC-CAMELLIA256.Encrypt and CBC-CAMELLIA256.Decrypt +Cipher = CAMELLIA-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = E6CFA35FC02B134A4D2C0B6737AC3EDA + +Cipher = CAMELLIA-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = E6CFA35FC02B134A4D2C0B6737AC3EDA +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 36CBEB73BD504B4070B1B7DE2B21EB50 + +Cipher = CAMELLIA-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 36CBEB73BD504B4070B1B7DE2B21EB50 +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = E31A6055297D96CA3330CDF1B1860A83 + +Cipher = CAMELLIA-256-CBC +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = E31A6055297D96CA3330CDF1B1860A83 +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 5D563F6D1CCCF236051C0C5C1C58F28F + + +# We don't support CFB{1,8}-CAMELLIAxxx.{En,De}crypt +# For all CFB128 encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-CFB:key:IV/ciphertext':plaintext:ciphertext:encdec +# CFB128-CAMELLIA128.Encrypt +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 14F7646187817EB586599146B82BD719 + +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 14F7646187817EB586599146B82BD719 +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = A53D28BB82DF741103EA4F921A44880B + +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A53D28BB82DF741103EA4F921A44880B +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96 + +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 9C2157A664626D1DEF9EA420FDE69B96 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 742A25F0542340C7BAEF24CA8482BB09 + + +# CFB128-CAMELLIA128.Decrypt +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 14F7646187817EB586599146B82BD719 + +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 14F7646187817EB586599146B82BD719 +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = A53D28BB82DF741103EA4F921A44880B + +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A53D28BB82DF741103EA4F921A44880B +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 9C2157A664626D1DEF9EA420FDE69B96 + +Cipher = CAMELLIA-128-CFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 9C2157A664626D1DEF9EA420FDE69B96 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 742A25F0542340C7BAEF24CA8482BB09 + + +# CFB128-CAMELLIA192.Encrypt +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = C832BB9780677DAA82D9B6860DCD565E + +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = C832BB9780677DAA82D9B6860DCD565E +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 86F8491627906D780C7A6D46EA331F98 + +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 86F8491627906D780C7A6D46EA331F98 +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 69511CCE594CF710CB98BB63D7221F01 + +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 69511CCE594CF710CB98BB63D7221F01 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = D5B5378A3ABED55803F25565D8907B84 + + +# CFB128-CAMELLIA192.Decrypt +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = C832BB9780677DAA82D9B6860DCD565E + +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = C832BB9780677DAA82D9B6860DCD565E +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 86F8491627906D780C7A6D46EA331F98 + +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 86F8491627906D780C7A6D46EA331F98 +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 69511CCE594CF710CB98BB63D7221F01 + +Cipher = CAMELLIA-192-CFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 69511CCE594CF710CB98BB63D7221F01 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = D5B5378A3ABED55803F25565D8907B84 + + +# CFB128-CAMELLIA256.Encrypt +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 + +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93 +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B + +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4 + +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 555FC3F34BDD2D54C62D9E3BF338C1C4 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA + + +# CFB128-CAMELLIA256.Decrypt +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 + +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = CF6107BB0CEA7D7FB1BD31F5E7B06C93 +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 89BEDB4CCDD864EA11BA4CBE849B5E2B + +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 89BEDB4CCDD864EA11BA4CBE849B5E2B +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 555FC3F34BDD2D54C62D9E3BF338C1C4 + +Cipher = CAMELLIA-256-CFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 555FC3F34BDD2D54C62D9E3BF338C1C4 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 5953ADCE14DB8C7F39F1BD39F359BFFA + + +# For all OFB encrypts and decrypts, the transformed sequence is +# CAMELLIA-bits-OFB:key:IV/output':plaintext:ciphertext:encdec +# OFB-CAMELLIA128.Encrypt +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 14F7646187817EB586599146B82BD719 + +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 50FE67CC996D32B6DA0937E99BAFEC60 +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 25623DB569CA51E01482649977E28D84 + +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = D9A4DADA0892239F6B8B3D7680E15674 +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = C776634A60729DC657D12B9FCA801E98 + +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A78819583F0308E7A6BF36B1386ABF23 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = D776379BE0E50825E681DA1A4C980E8E + + +# OFB-CAMELLIA128.Decrypt +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = 14F7646187817EB586599146B82BD719 + +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = 50FE67CC996D32B6DA0937E99BAFEC60 +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 25623DB569CA51E01482649977E28D84 + +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = D9A4DADA0892239F6B8B3D7680E15674 +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = C776634A60729DC657D12B9FCA801E98 + +Cipher = CAMELLIA-128-OFB +Key = 2B7E151628AED2A6ABF7158809CF4F3C +IV = A78819583F0308E7A6BF36B1386ABF23 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = D776379BE0E50825E681DA1A4C980E8E + + +# OFB-CAMELLIA192.Encrypt +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = C832BB9780677DAA82D9B6860DCD565E + +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = A609B38DF3B1133DDDFF2718BA09565E +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339 + +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 52EF01DA52602FE0975F78AC84BF8A50 +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = BDD62DBBB9700846C53B507F544696F0 + +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = BD5286AC63AABD7EB067AC54B553F71D +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = E28014E046B802F385C4C2E13EAD4A72 + + +# OFB-CAMELLIA192.Decrypt +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = C832BB9780677DAA82D9B6860DCD565E + +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = A609B38DF3B1133DDDFF2718BA09565E +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 8ECEB7D0350D72C7F78562AEBDF99339 + +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = 52EF01DA52602FE0975F78AC84BF8A50 +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = BDD62DBBB9700846C53B507F544696F0 + +Cipher = CAMELLIA-192-OFB +Key = 8E73B0F7DA0E6452C810F32B809079E562F8EAD2522C6B7B +IV = BD5286AC63AABD7EB067AC54B553F71D +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = E28014E046B802F385C4C2E13EAD4A72 + + +# OFB-CAMELLIA256.Encrypt +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 + +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A +Operation = ENCRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 127AD97E8E3994E4820027D7BA109368 + +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = E1C656305ED1A7A6563805746FE03EDC +Operation = ENCRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E + +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 41635BE625B48AFC1666DD42A09D96E7 +Operation = ENCRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20 + + +# OFB-CAMELLIA256.Decrypt +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 6BC1BEE22E409F96E93D7E117393172A +Ciphertext = CF6107BB0CEA7D7FB1BD31F5E7B06C93 + +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = B7BF3A5DF43989DD97F0FA97EBCE2F4A +Operation = DECRYPT +Plaintext = AE2D8A571E03AC9C9EB76FAC45AF8E51 +Ciphertext = 127AD97E8E3994E4820027D7BA109368 + +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = E1C656305ED1A7A6563805746FE03EDC +Operation = DECRYPT +Plaintext = 30C81C46A35CE411E5FBC1191A0A52EF +Ciphertext = 6BFF6265A6A6B7A535BC65A80B17214E + +Cipher = CAMELLIA-256-OFB +Key = 603DEB1015CA71BE2B73AEF0857D77811F352C073B6108D72D9810A30914DFF4 +IV = 41635BE625B48AFC1666DD42A09D96E7 +Operation = DECRYPT +Plaintext = F69F2445DF4F9B17AD2B417BE66C3710 +Ciphertext = 0A4A0404E26AA78A27CB271E8BF3CF20 + + +# Camellia test vectors from RFC5528 +Cipher = CAMELLIA-128-CTR +Key = AE6852F8121067CC4BF7A5765577F39E +IV = 00000030000000000000000000000001 +Operation = ENCRYPT +Plaintext = 53696E676C6520626C6F636B206D7367 +Ciphertext = D09DC29A8214619A20877C76DB1F0B3F + +Cipher = CAMELLIA-128-CTR +Key = 7E24067817FAE0D743D6CE1F32539163 +IV = 006CB6DBC0543B59DA48D90B00000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Ciphertext = DBF3C78DC08396D4DA7C907765BBCB442B8E8E0F31F0DCA72C7417E35360E048 + +Cipher = CAMELLIA-128-CTR +Key = 7691BE035E5020A8AC6E618529F9A0DC +IV = 00E0017B27777F3F4A1786F000000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 +Ciphertext = B19D1FCDCB75EB882F849CE24D85CF739CE64B2B5C9D73F14F2D5D9DCE9889CDDF508696 + +Cipher = CAMELLIA-192-CTR +Key = 16AF5B145FC9F579C175F93E3BFB0EED863D06CCFDB78515 +IV = 0000004836733C147D6D93CB00000001 +Operation = ENCRYPT +Plaintext = 53696E676C6520626C6F636B206D7367 +Ciphertext = 2379399E8A8D2B2B16702FC78B9E9696 + +Cipher = CAMELLIA-192-CTR +Key = 7C5CB2401B3DC33C19E7340819E0F69C678C3DB8E6F6A91A +IV = 0096B03B020C6EADC2CB500D00000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Ciphertext = 7DEF34F7A5D0E415674B7FFCAE67C75DD018B86FF23051E056392A99F35A4CED + +Cipher = CAMELLIA-192-CTR +Key = 02BF391EE8ECB159B959617B0965279BF59B60A786D3E0FE +IV = 0007BDFD5CBD60278DCC091200000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 +Ciphertext = 5710E556E1487A20B5AC0E73F19E4E7876F37FDC91B1EF4D4DADE8E666A64D0ED557AB57 + +Cipher = CAMELLIA-256-CTR +Key = 776BEFF2851DB06F4C8A0542C8696F6C6A81AF1EEC96B4D37FC1D689E6C1C104 +IV = 00000060DB5672C97AA8F0B200000001 +Operation = ENCRYPT +Plaintext = 53696E676C6520626C6F636B206D7367 +Ciphertext = 3401F9C8247EFFCEBD6994714C1BBB11 + +Cipher = CAMELLIA-256-CTR +Key = F6D66D6BD52D59BB0796365879EFF886C66DD51A5B6A99744B50590C87A23884 +IV = 00FAAC24C1585EF15A43D87500000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F +Ciphertext = D6C30392246F7808A83C2B22A8839E45E51CD48A1CDF406EBC9CC2D3AB834108 + +Cipher = CAMELLIA-256-CTR +Key = FF7A617CE69148E4F1726E2F43581DE2AA62D9F805532EDFF1EED687FB54153D +IV = 001CC5B751A51D70A1C1114800000001 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 +Ciphertext = A4DA23FCE6A5FFAA6D64AE9A0652A42CD161A34B65F9679F75C01F101F71276F15EF0D8D + +Title = SM4 test vectors from IETF draft-ribose-cfrg-sm4 + +Cipher = SM4-ECB +Key = 0123456789ABCDEFFEDCBA9876543210 +Plaintext = 0123456789ABCDEFFEDCBA9876543210 +Ciphertext = 681EDF34D206965E86B3E94F536E4246 + +Cipher = SM4-CBC +Key = 0123456789ABCDEFFEDCBA9876543210 +IV = 0123456789ABCDEFFEDCBA9876543210 +Plaintext = 0123456789ABCDEFFEDCBA98765432100123456789ABCDEFFEDCBA9876543210 +Ciphertext = 2677F46B09C122CC975533105BD4A22AF6125F7275CE552C3A2BBCF533DE8A3B + +Cipher = SM4-OFB +Key = 0123456789ABCDEFFEDCBA9876543210 +IV = 0123456789ABCDEFFEDCBA9876543210 +Plaintext = 0123456789ABCDEFFEDCBA98765432100123456789ABCDEFFEDCBA9876543210 +Ciphertext = 693D9A535BAD5BB1786F53D7253A7056F2075D28B5235F58D50027E4177D2BCE + +Cipher = SM4-CFB +Key = 0123456789ABCDEFFEDCBA9876543210 +IV = 0123456789ABCDEFFEDCBA9876543210 +Plaintext = 0123456789ABCDEFFEDCBA98765432100123456789ABCDEFFEDCBA9876543210 +Ciphertext = 693D9A535BAD5BB1786F53D7253A70569ED258A85A0467CC92AAB393DD978995 + +Cipher = SM4-CTR +Key = 0123456789ABCDEFFEDCBA9876543210 +IV = 0123456789ABCDEFFEDCBA9876543210 +Plaintext = AAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBCCCCCCCCCCCCCCCCDDDDDDDDDDDDDDDDEEEEEEEEEEEEEEEEFFFFFFFFFFFFFFFFEEEEEEEEEEEEEEEEAAAAAAAAAAAAAAAA +Ciphertext = C2B4759E78AC3CF43D0852F4E8D5F9FD7256E8A5FCB65A350EE00630912E44492A0B17E1B85B060D0FBA612D8A95831638B361FD5FFACD942F081485A83CA35D + +Title = ARIA test vectors from RFC5794 (and others) + +Cipher = ARIA-128-ECB +Key = 000102030405060708090a0b0c0d0e0f +Plaintext = 00112233445566778899aabbccddeeff +Ciphertext = d718fbd6ab644c739da95f3be6451778 + +Cipher = ARIA-192-ECB +Key = 000102030405060708090a0b0c0d0e0f1011121314151617 +Plaintext = 00112233445566778899aabbccddeeff +Ciphertext = 26449c1805dbe7aa25a468ce263a9e79 + +Cipher = ARIA-256-ECB +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f +Plaintext = 00112233445566778899aabbccddeeff +Ciphertext = f92bd7c79fb72e2f2b8f80c1972d24fc + +# Additional ARIA mode vectors from http://210.104.33.10/ARIA/doc/ARIA-testvector-e.pdf +Cipher = ARIA-128-ECB +Key = 00112233445566778899aabbccddeeff +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = c6ecd08e22c30abdb215cf74e2075e6e29ccaac63448708d331b2f816c51b17d9e133d1528dbf0af5787c7f3a3f5c2bf6b6f345907a3055612ce072ff54de7d788424da6e8ccfe8172b391be499354165665ba7864917000a6eeb2ecb4a698edfc7887e7f556377614ab0a282293e6d884dbb84206cdb16ed1754e77a1f243fd086953f752cc1e46c7c794ae85537dcaec8dd721f55c93b6edfe2adea43873e8 + +Cipher = ARIA-128-CBC +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 49d61860b14909109cef0d22a9268134fadf9fb23151e9645fba75018bdb1538b53334634bbf7d4cd4b5377033060c155fe3948ca75de1031e1d85619e0ad61eb419a866b3c2dbfd10a4ed18b22149f75897f0b8668b0c1c542c687778835fb7cd46e45f85eaa7072437dd9fa6793d6f8d4ccefc4eb1ac641ac1bd30b18c6d64c49bca137eb21c2e04da62712ca2b4f540c57112c38791852cfac7a5d19ed83a + +Cipher = ARIA-128-CFB +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 3720e53ba7d615383406b09f0a05a200c07c21e6370f413a5d132500a68285017c61b434c7b7ca9685a51071861e4d4bb873b599b479e2d573dddeafba89f812ac6a9e44d554078eb3be94839db4b33da3f59c063123a7ef6f20e10579fa4fd239100ca73b52d4fcafeadee73f139f78f9b7614c2b3b9dbe010f87db06a89a9435f79ce8121431371f4e87b984e0230c22a6dacb32fc42dcc6accef33285bf11 + +Cipher = ARIA-128-CFB8 +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 373c8f6a965599ec785cc8f8149f6c81b632ccb8e0c6eb6a9707ae52c59257a41f94701c1096933127a90195ed0c8e98690547572423bb45c3d70e4a18ee56b967c10e000ba4df5fba7c404134a343d8375d04b151d161ef83417fe1748447d30a6723c406733df7d18aa39a20752d2381942e244811bb97f72eae446b1815aa690cd1b1adcbd007c0088ecdc91cb2e2caf0e11e72459878137eea64ac62a9a1 + +Cipher = ARIA-128-OFB +Key = 00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 3720e53ba7d615383406b09f0a05a2000063063f0560083483faeb041c8adecef30cf80cefb002a0d280759168ec01db3d49f61aced260bd43eec0a2731730eec6fa4f2304319cf8ccac2d7be7833e4f8ae6ce967012c1c6badc5d28e7e4144f6bf5cebe01253ee202afce4bc61f28dec069a6f16f6c8a7dd2afae44148f6ff4d0029d5c607b5fa6b8c8a6301cde5c7033565cd0b8f0974ab490b236197ba04a + +Cipher = ARIA-128-CTR +Key = 00112233445566778899aabbccddeeff +IV = 00000000000000000000000000000000 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = ac5d7de805a0bf1c57c854501af60fa11497e2a34519dea1569e91e5b5ccae2ff3bfa1bf975f4571f48be191613546c3911163c085f871f0e7ae5f2a085b81851c2a3ddf20ecb8fa51901aec8ee4ba32a35dab67bb72cd9140ad188a967ac0fbbdfa94ea6cce47dcf8525ab5a814cfeb2bb60ee2b126e2d9d847c1a9e96f9019e3e6a7fe40d3829afb73db1cc245646addb62d9b907baaafbe46a73dbc131d3d + +Cipher = ARIA-192-ECB +Key = 00112233445566778899aabbccddeeff0011223344556677 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 8d1470625f59ebacb0e55b534b3e462b5f23d33bff78f46c3c15911f4a21809aaccad80b4bda915aa9dae6bcebe06a6c83f77fd5391acfe61de2f646b5d447edbfd5bb49b12fbb9145b227895a757b2af1f7188734863d7b8b6ede5a5b2f06a0a233c8523d2db778fb31b0e311f32700152f33861e9d040c83b5eb40cd88ea49975709dc629365a189f78a3ec40345fc6a5a307a8f9a4413091e007eca5645a0 + +Cipher = ARIA-192-CBC +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = afe6cf23974b533c672a826264ea785f4e4f7f780dc7f3f1e0962b80902386d514e9c3e77259de92dd1102ffab086c1ea52a71260db5920a83295c25320e421147ca45d532f327b856ea947cd2196ae2e040826548b4c891b0ed0ca6e714dbc4631998d548110d666b3d54c2a091955c6f05beb4f62309368696c9791fc4c551564a2637f194346ec45fbca6c72a5b4612e208d531d6c34cc5c64eac6bd0cf8c + +Cipher = ARIA-192-CFB +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 4171f7192bf4495494d2736129640f5c4d87a9a213664c9448477c6ecc2013598d9766952dd8c3868f17e36ef66fd84bfa45d1593d2d6ee3ea2115047d710d4fb66187caa3a315b3c8ea2d313962edcfe5a3e2028d5ba9a09fd5c65c19d3440e477f0cab0628ec6902c73ee02f1afee9f80115be7b9df82d1e28228e28581a20560e195cbb9e2b327bf56fd2d0ae5502e42c13e9b4015d4da42dc859252e7da4 + +Cipher = ARIA-192-CFB8 +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 411d3b4f57f705aa4d13c46e2cf426af7c8c916ed7923d889f0047bbf11471b6d54f8757ef519339105be3cb69babb976a57d5631fc23cc3051fe9d36e8b8e27a2b2c0c4d31928ccbf30ea8239b46ba1b77f6198e7ecd2ce27b35958148e826f06aaf385bd30362ff141583e7c1d8924d44d36a1133094074631e18adafa9d2e55de98f6895c89d4266ebd33f3d4be5153a96fa12132ece2e81e66e55baa7ade + +Cipher = ARIA-192-OFB +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 4171f7192bf4495494d2736129640f5cc224d26d364b5a06ddde13d0f1e74faa846de354c63cda77469d1a2d425c47ff41734c71b3fa1fcdc11e0b2de22bfeed54898e233df652c75ae136e61de6524e62b3f806fb2e8e616eb410a1b9500537e327ffb04f19f7f82fde2b122100261f81b82723bf936be7beaaf3067d1c036001f1ade71422268d274d7dc6c6ae1970b27a5f2c2f39c1d241fe8cac5ccd74e9 + +Cipher = ARIA-192-CTR +Key = 00112233445566778899aabbccddeeff0011223344556677 +IV = 00000000000000000000000000000000 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 08625ca8fe569c19ba7af3760a6ed1cef4d199263e999dde14082dbba7560b79a4c6b456b8707dce751f9854f18893dfdb3f4e5afa539733e6f1e70b98ba37891f8f81e95df8efc26c7ce043504cb18958b865e4e316cd2aa1c97f31bf23dc046ef326b95a692a191ba0f2a41c5fe9ae070f236ff7078e703b42666caafbdd20bad74ac4c20c0f46c7ca24c151716575c947da16c90cfe1bf217a41cfebe7531 + +Cipher = ARIA-256-ECB +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 58a875e6044ad7fffa4f58420f7f442d8e191016f28e79aefc01e204773280d7018e5f7a938ec30711719953bae86542cd7ebc752474c1a5f6eaaace2a7e29462ee7dfa5afdb84177ead95ccd4b4bb6e1ed17b9534cff0a5fc2941429cfee2ee49c7adbeb7e9d1b0d2a8531d942079596a27ed79f5b1dd13ecd604b07a48885a3afa0627a0e4e60a3c703af292f1baa77b702f16c54aa74bc727ea95c7468b00 + +Cipher = ARIA-256-CBC +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 523a8a806ae621f155fdd28dbc34e1ab7b9b42432ad8b2efb96e23b13f0a6e52f36185d50ad002c5f601bee5493f118b243ee2e313642bffc3902e7b2efd9a12fa682edd2d23c8b9c5f043c18b17c1ec4b5867918270fbec1027c19ed6af833da5d620994668ca22f599791d292dd6273b2959082aafb7a996167cce1eec5f0cfd15f610d87e2dda9ba68ce1260ca54b222491418374294e7909b1e8551cd8de + +Cipher = ARIA-256-CFB +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 26834705b0f2c0e2588d4a7f09009635f28bb93d8c31f870ec1e0bdb082b66fa402dd9c202be300c4517d196b14d4ce11dce97f7aaba54341b0d872cc9b63753a3e8556a14be6f7b3e27e3cfc39caf80f2a355aa50dc83c09c7b11828694f8e4aa726c528976b53f2c877f4991a3a8d28adb63bd751846ffb2350265e179d4990753ae8485ff9b4133ddad5875b84a90cbcfa62a045d726df71b6bda0eeca0be + +Cipher = ARIA-256-CFB8 +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 26baa33651e1f66434fec88ef27fd2b9a79e246dd89a3ffa00e8bdb37155433e6c24bd0b87d9a85baa9f485ccb984f5ec24d6a3ef5e3c81396177f039cf580dfdb55d6e1c47a28921dfe369e12fd357b289ad3a5544e1c1bd616d454db9c5f91f603373f29d5b2ed1b4b51de80f28537bbd43d5e3b5dd071dc91153cbbe732dfc325821b06ed8acaae656dcf2da9f13e4f29db671476f1e644ff06d9b67d6bd4 + +Cipher = ARIA-256-OFB +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 0f1e2d3c4b5a69788796a5b4c3d2e1f0 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 26834705b0f2c0e2588d4a7f0900963584c256815c4292b59f8d3f966a75b52345b4f5f98c785d3f368a8d5ff89b7f950ceab3cd63773c2621d652b8ef98b4196afb2c2b30496bc5b7d9e7f9084f9d855f63a511751c8909e7a6deadbe0a67a4fb89383ca5d209c6f66f793fc471195c476fb9c1eab2ac91e680e454b4f3ed9a67fb52f09c29b965b23cfa6f3f6bbb2a86c6cdbaa2857bf2486f543231892a52 + +Cipher = ARIA-256-CTR +Key = 00112233445566778899aabbccddeeff00112233445566778899aabbccddeeff +IV = 00000000000000000000000000000000 +Plaintext = 11111111aaaaaaaa11111111bbbbbbbb11111111cccccccc11111111dddddddd22222222aaaaaaaa22222222bbbbbbbb22222222cccccccc22222222dddddddd33333333aaaaaaaa33333333bbbbbbbb33333333cccccccc33333333dddddddd44444444aaaaaaaa44444444bbbbbbbb44444444cccccccc44444444dddddddd55555555aaaaaaaa55555555bbbbbbbb55555555cccccccc55555555dddddddd +Ciphertext = 30026c329666141721178b99c0a1f1b2f06940253f7b3089e2a30ea86aa3c88f5940f05ad7ee41d71347bb7261e348f18360473fdf7d4e7723bffb4411cc13f6cdd89f3bc7b9c768145022c7a74f14d7c305cd012a10f16050c23f1ae5c23f45998d13fbaa041e51619577e0772764896a5d4516d8ffceb3bf7e05f613edd9a60cdcedaff9cfcaf4e00d445a54334f73ab2cad944e51d266548e61c6eb0aa1cd + +Title = ARIA GCM test vectors from IETF draft-ietf-avtcore-aria-srtp-10 + +Cipher = ARIA-128-GCM +Key = e91e5e75da65554a48181f3846349562 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = 5abace3f37f5a736f4be984bbffbedc1 +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = 4d8a9a0675550c704b17d8c9ddc81a5cd6f7da34f2fe1b3db7cb3dfb9697102ea0f3c1fc2dbc873d44bceeae8e4442974ba21ff6789d3272613fb9631a7cf3f14bacbeb421633a90ffbe58c2fa6bdca534f10d0de0502ce1d531b6336e58878278531e5c22bc6c85bbd784d78d9e680aa19031aaf89101d669d7a3965c1f7e16229d7463e0535f4e253f5d18187d40b8ae0f564bd970b5e7e2adfb211e89a953 + +Cipher = ARIA-256-GCM +Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = e210d6ced2cf430ff841472915e7ef48 +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = 6f9e4bcbc8c85fc0128fb1e4a0a20cb9932ff74581f54fc013dd054b19f99371425b352d97d3f337b90b63d1b082adeeea9d2d7391897d591b985e55fb50cb5350cf7d38dc27dda127c078a149c8eb98083d66363a46e3726af217d3a00275ad5bf772c7610ea4c23006878f0ee69a8397703169a419303f40b72e4573714d19e2697df61e7c7252e5abc6bade876ac4961bfac4d5e867afca351a48aed52822 + +Title = ARIA CCM test vectors from IETF draft-ietf-avtcore-aria-srtp-02 + +# 16-byte Tag + +Cipher = ARIA-128-CCM +Key = 974bee725d44fc3992267b284c3c6750 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = 40f04b6467e300f6b336aedf9df4185b +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855 + +Cipher = ARIA-256-CCM +Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = 87b6bd222c55365a9c7d0b215b77ea41 +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1 + +# 8-byte Tag + +Cipher = ARIA-128-CCM +Key = 974bee725d44fc3992267b284c3c6750 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = dd2282c93a67fe4b +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855 + +Cipher = ARIA-256-CCM +Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = 828dc0088f99a7ef +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1 + +# 12-byte Tag + +Cipher = ARIA-128-CCM +Key = 974bee725d44fc3992267b284c3c6750 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = 01f3dedd15238da5ebfb1590 +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = 621e408a2e455505b39f704dcbac4307daabbd6d670abc4e42f2fd2fca263f094f4683e6fb0b10c5093d42b69dce0ba546520e7c4400975713f3bde93ef131160b9cbcd6df78a1502be7c6ea8d395b9ed0078819c3105c0ab92cb67b16ba51bb1f53508738bf7a37c9a905439b88b7af9d51a407916fdfea8d43bf253721846dc1671391225fc58d9d0693c8ade6a4ffb034ee6543dd4e651b7a084eae60f855 + +Cipher = ARIA-256-CCM +Key = 0c5ffd37a11edc42c325287fc0604f2e3e8cd5671a00fe3216aa5eb105783b54 +IV = 000020e8f5eb00000000315e +AAD = 8008315ebf2e6fe020e8f5eb +Tag = 3615b7f90a651de15da20fb6 +Plaintext = f57af5fd4ae19562976ec57a5a7ad55a5af5c5e5c5fdf5c55ad57a4a7272d57262e9729566ed66e97ac54a4a5a7ad5e15ae5fdd5fd5ac5d56ae56ad5c572d54ae54ac55a956afd6aed5a4ac562957a9516991691d572fd14e97ae962ed7a9f4a955af572e162f57a956666e17ae1f54a95f566d54a66e16e4afd6a9f7ae1c5c55ae5d56afde916c5e94a6ec56695e14afde1148416e94ad57ac5146ed59d1cc5 +Ciphertext = ff78128ee18ee3cb9fb0d20726a017ff67fbd09d3a4c38aa32f6d306d3fdda378e459b83ed005507449d6cd981a4c1e3ff4193870c276ef09b6317a01a2283206ae4b4be0d0b235422c8abb00122410656b75e1ffc7fb49c0d0c5d6169aa7623610579968037aee8e83fc26264ea866590fd620aa3c0a5f323d953aa7f8defb0d0d60ab5a9de44dbaf8eae74ea3ab5f30594154f405fd630aa4c4d5603efdfa1 + + +Title = SEED test vectors from RFC4269 + +Cipher = SEED-ECB +Key = 00000000000000000000000000000000 +Operation = DECRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F +Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB + +Cipher = SEED-ECB +Key = 000102030405060708090A0B0C0D0E0F +Operation = DECRYPT +Plaintext = 00000000000000000000000000000000 +Ciphertext = C11F22F20140505084483597E4370F43 + +Cipher = SEED-ECB +Key = 4706480851E61BE85D74BFB3FD956185 +Operation = DECRYPT +Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D +Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A + +Cipher = SEED-ECB +Key = 28DBC3BC49FFD87DCFA509B11D422BE7 +Operation = DECRYPT +Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7 +Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122 + +Cipher = SEED-ECB +Key = 00000000000000000000000000000000 +Operation = ENCRYPT +Plaintext = 000102030405060708090A0B0C0D0E0F +Ciphertext = 5EBAC6E0054E166819AFF1CC6D346CDB + +Cipher = SEED-ECB +Key = 000102030405060708090A0B0C0D0E0F +Operation = ENCRYPT +Plaintext = 00000000000000000000000000000000 +Ciphertext = C11F22F20140505084483597E4370F43 + +Cipher = SEED-ECB +Key = 4706480851E61BE85D74BFB3FD956185 +Operation = ENCRYPT +Plaintext = 83A2F8A288641FB9A4E9A5CC2F131C7D +Ciphertext = EE54D13EBCAE706D226BC3142CD40D4A + +Cipher = SEED-ECB +Key = 28DBC3BC49FFD87DCFA509B11D422BE7 +Operation = ENCRYPT +Plaintext = B41E6BE2EBA84A148E2EED84593C5EC7 +Ciphertext = 9B9B7BFCD1813CB95D0B3618F40F5122 + +Title = Chacha20 + Cipher = chacha20 Key = 0000000000000000000000000000000000000000000000000000000000000000 IV = 00000000000000000000000000000000 @@ -2243,7 +2482,6 @@ Ciphertext = 64a0861575861af460f062c79be643bd5e805cfd345cf389f108670ac76c8cb24c6 Operation = DECRYPT Result = CIPHERFINAL_ERROR - # self-generated vectors Cipher = chacha20-poly1305 Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpdigest.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpdigest.txt index 6579e69883..ae3f7e6a91 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpdigest.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpdigest.txt @@ -17,8 +17,10 @@ # Which is currently unsupported by OpenSSL. They were generated using the # reference implementation. RFC7693 also mentions the 616263 / "abc" values. +Title = BLAKE tests + Digest = BLAKE2s256 -Input = +Input = Output = 69217a3079908094e11121d042354a7c1f55b6482ca1a51e1b250dfd1ed0eef9 Digest = BLAKE2s256 @@ -54,7 +56,7 @@ Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223 Output = C80ABEEBB669AD5DEEB5F5EC8EA6B7A05DDF7D31EC4C0A2EE20B0B98CAEC6746 Digest = BLAKE2b512 -Input = +Input = Output = 786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce Digest = BLAKE2b512 @@ -89,12 +91,144 @@ Digest = BLAKE2b512 Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F8081 Output = DF0A9D0C212843A6A934E3902B2DD30D17FBA5F969D2030B12A546D8A6A45E80CF5635F071F0452E9C919275DA99BED51EB1173C1AF0518726B75B0EC3BAE2B5 -# SHA(1) tests (from shatest.c) +Title = SHA tests from (RFC6234 section 8.5 and others) + Digest = SHA1 -Input = 616263 +Input = "abc" Output = a9993e364706816aba3e25717850c26c9cd0d89d -# MD5 tests +Digest = SHA1 +Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +Output = 84983e441c3bd26ebaae4aa1f95129e5e54670f1 + +Digest = SHA1 +Input = "a" +Ncopy = 1000 +Count = 1000 +Output = 34aa973cd4c4daa4f61eeb2bdbad27316534016f + +Digest = SHA224 +Input = "abc" +Output = 23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7 + +Digest = SHA224 +Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +Output = 75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525 + +Digest = SHA224 +Input = "a" +Ncopy = 64 +Count = 15625 +Output = 20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67 + +Digest = SHA256 +Input = "abc" +Output = ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad + +Digest = SHA256 +Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +Output = 248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1 + +Digest = SHA256 +Input = "a" +Ncopy = 288 +Count = 3472 +Input = "a" +Ncopy = 64 +Output = cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0 + +Digest = SHA384 +Input = "abc" +Output = cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7 + +Digest = SHA384 +Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +Output = 09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039 + +Digest = SHA384 +Input = "a" +Ncopy = 64 +Count = 15625 +Output = 9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985 + +Digest = SHA512 +Input = "abc" +Output = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f + +Digest = SHA512 +Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +Output = 8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909 + +Digest = SHA512 +Input = "a" +Ncopy = 288 +Count = 3472 +Input = "a" +Ncopy = 64 +Output = e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b + +# Some of the test vectors from the SHS CAVP for FIPS 180-4 +Digest = SHA512-224 +Input = +Output = 6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4 + +Digest = SHA512-224 +Input = cf +Output = 4199239e87d47b6feda016802bf367fb6e8b5655eff6225cb2668f4a + +Digest = SHA512-224 +Input = ca2d +Output = 392b99b593b85e147f031986c2a9edfdb4ffd9f24c77c452d339c9fc + +Digest = SHA512-224 +Input = 6963446913771410 +Output = 21f6c373637e6a5e89d6e88811110c5c3fa12e497144912914c546e1 + +Digest = SHA512-224 +Input = 44c6c75e377f21fc9cd7c164ca5c4cb82c5538a58dfb323992e6bcf588c61b246053706bf88725a09d0a8adfcdeec0db419cd7732b0e3386bc3f3407e9e016546f4d15c314bfd57e30c302926deb3342cbc315a1e706c5607c127de42a9a739b +Output = b9b62986eebdb35c88b12e0257537a05394ef5a16fad01c2fec57d6f + +# The two examples from: https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA512_224.pdf +Digest = SHA512-224 +Input = "abc" +Output = 4634270f707b6a54daae7530460842e20e37ed265ceee9a43e8924aa + +Digest = SHA512-224 +Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +Output = 23fec5bb94d60b23308192640b0c453335d664734fe40e7268674af9 + +# Some of the test vectors from the SHS CAVP for FIPS 180-4 +Digest = SHA512-256 +Input = +Output = c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a + +Digest = SHA512-256 +Input = fa +Output = c4ef36923c64e51e875720e550298a5ab8a3f2f875b1e1a4c9b95babf7344fef + +Digest = SHA512-256 +Input = 74e4 +Output = 0c994228b8d3bd5ea5b5259157a9bba7a193118ad22817e6fbed2df1a32a4148 + +Digest = SHA512-256 +Input = b4e2e8501f54be91 +Output = d25265bf9cbc0dd2f108a2f5e8f69db7d15e5b8fe9100fe887dae20b6e054fe8 + +Digest = SHA512-256 +Input = 63188781f4e9cbd1e89a54a65da053b93722e1106f00f024ad1582421ab919326f8a6e17536d6596e3cf413a9231141733e37aae540f8711cefafe489a87c4f2e6fd942f6809f3bef3076763487de48c2ee88733c5bc870617a668c6f01471ed +Output = 91a8e285029085e224987078066486b6c605cbac27e49e84f4639710ddd05d33 + +# The two examples from https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/SHA512_256.pdf +Digest = SHA512-256 +Input = "abc" +Output = 53048e2681941ef99b2e29b76b4c7dabe4c2d0c634fc6d46e0e2f13107e7af23 + +Digest = SHA512-256 +Input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu" +Output = 3928e184fb8690f840da3988121d31be65cb9d3ef83ee6146feac861e19b563a + +Title = MD5 tests + Digest = MD5 Input = Output = d41d8cd98f00b204e9800998ecf8427e @@ -123,7 +257,22 @@ Digest = MD5 Input = 3132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930313233343536373839303132333435363738393031323334353637383930 Output = 57edf4a22be3c955ac49da2e2107b67a -# MD4 tests +Title = MD5-SHA1 + +Digest = MD5-SHA1 +Input = +Output = d41d8cd98f00b204e9800998ecf8427eda39a3ee5e6b4b0d3255bfef95601890afd80709 + +Digest = MD5-SHA1 +Input = "abc" +Output = 900150983cd24fb0d6963f7d28e17f72a9993e364706816aba3e25717850c26c9cd0d89d + +Digest = MD5-SHA1 +Input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" +Output = 8215ef0796a20bcaaae116d3876c664a84983e441c3bd26ebaae4aa1f95129e5e54670f1 + +Title = MD4 tests + Digest = MD4 Input = "" Output = 31d6cfe0d16ae931b73c59d7e0c089c0 @@ -152,7 +301,8 @@ Digest = MD4 Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890" Output = e33b4ddc9c38f2199c3e7b164fcc0536 -# RIPEMD160 tests +Title = RIPEMD160 tests + Digest = RIPEMD160 Input = "" Output = 9c1185a5c5e9fc54612808977ee8f548b2258d31 @@ -185,7 +335,8 @@ Digest = RIPEMD160 Input = "12345678901234567890123456789012345678901234567890123456789012345678901234567890" Output = 9b752e45573d4b39f4dbd3323cab82bf63326bfb -# ISO/IEC 10118-3 test vector set +Title = Whirlpool (from ISO/IEC 10118-3 test vector set) + Digest = whirlpool Input = "" Output = 19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3 @@ -222,3 +373,174 @@ Digest = whirlpool Input = "aaaaaaaaaa" Count = 100000 Output = 0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01 + + +Title = SHA3 + +# Empty input and \xA3x200 vectors are taken from +# http://csrc.nist.gov/groups/ST/toolkit/examples.html#aHashing +# Others are pairs of "LongMsg" vectors available at +# http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html#test-vectors + +Digest = SHA3-224 +Input = "" +Output = 6B4E03423667DBB73B6E15454F0EB1ABD4597F9A1B078E3F5B5A6BC7 + +Digest = SHA3-224 +Input = A3 +Count = 200 +Output = 9376816ABA503F72F96CE7EB65AC095DEEE3BE4BF9BBC2A1CB7E11E0 + +Digest = SHA3-224 +Input = 31c82d71785b7ca6b651cb6c8c9ad5e2aceb0b0633c088d33aa247ada7a594ff4936c023251319820a9b19fc6c48de8a6f7ada214176ccdaadaeef51ed43714ac0c8269bbd497e46e78bb5e58196494b2471b1680e2d4c6dbd249831bd83a4d3be06c8a2e903933974aa05ee748bfe6ef359f7a143edf0d4918da916bd6f15e26a790cff514b40a5da7f72e1ed2fe63a05b8149587bea05653718cc8980eadbfeca85b7c9c286dd040936585938be7f98219700c83a9443c2856a80ff46852b26d1b1edf72a30203cf6c44a10fa6eaf1920173cedfb5c4cf3ac665b37a86ed02155bbbf17dc2e786af9478fe0889d86c5bfa85a242eb0854b1482b7bd16f67f80bef9c7a628f05a107936a64273a97b0088b0e515451f916b5656230a12ba6dc78 +Output = aab23c9e7fb9d7dacefdfd0b1ae85ab1374abff7c4e3f7556ecae412 + +Digest = SHA3-224 +Input = ab4f9d765085ccb474be6e2369568292532f6fa4dd9c50d02a7d8fab0fabb56a7f9680a2462c3753fafd3a252f9dddf1eb4a76835acfb59fc2a83441b8674f2995573697245e40549d2883f1d781a153b903e470f2f28e53e9646a66f7a5a7f0d5d9e6dd50e392be44867010c7ca77c1a5a2e1f00dcb82f589f759a1332b65c62766b9fa3483d399d7602a0969400642976e948d13243a8b89aa287ad5c230b47344d7783606aced3dfed86424abf7de77b026ce6cc35d20d1c500794332b0c1a1bc67dfc033c4c360a8a3aa5fd2f19d2db1bf3b807094b949900827e6438ef5991692b539d3c42227a6b362847e9d88a1b6855db7f58760d953690b26bd7258439a7f8409ae53137a3f2f14fa77a2a6bc0aa3bb7a19dd1c69554aae6c6703f3879057d3978c1a9d41bd3f492985aa0064f43fde2fa33ff6e1dfd4961e0aeacd4e3f412b4d35c0c864660d8779705a9c82bb824c405c54f429392e4da66ecfee7ef066139270ee9ccc83be5952ff5c84ffa8938f130cc52129ab825b6a5b585f01ebed13ce074c225f5b7d441cfc58c0c1039a2f127b3982ca7df546d4993027bd78ffb36ac08161063870d23f2df556b214 +Output = d61f04985026eee29d0f9700f8c5aea32ec2c23b1a9357edeb2be20c + + +Digest = SHA3-256 +Input = "" +Output = A7FFC6F8BF1ED76651C14756A061D662F580FF4DE43B49FA82D80A4B80F8434A + +Digest = SHA3-256 +Input = A3 +Count = 200 +Output = 79F38ADEC5C20307A98EF76E8324AFBFD46CFD81B22E3973C65FA1BD9DE31787 + +Digest = SHA3-256 +Input = b1caa396771a09a1db9bc20543e988e359d47c2a616417bbca1b62cb02796a888fc6eeff5c0b5c3d5062fcb4256f6ae1782f492c1cf03610b4a1fb7b814c057878e1190b9835425c7a4a0e182ad1f91535ed2a35033a5d8c670e21c575ff43c194a58a82d4a1a44881dd61f9f8161fc6b998860cbe4975780be93b6f87980bad0a99aa2cb7556b478ca35d1f3746c33e2bb7c47af426641cc7bbb3425e2144820345e1d0ea5b7da2c3236a52906acdc3b4d34e474dd714c0c40bf006a3a1d889a632983814bbc4a14fe5f159aa89249e7c738b3b73666bac2a615a83fd21ae0a1ce7352ade7b278b587158fd2fabb217aa1fe31d0bda53272045598015a8ae4d8cec226fefa58daa05500906c4d85e7567 +Output = cb5648a1d61c6c5bdacd96f81c9591debc3950dcf658145b8d996570ba881a05 + +Digest = SHA3-256 +Input = 712b03d9ebe78d3a032a612939c518a6166ca9a161183a7596aa35b294d19d1f962da3ff64b57494cb5656e24adcf3b50e16f4e52135d2d9de76e94aa801cf49db10e384035329c54c9455bb3a9725fd9a44f44cb9078d18d3783d46ce372c31281aecef2f8b53d5702b863d71bc5786a33dd15d9256103b5ff7572f703d5cde6695e6c84f239acd1d6512ef581330590f4ab2a114ea064a693d5f8df5d908587bc7f998cde4a8b43d8821595566597dc8b3bf9ea78b154bd8907ee6c5d4d8a851f94be510962292b7ddda04d17b79fab4c022deb400e5489639dbc448f573d5cf72073a8001b36f73ac6677351b39d9bdb900e9a1121f488a7fa0aee60682e7dc7c531c85ec0154593ded3ae70e4121cae58445d8896b549cacf22d07cdace7625d57158721b44851d796d6511c38dac28dd37cbf2d7073b407fbc813149adc485e3dacee66755443c389d2d90dc70d8ff91816c0c5d7adbad7e30772a1f3ce76c72a6a2284ec7f174aefb6e9a895c118717999421b470a9665d2728c3c60c6d3e048d58b43c0d1b5b2f00be8b64bfe453d1e8fadf5699331f9 +Output = 095dcd0bc55206d2e1e715fb7173fc16a81979f278495dfc69a6d8f3174eba5a + + +Digest = SHA3-384 +Input = "" +Output = 0C63A75B845E4F7D01107D852E4C2485C51A50AAAA94FC61995E71BBEE983A2AC3713831264ADB47FB6BD1E058D5F004 + +Digest = SHA3-384 +Input = A3 +Count = 200 +Output = 1881DE2CA7E41EF95DC4732B8F5F002B189CC1E42B74168ED1732649CE1DBCDD76197A31FD55EE989F2D7050DD473E8F + +Digest = SHA3-384 +Input = 5fe35923b4e0af7dd24971812a58425519850a506dfa9b0d254795be785786c319a2567cbaa5e35bcf8fe83d943e23fa5169b73adc1fcf8b607084b15e6a013df147e46256e4e803ab75c110f77848136be7d806e8b2f868c16c3a90c14463407038cb7d9285079ef162c6a45cedf9c9f066375c969b5fcbcda37f02aacff4f31cded3767570885426bebd9eca877e44674e9ae2f0c24cdd0e7e1aaf1ff2fe7f80a1c4f5078eb34cd4f06fa94a2d1eab5806ca43fd0f06c60b63d5402b95c70c21ea65a151c5cfaf8262a46be3c722264b +Output = 3054d249f916a6039b2a9c3ebec1418791a0608a170e6d36486035e5f92635eaba98072a85373cb54e2ae3f982ce132b + +Digest = SHA3-384 +Input = 035adcb639e5f28bb5c88658f45c1ce0be16e7dafe083b98d0ab45e8dcdbfa38e3234dfd973ba555b0cf8eea3c82ae1a3633fc565b7f2cc839876d3989f35731be371f60de140e3c916231ec780e5165bf5f25d3f67dc73a1c33655dfdf439dfbf1cbba8b779158a810ad7244f06ec078120cd18760af436a238941ce1e687880b5c879dc971a285a74ee85c6a746749a30159ee842e9b03f31d613dddd22975cd7fed06bd049d772cb6cc5a705faa734e87321dc8f2a4ea366a368a98bf06ee2b0b54ac3a3aeea637caebe70ad09ccda93cc06de95df73394a87ac9bbb5083a4d8a2458e91c7d5bf113aecae0ce279fdda76ba690787d26345e94c3edbc16a35c83c4d071b132dd81187bcd9961323011509c8f644a1c0a3f14ee40d7dd186f807f9edc7c02f6761061bbb6dd91a6c96ec0b9f10edbbd29dc52 +Output = 02535d86cc7518484a2a238c921b739b1704a50370a2924abf39958c5976e658dc5e87440063112459bddb40308b1c70 + + +Digest = SHA3-512 +Input = "" +Output = A69F73CCA23A9AC5C8B567DC185A756E97C982164FE25859E0D1DCC1475C80A615B2123AF1F5F94C11E3E9402C3AC558F500199D95B6D3E301758586281DCD26 + +Digest = SHA3-512 +Input = A3 +Count = 200 +Output = E76DFAD22084A8B1467FCF2FFA58361BEC7628EDF5F3FDC0E4805DC48CAEECA81B7C13C30ADF52A3659584739A2DF46BE589C51CA1A4A8416DF6545A1CE8BA00 + +Digest = SHA3-512 +Input = 664ef2e3a7059daf1c58caf52008c5227e85cdcb83b4c59457f02c508d4f4f69f826bd82c0cffc5cb6a97af6e561c6f96970005285e58f21ef6511d26e709889a7e513c434c90a3cf7448f0caeec7114c747b2a0758a3b4503a7cf0c69873ed31d94dbef2b7b2f168830ef7da3322c3d3e10cafb7c2c33c83bbf4c46a31da90cff3bfd4ccc6ed4b310758491eeba603a76 +Output = e5825ff1a3c070d5a52fbbe711854a440554295ffb7a7969a17908d10163bfbe8f1d52a676e8a0137b56a11cdf0ffbb456bc899fc727d14bd8882232549d914e + +Digest = SHA3-512 +Input = 991c4e7402c7da689dd5525af76fcc58fe9cc1451308c0c4600363586ccc83c9ec10a8c9ddaec3d7cfbd206484d09634b9780108440bf27a5fa4a428446b3214fa17084b6eb197c5c59a4e8df1cfc521826c3b1cbf6f4212f6bfb9bc106dfb5568395643de58bffa2774c31e67f5c1e7017f57caadbb1a56cc5b8a5cf9584552e17e7af9542ba13e9c54695e0dc8f24eddb93d5a3678e10c8a80ff4f27b677d40bef5cb5f9b3a659cc4127970cd2c11ebf22d514812dfefdd73600dfc10efba38e93e5bff47736126043e50f8b9b941e4ec3083fb762dbf15c86 +Output = cd0f2a48e9aa8cc700d3f64efb013f3600ebdbb524930c682d21025eab990eb6d7c52e611f884031fafd9360e5225ab7e4ec24cbe97f3af6dbe4a86a4f068ba7 + +Digest = SHAKE128 +Input = "" +Output = 7F9C2BA4E88F827D616045507605853ED73B8093F6EFBC88EB1A6EACFA66EF263CB1EEA988004B93103CFB0AEEFD2A686E01FA4A58E8A3639CA8A1E3F9AE57E235B8CC873C23DC62B8D260169AFA2F75AB916A58D974918835D25E6A435085B2BADFD6DFAAC359A5EFBB7BCC4B59D538DF9A04302E10C8BC1CBF1A0B3A5120EA17CDA7CFAD765F5623474D368CCCA8AF0007CD9F5E4C849F167A580B14AABDEFAEE7EEF47CB0FCA9767BE1FDA69419DFB927E9DF07348B196691ABAEB580B32DEF58538B8D23F87732EA63B02B4FA0F4873360E2841928CD60DD4CEE8CC0D4C922A96188D032675C8AC850933C7AFF1533B94C834ADBB69C6115BAD4692D8619F90B0CDF8A7B9C264029AC185B70B83F2801F2F4B3F70C593EA3AEEB613A7F1B1DE33FD75081F592305F2E4526EDC09631B10958F464D889F31BA010250FDA7F1368EC2967FC84EF2AE9AFF268E0B1700AFFC6820B523A3D917135F2DFF2EE06BFE72B3124721D4A26C04E53A75E30E73A7A9C4A95D91C55D495E9F51DD0B5E9D83C6D5E8CE803AA62B8D654DB53D09B8DCFF273CDFEB573FAD8BCD45578BEC2E770D01EFDE86E721A3F7C6CCE275DABE6E2143F1AF18DA7EFDDC4C7B70B5E345DB93CC936BEA323491CCB38A388F546A9FF00DD4E1300B9B2153D2041D205B443E41B45A653F2A5C4492C1ADD544512DDA2529833462B71A41A45BE97290B6F + +Digest = SHAKE128 +Input = A3 +Count = 200 +Output = 131AB8D2B594946B9C81333F9BB6E0CE75C3B93104FA3469D3917457385DA037CF232EF7164A6D1EB448C8908186AD852D3F85A5CF28DA1AB6FE3438171978467F1C05D58C7EF38C284C41F6C2221A76F12AB1C04082660250802294FB87180213FDEF5B0ECB7DF50CA1F8555BE14D32E10F6EDCDE892C09424B29F597AFC270C904556BFCB47A7D40778D390923642B3CBD0579E60908D5A000C1D08B98EF933F806445BF87F8B009BA9E94F7266122ED7AC24E5E266C42A82FA1BBEFB7B8DB0066E16A85E0493F07DF4809AEC084A593748AC3DDE5A6D7AAE1E8B6E5352B2D71EFBB47D4CAEED5E6D633805D2D323E6FD81B4684B93A2677D45E7421C2C6AEA259B855A698FD7D13477A1FE53E5A4A6197DBEC5CE95F505B520BCD9570C4A8265A7E01F89C0C002C59BFEC6CD4A5C109258953EE5EE70CD577EE217AF21FA70178F0946C9BF6CA8751793479F6B537737E40B6ED28511D8A2D7E73EB75F8DAAC912FF906E0AB955B083BAC45A8E5E9B744C8506F37E9B4E749A184B30F43EB188D855F1B70D71FF3E50C537AC1B0F8974F0FE1A6AD295BA42F6AEC74D123A7ABEDDE6E2C0711CAB36BE5ACB1A5A11A4B1DB08BA6982EFCCD716929A7741CFC63AA4435E0B69A9063E880795C3DC5EF3272E11C497A91ACF699FEFEE206227A44C9FB359FD56AC0A9A75A743CFF6862F17D7259AB075216C0699511643B6439 + +Digest = SHAKE128 +Input = a6fe00064257aa318b621c5eb311d32bb8004c2fa1a969d205d71762cc5d2e633907992629d1b69d9557ff6d5e8deb454ab00f6e497c89a4fea09e257a6fa2074bd818ceb5981b3e3faefd6e720f2d1edd9c5e4a5c51e5009abf636ed5bca53fe159c8287014a1bd904f5c8a7501625f79ac81eb618f478ce21cae6664acffb30572f059e1ad0fc2912264e8f1ca52af26c8bf78e09d75f3dd9fc734afa8770abe0bd78c90cc2ff448105fb16dd2c5b7edd8611a62e537db9331f5023e16d6ec150cc6e706d7c7fcbfff930c7281831fd5c4aff86ece57ed0db882f59a5fe403105d0592ca38a081fed84922873f538ee774f13b8cc09bd0521db4374aec69f4bae6dcb66455822c0b84c91a3474ffac2ad06f0a4423cd2c6a49d4f0d6242d6a1890937b5d9835a5f0ea5b1d01884d22a6c1718e1f60b3ab5e232947c76ef70b344171083c688093b5f1475377e3069863 +Output = 3109d9472ca436e805c6b3db2251a9bc + +Digest = SHAKE128 +Input = 49d81708d86cd59dea0ac2c1017a9712d6dffb754dde0b57a9023a39fc5f5b6be276fc176f59f6826610428fac3a0e85fcf71011db061b8fcf2bf085ccd45670effb6dc46f4e3f2ed08e981c5935187fc95b86cf46da675096b1cf9591a67842d6301116be93d8288e4d6b70f1b1db8aa5d203b774a21825665b8170351ee86801da91154570eaf80a1564945af7822df8232fd04ea65593a7f2ab1e9e84cf6ad6c494c9ec2d9d27aaad2b8f7e4f33f12a17b422bc2d4724c13ff8a8b62054d1bfb5c33b9c11183cd8df67694300165ca37637b5a781155f1c070d156339a0242374c6723b6584bffb71c02b935455f8cb086392f5e8e8cc2015956d8f19daeb6aca4476b27108387a2ce0dc5591154d0b94ddc090abe8f4363036b821062baffb7fe550ea7dcd30bfd86c84710081e1c9e450475e123c5ec41f98ff0149bbf6405b5207cad1fb2f313d0f2bcee9be3f6ebe623049640d9234ab644a172ab14ba02633a339b5b9bb38226fda5694f7ec63ebbb8238eb8219ec9c429f4bf0353383a72f2d21702f5e3c513499f04852710f33044512edc47a56bad90885e5713851a7efac694b869fa590076e844ff757d95de581c1b3fa3dd8ccd28cad4f8ae173ee1b28f98ee606dca89063fbef0f262b33053f2c854debdc9cd433ab77abb64f445aa9b981761c4761767f3b71c2646c7b0d873baae50bc9f0 +Output = c609be05458f7ab33e7b6b54bc6e8999 + +Digest = SHAKE256 +Input = "" +Output = 46B9DD2B0BA88D13233B3FEB743EEB243FCD52EA62B81B82B50C27646ED5762FD75DC4DDD8C0F200CB05019D67B592F6FC821C49479AB48640292EACB3B7C4BE141E96616FB13957692CC7EDD0B45AE3DC07223C8E92937BEF84BC0EAB862853349EC75546F58FB7C2775C38462C5010D846C185C15111E595522A6BCD16CF86F3D122109E3B1FDD943B6AEC468A2D621A7C06C6A957C62B54DAFC3BE87567D677231395F6147293B68CEAB7A9E0C58D864E8EFDE4E1B9A46CBE854713672F5CAAAE314ED9083DAB4B099F8E300F01B8650F1F4B1D8FCF3F3CB53FB8E9EB2EA203BDC970F50AE55428A91F7F53AC266B28419C3778A15FD248D339EDE785FB7F5A1AAA96D313EACC890936C173CDCD0FAB882C45755FEB3AED96D477FF96390BF9A66D1368B208E21F7C10D04A3DBD4E360633E5DB4B602601C14CEA737DB3DCF722632CC77851CBDDE2AAF0A33A07B373445DF490CC8FC1E4160FF118378F11F0477DE055A81A9EDA57A4A2CFB0C83929D310912F729EC6CFA36C6AC6A75837143045D791CC85EFF5B21932F23861BCF23A52B5DA67EAF7BAAE0F5FB1369DB78F3AC45F8C4AC5671D85735CDDDB09D2B1E34A1FC066FF4A162CB263D6541274AE2FCC865F618ABE27C124CD8B074CCD516301B91875824D09958F341EF274BDAB0BAE316339894304E35877B0C28A9B1FD166C796B9CC258A064A8F57E27F2A + +Digest = SHAKE256 +Input = A3 +Count = 200 +Output = CD8A920ED141AA0407A22D59288652E9D9F1A7EE0C1E7C1CA699424DA84A904D2D700CAAE7396ECE96604440577DA4F3AA22AEB8857F961C4CD8E06F0AE6610B1048A7F64E1074CD629E85AD7566048EFC4FB500B486A3309A8F26724C0ED628001A1099422468DE726F1061D99EB9E93604D5AA7467D4B1BD6484582A384317D7F47D750B8F5499512BB85A226C4243556E696F6BD072C5AA2D9B69730244B56853D16970AD817E213E470618178001C9FB56C54FEFA5FEE67D2DA524BB3B0B61EF0E9114A92CDBB6CCCB98615CFE76E3510DD88D1CC28FF99287512F24BFAFA1A76877B6F37198E3A641C68A7C42D45FA7ACC10DAE5F3CEFB7B735F12D4E589F7A456E78C0F5E4C4471FFFA5E4FA0514AE974D8C2648513B5DB494CEA847156D277AD0E141C24C7839064CD08851BC2E7CA109FD4E251C35BB0A04FB05B364FF8C4D8B59BC303E25328C09A882E952518E1A8AE0FF265D61C465896973D7490499DC639FB8502B39456791B1B6EC5BCC5D9AC36A6DF622A070D43FED781F5F149F7B62675E7D1A4D6DEC48C1C7164586EAE06A51208C0B791244D307726505C3AD4B26B6822377257AA152037560A739714A3CA79BD605547C9B78DD1F596F2D4F1791BC689A0E9B799A37339C04275733740143EF5D2B58B96A363D4E08076A1A9D7846436E4DCA5728B6F760EEF0CA92BF0BE5615E96959D767197A0BEEB + +Digest = SHAKE256 +Input = dc5a100fa16df1583c79722a0d72833d3bf22c109b8889dbd35213c6bfce205813edae3242695cfd9f59b9a1c203c1b72ef1a5423147cb990b5316a85266675894e2644c3f9578cebe451a09e58c53788fe77a9e850943f8a275f830354b0593a762bac55e984db3e0661eca3cb83f67a6fb348e6177f7dee2df40c4322602f094953905681be3954fe44c4c902c8f6bba565a788b38f13411ba76ce0f9f6756a2a2687424c5435a51e62df7a8934b6e141f74c6ccf539e3782d22b5955d3baf1ab2cf7b5c3f74ec2f9447344e937957fd7f0bdfec56d5d25f61cde18c0986e244ecf780d6307e313117256948d4230ebb9ea62bb302cfe80d7dfebabc4a51d7687967ed5b416a139e974c005fff507a96 +Output = 2bac5716803a9cda8f9e84365ab0a681327b5ba34fdedfb1c12e6e807f45284b + +Digest = SHAKE256 +Input = 16caf60da14b4fa9174a6d40c23cff93ed8fc9279990f749718db1500036ef2222498ffab86fa568a0611299e54e58d83281ac558d3f4d2541ee158b1c7d4d76dbffc64ae39925e3329f7fd894fa26fc1acdc22bc858a3438e1c55707a3f75ad2b33c48789937a24b34ddd85390611088cba3231b2a3a0a93e5d9a8780470fcff92cb03811234a330db353283b3bc3036f9125efb3eaed613bfa0c59975cc2e52c33b3e6e5123e1626190a4a0261e1f5ad9bc2ee34f331736b3bd26d274536f5ae90f5186c27fdd7e8c72972f64016e72d1d32b59b8715e5b867154b99cb140a668b9d560e2c307e3904d9297f9f07dfd7629ccc526e41c109c8fc7c53b604293c6cd42933e77e11031a42f605485fe893b129bcbf705c0f45a4b087bfcead5c187ac1174322909a2d4f8b61f001c4074951000c4c550ed5564458f444dab8aae2fe8daaa6a30d209fecddf2a893df46e18b4b4460e4011d23f01d4c49a4cc1c82405f6ac5339eac41385f3295c657ac43a72fed62e6daee94ef271638f292b8e18860de0699eb45fb7d3aa81f61d44158edd68ebc244451918b +Output = 21a48efd949c3f785179a0e340756a23f77d29a7625229a71a05731c7fbd5aa9 + +# Following tests are pairs of *last* "VariableOut" vectors from +# http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html#test-vectors + +Digest = SHAKE128 +Input = c60a221c975e14bf835827c1103a2906 +Output = 0db7f7196eee8dd6994a16ded19cb09f05f89ccd2464333df2c017c6ca041fa0d54a4832a74ce86ce9b41d8e523e66ce6ef9df7c20aa70e0ac00f54eb072a472ef46cf2a933df0d5f9fafab6388a206f6bd1df50b0836500c758c557c8ac965733fdaaa59f5ed661a1bda61e2952886a60f9568157e3d72e49b6e061fc08f3f1caf159e8eff77ea5221565d2 + +Digest = SHAKE128 +Input = 0a13ad2c7a239b4ba73ea6592ae84ea9 +Output = 5feaf99c15f48851943ff9baa6e5055d8377f0dd347aa4dbece51ad3a6d9ce0c01aee9fe2260b80a4673a909b532adcdd1e421c32d6460535b5fe392a58d2634979a5a104d6c470aa3306c400b061db91c463b2848297bca2bc26d1864ba49d7ff949ebca50fbf79a5e63716dc82b600bd52ca7437ed774d169f6bf02e46487956fba2230f34cd2a0485484d + +Digest = SHAKE256 +Input = 6ae23f058f0f2264a18cd609acc26dd4dbc00f5c3ee9e13ecaea2bb5a2f0bb6b +Output = b9b92544fb25cfe4ec6fe437d8da2bbe00f7bdaface3de97b8775a44d753c3adca3f7c6f183cc8647e229070439aa9539ae1f8f13470c9d3527fffdeef6c94f9f0520ff0c1ba8b16e16014e1af43ac6d94cb7929188cce9d7b02f81a2746f52ba16988e5f6d93298d778dfe05ea0ef256ae3728643ce3e29c794a0370e9ca6a8bf3e7a41e86770676ac106f7ae79e67027ce7b7b38efe27d253a52b5cb54d6eb4367a87736ed48cb45ef27f42683da140ed3295dfc575d3ea38cfc2a3697cc92864305407369b4abac054e497378dd9fd0c4b352ea3185ce1178b3dc1599df69db29259d4735320c8e7d33e8226620c9a1d22761f1d35bdff79a + +Digest = SHAKE256 +Input = 8d8001e2c096f1b88e7c9224a086efd4797fbf74a8033a2d422a2b6b8f6747e4 +Output = 2e975f6a8a14f0704d51b13667d8195c219f71e6345696c49fa4b9d08e9225d3d39393425152c97e71dd24601c11abcfa0f12f53c680bd3ae757b8134a9c10d429615869217fdd5885c4db174985703a6d6de94a667eac3023443a8337ae1bc601b76d7d38ec3c34463105f0d3949d78e562a039e4469548b609395de5a4fd43c46ca9fd6ee29ada5efc07d84d553249450dab4a49c483ded250c9338f85cd937ae66bb436f3b4026e859fda1ca571432f3bfc09e7c03ca4d183b741111ca0483d0edabc03feb23b17ee48e844ba2408d9dcfd0139d2e8c7310125aee801c61ab7900d1efc47c078281766f361c5e6111346235e1dc38325666c + +Title = SM3 Tests + +# From https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02 + +Digest = SM3 +Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A20AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857 +Output = F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A + +# From https://tools.ietf.org/html/draft-shen-sm3-hash-01 +Digest = SM3 +Input = 616263 +Output = 66C7F0F462EEEDD9D1F2D46BDC10E4E24167C4875CF2F7A2297DA02B8F4BA8E0 + +Digest = SM3 +Input = 61626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364616263646162636461626364 +Output = DEBE9FF92275B8A138604889C18E5A4D6FDB70E5387E5765293dCbA39C0C5732 + +# From GmSSL test suite + +Digest = SM3 +Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A20AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857 +Output = F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A + +Digest = SM3 +Input = 0090414C494345313233405941484F4F2E434F4D00000000000000000000000000000000000000000000000000000000000000000000E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E0165961645281A8626607B917F657D7E9382F1EA5CD931F40F6627F357542653B201686522130D590FB8DE635D8FCA715CC6BF3D05BEF3F75DA5D543454448166612 +Output = 26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5 + +Digest = SM3 +Input = 0090414C494345313233405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A23099093BF3C137D8FCBBCDF4A2AE50F3B0F216C3122D79425FE03A45DBFE16553DF79E8DAC1CF0ECBAA2F2B49D51A4B387F2EFAF482339086A27A8E05BAED98B +Output = E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31 + +Digest = SM3 +Input = 008842494C4C343536405941484F4F2E434F4D787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E49863E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2245493D446C38D8CC0F118374690E7DF633A8A4BFB3329B5ECE604B2B4F37F4353C0869F4B9E17773DE68FEC45E14904E0DEA45BF6CECF9918C85EA047C60A4C +Output = 6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67 + +Digest = SM3 +Input = 4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D03082020CA003020102020900AF28725D98D33143300C06082A811CCF550183750500307D310B300906035504060C02636E310B300906035504080C02626A310B300906035504070C02626A310F300D060355040A0C06746F70736563310F300D060355040B0C06746F707365633111300F06035504030C08546F707365634341311F301D06092A864886F70D0109010C10626A40746F707365632E636F6D2E636E301E170D3132303632343037353433395A170D3332303632303037353433395A307D310B300906035504060C02636E310B300906035504080C02626A310B300906035504070C02626A310F300D060355040A0C06746F70736563310F300D060355040B0C06746F707365633111300F06035504030C08546F707365634341311F301D06092A864886F70D0109010C10626A40746F707365632E636F6D2E636E3059301306072A8648CE3D020106082A811CCF5501822D03420004D69C2F1EEC3BFB6B95B30C28085C77B125D77A9C39525D8190768F37D6B205B589DCD316BBE7D89A9DC21917F17799E698531F5E6E3E10BD31370B259C3F81C3A3733071300F0603551D130101FF040530030101FF301D0603551D0E041604148E5D90347858BAAAD870D8BDFBA6A85E7B563B64301F0603551D230418301680148E5D90347858BAAAD870D8BDFBA6A85E7B563B64300B0603551D0F040403020106301106096086480186F8420101040403020057 +Output = C3B02E500A8B60B77DEDCF6F4C11BEF8D56E5CDE708C72065654FD7B2167915A diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpencod.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpencod.txt index 010a88f935..b75372d390 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpencod.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpencod.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -12,7 +12,7 @@ # and continue until a blank line. Lines starting with a pound sign, # like this prolog, are ignored. -# Base64 tests +Title = Base64 tests Encoding = canonical Input = "" @@ -190,3 +190,5 @@ Output = "T3BlblNTTE9wZW5TU0wK\n-abcd" Encoding = valid Input = "OpenSSLOpenSSL\n" Output = "T3BlblNTTE9wZW5TU0wK-abcd" + + diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf.txt index da4a824bc6..9a6cc28385 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpkdf.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -12,7 +12,7 @@ # and continue until a blank line. Lines starting with a pound sign, # like this prolog, are ignored. -# TLS1 PRF tests, from NIST test vectors +Title = TLS1 PRF tests (from NIST test vectors) KDF=TLS1-PRF Ctrl.md = md:MD5-SHA1 @@ -46,6 +46,15 @@ Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30 Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 +# As above but use long name for KDF +KDF=tls1-prf +Ctrl.md = md:SHA256 +Ctrl.Secret = hexsecret:202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf +Ctrl.label = seed:key expansion +Ctrl.server_random = hexseed:ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868 +Ctrl.client_random = hexseed:62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616 +Output = d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928 + # Missing digest. KDF=TLS1-PRF Ctrl.Secret = hexsecret:01 @@ -60,12 +69,26 @@ Ctrl.Seed = hexseed:02 Output = 03 Result = KDF_DERIVE_ERROR -# HKDF tests, from RFC5869 test vectors +Title = HKDF tests (from RFC5869 test vectors) + +KDF = HKDF +Ctrl.md = md:SHA256 +Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b +Ctrl.salt = hexsalt:000102030405060708090a0b0c +Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY Ctrl.md = md:SHA256 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b Ctrl.salt = hexsalt:000102030405060708090a0b0c +Output = 077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA256 +Ctrl.IKM = hexkey:077709362c2e32df0ddc3f0dc47bba6390b6c73bb50f9c3122ec844ad7c2b3e5 Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 Output = 3cb25f25faacd57a90434f64d0362f2a2d2d0a90cf1a5a4c5db02d56ecc4c5bf34007208d5b887185865 @@ -77,6 +100,20 @@ Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccd Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY +Ctrl.md = md:SHA256 +Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f +Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf +Output = 06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA256 +Ctrl.IKM = hexkey:06a6b88c5853361a06104c9ceb35b45cef760014904671014a193f40c15fc244 +Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +Output = b11e398dc80327a1c8e7f78c596a49344f012eda2d4efad8a050cc4c19afa97c59045a99cac7827271cb41c65e590e09da3275600c2f09b8367793a9aca3db71cc30c58179ec3e87c14c01d5c1f3434f1d87 + +KDF = HKDF Ctrl.md = md:SHA256 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b Ctrl.salt = salt: @@ -84,6 +121,21 @@ Ctrl.info = info: Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY +Ctrl.md = md:SHA256 +Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b +Ctrl.salt = salt: +Ctrl.info = info: +Output = 19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA256 +Ctrl.IKM = hexkey:19ef24a32c717b167f33a91d6f648bdf96596776afdb6377ac434c1c293ccb04 +Ctrl.info = info: +Output = 8da4e775a563c18f715f802a063c5a31b8a11f5c5ee1879ec3454e5f3c738d2d9d201395faa4b61a96c8 + +KDF = HKDF Ctrl.md = md:SHA1 Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b Ctrl.salt = hexsalt:000102030405060708090a0b0c @@ -91,9 +143,37 @@ Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b +Ctrl.salt = hexsalt:000102030405060708090a0b0c +Output = 9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:9b6c18c432a7bf8f0e71c8eb88f4b30baa2ba243 +Ctrl.info = hexinfo:f0f1f2f3f4f5f6f7f8f9 +Output = 085a01ea1b10f36933068b56efa5ad81a4f14b822f5b091568a9cdd4f155fda2c22e422478d305f3f896 + +KDF = HKDF +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f +Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf +Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff +Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 + +KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY Ctrl.md = md:SHA1 Ctrl.IKM = hexkey:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f Ctrl.salt = hexsalt:606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeaf +Output = 8adae09a2a307059478d309b26c4115a224cfaf6 + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:8adae09a2a307059478d309b26c4115a224cfaf6 Ctrl.info = hexinfo:b0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff Output = 0bd770a74d1160f7c9f12cd5912a06ebff6adcae899d92191fe4305673ba2ffe8fa3f1a4e5ad79f3f334b3b202b2173c486ea37ce3d397ed034c7f9dfeb15c5e927336d0441f4c4300e2cff0d0900b52d3b4 @@ -105,9 +185,37 @@ Ctrl.info = info: Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b +Ctrl.salt = salt: +Output = da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:da8c8a73c7fa77288ec6f5e7c297786aa0d32d01 +Ctrl.info = info: +Output = 0ac1af7002b3d761d1e55298da9d0506b9ae52057220a306e07b6b87e8df21d0ea00033de03984d34918 + +KDF = HKDF +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c +Ctrl.salt = salt: +Ctrl.info = info: +Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + +KDF = HKDF +Ctrl.mode = mode:EXTRACT_ONLY Ctrl.md = md:SHA1 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c Ctrl.salt = salt: +Output = 2adccada18779e7c2077ad2eb19d3f3e731385dd + +KDF = HKDF +Ctrl.mode = mode:EXPAND_ONLY +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:2adccada18779e7c2077ad2eb19d3f3e731385dd Ctrl.info = info: Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 @@ -136,3 +244,62 @@ Ctrl.md = md:SHA1 Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c Ctrl.salt = salt: Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + +KDF = HKDF +Ctrl.mode = mode:EXTRACT_AND_EXPAND +Ctrl.md = md:SHA1 +Ctrl.IKM = hexkey:0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c +Ctrl.salt = salt: +Output = 2c91117204d745f3500d636a62f64f0ab3bae548aa53d423b0d1f27ebba6f5e5673a081d70cce7acfc48 + +Title = id-scrypt tests (from draft-josefsson-id-scrypt-kdf-03 and others) + +KDF = scrypt +Ctrl.pass = pass: +Ctrl.salt = salt: +Ctrl.N = N:16 +Ctrl.r = r:1 +Ctrl.p = p:1 +Output = 77d6576238657b203b19ca42c18a0497f16b4844e3074ae8dfdffa3fede21442fcd0069ded0948f8326a753a0fc81f17e8d3e0fb2e0d3628cf35e20c38d18906 + +KDF = scrypt +Ctrl.pass = pass:password +Ctrl.salt = salt:NaCl +Ctrl.N = N:1024 +Ctrl.r = r:8 +Ctrl.p = p:16 +Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 + +KDF = scrypt +Ctrl.hexpass = hexpass:70617373776f7264 +Ctrl.salt = salt:NaCl +Ctrl.N = N:1024 +Ctrl.r = r:8 +Ctrl.p = p:16 +Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 + +KDF = scrypt +Ctrl.pass = pass:password +Ctrl.hexsalt = hexsalt:4e61436c +Ctrl.N = N:1024 +Ctrl.r = r:8 +Ctrl.p = p:16 +Output = fdbabe1c9d3472007856e7190d01e9fe7c6ad7cbc8237830e77376634b3731622eaf30d92e22a3886ff109279d9830dac727afb94a83ee6d8360cbdfa2cc0640 + +KDF = scrypt +Ctrl.pass = pass:pleaseletmein +Ctrl.salt = salt:SodiumChloride +Ctrl.N = N:16384 +Ctrl.r = r:8 +Ctrl.p = p:1 +Output = 7023bdcb3afd7348461c06cd81fd38ebfda8fbba904f8e3ea9b543f6545da1f2d5432955613f0fcf62d49705242a9af9e61e85dc0d651e40dfcf017b45575887 + +# Out of memory +KDF = scrypt +Ctrl.pass = pass:pleaseletmein +Ctrl.salt = salt:SodiumChloride +Ctrl.N = N:1048576 +Ctrl.r = r:8 +Ctrl.p = p:1 +Result = INTERNAL_ERROR + diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpmac.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpmac.txt index dff9a1ffa8..2bcb3c33be 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpmac.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpmac.txt @@ -12,7 +12,155 @@ # and continue until a blank line. Lines starting with a pound sign, # like this prolog, are ignored. -# HMAC tests from RFC2104 +# SIPHASH tests - default values: 2,4 rounds, 16-byte mac +# There are no official test vectors, they are simple vectors 1, 2, 3, etc + +Title = SIPHASH tests + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = +Output = a3817f04ba25a8e66df67214c7550293 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 00 +Output = da87c1d86b99af44347659119b22fc45 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 0001 +Output = 8177228da4a45dc7fca38bdef60affe4 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102 +Output = 9c70b60c5267a94e5f33b6b02985ed51 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 00010203 +Output = f88164c12d9c8faf7d0f6e7c7bcd5579 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 0001020304 +Output = 1368875980776f8854527a07690e9627 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405 +Output = 14eeca338b208613485ea0308fd7a15e + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 00010203040506 +Output = a1f1ebbed8dbc153c0b84aa61ff08239 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 0001020304050607 +Output = 3b62a9ba6258f5610f83e264f31497b4 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708 +Output = 264499060ad9baabc47f8b02bb6d71ed + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E +Output = 5150d1772f50834a503e069a973fbd7c + + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = +Output = a3817f04ba25a8e66df67214c7550293 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 00 +Output = da87c1d86b99af44347659119b22fc45 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 0001 +Output = 8177228da4a45dc7fca38bdef60affe4 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102 +Output = 9c70b60c5267a94e5f33b6b02985ed51 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 00010203 +Output = f88164c12d9c8faf7d0f6e7c7bcd5579 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 0001020304 +Output = 1368875980776f8854527a07690e9627 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405 +Output = 14eeca338b208613485ea0308fd7a15e + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 00010203040506 +Output = a1f1ebbed8dbc153c0b84aa61ff08239 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 0001020304050607 +Output = 3b62a9ba6258f5610f83e264f31497b4 + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708 +Output = 264499060ad9baabc47f8b02bb6d71ed + +MAC = SipHash +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E +Output = 5150d1772f50834a503e069a973fbd7c + +# SIPHASH - default values: 2,4 rounds, explicit 8-byte mac + +MAC = SipHash +Ctrl = digestsize:8 +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E +Output = 724506EB4C328A95 + +# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac + +MAC = SipHash +Ctrl = digestsize:16 +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E +Output = 5150d1772f50834a503e069a973fbd7c + +# SIPHASH - default values: 2,4 rounds, explicit 16-byte mac (set as 0) + +MAC = SipHash +Ctrl = digestsize:0 +Key = 000102030405060708090A0B0C0D0E0F +Input = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E +Output = 5150d1772f50834a503e069a973fbd7c + +# SIPHASH - default values: 2,4 rounds, explicit 13-byte mac (invalid size) + +MAC = SipHash +Ctrl = digestsize:13 +Key = 000102030405060708090A0B0C0D0E0F +Result = EVPPKEYCTXCTRL_ERROR + +Title = HMAC tests (from RFC2104 and others) + MAC = HMAC Algorithm = MD5 Key = 0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b @@ -31,6 +179,8 @@ Key = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Input = DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD Output = 56be34521d144c88dbb8c733f0e8b3f6 +Title = SHA1 + # HMAC tests from NIST test data MAC = HMAC @@ -51,6 +201,8 @@ Input = "Sample message for keylen=blocklen" Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F60616263 Output = 2D51B2F7750E410584662E38F133435F4C4FD42A +Title = SHA2 + MAC = HMAC Algorithm = SHA224 Input = "Sample message for keylen=blocklen" @@ -123,7 +275,84 @@ Input = "Sample message for keylen=blocklen" Key = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7 Output = D93EC8D2DE1AD2A9957CB9B83F14E76AD6B5E0CCE285079A127D3B14BCCB7AA7286D4AC0D4CE64215F2BC9E6870B33D97438BE4AAA20CDA5C5A912B48B8E27F3 -# CMAC tests from FIPS module +Title = SHA3 + +# NIST's test vectors + +MAC = HMAC +Algorithm = SHA3-224 +Input = "Sample message for keylen<blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b +Output = 332cfd59347fdb8e576e77260be4aba2d6dc53117b3bfb52c6d18c04 + +MAC = HMAC +Algorithm = SHA3-224 +Input = "Sample message for keylen=blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f +Output = d8b733bcf66c644a12323d564e24dcf3fc75f231f3b67968359100c7 + +MAC = HMAC +Algorithm = SHA3-224 +Input = "Sample message for keylen>blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaab +Output = 078695eecc227c636ad31d063a15dd05a7e819a66ec6d8de1e193e59 + +MAC = HMAC +Algorithm = SHA3-256 +Input = "Sample message for keylen<blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f +Output = 4fe8e202c4f058e8dddc23d8c34e467343e23555e24fc2f025d598f558f67205 + +MAC = HMAC +Algorithm = SHA3-256 +Input = "Sample message for keylen=blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687 +Output = 68b94e2e538a9be4103bebb5aa016d47961d4d1aa906061313b557f8af2c3faa + +MAC = HMAC +Algorithm = SHA3-256 +Input = "Sample message for keylen>blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7 +Output = 9bcf2c238e235c3ce88404e813bd2f3a97185ac6f238c63d6229a00b07974258 + +MAC = HMAC +Algorithm = SHA3-384 +Input = "Sample message for keylen<blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f +Output = d588a3c51f3f2d906e8298c1199aa8ff6296218127f6b38a90b6afe2c5617725bc99987f79b22a557b6520db710b7f42 + +MAC = HMAC +Algorithm = SHA3-384 +Input = "Sample message for keylen=blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f6061626364656667 +Output = a27d24b592e8c8cbf6d4ce6fc5bf62d8fc98bf2d486640d9eb8099e24047837f5f3bffbe92dcce90b4ed5b1e7e44fa90 + +MAC = HMAC +Algorithm = SHA3-384 +Input = "Sample message for keylen>blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f9091929394959697 +Output = e5ae4c739f455279368ebf36d4f5354c95aa184c899d3870e460ebc288ef1f9470053f73f7c6da2a71bcaec38ce7d6ac + +MAC = HMAC +Algorithm = SHA3-512 +Input = "Sample message for keylen<blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f +Output = 4efd629d6c71bf86162658f29943b1c308ce27cdfa6db0d9c3ce81763f9cbce5f7ebe9868031db1a8f8eb7b6b95e5c5e3f657a8996c86a2f6527e307f0213196 + +MAC = HMAC +Algorithm = SHA3-512 +Input = "Sample message for keylen=blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f4041424344454647 +Output = 544e257ea2a3e5ea19a590e6a24b724ce6327757723fe2751b75bf007d80f6b360744bf1b7a88ea585f9765b47911976d3191cf83c039f5ffab0d29cc9d9b6da + +MAC = HMAC +Algorithm = SHA3-512 +Input = "Sample message for keylen>blocklen" +Key = 000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f8081828384858687 +Output = 5f464f5e5b7848e3885e49b2c385f0694985d0e38966242dc4a5fe3fea4b37d46b65ceced5dcf59438dd840bab22269f0ba7febdb9fcf74602a35666b2a32915 + + +Title = CMAC tests (from FIPS module) MAC = CMAC Algorithm = AES-128-CBC @@ -148,3 +377,259 @@ Algorithm = DES-EDE3-CBC Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23 Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E Output = 8F49A1B7D6AA2258 + +Title = Poly1305 Tests (from RFC 7539 and others) + +MAC = Poly1305 +Key = 0000000000000000000000000000000000000000000000000000000000000000 +Input = 00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 +Output = 00000000000000000000000000000000 + +MAC = Poly1305 +Key = 0000000000000000000000000000000036e5f6b5c5e06070f0efca96227a863e +Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f +Output = 36e5f6b5c5e06070f0efca96227a863e + +MAC = Poly1305 +Key = 36e5f6b5c5e06070f0efca96227a863e00000000000000000000000000000000 +Input = 416e79207375626d697373696f6e20746f20746865204945544620696e74656e6465642062792074686520436f6e7472696275746f7220666f72207075626c69636174696f6e20617320616c6c206f722070617274206f6620616e204945544620496e7465726e65742d4472616674206f722052464320616e6420616e792073746174656d656e74206d6164652077697468696e2074686520636f6e74657874206f6620616e204945544620616374697669747920697320636f6e7369646572656420616e20224945544620436f6e747269627574696f6e222e20537563682073746174656d656e747320696e636c756465206f72616c2073746174656d656e747320696e20494554462073657373696f6e732c2061732077656c6c206173207772697474656e20616e6420656c656374726f6e696320636f6d6d756e69636174696f6e73206d61646520617420616e792074696d65206f7220706c6163652c207768696368206172652061646472657373656420746f +Output = f3477e7cd95417af89a6b8794c310cf0 + +MAC = Poly1305 +Key = 1c9240a5eb55d38af333888604f6b5f0473917c1402b80099dca5cbc207075c0 +Input = 2754776173206272696c6c69672c20616e642074686520736c6974687920746f7665730a446964206779726520616e642067696d626c6520696e2074686520776162653a0a416c6c206d696d737920776572652074686520626f726f676f7665732c0a416e6420746865206d6f6d65207261746873206f757467726162652e +Output = 4541669a7eaaee61e708dc7cbcc5eb62 + +# If one uses 130-bit partial reduction, does the code handle the case where partially reduced final result is not fully reduced? +MAC = Poly1305 +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF +Output = 03000000000000000000000000000000 + +# What happens if addition of s overflows modulo 2^128? +MAC = Poly1305 +Key = 02000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF +Input = 02000000000000000000000000000000 +Output = 03000000000000000000000000000000 + +# What happens if data limb is all ones and there is carry from lower limb? +MAC = Poly1305 +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF11000000000000000000000000000000 +Output = 05000000000000000000000000000000 + +# What happens if final result from polynomial part is exactly 2^130-5? +MAC = Poly1305 +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Input = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBFEFEFEFEFEFEFEFEFEFEFEFEFEFEFE01010101010101010101010101010101 +Output = 00000000000000000000000000000000 + +# What happens if final result from polynomial part is exactly 2^130-6? +MAC = Poly1305 +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Input = FDFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF +Output = FAFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF + +# Taken from poly1305_internal_test.c +# More RFC7539 + +MAC = Poly1305 +Input = 43727970746f6772617068696320466f72756d2052657365617263682047726f7570 +Key = 85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b +Output = a8061dc1305136c6c22b8baf0c0127a9 + +# test vectors from "The Poly1305-AES message-authentication code" + +MAC = Poly1305 +Input = f3f6 +Key = 851fc40c3467ac0be05cc20404f3f700580b3b0f9447bb1e69d095b5928b6dbc +Output = f4c633c3044fc145f84f335cb81953de + +# No input? +# MAC = Poly1305 +# Input = +# Key = a0f3080000f46400d0c7e9076c834403dd3fab2251f11ac759f0887129cc2ee7 +# Output = dd3fab2251f11ac759f0887129cc2ee7 + +MAC = Poly1305 +Input = 663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136 +Key = 48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef +Output = 0ee1c16bb73f0f4fd19881753c01cdbe + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = 5154ad0d2cb26e01274fc51148491f1b + +# self-generated vectors exercise "significant" length such that* are handled by different code paths + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = 812059a5da198637cac7c4a631bee466 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = 5b88d7f6228b11e2e28579a5c0c1f761 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = bbb613b2b6d753ba07395b916aaece15 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = c794d7057d1778c4bbee0a39b3d97342 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = ffbcb9b371423152d7fca5ad042fbaa9 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee466 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = 069ed6b8ef0f207b3e243bb1019fe632 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = cca339d9a45fa2368c2c68b3a4179133 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = 53f6e828a2f0fe0ee815bf0bd5841a34 + +MAC = Poly1305 +Input = ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0990c62e48b8018b2c3e4a0fa3134cb67fa83e158c994d961c4cb21095c1bf9af48443d0bb0d21109c89a100b5ce2c20883149c69b561dd88298a1798b10716ef663cea190ffb83d89593f3f476b6bc24d7e679107ea26adb8caf6652d0656136812059a5da198637cac7c4a631bee4665b88d7f6228b11e2e28579a5c0c1f761 +Key = 12976a08c4426d0ce8a82407c4f4820780f8c20aa71202d1e29179cbcb555a57 +Output = b846d44e9bbd53cedffbfbb6b7fa4933 + +# 4th power of the key spills to 131th bit in SIMD key setup + +MAC = Poly1305 +Input = ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff +Key = ad628107e8351d0f2c231a05dc4a410600000000000000000000000000000000 +Output = 07145a4c02fe5fa32036de68fabe9066 + +# poly1305_ieee754.c failed this in final stage + +MAC = Poly1305 +Input = 842364e156336c0998b933a6237726180d9e3fdcbde4cd5d17080fc3beb49614d7122c037463ff104d73f19c12704628d417c4c54a3fe30d3c3d7714382d43b0382a50a5dee54be844b076e8df88201a1cd43b90eb21643fa96f39b518aa8340c942ff3c31baf7c9bdbf0f31ae3fa096bf8c63030609829fe72e179824890bc8e08c315c1cce2a83144dbbff09f74e3efc770b54d0984a8f19b14719e63635641d6b1eedf63efbf080e1783d32445412114c20de0b837a0dfa33d6b82825fff44c9a70ea54ce47f07df698e6b03323b53079364a5fc3e9dd034392bdde86dccdda94321c5e44060489336cb65bf3989c36f7282c2f5d2b882c171e74 +Key = 95d5c005503e510d8cd0aa072c4a4d066eabc52d11653df47fbf63ab198bcc26 +Output = f248312e578d9d58f8b7bb4d19105431 + +# AVX2 in poly1305-x86.pl failed this with 176+32 split + +MAC = Poly1305 +Input = 248ac31085b6c2adaaa38259a0d7192c5c35d1bb4ef39ad94c38d1c82479e2dd2159a077024b0589bc8a20101b506f0a1ad0bbab76e83a83f1b94be6beae74e874cab692c5963a75436b776121ec9f62399a3e66b2d22707dae81933b6277f3c8516bcbe26dbbd86f373103d7cf4cad1888c952118fbfbd0d7b4bedc4ae4936aff91157e7aa47c54442ea78d6ac251d324a0fbe49d89cc3521b66d16e9c66a3709894e4eb0a4eedc4ae19468e66b81f271351b1d921ea551047abcc6b87a901fde7db79fa1818c11336dbc07244a40eb +Key = 000102030405060708090a0b0c0d0e0f00000000000000000000000000000000 +Output = bc939bc5281480fa99c6d68c258ec42f + +# test vectors from Google + +# No input? +# MAC = Poly1305 +# Input = +# Key = c8afaac331ee372cd6082de134943b174710130e9f6fea8d72293850a667d86c +# Output = 4710130e9f6fea8d72293850a667d86c + +MAC = Poly1305 +Input = 48656c6c6f20776f726c6421 +Key = 746869732069732033322d62797465206b657920666f7220506f6c7931333035 +Output = a6f745008f81c916a20dcc74eef2b2f0 + +MAC = Poly1305 +Input = 0000000000000000000000000000000000000000000000000000000000000000 +Key = 746869732069732033322d62797465206b657920666f7220506f6c7931333035 +Output = 49ec78090e481ec6c26b33b91ccc0307 + +MAC = Poly1305 +Input = 89dab80b7717c1db5db437860a3f70218e93e1b8f461fb677f16f35f6f87e2a91c99bc3a47ace47640cc95c345be5ecca5a3523c35cc01893af0b64a620334270372ec12482d1b1e363561698a578b359803495bb4e2ef1930b17a5190b580f141300df30adbeca28f6427a8bc1a999fd51c554a017d095d8c3e3127daf9f595 +Key = 2d773be37adb1e4d683bf0075e79c4ee037918535a7f99ccb7040fb5f5f43aea +Output = c85d15ed44c378d6b00e23064c7bcd51 + +MAC = Poly1305 +Input = 000000000000000b170303020000000006db1f1f368d696a810a349c0c714c9a5e7850c2407d721acded95e018d7a85266a6e1289cdb4aeb18da5ac8a2b0026d24a59ad485227f3eaedbb2e7e35e1c66cd60f9abf716dcc9ac42682dd7dab287a7024c4eefc321cc0574e16793e37cec03c5bda42b54c114a80b57af26416c7be742005e20855c73e21dc8e2edc9d435cb6f6059280011c270b71570051c1c9b3052126620bc1e2730fa066c7a509d53c60e5ae1b40aa6e39e49669228c90eecb4a50db32a50bc49e90b4f4b359a1dfd11749cd3867fcf2fb7bb6cd4738f6a4ad6f7ca5058f7618845af9f020f6c3b967b8f4cd4a91e2813b507ae66f2d35c18284f7292186062e10fd5510d18775351ef334e7634ab4743f5b68f49adcab384d3fd75f7390f4006ef2a295c8c7a076ad54546cd25d2107fbe1436c840924aaebe5b370893cd63d1325b8616fc4810886bc152c53221b6df373119393255ee72bcaa880174f1717f9184fa91646f17a24ac55d16bfddca9581a92eda479201f0edbf633600d6066d1ab36d5d2415d71351bbcd608a25108d25641992c1f26c531cf9f90203bc4cc19f5927d834b0a47116d3884bbb164b8ec883d1ac832e56b3918a98601a08d171881541d594db399c6ae6151221745aec814c45b0b05b565436fd6f137aa10a0c0b643761dbd6f9a9dcb99b1a6e690854ce0769cde39761d82fcdec15f0d92d7d8e94ade8eb83fbe0 +Key = 99e5822dd4173c995e3dae0ddefb97743fde3b080134b39f76e9bf8d0e88d546 +Output = 2637408fe13086ea73f971e3425e2820 + +# test vectors from Hanno Bock + +MAC = Poly1305 +Input = cccccccccccccccccccccccccccccccccccccccccccccccccc80ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccceccccccccccccccccccccccccccccccccccccc5cccccccccccccccccccccccccccccccccccccccccce3ccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccaccccccccccccccccccccce6cccccccccc000000afccccccccccccccccccfffffff5000000000000000000000000000000000000000000000000000000ffffffe70000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000719205a8521dfc +Key = 7f1b02640000000000000000000000000000000000000000cccccccccccccccc +Output = 8559b876eceed66eb37798c0457baff9 + +MAC = Poly1305 +Input = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa000000000000000000800264 +Key = e00016000000000000000000000000000000aaaaaaaaaaaaaaaaaaaaaaaaaaaa +Output = 00bd1258978e205444c9aaaa82006fed + +MAC = Poly1305 +Input = 02fc +Key = 0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c +Output = 06120c0c0c0c0c0c0c0c0c0c0c0c0c0c + +MAC = Poly1305 +Input = 7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7a7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b5c7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b6e7b007b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7a7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b5c7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b7b6e7b001300000000b300000000000000000000000000000000000000000000f20000000000000000000000000000000000002000efff0009000000000000000000000000100000000009000000640000000000000000000000001300000000b300000000000000000000000000000000000000000000f20000000000000000000000000000000000002000efff00090000000000000000007a000010000000000900000064000000000000000000000000000000000000000000000000fc +Key = 00ff000000000000000000000000000000000000001e00000000000000007b7b +Output = 33205bbf9e9f8f7212ab9e2ab9b7e4a5 + +MAC = Poly1305 +Input = 77777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777777ffffffe9e9acacacacacacacacacacac0000acacec0100acacac2caca2acacacacacacacacacacac64f2 +Key = 0000007f0000007f01000020000000000000cf77777777777777777777777777 +Output = 02ee7c8c546ddeb1a467e4c3981158b9 + +# test vectors from Andrew Moon - nacl + +MAC = Poly1305 +Input = 8e993b9f48681273c29650ba32fc76ce48332ea7164d96a4476fb8c531a1186ac0dfc17c98dce87b4da7f011ec48c97271d2c20f9b928fe2270d6fb863d51738b48eeee314a7cc8ab932164548e526ae90224368517acfeabd6bb3732bc0e9da99832b61ca01b6de56244a9e88d5f9b37973f622a43d14a6599b1f654cb45a74e355a5 +Key = eea6a7251c1e72916d11c2cb214d3c252539121d8e234e652d651fa4c8cff880 +Output = f3ffc7703f9400e52a7dfb4b3d3305d9 + +# wrap 2^130-5 +MAC = Poly1305 +Input = ffffffffffffffffffffffffffffffff +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Output = 03000000000000000000000000000000 + +# wrap 2^128 +MAC = Poly1305 +Input = 02000000000000000000000000000000 +Key = 02000000000000000000000000000000ffffffffffffffffffffffffffffffff +Output = 03000000000000000000000000000000 + +# limb carry +MAC = Poly1305 +Input = fffffffffffffffffffffffffffffffff0ffffffffffffffffffffffffffffff11000000000000000000000000000000 +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Output = 05000000000000000000000000000000 + +# 2^130-5 +MAC = Poly1305 +Input = fffffffffffffffffffffffffffffffffbfefefefefefefefefefefefefefefe01010101010101010101010101010101 +Key = 0100000000000000000000000000000000000000000000000000000000000000 +Output = 00000000000000000000000000000000 + +# 2^130-6 +MAC = Poly1305 +Input = fdffffffffffffffffffffffffffffff +Key = 0200000000000000000000000000000000000000000000000000000000000000 +Output = faffffffffffffffffffffffffffffff + +# 5*H+L reduction intermediate +MAC = Poly1305 +Input = e33594d7505e43b900000000000000003394d7505e4379cd01000000000000000000000000000000000000000000000001000000000000000000000000000000 +Key = 0100000000000000040000000000000000000000000000000000000000000000 +Output = 14000000000000005500000000000000 + +# 5*H+L reduction final +MAC = Poly1305 +Input = e33594d7505e43b900000000000000003394d7505e4379cd010000000000000000000000000000000000000000000000 +Key = 0100000000000000040000000000000000000000000000000000000000000000 +Output = 13000000000000000000000000000000 + diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppbe.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppbe.txt index aabc727f3c..f9e9947070 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppbe.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppbe.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -12,7 +12,8 @@ # and continue until a blank line. Lines starting with a pound sign, # like this prolog, are ignored. -# scrypt tests from draft-josefsson-scrypt-kdf-03 +Title = scrypt tests (from draft-josefsson-scrypt-kdf-03 and others) + PBE = scrypt Password = "" Salt = "" @@ -48,10 +49,10 @@ N = 1048576 r = 8 p = 1 Key = 2101cb9b6a511aaeaddbbe09cf70f881ec568d574a2ffd4dabe5ee9820adaa478e56fd8f4ba5d09ffa1c6d927c40f4c337304049e8a952fbcbf45c6fa77a41a4 -#maxmem = 10000000000 Result = SCRYPT_ERROR +#maxmem = 10000000000 -# PKCS#12 tests +Title = PKCS12 tests PBE = pkcs12 id = 1 @@ -71,7 +72,7 @@ Key = 79993DFE048D3B76 PBE = pkcs12 id = 3 -iter 1 +iter = 1 MD = SHA1 Password = 0073006D006500670000 Salt = 3D83C0E4546AC140 @@ -101,7 +102,8 @@ Password = 007100750065006500670000 Salt = 263216FCC2FAB31C Key = 5EC4C7A80DF652294C3925B6489A7AB857C83476 -# PBKDF2 tests +Title = PBKDF2 tests + PBE = pbkdf2 Password = "password" Salt = "salt" @@ -207,7 +209,8 @@ iter = 4096 MD = sha512 Key = 9d9e9c4cd21fe4be24d5b8244c759665 -# PBKDF2 tests for empty and NULL inputs +Title = PBKDF2 tests for empty and NULL inputs + PBE = pbkdf2 Password = "" Salt = "salt" @@ -249,3 +252,5 @@ Salt = "salt" iter = 1 MD = sha512 Key = 00ef42cdbfc98d29db20976608e455567fdddf14 + + diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt index e0d8b4ff10..f4470ff46b 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey.txt @@ -83,7 +83,6 @@ x/iUJAcsJxl9eLM7kg6VzbZk6ZDc8M/qDZTiqOavnQ5YBW5lMQSSW5/myQ== PrivPubKeyPair = P-256:P-256-PUBLIC - # Additional EC key for ECDH PrivateKey=P-256-Peer -----BEGIN PRIVATE KEY----- @@ -100,7 +99,6 @@ CrmVlCNy6lFAldO8IPkSyzGPMjSvZI6nIGQ7P3Afm3reuJ0KvnTZ77acRg== PrivPubKeyPair = P-256-Peer:P-256-Peer-PUBLIC - # DSA key PrivateKey=DSA-1024 -----BEGIN PRIVATE KEY----- @@ -130,7 +128,7 @@ SzJw2oHciIOt+UU= PrivPubKeyPair = DSA-1024:DSA-1024-PUBLIC -# RSA tests +Title = RSA tests Sign = RSA-2048 Ctrl = digest:SHA1 @@ -379,14 +377,217 @@ Result = KEYOP_INIT_ERROR Function = EVP_PKEY_derive_init Reason = operation not supported for this keytype -# Invalid ctrl Sign = RSA-2048 Ctrl = rsa_mgf1_md:sha1 Result = PKEY_CTRL_INVALID Function = pkey_rsa_ctrl Reason = invalid mgf1 md -# EC tests +# RSA PSS key tests + +# PSS only key, no parameter restrictions +PrivateKey = RSA-PSS +-----BEGIN PRIVATE KEY----- +MIIEugIBADALBgkqhkiG9w0BAQoEggSmMIIEogIBAAKCAQEAzQCB6nsq4eoG1Z98 +c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo +092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qb +BeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0e +oKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz +5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPe +R+HETwIDAQABAoIBAGApeseZGxZ6BtayR1i4y+IIvrmy2eyXOL2A+QouNQBd184p +LZ4puohb0xb+8fIJE7wKyQ1rCAiyQU2CEERB2GJKM84CM8j3gKSLN1r/AtdnEiKK +cCSE2z+evszPu+4XCduhgoANlJ6eQhbgv/NVg4j4vZDaNzodgnQ+w/vdFCf9FoJa +ZXoxaRLoaVNlEXyi+EXJCUBfysVfiV/BXSA4bCbueMnpkHUCmheKbB5M8MIA6KnP +sn6dFW+G5sKtwisahKHNXKWyeQh115QHyEs1I5XLgcw/7VuwQ7ae3gwHIEVQAlzu +jF9EAXC2Egu0jg90e82PUiEQhQ3wQ8Qo39GHBTECgYEA9vlhtHy8A1067evH3oUK +lWtl7Nuc9gdkBj8VqkhVPFjZcv5mdQVuNd39w3vzufL2Iu4nEzclaEnJvvIXb+j3 +w/i7kbo3TdU7rz3sgU0r3sEMH9yIzdFodvJrHt+j8JQZft9NQv8fspcRA7iYyoWc +QnKHCGqEKrQQu2nPLTWva+MCgYEA1H5ySn/0EEiycMJSSkEBh4tzFZu3PT28GHsi +DmNbNTT5biQ6GE2T+GC2v7trccHtmh4fRYWDAjwwHpamksGgi1PQ7JypEBANgEUe +O33GoBusSuzvjfeYhGvCNaCMu6LPTAaATMESGelWCMcU4/FDDUkfrbujKldRoE+X +dFg0yaUCgYAh8kUrubld/QKMkUv3mfHKd+ialdUNPBbThPhFX4vXr56z36PVkdmE +Le8jX3YwqOSMCI/2ZC4QF5RTWpM+HpdvqFCfxyiy2gxKGgjX/PN6uq4f8wAayh3B +u7Bdnf+6oaCff7Hu84I32evMxyK5M4Q23ecRkRJ5jCaAnBqN7EMgYQKBgB91EKpi +wtjeSjxTKCeB9B4C0Oi0Aq54Qy5EnEgRAWGhFAPwLQGICo3Mk4FS15chpHEaYHrE +Rx6/lkgQ+VvkekXmBJnin0yXc8g3c0BPYGY3cowtA1G7A8MmyLtzpyHn+lRA6iFy +u6FGX8ww3LDZ+Jkw6BWqH3+XKahX4A4DON1ZAoGATR8NdW/nfgEJmmUvUKiLe2hd +xb8AmB1dI3b9DG/inNW2OHNEeTBac608FZnTnq47rgNfvW/tB8KN5wWTOHmgbkjm +pgNobtjiVgpfavHywk+vSqlg44IYbxXu3OmiSRrnMGgN1M93i3D6qGgmqzIjR3zJ +E3exmm1aLq6iGXYL7tU= +-----END PRIVATE KEY----- + +# PSS public key default parameters +PublicKey = RSA-PSS-DEFAULT +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQowAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG1Z98c9n/ +uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuFFgdo092p +y9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZT+qbBeQt +WtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0Ky0eoKS0 +gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4e8qz5AZJ +uYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51rQPeR+HE +TwIDAQAB +-----END PUBLIC KEY----- + +PrivPubKeyPair = RSA-PSS:RSA-PSS-DEFAULT + +# Key with invalid negative minimum salt length +PublicKey = RSA-PSS-BAD +-----BEGIN PUBLIC KEY----- +MIIBJzASBgkqhkiG9w0BAQowBaIDAgH/A4IBDwAwggEKAoIBAQDNAIHqeyrh6gbV +n3xz2f+5SglhXC5Lp8Y2zvCN01M+wxhVJbAVx2m5mnfWclv5w1Mqm25fZifV+4UW +B2jT3anL01l0URcX3D0wnS/EfuQfl+Mq23+d2GShxHZ6Zm7NcbwarPXnUX9LOFlP +6psF5C1a2pkSAIAT5FMWpNm7jtCGuI0odYusr5ItRqhotIXSOcm66w4rZFknEPQr +LR6gpLSALAvsqzKPimiwBzvbVG/uqYCdKEmRKzkMFTK8finHZY+BdfrkbzQzL/h7 +yrPkBkm5hXeGnaDqcYNT8HInVIhpE2SHYNEivmduD8SD3SD/wxvalqMZZsmqLnWt +A95H4cRPAgMBAAE= +-----END PUBLIC KEY----- + +PrivPubKeyPair = RSA-PSS:RSA-PSS-BAD + + +# Key with minimum salt length exceeding maximum permitted value +PublicKey = RSA-PSS-BAD2 +-----BEGIN PUBLIC KEY----- +MIIBKDATBgkqhkiG9w0BAQowBqIEAgIBAAOCAQ8AMIIBCgKCAQEAzQCB6nsq4eoG +1Z98c9n/uUoJYVwuS6fGNs7wjdNTPsMYVSWwFcdpuZp31nJb+cNTKptuX2Yn1fuF +Fgdo092py9NZdFEXF9w9MJ0vxH7kH5fjKtt/ndhkocR2emZuzXG8Gqz151F/SzhZ +T+qbBeQtWtqZEgCAE+RTFqTZu47QhriNKHWLrK+SLUaoaLSF0jnJuusOK2RZJxD0 +Ky0eoKS0gCwL7Ksyj4posAc721Rv7qmAnShJkSs5DBUyvH4px2WPgXX65G80My/4 +e8qz5AZJuYV3hp2g6nGDU/ByJ1SIaRNkh2DRIr5nbg/Eg90g/8Mb2pajGWbJqi51 +rQPeR+HETwIDAQAB +-----END PUBLIC KEY----- + +PrivPubKeyPair = RSA-PSS:RSA-PSS-BAD2 + +# Zero salt length makes output deterministic +Sign = RSA-2048 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:0 +Ctrl = digest:sha256 +Input="0123456789ABCDEF0123456789ABCDEF" +Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A + +# Verify of above signature +Verify = RSA-2048-PUBLIC +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:0 +Ctrl = digest:sha256 +Input="0123456789ABCDEF0123456789ABCDEF" +Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A + +# Verify using salt length auto detect +Verify = RSA-2048-PUBLIC +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:auto +Input="0123456789ABCDEF0123" +Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B + +# Digest too short +Verify = RSA-2048-PUBLIC +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:0 +Ctrl = digest:sha256 +Input="0123456789ABCDEF0123456789ABCDE" +Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A +Result = VERIFY_ERROR + +# Digest too long +Verify = RSA-2048-PUBLIC +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:0 +Ctrl = digest:sha256 +Input="0123456789ABCDEF0123456789ABCDEF0" +Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A +Result = VERIFY_ERROR + +# Wrong salt length +Verify = RSA-2048 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:2 +Ctrl = digest:sha256 +Input="0123456789ABCDEF0123456789ABCDEF" +Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A +Result = VERIFY_ERROR + +# Wrong MGF1 digest +Verify = RSA-2048 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:0 +Ctrl = digest:sha256 +Ctrl = rsa_mgf1_md:sha1 +Input="0123456789ABCDEF0123456789ABCDEF" +Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A +Result = VERIFY_ERROR + + +# Verify using default parameters +Verify = RSA-PSS-DEFAULT +Input="0123456789ABCDEF0123" +Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF + +# Verify using default parameters, explicitly setting parameters +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:20 +Ctrl = digest:sha1 +Input="0123456789ABCDEF0123" +Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF + +# Verify explicitly setting parameters "digest" salt length +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:digest +Ctrl = digest:sha1 +Input="0123456789ABCDEF0123" +Output = 3EFE09D88509027D837BFA5F8471CF7B69E6DF395DD999BB9CA42021F15722D9AC76670507C6BCFB73F64FB2211B611B8F140E76EBDB064BD762FDBA89D019E304A0D6B274E1C2FE1DF50005598A0306AF805416094E2A5BA60BC72BDE38CE061E853ED40F14967A8B9CA4DC739B462F89558F12FDF2D8D19FBEF16AD66FE2DDDA8BEE983ECBD873064244849D8D94B5B33F45E076871A47ED653E73257A2BE2DB3C0878094B0D2B6B682C8007DFD989425FB39A1FEEC9EED5876414601A49176EC344F5E3EDEE81CA2DDD29B7364F4638112CB3A547E2BC170E28CB66BDABE863754BE8AD5BA230567B575266F4B6B4CF81F28310ABF05351CC9E2DB85D00BF + +# Verify using salt length larger than minimum +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_pss_saltlen:30 +Input="0123456789ABCDEF0123" +Output = 6BF7EDC63A0BA184EEEC7F3020FEC8F5EBF38C2B76481881F48BCCE5796E7AB294548BA9AE810457C7723CABD1BDE94CF59CF7C0FC7461B22760C8ED703DD98E97BFDD61FA8D1181C411F6DEE5FF159F4850746D78EDEE385A363DC28E2CB373D5CAD7953F3BD5E639BE345732C03A1BDEA268814DA036EB1891C82D4012F3B903D86636055F87B96FC98806AD1B217685A4D754046A5DE0B0D7870664BE07902153EC85BA457BE7D7F89D7FE0F626D02A9CBBB2BB479DDA1A5CAE75247FB7BF6BFB15C1D3FD9E6B1573CCDBC72011C3B97716058BB11C7EA2E4E56ADAFE1F5DE6A7FD405AC5890100F9C3408EFFB5C73BF73F48177FF743B4B819D0699D507B + +# Verify using maximum salt length +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_pss_saltlen:max +Input="0123456789ABCDEF0123" +Output = 4470DCFE812DEE2E58E4301D4ED274AB348FE040B724B2CD1D8CD0914BFF375F0B86FCB32BFA8AEA9BD22BD7C4F1ADD4F3D215A5CFCC99055BAFECFC23800E9BECE19A08C66BEBC5802122D13A732E5958FC228DCC0B49B5B4B1154F032D8FA2F3564AA949C1310CC9266B0C47F86D449AC9D2E7678347E7266E2D7C888CCE1ADF44A109A293F8516AE2BD94CE220F26E137DB8E7A66BB9FCE052CDC1D0BE24D8CEBB20D10125F26B069F117044B9E1D16FDDAABCA5340AE1702F37D0E1C08A2E93801C0A41035C6C73DA02A0E32227EAFB0B85E79107B59650D0EE7DC32A6772CCCE90F06369B2880FE87ED76997BA61F5EA818091EE88F8B0D6F24D02A3FC6 + +# Attempt to change salt length below minimum +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_pss_saltlen:0 +Result = PKEY_CTRL_ERROR + +# Attempt to change padding mode +Verify = RSA-PSS-DEFAULT +Ctrl = rsa_padding_mode:pkcs1 +Result = PKEY_CTRL_INVALID + +# Attempt to change digest +Verify = RSA-PSS-DEFAULT +Ctrl = digest:sha256 +Result = PKEY_CTRL_ERROR + +# Illegal decrypt +Decrypt = RSA-PSS +Result = KEYOP_INIT_ERROR +Function = EVP_PKEY_decrypt_init +Reason = operation not supported for this keytype + +# Invalid key: rejected when we try to init +Verify = RSA-PSS-BAD +Result = KEYOP_INIT_ERROR +Function = rsa_pss_get_param +Reason = invalid salt length + +# Invalid key: rejected when we try to init +Verify = RSA-PSS-BAD2 +Result = KEYOP_INIT_ERROR +Function = pkey_pss_init +Reason = invalid salt length + + +Title = EC tests Verify = P-256 Ctrl = digest:SHA1 @@ -440,7 +641,16 @@ Ctrl = digest:SHA1 Input = "0123456789ABCDEF1234" Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e15202201898cdd52b41ca502098184b409cf83a21bc945006746e3b7cea52234e043ec8 -# DSA tests +Derive=P-256 +PeerKey=P-256-Peer-PUBLIC +SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B + +Derive=P-256-Peer +PeerKey=P-256-PUBLIC +SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B + +Title = DSA tests + Verify = DSA-1024 Ctrl = digest:SHA1 Input = "0123456789ABCDEF1234" @@ -492,76 +702,13 @@ Input = "0123456789ABCDEF1234" Output = 3080021500942b8c5850e05b59e24495116b1e8559e51b610e0214237aedf272d91f2397f63c9fc8790e1a6cde5d870000 Result = VERIFY_ERROR -# RSA PSS padding tests. - -# Zero salt length makes output deterministic -Sign = RSA-2048 -Ctrl = rsa_padding_mode:pss -Ctrl = rsa_pss_saltlen:0 -Ctrl = digest:sha256 -Input="0123456789ABCDEF0123456789ABCDEF" -Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A - -# Verify of above signature -Verify = RSA-2048-PUBLIC -Ctrl = rsa_padding_mode:pss -Ctrl = rsa_pss_saltlen:0 -Ctrl = digest:sha256 -Input="0123456789ABCDEF0123456789ABCDEF" -Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A - -# Digest too short -Verify = RSA-2048-PUBLIC -Ctrl = rsa_padding_mode:pss -Ctrl = rsa_pss_saltlen:0 -Ctrl = digest:sha256 -Input="0123456789ABCDEF0123456789ABCDE" -Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A -Result = VERIFY_ERROR +Title = X25519 test vectors (from RFC7748 6.1) -# Digest too long -Verify = RSA-2048-PUBLIC -Ctrl = rsa_padding_mode:pss -Ctrl = rsa_pss_saltlen:0 -Ctrl = digest:sha256 -Input="0123456789ABCDEF0123456789ABCDEF0" -Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A -Result = VERIFY_ERROR - -# Wrong salt length -Verify = RSA-2048 -Ctrl = rsa_padding_mode:pss -Ctrl = rsa_pss_saltlen:2 -Ctrl = digest:sha256 -Input="0123456789ABCDEF0123456789ABCDEF" -Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A -Result = VERIFY_ERROR - -# Wrong MGF1 digest -Verify = RSA-2048 -Ctrl = rsa_padding_mode:pss -Ctrl = rsa_pss_saltlen:0 -Ctrl = digest:sha256 -Ctrl = rsa_mgf1_md:sha1 -Input="0123456789ABCDEF0123456789ABCDEF" -Output=4DE433D5844043EF08D354DA03CB29068780D52706D7D1E4D50EFB7D58C9D547D83A747DDD0635A96B28F854E50145518482CB49E963054621B53C60C498D07C16E9C2789C893CF38D4D86900DE71BDE463BD2761D1271E358C7480A1AC0BAB930DDF39602AD1BC165B5D7436B516B7A7858E8EB7AB1C420EEB482F4D207F0E462B1724959320A084E13848D11D10FB593E66BF680BF6D3F345FC3E9C3DE60ABBAC37E1C6EC80A268C8D9FC49626C679097AA690BC1AA662B95EB8DB70390861AA0898229F9349B4B5FDD030D4928C47084708A933144BE23BD3C6E661B85B2C0EF9ED36D498D5B7320E8194D363D4AD478C059BAE804181965E0B81B663158A -Result = VERIFY_ERROR - -# ECDH tests - -Derive=P-256 -PeerKey=P-256-Peer-PUBLIC -SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B - -Derive=P-256-Peer -PeerKey=P-256-PUBLIC -SharedSecret=E3CC07DFBDDE76A1139811DB9FF5FAF9D17EF39944F1E77D1F6A208524BF7B1B - -# X25519 test vectors from RFC7748 6.1 PrivateKey=Alice-25519 -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VuBCIEIHcHbQpzGKV9PBbBclGyZkXfTC+H68CZKrF3+6UduSwq -----END PRIVATE KEY----- + PublicKey=Alice-25519-PUBLIC -----BEGIN PUBLIC KEY----- MCowBQYDK2VuAyEAhSDwCYkwp1R0i33ctD73Wg2/Og0mOBr066SpjqqbTmo= @@ -573,13 +720,28 @@ PrivateKey=Bob-25519 -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VuBCIEIF2rCH5iSopLeeF/i4OADuZvO7EpJhi2/Rwviyf/iODr -----END PRIVATE KEY----- + PublicKey=Bob-25519-PUBLIC -----BEGIN PUBLIC KEY----- MCowBQYDK2VuAyEA3p7bfXt9wbTTW2HC7OQ1Nz+DQ8hbeGdNrfx+FG+IK08= -----END PUBLIC KEY----- +#Raw versions of the same keys as above + +PrivateKeyRaw=Alice-25519-Raw:X25519:77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a + +PublicKeyRaw=Alice-25519-PUBLIC-Raw:X25519:8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a + +PrivPubKeyPair = Alice-25519-Raw:Alice-25519-PUBLIC-Raw + +PrivateKeyRaw=Bob-25519-Raw:X25519:5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb + +PublicKeyRaw=Bob-25519-PUBLIC-Raw:X25519:de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f + PrivPubKeyPair = Bob-25519:Bob-25519-PUBLIC +PrivPubKeyPair = Bob-25519-Raw:Bob-25519-PUBLIC-Raw + Derive=Alice-25519 PeerKey=Bob-25519-PUBLIC SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742 @@ -588,6 +750,14 @@ Derive=Bob-25519 PeerKey=Alice-25519-PUBLIC SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742 +Derive=Alice-25519-Raw +PeerKey=Bob-25519-PUBLIC-Raw +SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742 + +Derive=Bob-25519-Raw +PeerKey=Alice-25519-PUBLIC-Raw +SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742 + # Illegal sign/verify operations with X25519 key Sign=Alice-25519 @@ -600,8 +770,1087 @@ Result = KEYOP_INIT_ERROR Function = EVP_PKEY_verify_init Reason = operation not supported for this keytype -## ECDH Tests: test with randomly generated keys for all the listed curves +Title = X448 test vectors (from RFC7748 6.2) + +PrivateKey=Alice-448 +-----BEGIN PRIVATE KEY----- +MEYCAQAwBQYDK2VvBDoEOJqPSSXRUZ9Xdc9GsEtYANTunui66LxVZdSYwo3Zybr1 +dKlBl0SJc5EAY4Km8SerHZrC2MClmHJr +-----END PRIVATE KEY----- + +PublicKey=Alice-448-PUBLIC +-----BEGIN PUBLIC KEY----- +MEIwBQYDK2VvAzkAmwj3zDG34+Z9ItWuoSEHSic70rg94Jxj+qc9LCLF2bvINmRy +QdlT1AxbEtqIEg1TF3+A5TLEH6A= +-----END PUBLIC KEY----- + +PrivPubKeyPair = Alice-448:Alice-448-PUBLIC + +PrivateKey=Bob-448 +-----BEGIN PRIVATE KEY----- +MEYCAQAwBQYDK2VvBDoEOBwwanrCoOLgmQspRHDLoznmRTdysHWBHY+tDR1pJ8Eg +u17olysNPiE3TJySGwnRsDZvELZRc5kt +-----END PRIVATE KEY----- + +PublicKey=Bob-448-PUBLIC +-----BEGIN PUBLIC KEY----- +MEIwBQYDK2VvAzkAPreoKbDNIPW8/AtZm2/sz22kYnEHvbDU80W0MCfYuXL8PjT7 +QjKhPKcG3LV67D2uB73BxnvzNgk= +-----END PUBLIC KEY----- + +PrivPubKeyPair = Bob-448:Bob-448-PUBLIC + +#Raw versions of the same keys as above + +PrivateKeyRaw=Alice-448-Raw:X448:9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b + +PublicKeyRaw=Alice-448-PUBLIC-Raw:X448:9b08f7cc31b7e3e67d22d5aea121074a273bd2b83de09c63faa73d2c22c5d9bbc836647241d953d40c5b12da88120d53177f80e532c41fa0 + +PrivPubKeyPair = Alice-448-Raw:Alice-448-PUBLIC-Raw + +PrivateKeyRaw=Bob-448-Raw:X448:1c306a7ac2a0e2e0990b294470cba339e6453772b075811d8fad0d1d6927c120bb5ee8972b0d3e21374c9c921b09d1b0366f10b65173992d + +PublicKeyRaw=Bob-448-PUBLIC-Raw:X448:3eb7a829b0cd20f5bcfc0b599b6feccf6da4627107bdb0d4f345b43027d8b972fc3e34fb4232a13ca706dcb57aec3dae07bdc1c67bf33609 + +PrivPubKeyPair = Bob-448-Raw:Bob-448-PUBLIC-Raw + +Derive=Alice-448 +PeerKey=Bob-448-PUBLIC +SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d + +Derive=Bob-448 +PeerKey=Alice-448-PUBLIC +SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d + +Derive=Alice-448-Raw +PeerKey=Bob-448-PUBLIC-Raw +SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d + +Derive=Bob-448-Raw +PeerKey=Alice-448-PUBLIC-Raw +SharedSecret=07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d + +# Illegal sign/verify operations with X448 key + +Sign=Alice-448 +Result = KEYOP_INIT_ERROR +Function = EVP_PKEY_sign_init +Reason = operation not supported for this keytype + +Verify=Alice-448 +Result = KEYOP_INIT_ERROR +Function = EVP_PKEY_verify_init +Reason = operation not supported for this keytype + + +# Additional RSA-PSS and RSA-OAEP tests converted from +# ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip +Title = RSA PSS/OAEP (from RSASecurity FTP) + +PublicKey=RSA-PSS-1 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLs +DjatUqRN/rHmH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2V +CAltWyuLbfXWce9jd8CSHLI8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh +4fINDOjP+yJJvZohNwIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-1 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=cd8b6538cb8e8de566b68bd067569dbf1ee2718e +Output=9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c + +Verify=RSA-PSS-1 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=e35befc17a1d160b9ce35fbd8eb16e7ee491d3fd +Output=3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843 + +Verify=RSA-PSS-1 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=0652ec67bcee30f9d2699122b91c19abdba89f91 +Output=666026fba71bd3e7cf13157cc2c51a8e4aa684af9778f91849f34335d141c00154c4197621f9624a675b5abc22ee7d5baaffaae1c9baca2cc373b3f33e78e6143c395a91aa7faca664eb733afd14d8827259d99a7550faca501ef2b04e33c23aa51f4b9e8282efdb728cc0ab09405a91607c6369961bc8270d2d4f39fce612b1 + +Verify=RSA-PSS-1 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=39c21c4cceda9c1adf839c744e1212a6437575ec +Output=4609793b23e9d09362dc21bb47da0b4f3a7622649a47d464019b9aeafe53359c178c91cd58ba6bcb78be0346a7bc637f4b873d4bab38ee661f199634c547a1ad8442e03da015b136e543f7ab07c0c13e4225b8de8cce25d4f6eb8400f81f7e1833b7ee6e334d370964ca79fdb872b4d75223b5eeb08101591fb532d155a6de87 + +Verify=RSA-PSS-1 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=36dae913b77bd17cae6e7b09453d24544cebb33c +Output=1d2aad221ca4d31ddf13509239019398e3d14b32dc34dc5af4aeaea3c095af73479cf0a45e5629635a53a018377615b16cb9b13b3e09d671eb71e387b8545c5960da5a64776e768e82b2c93583bf104c3fdb23512b7b4e89f633dd0063a530db4524b01c3f384c09310e315a79dcd3d684022a7f31c865a664e316978b759fad + +Verify=RSA-PSS-1 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=45eef191f4f79c31fe5d2ede7e5098994e929d2d +Output=2a34f6125e1f6b0bf971e84fbd41c632be8f2c2ace7de8b6926e31ff93e9af987fbc06e51e9be14f5198f91f3f953bd67da60a9df59764c3dc0fe08e1cbef0b75f868d10ad3fba749fef59fb6dac46a0d6e504369331586f58e4628f39aa278982543bc0eeb537dc61958019b394fb273f215858a0a01ac4d650b955c67f4c58 + +PublicKey=RSA-PSS-2 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQHUDBvPl6aK5829invz40+hncyk +73WkdFQ3X5RRTYj+0Ab7gp+EGf+H1jFdpoof86CTjpq7NGQBHDA62ZGZzwx8eotH +fc6CnohE9iWxFeXpxKWc+PgRO2g0M2ov0mibRyy7Xlyr5nQ1DFm2wX4XaHT7Qvj8 +PRdqAX7cYf0ybEszyQIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-2 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=5c81a3e2a658246628cd0ee8b00bb4c012bc9739 +Output=014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3 + +Verify=RSA-PSS-2 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=27f71611446aa6eabf037f7dedeede3203244991 +Output=010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea + +Verify=RSA-PSS-2 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=03ecc2c33e93f05fc7224fcc0d461356cb897217 +Output=007f0030018f53cdc71f23d03659fde54d4241f758a750b42f185f87578520c30742afd84359b6e6e8d3ed959dc6fe486bedc8e2cf001f63a7abe16256a1b84df0d249fc05d3194ce5f0912742dbbf80dd174f6c51f6bad7f16cf3364eba095a06267dc3793803ac7526aebe0a475d38b8c2247ab51c4898df7047dc6adf52c6c4 + +Verify=RSA-PSS-2 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=246c727b4b9494849dddb068d582e179ac20999c +Output=009cd2f4edbe23e12346ae8c76dd9ad3230a62076141f16c152ba18513a48ef6f010e0e37fd3df10a1ec629a0cb5a3b5d2893007298c30936a95903b6ba85555d9ec3673a06108fd62a2fda56d1ce2e85c4db6b24a81ca3b496c36d4fd06eb7c9166d8e94877c42bea622b3bfe9251fdc21d8d5371badad78a488214796335b40b + +Verify=RSA-PSS-2 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=e8617ca3ea66ce6a58ede2d11af8c3ba8a6ba912 +Output=00ec430824931ebd3baa43034dae98ba646b8c36013d1671c3cf1cf8260c374b19f8e1cc8d965012405e7e9bf7378612dfcc85fce12cda11f950bd0ba8876740436c1d2595a64a1b32efcfb74a21c873b3cc33aaf4e3dc3953de67f0674c0453b4fd9f604406d441b816098cb106fe3472bc251f815f59db2e4378a3addc181ecf + +Verify=RSA-PSS-2 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=7a6fdc1a4e434ecbc35d657ad49a2f4fafd43bc8 +Output=00475b1648f814a8dc0abdc37b5527f543b666bb6e39d30e5b49d3b876dccc58eac14e32a2d55c2616014456ad2f246fc8e3d560da3ddf379a1c0bd200f10221df078c219a151bc8d4ec9d2fc2564467811014ef15d8ea01c2ebbff8c2c8efab38096e55fcbe3285c7aa558851254faffa92c1c72b78758663ef4582843139d7a6 + +PublicKey=RSA-PSS-3 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQLyRu9FHtPuu5oxAgDMJYWcBI5L +55gwKZERLraM5ttnTigNoh/t7RrnSIDKUisY2ySThQEoJ8UV8ORmof+mkdmBcFdO +nQ6tsIdYbKSJM9o8yVPZW9DtUN4Q3ctnNhB9bIMcf2Y+gzykwJfnAM4PuUX4j7hf +6OWncxclZbkUpHGkQwIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-3 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=3552be69dd74bdc56d2cf8c38ef7bafe269040fe +Output=0088b135fb1794b6b96c4a3e678197f8cac52b64b2fe907d6f27de761124964a99a01a882740ecfaed6c01a47464bb05182313c01338a8cd097214cd68ca103bd57d3bc9e816213e61d784f182467abf8a01cf253e99a156eaa8e3e1f90e3c6e4e3aa2d83ed0345b89fafc9c26077c14b6ac51454fa26e446e3a2f153b2b16797f + +Verify=RSA-PSS-3 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=609143ff7240e55c062aba8b9e4426a781919bc9 +Output=02a5f0a858a0864a4f65017a7d69454f3f973a2999839b7bbc48bf78641169179556f595fa41f6ff18e286c2783079bc0910ee9cc34f49ba681124f923dfa88f426141a368a5f5a930c628c2c3c200e18a7644721a0cbec6dd3f6279bde3e8f2be5e2d4ee56f97e7ceaf33054be7042bd91a63bb09f897bd41e81197dee99b11af + +Verify=RSA-PSS-3 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=0afd22f879a9cda7c584f4135f8f1c961db114c0 +Output=0244bcd1c8c16955736c803be401272e18cb990811b14f72db964124d5fa760649cbb57afb8755dbb62bf51f466cf23a0a1607576e983d778fceffa92df7548aea8ea4ecad2c29dd9f95bc07fe91ecf8bee255bfe8762fd7690aa9bfa4fa0849ef728c2c42c4532364522df2ab7f9f8a03b63f7a499175828668f5ef5a29e3802c + +Verify=RSA-PSS-3 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=405dd56d395ef0f01b555c48f748cc32b210650b +Output=0196f12a005b98129c8df13c4cb16f8aa887d3c40d96df3a88e7532ef39cd992f273abc370bc1be6f097cfebbf0118fd9ef4b927155f3df22b904d90702d1f7ba7a52bed8b8942f412cd7bd676c9d18e170391dcd345c06a730964b3f30bcce0bb20ba106f9ab0eeb39cf8a6607f75c0347f0af79f16afa081d2c92d1ee6f836b8 + +Verify=RSA-PSS-3 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=a2c313b0440c8a0c47233b87f0a160c61af3eae7 +Output=021eca3ab4892264ec22411a752d92221076d4e01c0e6f0dde9afd26ba5acf6d739ef987545d16683e5674c9e70f1de649d7e61d48d0caeb4fb4d8b24fba84a6e3108fee7d0705973266ac524b4ad280f7ae17dc59d96d3351586b5a3bdb895d1e1f7820ac6135d8753480998382ba32b7349559608c38745290a85ef4e9f9bd83 + +Verify=RSA-PSS-3 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=f1bf6ca7b4bbdbb6bf20a4bf55728725d177154a +Output=012fafec862f56e9e92f60ab0c77824f4299a0ca734ed26e0644d5d222c7f0bde03964f8e70a5cb65ed44e44d56ae0edf1ff86ca032cc5dd4404dbb76ab854586c44eed8336d08d457ce6c03693b45c0f1efef93624b95b8ec169c616d20e5538ebc0b6737a6f82b4bc0570924fc6b35759a3348426279f8b3d7744e2d222426ce + +PublicKey=RSA-PSS-4 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQVK23iGRH7+b1fgNo8Gz1KwozcH +YNFhzvEmuRvn+JxCG2Km7B2jwxHXXtUOCrX/8/0zisw6qKTnfuJjaay4G6kA+oP1 +MAz5u2xTrR3IoXi4FdtCNamp2gwG3k5hXqEnfOVZ6cEI3ljBSoGqd/Wm+NEzVJRJ +iEjIuVlAdAvnv3w3BQIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-4 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=f8b0abf70fec0bca74f0accbc24f75e6e90d3bfd +Output=0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948 + +Verify=RSA-PSS-4 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=04a10944bfe11ab801e77889f3fd3d7f4ff0b629 +Output=049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598 + +Verify=RSA-PSS-4 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=ba01243db223eb97fb86d746c3148adaaa0ca344 +Output=03fbc410a2ced59500fb99f9e2af2781ada74e13145624602782e2994813eefca0519ecd253b855fb626a90d771eae028b0c47a199cbd9f8e3269734af4163599090713a3fa910fa0960652721432b971036a7181a2bc0cab43b0b598bc6217461d7db305ff7e954c5b5bb231c39e791af6bcfa76b147b081321f72641482a2aad + +Verify=RSA-PSS-4 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=934bb0d38d6836daec9de82a9648d4593da67cd2 +Output=0486644bc66bf75d28335a6179b10851f43f09bded9fac1af33252bb9953ba4298cd6466b27539a70adaa3f89b3db3c74ab635d122f4ee7ce557a61e59b82ffb786630e5f9db53c77d9a0c12fab5958d4c2ce7daa807cd89ba2cc7fcd02ff470ca67b229fcce814c852c73cc93bea35be68459ce478e9d4655d121c8472f371d4f + +Verify=RSA-PSS-4 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=ec35d81abd1cceac425a935758b683465c8bd879 +Output=022a80045353904cb30cbb542d7d4990421a6eec16a8029a8422adfd22d6aff8c4cc0294af110a0c067ec86a7d364134459bb1ae8ff836d5a8a2579840996b320b19f13a13fad378d931a65625dae2739f0c53670b35d9d3cbac08e733e4ec2b83af4b9196d63e7c4ff1ddeae2a122791a125bfea8deb0de8ccf1f4ffaf6e6fb0a + +Verify=RSA-PSS-4 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=72ce251d17b04dd3970d6ff1fbe3624899e9e941 +Output=00938dcb6d583046065f69c78da7a1f1757066a7fa75125a9d2929f0b79a60b627b082f11f5b196f28eb9daa6f21c05e5140f6aef1737d2023075c05ecf04a028c686a2ab3e7d5a0664f295ce12995e890908b6ad21f0839eb65b70393a7b5afd9871de0caa0cedec5b819626756209d13ab1e7bb9546a26ff37e9a51af9fd562e + +PublicKey=RSA-PSS-5 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQ0Q9mHymUD17TmqJglm3rR4Q2ed +K2+yWz3jcPOsfBmRY5H9JftSfr+mpLTfRaF1nZlsS7Tr0YgoxE/FLQGRhxdAUl9H +pLDMjaMl7YqmdrDQ9ibgp38HaSFwrKyAgvQvqn3HzRI+cw4xqHmFIEyry+ZnDUOi +3Sst3vXgU5L8ITvFBwIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-5 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=d98b7061943510bc3dd9162f7169aabdbdcd0222 +Output=0ba373f76e0921b70a8fbfe622f0bf77b28a3db98e361051c3d7cb92ad0452915a4de9c01722f6823eeb6adf7e0ca8290f5de3e549890ac2a3c5950ab217ba58590894952de96f8df111b2575215da6c161590c745be612476ee578ed384ab33e3ece97481a252f5c79a98b5532ae00cdd62f2ecc0cd1baefe80d80b962193ec1d + +Verify=RSA-PSS-5 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=7ae8e699f754988f4fd645e463302e49a2552072 +Output=08180de825e4b8b014a32da8ba761555921204f2f90d5f24b712908ff84f3e220ad17997c0dd6e706630ba3e84add4d5e7ab004e58074b549709565d43ad9e97b5a7a1a29e85b9f90f4aafcdf58321de8c5974ef9abf2d526f33c0f2f82e95d158ea6b81f1736db8d1af3d6ac6a83b32d18bae0ff1b2fe27de4c76ed8c7980a34e + +Verify=RSA-PSS-5 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=8d46c7c05534c1ba2cc7624500d48a4531604bff +Output=05e0fdbdf6f756ef733185ccfa8ced2eb6d029d9d56e35561b5db8e70257ee6fd019d2f0bbf669fe9b9821e78df6d41e31608d58280f318ee34f559941c8df13287574bac000b7e58dc4f414ba49fb127f9d0f8936638c76e85356c994f79750f7fa3cf4fd482df75e3fb9978cd061f7abb17572e6e63e0bde12cbdcf18c68b979 + +Verify=RSA-PSS-5 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=ee3de96783fd0a157c8b20bf5566124124dcfe65 +Output=0bc989853bc2ea86873271ce183a923ab65e8a53100e6df5d87a24c4194eb797813ee2a187c097dd872d591da60c568605dd7e742d5af4e33b11678ccb63903204a3d080b0902c89aba8868f009c0f1c0cb85810bbdd29121abb8471ff2d39e49fd92d56c655c8e037ad18fafbdc92c95863f7f61ea9efa28fea401369d19daea1 + +Verify=RSA-PSS-5 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=1204df0b03c2724e2709c23fc71789a21b00ae4c +Output=0aefa943b698b9609edf898ad22744ac28dc239497cea369cbbd84f65c95c0ad776b594740164b59a739c6ff7c2f07c7c077a86d95238fe51e1fcf33574a4ae0684b42a3f6bf677d91820ca89874467b2c23add77969c80717430d0efc1d3695892ce855cb7f7011630f4df26def8ddf36fc23905f57fa6243a485c770d5681fcd + +Verify=RSA-PSS-5 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=29926bc3280c841f601acd0d6f17ea38023eddbc +Output=02802dccfa8dfaf5279bf0b4a29ba1b157611faeaaf419b8919d15941900c1339e7e92e6fae562c53e6cc8e84104b110bce03ad18525e3c49a0eadad5d3f28f244a8ed89edbafbb686277cfa8ae909714d6b28f4bf8e293aa04c41efe7c0a81266d5c061e2575be032aa464674ff71626219bd74cc45f0e7ed4e3ff96eee758e8f + +PublicKey=RSA-PSS-6 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgRZMoxz/YJ86DnEBsDny5P5t03UZ +q5hZjReeF0mWWYBx9H06BFWRWNe+NzzxqlPwqm7wkDnlZ4wqTGOQBRTIxPiq7V3h +Kl8QsJwxGvjA/7W3opfy78Y7jWsFEJMfC5jki/X8bsTnuNsf+usIw44CrbjwOkgi +nJnpaUMfYcuMTcaY0QIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-6 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=ab464e8cb65ae5fdea47a53fa84b234d6bfd52f6 +Output=04c0cfacec04e5badbece159a5a1103f69b3f32ba593cb4cc4b1b7ab455916a96a27cd2678ea0f46ba37f7fc9c86325f29733b389f1d97f43e7201c0f348fc45fe42892335362eee018b5b161f2f9393031225c713012a576bc88e23052489868d9010cbf033ecc568e8bc152bdc59d560e41291915d28565208e22aeec9ef85d1 + +Verify=RSA-PSS-6 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=92d0bcae82b641f578f040f5151be8eda6d42299 +Output=0a2314250cf52b6e4e908de5b35646bcaa24361da8160fb0f9257590ab3ace42b0dc3e77ad2db7c203a20bd952fbb56b1567046ecfaa933d7b1000c3de9ff05b7d989ba46fd43bc4c2d0a3986b7ffa13471d37eb5b47d64707bd290cfd6a9f393ad08ec1e3bd71bb5792615035cdaf2d8929aed3be098379377e777ce79aaa4773 + +Verify=RSA-PSS-6 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=3569bd8fd2e28f2443375efa94f186f6911ffc2b +Output=086df6b500098c120f24ff8423f727d9c61a5c9007d3b6a31ce7cf8f3cbec1a26bb20e2bd4a046793299e03e37a21b40194fb045f90b18bf20a47992ccd799cf9c059c299c0526854954aade8a6ad9d97ec91a1145383f42468b231f4d72f23706d9853c3fa43ce8ace8bfe7484987a1ec6a16c8daf81f7c8bf42774707a9df456 + +Verify=RSA-PSS-6 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=7abbb7b42de335730a0b641f1e314b6950b84f98 +Output=0b5b11ad549863ffa9c51a14a1106c2a72cc8b646e5c7262509786105a984776534ca9b54c1cc64bf2d5a44fd7e8a69db699d5ea52087a4748fd2abc1afed1e5d6f7c89025530bdaa2213d7e030fa55df6f34bcf1ce46d2edf4e3ae4f3b01891a068c9e3a44bbc43133edad6ecb9f35400c4252a5762d65744b99cb9f4c559329f + +Verify=RSA-PSS-6 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=55b7eb27be7a787a59eb7e5fac468db8917a7725 +Output=02d71fa9b53e4654fefb7f08385cf6b0ae3a817942ebf66c35ac67f0b069952a3ce9c7e1f1b02e480a9500836de5d64cdb7ecde04542f7a79988787e24c2ba05f5fd482c023ed5c30e04839dc44bed2a3a3a4fee01113c891a47d32eb8025c28cb050b5cdb576c70fe76ef523405c08417faf350b037a43c379339fcb18d3a356b + +Verify=RSA-PSS-6 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=de2fa0367ef49083ff89b9905d3fd646fcc12c38 +Output=0a40a16e2fe2b38d1df90546167cf9469c9e3c3681a3442b4b2c2f581deb385ce99fc6188bb02a841d56e76d301891e24560550fcc2a26b55f4ccb26d837d350a154bcaca8392d98fa67959e9727b78cad03269f56968fc56b68bd679926d83cc9cb215550645ccda31c760ff35888943d2d8a1d351e81e5d07b86182e751081ef + +PublicKey=RSA-PSS-7 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgTfJ2kpmyMQIuNon0MnXn4zLHq/B +0v5IdG2UC3xO9d7hitEmR876oMSzGIsiHFFThnWbk/AgJLJauSQvg1fY8/1JZA7l +5kPq9sZN7vpwiXJ8j/A5kzM5FcbvIb9ZdbblDRGLUQCOwz6fAaClRaEKg2pD3byp +2LXF01SAItcGTqKaswIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-7 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=8be4afbdd76bd8d142c5f4f46dba771ee5d6d29d +Output=187f390723c8902591f0154bae6d4ecbffe067f0e8b795476ea4f4d51ccc810520bb3ca9bca7d0b1f2ea8a17d873fa27570acd642e3808561cb9e975ccfd80b23dc5771cdb3306a5f23159dacbd3aa2db93d46d766e09ed15d900ad897a8d274dc26b47e994a27e97e2268a766533ae4b5e42a2fcaf755c1c4794b294c60555823 + +Verify=RSA-PSS-7 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=402140dc605b2f5c5ec0d15bce9f9ba8857fe117 +Output=10fd89768a60a67788abb5856a787c8561f3edcf9a83e898f7dc87ab8cce79429b43e56906941a886194f137e591fe7c339555361fbbe1f24feb2d4bcdb80601f3096bc9132deea60ae13082f44f9ad41cd628936a4d51176e42fc59cb76db815ce5ab4db99a104aafea68f5d330329ebf258d4ede16064bd1d00393d5e1570eb8 + +Verify=RSA-PSS-7 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=3e885205892ff2b6b37c2c4eb486c4bf2f9e7f20 +Output=2b31fde99859b977aa09586d8e274662b25a2a640640b457f594051cb1e7f7a911865455242926cf88fe80dfa3a75ba9689844a11e634a82b075afbd69c12a0df9d25f84ad4945df3dc8fe90c3cefdf26e95f0534304b5bdba20d3e5640a2ebfb898aac35ae40f26fce5563c2f9f24f3042af76f3c7072d687bbfb959a88460af1 + +Verify=RSA-PSS-7 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=1fc2201d0c442a4736cd8b2cd00c959c47a3bf42 +Output=32c7ca38ff26949a15000c4ba04b2b13b35a3810e568184d7ecabaa166b7ffabddf2b6cf4ba07124923790f2e5b1a5be040aea36fe132ec130e1f10567982d17ac3e89b8d26c3094034e762d2e031264f01170beecb3d1439e05846f25458367a7d9c02060444672671e64e877864559ca19b2074d588a281b5804d23772fbbe19 + +Verify=RSA-PSS-7 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=e4351b66819e5a31501f89acc7faf57030e9aac5 +Output=07eb651d75f1b52bc263b2e198336e99fbebc4f332049a922a10815607ee2d989db3a4495b7dccd38f58a211fb7e193171a3d891132437ebca44f318b280509e52b5fa98fcce8205d9697c8ee4b7ff59d4c59c79038a1970bd2a0d451ecdc5ef11d9979c9d35f8c70a6163717607890d586a7c6dc01c79f86a8f28e85235f8c2f1 + +Verify=RSA-PSS-7 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=49f6cc58365e514e1a3f301f4de16f9fb5347ff2 +Output=18da3cdcfe79bfb77fd9c32f377ad399146f0a8e810620233271a6e3ed3248903f5cdc92dc79b55d3e11615aa056a795853792a3998c349ca5c457e8ca7d29d796aa24f83491709befcfb1510ea513c92829a3f00b104f655634f320752e130ec0ccf6754ff893db302932bb025eb60e87822598fc619e0e981737a9a4c4152d33 + +PublicKey=RSA-PSS-8 +-----BEGIN PUBLIC KEY----- +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgUlTcKH7GFQ8FtNjHjFjJV32K+bu +6JDV8lUJ5Pd4qOpvu7zfhd/2Tg2XIAOrNoH7um3UH9VBgpsuWC3p8qSk4KLQkAvv +R1PbPO4O4Gx9+uix1TtZUyGPnM7qaVsIZo7eqtztlGOx15DV6/J+kRW0bK1NmiuO ++rBWGwgQNEc5raBzPwIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-8 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=a1dd230d8ead860199b6277c2ecfe3d95f6d9160 +Output=0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5 + +Verify=RSA-PSS-8 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=f6e68e53c602c5c65fa67b5aa6d786e5524b12ab +Output=2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e + +Verify=RSA-PSS-8 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=d6f9fcd3ae27f32bb2c7c93536782eba52af1f76 +Output=2ad20509d78cf26d1b6c406146086e4b0c91a91c2bd164c87b966b8faa42aa0ca446022323ba4b1a1b89706d7f4c3be57d7b69702d168ab5955ee290356b8c4a29ed467d547ec23cbadf286ccb5863c6679da467fc9324a151c7ec55aac6db4084f82726825cfe1aa421bc64049fb42f23148f9c25b2dc300437c38d428aa75f96 + +Verify=RSA-PSS-8 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=7ff2a53ce2e2d900d468e498f230a5f5dd0020de +Output=1e24e6e58628e5175044a9eb6d837d48af1260b0520e87327de7897ee4d5b9f0df0be3e09ed4dea8c1454ff3423bb08e1793245a9df8bf6ab3968c8eddc3b5328571c77f091cc578576912dfebd164b9de5454fe0be1c1f6385b328360ce67ec7a05f6e30eb45c17c48ac70041d2cab67f0a2ae7aafdcc8d245ea3442a6300ccc7 + +Verify=RSA-PSS-8 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=4eb309f7022ba0b03bb78601b12931ec7c1be8d3 +Output=33341ba3576a130a50e2a5cf8679224388d5693f5accc235ac95add68e5eb1eec31666d0ca7a1cda6f70a1aa762c05752a51950cdb8af3c5379f18cfe6b5bc55a4648226a15e912ef19ad77adeea911d67cfefd69ba43fa4119135ff642117ba985a7e0100325e9519f1ca6a9216bda055b5785015291125e90dcd07a2ca9673ee + +Verify=RSA-PSS-8 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=65033bc2f67d6aba7d526acb873b8d9241e5e4d9 +Output=1ed1d848fb1edb44129bd9b354795af97a069a7a00d0151048593e0c72c3517ff9ff2a41d0cb5a0ac860d736a199704f7cb6a53986a88bbd8abcc0076a2ce847880031525d449da2ac78356374c536e343faa7cba42a5aaa6506087791c06a8e989335aed19bfab2d5e67e27fb0c2875af896c21b6e8e7309d04e4f6727e69463e + +PublicKey=RSA-PSS-9 +-----BEGIN PUBLIC KEY----- +MIHfMA0GCSqGSIb3DQEBAQUAA4HNADCByQKBwQDmvWkqyWZFeQQD/dD1vri5v5Lt +EAB/w2UEZBndBsBcW1svSOz5ieTOJpEJl5y7QLSgrSTSJIPR7jFa1MyxU0JoNSaR +xST23Y5sKdIkzyRpc67IbFv2sUAahQ0bmtG7jLzsR7BvD4x/RdP8jzGSmcVDPdvC +swU7R97S7NSkyu/WFIM9yLtiLzF+0Ha4BX/o3j+ESArV6D5KYZBKTySPs5cCc1fh +0w5GMTmBXG/U/VrFuBcqRSMOy2MYoE8UVdhOWosCAwEAAQ== +-----END PUBLIC KEY----- + +Verify=RSA-PSS-9 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=2715a49b8b0012cd7aee84c116446e6dfe3faec0 +Output=586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e + +Verify=RSA-PSS-9 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=2dac956d53964748ac364d06595827c6b4f143cd +Output=80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958 + +Verify=RSA-PSS-9 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=28d98c46cccafbd3bc04e72f967a54bd3ea12298 +Output=484408f3898cd5f53483f80819efbf2708c34d27a8b2a6fae8b322f9240237f981817aca1846f1084daa6d7c0795f6e5bf1af59c38e1858437ce1f7ec419b98c8736adf6dd9a00b1806d2bd3ad0a73775e05f52dfef3a59ab4b08143f0df05cd1ad9d04bececa6daa4a2129803e200cbc77787caf4c1d0663a6c5987b605952019782caf2ec1426d68fb94ed1d4be816a7ed081b77e6ab330b3ffc073820fecde3727fcbe295ee61a050a343658637c3fd659cfb63736de32d9f90d3c2f63eca + +Verify=RSA-PSS-9 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=0866d2ff5a79f25ef668cd6f31b42dee421e4c0e +Output=84ebeb481be59845b46468bafb471c0112e02b235d84b5d911cbd1926ee5074ae0424495cb20e82308b8ebb65f419a03fb40e72b78981d88aad143053685172c97b29c8b7bf0ae73b5b2263c403da0ed2f80ff7450af7828eb8b86f0028bd2a8b176a4d228cccea18394f238b09ff758cc00bc04301152355742f282b54e663a919e709d8da24ade5500a7b9aa50226e0ca52923e6c2d860ec50ff480fa57477e82b0565f4379f79c772d5c2da80af9fbf325ece6fc20b00961614bee89a183e + +Verify=RSA-PSS-9 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=6a5b4be4cd36cc97dfde9995efbf8f097a4a991a +Output=82102df8cb91e7179919a04d26d335d64fbc2f872c44833943241de8454810274cdf3db5f42d423db152af7135f701420e39b494a67cbfd19f9119da233a23da5c6439b5ba0d2bc373eee3507001378d4a4073856b7fe2aba0b5ee93b27f4afec7d4d120921c83f606765b02c19e4d6a1a3b95fa4c422951be4f52131077ef17179729cddfbdb56950dbaceefe78cb16640a099ea56d24389eef10f8fecb31ba3ea3b227c0a86698bb89e3e9363905bf22777b2a3aa521b65b4cef76d83bde4c + +Verify=RSA-PSS-9 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=b9dfd1df76a461c51e6576c6c8ed0a923d1c50e7 +Output=a7fdb0d259165ca2c88d00bbf1028a867d337699d061193b17a9648e14ccbbaadeacaacdec815e7571294ebb8a117af205fa078b47b0712c199e3ad05135c504c24b81705115740802487992ffd511d4afc6b854491eb3f0dd523139542ff15c3101ee85543517c6a3c79417c67e2dd9aa741e9a29b06dcb593c2336b3670ae3afbac7c3e76e215473e866e338ca244de00b62624d6b9426822ceae9f8cc460895f41250073fd45c5a1e7b425c204a423a699159f6903e710b37a7bb2bc8049f + +PublicKey=RSA-PSS-10 +-----BEGIN PUBLIC KEY----- +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd2GesTLAvkLlFfUjBSn +cO+ZHFbDnA7GX9Ea+ok3zqV7m+esc7RcABdhW4LWIuMYdTtgJ8D9FXvhL4CQ/uKn +rc0O73WfiLpJl8ekLVjJqhLLma4AH+UhwTu1QxRFqNWuT15MfpSKwifTYEBx8g5X +fpBfvrFd+vBtHeWuYlPWOmohILMaXaXavJVQYA4g8n03OeJieSX+o8xQnyHf8E5u +6kVJxUDWgJ/5MH7t6R//WHM9g4WiN9bTcFoz45GQCZIHDfet8TV89+NwDONmfeg/ +F7jfF3jbOB3OCctK0FilEQAac4GY7ifPVaE7dUU5kGWC7IsXS9WNXR89dnxhNyGu +BQIDAQAB +-----END PUBLIC KEY----- + +Verify=RSA-PSS-10 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=9596bb630cf6a8d4ea4600422b9eba8b13675dd4 +Output=82c2b160093b8aa3c0f7522b19f87354066c77847abf2a9fce542d0e84e920c5afb49ffdfdace16560ee94a1369601148ebad7a0e151cf16331791a5727d05f21e74e7eb811440206935d744765a15e79f015cb66c532c87a6a05961c8bfad741a9a6657022894393e7223739796c02a77455d0f555b0ec01ddf259b6207fd0fd57614cef1a5573baaff4ec00069951659b85f24300a25160ca8522dc6e6727e57d019d7e63629b8fe5e89e25cc15beb3a647577559299280b9b28f79b0409000be25bbd96408ba3b43cc486184dd1c8e62553fa1af4040f60663de7f5e49c04388e257f1ce89c95dab48a315d9b66b1b7628233876ff2385230d070d07e1666 + +Verify=RSA-PSS-10 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=b503319399277fd6c1c8f1033cbf04199ea21716 +Output=14ae35d9dd06ba92f7f3b897978aed7cd4bf5ff0b585a40bd46ce1b42cd2703053bb9044d64e813d8f96db2dd7007d10118f6f8f8496097ad75e1ff692341b2892ad55a633a1c55e7f0a0ad59a0e203a5b8278aec54dd8622e2831d87174f8caff43ee6c46445345d84a59659bfb92ecd4c818668695f34706f66828a89959637f2bf3e3251c24bdba4d4b7649da0022218b119c84e79a6527ec5b8a5f861c159952e23ec05e1e717346faefe8b1686825bd2b262fb2531066c0de09acde2e4231690728b5d85e115a2f6b92b79c25abc9bd9399ff8bcf825a52ea1f56ea76dd26f43baafa18bfa92a504cbd35699e26d1dcc5a2887385f3c63232f06f3244c3 + +Verify=RSA-PSS-10 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=50aaede8536b2c307208b275a67ae2df196c7628 +Output=6e3e4d7b6b15d2fb46013b8900aa5bbb3939cf2c095717987042026ee62c74c54cffd5d7d57efbbf950a0f5c574fa09d3fc1c9f513b05b4ff50dd8df7edfa20102854c35e592180119a70ce5b085182aa02d9ea2aa90d1df03f2daae885ba2f5d05afdac97476f06b93b5bc94a1a80aa9116c4d615f333b098892b25fface266f5db5a5a3bcc10a824ed55aad35b727834fb8c07da28fcf416a5d9b2224f1f8b442b36f91e456fdea2d7cfe3367268de0307a4c74e924159ed33393d5e0655531c77327b89821bdedf880161c78cd4196b5419f7acc3f13e5ebf161b6e7c6724716ca33b85c2e25640192ac2859651d50bde7eb976e51cec828b98b6563b86bb + +Verify=RSA-PSS-10 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=aa0b72b8b371ddd10c8ae474425ccccf8842a294 +Output=34047ff96c4dc0dc90b2d4ff59a1a361a4754b255d2ee0af7d8bf87c9bc9e7ddeede33934c63ca1c0e3d262cb145ef932a1f2c0a997aa6a34f8eaee7477d82ccf09095a6b8acad38d4eec9fb7eab7ad02da1d11d8e54c1825e55bf58c2a23234b902be124f9e9038a8f68fa45dab72f66e0945bf1d8bacc9044c6f07098c9fcec58a3aab100c805178155f030a124c450e5acbda47d0e4f10b80a23f803e774d023b0015c20b9f9bbe7c91296338d5ecb471cafb032007b67a60be5f69504a9f01abb3cb467b260e2bce860be8d95bf92c0c8e1496ed1e528593a4abb6df462dde8a0968dffe4683116857a232f5ebf6c85be238745ad0f38f767a5fdbf486fb + +Verify=RSA-PSS-10 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=fad3902c9750622a2bc672622c48270cc57d3ea8 +Output=7e0935ea18f4d6c1d17ce82eb2b3836c55b384589ce19dfe743363ac9948d1f346b7bfddfe92efd78adb21faefc89ade42b10f374003fe122e67429a1cb8cbd1f8d9014564c44d120116f4990f1a6e38774c194bd1b8213286b077b0499d2e7b3f434ab12289c556684deed78131934bb3dd6537236f7c6f3dcb09d476be07721e37e1ceed9b2f7b406887bd53157305e1c8b4f84d733bc1e186fe06cc59b6edb8f4bd7ffefdf4f7ba9cfb9d570689b5a1a4109a746a690893db3799255a0cb9215d2d1cd490590e952e8c8786aa0011265252470c041dfbc3eec7c3cbf71c24869d115c0cb4a956f56d530b80ab589acfefc690751ddf36e8d383f83cedd2cc + +Verify=RSA-PSS-10 +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_mgf1_md:sha1 +Input=122196deb5d122bd8c6fc781ff6924d7c695aade +Output=6d3b5b87f67ea657af21f75441977d2180f91b2c5f692de82955696a686730d9b9778d970758ccb26071c2209ffbd6125be2e96ea81b67cb9b9308239fda17f7b2b64ecda096b6b935640a5a1cb42a9155b1c9ef7a633a02c59f0d6ee59b852c43b35029e73c940ff0410e8f114eed46bbd0fae165e42be2528a401c3b28fd818ef3232dca9f4d2a0f5166ec59c42396d6c11dbc1215a56fa17169db9575343ef34f9de32a49cdc3174922f229c23e18e45df9353119ec4319cedce7a17c64088c1f6f52be29634100b3919d38f3d1ed94e6891e66a73b8fb849f5874df59459e298c7bbce2eee782a195aa66fe2d0732b25e595f57d3e061b1fc3e4063bf98f + +PrivateKey=RSA-OAEP-1 +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKizsoSvjrULOHA0 +qGDxRsSRnzGHY81sVZjIrkgRoeCrxMfgsILWk6Xn/O1nXPRmhRJ3LAy8ZKdCxsYw +9TPIzHL2KugzxAvyWELphLt4vb+XwBB9Vb22YvXE4Pq5hFy1FI73OS3Tqv+Trh5r +Znuz1CR2FtT1uhDUz9Im3ojTnxb7AgMBAAECgYBTM5z9t5/IRmplXHMWrKhcVf2P +bdiY/a8RlRfvT1Lo/Y4ljfk/7hgPoOSrKWk82DsVKlU9SsTRgSuLn6WvDn9V/nME +30FXCSbzMR8VxNZacyxIMRbuPT0tCvNUmtm/fL+3itiE+E1b6wRyTcc2mzHe830M +9Tnpz83T3mU3KerV0QJBANMnN+cmf/4TQbLVwNFQqBtYb7MTK+0vjVJihkqcufMK +84vkSFmNQToXLvuALCGs8cEcUgwvJqRx3K0hLqx8o50CQQDMiFPR1U2mMPrABPRx +8oHHuJgtgiSkkO2+sz0+PVzJPEdlcD0d15FkLx8Rag3YUr4kGbKvcr/poDDoYLAo +i113AkAOEr8XGOnO9VmbocOIL+gEapCHTu/OjyzMIOTydB+wozo4SK7JyTBfvsvS +12gZln1GcazGQx5AN5aNs3h45pXBAkEAlSl7D5Wi+mfQBwfWCd/U/AXIna/C721u +pVvsdx6jM3NNklHnkILs2oZu/vE8RZ4aYxOGt+NUyJn18RLKhdcVgwJAT0VsUCST +vcDtKrdWo6btTWc1Kml9QhbpMhKxJ6Y9VBHOb6mNXb79cyY+NygUJ0OBgWbtfdY2 +h90qjKHS9PvY4Q== +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-1 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=354fe67b4a126d5d35fe36c777791a3f7ba13def484e2d3908aff722fad468fb21696de95d0be911c2d3174f8afcc201035f7b6d8e69402de5451618c21a535fa9d7bfc5b8dd9fc243f8cf927db31322d6e881eaa91a996170e657a05a266426d98c88003f8477c1227094a0d9fa1e8c4024309ce1ecccb5210035d47ac72e8a +Output=6628194e12073db03ba94cda9ef9532397d50dba79b987004afefe34 + +Decrypt=RSA-OAEP-1 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=640db1acc58e0568fe5407e5f9b701dff8c3c91e716c536fc7fcec6cb5b71c1165988d4a279e1577d730fc7a29932e3f00c81515236d8d8e31017a7a09df4352d904cdeb79aa583adcc31ea698a4c05283daba9089be5491f67c1a4ee48dc74bbbe6643aef846679b4cb395a352d5ed115912df696ffe0702932946d71492b44 +Output=750c4047f547e8e41411856523298ac9bae245efaf1397fbe56f9dd5 + +Decrypt=RSA-OAEP-1 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=423736ed035f6026af276c35c0b3741b365e5f76ca091b4e8c29e2f0befee603595aa8322d602d2e625e95eb81b2f1c9724e822eca76db8618cf09c5343503a4360835b5903bc637e3879fb05e0ef32685d5aec5067cd7cc96fe4b2670b6eac3066b1fcf5686b68589aafb7d629b02d8f8625ca3833624d4800fb081b1cf94eb +Output=d94ae0832e6445ce42331cb06d531a82b1db4baad30f746dc916df24d4e3c2451fff59a6423eb0e1d02d4fe646cf699dfd818c6e97b051 + +Decrypt=RSA-OAEP-1 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=45ead4ca551e662c9800f1aca8283b0525e6abae30be4b4aba762fa40fd3d38e22abefc69794f6ebbbc05ddbb11216247d2f412fd0fba87c6e3acd888813646fd0e48e785204f9c3f73d6d8239562722dddd8771fec48b83a31ee6f592c4cfd4bc88174f3b13a112aae3b9f7b80e0fc6f7255ba880dc7d8021e22ad6a85f0755 +Output=52e650d98e7f2a048b4f86852153b97e01dd316f346a19f67a85 + +Decrypt=RSA-OAEP-1 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=36f6e34d94a8d34daacba33a2139d00ad85a9345a86051e73071620056b920e219005855a213a0f23897cdcd731b45257c777fe908202befdd0b58386b1244ea0cf539a05d5d10329da44e13030fd760dcd644cfef2094d1910d3f433e1c7c6dd18bc1f2df7f643d662fb9dd37ead9059190f4fa66ca39e869c4eb449cbdc439 +Output=8da89fd9e5f974a29feffb462b49180f6cf9e802 + +Decrypt=RSA-OAEP-1 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=42cee2617b1ecea4db3f4829386fbd61dafbf038e180d837c96366df24c097b4ab0fac6bdf590d821c9f10642e681ad05b8d78b378c0f46ce2fad63f74e0ad3df06b075d7eb5f5636f8d403b9059ca761b5c62bb52aa45002ea70baace08ded243b9d8cbd62a68ade265832b56564e43a6fa42ed199a099769742df1539e8255 +Output=26521050844271 + +PrivateKey=RSA-OAEP-2 +-----BEGIN PRIVATE KEY----- +MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAZR8f86QQl9HJ55w +hR8l1eYjFv6KHfGTcePmKOJgVD5JAe9ggfaMC4FBGQ0q6Nq6fRJQ7G22NulE7Dci +h3x8HQpn8UsWlMXwN5RRpD5Joy3eg2cLc9qRocmbwjtDamAFXGEPC6+ZwaB5VluV +o/FSZjLR1Npg8g7aJeZTxPACdm9FAgMBAAECgYAII/IPrbXaiQiKnQCJPiH6ShsR ++8k8ZKO+C6rql/s7k8P/cTcEwZyWPB0Qeq6ZBUc5954C4Ybehvh6bd7+ptjM0dPI +Gke/pyVb4gYBpKSy8IoWe14nnXFbG0Vb3X6rJFlB2XaLms77PM2llS2jzuclJbRQ +FmOo7hXJ6ZLZJGL+OQJBAVnb3gSjPvBvtgi4CxkPTT4ivME6yOSggQM6v6QW7bCz +OKoItXMJ6lpSQOfcblQ3jGlBTDHZfdsfQG2zdpzEGkMCQQErZS8wQDs4tAmV/W/0 +GhrMitpwNzI2tyAtObLuMM+0bbCVEfbzB8xhzCFgbBinW4pi+CLfAxug3w2v1VBv +VovXAkBDbvUI3nNlGcLaTFgNmMgst0UqP7XvrcO5x3iaG8ZYT3la3bvTJDnHRoZV +LstsLDB6TTr39TnuwVckjHsx8aJVAkEBKxWonz37KzkHPnPwK90MGns3ndQ18Fzd +4u/55GKUi3zsYu6QUNXggW4HhahWtJEI3LdfNoOHTRymMpoZATBm/wJAAnDbF9WR +SwGNdhGLJDiac1Dsg2sAY6IXISNv2O222JtR5+64e2EbcTLLfqc1bCMVHB53UVB8 +eG2e4XlBcKjI6A== +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-2 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0181af8922b9fcb4d79d92ebe19815992fc0c1439d8bcd491398a0f4ad3a329a5bd9385560db532683c8b7da04e4b12aed6aacdf471c34c9cda891addcc2df3456653aa6382e9ae59b54455257eb099d562bbe10453f2b6d13c59c02e10f1f8abb5da0d0570932dacf2d0901db729d0fefcc054e70968ea540c81b04bcaefe720e +Output=8ff00caa605c702830634d9a6c3d42c652b58cf1d92fec570beee7 + +Decrypt=RSA-OAEP-2 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=018759ff1df63b2792410562314416a8aeaf2ac634b46f940ab82d64dbf165eee33011da749d4bab6e2fcd18129c9e49277d8453112b429a222a8471b070993998e758861c4d3f6d749d91c4290d332c7a4ab3f7ea35ff3a07d497c955ff0ffc95006b62c6d296810d9bfab024196c7934012c2df978ef299aba239940cba10245 +Output=2d + +Decrypt=RSA-OAEP-2 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=018802bab04c60325e81c4962311f2be7c2adce93041a00719c88f957575f2c79f1b7bc8ced115c706b311c08a2d986ca3b6a9336b147c29c6f229409ddec651bd1fdd5a0b7f610c9937fdb4a3a762364b8b3206b4ea485fd098d08f63d4aa8bb2697d027b750c32d7f74eaf5180d2e9b66b17cb2fa55523bc280da10d14be2053 +Output=74fc88c51bc90f77af9d5e9a4a70133d4b4e0b34da3c37c7ef8e + +Decrypt=RSA-OAEP-2 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=00a4578cbc176318a638fba7d01df15746af44d4f6cd96d7e7c495cbf425b09c649d32bf886da48fbaf989a2117187cafb1fb580317690e3ccd446920b7af82b31db5804d87d01514acbfa9156e782f867f6bed9449e0e9a2c09bcecc6aa087636965e34b3ec766f2fe2e43018a2fddeb140616a0e9d82e5331024ee0652fc7641 +Output=a7eb2a5036931d27d4e891326d99692ffadda9bf7efd3e34e622c4adc085f721dfe885072c78a203b151739be540fa8c153a10f00a + +Decrypt=RSA-OAEP-2 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=00ebc5f5fda77cfdad3c83641a9025e77d72d8a6fb33a810f5950f8d74c73e8d931e8634d86ab1246256ae07b6005b71b7f2fb98351218331ce69b8ffbdc9da08bbc9c704f876deb9df9fc2ec065cad87f9090b07acc17aa7f997b27aca48806e897f771d95141fe4526d8a5301b678627efab707fd40fbebd6e792a25613e7aec +Output=2ef2b066f854c33f3bdcbb5994a435e73d6c6c + +Decrypt=RSA-OAEP-2 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=010839ec20c27b9052e55befb9b77e6fc26e9075d7a54378c646abdf51e445bd5715de81789f56f1803d9170764a9e93cb78798694023ee7393ce04bc5d8f8c5a52c171d43837e3aca62f609eb0aa5ffb0960ef04198dd754f57f7fbe6abf765cf118b4ca443b23b5aab266f952326ac4581100644325f8b721acd5d04ff14ef3a +Output=8a7fb344c8b6cb2cf2ef1f643f9a3218f6e19bba89c0 + +PrivateKey=RSA-OAEP-3 +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBArWP7AOahgcApNe2 +Ri+T5s3UkRYd3XT06BC0DjwWUgBqXCd7J3TBEwWky6taeO+lfheobfej+jb8Sx0i +SfIux8LdakYyMqzOqQbWbr6AtXBLEHKdpvgzI0q7Xv3UopLL+tM7TTP6ehS4w5e1 +bjrNISA0KLd836M6bacGs9iw/EPpAgMBAAECgYAVtIpbVoOpRnDiO1cY+BT6DhP4 +UDj1BxEYLLphUQWB89IsfiMu+TfiLlUdaLhuL4yxqti+LkiPXffv0nnj9WjU6vNv +gM9xQazmD8yRE/tsSoQf1Qu8fFEv/L7/IUh6qBHrPKjGIAU0aobehr+h2KlI/T80 +jCLqrfMzw85s4TII/QJBAb8B0hbXNZXPAnDCvreNQKDYRH0x2pGamD9+6ngbd9hf +43Gz6Tc+e2khfTFQoC2JWN5/rZ1VUWCVi0RUEn4Ofq8CQQGNM5llgWbbOCmBbXsp +VBZ1npyRmH9bLYrs1jsEtIvXsvzyKbt/im3Ii6E90uOa1VttGgYWBwj5cAvoC4/T +dEznAkAGwKJJ0gpvLudciLSU1T9qrpmqQnyIwosWOnaUReXzkM9AwnT9bqYymlzn +x84DohWDlu4qeEV4bgniiFqXKOTlAkEA0dJ8Kf7dkthsNI7dDMv6wU90bgUc4dGB +HfNdYfLuHJfUvygEgC9kJxh7qOkKivRCQ7QHmwNEXmAuKfpRk+ZP6QJBAIyy91a9 +iUGx07dw5a0x7jc7KKzaaf+bb0D+V4ufGvuFg2+WJ9N6z/c8J3nmNLsmARwsj38z +Ya4qnqZe1onjY5o= +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-3 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=026a0485d96aebd96b4382085099b962e6a2bdec3d90c8db625e14372de85e2d5b7baab65c8faf91bb5504fb495afce5c988b3f6a52e20e1d6cbd3566c5cd1f2b8318bb542cc0ea25c4aab9932afa20760eaddec784396a07ea0ef24d4e6f4d37e5052a7a31e146aa480a111bbe926401307e00f410033842b6d82fe5ce4dfae80 +Output=087820b569e8fa8d + +Decrypt=RSA-OAEP-3 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=024db89c7802989be0783847863084941bf209d761987e38f97cb5f6f1bc88da72a50b73ebaf11c879c4f95df37b850b8f65d7622e25b1b889e80fe80baca2069d6e0e1d829953fc459069de98ea9798b451e557e99abf8fe3d9ccf9096ebbf3e5255d3b4e1c6d2ecadf067a359eea86405acd47d5e165517ccafd47d6dbee4bf5 +Output=4653acaf171960b01f52a7be63a3ab21dc368ec43b50d82ec3781e04 + +Decrypt=RSA-OAEP-3 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0239bce681032441528877d6d1c8bb28aa3bc97f1df584563618995797683844ca86664732f4bed7a0aab083aaabfb7238f582e30958c2024e44e57043b97950fd543da977c90cdde5337d618442f99e60d7783ab59ce6dd9d69c47ad1e962bec22d05895cff8d3f64ed5261d92b2678510393484990ba3f7f06818ae6ffce8a3a +Output=d94cd0e08fa404ed89 + +Decrypt=RSA-OAEP-3 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=02994c62afd76f498ba1fd2cf642857fca81f4373cb08f1cbaee6f025c3b512b42c3e8779113476648039dbe0493f9246292fac28950600e7c0f32edf9c81b9dec45c3bde0cc8d8847590169907b7dc5991ceb29bb0714d613d96df0f12ec5d8d3507c8ee7ae78dd83f216fa61de100363aca48a7e914ae9f42ddfbe943b09d9a0 +Output=6cc641b6b61e6f963974dad23a9013284ef1 + +Decrypt=RSA-OAEP-3 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0162042ff6969592a6167031811a239834ce638abf54fec8b99478122afe2ee67f8c5b18b0339805bfdbc5a4e6720b37c59cfba942464c597ff532a119821545fd2e59b114e61daf71820529f5029cf524954327c34ec5e6f5ba7efcc4de943ab8ad4ed787b1454329f70db798a3a8f4d92f8274e2b2948ade627ce8ee33e43c60 +Output=df5151832b61f4f25891fb4172f328d2eddf8371ffcfdbe997939295f30eca6918017cfda1153bf7a6af87593223 + +Decrypt=RSA-OAEP-3 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=00112051e75d064943bc4478075e43482fd59cee0679de6893eec3a943daa490b9691c93dfc0464b6623b9f3dbd3e70083264f034b374f74164e1a00763725e574744ba0b9db83434f31df96f6e2a26f6d8eba348bd4686c2238ac07c37aac3785d1c7eea2f819fd91491798ed8e9cef5e43b781b0e0276e37c43ff9492d005730 +Output=3c3bad893c544a6d520ab022319188c8d504b7a788b850903b85972eaa18552e1134a7ad6098826254ff7ab672b3d8eb3158fac6d4cbaef1 + +PrivateKey=RSA-OAEP-4 +-----BEGIN PRIVATE KEY----- +MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBBRJAtswABPpI0BNG +ccB4x8jew7Pi8lvCVkRnM52ziFPQa4XupbLeNTv/QqwuRryX+uaslhjalTelyPVT +weNXYlmR1hCNzXiF+zolQT9T78rZSMs1zZua6cHGdibRE9V93kxb6na7W7felsAN +BzculoWm11z50jn6FI1wkxtfP7A5AgMBAAECgYAEEf/KO3yl6em+f+OKhRBeNTiW +2wXFeWrs0qclFh6zZRyGKam4YrkE17DHs3+MtaHCtUABAYoAoessr+TuTpSSw0i8 +K+2rS5678GTo7/MiuQCfjuxlOQX0DfiKPNxJ1FZ/dWJ9QaymJBKbRqC3xpjl5l8r +e6ECx0mhATW2VA0EAQJBAnRYwZ7BY2kZ5zbJryXWCaUbj1YdGca/aUPdHuGriko/ +IyEAvUC4jezGuiNVSLbveSoRyd6CPQp5IscJW266VwECQQIQ7pszq2FxbifSUb1G +X0s1oaIy4toAkBwpS/IjUM5JDQmfZCtTdWEttjuh8gOGSSvwTTSzwivOuQnRNEG1 +O1E5AkA5+gKLgm6IwRIbdQqLJC+po1xbZr39H6Y308xIqEpPRXoZTncn5J97zG5a +WkEmV/xHDHMi68N0Fu9FjDB6jAkBAkEBXZmoQZWUOXn6nhviw8G2n0MvRv0D5H1b +77u/1rHRNx2D77Mwo+AglCsv7RFeXQK+JP2SyQGdHOzW3Uzx5UzImQJBAfC3AVFw +s/XkIiO6MDAcQabYfLtw4wy308Z9JUc9sfbL8D4/kSbj6XloJ5qGWywrQmUkz8Uq +aD0x7TDrmEvkEro= +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-4 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=04cce19614845e094152a3fe18e54e3330c44e5efbc64ae16886cb1869014cc5781b1f8f9e045384d0112a135ca0d12e9c88a8e4063416deaae3844f60d6e96fe155145f4525b9a34431ca3766180f70e15a5e5d8e8b1a516ff870609f13f896935ced188279a58ed13d07114277d75c6568607e0ab092fd803a223e4a8ee0b1a8 +Output=4a86609534ee434a6cbca3f7e962e76d455e3264c19f605f6e5ff6137c65c56d7fb344cd52bc93374f3d166c9f0c6f9c506bad19330972d2 + +Decrypt=RSA-OAEP-4 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0097b698c6165645b303486fbf5a2a4479c0ee85889b541a6f0b858d6b6597b13b854eb4f839af03399a80d79bda6578c841f90d645715b280d37143992dd186c80b949b775cae97370e4ec97443136c6da484e970ffdb1323a20847821d3b18381de13bb49aaea66530c4a4b8271f3eae172cd366e07e6636f1019d2a28aed15e +Output=b0adc4f3fe11da59ce992773d9059943c03046497ee9d9f9a06df1166db46d98f58d27ec074c02eee6cbe2449c8b9fc5080c5c3f4433092512ec46aa793743c8 + +Decrypt=RSA-OAEP-4 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0301f935e9c47abcb48acbbe09895d9f5971af14839da4ff95417ee453d1fd77319072bb7297e1b55d7561cd9d1bb24c1a9a37c619864308242804879d86ebd001dce5183975e1506989b70e5a83434154d5cbfd6a24787e60eb0c658d2ac193302d1192c6e622d4a12ad4b53923bca246df31c6395e37702c6a78ae081fb9d065 +Output=bf6d42e701707b1d0206b0c8b45a1c72641ff12889219a82bdea965b5e79a96b0d0163ed9d578ec9ada20f2fbcf1ea3c4089d83419ba81b0c60f3606da99 + +Decrypt=RSA-OAEP-4 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=02d110ad30afb727beb691dd0cf17d0af1a1e7fa0cc040ec1a4ba26a42c59d0a796a2e22c8f357ccc98b6519aceb682e945e62cb734614a529407cd452bee3e44fece8423cc19e55548b8b994b849c7ecde4933e76037e1d0ce44275b08710c68e430130b929730ed77e09b015642c5593f04e4ffb9410798102a8e96ffdfe11e4 +Output=fb2ef112f5e766eb94019297934794f7be2f6fc1c58e + +Decrypt=RSA-OAEP-4 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=00dbb8a7439d90efd919a377c54fae8fe11ec58c3b858362e23ad1b8a44310799066b99347aa525691d2adc58d9b06e34f288c170390c5f0e11c0aa3645959f18ee79e8f2be8d7ac5c23d061f18dd74b8c5f2a58fcb5eb0c54f99f01a83247568292536583340948d7a8c97c4acd1e98d1e29dc320e97a260532a8aa7a758a1ec2 +Output=28ccd447bb9e85166dabb9e5b7d1adadc4b9d39f204e96d5e440ce9ad928bc1c2284 + +Decrypt=RSA-OAEP-4 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=00a5ffa4768c8bbecaee2db77e8f2eec99595933545520835e5ba7db9493d3e17cddefe6a5f567624471908db4e2d83a0fbee60608fc84049503b2234a07dc83b27b22847ad8920ff42f674ef79b76280b00233d2b51b8cb2703a9d42bfbc8250c96ec32c051e57f1b4ba528db89c37e4c54e27e6e64ac69635ae887d9541619a9 +Output=f22242751ec6b1 + +PrivateKey=RSA-OAEP-5 +-----BEGIN PRIVATE KEY----- +MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBCq3z+cEl5diR8xrE +SOmT3v5YD4ArRfnX8iulAh6cR1drWh5oAxup205tq+TZah1vPSZyaM/0CABfEY78 +rbmYiNHCNEZxZrKiuEmgWoicBgrA2gxfrotV8wm6YucDdC+gMm8tELARAhSJ/0l3 +cBkNiV/Tn1IpPDnv1zppi9q58Q7ZAgMBAAECgYECVutMunBn8tK+VA3N/0WCo2t9 +MdHJCZuyFLeYSEZqJo+A9YpJrATA42SJNKAgbARTfBmyNmQ6YIJzIUTfdfohdYj3 +lGgr6JFoJ23HJsXAy9uE0xu/JtCkOvSVcX99UorP7jQVYfb/PK4FxXj4Rw2WgvnA +0HL59gaLVtWID2gr4sUCQQOw05YvbRdUnL/KESlDSNzw5+OfjCvGgk8hZLYG1oeG +Da4eYyOTz+31EyKCKQaeL2DkrNfmM6Q2Bj+COF9ImTcHAkEC5MMuL1FyabcHIwnw +DA4xNl984osja4KRLfI5q/OVcs8O1gSwKYLlNWTFLWoFOX3lwFKi/dwUHvcYmDY0 +auszHwJBAehLEZ0lFh+mewAlalvZtkXSsjLssFsBUYACmohiKtw/CbOurN5hYat8 +3iLCrSbneX31TgcsvTsmc4ALPkM429UCQQDrkKoaQBNbTOoHGXztyIGb4efL/yVH +ZiEW9GWkqfSHqxLzuk/vE4IiZaZSl9mLe97ZNy4//oGjiz6WAP7QVXVPAkEBL3+B +OPlAQGLrhaQpJFILOPW7iGoBlvSLuNzqYP2SzAJ/GOeBWKNKXF1fhgoPbAQHGn0B +MSwGUGLx60i3nRyDyw== +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-5 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=036046a4a47d9ed3ba9a89139c105038eb7492b05a5d68bfd53accff4597f7a68651b47b4a4627d927e485eed7b4566420e8b409879e5d606eae251d22a5df799f7920bfc117b992572a53b1263146bcea03385cc5e853c9a101c8c3e1bda31a519807496c6cb5e5efb408823a352b8fa0661fb664efadd593deb99fff5ed000e5 +Output=af71a901e3a61d3132f0fc1fdb474f9ea6579257ffc24d164170145b3dbde8 + +Decrypt=RSA-OAEP-5 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=03d6eb654edce615bc59f455265ed4e5a18223cbb9be4e4069b473804d5de96f54dcaaa603d049c5d94aa1470dfcd2254066b7c7b61ff1f6f6770e3215c51399fd4e34ec5082bc48f089840ad04354ae66dc0f1bd18e461a33cc1258b443a2837a6df26759aa2302334986f87380c9cc9d53be9f99605d2c9a97da7b0915a4a7ad +Output=a3b844a08239a8ac41605af17a6cfda4d350136585903a417a79268760519a4b4ac3303ec73f0f87cfb32399 + +Decrypt=RSA-OAEP-5 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0770952181649f9f9f07ff626ff3a22c35c462443d905d456a9fd0bff43cac2ca7a9f554e9478b9acc3ac838b02040ffd3e1847de2e4253929f9dd9ee4044325a9b05cabb808b2ee840d34e15d105a3f1f7b27695a1a07a2d73fe08ecaaa3c9c9d4d5a89ff890d54727d7ae40c0ec1a8dd86165d8ee2c6368141016a48b55b6967 +Output=308b0ecbd2c76cb77fc6f70c5edd233fd2f20929d629f026953bb62a8f4a3a314bde195de85b5f816da2aab074d26cb6acddf323ae3b9c678ac3cf12fbdde7 + +Decrypt=RSA-OAEP-5 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0812b76768ebcb642d040258e5f4441a018521bd96687e6c5e899fcd6c17588ff59a82cc8ae03a4b45b31299af1788c329f7dcd285f8cf4ced82606b97612671a45bedca133442144d1617d114f802857f0f9d739751c57a3f9ee400912c61e2e6992be031a43dd48fa6ba14eef7c422b5edc4e7afa04fdd38f402d1c8bb719abf +Output=15c5b9ee1185 + +Decrypt=RSA-OAEP-5 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=07b60e14ec954bfd29e60d0047e789f51d57186c63589903306793ced3f68241c743529aba6a6374f92e19e0163efa33697e196f7661dfaaa47aac6bde5e51deb507c72c589a2ca1693d96b1460381249b2cdb9eac44769f2489c5d3d2f99f0ee3c7ee5bf64a5ac79c42bd433f149be8cb59548361640595513c97af7bc2509723 +Output=21026e6800c7fa728fcaaba0d196ae28d7a2ac4ffd8abce794f0985f60c8a6737277365d3fea11db8923a2029a + +Decrypt=RSA-OAEP-5 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=08c36d4dda33423b2ed6830d85f6411ba1dcf470a1fae0ebefee7c089f256cef74cb96ea69c38f60f39abee44129bcb4c92de7f797623b20074e3d9c2899701ed9071e1efa0bdd84d4c3e5130302d8f0240baba4b84a71cc032f2235a5ff0fae277c3e8f9112bef44c9ae20d175fc9a4058bfc930ba31b02e2e4f444483710f24a +Output=541e37b68b6c8872b84c02 + +PrivateKey=RSA-OAEP-6 +-----BEGIN PRIVATE KEY----- +MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBErF/ba0uzRn/RtwT +94YPCeDgz7Z3s4pSWSMFzq8CLBZtuQ0ErCnjP33RLZ+vZuCBa7Y+rSZ8x9RsF8N7 +4hS8oqItcjpk5EQHQ2tvyWVymu/CVU83bNXc6mgpN4CmK/OdAClIWhYLu55dwJct +IaUE9S5e4CiqQWMy9RCy6c/19yKvAgMBAAECgYECleyjVgYYNpVZzs0wOqnP2vwd +nwaVnfdf/vkpqolpYbzRkNxpl+2n9ZY+ck0HtNwR8wZeWul9loNREigLkIS7FPKi +Hr1OiJ1BucQTLsGVb8q4uy/tBXWISTZSLF/30zJhkEgk58re5OC7Ny0kV8944r0S +hiKP+D8QcxzmPJDP8/kCQQSmzotzWN+mm9z3QmFwBa+1OF9fOliiTvdKIqjAXLfM +OOvUzJ2anXiaYs0PYPDLlB00I8lpLvpP463/KQxHSaOLAkEEBMmoAzcf7bTFvjnz +wAsAnl4Ipjvh5AA1zaylARzHAc9+68uZ8P/hfP0KS/e+/S3VNqyUbbeX/bxKvo8p +NJuR7QJBA5Ycj3YKor1RVMeq/XciWzus0BOa57WUjqMxH8zYb7lcda+nZyhLmy3l +WVcvFdjQRMfrg6G+X63yzDd8DYR1KUsCQQIhl+BmdCGWqrwD+i/utOcLFct4fWF6 +zTG7dce8I0rXBvfEjSGC0fD/nCKNz0GWe2wLptLArREKG4V4MewkXiyxAkEEAcTA +xT1F29tenZbQ/s9Cdd8JdLxKBza0p0wyaQU++2hqziQG4iyeBY3bSuVAYnri/bCC +Yejn5Ly8mU2q+jBcRQ== +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-6 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0630eebcd2856c24f798806e41f9e67345eda9ceda386acc9facaea1eeed06ace583709718d9d169fadf414d5c76f92996833ef305b75b1e4b95f662a20faedc3bae0c4827a8bf8a88edbd57ec203a27a841f02e43a615bab1a8cac0701de34debdef62a088089b55ec36ea7522fd3ec8d06b6a073e6df833153bc0aefd93bd1a3 +Output=4046ca8baa3347ca27f49e0d81f9cc1d71be9ba517d4 + +Decrypt=RSA-OAEP-6 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0ebc37376173a4fd2f89cc55c2ca62b26b11d51c3c7ce49e8845f74e7607317c436bc8d23b9667dfeb9d087234b47bc6837175ae5c0559f6b81d7d22416d3e50f4ac533d8f0812f2db9e791fe9c775ac8b6ad0f535ad9ceb23a4a02014c58ab3f8d3161499a260f39348e714ae2a1d3443208fd8b722ccfdfb393e98011f99e63f +Output=5cc72c60231df03b3d40f9b57931bc31109f972527f28b19e7480c7288cb3c92b22512214e4be6c914792ddabdf57faa8aa7 + +Decrypt=RSA-OAEP-6 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0a98bf1093619394436cf68d8f38e2f158fde8ea54f3435f239b8d06b8321844202476aeed96009492480ce3a8d705498c4c8c68f01501dc81db608f60087350c8c3b0bd2e9ef6a81458b7c801b89f2e4fe99d4900ba6a4b5e5a96d865dc676c7755928794130d6280a8160a190f2df3ea7cf9aa0271d88e9e6905ecf1c5152d65 +Output=b20e651303092f4bccb43070c0f86d23049362ed96642fc5632c27db4a52e3d831f2ab068b23b149879c002f6bf3feee97591112562c + +Decrypt=RSA-OAEP-6 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=008e7a67cacfb5c4e24bec7dee149117f19598ce8c45808fef88c608ff9cd6e695263b9a3c0ad4b8ba4c95238e96a8422b8535629c8d5382374479ad13fa39974b242f9a759eeaf9c83ad5a8ca18940a0162ba755876df263f4bd50c6525c56090267c1f0e09ce0899a0cf359e88120abd9bf893445b3cae77d3607359ae9a52f8 +Output=684e3038c5c041f7 + +Decrypt=RSA-OAEP-6 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=00003474416c7b68bdf961c385737944d7f1f40cb395343c693cc0b4fe63b31fedf1eaeeac9ccc0678b31dc32e0977489514c4f09085f6298a9653f01aea4045ff582ee887be26ae575b73eef7f3774921e375a3d19adda0ca31aa1849887c1f42cac9677f7a2f4e923f6e5a868b38c084ef187594dc9f7f048fea2e02955384ab +Output=32488cb262d041d6e4dd35f987bf3ca696db1f06ac29a44693 + +Decrypt=RSA-OAEP-6 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0a026dda5fc8785f7bd9bf75327b63e85e2c0fdee5dadb65ebdcac9ae1de95c92c672ab433aa7a8e69ce6a6d8897fac4ac4a54de841ae5e5bbce7687879d79634cea7a30684065c714d52409b928256bbf53eabcd5231eb7259504537399bd29164b726d33a46da701360a4168a091ccab72d44a62fed246c0ffea5b1348ab5470 +Output=50ba14be8462720279c306ba + +PrivateKey=RSA-OAEP-7 +-----BEGIN PRIVATE KEY----- +MIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBMRF58Lz8m508oxXQ +DvMNe906LPrpkRv+3LlIs6R4LQcytqtEqkvwN0GmRNwBvsPmmwGgM+Z12KzXxJJc +axrsMRkFHf2Jdi0hXUVHX/y1n5CBSGI/NxdxVvauht16fF9D3B4fkIJUBYooSl8G +wAIXk6h/GsX+/33K7mnF5Ro3ieNzAgMBAAECgYEHDPz/L+uCduJ0MsRd/uSPSbeR +fWUw4fDKNGDzLgJ2F0SHxW4ipF0lANd3VJUhnX0WWpzzvZLDKvmpjY3JzCloAK3J +SgpU+0DzQpG/hO6OoStvEJNZxtNUKlD5x2f1z/8FpoHC5lb7d8qq20vpRo2KvNTf +mPWOhtIFP6E0n3SOIbECQQdJJiwRHNRw7CVm5rNzL8CTKUaaoZBx07nAGQZRTG8d +JrqhS+qwlxyLfmEaT3kAnW/qd2koyiUoWw3jZD0aP4xxAkEGvB5Q6WwCv2NunuqL +iZu+v3ZR3nfdR0w+m8I7rYGCthkEx9l9++v7HgAQiHi25n5BU5HWeULCsr+bRDX4 +iwywIwJBA7x+p/CqsUOrxs6LlxGGNqMBcuTP4CyPoN2jt7qvkPgJKYKYVSX0iL38 +tL1ybiJjmsZKMJKrf/y/HVM0z6ULW/ECQQJipqopwqPGfcU0bAY4Gv2YeqPMk8+/ +7PVP3Z+deH1/WaUj05iXnaE3ovY4H+lIAffJTaIVGNw0y0CHDEaXmUrZAkBknUwX +tu4XIedy0DiaVZw9PN+VUNRXxGsDe3RkGx1SFmr4ohPIOWIGzfukQi8Y1vYdvLXS +FMlxv0gq65dqc3DC +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-7 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=1688e4ce7794bba6cb7014169ecd559cede2a30b56a52b68d9fe18cf1973ef97b2a03153951c755f6294aa49adbdb55845ab6875fb3986c93ecf927962840d282f9e54ce8b690f7c0cb8bbd73440d9571d1b16cd9260f9eab4783cc482e5223dc60973871783ec27b0ae0fd47732cbc286a173fc92b00fb4ba6824647cd93c85c1 +Output=47aae909 + +Decrypt=RSA-OAEP-7 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=1052ed397b2e01e1d0ee1c50bf24363f95e504f4a03434a08fd822574ed6b9736edbb5f390db10321479a8a139350e2bd4977c3778ef331f3e78ae118b268451f20a2f01d471f5d53c566937171b2dbc2d4bde459a5799f0372d6574239b2323d245d0bb81c286b63c89a361017337e4902f88a467f4c7f244bfd5ab46437ff3b6 +Output=1d9b2e2223d9bc13bfb9f162ce735db48ba7c68f6822a0a1a7b6ae165834e7 + +Decrypt=RSA-OAEP-7 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=2155cd843ff24a4ee8badb7694260028a490813ba8b369a4cbf106ec148e5298707f5965be7d101c1049ea8584c24cd63455ad9c104d686282d3fb803a4c11c1c2e9b91c7178801d1b6640f003f5728df007b8a4ccc92bce05e41a27278d7c85018c52414313a5077789001d4f01910b72aad05d220aa14a58733a7489bc54556b +Output=d976fc + +Decrypt=RSA-OAEP-7 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=0ab14c373aeb7d4328d0aaad8c094d88b9eb098b95f21054a29082522be7c27a312878b637917e3d819e6c3c568db5d843802b06d51d9e98a2be0bf40c031423b00edfbff8320efb9171bd2044653a4cb9c5122f6c65e83cda2ec3c126027a9c1a56ba874d0fea23f380b82cf240b8cf540004758c4c77d934157a74f3fc12bfac +Output=d4738623df223aa43843df8467534c41d013e0c803c624e263666b239bde40a5f29aeb8de79e3daa61dd0370f49bd4b013834b98212aef6b1c5ee373b3cb + +Decrypt=RSA-OAEP-7 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=028387a318277434798b4d97f460068df5298faba5041ba11761a1cb7316b24184114ec500257e2589ed3b607a1ebbe97a6cc2e02bf1b681f42312a33b7a77d8e7855c4a6de03e3c04643f786b91a264a0d6805e2cea91e68177eb7a64d9255e4f27e713b7ccec00dc200ebd21c2ea2bb890feae4942df941dc3f97890ed347478 +Output=bb47231ca5ea1d3ad46c99345d9a8a61 + +Decrypt=RSA-OAEP-7 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=14c678a94ad60525ef39e959b2f3ba5c097a94ff912b67dbace80535c187abd47d075420b1872152bba08f7fc31f313bbf9273c912fc4c0149a9b0cfb79807e346eb332069611bec0ff9bcd168f1f7c33e77313cea454b94e2549eecf002e2acf7f6f2d2845d4fe0aab2e5a92ddf68c480ae11247935d1f62574842216ae674115 +Output=2184827095d35c3f86f600e8e59754013296 + +PrivateKey=RSA-OAEP-8 +-----BEGIN PRIVATE KEY----- +MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBW98OMNMh3aUUf4gk +CPppGVSA34+A0/bov1gYUE82QnypsfVUC5xlqPaXTPhEeiRNkoAgG7Sfy75jeNGU +TNIn4jD5bj0Q+Bnc7ydsZKALKktnAefQHeX6veOx6aDfgvRjE1nNImaWR/uxcXJG +E07XtJfP/73EK1nHOpbtkBZiEt/3AgMBAAECgYEPfR6eWqol/RPkoGY64UTg0V9c +0YvNsJ3yzH5k48XpFa1iZFMEFh0JjHFbt6uL0B0H6vP+18ftCK8qimLvRKsWsyDh +SvcqSPlq/iYqCuTPZeY16RB5DNTuXOp2iksmOffm9nez8Ltr4yt1dH2JCQNvAmT1 +jUAc26ExcWFXp17PYzECQQoC74RI2frYu9DQBMjCqpdR75chwbDQMjalSw35R8uu +1aJV7p6OINSR6hcj/glHBKl2Loiv0W67WZRBLKlm3E+fAkEJLTYuftOgv9np/Q5s +AwG23ykVnPUMyDubDPTW7qcaYeACtG4K6fLeYtJbXXRS1Ji4HJrG/FhZPUw/tPXX +LfuwqQJBB8cUEK8QOWLbNnQE43roULqk6cKd2SFFgVKUpnx9HG3tJjqgMKm2M65Q +MD4UA10a8BQSPrpoeCAwjY68hbaVfX0CQQCuLHU4DALAFq0FiRszAd6IHyiuEXEY +K2ssg76nxRXsqcopjHscq1gXpZcGj8hQYN5NqKAWN4quQ8f5Z7zDeQS5AkEFmNEF +njraT2MgdSwJ2AX/fR8a4NAXru7pzvoNfdf/d15EtXgyL2QF1iEdoZUZZmqof9xM +2MiPa249Z+lh3Luj0A== +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-8 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=09b3683d8a2eb0fb295b62ed1fb9290b714457b7825319f4647872af889b30409472020ad12912bf19b11d4819f49614824ffd84d09c0a17e7d17309d12919790410aa2995699f6a86dbe3242b5acc23af45691080d6b1ae810fb3e3057087f0970092ce00be9562ff4053b6262ce0caa93e13723d2e3a5ba075d45f0d61b54b61 +Output=050b755e5e6880f7b9e9d692a74c37aae449b31bfea6deff83747a897f6c2c825bb1adbf850a3c96994b5de5b33cbc7d4a17913a7967 + +Decrypt=RSA-OAEP-8 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=2ecf15c97c5a15b1476ae986b371b57a24284f4a162a8d0c8182e7905e792256f1812ba5f83f1f7a130e42dcc02232844edc14a31a68ee97ae564a383a3411656424c5f62ddb646093c367be1fcda426cf00a06d8acb7e57776fbbd855ac3df506fc16b1d7c3f2110f3d8068e91e186363831c8409680d8da9ecd8cf1fa20ee39d +Output=4eb68dcd93ca9b19df111bd43608f557026fe4aa1d5cfac227a3eb5ab9548c18a06dded23f81825986b2fcd71109ecef7eff88873f075c2aa0c469f69c92bc + +Decrypt=RSA-OAEP-8 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=4bc89130a5b2dabb7c2fcf90eb5d0eaf9e681b7146a38f3173a3d9cfec52ea9e0a41932e648a9d69344c50da763f51a03c95762131e8052254dcd2248cba40fd31667786ce05a2b7b531ac9dac9ed584a59b677c1a8aed8c5d15d68c05569e2be780bf7db638fd2bfd2a85ab276860f3777338fca989ffd743d13ee08e0ca9893f +Output=8604ac56328c1ab5ad917861 + +Decrypt=RSA-OAEP-8 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=2e456847d8fc36ff0147d6993594b9397227d577752c79d0f904fcb039d4d812fea605a7b574dd82ca786f93752348438ee9f5b5454985d5f0e1699e3e7ad175a32e15f03deb042ab9fe1dd9db1bb86f8c089ccb45e7ef0c5ee7ca9b7290ca6b15bed47039788a8a93ff83e0e8d6244c71006362deef69b6f416fb3c684383fbd0 +Output=fdda5fbf6ec361a9d9a4ac68af216a0686f438b1e0e5c36b955f74e107f39c0dddcc + +Decrypt=RSA-OAEP-8 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=1fb9356fd5c4b1796db2ebf7d0d393cc810adf6145defc2fce714f79d93800d5e2ac211ea8bbecca4b654b94c3b18b30dd576ce34dc95436ef57a09415645923359a5d7b4171ef22c24670f1b229d3603e91f76671b7df97e7317c97734476d5f3d17d21cf82b5ba9f83df2e588d36984fd1b584468bd23b2e875f32f68953f7b2 +Output=4a5f4914bee25de3c69341de07 + +Decrypt=RSA-OAEP-8 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=3afd9c6600147b21798d818c655a0f4c9212db26d0b0dfdc2a7594ccb3d22f5bf1d7c3e112cd73fc7d509c7a8bafdd3c274d1399009f9609ec4be6477e453f075aa33db382870c1c3409aef392d7386ae3a696b99a94b4da0589447e955d16c98b17602a59bd736279fcd8fb280c4462d590bfa9bf13fed570eafde97330a2c210 +Output=8e07d66f7b880a72563abcd3f35092bc33409fb7f88f2472be + +PrivateKey=RSA-OAEP-9 +-----BEGIN PRIVATE KEY----- +MIIDlwIBADANBgkqhkiG9w0BAQEFAASCA4EwggN9AgEAAoHBAM8s1B40yjpyjqXL +iv9kw20nve9TZOM2/WjTEjxaGWqMKHAT6FPVFW1Y0VGVRSD7T217F6u2gXdlkJxX +YRllnZArGQbtiisQwVXCTRJFKNq57q43m+rGbkpBF4bcuP0AYuvAMN4SGaBMKowb +fdMTHk1rbK7i4xpe1BrBUJsu8e4qsYNkvlaMqUHCXsyE/51kO17Bqq4QKiDXP0eb +eA/W2pEHUhLZ6sA6BnTYmeui5DH0xEthW2uiIyvUszuu1z1iXQIDAQABAoHAGYwU +HiNxWpK8z2oRmlvBE4lGjSgR9UjXJ+F7SrDrmG1vIR77U7cffMvqh+5px17mFQCM +UzLetSvzkKvfv+N9cgU2gVmyY4wd4ybiHSIlHw+1hIs78VAF0qdDMPCv6RbuYszB +NE0dg6cJ5gZ2JzhA9/N3QkpeCk2nXwGzH/doGc+cv90hUkPDkXwD7zgZkxLlZ7O/ +eu06tFfzce+KFCP0W2jG4oLsERu6KDO5h/1p+tg7wbjGE8Xh6hbBHtEl6n7BAmEA +/I1sBL7E65qBksp5AMvlNuLotRnezzOyRZeYxpCd9PF2230jGQ/HK4hlpxiviV8b +zZFFKYAnQjtgXnCkfPWDkKjD6I/IxI6LMuPaIQ374+iB6lZ0tqNIwh6T+eVepl79 +AmEA0gDUXniKrOpgakAdBGD4fdXBAn4S3BoNdYbok52c94m0D1GsBEKWHefSHMIe +BcgxVcHyqpGTOHz9+VbLSNFTuicEBvm7ulN9SYfZ4vmULXoUy//+p0/s3ako0j4l +n17hAmEA2xaAL3mi8NRfNY1p/TPkS4H66ChiLpOlQlPpl9AbB0N1naDoErSqTmyL +6rIyjVQxlVpBimf/JqjFyAel2jVOBe8xzIz3WPRjcylQsD4mVyb7lOOdalcqJiRK +sI23V1KtAmEAoKMXz+ffFCP4em3uhFH04rSmflSX8ptPHk6DC5+t2UARZwJvVZbl +o5yXgX4PXxbifhnsmQLgHX6m+5qjx2Cv7h44G2neasnAdYWgatnEugC/dcitL6iY +pHnoCuKU/tKhAmALIfM1w1M0LrRMOqJERXgMLWVblAF0yuOMfIpOZJPAup/TA3SC +Z7CDuaemy2HkLbNiuMmJbbcGTgKtWuYVh9oVtGSckFlJCf6zfby2VL63Jo7IAeWo +tKo5Eb69iFQvBb4= +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-9 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=267bcd118acab1fc8ba81c85d73003cb8610fa55c1d97da8d48a7c7f06896a4db751aa284255b9d36ad65f37653d829f1b37f97b8001942545b2fc2c55a7376ca7a1be4b1760c8e05a33e5aa2526b8d98e317088e7834c755b2a59b12631a182c05d5d43ab1779264f8456f515ce57dfdf512d5493dab7b7338dc4b7d78db9c091ac3baf537a69fc7f549d979f0eff9a94fda4169bd4d1d19a69c99e33c3b55490d501b39b1edae118ff6793a153261584d3a5f39f6e682e3d17c8cd1261fa72 +Output=f735fd55ba92592c3b52b8f9c4f69aaa1cbef8fe88add095595412467f9cf4ec0b896c59eda16210e7549c8abb10cdbc21a12ec9b6b5b8fd2f10399eb6 + +Decrypt=RSA-OAEP-9 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=93ac9f0671ec29acbb444effc1a5741351d60fdb0e393fbf754acf0de49761a14841df7772e9bc82773966a1584c4d72baea00118f83f35cca6e537cbd4d811f5583b29783d8a6d94cd31be70d6f526c10ff09c6fa7ce069795a3fcd0511fd5fcb564bcc80ea9c78f38b80012539d8a4ddf6fe81e9cddb7f50dbbbbcc7e5d86097ccf4ec49189fb8bf318be6d5a0715d516b49af191258cd32dc833ce6eb4673c03a19bbace88cc54895f636cc0c1ec89096d11ce235a265ca1764232a689ae8 +Output=81b906605015a63aabe42ddf11e1978912f5404c7474b26dce3ed482bf961ecc818bf420c54659 +Decrypt=RSA-OAEP-9 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=81ebdd95054b0c822ef9ad7693f5a87adfb4b4c4ce70df2df84ed49c04da58ba5fc20a19e1a6e8b7a3900b22796dc4e869ee6b42792d15a8eceb56c09c69914e813cea8f6931e4b8ed6f421af298d595c97f4789c7caa612c7ef360984c21b93edc5401068b5af4c78a8771b984d53b8ea8adf2f6a7d4a0ba76c75e1dd9f658f20ded4a46071d46d7791b56803d8fea7f0b0f8e41ae3f09383a6f9585fe7753eaaffd2bf94563108beecc207bbb535f5fcc705f0dde9f708c62f49a9c90371d3 +Output=fd326429df9b890e09b54b18b8f34f1e24 + +Decrypt=RSA-OAEP-9 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=bcc35f94cde66cb1136625d625b94432a35b22f3d2fa11a613ff0fca5bd57f87b902ccdc1cd0aebcb0715ee869d1d1fe395f6793003f5eca465059c88660d446ff5f0818552022557e38c08a67ead991262254f10682975ec56397768537f4977af6d5f6aaceb7fb25dec5937230231fd8978af49119a29f29e424ab8272b47562792d5c94f774b8829d0b0d9f1a8c9eddf37574d5fa248eefa9c5271fc5ec2579c81bdd61b410fa61fe36e424221c113addb275664c801d34ca8c6351e4a858 +Output=f1459b5f0c92f01a0f723a2e5662484d8f8c0a20fc29dad6acd43bb5f3effdf4e1b63e07fdfe6628d0d74ca19bf2d69e4a0abf86d293925a796772f8088e + +Decrypt=RSA-OAEP-9 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=232afbc927fa08c2f6a27b87d4a5cb09c07dc26fae73d73a90558839f4fd66d281b87ec734bce237ba166698ed829106a7de6942cd6cdce78fed8d2e4d81428e66490d036264cef92af941d3e35055fe3981e14d29cbb9a4f67473063baec79a1179f5a17c9c1832f2838fd7d5e59bb9659d56dce8a019edef1bb3accc697cc6cc7a778f60a064c7f6f5d529c6210262e003de583e81e3167b89971fb8c0e15d44fffef89b53d8d64dd797d159b56d2b08ea5307ea12c241bd58d4ee278a1f2e +Output=53e6e8c729d6f9c319dd317e74b0db8e4ccca25f3c8305746e137ac63a63ef3739e7b595abb96e8d55e54f7bd41ab433378ffb911d + +Decrypt=RSA-OAEP-9 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=438cc7dc08a68da249e42505f8573ba60e2c2773d5b290f4cf9dff718e842081c383e67024a0f29594ea987b9d25e4b738f285970d195abb3a8c8054e3d79d6b9c9a8327ba596f1259e27126674766907d8d582ff3a8476154929adb1e6d1235b2ccb4ec8f663ba9cc670a92bebd853c8dbf69c6436d016f61add836e94732450434207f9fd4c43dec2a12a958efa01efe2669899b5e604c255c55fb7166de5589e369597bb09168c06dd5db177e06a1740eb2d5c82faeca6d92fcee9931ba9f +Output=b6b28ea2198d0c1008bc64 + +PrivateKey=RSA-OAEP-10 +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCuRe1WAc7GuMwF ++AOTXGdN2+DXXEwJ/XlR/GsMrsMTqN85lwxRi/+6XtaPPw1/IqQCnUE/GuB+Tr6e +QXfOI+f1QEtWnk7hvc88H7A+8ROALU+FXrm1E0tafICFrcrm+i+hQX7DdjvhcbDG +K3YO3iPBKtkrmAiExkH1qPrCa9rUoDOBoi/ht1SIUJTIJQbUAZpTWihq/rJxu5ul +kt4Y3PYAwq7q5W4C9895/BTPO9x82E/ru/lQypAwSyIZp6oGOu+iw8GYDlYM1kr+ +d5WFthB2V7lXhX795gEJiKt95Bf8iNjzhMTm5yw/lD4MMcDEpcw2+HnYo6ydfVmG +Dqraa4O7AgMBAAECggEABWsEIW/l81SsdyUKS2sMhSWoXFmwvYDFZFCiLV9Djllq +MzqodeKR3UP0jLiLnV/A1Jn5/NHDl/mvwHDNnjmMjRnmHbfHQQprJnXfv100W4BN +IBrdUC1c4t/LCRzpmXu+vlcwbzg+TViBA/A29+hdGTTRUqMj5KjbRR1vSlsbDxAs +wVDgL+7iuI3qStTBusyyTYQHLRTh0kpncfdAjuMFZPuG1Dk6NLzwt4hQHRkzA/E6 +IoSwAfD2Ser3kyjUrFxDCrRBSSCpRg7Rt7xA7GU+h20Jq8UJrkW1JRkBFqDCYQGE +gphQnBw786SD5ydAVOFelwdQNumJ9gkygHtSV3UeeQKBgQDs9a7NHlUV//rL11oo +Fsbr9JAYzftGOOGF1mpzlrb4CQ+AGMf9lcw0uFfcF/DMZRa7E0arTVgsra17QQM1 +I4e3AzjQhAR8nZU5tkliBLPdbqRCSZIHvsAflkKH/2M2w5hGWDNoRvVuRoYYgcEC +M9IXa/FaXpbdx4C8hoqnfTznaQKBgQC8RsRk/GrEyng7DrCKPIQbdy9+my8our1Y +iuiF4aDGHkhYoPslrCmZkPNb6FFkwlm6EXXN1xknBxNRhJkrbCm3Rt0NLKvhQoNf +fRSMwWFSS0oJlG1IuChHPxzna2y2iGw0XAPgX0HVG1w6kKPyQHPH10pP4l2c8hx1 +lg8/w4YxgwKBgQDHNWRXHQD7FdCKPemVelCRXXEm6UQtrPQryC6GLlZz/2oAjtTS +43RhffifF6FgtDt/2py2trdCGGCYFffUXKJjwVmqMtJy0Sf69LyMotdzeOiusZsK +19o8s94K5zFJgPYrbUsKh10d8DwbrjnM2DPvbNfi2VKL8ITR+WnnlOn2wQKBgCZY +s39t+cEDC+HbaBF/qdh+OeoraTt+bTovcJR0E+7GFC4Y+438tqxUXXyGoK1I+EVx +cPDvsmvEgSbFPv0dFpIBmNwqEQfcKC22qAzTBiNguj+hP3DkMS/xps1rj8TNnFw9 +sXxtalchL3OuKfYZMnutWbFThYWFuk4otgpipF5JAoGAbzhSazklCFU07z5BWoNu +3ouGFYosfL/sywvYNDBP7Gg7qNT0ecQz1DQW5jJpYjzqEAd22Fr/QB0//2EO5lQR +zjsTY9Y6lwnu3kJkfOpWFJPVRXCoecGGgs2XcQuWIF7DERfXO182Ij+t1ui6kN18 +DuYdROFjJR4gx/ZuswURfLg= +-----END PRIVATE KEY----- + +Decrypt=RSA-OAEP-10 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=53ea5dc08cd260fb3b858567287fa91552c30b2febfba213f0ae87702d068d19bab07fe574523dfb42139d68c3c5afeee0bfe4cb7969cbf382b804d6e61396144e2d0e60741f8993c3014b58b9b1957a8babcd23af854f4c356fb1662aa72bfcc7e586559dc4280d160c126785a723ebeebeff71f11594440aaef87d10793a8774a239d4a04c87fe1467b9daf85208ec6c7255794a96cc29142f9a8bd418e3c1fd67344b0cd0829df3b2bec60253196293c6b34d3f75d32f213dd45c6273d505adf4cced1057cb758fc26aeefa441255ed4e64c199ee075e7f16646182fdb464739b68ab5daff0e63e9552016824f054bf4d3c8c90a97bb6b6553284eb429fcc +Output=8bba6bf82a6c0f86d5f1756e97956870b08953b06b4eb205bc1694ee + +Decrypt=RSA-OAEP-10 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=a2b1a430a9d657e2fa1c2bb5ed43ffb25c05a308fe9093c01031795f5874400110828ae58fb9b581ce9dddd3e549ae04a0985459bde6c626594e7b05dc4278b2a1465c1368408823c85e96dc66c3a30983c639664fc4569a37fe21e5a195b5776eed2df8d8d361af686e750229bbd663f161868a50615e0c337bec0ca35fec0bb19c36eb2e0bbcc0582fa1d93aacdb061063f59f2ce1ee43605e5d89eca183d2acdfe9f81011022ad3b43a3dd417dac94b4e11ea81b192966e966b182082e71964607b4f8002f36299844a11f2ae0faeac2eae70f8f4f98088acdcd0ac556e9fccc511521908fad26f04c64201450305778758b0538bf8b5bb144a828e629795 +Output=e6ad181f053b58a904f2457510373e57 + +Decrypt=RSA-OAEP-10 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=9886c3e6764a8b9a84e84148ebd8c3b1aa8050381a78f668714c16d9cfd2a6edc56979c535d9dee3b44b85c18be8928992371711472216d95dda98d2ee8347c9b14dffdff84aa48d25ac06f7d7e65398ac967b1ce90925f67dce049b7f812db0742997a74d44fe81dbe0e7a3feaf2e5c40af888d550ddbbe3bc20657a29543f8fc2913b9bd1a61b2ab2256ec409bbd7dc0d17717ea25c43f42ed27df8738bf4afc6766ff7aff0859555ee283920f4c8a63c4a7340cbafddc339ecdb4b0515002f96c932b5b79167af699c0ad3fccfdf0f44e85a70262bf2e18fe34b850589975e867ff969d48eabf212271546cdc05a69ecb526e52870c836f307bd798780ede +Output=510a2cf60e866fa2340553c94ea39fbc256311e83e94454b4124 + +Decrypt=RSA-OAEP-10 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=6318e9fb5c0d05e5307e1683436e903293ac4642358aaa223d7163013aba87e2dfda8e60c6860e29a1e92686163ea0b9175f329ca3b131a1edd3a77759a8b97bad6a4f8f4396f28cf6f39ca58112e48160d6e203daa5856f3aca5ffed577af499408e3dfd233e3e604dbe34a9c4c9082de65527cac6331d29dc80e0508a0fa7122e7f329f6cca5cfa34d4d1da417805457e008bec549e478ff9e12a763c477d15bbb78f5b69bd57830fc2c4ed686d79bc72a95d85f88134c6b0afe56a8ccfbc855828bb339bd17909cf1d70de3335ae07039093e606d655365de6550b872cd6de1d440ee031b61945f629ad8a353b0d40939e96a3c450d2a8d5eee9f678093c8 +Output=bcdd190da3b7d300df9a06e22caae2a75f10c91ff667b7c16bde8b53064a2649a94045c9 + +Decrypt=RSA-OAEP-10 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=75290872ccfd4a4505660d651f56da6daa09ca1301d890632f6a992f3d565cee464afded40ed3b5be9356714ea5aa7655f4a1366c2f17c728f6f2c5a5d1f8e28429bc4e6f8f2cff8da8dc0e0a9808e45fd09ea2fa40cb2b6ce6ffff5c0e159d11b68d90a85f7b84e103b09e682666480c657505c0929259468a314786d74eab131573cf234bf57db7d9e66cc6748192e002dc0deea930585f0831fdcd9bc33d51f79ed2ffc16bcf4d59812fcebcaa3f9069b0e445686d644c25ccf63b456ee5fa6ffe96f19cdf751fed9eaf35957754dbf4bfea5216aa1844dc507cb2d080e722eba150308c2b5ff1193620f1766ecf4481bafb943bd292877f2136ca494aba0 +Output=a7dd6c7dc24b46f9dd5f1e91ada4c3b3df947e877232a9 + +Decrypt=RSA-OAEP-10 +Ctrl = rsa_padding_mode:oaep +Ctrl = rsa_mgf1_md:sha1 +Input=2d207a73432a8fb4c03051b3f73b28a61764098dfa34c47a20995f8115aa6816679b557e82dbee584908c6e69782d7deb34dbd65af063d57fca76a5fd069492fd6068d9984d209350565a62e5c77f23038c12cb10c6634709b547c46f6b4a709bd85ca122d74465ef97762c29763e06dbc7a9e738c78bfca0102dc5e79d65b973f28240caab2e161a78b57d262457ed8195d53e3c7ae9da021883c6db7c24afdd2322eac972ad3c354c5fcef1e146c3a0290fb67adf007066e00428d2cec18ce58f9328698defef4b2eb5ec76918fde1c198cbb38b7afc67626a9aefec4322bfd90d2563481c9a221f78c8272c82d1b62ab914e1c69f6af6ef30ca5260db4a46 +Output=eaf1a73a1b0c4609537de69cd9228bbcfb9a8ca8c6c3efaf056fe4a7f4634ed00b7c39ec6922d7b8ea2c04ebac + + +Title = ECDH tests (with random keys) # TEST CURVE secp112r1 @@ -4156,8 +5405,7 @@ PeerKey=ALICE_brainpoolP512t1_PUB SharedSecret=0afecb44d108c9bf2bc159fcc613a1429e3906d5d201d579adc2167058e972ef85fc13d837f3566a2ff3a881e47bfe36b722baf4a9f865097fe11e171189a944 -## ECDH Tests: KATs from RFC 5114, RFC 5903 and RFC 7027 - +Title = ECDH KATs (from RFC 5114, 5903, 7027) # Keys and shared secrets from RFC 5114 PrivateKey=PRIME192V1_RFC5114 @@ -4654,18 +5902,10 @@ PeerKey=BRAINPOOLP512R1_RFC7027-PUBLIC SharedSecret=A7927098655F1F9976FA50A9D566865DC530331846381C87256BAF3226244B76D36403C024D7BBF0AA0803EAFF405D3D24F11A9B5C0BEF679FE1454B21C4CD1F -######################################################################## -# # -# NIST SP800-56A co-factor ECDH KATs # -# # -# # # http://csrc.nist.gov/groups/STM/cavp/component-testing.html#ECCCDH # -# # # sha256sum(KAS_ECC_CDH_PrimitiveTest.txt) = # # 456068d3f8aad8ac62a03d19ed3173f00ad51f42b51aeab4753c20f30c01cf23 # -# # -######################################################################## - +Title = ECDH KATs (from NIST SP800-56A co-factor ECDH KATs PrivateKey=KAS-ECC-CDH_P-192_C0 -----BEGIN PRIVATE KEY----- @@ -16046,20 +17286,29 @@ Derive=ALICE_cf_sect283k1 PeerKey=BOB_cf_sect283k1_PUB Ctrl=ecdh_cofactor_mode:1 Result = DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity +Title = Test keypair mismatches -# Test mismatches PrivPubKeyPair = Alice-25519:Bob-25519-PUBLIC Result = KEYPAIR_MISMATCH PrivPubKeyPair = Bob-25519:Alice-25519-PUBLIC Result = KEYPAIR_MISMATCH +PrivPubKeyPair = Alice-448:Bob-448-PUBLIC +Result = KEYPAIR_MISMATCH + +PrivPubKeyPair = Bob-448:Alice-448-PUBLIC +Result = KEYPAIR_MISMATCH + PrivPubKeyPair = Alice-25519:P-256-PUBLIC Result = KEYPAIR_TYPE_MISMATCH +PrivPubKeyPair = Alice-448:P-256-PUBLIC +Result = KEYPAIR_TYPE_MISMATCH + PrivPubKeyPair = RSA-2048:P-256-PUBLIC Result = KEYPAIR_TYPE_MISMATCH @@ -16147,3 +17396,1083 @@ Result = KEYPAIR_MISMATCH PrivPubKeyPair = DSA-1024-BIS:DSA-1024-PUBLIC Result = KEYPAIR_MISMATCH +Title = DigestSign and DigestVerify + +DigestSign = SHA1 +Key = RSA-2048 +Input = "Hello World" +Output = 3da3ca2bdd1b23a231b0e3c49d95d5959f9398c27a1e534c7e6baf1d2682304d3b6b229385b1edf483f5ef6f9b35bf10c519a302bb2f79c564e1a59ba71aa2fa36df96c942c43e8d9bd4702b5f61c12a078ae2b34d0de221fc8f9f936b79a67c89d11ba5da8c63a1370d0e824c6b661123e9b58b143ff533cf362cbdad70e65b419a6d45723bf22db3c76bb8f5337c5c5c93cb6f38b30d0c835b54c23405ca4217dd0b755f3712ebad285d9e0c02655f6ce5ce6fed78f3c81843de325f628055eef57f280dee0c3170050137ee599b9ab7f2b5d3c5f831777ea05a5eb097c70bad1a7214dadae12d7960bb9425390c7d25a79985e1e3c28ad422ff93c808f4b5 + +DigestSign = SHA256 +Key = RSA-2048 +Input = "Hello World" +Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034 + +DigestSign = SHA256 +Key = RSA-2048 +Input = "Hello " +Input = "World" +Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034 + +DigestSign = SHA256 +Key = RSA-2048 +Input = "Hello " +Input = "World" +Ctrl = rsa_padding_mode:pss +Ctrl = rsa_pss_saltlen:0 +Output = 4a35cc7623f176c997696213045024f1b1121a6ec4a5755d206c20fc4a7c5259566d19730f6f1a75ac00878c6290e6757510588d740da3633b09a1d899c7dfba2031cfcae6a490e995c87f4750ea88948009cbed6c80cebb9ebfab7d04805e7a2140373fb888b5e6151d1c4eb7f505c4e0a584c17c6ca71e552ba13e1f20101796fe0d1af0cde661fc47d904b5d3f127073471fe6dc7e78f5cd2a049d67e0c7c92184e2bf97f8e16b50b8385daa1f8882e8f6c8683720903454b35356058f2f0136cad7689105167bacbe0dbad466ff2a298e41e5a65caecac4cde08529b7ea8717258e19b0732c966b34f5d52e4ec3073da78757471086553a3ff6c5460bcda + +DigestVerify = SHA256 +Key = RSA-2048-PUBLIC +Input = "Hello " +Input = "World" +Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034 + +DigestVerify = SHA256 +Key = RSA-2048-PUBLIC +Input = "Hello" +Input = "World" +Output = ba8c24b86f18633767ed1778ef12d283a508d0bef32dd50b4a67cbd6b75df0f4ef6e69bfafbc809b01b93ab34aad9a33908644efca6eca04db1afda1016d1c1603183d2263597cf85ce5b7acd6a4872cbcc401b90b221d85aa0a2d0e1f159fc0843e0a55c47dc108c3f207d000e954605fabbb8c938050f280e29653aa1438109d02e53dfbdcb8cb9b46d372dd39ba7317a3f4c0020dba1ddd247b3d58addb1df7208785a62a8e3e4372c1fa6d24a17cd6413f7f5c046ba40a881c21875fde848b3b56fea7264430eca15b27c5c3b72fedcbcc124f8d939ffc11e6d3172c7eb491d378902093fcc3bf3a2835a1fcfabf457c13abf7b37f08595ed72332e27034 +Result = VERIFY_ERROR + +DigestVerify = SHA256 +Key = P-256-PUBLIC +Input = "Hello World" +Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 + +# Invalid digest +DigestVerify = MD5 +Key = P-256-PUBLIC +Result = DIGESTVERIFYINIT_ERROR + +# Oneshot tests +OneShotDigestVerify = SHA256 +Key = P-256-PUBLIC +Input = "Hello World" +Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 + +OneShotDigestSign = SHA1 +Key = RSA-2048 +Input = "Hello World" +Output = 3da3ca2bdd1b23a231b0e3c49d95d5959f9398c27a1e534c7e6baf1d2682304d3b6b229385b1edf483f5ef6f9b35bf10c519a302bb2f79c564e1a59ba71aa2fa36df96c942c43e8d9bd4702b5f61c12a078ae2b34d0de221fc8f9f936b79a67c89d11ba5da8c63a1370d0e824c6b661123e9b58b143ff533cf362cbdad70e65b419a6d45723bf22db3c76bb8f5337c5c5c93cb6f38b30d0c835b54c23405ca4217dd0b755f3712ebad285d9e0c02655f6ce5ce6fed78f3c81843de325f628055eef57f280dee0c3170050137ee599b9ab7f2b5d3c5f831777ea05a5eb097c70bad1a7214dadae12d7960bb9425390c7d25a79985e1e3c28ad422ff93c808f4b5 + +Title = ED25519 tests from RFC8032 + +PrivateKey=ED25519-1 +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIJ1hsZ3v/VpguoRK9JLsLMREScVpezJpGXA7rAMcrn9g +-----END PRIVATE KEY----- + +PrivateKey=ED25519-2 +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIEzNCJso/5banbbDRuwRTg9bijGfNaumJNqM9u1PuKb7 +-----END PRIVATE KEY----- + +PrivateKey=ED25519-3 +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIMWqjfQ/n4N77bdELzHct7Fm04U1B28JS4XOOi4LRFj3 +-----END PRIVATE KEY----- + +PrivateKey=ED25519-4 +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIPXldnzxUzGVF2MPImh2uGyBYMxYO8ATdExr8lX1zA7l +-----END PRIVATE KEY----- + +PrivateKey=ED25519-5 +-----BEGIN PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIIM/5iQJI3udYux3WHUgkR6adZzsHRl1W32pAbltyj1C +-----END PRIVATE KEY----- + +PublicKey=ED25519-1-PUBLIC +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEA11qYAYKxCrfVS/7TyWQHOg7hcvPapiMlrwIaaPcHURo= +-----END PUBLIC KEY----- + +PublicKey=ED25519-2-PUBLIC +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAPUAXw+hDiVqStwqnTRt+vJyYLM8uxJaMwM1V8Sr0Zgw= +-----END PUBLIC KEY----- + +PublicKey=ED25519-3-PUBLIC +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEA/FHNjmIYoaONpH7QAjDwWAgW7RO6MwOsXeuRFUiQgCU= +-----END PUBLIC KEY----- + +PublicKey=ED25519-4-PUBLIC +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEAJ4EX/BRMcjQPZ9DyMW6Dhs7/vyskKMnFH+98WX8dQm4= +-----END PUBLIC KEY----- + +PublicKey=ED25519-5-PUBLIC +-----BEGIN PUBLIC KEY----- +MCowBQYDK2VwAyEA7Bcrk61eVjv0kyxw4SRQNMNUZ+8u/U1k6/gZaDRn4r8= +-----END PUBLIC KEY----- + +#Raw versions of the ED25519-1 keys +PrivateKeyRaw=ED25519-1-Raw:ED25519:9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60 + +PublicKeyRaw=ED25519-1-PUBLIC-Raw:ED25519:d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a + +PrivPubKeyPair = ED25519-1:ED25519-1-PUBLIC + +PrivPubKeyPair = ED25519-1-Raw:ED25519-1-PUBLIC-Raw + +OneShotDigestSign = NULL +Key = ED25519-1 +Input = "" +Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b + +PrivPubKeyPair = ED25519-2:ED25519-2-PUBLIC + +OneShotDigestSign = NULL +Key = ED25519-2 +Input = 72 +Output = 92a009a9f0d4cab8720e820b5f642540a2b27b5416503f8fb3762223ebdb69da085ac1e43e15996e458f3613d0f11d8c387b2eaeb4302aeeb00d291612bb0c00 + +PrivPubKeyPair = ED25519-3:ED25519-3-PUBLIC + +OneShotDigestSign = NULL +Key = ED25519-3 +Input = af82 +Output = 6291d657deec24024827e69c3abe01a30ce548a284743a445e3680d7db5ac3ac18ff9b538d16f290ae67f760984dc6594a7c15e9716ed28dc027beceea1ec40a + +PrivPubKeyPair = ED25519-4:ED25519-4-PUBLIC + +OneShotDigestSign = NULL +Key = ED25519-4 +Input = 08b8b2b733424243760fe426a4b54908632110a66c2f6591eabd3345e3e4eb98fa6e264bf09efe12ee50f8f54e9f77b1e355f6c50544e23fb1433ddf73be84d879de7c0046dc4996d9e773f4bc9efe5738829adb26c81b37c93a1b270b20329d658675fc6ea534e0810a4432826bf58c941efb65d57a338bbd2e26640f89ffbc1a858efcb8550ee3a5e1998bd177e93a7363c344fe6b199ee5d02e82d522c4feba15452f80288a821a579116ec6dad2b3b310da903401aa62100ab5d1a36553e06203b33890cc9b832f79ef80560ccb9a39ce767967ed628c6ad573cb116dbefefd75499da96bd68a8a97b928a8bbc103b6621fcde2beca1231d206be6cd9ec7aff6f6c94fcd7204ed3455c68c83f4a41da4af2b74ef5c53f1d8ac70bdcb7ed185ce81bd84359d44254d95629e9855a94a7c1958d1f8ada5d0532ed8a5aa3fb2d17ba70eb6248e594e1a2297acbbb39d502f1a8c6eb6f1ce22b3de1a1f40cc24554119a831a9aad6079cad88425de6bde1a9187ebb6092cf67bf2b13fd65f27088d78b7e883c8759d2c4f5c65adb7553878ad575f9fad878e80a0c9ba63bcbcc2732e69485bbc9c90bfbd62481d9089beccf80cfe2df16a2cf65bd92dd597b0707e0917af48bbb75fed413d238f5555a7a569d80c3414a8d0859dc65a46128bab27af87a71314f318c782b23ebfe808b82b0ce26401d2e22f04d83d1255dc51addd3b75a2b1ae0784504df543af8969be3ea7082ff7fc9888c144da2af58429ec96031dbcad3dad9af0dcbaaaf268cb8fcffead94f3c7ca495e056a9b47acdb751fb73e666c6c655ade8297297d07ad1ba5e43f1bca32301651339e22904cc8c42f58c30c04aafdb038dda0847dd988dcda6f3bfd15c4b4c4525004aa06eeff8ca61783aacec57fb3d1f92b0fe2fd1a85f6724517b65e614ad6808d6f6ee34dff7310fdc82aebfd904b01e1dc54b2927094b2db68d6f903b68401adebf5a7e08d78ff4ef5d63653a65040cf9bfd4aca7984a74d37145986780fc0b16ac451649de6188a7dbdf191f64b5fc5e2ab47b57f7f7276cd419c17a3ca8e1b939ae49e488acba6b965610b5480109c8b17b80e1b7b750dfc7598d5d5011fd2dcc5600a32ef5b52a1ecc820e308aa342721aac0943bf6686b64b2579376504ccc493d97e6aed3fb0f9cd71a43dd497f01f17c0e2cb3797aa2a2f256656168e6c496afc5fb93246f6b1116398a346f1a641f3b041e989f7914f90cc2c7fff357876e506b50d334ba77c225bc307ba537152f3f1610e4eafe595f6d9d90d11faa933a15ef1369546868a7f3a45a96768d40fd9d03412c091c6315cf4fde7cb68606937380db2eaaa707b4c4185c32eddcdd306705e4dc1ffc872eeee475a64dfac86aba41c0618983f8741c5ef68d3a101e8a3b8cac60c905c15fc910840b94c00a0b9d0 +Output = 0aab4c900501b3e24d7cdf4663326a3a87df5e4843b2cbdb67cbf6e460fec350aa5371b1508f9f4528ecea23c436d94b5e8fcd4f681e30a6ac00a9704a188a03 + +PrivPubKeyPair = ED25519-5:ED25519-5-PUBLIC + +OneShotDigestSign = NULL +Key = ED25519-5 +Input = ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f +Output = dc2a4459e7369633a52b1bf277839a00201009a3efbf3ecb69bea2186c26b58909351fc9ac90b3ecfdfbc7c66431e0303dca179c138ac17ad9bef1177331a704 + +# Verify test +OneShotDigestVerify = NULL +Key = ED25519-1-PUBLIC +Input = "" +Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b + +# Corrupted input +OneShotDigestVerify = NULL +Key = ED25519-1-PUBLIC +Input = "bad" +Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b +Result = VERIFY_ERROR + +# Corrupted signature +OneShotDigestVerify = NULL +Key = ED25519-1-PUBLIC +Input = "" +Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100c +Result = VERIFY_ERROR + +PrivPubKeyPair = ED25519-1:ED25519-2-PUBLIC +Result = KEYPAIR_MISMATCH + +# Make sure update calls return an error +DigestSign = NULL +Key = ED25519-1 +Input = "Test" +Result = DIGESTUPDATE_ERROR + +DigestVerify = NULL +Key = ED25519-1-PUBLIC +Input = "Test" +Result = DIGESTUPDATE_ERROR + +# Attempt to set invalid digest +DigestSign = SHA256 +Key = ED25519-1 +Result = DIGESTSIGNINIT_ERROR + +# Raw tests + +OneShotDigestSign = NULL +Key = ED25519-1-Raw +Input = "" +Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b + +OneShotDigestVerify = NULL +Key = ED25519-1-PUBLIC-Raw +Input = "" +Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b + +Title = ED448 tests from RFC8032 + +PrivateKey=ED448-1 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOWyCpWLLgI0Q1jK+ichRPr9skp803fqMn2PJlg7240ij +UoyKP8wvBE45o/xblEkvjwMudUmiAJj5Ww== +-----END PRIVATE KEY----- + +PrivateKey=ED448-2 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOcTqsF01cAfGMvPbtISJkk1VKwj+DDU6DUofAKzaLEY6 +++pnxejSh3xeO8OXplmUnvgCHpVOChInTg== +-----END PRIVATE KEY----- + +PrivateKey=ED448-3 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOc0j0k9xQnTnRDQyN7kykPUR9kJfmOZEWf8gPomFCD/9 +9gUAVTq8DgXNAhhL24nEzNZ+GHlRJn6zKA== +-----END PRIVATE KEY----- + +PrivateKey=ED448-4 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOSWM3UraMu2cn/VOY3Vq5YL7j6sqxyHyyOZ2pydoUT2T +n2Pd21VgkTPymt+G7Jkp3MtSwcX9L/fiGw== +-----END PRIVATE KEY----- + +PrivateKey=ED448-5 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOX706EVEI2dS+7VrjzGiOhDkKBT19VygN83MEcZMmjsp +ScG7YHADFGEXMqbC/qmO68AmahGpOXAQDg== +-----END PRIVATE KEY----- + +PrivateKey=ED448-6 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOdZd80GtE+AIVnaIuu3ajp3NwX3AJJdOpbQie2Uw4zm/ +8h+Z5oymlo88ym3+D7n0+rT6E11VQuo/AQ== +-----END PRIVATE KEY----- + +PrivateKey=ED448-7 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOS7F/jwXBFq9sTal5qkT4yq3WuaLU9L8FJt35QQTLTdW +m352a6dKGb1hYjQ6IchZCqnOvKkBTGNt9Q== +-----END PRIVATE KEY----- + +PrivateKey=ED448-8 +-----BEGIN PRIVATE KEY----- +MEcCAQAwBQYDK2VxBDsEOYctCTeA9dNzDffCEmZLN7ig8k9WgQ2qg4LNT6P3djTs +RNxU8cLtm+qG+vt2Mti+GZ6hZfWtVd2c6A== +-----END PRIVATE KEY----- + +PublicKey=ED448-1-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAX9dEm1m0Yf0s54fsYWrUah2hNCSFpw4fig6nXYDpZ3jt8SR2 +m0bHBhvWeD3x5Q9s0foavq/oJWGA +-----END PUBLIC KEY----- + +PublicKey=ED448-2-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAQ7oo9DDN/0Vq5TFUX37NCsg0pV2TWMA3K/oMbGeYwIZq6gHr +AHQoArhDjqTLghacI1FgYntMOpSA +-----END PUBLIC KEY----- + +PublicKey=ED448-3-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoA3OqeePNaG/NJmoMbELhskKrAHNhLZ6AQm1WjbpMoseNl/OFh +1xznExpUPqTLX36fHYsAaWRHABQA +-----END PUBLIC KEY----- + +PublicKey=ED448-4-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAO6FtoMbyzB8wGHdAdW9eeY1rxfwBXXxjzJUQ7j/UStwk2Olo +tuRub5TRm5RTYXJr114UnvCYF/WA +-----END PUBLIC KEY----- + +PublicKey=ED448-5-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAs9oHmwqkk6V3ICnwRnuuvuWoES2dOiJTI2HaKU97s4FcXcWe +F2tNnzgcoJOOE8bAexdL5l36V46A +-----END PUBLIC KEY----- + +PublicKey=ED448-6-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoA35cF9Y7bq4Asf4Njz+VWCrHGEywgqfHdFjSDom+KxTo51oCL +9KHfvSYbCZuwOz+1CQbLKL2KCB8A +-----END PUBLIC KEY----- + +PublicKey=ED448-7-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAeXVvAU3P4gefXdnnGL5BceLvJIagjyUYb2v/Q6mTa5v+EkAr +CK5leYo9geIunsgOdpCGLvPU7ToA +-----END PUBLIC KEY----- + +PublicKey=ED448-8-PUBLIC +-----BEGIN PUBLIC KEY----- +MEMwBQYDK2VxAzoAqBsuinClrJT/28ybrfw/6wgB8lhXi7EUrUTs4ewOeZ2gjv+4 +HF1oXAxW9k7srvjN8RzDhzeDjPQA +-----END PUBLIC KEY----- + +#Raw versions of the ED448-1 keys +PrivateKeyRaw=ED448-1-Raw:ED448:6c82a562cb808d10d632be89c8513ebf6c929f34ddfa8c9f63c9960ef6e348a3528c8a3fcc2f044e39a3fc5b94492f8f032e7549a20098f95b + +PublicKeyRaw=ED448-1-PUBLIC-Raw:ED448:5fd7449b59b461fd2ce787ec616ad46a1da1342485a70e1f8a0ea75d80e96778edf124769b46c7061bd6783df1e50f6cd1fa1abeafe8256180 + +PrivPubKeyPair = ED448-1:ED448-1-PUBLIC + +PrivPubKeyPair = ED448-2:ED448-2-PUBLIC + +PrivPubKeyPair = ED448-3:ED448-3-PUBLIC + +PrivPubKeyPair = ED448-4:ED448-4-PUBLIC + +PrivPubKeyPair = ED448-5:ED448-5-PUBLIC + +PrivPubKeyPair = ED448-6:ED448-6-PUBLIC + +PrivPubKeyPair = ED448-7:ED448-7-PUBLIC + +PrivPubKeyPair = ED448-8:ED448-8-PUBLIC + +PrivPubKeyPair = ED448-1-Raw:ED448-1-PUBLIC-Raw + +OneShotDigestSign = NULL +Key = ED448-1 +Input = "" +Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 + +OneShotDigestSign = NULL +Key = ED448-2 +Input = 03 +Output = 26b8f91727bd62897af15e41eb43c377efb9c610d48f2335cb0bd0087810f4352541b143c4b981b7e18f62de8ccdf633fc1bf037ab7cd779805e0dbcc0aae1cbcee1afb2e027df36bc04dcecbf154336c19f0af7e0a6472905e799f1953d2a0ff3348ab21aa4adafd1d234441cf807c03a00 + +OneShotDigestSign = NULL +Key = ED448-3 +Input = 0c3e544074ec63b0265e0c +Output = 1f0a8888ce25e8d458a21130879b840a9089d999aaba039eaf3e3afa090a09d389dba82c4ff2ae8ac5cdfb7c55e94d5d961a29fe0109941e00b8dbdeea6d3b051068df7254c0cdc129cbe62db2dc957dbb47b51fd3f213fb8698f064774250a5028961c9bf8ffd973fe5d5c206492b140e00 + +OneShotDigestSign = NULL +Key = ED448-4 +Input = 64a65f3cdedcdd66811e2915 +Output = 7eeeab7c4e50fb799b418ee5e3197ff6bf15d43a14c34389b59dd1a7b1b85b4ae90438aca634bea45e3a2695f1270f07fdcdf7c62b8efeaf00b45c2c96ba457eb1a8bf075a3db28e5c24f6b923ed4ad747c3c9e03c7079efb87cb110d3a99861e72003cbae6d6b8b827e4e6c143064ff3c00 + +OneShotDigestSign = NULL +Key = ED448-5 +Input = 64a65f3cdedcdd66811e2915e7 +Output = 6a12066f55331b6c22acd5d5bfc5d71228fbda80ae8dec26bdd306743c5027cb4890810c162c027468675ecf645a83176c0d7323a2ccde2d80efe5a1268e8aca1d6fbc194d3f77c44986eb4ab4177919ad8bec33eb47bbb5fc6e28196fd1caf56b4e7e0ba5519234d047155ac727a1053100 + +OneShotDigestSign = NULL +Key = ED448-6 +Input = bd0f6a3747cd561bdddf4640a332461a4a30a12a434cd0bf40d766d9c6d458e5512204a30c17d1f50b5079631f64eb3112182da3005835461113718d1a5ef944 +Output = 554bc2480860b49eab8532d2a533b7d578ef473eeb58c98bb2d0e1ce488a98b18dfde9b9b90775e67f47d4a1c3482058efc9f40d2ca033a0801b63d45b3b722ef552bad3b4ccb667da350192b61c508cf7b6b5adadc2c8d9a446ef003fb05cba5f30e88e36ec2703b349ca229c2670833900 + +OneShotDigestSign = NULL +Key = ED448-7 +Input = 15777532b0bdd0d1389f636c5f6b9ba734c90af572877e2d272dd078aa1e567cfa80e12928bb542330e8409f3174504107ecd5efac61ae7504dabe2a602ede89e5cca6257a7c77e27a702b3ae39fc769fc54f2395ae6a1178cab4738e543072fc1c177fe71e92e25bf03e4ecb72f47b64d0465aaea4c7fad372536c8ba516a6039c3c2a39f0e4d832be432dfa9a706a6e5c7e19f397964ca4258002f7c0541b590316dbc5622b6b2a6fe7a4abffd96105eca76ea7b98816af0748c10df048ce012d901015a51f189f3888145c03650aa23ce894c3bd889e030d565071c59f409a9981b51878fd6fc110624dcbcde0bf7a69ccce38fabdf86f3bef6044819de11 +Output = c650ddbb0601c19ca11439e1640dd931f43c518ea5bea70d3dcde5f4191fe53f00cf966546b72bcc7d58be2b9badef28743954e3a44a23f880e8d4f1cfce2d7a61452d26da05896f0a50da66a239a8a188b6d825b3305ad77b73fbac0836ecc60987fd08527c1a8e80d5823e65cafe2a3d00 + +OneShotDigestSign = NULL +Key = ED448-8 +Input = 6ddf802e1aae4986935f7f981ba3f0351d6273c0a0c22c9c0e8339168e675412a3debfaf435ed651558007db4384b650fcc07e3b586a27a4f7a00ac8a6fec2cd86ae4bf1570c41e6a40c931db27b2faa15a8cedd52cff7362c4e6e23daec0fbc3a79b6806e316efcc7b68119bf46bc76a26067a53f296dafdbdc11c77f7777e972660cf4b6a9b369a6665f02e0cc9b6edfad136b4fabe723d2813db3136cfde9b6d044322fee2947952e031b73ab5c603349b307bdc27bc6cb8b8bbd7bd323219b8033a581b59eadebb09b3c4f3d2277d4f0343624acc817804728b25ab797172b4c5c21a22f9c7839d64300232eb66e53f31c723fa37fe387c7d3e50bdf9813a30e5bb12cf4cd930c40cfb4e1fc622592a49588794494d56d24ea4b40c89fc0596cc9ebb961c8cb10adde976a5d602b1c3f85b9b9a001ed3c6a4d3b1437f52096cd1956d042a597d561a596ecd3d1735a8d570ea0ec27225a2c4aaff26306d1526c1af3ca6d9cf5a2c98f47e1c46db9a33234cfd4d81f2c98538a09ebe76998d0d8fd25997c7d255c6d66ece6fa56f11144950f027795e653008f4bd7ca2dee85d8e90f3dc315130ce2a00375a318c7c3d97be2c8ce5b6db41a6254ff264fa6155baee3b0773c0f497c573f19bb4f4240281f0b1f4f7be857a4e59d416c06b4c50fa09e1810ddc6b1467baeac5a3668d11b6ecaa901440016f389f80acc4db977025e7f5924388c7e340a732e554440e76570f8dd71b7d640b3450d1fd5f0410a18f9a3494f707c717b79b4bf75c98400b096b21653b5d217cf3565c9597456f70703497a078763829bc01bb1cbc8fa04eadc9a6e3f6699587a9e75c94e5bab0036e0b2e711392cff0047d0d6b05bd2a588bc109718954259f1d86678a579a3120f19cfb2963f177aeb70f2d4844826262e51b80271272068ef5b3856fa8535aa2a88b2d41f2a0e2fda7624c2850272ac4a2f561f8f2f7a318bfd5caf9696149e4ac824ad3460538fdc25421beec2cc6818162d06bbed0c40a387192349db67a118bada6cd5ab0140ee273204f628aad1c135f770279a651e24d8c14d75a6059d76b96a6fd857def5e0b354b27ab937a5815d16b5fae407ff18222c6d1ed263be68c95f32d908bd895cd76207ae726487567f9a67dad79abec316f683b17f2d02bf07e0ac8b5bc6162cf94697b3c27cd1fea49b27f23ba2901871962506520c392da8b6ad0d99f7013fbc06c2c17a569500c8a7696481c1cd33e9b14e40b82e79a5f5db82571ba97bae3ad3e0479515bb0e2b0f3bfcd1fd33034efc6245eddd7ee2086ddae2600d8ca73e214e8c2b0bdb2b047c6a464a562ed77b73d2d841c4b34973551257713b753632efba348169abc90a68f42611a40126d7cb21b58695568186f7e569d2ff0f9e745d0487dd2eb997cafc5abf9dd102e62ff66cba87 +Output = e301345a41a39a4d72fff8df69c98075a0cc082b802fc9b2b6bc503f926b65bddf7f4c8f1cb49f6396afc8a70abe6d8aef0db478d4c6b2970076c6a0484fe76d76b3a97625d79f1ce240e7c576750d295528286f719b413de9ada3e8eb78ed573603ce30d8bb761785dc30dbc320869e1a00 + +# Verify test +OneShotDigestVerify = NULL +Key = ED448-1-PUBLIC +Input = "" +Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 + +# Corrupted input +OneShotDigestVerify = NULL +Key = ED448-1-PUBLIC +Input = "bad" +Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 +Result = VERIFY_ERROR + +# Corrupted signature +OneShotDigestVerify = NULL +Key = ED448-1-PUBLIC +Input = "" +Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652601 +Result = VERIFY_ERROR + +# Make sure update calls return an error +DigestSign = NULL +Key = ED448-1 +Input = "Test" +Result = DIGESTUPDATE_ERROR + +DigestVerify = NULL +Key = ED448-1-PUBLIC +Input = "Test" +Result = DIGESTUPDATE_ERROR + +# Attempt to set invalid digest +DigestSign = SHA256 +Key = ED448-1 +Result = DIGESTSIGNINIT_ERROR + +# Raw keys +OneShotDigestSign = NULL +Key = ED448-1-Raw +Input = "" +Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 + +OneShotDigestVerify = NULL +Key = ED448-1-PUBLIC-Raw +Input = "" +Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 + + +# Key generation tests +KeyGen = rsaEncryption +Ctrl = rsa_keygen_bits:128 +KeyName = tmprsa +Result = PKEY_CTRL_INVALID +Function = pkey_rsa_ctrl +Reason = key size too small + +# RSA-PSS with restrictions, should succeed. +KeyGen = RSASSA-PSS +KeyName = tmppss +Ctrl = rsa_pss_keygen_md:sha256 +Ctrl = rsa_pss_keygen_mgf1_md:sha512 + +# Check MGF1 restrictions +DigestVerify = SHA256 +Key = tmppss +Ctrl = rsa_mgf1_md:sha256 +Result = PKEY_CTRL_ERROR + +# Test valid digest and MGF1 parameters. Verify will fail +DigestVerify = SHA256 +Key = tmppss +Ctrl = rsa_mgf1_md:sha512 +Input = "" +Output = "" +Result = VERIFY_ERROR + +# Check caching of key MGF1 digest restriction +DigestVerify = SHA256 +Key = tmppss +Ctrl = rsa_mgf1_md:sha1 +Result = PKEY_CTRL_ERROR + +Title = RFC7919 DH tests + +# Key generation test +KeyGen = dhKeyAgreement +Ctrl = dh_param:ffdhe2048 +KeyName = tmpdh + +# ffdhe2048-1 and ffdhe2048-2 were randomly generated and have a shared secret +# less than 256 bytes in length (to test padding) other keys have no special +# properties +PrivateKey=ffdhe2048-1 +-----BEGIN PRIVATE KEY----- +MIIBQwIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8C +AQICAgDhBB8CHQGUa5iGUF9rGvDjv9PDFGIvtS9OIqbbi8rqm4b6 +-----END PRIVATE KEY----- + +PrivateKey=ffdhe2048-2 +-----BEGIN PRIVATE KEY----- +MIIBQwIBADCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8C +AQICAgDhBB8CHQEYNZIth+/EaIgKK2gcxFutVjUTWYCaReyTKMvP +-----END PRIVATE KEY----- + +PublicKey=ffdhe2048-1-pub +-----BEGIN PUBLIC KEY----- +MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQIC +AgDhA4IBBgACggEBAOYRygvHGUKaIXLfUatc2YkYcm9Ew65H0hwpiDXG6XHAYAjJ +bjKNJxdFRjjeCwtJEAGlyUtjSHrka6dHDfzkQfDK6u13Z+3Xmh+nCMZwPOHDNR3I +Ep5vy3quU7suD3ADDrjwX3sVfsXensgh+JpexbrR+leHATf8aX1g8jQofFdi1Wn7 +CbE6VciU4b32L8HPwO1ePpJGib70Em45VurmUfCwNXgEUnu1N6LYRAjH9vnjB529 +C3BSp58rJnA2aslacC0CFY6YVCQfLTdN7y+F5QlGrdGd6wQmf3FXPLf9iYSiuLrm +jW/WDFmPnwAn5A7TEgiNeNu8pwsSKPgZqdW+lyw= +-----END PUBLIC KEY----- + +PublicKey=ffdhe2048-2-pub +-----BEGIN PUBLIC KEY----- +MIICKTCCARsGCSqGSIb3DQEDATCCAQwCggEBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhKFyX//////////8CAQIC +AgDhA4IBBgACggEBAN5LAdrzTwa7nT7855NJQLNum5Yr1O8XZupjvwtVIrJgORvh +L8VMKJoerEwOZ38snTsh9tuKnAWrmdIyFhnOjaHm40GlvInQGff5Lwb1itf7ib3U +ELPOO29PajwY1RocWKX7Wfdj8n6Kd9gHhdoO5v8MyZMCkUU6Rz6y1VzaVwykdsqA +kbMdZfK8Dkpd5PBZ8SJpJF02IEzvh5OYfjcbMN2K0lDO5ZvoMYQku7yXr6PfJebC +CpoVOaoqH19n3g8Xni8IFi7znI83UqxKuYhyYCuMwtE+HS+9WkmkQ1coo512Gw2f +TcY3pf9gGZ41xLFxCOdrUbR3QlieI+zl+TttLzM= +-----END PUBLIC KEY----- + +PrivPubKeyPair=ffdhe2048-1:ffdhe2048-1-pub + +PrivPubKeyPair=ffdhe2048-2:ffdhe2048-2-pub + +Derive=ffdhe2048-1 +PeerKey=ffdhe2048-2-pub +SharedSecret=6620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF + +Derive=ffdhe2048-2 +PeerKey=ffdhe2048-1-pub +SharedSecret=6620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF + +Derive=ffdhe2048-1 +PeerKey=ffdhe2048-2-pub +Ctrl = dh_pad:1 +SharedSecret=00006620DD85B56EE8540C8040CAC46B7385344A164E4DBDF521F7D99F88FA68EDD295A45E36E0BBD5FF5DE84598824E2CA52ED82ACA918CAECC6B22846D0FC6F0203E8B6963964D11E9E704F83AF1D60E9B1931139E9E9967C4665A831A75D99359A8BA80DD5921E74379AF4CA8DB453EDBC5E669AB17A5254CA6C96794CD5196BE90AF37742C8F6812515FFCC45B08F4158EFF9559F1AEF3665B3D91519DCBC6DF22CD6DA521B86613558602E73D2CA4666972F7D2CB6B46299B1DF2DA29A2A2D99D105E10CB553D6738A9B1DB2A0314C3CF30642D5C44695623D8B95C4426BEA830FB51816B4F086945E9B12A445F42DD68610E3F378A6E69A383D13D85BF + +PrivateKey=ffdhe3072-1 +-----BEGIN PRIVATE KEY----- +MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMEJQIjB8TRLx6q +XYQJ0RAM+5ztVLhy9EXNdjY0EYODS7TFi5RZLE4= +-----END PRIVATE KEY----- + +PrivateKey=ffdhe3072-2 +-----BEGIN PRIVATE KEY----- +MIIByQIBADCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMEJQIjBG9DysbR +qsyURRygCXP6Z6CsUGaQR9/JD+RxbZ8P13po5PM= +-----END PRIVATE KEY----- + +PublicKey=ffdhe3072-1-pub +-----BEGIN PUBLIC KEY----- +MIIDKTCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMDggGGAAKCAYEAmPK9 +gPzxh69NyUdmvd76E2VjitXRFhA6mZvTD9zh9Isbl66yezKJcYROUv4HK81LNonz +RaP5je7LXA/Vj4KkQEfjP/W00gZ/uMmi2hSQ0KbBuwRd/ECYwoigs+p9bjN4ZGra +rYmQLiX2uJz2KSkx3YpM9cMH9Q41qdskGnK0QnMntwTysZ7Sdk7yeNaKUdZ3G4sA +lUCEUAOr7lD8tV1fPjgMLL4EVsiZEF1v3TY5mY7ydcYPIrvrKXUKqrr7UsAdxt+r +BATWe3V+JUGpsVjDLYUgaB95PkdSQtdNa094nanx+evI3vYZE9Vm/A/DNBTJuTlV +rogeIx+Lq3foVUsW6nuJiGKYhbwI5xqFw+WEPMqa5QiIdoUqDExXkCi1mqxyivZ0 +VW5yVac/67e9od3oMlWGU2tXvJwxIzhCBpjK8oBFxd2jFZ0BdTwBlI+Jpx5AW7oE +la7P7Rxy1rkGTFs8ZSWM2cUdzBxsbwdWrmSZ6JjQstr8ST++TXC5F7ZBKaOu +-----END PUBLIC KEY----- + +PublicKey=ffdhe3072-2-pub +-----BEGIN PUBLIC KEY----- +MIIDKDCCAZsGCSqGSIb3DQEDATCCAYwCggGBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2bGLjf//////////wIBAgICARMDggGFAAKCAYAWP0Ft +61TNzHfeUEGhr1gjw9cs3GfCGvx9Rbhql6oUA3tQdSOODxQCnLBv7KFnhRwhhh/Z +6BRRC3rX4HYeRsLxlFeOmOzv0Ty6vhnpJnhf8648ujLXdT1r/0G53OR5v5QFTzLq +eAIYDV86EYL1/ffONV3P+OKQqpPx/kgmtKPsmr+U01KbfJk44uFkyR3bUnHq3cXj +wrNCxdazibp3Iqt2jZblWdsUvBzj8VGNOQmTvxySjbJHJVtLAEZsboZQzvdV9n9f +xC4/PxxI45s9/NT6JjN2+At3CPMSup1Dr9P98NYFh01bvWcIzUVUznUkNj732M3V +IsPpUEq6WJR8bISdnc+HTWhjULxjbAN/ptz1K1aU3JwI2aG2sHt6r0m8ug9V1y2X +Yr2hU7ohBoHhJxxmSbcqjzoQ9wdEvenfFjY+IydQ6j09AAPvBkNYwOVFOKp8TIr4 +VZwIwf1eFAzs8mbbl+sFZENEM2aTpQL56AUv9FnGcg3AnVKs5/UJ8W0FYZw= +-----END PUBLIC KEY----- + +PrivPubKeyPair=ffdhe3072-1:ffdhe3072-1-pub + +PrivPubKeyPair=ffdhe3072-2:ffdhe3072-2-pub + +Derive=ffdhe3072-1 +PeerKey=ffdhe3072-2-pub +SharedSecret=59C4B72684E68BC02148DF19FE6BECE40885AD037EE83F28C6E353C87026DAD66BB469C3F252BDC7ADA9271B6AD900620ECA15696B4E85561794A26259D61CAC7B56DDAED27BE2759A4C4BED5F8940784A255635D24E0D7B2BC796142CAF256D7A979240E9C8DD7230562B5D687971C4582A488E7BCA827FA32C4068C3C8B27ACA83E43EE9D7EAB3192F0DD877BA9C25D6334D233FC5752BEFE625B3D5DAE8589122B6C7E76538619E90AF1BD8D078496214C8F740F7BB5BFA284C811BEF5F9C6C1326E396DE17FDD47BE9D979643F2141FABB8950C3CECEEECFD0BB763F4D143A5AE284535F5E29B05E7DAC609D7080B5D1325F8D9242C67AC44482F5AA51131A763C370842D757EC16DE1988DF5BB4E4B6191A03F9E200DB491906871442FA98985DC976D5007C22FD491F49B8F0AB2AFDE0BDEFA18E56A686C712F4EDE53D924AA39CFED6C827CE0AD553132A474009203421F0A9373646200D8BA75725964079CF82D8C0C50AF6EEA4ECB607C02E7DD55C7998B4F849D79BE8867C69C62A + +Derive=ffdhe3072-2 +PeerKey=ffdhe3072-1-pub +SharedSecret=59C4B72684E68BC02148DF19FE6BECE40885AD037EE83F28C6E353C87026DAD66BB469C3F252BDC7ADA9271B6AD900620ECA15696B4E85561794A26259D61CAC7B56DDAED27BE2759A4C4BED5F8940784A255635D24E0D7B2BC796142CAF256D7A979240E9C8DD7230562B5D687971C4582A488E7BCA827FA32C4068C3C8B27ACA83E43EE9D7EAB3192F0DD877BA9C25D6334D233FC5752BEFE625B3D5DAE8589122B6C7E76538619E90AF1BD8D078496214C8F740F7BB5BFA284C811BEF5F9C6C1326E396DE17FDD47BE9D979643F2141FABB8950C3CECEEECFD0BB763F4D143A5AE284535F5E29B05E7DAC609D7080B5D1325F8D9242C67AC44482F5AA51131A763C370842D757EC16DE1988DF5BB4E4B6191A03F9E200DB491906871442FA98985DC976D5007C22FD491F49B8F0AB2AFDE0BDEFA18E56A686C712F4EDE53D924AA39CFED6C827CE0AD553132A474009203421F0A9373646200D8BA75725964079CF82D8C0C50AF6EEA4ECB607C02E7DD55C7998B4F849D79BE8867C69C62A + +PrivateKey=ffdhe4096-1 +-----BEGIN PRIVATE KEY----- +MIICTwIBADCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3 +Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ +KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG +igB+XmVfav//////////AgECAgIBRQQrAikf6HJGrPpToTmXJq6x8ZlcUpBK/RDk +5e93wdj9M96Bp6CK5KDTX91DPg== +-----END PRIVATE KEY----- + +PrivateKey=ffdhe4096-2 +-----BEGIN PRIVATE KEY----- +MIICTwIBADCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3 +Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ +KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG +igB+XmVfav//////////AgECAgIBRQQrAikaMtvYLrkftmq+ryrWoSoyH8fA0OXp +jwrNxAPiOZFBxvPImUEi3lOoxA== +-----END PRIVATE KEY----- + +PublicKey=ffdhe4096-1-pub +-----BEGIN PUBLIC KEY----- +MIIEKDCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d +VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj +M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+ +XmVfav//////////AgECAgIBRQOCAgUAAoICAFmvIlVGC+VP3rxxLYMoEM3h0yvn +pO086y+sRkf97FRppQxCbHaDwz64f0Bopzq8YbJE/OM7nhwAVH/L+6iFKsdENj5l +LLaYIy1q/GR5SGC9yWjfkHKQaeVR2gCqn8IpKj/1JK1Km+rZE5UNF1v4zxurjNYw +FKaPDF1dTtvfEzABQmf8ZX9vNSYJmbvCAzjNArcFwypuHZCFaoTAJHxwD4grWt2m +EJ7FCigRt3sE+o5L6ZfgdOwj2V23JANMuDPIb7F/n1TOjSChMJA+Dg0e2WMO00Et +19ce7MWMMwpPx7/vYukIaIQXcxFVJluwJf+qXu3oplAGe+8WuIzI1OBN9SEFO2PH +s9TG33rUeSTU0jVtJS6qSsaLWKT0QRHv7hQCtCtH0l0vDuH/WhzSJmf68adZSiRI +RSeJgYLocyOOXleP9/+iZOJ0n5617AbR1nBLOsh82tN4H0CsMi+TeNIlLA8RbFGu +A442i70xx5YJaccV9YwEQJzIOpBd8DuGIvzXCuyf8756cn5KKTTtKTM4Cy50DH7z +8URTx3+0uOodKOtIYyFSMYzTQCQFluPXfelR3t1aP2uRXqfC0bziw1OYb794xYx6 +cIlLbC0e0hiBpzTXWUJHb6rjtDfh+HnHlSUGWCGFoV0H5Cx6my9t/WBEnMlbjSMW +DMW1av+3Na95903x +-----END PUBLIC KEY----- + +PublicKey=ffdhe4096-2-pub +-----BEGIN PUBLIC KEY----- +MIIEKTCCAhsGCSqGSIb3DQEDATCCAgwCggIBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d +VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj +M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+ +XmVfav//////////AgECAgIBRQOCAgYAAoICAQCdwSzypLeaeUauw2sV4oo1aTj3 +211HYCdPsP7qdyv7u08MD6HA2LIfbsi98J9B53v+LpIITbW5axwinYahc09lbf2Q +Dwy5AiETXKQZqhJkbypMLax1N5TDwzXzM1JxBzmATGcX6CXfrWQ7XzKHDLvjI7W4 +WEOz+OMeV8F85B8dxf/p+hbOiIrv98iG1S15PGUDsx3r1ischqfJpQ3mNEP0qF+L +904D5S1Y7KI/jHCZlo95HgrjHOSg73cnj4VKGhnStKatscWiMgh5rWC81vYpQDZx +mqDyJEaz2XgrU4vlJT0zd/gWdDIqPpnhcE7vjO1e5hvdOhn75hIUNZejxw7/oT81 +59jLolbd+xpX4aIwqC+Gn4jgm8c8Z+QO7vQzlgbtSBFV9srDHvagmIWqr3lDDXgQ +Tf3G0UV3EsxGKj3OGTIw4DAe22W2d2LDUlBp3N+lFrt6OEFtcLbnXoi1b7ig0gPn +30p6bW9AZ/qL5SCfAYbtKDcRIyaqZ6MeG9qTzUIt/V4RQfaOuD3KrAj0jjCDKS7u +pPxWYrb9jR0O9hDLnKfZr0zAI3X+X1JdXJpW8JFU6Av2LufYpoq3V5tXHdduwJwM +ycc1F1F0Eu3KNknFa0SsQRhNWtMVDpPe2/gfd0DmastSkCieE0QtAVd0xb360mO+ +g9yTcM3iUEcuz/oz4w== +-----END PUBLIC KEY----- + +PrivPubKeyPair=ffdhe4096-1:ffdhe4096-1-pub + +PrivPubKeyPair=ffdhe4096-2:ffdhe4096-2-pub + +Derive=ffdhe4096-1 +PeerKey=ffdhe4096-2-pub +SharedSecret=B92DCFD06BA13D2E740CE295BA5748F0A8BC7F2AA23E6E9CC8D5FE01A783DA5F12C2B190B77D6A3CD69FE2B340C98AA2F612CE5A3FA34C168C2B1A3067B143043F46D354C5FFD79DDAC0097A5A1375B1F41A95918D49499116CA6D39377548FF23AC2248CFDE2064106F426FB45D9A626B614C5DF54872DB3216857472406C83449BED15385839D01B6F67CC8EC7F7DA35389B01333E6E8AD2F366BA56B6DB1F3FD726AB4C7F99E2D0AB9BABC6D4B8F6244B9706D4942984E2DD046831E05C51571E3EA9B1E665D5419E89378F7315BB2DEFD258A8FF44242D6908EC2E15A48D2F61820616935A72BF18309903A492F2646DA91AE5ABD3A4B3D934FF3811415B5385A276E082B4DE960CFE82FE3EE4909C2C8847EE2D839F419365B7B2EF38646EE182EF3531CCBEEE4115E57D71BFF808C0379057805D82317176CC913F058635F2B30705F456CCB3C518905F18A0902F6A74DECC48BCCDAF0C3004FE233D2FAFB60EB79204DDA7B791F911D763A3A0FBDD0926644F7004D5AD57EFF787DD54C81C4E9828B8501B44468ABCA6189A8DC00E666F813D7EF21A472F36E5F3338405C3FF4433FFBEF867677791C848E0B62D0099EE59E3A8ACDCCA4ABDB2CD6C58A8C7E76BE37FD922BB29DCA0F5B70714BDAF3183C09982EE4716BC656A3A8D63F7B26201C5D803923D1CE7BCE2843376F02E580D91B63B2B7480BBF32E9551ED + +Derive=ffdhe4096-2 +PeerKey=ffdhe4096-1-pub +SharedSecret=B92DCFD06BA13D2E740CE295BA5748F0A8BC7F2AA23E6E9CC8D5FE01A783DA5F12C2B190B77D6A3CD69FE2B340C98AA2F612CE5A3FA34C168C2B1A3067B143043F46D354C5FFD79DDAC0097A5A1375B1F41A95918D49499116CA6D39377548FF23AC2248CFDE2064106F426FB45D9A626B614C5DF54872DB3216857472406C83449BED15385839D01B6F67CC8EC7F7DA35389B01333E6E8AD2F366BA56B6DB1F3FD726AB4C7F99E2D0AB9BABC6D4B8F6244B9706D4942984E2DD046831E05C51571E3EA9B1E665D5419E89378F7315BB2DEFD258A8FF44242D6908EC2E15A48D2F61820616935A72BF18309903A492F2646DA91AE5ABD3A4B3D934FF3811415B5385A276E082B4DE960CFE82FE3EE4909C2C8847EE2D839F419365B7B2EF38646EE182EF3531CCBEEE4115E57D71BFF808C0379057805D82317176CC913F058635F2B30705F456CCB3C518905F18A0902F6A74DECC48BCCDAF0C3004FE233D2FAFB60EB79204DDA7B791F911D763A3A0FBDD0926644F7004D5AD57EFF787DD54C81C4E9828B8501B44468ABCA6189A8DC00E666F813D7EF21A472F36E5F3338405C3FF4433FFBEF867677791C848E0B62D0099EE59E3A8ACDCCA4ABDB2CD6C58A8C7E76BE37FD922BB29DCA0F5B70714BDAF3183C09982EE4716BC656A3A8D63F7B26201C5D803923D1CE7BCE2843376F02E580D91B63B2B7480BBF32E9551ED + +PrivateKey=ffdhe6144-1 +-----BEGIN PRIVATE KEY----- +MIIDVQIBADCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3 +Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ +KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG +igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz +jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig +DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu +qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ +XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli +ppUm1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcEMQIvSAtU6kL4 +Q04G+z7VkF75A9mRrvM+4UWu9+nOPeAWZfTLU5OqNFUuupM+ZXHNGs8= +-----END PRIVATE KEY----- + +PrivateKey=ffdhe6144-2 +-----BEGIN PRIVATE KEY----- +MIIDVQIBADCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3 +Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ +KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG +igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz +jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig +DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu +qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ +XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli +ppUm1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcEMQIvQJ+3F7o/ +XE6oeVRpsU2/uXFpNvtD8s2NMEZqecJQLHVJetCYm1TgrIW1T9WH8Mg= +-----END PRIVATE KEY----- + +PublicKey=ffdhe6144-1-pub +-----BEGIN PUBLIC KEY----- +MIIGKDCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d +VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj +M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+ +Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz +THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS +NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj +Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt +uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm +1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcDggMFAAKCAwBzyuwl +M1Ob9DJTGZFXugtmiHnnrC1Fuct0huyPoASXtbCo95FNnOqUe6VNfcMwagTmiD/t +h3NRki3CvzchadgeJgQAJlyFzbRQr/NhwPNFkSKT08fMNe+InrVqvpz13tN6vJ7Y +nSPJZXIwX1dHp7TgNatEFKc6sIYO2yy7WUNPVRokRtRH0F4ceXO/eMdQtjJ3coR5 +HPflfNJxPOlonygJ9Blk4tO7ngqAyifqVUVgVXqvUx1Wkpzo1t91HrG6YExrok9V +92D8LXXS2qMfKvI66sF6avpBowyOoTj9pTvRW/z3umEmPLKzpVURzrzEa7MwDsmc +sdNz9QWWHFCW5Jd2pPzuJnH55amZsKoEl2Bel62SrbzzjGKZBn1sxT6LyPrnJdZX +fjiThE9E2fObPRA5A4dgxlmHsjbmMn3ERSQJdnQqaMme0PBzcZgZqLzULR3wWCh8 +r2dMoce4972VA6KvVSkxv0RfltrGhfCT+ERoaFg5Rcn/Sa2rXQEPT2wmhc1McjyU +KMdYjstamKNurZPdfMU8pL9t/DUmWlr4ruDmgK1T9ODxyyGQHAf6/2JlCXv6cbks +r+ZtEF3nBJ8cwLyiqaCEgMtXfoP64a/AcXeCvEnQgssq3Zot6pGRaUF162d1d+7R +ekQ5ZIvEIVqhg/4OWhjK45jJw+MoA+tXRmXCpTyDq2sq3GMLQntWzDSns5WGBHY3 +oC7hQUSEQF3GjBiAkOgFGgSR/N4V8iL/DeRRodB/Sbo7lbJlFL8wdiZhZN0bAVyB +bdsCUNBtCCK8gMqv4+wJBlQnZFX8XWVGahqQ3ph5WZce0IDvhOoCilLGP9PQLLHD +sLLOfYgMB/h/UnEF+5Nmsn17EF6R48+JcBkAlfnCK5zFXlK6T9wJE2MuaBatbDLf +TeSmUtWtEBNADNoVZHzEt0sxQimu+U8LAbuvkBmCqkZZLhlKNtEgNQYsZeOa1PSF +Xf4grDcL+jWdbCohl06eB8gADPMFzkTxGNxf7PDNUD0qR76Y657h58CeRSw= +-----END PUBLIC KEY----- + +PublicKey=ffdhe6144-2-pub +-----BEGIN PUBLIC KEY----- +MIIGKTCCAxsGCSqGSIb3DQEDATCCAwwCggMBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d +VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj +M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+ +Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz +THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS +NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj +Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt +uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm +1DFhwaQdVw15ONrUpA4ynNDkDmX//////////wIBAgICAXcDggMGAAKCAwEApE+s +hUrveNP2zEv2CVJjLd4J58258c5kZDsMZmWE8k2LEJ04atl0Xa0G4ftlf8A3rDEu +r22KJNZB+F6WBqpk/rzB6RDKC276ulE9+Aa3v2KXjQZAyLimro41T+mAVh15Anb4 +1ivcwCuL70BGT4wg6+bsgwfm1x7Q63DkqARk0FrNMO9dMibI6Y7Pg1gpU0cz975G +VsxWvFeA8EfS/eC8KaBGHiSSWwKofDz2Y5pYZOnmjgh+8b2zEuVHdyOQ8fnoreDg +nTnvkjjYH/4Gw5Y/XtmN7slbHywGCs51ujGiIqZf0U3/1IBnA/ir2FKSfbFZYySX +Y/i8bSx9orvz9xEmOfUmoxil0TjWpaOx+T9e1IqWijmLqnt2zleBu6FSB9/F+2RG +f6sPqLAs7lGBsby/uIpXNwuUkYHNc1tVdGyX+9dcQWTTMD88WyC33MIPOuiU5Svu +nGx2VSX8wtsxDp4MxkVMxBleJHzDmdBkpJZDlWb6u1Fxrok5KktLCxN1wtLpJPEB ++ZNLnI98QXYpII2sXJWebB/EpD9OCj6J0gXJ6E+jXEkzZVGPvt+7betdP8Dzpg2i +URC/uYcwpK9cWuCnwo9jnXAlLwDLpOhSCYxileW6kDLCWDh4b/LduZnDNX/ycdcH +zTarTiYELHBzGAhhMt/SWB8bfVIhoEY2MOHl50ipMsmw2h27LqSNSW7RTreWziTR +uxhvz7Z+aQODz/DfnWbh3tuaNBpxr7Z93K1jdaMUcbe2pjqDhd6vK9Ez4xPxeM2V +ELjEQ2iTT1EDr4fjhzdbIBL58rbaTK7/Q513Iq4gXDSgrf7YlXzvxlHKA/M4vYLX +Ymd+ih12vdfj4ZF09eZJgkY9WmdrHeLEJWqAj2G9UONZFsDgXrwU9gIcmiwGaEDk +58C/g5aQb2XPJE08E2pmeXJJTqROWHXNrkTOnJfWoHsxTHwpmjzDUkZ2jUowDhEA +MUudIw1y4BTPvz7EIlEY+Lz9loyuGQwgMYGg8tsxvyFuOA9IsdF4DHHcjQ6W +-----END PUBLIC KEY----- + +PrivPubKeyPair=ffdhe6144-1:ffdhe6144-1-pub + +PrivPubKeyPair=ffdhe6144-2:ffdhe6144-2-pub + +Derive=ffdhe6144-1 +PeerKey=ffdhe6144-2-pub +SharedSecret=02B4252E4F0F659E78A58223DE9044AD90A0CC22DB5DE4F4815BF7226B7E663AE1B548A1ADB4ED81E9AF0B62FF985BF1E9893E39BA56FD843B6A134923156DD7D51DE9811B14ABA4494EAA95DA2AF8ACAD6AB2480A96A5DB99B46456FDEBDF1083220566F5DD3EC52DD06E72558B4701B528C989C06CE245EEF6215F487CFD1580615E6FE7D036985782E9BCC7ED62D2AA5A869FBF668391A0E601C2EC7A9A2E0DB57736C54ACA751E1085ABD4A55D506EFAB6FFC51AEEA33DD5EA651AA613E5F77BC81D2489FABABC8AEEF1DE5B65C3584F4080E4324EF3722AB4BF67A8FCABAE430996E454CA985B886D1B6BB5FF2C5246A8C001D953751EB59C47DAC678EE890DE817D9A06877E86516291A170ABE2273C4ADCF638713D98283F90DA17478759537C58A5D7D6AAC54C0485CAC2407A76079625ED285444ECA18127FF42419FADBDA2EDD5300CCB5F69543BCB74005BECE1FED763B06766B05EF2E20B685B92910C16B70165D111B2F8C59C6C79E5BCAC96FD2A6A969061C6D8626E605DA70E247630CF8A1D419C0E4910A72C164117B92B651CA8C8842E79C06E0E12BF8B67C218FB7FEB0F787EBBD2562E5C88A38013133753AECA5B03ECB54328765F61A6D3B901C38EC8F6582D717C688049893129DCAE597F3888E8E8BBCD9AAC9BDBD087926EAA63592DA66C085CBC408A5EC787CF0E3CE3070918B65B089A23457D0408B626B449221B460D1FD8DCCB280744B322760A53945DCD8FAA03DB4844F27496DA00B30ACC8619679D0AD28CE4464094C6DB2F68332BAD17348637E4D72B0C1EBCBBDDE514691C744F709083A76044AC85AF1B18ACD0B1716773DDB82ED94E02B0DB26205BD683A1F4E390881D556AAC305FCEB7E00AF0E3EC80AF2CD46769ED4F471DC71B60BEF36F6361B4A82C7A7F473F61C566D5206C9EFDC112A48BDDC58691830F64C91F4FB150DC61A334B7D5C3770BDBDC91A5E14C6FB02A369A0A7D2D7B008070289EFBDBB2AFD4D62BCC095E9FF81CB8E0B4F139EFD3CF5EDF243FCC08A8FA7577AEF0548436B589C4A221BE1FCE223024619F99DC66557598F + +Derive=ffdhe6144-2 +PeerKey=ffdhe6144-1-pub +SharedSecret=02B4252E4F0F659E78A58223DE9044AD90A0CC22DB5DE4F4815BF7226B7E663AE1B548A1ADB4ED81E9AF0B62FF985BF1E9893E39BA56FD843B6A134923156DD7D51DE9811B14ABA4494EAA95DA2AF8ACAD6AB2480A96A5DB99B46456FDEBDF1083220566F5DD3EC52DD06E72558B4701B528C989C06CE245EEF6215F487CFD1580615E6FE7D036985782E9BCC7ED62D2AA5A869FBF668391A0E601C2EC7A9A2E0DB57736C54ACA751E1085ABD4A55D506EFAB6FFC51AEEA33DD5EA651AA613E5F77BC81D2489FABABC8AEEF1DE5B65C3584F4080E4324EF3722AB4BF67A8FCABAE430996E454CA985B886D1B6BB5FF2C5246A8C001D953751EB59C47DAC678EE890DE817D9A06877E86516291A170ABE2273C4ADCF638713D98283F90DA17478759537C58A5D7D6AAC54C0485CAC2407A76079625ED285444ECA18127FF42419FADBDA2EDD5300CCB5F69543BCB74005BECE1FED763B06766B05EF2E20B685B92910C16B70165D111B2F8C59C6C79E5BCAC96FD2A6A969061C6D8626E605DA70E247630CF8A1D419C0E4910A72C164117B92B651CA8C8842E79C06E0E12BF8B67C218FB7FEB0F787EBBD2562E5C88A38013133753AECA5B03ECB54328765F61A6D3B901C38EC8F6582D717C688049893129DCAE597F3888E8E8BBCD9AAC9BDBD087926EAA63592DA66C085CBC408A5EC787CF0E3CE3070918B65B089A23457D0408B626B449221B460D1FD8DCCB280744B322760A53945DCD8FAA03DB4844F27496DA00B30ACC8619679D0AD28CE4464094C6DB2F68332BAD17348637E4D72B0C1EBCBBDDE514691C744F709083A76044AC85AF1B18ACD0B1716773DDB82ED94E02B0DB26205BD683A1F4E390881D556AAC305FCEB7E00AF0E3EC80AF2CD46769ED4F471DC71B60BEF36F6361B4A82C7A7F473F61C566D5206C9EFDC112A48BDDC58691830F64C91F4FB150DC61A334B7D5C3770BDBDC91A5E14C6FB02A369A0A7D2D7B008070289EFBDBB2AFD4D62BCC095E9FF81CB8E0B4F139EFD3CF5EDF243FCC08A8FA7577AEF0548436B589C4A221BE1FCE223024619F99DC66557598F + +PrivateKey=ffdhe8192-1 +-----BEGIN PRIVATE KEY----- +MIIEWQIBADCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3 +Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ +KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG +igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz +jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig +DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu +qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ +XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli +ppUm1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNo +f+tp7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRU +UErHi3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4c +IX5sOCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD ++B1KPy+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6m +u/3lMGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8C +AQICAgGQBDUCMwCmIsCXuloAz6Y+lwiHSiQDK3YRde+rRZ2K2pj6HFytJCsjVp88 +9fLrPJUuRBScbgYaCQ== +-----END PRIVATE KEY----- + +PrivateKey=ffdhe8192-2 +-----BEGIN PRIVATE KEY----- +MIIEWQIBADCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv +3FYgJz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT +3x7V1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId +8VihNq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSu +Vu3nY3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD +/jsbTG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8 +NPTe+ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0 +/URS4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4K +vNBr+lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3 +Y88dVQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJ +KZmjM8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHG +igB+Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyz +jowzTHAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNig +DvCSNQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLu +qsAjKigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQ +XcgtuFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmli +ppUm1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNo +f+tp7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRU +UErHi3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4c +IX5sOCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD ++B1KPy+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6m +u/3lMGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8C +AQICAgGQBDUCMwCJ64IxAZbrPx6XmQG5Jliud12CCXsepFzxQaLdGqV4VtiHzZBl +O47nScNTRN7Ol2e1Og== +-----END PRIVATE KEY----- + +PublicKey=ffdhe8192-1-pub +-----BEGIN PUBLIC KEY----- +MIIIKDCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d +VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj +M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+ +Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz +THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS +NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj +Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt +uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm +1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNof+tp +7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRUUErH +i3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4cIX5s +OCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD+B1K +Py+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6mu/3l +MGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8CAQIC +AgGQA4IEBQACggQAYZTSEWGhvKQeJkBdr/GN4zoD8oGuXpS8nxQctcjzIQfg25dA +vl/bDaCM+PMEe47H3q6qyWN4VuAlXmnE52hqebVlUiQ/H5dfmaRE1UMxQNLfmTYW +qpJaN1YFqbCQpng8nmVtqZBtgC6L8nRc9MkOWKgZC95e/sMyPOt0w3LvTZ6Uz9Tw +w5PuVX6sUC8jOLiJCHFypVeTmZQtfB9+OHxUe7fYN+XYEGeZBfFt4f1b05AjH2/C +vXO0i6tw0RG96H/nMt1OXGPEEoC6BiWZsXYFghG+n34wRGJ/0R3GVbhmLSlBxPum +r8urHjf3lopKXVXE761YPX/pYBCWIpGiEmYdg1SQ3vd+a7qkFOR5qUfQkS0zsGAD +ghn+9vuniOXbKBBlU6zN7qJ3+TKaGXgJWKI1d9b6DZsYmU+3x5flW78kHr+tQz3d +/wU9qHQ/Ow5EO/CZrxntxryPrXvLOjeAMlBbxaloHKwcnWav3soqLtASZ0r1px6A +JAjxPLEdhpWKeVhCHNum++YD2uW9IeO/IBRLyKakFzoSc5I6yLNX4pywrQi/DPa5 +1Qr5Jg1wJODCAFChLdX0+BwMz5HTSx2gseGzcsNSuTBE5VwJ9zKYxe0mpl0MPXt2 +eXf1DxmH16LvVGm4m9KJ/xPf6x2fN/+MJyGHN7DUSVt5Ke8X70KsWJj4SD5c5aN9 +JEQiPswgCiOO/L9cA3RyXV3wdn++92m0LUp8nTvQ7XP0F1DZp75JlX9B6JAVkQ4s +1lgNPzKU3OspkRsUtihK7MD4e3Cqz11SjVQqtJLc1Lw8L7QtWFflh6rMk8U2iHgx +eEOyVkJMa9YACuo6OFcZheobhmYvsm1R/9D766foehL4P2Q2FqijHYMg6cD9fPkB +8ie2O+DIvo0oms/69q888J71GncJ6eE88P9ipSQKpBd1PALIDMgUKZQsmBYHyLXC +XgGtrdspQ1sHEk/2XOaGcx11okLGv98+LkdElZtqM/48eDm5Lw58BF3R9t6druEF +/dbsBTgNfeoWkBJaakxOUxMKXg1rxpxi1xo9+yohN0htYZeSj5NDEFn4DixuCagj +/WP9bkB5f5LY44Z9JPF1LnI69ndlT2lc4henwZLY7kBMb3CvvjUDkE5v9gEBJA8u +ZTpZ/VhX65+L5PLNca45BeUzq4kA72IwvP4+z0gY77/mRwtxuDSKXu5381ULKNIQ +TY7siPrDaDCNNz5WqjaLOrQPqfopeVr4fjoXsCiGWWdIV1Q0RX5Y2uNbX4SjVvEb +Risp2sTjgPCg1ox61zX+lD3JHvopO46qCvYHsCEgK80R3KY6MOBkdDn6XE5pN+Br +uBBxf1k6qpOXmJ34OL4QpZBO0FHldrpRFjShtg== +-----END PUBLIC KEY----- + +PublicKey=ffdhe8192-2-pub +-----BEGIN PUBLIC KEY----- +MIIIKDCCBBsGCSqGSIb3DQEDATCCBAwCggQBAP//////////rfhUWKK7Spqv3FYg +Jz088di5xYPOLTaVqeE2QRRkM/vMk53OJJs++X0v42NjDHXY9oGyAq7EYXrT3x7V +1f1lYSQz9R9fBm7QhWNlVT3tGvO1VxNef1fJNZhPDHDg5ot34qaJ2vPv6HId8Vih +Nq3nNTCsyk9IOnl6vAqxgrMk+2HRCKlLssjj+7lq2rdg1/RoHU9Co945TfSuVu3n +Y3K7GQsHp8juCm1wngL84c334uzANATNKDQvYZFy/pzphYP/jk8SMu7ygYPD/jsb +TG+tczu1/LwuwiAFxY7xg30Wg7LG80omwbLv+ohrQjhhH8/c3jVbO2UZA1u8NPTe ++ZwCOGG0b8nW5skHetkdJpH39+5ZjLD6wYbZHK7+EwmFE5JwtBMMk7xDeUT0/URS +4tdN02Ty4h5x9Uv/XK6Cq5yd9p7obSvFIjY6DavFIZebDeraHb+aQtXESE4KvNBr ++lPd7zwbIO4/1Z18JeQdK2aeHvFub1LDFk30+3kw6eTliFe2rH1fQtafbRh3Y88d +VQNABIf1W6V+Mcx6cTXIhu+0MYrtah4BLZ5oMqkHYAqRgTDEbcd4+XGtADgJKZmj +M8uLehoduT1xQAA8Kk7OqfmNCswKgpHNzsl9z47JtVp/iKRrTbWoUfRBguHGigB+ +Xg3ZAgv9ZLZFA2x6Tmd9LDhTKjojukRCyvU+pju0VDKbdiTIkXvdZLHA/Uyzjowz +THAcOs2tBlf8z+xxmx9cPk5GBB84gUf7TP20d6UkcfepqWkQuFUyLttjQNigDvCS +NQUR4wq+wf/546Juf7KfjBgwI8NYfjjaAHfZtHY+TkuUsrvBlMZlHnfK+ZLuqsAj +Kigb9rOnOcEiYRaCCujbWEemfL75yQkbRi1TjNcrA3Rq539eYiksMRViqEZQXcgt +uFQziuSfUjXJW5EXjM8t1crO9APsnRgQxicrBFs7cfnca4DWP91KjprbHmlippUm +1DFhwaQdVw15ONrUpA4ynM/0aqo2rQBM9gDIOB5CWjHZUa5k/bI/zslQnUNof+tp +7dHMXguMw732SxDvhrYxQqOriClVWy90fJMmZcssDxzAG9cCKTiIOdKvBeRUUErH +i3WCgihGwLo1w19cWRYMwEb9glFUH8aMnIawIrtwmYdqRg50UaipMQlwP+4cIX5s +OCblLFGqaR4OQjz8menjFlDBIXtiSBbNrZqV+dW4AZSI2cCgof4wdaV34jGD+B1K +Py+kVx78jOC6ik/otoVd/nKwpm7e0vur++WKMPr6vhxdcah+L3Qe+MH+hv6mu/3l +MGd/DZfRHUn3qEQ9CCLlBqn0YU4BHiqUg4/4jNaMi7fFxkJM//////////8CAQIC +AgGQA4IEBQACggQADNgThA6Ha+5i9Zm9ZCNDLMbsyzoLdM0uK3sJ+jsTn2tw+kBG +FJo5EEk6ojw0VGasoC8e9ThX78YHiCG18vPbLteE/CD4g+jGo/KcOUfrZV3uHBwv +Y9F9fIcZi9XTBa9Np6yntpYh/fXxClWybWscdRXVXTv9AJ0GMCGa6ebV7++AwVee +1C3U47omYwVET7adSmqzbcjNF42dConPlB7tTMCtJR92xYHCFK07kRT17OAdVJyf +KDdzLeW1VJBzbkdrGCAJSx3iwRp6d6ldeFdDhcUEzgQZnB/JnVmEoZDXK4i2KYc4 +b78VivuOAuZFdokC1g+RsGgWkGhDxnsGPWvPWACTzm+zTjMyENygkEyzp3moBjMm +doXE4z11V6zm7ZoNxJ7ouzTEpLMvu7XcavKv/uVbsW7uAJqbosIsqWLdcxaDEFzG +W54Se2EaybZj/gr2tQHGAfE01+ulSJ57fuhSPLVgtpDcS98meWgKS4ddHr9dLFe6 +886fZvAvswW1ZlND7UZihtKIl3Nx0Myn+B+YG2oJQp0vsmMh1sCGD0g007TGUe82 +3/xgRXlUjwmCDikpXCSTagm3ZKF6GqJNwJN2sxCqy6wp2LX/KM3oSErXxCBTSCZt +/wAzGd3tDcH4D79kbzIRtCCcfLI/TqC95OW3ANR6obd3ongV2rW1HyN3mLOgzuDv +phVP0XX4fIGGGGmz76AJdpcIhXzlzQcY1fDjH59WOuOFZylxAmfNziM6ORL/FyMZ +YxZLSx7TrHEiiRAT431hpx4f9qE5SePhg1HXqzBPA8YJtV1WiJWjO/u4LP9H7iIl +4eubdVZqV6k2Kaw3WB7ZgST4Jc9ybiVT/kz0nTA7AF0TXSNL/BsBrEwZz8wrKlHu +rj5MOUpAPwRlLUln11w7gTz98lvEBSyInMSjOr+0NmW77D+IWoAwWBdrcuRE2Dod +rjhZeWrHWdgNqPOaYKkUS+CexH01aEdX3YHFmGPyXrwOkmX0zjBns3RjRzA9Dyjk +qgG/mKQ243smQPIUDHvbfgmdLNHOg0iOyDq1nKWk5K6X3tEgUnmxkcONQ66QXyEB +BpXtyD1NFg0op0p0/7jNpQUsNeKx9gRsTfUC7TDS4bYnJT+vNOFYiKClVC6lgrYT +4dBvQQx44OY4VIwrXOl5H3Z5DR3D4Gg/yMtqizXmiCffVG3I8NJSrAm3QVS/xxxv +fj2ITAUI3nmvKJD1IGXo4T/+N5GGexEWMu1IuDO4vkcKhYWIHlyAEC1paJjOslbU +vbRjLQvAYe0P1TBk+2mal5Agh0UQHyYsDlxMDmortsKhLDXOVjAx2AS9VV2tBbpZ +pEt4opfkapIwZaJV+5MgtHyWMFQ6w2QF/CdUAg== +-----END PUBLIC KEY----- + +PrivPubKeyPair=ffdhe8192-1:ffdhe8192-1-pub + +PrivPubKeyPair=ffdhe8192-2:ffdhe8192-2-pub + +Derive=ffdhe8192-1 +PeerKey=ffdhe8192-2-pub +SharedSecret=4E48335CB2A508C3481729F42C49CFC0A9DA673F9FA4FBD968B3C5B78DBFA8695295642D1337C54229370B33068481F6A6E1B021F8B09B7C6B3E4DB581AD4C7ACF5C230A1FD4107EAE55530A8376856A65E079DE1BDA41B050E9B53A088ACADB879CCBC683A13BB925D48497BF7021FEB9DA214DD77FCBB6D0D46EC2BB9C7A9AFB93FC236E4EB61CB0F0C8E025D8CF4AF8B3B0F28B3E2CFAE6E760DC7877C71046179154FBE1A50A315C4DBA6D9E06406D389B614B1FC422C72FBB958C0A2EE21694CD32136F9CF0A1205E0D3A4B10CC9C98B3B4524A0CDC9455D3021AC44057CEF4A97E85166068769E9E644CC447095243BB90368A1CE6F0E3C69CA180F5B9D51F590A812B1375460CF10A7E718A83A2F6B00D8E28BAB45CEAB8AF0EB02988ED9221416EC061C1C4081552D3D0849D243DB473EC7B90180C3891E768DD2D7002CF505D369700CAF02A4B9DD1F2828C4ACC1F2EB47100DC2DB5620ADA971D1B0B0FAC9F9E3492B591FC85AC3DCB3826A8DA5842F4AE145FE33BFCDD0B6CD15C9836A5862EDB3D87A0CDBD724AE19A79A55D4F0BFF7870019926181933C840EACFB70FBC0EF182057DC09E06798EB4C9AAC2285F22F5D907A432C6D00CC44D07D77E77D1ACC183A174146ECFBDA26FF922CEBD2FA288EF2D23F65C0AAAD0F05DBFB6CA12446082D1F5774877483C3858442E305CF2A9637CE0EBB702DB70FF336E5B0413F3E8791960F1F0A9877C9076213D40657283D546AE52B73FF4449E60F8B6FE30D4CC0BA1ACA7A7DC155EC73C48B21477983D004261267D710D8A5E8CBD0656F1A963F248E887E8C2BF87BCAE7A0D4891BF21FCF35893584B29E18E842A23EA329ADD3D6AD994B5CBFBBFAB5A26932E8F799B2B0FA7789DE7A4A5C4B7FA81971819EA7F33B5BF6577F917BDE9C3680BCC5B15F1EAB4524A1B6DEE96B9F108A77344269A1757685D0404C832E4E0C5A29F808CFA6290316C0EBB2EF0A7431F62A5FBCDC66527AD8A04C0F10AF88C7CE1F1F22C41B71CE278BB704E88145608C28AD78402487031F6B13604CC6687161EBB78E7AF7AA0BC3CCB9AD8B00D7C01980599904B71F5DBC06A691E5638566BE36522B7FED69E24C28F8EA798BA3E9CCEB8AB8CF5651379A21A38315B05C66205616BBC6A3DD5573C9C6FBA2E3488E055E5F36857016D9300BFCE9F38D7C7CCD07FCF1EF41F8347CADCB12C400536374CF269613B05069B6D94CADA3B1F4ACBB68FA1ED175B01D840D871B3B0CDB918CDF15C79169A398C189AEA78860081DB423C89D350587E26D6D77B4C762B4F2A030345679F724CFBB08DB03E8CEB4FF0B91422BD2EB5C1C356D209049CFA2D6447F69B1E1DF0850FFBB6BB9F8D5B147765C023F76524A808456DEBF6A9134E3364DF462D4807FE6D4D036A4E59A4D56F8A30D8A27F4DFA174940B713A7E4 + +Derive=ffdhe8192-2 +PeerKey=ffdhe8192-1-pub +SharedSecret=4E48335CB2A508C3481729F42C49CFC0A9DA673F9FA4FBD968B3C5B78DBFA8695295642D1337C54229370B33068481F6A6E1B021F8B09B7C6B3E4DB581AD4C7ACF5C230A1FD4107EAE55530A8376856A65E079DE1BDA41B050E9B53A088ACADB879CCBC683A13BB925D48497BF7021FEB9DA214DD77FCBB6D0D46EC2BB9C7A9AFB93FC236E4EB61CB0F0C8E025D8CF4AF8B3B0F28B3E2CFAE6E760DC7877C71046179154FBE1A50A315C4DBA6D9E06406D389B614B1FC422C72FBB958C0A2EE21694CD32136F9CF0A1205E0D3A4B10CC9C98B3B4524A0CDC9455D3021AC44057CEF4A97E85166068769E9E644CC447095243BB90368A1CE6F0E3C69CA180F5B9D51F590A812B1375460CF10A7E718A83A2F6B00D8E28BAB45CEAB8AF0EB02988ED9221416EC061C1C4081552D3D0849D243DB473EC7B90180C3891E768DD2D7002CF505D369700CAF02A4B9DD1F2828C4ACC1F2EB47100DC2DB5620ADA971D1B0B0FAC9F9E3492B591FC85AC3DCB3826A8DA5842F4AE145FE33BFCDD0B6CD15C9836A5862EDB3D87A0CDBD724AE19A79A55D4F0BFF7870019926181933C840EACFB70FBC0EF182057DC09E06798EB4C9AAC2285F22F5D907A432C6D00CC44D07D77E77D1ACC183A174146ECFBDA26FF922CEBD2FA288EF2D23F65C0AAAD0F05DBFB6CA12446082D1F5774877483C3858442E305CF2A9637CE0EBB702DB70FF336E5B0413F3E8791960F1F0A9877C9076213D40657283D546AE52B73FF4449E60F8B6FE30D4CC0BA1ACA7A7DC155EC73C48B21477983D004261267D710D8A5E8CBD0656F1A963F248E887E8C2BF87BCAE7A0D4891BF21FCF35893584B29E18E842A23EA329ADD3D6AD994B5CBFBBFAB5A26932E8F799B2B0FA7789DE7A4A5C4B7FA81971819EA7F33B5BF6577F917BDE9C3680BCC5B15F1EAB4524A1B6DEE96B9F108A77344269A1757685D0404C832E4E0C5A29F808CFA6290316C0EBB2EF0A7431F62A5FBCDC66527AD8A04C0F10AF88C7CE1F1F22C41B71CE278BB704E88145608C28AD78402487031F6B13604CC6687161EBB78E7AF7AA0BC3CCB9AD8B00D7C01980599904B71F5DBC06A691E5638566BE36522B7FED69E24C28F8EA798BA3E9CCEB8AB8CF5651379A21A38315B05C66205616BBC6A3DD5573C9C6FBA2E3488E055E5F36857016D9300BFCE9F38D7C7CCD07FCF1EF41F8347CADCB12C400536374CF269613B05069B6D94CADA3B1F4ACBB68FA1ED175B01D840D871B3B0CDB918CDF15C79169A398C189AEA78860081DB423C89D350587E26D6D77B4C762B4F2A030345679F724CFBB08DB03E8CEB4FF0B91422BD2EB5C1C356D209049CFA2D6447F69B1E1DF0850FFBB6BB9F8D5B147765C023F76524A808456DEBF6A9134E3364DF462D4807FE6D4D036A4E59A4D56F8A30D8A27F4DFA174940B713A7E4 + +Title = SM2 tests + +PrivateKey=SM2_key1 +-----BEGIN PRIVATE KEY----- +MIGHAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBG0wawIBAQQg0JFWczAXva2An9m7 +2MaT9gIwWTFptvlKrxyO4TjMmbWhRANCAAQ5OirZ4n5DrKqrhaGdO4VZHhRAYVcX +Wt3Te/d/8Mr57Tf886i09VwDhSMmH8pmNq/mp6+ioUgqYG9cs6GLLioe +-----END PRIVATE KEY----- + +Verify = SM2_key1 +Ctrl = digest:SM3 +Input = D7AD397F6FFA5D4F7F11E7217F241607DC30618C236D2C09C1B9EA8FDADEE2E8 +Output = 3046022100AB1DB64DE7C40EDBDE6651C9B8EBDB804673DB836E5D5C7FE15DCF9ED2725037022100EBA714451FF69B0BB930B379E192E7CD5FA6E3C41C7FBD8303B799AB54A54621 + +Verify = SM2_key1 +Ctrl = digest:SM3 +Input = B1139602C6ECC9E15E2F3F9C635A1AFE737058BC15387479C1EA0D0B3D90E9E5 +Output = 3045022100E6E0414EBD3A656C35602AF14AB20287DBF30D57AF75C49A188ED4B42391F22402202F54F277C606F4605E1CE9514947FFDDF94C67A539804A4ED17F852288BDBE2E + +Verify = SM2_key1 +Ctrl = digest:SHA512 +Input = 40AA1B203C9D8EE150B21C3C7CDA8261492E5420C5F2B9F7380700E094C303B48E62F319C1DA0E32EB40D113C5F1749CC61AEB499167890AB82F2CC9BB706971 +Output = 3046022100AE018933B9BA041784380069F2DDF609694DCD299FDBF23D09F4B711FBC103EC0221008440BB1A48C132DE4FB91BE9F43B958142FDD29FB9DABE01B17514023A2F638C + +Decrypt = SM2_key1 +Input = 30818A0220466BE2EF5C11782EC77864A0055417F407A5AFC11D653C6BCE69E417BB1D05B6022062B572E21FF0DDF5C726BD3F9FF2EAE56E6294713A607E9B9525628965F62CC804203C1B5713B5DB2728EB7BF775E44F4689FC32668BDC564F52EA45B09E8DF2A5F40422084A9D0CC2997092B7D3C404FCE95956EB604D732B2307A8E5B8900ED6608CA5B197 +Output = "The floofy bunnies hop at midnight" + +# This is a "fake" test as it does only verify that the SM2 EVP_PKEY interface +# is capable of creating a signature without failing, but it does not say +# anything about the generated signature being valid, nor does it test the +# correct implementation of the cryptosystem. +Sign = SM2_key1 +Ctrl = digest:SM3 +Input = D7AD397F6FFA5D4F7F11E7217F241607DC30618C236D2C09C1B9EA8FDADEE2E8 +Output = 3045022100f11bf36e75bb304f094fb42a4ca22377d0cc768637c5011cd59fb9ed4b130c98022035545ffe2c2efb3abee4fee661468946d886004fae8ea5311593e48f7fe21b91 +Result = KEYOP_MISMATCH + +Title = Chosen Wycheproof vectors + +PrivateKeyRaw = WychePRIVATE0:X25519:288796bc5aff4b81a37501757bc0753a3c21964790d38699308debc17a6eaf8d + +PublicKeyRaw = WychePUBLIC0:X25519:f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff7f + +Derive=WychePRIVATE0 +PeerKey=WychePUBLIC0 +SharedSecret=b4e0dd76da7b071728b61f856771aa356e57eda78a5b1655cc3820fb5f854c5c + +PrivateKeyRaw = WychePRIVATE1:X25519:60887b3dc72443026ebedbbbb70665f42b87add1440e7768fbd7e8e2ce5f639d + +PublicKeyRaw = WychePUBLIC1:X25519:f0ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff + +Derive=WychePRIVATE1 +PeerKey=WychePUBLIC1 +SharedSecret=38d6304c4a7e6d9f7959334fb5245bd2c754525d4c91db950206926234c1f633 + +PrivateKeyRaw = WychePRIVATE2:X25519:a0a4f130b98a5be4b1cedb7cb85584a3520e142d474dc9ccb909a073a976bf63 + +PublicKeyRaw = WychePUBLIC2:X25519:0ab4e76380d84dde4f6833c58f2a9fb8f83bb0169b172be4b6e0592887741a36 + +Derive=WychePRIVATE2 +PeerKey=WychePUBLIC2 +SharedSecret=0200000000000000000000000000000000000000000000000000000000000000 + +PublicKeyRaw = WychePUBLIC3:X25519:89e10d5701b4337d2d032181538b1064bd4084401ceca1fd12663a1959388000 + +Derive=WychePRIVATE2 +PeerKey=WychePUBLIC3 +SharedSecret=0900000000000000000000000000000000000000000000000000000000000000 + +PublicKeyRaw = WychePUBLIC4:X25519:2b55d3aa4a8f80c8c0b2ae5f933e85af49beac36c2fa7394bab76c8933f8f81d + +Derive=WychePRIVATE2 +PeerKey=WychePUBLIC4 +SharedSecret=1000000000000000000000000000000000000000000000000000000000000000 diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey_ecc.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey_ecc.txt index ae9a543571..8e618c83f9 100644 --- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey_ecc.txt +++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evppkey_ecc.txt @@ -1,4 +1,4 @@ -# Title=brainpoolP160r1 curve tests +Title=brainpoolP160r1 curve tests PrivateKey=ALICE_cf_brainpoolP160r1 -----BEGIN PRIVATE KEY----- @@ -36,7 +36,7 @@ Derive=BOB_cf_brainpoolP160r1 PeerKey=ALICE_cf_brainpoolP160r1_PUB SharedSecret=2e75cb6a8f13951b437e04a0ed1d714a610036cc -# Title=brainpoolP160t1 curve tests +Title=brainpoolP160t1 curve tests PrivateKey=ALICE_cf_brainpoolP160t1 -----BEGIN PRIVATE KEY----- @@ -74,7 +74,7 @@ Derive=BOB_cf_brainpoolP160t1 PeerKey=ALICE_cf_brainpoolP160t1_PUB SharedSecret=6ea603a6a1a83812b967c83ef1867bd807be761e -# Title=brainpoolP192r1 curve tests +Title=brainpoolP192r1 curve tests PrivateKey=ALICE_cf_brainpoolP192r1 -----BEGIN PRIVATE KEY----- @@ -114,7 +114,7 @@ Derive=BOB_cf_brainpoolP192r1 PeerKey=ALICE_cf_brainpoolP192r1_PUB SharedSecret=2b34396d02a40df0b9f8f9c0b8623be05b41249fbd69e02a -# Title=brainpoolP192t1 curve tests +Title=brainpoolP192t1 curve tests PrivateKey=ALICE_cf_brainpoolP192t1 -----BEGIN PRIVATE KEY----- @@ -154,7 +154,7 @@ Derive=BOB_cf_brainpoolP192t1 PeerKey=ALICE_cf_brainpoolP192t1_PUB SharedSecret=84049068441a342d7c2951ff159cdc9d05c4bddf2a6e6309 -# Title=brainpoolP224r1 curve tests +Title=brainpoolP224r1 curve tests PrivateKey=ALICE_cf_brainpoolP224r1 -----BEGIN PRIVATE KEY----- @@ -194,7 +194,7 @@ Derive=BOB_cf_brainpoolP224r1 PeerKey=ALICE_cf_brainpoolP224r1_PUB SharedSecret=477240c0587dea6aecfcac5a154d7ba3a5d4eb1ab30a69012d4401de -# Title=brainpoolP224t1 curve tests +Title=brainpoolP224t1 curve tests PrivateKey=ALICE_cf_brainpoolP224t1 -----BEGIN PRIVATE KEY----- @@ -234,7 +234,7 @@ Derive=BOB_cf_brainpoolP224t1 PeerKey=ALICE_cf_brainpoolP224t1_PUB SharedSecret=2c8dd0dbf3a62a202150e12443461d348be57bc58db0f2f7d8938933 -# Title=brainpoolP256r1 curve tests +Title=brainpoolP256r1 curve tests PrivateKey=ALICE_cf_brainpoolP256r1 -----BEGIN PRIVATE KEY----- @@ -274,7 +274,7 @@ Derive=BOB_cf_brainpoolP256r1 PeerKey=ALICE_cf_brainpoolP256r1_PUB SharedSecret=2fdd9d97efdcba3f5b181df53331db0ee42a3b1072147325ce8521dbaeafc3e4 -# Title=brainpoolP256t1 curve tests +Title=brainpoolP256t1 curve tests PrivateKey=ALICE_cf_brainpoolP256t1 -----BEGIN PRIVATE KEY----- @@ -314,7 +314,7 @@ Derive=BOB_cf_brainpoolP256t1 PeerKey=ALICE_cf_brainpoolP256t1_PUB SharedSecret=7f177af329a4b377aea6e80bddf14f09c17c4fe81598703898fb62c929cbff04 -# Title=brainpoolP320r1 curve tests +Title=brainpoolP320r1 curve tests PrivateKey=ALICE_cf_brainpoolP320r1 -----BEGIN PRIVATE KEY----- @@ -354,7 +354,7 @@ Derive=BOB_cf_brainpoolP320r1 PeerKey=ALICE_cf_brainpoolP320r1_PUB SharedSecret=4ee386c231d0a7c9bb6dc05362f56ca70bf7ba5dcb66d8c4574c0497fdab6a5b79818a64ff5dc87e -# Title=brainpoolP320t1 curve tests +Title=brainpoolP320t1 curve tests PrivateKey=ALICE_cf_brainpoolP320t1 -----BEGIN PRIVATE KEY----- @@ -394,7 +394,7 @@ Derive=BOB_cf_brainpoolP320t1 PeerKey=ALICE_cf_brainpoolP320t1_PUB SharedSecret=079d62bad81ceeab9f213818faf249f7b29b87a81b56a33b774b2631860f90a25f5377da504cb619 -# Title=brainpoolP384r1 curve tests +Title=brainpoolP384r1 curve tests PrivateKey=ALICE_cf_brainpoolP384r1 -----BEGIN PRIVATE KEY----- @@ -436,7 +436,7 @@ Derive=BOB_cf_brainpoolP384r1 PeerKey=ALICE_cf_brainpoolP384r1_PUB SharedSecret=35e9a3f86a38888d183cc343801dcdaecb664d5b37f7fbc0459fd4612da6b29831bd2d8e5b599376ca510fcc3ac78be6 -# Title=brainpoolP384t1 curve tests +Title=brainpoolP384t1 curve tests PrivateKey=ALICE_cf_brainpoolP384t1 -----BEGIN PRIVATE KEY----- @@ -478,7 +478,7 @@ Derive=BOB_cf_brainpoolP384t1 PeerKey=ALICE_cf_brainpoolP384t1_PUB SharedSecret=030113dd1662230f1e47418c3044a0852dcd74fa508dbabb02d1fe5d788aa49d8047d02a802f796af21473ab17f6f85f -# Title=brainpoolP512r1 curve tests +Title=brainpoolP512r1 curve tests PrivateKey=ALICE_cf_brainpoolP512r1 -----BEGIN PRIVATE KEY----- @@ -520,7 +520,7 @@ Derive=BOB_cf_brainpoolP512r1 PeerKey=ALICE_cf_brainpoolP512r1_PUB SharedSecret=84269a8f2932b7e09b23deabaeab26eda6bbdee8846153b0c62b7d2663506a9e71d32cf0cc127ec130f6880612f4e054bc79adb57ddbee97949508ce1eda0bb1 -# Title=brainpoolP512t1 curve tests +Title=brainpoolP512t1 curve tests PrivateKey=ALICE_cf_brainpoolP512t1 -----BEGIN PRIVATE KEY----- @@ -562,7 +562,7 @@ Derive=BOB_cf_brainpoolP512t1 PeerKey=ALICE_cf_brainpoolP512t1_PUB SharedSecret=48bc4ebdb9a88ca38bed58f5e547eb11d803fd01b6eadff1761ecb48c54525cba43bdb0ee4a4d7aa6701985e0bc12fd32382c035d80acc7ec26adfcb108a07cb -# Title=c2pnb163v1 curve tests +Title=c2pnb163v1 curve tests PrivateKey=ALICE_cf_c2pnb163v1 -----BEGIN PRIVATE KEY----- @@ -623,7 +623,7 @@ Derive=BOB_cf_c2pnb163v1 PeerKey=MALICE_cf_c2pnb163v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -631,10 +631,10 @@ Derive=ALICE_cf_c2pnb163v1 PeerKey=MALICE_cf_c2pnb163v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb163v2 curve tests +Title=c2pnb163v2 curve tests PrivateKey=ALICE_cf_c2pnb163v2 -----BEGIN PRIVATE KEY----- @@ -695,7 +695,7 @@ Derive=BOB_cf_c2pnb163v2 PeerKey=MALICE_cf_c2pnb163v2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -703,10 +703,10 @@ Derive=ALICE_cf_c2pnb163v2 PeerKey=MALICE_cf_c2pnb163v2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb163v3 curve tests +Title=c2pnb163v3 curve tests PrivateKey=ALICE_cf_c2pnb163v3 -----BEGIN PRIVATE KEY----- @@ -767,7 +767,7 @@ Derive=BOB_cf_c2pnb163v3 PeerKey=MALICE_cf_c2pnb163v3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -775,10 +775,10 @@ Derive=ALICE_cf_c2pnb163v3 PeerKey=MALICE_cf_c2pnb163v3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb176v1 curve tests +Title=c2pnb176v1 curve tests PrivateKey=ALICE_cf_c2pnb176v1 -----BEGIN PRIVATE KEY----- @@ -839,7 +839,7 @@ Derive=BOB_cf_c2pnb176v1 PeerKey=MALICE_cf_c2pnb176v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -847,10 +847,10 @@ Derive=ALICE_cf_c2pnb176v1 PeerKey=MALICE_cf_c2pnb176v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb208w1 curve tests +Title=c2pnb208w1 curve tests PrivateKey=ALICE_cf_c2pnb208w1 -----BEGIN PRIVATE KEY----- @@ -913,7 +913,7 @@ Derive=BOB_cf_c2pnb208w1 PeerKey=MALICE_cf_c2pnb208w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -921,10 +921,10 @@ Derive=ALICE_cf_c2pnb208w1 PeerKey=MALICE_cf_c2pnb208w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb272w1 curve tests +Title=c2pnb272w1 curve tests PrivateKey=ALICE_cf_c2pnb272w1 -----BEGIN PRIVATE KEY----- @@ -987,7 +987,7 @@ Derive=BOB_cf_c2pnb272w1 PeerKey=MALICE_cf_c2pnb272w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -995,10 +995,10 @@ Derive=ALICE_cf_c2pnb272w1 PeerKey=MALICE_cf_c2pnb272w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb304w1 curve tests +Title=c2pnb304w1 curve tests PrivateKey=ALICE_cf_c2pnb304w1 -----BEGIN PRIVATE KEY----- @@ -1061,7 +1061,7 @@ Derive=BOB_cf_c2pnb304w1 PeerKey=MALICE_cf_c2pnb304w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1069,10 +1069,10 @@ Derive=ALICE_cf_c2pnb304w1 PeerKey=MALICE_cf_c2pnb304w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2pnb368w1 curve tests +Title=c2pnb368w1 curve tests PrivateKey=ALICE_cf_c2pnb368w1 -----BEGIN PRIVATE KEY----- @@ -1138,7 +1138,7 @@ Derive=BOB_cf_c2pnb368w1 PeerKey=MALICE_cf_c2pnb368w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1146,10 +1146,10 @@ Derive=ALICE_cf_c2pnb368w1 PeerKey=MALICE_cf_c2pnb368w1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb191v1 curve tests +Title=c2tnb191v1 curve tests PrivateKey=ALICE_cf_c2tnb191v1 -----BEGIN PRIVATE KEY----- @@ -1212,7 +1212,7 @@ Derive=BOB_cf_c2tnb191v1 PeerKey=MALICE_cf_c2tnb191v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1220,10 +1220,10 @@ Derive=ALICE_cf_c2tnb191v1 PeerKey=MALICE_cf_c2tnb191v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb191v2 curve tests +Title=c2tnb191v2 curve tests PrivateKey=ALICE_cf_c2tnb191v2 -----BEGIN PRIVATE KEY----- @@ -1286,7 +1286,7 @@ Derive=BOB_cf_c2tnb191v2 PeerKey=MALICE_cf_c2tnb191v2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1294,10 +1294,10 @@ Derive=ALICE_cf_c2tnb191v2 PeerKey=MALICE_cf_c2tnb191v2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb191v3 curve tests +Title=c2tnb191v3 curve tests PrivateKey=ALICE_cf_c2tnb191v3 -----BEGIN PRIVATE KEY----- @@ -1360,7 +1360,7 @@ Derive=BOB_cf_c2tnb191v3 PeerKey=MALICE_cf_c2tnb191v3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1368,10 +1368,10 @@ Derive=ALICE_cf_c2tnb191v3 PeerKey=MALICE_cf_c2tnb191v3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb239v1 curve tests +Title=c2tnb239v1 curve tests PrivateKey=ALICE_cf_c2tnb239v1 -----BEGIN PRIVATE KEY----- @@ -1434,7 +1434,7 @@ Derive=BOB_cf_c2tnb239v1 PeerKey=MALICE_cf_c2tnb239v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1442,10 +1442,10 @@ Derive=ALICE_cf_c2tnb239v1 PeerKey=MALICE_cf_c2tnb239v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb239v2 curve tests +Title=c2tnb239v2 curve tests PrivateKey=ALICE_cf_c2tnb239v2 -----BEGIN PRIVATE KEY----- @@ -1508,7 +1508,7 @@ Derive=BOB_cf_c2tnb239v2 PeerKey=MALICE_cf_c2tnb239v2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1516,10 +1516,10 @@ Derive=ALICE_cf_c2tnb239v2 PeerKey=MALICE_cf_c2tnb239v2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb239v3 curve tests +Title=c2tnb239v3 curve tests PrivateKey=ALICE_cf_c2tnb239v3 -----BEGIN PRIVATE KEY----- @@ -1582,7 +1582,7 @@ Derive=BOB_cf_c2tnb239v3 PeerKey=MALICE_cf_c2tnb239v3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1590,10 +1590,10 @@ Derive=ALICE_cf_c2tnb239v3 PeerKey=MALICE_cf_c2tnb239v3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb359v1 curve tests +Title=c2tnb359v1 curve tests PrivateKey=ALICE_cf_c2tnb359v1 -----BEGIN PRIVATE KEY----- @@ -1659,7 +1659,7 @@ Derive=BOB_cf_c2tnb359v1 PeerKey=MALICE_cf_c2tnb359v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1667,10 +1667,10 @@ Derive=ALICE_cf_c2tnb359v1 PeerKey=MALICE_cf_c2tnb359v1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=c2tnb431r1 curve tests +Title=c2tnb431r1 curve tests PrivateKey=ALICE_cf_c2tnb431r1 -----BEGIN PRIVATE KEY----- @@ -1736,7 +1736,7 @@ Derive=BOB_cf_c2tnb431r1 PeerKey=MALICE_cf_c2tnb431r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -1744,10 +1744,10 @@ Derive=ALICE_cf_c2tnb431r1 PeerKey=MALICE_cf_c2tnb431r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=prime192v1 curve tests +Title=prime192v1 curve tests PrivateKey=ALICE_cf_prime192v1 -----BEGIN PRIVATE KEY----- @@ -1787,7 +1787,7 @@ Derive=BOB_cf_prime192v1 PeerKey=ALICE_cf_prime192v1_PUB SharedSecret=e36cad3b0f8d00f60f090440a76df47896713ae61421c354 -# Title=prime192v2 curve tests +Title=prime192v2 curve tests PrivateKey=ALICE_cf_prime192v2 -----BEGIN PRIVATE KEY----- @@ -1827,7 +1827,7 @@ Derive=BOB_cf_prime192v2 PeerKey=ALICE_cf_prime192v2_PUB SharedSecret=ae2ff9f1f9f24e6d281dc78993d9f71913e1e105965000a1 -# Title=prime192v3 curve tests +Title=prime192v3 curve tests PrivateKey=ALICE_cf_prime192v3 -----BEGIN PRIVATE KEY----- @@ -1867,7 +1867,7 @@ Derive=BOB_cf_prime192v3 PeerKey=ALICE_cf_prime192v3_PUB SharedSecret=9e562ecbe29c510a13b0daea822ec864c2a9684d2a382812 -# Title=prime239v1 curve tests +Title=prime239v1 curve tests PrivateKey=ALICE_cf_prime239v1 -----BEGIN PRIVATE KEY----- @@ -1907,7 +1907,7 @@ Derive=BOB_cf_prime239v1 PeerKey=ALICE_cf_prime239v1_PUB SharedSecret=196b1d0206d4f87c313c266bfb12c90dd1f1f64b89bfc16518086b9801b8 -# Title=prime239v2 curve tests +Title=prime239v2 curve tests PrivateKey=ALICE_cf_prime239v2 -----BEGIN PRIVATE KEY----- @@ -1947,7 +1947,7 @@ Derive=BOB_cf_prime239v2 PeerKey=ALICE_cf_prime239v2_PUB SharedSecret=1d18ca6366bceba3c1477daa0e08202088abcf14fc2b8fbf98ba95858fcf -# Title=prime239v3 curve tests +Title=prime239v3 curve tests PrivateKey=ALICE_cf_prime239v3 -----BEGIN PRIVATE KEY----- @@ -1987,7 +1987,7 @@ Derive=BOB_cf_prime239v3 PeerKey=ALICE_cf_prime239v3_PUB SharedSecret=4dcc2c67c5993162ed71ebb33077bbb85395b0d3eec2311aa404e45901a0 -# Title=prime256v1 curve tests +Title=prime256v1 curve tests PrivateKey=ALICE_cf_prime256v1 -----BEGIN PRIVATE KEY----- @@ -2027,7 +2027,7 @@ Derive=BOB_cf_prime256v1 PeerKey=ALICE_cf_prime256v1_PUB SharedSecret=ee63690b553dcd9bccb066137725f0489395a83f4d280f309339d606c969734a -# Title=secp112r1 curve tests +Title=secp112r1 curve tests PrivateKey=ALICE_cf_secp112r1 -----BEGIN PRIVATE KEY----- @@ -2063,7 +2063,7 @@ Derive=BOB_cf_secp112r1 PeerKey=ALICE_cf_secp112r1_PUB SharedSecret=4ddd1d504b444d4be67ba2e4610a -# Title=secp112r2 curve tests +Title=secp112r2 curve tests PrivateKey=ALICE_cf_secp112r2 -----BEGIN PRIVATE KEY----- @@ -2121,7 +2121,7 @@ Derive=BOB_cf_secp112r2 PeerKey=MALICE_cf_secp112r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GFp +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2129,10 +2129,10 @@ Derive=ALICE_cf_secp112r2 PeerKey=MALICE_cf_secp112r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GFp +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=secp128r1 curve tests +Title=secp128r1 curve tests PrivateKey=ALICE_cf_secp128r1 -----BEGIN PRIVATE KEY----- @@ -2168,7 +2168,7 @@ Derive=BOB_cf_secp128r1 PeerKey=ALICE_cf_secp128r1_PUB SharedSecret=5020f1b759da1f737a61a29a268d7669 -# Title=secp128r2 curve tests +Title=secp128r2 curve tests PrivateKey=ALICE_cf_secp128r2 -----BEGIN PRIVATE KEY----- @@ -2226,7 +2226,7 @@ Derive=BOB_cf_secp128r2 PeerKey=MALICE_cf_secp128r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GFp +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2234,10 +2234,10 @@ Derive=ALICE_cf_secp128r2 PeerKey=MALICE_cf_secp128r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GFp +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=secp160k1 curve tests +Title=secp160k1 curve tests PrivateKey=ALICE_cf_secp160k1 -----BEGIN PRIVATE KEY----- @@ -2275,7 +2275,7 @@ Derive=BOB_cf_secp160k1 PeerKey=ALICE_cf_secp160k1_PUB SharedSecret=b738a0bf17f3271a9a155bfdfe2f0f1d51494d42 -# Title=secp160r1 curve tests +Title=secp160r1 curve tests PrivateKey=ALICE_cf_secp160r1 -----BEGIN PRIVATE KEY----- @@ -2313,7 +2313,7 @@ Derive=BOB_cf_secp160r1 PeerKey=ALICE_cf_secp160r1_PUB SharedSecret=1912ea7b9bb1de5b8d3cef83e7a6e7a917816541 -# Title=secp160r2 curve tests +Title=secp160r2 curve tests PrivateKey=ALICE_cf_secp160r2 -----BEGIN PRIVATE KEY----- @@ -2351,7 +2351,7 @@ Derive=BOB_cf_secp160r2 PeerKey=ALICE_cf_secp160r2_PUB SharedSecret=ccb9cae5c9487ff60c487bd1b39a62eb4680e9b6 -# Title=secp192k1 curve tests +Title=secp192k1 curve tests PrivateKey=ALICE_cf_secp192k1 -----BEGIN PRIVATE KEY----- @@ -2389,7 +2389,7 @@ Derive=BOB_cf_secp192k1 PeerKey=ALICE_cf_secp192k1_PUB SharedSecret=a46a6bfb279d4dc30cffac585d1fbec905dbe46aca5e3c9d -# Title=secp224k1 curve tests +Title=secp224k1 curve tests PrivateKey=ALICE_cf_secp224k1 -----BEGIN PRIVATE KEY----- @@ -2429,7 +2429,7 @@ Derive=BOB_cf_secp224k1 PeerKey=ALICE_cf_secp224k1_PUB SharedSecret=6f7b9d16c9c1d3a5c84b6028f2a4fed9ae8e02455e678a27243bcc48 -# Title=secp224r1 curve tests +Title=secp224r1 curve tests PrivateKey=ALICE_cf_secp224r1 -----BEGIN PRIVATE KEY----- @@ -2469,7 +2469,7 @@ Derive=BOB_cf_secp224r1 PeerKey=ALICE_cf_secp224r1_PUB SharedSecret=29d8b75934d74d5153bbb94e0370437c63ecc30bf3d2800ed1cb7eb5 -# Title=secp256k1 curve tests +Title=secp256k1 curve tests PrivateKey=ALICE_cf_secp256k1 -----BEGIN PRIVATE KEY----- @@ -2509,7 +2509,7 @@ Derive=BOB_cf_secp256k1 PeerKey=ALICE_cf_secp256k1_PUB SharedSecret=a4745cc4d19cabb9e5cb0abdd5c604cab2846a4638ad844ed9175f3cadda2da1 -# Title=secp384r1 curve tests +Title=secp384r1 curve tests PrivateKey=ALICE_cf_secp384r1 -----BEGIN PRIVATE KEY----- @@ -2551,7 +2551,7 @@ Derive=BOB_cf_secp384r1 PeerKey=ALICE_cf_secp384r1_PUB SharedSecret=b3cfe488126e2731fb7c19f82e94fcc05e1dd303649a9257e858030b795c2d344a054b0c44a24fd7f5821f531a9b8cfb -# Title=secp521r1 curve tests +Title=secp521r1 curve tests PrivateKey=ALICE_cf_secp521r1 -----BEGIN PRIVATE KEY----- @@ -2593,7 +2593,7 @@ Derive=BOB_cf_secp521r1 PeerKey=ALICE_cf_secp521r1_PUB SharedSecret=01dd4aa9037bb4ad298b420998dcd32b3a9af1cda8b7919e372aeb4e54ccfb4d2409a340ed896bfbc5dd462f8d96b8784bc17b29db3ca04700e6ec752f9bec777695 -# Title=sect113r1 curve tests +Title=sect113r1 curve tests PrivateKey=ALICE_cf_sect113r1 -----BEGIN PRIVATE KEY----- @@ -2651,7 +2651,7 @@ Derive=BOB_cf_sect113r1 PeerKey=MALICE_cf_sect113r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2659,10 +2659,10 @@ Derive=ALICE_cf_sect113r1 PeerKey=MALICE_cf_sect113r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect113r2 curve tests +Title=sect113r2 curve tests PrivateKey=ALICE_cf_sect113r2 -----BEGIN PRIVATE KEY----- @@ -2720,7 +2720,7 @@ Derive=BOB_cf_sect113r2 PeerKey=MALICE_cf_sect113r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2728,10 +2728,10 @@ Derive=ALICE_cf_sect113r2 PeerKey=MALICE_cf_sect113r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect131r1 curve tests +Title=sect131r1 curve tests PrivateKey=ALICE_cf_sect131r1 -----BEGIN PRIVATE KEY----- @@ -2792,7 +2792,7 @@ Derive=BOB_cf_sect131r1 PeerKey=MALICE_cf_sect131r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2800,10 +2800,10 @@ Derive=ALICE_cf_sect131r1 PeerKey=MALICE_cf_sect131r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect131r2 curve tests +Title=sect131r2 curve tests PrivateKey=ALICE_cf_sect131r2 -----BEGIN PRIVATE KEY----- @@ -2864,7 +2864,7 @@ Derive=BOB_cf_sect131r2 PeerKey=MALICE_cf_sect131r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2872,10 +2872,10 @@ Derive=ALICE_cf_sect131r2 PeerKey=MALICE_cf_sect131r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect163k1 curve tests +Title=sect163k1 curve tests PrivateKey=ALICE_cf_sect163k1 -----BEGIN PRIVATE KEY----- @@ -2936,7 +2936,7 @@ Derive=BOB_cf_sect163k1 PeerKey=MALICE_cf_sect163k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -2944,10 +2944,10 @@ Derive=ALICE_cf_sect163k1 PeerKey=MALICE_cf_sect163k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect163r1 curve tests +Title=sect163r1 curve tests PrivateKey=ALICE_cf_sect163r1 -----BEGIN PRIVATE KEY----- @@ -3008,7 +3008,7 @@ Derive=BOB_cf_sect163r1 PeerKey=MALICE_cf_sect163r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3016,10 +3016,10 @@ Derive=ALICE_cf_sect163r1 PeerKey=MALICE_cf_sect163r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect163r2 curve tests +Title=sect163r2 curve tests PrivateKey=ALICE_cf_sect163r2 -----BEGIN PRIVATE KEY----- @@ -3080,7 +3080,7 @@ Derive=BOB_cf_sect163r2 PeerKey=MALICE_cf_sect163r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3088,10 +3088,10 @@ Derive=ALICE_cf_sect163r2 PeerKey=MALICE_cf_sect163r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect193r1 curve tests +Title=sect193r1 curve tests PrivateKey=ALICE_cf_sect193r1 -----BEGIN PRIVATE KEY----- @@ -3152,7 +3152,7 @@ Derive=BOB_cf_sect193r1 PeerKey=MALICE_cf_sect193r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3160,10 +3160,10 @@ Derive=ALICE_cf_sect193r1 PeerKey=MALICE_cf_sect193r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect193r2 curve tests +Title=sect193r2 curve tests PrivateKey=ALICE_cf_sect193r2 -----BEGIN PRIVATE KEY----- @@ -3224,7 +3224,7 @@ Derive=BOB_cf_sect193r2 PeerKey=MALICE_cf_sect193r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3232,10 +3232,10 @@ Derive=ALICE_cf_sect193r2 PeerKey=MALICE_cf_sect193r2_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect233k1 curve tests +Title=sect233k1 curve tests PrivateKey=ALICE_cf_sect233k1 -----BEGIN PRIVATE KEY----- @@ -3298,7 +3298,7 @@ Derive=BOB_cf_sect233k1 PeerKey=MALICE_cf_sect233k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3306,10 +3306,10 @@ Derive=ALICE_cf_sect233k1 PeerKey=MALICE_cf_sect233k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect233r1 curve tests +Title=sect233r1 curve tests PrivateKey=ALICE_cf_sect233r1 -----BEGIN PRIVATE KEY----- @@ -3372,7 +3372,7 @@ Derive=BOB_cf_sect233r1 PeerKey=MALICE_cf_sect233r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3380,10 +3380,10 @@ Derive=ALICE_cf_sect233r1 PeerKey=MALICE_cf_sect233r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect239k1 curve tests +Title=sect239k1 curve tests PrivateKey=ALICE_cf_sect239k1 -----BEGIN PRIVATE KEY----- @@ -3446,7 +3446,7 @@ Derive=BOB_cf_sect239k1 PeerKey=MALICE_cf_sect239k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3454,10 +3454,10 @@ Derive=ALICE_cf_sect239k1 PeerKey=MALICE_cf_sect239k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect283k1 curve tests +Title=sect283k1 curve tests PrivateKey=ALICE_cf_sect283k1 -----BEGIN PRIVATE KEY----- @@ -3520,7 +3520,7 @@ Derive=BOB_cf_sect283k1 PeerKey=MALICE_cf_sect283k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3528,10 +3528,10 @@ Derive=ALICE_cf_sect283k1 PeerKey=MALICE_cf_sect283k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect283r1 curve tests +Title=sect283r1 curve tests PrivateKey=ALICE_cf_sect283r1 -----BEGIN PRIVATE KEY----- @@ -3594,7 +3594,7 @@ Derive=BOB_cf_sect283r1 PeerKey=MALICE_cf_sect283r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3602,10 +3602,10 @@ Derive=ALICE_cf_sect283r1 PeerKey=MALICE_cf_sect283r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect409k1 curve tests +Title=sect409k1 curve tests PrivateKey=ALICE_cf_sect409k1 -----BEGIN PRIVATE KEY----- @@ -3671,7 +3671,7 @@ Derive=BOB_cf_sect409k1 PeerKey=MALICE_cf_sect409k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3679,10 +3679,10 @@ Derive=ALICE_cf_sect409k1 PeerKey=MALICE_cf_sect409k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect409r1 curve tests +Title=sect409r1 curve tests PrivateKey=ALICE_cf_sect409r1 -----BEGIN PRIVATE KEY----- @@ -3748,7 +3748,7 @@ Derive=BOB_cf_sect409r1 PeerKey=MALICE_cf_sect409r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3756,10 +3756,10 @@ Derive=ALICE_cf_sect409r1 PeerKey=MALICE_cf_sect409r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect571k1 curve tests +Title=sect571k1 curve tests PrivateKey=ALICE_cf_sect571k1 -----BEGIN PRIVATE KEY----- @@ -3825,7 +3825,7 @@ Derive=BOB_cf_sect571k1 PeerKey=MALICE_cf_sect571k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3833,10 +3833,10 @@ Derive=ALICE_cf_sect571k1 PeerKey=MALICE_cf_sect571k1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=sect571r1 curve tests +Title=sect571r1 curve tests PrivateKey=ALICE_cf_sect571r1 -----BEGIN PRIVATE KEY----- @@ -3902,7 +3902,7 @@ Derive=BOB_cf_sect571r1 PeerKey=MALICE_cf_sect571r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3910,10 +3910,10 @@ Derive=ALICE_cf_sect571r1 PeerKey=MALICE_cf_sect571r1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls10 curve tests +Title=wap-wsg-idm-ecid-wtls10 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls10 -----BEGIN PRIVATE KEY----- @@ -3976,7 +3976,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls10 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -3984,10 +3984,10 @@ Derive=ALICE_cf_wap-wsg-idm-ecid-wtls10 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls10_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls11 curve tests +Title=wap-wsg-idm-ecid-wtls11 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls11 -----BEGIN PRIVATE KEY----- @@ -4050,7 +4050,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls11 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -4058,10 +4058,10 @@ Derive=ALICE_cf_wap-wsg-idm-ecid-wtls11 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls11_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls12 curve tests +Title=wap-wsg-idm-ecid-wtls12 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls12 -----BEGIN PRIVATE KEY----- @@ -4101,7 +4101,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls12 PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls12_PUB SharedSecret=a3b3f20af8c33a0f5c246b4b9d9dda1cd40c294d1f53365d18a8b54b -# Title=wap-wsg-idm-ecid-wtls1 curve tests +Title=wap-wsg-idm-ecid-wtls1 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls1 -----BEGIN PRIVATE KEY----- @@ -4159,7 +4159,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls1 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -4167,10 +4167,10 @@ Derive=ALICE_cf_wap-wsg-idm-ecid-wtls1 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls1_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls3 curve tests +Title=wap-wsg-idm-ecid-wtls3 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls3 -----BEGIN PRIVATE KEY----- @@ -4231,7 +4231,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls3 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -4239,10 +4239,10 @@ Derive=ALICE_cf_wap-wsg-idm-ecid-wtls3 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls3_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls4 curve tests +Title=wap-wsg-idm-ecid-wtls4 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls4 -----BEGIN PRIVATE KEY----- @@ -4300,7 +4300,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls4 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -4308,10 +4308,10 @@ Derive=ALICE_cf_wap-wsg-idm-ecid-wtls4 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls4_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls5 curve tests +Title=wap-wsg-idm-ecid-wtls5 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls5 -----BEGIN PRIVATE KEY----- @@ -4372,7 +4372,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls5 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity # ECC CDH Alice with Malice peer @@ -4380,10 +4380,10 @@ Derive=ALICE_cf_wap-wsg-idm-ecid-wtls5 PeerKey=MALICE_cf_wap-wsg-idm-ecid-wtls5_PUB Ctrl=ecdh_cofactor_mode:1 Result=DERIVE_ERROR -Function=EC_POINT_get_affine_coordinates_GF2m +Function=EC_POINT_get_affine_coordinates Reason=point at infinity -# Title=wap-wsg-idm-ecid-wtls6 curve tests +Title=wap-wsg-idm-ecid-wtls6 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls6 -----BEGIN PRIVATE KEY----- @@ -4419,7 +4419,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls6 PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls6_PUB SharedSecret=b4cae255268f11a1e46fecad04c2 -# Title=wap-wsg-idm-ecid-wtls7 curve tests +Title=wap-wsg-idm-ecid-wtls7 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls7 -----BEGIN PRIVATE KEY----- @@ -4457,7 +4457,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls7 PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls7_PUB SharedSecret=ae9f5bcc6457c0422866bf855921eabc42b7121a -# Title=wap-wsg-idm-ecid-wtls8 curve tests +Title=wap-wsg-idm-ecid-wtls8 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls8 -----BEGIN PRIVATE KEY----- @@ -4493,7 +4493,7 @@ Derive=BOB_cf_wap-wsg-idm-ecid-wtls8 PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls8_PUB SharedSecret=48baf4f1f5e8a0eb5dae28ef6290 -# Title=wap-wsg-idm-ecid-wtls9 curve tests +Title=wap-wsg-idm-ecid-wtls9 curve tests PrivateKey=ALICE_cf_wap-wsg-idm-ecid-wtls9 -----BEGIN PRIVATE KEY----- @@ -4532,3 +4532,240 @@ PeerKey=ALICE_cf_wap-wsg-idm-ecid-wtls9_PUB SharedSecret=948d3030e95cead39a1bb3d8a01c2be178517ba7 # tests: 484 + +Title=zero x-coord regression tests + +PrivateKey=ALICE_zero_prime192v1 +-----BEGIN PRIVATE KEY----- +MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBBhaPNk8jG5hSG6y8tUqUoOaNNsZ3APU +pps= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime192v1_PUB +-----BEGIN PUBLIC KEY----- +MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe2hWBe5g +DLNj216pEvK7XjoKLg5gNg8S +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime192v1 +PeerKey=BOB_zero_prime192v1_PUB +SharedSecret=baaffd49a8399d2ad52cbbe24d47b67afb4b3cf436f1cd65 + +PrivateKey=ALICE_zero_prime192v2 +-----BEGIN PRIVATE KEY----- +MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQIEHzAdAgEBBBj1AIQMJ7jqYIKCvxYAS+qKMmKmH0to +41k= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime192v2_PUB +-----BEGIN PUBLIC KEY----- +MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQIDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4Gj7Qqt +2wx/jwFlKgvE4rnd50LspdMk +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime192v2 +PeerKey=BOB_zero_prime192v2_PUB +SharedSecret=b8f200a4b87064f2e8600685ca3e69b8e661a117aabc770b + +PrivateKey=ALICE_zero_prime192v3 +-----BEGIN PRIVATE KEY----- +MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQMEHzAdAgEBBBh/maLQMSlea9BfLqGy5NPuK0YAH/cz +GqI= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime192v3_PUB +-----BEGIN PUBLIC KEY----- +MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQMDMgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZEzb63e2 +3MKatRLR9Y1M5JEdI9jwMocI +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime192v3 +PeerKey=BOB_zero_prime192v3_PUB +SharedSecret=b5de857d355bc5b9e270a4c290ea9728d764d8b243ff5d8d + +PrivateKey=ALICE_zero_prime239v1 +-----BEGIN PRIVATE KEY----- +MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQQEJTAjAgEBBB5pYWzRYI+c6O7NXCt0H2kw8XRL3rhe +4MrJT8j++CI= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime239v1_PUB +-----BEGIN PUBLIC KEY----- +MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQQDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +Ox02uwNNLFuvDRn5ip8TxvW0W22R7UzJa9Av6/nh +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime239v1 +PeerKey=BOB_zero_prime239v1_PUB +SharedSecret=6b6206408bd05d42daa2cd224c401a1230b44e184f17b82f385f22dac215 + +PrivateKey=ALICE_zero_prime239v2 +-----BEGIN PRIVATE KEY----- +MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQUEJTAjAgEBBB5l8bB7Cpmr7vyx9FiOT2wEF3YOFbDG +bmRr3Vi/xr4= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime239v2_PUB +-----BEGIN PUBLIC KEY----- +MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +IOg3VJGQ89d1GWg4Igxcj5xpDmJiP8tv+e4mxt5U +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime239v2 +PeerKey=BOB_zero_prime239v2_PUB +SharedSecret=772c2819c960c78f28f21f6542b7409294fad1f84567c44c4b7678dc0e42 + +PrivateKey=ALICE_zero_prime239v3 +-----BEGIN PRIVATE KEY----- +MD8CAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQYEJTAjAgEBBB5HF5FABzUOTYMZg9UdZTx/oRERm/fU +M/+otKzpLjA= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime239v3_PUB +-----BEGIN PUBLIC KEY----- +MFUwEwYHKoZIzj0CAQYIKoZIzj0DAQYDPgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AsZ4u6r3qQI78EYBpiSgWjqNpoeShjr5piecMBWj +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime239v3 +PeerKey=BOB_zero_prime239v3_PUB +SharedSecret=56a71f5dd1611e8032c3e2d8224d86e5e8c2fc6480d74c0e282282decd43 + +PrivateKey=ALICE_zero_prime256v1 +-----BEGIN PRIVATE KEY----- +MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCDXhMb6aR4JR2+l2tmgYqP0r8S4jtym +yH++awvF2nGhhg== +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_prime256v1_PUB +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AABmSFx4Di+D1yQzvV2EoGu2VBwq8x2uhxcov4VqF0+T9A== +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_prime256v1 +PeerKey=BOB_zero_prime256v1_PUB +SharedSecret=c4f5607deb8501f1a4ba23fce4122a4343a17ada2c86a9c8e0d03d92d4a4c84c + +PrivateKey=ALICE_zero_secp112r2 +-----BEGIN PRIVATE KEY----- +MCwCAQAwEAYHKoZIzj0CAQYFK4EEAAcEFTATAgEBBA4hh3tRkG3tnA0496ffMw== +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_secp112r2_PUB +-----BEGIN PUBLIC KEY----- +MDIwEAYHKoZIzj0CAQYFK4EEAAcDHgAEAAAAAAAAAAAAAAAAAAAS5eEOWDV/Wk7w4djyDQ== +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_secp112r2 +PeerKey=BOB_zero_secp112r2_PUB +SharedSecret=958cc1cb425713678830a4d7d95e + +PrivateKey=ALICE_zero_secp128r1 +-----BEGIN PRIVATE KEY----- +MC4CAQAwEAYHKoZIzj0CAQYFK4EEABwEFzAVAgEBBBCykSzic/h3T2K6SkSP1SGt +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_secp128r1_PUB +-----BEGIN PUBLIC KEY----- +MDYwEAYHKoZIzj0CAQYFK4EEABwDIgAEAAAAAAAAAAAAAAAAAAAAAABya8M5aeOpNG3z799IdHc= +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_secp128r1 +PeerKey=BOB_zero_secp128r1_PUB +SharedSecret=5235d452066f126cd7e99eea00fd3068 + +PrivateKey=ALICE_zero_secp160r1 +-----BEGIN PRIVATE KEY----- +MDMCAQAwEAYHKoZIzj0CAQYFK4EEAAgEHDAaAgEBBBUACoRnbig69XLlh5VcRexpbbn5zwA= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_secp160r1_PUB +-----BEGIN PUBLIC KEY----- +MD4wEAYHKoZIzj0CAQYFK4EEAAgDKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAG/w1po29wYlxlygXs +MGfbiGg5ng== +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_secp160r1 +PeerKey=BOB_zero_secp160r1_PUB +SharedSecret=9ccd0ab8d093b6acdb3fe14c3736a0dfe61a4666 + +PrivateKey=ALICE_zero_secp160r2 +-----BEGIN PRIVATE KEY----- +MDMCAQAwEAYHKoZIzj0CAQYFK4EEAB4EHDAaAgEBBBUAQFGxInSw1eAvd45E9TUdbXtJGnA= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_secp160r2_PUB +-----BEGIN PUBLIC KEY----- +MD4wEAYHKoZIzj0CAQYFK4EEAB4DKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAZtSBSZqfmXp47v5z2 +ZZZl2JFxDg== +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_secp160r2 +PeerKey=BOB_zero_secp160r2_PUB +SharedSecret=303e0a282ac86f463fe834cb51b0057be42ed5ab + +PrivateKey=ALICE_zero_secp384r1 +-----BEGIN PRIVATE KEY----- +ME4CAQAwEAYHKoZIzj0CAQYFK4EEACIENzA1AgEBBDD6kgzKbg28zbQyVTdC0IdHbm0UCQt2Rdbi +VVHJeYRSnNpFOiFLaOsGOmwoeZzj6jc= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_secp384r1_PUB +-----BEGIN PUBLIC KEY----- +MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAPPme8E9RpepjC6P5+WDdWToUyb45/SvSFdO0sIqq+Gu/kn8sRuUqsG+3 +QriFDlIe +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_secp384r1 +PeerKey=BOB_zero_secp384r1_PUB +SharedSecret=b1cfeaeef51dfd487d3a8b2849f1592e04d63f2d2c88b310a6290ebfe5399f5ffe954eabd0619231393e56c35b242986 + +PrivateKey=ALICE_zero_secp521r1 +-----BEGIN PRIVATE KEY----- +MGACAQAwEAYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIAbddDLMUWbAsY7l3vbNDmntXuAUcDYPg5 +w/cgUwSCIvrV9MBeSG8AWqT16riHmHlsn+XI5PAJM6eij3JDahnu9Mo= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_secp521r1_PUB +-----BEGIN PUBLIC KEY----- +MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA +AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0g7J/qa1d8ENJsobtEb0CymeZIsa +1Qiq0GiJb+4/jmFLxjBU1Xcr8Bpl1BLgvKqOll0vXTMtfzn4RtRArgAfT4c= +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_secp521r1 +PeerKey=BOB_zero_secp521r1_PUB +SharedSecret=003fc3028f61db94b20c7cd177923b6e73f12f0ab067c9ce8866755e3c82abb39c9863cde74fa80b32520bd7dd0eb156c30c08911503b67b2661f1264d09bb231423 + +PrivateKey=ALICE_zero_wap-wsg-idm-ecid-wtls7 +-----BEGIN PRIVATE KEY----- +MDMCAQAwEAYHKoZIzj0CAQYFZysBBAcEHDAaAgEBBBUAoGng7WzYr4P9vtdc3BS/UiNWmc0= +-----END PRIVATE KEY----- + +PublicKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB +-----BEGIN PUBLIC KEY----- +MD4wEAYHKoZIzj0CAQYFZysBBAcDKgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAZtSBSZqfmXp47v5z2 +ZZZl2JFxDg== +-----END PUBLIC KEY----- + +# ECDH Alice with Bob peer +Derive=ALICE_zero_wap-wsg-idm-ecid-wtls7 +PeerKey=BOB_zero_wap-wsg-idm-ecid-wtls7_PUB +SharedSecret=6582fc03bbb340fcf24a5fe8fcdf722655efa8b9 + +# tests: 14 diff --git a/deps/openssl/openssl/test/recipes/05-test_sha1.t b/deps/openssl/openssl/test/recipes/30-test_pkey_meth.t index 21bb74edcc..1b78c257ed 100644 --- a/deps/openssl/openssl/test/recipes/05-test_sha1.t +++ b/deps/openssl/openssl/test/recipes/30-test_pkey_meth.t @@ -9,4 +9,4 @@ use OpenSSL::Test::Simple; -simple_test("test_sha1", "sha1test", "sha"); +simple_test("test_pkey_meth", "pkey_meth_test"); diff --git a/deps/openssl/openssl/test/recipes/30-test_pkey_meth_kdf.t b/deps/openssl/openssl/test/recipes/30-test_pkey_meth_kdf.t new file mode 100644 index 0000000000..9289df2ba1 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/30-test_pkey_meth_kdf.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_pkey_meth_kdf", "pkey_meth_kdf_test"); diff --git a/deps/openssl/openssl/test/recipes/60-test_x509_check_cert_pkey.t b/deps/openssl/openssl/test/recipes/60-test_x509_check_cert_pkey.t new file mode 100644 index 0000000000..d7ee642649 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/60-test_x509_check_cert_pkey.t @@ -0,0 +1,46 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils; + +setup("test_x509_check_cert_pkey"); + +plan tests => 6; + +# rsa +ok(run(test(["x509_check_cert_pkey_test", + srctop_file("test", "certs", "servercert.pem"), + srctop_file("test", "certs", "serverkey.pem"), "cert", "ok"]))); +# mismatched rsa +ok(run(test(["x509_check_cert_pkey_test", + srctop_file("test", "certs", "servercert.pem"), + srctop_file("test", "certs", "wrongkey.pem"), "cert", "failed"]))); +SKIP: { + skip "DSA disabled", 1, if disabled("dsa"); + # dsa + ok(run(test(["x509_check_cert_pkey_test", + srctop_file("test", "certs", "server-dsa-cert.pem"), + srctop_file("test", "certs", "server-dsa-key.pem"), "cert", "ok"]))); +} +# ecc +SKIP: { + skip "EC disabled", 1 if disabled("ec"); + ok(run(test(["x509_check_cert_pkey_test", + srctop_file("test", "certs", "server-ecdsa-cert.pem"), + srctop_file("test", "certs", "server-ecdsa-key.pem"), "cert", "ok"]))); +} +# certificate request (rsa) +ok(run(test(["x509_check_cert_pkey_test", + srctop_file("test", "certs", "x509-check.csr"), + srctop_file("test", "certs", "x509-check-key.pem"), "req", "ok"]))); +# mismatched certificate request (rsa) +ok(run(test(["x509_check_cert_pkey_test", + srctop_file("test", "certs", "x509-check.csr"), + srctop_file("test", "certs", "wrongkey.pem"), "req", "failed"]))); diff --git a/deps/openssl/openssl/test/recipes/60-test_x509_dup_cert.t b/deps/openssl/openssl/test/recipes/60-test_x509_dup_cert.t index 8e1c313814..7cae05c6e3 100644 --- a/deps/openssl/openssl/test/recipes/60-test_x509_dup_cert.t +++ b/deps/openssl/openssl/test/recipes/60-test_x509_dup_cert.t @@ -1,13 +1,11 @@ #! /usr/bin/env perl -# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html -# -# ====================================================================== -# Copyright (c) 2017 Oracle and/or its affiliates. All rights reserved. use OpenSSL::Test qw/:DEFAULT srctop_file/; diff --git a/deps/openssl/openssl/test/recipes/60-test_x509_time.t b/deps/openssl/openssl/test/recipes/60-test_x509_time.t index e812cd0b26..8b311ad314 100644 --- a/deps/openssl/openssl/test/recipes/60-test_x509_time.t +++ b/deps/openssl/openssl/test/recipes/60-test_x509_time.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/deps/openssl/openssl/test/recipes/70-test_clienthello.t b/deps/openssl/openssl/test/recipes/70-test_clienthello.t index ef0868f05a..ccb3a5a1e0 100644 --- a/deps/openssl/openssl/test/recipes/70-test_clienthello.t +++ b/deps/openssl/openssl/test/recipes/70-test_clienthello.t @@ -7,7 +7,7 @@ # https://www.openssl.org/source/license.html -use OpenSSL::Test; +use OpenSSL::Test qw/:DEFAULT srctop_file/; use OpenSSL::Test::Utils; setup("test_clienthello"); @@ -17,4 +17,5 @@ plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" plan tests => 1; -ok(run(test(["clienthellotest"])), "running clienthellotest"); +ok(run(test(["clienthellotest", srctop_file("test", "session.pem")])), + "running clienthellotest"); diff --git a/deps/openssl/openssl/test/recipes/70-test_comp.t b/deps/openssl/openssl/test/recipes/70-test_comp.t new file mode 100644 index 0000000000..d11ba39e0d --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_comp.t @@ -0,0 +1,110 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; +use OpenSSL::Test::Utils; +use File::Temp qw(tempfile); +use TLSProxy::Proxy; + +my $test_name = "test_comp"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLSv1.3 or TLSv1.2 enabled" + if disabled("tls1_3") && disabled("tls1_2"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); + +use constant { + MULTIPLE_COMPRESSIONS => 0, + NON_NULL_COMPRESSION => 1 +}; +my $testtype; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 4; + +SKIP: { + skip "TLSv1.2 disabled", 2 if disabled("tls1_2"); + #Test 1: Check that sending multiple compression methods in a TLSv1.2 + # ClientHello succeeds + $proxy->clear(); + $proxy->filter(\&add_comp_filter); + $proxy->clientflags("-no_tls1_3"); + $testtype = MULTIPLE_COMPRESSIONS; + $proxy->start(); + ok(TLSProxy::Message->success(), "Non null compression"); + + #Test 2: NULL compression method must be present in TLSv1.2 + $proxy->clear(); + $proxy->clientflags("-no_tls1_3"); + $testtype = NON_NULL_COMPRESSION; + $proxy->start(); + ok(TLSProxy::Message->fail(), "NULL compression missing"); +} + +SKIP: { + skip "TLSv1.3 disabled", 2 if disabled("tls1_3"); + #Test 3: Check that sending multiple compression methods in a TLSv1.3 + # ClientHello fails + $proxy->clear(); + $proxy->filter(\&add_comp_filter); + $testtype = MULTIPLE_COMPRESSIONS; + $proxy->start(); + ok(TLSProxy::Message->fail(), "Non null compression (TLSv1.3)"); + + #Test 4: NULL compression method must be present in TLSv1.3 + $proxy->clear(); + $testtype = NON_NULL_COMPRESSION; + $proxy->start(); + ok(TLSProxy::Message->fail(), "NULL compression missing (TLSv1.3)"); +} + +sub add_comp_filter +{ + my $proxy = shift; + my $flight; + my $message; + my @comp; + + # Only look at the ClientHello + return if $proxy->flight != 0; + + $message = ${$proxy->message_list}[0]; + + return if (!defined $message + || $message->mt != TLSProxy::Message::MT_CLIENT_HELLO); + + if ($testtype == MULTIPLE_COMPRESSIONS) { + @comp = ( + 0x00, #Null compression method + 0xff); #Unknown compression + } elsif ($testtype == NON_NULL_COMPRESSION) { + @comp = (0xff); #Unknown compression + } + $message->comp_meths(\@comp); + $message->comp_meth_len(scalar @comp); + $message->repack(); +} diff --git a/deps/openssl/openssl/test/recipes/70-test_key_share.t b/deps/openssl/openssl/test/recipes/70-test_key_share.t new file mode 100644 index 0000000000..46370c5600 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_key_share.t @@ -0,0 +1,388 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; +use File::Temp qw(tempfile); + +use constant { + LOOK_ONLY => 0, + EMPTY_EXTENSION => 1, + MISSING_EXTENSION => 2, + NO_ACCEPTABLE_KEY_SHARES => 3, + NON_PREFERRED_KEY_SHARE => 4, + ACCEPTABLE_AT_END => 5, + NOT_IN_SUPPORTED_GROUPS => 6, + GROUP_ID_TOO_SHORT => 7, + KEX_LEN_MISMATCH => 8, + ZERO_LEN_KEX_DATA => 9, + TRAILING_DATA => 10, + SELECT_X25519 => 11, + NO_KEY_SHARES_IN_HRR => 12 +}; + +use constant { + CLIENT_TO_SERVER => 1, + SERVER_TO_CLIENT => 2 +}; + + +use constant { + X25519 => 0x1d, + P_256 => 0x17 +}; + +my $testtype; +my $direction; +my $selectedgroupid; + +my $test_name = "test_key_share"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#We assume that test_ssl_new and friends will test the happy path for this, +#so we concentrate on the less common scenarios + +#Test 1: An empty key_shares extension should succeed after a HelloRetryRequest +$testtype = EMPTY_EXTENSION; +$direction = CLIENT_TO_SERVER; +$proxy->filter(\&modify_key_shares_filter); +$proxy->serverflags("-curves P-256"); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 22; +ok(TLSProxy::Message->success(), "Success after HRR"); + +#Test 2: The server sending an HRR requesting a group the client already sent +# should fail +$proxy->clear(); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Server asks for group already provided"); + +#Test 3: A missing key_shares extension should not succeed +$proxy->clear(); +$testtype = MISSING_EXTENSION; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Missing key_shares extension"); + +#Test 4: No initial acceptable key_shares should succeed after a +# HelloRetryRequest +$proxy->clear(); +$proxy->filter(undef); +$proxy->serverflags("-curves P-256"); +$proxy->start(); +ok(TLSProxy::Message->success(), "No initial acceptable key_shares"); + +#Test 5: No acceptable key_shares and no shared groups should fail +$proxy->clear(); +$proxy->filter(undef); +$proxy->serverflags("-curves P-256"); +$proxy->clientflags("-curves P-384"); +$proxy->start(); +ok(TLSProxy::Message->fail(), "No acceptable key_shares"); + +#Test 6: A non preferred but acceptable key_share should succeed +$proxy->clear(); +$proxy->clientflags("-curves P-256"); +$proxy->start(); +ok(TLSProxy::Message->success(), "Non preferred key_share"); +$proxy->filter(\&modify_key_shares_filter); + +#Test 7: An acceptable key_share after a list of non-acceptable ones should +#succeed +$proxy->clear(); +$testtype = ACCEPTABLE_AT_END; +$proxy->start(); +ok(TLSProxy::Message->success(), "Acceptable key_share at end of list"); + +#Test 8: An acceptable key_share but for a group not in supported_groups should +#fail +$proxy->clear(); +$testtype = NOT_IN_SUPPORTED_GROUPS; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Acceptable key_share not in supported_groups"); + +#Test 9: Too short group_id should fail +$proxy->clear(); +$testtype = GROUP_ID_TOO_SHORT; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Group id too short"); + +#Test 10: key_exchange length mismatch should fail +$proxy->clear(); +$testtype = KEX_LEN_MISMATCH; +$proxy->start(); +ok(TLSProxy::Message->fail(), "key_exchange length mismatch"); + +#Test 11: Zero length key_exchange should fail +$proxy->clear(); +$testtype = ZERO_LEN_KEX_DATA; +$proxy->start(); +ok(TLSProxy::Message->fail(), "zero length key_exchange data"); + +#Test 12: Trailing data on key_share list should fail +$proxy->clear(); +$testtype = TRAILING_DATA; +$proxy->start(); +ok(TLSProxy::Message->fail(), "key_share list trailing data"); + +#Test 13: Multiple acceptable key_shares - we choose the first one +$proxy->clear(); +$direction = SERVER_TO_CLIENT; +$testtype = LOOK_ONLY; +$proxy->clientflags("-curves P-256:X25519"); +$proxy->start(); +ok(TLSProxy::Message->success() && ($selectedgroupid == P_256), + "Multiple acceptable key_shares"); + +#Test 14: Multiple acceptable key_shares - we choose the first one (part 2) +$proxy->clear(); +$proxy->clientflags("-curves X25519:P-256"); +$proxy->start(); +ok(TLSProxy::Message->success() && ($selectedgroupid == X25519), + "Multiple acceptable key_shares (part 2)"); + +#Test 15: Server sends key_share that wasn't offered should fail +$proxy->clear(); +$testtype = SELECT_X25519; +$proxy->clientflags("-curves P-256"); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Non offered key_share"); + +#Test 16: Too short group_id in ServerHello should fail +$proxy->clear(); +$testtype = GROUP_ID_TOO_SHORT; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Group id too short in ServerHello"); + +#Test 17: key_exchange length mismatch in ServerHello should fail +$proxy->clear(); +$testtype = KEX_LEN_MISMATCH; +$proxy->start(); +ok(TLSProxy::Message->fail(), "key_exchange length mismatch in ServerHello"); + +#Test 18: Zero length key_exchange in ServerHello should fail +$proxy->clear(); +$testtype = ZERO_LEN_KEX_DATA; +$proxy->start(); +ok(TLSProxy::Message->fail(), "zero length key_exchange data in ServerHello"); + +#Test 19: Trailing data on key_share in ServerHello should fail +$proxy->clear(); +$testtype = TRAILING_DATA; +$proxy->start(); +ok(TLSProxy::Message->fail(), "key_share trailing data in ServerHello"); + +SKIP: { + skip "No TLSv1.2 support in this OpenSSL build", 2 if disabled("tls1_2"); + + #Test 20: key_share should not be sent if the client is not capable of + # negotiating TLSv1.3 + $proxy->clear(); + $proxy->filter(undef); + $proxy->clientflags("-no_tls1_3"); + $proxy->start(); + my $clienthello = $proxy->message_list->[0]; + ok(TLSProxy::Message->success() + && !defined $clienthello->extension_data->{TLSProxy::Message::EXT_KEY_SHARE}, + "No key_share for TLS<=1.2 client"); + $proxy->filter(\&modify_key_shares_filter); + + #Test 21: A server not capable of negotiating TLSv1.3 should not attempt to + # process a key_share + $proxy->clear(); + $direction = CLIENT_TO_SERVER; + $testtype = NO_ACCEPTABLE_KEY_SHARES; + $proxy->serverflags("-no_tls1_3"); + $proxy->start(); + ok(TLSProxy::Message->success(), "Ignore key_share for TLS<=1.2 server"); +} + +#Test 22: The server sending an HRR but not requesting a new key_share should +# fail +$proxy->clear(); +$direction = SERVER_TO_CLIENT; +$testtype = NO_KEY_SHARES_IN_HRR; +$proxy->serverflags("-curves X25519"); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Server sends HRR with no key_shares"); + +sub modify_key_shares_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if (($direction == CLIENT_TO_SERVER && $proxy->flight != 0 + && ($proxy->flight != 1 || $testtype != NO_KEY_SHARES_IN_HRR)) + || ($direction == SERVER_TO_CLIENT && $proxy->flight != 1)) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO + && $direction == CLIENT_TO_SERVER) { + my $ext; + my $suppgroups; + + #Setup supported groups to include some unrecognised groups + $suppgroups = pack "C8", + 0x00, 0x06, #List Length + 0xff, 0xfe, #Non existing group 1 + 0xff, 0xff, #Non existing group 2 + 0x00, 0x1d; #x25519 + + if ($testtype == EMPTY_EXTENSION) { + $ext = pack "C2", + 0x00, 0x00; + } elsif ($testtype == NO_ACCEPTABLE_KEY_SHARES) { + $ext = pack "C12", + 0x00, 0x0a, #List Length + 0xff, 0xfe, #Non existing group 1 + 0x00, 0x01, 0xff, #key_exchange data + 0xff, 0xff, #Non existing group 2 + 0x00, 0x01, 0xff; #key_exchange data + } elsif ($testtype == ACCEPTABLE_AT_END) { + $ext = pack "C11H64", + 0x00, 0x29, #List Length + 0xff, 0xfe, #Non existing group 1 + 0x00, 0x01, 0xff, #key_exchange data + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + "155155B95269ED5C87EAA99C2EF5A593". + "EDF83495E80380089F831B94D14B1421"; #key_exchange data + } elsif ($testtype == NOT_IN_SUPPORTED_GROUPS) { + $suppgroups = pack "C4", + 0x00, 0x02, #List Length + 0x00, 0xfe; #Non existing group 1 + } elsif ($testtype == GROUP_ID_TOO_SHORT) { + $ext = pack "C6H64C1", + 0x00, 0x25, #List Length + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + "155155B95269ED5C87EAA99C2EF5A593". + "EDF83495E80380089F831B94D14B1421"; #key_exchange data + 0x00; #Group id too short + } elsif ($testtype == KEX_LEN_MISMATCH) { + $ext = pack "C8", + 0x00, 0x06, #List Length + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + 0x15, 0x51; #Only two bytes of data, but length should be 32 + } elsif ($testtype == ZERO_LEN_KEX_DATA) { + $ext = pack "C10H64", + 0x00, 0x28, #List Length + 0xff, 0xfe, #Non existing group 1 + 0x00, 0x00, #zero length key_exchange data is invalid + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + "155155B95269ED5C87EAA99C2EF5A593". + "EDF83495E80380089F831B94D14B1421"; #key_exchange data + } elsif ($testtype == TRAILING_DATA) { + $ext = pack "C6H64C1", + 0x00, 0x24, #List Length + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + "155155B95269ED5C87EAA99C2EF5A593". + "EDF83495E80380089F831B94D14B1421", #key_exchange data + 0x00; #Trailing garbage + } elsif ($testtype == NO_KEY_SHARES_IN_HRR) { + #We trick the server into thinking we sent a P-256 key_share - + #but the client actually sent X25519 + $ext = pack "C7", + 0x00, 0x05, #List Length + 0x00, 0x17, #P-256 + 0x00, 0x01, #key_exchange data length + 0xff; #Dummy key_share data + } + + if ($testtype != EMPTY_EXTENSION + && $testtype != NO_KEY_SHARES_IN_HRR) { + $message->set_extension( + TLSProxy::Message::EXT_SUPPORTED_GROUPS, $suppgroups); + } + + if ($testtype == MISSING_EXTENSION) { + $message->delete_extension( + TLSProxy::Message::EXT_KEY_SHARE); + } elsif ($testtype != NOT_IN_SUPPORTED_GROUPS) { + $message->set_extension( + TLSProxy::Message::EXT_KEY_SHARE, $ext); + } + + $message->repack(); + } elsif ($message->mt == TLSProxy::Message::MT_SERVER_HELLO + && $direction == SERVER_TO_CLIENT) { + my $ext; + my $key_share = + $message->extension_data->{TLSProxy::Message::EXT_KEY_SHARE}; + $selectedgroupid = unpack("n", $key_share); + + if ($testtype == LOOK_ONLY) { + return; + } + if ($testtype == NO_KEY_SHARES_IN_HRR) { + $message->delete_extension(TLSProxy::Message::EXT_KEY_SHARE); + $message->set_extension(TLSProxy::Message::EXT_UNKNOWN, ""); + $message->repack(); + return; + } + if ($testtype == SELECT_X25519) { + $ext = pack "C4H64", + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + "155155B95269ED5C87EAA99C2EF5A593". + "EDF83495E80380089F831B94D14B1421"; #key_exchange data + } elsif ($testtype == GROUP_ID_TOO_SHORT) { + $ext = pack "C1", + 0x00; + } elsif ($testtype == KEX_LEN_MISMATCH) { + $ext = pack "C6", + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + 0x15, 0x51; #Only two bytes of data, but length should be 32 + } elsif ($testtype == ZERO_LEN_KEX_DATA) { + $ext = pack "C4", + 0x00, 0x1d, #x25519 + 0x00, 0x00, #zero length key_exchange data is invalid + } elsif ($testtype == TRAILING_DATA) { + $ext = pack "C4H64C1", + 0x00, 0x1d, #x25519 + 0x00, 0x20, #key_exchange data length + "155155B95269ED5C87EAA99C2EF5A593". + "EDF83495E80380089F831B94D14B1421", #key_exchange data + 0x00; #Trailing garbage + } + $message->set_extension(TLSProxy::Message::EXT_KEY_SHARE, $ext); + + $message->repack(); + } + } +} + + diff --git a/deps/openssl/openssl/test/recipes/70-test_recordlen.t b/deps/openssl/openssl/test/recipes/70-test_recordlen.t new file mode 100644 index 0000000000..12647a212a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_recordlen.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_recordlen"); + +plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["recordlentest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running recordlentest"); diff --git a/deps/openssl/openssl/test/recipes/70-test_renegotiation.t b/deps/openssl/openssl/test/recipes/70-test_renegotiation.t new file mode 100644 index 0000000000..734f1cd21e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_renegotiation.t @@ -0,0 +1,98 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_renegotiation"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS <= 1.2 enabled" + if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: A basic renegotiation test +$proxy->clientflags("-no_tls1_3"); +$proxy->reneg(1); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 3; +ok(TLSProxy::Message->success(), "Basic renegotiation"); + +#Test 2: Client does not send the Reneg SCSV. Reneg should fail +$proxy->clear(); +$proxy->filter(\&reneg_filter); +$proxy->clientflags("-no_tls1_3"); +$proxy->reneg(1); +$proxy->start(); +ok(TLSProxy::Message->fail(), "No client SCSV"); + +SKIP: { + skip "TLSv1.2 or TLSv1.1 disabled", 1 + if disabled("tls1_2") || disabled("tls1_1"); + #Test 3: Check that the ClientHello version remains the same in the reneg + # handshake + $proxy->clear(); + $proxy->filter(undef); + $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-no_tls1_3 -no_tls1_2"); + $proxy->reneg(1); + $proxy->start(); + my $chversion; + my $chmatch = 0; + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + if (!defined $chversion) { + $chversion = $message->client_version; + } else { + if ($chversion == $message->client_version) { + $chmatch = 1; + } + } + } + } + ok(TLSProxy::Message->success() && $chmatch, + "Check ClientHello version is the same"); +} + +sub reneg_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello message + if ($proxy->flight != 0) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + #Remove any SCSV ciphersuites - just leave AES128-SHA (0x002f) + my @ciphersuite = (0x002f); + $message->ciphersuites(\@ciphersuite); + $message->ciphersuite_len(2); + $message->repack(); + } + } +} diff --git a/deps/openssl/openssl/test/recipes/70-test_servername.t b/deps/openssl/openssl/test/recipes/70-test_servername.t new file mode 100644 index 0000000000..2eff92aa5f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_servername.t @@ -0,0 +1,26 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017 BaishanCloud. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use OpenSSL::Test::Simple; +use OpenSSL::Test qw/:DEFAULT srctop_file/; +use OpenSSL::Test::Utils qw(alldisabled available_protocols); + +setup("test_servername"); + +plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" + if alldisabled(grep { $_ ne "ssl3" } available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["servername_test", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), + "running servername_test"); diff --git a/deps/openssl/openssl/test/recipes/70-test_sslcbcpadding.t b/deps/openssl/openssl/test/recipes/70-test_sslcbcpadding.t index 6d296db001..55943764be 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslcbcpadding.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslcbcpadding.t @@ -7,6 +7,8 @@ # https://www.openssl.org/source/license.html use strict; +use feature 'state'; + use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; use OpenSSL::Test::Utils; use TLSProxy::Proxy; @@ -40,25 +42,32 @@ my @test_offsets = (0, 128, 254, 255); # Test that maximally-padded records are accepted. my $bad_padding_offset = -1; +$proxy->serverflags("-tls1_2"); +$proxy->serverconnects(1 + scalar(@test_offsets)); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 1 + scalar(@test_offsets); ok(TLSProxy::Message->success(), "Maximally-padded record test"); # Test that invalid padding is rejected. +my $fatal_alert; # set by add_maximal_padding_filter on client's fatal alert + foreach my $offset (@test_offsets) { - $proxy->clear(); $bad_padding_offset = $offset; - $proxy->start(); - ok(TLSProxy::Message->fail(), "Invalid padding byte $bad_padding_offset"); + $fatal_alert = 0; + $proxy->clearClient(); + $proxy->clientstart(); + ok($fatal_alert, "Invalid padding byte $bad_padding_offset"); } sub add_maximal_padding_filter { my $proxy = shift; + my $messages = $proxy->message_list; + state $sent_corrupted_payload; if ($proxy->flight == 0) { # Disable Encrypt-then-MAC. - foreach my $message (@{$proxy->message_list}) { + foreach my $message (@{$messages}) { if ($message->mt != TLSProxy::Message::MT_CLIENT_HELLO) { next; } @@ -67,9 +76,16 @@ sub add_maximal_padding_filter $message->process_extensions(); $message->repack(); } + $sent_corrupted_payload = 0; + return; } - if ($proxy->flight == 3) { + my $last_message = @{$messages}[-1]; + if (defined($last_message) + && $last_message->server + && $last_message->mt == TLSProxy::Message::MT_FINISHED + && !@{$last_message->records}[0]->{sent}) { + # Insert a maximally-padded record. Assume a block size of 16 (AES) and # a MAC length of 20 (SHA-1). my $block_size = 16; @@ -86,6 +102,7 @@ sub add_maximal_padding_filter # Add padding. for (my $i = 0; $i < 256; $i++) { if ($i == $bad_padding_offset) { + $sent_corrupted_payload = 1; $data .= "\xfe"; } else { $data .= "\xff"; @@ -106,5 +123,9 @@ sub add_maximal_padding_filter # Send the record immediately after the server Finished. push @{$proxy->record_list}, $record; + } elsif ($sent_corrupted_payload) { + # Check for bad_record_mac from client + my $last_record = @{$proxy->record_list}[-1]; + $fatal_alert = 1 if $last_record->is_fatal_alert(0) == 20; } } diff --git a/deps/openssl/openssl/test/recipes/70-test_sslcertstatus.t b/deps/openssl/openssl/test/recipes/70-test_sslcertstatus.t index 104ee9c31b..6fd89feaf7 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslcertstatus.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslcertstatus.t @@ -27,7 +27,8 @@ plan skip_all => "$test_name needs the ocsp feature enabled" if disabled("ocsp"); plan skip_all => "$test_name needs TLS enabled" - if alldisabled(available_protocols("tls")); + if alldisabled(available_protocols("tls")) + || (!disabled("tls1_3") && disabled("tls1_2")); $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( @@ -39,7 +40,7 @@ my $proxy = TLSProxy::Proxy->new( #Test 1: Sending a status_request extension in both ClientHello and #ServerHello but then omitting the CertificateStatus message is valid -$proxy->clientflags("-status"); +$proxy->clientflags("-status -no_tls1_3"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 1; ok(TLSProxy::Message->success, "Missing CertificateStatus message"); diff --git a/deps/openssl/openssl/test/recipes/70-test_sslextension.t b/deps/openssl/openssl/test/recipes/70-test_sslextension.t index 8d6ccc6ab3..20e1933f00 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslextension.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslextension.t @@ -7,6 +7,8 @@ # https://www.openssl.org/source/license.html use strict; +use feature 'state'; + use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; use OpenSSL::Test::Utils; use TLSProxy::Proxy; @@ -26,23 +28,41 @@ plan skip_all => "$test_name needs the sock feature enabled" plan skip_all => "$test_name needs TLS enabled" if alldisabled(available_protocols("tls")); +my $no_below_tls13 = alldisabled(("tls1", "tls1_1", "tls1_2")) + || (!disabled("tls1_3") && disabled("tls1_2")); + +use constant { + UNSOLICITED_SERVER_NAME => 0, + UNSOLICITED_SERVER_NAME_TLS13 => 1, + UNSOLICITED_SCT => 2, + NONCOMPLIANT_SUPPORTED_GROUPS => 3 +}; + +my $testtype; +my $fatal_alert = 0; # set by filter on fatal alert + $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; my $proxy = TLSProxy::Proxy->new( - \&extension_filter, + \&inject_duplicate_extension_clienthello, cmdstr(app(["openssl"]), display => 1), srctop_file("apps", "server.pem"), (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ); -# Test 1: Sending a zero length extension block should pass -$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 3; -ok(TLSProxy::Message->success, "Zero extension length test"); sub extension_filter { my $proxy = shift; + if ($proxy->flight == 1) { + # Change the ServerRandom so that the downgrade sentinel doesn't cause + # the connection to fail + my $message = ${$proxy->message_list}[1]; + $message->random("\0"x32); + $message->repack(); + return; + } + # We're only interested in the initial ClientHello if ($proxy->flight != 0) { return; @@ -61,7 +81,6 @@ sub extension_filter } } -# Test 2-3: Sending a duplicate extension should fail. sub inject_duplicate_extension { my ($proxy, $message_type) = @_; @@ -82,11 +101,13 @@ sub inject_duplicate_extension_clienthello my $proxy = shift; # We're only interested in the initial ClientHello - if ($proxy->flight != 0) { + if ($proxy->flight == 0) { + inject_duplicate_extension($proxy, TLSProxy::Message::MT_CLIENT_HELLO); return; } - inject_duplicate_extension($proxy, TLSProxy::Message::MT_CLIENT_HELLO); + my $last_record = @{$proxy->{record_list}}[-1]; + $fatal_alert = 1 if $last_record->is_fatal_alert(1); } sub inject_duplicate_extension_serverhello @@ -94,19 +115,122 @@ sub inject_duplicate_extension_serverhello my $proxy = shift; # We're only interested in the initial ServerHello + if ($proxy->flight == 0) { + return; + } elsif ($proxy->flight == 1) { + inject_duplicate_extension($proxy, TLSProxy::Message::MT_SERVER_HELLO); + return; + } + + my $last_record = @{$proxy->{record_list}}[-1]; + $fatal_alert = 1 if $last_record->is_fatal_alert(0); +} + +sub inject_unsolicited_extension +{ + my $proxy = shift; + my $message; + state $sent_unsolisited_extension; + + if ($proxy->flight == 0) { + $sent_unsolisited_extension = 0; + return; + } + + # We're only interested in the initial ServerHello/EncryptedExtensions if ($proxy->flight != 1) { + if ($sent_unsolisited_extension) { + my $last_record = @{$proxy->record_list}[-1]; + $fatal_alert = 1 if $last_record->is_fatal_alert(0); + } return; } - inject_duplicate_extension($proxy, TLSProxy::Message::MT_SERVER_HELLO); + if ($testtype == UNSOLICITED_SERVER_NAME_TLS13) { + return if (!defined($message = ${$proxy->message_list}[2])); + die "Expecting EE message ".($message->mt)."," + .${$proxy->message_list}[1]->mt.", " + .${$proxy->message_list}[3]->mt + if $message->mt != TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS; + } else { + $message = ${$proxy->message_list}[1]; + } + + my $ext = pack "C2", + 0x00, 0x00; #Extension length + + my $type; + if ($testtype == UNSOLICITED_SERVER_NAME + || $testtype == UNSOLICITED_SERVER_NAME_TLS13) { + $type = TLSProxy::Message::EXT_SERVER_NAME; + } elsif ($testtype == UNSOLICITED_SCT) { + $type = TLSProxy::Message::EXT_SCT; + } elsif ($testtype == NONCOMPLIANT_SUPPORTED_GROUPS) { + $type = TLSProxy::Message::EXT_SUPPORTED_GROUPS; + } + $message->set_extension($type, $ext); + $message->repack(); + $sent_unsolisited_extension = 1; } -$proxy->clear(); -$proxy->filter(\&inject_duplicate_extension_clienthello); -$proxy->start(); -ok(TLSProxy::Message->fail(), "Duplicate ClientHello extension"); +# Test 1-2: Sending a duplicate extension should fail. +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 7; +ok($fatal_alert, "Duplicate ClientHello extension"); +$fatal_alert = 0; $proxy->clear(); $proxy->filter(\&inject_duplicate_extension_serverhello); $proxy->start(); -ok(TLSProxy::Message->fail(), "Duplicate ServerHello extension"); +ok($fatal_alert, "Duplicate ServerHello extension"); + +SKIP: { + skip "TLS <= 1.2 disabled", 3 if $no_below_tls13; + + #Test 3: Sending a zero length extension block should pass + $proxy->clear(); + $proxy->filter(\&extension_filter); + $proxy->start(); + ok(TLSProxy::Message->success, "Zero extension length test"); + + #Test 4: Inject an unsolicited extension (<= TLSv1.2) + $fatal_alert = 0; + $proxy->clear(); + $proxy->filter(\&inject_unsolicited_extension); + $testtype = UNSOLICITED_SERVER_NAME; + $proxy->clientflags("-no_tls1_3 -noservername"); + $proxy->start(); + ok($fatal_alert, "Unsolicited server name extension"); + + #Test 5: Inject a noncompliant supported_groups extension (<= TLSv1.2) + $proxy->clear(); + $proxy->filter(\&inject_unsolicited_extension); + $testtype = NONCOMPLIANT_SUPPORTED_GROUPS; + $proxy->clientflags("-no_tls1_3"); + $proxy->start(); + ok(TLSProxy::Message->success(), "Noncompliant supported_groups extension"); +} + +SKIP: { + skip "TLS <= 1.2 or CT disabled", 1 + if $no_below_tls13 || disabled("ct"); + #Test 6: Same as above for the SCT extension which has special handling + $fatal_alert = 0; + $proxy->clear(); + $testtype = UNSOLICITED_SCT; + $proxy->clientflags("-no_tls1_3"); + $proxy->start(); + ok($fatal_alert, "Unsolicited sct extension"); +} + +SKIP: { + skip "TLS 1.3 disabled", 1 if disabled("tls1_3"); + #Test 7: Inject an unsolicited extension (TLSv1.3) + $fatal_alert = 0; + $proxy->clear(); + $proxy->filter(\&inject_unsolicited_extension); + $testtype = UNSOLICITED_SERVER_NAME_TLS13; + $proxy->clientflags("-noservername"); + $proxy->start(); + ok($fatal_alert, "Unsolicited server name extension (TLSv1.3)"); +} diff --git a/deps/openssl/openssl/test/recipes/70-test_sslmessages.t b/deps/openssl/openssl/test/recipes/70-test_sslmessages.t index b4631ea39c..1e4676973a 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslmessages.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslmessages.t @@ -7,11 +7,13 @@ # https://www.openssl.org/source/license.html use strict; -use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; use OpenSSL::Test::Utils; use File::Temp qw(tempfile); use TLSProxy::Proxy; -my $test_name = "test_tls13messages"; +use checkhandshake qw(checkhandshake @handmessages @extensions); + +my $test_name = "test_sslmessages"; setup($test_name); plan skip_all => "TLSProxy isn't usable on $^O" @@ -24,44 +26,11 @@ plan skip_all => "$test_name needs the sock feature enabled" if disabled("sock"); plan skip_all => "$test_name needs TLS enabled" - if alldisabled(available_protocols("tls")); + if alldisabled(available_protocols("tls")) + || (!disabled("tls1_3") && disabled("tls1_2")); $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; - -use constant { - DEFAULT_HANDSHAKE => 1, - OCSP_HANDSHAKE => 2, - RESUME_HANDSHAKE => 4, - CLIENT_AUTH_HANDSHAKE => 8, - RENEG_HANDSHAKE => 16, - - ALL_HANDSHAKES => 31 -}; - -my @handmessages = ( - [TLSProxy::Message::MT_CLIENT_HELLO, ALL_HANDSHAKES], - [TLSProxy::Message::MT_SERVER_HELLO, ALL_HANDSHAKES], - [TLSProxy::Message::MT_CERTIFICATE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], - [TLSProxy::Message::MT_CERTIFICATE_STATUS, OCSP_HANDSHAKE], - #ServerKeyExchange handshakes not currently supported by TLSProxy - [TLSProxy::Message::MT_CERTIFICATE_REQUEST, CLIENT_AUTH_HANDSHAKE], - [TLSProxy::Message::MT_SERVER_HELLO_DONE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], - [TLSProxy::Message::MT_CERTIFICATE, CLIENT_AUTH_HANDSHAKE], - [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], - [TLSProxy::Message::MT_CERTIFICATE_VERIFY, CLIENT_AUTH_HANDSHAKE], - [TLSProxy::Message::MT_FINISHED, ALL_HANDSHAKES], - [TLSProxy::Message::MT_NEW_SESSION_TICKET, ALL_HANDSHAKES & ~RESUME_HANDSHAKE], - [TLSProxy::Message::MT_FINISHED, ALL_HANDSHAKES], - [TLSProxy::Message::MT_CLIENT_HELLO, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_SERVER_HELLO, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_CERTIFICATE, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_SERVER_HELLO_DONE, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_FINISHED, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_NEW_SESSION_TICKET, RENEG_HANDSHAKE], - [TLSProxy::Message::MT_FINISHED, RENEG_HANDSHAKE], - [0, 0] -); +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); my $proxy = TLSProxy::Proxy->new( undef, @@ -70,78 +39,369 @@ my $proxy = TLSProxy::Proxy->new( (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ); -sub checkmessages($$); +@handmessages = ( + [TLSProxy::Message::MT_CLIENT_HELLO, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_SERVER_HELLO, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::ALL_HANDSHAKES + & ~checkhandshake::RESUME_HANDSHAKE], + (disabled("ec") ? () : + [TLSProxy::Message::MT_SERVER_KEY_EXCHANGE, + checkhandshake::EC_HANDSHAKE]), + [TLSProxy::Message::MT_CERTIFICATE_STATUS, + checkhandshake::OCSP_HANDSHAKE], + #ServerKeyExchange handshakes not currently supported by TLSProxy + [TLSProxy::Message::MT_CERTIFICATE_REQUEST, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO_DONE, + checkhandshake::ALL_HANDSHAKES + & ~checkhandshake::RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, + checkhandshake::ALL_HANDSHAKES + & ~checkhandshake::RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE_VERIFY, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_NEXT_PROTO, + checkhandshake::NPN_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_NEW_SESSION_TICKET, + checkhandshake::ALL_HANDSHAKES + & ~checkhandshake::RESUME_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_CLIENT_HELLO, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO_DONE, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_NEW_SESSION_TICKET, + checkhandshake::RENEG_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::RENEG_HANDSHAKE], + [0, 0] +); + +@extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("tls1_2") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, + checkhandshake::DEFAULT_EXTENSIONS]), + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, + checkhandshake::RENEGOTIATE_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_NPN, + checkhandshake::NPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SRP, + checkhandshake::SRP_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_RENEGOTIATE, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + checkhandshake::SESSION_TICKET_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN, + checkhandshake::NPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION], + [0,0,0] +); #Test 1: Check we get all the right messages for a default handshake (undef, my $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 5; -checkmessages(DEFAULT_HANDSHAKE, "Default handshake test"); +plan tests => 21; +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "Default handshake test"); #Test 2: Resumption handshake $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); $proxy->clientstart(); -checkmessages(RESUME_HANDSHAKE, "Resumption handshake test"); +checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + & ~checkhandshake::SESSION_TICKET_SRV_EXTENSION, + "Resumption handshake test"); unlink $session; -#Test 3: A client auth handshake +SKIP: { + skip "No OCSP support in this OpenSSL build", 3 + if disabled("ocsp"); + + #Test 3: A status_request handshake (client request only) + $proxy->clear(); + $proxy->clientflags("-no_tls1_3 -status"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION, + "status_request handshake test (client)"); + + #Test 4: A status_request handshake (server support only) + $proxy->clear(); + $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "status_request handshake test (server)"); + + #Test 5: A status_request handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-no_tls1_3 -status"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "status_request handshake test"); +} + +#Test 6: A client auth handshake $proxy->clear(); -$proxy->clientflags("-cert ".srctop_file("apps", "server.pem")); +$proxy->clientflags("-no_tls1_3 -cert ".srctop_file("apps", "server.pem")); $proxy->serverflags("-Verify 5"); $proxy->start(); -checkmessages(CLIENT_AUTH_HANDSHAKE, "Client auth handshake test"); +checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "Client auth handshake test"); -#Test 4: A handshake with a renegotiation +#Test 7: A handshake with a renegotiation $proxy->clear(); +$proxy->clientflags("-no_tls1_3"); $proxy->reneg(1); $proxy->start(); -checkmessages(RENEG_HANDSHAKE, "Renegotiation handshake test"); +checkhandshake($proxy, checkhandshake::RENEG_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "Renegotiation handshake test"); -#Test 5: A handshake with a renegotiation and client auth +#Test 8: Server name handshake (no client request) $proxy->clear(); -$proxy->clientflags("-cert ".srctop_file("apps", "server.pem")); -$proxy->serverflags("-Verify 5"); -$proxy->reneg(1); +$proxy->clientflags("-no_tls1_3 -noservername"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (client)"); + +#Test 9: Server name handshake (server support only) +$proxy->clear(); +$proxy->clientflags("-no_tls1_3 -noservername"); +$proxy->serverflags("-servername testhost"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (server)"); + +#Test 10: Server name handshake (client and server) +$proxy->clear(); +$proxy->clientflags("-no_tls1_3 -servername testhost"); +$proxy->serverflags("-servername testhost"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SERVER_NAME_SRV_EXTENSION, + "Server name handshake test"); + +#Test 11: ALPN handshake (client request only) +$proxy->clear(); +$proxy->clientflags("-no_tls1_3 -alpn test"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::ALPN_CLI_EXTENSION, + "ALPN handshake test (client)"); + +#Test 12: ALPN handshake (server support only) +$proxy->clear(); +$proxy->clientflags("-no_tls1_3"); +$proxy->serverflags("-alpn test"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "ALPN handshake test (server)"); + +#Test 13: ALPN handshake (client and server) +$proxy->clear(); +$proxy->clientflags("-no_tls1_3 -alpn test"); +$proxy->serverflags("-alpn test"); $proxy->start(); -checkmessages(RENEG_HANDSHAKE | CLIENT_AUTH_HANDSHAKE, - "Renogitation and client auth handshake test"); - -sub checkmessages($$) -{ - my ($handtype, $testname) = @_; - - subtest $testname => sub { - my $loop = 0; - my $numtests; - - #First count the number of tests - for ($numtests = 0; $handmessages[$loop][1] != 0; $loop++) { - $numtests++ if (($handmessages[$loop][1] & $handtype) != 0); - } - - plan tests => $numtests; - - my $nextmess = 0; - my $message = undef; - for ($loop = 0; $handmessages[$loop][1] != 0; $loop++) { - next if (($handmessages[$loop][1] & $handtype) == 0); - if (scalar @{$proxy->message_list} > $nextmess) { - $message = ${$proxy->message_list}[$nextmess]; - $nextmess++; - } else { - $message = undef; - } - if (!defined $message) { - fail("Message type check. Got nothing, expected " - .$handmessages[$loop][0]); - } else { - ok($message->mt == $handmessages[$loop][0], - "Message type check. Got ".$message->mt - .", expected ".$handmessages[$loop][0]); - } - } - } +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::ALPN_CLI_EXTENSION + | checkhandshake::ALPN_SRV_EXTENSION, + "ALPN handshake test"); + +SKIP: { + skip "No CT, EC or OCSP support in this OpenSSL build", 1 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + + #Test 14: SCT handshake (client request only) + $proxy->clear(); + #Note: -ct also sends status_request + $proxy->clientflags("-no_tls1_3 -ct"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SCT_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "SCT handshake test (client)"); +} + +SKIP: { + skip "No OCSP support in this OpenSSL build", 1 + if disabled("ocsp"); + + #Test 15: SCT handshake (server support only) + $proxy->clear(); + #Note: -ct also sends status_request + $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "SCT handshake test (server)"); +} + +SKIP: { + skip "No CT, EC or OCSP support in this OpenSSL build", 1 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + + #Test 16: SCT handshake (client and server) + #There is no built-in server side support for this so we are actually also + #testing custom extensions here + $proxy->clear(); + #Note: -ct also sends status_request + $proxy->clientflags("-no_tls1_3 -ct"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der") + ." -serverinfo ".srctop_file("test", "serverinfo.pem")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::OCSP_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SCT_CLI_EXTENSION + | checkhandshake::SCT_SRV_EXTENSION + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "SCT handshake test"); +} + + +SKIP: { + skip "No NPN support in this OpenSSL build", 3 + if disabled("nextprotoneg"); + + #Test 17: NPN handshake (client request only) + $proxy->clear(); + $proxy->clientflags("-no_tls1_3 -nextprotoneg test"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::NPN_CLI_EXTENSION, + "NPN handshake test (client)"); + + #Test 18: NPN handshake (server support only) + $proxy->clear(); + $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-nextprotoneg test"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "NPN handshake test (server)"); + + #Test 19: NPN handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-no_tls1_3 -nextprotoneg test"); + $proxy->serverflags("-nextprotoneg test"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::NPN_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::NPN_CLI_EXTENSION + | checkhandshake::NPN_SRV_EXTENSION, + "NPN handshake test"); +} + +SKIP: { + skip "No SRP support in this OpenSSL build", 1 + if disabled("srp"); + + #Test 20: SRP extension + #Note: We are not actually going to perform an SRP handshake (TLSProxy + #does not support it). However it is sufficient for us to check that the + #SRP extension gets added on the client side. There is no SRP extension + #generated on the server side anyway. + $proxy->clear(); + $proxy->clientflags("-no_tls1_3 -srpuser user -srppass pass:pass"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SRP_CLI_EXTENSION, + "SRP extension test"); +} + +#Test 21: EC handshake +SKIP: { + skip "No EC support in this OpenSSL build", 1 if disabled("ec"); + $proxy->clear(); + $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::EC_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION, + "EC handshake test"); } diff --git a/deps/openssl/openssl/test/recipes/70-test_sslrecords.t b/deps/openssl/openssl/test/recipes/70-test_sslrecords.t index ef3f509840..1233028386 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslrecords.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslrecords.t @@ -7,6 +7,8 @@ # https://www.openssl.org/source/license.html use strict; +use feature 'state'; + use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; use OpenSSL::Test::Utils; use TLSProxy::Proxy; @@ -34,37 +36,42 @@ my $proxy = TLSProxy::Proxy->new( (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ); +my $boundary_test_type; +my $fatal_alert = 0; # set by filters at expected fatal alerts + #Test 1: Injecting out of context empty records should fail my $content_type = TLSProxy::Record::RT_APPLICATION_DATA; my $inject_recs_num = 1; +$proxy->serverflags("-tls1_2"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -my $num_tests = 10; -if (!disabled("tls1_1")) { - $num_tests++; -} -plan tests => $num_tests; -ok(TLSProxy::Message->fail(), "Out of context empty records test"); +plan tests => 18; +ok($fatal_alert, "Out of context empty records test"); #Test 2: Injecting in context empty records should succeed $proxy->clear(); $content_type = TLSProxy::Record::RT_HANDSHAKE; +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->success(), "In context empty records test"); #Test 3: Injecting too many in context empty records should fail +$fatal_alert = 0; $proxy->clear(); #We allow 32 consecutive in context empty records $inject_recs_num = 33; +$proxy->serverflags("-tls1_2"); $proxy->start(); -ok(TLSProxy::Message->fail(), "Too many in context empty records test"); +ok($fatal_alert, "Too many in context empty records test"); -#Test 4: Injecting a fragmented fatal alert should fail. We actually expect no -# alerts to be sent from either side because *we* injected the fatal -# alert, i.e. this will look like a disorderly close +#Test 4: Injecting a fragmented fatal alert should fail. We expect the server to +# send back an alert of its own because it cannot handle fragmented +# alerts +$fatal_alert = 0; $proxy->clear(); $proxy->filter(\&add_frag_alert_filter); +$proxy->serverflags("-tls1_2"); $proxy->start(); -ok(!TLSProxy::Message->end(), "Fragmented alert records test"); +ok($fatal_alert, "Fragmented alert records test"); #Run some SSLv2 ClientHello tests @@ -79,6 +86,7 @@ use constant { my $sslv2testtype = TLSV1_2_IN_SSLV2; $proxy->clear(); $proxy->filter(\&add_sslv2_filter); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test"); @@ -87,14 +95,16 @@ ok(TLSProxy::Message->success(), "TLSv1.2 in SSLv2 ClientHello test"); # protocol so we don't even send an alert in this case. $sslv2testtype = SSLV2_IN_SSLV2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); -ok(!TLSProxy::Message->end(), "SSLv2 in SSLv2 ClientHello test"); +ok(TLSProxy::Message->fail(), "SSLv2 in SSLv2 ClientHello test"); #Test 7: Sanity check ClientHello fragmentation. This isn't really an SSLv2 test # at all, but it gives us confidence that Test 8 fails for the right # reasons $sslv2testtype = FRAGMENTED_IN_TLSV1_2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test"); @@ -102,6 +112,7 @@ ok(TLSProxy::Message->success(), "Fragmented ClientHello in TLSv1.2 test"); # record; and another TLS1.2 record. This isn't allowed so should fail $sslv2testtype = FRAGMENTED_IN_SSLV2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test"); @@ -109,31 +120,107 @@ ok(TLSProxy::Message->fail(), "Fragmented ClientHello in TLSv1.2/SSLv2 test"); # fail because an SSLv2 ClientHello must be the first record. $sslv2testtype = ALERT_BEFORE_SSLV2; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->start(); ok(TLSProxy::Message->fail(), "Alert before SSLv2 ClientHello test"); #Unrecognised record type tests #Test 10: Sending an unrecognised record type in TLS1.2 should fail +$fatal_alert = 0; $proxy->clear(); +$proxy->serverflags("-tls1_2"); $proxy->filter(\&add_unknown_record_type); $proxy->start(); -ok(TLSProxy::Message->fail(), "Unrecognised record type in TLS1.2"); +ok($fatal_alert, "Unrecognised record type in TLS1.2"); -#Test 11: Sending an unrecognised record type in TLS1.1 should fail -if (!disabled("tls1_1")) { +SKIP: { + skip "TLSv1.1 disabled", 1 if disabled("tls1_1"); + + #Test 11: Sending an unrecognised record type in TLS1.1 should fail + $fatal_alert = 0; $proxy->clear(); $proxy->clientflags("-tls1_1"); $proxy->start(); - ok(TLSProxy::Message->fail(), "Unrecognised record type in TLS1.1"); + ok($fatal_alert, "Unrecognised record type in TLS1.1"); } +#Test 12: Sending a different record version in TLS1.2 should fail +$fatal_alert = 0; +$proxy->clear(); +$proxy->clientflags("-tls1_2"); +$proxy->filter(\&change_version); +$proxy->start(); +ok($fatal_alert, "Changed record version in TLS1.2"); + +#TLS1.3 specific tests +SKIP: { + skip "TLSv1.3 disabled", 6 if disabled("tls1_3"); + + #Test 13: Sending a different record version in TLS1.3 should fail + $proxy->clear(); + $proxy->filter(\&change_version); + $proxy->start(); + ok(TLSProxy::Message->fail(), "Changed record version in TLS1.3"); + + #Test 14: Sending an unrecognised record type in TLS1.3 should fail + $fatal_alert = 0; + $proxy->clear(); + $proxy->filter(\&add_unknown_record_type); + $proxy->start(); + ok($fatal_alert, "Unrecognised record type in TLS1.3"); + + #Test 15: Sending an outer record type other than app data once encrypted + #should fail + $fatal_alert = 0; + $proxy->clear(); + $proxy->filter(\&change_outer_record_type); + $proxy->start(); + ok($fatal_alert, "Wrong outer record type in TLS1.3"); + + use constant { + DATA_AFTER_SERVER_HELLO => 0, + DATA_AFTER_FINISHED => 1, + DATA_AFTER_KEY_UPDATE => 2 + }; + + #Test 16: Sending a ServerHello which doesn't end on a record boundary + # should fail + $fatal_alert = 0; + $proxy->clear(); + $boundary_test_type = DATA_AFTER_SERVER_HELLO; + $proxy->filter(\¬_on_record_boundary); + $proxy->start(); + ok($fatal_alert, "Record not on boundary in TLS1.3 (ServerHello)"); + + #Test 17: Sending a Finished which doesn't end on a record boundary + # should fail + $fatal_alert = 0; + $proxy->clear(); + $boundary_test_type = DATA_AFTER_FINISHED; + $proxy->filter(\¬_on_record_boundary); + $proxy->start(); + ok($fatal_alert, "Record not on boundary in TLS1.3 (Finished)"); + + #Test 18: Sending a KeyUpdate which doesn't end on a record boundary + # should fail + $fatal_alert = 0; + $proxy->clear(); + $boundary_test_type = DATA_AFTER_KEY_UPDATE; + $proxy->filter(\¬_on_record_boundary); + $proxy->start(); + ok($fatal_alert, "Record not on boundary in TLS1.3 (KeyUpdate)"); + } + + sub add_empty_recs_filter { my $proxy = shift; + my $records = $proxy->record_list; # We're only interested in the initial ClientHello if ($proxy->flight != 0) { + $fatal_alert = 1 if @{$records}[-1]->is_fatal_alert(1) == 10; return; } @@ -149,18 +236,19 @@ sub add_empty_recs_filter "", "" ); - - push @{$proxy->record_list}, $record; + push @{$records}, $record; } } sub add_frag_alert_filter { my $proxy = shift; + my $records = $proxy->record_list; my $byte; # We're only interested in the initial ClientHello if ($proxy->flight != 0) { + $fatal_alert = 1 if @{$records}[-1]->is_fatal_alert(1) == 10; return; } @@ -190,7 +278,7 @@ sub add_frag_alert_filter $byte, $byte ); - push @{$proxy->record_list}, $record; + push @{$records}, $record; # And finally the description (Unexpected message) in a third record $byte = pack('C', TLSProxy::Message::AL_DESC_UNEXPECTED_MESSAGE); @@ -205,7 +293,7 @@ sub add_frag_alert_filter $byte, $byte ); - push @{$proxy->record_list}, $record; + push @{$records}, $record; } sub add_sslv2_filter @@ -358,17 +446,22 @@ sub add_sslv2_filter sub add_unknown_record_type { my $proxy = shift; + my $records = $proxy->record_list; + state $added_record; # We'll change a record after the initial version neg has taken place - if ($proxy->flight != 2) { + if ($proxy->flight == 0) { + $added_record = 0; + return; + } elsif ($proxy->flight != 1 || $added_record) { + $fatal_alert = 1 if @{$records}[-1]->is_fatal_alert(0) == 10; return; } - my $lastrec = ${$proxy->record_list}[-1]; my $record = TLSProxy::Record->new( - 2, + 1, TLSProxy::Record::RT_UNKNOWN, - $lastrec->version(), + @{$records}[-1]->version(), 1, 0, 1, @@ -377,5 +470,140 @@ sub add_unknown_record_type "X" ); - unshift @{$proxy->record_list}, $record; + #Find ServerHello record and insert after that + my $i; + for ($i = 0; ${$proxy->record_list}[$i]->flight() < 1; $i++) { + next; + } + $i++; + + splice @{$proxy->record_list}, $i, 0, $record; + $added_record = 1; +} + +sub change_version +{ + my $proxy = shift; + my $records = $proxy->record_list; + + # We'll change a version after the initial version neg has taken place + if ($proxy->flight != 1) { + $fatal_alert = 1 if @{$records}[-1]->is_fatal_alert(0) == 70; + return; + } + + if ($#{$records} > 1) { + # ... typically in ServerHelloDone + @{$records}[-1]->version(TLSProxy::Record::VERS_TLS_1_1); + } +} + +sub change_outer_record_type +{ + my $proxy = shift; + my $records = $proxy->record_list; + + # We'll change a record after the initial version neg has taken place + if ($proxy->flight != 1) { + $fatal_alert = 1 if @{$records}[-1]->is_fatal_alert(0) == 10; + return; + } + + # Find CCS record and change record after that + my $i = 0; + foreach my $record (@{$records}) { + last if $record->content_type == TLSProxy::Record::RT_CCS; + $i++; + } + if (defined(${$records}[++$i])) { + ${$records}[$i]->outer_content_type(TLSProxy::Record::RT_HANDSHAKE); + } +} + +sub not_on_record_boundary +{ + my $proxy = shift; + my $records = $proxy->record_list; + my $data; + + #Find server's first flight + if ($proxy->flight != 1) { + $fatal_alert = 1 if @{$records}[-1]->is_fatal_alert(0) == 10; + return; + } + + if ($boundary_test_type == DATA_AFTER_SERVER_HELLO) { + #Merge the ServerHello and EncryptedExtensions records into one + my $i = 0; + foreach my $record (@{$records}) { + if ($record->content_type == TLSProxy::Record::RT_HANDSHAKE) { + $record->{sent} = 1; # pretend it's sent already + last; + } + $i++; + } + + if (defined(${$records}[$i+1])) { + $data = ${$records}[$i]->data(); + $data .= ${$records}[$i+1]->decrypt_data(); + ${$records}[$i+1]->data($data); + ${$records}[$i+1]->len(length $data); + + #Delete the old ServerHello record + splice @{$records}, $i, 1; + } + } elsif ($boundary_test_type == DATA_AFTER_FINISHED) { + return if @{$proxy->{message_list}}[-1]->{mt} + != TLSProxy::Message::MT_FINISHED; + + my $last_record = @{$records}[-1]; + $data = $last_record->decrypt_data; + + #Add a KeyUpdate message onto the end of the Finished record + my $keyupdate = pack "C5", + 0x18, # KeyUpdate + 0x00, 0x00, 0x01, # Message length + 0x00; # Update not requested + + $data .= $keyupdate; + + #Add content type and tag + $data .= pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16); + + #Update the record + $last_record->data($data); + $last_record->len(length $data); + } else { + return if @{$proxy->{message_list}}[-1]->{mt} + != TLSProxy::Message::MT_FINISHED; + + #KeyUpdates must end on a record boundary + + my $record = TLSProxy::Record->new( + 1, + TLSProxy::Record::RT_APPLICATION_DATA, + TLSProxy::Record::VERS_TLS_1_2, + 0, + 0, + 0, + 0, + "", + "" + ); + + #Add two KeyUpdate messages into a single record + my $keyupdate = pack "C5", + 0x18, # KeyUpdate + 0x00, 0x00, 0x01, # Message length + 0x00; # Update not requested + + $data = $keyupdate.$keyupdate; + + #Add content type and tag + $data .= pack("C", TLSProxy::Record::RT_HANDSHAKE).("\0"x16); + + $record->data($data); + $record->len(length $data); + push @{$records}, $record; + } } diff --git a/deps/openssl/openssl/test/recipes/70-test_sslsessiontick.t b/deps/openssl/openssl/test/recipes/70-test_sslsessiontick.t index 4a8636ecea..cbf197db21 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslsessiontick.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslsessiontick.t @@ -24,8 +24,8 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled" plan skip_all => "$test_name needs the sock feature enabled" if disabled("sock"); -plan skip_all => "$test_name needs TLS enabled" - if alldisabled(available_protocols("tls")); +plan skip_all => "$test_name needs SSLv3, TLSv1, TLSv1.1 or TLSv1.2 enabled" + if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2")); $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; @@ -48,6 +48,7 @@ my $proxy = TLSProxy::Proxy->new( #Test 1: By default with no existing session we should get a session ticket #Expected result: ClientHello extension seen; ServerHello extension seen # NewSessionTicket message seen; Full handshake +$proxy->clientflags("-no_tls1_3"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 10; checkmessages(1, "Default session ticket test", 1, 1, 1, 1); @@ -57,6 +58,7 @@ checkmessages(1, "Default session ticket test", 1, 1, 1, 1); #Expected result: ClientHello extension seen; ServerHello extension not seen # NewSessionTicket message not seen; Full handshake clearall(); +$proxy->clientflags("-no_tls1_3"); $proxy->serverflags("-no_ticket"); $proxy->start(); checkmessages(2, "No server support session ticket test", 1, 0, 0, 1); @@ -66,7 +68,7 @@ checkmessages(2, "No server support session ticket test", 1, 0, 0, 1); #Expected result: ClientHello extension not seen; ServerHello extension not seen # NewSessionTicket message not seen; Full handshake clearall(); -$proxy->clientflags("-no_ticket"); +$proxy->clientflags("-no_tls1_3 -no_ticket"); $proxy->start(); checkmessages(3, "No client support session ticket test", 0, 0, 0, 1); @@ -76,10 +78,10 @@ checkmessages(3, "No client support session ticket test", 0, 0, 0, 1); clearall(); (undef, my $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); $proxy->clientstart(); checkmessages(4, "Session resumption session ticket test", 1, 0, 0, 0); unlink $session; @@ -90,10 +92,10 @@ unlink $session; clearall(); (undef, $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session." -no_ticket"); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session." -no_ticket"); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); $proxy->clientstart(); checkmessages(5, "Session resumption with ticket capable client without a " ."ticket", 1, 1, 1, 0); @@ -104,6 +106,7 @@ unlink $session; # NewSessionTicket message seen; Full handshake. clearall(); $proxy->filter(\&ticket_filter); +$proxy->clientflags("-no_tls1_3"); $proxy->start(); checkmessages(6, "Empty ticket test", 1, 1, 1, 1); @@ -112,17 +115,17 @@ clearall(); (undef, $session) = tempfile(); $proxy->serverconnects(3); $proxy->filter(undef); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session." -sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session." -sess_out ".$session); $proxy->filter(\&inject_empty_ticket_filter); $proxy->clientstart(); #Expected result: ClientHello extension seen; ServerHello extension seen; # NewSessionTicket message seen; Abbreviated handshake. checkmessages(7, "Empty ticket resumption test", 1, 1, 1, 0); clearclient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); $proxy->filter(undef); $proxy->clientstart(); #Expected result: ClientHello extension seen; ServerHello extension not seen; @@ -134,6 +137,7 @@ unlink $session; #NewSessionTicket #Expected result: Connection failure clearall(); +$proxy->clientflags("-no_tls1_3"); $proxy->serverflags("-no_ticket"); $proxy->filter(\&inject_ticket_extension_filter); $proxy->start(); @@ -143,6 +147,7 @@ ok(TLSProxy::Message->fail, "Server sends ticket extension but no ticket test"); #NewSessionTicket #Expected result: Connection failure clearall(); +$proxy->clientflags("-no_tls1_3"); $proxy->serverflags("-no_ticket"); $proxy->filter(\&inject_empty_ticket_filter); $proxy->start(); @@ -229,7 +234,7 @@ sub checkmessages($$$$$$) $shellotickext = 1; } } - } elsif ($message->mt == TLSProxy::Message::MT_CLIENT_KEY_EXCHANGE) { + } elsif ($message->mt == TLSProxy::Message::MT_CERTIFICATE) { #Must be doing a full handshake $fullhand = 1; } elsif ($message->mt == TLSProxy::Message::MT_NEW_SESSION_TICKET) { diff --git a/deps/openssl/openssl/test/recipes/70-test_sslsigalgs.t b/deps/openssl/openssl/test/recipes/70-test_sslsigalgs.t new file mode 100644 index 0000000000..f805dcf221 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_sslsigalgs.t @@ -0,0 +1,408 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslsigalgs"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.2 or TLS1.3 enabled" + if disabled("tls1_2") && disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +use constant { + NO_SIG_ALGS_EXT => 0, + EMPTY_SIG_ALGS_EXT => 1, + NO_KNOWN_SIG_ALGS => 2, + NO_PSS_SIG_ALGS => 3, + PSS_ONLY_SIG_ALGS => 4, + PURE_SIGALGS => 5, + COMPAT_SIGALGS => 6, + SIGALGS_CERT_ALL => 7, + SIGALGS_CERT_PKCS => 8, + SIGALGS_CERT_INVALID => 9 +}; + +#Note: Throughout this test we override the default ciphersuites where TLSv1.2 +# is expected to ensure that a ServerKeyExchange message is sent that uses +# the sigalgs + +#Test 1: Default sig algs should succeed +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 22; +ok(TLSProxy::Message->success, "Default sigalgs"); +my $testtype; + +SKIP: { + skip "TLSv1.3 disabled", 6 if disabled("tls1_3"); + + $proxy->filter(\&sigalgs_filter); + + #Test 2: Sending no sig algs extension in TLSv1.3 should fail + $proxy->clear(); + $testtype = NO_SIG_ALGS_EXT; + $proxy->start(); + ok(TLSProxy::Message->fail, "No TLSv1.3 sigalgs"); + + #Test 3: Sending an empty sig algs extension in TLSv1.3 should fail + $proxy->clear(); + $testtype = EMPTY_SIG_ALGS_EXT; + $proxy->start(); + ok(TLSProxy::Message->fail, "Empty TLSv1.3 sigalgs"); + + #Test 4: Sending a list with no recognised sig algs in TLSv1.3 should fail + $proxy->clear(); + $testtype = NO_KNOWN_SIG_ALGS; + $proxy->start(); + ok(TLSProxy::Message->fail, "No known TLSv1.3 sigalgs"); + + #Test 5: Sending a sig algs list without pss for an RSA cert in TLSv1.3 + # should fail + $proxy->clear(); + $testtype = NO_PSS_SIG_ALGS; + $proxy->start(); + ok(TLSProxy::Message->fail, "No PSS TLSv1.3 sigalgs"); + + #Test 6: Sending only TLSv1.3 PSS sig algs in TLSv1.3 should succeed + #TODO(TLS1.3): Do we need to verify the cert to make sure its a PSS only + #cert in this case? + $proxy->clear(); + $testtype = PSS_ONLY_SIG_ALGS; + $proxy->start(); + ok(TLSProxy::Message->success, "PSS only sigalgs in TLSv1.3"); + + #Test 7: Modify the CertificateVerify sigalg from rsa_pss_rsae_sha256 to + # rsa_pss_pss_sha256. This should fail because the public key OID + # in the certificate is rsaEncryption and not rsassaPss + $proxy->filter(\&modify_cert_verify_sigalg); + $proxy->clear(); + $proxy->start(); + ok(TLSProxy::Message->fail, + "Mismatch between CertVerify sigalg and public key OID"); +} + +SKIP: { + skip "EC or TLSv1.3 disabled", 1 + if disabled("tls1_3") || disabled("ec"); + #Test 8: Sending a valid sig algs list but not including a sig type that + # matches the certificate should fail in TLSv1.3. + $proxy->clear(); + $proxy->clientflags("-sigalgs ECDSA+SHA256"); + $proxy->filter(undef); + $proxy->start(); + ok(TLSProxy::Message->fail, "No matching TLSv1.3 sigalgs"); +} + +SKIP: { + skip "EC, TLSv1.3 or TLSv1.2 disabled", 1 + if disabled("tls1_2") || disabled("tls1_3") || disabled("ec"); + + #Test 9: Sending a full list of TLSv1.3 sig algs but negotiating TLSv1.2 + # should succeed + $proxy->clear(); + $proxy->serverflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->filter(undef); + $proxy->start(); + ok(TLSProxy::Message->success, "TLSv1.3 client TLSv1.2 server"); +} + +SKIP: { + skip "EC or TLSv1.2 disabled", 8 if disabled("tls1_2") || disabled("ec"); + + $proxy->filter(\&sigalgs_filter); + + #Test 10: Sending no sig algs extension in TLSv1.2 should succeed + $proxy->clear(); + $testtype = NO_SIG_ALGS_EXT; + $proxy->clientflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->success, "No TLSv1.2 sigalgs"); + + #Test 11: Sending an empty sig algs extension in TLSv1.2 should fail + $proxy->clear(); + $testtype = EMPTY_SIG_ALGS_EXT; + $proxy->clientflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->fail, "Empty TLSv1.2 sigalgs"); + + #Test 12: Sending a list with no recognised sig algs in TLSv1.2 should fail + $proxy->clear(); + $testtype = NO_KNOWN_SIG_ALGS; + $proxy->clientflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->fail, "No known TLSv1.3 sigalgs"); + + #Test 13: Sending a sig algs list without pss for an RSA cert in TLSv1.2 + # should succeed + $proxy->clear(); + $testtype = NO_PSS_SIG_ALGS; + $proxy->clientflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->success, "No PSS TLSv1.2 sigalgs"); + + #Test 14: Sending only TLSv1.3 PSS sig algs in TLSv1.2 should succeed + $proxy->clear(); + $testtype = PSS_ONLY_SIG_ALGS; + $proxy->serverflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->success, "PSS only sigalgs in TLSv1.2"); + + #Test 15: Responding with a sig alg we did not send in TLSv1.2 should fail + # We send rsa_pkcs1_sha256 and respond with rsa_pss_rsae_sha256 + # TODO(TLS1.3): Add a similar test to the TLSv1.3 section above + # when we have an API capable of configuring the TLSv1.3 sig algs + $proxy->clear(); + $testtype = PSS_ONLY_SIG_ALGS; + $proxy->clientflags("-no_tls1_3 -sigalgs RSA+SHA256"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->fail, "Sigalg we did not send in TLSv1.2"); + + #Test 16: Sending a valid sig algs list but not including a sig type that + # matches the certificate should fail in TLSv1.2 + $proxy->clear(); + $proxy->clientflags("-no_tls1_3 -sigalgs ECDSA+SHA256"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->filter(undef); + $proxy->start(); + ok(TLSProxy::Message->fail, "No matching TLSv1.2 sigalgs"); + $proxy->filter(\&sigalgs_filter); + + #Test 17: No sig algs extension, ECDSA cert, TLSv1.2 should succeed + $proxy->clear(); + $testtype = NO_SIG_ALGS_EXT; + $proxy->clientflags("-no_tls1_3"); + $proxy->serverflags("-cert " . srctop_file("test", "certs", + "server-ecdsa-cert.pem") . + " -key " . srctop_file("test", "certs", + "server-ecdsa-key.pem")), + $proxy->ciphers("ECDHE-ECDSA-AES128-SHA"); + $proxy->start(); + ok(TLSProxy::Message->success, "No TLSv1.2 sigalgs, ECDSA"); +} + +my ($dsa_status, $sha1_status, $sha224_status); +SKIP: { + skip "TLSv1.3 disabled", 2 if disabled("tls1_3") || disabled("dsa"); + #Test 18: signature_algorithms with 1.3-only ClientHello + $testtype = PURE_SIGALGS; + $dsa_status = $sha1_status = $sha224_status = 0; + $proxy->clear(); + $proxy->clientflags("-tls1_3"); + $proxy->filter(\&modify_sigalgs_filter); + $proxy->start(); + ok($dsa_status && $sha1_status && $sha224_status, + "DSA/SHA2 sigalg sent for 1.3-only ClientHello"); + + #Test 19: signature_algorithms with backwards compatible ClientHello + SKIP: { + skip "TLSv1.2 disabled", 1 if disabled("tls1_2"); + $testtype = COMPAT_SIGALGS; + $dsa_status = $sha1_status = $sha224_status = 0; + $proxy->clear(); + $proxy->filter(\&modify_sigalgs_filter); + $proxy->start(); + ok($dsa_status && $sha1_status && $sha224_status, + "DSA sigalg not sent for compat ClientHello"); + } +} + +SKIP: { + skip "TLSv1.3 disabled", 3 if disabled("tls1_3"); + #Test 20: Insert signature_algorithms_cert that match normal sigalgs + $testtype = SIGALGS_CERT_ALL; + $proxy->clear(); + $proxy->filter(\&modify_sigalgs_cert_filter); + $proxy->start(); + ok(TLSProxy::Message->success, "sigalgs_cert in TLSv1.3"); + + #Test 21: Insert signature_algorithms_cert that forces PKCS#1 cert + $testtype = SIGALGS_CERT_PKCS; + $proxy->clear(); + $proxy->filter(\&modify_sigalgs_cert_filter); + $proxy->start(); + ok(TLSProxy::Message->success, "sigalgs_cert in TLSv1.3 with PKCS#1 cert"); + + #Test 22: Insert signature_algorithms_cert that fails + $testtype = SIGALGS_CERT_INVALID; + $proxy->clear(); + $proxy->filter(\&modify_sigalgs_cert_filter); + $proxy->start(); + ok(TLSProxy::Message->fail, "No matching certificate for sigalgs_cert"); +} + + + +sub sigalgs_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + if ($testtype == NO_SIG_ALGS_EXT) { + $message->delete_extension(TLSProxy::Message::EXT_SIG_ALGS); + } else { + my $sigalg; + if ($testtype == EMPTY_SIG_ALGS_EXT) { + $sigalg = pack "C2", 0x00, 0x00; + } elsif ($testtype == NO_KNOWN_SIG_ALGS) { + $sigalg = pack "C4", 0x00, 0x02, 0xff, 0xff; + } elsif ($testtype == NO_PSS_SIG_ALGS) { + #No PSS sig algs - just send rsa_pkcs1_sha256 + $sigalg = pack "C4", 0x00, 0x02, 0x04, 0x01; + } else { + #PSS sig algs only - just send rsa_pss_rsae_sha256 + $sigalg = pack "C4", 0x00, 0x02, 0x08, 0x04; + } + $message->set_extension(TLSProxy::Message::EXT_SIG_ALGS, $sigalg); + } + + $message->repack(); + } + } +} + +sub modify_sigalgs_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + return if ($proxy->flight != 0); + + foreach my $message (@{$proxy->message_list}) { + my $ext; + my @algs; + + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + if ($testtype == PURE_SIGALGS) { + my $ok = 1; + $ext = $message->extension_data->{TLSProxy::Message::EXT_SIG_ALGS}; + @algs = unpack('S>*', $ext); + # unpack will unpack the length as well + shift @algs; + foreach (@algs) { + if ($_ == TLSProxy::Message::SIG_ALG_DSA_SHA256 + || $_ == TLSProxy::Message::SIG_ALG_DSA_SHA384 + || $_ == TLSProxy::Message::SIG_ALG_DSA_SHA512 + || $_ == TLSProxy::Message::OSSL_SIG_ALG_DSA_SHA224 + || $_ == TLSProxy::Message::SIG_ALG_RSA_PKCS1_SHA1 + || $_ == TLSProxy::Message::SIG_ALG_DSA_SHA1 + || $_ == TLSProxy::Message::SIG_ALG_ECDSA_SHA1) { + $ok = 0; + } + } + $sha1_status = $dsa_status = $sha224_status = 1 if ($ok); + } elsif ($testtype == COMPAT_SIGALGS) { + $ext = $message->extension_data->{TLSProxy::Message::EXT_SIG_ALGS}; + @algs = unpack('S>*', $ext); + # unpack will unpack the length as well + shift @algs; + foreach (@algs) { + if ($_ == TLSProxy::Message::SIG_ALG_DSA_SHA256 + || $_ == TLSProxy::Message::SIG_ALG_DSA_SHA384 + || $_ == TLSProxy::Message::SIG_ALG_DSA_SHA512) { + $dsa_status = 1; + } + if ($_ == TLSProxy::Message::SIG_ALG_RSA_PKCS1_SHA1 + || $_ == TLSProxy::Message::SIG_ALG_DSA_SHA1 + || $_ == TLSProxy::Message::SIG_ALG_ECDSA_SHA1) { + $sha1_status = 1; + } + if ($_ == TLSProxy::Message::OSSL_SIG_ALG_RSA_PKCS1_SHA224 + || $_ == TLSProxy::Message::OSSL_SIG_ALG_DSA_SHA224 + || $_ == TLSProxy::Message::OSSL_SIG_ALG_ECDSA_SHA224) { + $sha224_status = 1; + } + } + } + } + } +} + +sub modify_sigalgs_cert_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + my $sigs; + # two byte length at front of sigs, then two-byte sigschemes + if ($testtype == SIGALGS_CERT_ALL) { + $sigs = pack "C26", 0x00, 0x18, + # rsa_pkcs_sha{256,512} rsa_pss_rsae_sha{256,512} + 0x04, 0x01, 0x06, 0x01, 0x08, 0x04, 0x08, 0x06, + # ed25518 ed448 rsa_pss_pss_sha{256,512} + 0x08, 0x07, 0x08, 0x08, 0x08, 0x09, 0x08, 0x0b, + # ecdsa_secp{256,512} rsa+sha1 ecdsa+sha1 + 0x04, 0x03, 0x06, 0x03, 0x02, 0x01, 0x02, 0x03; + } elsif ($testtype == SIGALGS_CERT_PKCS) { + $sigs = pack "C10", 0x00, 0x08, + # rsa_pkcs_sha{256,384,512,1} + 0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x01; + } elsif ($testtype == SIGALGS_CERT_INVALID) { + $sigs = pack "C4", 0x00, 0x02, + # unregistered codepoint + 0xb2, 0x6f; + } + $message->set_extension(TLSProxy::Message::EXT_SIG_ALGS_CERT, $sigs); + $message->repack(); + } + } +} + +sub modify_cert_verify_sigalg +{ + my $proxy = shift; + + # We're only interested in the CertificateVerify + if ($proxy->flight != 1) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CERTIFICATE_VERIFY) { + $message->sigalg(TLSProxy::Message::SIG_ALG_RSA_PSS_PSS_SHA256); + $message->repack(); + } + } +} diff --git a/deps/openssl/openssl/test/recipes/70-test_sslsignature.t b/deps/openssl/openssl/test/recipes/70-test_sslsignature.t new file mode 100644 index 0000000000..034950e26a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_sslsignature.t @@ -0,0 +1,144 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_sslsignature"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS enabled" + if alldisabled(available_protocols("tls")); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +use constant { + NO_CORRUPTION => 0, + CORRUPT_SERVER_CERT_VERIFY => 1, + CORRUPT_CLIENT_CERT_VERIFY => 2, + CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE => 3, +}; + +$proxy->filter(\&signature_filter); + +#Test 1: No corruption should succeed +my $testtype = NO_CORRUPTION; +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 4; +ok(TLSProxy::Message->success, "No corruption"); + +SKIP: { + skip "TLSv1.3 disabled", 1 if disabled("tls1_3"); + + #Test 2: Corrupting a server CertVerify signature in TLSv1.3 should fail + $proxy->clear(); + $testtype = CORRUPT_SERVER_CERT_VERIFY; + $proxy->start(); + ok(TLSProxy::Message->fail, "Corrupt server TLSv1.3 CertVerify"); + + #Test x: Corrupting a client CertVerify signature in TLSv1.3 should fail + #$proxy->clear(); + #$testtype = CORRUPT_CLIENT_CERT_VERIFY; + #$proxy->serverflags("-Verify 5"); + #$proxy->clientflags("-cert ".srctop_file("apps", "server.pem")); + #$proxy->start(); + #ok(TLSProxy::Message->fail, "Corrupt client TLSv1.3 CertVerify"); + #TODO(TLS1.3): This test fails due to a problem in s_server/TLSProxy. + #Currently a connection is counted as "successful" if the client ends it + #with a close_notify. In TLSProxy the client initiates the closure of the + #connection so really we should not count it as successful until s_server + #has also responded with a close_notify. However s_server never sends a + #close_notify - it just closes the connection. Fixing this would be a + #significant change to the long established behaviour of s_server. + #Unfortunately in this test, it is the server that notices the incorrect + #signature and responds with an appropriate alert. However s_client never + #sees that because it occurs after the server Finished has been sent. + #Therefore s_client just continues to send its application data and sends + #its close_notify regardless. TLSProxy sees this and thinks that the + #connection was successful when in fact it was not. There isn't an easy fix + #for this, so leaving this test commented out for now. +} + +SKIP: { + skip "TLS <= 1.2 disabled", 2 + if alldisabled(("ssl3", "tls1", "tls1_1", "tls1_2")); + + #Test 3: Corrupting a CertVerify signature in <=TLSv1.2 should fail + $proxy->clear(); + $testtype = CORRUPT_CLIENT_CERT_VERIFY; + $proxy->serverflags("-Verify 5"); + $proxy->clientflags("-no_tls1_3 -cert ".srctop_file("apps", "server.pem")); + $proxy->start(); + ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 CertVerify"); + + SKIP: { + skip "DH disabled", 1 if disabled("dh"); + + #Test 4: Corrupting a ServerKeyExchange signature in <=TLSv1.2 should + #fail + $proxy->clear(); + $testtype = CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE; + $proxy->clientflags("-no_tls1_3"); + $proxy->cipherc('DHE-RSA-AES128-SHA'); + $proxy->ciphers('DHE-RSA-AES128-SHA'); + $proxy->start(); + ok(TLSProxy::Message->fail, "Corrupt <=TLSv1.2 ServerKeyExchange"); + } +} + +sub signature_filter +{ + my $proxy = shift; + my $flight; + my $mt = TLSProxy::Message::MT_CERTIFICATE_VERIFY; + + if ($testtype == CORRUPT_SERVER_CERT_VERIFY + || $testtype == CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE + || (!disabled("tls1_3") && $testtype == NO_CORRUPTION)) { + $flight = 1; + } else { + $flight = 2; + } + + # We're only interested in the initial server flight + return if ($proxy->flight != $flight); + + $mt = TLSProxy::Message::MT_SERVER_KEY_EXCHANGE + if ($testtype == CORRUPT_TLS1_2_SERVER_KEY_EXCHANGE); + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == $mt) { + my $sig = $message->signature(); + my $sigbase = substr($sig, 0, -1); + my $sigend = unpack("C", substr($sig, -1)); + + #Flip bits in final byte of signature to corrupt the sig + $sigend ^= 0xff unless $testtype == NO_CORRUPTION; + + $message->signature($sigbase.pack("C", $sigend)); + $message->repack(); + } + } +} diff --git a/deps/openssl/openssl/test/recipes/70-test_sslskewith0p.t b/deps/openssl/openssl/test/recipes/70-test_sslskewith0p.t index af87739ae2..53a8b5185f 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslskewith0p.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslskewith0p.t @@ -41,6 +41,7 @@ my $proxy = TLSProxy::Proxy->new( $proxy->cipherc('ADH-AES128-SHA:@SECLEVEL=0'); $proxy->ciphers('ADH-AES128-SHA:@SECLEVEL=0'); +$proxy->clientflags("-no_tls1_3"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; plan tests => 1; ok(TLSProxy::Message->fail, "ServerKeyExchange with 0 p"); diff --git a/deps/openssl/openssl/test/recipes/70-test_sslversions.t b/deps/openssl/openssl/test/recipes/70-test_sslversions.t new file mode 100644 index 0000000000..c2d76239dd --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_sslversions.t @@ -0,0 +1,185 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; +use File::Temp qw(tempfile); + +use constant { + REVERSE_ORDER_VERSIONS => 1, + UNRECOGNISED_VERSIONS => 2, + NO_EXTENSION => 3, + EMPTY_EXTENSION => 4, + TLS1_1_AND_1_0_ONLY => 5, + WITH_TLS1_4 => 6, + BAD_LEGACY_VERSION => 7 +}; + +my $testtype; + +my $test_name = "test_sslversions"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.3, TLS1.2 and TLS1.1 enabled" + if disabled("tls1_3") || disabled("tls1_2") || disabled("tls1_1"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#We're just testing various negative and unusual scenarios here. ssltest with +#02-protocol-version.conf should check all the various combinations of normal +#version neg + +#Test 1: An empty supported_versions extension should not succeed +$testtype = EMPTY_EXTENSION; +$proxy->filter(\&modify_supported_versions_filter); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 8; +ok(TLSProxy::Message->fail(), "Empty supported versions"); + +#Test 2: supported_versions extension with no recognised versions should not +#succeed +$proxy->clear(); +$testtype = UNRECOGNISED_VERSIONS; +$proxy->start(); +ok(TLSProxy::Message->fail(), "No recognised versions"); + +#Test 3: No supported versions extensions should succeed and select TLSv1.2 +$proxy->clear(); +$testtype = NO_EXTENSION; +$proxy->start(); +my $record = pop @{$proxy->record_list}; +ok(TLSProxy::Message->success() + && $record->version() == TLSProxy::Record::VERS_TLS_1_2, + "No supported versions extension"); + +#Test 4: No supported versions extensions should fail if only TLS1.3 available +$proxy->clear(); +$proxy->serverflags("-tls1_3"); +$proxy->start(); +ok(TLSProxy::Message->fail(), "No supported versions extension (only TLS1.3)"); + +#Test 5: supported versions extension with best version last should succeed +#and select TLSv1.3 +$proxy->clear(); +$testtype = REVERSE_ORDER_VERSIONS; +$proxy->start(); +$record = pop @{$proxy->record_list}; +ok(TLSProxy::Message->success() + && $record->version() == TLSProxy::Record::VERS_TLS_1_2 + && TLSProxy::Proxy->is_tls13(), + "Reverse order versions"); + +#Test 6: no TLSv1.3 or TLSv1.2 version in supported versions extension, but +#TLSv1.1 and TLSv1.0 are present. Should just use TLSv1.1 and succeed +$proxy->clear(); +$testtype = TLS1_1_AND_1_0_ONLY; +$proxy->start(); +$record = pop @{$proxy->record_list}; +ok(TLSProxy::Message->success() + && $record->version() == TLSProxy::Record::VERS_TLS_1_1, + "TLS1.1 and TLS1.0 in supported versions extension only"); + +#Test 7: TLS1.4 and TLS1.3 in supported versions. Should succeed and use TLS1.3 +$proxy->clear(); +$testtype = WITH_TLS1_4; +$proxy->start(); +$record = pop @{$proxy->record_list}; +ok(TLSProxy::Message->success() + && $record->version() == TLSProxy::Record::VERS_TLS_1_2 + && TLSProxy::Proxy->is_tls13(), + "TLS1.4 in supported versions extension"); + +#Test 8: Set the legacy version to SSLv3 with supported versions. Should fail +$proxy->clear(); +$testtype = BAD_LEGACY_VERSION; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Legacy version is SSLv3 with supported versions"); + +sub modify_supported_versions_filter +{ + my $proxy = shift; + + if ($proxy->flight == 1) { + # Change the ServerRandom so that the downgrade sentinel doesn't cause + # the connection to fail + my $message = ${$proxy->message_list}[1]; + return if (!defined $message); + + $message->random("\0"x32); + $message->repack(); + return; + } + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + my $ext; + if ($testtype == REVERSE_ORDER_VERSIONS) { + $ext = pack "C5", + 0x04, # Length + 0x03, 0x03, #TLSv1.2 + 0x03, 0x04; #TLSv1.3 + } elsif ($testtype == UNRECOGNISED_VERSIONS) { + $ext = pack "C5", + 0x04, # Length + 0x04, 0x04, #Some unrecognised version + 0x04, 0x03; #Another unrecognised version + } elsif ($testtype == TLS1_1_AND_1_0_ONLY) { + $ext = pack "C5", + 0x04, # Length + 0x03, 0x02, #TLSv1.1 + 0x03, 0x01; #TLSv1.0 + } elsif ($testtype == WITH_TLS1_4) { + $ext = pack "C5", + 0x04, # Length + 0x03, 0x05, #TLSv1.4 + 0x03, 0x04; #TLSv1.3 + } + if ($testtype == REVERSE_ORDER_VERSIONS + || $testtype == UNRECOGNISED_VERSIONS + || $testtype == TLS1_1_AND_1_0_ONLY + || $testtype == WITH_TLS1_4) { + $message->set_extension( + TLSProxy::Message::EXT_SUPPORTED_VERSIONS, $ext); + } elsif ($testtype == EMPTY_EXTENSION) { + $message->set_extension( + TLSProxy::Message::EXT_SUPPORTED_VERSIONS, ""); + } elsif ($testtype == NO_EXTENSION) { + $message->delete_extension( + TLSProxy::Message::EXT_SUPPORTED_VERSIONS); + } else { + # BAD_LEGACY_VERSION + $message->client_version(TLSProxy::Record::VERS_SSL_3_0); + } + + $message->repack(); + } + } +} diff --git a/deps/openssl/openssl/test/recipes/70-test_sslvertol.t b/deps/openssl/openssl/test/recipes/70-test_sslvertol.t index 59c2cddc31..02d845712e 100644 --- a/deps/openssl/openssl/test/recipes/70-test_sslvertol.t +++ b/deps/openssl/openssl/test/recipes/70-test_sslvertol.t @@ -34,17 +34,75 @@ my $proxy = TLSProxy::Proxy->new( (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ); -#Test 1: Asking for TLS1.3 should pass -my $client_version = TLSProxy::Record::VERS_TLS_1_3; +my @available_tls_versions = (); +foreach (available_protocols("tls")) { + unless (disabled($_)) { + note("Checking enabled protocol $_"); + m|^([a-z]+)(\d)(_\d)?|; + my $versionname; + if (defined $3) { + $versionname = 'TLSProxy::Record::VERS_'.uc($1).'_'.$2.$3; + note("'$1', '$2', '$3' => $versionname"); + } else { + $versionname = 'TLSProxy::Record::VERS_'.uc($1).'_'.$2.'_0'; + note("'$1', '$2' => $versionname"); + } + push @available_tls_versions, eval $versionname; + } +} +note("TLS versions we can expect: ", join(", ", @available_tls_versions)); + +#This file does tests without the supported_versions extension. +#See 70-test_sslversions.t for tests with supported versions. + +#Test 1: Asking for TLS1.4 should pass and negotiate the maximum +#available TLS version according to configuration below TLS1.3 +my $client_version = TLSProxy::Record::VERS_TLS_1_4; +my $previous_version = tls_version_below(TLSProxy::Record::VERS_TLS_1_3); +$proxy->clientflags("-no_tls1_3"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 2; -ok(TLSProxy::Message->success(), "Version tolerance test, TLS 1.3"); +plan tests => 3; +SKIP: { + skip "There are too few protocols enabled for test 1", 1 + unless defined $previous_version; + + my $record = pop @{$proxy->record_list}; + ok((note("Record version received: ".$record->version()), + TLSProxy::Message->success()) + && $record->version() == $previous_version, + "Version tolerance test, below TLS 1.4 and not TLS 1.3"); +} + +#Test 2: Asking for TLS1.3 with that disabled should succeed and negotiate +#the highest configured TLS version below that. +$client_version = TLSProxy::Record::VERS_TLS_1_3; +$previous_version = tls_version_below($client_version); +SKIP: { + skip "There are too few protocols enabled for test 2", 1 + unless defined $previous_version; -#Test 2: Testing something below SSLv3 should fail + $proxy->clear(); + $proxy->clientflags("-no_tls1_3"); + $proxy->start(); + my $record = pop @{$proxy->record_list}; + ok((note("Record version received: ".$record->version()), + TLSProxy::Message->success()) + && $record->version() == $previous_version, + "Version tolerance test, max version but not TLS 1.3"); +} + +#Test 3: Testing something below SSLv3 should fail. We must disable TLS 1.3 +#to avoid having the 'supported_versions' extension kick in and override our +#desires. $client_version = TLSProxy::Record::VERS_SSL_3_0 - 1; $proxy->clear(); +$proxy->clientflags("-no_tls1_3"); $proxy->start(); -ok(TLSProxy::Message->fail(), "Version tolerance test, SSL < 3.0"); +my $record = pop @{$proxy->record_list}; +ok((note("Record version received: ". + (defined $record ? $record->version() : "none")), + TLSProxy::Message->fail()), + "Version tolerance test, SSL < 3.0"); sub vers_tolerance_filter { @@ -58,10 +116,23 @@ sub vers_tolerance_filter foreach my $message (@{$proxy->message_list}) { if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { #Set the client version - #Anything above the max supported version (TLS1.2) should succeed + #Anything above the max supported version should succeed #Anything below SSLv3 should fail $message->client_version($client_version); $message->repack(); } } } + +sub tls_version_below { + if (@_) { + my $term = shift; + my $res = undef; + + foreach (@available_tls_versions) { + $res = $_ if $_ < $term; + } + return $res; + } + return $available_tls_versions[-1]; +} diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13alerts.t b/deps/openssl/openssl/test/recipes/70-test_tls13alerts.t new file mode 100644 index 0000000000..7111d404dd --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13alerts.t @@ -0,0 +1,56 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_tls13alerts"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: We test that a server can handle an unencrypted alert when normally the +# next message is encrypted +$proxy->filter(\&alert_filter); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 1; +my $alert = TLSProxy::Message->alert(); +ok(TLSProxy::Message->fail() && !$alert->server() && !$alert->encrypted(), "Client sends an unecrypted alert"); + +sub alert_filter +{ + my $proxy = shift; + + if ($proxy->flight != 1) { + return; + } + + ${$proxy->message_list}[1]->session_id_len(1); + ${$proxy->message_list}[1]->repack(); +} diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13cookie.t b/deps/openssl/openssl/test/recipes/70-test_tls13cookie.t new file mode 100644 index 0000000000..c1afb864e1 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13cookie.t @@ -0,0 +1,111 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_tls13cookie"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +use constant { + COOKIE_ONLY => 0, + COOKIE_AND_KEY_SHARE => 1 +}; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +my $cookieseen = 0; +my $testtype; + +#Test 1: Inserting a cookie into an HRR should see it echoed in the ClientHello +$testtype = COOKIE_ONLY; +$proxy->filter(\&cookie_filter); +$proxy->serverflags("-curves X25519"); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 2; +ok(TLSProxy::Message->success() && $cookieseen == 1, "Cookie seen"); + +#Test 2: Same as test 1 but should also work where a new key_share is also +# required +$testtype = COOKIE_AND_KEY_SHARE; +$proxy->clear(); +$proxy->clientflags("-curves P-256:X25519"); +$proxy->serverflags("-curves X25519"); +$proxy->start(); +ok(TLSProxy::Message->success() && $cookieseen == 1, "Cookie seen"); + +sub cookie_filter +{ + my $proxy = shift; + + # We're only interested in the HRR and both ClientHellos + return if ($proxy->flight > 2); + + my $ext = pack "C8", + 0x00, 0x06, #Cookie Length + 0x00, 0x01, #Dummy cookie data (6 bytes) + 0x02, 0x03, + 0x04, 0x05; + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_SERVER_HELLO + && ${$message->records}[0]->flight == 1) { + $message->delete_extension(TLSProxy::Message::EXT_KEY_SHARE) + if ($testtype == COOKIE_ONLY); + $message->set_extension(TLSProxy::Message::EXT_COOKIE, $ext); + $message->repack(); + } elsif ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + if (${$message->records}[0]->flight == 0) { + if ($testtype == COOKIE_ONLY) { + my $ext = pack "C7", + 0x00, 0x05, #List Length + 0x00, 0x17, #P-256 + 0x00, 0x01, #key_exchange data length + 0xff; #Dummy key_share data + # Trick the server into thinking we got an unacceptable + # key_share + $message->set_extension( + TLSProxy::Message::EXT_KEY_SHARE, $ext); + $message->repack(); + } + } else { + #cmp can behave differently dependent on locale + no locale; + my $cookie = + $message->extension_data->{TLSProxy::Message::EXT_COOKIE}; + + return if !defined($cookie); + + return if ($cookie cmp $ext) != 0; + + $cookieseen = 1; + } + } + } +} diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13downgrade.t b/deps/openssl/openssl/test/recipes/70-test_tls13downgrade.t new file mode 100644 index 0000000000..bdb360a7dc --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13downgrade.t @@ -0,0 +1,126 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_tls13downgrade"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.3 and TLS1.2 enabled" + if disabled("tls1_3") || disabled("tls1_2"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +use constant { + DOWNGRADE_TO_TLS_1_2 => 0, + DOWNGRADE_TO_TLS_1_1 => 1, + FALLBACK_FROM_TLS_1_3 => 2, +}; + +#Test 1: Downgrade from TLSv1.3 to TLSv1.2 +$proxy->filter(\&downgrade_filter); +my $testtype = DOWNGRADE_TO_TLS_1_2; +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 6; +ok(TLSProxy::Message->fail(), "Downgrade TLSv1.3 to TLSv1.2"); + +#Test 2: Downgrade from TLSv1.3 to TLSv1.1 +$proxy->clear(); +$testtype = DOWNGRADE_TO_TLS_1_1; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Downgrade TLSv1.3 to TLSv1.1"); + +#Test 3: Downgrade from TLSv1.2 to TLSv1.1 +$proxy->clear(); +$proxy->clientflags("-no_tls1_3"); +$proxy->serverflags("-no_tls1_3"); +$proxy->start(); +ok(TLSProxy::Message->fail(), "Downgrade TLSv1.2 to TLSv1.1"); + +#Test 4: Client falls back from TLSv1.3 (server does not support the fallback +# SCSV) +$proxy->clear(); +$testtype = FALLBACK_FROM_TLS_1_3; +$proxy->clientflags("-fallback_scsv -no_tls1_3"); +$proxy->start(); +my $alert = TLSProxy::Message->alert(); +ok(TLSProxy::Message->fail() + && !$alert->server() + && $alert->description() == TLSProxy::Message::AL_DESC_ILLEGAL_PARAMETER, + "Fallback from TLSv1.3"); + +SKIP: { + skip "TLSv1.1 disabled", 2 if disabled("tls1_1"); + #Test 5: A client side protocol "hole" should not be detected as a downgrade + $proxy->clear(); + $proxy->filter(undef); + $proxy->clientflags("-no_tls1_2"); + $proxy->start(); + ok(TLSProxy::Message->success(), "TLSv1.2 client-side protocol hole"); + + #Test 6: A server side protocol "hole" should not be detected as a downgrade + $proxy->clear(); + $proxy->filter(undef); + $proxy->serverflags("-no_tls1_2"); + $proxy->start(); + ok(TLSProxy::Message->success(), "TLSv1.2 server-side protocol hole"); +} + +sub downgrade_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + if ($proxy->flight != 0) { + return; + } + + my $message = ${$proxy->message_list}[0]; + + my $ext; + if ($testtype == FALLBACK_FROM_TLS_1_3) { + #The default ciphersuite we use for TLSv1.2 without any SCSV + my @ciphersuites = (TLSProxy::Message::CIPHER_RSA_WITH_AES_128_CBC_SHA); + $message->ciphersuite_len(2 * scalar @ciphersuites); + $message->ciphersuites(\@ciphersuites); + } else { + if ($testtype == DOWNGRADE_TO_TLS_1_2) { + $ext = pack "C3", + 0x02, # Length + 0x03, 0x03; #TLSv1.2 + } else { + $ext = pack "C3", + 0x02, # Length + 0x03, 0x02; #TLSv1.1 + } + + $message->set_extension(TLSProxy::Message::EXT_SUPPORTED_VERSIONS, $ext); + } + + $message->repack(); +} + diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13hrr.t b/deps/openssl/openssl/test/recipes/70-test_tls13hrr.t new file mode 100644 index 0000000000..e0b47ed359 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13hrr.t @@ -0,0 +1,93 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file bldtop_dir/; +use OpenSSL::Test::Utils; +use TLSProxy::Proxy; + +my $test_name = "test_tls13hrr"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLS1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +use constant { + CHANGE_HRR_CIPHERSUITE => 0, + CHANGE_CH1_CIPHERSUITE => 1 +}; + +#Test 1: A client should fail if the server changes the ciphersuite between the +# HRR and the SH +$proxy->filter(\&hrr_filter); +$proxy->serverflags("-curves P-256"); +my $testtype = CHANGE_HRR_CIPHERSUITE; +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 2; +ok(TLSProxy::Message->fail(), "Server ciphersuite changes"); + +#Test 2: It is an error if the client changes the offered ciphersuites so that +# we end up selecting a different ciphersuite between HRR and the SH +$proxy->clear(); +$proxy->serverflags("-curves P-256"); +$proxy->ciphersuitess("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"); +$testtype = CHANGE_CH1_CIPHERSUITE; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Client ciphersuite changes"); + +sub hrr_filter +{ + my $proxy = shift; + + if ($testtype == CHANGE_HRR_CIPHERSUITE) { + # We're only interested in the HRR + if ($proxy->flight != 1) { + return; + } + + my $hrr = ${$proxy->message_list}[1]; + + # We will normally only ever select CIPHER_TLS13_AES_128_GCM_SHA256 + # because that's what Proxy tells s_server to do. Setting as below means + # the ciphersuite will change will we get the ServerHello + $hrr->ciphersuite(TLSProxy::Message::CIPHER_TLS13_AES_256_GCM_SHA384); + $hrr->repack(); + return; + } + + # CHANGE_CH1_CIPHERSUITE + if ($proxy->flight != 0) { + return; + } + + my $ch1 = ${$proxy->message_list}[0]; + + # The server will always pick TLS_AES_256_GCM_SHA384 + my @ciphersuites = (TLSProxy::Message::CIPHER_TLS13_AES_128_GCM_SHA256); + $ch1->ciphersuite_len(2 * scalar @ciphersuites); + $ch1->ciphersuites(\@ciphersuites); + $ch1->repack(); +} diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t b/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t new file mode 100644 index 0000000000..716e260e5f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t @@ -0,0 +1,341 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; +use OpenSSL::Test::Utils; +use File::Temp qw(tempfile); +use TLSProxy::Proxy; +use checkhandshake qw(checkhandshake @handmessages @extensions); + +my $test_name = "test_tls13kexmodes"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLSv1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); + + +@handmessages = ( + [TLSProxy::Message::MT_CLIENT_HELLO, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_SERVER_HELLO, + checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CLIENT_HELLO, + checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_CERTIFICATE_REQUEST, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::ALL_HANDSHAKES & ~(checkhandshake::RESUME_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE)], + [TLSProxy::Message::MT_CERTIFICATE_VERIFY, + checkhandshake::ALL_HANDSHAKES & ~(checkhandshake::RESUME_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE)], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE_VERIFY, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::ALL_HANDSHAKES], + [0, 0] +); + +@extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, + checkhandshake::PSK_KEX_MODES_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, + checkhandshake::PSK_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::KEY_SHARE_HRR_EXTENSION], + + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, + checkhandshake::PSK_KEX_MODES_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, + checkhandshake::PSK_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::KEY_SHARE_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK, + checkhandshake::PSK_SRV_EXTENSION], + + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [0,0,0] +); + +use constant { + DELETE_EXTENSION => 0, + EMPTY_EXTENSION => 1, + NON_DHE_KEX_MODE_ONLY => 2, + DHE_KEX_MODE_ONLY => 3, + UNKNOWN_KEX_MODES => 4, + BOTH_KEX_MODES => 5 +}; + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: First get a session +(undef, my $session) = tempfile(); +$proxy->clientflags("-sess_out ".$session); +$proxy->serverflags("-servername localhost"); +$proxy->sessionfile($session); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 11; +ok(TLSProxy::Message->success(), "Initial connection"); + +#Test 2: Attempt a resume with no kex modes extension. Should not resume +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +my $testtype = DELETE_EXTENSION; +$proxy->filter(\&modify_kex_modes_filter); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::KEY_SHARE_SRV_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION, + "Resume with no kex modes"); + +#Test 3: Attempt a resume with empty kex modes extension. Should fail (empty +# extension is invalid) +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$testtype = EMPTY_EXTENSION; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Resume with empty kex modes"); + +#Test 4: Attempt a resume with non-dhe kex mode only. Should resume without a +# key_share +$proxy->clear(); +$proxy->clientflags("-allow_no_dhe_kex -sess_in ".$session); +$proxy->serverflags("-allow_no_dhe_kex"); +$testtype = NON_DHE_KEX_MODE_ONLY; +$proxy->start(); +checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION, + "Resume with non-dhe kex mode"); + +#Test 5: Attempt a resume with dhe kex mode only. Should resume with a key_share +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$testtype = DHE_KEX_MODE_ONLY; +$proxy->start(); +checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::KEY_SHARE_SRV_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION, + "Resume with non-dhe kex mode"); + +#Test 6: Attempt a resume with only unrecognised kex modes. Should not resume +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$testtype = UNKNOWN_KEX_MODES; +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::KEY_SHARE_SRV_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION, + "Resume with empty kex modes"); + +#Test 7: Attempt a resume with both non-dhe and dhe kex mode. Should resume with +# a key_share +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$testtype = BOTH_KEX_MODES; +$proxy->start(); +checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::KEY_SHARE_SRV_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION, + "Resume with non-dhe kex mode"); + +#Test 8: Attempt a resume with both non-dhe and dhe kex mode, but unacceptable +# initial key_share. Should resume with a key_share following an HRR +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->serverflags("-curves P-256"); +$testtype = BOTH_KEX_MODES; +$proxy->start(); +checkhandshake($proxy, checkhandshake::HRR_RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::KEY_SHARE_SRV_EXTENSION + | checkhandshake::KEY_SHARE_HRR_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION, + "Resume with both kex modes and HRR"); + +#Test 9: Attempt a resume with dhe kex mode only and an unacceptable initial +# key_share. Should resume with a key_share following an HRR +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->serverflags("-curves P-256"); +$testtype = DHE_KEX_MODE_ONLY; +$proxy->start(); +checkhandshake($proxy, checkhandshake::HRR_RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::KEY_SHARE_SRV_EXTENSION + | checkhandshake::KEY_SHARE_HRR_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION, + "Resume with dhe kex mode and HRR"); + +#Test 10: Attempt a resume with both non-dhe and dhe kex mode, unacceptable +# initial key_share and no overlapping groups. Should resume without a +# key_share +$proxy->clear(); +$proxy->clientflags("-allow_no_dhe_kex -curves P-384 -sess_in ".$session); +$proxy->serverflags("-allow_no_dhe_kex -curves P-256"); +$testtype = BOTH_KEX_MODES; +$proxy->start(); +checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_KEX_MODES_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION, + "Resume with both kex modes, no overlapping groups"); + +#Test 11: Attempt a resume with dhe kex mode only, unacceptable +# initial key_share and no overlapping groups. Should fail +$proxy->clear(); +$proxy->clientflags("-curves P-384 -sess_in ".$session); +$proxy->serverflags("-curves P-256"); +$testtype = DHE_KEX_MODE_ONLY; +$proxy->start(); +ok(TLSProxy::Message->fail(), "Resume with dhe kex mode, no overlapping groups"); + +unlink $session; + +sub modify_kex_modes_filter +{ + my $proxy = shift; + + # We're only interested in the initial ClientHello + return if ($proxy->flight != 0); + + foreach my $message (@{$proxy->message_list}) { + if ($message->mt == TLSProxy::Message::MT_CLIENT_HELLO) { + my $ext; + + if ($testtype == EMPTY_EXTENSION) { + $ext = pack "C", + 0x00; #List length + } elsif ($testtype == NON_DHE_KEX_MODE_ONLY) { + $ext = pack "C2", + 0x01, #List length + 0x00; #psk_ke + } elsif ($testtype == DHE_KEX_MODE_ONLY) { + $ext = pack "C2", + 0x01, #List length + 0x01; #psk_dhe_ke + } elsif ($testtype == UNKNOWN_KEX_MODES) { + $ext = pack "C3", + 0x02, #List length + 0xfe, #unknown + 0xff; #unknown + } elsif ($testtype == BOTH_KEX_MODES) { + #We deliberately list psk_ke first...should still use psk_dhe_ke + $ext = pack "C3", + 0x02, #List length + 0x00, #psk_ke + 0x01; #psk_dhe_ke + } + + if ($testtype == DELETE_EXTENSION) { + $message->delete_extension( + TLSProxy::Message::EXT_PSK_KEX_MODES); + } else { + $message->set_extension( + TLSProxy::Message::EXT_PSK_KEX_MODES, $ext); + } + + $message->repack(); + } + } +} diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13messages.t b/deps/openssl/openssl/test/recipes/70-test_tls13messages.t new file mode 100644 index 0000000000..be6a2db5d6 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13messages.t @@ -0,0 +1,336 @@ +#! /usr/bin/env perl +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; +use OpenSSL::Test::Utils; +use File::Temp qw(tempfile); +use TLSProxy::Proxy; +use checkhandshake qw(checkhandshake @handmessages @extensions); + +my $test_name = "test_tls13messages"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLSv1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); + + +@handmessages = ( + [TLSProxy::Message::MT_CLIENT_HELLO, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_SERVER_HELLO, + checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], + [TLSProxy::Message::MT_CLIENT_HELLO, + checkhandshake::HRR_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE], + [TLSProxy::Message::MT_SERVER_HELLO, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_CERTIFICATE_REQUEST, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::ALL_HANDSHAKES & ~(checkhandshake::RESUME_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE)], + [TLSProxy::Message::MT_CERTIFICATE_VERIFY, + checkhandshake::ALL_HANDSHAKES & ~(checkhandshake::RESUME_HANDSHAKE | checkhandshake::HRR_RESUME_HANDSHAKE)], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::ALL_HANDSHAKES], + [TLSProxy::Message::MT_CERTIFICATE, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_CERTIFICATE_VERIFY, + checkhandshake::CLIENT_AUTH_HANDSHAKE], + [TLSProxy::Message::MT_FINISHED, + checkhandshake::ALL_HANDSHAKES], + [0, 0] +); + +@extensions = ( + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, + checkhandshake::PSK_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH, + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::KEY_SHARE_HRR_EXTENSION], + + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK, + checkhandshake::PSK_CLI_EXTENSION], + [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH, + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION], + + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE, + checkhandshake::DEFAULT_EXTENSIONS], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK, + checkhandshake::PSK_SRV_EXTENSION], + + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SERVER_NAME, + checkhandshake::SERVER_NAME_SRV_EXTENSION], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_ALPN, + checkhandshake::ALPN_SRV_EXTENSION], + [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION], + + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST, + checkhandshake::STATUS_REQUEST_SRV_EXTENSION], + [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_SCT, + checkhandshake::SCT_SRV_EXTENSION], + + [0,0,0] +); + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +#Test 1: Check we get all the right messages for a default handshake +(undef, my $session) = tempfile(); +$proxy->serverconnects(2); +$proxy->clientflags("-sess_out ".$session); +$proxy->sessionfile($session); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 16; +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "Default handshake test"); + +#Test 2: Resumption handshake +$proxy->clearClient(); +$proxy->clientflags("-sess_in ".$session); +$proxy->clientstart(); +checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE, + (checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION), + "Resumption handshake test"); + +SKIP: { + skip "No OCSP support in this OpenSSL build", 3 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + #Test 3: A status_request handshake (client request only) + $proxy->clear(); + $proxy->clientflags("-status"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION, + "status_request handshake test (client)"); + + #Test 4: A status_request handshake (server support only) + $proxy->clear(); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "status_request handshake test (server)"); + + #Test 5: A status_request handshake (client and server) + $proxy->clear(); + $proxy->clientflags("-status"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "status_request handshake test"); +} + +#Test 6: A client auth handshake +$proxy->clear(); +$proxy->clientflags("-enable_pha -cert ".srctop_file("apps", "server.pem")); +$proxy->serverflags("-Verify 5"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS | + checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION, + "Client auth handshake test"); + +#Test 7: Server name handshake (no client request) +$proxy->clear(); +$proxy->clientflags("-noservername"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (client)"); + +#Test 8: Server name handshake (server support only) +$proxy->clear(); +$proxy->clientflags("-noservername"); +$proxy->serverflags("-servername testhost"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + & ~checkhandshake::SERVER_NAME_CLI_EXTENSION, + "Server name handshake test (server)"); + +#Test 9: Server name handshake (client and server) +$proxy->clear(); +$proxy->clientflags("-servername testhost"); +$proxy->serverflags("-servername testhost"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SERVER_NAME_SRV_EXTENSION, + "Server name handshake test"); + +#Test 10: ALPN handshake (client request only) +$proxy->clear(); +$proxy->clientflags("-alpn test"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::ALPN_CLI_EXTENSION, + "ALPN handshake test (client)"); + +#Test 11: ALPN handshake (server support only) +$proxy->clear(); +$proxy->serverflags("-alpn test"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS, + "ALPN handshake test (server)"); + +#Test 12: ALPN handshake (client and server) +$proxy->clear(); +$proxy->clientflags("-alpn test"); +$proxy->serverflags("-alpn test"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::ALPN_CLI_EXTENSION + | checkhandshake::ALPN_SRV_EXTENSION, + "ALPN handshake test"); + +SKIP: { + skip "No CT, EC or OCSP support in this OpenSSL build", 1 + if disabled("ct") || disabled("ec") || disabled("ocsp"); + + #Test 13: SCT handshake (client request only) + $proxy->clear(); + #Note: -ct also sends status_request + $proxy->clientflags("-ct"); + $proxy->serverflags("-status_file " + .srctop_file("test", "recipes", "ocsp-response.der") + ." -serverinfo ".srctop_file("test", "serverinfo2.pem")); + $proxy->start(); + checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SCT_CLI_EXTENSION + | checkhandshake::SCT_SRV_EXTENSION + | checkhandshake::STATUS_REQUEST_CLI_EXTENSION + | checkhandshake::STATUS_REQUEST_SRV_EXTENSION, + "SCT handshake test"); +} + + + + +#Test 14: HRR Handshake +$proxy->clear(); +$proxy->serverflags("-curves P-256"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::HRR_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::KEY_SHARE_HRR_EXTENSION, + "HRR handshake test"); + +#Test 15: Resumption handshake with HRR +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->serverflags("-curves P-256"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::HRR_RESUME_HANDSHAKE, + (checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::KEY_SHARE_HRR_EXTENSION + | checkhandshake::PSK_CLI_EXTENSION + | checkhandshake::PSK_SRV_EXTENSION), + "Resumption handshake with HRR test"); + +#Test 16: Acceptable but non preferred key_share +$proxy->clear(); +$proxy->clientflags("-curves P-256"); +$proxy->start(); +checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION, + "Acceptable but non preferred key_share"); + +unlink $session; diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13psk.t b/deps/openssl/openssl/test/recipes/70-test_tls13psk.t new file mode 100644 index 0000000000..fedc527892 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_tls13psk.t @@ -0,0 +1,152 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file srctop_dir bldtop_dir/; +use OpenSSL::Test::Utils; +use File::Temp qw(tempfile); +use TLSProxy::Proxy; + +my $test_name = "test_tls13psk"; +setup($test_name); + +plan skip_all => "TLSProxy isn't usable on $^O" + if $^O =~ /^(VMS)$/; + +plan skip_all => "$test_name needs the dynamic engine feature enabled" + if disabled("engine") || disabled("dynamic-engine"); + +plan skip_all => "$test_name needs the sock feature enabled" + if disabled("sock"); + +plan skip_all => "$test_name needs TLSv1.3 enabled" + if disabled("tls1_3"); + +$ENV{OPENSSL_ia32cap} = '~0x200000200000000'; +$ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); + +my $proxy = TLSProxy::Proxy->new( + undef, + cmdstr(app(["openssl"]), display => 1), + srctop_file("apps", "server.pem"), + (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) +); + +use constant { + PSK_LAST_FIRST_CH => 0, + ILLEGAL_EXT_SECOND_CH => 1 +}; + +#Most PSK tests are done in test_ssl_new. This tests various failure scenarios +#around PSK + +#Test 1: First get a session +(undef, my $session) = tempfile(); +$proxy->clientflags("-sess_out ".$session); +$proxy->serverflags("-servername localhost"); +$proxy->sessionfile($session); +$proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; +plan tests => 5; +ok(TLSProxy::Message->success(), "Initial connection"); + +#Test 2: Attempt a resume with PSK not in last place. Should fail +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->filter(\&modify_psk_filter); +my $testtype = PSK_LAST_FIRST_CH; +$proxy->start(); +ok(TLSProxy::Message->fail(), "PSK not last"); + +#Test 3: Attempt a resume after an HRR where PSK hash matches selected +# ciphersuite. Should see PSK on second ClientHello +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->serverflags("-curves P-256"); +$proxy->filter(undef); +$proxy->start(); +#Check if the PSK is present in the second ClientHello +my $ch2 = ${$proxy->message_list}[2]; +my $ch2seen = defined $ch2 && $ch2->mt() == TLSProxy::Message::MT_CLIENT_HELLO; +my $pskseen = $ch2seen + && defined ${$ch2->{extension_data}}{TLSProxy::Message::EXT_PSK}; +ok($pskseen, "PSK hash matches"); + +#Test 4: Attempt a resume after an HRR where PSK hash does not match selected +# ciphersuite. Should not see PSK on second ClientHello +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->filter(\&modify_psk_filter); +$proxy->serverflags("-curves P-256"); +$proxy->ciphersuitesc("TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"); +$proxy->ciphersuitess("TLS_AES_256_GCM_SHA384"); +#We force an early failure because TLS Proxy doesn't actually support +#TLS_AES_256_GCM_SHA384. That doesn't matter for this test though. +$testtype = ILLEGAL_EXT_SECOND_CH; +$proxy->start(); +#Check if the PSK is present in the second ClientHello +$ch2 = ${$proxy->message_list}[2]; +$ch2seen = defined $ch2 && $ch2->mt() == TLSProxy::Message::MT_CLIENT_HELLO; +$pskseen = $ch2seen + && defined ${$ch2->extension_data}{TLSProxy::Message::EXT_PSK}; +ok($ch2seen && !$pskseen, "PSK hash does not match"); + +#Test 5: Attempt a resume without a sig agls extension. Should succeed because +# sig algs is not needed in a resumption. +$proxy->clear(); +$proxy->clientflags("-sess_in ".$session); +$proxy->filter(\&remove_sig_algs_filter); +$proxy->start(); +ok(TLSProxy::Message->success(), "Remove sig algs"); + +unlink $session; + +sub modify_psk_filter +{ + my $proxy = shift; + my $flight; + my $message; + + if ($testtype == PSK_LAST_FIRST_CH) { + $flight = 0; + } else { + $flight = 2; + } + + # Only look at the first or second ClientHello + return if $proxy->flight != $flight; + + if ($testtype == PSK_LAST_FIRST_CH) { + $message = ${$proxy->message_list}[0]; + } else { + $message = ${$proxy->message_list}[2]; + } + + return if (!defined $message + || $message->mt != TLSProxy::Message::MT_CLIENT_HELLO); + + if ($testtype == PSK_LAST_FIRST_CH) { + $message->set_extension(TLSProxy::Message::EXT_FORCE_LAST, ""); + } else { + #Deliberately break the connection + $message->set_extension(TLSProxy::Message::EXT_SUPPORTED_GROUPS, ""); + } + $message->repack(); +} + +sub remove_sig_algs_filter +{ + my $proxy = shift; + my $message; + + # Only look at the first ClientHello + return if $proxy->flight != 0; + + $message = ${$proxy->message_list}[0]; + $message->delete_extension(TLSProxy::Message::EXT_SIG_ALGS); + $message->repack(); +} diff --git a/deps/openssl/openssl/test/recipes/70-test_tlsextms.t b/deps/openssl/openssl/test/recipes/70-test_tlsextms.t index d39acf4242..547a2fca2e 100644 --- a/deps/openssl/openssl/test/recipes/70-test_tlsextms.t +++ b/deps/openssl/openssl/test/recipes/70-test_tlsextms.t @@ -24,8 +24,8 @@ plan skip_all => "$test_name needs the dynamic engine feature enabled" plan skip_all => "$test_name needs the sock feature enabled" if disabled("sock"); -plan skip_all => "$test_name needs TLS enabled" - if alldisabled(available_protocols("tls")); +plan skip_all => "$test_name needs TLSv1.0, TLSv1.1 or TLSv1.2 enabled" + if disabled("tls1") && disabled("tls1_1") && disabled("tls1_2"); $ENV{OPENSSL_ia32cap} = '~0x200000200000000'; @@ -46,14 +46,19 @@ my $proxy = TLSProxy::Proxy->new( (!$ENV{HARNESS_ACTIVE} || $ENV{HARNESS_VERBOSE}) ); +#Note that EXTMS is only relevant for <TLS1.3 + #Test 1: By default server and client should send extended master secret # extension. #Expected result: ClientHello extension seen; ServerHello extension seen # Full handshake setrmextms(0, 0); +$proxy->clientflags("-no_tls1_3"); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 9; +my $numtests = 9; +$numtests++ if (!disabled("tls1_3")); +plan tests => $numtests; checkmessages(1, "Default extended master secret test", 1, 1, 1); #Test 2: If client omits extended master secret extension, server should too. @@ -62,6 +67,7 @@ checkmessages(1, "Default extended master secret test", 1, 1, 1); clearall(); setrmextms(1, 0); +$proxy->clientflags("-no_tls1_3"); $proxy->start(); checkmessages(2, "No client extension extended master secret test", 0, 0, 1); @@ -69,7 +75,7 @@ checkmessages(2, "No client extension extended master secret test", 0, 0, 1); # Expected result: same as test 1. clearall(); -$proxy->clientflags("-no_ticket"); +$proxy->clientflags("-no_ticket -no_tls1_3"); setrmextms(0, 0); $proxy->start(); checkmessages(3, "No ticket extended master secret test", 1, 1, 1); @@ -78,10 +84,10 @@ checkmessages(3, "No ticket extended master secret test", 1, 1, 1); # Expected result: same as test 2. clearall(); -$proxy->clientflags("-no_ticket"); +$proxy->clientflags("-no_ticket -no_tls1_3"); setrmextms(1, 0); $proxy->start(); -checkmessages(2, "No ticket, no client extension extended master secret test", 0, 0, 1); +checkmessages(4, "No ticket, no client extension extended master secret test", 0, 0, 1); #Test 5: Session resumption extended master secret test # @@ -92,10 +98,10 @@ clearall(); setrmextms(0, 0); (undef, my $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); $proxy->clientstart(); checkmessages(5, "Session resumption extended master secret test", 1, 1, 0); unlink $session; @@ -109,10 +115,10 @@ clearall(); setrmextms(1, 0); (undef, $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); setrmextms(0, 0); $proxy->clientstart(); checkmessages(6, "Session resumption extended master secret test", 1, 1, 1); @@ -126,10 +132,10 @@ clearall(); setrmextms(0, 0); (undef, $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); setrmextms(1, 0); $proxy->clientstart(); ok(TLSProxy::Message->fail(), "Client inconsistent session resumption"); @@ -143,10 +149,10 @@ clearall(); setrmextms(0, 0); (undef, $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); setrmextms(0, 1); $proxy->clientstart(); ok(TLSProxy::Message->fail(), "Server inconsistent session resumption 1"); @@ -160,15 +166,27 @@ clearall(); setrmextms(0, 1); (undef, $session) = tempfile(); $proxy->serverconnects(2); -$proxy->clientflags("-sess_out ".$session); +$proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start(); $proxy->clearClient(); -$proxy->clientflags("-sess_in ".$session); +$proxy->clientflags("-no_tls1_3 -sess_in ".$session); setrmextms(0, 0); $proxy->clientstart(); ok(TLSProxy::Message->fail(), "Server inconsistent session resumption 2"); unlink $session; +#Test 10: In TLS1.3 we should not negotiate extended master secret +#Expected result: ClientHello extension seen; ServerHello extension not seen +# TLS1.3 handshake (will appear as abbreviated handshake +# because of no CKE message) +if (!disabled("tls1_3")) { + clearall(); + setrmextms(0, 0); + $proxy->start(); + checkmessages(10, "TLS1.3 extended master secret test", 1, 0, 0); +} + + sub extms_filter { my $proxy = shift; diff --git a/deps/openssl/openssl/test/recipes/70-test_wpacket.t b/deps/openssl/openssl/test/recipes/70-test_wpacket.t new file mode 100644 index 0000000000..6d50b9f809 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/70-test_wpacket.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +setup("test_wpacket"); + +plan skip_all => "Test disabled in this configuration" + if $^O eq 'MSWin32' && !disabled("shared"); + +plan tests => 1; + +ok(run(test(["wpackettest"]))); diff --git a/deps/openssl/openssl/test/recipes/80-test_ca.t b/deps/openssl/openssl/test/recipes/80-test_ca.t index 28a090ea7d..557777e191 100644 --- a/deps/openssl/openssl/test/recipes/80-test_ca.t +++ b/deps/openssl/openssl/test/recipes/80-test_ca.t @@ -13,6 +13,7 @@ use warnings; use POSIX; use File::Path 2.00 qw/rmtree/; use OpenSSL::Test qw/:DEFAULT cmdstr srctop_file/; +use OpenSSL::Test::Utils; setup("test_ca"); @@ -22,25 +23,32 @@ my $std_openssl_cnf = rmtree("demoCA", { safe => 0 }); -plan tests => 4; +plan tests => 5; SKIP: { $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "CAss.cnf").'"'; - skip "failed creating CA structure", 3 + skip "failed creating CA structure", 4 if !ok(run(perlapp(["CA.pl","-newca"], stdin => undef)), 'creating CA structure'); $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "Uss.cnf").'"'; - skip "failed creating new certificate request", 2 + skip "failed creating new certificate request", 3 if !ok(run(perlapp(["CA.pl","-newreq"])), 'creating certificate request'); - $ENV{OPENSSL_CONFIG} = '-config "'.$std_openssl_cnf.'"'; - skip "failed to sign certificate request", 1 + $ENV{OPENSSL_CONFIG} = '-rand_serial -config "'.$std_openssl_cnf.'"'; + skip "failed to sign certificate request", 2 if !is(yes(cmdstr(perlapp(["CA.pl", "-sign"]))), 0, 'signing certificate request'); ok(run(perlapp(["CA.pl", "-verify", "newcert.pem"])), 'verifying new certificate'); + + skip "CT not configured, can't use -precert", 1 + if disabled("ct"); + + $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "Uss.cnf").'"'; + ok(run(perlapp(["CA.pl", "-precert"], stderr => undef)), + 'creating new pre-certificate'); } diff --git a/deps/openssl/openssl/test/recipes/80-test_cipherbytes.t b/deps/openssl/openssl/test/recipes/80-test_cipherbytes.t new file mode 100644 index 0000000000..27d627ea8f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/80-test_cipherbytes.t @@ -0,0 +1,26 @@ +#! /usr/bin/perl +# +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test::Simple; +use OpenSSL::Test; +use OpenSSL::Test::Utils qw(alldisabled available_protocols); + +setup("test_cipherbytes"); + +my $no_anytls = alldisabled(available_protocols("tls")); + +# If we have no protocols, then we also have no supported ciphers. +plan skip_all => "No SSL/TLS protocol is supported by this OpenSSL build." + if $no_anytls; + +simple_test("test_cipherbytes", "cipherbytes_test", "bytes_to_cipherlist"); diff --git a/deps/openssl/openssl/test/recipes/80-test_ciphername.t b/deps/openssl/openssl/test/recipes/80-test_ciphername.t new file mode 100644 index 0000000000..33c3d6ee7b --- /dev/null +++ b/deps/openssl/openssl/test/recipes/80-test_ciphername.t @@ -0,0 +1,27 @@ +#! /usr/bin/perl +# +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2017 BaishanCloud. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use strict; +use warnings; + +use OpenSSL::Test::Simple; +use OpenSSL::Test; +use OpenSSL::Test::Utils qw(alldisabled available_protocols); + +setup("test_ciphername"); + +my $no_anytls = alldisabled(available_protocols("tls")); + +# If we have no protocols, then we also have no supported ciphers. +plan skip_all => "No SSL/TLS protocol is supported by this OpenSSL build." + if $no_anytls; + +simple_test("test_ciphername", "ciphername_test"); diff --git a/deps/openssl/openssl/test/recipes/80-test_cmsapi.t b/deps/openssl/openssl/test/recipes/80-test_cmsapi.t new file mode 100644 index 0000000000..990f8a72bb --- /dev/null +++ b/deps/openssl/openssl/test/recipes/80-test_cmsapi.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_cmsapi"); + +plan skip_all => "CMS is disabled in this build" if disabled("cms"); + +plan tests => 1; + +ok(run(test(["cmsapitest", srctop_file("test", "certs", "servercert.pem"), + srctop_file("test", "certs", "serverkey.pem")])), + "running cmsapitest"); diff --git a/deps/openssl/openssl/test/recipes/80-test_dtls_mtu.t b/deps/openssl/openssl/test/recipes/80-test_dtls_mtu.t new file mode 100644 index 0000000000..86d7de0755 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/80-test_dtls_mtu.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +my $test_name = "test_dtls_mtu"; +setup($test_name); + +plan skip_all => "$test_name needs DTLS and PSK support enabled" + if disabled("dtls1_2") || disabled("psk"); + +plan tests => 1; + +ok(run(test(["dtls_mtu_test"])), "running dtls_mtu_test"); diff --git a/deps/openssl/openssl/test/recipes/80-test_ssl_new.t b/deps/openssl/openssl/test/recipes/80-test_ssl_new.t index 287defe5c7..db2271c388 100644 --- a/deps/openssl/openssl/test/recipes/80-test_ssl_new.t +++ b/deps/openssl/openssl/test/recipes/80-test_ssl_new.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -28,20 +28,26 @@ map { s/\^// } @conf_files if $^O eq "VMS"; # We hard-code the number of tests to double-check that the globbing above # finds all files as expected. -plan tests => 19; # = scalar @conf_srcs +plan tests => 28; # = scalar @conf_srcs # Some test results depend on the configuration of enabled protocols. We only # verify generated sources in the default configuration. my $is_default_tls = (disabled("ssl3") && !disabled("tls1") && - !disabled("tls1_1") && !disabled("tls1_2")); + !disabled("tls1_1") && !disabled("tls1_2") && + !disabled("tls1_3")); my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2")); +my @all_pre_tls1_3 = ("ssl3", "tls1", "tls1_1", "tls1_2"); my $no_tls = alldisabled(available_protocols("tls")); +my $no_tls_below1_3 = $no_tls || (disabled("tls1_2") && !disabled("tls1_3")); +my $no_pre_tls1_3 = alldisabled(@all_pre_tls1_3); my $no_dtls = alldisabled(available_protocols("dtls")); my $no_npn = disabled("nextprotoneg"); my $no_ct = disabled("ct"); my $no_ec = disabled("ec"); +my $no_dh = disabled("dh"); +my $no_dsa = disabled("dsa"); my $no_ec2m = disabled("ec2m"); my $no_ocsp = disabled("ocsp"); @@ -49,33 +55,53 @@ my $no_ocsp = disabled("ocsp"); # expectations dynamically based on the OpenSSL compile-time config. my %conf_dependent_tests = ( "02-protocol-version.conf" => !$is_default_tls, - "04-client_auth.conf" => !$is_default_tls, - "07-dtls-protocol-version.conf" => !$is_default_dtls, + "04-client_auth.conf" => !$is_default_tls || !$is_default_dtls + || !disabled("sctp"), + "05-sni.conf" => disabled("tls1_1"), + "07-dtls-protocol-version.conf" => !$is_default_dtls || !disabled("sctp"), "10-resumption.conf" => !$is_default_tls, - "11-dtls_resumption.conf" => !$is_default_dtls, + "11-dtls_resumption.conf" => !$is_default_dtls || !disabled("sctp"), + "16-dtls-certstatus.conf" => !$is_default_dtls || !disabled("sctp"), "17-renegotiate.conf" => disabled("tls1_2"), - "18-dtls-renegotiate.conf" => disabled("dtls1_2"), + "18-dtls-renegotiate.conf" => disabled("dtls1_2") || !disabled("sctp"), + "19-mac-then-encrypt.conf" => !$is_default_tls, + "20-cert-select.conf" => !$is_default_tls || $no_dh || $no_dsa, + "22-compression.conf" => !$is_default_tls, + "25-cipher.conf" => disabled("poly1305") || disabled("chacha"), + "27-ticket-appdata.conf" => !$is_default_tls, + "28-seclevel.conf" => disabled("tls1_2") || $no_ec, ); # Add your test here if it should be skipped for some compile-time # configurations. Default is $no_tls but some tests have different skip # conditions. my %skip = ( + "06-sni-ticket.conf" => $no_tls_below1_3, "07-dtls-protocol-version.conf" => $no_dtls, - "08-npn.conf" => $no_tls || $no_npn, + "08-npn.conf" => (disabled("tls1") && disabled("tls1_1") + && disabled("tls1_2")) || $no_npn, "10-resumption.conf" => disabled("tls1_1") || disabled("tls1_2"), "11-dtls_resumption.conf" => disabled("dtls1") || disabled("dtls1_2"), "12-ct.conf" => $no_tls || $no_ct || $no_ec, # We could run some of these tests without TLS 1.2 if we had a per-test # disable instruction but that's a bizarre configuration not worth # special-casing for. - # We should review this once we have TLS 1.3. + # TODO(TLS 1.3): We should review this once we have TLS 1.3. "13-fragmentation.conf" => disabled("tls1_2"), "14-curves.conf" => disabled("tls1_2") || $no_ec || $no_ec2m, "15-certstatus.conf" => $no_tls || $no_ocsp, "16-dtls-certstatus.conf" => $no_dtls || $no_ocsp, + "17-renegotiate.conf" => $no_tls_below1_3, "18-dtls-renegotiate.conf" => $no_dtls, - "19-mac-then-encrypt.conf" => disabled("tls1_2"), + "19-mac-then-encrypt.conf" => $no_pre_tls1_3, + "20-cert-select.conf" => disabled("tls1_2") || $no_ec, + "21-key-update.conf" => disabled("tls1_3"), + "22-compression.conf" => disabled("zlib") || $no_tls, + "23-srp.conf" => (disabled("tls1") && disabled ("tls1_1") + && disabled("tls1_2")) || disabled("srp"), + "24-padding.conf" => disabled("tls1_3"), + "25-cipher.conf" => disabled("ec") || disabled("tls1_2"), + "26-tls13_client_auth.conf" => disabled("tls1_3"), ); foreach my $conf (@conf_files) { diff --git a/deps/openssl/openssl/test/recipes/80-test_ssl_old.t b/deps/openssl/openssl/test/recipes/80-test_ssl_old.t index 6468bd6571..377bf090ba 100644 --- a/deps/openssl/openssl/test/recipes/80-test_ssl_old.t +++ b/deps/openssl/openssl/test/recipes/80-test_ssl_old.t @@ -20,11 +20,11 @@ setup("test_ssl"); $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf"); -my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_srp, $no_psk, - $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, +my ($no_rsa, $no_dsa, $no_dh, $no_ec, $no_psk, + $no_ssl3, $no_tls1, $no_tls1_1, $no_tls1_2, $no_tls1_3, $no_dtls, $no_dtls1, $no_dtls1_2, $no_ct) = - anydisabled qw/rsa dsa dh ec srp psk - ssl3 tls1 tls1_1 tls1_2 + anydisabled qw/rsa dsa dh ec psk + ssl3 tls1 tls1_1 tls1_2 tls1_3 dtls dtls1 dtls1_2 ct/; my $no_anytls = alldisabled(available_protocols("tls")); my $no_anydtls = alldisabled(available_protocols("dtls")); @@ -79,7 +79,7 @@ my $client_sess="client.ss"; # new format in ssl_test.c and add recipes to 80-test_ssl_new.t instead. plan tests => 1 # For testss - +6 # For the first testssl + +5 # For the first testssl ; subtest 'test_ss' => sub { @@ -101,7 +101,7 @@ testssl("keyU.ss", $Ucert, $CAcert); # subtest functions sub testss { open RND, ">>", ".rnd"; - print RND "string to make the random number generator think it has entropy"; + print RND "string to make the random number generator think it has randomness"; close RND; my @req_dsa = ("-newkey", @@ -331,7 +331,7 @@ sub testssl { subtest 'standard SSL tests' => sub { ###################################################################### - plan tests => 21; + plan tests => 13; SKIP: { skip "SSLv3 is not supported by this OpenSSL build", 4 @@ -356,34 +356,6 @@ sub testssl { } SKIP: { - skip "DTLSv1 is not supported by this OpenSSL build", 4 - if disabled("dtls1"); - - ok(run(test([@ssltest, "-dtls1"])), - 'test dtlsv1'); - ok(run(test([@ssltest, "-dtls1", "-server_auth", @CA])), - 'test dtlsv1 with server authentication'); - ok(run(test([@ssltest, "-dtls1", "-client_auth", @CA])), - 'test dtlsv1 with client authentication'); - ok(run(test([@ssltest, "-dtls1", "-server_auth", "-client_auth", @CA])), - 'test dtlsv1 with both server and client authentication'); - } - - SKIP: { - skip "DTLSv1.2 is not supported by this OpenSSL build", 4 - if disabled("dtls1_2"); - - ok(run(test([@ssltest, "-dtls12"])), - 'test dtlsv1.2'); - ok(run(test([@ssltest, "-dtls12", "-server_auth", @CA])), - 'test dtlsv1.2 with server authentication'); - ok(run(test([@ssltest, "-dtls12", "-client_auth", @CA])), - 'test dtlsv1.2 with client authentication'); - ok(run(test([@ssltest, "-dtls12", "-server_auth", "-client_auth", @CA])), - 'test dtlsv1.2 with both server and client authentication'); - } - - SKIP: { skip "Neither SSLv3 nor any TLS version are supported by this OpenSSL build", 8 if $no_anytls; @@ -426,68 +398,79 @@ sub testssl { my @exkeys = (); my $ciphers = "-PSK:-SRP"; - if ($no_dh) { - note "skipping DHE tests\n"; - $ciphers .= ":-kDHE"; - } - if ($no_dsa) { - note "skipping DSA tests\n"; - $ciphers .= ":-aDSA"; - } else { + if (!$no_dsa) { push @exkeys, "-s_cert", "certD.ss", "-s_key", "keyD.ss"; } - if ($no_ec) { - note "skipping EC tests\n"; - $ciphers .= ":!aECDSA:!kECDH"; - } else { + if (!$no_ec) { push @exkeys, "-s_cert", "certE.ss", "-s_key", "keyE.ss"; } my @protocols = (); # We only use the flags that ssltest_old understands + push @protocols, "-tls1_3" unless $no_tls1_3; push @protocols, "-tls1_2" unless $no_tls1_2; push @protocols, "-tls1" unless $no_tls1; push @protocols, "-ssl3" unless $no_ssl3; my $protocolciphersuitecount = 0; my %ciphersuites = (); + my %ciphersstatus = (); foreach my $protocol (@protocols) { - $ciphersuites{$protocol} = - [ map { s|\R||; split(/:/, $_) } - run(app(["openssl", "ciphers", "-s", $protocol, - "ALL:$ciphers"]), capture => 1) ]; - $protocolciphersuitecount += scalar @{$ciphersuites{$protocol}}; + my $ciphersstatus = undef; + my @ciphers = run(app(["openssl", "ciphers", "-s", $protocol, + "ALL:$ciphers"]), + capture => 1, statusvar => \$ciphersstatus); + $ciphersstatus{$protocol} = $ciphersstatus; + if ($ciphersstatus) { + $ciphersuites{$protocol} = [ map { s|\R||; split(/:/, $_) } + @ciphers ]; + $protocolciphersuitecount += scalar @{$ciphersuites{$protocol}}; + } } plan skip_all => "None of the ciphersuites to test are available in this OpenSSL build" if $protocolciphersuitecount + scalar(keys %ciphersuites) == 0; - # The count of protocols is because in addition to the ciphersuits - # we got above, we're running a weak DH test for each protocol - plan tests => $protocolciphersuitecount + scalar(keys %ciphersuites); + # The count of protocols is because in addition to the ciphersuites + # we got above, we're running a weak DH test for each protocol (except + # TLSv1.3) + my $testcount = scalar(@protocols) + $protocolciphersuitecount + + scalar(keys %ciphersuites); + $testcount-- unless $no_tls1_3; + plan tests => $testcount; + + foreach my $protocol (@protocols) { + ok($ciphersstatus{$protocol}, "Getting ciphers for $protocol"); + } - foreach my $protocol (sort keys %ciphersuites) { - note "Testing ciphersuites for $protocol"; - # ssltest_old doesn't know -tls1_2, but that's fine, since that's - # the default choice if TLSv1.2 enabled - my $flag = $protocol eq "-tls1_2" ? "" : $protocol; - foreach my $cipher (@{$ciphersuites{$protocol}}) { + foreach my $protocol (sort keys %ciphersuites) { + note "Testing ciphersuites for $protocol"; + # ssltest_old doesn't know -tls1_3, but that's fine, since that's + # the default choice if TLSv1.3 enabled + my $flag = $protocol eq "-tls1_3" ? "" : $protocol; + my $ciphersuites = ""; + foreach my $cipher (@{$ciphersuites{$protocol}}) { if ($protocol eq "-ssl3" && $cipher =~ /ECDH/ ) { note "*****SKIPPING $protocol $cipher"; ok(1); } else { + if ($protocol eq "-tls1_3") { + $ciphersuites = $cipher; + $cipher = ""; + } ok(run(test([@ssltest, @exkeys, "-cipher", $cipher, - $flag || ()])), + "-ciphersuites", $ciphersuites, $flag || ()])), "Testing $cipher"); - } - } + } + } + next if $protocol eq "-tls1_3"; is(run(test([@ssltest, "-s_cipher", "EDH", "-c_cipher", 'EDH:@SECLEVEL=1', "-dhe512", - $protocol eq "SSLv3" ? ("-ssl3") : ()])), 0, + $protocol])), 0, "testing connection with weak DH, expecting failure"); - } + } }; subtest 'RSA/(EC)DHE/PSK tests' => sub { @@ -566,28 +549,6 @@ sub testssl { ok(run(test([@ssltest, "-bio_pair", "-tls1", "-custom_ext", "-serverinfo_file", $serverinfo, "-serverinfo_sct", "-serverinfo_tack"]))); } }; - - subtest 'SRP tests' => sub { - - plan tests => 4; - - SKIP: { - skip "skipping SRP tests", 4 - if $no_srp || alldisabled(grep !/^ssl3/, available_protocols("tls")); - - ok(run(test([@ssltest, "-tls1", "-cipher", "SRP", "-srpuser", "test", "-srppass", "abc123"])), - 'test tls1 with SRP'); - - ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "SRP", "-srpuser", "test", "-srppass", "abc123"])), - 'test tls1 with SRP via BIO pair'); - - ok(run(test([@ssltest, "-tls1", "-cipher", "aSRP", "-srpuser", "test", "-srppass", "abc123"])), - 'test tls1 with SRP auth'); - - ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "aSRP", "-srpuser", "test", "-srppass", "abc123"])), - 'test tls1 with SRP auth via BIO pair'); - } - }; } unlink $CAkey; diff --git a/deps/openssl/openssl/test/recipes/05-test_md5.t b/deps/openssl/openssl/test/recipes/90-test_asn1_time.t index 3af4d5504b..d685eea625 100644 --- a/deps/openssl/openssl/test/recipes/05-test_md5.t +++ b/deps/openssl/openssl/test/recipes/90-test_asn1_time.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -9,4 +9,4 @@ use OpenSSL::Test::Simple; -simple_test("test_md5", "md5test", "md5"); +simple_test("test_asn1_time", "asn1_time_test"); diff --git a/deps/openssl/openssl/test/recipes/90-test_gost.t b/deps/openssl/openssl/test/recipes/90-test_gost.t new file mode 100644 index 0000000000..c7bbb4edd8 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_gost.t @@ -0,0 +1,41 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_gost"); + +# The GOST ciphers are dynamically loaded via the GOST engine, so we must be +# able to support that. The engine also uses DSA and CMS symbols, so we skip +# this test on no-dsa or no-cms. +plan skip_all => "GOST support is disabled in this OpenSSL build" + if disabled("gost") || disabled("engine") || disabled("dynamic-engine") + || disabled("dsa") || disabled("cms"); + +plan skip_all => "TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build" + if disabled("tls1_3") || disabled("tls1_2"); + +plan skip_all => "No test GOST engine found" + if !$ENV{OPENSSL_GOST_ENGINE_SO}; + +plan tests => 1; + +$ENV{OPENSSL_CONF} = srctop_file("test", "recipes", "90-test_gost_data", + "gost.conf"); + +ok(run(test(["gosttest", + srctop_file("test", "recipes", "90-test_gost_data", + "server-cert2001.pem"), + srctop_file("test", "recipes", "90-test_gost_data", + "server-key2001.pem"), + srctop_file("test", "recipes", "90-test_gost_data", + "server-cert2012.pem"), + srctop_file("test", "recipes", "90-test_gost_data", + "server-key2012.pem")])), + "running gosttest"); diff --git a/deps/openssl/openssl/test/recipes/90-test_gost_data/gost.conf b/deps/openssl/openssl/test/recipes/90-test_gost_data/gost.conf new file mode 100644 index 0000000000..1f42b9d87f --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_gost_data/gost.conf @@ -0,0 +1,13 @@ +openssl_conf = openssl_def +[openssl_def] +engines = engine_section + +[engine_section] +gost = gost_section + +[gost_section] +engine_id = gost +dynamic_path = $ENV::OPENSSL_GOST_ENGINE_SO +default_algorithms = ALL +CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet + diff --git a/deps/openssl/openssl/test/recipes/90-test_gost_data/server-cert2001.pem b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-cert2001.pem new file mode 100644 index 0000000000..e287821f82 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-cert2001.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB4jCCAY+gAwIBAgIUNKO10+LkPoYGkOqNJ2wv1YI8RpQwCgYGKoUDAgIDBQAw +RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu +dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODA3MTMxNTAzMDFaFw0yODA3MTAx +NTAzMDFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwYzAcBgYqhQMCAhMwEgYHKoUD +AgIjAQYHKoUDAgIeAQNDAARAyDUhXsZP1JSLkvZ3xaU4aHXxAGKDwpawJ89+3B+N +lD7FS48QUIeoQrv9hn1B/kVuVxJwU4CeZRQohLvc5IkzJ6NTMFEwHQYDVR0OBBYE +FEz6BbScOOWYqklNGMTbyikZG/cRMB8GA1UdIwQYMBaAFEz6BbScOOWYqklNGMTb +yikZG/cRMA8GA1UdEwEB/wQFMAMBAf8wCgYGKoUDAgIDBQADQQAbkdWo441FqSbB +13JTW498NOzHZn69wnjYsOmMHLCdEHBTHVCa/g1wHPc4CyYk4UfMRWz5awzb6zNB +TncjMl2a +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/recipes/90-test_gost_data/server-cert2012.pem b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-cert2012.pem new file mode 100644 index 0000000000..85d13c6388 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-cert2012.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB6TCCAZSgAwIBAgIUVF/ajykAyHqQm1n6K1JdMFX/O6owDAYIKoUDBwEBAwIF +ADBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwY +SW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE4MDcxMzE0MzcxNVoXDTI4MDcx +MDE0MzcxNVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAf +BgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBmMB8GCCqFAwcBAQEBMBMG +ByqFAwICIwEGCCqFAwcBAQICA0MABEDIj2JgFybRexBIdkG7bI//Z8woXbpC/hpg +62qflBE/dHnWVnbzpJUVeSd5sAkP7Ta0qrrs5YdW4MBIM/VPbDVOo1MwUTAdBgNV +HQ4EFgQUFZtRh6plQ3nHf1A+7ayjYw9B1X0wHwYDVR0jBBgwFoAUFZtRh6plQ3nH +f1A+7ayjYw9B1X0wDwYDVR0TAQH/BAUwAwEB/zAMBggqhQMHAQEDAgUAA0EAMttA +fMPa3YFO9db/xIS9wMB7ntbtibeZEJlngaPu5gvfdNmCY0uzjY2c3yPr9dDq84j7 +gSqY1VwVBLuKrpLC+w== +-----END CERTIFICATE----- diff --git a/deps/openssl/openssl/test/recipes/90-test_gost_data/server-key2001.pem b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-key2001.pem new file mode 100644 index 0000000000..92a59d8e68 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-key2001.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEMCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIJgoLqJR/05zND0f +8Wnma1MFMxE7ezisZhkS/DL4DXb6 +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/recipes/90-test_gost_data/server-key2012.pem b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-key2012.pem new file mode 100644 index 0000000000..e932f0dd77 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_gost_data/server-key2012.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEYCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEILemtIak5CeX +Jd75HfVqAMi1MfhxW7kGvGDj8l1/nF45 +-----END PRIVATE KEY----- diff --git a/deps/openssl/openssl/test/recipes/90-test_heartbeat.t b/deps/openssl/openssl/test/recipes/90-test_heartbeat.t deleted file mode 100644 index 90d6a67b7d..0000000000 --- a/deps/openssl/openssl/test/recipes/90-test_heartbeat.t +++ /dev/null @@ -1,12 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use OpenSSL::Test::Simple; - -simple_test("test_heartbeat", "heartbeat_test", "heartbeats"); diff --git a/deps/openssl/openssl/test/recipes/90-test_includes.t b/deps/openssl/openssl/test/recipes/90-test_includes.t new file mode 100644 index 0000000000..5169700c4c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes.t @@ -0,0 +1,25 @@ +#! /usr/bin/perl + +use strict; +use warnings; +use OpenSSL::Test qw/:DEFAULT data_file/; +use OpenSSL::Test::Utils; + +setup("test_includes"); + +plan skip_all => "test_includes doesn't work without posix-io" + if disabled("posix-io"); + +plan tests => # The number of tests being performed + 3 + + ($^O eq "VMS" ? 2 : 0); + +ok(run(test(["conf_include_test", data_file("includes.cnf")])), "test directory includes"); +ok(run(test(["conf_include_test", data_file("includes-file.cnf")])), "test file includes"); +if ($^O eq "VMS") { + ok(run(test(["conf_include_test", data_file("vms-includes.cnf")])), + "test directory includes, VMS syntax"); + ok(run(test(["conf_include_test", data_file("vms-includes-file.cnf")])), + "test file includes, VMS syntax"); +} +ok(run(test(["conf_include_test", data_file("includes-broken.cnf"), "f"])), "test broken includes"); diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/conf-includes/includes1.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/conf-includes/includes1.cnf new file mode 100644 index 0000000000..66c89006d0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/conf-includes/includes1.cnf @@ -0,0 +1,36 @@ +[ default ] +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# + +RANDFILE = ./.rnd + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA # Where everything is kept +certs = $dir/certs # Where the issued certs are kept +crl_dir = $dir/crl # Where the issued crl are kept +database = $dir/index.txt # database index file. +new_certs_dir = $dir/new_certs # default place for new certs. + +certificate = $dir/CAcert.pem # The CA certificate +serial = $dir/serial # The current serial number +crl = $dir/crl.pem # The current CRL +private_key = $dir/private/CAkey.pem# The private key +RANDFILE = $dir/private/.rand # private random number file + +default_days = 365 # how long to certify for +default_crl_days= 30 # how long before next CRL +default_md = md5 # which md to use. + +# A few difference way of specifying how similar the request should look +# For type CA, the listed attributes must be the same, and the optional +# and supplied fields are just that :-) +policy = policy_match + diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/conf-includes/includes2.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/conf-includes/includes2.cnf new file mode 100644 index 0000000000..aa5e67c060 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/conf-includes/includes2.cnf @@ -0,0 +1,53 @@ +# For the CA policy +[ policy_match ] +countryName = match +stateOrProvinceName = match +organizationName = match +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +# For the 'anything' policy +# At this point in time, you must list all acceptable 'object' +# types. +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +#################################################################### +[ req ] +default_bits = 2048 +default_keyfile = testkey.pem +distinguished_name = req_distinguished_name +encrypt_rsa_key = no + +[ req_distinguished_name ] +countryName = Country Name (2 letter code) +countryName_default = AU +countryName_value = AU + +stateOrProvinceName = State or Province Name (full name) +stateOrProvinceName_default = Queensland +stateOrProvinceName_value = + +localityName = Locality Name (eg, city) +localityName_value = Brisbane + +organizationName = Organization Name (eg, company) +organizationName_default = +organizationName_value = CryptSoft Pty Ltd + +organizationalUnitName = Organizational Unit Name (eg, section) +organizationalUnitName_default = +organizationalUnitName_value = . + +commonName = Common Name (eg, YOUR name) +commonName_value = Eric Young + +emailAddress = Email Address +emailAddress_value = eay@mincom.oz.au diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/includes-broken.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/includes-broken.cnf new file mode 100644 index 0000000000..d38e18c5e5 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/includes-broken.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include includes-broken3.cnf diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/includes-file.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/includes-file.cnf new file mode 100644 index 0000000000..1737b70d18 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/includes-file.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include includes.cnf diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/includes.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/includes.cnf new file mode 100644 index 0000000000..345eeb9884 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/includes.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include conf-includes diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/vms-includes-file.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/vms-includes-file.cnf new file mode 100644 index 0000000000..f3b72e709a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/vms-includes-file.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include vms-includes.cnf diff --git a/deps/openssl/openssl/test/recipes/90-test_includes_data/vms-includes.cnf b/deps/openssl/openssl/test/recipes/90-test_includes_data/vms-includes.cnf new file mode 100644 index 0000000000..ed4367bcf0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_includes_data/vms-includes.cnf @@ -0,0 +1,5 @@ +# +# Example configuration file using includes. +# + +.include [.conf-includes] diff --git a/deps/openssl/openssl/test/recipes/90-test_overhead.t b/deps/openssl/openssl/test/recipes/90-test_overhead.t new file mode 100644 index 0000000000..a9311bf498 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_overhead.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +setup("test_overhead"); + +plan skip_all => "Only supported in no-shared builds" + if !disabled("shared"); + +plan tests => 1; + +ok(run(test(["cipher_overhead_test"])), "running cipher_overhead_test"); diff --git a/deps/openssl/openssl/test/recipes/90-test_p5_crpt2.t b/deps/openssl/openssl/test/recipes/90-test_p5_crpt2.t deleted file mode 100644 index 710dc8ba52..0000000000 --- a/deps/openssl/openssl/test/recipes/90-test_p5_crpt2.t +++ /dev/null @@ -1,12 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use OpenSSL::Test::Simple; - -simple_test("test_p5_crpt2", "p5_crpt2_test"); diff --git a/deps/openssl/openssl/test/recipes/90-test_shlibload.t b/deps/openssl/openssl/test/recipes/90-test_shlibload.t index 78899f674a..2761d58502 100644 --- a/deps/openssl/openssl/test/recipes/90-test_shlibload.t +++ b/deps/openssl/openssl/test/recipes/90-test_shlibload.t @@ -18,6 +18,7 @@ use lib bldtop_dir('.'); use configdata; plan skip_all => "Test only supported in a shared build" if disabled("shared"); +plan skip_all => "Test is disabled on AIX" if config('target') =~ m|^aix|; plan tests => 4; @@ -45,7 +46,7 @@ sub shlib { $lib = $unified_info{sharednames}->{$lib} . ($target{shlib_variant} || "") . ($target{shared_extension} || ".so"); - $lib =~ s|\.\$\(SHLIB_MAJOR\)\.\$\(SHLIB_MINOR\) + $lib =~ s|\.\$\(SHLIB_VERSION_NUMBER\) |.$config{shlib_version_number}|x; return $lib; } diff --git a/deps/openssl/openssl/test/recipes/90-test_sslapi.t b/deps/openssl/openssl/test/recipes/90-test_sslapi.t index efaae3b78b..633df47736 100644 --- a/deps/openssl/openssl/test/recipes/90-test_sslapi.t +++ b/deps/openssl/openssl/test/recipes/90-test_sslapi.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -9,6 +9,7 @@ use OpenSSL::Test::Utils; use OpenSSL::Test qw/:DEFAULT srctop_file/; +use File::Temp qw(tempfile); setup("test_sslapi"); @@ -17,5 +18,12 @@ plan skip_all => "No TLS/SSL protocols are supported by this OpenSSL build" plan tests => 1; +(undef, my $tmpfilename) = tempfile(); + ok(run(test(["sslapitest", srctop_file("apps", "server.pem"), - srctop_file("apps", "server.pem")])), "running sslapitest"); + srctop_file("apps", "server.pem"), + srctop_file("test", "recipes", "90-test_sslapi_data", + "passwd.txt"), $tmpfilename])), + "running sslapitest"); + +unlink $tmpfilename; diff --git a/deps/openssl/openssl/test/recipes/90-test_sslapi_data/passwd.txt b/deps/openssl/openssl/test/recipes/90-test_sslapi_data/passwd.txt new file mode 100644 index 0000000000..b611aed2ad --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_sslapi_data/passwd.txt @@ -0,0 +1 @@ +V 1auIY/NQXwKWVeWaYg.YV0AaU.mpHSsZw8PWfrYT0oMTPYekTqGXu6ElyTN64DmK03V3P2yVRdhN0UBxMBujLnTauROkuEep/vp7S5xhW1VK8zg1gtJslTqOp4l.GTJF9x0WYmS6VNRnj5AVi3mgfVJ3nmzlMJUMm7niQxm5awLZZ8xykox1j6MFRa80y02Ub87A88DwqA5wrIM/Uojx9VBxUhTHC.353aBA/rL4O/179rgIBbhID08RA6uLv7pIJQVl5OjYsRu/XzQsgFFW6Wog7PaB.AATqArzXZieZxs/teOiFKPSgKI.76vvVEMQIifSj3hRuVK/immK.9hBCTHYjAv96MUmitb0ErPYJRl2MeBC8M6aHJ8FaMmak.Qv.bwyiqpEjlX1a9KjdBAKIaAswECjeP6G0Gk5v1g5D7ZmP5JUK7Wp/X9sKuZZYOsDwEGfXNmmJG6Y3TETx105HT2QMJ5ti5QCbrd71VWABmVWpHJc03YLUExw6WtYdUW0YHTbRKVntgVe2hOQD.XPtFPn2SwxbGonq1bwEvdCp22uTb5HFSC3I7amCUTZteVmMgqJAcx.x.2yfliESVvpmG.dnDFkp6vsQxch6Q1dV5rDmR4GGSy8FoPSFXc7NS0kCSs.qsTqLSmHN1XMzwrwYuVbItXBwetwxcIcdi.sFG6OLuwRUGaNOXiMwhlDHyQtVfEm3L/KIjPpzLlYRAJWF9M40FIcNsI6xiMNhvUGNO7LaBHKSV3oHlwUWWUnL7Uo/ePH8lBpGadYPxObXZ1/wOcWdJ1Rb5dB9orSSTSvoNrZyALKO.swl7pP7beYq6bUx8qtBJLaqI2zQzr1tnmJi8azVicuFtsDs363ntCRtd1LLT3CX3EBVXMbEy6xgAKWI2GL3HO6v8k3Gv96UeGFN/w5yAz61mbajDrSeJekUaKgfucV8h9tgHNlTA1kGowd2Yn/EQdVc/qSETddySqNC0mXlPW1tgb2ixV6sWbYrb5TLBUdztdw5L2D62Aal.9IjpTEKc4F/gMjYsazIX6nzpXZtWnYP7dIOpSi4c.48B2RIeDrZVMzUF.9QOF9Dk1fy5Z2X91z8J2I0GuqIWKKfwnx4xA3RbGUds1Cv2XvUA1tP7eqtvs/mTsC8KWApNSpL6K.U.Pt0ee6F76CV.ZcBXTbXl9zJZ0H1peiehzZpbuIPLZPtzIHClRQovjqdrlEUzS5VdSgCfNhEUr3ZOpG3cCKO4Lk25jZuQtoFmyxUuRAIXejLizCd727hO7rHZoD.GGm4HiNaH2jgZaftoFhfSBXvPRGYfcj.ZkiLyurNlumMXTduHImB1ZMkZ1af5dggKaQG4bJe9WbF6KYxmeRwV 1oFJIzMwXA0RFKXCGcSV0nAToL5 test 8192 A test user diff --git a/deps/openssl/openssl/test/recipes/90-test_sslbuffers.t b/deps/openssl/openssl/test/recipes/90-test_sslbuffers.t new file mode 100644 index 0000000000..934eef90b3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_sslbuffers.t @@ -0,0 +1,21 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_sslbuffers"); + +plan skip_all => "No suitable TLS/SSL protocol is supported by this OpenSSL build" + if alldisabled(available_protocols("tls")); + +plan tests => 1; + +ok(run(test(["sslbuffertest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "running sslbuffertest"); diff --git a/deps/openssl/openssl/test/recipes/90-test_store.t b/deps/openssl/openssl/test/recipes/90-test_store.t new file mode 100644 index 0000000000..888213e4a6 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_store.t @@ -0,0 +1,494 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use File::Spec::Functions; +use File::Copy; +use MIME::Base64; +use OpenSSL::Test qw(:DEFAULT srctop_file srctop_dir bldtop_file data_file); +use OpenSSL::Test::Utils; + +my $test_name = "test_store"; +setup($test_name); + +my $mingw = config('target') =~ m|^mingw|; + +my @noexist_files = + ( "test/blahdiblah.pem", + "test/blahdibleh.der" ); +my @src_files = + ( "test/testx509.pem", + "test/testrsa.pem", + "test/testrsapub.pem", + "test/testcrl.pem", + "apps/server.pem" ); +my @generated_files = + ( + ### generated from the source files + + "testx509.der", + "testrsa.der", + "testrsapub.der", + "testcrl.der", + + ### generated locally + + "rsa-key-pkcs1.pem", "rsa-key-pkcs1.der", + "rsa-key-pkcs1-aes128.pem", + "rsa-key-pkcs8.pem", "rsa-key-pkcs8.der", + "rsa-key-pkcs8-pbes1-sha1-3des.pem", "rsa-key-pkcs8-pbes1-sha1-3des.der", + "rsa-key-pkcs8-pbes2-sha1.pem", "rsa-key-pkcs8-pbes2-sha1.der", + "rsa-key-sha1-3des-sha1.p12", "rsa-key-sha1-3des-sha256.p12", + "rsa-key-aes256-cbc-sha256.p12", + "rsa-key-md5-des-sha1.p12", + "rsa-key-aes256-cbc-md5-des-sha256.p12", + "rsa-key-pkcs8-pbes2-sha256.pem", "rsa-key-pkcs8-pbes2-sha256.der", + "rsa-key-pkcs8-pbes1-md5-des.pem", "rsa-key-pkcs8-pbes1-md5-des.der", + "dsa-key-pkcs1.pem", "dsa-key-pkcs1.der", + "dsa-key-pkcs1-aes128.pem", + "dsa-key-pkcs8.pem", "dsa-key-pkcs8.der", + "dsa-key-pkcs8-pbes2-sha1.pem", "dsa-key-pkcs8-pbes2-sha1.der", + "dsa-key-aes256-cbc-sha256.p12", + "ec-key-pkcs1.pem", "ec-key-pkcs1.der", + "ec-key-pkcs1-aes128.pem", + "ec-key-pkcs8.pem", "ec-key-pkcs8.der", + "ec-key-pkcs8-pbes2-sha1.pem", "ec-key-pkcs8-pbes2-sha1.der", + "ec-key-aes256-cbc-sha256.p12", + ); +my %generated_file_files = + $^O eq 'linux' + ? ( "test/testx509.pem" => "file:testx509.pem", + "test/testrsa.pem" => "file:testrsa.pem", + "test/testrsapub.pem" => "file:testrsapub.pem", + "test/testcrl.pem" => "file:testcrl.pem", + "apps/server.pem" => "file:server.pem" ) + : (); +my @noexist_file_files = + ( "file:blahdiblah.pem", + "file:test/blahdibleh.der" ); + +my $n = (3 * scalar @noexist_files) + + (6 * scalar @src_files) + + (4 * scalar @generated_files) + + (scalar keys %generated_file_files) + + (scalar @noexist_file_files) + + 3 + + 11; + +plan tests => $n; + +indir "store_$$" => sub { + SKIP: + { + skip "failed initialisation", $n unless init(); + + my $rehash = init_rehash(); + + foreach (@noexist_files) { + my $file = srctop_file($_); + + ok(!run(app(["openssl", "storeutl", "-noout", $file]))); + ok(!run(app(["openssl", "storeutl", "-noout", + to_abs_file($file)]))); + { + local $ENV{MSYS2_ARG_CONV_EXCL} = "file:"; + + ok(!run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file)]))); + } + } + foreach (@src_files) { + my $file = srctop_file($_); + + ok(run(app(["openssl", "storeutl", "-noout", $file]))); + ok(run(app(["openssl", "storeutl", "-noout", to_abs_file($file)]))); + SKIP: + { + skip "file: tests disabled on MingW", 4 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file)]))); + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file, 0, "")]))); + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file, 0, "localhost")]))); + ok(!run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($file, 0, "dummy")]))); + } + } + foreach (@generated_files) { + ok(run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", $_]))); + ok(run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", to_abs_file($_)]))); + + SKIP: + { + skip "file: tests disabled on MingW", 2 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", to_abs_file_uri($_)]))); + ok(!run(app(["openssl", "storeutl", "-noout", "-passin", + "pass:password", to_file_uri($_)]))); + } + } + foreach (values %generated_file_files) { + SKIP: + { + skip "file: tests disabled on MingW", 1 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", $_]))); + } + } + foreach (@noexist_file_files) { + SKIP: + { + skip "file: tests disabled on MingW", 1 if $mingw; + + ok(!run(app(["openssl", "storeutl", "-noout", $_]))); + } + } + { + my $dir = srctop_dir("test", "certs"); + + ok(run(app(["openssl", "storeutl", "-noout", $dir]))); + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file($dir, 1)]))); + SKIP: + { + skip "file: tests disabled on MingW", 1 if $mingw; + + ok(run(app(["openssl", "storeutl", "-noout", + to_abs_file_uri($dir, 1)]))); + } + } + + ok(!run(app(['openssl', 'storeutl', '-noout', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + srctop_file('test', 'testx509.pem')])), + "Checking that -subject can't be used with a single file"); + + ok(run(app(['openssl', 'storeutl', '-certs', '-noout', + srctop_file('test', 'testx509.pem')])), + "Checking that -certs returns 1 object on a certificate file"); + ok(run(app(['openssl', 'storeutl', '-certs', '-noout', + srctop_file('test', 'testcrl.pem')])), + "Checking that -certs returns 0 objects on a CRL file"); + + ok(run(app(['openssl', 'storeutl', '-crls', '-noout', + srctop_file('test', 'testx509.pem')])), + "Checking that -crls returns 0 objects on a certificate file"); + ok(run(app(['openssl', 'storeutl', '-crls', '-noout', + srctop_file('test', 'testcrl.pem')])), + "Checking that -crls returns 1 object on a CRL file"); + + SKIP: { + skip "failed rehash initialisation", 6 unless $rehash; + + # subject from testx509.pem: + # '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' + # issuer from testcrl.pem: + # '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' + ok(run(app(['openssl', 'storeutl', '-noout', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', + '-subject', + '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-certs', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-crls', + '-subject', '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-certs', + '-subject', + '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority', + catdir(curdir(), 'rehash')]))); + ok(run(app(['openssl', 'storeutl', '-noout', '-crls', + '-subject', + '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority', + catdir(curdir(), 'rehash')]))); + } + } +}, create => 1, cleanup => 1; + +sub init { + return ( + # rsa-key-pkcs1.pem + run(app(["openssl", "genrsa", + "-out", "rsa-key-pkcs1.pem", "2432"])) + # dsa-key-pkcs1.pem + && run(app(["openssl", "dsaparam", "-genkey", + "-out", "dsa-key-pkcs1.pem", "1024"])) + # ec-key-pkcs1.pem (one might think that 'genec' would be practical) + && run(app(["openssl", "ecparam", "-genkey", "-name", "prime256v1", + "-out", "ec-key-pkcs1.pem"])) + # rsa-key-pkcs1-aes128.pem + && run(app(["openssl", "rsa", "-passout", "pass:password", "-aes128", + "-in", "rsa-key-pkcs1.pem", + "-out", "rsa-key-pkcs1-aes128.pem"])) + # dsa-key-pkcs1-aes128.pem + && run(app(["openssl", "dsa", "-passout", "pass:password", "-aes128", + "-in", "dsa-key-pkcs1.pem", + "-out", "dsa-key-pkcs1-aes128.pem"])) + # ec-key-pkcs1-aes128.pem + && run(app(["openssl", "ec", "-passout", "pass:password", "-aes128", + "-in", "ec-key-pkcs1.pem", + "-out", "ec-key-pkcs1-aes128.pem"])) + # *-key-pkcs8.pem + && runall(sub { + my $dstfile = shift; + (my $srcfile = $dstfile) + =~ s/-key-pkcs8\.pem$/-key-pkcs1.pem/i; + run(app(["openssl", "pkcs8", "-topk8", "-nocrypt", + "-in", $srcfile, "-out", $dstfile])); + }, grep(/-key-pkcs8\.pem$/, @generated_files)) + # *-key-pkcs8-pbes1-sha1-3des.pem + && runall(sub { + my $dstfile = shift; + (my $srcfile = $dstfile) + =~ s/-key-pkcs8-pbes1-sha1-3des\.pem$ + /-key-pkcs8.pem/ix; + run(app(["openssl", "pkcs8", "-topk8", + "-passout", "pass:password", + "-v1", "pbeWithSHA1And3-KeyTripleDES-CBC", + "-in", $srcfile, "-out", $dstfile])); + }, grep(/-key-pkcs8-pbes1-sha1-3des\.pem$/, @generated_files)) + # *-key-pkcs8-pbes1-md5-des.pem + && runall(sub { + my $dstfile = shift; + (my $srcfile = $dstfile) + =~ s/-key-pkcs8-pbes1-md5-des\.pem$ + /-key-pkcs8.pem/ix; + run(app(["openssl", "pkcs8", "-topk8", + "-passout", "pass:password", + "-v1", "pbeWithSHA1And3-KeyTripleDES-CBC", + "-in", $srcfile, "-out", $dstfile])); + }, grep(/-key-pkcs8-pbes1-md5-des\.pem$/, @generated_files)) + # *-key-pkcs8-pbes2-sha1.pem + && runall(sub { + my $dstfile = shift; + (my $srcfile = $dstfile) + =~ s/-key-pkcs8-pbes2-sha1\.pem$ + /-key-pkcs8.pem/ix; + run(app(["openssl", "pkcs8", "-topk8", + "-passout", "pass:password", + "-v2", "aes256", "-v2prf", "hmacWithSHA1", + "-in", $srcfile, "-out", $dstfile])); + }, grep(/-key-pkcs8-pbes2-sha1\.pem$/, @generated_files)) + # *-key-pkcs8-pbes2-sha1.pem + && runall(sub { + my $dstfile = shift; + (my $srcfile = $dstfile) + =~ s/-key-pkcs8-pbes2-sha256\.pem$ + /-key-pkcs8.pem/ix; + run(app(["openssl", "pkcs8", "-topk8", + "-passout", "pass:password", + "-v2", "aes256", "-v2prf", "hmacWithSHA256", + "-in", $srcfile, "-out", $dstfile])); + }, grep(/-key-pkcs8-pbes2-sha256\.pem$/, @generated_files)) + # *-cert.pem (intermediary for the .p12 inits) + && run(app(["openssl", "req", "-x509", + "-config", data_file("ca.cnf"), "-nodes", + "-out", "cacert.pem", "-keyout", "cakey.pem"])) + && runall(sub { + my $srckey = shift; + (my $dstfile = $srckey) =~ s|-key-pkcs8\.|-cert.|; + (my $csr = $dstfile) =~ s|\.pem|.csr|; + + (run(app(["openssl", "req", "-new", + "-config", data_file("user.cnf"), + "-key", $srckey, "-out", $csr])) + && + run(app(["openssl", "x509", "-days", "3650", + "-CA", "cacert.pem", + "-CAkey", "cakey.pem", + "-set_serial", time(), "-req", + "-in", $csr, "-out", $dstfile]))); + }, grep(/-key-pkcs8\.pem$/, @generated_files)) + # *.p12 + && runall(sub { + my $dstfile = shift; + my ($type, $certpbe_index, $keypbe_index, + $macalg_index) = + $dstfile =~ m{^(.*)-key-(?| + # cert and key PBE are same + () # + ([^-]*-[^-]*)- # key & cert PBE + ([^-]*) # MACalg + | + # cert and key PBE are not same + ([^-]*-[^-]*)- # cert PBE + ([^-]*-[^-]*)- # key PBE + ([^-]*) # MACalg + )\.}x; + if (!$certpbe_index) { + $certpbe_index = $keypbe_index; + } + my $srckey = "$type-key-pkcs8.pem"; + my $srccert = "$type-cert.pem"; + my %pbes = + ( + "sha1-3des" => "pbeWithSHA1And3-KeyTripleDES-CBC", + "md5-des" => "pbeWithMD5AndDES-CBC", + "aes256-cbc" => "AES-256-CBC", + ); + my %macalgs = + ( + "sha1" => "SHA1", + "sha256" => "SHA256", + ); + my $certpbe = $pbes{$certpbe_index}; + my $keypbe = $pbes{$keypbe_index}; + my $macalg = $macalgs{$macalg_index}; + if (!defined($certpbe) || !defined($keypbe) + || !defined($macalg)) { + print STDERR "Cert PBE for $pbe_index not defined\n" + unless defined $certpbe; + print STDERR "Key PBE for $pbe_index not defined\n" + unless defined $keypbe; + print STDERR "MACALG for $macalg_index not defined\n" + unless defined $macalg; + print STDERR "(destination file was $dstfile)\n"; + return 0; + } + run(app(["openssl", "pkcs12", "-inkey", $srckey, + "-in", $srccert, "-passout", "pass:password", + "-export", "-macalg", $macalg, + "-certpbe", $certpbe, "-keypbe", $keypbe, + "-out", $dstfile])); + }, grep(/\.p12/, @generated_files)) + # *.der (the end all init) + && runall(sub { + my $dstfile = shift; + (my $srcfile = $dstfile) =~ s/\.der$/.pem/i; + if (! -f $srcfile) { + $srcfile = srctop_file("test", $srcfile); + } + my $infh; + unless (open $infh, $srcfile) { + return 0; + } + my $l; + while (($l = <$infh>) !~ /^-----BEGIN\s/ + || $l =~ /^-----BEGIN.*PARAMETERS-----/) { + } + my $b64 = ""; + while (($l = <$infh>) !~ /^-----END\s/) { + $l =~ s|\R$||; + $b64 .= $l unless $l =~ /:/; + } + close $infh; + my $der = decode_base64($b64); + unless (length($b64) / 4 * 3 - length($der) < 3) { + print STDERR "Length error, ",length($b64), + " bytes of base64 became ",length($der), + " bytes of der? ($srcfile => $dstfile)\n"; + return 0; + } + my $outfh; + unless (open $outfh, ">:raw", $dstfile) { + return 0; + } + print $outfh $der; + close $outfh; + return 1; + }, grep(/\.der$/, @generated_files)) + && runall(sub { + my $srcfile = shift; + my $dstfile = $generated_file_files{$srcfile}; + + unless (copy srctop_file($srcfile), $dstfile) { + warn "$!\n"; + return 0; + } + return 1; + }, keys %generated_file_files) + ); +} + +sub init_rehash { + return ( + mkdir(catdir(curdir(), 'rehash')) + && copy(srctop_file('test', 'testx509.pem'), + catdir(curdir(), 'rehash')) + && copy(srctop_file('test', 'testcrl.pem'), + catdir(curdir(), 'rehash')) + && run(app(['openssl', 'rehash', catdir(curdir(), 'rehash')])) + ); +} + +sub runall { + my ($function, @items) = @_; + + foreach (@items) { + return 0 unless $function->($_); + } + return 1; +} + +# According to RFC8089, a relative file: path is invalid. We still produce +# them for testing purposes. +sub to_file_uri { + my ($file, $isdir, $authority) = @_; + my $vol; + my $dir; + + die "to_file_uri: No file given\n" if !defined($file) || $file eq ''; + + ($vol, $dir, $file) = File::Spec->splitpath($file, $isdir // 0); + + # Make sure we have a Unix style directory. + $dir = join('/', File::Spec->splitdir($dir)); + # Canonicalise it (note: it seems to be only needed on Unix) + while (1) { + my $newdir = $dir; + $newdir =~ s|/[^/]*[^/\.]+[^/]*/\.\./|/|g; + last if $newdir eq $dir; + $dir = $newdir; + } + # Take care of the corner cases the loop can't handle, and that $dir + # ends with a / unless it's empty + $dir =~ s|/[^/]*[^/\.]+[^/]*/\.\.$|/|; + $dir =~ s|^[^/]*[^/\.]+[^/]*/\.\./|/|; + $dir =~ s|^[^/]*[^/\.]+[^/]*/\.\.$||; + if ($isdir // 0) { + $dir =~ s|/$|| if $dir ne '/'; + } else { + $dir .= '/' if $dir ne '' && $dir !~ m|/$|; + } + + # If the file system has separate volumes (at present, Windows and VMS) + # we need to handle them. In URIs, they are invariably the first + # component of the path, which is always absolute. + # On VMS, user:[foo.bar] translates to /user/foo/bar + # On Windows, c:\Users\Foo translates to /c:/Users/Foo + if ($vol ne '') { + $vol =~ s|:||g if ($^O eq "VMS"); + $dir = '/' . $dir if $dir ne '' && $dir !~ m|^/|; + $dir = '/' . $vol . $dir; + } + $file = $dir . $file; + + return "file://$authority$file" if defined $authority; + return "file:$file"; +} + +sub to_abs_file { + my ($file) = @_; + + return File::Spec->rel2abs($file); +} + +sub to_abs_file_uri { + my ($file, $isdir, $authority) = @_; + + die "to_abs_file_uri: No file given\n" if !defined($file) || $file eq ''; + return to_file_uri(to_abs_file($file), $isdir, $authority); +} diff --git a/deps/openssl/openssl/test/recipes/90-test_store_data/ca.cnf b/deps/openssl/openssl/test/recipes/90-test_store_data/ca.cnf new file mode 100644 index 0000000000..bda6eec4b0 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_store_data/ca.cnf @@ -0,0 +1,56 @@ +#################################################################### +[ req ] +default_bits = 2432 +default_keyfile = cakey.pem +default_md = sha256 +distinguished_name = req_DN +string_mask = utf8only +x509_extensions = v3_selfsign + +[ req_DN ] +commonName = "Common Name" +commonName_value = "CA" + +[ v3_selfsign ] +basicConstraints = critical,CA:true +keyUsage = keyCertSign +subjectKeyIdentifier=hash + +#################################################################### +[ ca ] +default_ca = CA_default # The default ca section + +#################################################################### +[ CA_default ] + +dir = ./demoCA +certificate = ./demoCA/cacert.pem +serial = ./demoCA/serial +private_key = ./demoCA/private/cakey.pem +new_certs_dir = ./demoCA/newcerts + +certificate = cacert.pem +private_key = cakey.pem + +x509_extensions = v3_user + +name_opt = ca_default # Subject Name options +cert_opt = ca_default # Certificate field options + +policy = policy_anything + +[ policy_anything ] +countryName = optional +stateOrProvinceName = optional +localityName = optional +organizationName = optional +organizationalUnitName = optional +commonName = supplied +emailAddress = optional + +[ v3_user ] +basicConstraints=critical,CA:FALSE +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid,issuer +issuerAltName=issuer:copy + diff --git a/deps/openssl/openssl/test/recipes/90-test_store_data/user.cnf b/deps/openssl/openssl/test/recipes/90-test_store_data/user.cnf new file mode 100644 index 0000000000..91f796947a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_store_data/user.cnf @@ -0,0 +1,19 @@ +#################################################################### +[ req ] +default_bits = 2432 +default_md = sha256 +distinguished_name = req_DN +string_mask = utf8only + +req_extensions = v3_req # The extensions to add to a certificate request + +[ req_DN ] +commonName = "Common Name" +commonName_value = "A user" +userId = "User ID" +userId_value = "test" + +[ v3_req ] +extendedKeyUsage = clientAuth +subjectKeyIdentifier = hash +basicConstraints = CA:false diff --git a/deps/openssl/openssl/test/recipes/90-test_sysdefault.t b/deps/openssl/openssl/test/recipes/90-test_sysdefault.t new file mode 100644 index 0000000000..a34888c15e --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_sysdefault.t @@ -0,0 +1,23 @@ +#! /usr/bin/env perl +# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +my $test_name = "test_sysdefault"; +setup($test_name); + +plan skip_all => "$test_name is not supported in this build" + if disabled("tls1_2") || disabled("rsa"); + +plan tests => 1; + +$ENV{OPENSSL_CONF} = srctop_file("test", "sysdefault.cnf"); + +ok(run(test(["sysdefaulttest"])), "sysdefaulttest"); diff --git a/deps/openssl/openssl/test/recipes/90-test_time_offset.t b/deps/openssl/openssl/test/recipes/90-test_time_offset.t new file mode 100644 index 0000000000..a032d9b40a --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_time_offset.t @@ -0,0 +1,12 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Simple; + +simple_test("test_time_offset", "time_offset_test"); diff --git a/deps/openssl/openssl/test/recipes/90-test_tls13ccs.t b/deps/openssl/openssl/test/recipes/90-test_tls13ccs.t new file mode 100644 index 0000000000..2ec28ce5ff --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_tls13ccs.t @@ -0,0 +1,22 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +my $test_name = "test_tls13ccs"; +setup($test_name); + +plan skip_all => "$test_name is not supported in this build" + if disabled("tls1_3"); + +plan tests => 1; + +ok(run(test(["tls13ccstest", srctop_file("apps", "server.pem"), + srctop_file("apps", "server.pem")])), "tls13ccstest"); diff --git a/deps/openssl/openssl/test/recipes/90-test_tls13encryption.t b/deps/openssl/openssl/test/recipes/90-test_tls13encryption.t new file mode 100644 index 0000000000..e6ca97a137 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_tls13encryption.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +my $test_name = "tls13encryption"; +setup($test_name); + +plan skip_all => "$test_name is not supported in this build" + if disabled("tls1_3"); + +plan tests => 1; + +ok(run(test(["tls13encryptiontest"])), "running tls13encryptiontest"); diff --git a/deps/openssl/openssl/test/recipes/90-test_tls13secrets.t b/deps/openssl/openssl/test/recipes/90-test_tls13secrets.t new file mode 100644 index 0000000000..5490885309 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/90-test_tls13secrets.t @@ -0,0 +1,20 @@ +#! /usr/bin/env perl +# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +my $test_name = "tls13secrets"; +setup($test_name); + +plan skip_all => "$test_name is not supported in this build" + if disabled("tls1_3") || disabled("shared"); + +plan tests => 1; + +ok(run(test(["tls13secretstest"])), "running tls13secretstest"); diff --git a/deps/openssl/openssl/test/recipes/95-test_external_boringssl.t b/deps/openssl/openssl/test/recipes/95-test_external_boringssl.t new file mode 100644 index 0000000000..5e3f67edbe --- /dev/null +++ b/deps/openssl/openssl/test/recipes/95-test_external_boringssl.t @@ -0,0 +1,30 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT bldtop_file srctop_file cmdstr/; + +setup("test_external_boringssl"); + +plan skip_all => "No external tests in this configuration" + if disabled("external-tests"); +plan skip_all => "BoringSSL runner not detected" + if !$ENV{BORING_RUNNER_DIR}; + +plan tests => 1; + +indir $ENV{BORING_RUNNER_DIR} => sub { + ok(run(cmd(["go", "test", "-shim-path", + bldtop_file("test", "ossl_shim", "ossl_shim"), + "-shim-config", + srctop_file("test", "ossl_shim", "ossl_config.json"), + "-pipe", "-allow-unimplemented"]), prefix => "go test: "), + "running BoringSSL tests"); +}, create => 0, cleanup => 0; diff --git a/deps/openssl/openssl/test/recipes/95-test_external_krb5.t b/deps/openssl/openssl/test/recipes/95-test_external_krb5.t new file mode 100644 index 0000000000..6cc4d26815 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/95-test_external_krb5.t @@ -0,0 +1,23 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT data_file srctop_file/; + +setup("test_external_krb5"); + +plan skip_all => "No external tests in this configuration" + if disabled("external-tests"); +plan skip_all => "krb5 not available" + if ! -f srctop_file("krb5", "README"); + +plan tests => 1; + +ok(run(cmd([data_file("krb5.sh")])), "running krb5 tests"); diff --git a/deps/openssl/openssl/test/recipes/95-test_external_krb5_data/krb5.sh b/deps/openssl/openssl/test/recipes/95-test_external_krb5_data/krb5.sh new file mode 100755 index 0000000000..39c6592f97 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/95-test_external_krb5_data/krb5.sh @@ -0,0 +1,23 @@ +#!/bin/sh -ex +# +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# krb5's test suite clears LD_LIBRARY_PATH +LDFLAGS="-L`pwd`/$BLDTOP -Wl,-rpath,`pwd`/$BLDTOP" +CFLAGS="-I`pwd`/$BLDTOP/include -I`pwd`/$SRCTOP/include" + +cd $SRCTOP/krb5/src +autoreconf +./configure --with-ldap --with-prng-alg=os --enable-pkinit \ + --with-crypto-impl=openssl --with-tls-impl=openssl \ + CFLAGS="$CFLAGS" LDFLAGS="$LDFLAGS" + +# quiet make so that Travis doesn't overflow +make -s + +make check diff --git a/deps/openssl/openssl/test/recipes/95-test_external_pyca.t b/deps/openssl/openssl/test/recipes/95-test_external_pyca.t new file mode 100644 index 0000000000..c1ada99416 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/95-test_external_pyca.t @@ -0,0 +1,28 @@ +#! /usr/bin/env perl +# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +use OpenSSL::Test; +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT bldtop_file data_file srctop_file cmdstr/; + +setup("test_external"); + +plan skip_all => "No external tests in this configuration" + if disabled("external-tests"); +plan skip_all => "PYCA tests not available on Windows or VMS" + if $^O =~ /^(VMS|MSWin32)$/; +plan skip_all => "PYCA Cryptography not available" + if ! -f srctop_file("pyca-cryptography", "setup.py"); +plan skip_all => "PYCA tests only available in a shared build" + if disabled("shared"); + +plan tests => 1; + +ok(run(cmd(["sh", data_file("cryptography.sh")])), + "running Python Cryptography tests"); diff --git a/deps/openssl/openssl/test/recipes/95-test_external_pyca_data/cryptography.sh b/deps/openssl/openssl/test/recipes/95-test_external_pyca_data/cryptography.sh new file mode 100755 index 0000000000..e1616914a7 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/95-test_external_pyca_data/cryptography.sh @@ -0,0 +1,64 @@ +#!/bin/sh +# +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +# +# OpenSSL external testing using the Python Cryptography module +# +set -e + +O_EXE=`pwd`/$BLDTOP/apps +O_BINC=`pwd`/$BLDTOP/include +O_SINC=`pwd`/$SRCTOP/include +O_LIB=`pwd`/$BLDTOP + +export PATH=$O_EXE:$PATH +export LD_LIBRARY_PATH=$O_LIB:$LD_LIBRARY_PATH + +# Check/Set openssl version +OPENSSL_VERSION=`openssl version | cut -f 2 -d ' '` + +echo "------------------------------------------------------------------" +echo "Testing OpenSSL using Python Cryptography:" +echo " CWD: $PWD" +echo " SRCTOP: $SRCTOP" +echo " BLDTOP: $BLDTOP" +echo " OpenSSL version: $OPENSSL_VERSION" +echo "------------------------------------------------------------------" + +cd $SRCTOP + +# Create a python virtual env and activate +rm -rf venv-pycrypto +virtualenv venv-pycrypto +. ./venv-pycrypto/bin/activate + +cd pyca-cryptography + +pip install .[test] + +echo "------------------------------------------------------------------" +echo "Building cryptography" +echo "------------------------------------------------------------------" +python ./setup.py clean + +CFLAGS="-I$O_BINC -I$O_SINC -L$O_LIB" python ./setup.py build + +echo "------------------------------------------------------------------" +echo "Running tests" +echo "------------------------------------------------------------------" + +CFLAGS="-I$O_BINC -I$O_SINC -L$O_LIB" python ./setup.py test + +cd ../ +deactivate +rm -rf venv-pycrypto + +exit 0 + diff --git a/deps/openssl/openssl/test/recipes/99-test_ecstress.t b/deps/openssl/openssl/test/recipes/99-test_ecstress.t new file mode 100644 index 0000000000..f95a5443a3 --- /dev/null +++ b/deps/openssl/openssl/test/recipes/99-test_ecstress.t @@ -0,0 +1,23 @@ +#! /usr/bin/env perl +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use OpenSSL::Test; +use OpenSSL::Test::Utils; + +setup("test_ecstress"); + +plan tests => 1; + +SKIP: { + skip "Skipping EC stress test", 1 + if ! exists $ENV{'ECSTRESS'}; + ok(run(test(["ecstresstest"])), "running ecstresstest"); +} diff --git a/deps/openssl/openssl/test/recipes/90-test_fuzz.t b/deps/openssl/openssl/test/recipes/99-test_fuzz.t index 8d3b3541fc..99970e3928 100644 --- a/deps/openssl/openssl/test/recipes/90-test_fuzz.t +++ b/deps/openssl/openssl/test/recipes/99-test_fuzz.t @@ -9,13 +9,13 @@ use strict; use warnings; -use if $^O ne "VMS", 'File::Glob' => qw/glob/; +use OpenSSL::Glob; use OpenSSL::Test qw/:DEFAULT srctop_file/; use OpenSSL::Test::Utils; setup("test_fuzz"); -my @fuzzers = ('asn1', 'asn1parse', 'bignum', 'bndiv', 'conf', 'crl', 'server', 'x509'); +my @fuzzers = ('asn1', 'asn1parse', 'bignum', 'bndiv', 'client', 'conf', 'crl', 'server', 'x509'); if (!disabled("cms")) { push @fuzzers, 'cms'; } diff --git a/deps/openssl/openssl/test/recipes/bc.pl b/deps/openssl/openssl/test/recipes/bc.pl deleted file mode 100644 index dbb5842bda..0000000000 --- a/deps/openssl/openssl/test/recipes/bc.pl +++ /dev/null @@ -1,113 +0,0 @@ -#! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. -# -# Licensed under the OpenSSL license (the "License"). You may not use -# this file except in compliance with the License. You can obtain a copy -# in the file LICENSE in the source distribution or at -# https://www.openssl.org/source/license.html - - -use strict; -use warnings; - -use Math::BigInt; - -sub calc { - @_ = __adder(@_); - if (scalar @_ != 1) { return "NaN"; } - return shift; -} - -sub __canonhex { - my ($sign, $hex) = (shift =~ /^([+\-]?)(.*)$/); - $hex = "0x".$hex if $hex !~ /^0x/; - return $sign.$hex; -} - -sub __adder { - @_ = __multiplier(@_); - while (scalar @_ > 1 && $_[1] =~ /^[\+\-]$/) { - my $operand1 = Math::BigInt->from_hex(__canonhex(shift)); - my $operator = shift; - @_ = __multiplier(@_); - my $operand2 = Math::BigInt->from_hex(__canonhex(shift)); - if ($operator eq "+") { - $operand1->badd($operand2); - } elsif ($operator eq "-") { - $operand1->bsub($operand2); - } else { - die "SOMETHING WENT AWFULLY WRONG"; - } - unshift @_, $operand1->as_hex(); - } - return @_; -} - -sub __multiplier { - @_ = __power(@_); - while (scalar @_ > 1 && $_[1] =~ /^[\*\/%]$/) { - my $operand1 = Math::BigInt->from_hex(__canonhex(shift)); - my $operator = shift; - @_ = __power(@_); - my $operand2 = Math::BigInt->from_hex(__canonhex(shift)); - if ($operator eq "*") { - $operand1->bmul($operand2); - } elsif ($operator eq "/") { - # Math::BigInt->bdiv() is documented to do floored division, - # i.e. 1 / -4 = -1, while bc and OpenSSL BN_div do truncated - # division, i.e. 1 / -4 = 0. We need to make the operation - # work like OpenSSL's BN_div to be able to verify. - my $neg = ($operand1->is_neg() - ? !$operand2->is_neg() : $operand2->is_neg()); - $operand1->babs(); - $operand2->babs(); - $operand1->bdiv($operand2); - if ($neg) { $operand1->bneg(); } - } elsif ($operator eq "%") { - # Here's a bit of a quirk... - # With OpenSSL's BN, as well as bc, the result of -10 % 3 is -1 - # while Math::BigInt, the result is 2. - # The latter is mathematically more correct, but... - my $o1isneg = $operand1->is_neg(); - $operand1->babs(); - # Math::BigInt does something different with a negative modulus, - # while OpenSSL's BN and bc treat it like a positive number... - $operand2->babs(); - $operand1->bmod($operand2); - if ($o1isneg) { $operand1->bneg(); } - } else { - die "SOMETHING WENT AWFULLY WRONG"; - } - unshift @_, $operand1->as_hex(); - } - return @_; -} - -sub __power { - @_ = __paren(@_); - while (scalar @_ > 1 && $_[1] eq "^") { - my $operand1 = Math::BigInt->from_hex(__canonhex(shift)); - shift; - @_ = __paren(@_); - my $operand2 = Math::BigInt->from_hex(__canonhex(shift)); - $operand1->bpow($operand2); - unshift @_, $operand1->as_hex(); - } - return @_; -} - -# returns array ( $result, @remaining ) -sub __paren { - if (scalar @_ > 0 && $_[0] eq "(") { - shift; - my @result = __adder(@_); - if (scalar @_ == 0 || $_[0] ne ")") { - return ("NaN"); - } - shift; - return @result; - } - return @_; -} - -1; diff --git a/deps/openssl/openssl/test/recipes/ocsp-response.der b/deps/openssl/openssl/test/recipes/ocsp-response.der Binary files differnew file mode 100644 index 0000000000..31351a0e3c --- /dev/null +++ b/deps/openssl/openssl/test/recipes/ocsp-response.der diff --git a/deps/openssl/openssl/test/recipes/tconversion.pl b/deps/openssl/openssl/test/recipes/tconversion.pl index 1cf68dc09b..fb0b766ce7 100644 --- a/deps/openssl/openssl/test/recipes/tconversion.pl +++ b/deps/openssl/openssl/test/recipes/tconversion.pl @@ -23,7 +23,7 @@ my %conversionforms = ( sub tconversion { my $testtype = shift; my $t = shift; - my @conversionforms = + my @conversionforms = defined($conversionforms{$testtype}) ? @{$conversionforms{$testtype}} : @{$conversionforms{"*"}}; @@ -36,7 +36,7 @@ sub tconversion { + $n # initial conversions from p to all forms (A) + $n*$n # conversion from result of A to all forms (B) + 1 # comparing original test file to p form of A - + $n*($n-1); # comparing first conversion to each form in A with B + + $n*($n-1); # comparing first conversion to each fom in A with B $totaltests-- if ($testtype eq "p7d"); # no comparison of original test file plan tests => $totaltests; diff --git a/deps/openssl/openssl/test/rmdtest.c b/deps/openssl/openssl/test/rmdtest.c deleted file mode 100644 index b6deaaa1f5..0000000000 --- a/deps/openssl/openssl/test/rmdtest.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include "../e_os.h" - -#ifdef OPENSSL_NO_RMD160 -int main(int argc, char *argv[]) -{ - printf("No ripemd support\n"); - return (0); -} -#else -# include <openssl/ripemd.h> -# include <openssl/evp.h> - -# ifdef CHARSET_EBCDIC -# include <openssl/ebcdic.h> -# endif - -static char test[][100] = { - { "" }, - { "a" }, - { "abc" }, - { "message digest" }, - { "abcdefghijklmnopqrstuvwxyz" }, - { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" }, - { "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789" }, - { "12345678901234567890123456789012345678901234567890123456789012345678901234567890" } -}; - -static char *ret[] = { - "9c1185a5c5e9fc54612808977ee8f548b2258d31", - "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe", - "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc", - "5d0689ef49d2fae572b881b123a85ffa21595f36", - "f71c27109c692c1b56bbdceb5b9d2865b3708dbc", - "12a053384a9c0c88e405a06c27dcf49ada62eb2b", - "b0e20b6e3116640286ed3a87a5713079b21f5189", - "9b752e45573d4b39f4dbd3323cab82bf63326bfb", -}; - -static char *pt(unsigned char *md); -int main(int argc, char *argv[]) -{ - unsigned int i; - int err = 0; - char **R; - char *p; - unsigned char md[RIPEMD160_DIGEST_LENGTH]; - - R = ret; - for (i = 0; i < OSSL_NELEM(test); i++) { -# ifdef CHARSET_EBCDIC - ebcdic2ascii(test[i], test[i], strlen(test[i])); -# endif - if (!EVP_Digest(test[i], strlen(test[i]), md, NULL, EVP_ripemd160(), - NULL)) { - printf("EVP Digest error.\n"); - EXIT(1); - } - p = pt(md); - if (strcmp(p, (char *)*R) != 0) { - printf("error calculating RIPEMD160 on '%s'\n", test[i]); - printf("got %s instead of %s\n", p, *R); - err++; - } else - printf("test %d ok\n", i + 1); - R++; - } - EXIT(err); -} - -static char *pt(unsigned char *md) -{ - int i; - static char buf[80]; - - for (i = 0; i < RIPEMD160_DIGEST_LENGTH; i++) - sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); -} -#endif diff --git a/deps/openssl/openssl/test/rsa_test.c b/deps/openssl/openssl/test/rsa_test.c index 01e8374a09..2ad4de4734 100644 --- a/deps/openssl/openssl/test/rsa_test.c +++ b/deps/openssl/openssl/test/rsa_test.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,17 +12,20 @@ #include <stdio.h> #include <string.h> -#include "e_os.h" +#include "internal/nelem.h" #include <openssl/crypto.h> #include <openssl/err.h> #include <openssl/rand.h> #include <openssl/bn.h> + +#include "testutil.h" + #ifdef OPENSSL_NO_RSA -int main(int argc, char *argv[]) +int setup_tests(void) { - printf("No RSA support\n"); - return (0); + /* No tests */ + return 1; } #else # include <openssl/rsa.h> @@ -40,7 +43,7 @@ int main(int argc, char *argv[]) BN_bin2bn(dmq1, sizeof(dmq1)-1, NULL), \ BN_bin2bn(iqmp, sizeof(iqmp)-1, NULL)); \ memcpy(c, ctext_ex, sizeof(ctext_ex) - 1); \ - return (sizeof(ctext_ex) - 1); + return sizeof(ctext_ex) - 1; static int key1(RSA *key, unsigned char *c) { @@ -213,17 +216,31 @@ static int pad_unknown(void) unsigned long l; while ((l = ERR_get_error()) != 0) if (ERR_GET_REASON(l) == RSA_R_UNKNOWN_PADDING_TYPE) - return (1); - return (0); + return 1; + return 0; } -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; +static int rsa_setkey(RSA** key, unsigned char* ctext, int idx) +{ + int clen = 0; + *key = RSA_new(); + switch (idx) { + case 0: + clen = key1(*key, ctext); + break; + case 1: + clen = key2(*key, ctext); + break; + case 2: + clen = key3(*key, ctext); + break; + } + return clen; +} -int main(int argc, char *argv[]) +static int test_rsa_pkcs1(int idx) { - int err = 0; - int v; + int ret = 0; RSA *key; unsigned char ptext[256]; unsigned char ctext[256]; @@ -232,113 +249,90 @@ int main(int argc, char *argv[]) int plen; int clen = 0; int num; - int n; - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + plen = sizeof(ptext_ex) - 1; + clen = rsa_setkey(&key, ctext_ex, idx); - RAND_seed(rnd_seed, sizeof(rnd_seed)); /* or OAEP may fail */ + num = RSA_public_encrypt(plen, ptext_ex, ctext, key, + RSA_PKCS1_PADDING); + if (!TEST_int_eq(num, clen)) + goto err; - plen = sizeof(ptext_ex) - 1; + num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING); + if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) + goto err; - for (v = 0; v < 3; v++) { - key = RSA_new(); - switch (v) { - case 0: - clen = key1(key, ctext_ex); - break; - case 1: - clen = key2(key, ctext_ex); - break; - case 2: - clen = key3(key, ctext_ex); - break; - } - - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, - RSA_PKCS1_PADDING); - if (num != clen) { - printf("PKCS#1 v1.5 encryption failed!\n"); - err = 1; - goto oaep; - } - - num = RSA_private_decrypt(num, ctext, ptext, key, RSA_PKCS1_PADDING); - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("PKCS#1 v1.5 decryption failed!\n"); - err = 1; - } else - printf("PKCS #1 v1.5 encryption/decryption ok\n"); - - oaep: - ERR_clear_error(); - num = RSA_public_encrypt(plen, ptext_ex, ctext, key, - RSA_PKCS1_OAEP_PADDING); - if (num == -1 && pad_unknown()) { - printf("No OAEP support\n"); - goto next; - } - if (num != clen) { - printf("OAEP encryption failed!\n"); - err = 1; - goto next; - } - - num = RSA_private_decrypt(num, ctext, ptext, key, - RSA_PKCS1_OAEP_PADDING); - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("OAEP decryption (encrypted data) failed!\n"); - err = 1; - } else if (memcmp(ctext, ctext_ex, num) == 0) - printf("OAEP test vector %d passed!\n", v); - - /* - * Different ciphertexts (rsa_oaep.c without -DPKCS_TESTVECT). Try - * decrypting ctext_ex - */ - - num = RSA_private_decrypt(clen, ctext_ex, ptext, key, - RSA_PKCS1_OAEP_PADDING); + ret = 1; +err: + RSA_free(key); + return ret; +} - if (num != plen || memcmp(ptext, ptext_ex, num) != 0) { - printf("OAEP decryption (test vector data) failed!\n"); - err = 1; - } else - printf("OAEP encryption/decryption ok\n"); - - /* Try decrypting corrupted ciphertexts. */ - for (n = 0; n < clen; ++n) { - ctext[n] ^= 1; - num = RSA_private_decrypt(clen, ctext, ptext, key, - RSA_PKCS1_OAEP_PADDING); - if (num > 0) { - printf("Corrupt data decrypted!\n"); - err = 1; - break; - } - ctext[n] ^= 1; - } - - /* Test truncated ciphertexts, as well as negative length. */ - for (n = -1; n < clen; ++n) { - num = RSA_private_decrypt(n, ctext, ptext, key, +static int test_rsa_oaep(int idx) +{ + int ret = 0; + RSA *key; + unsigned char ptext[256]; + unsigned char ctext[256]; + static unsigned char ptext_ex[] = "\x54\x85\x9b\x34\x2c\x49\xea\x2a"; + unsigned char ctext_ex[256]; + int plen; + int clen = 0; + int num; + int n; + + plen = sizeof(ptext_ex) - 1; + clen = rsa_setkey(&key, ctext_ex, idx); + + num = RSA_public_encrypt(plen, ptext_ex, ctext, key, + RSA_PKCS1_OAEP_PADDING); + if (num == -1 && pad_unknown()) { + TEST_info("Skipping: No OAEP support"); + ret = 1; + goto err; + } + if (!TEST_int_eq(num, clen)) + goto err; + + num = RSA_private_decrypt(num, ctext, ptext, key, + RSA_PKCS1_OAEP_PADDING); + if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) + goto err; + + /* Different ciphertexts. Try decrypting ctext_ex */ + num = RSA_private_decrypt(clen, ctext_ex, ptext, key, + RSA_PKCS1_OAEP_PADDING); + if (!TEST_mem_eq(ptext, num, ptext_ex, plen)) + goto err; + + /* Try decrypting corrupted ciphertexts. */ + for (n = 0; n < clen; ++n) { + ctext[n] ^= 1; + num = RSA_private_decrypt(clen, ctext, ptext, key, RSA_PKCS1_OAEP_PADDING); - if (num > 0) { - printf("Truncated data decrypted!\n"); - err = 1; - break; - } - } - - next: - RSA_free(key); + if (!TEST_int_le(num, 0)) + goto err; + ctext[n] ^= 1; } -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - err = 1; -#endif + /* Test truncated ciphertexts, as well as negative length. */ + for (n = -1; n < clen; ++n) { + num = RSA_private_decrypt(n, ctext, ptext, key, + RSA_PKCS1_OAEP_PADDING); + if (!TEST_int_le(num, 0)) + goto err; + } - return err; + ret = 1; +err: + RSA_free(key); + return ret; +} + +int setup_tests(void) +{ + ADD_ALL_TESTS(test_rsa_pkcs1, 3); + ADD_ALL_TESTS(test_rsa_oaep, 3); + return 1; } #endif diff --git a/deps/openssl/openssl/test/run_tests.pl b/deps/openssl/openssl/test/run_tests.pl index 77dffb332b..881feaec71 100644 --- a/deps/openssl/openssl/test/run_tests.pl +++ b/deps/openssl/openssl/test/run_tests.pl @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -19,16 +19,17 @@ use File::Basename; use FindBin; use lib "$FindBin::Bin/../util/perl"; use OpenSSL::Glob; -use Module::Load::Conditional qw(can_load); -my $TAP_Harness = can_load(modules => { 'TAP::Harness' => undef }) - ? 'TAP::Harness' : 'OpenSSL::TAP::Harness'; +my $TAP_Harness = eval { require TAP::Harness } ? "TAP::Harness" + : "OpenSSL::TAP::Harness"; my $srctop = $ENV{SRCTOP} || $ENV{TOP}; my $bldtop = $ENV{BLDTOP} || $ENV{TOP}; my $recipesdir = catdir($srctop, "test", "recipes"); my $libdir = rel2abs(catdir($srctop, "util", "perl")); +$ENV{OPENSSL_CONF} = catdir($srctop, "apps", "openssl.cnf"); + my %tapargs = ( verbosity => $ENV{VERBOSE} || $ENV{V} || $ENV{HARNESS_VERBOSE} ? 1 : 0, lib => [ $libdir ], @@ -36,45 +37,74 @@ my %tapargs = merge => 1 ); -my @tests = ( "alltests" ); -if (@ARGV) { - @tests = @ARGV; -} -my $list_mode = scalar(grep /^list$/, @tests) != 0; -if (grep /^(alltests|list)$/, @tests) { - @tests = grep { - basename($_) =~ /^[0-9][0-9]-[^\.]*\.t$/ - } glob(catfile($recipesdir,"*.t")); -} else { - my @t = (); - foreach (@tests) { - push @t, grep { - basename($_) =~ /^[0-9][0-9]-[^\.]*\.t$/ - } glob(catfile($recipesdir,"*-$_.t")); +my @alltests = find_matching_tests("*"); +my %tests = (); + +my $initial_arg = 1; +foreach my $arg (@ARGV ? @ARGV : ('alltests')) { + if ($arg eq 'list') { + foreach (@alltests) { + (my $x = basename($_)) =~ s|^[0-9][0-9]-(.*)\.t$|$1|; + print $x,"\n"; + } + exit 0; + } + if ($arg eq 'alltests') { + warn "'alltests' encountered, ignoring everything before that...\n" + unless $initial_arg; + %tests = map { $_ => 1 } @alltests; + } elsif ($arg =~ m/^(-?)(.*)/) { + my $sign = $1; + my $test = $2; + my @matches = find_matching_tests($test); + + # If '-foo' is the first arg, it's short for 'alltests -foo' + if ($sign eq '-' && $initial_arg) { + %tests = map { $_ => 1 } @alltests; + } + + if (scalar @matches == 0) { + warn "Test $test found no match, skipping ", + ($sign eq '-' ? "removal" : "addition"), + "...\n"; + } else { + foreach $test (@matches) { + if ($sign eq '-') { + delete $tests{$test}; + } else { + $tests{$test} = 1; + } + } + } + } else { + warn "I don't know what '$arg' is about, ignoring...\n"; } - @tests = @t; + + $initial_arg = 0; } -if ($list_mode) { - @tests = map { $_ = basename($_); $_ =~ s/^[0-9][0-9]-//; $_ =~ s/\.t$//; - $_ } @tests; - print join("\n", @tests), "\n"; -} else { - @tests = map { abs2rel($_, rel2abs(curdir())); } @tests; - - my $harness = $TAP_Harness->new(\%tapargs); - my $ret = $harness->runtests(sort @tests); - - # $ret->has_errors may be any number, not just 0 or 1. On VMS, numbers - # from 2 and on are used as is as VMS statuses, which has severity encoded - # in the lower 3 bits. 0 and 1, on the other hand, generate SUCCESS and - # FAILURE, so for currect reporting on all platforms, we make sure the only - # exit codes are 0 and 1. Double-bang is the trick to do so. - exit !!$ret->has_errors if (ref($ret) eq "TAP::Parser::Aggregator"); - - # If this isn't a TAP::Parser::Aggregator, it's the pre-TAP test harness, - # which simply dies at the end if any test failed, so we don't need to - # bother with any exit code in that case. +my $harness = $TAP_Harness->new(\%tapargs); +my $ret = $harness->runtests(map { abs2rel($_, rel2abs(curdir())); } + sort keys %tests); + +# $ret->has_errors may be any number, not just 0 or 1. On VMS, numbers +# from 2 and on are used as is as VMS statuses, which has severity encoded +# in the lower 3 bits. 0 and 1, on the other hand, generate SUCCESS and +# FAILURE, so for currect reporting on all platforms, we make sure the only +# exit codes are 0 and 1. Double-bang is the trick to do so. +exit !!$ret->has_errors if (ref($ret) eq "TAP::Parser::Aggregator"); + +# If this isn't a TAP::Parser::Aggregator, it's the pre-TAP test harness, +# which simply dies at the end if any test failed, so we don't need to bother +# with any exit code in that case. + +sub find_matching_tests { + my ($glob) = @_; + + if ($glob =~ m|^[\d\[\]\?\-]+$|) { + return glob(catfile($recipesdir,"$glob-*.t")); + } + return glob(catfile($recipesdir,"*-$glob.t")); } diff --git a/deps/openssl/openssl/test/sanitytest.c b/deps/openssl/openssl/test/sanitytest.c index f1228f1494..204c01c244 100644 --- a/deps/openssl/openssl/test/sanitytest.c +++ b/deps/openssl/openssl/test/sanitytest.c @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,61 +7,97 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <string.h> -#include <internal/numbers.h> +#include "testutil.h" +#include "internal/numbers.h" - -#define TEST(e) \ - do { \ - if (!(e)) { \ - fprintf(stderr, "Failed " #e "\n"); \ - failures++; \ - } \ - } while (0) - - -enum smallchoices { sa, sb, sc }; -enum medchoices { ma, mb, mc, md, me, mf, mg, mh, mi, mj, mk, ml }; -enum largechoices { - a01, b01, c01, d01, e01, f01, g01, h01, i01, j01, - a02, b02, c02, d02, e02, f02, g02, h02, i02, j02, - a03, b03, c03, d03, e03, f03, g03, h03, i03, j03, - a04, b04, c04, d04, e04, f04, g04, h04, i04, j04, - a05, b05, c05, d05, e05, f05, g05, h05, i05, j05, - a06, b06, c06, d06, e06, f06, g06, h06, i06, j06, - a07, b07, c07, d07, e07, f07, g07, h07, i07, j07, - a08, b08, c08, d08, e08, f08, g08, h08, i08, j08, - a09, b09, c09, d09, e09, f09, g09, h09, i09, j09, - a10, b10, c10, d10, e10, f10, g10, h10, i10, j10, - xxx }; - -int main() +static int test_sanity_null_zero(void) { char *p; char bytes[sizeof(p)]; - int failures = 0; /* Is NULL equivalent to all-bytes-zero? */ p = NULL; memset(bytes, 0, sizeof(bytes)); - TEST(memcmp(&p, bytes, sizeof(bytes)) == 0); + return TEST_mem_eq(&p, sizeof(p), bytes, sizeof(bytes)); +} + +static int test_sanity_enum_size(void) +{ + enum smallchoices { sa, sb, sc }; + enum medchoices { ma, mb, mc, md, me, mf, mg, mh, mi, mj, mk, ml }; + enum largechoices { + a01, b01, c01, d01, e01, f01, g01, h01, i01, j01, + a02, b02, c02, d02, e02, f02, g02, h02, i02, j02, + a03, b03, c03, d03, e03, f03, g03, h03, i03, j03, + a04, b04, c04, d04, e04, f04, g04, h04, i04, j04, + a05, b05, c05, d05, e05, f05, g05, h05, i05, j05, + a06, b06, c06, d06, e06, f06, g06, h06, i06, j06, + a07, b07, c07, d07, e07, f07, g07, h07, i07, j07, + a08, b08, c08, d08, e08, f08, g08, h08, i08, j08, + a09, b09, c09, d09, e09, f09, g09, h09, i09, j09, + a10, b10, c10, d10, e10, f10, g10, h10, i10, j10, + xxx }; /* Enum size */ - TEST(sizeof(enum smallchoices) == sizeof(int)); - TEST(sizeof(enum medchoices) == sizeof(int)); - TEST(sizeof(enum largechoices) == sizeof(int)); + if (!TEST_size_t_eq(sizeof(enum smallchoices), sizeof(int)) + || !TEST_size_t_eq(sizeof(enum medchoices), sizeof(int)) + || !TEST_size_t_eq(sizeof(enum largechoices), sizeof(int))) + return 0; + return 1; +} + +static int test_sanity_twos_complement(void) +{ /* Basic two's complement checks. */ - TEST(~(-1) == 0); - TEST(~(-1L) == 0L); + if (!TEST_int_eq(~(-1), 0) + || !TEST_long_eq(~(-1L), 0L)) + return 0; + return 1; +} +static int test_sanity_sign(void) +{ /* Check that values with sign bit 1 and value bits 0 are valid */ - TEST(-(INT_MIN + 1) == INT_MAX); - TEST(-(LONG_MIN + 1) == LONG_MAX); + if (!TEST_int_eq(-(INT_MIN + 1), INT_MAX) + || !TEST_long_eq(-(LONG_MIN + 1), LONG_MAX)) + return 0; + return 1; +} +static int test_sanity_unsigned_conversion(void) +{ /* Check that unsigned-to-signed conversions preserve bit patterns */ - TEST((int)((unsigned int)INT_MAX + 1) == INT_MIN); - TEST((long)((unsigned long)LONG_MAX + 1) == LONG_MIN); + if (!TEST_int_eq((int)((unsigned int)INT_MAX + 1), INT_MIN) + || !TEST_long_eq((long)((unsigned long)LONG_MAX + 1), LONG_MIN)) + return 0; + return 1; +} - return failures; +static int test_sanity_range(void) +{ + /* This isn't possible to check using the framework functions */ + if (SIZE_MAX < INT_MAX) { + TEST_error("int must not be wider than size_t"); + return 0; + } + return 1; } + +static int test_sanity_memcmp(void) +{ + return CRYPTO_memcmp("ab","cd",2); +} + +int setup_tests(void) +{ + ADD_TEST(test_sanity_null_zero); + ADD_TEST(test_sanity_enum_size); + ADD_TEST(test_sanity_twos_complement); + ADD_TEST(test_sanity_sign); + ADD_TEST(test_sanity_unsigned_conversion); + ADD_TEST(test_sanity_range); + ADD_TEST(test_sanity_memcmp); + return 1; +} + diff --git a/deps/openssl/openssl/test/secmemtest.c b/deps/openssl/openssl/test/secmemtest.c index 36906f7854..42aeb5d0cf 100644 --- a/deps/openssl/openssl/test/secmemtest.c +++ b/deps/openssl/openssl/test/secmemtest.c @@ -7,169 +7,84 @@ * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <openssl/crypto.h> -#define perror_line() perror_line1(__LINE__) -#define perror_line1(l) perror_line2(l) -#define perror_line2(l) perror("failed " #l) +#include "testutil.h" +#include "../e_os.h" -int main(int argc, char **argv) +static int test_sec_mem(void) { -#if defined(OPENSSL_SYS_LINUX) || defined(OPENSSL_SYS_UNIX) +#ifdef OPENSSL_SECURE_MEMORY + int testresult = 0; char *p = NULL, *q = NULL, *r = NULL, *s = NULL; - int i; - const int size = 64; + + TEST_info("Secure memory is implemented."); s = OPENSSL_secure_malloc(20); /* s = non-secure 20 */ - if (s == NULL) { - perror_line(); - return 1; - } - if (CRYPTO_secure_allocated(s)) { - perror_line(); - return 1; - } + if (!TEST_ptr(s) + || !TEST_false(CRYPTO_secure_allocated(s))) + goto end; r = OPENSSL_secure_malloc(20); /* r = non-secure 20, s = non-secure 20 */ - if (r == NULL) { - perror_line(); - return 1; - } - if (!CRYPTO_secure_malloc_init(4096, 32)) { - perror_line(); - return 1; - } - if (CRYPTO_secure_allocated(r)) { - perror_line(); - return 1; - } + if (!TEST_ptr(r) + || !TEST_true(CRYPTO_secure_malloc_init(4096, 32)) + || !TEST_false(CRYPTO_secure_allocated(r))) + goto end; p = OPENSSL_secure_malloc(20); - /* r = non-secure 20, p = secure 20, s = non-secure 20 */ - if (!CRYPTO_secure_allocated(p)) { - perror_line(); - return 1; - } - /* 20 secure -> 32-byte minimum allocaton unit */ - if (CRYPTO_secure_used() != 32) { - perror_line(); - return 1; - } + if (!TEST_ptr(p) + /* r = non-secure 20, p = secure 20, s = non-secure 20 */ + || !TEST_true(CRYPTO_secure_allocated(p)) + /* 20 secure -> 32-byte minimum allocation unit */ + || !TEST_size_t_eq(CRYPTO_secure_used(), 32)) + goto end; q = OPENSSL_malloc(20); + if (!TEST_ptr(q)) + goto end; /* r = non-secure 20, p = secure 20, q = non-secure 20, s = non-secure 20 */ - if (CRYPTO_secure_allocated(q)) { - perror_line(); - return 1; - } + if (!TEST_false(CRYPTO_secure_allocated(q))) + goto end; OPENSSL_secure_clear_free(s, 20); s = OPENSSL_secure_malloc(20); - /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */ - if (!CRYPTO_secure_allocated(s)) { - perror_line(); - return 1; - } - /* 2 * 20 secure -> 64 bytes allocated */ - if (CRYPTO_secure_used() != 64) { - perror_line(); - return 1; - } + if (!TEST_ptr(s) + /* r = non-secure 20, p = secure 20, q = non-secure 20, s = secure 20 */ + || !TEST_true(CRYPTO_secure_allocated(s)) + /* 2 * 20 secure -> 64 bytes allocated */ + || !TEST_size_t_eq(CRYPTO_secure_used(), 64)) + goto end; OPENSSL_secure_clear_free(p, 20); + p = NULL; /* 20 secure -> 32 bytes allocated */ - if (CRYPTO_secure_used() != 32) { - perror_line(); - return 1; - } + if (!TEST_size_t_eq(CRYPTO_secure_used(), 32)) + goto end; OPENSSL_free(q); + q = NULL; /* should not complete, as secure memory is still allocated */ - if (CRYPTO_secure_malloc_done()) { - perror_line(); - return 1; - } - if (!CRYPTO_secure_malloc_initialized()) { - perror_line(); - return 1; - } + if (!TEST_false(CRYPTO_secure_malloc_done()) + || !TEST_true(CRYPTO_secure_malloc_initialized())) + goto end; OPENSSL_secure_free(s); + s = NULL; /* secure memory should now be 0, so done should complete */ - if (CRYPTO_secure_used() != 0) { - perror_line(); - return 1; - } - if (!CRYPTO_secure_malloc_done()) { - perror_line(); - return 1; - } - if (CRYPTO_secure_malloc_initialized()) { - perror_line(); - return 1; - } + if (!TEST_size_t_eq(CRYPTO_secure_used(), 0) + || !TEST_true(CRYPTO_secure_malloc_done()) + || !TEST_false(CRYPTO_secure_malloc_initialized())) + goto end; - fprintf(stderr, "Possible infinite loop: allocate more than available\n"); - if (!CRYPTO_secure_malloc_init(32768, 16)) { - perror_line(); - return 1; - } - if (OPENSSL_secure_malloc((size_t)-1) != NULL) { - perror_line(); - return 1; - } - if (!CRYPTO_secure_malloc_done()) { - perror_line(); - return 1; - } + TEST_info("Possible infinite loop: allocate more than available"); + if (!TEST_true(CRYPTO_secure_malloc_init(32768, 16))) + goto end; + TEST_ptr_null(OPENSSL_secure_malloc((size_t)-1)); + TEST_true(CRYPTO_secure_malloc_done()); /* * If init fails, then initialized should be false, if not, this * could cause an infinite loop secure_malloc, but we don't test it */ - if (!CRYPTO_secure_malloc_init(16, 16) && - CRYPTO_secure_malloc_initialized()) { - CRYPTO_secure_malloc_done(); - perror_line(); - return 1; - } - - if (!CRYPTO_secure_malloc_init(32768, 16)) { - perror_line(); - return 1; - } - - /* - * Verify that secure memory gets zeroed properly. - */ - if ((p = OPENSSL_secure_malloc(size)) == NULL) { - perror_line(); - return 1; - } - for (i = 0; i < size; i++) - if (p[i] != 0) { - perror_line(); - fprintf(stderr, "iteration %d\n", i); - return 1; - } - - for (i = 0; i < size; i++) - p[i] = (unsigned char)(i + ' ' + 1); - OPENSSL_secure_free(p); - - /* - * A deliberate use after free here to verify that the memory has been - * cleared properly. Since secure free doesn't return the memory to - * libc's memory pool, it technically isn't freed. However, the header - * bytes have to be skipped and these consist of two pointers in the - * current implementation. - */ - for (i = sizeof(void *) * 2; i < size; i++) - if (p[i] != 0) { - perror_line(); - fprintf(stderr, "iteration %d\n", i); - return 1; - } - - if (!CRYPTO_secure_malloc_done()) { - perror_line(); - return 1; + if (TEST_false(CRYPTO_secure_malloc_init(16, 16)) && + !TEST_false(CRYPTO_secure_malloc_initialized())) { + TEST_true(CRYPTO_secure_malloc_done()); + goto end; } /*- @@ -197,24 +112,72 @@ int main(int argc, char **argv) * limited by virtual space alone... */ if (sizeof(size_t) > 4) { - fprintf(stderr, "Possible infinite loop: 1<<31 limit\n"); - if (CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) == 0) { - perror_line(); - } else if (!CRYPTO_secure_malloc_done()) { - perror_line(); - return 1; - } + TEST_info("Possible infinite loop: 1<<31 limit"); + if (TEST_true(CRYPTO_secure_malloc_init((size_t)1<<34, (size_t)1<<4) != 0)) + TEST_true(CRYPTO_secure_malloc_done()); } # endif /* this can complete - it was not really secure */ + testresult = 1; + end: + OPENSSL_secure_free(p); + OPENSSL_free(q); OPENSSL_secure_free(r); + OPENSSL_secure_free(s); + return testresult; #else + TEST_info("Secure memory is *not* implemented."); /* Should fail. */ - if (CRYPTO_secure_malloc_init(4096, 32)) { - perror_line(); - return 1; - } + return TEST_false(CRYPTO_secure_malloc_init(4096, 32)); #endif - return 0; +} + +static int test_sec_mem_clear(void) +{ +#ifdef OPENSSL_SECURE_MEMORY + const int size = 64; + unsigned char *p = NULL; + int i, res = 0; + + if (!TEST_true(CRYPTO_secure_malloc_init(4096, 32)) + || !TEST_ptr(p = OPENSSL_secure_malloc(size))) + goto err; + + for (i = 0; i < size; i++) + if (!TEST_uchar_eq(p[i], 0)) + goto err; + + for (i = 0; i < size; i++) + p[i] = (unsigned char)(i + ' ' + 1); + + OPENSSL_secure_free(p); + + /* + * A deliberate use after free here to verify that the memory has been + * cleared properly. Since secure free doesn't return the memory to + * libc's memory pool, it technically isn't freed. However, the header + * bytes have to be skipped and these consist of two pointers in the + * current implementation. + */ + for (i = sizeof(void *) * 2; i < size; i++) + if (!TEST_uchar_eq(p[i], 0)) + return 0; + + res = 1; + p = NULL; +err: + OPENSSL_secure_free(p); + CRYPTO_secure_malloc_done(); + return res; +#else + return 1; +#endif +} + +int setup_tests(void) +{ + ADD_TEST(test_sec_mem); + ADD_TEST(test_sec_mem_clear); + return 1; } diff --git a/deps/openssl/openssl/test/serverinfo2.pem b/deps/openssl/openssl/test/serverinfo2.pem new file mode 100644 index 0000000000..792d5c0313 --- /dev/null +++ b/deps/openssl/openssl/test/serverinfo2.pem @@ -0,0 +1,8 @@ +-----BEGIN SERVERINFOV2 FOR CT----- +AAARgAASAPIA8AB2AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3LAAAB +Wxp+yVkAAAQDAEcwRQIhAMhZ7Se2olZ35Mqze2NlDsW35ttyIrRuHyi6F0KlzsSp +AiBDT8YLjNCUByVrD9jhoRbUy+t38fx9WbOWgRVxZ5xk2wB2AN3rHSt6DU+mIIuB +rYFocH4ujp0B1VyIjT0RxM227L7MAAABWxp+x80AAAQDAEcwRQIgEz/5SC+JA5Ko +0ivxGYf5XBCqjfcIrp2BpCVxyYA2ys0CIQC1kcCeihwwbiVFTjR8UecLaCd1l1ix +nopZ9ljhG018+g== +-----END SERVERINFOV2 FOR CT----- diff --git a/deps/openssl/openssl/test/session.pem b/deps/openssl/openssl/test/session.pem new file mode 100644 index 0000000000..ea0b0bcec2 --- /dev/null +++ b/deps/openssl/openssl/test/session.pem @@ -0,0 +1,31 @@ +-----BEGIN SSL SESSION PARAMETERS----- +MIIFSgIBAQICAwQEAhMCBCAUv8MKab5ruWM6I8xtEH++u+bb2B1OznYnDrRcpLll +6AQwzwJoGXOQ3uCa7bCy07owBiH4Bf13MiDtwaHSnNTEyfLEZBy3SgCE06wa5TJk +Fx8aoQYCBFsWdRqiBAICHCCjggPrMIID5zCCAs+gAwIBAgIJALnu1NlVpZ6zMA0G +CSqGSIb3DQEBBQUAMHAxCzAJBgNVBAYTAlVLMRYwFAYDVQQKDA1PcGVuU1NMIEdy +b3VwMSIwIAYDVQQLDBlGT1IgVEVTVElORyBQVVJQT1NFUyBPTkxZMSUwIwYDVQQD +DBxPcGVuU1NMIFRlc3QgSW50ZXJtZWRpYXRlIENBMB4XDTExMTIwODE0MDE0OFoX +DTIxMTAxNjE0MDE0OFowZDELMAkGA1UEBhMCVUsxFjAUBgNVBAoMDU9wZW5TU0wg +R3JvdXAxIjAgBgNVBAsMGUZPUiBURVNUSU5HIFBVUlBPU0VTIE9OTFkxGTAXBgNV +BAMMEFRlc3QgU2VydmVyIENlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQDzhPOSNtyyRspmeuUpxfNJKCLTuf7g3uQ4zu4iHOmRO5TQci+HhVlLZrHF +9XqFXcIP0y4pWDbMSGuiorUmzmfiR7bfSdI/+qIQt8KXRH6HNG1t8ou0VSvWId5T +S5Dq/er5ODUr9OaaDva7EquHIcMvvPQGuI+OEAcnleVCy9HVEIySrO4P3CNIicnG +kwwiAud05yUAq/gPXBC1hTtmlPD7TVcGVSEiJdvzqqlgv02qedGrkki6GY4S7GjZ +xrrf7Foc2EP+51LJzwLQx3/JfrCU41NEWAsu/Sl0tQabXESN+zJ1pDqoZ3uHMgpQ +jeGiE0olr+YcsSW/tJmiU9OiAr8RAgMBAAGjgY8wgYwwDAYDVR0TAQH/BAIwADAO +BgNVHQ8BAf8EBAMCBeAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVk +IENlcnRpZmljYXRlMB0GA1UdDgQWBBSCvM8AABPR9zklmifnr9LvIBturDAfBgNV +HSMEGDAWgBQ2w2yI55X+sL3szj49hqshgYfa2jANBgkqhkiG9w0BAQUFAAOCAQEA +qb1NV0B0/pbpK9Z4/bNjzPQLTRLKWnSNm/Jh5v0GEUOE/Beg7GNjNrmeNmqxAlpq +Wz9qoeoFZax+QBpIZYjROU3TS3fpyLsrnlr0CDQ5R7kCCDGa8dkXxemmpZZLbUCp +W2Uoy8sAA4JjN9OtsZY7dvUXFgJ7vVNTRnI01ghknbtD+2SxSQd3CWF6QhcRMAzZ +J1z1cbbwGDDzfvGFPzJ+Sq+zEPdsxoVLLSetCiBc+40ZcDS5dV98h9XD7JMTQfxz +A7mNGv73JoZJA6nFgj+ADSlJsY/tJBv+z1iQRueoh9Qeee+ZbRifPouCB8FDx+Al +tvHTANdAq0t/K3o+pplMVKQCBAClAwIBFakEAgIcIKqB0wSB0EMQ5938LY/ASVsV +0kStjTVOps9p3VT071bTjD3RR211+gLzBwGCk8gWNH1glJXjLAenh9E2ivDK1tYQ +3ODRdB3V46t9E78r0uAmSG/WMJ9OvkFlXyIhseYwvWW0P1cAYPI/j3Evgcyu9GIs +HSDVEKbBy9CJYCkW/SrT+2A3ouqp+wSW0XgDLFFB+mBte2Hg7wv2uILrYZ4Y0fNe +CUcTq8B+0EFEiq7p0KRGXwpSKYxNw7qZgg/Us3W85BYMnzYjfDzN0KHf+BI28VRT +Rjxuud2uBwIFANHVD/k= +-----END SSL SESSION PARAMETERS----- diff --git a/deps/openssl/openssl/test/sha1test.c b/deps/openssl/openssl/test/sha1test.c deleted file mode 100644 index 80ab122784..0000000000 --- a/deps/openssl/openssl/test/sha1test.c +++ /dev/null @@ -1,111 +0,0 @@ -/* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include "../e_os.h" -#include <openssl/evp.h> -#include <openssl/sha.h> - -#ifdef CHARSET_EBCDIC -# include <openssl/ebcdic.h> -#endif - -static char test[][80] = { - { "abc" }, - { "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" } -}; - -static char *ret[] = { - "a9993e364706816aba3e25717850c26c9cd0d89d", - "84983e441c3bd26ebaae4aa1f95129e5e54670f1", -}; - -static char *bigret = "34aa973cd4c4daa4f61eeb2bdbad27316534016f"; - -static char *pt(unsigned char *md); -int main(int argc, char *argv[]) -{ - unsigned int i; - int err = 0; - char **R; - static unsigned char buf[1000]; - char *p, *r; - EVP_MD_CTX *c; - unsigned char md[SHA_DIGEST_LENGTH]; - - c = EVP_MD_CTX_new(); - R = ret; - for (i = 0; i < OSSL_NELEM(test); i++) { -# ifdef CHARSET_EBCDIC - ebcdic2ascii(test[i], test[i], strlen(test[i])); -# endif - if (!EVP_Digest(test[i], strlen(test[i]), md, NULL, EVP_sha1(), - NULL)) { - printf("EVP_Digest() error\n"); - err++; - goto err; - } - p = pt(md); - if (strcmp(p, (char *)*R) != 0) { - printf("error calculating SHA1 on '%s'\n", test[i]); - printf("got %s instead of %s\n", p, *R); - err++; - } else - printf("test %d ok\n", i + 1); - R++; - } - - memset(buf, 'a', 1000); -#ifdef CHARSET_EBCDIC - ebcdic2ascii(buf, buf, 1000); -#endif /* CHARSET_EBCDIC */ - if (!EVP_DigestInit_ex(c, EVP_sha1(), NULL)) { - printf("EVP_DigestInit_ex() error\n"); - err++; - goto err; - } - for (i = 0; i < 1000; i++) { - if (!EVP_DigestUpdate(c, buf, 1000)) { - printf("EVP_DigestUpdate() error\n"); - err++; - goto err; - } - } - if (!EVP_DigestFinal_ex(c, md, NULL)) { - printf("EVP_DigestFinal() error\n"); - err++; - goto err; - } - p = pt(md); - - r = bigret; - if (strcmp(p, r) != 0) { - printf("error calculating SHA1 on 'a' * 1000\n"); - printf("got %s instead of %s\n", p, r); - err++; - } else - printf("test 3 ok\n"); - err: - EVP_MD_CTX_free(c); - EXIT(err); - return (0); -} - -static char *pt(unsigned char *md) -{ - int i; - static char buf[80]; - - for (i = 0; i < SHA_DIGEST_LENGTH; i++) - sprintf(&(buf[i * 2]), "%02x", md[i]); - return (buf); -} diff --git a/deps/openssl/openssl/test/sha256t.c b/deps/openssl/openssl/test/sha256t.c deleted file mode 100644 index 90262d9624..0000000000 --- a/deps/openssl/openssl/test/sha256t.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include <openssl/sha.h> -#include <openssl/evp.h> - -static const unsigned char app_b1[SHA256_DIGEST_LENGTH] = { - 0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, - 0x41, 0x41, 0x40, 0xde, 0x5d, 0xae, 0x22, 0x23, - 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, - 0xb4, 0x10, 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad -}; - -static const unsigned char app_b2[SHA256_DIGEST_LENGTH] = { - 0x24, 0x8d, 0x6a, 0x61, 0xd2, 0x06, 0x38, 0xb8, - 0xe5, 0xc0, 0x26, 0x93, 0x0c, 0x3e, 0x60, 0x39, - 0xa3, 0x3c, 0xe4, 0x59, 0x64, 0xff, 0x21, 0x67, - 0xf6, 0xec, 0xed, 0xd4, 0x19, 0xdb, 0x06, 0xc1 -}; - -static const unsigned char app_b3[SHA256_DIGEST_LENGTH] = { - 0xcd, 0xc7, 0x6e, 0x5c, 0x99, 0x14, 0xfb, 0x92, - 0x81, 0xa1, 0xc7, 0xe2, 0x84, 0xd7, 0x3e, 0x67, - 0xf1, 0x80, 0x9a, 0x48, 0xa4, 0x97, 0x20, 0x0e, - 0x04, 0x6d, 0x39, 0xcc, 0xc7, 0x11, 0x2c, 0xd0 -}; - -static const unsigned char addenum_1[SHA224_DIGEST_LENGTH] = { - 0x23, 0x09, 0x7d, 0x22, 0x34, 0x05, 0xd8, 0x22, - 0x86, 0x42, 0xa4, 0x77, 0xbd, 0xa2, 0x55, 0xb3, - 0x2a, 0xad, 0xbc, 0xe4, 0xbd, 0xa0, 0xb3, 0xf7, - 0xe3, 0x6c, 0x9d, 0xa7 -}; - -static const unsigned char addenum_2[SHA224_DIGEST_LENGTH] = { - 0x75, 0x38, 0x8b, 0x16, 0x51, 0x27, 0x76, 0xcc, - 0x5d, 0xba, 0x5d, 0xa1, 0xfd, 0x89, 0x01, 0x50, - 0xb0, 0xc6, 0x45, 0x5c, 0xb4, 0xf5, 0x8b, 0x19, - 0x52, 0x52, 0x25, 0x25 -}; - -static const unsigned char addenum_3[SHA224_DIGEST_LENGTH] = { - 0x20, 0x79, 0x46, 0x55, 0x98, 0x0c, 0x91, 0xd8, - 0xbb, 0xb4, 0xc1, 0xea, 0x97, 0x61, 0x8a, 0x4b, - 0xf0, 0x3f, 0x42, 0x58, 0x19, 0x48, 0xb2, 0xee, - 0x4e, 0xe7, 0xad, 0x67 -}; - -int main(int argc, char **argv) -{ - unsigned char md[SHA256_DIGEST_LENGTH]; - int i; - EVP_MD_CTX *evp; - - fprintf(stdout, "Testing SHA-256 "); - - if (!EVP_Digest("abc", 3, md, NULL, EVP_sha256(), NULL)) - goto err; - if (memcmp(md, app_b1, sizeof(app_b1))) { - fflush(stdout); - fprintf(stderr, "\nTEST 1 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - if (!EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk" - "ijkljklm" "klmnlmno" "mnopnopq", 56, md, - NULL, EVP_sha256(), NULL)) - goto err; - if (memcmp(md, app_b2, sizeof(app_b2))) { - fflush(stdout); - fprintf(stderr, "\nTEST 2 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - evp = EVP_MD_CTX_new(); - if (evp == NULL) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n"); - return 1; - } - if (!EVP_DigestInit_ex(evp, EVP_sha256(), NULL)) - goto err; - for (i = 0; i < 1000000; i += 288) { - if (!EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", - (1000000 - i) < 288 ? 1000000 - i : 288)) - goto err; - } - if (!EVP_DigestFinal_ex(evp, md, NULL)) - goto err; - - if (memcmp(md, app_b3, sizeof(app_b3))) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - fprintf(stdout, " passed.\n"); - fflush(stdout); - - fprintf(stdout, "Testing SHA-224 "); - - if (!EVP_Digest("abc", 3, md, NULL, EVP_sha224(), NULL)) - goto err; - if (memcmp(md, addenum_1, sizeof(addenum_1))) { - fflush(stdout); - fprintf(stderr, "\nTEST 1 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - if (!EVP_Digest("abcdbcde" "cdefdefg" "efghfghi" "ghijhijk" - "ijkljklm" "klmnlmno" "mnopnopq", 56, md, - NULL, EVP_sha224(), NULL)) - goto err; - if (memcmp(md, addenum_2, sizeof(addenum_2))) { - fflush(stdout); - fprintf(stderr, "\nTEST 2 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - EVP_MD_CTX_reset(evp); - if (!EVP_DigestInit_ex(evp, EVP_sha224(), NULL)) - goto err; - for (i = 0; i < 1000000; i += 64) { - if (!EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", - (1000000 - i) < 64 ? 1000000 - i : 64)) - goto err; - } - if (!EVP_DigestFinal_ex(evp, md, NULL)) - goto err; - EVP_MD_CTX_free(evp); - - if (memcmp(md, addenum_3, sizeof(addenum_3))) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - fprintf(stdout, " passed.\n"); - fflush(stdout); - - return 0; - - err: - fprintf(stderr, "Fatal EVP error!\n"); - return 1; -} diff --git a/deps/openssl/openssl/test/sha512t.c b/deps/openssl/openssl/test/sha512t.c deleted file mode 100644 index 18cdf39736..0000000000 --- a/deps/openssl/openssl/test/sha512t.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include <openssl/sha.h> -#include <openssl/evp.h> -#include <openssl/crypto.h> - -static const unsigned char app_c1[SHA512_DIGEST_LENGTH] = { - 0xdd, 0xaf, 0x35, 0xa1, 0x93, 0x61, 0x7a, 0xba, - 0xcc, 0x41, 0x73, 0x49, 0xae, 0x20, 0x41, 0x31, - 0x12, 0xe6, 0xfa, 0x4e, 0x89, 0xa9, 0x7e, 0xa2, - 0x0a, 0x9e, 0xee, 0xe6, 0x4b, 0x55, 0xd3, 0x9a, - 0x21, 0x92, 0x99, 0x2a, 0x27, 0x4f, 0xc1, 0xa8, - 0x36, 0xba, 0x3c, 0x23, 0xa3, 0xfe, 0xeb, 0xbd, - 0x45, 0x4d, 0x44, 0x23, 0x64, 0x3c, 0xe8, 0x0e, - 0x2a, 0x9a, 0xc9, 0x4f, 0xa5, 0x4c, 0xa4, 0x9f -}; - -static const unsigned char app_c2[SHA512_DIGEST_LENGTH] = { - 0x8e, 0x95, 0x9b, 0x75, 0xda, 0xe3, 0x13, 0xda, - 0x8c, 0xf4, 0xf7, 0x28, 0x14, 0xfc, 0x14, 0x3f, - 0x8f, 0x77, 0x79, 0xc6, 0xeb, 0x9f, 0x7f, 0xa1, - 0x72, 0x99, 0xae, 0xad, 0xb6, 0x88, 0x90, 0x18, - 0x50, 0x1d, 0x28, 0x9e, 0x49, 0x00, 0xf7, 0xe4, - 0x33, 0x1b, 0x99, 0xde, 0xc4, 0xb5, 0x43, 0x3a, - 0xc7, 0xd3, 0x29, 0xee, 0xb6, 0xdd, 0x26, 0x54, - 0x5e, 0x96, 0xe5, 0x5b, 0x87, 0x4b, 0xe9, 0x09 -}; - -static const unsigned char app_c3[SHA512_DIGEST_LENGTH] = { - 0xe7, 0x18, 0x48, 0x3d, 0x0c, 0xe7, 0x69, 0x64, - 0x4e, 0x2e, 0x42, 0xc7, 0xbc, 0x15, 0xb4, 0x63, - 0x8e, 0x1f, 0x98, 0xb1, 0x3b, 0x20, 0x44, 0x28, - 0x56, 0x32, 0xa8, 0x03, 0xaf, 0xa9, 0x73, 0xeb, - 0xde, 0x0f, 0xf2, 0x44, 0x87, 0x7e, 0xa6, 0x0a, - 0x4c, 0xb0, 0x43, 0x2c, 0xe5, 0x77, 0xc3, 0x1b, - 0xeb, 0x00, 0x9c, 0x5c, 0x2c, 0x49, 0xaa, 0x2e, - 0x4e, 0xad, 0xb2, 0x17, 0xad, 0x8c, 0xc0, 0x9b -}; - -static const unsigned char app_d1[SHA384_DIGEST_LENGTH] = { - 0xcb, 0x00, 0x75, 0x3f, 0x45, 0xa3, 0x5e, 0x8b, - 0xb5, 0xa0, 0x3d, 0x69, 0x9a, 0xc6, 0x50, 0x07, - 0x27, 0x2c, 0x32, 0xab, 0x0e, 0xde, 0xd1, 0x63, - 0x1a, 0x8b, 0x60, 0x5a, 0x43, 0xff, 0x5b, 0xed, - 0x80, 0x86, 0x07, 0x2b, 0xa1, 0xe7, 0xcc, 0x23, - 0x58, 0xba, 0xec, 0xa1, 0x34, 0xc8, 0x25, 0xa7 -}; - -static const unsigned char app_d2[SHA384_DIGEST_LENGTH] = { - 0x09, 0x33, 0x0c, 0x33, 0xf7, 0x11, 0x47, 0xe8, - 0x3d, 0x19, 0x2f, 0xc7, 0x82, 0xcd, 0x1b, 0x47, - 0x53, 0x11, 0x1b, 0x17, 0x3b, 0x3b, 0x05, 0xd2, - 0x2f, 0xa0, 0x80, 0x86, 0xe3, 0xb0, 0xf7, 0x12, - 0xfc, 0xc7, 0xc7, 0x1a, 0x55, 0x7e, 0x2d, 0xb9, - 0x66, 0xc3, 0xe9, 0xfa, 0x91, 0x74, 0x60, 0x39 -}; - -static const unsigned char app_d3[SHA384_DIGEST_LENGTH] = { - 0x9d, 0x0e, 0x18, 0x09, 0x71, 0x64, 0x74, 0xcb, - 0x08, 0x6e, 0x83, 0x4e, 0x31, 0x0a, 0x4a, 0x1c, - 0xed, 0x14, 0x9e, 0x9c, 0x00, 0xf2, 0x48, 0x52, - 0x79, 0x72, 0xce, 0xc5, 0x70, 0x4c, 0x2a, 0x5b, - 0x07, 0xb8, 0xb3, 0xdc, 0x38, 0xec, 0xc4, 0xeb, - 0xae, 0x97, 0xdd, 0xd8, 0x7f, 0x3d, 0x89, 0x85 -}; - -int main(int argc, char **argv) -{ - unsigned char md[SHA512_DIGEST_LENGTH]; - int i; - EVP_MD_CTX *evp; - - fprintf(stdout, "Testing SHA-512 "); - - if (!EVP_Digest("abc", 3, md, NULL, EVP_sha512(), NULL)) - goto err; - if (memcmp(md, app_c1, sizeof(app_c1))) { - fflush(stdout); - fprintf(stderr, "\nTEST 1 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - if (!EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk" - "efghijkl" "fghijklm" "ghijklmn" "hijklmno" - "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs" - "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha512(), NULL)) - goto err; - if (memcmp(md, app_c2, sizeof(app_c2))) { - fflush(stdout); - fprintf(stderr, "\nTEST 2 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - evp = EVP_MD_CTX_new(); - if (evp == NULL) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 3 failed. (malloc failure)\n"); - return 1; - } - if (!EVP_DigestInit_ex(evp, EVP_sha512(), NULL)) - goto err; - for (i = 0; i < 1000000; i += 288) { - if (!EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", - (1000000 - i) < 288 ? 1000000 - i : 288)) - goto err; - } - if (!EVP_DigestFinal_ex(evp, md, NULL)) - goto err; - EVP_MD_CTX_reset(evp); - - if (memcmp(md, app_c3, sizeof(app_c3))) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - fprintf(stdout, " passed.\n"); - fflush(stdout); - - fprintf(stdout, "Testing SHA-384 "); - - if (!EVP_Digest("abc", 3, md, NULL, EVP_sha384(), NULL)) - goto err; - if (memcmp(md, app_d1, sizeof(app_d1))) { - fflush(stdout); - fprintf(stderr, "\nTEST 1 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - if (!EVP_Digest("abcdefgh" "bcdefghi" "cdefghij" "defghijk" - "efghijkl" "fghijklm" "ghijklmn" "hijklmno" - "ijklmnop" "jklmnopq" "klmnopqr" "lmnopqrs" - "mnopqrst" "nopqrstu", 112, md, NULL, EVP_sha384(), NULL)) - goto err; - if (memcmp(md, app_d2, sizeof(app_d2))) { - fflush(stdout); - fprintf(stderr, "\nTEST 2 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - if (!EVP_DigestInit_ex(evp, EVP_sha384(), NULL)) - goto err; - for (i = 0; i < 1000000; i += 64) { - if (!EVP_DigestUpdate(evp, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", - (1000000 - i) < 64 ? 1000000 - i : 64)) - goto err; - } - if (!EVP_DigestFinal_ex(evp, md, NULL)) - goto err; - EVP_MD_CTX_free(evp); - - if (memcmp(md, app_d3, sizeof(app_d3))) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 3 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - fprintf(stdout, " passed.\n"); - fflush(stdout); - - return 0; - - err: - fflush(stdout); - fprintf(stderr, "\nFatal EVP error!\n"); - return 1; -} diff --git a/deps/openssl/openssl/test/shlibloadtest.c b/deps/openssl/openssl/test/shlibloadtest.c index d584413ac9..53714aa125 100644 --- a/deps/openssl/openssl/test/shlibloadtest.c +++ b/deps/openssl/openssl/test/shlibloadtest.c @@ -11,205 +11,151 @@ #include <string.h> #include <stdlib.h> #include <openssl/opensslv.h> +#include <openssl/ssl.h> +#include <openssl/ossl_typ.h> +#include "internal/dso_conf.h" +#include "testutil.h" -/* The test is only currently implemented for DSO_DLFCN and DSO_WIN32 */ -#if defined(DSO_DLFCN) || defined(DSO_WIN32) - -#define SSL_CTX_NEW "SSL_CTX_new" -#define SSL_CTX_FREE "SSL_CTX_free" -#define TLS_METHOD "TLS_method" - -#define ERR_GET_ERROR "ERR_get_error" -#define OPENSSL_VERSION_NUM_FUNC "OpenSSL_version_num" +typedef void DSO; -typedef struct ssl_ctx_st SSL_CTX; -typedef struct ssl_method_st SSL_METHOD; typedef const SSL_METHOD * (*TLS_method_t)(void); typedef SSL_CTX * (*SSL_CTX_new_t)(const SSL_METHOD *meth); typedef void (*SSL_CTX_free_t)(SSL_CTX *); - typedef unsigned long (*ERR_get_error_t)(void); typedef unsigned long (*OpenSSL_version_num_t)(void); +typedef DSO * (*DSO_dsobyaddr_t)(void (*addr)(void), int flags); +typedef int (*DSO_free_t)(DSO *dso); -static TLS_method_t TLS_method; -static SSL_CTX_new_t SSL_CTX_new; -static SSL_CTX_free_t SSL_CTX_free; +typedef enum test_types_en { + CRYPTO_FIRST, + SSL_FIRST, + JUST_CRYPTO, + DSO_REFTEST +} TEST_TYPE; -static ERR_get_error_t ERR_get_error; -static OpenSSL_version_num_t OpenSSL_version_num; +static TEST_TYPE test_type; +static const char *path_crypto; +static const char *path_ssl; #ifdef DSO_DLFCN -# define DSO_DSOBYADDR "DSO_dsobyaddr" -# define DSO_FREE "DSO_free" - -typedef void DSO; -typedef DSO * (*DSO_dsobyaddr_t)(void (*addr)(void), int flags); -typedef int (*DSO_free_t)(DSO *dso); - -static DSO_dsobyaddr_t DSO_dsobyaddr; -static DSO_free_t DSO_free; - # include <dlfcn.h> -typedef void * SHLIB; -typedef void * SHLIB_SYM; # define SHLIB_INIT NULL +typedef void *SHLIB; +typedef void *SHLIB_SYM; + static int shlib_load(const char *filename, SHLIB *lib) { - *lib = dlopen(filename, RTLD_GLOBAL | RTLD_LAZY); - - if (*lib == NULL) - return 0; - - return 1; + int dl_flags = (RTLD_GLOBAL|RTLD_LAZY); +#ifdef _AIX + if (filename[strlen(filename) - 1] == ')') + dl_flags |= RTLD_MEMBER; +#endif + *lib = dlopen(filename, dl_flags); + return *lib == NULL ? 0 : 1; } static int shlib_sym(SHLIB lib, const char *symname, SHLIB_SYM *sym) { *sym = dlsym(lib, symname); - return *sym != NULL; } static int shlib_close(SHLIB lib) { - if (dlclose(lib) != 0) - return 0; - - return 1; + return dlclose(lib) != 0 ? 0 : 1; } +#endif -#elif defined(DSO_WIN32) +#ifdef DSO_WIN32 # include <windows.h> -typedef HINSTANCE SHLIB; -typedef void * SHLIB_SYM; # define SHLIB_INIT 0 +typedef HINSTANCE SHLIB; +typedef void *SHLIB_SYM; + static int shlib_load(const char *filename, SHLIB *lib) { *lib = LoadLibraryA(filename); - if (*lib == NULL) - return 0; - - return 1; + return *lib == NULL ? 0 : 1; } static int shlib_sym(SHLIB lib, const char *symname, SHLIB_SYM *sym) { *sym = (SHLIB_SYM)GetProcAddress(lib, symname); - return *sym != NULL; } static int shlib_close(SHLIB lib) { - if (FreeLibrary(lib) == 0) - return 0; - - return 1; + return FreeLibrary(lib) == 0 ? 0 : 1; } - #endif -# define CRYPTO_FIRST_OPT "-crypto_first" -# define SSL_FIRST_OPT "-ssl_first" -# define JUST_CRYPTO_OPT "-just_crypto" -# define DSO_REFTEST_OPT "-dso_ref" -enum test_types_en { - CRYPTO_FIRST, - SSL_FIRST, - JUST_CRYPTO, - DSO_REFTEST -}; +#if defined(DSO_DLFCN) || defined(DSO_WIN32) -int main(int argc, char **argv) +static int test_lib(void) { - SHLIB ssllib = SHLIB_INIT, cryptolib = SHLIB_INIT; + SHLIB ssllib = SHLIB_INIT; + SHLIB cryptolib = SHLIB_INIT; SSL_CTX *ctx; union { - void (*func) (void); + void (*func)(void); SHLIB_SYM sym; - } tls_method_sym, ssl_ctx_new_sym, ssl_ctx_free_sym, err_get_error_sym, - openssl_version_num_sym, dso_dsobyaddr_sym, dso_free_sym; - enum test_types_en test_type; - int i; - - if (argc != 4) { - printf("Unexpected number of arguments\n"); - return 1; - } - - if (strcmp(argv[1], CRYPTO_FIRST_OPT) == 0) { - test_type = CRYPTO_FIRST; - } else if (strcmp(argv[1], SSL_FIRST_OPT) == 0) { - test_type = SSL_FIRST; - } else if (strcmp(argv[1], JUST_CRYPTO_OPT) == 0) { - test_type = JUST_CRYPTO; - } else if (strcmp(argv[1], DSO_REFTEST_OPT) == 0) { - test_type = DSO_REFTEST; - } else { - printf("Unrecognised argument\n"); - return 1; - } - - for (i = 0; i < 2; i++) { - if ((i == 0 && (test_type == CRYPTO_FIRST - || test_type == JUST_CRYPTO - || test_type == DSO_REFTEST)) - || (i == 1 && test_type == SSL_FIRST)) { - if (!shlib_load(argv[2], &cryptolib)) { - printf("Unable to load libcrypto\n"); - return 1; - } - } - if ((i == 0 && test_type == SSL_FIRST) - || (i == 1 && test_type == CRYPTO_FIRST)) { - if (!shlib_load(argv[3], &ssllib)) { - printf("Unable to load libssl\n"); - return 1; - } - } + } symbols[3]; + TLS_method_t myTLS_method; + SSL_CTX_new_t mySSL_CTX_new; + SSL_CTX_free_t mySSL_CTX_free; + ERR_get_error_t myERR_get_error; + OpenSSL_version_num_t myOpenSSL_version_num; + int result = 0; + + switch (test_type) { + case JUST_CRYPTO: + if (!TEST_true(shlib_load(path_crypto, &cryptolib))) + goto end; + break; + case CRYPTO_FIRST: + if (!TEST_true(shlib_load(path_crypto, &cryptolib)) + || !TEST_true(shlib_load(path_ssl, &ssllib))) + goto end; + break; + case SSL_FIRST: + if (!TEST_true(shlib_load(path_ssl, &ssllib)) + || !TEST_true(shlib_load(path_crypto, &cryptolib))) + goto end; + break; + case DSO_REFTEST: + if (!TEST_true(shlib_load(path_crypto, &cryptolib))) + goto end; + break; } if (test_type != JUST_CRYPTO && test_type != DSO_REFTEST) { - if (!shlib_sym(ssllib, TLS_METHOD, &tls_method_sym.sym) - || !shlib_sym(ssllib, SSL_CTX_NEW, &ssl_ctx_new_sym.sym) - || !shlib_sym(ssllib, SSL_CTX_FREE, &ssl_ctx_free_sym.sym)) { - printf("Unable to load ssl symbols\n"); - return 1; - } - - TLS_method = (TLS_method_t)tls_method_sym.func; - SSL_CTX_new = (SSL_CTX_new_t)ssl_ctx_new_sym.func; - SSL_CTX_free = (SSL_CTX_free_t)ssl_ctx_free_sym.func; - - ctx = SSL_CTX_new(TLS_method()); - if (ctx == NULL) { - printf("Unable to create SSL_CTX\n"); - return 1; - } - SSL_CTX_free(ctx); + if (!TEST_true(shlib_sym(ssllib, "TLS_method", &symbols[0].sym)) + || !TEST_true(shlib_sym(ssllib, "SSL_CTX_new", &symbols[1].sym)) + || !TEST_true(shlib_sym(ssllib, "SSL_CTX_free", &symbols[2].sym))) + goto end; + myTLS_method = (TLS_method_t)symbols[0].func; + mySSL_CTX_new = (SSL_CTX_new_t)symbols[1].func; + mySSL_CTX_free = (SSL_CTX_free_t)symbols[2].func; + if (!TEST_ptr(ctx = mySSL_CTX_new(myTLS_method()))) + goto end; + mySSL_CTX_free(ctx); } - if (!shlib_sym(cryptolib, ERR_GET_ERROR, &err_get_error_sym.sym) - || !shlib_sym(cryptolib, OPENSSL_VERSION_NUM_FUNC, - &openssl_version_num_sym.sym)) { - printf("Unable to load crypto symbols\n"); - return 1; - } - - ERR_get_error = (ERR_get_error_t)err_get_error_sym.func; - OpenSSL_version_num = (OpenSSL_version_num_t)openssl_version_num_sym.func; - - if (ERR_get_error() != 0) { - printf("Unexpected error in error queue\n"); - return 1; - } + if (!TEST_true(shlib_sym(cryptolib, "ERR_get_error", &symbols[0].sym)) + || !TEST_true(shlib_sym(cryptolib, "OpenSSL_version_num", + &symbols[1].sym))) + goto end; + myERR_get_error = (ERR_get_error_t)symbols[0].func; + if (!TEST_int_eq(myERR_get_error(), 0)) + goto end; /* * The bits that COMPATIBILITY_MASK lets through MUST be the same in @@ -218,20 +164,19 @@ int main(int argc, char **argv) * the library compared to the application. */ # define COMPATIBILITY_MASK 0xfff00000L - if ((OpenSSL_version_num() & COMPATIBILITY_MASK) - != (OPENSSL_VERSION_NUMBER & COMPATIBILITY_MASK)) { - printf("Unexpected library version loaded\n"); - return 1; - } - - if ((OpenSSL_version_num() & ~COMPATIBILITY_MASK) - < (OPENSSL_VERSION_NUMBER & ~COMPATIBILITY_MASK)) { - printf("Unexpected library version loaded\n"); - return 1; - } + myOpenSSL_version_num = (OpenSSL_version_num_t)symbols[1].func; + if (!TEST_int_eq(myOpenSSL_version_num() & COMPATIBILITY_MASK, + OPENSSL_VERSION_NUMBER & COMPATIBILITY_MASK)) + goto end; + if (!TEST_int_ge(myOpenSSL_version_num() & ~COMPATIBILITY_MASK, + OPENSSL_VERSION_NUMBER & ~COMPATIBILITY_MASK)) + goto end; if (test_type == DSO_REFTEST) { # ifdef DSO_DLFCN + DSO_dsobyaddr_t myDSO_dsobyaddr; + DSO_free_t myDSO_free; + /* * This is resembling the code used in ossl_init_base() and * OPENSSL_atexit() to block unloading the library after dlclose(). @@ -240,54 +185,74 @@ int main(int argc, char **argv) * will always return an error, because DSO_pathbyaddr() is not * implemented there. */ - if (!shlib_sym(cryptolib, DSO_DSOBYADDR, &dso_dsobyaddr_sym.sym) - || !shlib_sym(cryptolib, DSO_FREE, &dso_free_sym.sym)) { - printf("Unable to load crypto dso symbols\n"); - return 1; - } + if (!TEST_true(shlib_sym(cryptolib, "DSO_dsobyaddr", &symbols[0].sym)) + || !TEST_true(shlib_sym(cryptolib, "DSO_free", + &symbols[1].sym))) + goto end; - DSO_dsobyaddr = (DSO_dsobyaddr_t)dso_dsobyaddr_sym.func; - DSO_free = (DSO_free_t)dso_free_sym.func; + myDSO_dsobyaddr = (DSO_dsobyaddr_t)symbols[0].func; + myDSO_free = (DSO_free_t)symbols[1].func; { DSO *hndl; /* use known symbol from crypto module */ - if ((hndl = DSO_dsobyaddr((void (*)(void))ERR_get_error, 0)) != NULL) { - DSO_free(hndl); - } else { - printf("Unable to obtain DSO reference from crypto symbol\n"); - return 1; - } + if (!TEST_ptr(hndl = myDSO_dsobyaddr((void (*)(void))ERR_get_error, 0))) + goto end; + myDSO_free(hndl); } # endif /* DSO_DLFCN */ } - for (i = 0; i < 2; i++) { - if ((i == 0 && test_type == CRYPTO_FIRST) - || (i == 1 && test_type == SSL_FIRST)) { - if (!shlib_close(ssllib)) { - printf("Unable to close libssl\n"); - return 1; - } - } - if ((i == 0 && (test_type == SSL_FIRST - || test_type == JUST_CRYPTO - || test_type == DSO_REFTEST)) - || (i == 1 && test_type == CRYPTO_FIRST)) { - if (!shlib_close(cryptolib)) { - printf("Unable to close libcrypto\n"); - return 1; - } - } + switch (test_type) { + case JUST_CRYPTO: + if (!TEST_true(shlib_close(cryptolib))) + goto end; + break; + case CRYPTO_FIRST: + if (!TEST_true(shlib_close(cryptolib)) + || !TEST_true(shlib_close(ssllib))) + goto end; + break; + case SSL_FIRST: + if (!TEST_true(shlib_close(ssllib)) + || !TEST_true(shlib_close(cryptolib))) + goto end; + break; + case DSO_REFTEST: + if (!TEST_true(shlib_close(cryptolib))) + goto end; + break; } - printf("Success\n"); - return 0; + result = 1; +end: + return result; } -#else -int main(void) +#endif + + +int setup_tests(void) { - printf("Test not implemented on this platform\n"); - return 0; -} + const char *p = test_get_argument(0); + + if (strcmp(p, "-crypto_first") == 0) { + test_type = CRYPTO_FIRST; + } else if (strcmp(p, "-ssl_first") == 0) { + test_type = SSL_FIRST; + } else if (strcmp(p, "-just_crypto") == 0) { + test_type = JUST_CRYPTO; + } else if (strcmp(p, "-dso_ref") == 0) { + test_type = JUST_CRYPTO; + } else { + TEST_error("Unrecognised argument"); + return 0; + } + if (!TEST_ptr(path_crypto = test_get_argument(1)) + || !TEST_ptr(path_ssl = test_get_argument(2))) + return 0; + +#if defined(DSO_DLFCN) || defined(DSO_WIN32) + ADD_TEST(test_lib); #endif + return 1; +} diff --git a/deps/openssl/openssl/test/srptest.c b/deps/openssl/openssl/test/srptest.c index 73b3881ec6..bb1682e714 100644 --- a/deps/openssl/openssl/test/srptest.c +++ b/deps/openssl/openssl/test/srptest.c @@ -1,5 +1,5 @@ /* - * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2011-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -8,36 +8,22 @@ */ #include <openssl/opensslconf.h> -#ifdef OPENSSL_NO_SRP +# include "testutil.h" +#ifdef OPENSSL_NO_SRP # include <stdio.h> - -int main(int argc, char *argv[]) -{ - printf("No SRP support\n"); - return (0); -} - #else # include <openssl/srp.h> # include <openssl/rand.h> # include <openssl/err.h> -static void showbn(const char *name, const BIGNUM *bn) -{ - fputs(name, stdout); - fputs(" = ", stdout); - BN_print_fp(stdout, bn); - putc('\n', stdout); -} - # define RANDOM_SIZE 32 /* use 256 bits on each side */ static int run_srp(const char *username, const char *client_pass, const char *server_pass) { - int ret = -1; + int ret = 0; BIGNUM *s = NULL; BIGNUM *v = NULL; BIGNUM *a = NULL; @@ -50,52 +36,48 @@ static int run_srp(const char *username, const char *client_pass, BIGNUM *Kserver = NULL; unsigned char rand_tmp[RANDOM_SIZE]; /* use builtin 1024-bit params */ - const SRP_gN *GN = SRP_get_default_gN("1024"); + const SRP_gN *GN; + + if (!TEST_ptr(GN = SRP_get_default_gN("1024"))) + return 0; - if (GN == NULL) { - fprintf(stderr, "Failed to get SRP parameters\n"); - return -1; - } /* Set up server's password entry */ - if (!SRP_create_verifier_BN(username, server_pass, &s, &v, GN->N, GN->g)) { - fprintf(stderr, "Failed to create SRP verifier\n"); - return -1; - } + if (!TEST_true(SRP_create_verifier_BN(username, server_pass, + &s, &v, GN->N, GN->g))) + goto end; - showbn("N", GN->N); - showbn("g", GN->g); - showbn("Salt", s); - showbn("Verifier", v); + test_output_bignum("N", GN->N); + test_output_bignum("g", GN->g); + test_output_bignum("Salt", s); + test_output_bignum("Verifier", v); /* Server random */ RAND_bytes(rand_tmp, sizeof(rand_tmp)); b = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL); - /* TODO - check b != 0 */ - showbn("b", b); + if (!TEST_BN_ne_zero(b)) + goto end; + test_output_bignum("b", b); /* Server's first message */ Bpub = SRP_Calc_B(b, GN->N, GN->g, v); - showbn("B", Bpub); + test_output_bignum("B", Bpub); - if (!SRP_Verify_B_mod_N(Bpub, GN->N)) { - fprintf(stderr, "Invalid B\n"); - return -1; - } + if (!TEST_true(SRP_Verify_B_mod_N(Bpub, GN->N))) + goto end; /* Client random */ RAND_bytes(rand_tmp, sizeof(rand_tmp)); a = BN_bin2bn(rand_tmp, sizeof(rand_tmp), NULL); - /* TODO - check a != 0 */ - showbn("a", a); + if (!TEST_BN_ne_zero(a)) + goto end; + test_output_bignum("a", a); /* Client's response */ Apub = SRP_Calc_A(a, GN->N, GN->g); - showbn("A", Apub); + test_output_bignum("A", Apub); - if (!SRP_Verify_A_mod_N(Apub, GN->N)) { - fprintf(stderr, "Invalid A\n"); - return -1; - } + if (!TEST_true(SRP_Verify_A_mod_N(Apub, GN->N))) + goto end; /* Both sides calculate u */ u = SRP_Calc_u(Apub, Bpub, GN->N); @@ -103,19 +85,18 @@ static int run_srp(const char *username, const char *client_pass, /* Client's key */ x = SRP_Calc_x(s, username, client_pass); Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u); - showbn("Client's key", Kclient); + test_output_bignum("Client's key", Kclient); /* Server's key */ Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N); - showbn("Server's key", Kserver); + test_output_bignum("Server's key", Kserver); - if (BN_cmp(Kclient, Kserver) == 0) { - ret = 0; - } else { - fprintf(stderr, "Keys mismatch\n"); - ret = 1; - } + if (!TEST_BN_eq(Kclient, Kserver)) + goto end; + ret = 1; + +end: BN_clear_free(Kclient); BN_clear_free(Kserver); BN_clear_free(x); @@ -133,25 +114,16 @@ static int run_srp(const char *username, const char *client_pass, static int check_bn(const char *name, const BIGNUM *bn, const char *hexbn) { BIGNUM *tmp = NULL; - int rv; - if (BN_hex2bn(&tmp, hexbn) == 0) + int r; + + if (!TEST_true(BN_hex2bn(&tmp, hexbn))) return 0; - rv = BN_cmp(bn, tmp); - if (rv == 0) { - printf("%s = ", name); - BN_print_fp(stdout, bn); - printf("\n"); - BN_free(tmp); - return 1; - } - printf("Unexpected %s value\n", name); - printf("Expecting: "); - BN_print_fp(stdout, tmp); - printf("\nReceived: "); - BN_print_fp(stdout, bn); - printf("\n"); + + if (BN_cmp(bn, tmp) != 0) + TEST_error("unexpected %s value", name); + r = TEST_BN_eq(bn, tmp); BN_free(tmp); - return 0; + return r; } /* SRP test vectors from RFC5054 */ @@ -169,27 +141,25 @@ static int run_srp_kat(void) BIGNUM *Kclient = NULL; BIGNUM *Kserver = NULL; /* use builtin 1024-bit params */ - const SRP_gN *GN = SRP_get_default_gN("1024"); + const SRP_gN *GN; - if (GN == NULL) { - fprintf(stderr, "Failed to get SRP parameters\n"); + if (!TEST_ptr(GN = SRP_get_default_gN("1024"))) goto err; - } BN_hex2bn(&s, "BEB25379D1A8581EB5A727673A2441EE"); /* Set up server's password entry */ - if (!SRP_create_verifier_BN("alice", "password123", &s, &v, GN->N, - GN->g)) { - fprintf(stderr, "Failed to create SRP verifier\n"); + if (!TEST_true(SRP_create_verifier_BN("alice", "password123", &s, &v, GN->N, + GN->g))) goto err; - } - if (!check_bn("v", v, + TEST_info("checking v"); + if (!TEST_true(check_bn("v", v, "7E273DE8696FFC4F4E337D05B4B375BEB0DDE1569E8FA00A9886D812" "9BADA1F1822223CA1A605B530E379BA4729FDC59F105B4787E5186F5" "C671085A1447B52A48CF1970B4FB6F8400BBF4CEBFBB168152E08AB5" "EA53D15C1AFF87B2B9DA6E04E058AD51CC72BFC9033B564E26480D78" - "E955A5E29E7AB245DB2BE315E2099AFB")) + "E955A5E29E7AB245DB2BE315E2099AFB"))) goto err; + TEST_note(" okay"); /* Server random */ BN_hex2bn(&b, "E487CB59D31AC550471E81F00F6928E01DDA08E974A004F49E61F5D1" @@ -197,19 +167,18 @@ static int run_srp_kat(void) /* Server's first message */ Bpub = SRP_Calc_B(b, GN->N, GN->g, v); - - if (!SRP_Verify_B_mod_N(Bpub, GN->N)) { - fprintf(stderr, "Invalid B\n"); + if (!TEST_true(SRP_Verify_B_mod_N(Bpub, GN->N))) goto err; - } - if (!check_bn("B", Bpub, + TEST_info("checking B"); + if (!TEST_true(check_bn("B", Bpub, "BD0C61512C692C0CB6D041FA01BB152D4916A1E77AF46AE105393011" "BAF38964DC46A0670DD125B95A981652236F99D9B681CBF87837EC99" "6C6DA04453728610D0C6DDB58B318885D7D82C7F8DEB75CE7BD4FBAA" "37089E6F9C6059F388838E7A00030B331EB76840910440B1B27AAEAE" - "EB4012B7D7665238A8E3FB004B117B58")) + "EB4012B7D7665238A8E3FB004B117B58"))) goto err; + TEST_note(" okay"); /* Client random */ BN_hex2bn(&a, "60975527035CF2AD1989806F0407210BC81EDC04E2762A56AFD529DD" @@ -217,49 +186,54 @@ static int run_srp_kat(void) /* Client's response */ Apub = SRP_Calc_A(a, GN->N, GN->g); + if (!TEST_true(SRP_Verify_A_mod_N(Apub, GN->N))) + goto err; - if (!SRP_Verify_A_mod_N(Apub, GN->N)) { - fprintf(stderr, "Invalid A\n"); - return -1; - } - - if (!check_bn("A", Apub, + TEST_info("checking A"); + if (!TEST_true(check_bn("A", Apub, "61D5E490F6F1B79547B0704C436F523DD0E560F0C64115BB72557EC4" "4352E8903211C04692272D8B2D1A5358A2CF1B6E0BFCF99F921530EC" "8E39356179EAE45E42BA92AEACED825171E1E8B9AF6D9C03E1327F44" "BE087EF06530E69F66615261EEF54073CA11CF5858F0EDFDFE15EFEA" - "B349EF5D76988A3672FAC47B0769447B")) + "B349EF5D76988A3672FAC47B0769447B"))) goto err; + TEST_note(" okay"); /* Both sides calculate u */ u = SRP_Calc_u(Apub, Bpub, GN->N); - if (!check_bn("u", u, "CE38B9593487DA98554ED47D70A7AE5F462EF019")) + if (!TEST_true(check_bn("u", u, + "CE38B9593487DA98554ED47D70A7AE5F462EF019"))) goto err; /* Client's key */ x = SRP_Calc_x(s, "alice", "password123"); Kclient = SRP_Calc_client_key(GN->N, Bpub, GN->g, x, a, u); - if (!check_bn("Client's key", Kclient, + TEST_info("checking client's key"); + if (!TEST_true(check_bn("Client's key", Kclient, "B0DC82BABCF30674AE450C0287745E7990A3381F63B387AAF271A10D" "233861E359B48220F7C4693C9AE12B0A6F67809F0876E2D013800D6C" "41BB59B6D5979B5C00A172B4A2A5903A0BDCAF8A709585EB2AFAFA8F" "3499B200210DCC1F10EB33943CD67FC88A2F39A4BE5BEC4EC0A3212D" - "C346D7E474B29EDE8A469FFECA686E5A")) + "C346D7E474B29EDE8A469FFECA686E5A"))) goto err; + TEST_note(" okay"); + /* Server's key */ Kserver = SRP_Calc_server_key(Apub, v, u, b, GN->N); - if (!check_bn("Server's key", Kserver, + TEST_info("checking server's key"); + if (!TEST_true(check_bn("Server's key", Kserver, "B0DC82BABCF30674AE450C0287745E7990A3381F63B387AAF271A10D" "233861E359B48220F7C4693C9AE12B0A6F67809F0876E2D013800D6C" "41BB59B6D5979B5C00A172B4A2A5903A0BDCAF8A709585EB2AFAFA8F" "3499B200210DCC1F10EB33943CD67FC88A2F39A4BE5BEC4EC0A3212D" - "C346D7E474B29EDE8A469FFECA686E5A")) + "C346D7E474B29EDE8A469FFECA686E5A"))) goto err; + TEST_note(" okay"); ret = 1; - err: +err: BN_clear_free(Kclient); BN_clear_free(Kserver); BN_clear_free(x); @@ -274,39 +248,29 @@ static int run_srp_kat(void) return ret; } -int main(int argc, char **argv) +static int run_srp_tests(void) { - BIO *bio_err; - bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - /* "Negative" test, expect a mismatch */ - if (run_srp("alice", "password1", "password2") == 0) { - fprintf(stderr, "Mismatched SRP run failed\n"); - return 1; - } + TEST_info("run_srp: expecting a mismatch"); + if (!TEST_false(run_srp("alice", "password1", "password2"))) + return 0; /* "Positive" test, should pass */ - if (run_srp("alice", "password", "password") != 0) { - fprintf(stderr, "Plain SRP run failed\n"); - return 1; - } - - /* KAT from RFC5054: should pass */ - if (run_srp_kat() != 1) { - fprintf(stderr, "SRP KAT failed\n"); - return 1; - } - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(bio_err) <= 0) - return 1; -#endif - BIO_free(bio_err); + TEST_info("run_srp: expecting a match"); + if (!TEST_true(run_srp("alice", "password", "password"))) + return 0; - return 0; + return 1; } #endif + +int setup_tests(void) +{ +#ifdef OPENSSL_NO_SRP + printf("No SRP support\n"); +#else + ADD_TEST(run_srp_tests); + ADD_TEST(run_srp_kat); +#endif + return 1; +} diff --git a/deps/openssl/openssl/test/ssl-tests/01-simple.conf b/deps/openssl/openssl/test/ssl-tests/01-simple.conf index 5f4dd841b4..7fc23f0b69 100644 --- a/deps/openssl/openssl/test/ssl-tests/01-simple.conf +++ b/deps/openssl/openssl/test/ssl-tests/01-simple.conf @@ -40,12 +40,12 @@ client = 1-Server signature algorithms bug-client [1-Server signature algorithms bug-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -ClientSignatureAlgorithms = ECDSA+SHA256 +ClientSignatureAlgorithms = PSS+SHA512:RSA+SHA512 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-Server signature algorithms bug-client] CipherString = DEFAULT -SignatureAlgorithms = RSA+SHA256 +SignatureAlgorithms = PSS+SHA256:RSA+SHA256 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/deps/openssl/openssl/test/ssl-tests/01-simple.conf.in b/deps/openssl/openssl/test/ssl-tests/01-simple.conf.in index 086d66d32f..54dc451f3b 100644 --- a/deps/openssl/openssl/test/ssl-tests/01-simple.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/01-simple.conf.in @@ -22,8 +22,8 @@ our @tests = ( { name => "Server signature algorithms bug", # Should have no effect as we aren't doing client auth - server => { "ClientSignatureAlgorithms" => "ECDSA+SHA256" }, - client => { "SignatureAlgorithms" => "RSA+SHA256" }, + server => { "ClientSignatureAlgorithms" => "PSS+SHA512:RSA+SHA512" }, + client => { "SignatureAlgorithms" => "PSS+SHA256:RSA+SHA256" }, test => { "ExpectedResult" => "Success" }, }, diff --git a/deps/openssl/openssl/test/ssl-tests/02-protocol-version.conf b/deps/openssl/openssl/test/ssl-tests/02-protocol-version.conf index cb89dbc10a..4b7d7df218 100644 --- a/deps/openssl/openssl/test/ssl-tests/02-protocol-version.conf +++ b/deps/openssl/openssl/test/ssl-tests/02-protocol-version.conf @@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 361 +num_tests = 678 test-0 = 0-version-negotiation test-1 = 1-version-negotiation @@ -363,6 +363,323 @@ test-357 = 357-version-negotiation test-358 = 358-version-negotiation test-359 = 359-version-negotiation test-360 = 360-version-negotiation +test-361 = 361-version-negotiation +test-362 = 362-version-negotiation +test-363 = 363-version-negotiation +test-364 = 364-version-negotiation +test-365 = 365-version-negotiation +test-366 = 366-version-negotiation +test-367 = 367-version-negotiation +test-368 = 368-version-negotiation +test-369 = 369-version-negotiation +test-370 = 370-version-negotiation +test-371 = 371-version-negotiation +test-372 = 372-version-negotiation +test-373 = 373-version-negotiation +test-374 = 374-version-negotiation +test-375 = 375-version-negotiation +test-376 = 376-version-negotiation +test-377 = 377-version-negotiation +test-378 = 378-version-negotiation +test-379 = 379-version-negotiation +test-380 = 380-version-negotiation +test-381 = 381-version-negotiation +test-382 = 382-version-negotiation +test-383 = 383-version-negotiation +test-384 = 384-version-negotiation +test-385 = 385-version-negotiation +test-386 = 386-version-negotiation +test-387 = 387-version-negotiation +test-388 = 388-version-negotiation +test-389 = 389-version-negotiation +test-390 = 390-version-negotiation +test-391 = 391-version-negotiation +test-392 = 392-version-negotiation +test-393 = 393-version-negotiation +test-394 = 394-version-negotiation +test-395 = 395-version-negotiation +test-396 = 396-version-negotiation +test-397 = 397-version-negotiation +test-398 = 398-version-negotiation +test-399 = 399-version-negotiation +test-400 = 400-version-negotiation +test-401 = 401-version-negotiation +test-402 = 402-version-negotiation +test-403 = 403-version-negotiation +test-404 = 404-version-negotiation +test-405 = 405-version-negotiation +test-406 = 406-version-negotiation +test-407 = 407-version-negotiation +test-408 = 408-version-negotiation +test-409 = 409-version-negotiation +test-410 = 410-version-negotiation +test-411 = 411-version-negotiation +test-412 = 412-version-negotiation +test-413 = 413-version-negotiation +test-414 = 414-version-negotiation +test-415 = 415-version-negotiation +test-416 = 416-version-negotiation +test-417 = 417-version-negotiation +test-418 = 418-version-negotiation +test-419 = 419-version-negotiation +test-420 = 420-version-negotiation +test-421 = 421-version-negotiation +test-422 = 422-version-negotiation +test-423 = 423-version-negotiation +test-424 = 424-version-negotiation +test-425 = 425-version-negotiation +test-426 = 426-version-negotiation +test-427 = 427-version-negotiation +test-428 = 428-version-negotiation +test-429 = 429-version-negotiation +test-430 = 430-version-negotiation +test-431 = 431-version-negotiation +test-432 = 432-version-negotiation +test-433 = 433-version-negotiation +test-434 = 434-version-negotiation +test-435 = 435-version-negotiation +test-436 = 436-version-negotiation +test-437 = 437-version-negotiation +test-438 = 438-version-negotiation +test-439 = 439-version-negotiation +test-440 = 440-version-negotiation +test-441 = 441-version-negotiation +test-442 = 442-version-negotiation +test-443 = 443-version-negotiation +test-444 = 444-version-negotiation +test-445 = 445-version-negotiation +test-446 = 446-version-negotiation +test-447 = 447-version-negotiation +test-448 = 448-version-negotiation +test-449 = 449-version-negotiation +test-450 = 450-version-negotiation +test-451 = 451-version-negotiation +test-452 = 452-version-negotiation +test-453 = 453-version-negotiation +test-454 = 454-version-negotiation +test-455 = 455-version-negotiation +test-456 = 456-version-negotiation +test-457 = 457-version-negotiation +test-458 = 458-version-negotiation +test-459 = 459-version-negotiation +test-460 = 460-version-negotiation +test-461 = 461-version-negotiation +test-462 = 462-version-negotiation +test-463 = 463-version-negotiation +test-464 = 464-version-negotiation +test-465 = 465-version-negotiation +test-466 = 466-version-negotiation +test-467 = 467-version-negotiation +test-468 = 468-version-negotiation +test-469 = 469-version-negotiation +test-470 = 470-version-negotiation +test-471 = 471-version-negotiation +test-472 = 472-version-negotiation +test-473 = 473-version-negotiation +test-474 = 474-version-negotiation +test-475 = 475-version-negotiation +test-476 = 476-version-negotiation +test-477 = 477-version-negotiation +test-478 = 478-version-negotiation +test-479 = 479-version-negotiation +test-480 = 480-version-negotiation +test-481 = 481-version-negotiation +test-482 = 482-version-negotiation +test-483 = 483-version-negotiation +test-484 = 484-version-negotiation +test-485 = 485-version-negotiation +test-486 = 486-version-negotiation +test-487 = 487-version-negotiation +test-488 = 488-version-negotiation +test-489 = 489-version-negotiation +test-490 = 490-version-negotiation +test-491 = 491-version-negotiation +test-492 = 492-version-negotiation +test-493 = 493-version-negotiation +test-494 = 494-version-negotiation +test-495 = 495-version-negotiation +test-496 = 496-version-negotiation +test-497 = 497-version-negotiation +test-498 = 498-version-negotiation +test-499 = 499-version-negotiation +test-500 = 500-version-negotiation +test-501 = 501-version-negotiation +test-502 = 502-version-negotiation +test-503 = 503-version-negotiation +test-504 = 504-version-negotiation +test-505 = 505-version-negotiation +test-506 = 506-version-negotiation +test-507 = 507-version-negotiation +test-508 = 508-version-negotiation +test-509 = 509-version-negotiation +test-510 = 510-version-negotiation +test-511 = 511-version-negotiation +test-512 = 512-version-negotiation +test-513 = 513-version-negotiation +test-514 = 514-version-negotiation +test-515 = 515-version-negotiation +test-516 = 516-version-negotiation +test-517 = 517-version-negotiation +test-518 = 518-version-negotiation +test-519 = 519-version-negotiation +test-520 = 520-version-negotiation +test-521 = 521-version-negotiation +test-522 = 522-version-negotiation +test-523 = 523-version-negotiation +test-524 = 524-version-negotiation +test-525 = 525-version-negotiation +test-526 = 526-version-negotiation +test-527 = 527-version-negotiation +test-528 = 528-version-negotiation +test-529 = 529-version-negotiation +test-530 = 530-version-negotiation +test-531 = 531-version-negotiation +test-532 = 532-version-negotiation +test-533 = 533-version-negotiation +test-534 = 534-version-negotiation +test-535 = 535-version-negotiation +test-536 = 536-version-negotiation +test-537 = 537-version-negotiation +test-538 = 538-version-negotiation +test-539 = 539-version-negotiation +test-540 = 540-version-negotiation +test-541 = 541-version-negotiation +test-542 = 542-version-negotiation +test-543 = 543-version-negotiation +test-544 = 544-version-negotiation +test-545 = 545-version-negotiation +test-546 = 546-version-negotiation +test-547 = 547-version-negotiation +test-548 = 548-version-negotiation +test-549 = 549-version-negotiation +test-550 = 550-version-negotiation +test-551 = 551-version-negotiation +test-552 = 552-version-negotiation +test-553 = 553-version-negotiation +test-554 = 554-version-negotiation +test-555 = 555-version-negotiation +test-556 = 556-version-negotiation +test-557 = 557-version-negotiation +test-558 = 558-version-negotiation +test-559 = 559-version-negotiation +test-560 = 560-version-negotiation +test-561 = 561-version-negotiation +test-562 = 562-version-negotiation +test-563 = 563-version-negotiation +test-564 = 564-version-negotiation +test-565 = 565-version-negotiation +test-566 = 566-version-negotiation +test-567 = 567-version-negotiation +test-568 = 568-version-negotiation +test-569 = 569-version-negotiation +test-570 = 570-version-negotiation +test-571 = 571-version-negotiation +test-572 = 572-version-negotiation +test-573 = 573-version-negotiation +test-574 = 574-version-negotiation +test-575 = 575-version-negotiation +test-576 = 576-version-negotiation +test-577 = 577-version-negotiation +test-578 = 578-version-negotiation +test-579 = 579-version-negotiation +test-580 = 580-version-negotiation +test-581 = 581-version-negotiation +test-582 = 582-version-negotiation +test-583 = 583-version-negotiation +test-584 = 584-version-negotiation +test-585 = 585-version-negotiation +test-586 = 586-version-negotiation +test-587 = 587-version-negotiation +test-588 = 588-version-negotiation +test-589 = 589-version-negotiation +test-590 = 590-version-negotiation +test-591 = 591-version-negotiation +test-592 = 592-version-negotiation +test-593 = 593-version-negotiation +test-594 = 594-version-negotiation +test-595 = 595-version-negotiation +test-596 = 596-version-negotiation +test-597 = 597-version-negotiation +test-598 = 598-version-negotiation +test-599 = 599-version-negotiation +test-600 = 600-version-negotiation +test-601 = 601-version-negotiation +test-602 = 602-version-negotiation +test-603 = 603-version-negotiation +test-604 = 604-version-negotiation +test-605 = 605-version-negotiation +test-606 = 606-version-negotiation +test-607 = 607-version-negotiation +test-608 = 608-version-negotiation +test-609 = 609-version-negotiation +test-610 = 610-version-negotiation +test-611 = 611-version-negotiation +test-612 = 612-version-negotiation +test-613 = 613-version-negotiation +test-614 = 614-version-negotiation +test-615 = 615-version-negotiation +test-616 = 616-version-negotiation +test-617 = 617-version-negotiation +test-618 = 618-version-negotiation +test-619 = 619-version-negotiation +test-620 = 620-version-negotiation +test-621 = 621-version-negotiation +test-622 = 622-version-negotiation +test-623 = 623-version-negotiation +test-624 = 624-version-negotiation +test-625 = 625-version-negotiation +test-626 = 626-version-negotiation +test-627 = 627-version-negotiation +test-628 = 628-version-negotiation +test-629 = 629-version-negotiation +test-630 = 630-version-negotiation +test-631 = 631-version-negotiation +test-632 = 632-version-negotiation +test-633 = 633-version-negotiation +test-634 = 634-version-negotiation +test-635 = 635-version-negotiation +test-636 = 636-version-negotiation +test-637 = 637-version-negotiation +test-638 = 638-version-negotiation +test-639 = 639-version-negotiation +test-640 = 640-version-negotiation +test-641 = 641-version-negotiation +test-642 = 642-version-negotiation +test-643 = 643-version-negotiation +test-644 = 644-version-negotiation +test-645 = 645-version-negotiation +test-646 = 646-version-negotiation +test-647 = 647-version-negotiation +test-648 = 648-version-negotiation +test-649 = 649-version-negotiation +test-650 = 650-version-negotiation +test-651 = 651-version-negotiation +test-652 = 652-version-negotiation +test-653 = 653-version-negotiation +test-654 = 654-version-negotiation +test-655 = 655-version-negotiation +test-656 = 656-version-negotiation +test-657 = 657-version-negotiation +test-658 = 658-version-negotiation +test-659 = 659-version-negotiation +test-660 = 660-version-negotiation +test-661 = 661-version-negotiation +test-662 = 662-version-negotiation +test-663 = 663-version-negotiation +test-664 = 664-version-negotiation +test-665 = 665-version-negotiation +test-666 = 666-version-negotiation +test-667 = 667-version-negotiation +test-668 = 668-version-negotiation +test-669 = 669-version-negotiation +test-670 = 670-version-negotiation +test-671 = 671-version-negotiation +test-672 = 672-version-negotiation +test-673 = 673-version-negotiation +test-674 = 674-version-negotiation +test-675 = 675-version-negotiation +test-676 = 676-ciphersuite-sanity-check-client +test-677 = 677-ciphersuite-sanity-check-server # =========================================================== [0-version-negotiation] @@ -385,7 +702,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-0] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -410,7 +727,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-1] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -435,7 +752,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-2] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -460,7 +777,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-3] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -475,6 +792,7 @@ client = 4-version-negotiation-client [4-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-version-negotiation-client] @@ -484,7 +802,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-4] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -499,8 +817,6 @@ client = 5-version-negotiation-client [5-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-version-negotiation-client] @@ -510,7 +826,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-5] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -525,7 +841,7 @@ client = 6-version-negotiation-client [6-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -536,7 +852,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-6] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -551,7 +867,7 @@ client = 7-version-negotiation-client [7-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -562,7 +878,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-7] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -577,7 +893,7 @@ client = 8-version-negotiation-client [8-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -588,7 +904,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-8] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -603,6 +919,7 @@ client = 9-version-negotiation-client [9-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -613,7 +930,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-9] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -628,8 +945,8 @@ client = 10-version-negotiation-client [10-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-version-negotiation-client] @@ -639,7 +956,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-10] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -654,8 +971,7 @@ client = 11-version-negotiation-client [11-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-version-negotiation-client] @@ -665,7 +981,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-11] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -680,7 +996,7 @@ client = 12-version-negotiation-client [12-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -691,7 +1007,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-12] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -706,6 +1022,7 @@ client = 13-version-negotiation-client [13-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -716,7 +1033,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-13] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -731,8 +1048,8 @@ client = 14-version-negotiation-client [14-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-version-negotiation-client] @@ -742,7 +1059,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-14] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -757,8 +1074,8 @@ client = 15-version-negotiation-client [15-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-version-negotiation-client] @@ -768,7 +1085,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-15] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -783,7 +1100,7 @@ client = 16-version-negotiation-client [16-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-version-negotiation-client] @@ -793,7 +1110,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-16] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -808,8 +1125,8 @@ client = 17-version-negotiation-client [17-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-version-negotiation-client] @@ -819,7 +1136,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-17] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -834,7 +1151,8 @@ client = 18-version-negotiation-client [18-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [18-version-negotiation-client] @@ -844,7 +1162,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-18] -ExpectedResult = InternalError +ExpectedResult = ClientFail # =========================================================== @@ -859,17 +1177,18 @@ client = 19-version-negotiation-client [19-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-19] -ExpectedResult = ServerFail +ExpectedResult = ClientFail # =========================================================== @@ -884,18 +1203,17 @@ client = 20-version-negotiation-client [20-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [20-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-20] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -910,18 +1228,18 @@ client = 21-version-negotiation-client [21-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [21-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-21] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -936,18 +1254,18 @@ client = 22-version-negotiation-client [22-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [22-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-22] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -962,17 +1280,17 @@ client = 23-version-negotiation-client [23-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [23-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-23] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -987,18 +1305,18 @@ client = 24-version-negotiation-client [24-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [24-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-24] -ExpectedResult = ServerFail +ExpectedResult = ClientFail # =========================================================== @@ -1013,19 +1331,17 @@ client = 25-version-negotiation-client [25-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [25-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-25] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -1040,8 +1356,7 @@ client = 26-version-negotiation-client [26-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [26-version-negotiation-client] @@ -1051,8 +1366,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-26] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1067,8 +1381,7 @@ client = 27-version-negotiation-client [27-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [27-version-negotiation-client] @@ -1094,7 +1407,7 @@ client = 28-version-negotiation-client [28-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [28-version-negotiation-client] @@ -1120,8 +1433,7 @@ client = 29-version-negotiation-client [29-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [29-version-negotiation-client] @@ -1147,8 +1459,7 @@ client = 30-version-negotiation-client [30-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [30-version-negotiation-client] @@ -1174,8 +1485,6 @@ client = 31-version-negotiation-client [31-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [31-version-negotiation-client] @@ -1201,7 +1510,8 @@ client = 32-version-negotiation-client [32-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [32-version-negotiation-client] @@ -1211,8 +1521,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-32] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1227,8 +1536,8 @@ client = 33-version-negotiation-client [33-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [33-version-negotiation-client] @@ -1238,7 +1547,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-33] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1253,8 +1563,8 @@ client = 34-version-negotiation-client [34-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [34-version-negotiation-client] @@ -1264,7 +1574,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-34] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1279,7 +1590,8 @@ client = 35-version-negotiation-client [35-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [35-version-negotiation-client] @@ -1289,7 +1601,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-35] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1304,8 +1617,8 @@ client = 36-version-negotiation-client [36-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [36-version-negotiation-client] @@ -1315,7 +1628,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-36] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1330,7 +1644,7 @@ client = 37-version-negotiation-client [37-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [37-version-negotiation-client] @@ -1340,7 +1654,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-37] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1355,17 +1670,19 @@ client = 38-version-negotiation-client [38-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [38-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-38] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -1380,12 +1697,13 @@ client = 39-version-negotiation-client [39-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [39-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1406,17 +1724,18 @@ client = 40-version-negotiation-client [40-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [40-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-40] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1432,17 +1751,18 @@ client = 41-version-negotiation-client [41-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [41-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-41] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1458,16 +1778,17 @@ client = 42-version-negotiation-client [42-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [42-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-42] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1483,13 +1804,13 @@ client = 43-version-negotiation-client [43-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [43-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1509,19 +1830,18 @@ client = 44-version-negotiation-client [44-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [44-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-44] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1536,19 +1856,18 @@ client = 45-version-negotiation-client [45-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [45-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-45] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1563,19 +1882,17 @@ client = 46-version-negotiation-client [46-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [46-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-46] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1590,18 +1907,18 @@ client = 47-version-negotiation-client [47-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [47-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-47] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1616,19 +1933,18 @@ client = 48-version-negotiation-client [48-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [48-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-48] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1643,19 +1959,17 @@ client = 49-version-negotiation-client [49-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [49-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-49] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1670,19 +1984,18 @@ client = 50-version-negotiation-client [50-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [50-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-50] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1697,18 +2010,17 @@ client = 51-version-negotiation-client [51-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [51-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-51] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1723,8 +2035,7 @@ client = 52-version-negotiation-client [52-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [52-version-negotiation-client] @@ -1734,8 +2045,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-52] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1750,8 +2060,7 @@ client = 53-version-negotiation-client [53-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [53-version-negotiation-client] @@ -1761,7 +2070,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-53] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1777,7 +2086,7 @@ client = 54-version-negotiation-client [54-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [54-version-negotiation-client] @@ -1804,7 +2113,6 @@ client = 55-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [55-version-negotiation-client] @@ -1814,7 +2122,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-55] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -1829,7 +2138,7 @@ client = 56-version-negotiation-client [56-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [56-version-negotiation-client] @@ -1839,7 +2148,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-56] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -1854,17 +2164,17 @@ client = 57-version-negotiation-client [57-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [57-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-57] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -1879,18 +2189,18 @@ client = 58-version-negotiation-client [58-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [58-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-58] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -1905,17 +2215,18 @@ client = 59-version-negotiation-client [59-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [59-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-59] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -1931,17 +2242,18 @@ client = 60-version-negotiation-client [60-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [60-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-60] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -1957,16 +2269,18 @@ client = 61-version-negotiation-client [61-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [61-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-61] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -1982,18 +2296,19 @@ client = 62-version-negotiation-client [62-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [62-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-62] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -2008,18 +2323,17 @@ client = 63-version-negotiation-client [63-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [63-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-63] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2035,18 +2349,18 @@ client = 64-version-negotiation-client [64-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [64-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-64] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2062,18 +2376,18 @@ client = 65-version-negotiation-client [65-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [65-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-65] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2089,17 +2403,18 @@ client = 66-version-negotiation-client [66-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [66-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-66] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2115,18 +2430,18 @@ client = 67-version-negotiation-client [67-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [67-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-67] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2142,13 +2457,12 @@ client = 68-version-negotiation-client [68-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [68-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2169,18 +2483,18 @@ client = 69-version-negotiation-client [69-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [69-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-69] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2196,17 +2510,18 @@ client = 70-version-negotiation-client [70-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [70-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-70] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2222,13 +2537,13 @@ client = 71-version-negotiation-client [71-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [71-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2249,18 +2564,17 @@ client = 72-version-negotiation-client [72-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [72-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-72] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2276,18 +2590,18 @@ client = 73-version-negotiation-client [73-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [73-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-73] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2302,19 +2616,18 @@ client = 74-version-negotiation-client [74-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [74-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-74] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2334,13 +2647,12 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [75-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-75] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2355,11 +2667,13 @@ client = 76-version-negotiation-client [76-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [76-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2379,17 +2693,17 @@ client = 77-version-negotiation-client [77-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [77-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-77] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2404,17 +2718,17 @@ client = 78-version-negotiation-client [78-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [78-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-78] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2429,16 +2743,17 @@ client = 79-version-negotiation-client [79-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [79-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-79] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2454,15 +2769,17 @@ client = 80-version-negotiation-client [80-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [80-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-80] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2478,17 +2795,18 @@ client = 81-version-negotiation-client [81-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [81-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-81] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2503,17 +2821,17 @@ client = 82-version-negotiation-client [82-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [82-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-82] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -2529,17 +2847,16 @@ client = 83-version-negotiation-client [83-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [83-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-83] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -2555,18 +2872,18 @@ client = 84-version-negotiation-client [84-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [84-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-84] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -2581,16 +2898,18 @@ client = 85-version-negotiation-client [85-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [85-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-85] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2606,17 +2925,18 @@ client = 86-version-negotiation-client [86-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [86-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-86] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2632,17 +2952,18 @@ client = 87-version-negotiation-client [87-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [87-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-87] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -2658,12 +2979,13 @@ client = 88-version-negotiation-client [88-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [88-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2684,11 +3006,12 @@ client = 89-version-negotiation-client [89-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [89-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2709,17 +3032,18 @@ client = 90-version-negotiation-client [90-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [90-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-90] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -2735,17 +3059,18 @@ client = 91-version-negotiation-client [91-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [91-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-91] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -2761,11 +3086,13 @@ client = 92-version-negotiation-client [92-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [92-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2786,12 +3113,13 @@ client = 93-version-negotiation-client [93-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [93-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2812,11 +3140,12 @@ client = 94-version-negotiation-client [94-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [94-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -2837,18 +3166,19 @@ client = 95-version-negotiation-client [95-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [95-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-95] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -2863,18 +3193,19 @@ client = 96-version-negotiation-client [96-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [96-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-96] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2889,18 +3220,19 @@ client = 97-version-negotiation-client [97-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [97-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-97] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2915,18 +3247,18 @@ client = 98-version-negotiation-client [98-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [98-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-98] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2941,17 +3273,19 @@ client = 99-version-negotiation-client [99-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [99-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-99] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2966,19 +3300,19 @@ client = 100-version-negotiation-client [100-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [100-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-100] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -2993,19 +3327,18 @@ client = 101-version-negotiation-client [101-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [101-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-101] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3020,19 +3353,18 @@ client = 102-version-negotiation-client [102-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [102-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-102] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3047,19 +3379,17 @@ client = 103-version-negotiation-client [103-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [103-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-103] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3074,18 +3404,17 @@ client = 104-version-negotiation-client [104-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [104-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-104] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3101,18 +3430,17 @@ client = 105-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [105-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-105] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -3128,18 +3456,17 @@ client = 106-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [106-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-106] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -3155,18 +3482,17 @@ client = 107-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [107-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-107] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3181,18 +3507,18 @@ client = 108-version-negotiation-client [108-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [108-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-108] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3207,19 +3533,17 @@ client = 109-version-negotiation-client [109-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [109-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-109] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3234,19 +3558,18 @@ client = 110-version-negotiation-client [110-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [110-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-110] -ExpectedResult = InternalError +ExpectedResult = ServerFail # =========================================================== @@ -3261,18 +3584,19 @@ client = 111-version-negotiation-client [111-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [111-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-111] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -3287,19 +3611,19 @@ client = 112-version-negotiation-client [112-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [112-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-112] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -3314,18 +3638,19 @@ client = 113-version-negotiation-client [113-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [113-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-113] -ExpectedResult = InternalError +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3340,18 +3665,19 @@ client = 114-version-negotiation-client [114-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [114-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-114] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3366,18 +3692,17 @@ client = 115-version-negotiation-client [115-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [115-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-115] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3393,13 +3718,13 @@ client = 116-version-negotiation-client [116-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [116-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -3420,18 +3745,18 @@ client = 117-version-negotiation-client [117-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [117-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-117] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -3447,17 +3772,18 @@ client = 118-version-negotiation-client [118-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [118-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-118] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -3473,19 +3799,19 @@ client = 119-version-negotiation-client [119-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [119-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-119] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3500,19 +3826,17 @@ client = 120-version-negotiation-client [120-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [120-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-120] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3529,18 +3853,17 @@ client = 121-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [121-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-121] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -3557,18 +3880,17 @@ client = 122-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [122-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-122] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -3584,18 +3906,18 @@ client = 123-version-negotiation-client [123-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [123-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-123] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3611,19 +3933,17 @@ client = 124-version-negotiation-client [124-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [124-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-124] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3639,19 +3959,18 @@ client = 125-version-negotiation-client [125-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [125-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-125] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -3667,19 +3986,18 @@ client = 126-version-negotiation-client [126-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [126-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-126] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3695,18 +4013,17 @@ client = 127-version-negotiation-client [127-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [127-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-127] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3722,19 +4039,19 @@ client = 128-version-negotiation-client [128-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [128-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-128] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3749,19 +4066,18 @@ client = 129-version-negotiation-client [129-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [129-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-129] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -3776,13 +4092,11 @@ client = 130-version-negotiation-client [130-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [130-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -3802,19 +4116,17 @@ client = 131-version-negotiation-client [131-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [131-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-131] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -3829,18 +4141,17 @@ client = 132-version-negotiation-client [132-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [132-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-132] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -3855,18 +4166,17 @@ client = 133-version-negotiation-client [133-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [133-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-133] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -3881,18 +4191,16 @@ client = 134-version-negotiation-client [134-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [134-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-134] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3908,18 +4216,15 @@ client = 135-version-negotiation-client [135-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [135-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-135] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -3935,19 +4240,17 @@ client = 136-version-negotiation-client [136-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [136-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-136] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -3962,17 +4265,17 @@ client = 137-version-negotiation-client [137-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [137-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-137] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -3988,19 +4291,18 @@ client = 138-version-negotiation-client [138-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [138-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-138] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -4015,19 +4317,17 @@ client = 139-version-negotiation-client [139-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [139-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-139] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -4043,19 +4343,17 @@ client = 140-version-negotiation-client [140-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [140-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-140] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4071,19 +4369,16 @@ client = 141-version-negotiation-client [141-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [141-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-141] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4099,18 +4394,17 @@ client = 142-version-negotiation-client [142-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [142-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-142] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -4126,19 +4420,17 @@ client = 143-version-negotiation-client [143-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [143-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-143] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -4154,19 +4446,17 @@ client = 144-version-negotiation-client [144-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [144-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-144] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -4182,19 +4472,17 @@ client = 145-version-negotiation-client [145-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [145-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-145] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4215,13 +4503,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [146-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-146] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4243,8 +4529,6 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [147-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -4271,13 +4555,11 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [148-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-148] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -4293,18 +4575,17 @@ client = 149-version-negotiation-client [149-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [149-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-149] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4320,19 +4601,17 @@ client = 150-version-negotiation-client [150-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [150-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-150] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -4347,18 +4626,18 @@ client = 151-version-negotiation-client [151-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [151-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-151] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -4373,18 +4652,18 @@ client = 152-version-negotiation-client [152-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [152-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-152] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -4399,18 +4678,16 @@ client = 153-version-negotiation-client [153-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [153-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-153] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4426,18 +4703,17 @@ client = 154-version-negotiation-client [154-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [154-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-154] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4453,18 +4729,16 @@ client = 155-version-negotiation-client [155-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [155-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-155] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -4480,18 +4754,18 @@ client = 156-version-negotiation-client [156-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [156-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-156] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4506,19 +4780,18 @@ client = 157-version-negotiation-client [157-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [157-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-157] -ExpectedResult = ServerFail +ExpectedResult = ClientFail # =========================================================== @@ -4533,20 +4806,18 @@ client = 158-version-negotiation-client [158-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [158-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-158] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4561,20 +4832,18 @@ client = 159-version-negotiation-client [159-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [159-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-159] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4589,20 +4858,18 @@ client = 160-version-negotiation-client [160-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [160-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-160] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4617,19 +4884,17 @@ client = 161-version-negotiation-client [161-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [161-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-161] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4644,20 +4909,19 @@ client = 162-version-negotiation-client [162-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [162-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-162] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4672,20 +4936,19 @@ client = 163-version-negotiation-client [163-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [163-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-163] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4700,20 +4963,19 @@ client = 164-version-negotiation-client [164-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [164-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-164] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4728,19 +4990,19 @@ client = 165-version-negotiation-client [165-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [165-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-165] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4755,20 +5017,19 @@ client = 166-version-negotiation-client [166-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [166-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-166] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4783,20 +5044,18 @@ client = 167-version-negotiation-client [167-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [167-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-167] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4811,19 +5070,19 @@ client = 168-version-negotiation-client [168-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [168-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-168] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4838,20 +5097,19 @@ client = 169-version-negotiation-client [169-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [169-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-169] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4866,19 +5124,19 @@ client = 170-version-negotiation-client [170-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [170-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-170] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4893,17 +5151,19 @@ client = 171-version-negotiation-client [171-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [171-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-171] -ExpectedResult = ServerFail +ExpectedResult = ClientFail # =========================================================== @@ -4918,18 +5178,18 @@ client = 172-version-negotiation-client [172-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [172-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-172] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4945,17 +5205,18 @@ client = 173-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [173-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-173] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4971,17 +5232,18 @@ client = 174-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [174-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-174] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -4996,17 +5258,19 @@ client = 175-version-negotiation-client [175-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [175-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-175] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -5021,18 +5285,18 @@ client = 176-version-negotiation-client [176-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [176-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-176] -ExpectedResult = ServerFail +ExpectedResult = ClientFail # =========================================================== @@ -5047,19 +5311,19 @@ client = 177-version-negotiation-client [177-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [177-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-177] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -5074,19 +5338,19 @@ client = 178-version-negotiation-client [178-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [178-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-178] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -5101,19 +5365,18 @@ client = 179-version-negotiation-client [179-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [179-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-179] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -5128,18 +5391,19 @@ client = 180-version-negotiation-client [180-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [180-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-180] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -5154,19 +5418,18 @@ client = 181-version-negotiation-client [181-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [181-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = SSLv3 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-181] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ClientFail # =========================================================== @@ -5181,19 +5444,18 @@ client = 182-version-negotiation-client [182-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [182-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-182] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5208,18 +5470,18 @@ client = 183-version-negotiation-client [183-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [183-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-183] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5235,17 +5497,18 @@ client = 184-version-negotiation-client [184-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [184-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-184] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5261,18 +5524,18 @@ client = 185-version-negotiation-client [185-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [185-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-185] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5288,18 +5551,18 @@ client = 186-version-negotiation-client [186-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [186-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-186] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5315,17 +5578,17 @@ client = 187-version-negotiation-client [187-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [187-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-187] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5341,19 +5604,19 @@ client = 188-version-negotiation-client [188-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [188-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-188] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5368,17 +5631,19 @@ client = 189-version-negotiation-client [189-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [189-version-negotiation-client] CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-189] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -5394,18 +5659,20 @@ client = 190-version-negotiation-client [190-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [190-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-190] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -5420,13 +5687,14 @@ client = 191-version-negotiation-client [191-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [191-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5447,13 +5715,14 @@ client = 192-version-negotiation-client [192-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [192-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5474,13 +5743,13 @@ client = 193-version-negotiation-client [193-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [193-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5501,12 +5770,14 @@ client = 194-version-negotiation-client [194-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [194-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5527,19 +5798,20 @@ client = 195-version-negotiation-client [195-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [195-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-195] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -5554,14 +5826,14 @@ client = 196-version-negotiation-client [196-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [196-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5582,14 +5854,14 @@ client = 197-version-negotiation-client [197-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [197-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5610,14 +5882,13 @@ client = 198-version-negotiation-client [198-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [198-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5638,19 +5909,19 @@ client = 199-version-negotiation-client [199-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [199-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-199] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5665,20 +5936,19 @@ client = 200-version-negotiation-client [200-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [200-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-200] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5693,20 +5963,19 @@ client = 201-version-negotiation-client [201-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [201-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-201] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5721,20 +5990,18 @@ client = 202-version-negotiation-client [202-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [202-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-202] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5749,19 +6016,19 @@ client = 203-version-negotiation-client [203-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [203-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-203] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -5776,14 +6043,14 @@ client = 204-version-negotiation-client [204-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [204-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5803,14 +6070,13 @@ client = 205-version-negotiation-client [205-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [205-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5830,13 +6096,14 @@ client = 206-version-negotiation-client [206-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [206-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5856,14 +6123,13 @@ client = 207-version-negotiation-client [207-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [207-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5883,13 +6149,13 @@ client = 208-version-negotiation-client [208-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [208-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5909,18 +6175,19 @@ client = 209-version-negotiation-client [209-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [209-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-209] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -5935,18 +6202,18 @@ client = 210-version-negotiation-client [210-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [210-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-210] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -5962,13 +6229,13 @@ client = 211-version-negotiation-client [211-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [211-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -5989,13 +6256,13 @@ client = 212-version-negotiation-client [212-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [212-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6021,7 +6288,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [213-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6049,7 +6316,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [214-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6076,7 +6343,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [215-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6104,7 +6371,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [216-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6132,7 +6399,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [217-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6153,13 +6420,14 @@ client = 218-version-negotiation-client [218-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [218-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6180,19 +6448,18 @@ client = 219-version-negotiation-client [219-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [219-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-219] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -6208,19 +6475,19 @@ client = 220-version-negotiation-client [220-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [220-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-220] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6236,14 +6503,14 @@ client = 221-version-negotiation-client [221-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [221-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6264,13 +6531,14 @@ client = 222-version-negotiation-client [222-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [222-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6291,14 +6559,14 @@ client = 223-version-negotiation-client [223-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [223-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6319,14 +6587,13 @@ client = 224-version-negotiation-client [224-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [224-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6347,13 +6614,14 @@ client = 225-version-negotiation-client [225-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [225-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6375,18 +6643,19 @@ client = 226-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [226-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-226] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6401,18 +6670,20 @@ client = 227-version-negotiation-client [227-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [227-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-227] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6427,18 +6698,19 @@ client = 228-version-negotiation-client [228-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [228-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-228] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6453,19 +6725,19 @@ client = 229-version-negotiation-client [229-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [229-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-229] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6480,19 +6752,19 @@ client = 230-version-negotiation-client [230-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [230-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-230] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6507,19 +6779,18 @@ client = 231-version-negotiation-client [231-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [231-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-231] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6534,18 +6805,19 @@ client = 232-version-negotiation-client [232-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [232-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-232] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6560,14 +6832,13 @@ client = 233-version-negotiation-client [233-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [233-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6587,20 +6858,18 @@ client = 234-version-negotiation-client [234-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [234-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-234] -ExpectedProtocol = TLSv1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6615,19 +6884,18 @@ client = 235-version-negotiation-client [235-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [235-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-235] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6643,19 +6911,18 @@ client = 236-version-negotiation-client [236-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [236-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-236] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -6671,13 +6938,13 @@ client = 237-version-negotiation-client [237-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [237-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6698,19 +6965,18 @@ client = 238-version-negotiation-client [238-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [238-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-238] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -6726,19 +6992,17 @@ client = 239-version-negotiation-client [239-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [239-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-239] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -6754,20 +7018,19 @@ client = 240-version-negotiation-client [240-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [240-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-240] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -6782,18 +7045,19 @@ client = 241-version-negotiation-client [241-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [241-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-241] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6810,13 +7074,13 @@ client = 242-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [242-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6838,13 +7102,13 @@ client = 243-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [243-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6865,13 +7129,14 @@ client = 244-version-negotiation-client [244-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [244-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6892,14 +7157,13 @@ client = 245-version-negotiation-client [245-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [245-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -6920,18 +7184,19 @@ client = 246-version-negotiation-client [246-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [246-version-negotiation-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-246] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -6947,17 +7212,20 @@ client = 247-version-negotiation-client [247-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [247-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-247] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -6972,17 +7240,19 @@ client = 248-version-negotiation-client [248-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [248-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-248] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -6998,17 +7268,19 @@ client = 249-version-negotiation-client [249-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [249-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-249] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7024,12 +7296,13 @@ client = 250-version-negotiation-client [250-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [250-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7050,16 +7323,19 @@ client = 251-version-negotiation-client [251-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [251-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-251] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -7075,18 +7351,20 @@ client = 252-version-negotiation-client [252-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [252-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-252] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -7101,18 +7379,19 @@ client = 253-version-negotiation-client [253-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [253-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-253] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7128,18 +7407,18 @@ client = 254-version-negotiation-client [254-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [254-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-254] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7156,12 +7435,13 @@ client = 255-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [255-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7182,12 +7462,14 @@ client = 256-version-negotiation-client [256-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [256-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7208,18 +7490,18 @@ client = 257-version-negotiation-client [257-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [257-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-257] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7235,19 +7517,19 @@ client = 258-version-negotiation-client [258-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [258-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-258] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -7262,19 +7544,18 @@ client = 259-version-negotiation-client [259-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [259-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-259] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -7289,18 +7570,18 @@ client = 260-version-negotiation-client [260-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [260-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-260] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -7315,18 +7596,18 @@ client = 261-version-negotiation-client [261-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [261-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-261] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -7342,18 +7623,18 @@ client = 262-version-negotiation-client [262-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [262-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-262] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -7369,12 +7650,13 @@ client = 263-version-negotiation-client [263-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [263-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7395,18 +7677,18 @@ client = 264-version-negotiation-client [264-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [264-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-264] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7422,17 +7704,17 @@ client = 265-version-negotiation-client [265-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [265-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-265] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7449,12 +7731,13 @@ client = 266-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [266-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7475,17 +7758,19 @@ client = 267-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [267-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-267] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -7501,12 +7786,13 @@ client = 268-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [268-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7528,17 +7814,18 @@ client = 269-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [269-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-269] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7554,17 +7841,19 @@ client = 270-version-negotiation-client [270-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [270-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-270] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7580,19 +7869,19 @@ client = 271-version-negotiation-client [271-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [271-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-271] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7608,18 +7897,19 @@ client = 272-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [272-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-272] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -7635,13 +7925,13 @@ client = 273-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [273-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7663,18 +7953,18 @@ client = 274-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [274-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-274] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7690,18 +7980,19 @@ client = 275-version-negotiation-client [275-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [275-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-275] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7717,19 +8008,19 @@ client = 276-version-negotiation-client [276-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [276-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-276] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7745,13 +8036,13 @@ client = 277-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [277-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -7773,18 +8064,18 @@ client = 278-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [278-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-278] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7800,18 +8091,19 @@ client = 279-version-negotiation-client [279-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [279-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-279] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7827,19 +8119,18 @@ client = 280-version-negotiation-client [280-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [280-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-280] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7856,18 +8147,18 @@ client = 281-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [281-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-281] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 ExpectedResult = Success @@ -7883,18 +8174,19 @@ client = 282-version-negotiation-client [282-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [282-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-282] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -7910,19 +8202,19 @@ client = 283-version-negotiation-client [283-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [283-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-283] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7937,18 +8229,20 @@ client = 284-version-negotiation-client [284-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [284-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-284] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7963,18 +8257,19 @@ client = 285-version-negotiation-client [285-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [285-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-285] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -7989,18 +8284,17 @@ client = 286-version-negotiation-client [286-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [286-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-286] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -8015,18 +8309,17 @@ client = 287-version-negotiation-client [287-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [287-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-287] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8042,18 +8335,17 @@ client = 288-version-negotiation-client [288-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [288-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-288] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -8069,12 +8361,12 @@ client = 289-version-negotiation-client [289-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [289-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8095,19 +8387,18 @@ client = 290-version-negotiation-client [290-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [290-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-290] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8122,19 +8413,17 @@ client = 291-version-negotiation-client [291-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [291-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-291] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8149,20 +8438,18 @@ client = 292-version-negotiation-client [292-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = SSLv3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [292-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-292] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -8177,19 +8464,18 @@ client = 293-version-negotiation-client [293-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [293-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-293] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8205,18 +8491,18 @@ client = 294-version-negotiation-client [294-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [294-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-294] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -8232,19 +8518,19 @@ client = 295-version-negotiation-client [295-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [295-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-295] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -8259,19 +8545,18 @@ client = 296-version-negotiation-client [296-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [296-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-296] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8287,19 +8572,17 @@ client = 297-version-negotiation-client [297-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [297-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-297] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8315,18 +8598,18 @@ client = 298-version-negotiation-client [298-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [298-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-298] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8343,13 +8626,12 @@ client = 299-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [299-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8371,13 +8653,12 @@ client = 300-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [300-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8398,18 +8679,18 @@ client = 301-version-negotiation-client [301-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [301-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-301] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8425,19 +8706,17 @@ client = 302-version-negotiation-client [302-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [302-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-302] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8453,18 +8732,18 @@ client = 303-version-negotiation-client [303-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [303-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-303] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -8480,17 +8759,19 @@ client = 304-version-negotiation-client [304-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [304-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-304] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success # =========================================================== @@ -8505,17 +8786,19 @@ client = 305-version-negotiation-client [305-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [305-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-305] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8530,17 +8813,17 @@ client = 306-version-negotiation-client [306-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [306-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-306] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8557,11 +8840,12 @@ client = 307-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [307-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -8582,16 +8866,18 @@ client = 308-version-negotiation-client [308-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [308-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-308] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8607,18 +8893,18 @@ client = 309-version-negotiation-client [309-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [309-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-309] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8633,18 +8919,19 @@ client = 310-version-negotiation-client [310-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [310-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-310] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success # =========================================================== @@ -8659,18 +8946,17 @@ client = 311-version-negotiation-client [311-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [311-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MinProtocol = SSLv3 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-311] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 ExpectedResult = Success @@ -8686,19 +8972,18 @@ client = 312-version-negotiation-client [312-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [312-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-312] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -8713,17 +8998,18 @@ client = 313-version-negotiation-client [313-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [313-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-313] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8739,18 +9025,19 @@ client = 314-version-negotiation-client [314-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [314-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-314] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -8765,18 +9052,18 @@ client = 315-version-negotiation-client [315-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [315-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-315] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8792,18 +9079,18 @@ client = 316-version-negotiation-client [316-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [316-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-316] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8819,17 +9106,17 @@ client = 317-version-negotiation-client [317-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [317-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-317] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8845,19 +9132,19 @@ client = 318-version-negotiation-client [318-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [318-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-318] -ExpectedProtocol = TLSv1.1 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -8872,18 +9159,19 @@ client = 319-version-negotiation-client [319-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [319-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-319] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8899,17 +9187,19 @@ client = 320-version-negotiation-client [320-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [320-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-320] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8926,17 +9216,18 @@ client = 321-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [321-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-321] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8952,17 +9243,19 @@ client = 322-version-negotiation-client [322-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [322-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-322] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -8978,18 +9271,19 @@ client = 323-version-negotiation-client [323-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [323-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-323] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9005,17 +9299,19 @@ client = 324-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [324-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-324] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9031,17 +9327,19 @@ client = 325-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [325-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-325] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9057,17 +9355,18 @@ client = 326-version-negotiation-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [326-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-326] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9083,17 +9382,19 @@ client = 327-version-negotiation-client [327-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [327-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-327] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9109,19 +9410,19 @@ client = 328-version-negotiation-client [328-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 -MinProtocol = SSLv3 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [328-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-328] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1 +ExpectedResult = Success # =========================================================== @@ -9136,19 +9437,19 @@ client = 329-version-negotiation-client [329-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [329-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-329] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9163,19 +9464,19 @@ client = 330-version-negotiation-client [330-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [330-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-330] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9190,20 +9491,19 @@ client = 331-version-negotiation-client [331-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [331-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-331] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9218,19 +9518,18 @@ client = 332-version-negotiation-client [332-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [332-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-332] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9245,19 +9544,19 @@ client = 333-version-negotiation-client [333-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [333-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-333] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9272,19 +9571,19 @@ client = 334-version-negotiation-client [334-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [334-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-334] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9299,20 +9598,18 @@ client = 335-version-negotiation-client [335-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1 +MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [335-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-335] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9327,19 +9624,19 @@ client = 336-version-negotiation-client [336-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [336-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-336] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9354,19 +9651,18 @@ client = 337-version-negotiation-client [337-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MinProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [337-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-337] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9381,20 +9677,18 @@ client = 338-version-negotiation-client [338-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.1 +MaxProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [338-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-338] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9409,18 +9703,18 @@ client = 339-version-negotiation-client [339-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [339-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-339] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9436,19 +9730,18 @@ client = 340-version-negotiation-client [340-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [340-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-340] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9464,18 +9757,18 @@ client = 341-version-negotiation-client [341-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [341-version-negotiation-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-341] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9491,17 +9784,19 @@ client = 342-version-negotiation-client [342-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [342-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-342] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9516,17 +9811,18 @@ client = 343-version-negotiation-client [343-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [343-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-343] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9541,17 +9837,19 @@ client = 344-version-negotiation-client [344-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = SSLv3 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [344-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-344] -ExpectedResult = ClientFail +ExpectedResult = ServerFail # =========================================================== @@ -9566,17 +9864,19 @@ client = 345-version-negotiation-client [345-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [345-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-345] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9592,16 +9892,19 @@ client = 346-version-negotiation-client [346-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [346-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-346] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9617,18 +9920,20 @@ client = 347-version-negotiation-client [347-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = SSLv3 +MaxProtocol = TLSv1.2 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [347-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-347] -ExpectedResult = ServerFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9643,18 +9948,20 @@ client = 348-version-negotiation-client [348-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [348-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-348] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9669,18 +9976,19 @@ client = 349-version-negotiation-client [349-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 MinProtocol = SSLv3 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [349-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-349] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9695,18 +10003,19 @@ client = 350-version-negotiation-client [350-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = SSLv3 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [350-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-350] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 ExpectedResult = Success @@ -9722,17 +10031,19 @@ client = 351-version-negotiation-client [351-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = SSLv3 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [351-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-351] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9748,18 +10059,20 @@ client = 352-version-negotiation-client [352-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [352-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-352] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9774,18 +10087,20 @@ client = 353-version-negotiation-client [353-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [353-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-353] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9800,18 +10115,18 @@ client = 354-version-negotiation-client [354-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [354-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-354] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9827,17 +10142,19 @@ client = 355-version-negotiation-client [355-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MinProtocol = TLSv1 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [355-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-355] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9853,18 +10170,20 @@ client = 356-version-negotiation-client [356-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.2 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [356-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-356] -ExpectedResult = ClientFail +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success # =========================================================== @@ -9879,18 +10198,19 @@ client = 357-version-negotiation-client [357-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [357-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-357] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9911,12 +10231,13 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [358-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-358] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 ExpectedResult = Success @@ -9938,13 +10259,13 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [359-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-359] -ExpectedProtocol = TLSv1.2 -ExpectedResult = Success +ExpectedResult = ServerFail # =========================================================== @@ -9959,17 +10280,8543 @@ client = 360-version-negotiation-client [360-version-negotiation-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [360-version-negotiation-client] CipherString = DEFAULT -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-360] +ExpectedResult = ServerFail + + +# =========================================================== + +[361-version-negotiation] +ssl_conf = 361-version-negotiation-ssl + +[361-version-negotiation-ssl] +server = 361-version-negotiation-server +client = 361-version-negotiation-client + +[361-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[361-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-361] +ExpectedResult = ServerFail + + +# =========================================================== + +[362-version-negotiation] +ssl_conf = 362-version-negotiation-ssl + +[362-version-negotiation-ssl] +server = 362-version-negotiation-server +client = 362-version-negotiation-client + +[362-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[362-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-362] +ExpectedResult = ServerFail + + +# =========================================================== + +[363-version-negotiation] +ssl_conf = 363-version-negotiation-ssl + +[363-version-negotiation-ssl] +server = 363-version-negotiation-server +client = 363-version-negotiation-client + +[363-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[363-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-363] +ExpectedResult = ServerFail + + +# =========================================================== + +[364-version-negotiation] +ssl_conf = 364-version-negotiation-ssl + +[364-version-negotiation-ssl] +server = 364-version-negotiation-server +client = 364-version-negotiation-client + +[364-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[364-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-364] +ExpectedResult = ServerFail + + +# =========================================================== + +[365-version-negotiation] +ssl_conf = 365-version-negotiation-ssl + +[365-version-negotiation-ssl] +server = 365-version-negotiation-server +client = 365-version-negotiation-client + +[365-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[365-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-365] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[366-version-negotiation] +ssl_conf = 366-version-negotiation-ssl + +[366-version-negotiation-ssl] +server = 366-version-negotiation-server +client = 366-version-negotiation-client + +[366-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[366-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-366] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[367-version-negotiation] +ssl_conf = 367-version-negotiation-ssl + +[367-version-negotiation-ssl] +server = 367-version-negotiation-server +client = 367-version-negotiation-client + +[367-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[367-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-367] ExpectedProtocol = TLSv1.2 ExpectedResult = Success +# =========================================================== + +[368-version-negotiation] +ssl_conf = 368-version-negotiation-ssl + +[368-version-negotiation-ssl] +server = 368-version-negotiation-server +client = 368-version-negotiation-client + +[368-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[368-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-368] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[369-version-negotiation] +ssl_conf = 369-version-negotiation-ssl + +[369-version-negotiation-ssl] +server = 369-version-negotiation-server +client = 369-version-negotiation-client + +[369-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[369-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-369] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[370-version-negotiation] +ssl_conf = 370-version-negotiation-ssl + +[370-version-negotiation-ssl] +server = 370-version-negotiation-server +client = 370-version-negotiation-client + +[370-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[370-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-370] +ExpectedResult = ServerFail + + +# =========================================================== + +[371-version-negotiation] +ssl_conf = 371-version-negotiation-ssl + +[371-version-negotiation-ssl] +server = 371-version-negotiation-server +client = 371-version-negotiation-client + +[371-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[371-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-371] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[372-version-negotiation] +ssl_conf = 372-version-negotiation-ssl + +[372-version-negotiation-ssl] +server = 372-version-negotiation-server +client = 372-version-negotiation-client + +[372-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[372-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-372] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[373-version-negotiation] +ssl_conf = 373-version-negotiation-ssl + +[373-version-negotiation-ssl] +server = 373-version-negotiation-server +client = 373-version-negotiation-client + +[373-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[373-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-373] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[374-version-negotiation] +ssl_conf = 374-version-negotiation-ssl + +[374-version-negotiation-ssl] +server = 374-version-negotiation-server +client = 374-version-negotiation-client + +[374-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[374-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-374] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[375-version-negotiation] +ssl_conf = 375-version-negotiation-ssl + +[375-version-negotiation-ssl] +server = 375-version-negotiation-server +client = 375-version-negotiation-client + +[375-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[375-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-375] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[376-version-negotiation] +ssl_conf = 376-version-negotiation-ssl + +[376-version-negotiation-ssl] +server = 376-version-negotiation-server +client = 376-version-negotiation-client + +[376-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[376-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-376] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[377-version-negotiation] +ssl_conf = 377-version-negotiation-ssl + +[377-version-negotiation-ssl] +server = 377-version-negotiation-server +client = 377-version-negotiation-client + +[377-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[377-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-377] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[378-version-negotiation] +ssl_conf = 378-version-negotiation-ssl + +[378-version-negotiation-ssl] +server = 378-version-negotiation-server +client = 378-version-negotiation-client + +[378-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[378-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-378] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[379-version-negotiation] +ssl_conf = 379-version-negotiation-ssl + +[379-version-negotiation-ssl] +server = 379-version-negotiation-server +client = 379-version-negotiation-client + +[379-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[379-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-379] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[380-version-negotiation] +ssl_conf = 380-version-negotiation-ssl + +[380-version-negotiation-ssl] +server = 380-version-negotiation-server +client = 380-version-negotiation-client + +[380-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[380-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-380] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[381-version-negotiation] +ssl_conf = 381-version-negotiation-ssl + +[381-version-negotiation-ssl] +server = 381-version-negotiation-server +client = 381-version-negotiation-client + +[381-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[381-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-381] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[382-version-negotiation] +ssl_conf = 382-version-negotiation-ssl + +[382-version-negotiation-ssl] +server = 382-version-negotiation-server +client = 382-version-negotiation-client + +[382-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[382-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-382] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[383-version-negotiation] +ssl_conf = 383-version-negotiation-ssl + +[383-version-negotiation-ssl] +server = 383-version-negotiation-server +client = 383-version-negotiation-client + +[383-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[383-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-383] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[384-version-negotiation] +ssl_conf = 384-version-negotiation-ssl + +[384-version-negotiation-ssl] +server = 384-version-negotiation-server +client = 384-version-negotiation-client + +[384-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[384-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-384] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[385-version-negotiation] +ssl_conf = 385-version-negotiation-ssl + +[385-version-negotiation-ssl] +server = 385-version-negotiation-server +client = 385-version-negotiation-client + +[385-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[385-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-385] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[386-version-negotiation] +ssl_conf = 386-version-negotiation-ssl + +[386-version-negotiation-ssl] +server = 386-version-negotiation-server +client = 386-version-negotiation-client + +[386-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[386-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-386] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[387-version-negotiation] +ssl_conf = 387-version-negotiation-ssl + +[387-version-negotiation-ssl] +server = 387-version-negotiation-server +client = 387-version-negotiation-client + +[387-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[387-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-387] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[388-version-negotiation] +ssl_conf = 388-version-negotiation-ssl + +[388-version-negotiation-ssl] +server = 388-version-negotiation-server +client = 388-version-negotiation-client + +[388-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[388-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-388] +ExpectedResult = ServerFail + + +# =========================================================== + +[389-version-negotiation] +ssl_conf = 389-version-negotiation-ssl + +[389-version-negotiation-ssl] +server = 389-version-negotiation-server +client = 389-version-negotiation-client + +[389-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[389-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-389] +ExpectedResult = ServerFail + + +# =========================================================== + +[390-version-negotiation] +ssl_conf = 390-version-negotiation-ssl + +[390-version-negotiation-ssl] +server = 390-version-negotiation-server +client = 390-version-negotiation-client + +[390-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[390-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-390] +ExpectedResult = ServerFail + + +# =========================================================== + +[391-version-negotiation] +ssl_conf = 391-version-negotiation-ssl + +[391-version-negotiation-ssl] +server = 391-version-negotiation-server +client = 391-version-negotiation-client + +[391-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[391-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-391] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[392-version-negotiation] +ssl_conf = 392-version-negotiation-ssl + +[392-version-negotiation-ssl] +server = 392-version-negotiation-server +client = 392-version-negotiation-client + +[392-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[392-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-392] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[393-version-negotiation] +ssl_conf = 393-version-negotiation-ssl + +[393-version-negotiation-ssl] +server = 393-version-negotiation-server +client = 393-version-negotiation-client + +[393-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[393-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-393] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[394-version-negotiation] +ssl_conf = 394-version-negotiation-ssl + +[394-version-negotiation-ssl] +server = 394-version-negotiation-server +client = 394-version-negotiation-client + +[394-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[394-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-394] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[395-version-negotiation] +ssl_conf = 395-version-negotiation-ssl + +[395-version-negotiation-ssl] +server = 395-version-negotiation-server +client = 395-version-negotiation-client + +[395-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[395-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-395] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[396-version-negotiation] +ssl_conf = 396-version-negotiation-ssl + +[396-version-negotiation-ssl] +server = 396-version-negotiation-server +client = 396-version-negotiation-client + +[396-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[396-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-396] +ExpectedResult = ServerFail + + +# =========================================================== + +[397-version-negotiation] +ssl_conf = 397-version-negotiation-ssl + +[397-version-negotiation-ssl] +server = 397-version-negotiation-server +client = 397-version-negotiation-client + +[397-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[397-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-397] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[398-version-negotiation] +ssl_conf = 398-version-negotiation-ssl + +[398-version-negotiation-ssl] +server = 398-version-negotiation-server +client = 398-version-negotiation-client + +[398-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[398-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-398] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[399-version-negotiation] +ssl_conf = 399-version-negotiation-ssl + +[399-version-negotiation-ssl] +server = 399-version-negotiation-server +client = 399-version-negotiation-client + +[399-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[399-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-399] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[400-version-negotiation] +ssl_conf = 400-version-negotiation-ssl + +[400-version-negotiation-ssl] +server = 400-version-negotiation-server +client = 400-version-negotiation-client + +[400-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[400-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-400] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[401-version-negotiation] +ssl_conf = 401-version-negotiation-ssl + +[401-version-negotiation-ssl] +server = 401-version-negotiation-server +client = 401-version-negotiation-client + +[401-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[401-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-401] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[402-version-negotiation] +ssl_conf = 402-version-negotiation-ssl + +[402-version-negotiation-ssl] +server = 402-version-negotiation-server +client = 402-version-negotiation-client + +[402-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[402-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-402] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[403-version-negotiation] +ssl_conf = 403-version-negotiation-ssl + +[403-version-negotiation-ssl] +server = 403-version-negotiation-server +client = 403-version-negotiation-client + +[403-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[403-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-403] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[404-version-negotiation] +ssl_conf = 404-version-negotiation-ssl + +[404-version-negotiation-ssl] +server = 404-version-negotiation-server +client = 404-version-negotiation-client + +[404-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[404-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-404] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[405-version-negotiation] +ssl_conf = 405-version-negotiation-ssl + +[405-version-negotiation-ssl] +server = 405-version-negotiation-server +client = 405-version-negotiation-client + +[405-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[405-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-405] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[406-version-negotiation] +ssl_conf = 406-version-negotiation-ssl + +[406-version-negotiation-ssl] +server = 406-version-negotiation-server +client = 406-version-negotiation-client + +[406-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[406-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-406] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[407-version-negotiation] +ssl_conf = 407-version-negotiation-ssl + +[407-version-negotiation-ssl] +server = 407-version-negotiation-server +client = 407-version-negotiation-client + +[407-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[407-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-407] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[408-version-negotiation] +ssl_conf = 408-version-negotiation-ssl + +[408-version-negotiation-ssl] +server = 408-version-negotiation-server +client = 408-version-negotiation-client + +[408-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[408-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-408] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[409-version-negotiation] +ssl_conf = 409-version-negotiation-ssl + +[409-version-negotiation-ssl] +server = 409-version-negotiation-server +client = 409-version-negotiation-client + +[409-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[409-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-409] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[410-version-negotiation] +ssl_conf = 410-version-negotiation-ssl + +[410-version-negotiation-ssl] +server = 410-version-negotiation-server +client = 410-version-negotiation-client + +[410-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[410-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-410] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[411-version-negotiation] +ssl_conf = 411-version-negotiation-ssl + +[411-version-negotiation-ssl] +server = 411-version-negotiation-server +client = 411-version-negotiation-client + +[411-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[411-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-411] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[412-version-negotiation] +ssl_conf = 412-version-negotiation-ssl + +[412-version-negotiation-ssl] +server = 412-version-negotiation-server +client = 412-version-negotiation-client + +[412-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[412-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-412] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[413-version-negotiation] +ssl_conf = 413-version-negotiation-ssl + +[413-version-negotiation-ssl] +server = 413-version-negotiation-server +client = 413-version-negotiation-client + +[413-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[413-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-413] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[414-version-negotiation] +ssl_conf = 414-version-negotiation-ssl + +[414-version-negotiation-ssl] +server = 414-version-negotiation-server +client = 414-version-negotiation-client + +[414-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[414-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-414] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[415-version-negotiation] +ssl_conf = 415-version-negotiation-ssl + +[415-version-negotiation-ssl] +server = 415-version-negotiation-server +client = 415-version-negotiation-client + +[415-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[415-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-415] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[416-version-negotiation] +ssl_conf = 416-version-negotiation-ssl + +[416-version-negotiation-ssl] +server = 416-version-negotiation-server +client = 416-version-negotiation-client + +[416-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[416-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-416] +ExpectedResult = ServerFail + + +# =========================================================== + +[417-version-negotiation] +ssl_conf = 417-version-negotiation-ssl + +[417-version-negotiation-ssl] +server = 417-version-negotiation-server +client = 417-version-negotiation-client + +[417-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[417-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-417] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[418-version-negotiation] +ssl_conf = 418-version-negotiation-ssl + +[418-version-negotiation-ssl] +server = 418-version-negotiation-server +client = 418-version-negotiation-client + +[418-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[418-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-418] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[419-version-negotiation] +ssl_conf = 419-version-negotiation-ssl + +[419-version-negotiation-ssl] +server = 419-version-negotiation-server +client = 419-version-negotiation-client + +[419-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[419-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-419] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[420-version-negotiation] +ssl_conf = 420-version-negotiation-ssl + +[420-version-negotiation-ssl] +server = 420-version-negotiation-server +client = 420-version-negotiation-client + +[420-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[420-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-420] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[421-version-negotiation] +ssl_conf = 421-version-negotiation-ssl + +[421-version-negotiation-ssl] +server = 421-version-negotiation-server +client = 421-version-negotiation-client + +[421-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[421-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-421] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[422-version-negotiation] +ssl_conf = 422-version-negotiation-ssl + +[422-version-negotiation-ssl] +server = 422-version-negotiation-server +client = 422-version-negotiation-client + +[422-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[422-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-422] +ExpectedResult = ServerFail + + +# =========================================================== + +[423-version-negotiation] +ssl_conf = 423-version-negotiation-ssl + +[423-version-negotiation-ssl] +server = 423-version-negotiation-server +client = 423-version-negotiation-client + +[423-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[423-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-423] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[424-version-negotiation] +ssl_conf = 424-version-negotiation-ssl + +[424-version-negotiation-ssl] +server = 424-version-negotiation-server +client = 424-version-negotiation-client + +[424-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[424-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-424] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[425-version-negotiation] +ssl_conf = 425-version-negotiation-ssl + +[425-version-negotiation-ssl] +server = 425-version-negotiation-server +client = 425-version-negotiation-client + +[425-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[425-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-425] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[426-version-negotiation] +ssl_conf = 426-version-negotiation-ssl + +[426-version-negotiation-ssl] +server = 426-version-negotiation-server +client = 426-version-negotiation-client + +[426-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[426-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-426] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[427-version-negotiation] +ssl_conf = 427-version-negotiation-ssl + +[427-version-negotiation-ssl] +server = 427-version-negotiation-server +client = 427-version-negotiation-client + +[427-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[427-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-427] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[428-version-negotiation] +ssl_conf = 428-version-negotiation-ssl + +[428-version-negotiation-ssl] +server = 428-version-negotiation-server +client = 428-version-negotiation-client + +[428-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[428-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-428] +ExpectedProtocol = TLSv1 +ExpectedResult = Success + + +# =========================================================== + +[429-version-negotiation] +ssl_conf = 429-version-negotiation-ssl + +[429-version-negotiation-ssl] +server = 429-version-negotiation-server +client = 429-version-negotiation-client + +[429-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[429-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-429] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[430-version-negotiation] +ssl_conf = 430-version-negotiation-ssl + +[430-version-negotiation-ssl] +server = 430-version-negotiation-server +client = 430-version-negotiation-client + +[430-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[430-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-430] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[431-version-negotiation] +ssl_conf = 431-version-negotiation-ssl + +[431-version-negotiation-ssl] +server = 431-version-negotiation-server +client = 431-version-negotiation-client + +[431-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[431-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-431] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[432-version-negotiation] +ssl_conf = 432-version-negotiation-ssl + +[432-version-negotiation-ssl] +server = 432-version-negotiation-server +client = 432-version-negotiation-client + +[432-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[432-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-432] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[433-version-negotiation] +ssl_conf = 433-version-negotiation-ssl + +[433-version-negotiation-ssl] +server = 433-version-negotiation-server +client = 433-version-negotiation-client + +[433-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[433-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-433] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[434-version-negotiation] +ssl_conf = 434-version-negotiation-ssl + +[434-version-negotiation-ssl] +server = 434-version-negotiation-server +client = 434-version-negotiation-client + +[434-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[434-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-434] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[435-version-negotiation] +ssl_conf = 435-version-negotiation-ssl + +[435-version-negotiation-ssl] +server = 435-version-negotiation-server +client = 435-version-negotiation-client + +[435-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[435-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-435] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[436-version-negotiation] +ssl_conf = 436-version-negotiation-ssl + +[436-version-negotiation-ssl] +server = 436-version-negotiation-server +client = 436-version-negotiation-client + +[436-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[436-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-436] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[437-version-negotiation] +ssl_conf = 437-version-negotiation-ssl + +[437-version-negotiation-ssl] +server = 437-version-negotiation-server +client = 437-version-negotiation-client + +[437-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[437-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-437] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[438-version-negotiation] +ssl_conf = 438-version-negotiation-ssl + +[438-version-negotiation-ssl] +server = 438-version-negotiation-server +client = 438-version-negotiation-client + +[438-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[438-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-438] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[439-version-negotiation] +ssl_conf = 439-version-negotiation-ssl + +[439-version-negotiation-ssl] +server = 439-version-negotiation-server +client = 439-version-negotiation-client + +[439-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[439-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-439] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[440-version-negotiation] +ssl_conf = 440-version-negotiation-ssl + +[440-version-negotiation-ssl] +server = 440-version-negotiation-server +client = 440-version-negotiation-client + +[440-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[440-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-440] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[441-version-negotiation] +ssl_conf = 441-version-negotiation-ssl + +[441-version-negotiation-ssl] +server = 441-version-negotiation-server +client = 441-version-negotiation-client + +[441-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[441-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-441] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[442-version-negotiation] +ssl_conf = 442-version-negotiation-ssl + +[442-version-negotiation-ssl] +server = 442-version-negotiation-server +client = 442-version-negotiation-client + +[442-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[442-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-442] +ExpectedResult = ServerFail + + +# =========================================================== + +[443-version-negotiation] +ssl_conf = 443-version-negotiation-ssl + +[443-version-negotiation-ssl] +server = 443-version-negotiation-server +client = 443-version-negotiation-client + +[443-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[443-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-443] +ExpectedResult = ClientFail + + +# =========================================================== + +[444-version-negotiation] +ssl_conf = 444-version-negotiation-ssl + +[444-version-negotiation-ssl] +server = 444-version-negotiation-server +client = 444-version-negotiation-client + +[444-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[444-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-444] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[445-version-negotiation] +ssl_conf = 445-version-negotiation-ssl + +[445-version-negotiation-ssl] +server = 445-version-negotiation-server +client = 445-version-negotiation-client + +[445-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[445-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-445] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[446-version-negotiation] +ssl_conf = 446-version-negotiation-ssl + +[446-version-negotiation-ssl] +server = 446-version-negotiation-server +client = 446-version-negotiation-client + +[446-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[446-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-446] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[447-version-negotiation] +ssl_conf = 447-version-negotiation-ssl + +[447-version-negotiation-ssl] +server = 447-version-negotiation-server +client = 447-version-negotiation-client + +[447-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[447-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-447] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[448-version-negotiation] +ssl_conf = 448-version-negotiation-ssl + +[448-version-negotiation-ssl] +server = 448-version-negotiation-server +client = 448-version-negotiation-client + +[448-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[448-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-448] +ExpectedResult = ServerFail + + +# =========================================================== + +[449-version-negotiation] +ssl_conf = 449-version-negotiation-ssl + +[449-version-negotiation-ssl] +server = 449-version-negotiation-server +client = 449-version-negotiation-client + +[449-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[449-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-449] +ExpectedResult = ClientFail + + +# =========================================================== + +[450-version-negotiation] +ssl_conf = 450-version-negotiation-ssl + +[450-version-negotiation-ssl] +server = 450-version-negotiation-server +client = 450-version-negotiation-client + +[450-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[450-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-450] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[451-version-negotiation] +ssl_conf = 451-version-negotiation-ssl + +[451-version-negotiation-ssl] +server = 451-version-negotiation-server +client = 451-version-negotiation-client + +[451-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[451-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-451] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[452-version-negotiation] +ssl_conf = 452-version-negotiation-ssl + +[452-version-negotiation-ssl] +server = 452-version-negotiation-server +client = 452-version-negotiation-client + +[452-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[452-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-452] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[453-version-negotiation] +ssl_conf = 453-version-negotiation-ssl + +[453-version-negotiation-ssl] +server = 453-version-negotiation-server +client = 453-version-negotiation-client + +[453-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[453-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-453] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[454-version-negotiation] +ssl_conf = 454-version-negotiation-ssl + +[454-version-negotiation-ssl] +server = 454-version-negotiation-server +client = 454-version-negotiation-client + +[454-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[454-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-454] +ExpectedResult = ClientFail + + +# =========================================================== + +[455-version-negotiation] +ssl_conf = 455-version-negotiation-ssl + +[455-version-negotiation-ssl] +server = 455-version-negotiation-server +client = 455-version-negotiation-client + +[455-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[455-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-455] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[456-version-negotiation] +ssl_conf = 456-version-negotiation-ssl + +[456-version-negotiation-ssl] +server = 456-version-negotiation-server +client = 456-version-negotiation-client + +[456-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[456-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-456] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[457-version-negotiation] +ssl_conf = 457-version-negotiation-ssl + +[457-version-negotiation-ssl] +server = 457-version-negotiation-server +client = 457-version-negotiation-client + +[457-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[457-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-457] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[458-version-negotiation] +ssl_conf = 458-version-negotiation-ssl + +[458-version-negotiation-ssl] +server = 458-version-negotiation-server +client = 458-version-negotiation-client + +[458-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[458-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-458] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[459-version-negotiation] +ssl_conf = 459-version-negotiation-ssl + +[459-version-negotiation-ssl] +server = 459-version-negotiation-server +client = 459-version-negotiation-client + +[459-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[459-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-459] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[460-version-negotiation] +ssl_conf = 460-version-negotiation-ssl + +[460-version-negotiation-ssl] +server = 460-version-negotiation-server +client = 460-version-negotiation-client + +[460-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[460-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-460] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[461-version-negotiation] +ssl_conf = 461-version-negotiation-ssl + +[461-version-negotiation-ssl] +server = 461-version-negotiation-server +client = 461-version-negotiation-client + +[461-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[461-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-461] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[462-version-negotiation] +ssl_conf = 462-version-negotiation-ssl + +[462-version-negotiation-ssl] +server = 462-version-negotiation-server +client = 462-version-negotiation-client + +[462-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[462-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-462] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[463-version-negotiation] +ssl_conf = 463-version-negotiation-ssl + +[463-version-negotiation-ssl] +server = 463-version-negotiation-server +client = 463-version-negotiation-client + +[463-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[463-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-463] +ExpectedResult = ServerFail + + +# =========================================================== + +[464-version-negotiation] +ssl_conf = 464-version-negotiation-ssl + +[464-version-negotiation-ssl] +server = 464-version-negotiation-server +client = 464-version-negotiation-client + +[464-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[464-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-464] +ExpectedResult = ServerFail + + +# =========================================================== + +[465-version-negotiation] +ssl_conf = 465-version-negotiation-ssl + +[465-version-negotiation-ssl] +server = 465-version-negotiation-server +client = 465-version-negotiation-client + +[465-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[465-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-465] +ExpectedResult = ServerFail + + +# =========================================================== + +[466-version-negotiation] +ssl_conf = 466-version-negotiation-ssl + +[466-version-negotiation-ssl] +server = 466-version-negotiation-server +client = 466-version-negotiation-client + +[466-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[466-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-466] +ExpectedResult = ServerFail + + +# =========================================================== + +[467-version-negotiation] +ssl_conf = 467-version-negotiation-ssl + +[467-version-negotiation-ssl] +server = 467-version-negotiation-server +client = 467-version-negotiation-client + +[467-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[467-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-467] +ExpectedResult = ServerFail + + +# =========================================================== + +[468-version-negotiation] +ssl_conf = 468-version-negotiation-ssl + +[468-version-negotiation-ssl] +server = 468-version-negotiation-server +client = 468-version-negotiation-client + +[468-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[468-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-468] +ExpectedResult = ServerFail + + +# =========================================================== + +[469-version-negotiation] +ssl_conf = 469-version-negotiation-ssl + +[469-version-negotiation-ssl] +server = 469-version-negotiation-server +client = 469-version-negotiation-client + +[469-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[469-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-469] +ExpectedResult = ClientFail + + +# =========================================================== + +[470-version-negotiation] +ssl_conf = 470-version-negotiation-ssl + +[470-version-negotiation-ssl] +server = 470-version-negotiation-server +client = 470-version-negotiation-client + +[470-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[470-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-470] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[471-version-negotiation] +ssl_conf = 471-version-negotiation-ssl + +[471-version-negotiation-ssl] +server = 471-version-negotiation-server +client = 471-version-negotiation-client + +[471-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[471-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-471] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[472-version-negotiation] +ssl_conf = 472-version-negotiation-ssl + +[472-version-negotiation-ssl] +server = 472-version-negotiation-server +client = 472-version-negotiation-client + +[472-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[472-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-472] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[473-version-negotiation] +ssl_conf = 473-version-negotiation-ssl + +[473-version-negotiation-ssl] +server = 473-version-negotiation-server +client = 473-version-negotiation-client + +[473-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[473-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-473] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[474-version-negotiation] +ssl_conf = 474-version-negotiation-ssl + +[474-version-negotiation-ssl] +server = 474-version-negotiation-server +client = 474-version-negotiation-client + +[474-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[474-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-474] +ExpectedResult = ServerFail + + +# =========================================================== + +[475-version-negotiation] +ssl_conf = 475-version-negotiation-ssl + +[475-version-negotiation-ssl] +server = 475-version-negotiation-server +client = 475-version-negotiation-client + +[475-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[475-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-475] +ExpectedResult = ClientFail + + +# =========================================================== + +[476-version-negotiation] +ssl_conf = 476-version-negotiation-ssl + +[476-version-negotiation-ssl] +server = 476-version-negotiation-server +client = 476-version-negotiation-client + +[476-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[476-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-476] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[477-version-negotiation] +ssl_conf = 477-version-negotiation-ssl + +[477-version-negotiation-ssl] +server = 477-version-negotiation-server +client = 477-version-negotiation-client + +[477-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[477-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-477] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[478-version-negotiation] +ssl_conf = 478-version-negotiation-ssl + +[478-version-negotiation-ssl] +server = 478-version-negotiation-server +client = 478-version-negotiation-client + +[478-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[478-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-478] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[479-version-negotiation] +ssl_conf = 479-version-negotiation-ssl + +[479-version-negotiation-ssl] +server = 479-version-negotiation-server +client = 479-version-negotiation-client + +[479-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[479-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-479] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[480-version-negotiation] +ssl_conf = 480-version-negotiation-ssl + +[480-version-negotiation-ssl] +server = 480-version-negotiation-server +client = 480-version-negotiation-client + +[480-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[480-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-480] +ExpectedResult = ClientFail + + +# =========================================================== + +[481-version-negotiation] +ssl_conf = 481-version-negotiation-ssl + +[481-version-negotiation-ssl] +server = 481-version-negotiation-server +client = 481-version-negotiation-client + +[481-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[481-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-481] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[482-version-negotiation] +ssl_conf = 482-version-negotiation-ssl + +[482-version-negotiation-ssl] +server = 482-version-negotiation-server +client = 482-version-negotiation-client + +[482-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[482-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-482] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[483-version-negotiation] +ssl_conf = 483-version-negotiation-ssl + +[483-version-negotiation-ssl] +server = 483-version-negotiation-server +client = 483-version-negotiation-client + +[483-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[483-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-483] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[484-version-negotiation] +ssl_conf = 484-version-negotiation-ssl + +[484-version-negotiation-ssl] +server = 484-version-negotiation-server +client = 484-version-negotiation-client + +[484-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[484-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-484] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[485-version-negotiation] +ssl_conf = 485-version-negotiation-ssl + +[485-version-negotiation-ssl] +server = 485-version-negotiation-server +client = 485-version-negotiation-client + +[485-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[485-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-485] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[486-version-negotiation] +ssl_conf = 486-version-negotiation-ssl + +[486-version-negotiation-ssl] +server = 486-version-negotiation-server +client = 486-version-negotiation-client + +[486-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[486-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-486] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[487-version-negotiation] +ssl_conf = 487-version-negotiation-ssl + +[487-version-negotiation-ssl] +server = 487-version-negotiation-server +client = 487-version-negotiation-client + +[487-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[487-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-487] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[488-version-negotiation] +ssl_conf = 488-version-negotiation-ssl + +[488-version-negotiation-ssl] +server = 488-version-negotiation-server +client = 488-version-negotiation-client + +[488-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[488-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-488] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[489-version-negotiation] +ssl_conf = 489-version-negotiation-ssl + +[489-version-negotiation-ssl] +server = 489-version-negotiation-server +client = 489-version-negotiation-client + +[489-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[489-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-489] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[490-version-negotiation] +ssl_conf = 490-version-negotiation-ssl + +[490-version-negotiation-ssl] +server = 490-version-negotiation-server +client = 490-version-negotiation-client + +[490-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[490-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-490] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[491-version-negotiation] +ssl_conf = 491-version-negotiation-ssl + +[491-version-negotiation-ssl] +server = 491-version-negotiation-server +client = 491-version-negotiation-client + +[491-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[491-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-491] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[492-version-negotiation] +ssl_conf = 492-version-negotiation-ssl + +[492-version-negotiation-ssl] +server = 492-version-negotiation-server +client = 492-version-negotiation-client + +[492-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[492-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-492] +ExpectedResult = ServerFail + + +# =========================================================== + +[493-version-negotiation] +ssl_conf = 493-version-negotiation-ssl + +[493-version-negotiation-ssl] +server = 493-version-negotiation-server +client = 493-version-negotiation-client + +[493-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[493-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-493] +ExpectedResult = ServerFail + + +# =========================================================== + +[494-version-negotiation] +ssl_conf = 494-version-negotiation-ssl + +[494-version-negotiation-ssl] +server = 494-version-negotiation-server +client = 494-version-negotiation-client + +[494-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[494-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-494] +ExpectedResult = ServerFail + + +# =========================================================== + +[495-version-negotiation] +ssl_conf = 495-version-negotiation-ssl + +[495-version-negotiation-ssl] +server = 495-version-negotiation-server +client = 495-version-negotiation-client + +[495-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[495-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-495] +ExpectedResult = ServerFail + + +# =========================================================== + +[496-version-negotiation] +ssl_conf = 496-version-negotiation-ssl + +[496-version-negotiation-ssl] +server = 496-version-negotiation-server +client = 496-version-negotiation-client + +[496-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[496-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-496] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[497-version-negotiation] +ssl_conf = 497-version-negotiation-ssl + +[497-version-negotiation-ssl] +server = 497-version-negotiation-server +client = 497-version-negotiation-client + +[497-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[497-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-497] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[498-version-negotiation] +ssl_conf = 498-version-negotiation-ssl + +[498-version-negotiation-ssl] +server = 498-version-negotiation-server +client = 498-version-negotiation-client + +[498-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[498-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-498] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[499-version-negotiation] +ssl_conf = 499-version-negotiation-ssl + +[499-version-negotiation-ssl] +server = 499-version-negotiation-server +client = 499-version-negotiation-client + +[499-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[499-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-499] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[500-version-negotiation] +ssl_conf = 500-version-negotiation-ssl + +[500-version-negotiation-ssl] +server = 500-version-negotiation-server +client = 500-version-negotiation-client + +[500-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[500-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-500] +ExpectedResult = ServerFail + + +# =========================================================== + +[501-version-negotiation] +ssl_conf = 501-version-negotiation-ssl + +[501-version-negotiation-ssl] +server = 501-version-negotiation-server +client = 501-version-negotiation-client + +[501-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[501-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-501] +ExpectedResult = ServerFail + + +# =========================================================== + +[502-version-negotiation] +ssl_conf = 502-version-negotiation-ssl + +[502-version-negotiation-ssl] +server = 502-version-negotiation-server +client = 502-version-negotiation-client + +[502-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[502-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-502] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[503-version-negotiation] +ssl_conf = 503-version-negotiation-ssl + +[503-version-negotiation-ssl] +server = 503-version-negotiation-server +client = 503-version-negotiation-client + +[503-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[503-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-503] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[504-version-negotiation] +ssl_conf = 504-version-negotiation-ssl + +[504-version-negotiation-ssl] +server = 504-version-negotiation-server +client = 504-version-negotiation-client + +[504-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[504-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-504] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[505-version-negotiation] +ssl_conf = 505-version-negotiation-ssl + +[505-version-negotiation-ssl] +server = 505-version-negotiation-server +client = 505-version-negotiation-client + +[505-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[505-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-505] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[506-version-negotiation] +ssl_conf = 506-version-negotiation-ssl + +[506-version-negotiation-ssl] +server = 506-version-negotiation-server +client = 506-version-negotiation-client + +[506-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[506-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-506] +ExpectedResult = ServerFail + + +# =========================================================== + +[507-version-negotiation] +ssl_conf = 507-version-negotiation-ssl + +[507-version-negotiation-ssl] +server = 507-version-negotiation-server +client = 507-version-negotiation-client + +[507-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[507-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-507] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[508-version-negotiation] +ssl_conf = 508-version-negotiation-ssl + +[508-version-negotiation-ssl] +server = 508-version-negotiation-server +client = 508-version-negotiation-client + +[508-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[508-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-508] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[509-version-negotiation] +ssl_conf = 509-version-negotiation-ssl + +[509-version-negotiation-ssl] +server = 509-version-negotiation-server +client = 509-version-negotiation-client + +[509-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[509-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-509] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[510-version-negotiation] +ssl_conf = 510-version-negotiation-ssl + +[510-version-negotiation-ssl] +server = 510-version-negotiation-server +client = 510-version-negotiation-client + +[510-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[510-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-510] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[511-version-negotiation] +ssl_conf = 511-version-negotiation-ssl + +[511-version-negotiation-ssl] +server = 511-version-negotiation-server +client = 511-version-negotiation-client + +[511-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[511-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-511] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[512-version-negotiation] +ssl_conf = 512-version-negotiation-ssl + +[512-version-negotiation-ssl] +server = 512-version-negotiation-server +client = 512-version-negotiation-client + +[512-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[512-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-512] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[513-version-negotiation] +ssl_conf = 513-version-negotiation-ssl + +[513-version-negotiation-ssl] +server = 513-version-negotiation-server +client = 513-version-negotiation-client + +[513-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[513-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-513] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[514-version-negotiation] +ssl_conf = 514-version-negotiation-ssl + +[514-version-negotiation-ssl] +server = 514-version-negotiation-server +client = 514-version-negotiation-client + +[514-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[514-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-514] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[515-version-negotiation] +ssl_conf = 515-version-negotiation-ssl + +[515-version-negotiation-ssl] +server = 515-version-negotiation-server +client = 515-version-negotiation-client + +[515-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[515-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-515] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[516-version-negotiation] +ssl_conf = 516-version-negotiation-ssl + +[516-version-negotiation-ssl] +server = 516-version-negotiation-server +client = 516-version-negotiation-client + +[516-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[516-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-516] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[517-version-negotiation] +ssl_conf = 517-version-negotiation-ssl + +[517-version-negotiation-ssl] +server = 517-version-negotiation-server +client = 517-version-negotiation-client + +[517-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[517-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-517] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[518-version-negotiation] +ssl_conf = 518-version-negotiation-ssl + +[518-version-negotiation-ssl] +server = 518-version-negotiation-server +client = 518-version-negotiation-client + +[518-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[518-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-518] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[519-version-negotiation] +ssl_conf = 519-version-negotiation-ssl + +[519-version-negotiation-ssl] +server = 519-version-negotiation-server +client = 519-version-negotiation-client + +[519-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[519-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-519] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[520-version-negotiation] +ssl_conf = 520-version-negotiation-ssl + +[520-version-negotiation-ssl] +server = 520-version-negotiation-server +client = 520-version-negotiation-client + +[520-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[520-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-520] +ExpectedResult = ServerFail + + +# =========================================================== + +[521-version-negotiation] +ssl_conf = 521-version-negotiation-ssl + +[521-version-negotiation-ssl] +server = 521-version-negotiation-server +client = 521-version-negotiation-client + +[521-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[521-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-521] +ExpectedResult = ServerFail + + +# =========================================================== + +[522-version-negotiation] +ssl_conf = 522-version-negotiation-ssl + +[522-version-negotiation-ssl] +server = 522-version-negotiation-server +client = 522-version-negotiation-client + +[522-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[522-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-522] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[523-version-negotiation] +ssl_conf = 523-version-negotiation-ssl + +[523-version-negotiation-ssl] +server = 523-version-negotiation-server +client = 523-version-negotiation-client + +[523-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[523-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-523] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[524-version-negotiation] +ssl_conf = 524-version-negotiation-ssl + +[524-version-negotiation-ssl] +server = 524-version-negotiation-server +client = 524-version-negotiation-client + +[524-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[524-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-524] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[525-version-negotiation] +ssl_conf = 525-version-negotiation-ssl + +[525-version-negotiation-ssl] +server = 525-version-negotiation-server +client = 525-version-negotiation-client + +[525-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[525-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-525] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[526-version-negotiation] +ssl_conf = 526-version-negotiation-ssl + +[526-version-negotiation-ssl] +server = 526-version-negotiation-server +client = 526-version-negotiation-client + +[526-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[526-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-526] +ExpectedResult = ServerFail + + +# =========================================================== + +[527-version-negotiation] +ssl_conf = 527-version-negotiation-ssl + +[527-version-negotiation-ssl] +server = 527-version-negotiation-server +client = 527-version-negotiation-client + +[527-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[527-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-527] +ExpectedResult = ServerFail + + +# =========================================================== + +[528-version-negotiation] +ssl_conf = 528-version-negotiation-ssl + +[528-version-negotiation-ssl] +server = 528-version-negotiation-server +client = 528-version-negotiation-client + +[528-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[528-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-528] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[529-version-negotiation] +ssl_conf = 529-version-negotiation-ssl + +[529-version-negotiation-ssl] +server = 529-version-negotiation-server +client = 529-version-negotiation-client + +[529-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[529-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-529] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[530-version-negotiation] +ssl_conf = 530-version-negotiation-ssl + +[530-version-negotiation-ssl] +server = 530-version-negotiation-server +client = 530-version-negotiation-client + +[530-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[530-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-530] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[531-version-negotiation] +ssl_conf = 531-version-negotiation-ssl + +[531-version-negotiation-ssl] +server = 531-version-negotiation-server +client = 531-version-negotiation-client + +[531-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[531-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-531] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[532-version-negotiation] +ssl_conf = 532-version-negotiation-ssl + +[532-version-negotiation-ssl] +server = 532-version-negotiation-server +client = 532-version-negotiation-client + +[532-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[532-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-532] +ExpectedResult = ServerFail + + +# =========================================================== + +[533-version-negotiation] +ssl_conf = 533-version-negotiation-ssl + +[533-version-negotiation-ssl] +server = 533-version-negotiation-server +client = 533-version-negotiation-client + +[533-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[533-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-533] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[534-version-negotiation] +ssl_conf = 534-version-negotiation-ssl + +[534-version-negotiation-ssl] +server = 534-version-negotiation-server +client = 534-version-negotiation-client + +[534-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[534-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-534] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[535-version-negotiation] +ssl_conf = 535-version-negotiation-ssl + +[535-version-negotiation-ssl] +server = 535-version-negotiation-server +client = 535-version-negotiation-client + +[535-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[535-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-535] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[536-version-negotiation] +ssl_conf = 536-version-negotiation-ssl + +[536-version-negotiation-ssl] +server = 536-version-negotiation-server +client = 536-version-negotiation-client + +[536-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[536-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-536] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[537-version-negotiation] +ssl_conf = 537-version-negotiation-ssl + +[537-version-negotiation-ssl] +server = 537-version-negotiation-server +client = 537-version-negotiation-client + +[537-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[537-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-537] +ExpectedProtocol = TLSv1.1 +ExpectedResult = Success + + +# =========================================================== + +[538-version-negotiation] +ssl_conf = 538-version-negotiation-ssl + +[538-version-negotiation-ssl] +server = 538-version-negotiation-server +client = 538-version-negotiation-client + +[538-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[538-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-538] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[539-version-negotiation] +ssl_conf = 539-version-negotiation-ssl + +[539-version-negotiation-ssl] +server = 539-version-negotiation-server +client = 539-version-negotiation-client + +[539-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[539-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-539] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[540-version-negotiation] +ssl_conf = 540-version-negotiation-ssl + +[540-version-negotiation-ssl] +server = 540-version-negotiation-server +client = 540-version-negotiation-client + +[540-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[540-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-540] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[541-version-negotiation] +ssl_conf = 541-version-negotiation-ssl + +[541-version-negotiation-ssl] +server = 541-version-negotiation-server +client = 541-version-negotiation-client + +[541-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[541-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-541] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[542-version-negotiation] +ssl_conf = 542-version-negotiation-ssl + +[542-version-negotiation-ssl] +server = 542-version-negotiation-server +client = 542-version-negotiation-client + +[542-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[542-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-542] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[543-version-negotiation] +ssl_conf = 543-version-negotiation-ssl + +[543-version-negotiation-ssl] +server = 543-version-negotiation-server +client = 543-version-negotiation-client + +[543-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[543-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-543] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[544-version-negotiation] +ssl_conf = 544-version-negotiation-ssl + +[544-version-negotiation-ssl] +server = 544-version-negotiation-server +client = 544-version-negotiation-client + +[544-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[544-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-544] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[545-version-negotiation] +ssl_conf = 545-version-negotiation-ssl + +[545-version-negotiation-ssl] +server = 545-version-negotiation-server +client = 545-version-negotiation-client + +[545-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[545-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-545] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[546-version-negotiation] +ssl_conf = 546-version-negotiation-ssl + +[546-version-negotiation-ssl] +server = 546-version-negotiation-server +client = 546-version-negotiation-client + +[546-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[546-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-546] +ExpectedResult = ServerFail + + +# =========================================================== + +[547-version-negotiation] +ssl_conf = 547-version-negotiation-ssl + +[547-version-negotiation-ssl] +server = 547-version-negotiation-server +client = 547-version-negotiation-client + +[547-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[547-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-547] +ExpectedResult = ClientFail + + +# =========================================================== + +[548-version-negotiation] +ssl_conf = 548-version-negotiation-ssl + +[548-version-negotiation-ssl] +server = 548-version-negotiation-server +client = 548-version-negotiation-client + +[548-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[548-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-548] +ExpectedResult = ClientFail + + +# =========================================================== + +[549-version-negotiation] +ssl_conf = 549-version-negotiation-ssl + +[549-version-negotiation-ssl] +server = 549-version-negotiation-server +client = 549-version-negotiation-client + +[549-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[549-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-549] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[550-version-negotiation] +ssl_conf = 550-version-negotiation-ssl + +[550-version-negotiation-ssl] +server = 550-version-negotiation-server +client = 550-version-negotiation-client + +[550-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[550-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-550] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[551-version-negotiation] +ssl_conf = 551-version-negotiation-ssl + +[551-version-negotiation-ssl] +server = 551-version-negotiation-server +client = 551-version-negotiation-client + +[551-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[551-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-551] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[552-version-negotiation] +ssl_conf = 552-version-negotiation-ssl + +[552-version-negotiation-ssl] +server = 552-version-negotiation-server +client = 552-version-negotiation-client + +[552-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[552-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-552] +ExpectedResult = ServerFail + + +# =========================================================== + +[553-version-negotiation] +ssl_conf = 553-version-negotiation-ssl + +[553-version-negotiation-ssl] +server = 553-version-negotiation-server +client = 553-version-negotiation-client + +[553-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[553-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-553] +ExpectedResult = ClientFail + + +# =========================================================== + +[554-version-negotiation] +ssl_conf = 554-version-negotiation-ssl + +[554-version-negotiation-ssl] +server = 554-version-negotiation-server +client = 554-version-negotiation-client + +[554-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[554-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-554] +ExpectedResult = ClientFail + + +# =========================================================== + +[555-version-negotiation] +ssl_conf = 555-version-negotiation-ssl + +[555-version-negotiation-ssl] +server = 555-version-negotiation-server +client = 555-version-negotiation-client + +[555-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[555-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-555] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[556-version-negotiation] +ssl_conf = 556-version-negotiation-ssl + +[556-version-negotiation-ssl] +server = 556-version-negotiation-server +client = 556-version-negotiation-client + +[556-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[556-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-556] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[557-version-negotiation] +ssl_conf = 557-version-negotiation-ssl + +[557-version-negotiation-ssl] +server = 557-version-negotiation-server +client = 557-version-negotiation-client + +[557-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[557-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-557] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[558-version-negotiation] +ssl_conf = 558-version-negotiation-ssl + +[558-version-negotiation-ssl] +server = 558-version-negotiation-server +client = 558-version-negotiation-client + +[558-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[558-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-558] +ExpectedResult = ClientFail + + +# =========================================================== + +[559-version-negotiation] +ssl_conf = 559-version-negotiation-ssl + +[559-version-negotiation-ssl] +server = 559-version-negotiation-server +client = 559-version-negotiation-client + +[559-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[559-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-559] +ExpectedResult = ClientFail + + +# =========================================================== + +[560-version-negotiation] +ssl_conf = 560-version-negotiation-ssl + +[560-version-negotiation-ssl] +server = 560-version-negotiation-server +client = 560-version-negotiation-client + +[560-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[560-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-560] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[561-version-negotiation] +ssl_conf = 561-version-negotiation-ssl + +[561-version-negotiation-ssl] +server = 561-version-negotiation-server +client = 561-version-negotiation-client + +[561-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[561-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-561] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[562-version-negotiation] +ssl_conf = 562-version-negotiation-ssl + +[562-version-negotiation-ssl] +server = 562-version-negotiation-server +client = 562-version-negotiation-client + +[562-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[562-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-562] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[563-version-negotiation] +ssl_conf = 563-version-negotiation-ssl + +[563-version-negotiation-ssl] +server = 563-version-negotiation-server +client = 563-version-negotiation-client + +[563-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[563-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-563] +ExpectedResult = ClientFail + + +# =========================================================== + +[564-version-negotiation] +ssl_conf = 564-version-negotiation-ssl + +[564-version-negotiation-ssl] +server = 564-version-negotiation-server +client = 564-version-negotiation-client + +[564-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[564-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-564] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[565-version-negotiation] +ssl_conf = 565-version-negotiation-ssl + +[565-version-negotiation-ssl] +server = 565-version-negotiation-server +client = 565-version-negotiation-client + +[565-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[565-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-565] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[566-version-negotiation] +ssl_conf = 566-version-negotiation-ssl + +[566-version-negotiation-ssl] +server = 566-version-negotiation-server +client = 566-version-negotiation-client + +[566-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[566-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-566] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[567-version-negotiation] +ssl_conf = 567-version-negotiation-ssl + +[567-version-negotiation-ssl] +server = 567-version-negotiation-server +client = 567-version-negotiation-client + +[567-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[567-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-567] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[568-version-negotiation] +ssl_conf = 568-version-negotiation-ssl + +[568-version-negotiation-ssl] +server = 568-version-negotiation-server +client = 568-version-negotiation-client + +[568-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[568-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-568] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[569-version-negotiation] +ssl_conf = 569-version-negotiation-ssl + +[569-version-negotiation-ssl] +server = 569-version-negotiation-server +client = 569-version-negotiation-client + +[569-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[569-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-569] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[570-version-negotiation] +ssl_conf = 570-version-negotiation-ssl + +[570-version-negotiation-ssl] +server = 570-version-negotiation-server +client = 570-version-negotiation-client + +[570-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[570-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-570] +ExpectedResult = ServerFail + + +# =========================================================== + +[571-version-negotiation] +ssl_conf = 571-version-negotiation-ssl + +[571-version-negotiation-ssl] +server = 571-version-negotiation-server +client = 571-version-negotiation-client + +[571-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[571-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-571] +ExpectedResult = ServerFail + + +# =========================================================== + +[572-version-negotiation] +ssl_conf = 572-version-negotiation-ssl + +[572-version-negotiation-ssl] +server = 572-version-negotiation-server +client = 572-version-negotiation-client + +[572-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[572-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-572] +ExpectedResult = ServerFail + + +# =========================================================== + +[573-version-negotiation] +ssl_conf = 573-version-negotiation-ssl + +[573-version-negotiation-ssl] +server = 573-version-negotiation-server +client = 573-version-negotiation-client + +[573-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[573-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-573] +ExpectedResult = ServerFail + + +# =========================================================== + +[574-version-negotiation] +ssl_conf = 574-version-negotiation-ssl + +[574-version-negotiation-ssl] +server = 574-version-negotiation-server +client = 574-version-negotiation-client + +[574-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[574-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-574] +ExpectedResult = ServerFail + + +# =========================================================== + +[575-version-negotiation] +ssl_conf = 575-version-negotiation-ssl + +[575-version-negotiation-ssl] +server = 575-version-negotiation-server +client = 575-version-negotiation-client + +[575-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[575-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-575] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[576-version-negotiation] +ssl_conf = 576-version-negotiation-ssl + +[576-version-negotiation-ssl] +server = 576-version-negotiation-server +client = 576-version-negotiation-client + +[576-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[576-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-576] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[577-version-negotiation] +ssl_conf = 577-version-negotiation-ssl + +[577-version-negotiation-ssl] +server = 577-version-negotiation-server +client = 577-version-negotiation-client + +[577-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[577-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-577] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[578-version-negotiation] +ssl_conf = 578-version-negotiation-ssl + +[578-version-negotiation-ssl] +server = 578-version-negotiation-server +client = 578-version-negotiation-client + +[578-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[578-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-578] +ExpectedResult = ServerFail + + +# =========================================================== + +[579-version-negotiation] +ssl_conf = 579-version-negotiation-ssl + +[579-version-negotiation-ssl] +server = 579-version-negotiation-server +client = 579-version-negotiation-client + +[579-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[579-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-579] +ExpectedResult = ServerFail + + +# =========================================================== + +[580-version-negotiation] +ssl_conf = 580-version-negotiation-ssl + +[580-version-negotiation-ssl] +server = 580-version-negotiation-server +client = 580-version-negotiation-client + +[580-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[580-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-580] +ExpectedResult = ServerFail + + +# =========================================================== + +[581-version-negotiation] +ssl_conf = 581-version-negotiation-ssl + +[581-version-negotiation-ssl] +server = 581-version-negotiation-server +client = 581-version-negotiation-client + +[581-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[581-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-581] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[582-version-negotiation] +ssl_conf = 582-version-negotiation-ssl + +[582-version-negotiation-ssl] +server = 582-version-negotiation-server +client = 582-version-negotiation-client + +[582-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[582-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-582] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[583-version-negotiation] +ssl_conf = 583-version-negotiation-ssl + +[583-version-negotiation-ssl] +server = 583-version-negotiation-server +client = 583-version-negotiation-client + +[583-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[583-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-583] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[584-version-negotiation] +ssl_conf = 584-version-negotiation-ssl + +[584-version-negotiation-ssl] +server = 584-version-negotiation-server +client = 584-version-negotiation-client + +[584-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[584-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-584] +ExpectedResult = ServerFail + + +# =========================================================== + +[585-version-negotiation] +ssl_conf = 585-version-negotiation-ssl + +[585-version-negotiation-ssl] +server = 585-version-negotiation-server +client = 585-version-negotiation-client + +[585-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[585-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-585] +ExpectedResult = ServerFail + + +# =========================================================== + +[586-version-negotiation] +ssl_conf = 586-version-negotiation-ssl + +[586-version-negotiation-ssl] +server = 586-version-negotiation-server +client = 586-version-negotiation-client + +[586-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[586-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-586] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[587-version-negotiation] +ssl_conf = 587-version-negotiation-ssl + +[587-version-negotiation-ssl] +server = 587-version-negotiation-server +client = 587-version-negotiation-client + +[587-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[587-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-587] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[588-version-negotiation] +ssl_conf = 588-version-negotiation-ssl + +[588-version-negotiation-ssl] +server = 588-version-negotiation-server +client = 588-version-negotiation-client + +[588-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[588-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-588] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[589-version-negotiation] +ssl_conf = 589-version-negotiation-ssl + +[589-version-negotiation-ssl] +server = 589-version-negotiation-server +client = 589-version-negotiation-client + +[589-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[589-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-589] +ExpectedResult = ServerFail + + +# =========================================================== + +[590-version-negotiation] +ssl_conf = 590-version-negotiation-ssl + +[590-version-negotiation-ssl] +server = 590-version-negotiation-server +client = 590-version-negotiation-client + +[590-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[590-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-590] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[591-version-negotiation] +ssl_conf = 591-version-negotiation-ssl + +[591-version-negotiation-ssl] +server = 591-version-negotiation-server +client = 591-version-negotiation-client + +[591-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[591-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-591] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[592-version-negotiation] +ssl_conf = 592-version-negotiation-ssl + +[592-version-negotiation-ssl] +server = 592-version-negotiation-server +client = 592-version-negotiation-client + +[592-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[592-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-592] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[593-version-negotiation] +ssl_conf = 593-version-negotiation-ssl + +[593-version-negotiation-ssl] +server = 593-version-negotiation-server +client = 593-version-negotiation-client + +[593-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[593-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-593] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[594-version-negotiation] +ssl_conf = 594-version-negotiation-ssl + +[594-version-negotiation-ssl] +server = 594-version-negotiation-server +client = 594-version-negotiation-client + +[594-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[594-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-594] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[595-version-negotiation] +ssl_conf = 595-version-negotiation-ssl + +[595-version-negotiation-ssl] +server = 595-version-negotiation-server +client = 595-version-negotiation-client + +[595-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[595-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-595] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[596-version-negotiation] +ssl_conf = 596-version-negotiation-ssl + +[596-version-negotiation-ssl] +server = 596-version-negotiation-server +client = 596-version-negotiation-client + +[596-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[596-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-596] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[597-version-negotiation] +ssl_conf = 597-version-negotiation-ssl + +[597-version-negotiation-ssl] +server = 597-version-negotiation-server +client = 597-version-negotiation-client + +[597-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[597-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-597] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[598-version-negotiation] +ssl_conf = 598-version-negotiation-ssl + +[598-version-negotiation-ssl] +server = 598-version-negotiation-server +client = 598-version-negotiation-client + +[598-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[598-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-598] +ExpectedResult = ServerFail + + +# =========================================================== + +[599-version-negotiation] +ssl_conf = 599-version-negotiation-ssl + +[599-version-negotiation-ssl] +server = 599-version-negotiation-server +client = 599-version-negotiation-client + +[599-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[599-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-599] +ExpectedResult = ServerFail + + +# =========================================================== + +[600-version-negotiation] +ssl_conf = 600-version-negotiation-ssl + +[600-version-negotiation-ssl] +server = 600-version-negotiation-server +client = 600-version-negotiation-client + +[600-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[600-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-600] +ExpectedResult = ServerFail + + +# =========================================================== + +[601-version-negotiation] +ssl_conf = 601-version-negotiation-ssl + +[601-version-negotiation-ssl] +server = 601-version-negotiation-server +client = 601-version-negotiation-client + +[601-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[601-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-601] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[602-version-negotiation] +ssl_conf = 602-version-negotiation-ssl + +[602-version-negotiation-ssl] +server = 602-version-negotiation-server +client = 602-version-negotiation-client + +[602-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[602-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-602] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[603-version-negotiation] +ssl_conf = 603-version-negotiation-ssl + +[603-version-negotiation-ssl] +server = 603-version-negotiation-server +client = 603-version-negotiation-client + +[603-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[603-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-603] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[604-version-negotiation] +ssl_conf = 604-version-negotiation-ssl + +[604-version-negotiation-ssl] +server = 604-version-negotiation-server +client = 604-version-negotiation-client + +[604-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[604-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-604] +ExpectedResult = ServerFail + + +# =========================================================== + +[605-version-negotiation] +ssl_conf = 605-version-negotiation-ssl + +[605-version-negotiation-ssl] +server = 605-version-negotiation-server +client = 605-version-negotiation-client + +[605-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[605-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-605] +ExpectedResult = ServerFail + + +# =========================================================== + +[606-version-negotiation] +ssl_conf = 606-version-negotiation-ssl + +[606-version-negotiation-ssl] +server = 606-version-negotiation-server +client = 606-version-negotiation-client + +[606-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[606-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-606] +ExpectedResult = ServerFail + + +# =========================================================== + +[607-version-negotiation] +ssl_conf = 607-version-negotiation-ssl + +[607-version-negotiation-ssl] +server = 607-version-negotiation-server +client = 607-version-negotiation-client + +[607-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[607-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-607] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[608-version-negotiation] +ssl_conf = 608-version-negotiation-ssl + +[608-version-negotiation-ssl] +server = 608-version-negotiation-server +client = 608-version-negotiation-client + +[608-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[608-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-608] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[609-version-negotiation] +ssl_conf = 609-version-negotiation-ssl + +[609-version-negotiation-ssl] +server = 609-version-negotiation-server +client = 609-version-negotiation-client + +[609-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[609-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-609] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[610-version-negotiation] +ssl_conf = 610-version-negotiation-ssl + +[610-version-negotiation-ssl] +server = 610-version-negotiation-server +client = 610-version-negotiation-client + +[610-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[610-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-610] +ExpectedResult = ServerFail + + +# =========================================================== + +[611-version-negotiation] +ssl_conf = 611-version-negotiation-ssl + +[611-version-negotiation-ssl] +server = 611-version-negotiation-server +client = 611-version-negotiation-client + +[611-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[611-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-611] +ExpectedResult = ServerFail + + +# =========================================================== + +[612-version-negotiation] +ssl_conf = 612-version-negotiation-ssl + +[612-version-negotiation-ssl] +server = 612-version-negotiation-server +client = 612-version-negotiation-client + +[612-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[612-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-612] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[613-version-negotiation] +ssl_conf = 613-version-negotiation-ssl + +[613-version-negotiation-ssl] +server = 613-version-negotiation-server +client = 613-version-negotiation-client + +[613-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[613-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-613] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[614-version-negotiation] +ssl_conf = 614-version-negotiation-ssl + +[614-version-negotiation-ssl] +server = 614-version-negotiation-server +client = 614-version-negotiation-client + +[614-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[614-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-614] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[615-version-negotiation] +ssl_conf = 615-version-negotiation-ssl + +[615-version-negotiation-ssl] +server = 615-version-negotiation-server +client = 615-version-negotiation-client + +[615-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[615-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-615] +ExpectedResult = ServerFail + + +# =========================================================== + +[616-version-negotiation] +ssl_conf = 616-version-negotiation-ssl + +[616-version-negotiation-ssl] +server = 616-version-negotiation-server +client = 616-version-negotiation-client + +[616-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[616-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-616] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[617-version-negotiation] +ssl_conf = 617-version-negotiation-ssl + +[617-version-negotiation-ssl] +server = 617-version-negotiation-server +client = 617-version-negotiation-client + +[617-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[617-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-617] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[618-version-negotiation] +ssl_conf = 618-version-negotiation-ssl + +[618-version-negotiation-ssl] +server = 618-version-negotiation-server +client = 618-version-negotiation-client + +[618-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[618-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-618] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[619-version-negotiation] +ssl_conf = 619-version-negotiation-ssl + +[619-version-negotiation-ssl] +server = 619-version-negotiation-server +client = 619-version-negotiation-client + +[619-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[619-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-619] +ExpectedProtocol = TLSv1.2 +ExpectedResult = Success + + +# =========================================================== + +[620-version-negotiation] +ssl_conf = 620-version-negotiation-ssl + +[620-version-negotiation-ssl] +server = 620-version-negotiation-server +client = 620-version-negotiation-client + +[620-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[620-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-620] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[621-version-negotiation] +ssl_conf = 621-version-negotiation-ssl + +[621-version-negotiation-ssl] +server = 621-version-negotiation-server +client = 621-version-negotiation-client + +[621-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[621-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-621] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[622-version-negotiation] +ssl_conf = 622-version-negotiation-ssl + +[622-version-negotiation-ssl] +server = 622-version-negotiation-server +client = 622-version-negotiation-client + +[622-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[622-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-622] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[623-version-negotiation] +ssl_conf = 623-version-negotiation-ssl + +[623-version-negotiation-ssl] +server = 623-version-negotiation-server +client = 623-version-negotiation-client + +[623-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[623-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-623] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[624-version-negotiation] +ssl_conf = 624-version-negotiation-ssl + +[624-version-negotiation-ssl] +server = 624-version-negotiation-server +client = 624-version-negotiation-client + +[624-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[624-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-624] +ExpectedResult = ServerFail + + +# =========================================================== + +[625-version-negotiation] +ssl_conf = 625-version-negotiation-ssl + +[625-version-negotiation-ssl] +server = 625-version-negotiation-server +client = 625-version-negotiation-client + +[625-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[625-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-625] +ExpectedResult = ServerFail + + +# =========================================================== + +[626-version-negotiation] +ssl_conf = 626-version-negotiation-ssl + +[626-version-negotiation-ssl] +server = 626-version-negotiation-server +client = 626-version-negotiation-client + +[626-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[626-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-626] +ExpectedResult = ServerFail + + +# =========================================================== + +[627-version-negotiation] +ssl_conf = 627-version-negotiation-ssl + +[627-version-negotiation-ssl] +server = 627-version-negotiation-server +client = 627-version-negotiation-client + +[627-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[627-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-627] +ExpectedResult = ServerFail + + +# =========================================================== + +[628-version-negotiation] +ssl_conf = 628-version-negotiation-ssl + +[628-version-negotiation-ssl] +server = 628-version-negotiation-server +client = 628-version-negotiation-client + +[628-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[628-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-628] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[629-version-negotiation] +ssl_conf = 629-version-negotiation-ssl + +[629-version-negotiation-ssl] +server = 629-version-negotiation-server +client = 629-version-negotiation-client + +[629-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[629-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-629] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[630-version-negotiation] +ssl_conf = 630-version-negotiation-ssl + +[630-version-negotiation-ssl] +server = 630-version-negotiation-server +client = 630-version-negotiation-client + +[630-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[630-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-630] +ExpectedResult = ServerFail + + +# =========================================================== + +[631-version-negotiation] +ssl_conf = 631-version-negotiation-ssl + +[631-version-negotiation-ssl] +server = 631-version-negotiation-server +client = 631-version-negotiation-client + +[631-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[631-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-631] +ExpectedResult = ServerFail + + +# =========================================================== + +[632-version-negotiation] +ssl_conf = 632-version-negotiation-ssl + +[632-version-negotiation-ssl] +server = 632-version-negotiation-server +client = 632-version-negotiation-client + +[632-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[632-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-632] +ExpectedResult = ServerFail + + +# =========================================================== + +[633-version-negotiation] +ssl_conf = 633-version-negotiation-ssl + +[633-version-negotiation-ssl] +server = 633-version-negotiation-server +client = 633-version-negotiation-client + +[633-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[633-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-633] +ExpectedResult = ServerFail + + +# =========================================================== + +[634-version-negotiation] +ssl_conf = 634-version-negotiation-ssl + +[634-version-negotiation-ssl] +server = 634-version-negotiation-server +client = 634-version-negotiation-client + +[634-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[634-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-634] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[635-version-negotiation] +ssl_conf = 635-version-negotiation-ssl + +[635-version-negotiation-ssl] +server = 635-version-negotiation-server +client = 635-version-negotiation-client + +[635-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[635-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-635] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[636-version-negotiation] +ssl_conf = 636-version-negotiation-ssl + +[636-version-negotiation-ssl] +server = 636-version-negotiation-server +client = 636-version-negotiation-client + +[636-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[636-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-636] +ExpectedResult = ServerFail + + +# =========================================================== + +[637-version-negotiation] +ssl_conf = 637-version-negotiation-ssl + +[637-version-negotiation-ssl] +server = 637-version-negotiation-server +client = 637-version-negotiation-client + +[637-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[637-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-637] +ExpectedResult = ServerFail + + +# =========================================================== + +[638-version-negotiation] +ssl_conf = 638-version-negotiation-ssl + +[638-version-negotiation-ssl] +server = 638-version-negotiation-server +client = 638-version-negotiation-client + +[638-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[638-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-638] +ExpectedResult = ServerFail + + +# =========================================================== + +[639-version-negotiation] +ssl_conf = 639-version-negotiation-ssl + +[639-version-negotiation-ssl] +server = 639-version-negotiation-server +client = 639-version-negotiation-client + +[639-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[639-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-639] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[640-version-negotiation] +ssl_conf = 640-version-negotiation-ssl + +[640-version-negotiation-ssl] +server = 640-version-negotiation-server +client = 640-version-negotiation-client + +[640-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[640-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-640] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[641-version-negotiation] +ssl_conf = 641-version-negotiation-ssl + +[641-version-negotiation-ssl] +server = 641-version-negotiation-server +client = 641-version-negotiation-client + +[641-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[641-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-641] +ExpectedResult = ServerFail + + +# =========================================================== + +[642-version-negotiation] +ssl_conf = 642-version-negotiation-ssl + +[642-version-negotiation-ssl] +server = 642-version-negotiation-server +client = 642-version-negotiation-client + +[642-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[642-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-642] +ExpectedResult = ServerFail + + +# =========================================================== + +[643-version-negotiation] +ssl_conf = 643-version-negotiation-ssl + +[643-version-negotiation-ssl] +server = 643-version-negotiation-server +client = 643-version-negotiation-client + +[643-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[643-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-643] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[644-version-negotiation] +ssl_conf = 644-version-negotiation-ssl + +[644-version-negotiation-ssl] +server = 644-version-negotiation-server +client = 644-version-negotiation-client + +[644-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[644-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-644] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[645-version-negotiation] +ssl_conf = 645-version-negotiation-ssl + +[645-version-negotiation-ssl] +server = 645-version-negotiation-server +client = 645-version-negotiation-client + +[645-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[645-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-645] +ExpectedResult = ServerFail + + +# =========================================================== + +[646-version-negotiation] +ssl_conf = 646-version-negotiation-ssl + +[646-version-negotiation-ssl] +server = 646-version-negotiation-server +client = 646-version-negotiation-client + +[646-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[646-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-646] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[647-version-negotiation] +ssl_conf = 647-version-negotiation-ssl + +[647-version-negotiation-ssl] +server = 647-version-negotiation-server +client = 647-version-negotiation-client + +[647-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[647-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-647] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[648-version-negotiation] +ssl_conf = 648-version-negotiation-ssl + +[648-version-negotiation-ssl] +server = 648-version-negotiation-server +client = 648-version-negotiation-client + +[648-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[648-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-648] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[649-version-negotiation] +ssl_conf = 649-version-negotiation-ssl + +[649-version-negotiation-ssl] +server = 649-version-negotiation-server +client = 649-version-negotiation-client + +[649-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[649-version-negotiation-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-649] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[650-version-negotiation] +ssl_conf = 650-version-negotiation-ssl + +[650-version-negotiation-ssl] +server = 650-version-negotiation-server +client = 650-version-negotiation-client + +[650-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[650-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-650] +ExpectedResult = ServerFail + + +# =========================================================== + +[651-version-negotiation] +ssl_conf = 651-version-negotiation-ssl + +[651-version-negotiation-ssl] +server = 651-version-negotiation-server +client = 651-version-negotiation-client + +[651-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[651-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-651] +ExpectedResult = ServerFail + + +# =========================================================== + +[652-version-negotiation] +ssl_conf = 652-version-negotiation-ssl + +[652-version-negotiation-ssl] +server = 652-version-negotiation-server +client = 652-version-negotiation-client + +[652-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[652-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-652] +ExpectedResult = ServerFail + + +# =========================================================== + +[653-version-negotiation] +ssl_conf = 653-version-negotiation-ssl + +[653-version-negotiation-ssl] +server = 653-version-negotiation-server +client = 653-version-negotiation-client + +[653-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[653-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-653] +ExpectedResult = ServerFail + + +# =========================================================== + +[654-version-negotiation] +ssl_conf = 654-version-negotiation-ssl + +[654-version-negotiation-ssl] +server = 654-version-negotiation-server +client = 654-version-negotiation-client + +[654-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[654-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-654] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[655-version-negotiation] +ssl_conf = 655-version-negotiation-ssl + +[655-version-negotiation-ssl] +server = 655-version-negotiation-server +client = 655-version-negotiation-client + +[655-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[655-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-655] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[656-version-negotiation] +ssl_conf = 656-version-negotiation-ssl + +[656-version-negotiation-ssl] +server = 656-version-negotiation-server +client = 656-version-negotiation-client + +[656-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = SSLv3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[656-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-656] +ExpectedResult = ServerFail + + +# =========================================================== + +[657-version-negotiation] +ssl_conf = 657-version-negotiation-ssl + +[657-version-negotiation-ssl] +server = 657-version-negotiation-server +client = 657-version-negotiation-client + +[657-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[657-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-657] +ExpectedResult = ServerFail + + +# =========================================================== + +[658-version-negotiation] +ssl_conf = 658-version-negotiation-ssl + +[658-version-negotiation-ssl] +server = 658-version-negotiation-server +client = 658-version-negotiation-client + +[658-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[658-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-658] +ExpectedResult = ServerFail + + +# =========================================================== + +[659-version-negotiation] +ssl_conf = 659-version-negotiation-ssl + +[659-version-negotiation-ssl] +server = 659-version-negotiation-server +client = 659-version-negotiation-client + +[659-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[659-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-659] +ExpectedResult = ServerFail + + +# =========================================================== + +[660-version-negotiation] +ssl_conf = 660-version-negotiation-ssl + +[660-version-negotiation-ssl] +server = 660-version-negotiation-server +client = 660-version-negotiation-client + +[660-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[660-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-660] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[661-version-negotiation] +ssl_conf = 661-version-negotiation-ssl + +[661-version-negotiation-ssl] +server = 661-version-negotiation-server +client = 661-version-negotiation-client + +[661-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = SSLv3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[661-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-661] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[662-version-negotiation] +ssl_conf = 662-version-negotiation-ssl + +[662-version-negotiation-ssl] +server = 662-version-negotiation-server +client = 662-version-negotiation-client + +[662-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[662-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-662] +ExpectedResult = ServerFail + + +# =========================================================== + +[663-version-negotiation] +ssl_conf = 663-version-negotiation-ssl + +[663-version-negotiation-ssl] +server = 663-version-negotiation-server +client = 663-version-negotiation-client + +[663-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[663-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-663] +ExpectedResult = ServerFail + + +# =========================================================== + +[664-version-negotiation] +ssl_conf = 664-version-negotiation-ssl + +[664-version-negotiation-ssl] +server = 664-version-negotiation-server +client = 664-version-negotiation-client + +[664-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[664-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-664] +ExpectedResult = ServerFail + + +# =========================================================== + +[665-version-negotiation] +ssl_conf = 665-version-negotiation-ssl + +[665-version-negotiation-ssl] +server = 665-version-negotiation-server +client = 665-version-negotiation-client + +[665-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[665-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-665] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[666-version-negotiation] +ssl_conf = 666-version-negotiation-ssl + +[666-version-negotiation-ssl] +server = 666-version-negotiation-server +client = 666-version-negotiation-client + +[666-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[666-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-666] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[667-version-negotiation] +ssl_conf = 667-version-negotiation-ssl + +[667-version-negotiation-ssl] +server = 667-version-negotiation-server +client = 667-version-negotiation-client + +[667-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[667-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-667] +ExpectedResult = ServerFail + + +# =========================================================== + +[668-version-negotiation] +ssl_conf = 668-version-negotiation-ssl + +[668-version-negotiation-ssl] +server = 668-version-negotiation-server +client = 668-version-negotiation-client + +[668-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[668-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-668] +ExpectedResult = ServerFail + + +# =========================================================== + +[669-version-negotiation] +ssl_conf = 669-version-negotiation-ssl + +[669-version-negotiation-ssl] +server = 669-version-negotiation-server +client = 669-version-negotiation-client + +[669-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[669-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-669] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[670-version-negotiation] +ssl_conf = 670-version-negotiation-ssl + +[670-version-negotiation-ssl] +server = 670-version-negotiation-server +client = 670-version-negotiation-client + +[670-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[670-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-670] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[671-version-negotiation] +ssl_conf = 671-version-negotiation-ssl + +[671-version-negotiation-ssl] +server = 671-version-negotiation-server +client = 671-version-negotiation-client + +[671-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[671-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-671] +ExpectedResult = ServerFail + + +# =========================================================== + +[672-version-negotiation] +ssl_conf = 672-version-negotiation-ssl + +[672-version-negotiation-ssl] +server = 672-version-negotiation-server +client = 672-version-negotiation-client + +[672-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[672-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-672] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[673-version-negotiation] +ssl_conf = 673-version-negotiation-ssl + +[673-version-negotiation-ssl] +server = 673-version-negotiation-server +client = 673-version-negotiation-client + +[673-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[673-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-673] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[674-version-negotiation] +ssl_conf = 674-version-negotiation-ssl + +[674-version-negotiation-ssl] +server = 674-version-negotiation-server +client = 674-version-negotiation-client + +[674-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[674-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-674] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[675-version-negotiation] +ssl_conf = 675-version-negotiation-ssl + +[675-version-negotiation-ssl] +server = 675-version-negotiation-server +client = 675-version-negotiation-client + +[675-version-negotiation-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[675-version-negotiation-client] +CipherString = DEFAULT +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-675] +ExpectedProtocol = TLSv1.3 +ExpectedResult = Success + + +# =========================================================== + +[676-ciphersuite-sanity-check-client] +ssl_conf = 676-ciphersuite-sanity-check-client-ssl + +[676-ciphersuite-sanity-check-client-ssl] +server = 676-ciphersuite-sanity-check-client-server +client = 676-ciphersuite-sanity-check-client-client + +[676-ciphersuite-sanity-check-client-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[676-ciphersuite-sanity-check-client-client] +CipherString = AES128-SHA +Ciphersuites = +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-676] +ExpectedResult = ClientFail + + +# =========================================================== + +[677-ciphersuite-sanity-check-server] +ssl_conf = 677-ciphersuite-sanity-check-server-ssl + +[677-ciphersuite-sanity-check-server-ssl] +server = 677-ciphersuite-sanity-check-server-server +client = 677-ciphersuite-sanity-check-server-client + +[677-ciphersuite-sanity-check-server-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = AES128-SHA +Ciphersuites = +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[677-ciphersuite-sanity-check-server-client] +CipherString = AES128-SHA +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-677] +ExpectedResult = ServerFail + + diff --git a/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf b/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf index 0e91bed9f1..8debb66fd0 100644 --- a/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf +++ b/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf @@ -1,27 +1,43 @@ # Generated with generate_ssl_tests.pl -num_tests = 20 +num_tests = 36 test-0 = 0-server-auth-flex test-1 = 1-client-auth-flex-request test-2 = 2-client-auth-flex-require-fail test-3 = 3-client-auth-flex-require -test-4 = 4-client-auth-flex-noroot -test-5 = 5-server-auth-TLSv1 -test-6 = 6-client-auth-TLSv1-request -test-7 = 7-client-auth-TLSv1-require-fail -test-8 = 8-client-auth-TLSv1-require -test-9 = 9-client-auth-TLSv1-noroot -test-10 = 10-server-auth-TLSv1.1 -test-11 = 11-client-auth-TLSv1.1-request -test-12 = 12-client-auth-TLSv1.1-require-fail -test-13 = 13-client-auth-TLSv1.1-require -test-14 = 14-client-auth-TLSv1.1-noroot -test-15 = 15-server-auth-TLSv1.2 -test-16 = 16-client-auth-TLSv1.2-request -test-17 = 17-client-auth-TLSv1.2-require-fail -test-18 = 18-client-auth-TLSv1.2-require -test-19 = 19-client-auth-TLSv1.2-noroot +test-4 = 4-client-auth-flex-require-non-empty-names +test-5 = 5-client-auth-flex-noroot +test-6 = 6-server-auth-TLSv1 +test-7 = 7-client-auth-TLSv1-request +test-8 = 8-client-auth-TLSv1-require-fail +test-9 = 9-client-auth-TLSv1-require +test-10 = 10-client-auth-TLSv1-require-non-empty-names +test-11 = 11-client-auth-TLSv1-noroot +test-12 = 12-server-auth-TLSv1.1 +test-13 = 13-client-auth-TLSv1.1-request +test-14 = 14-client-auth-TLSv1.1-require-fail +test-15 = 15-client-auth-TLSv1.1-require +test-16 = 16-client-auth-TLSv1.1-require-non-empty-names +test-17 = 17-client-auth-TLSv1.1-noroot +test-18 = 18-server-auth-TLSv1.2 +test-19 = 19-client-auth-TLSv1.2-request +test-20 = 20-client-auth-TLSv1.2-require-fail +test-21 = 21-client-auth-TLSv1.2-require +test-22 = 22-client-auth-TLSv1.2-require-non-empty-names +test-23 = 23-client-auth-TLSv1.2-noroot +test-24 = 24-server-auth-DTLSv1 +test-25 = 25-client-auth-DTLSv1-request +test-26 = 26-client-auth-DTLSv1-require-fail +test-27 = 27-client-auth-DTLSv1-require +test-28 = 28-client-auth-DTLSv1-require-non-empty-names +test-29 = 29-client-auth-DTLSv1-noroot +test-30 = 30-server-auth-DTLSv1.2 +test-31 = 31-client-auth-DTLSv1.2-request +test-32 = 32-client-auth-DTLSv1.2-require-fail +test-33 = 33-client-auth-DTLSv1.2-require +test-34 = 34-client-auth-DTLSv1.2-require-non-empty-names +test-35 = 35-client-auth-DTLSv1.2-noroot # =========================================================== [0-server-auth-flex] @@ -92,7 +108,7 @@ VerifyMode = Peer [test-2] ExpectedResult = ServerFail -ExpectedServerAlert = HandshakeFailure +ExpectedServerAlert = CertificateRequired # =========================================================== @@ -119,25 +135,29 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-3] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA ExpectedResult = Success # =========================================================== -[4-client-auth-flex-noroot] -ssl_conf = 4-client-auth-flex-noroot-ssl +[4-client-auth-flex-require-non-empty-names] +ssl_conf = 4-client-auth-flex-require-non-empty-names-ssl -[4-client-auth-flex-noroot-ssl] -server = 4-client-auth-flex-noroot-server -client = 4-client-auth-flex-noroot-client +[4-client-auth-flex-require-non-empty-names-ssl] +server = 4-client-auth-flex-require-non-empty-names-server +client = 4-client-auth-flex-require-non-empty-names-client -[4-client-auth-flex-noroot-server] +[4-client-auth-flex-require-non-empty-names-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -VerifyMode = Require +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request -[4-client-auth-flex-noroot-client] +[4-client-auth-flex-require-non-empty-names-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem @@ -145,47 +165,75 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-4] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedResult = Success + + +# =========================================================== + +[5-client-auth-flex-noroot] +ssl_conf = 5-client-auth-flex-noroot-ssl + +[5-client-auth-flex-noroot-ssl] +server = 5-client-auth-flex-noroot-server +client = 5-client-auth-flex-noroot-client + +[5-client-auth-flex-noroot-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Require + +[5-client-auth-flex-noroot-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA # =========================================================== -[5-server-auth-TLSv1] -ssl_conf = 5-server-auth-TLSv1-ssl +[6-server-auth-TLSv1] +ssl_conf = 6-server-auth-TLSv1-ssl -[5-server-auth-TLSv1-ssl] -server = 5-server-auth-TLSv1-server -client = 5-server-auth-TLSv1-client +[6-server-auth-TLSv1-ssl] +server = 6-server-auth-TLSv1-server +client = 6-server-auth-TLSv1-client -[5-server-auth-TLSv1-server] +[6-server-auth-TLSv1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[5-server-auth-TLSv1-client] +[6-server-auth-TLSv1-client] CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-5] +[test-6] ExpectedResult = Success # =========================================================== -[6-client-auth-TLSv1-request] -ssl_conf = 6-client-auth-TLSv1-request-ssl +[7-client-auth-TLSv1-request] +ssl_conf = 7-client-auth-TLSv1-request-ssl -[6-client-auth-TLSv1-request-ssl] -server = 6-client-auth-TLSv1-request-server -client = 6-client-auth-TLSv1-request-client +[7-client-auth-TLSv1-request-ssl] +server = 7-client-auth-TLSv1-request-server +client = 7-client-auth-TLSv1-request-client -[6-client-auth-TLSv1-request-server] +[7-client-auth-TLSv1-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 @@ -193,27 +241,27 @@ MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request -[6-client-auth-TLSv1-request-client] +[7-client-auth-TLSv1-request-client] CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-6] +[test-7] ExpectedResult = Success # =========================================================== -[7-client-auth-TLSv1-require-fail] -ssl_conf = 7-client-auth-TLSv1-require-fail-ssl +[8-client-auth-TLSv1-require-fail] +ssl_conf = 8-client-auth-TLSv1-require-fail-ssl -[7-client-auth-TLSv1-require-fail-ssl] -server = 7-client-auth-TLSv1-require-fail-server -client = 7-client-auth-TLSv1-require-fail-client +[8-client-auth-TLSv1-require-fail-ssl] +server = 8-client-auth-TLSv1-require-fail-server +client = 8-client-auth-TLSv1-require-fail-client -[7-client-auth-TLSv1-require-fail-server] +[8-client-auth-TLSv1-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 @@ -222,28 +270,28 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require -[7-client-auth-TLSv1-require-fail-client] +[8-client-auth-TLSv1-require-fail-client] CipherString = DEFAULT MaxProtocol = TLSv1 MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-7] +[test-8] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== -[8-client-auth-TLSv1-require] -ssl_conf = 8-client-auth-TLSv1-require-ssl +[9-client-auth-TLSv1-require] +ssl_conf = 9-client-auth-TLSv1-require-ssl -[8-client-auth-TLSv1-require-ssl] -server = 8-client-auth-TLSv1-require-server -client = 8-client-auth-TLSv1-require-client +[9-client-auth-TLSv1-require-ssl] +server = 9-client-auth-TLSv1-require-server +client = 9-client-auth-TLSv1-require-client -[8-client-auth-TLSv1-require-server] +[9-client-auth-TLSv1-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 @@ -252,7 +300,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request -[8-client-auth-TLSv1-require-client] +[9-client-auth-TLSv1-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1 @@ -261,20 +309,56 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-8] +[test-9] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedResult = Success + + +# =========================================================== + +[10-client-auth-TLSv1-require-non-empty-names] +ssl_conf = 10-client-auth-TLSv1-require-non-empty-names-ssl + +[10-client-auth-TLSv1-require-non-empty-names-ssl] +server = 10-client-auth-TLSv1-require-non-empty-names-server +client = 10-client-auth-TLSv1-require-non-empty-names-client + +[10-client-auth-TLSv1-require-non-empty-names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[10-client-auth-TLSv1-require-non-empty-names-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-10] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA ExpectedResult = Success # =========================================================== -[9-client-auth-TLSv1-noroot] -ssl_conf = 9-client-auth-TLSv1-noroot-ssl +[11-client-auth-TLSv1-noroot] +ssl_conf = 11-client-auth-TLSv1-noroot-ssl -[9-client-auth-TLSv1-noroot-ssl] -server = 9-client-auth-TLSv1-noroot-server -client = 9-client-auth-TLSv1-noroot-client +[11-client-auth-TLSv1-noroot-ssl] +server = 11-client-auth-TLSv1-noroot-server +client = 11-client-auth-TLSv1-noroot-client -[9-client-auth-TLSv1-noroot-server] +[11-client-auth-TLSv1-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 @@ -282,7 +366,7 @@ MinProtocol = TLSv1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require -[9-client-auth-TLSv1-noroot-client] +[11-client-auth-TLSv1-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1 @@ -291,48 +375,48 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-9] +[test-11] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA # =========================================================== -[10-server-auth-TLSv1.1] -ssl_conf = 10-server-auth-TLSv1.1-ssl +[12-server-auth-TLSv1.1] +ssl_conf = 12-server-auth-TLSv1.1-ssl -[10-server-auth-TLSv1.1-ssl] -server = 10-server-auth-TLSv1.1-server -client = 10-server-auth-TLSv1.1-client +[12-server-auth-TLSv1.1-ssl] +server = 12-server-auth-TLSv1.1-server +client = 12-server-auth-TLSv1.1-client -[10-server-auth-TLSv1.1-server] +[12-server-auth-TLSv1.1-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[10-server-auth-TLSv1.1-client] +[12-server-auth-TLSv1.1-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-10] +[test-12] ExpectedResult = Success # =========================================================== -[11-client-auth-TLSv1.1-request] -ssl_conf = 11-client-auth-TLSv1.1-request-ssl +[13-client-auth-TLSv1.1-request] +ssl_conf = 13-client-auth-TLSv1.1-request-ssl -[11-client-auth-TLSv1.1-request-ssl] -server = 11-client-auth-TLSv1.1-request-server -client = 11-client-auth-TLSv1.1-request-client +[13-client-auth-TLSv1.1-request-ssl] +server = 13-client-auth-TLSv1.1-request-server +client = 13-client-auth-TLSv1.1-request-client -[11-client-auth-TLSv1.1-request-server] +[13-client-auth-TLSv1.1-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 @@ -340,27 +424,27 @@ MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request -[11-client-auth-TLSv1.1-request-client] +[13-client-auth-TLSv1.1-request-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-11] +[test-13] ExpectedResult = Success # =========================================================== -[12-client-auth-TLSv1.1-require-fail] -ssl_conf = 12-client-auth-TLSv1.1-require-fail-ssl +[14-client-auth-TLSv1.1-require-fail] +ssl_conf = 14-client-auth-TLSv1.1-require-fail-ssl -[12-client-auth-TLSv1.1-require-fail-ssl] -server = 12-client-auth-TLSv1.1-require-fail-server -client = 12-client-auth-TLSv1.1-require-fail-client +[14-client-auth-TLSv1.1-require-fail-ssl] +server = 14-client-auth-TLSv1.1-require-fail-server +client = 14-client-auth-TLSv1.1-require-fail-client -[12-client-auth-TLSv1.1-require-fail-server] +[14-client-auth-TLSv1.1-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 @@ -369,28 +453,28 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require -[12-client-auth-TLSv1.1-require-fail-client] +[14-client-auth-TLSv1.1-require-fail-client] CipherString = DEFAULT MaxProtocol = TLSv1.1 MinProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-12] +[test-14] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== -[13-client-auth-TLSv1.1-require] -ssl_conf = 13-client-auth-TLSv1.1-require-ssl +[15-client-auth-TLSv1.1-require] +ssl_conf = 15-client-auth-TLSv1.1-require-ssl -[13-client-auth-TLSv1.1-require-ssl] -server = 13-client-auth-TLSv1.1-require-server -client = 13-client-auth-TLSv1.1-require-client +[15-client-auth-TLSv1.1-require-ssl] +server = 15-client-auth-TLSv1.1-require-server +client = 15-client-auth-TLSv1.1-require-client -[13-client-auth-TLSv1.1-require-server] +[15-client-auth-TLSv1.1-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 @@ -399,7 +483,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request -[13-client-auth-TLSv1.1-require-client] +[15-client-auth-TLSv1.1-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 @@ -408,20 +492,56 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-13] +[test-15] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA ExpectedResult = Success # =========================================================== -[14-client-auth-TLSv1.1-noroot] -ssl_conf = 14-client-auth-TLSv1.1-noroot-ssl +[16-client-auth-TLSv1.1-require-non-empty-names] +ssl_conf = 16-client-auth-TLSv1.1-require-non-empty-names-ssl -[14-client-auth-TLSv1.1-noroot-ssl] -server = 14-client-auth-TLSv1.1-noroot-server -client = 14-client-auth-TLSv1.1-noroot-client +[16-client-auth-TLSv1.1-require-non-empty-names-ssl] +server = 16-client-auth-TLSv1.1-require-non-empty-names-server +client = 16-client-auth-TLSv1.1-require-non-empty-names-client -[14-client-auth-TLSv1.1-noroot-server] +[16-client-auth-TLSv1.1-require-non-empty-names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[16-client-auth-TLSv1.1-require-non-empty-names-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-16] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedResult = Success + + +# =========================================================== + +[17-client-auth-TLSv1.1-noroot] +ssl_conf = 17-client-auth-TLSv1.1-noroot-ssl + +[17-client-auth-TLSv1.1-noroot-ssl] +server = 17-client-auth-TLSv1.1-noroot-server +client = 17-client-auth-TLSv1.1-noroot-client + +[17-client-auth-TLSv1.1-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 @@ -429,7 +549,7 @@ MinProtocol = TLSv1.1 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require -[14-client-auth-TLSv1.1-noroot-client] +[17-client-auth-TLSv1.1-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 @@ -438,48 +558,48 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-14] +[test-17] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA # =========================================================== -[15-server-auth-TLSv1.2] -ssl_conf = 15-server-auth-TLSv1.2-ssl +[18-server-auth-TLSv1.2] +ssl_conf = 18-server-auth-TLSv1.2-ssl -[15-server-auth-TLSv1.2-ssl] -server = 15-server-auth-TLSv1.2-server -client = 15-server-auth-TLSv1.2-client +[18-server-auth-TLSv1.2-ssl] +server = 18-server-auth-TLSv1.2-server +client = 18-server-auth-TLSv1.2-client -[15-server-auth-TLSv1.2-server] +[18-server-auth-TLSv1.2-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[15-server-auth-TLSv1.2-client] +[18-server-auth-TLSv1.2-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-15] +[test-18] ExpectedResult = Success # =========================================================== -[16-client-auth-TLSv1.2-request] -ssl_conf = 16-client-auth-TLSv1.2-request-ssl +[19-client-auth-TLSv1.2-request] +ssl_conf = 19-client-auth-TLSv1.2-request-ssl -[16-client-auth-TLSv1.2-request-ssl] -server = 16-client-auth-TLSv1.2-request-server -client = 16-client-auth-TLSv1.2-request-client +[19-client-auth-TLSv1.2-request-ssl] +server = 19-client-auth-TLSv1.2-request-server +client = 19-client-auth-TLSv1.2-request-client -[16-client-auth-TLSv1.2-request-server] +[19-client-auth-TLSv1.2-request-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 @@ -487,27 +607,27 @@ MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Request -[16-client-auth-TLSv1.2-request-client] +[19-client-auth-TLSv1.2-request-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-16] +[test-19] ExpectedResult = Success # =========================================================== -[17-client-auth-TLSv1.2-require-fail] -ssl_conf = 17-client-auth-TLSv1.2-require-fail-ssl +[20-client-auth-TLSv1.2-require-fail] +ssl_conf = 20-client-auth-TLSv1.2-require-fail-ssl -[17-client-auth-TLSv1.2-require-fail-ssl] -server = 17-client-auth-TLSv1.2-require-fail-server -client = 17-client-auth-TLSv1.2-require-fail-client +[20-client-auth-TLSv1.2-require-fail-ssl] +server = 20-client-auth-TLSv1.2-require-fail-server +client = 20-client-auth-TLSv1.2-require-fail-client -[17-client-auth-TLSv1.2-require-fail-server] +[20-client-auth-TLSv1.2-require-fail-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 @@ -516,37 +636,38 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Require -[17-client-auth-TLSv1.2-require-fail-client] +[20-client-auth-TLSv1.2-require-fail-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-17] +[test-20] ExpectedResult = ServerFail ExpectedServerAlert = HandshakeFailure # =========================================================== -[18-client-auth-TLSv1.2-require] -ssl_conf = 18-client-auth-TLSv1.2-require-ssl +[21-client-auth-TLSv1.2-require] +ssl_conf = 21-client-auth-TLSv1.2-require-ssl -[18-client-auth-TLSv1.2-require-ssl] -server = 18-client-auth-TLSv1.2-require-server -client = 18-client-auth-TLSv1.2-require-client +[21-client-auth-TLSv1.2-require-ssl] +server = 21-client-auth-TLSv1.2-require-server +client = 21-client-auth-TLSv1.2-require-client -[18-client-auth-TLSv1.2-require-server] +[21-client-auth-TLSv1.2-require-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +ClientSignatureAlgorithms = SHA256+RSA MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem VerifyMode = Request -[18-client-auth-TLSv1.2-require-client] +[21-client-auth-TLSv1.2-require-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 @@ -555,20 +676,61 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-18] +[test-21] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA +ExpectedResult = Success + + +# =========================================================== + +[22-client-auth-TLSv1.2-require-non-empty-names] +ssl_conf = 22-client-auth-TLSv1.2-require-non-empty-names-ssl + +[22-client-auth-TLSv1.2-require-non-empty-names-ssl] +server = 22-client-auth-TLSv1.2-require-non-empty-names-server +client = 22-client-auth-TLSv1.2-require-non-empty-names-client + +[22-client-auth-TLSv1.2-require-non-empty-names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ClientSignatureAlgorithms = SHA256+RSA +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[22-client-auth-TLSv1.2-require-non-empty-names-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-22] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA ExpectedResult = Success # =========================================================== -[19-client-auth-TLSv1.2-noroot] -ssl_conf = 19-client-auth-TLSv1.2-noroot-ssl +[23-client-auth-TLSv1.2-noroot] +ssl_conf = 23-client-auth-TLSv1.2-noroot-ssl -[19-client-auth-TLSv1.2-noroot-ssl] -server = 19-client-auth-TLSv1.2-noroot-server -client = 19-client-auth-TLSv1.2-noroot-client +[23-client-auth-TLSv1.2-noroot-ssl] +server = 23-client-auth-TLSv1.2-noroot-server +client = 23-client-auth-TLSv1.2-noroot-client -[19-client-auth-TLSv1.2-noroot-server] +[23-client-auth-TLSv1.2-noroot-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 @@ -576,7 +738,7 @@ MinProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem VerifyMode = Require -[19-client-auth-TLSv1.2-noroot-client] +[23-client-auth-TLSv1.2-noroot-client] Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 @@ -585,8 +747,386 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-19] +[test-23] +ExpectedResult = ServerFail +ExpectedServerAlert = UnknownCA + + +# =========================================================== + +[24-server-auth-DTLSv1] +ssl_conf = 24-server-auth-DTLSv1-ssl + +[24-server-auth-DTLSv1-ssl] +server = 24-server-auth-DTLSv1-server +client = 24-server-auth-DTLSv1-client + +[24-server-auth-DTLSv1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[24-server-auth-DTLSv1-client] +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-24] +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[25-client-auth-DTLSv1-request] +ssl_conf = 25-client-auth-DTLSv1-request-ssl + +[25-client-auth-DTLSv1-request-ssl] +server = 25-client-auth-DTLSv1-request-server +client = 25-client-auth-DTLSv1-request-client + +[25-client-auth-DTLSv1-request-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Request + +[25-client-auth-DTLSv1-request-client] +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-25] +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[26-client-auth-DTLSv1-require-fail] +ssl_conf = 26-client-auth-DTLSv1-require-fail-ssl + +[26-client-auth-DTLSv1-require-fail-ssl] +server = 26-client-auth-DTLSv1-require-fail-server +client = 26-client-auth-DTLSv1-require-fail-client + +[26-client-auth-DTLSv1-require-fail-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[26-client-auth-DTLSv1-require-fail-client] +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-26] +ExpectedResult = ServerFail +ExpectedServerAlert = HandshakeFailure +Method = DTLS + + +# =========================================================== + +[27-client-auth-DTLSv1-require] +ssl_conf = 27-client-auth-DTLSv1-require-ssl + +[27-client-auth-DTLSv1-require-ssl] +server = 27-client-auth-DTLSv1-require-server +client = 27-client-auth-DTLSv1-require-client + +[27-client-auth-DTLSv1-require-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[27-client-auth-DTLSv1-require-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-27] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[28-client-auth-DTLSv1-require-non-empty-names] +ssl_conf = 28-client-auth-DTLSv1-require-non-empty-names-ssl + +[28-client-auth-DTLSv1-require-non-empty-names-ssl] +server = 28-client-auth-DTLSv1-require-non-empty-names-server +client = 28-client-auth-DTLSv1-require-non-empty-names-client + +[28-client-auth-DTLSv1-require-non-empty-names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[28-client-auth-DTLSv1-require-non-empty-names-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-28] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[29-client-auth-DTLSv1-noroot] +ssl_conf = 29-client-auth-DTLSv1-noroot-ssl + +[29-client-auth-DTLSv1-noroot-ssl] +server = 29-client-auth-DTLSv1-noroot-server +client = 29-client-auth-DTLSv1-noroot-client + +[29-client-auth-DTLSv1-noroot-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Require + +[29-client-auth-DTLSv1-noroot-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1 +MinProtocol = DTLSv1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-29] +ExpectedResult = ServerFail +ExpectedServerAlert = UnknownCA +Method = DTLS + + +# =========================================================== + +[30-server-auth-DTLSv1.2] +ssl_conf = 30-server-auth-DTLSv1.2-ssl + +[30-server-auth-DTLSv1.2-ssl] +server = 30-server-auth-DTLSv1.2-server +client = 30-server-auth-DTLSv1.2-client + +[30-server-auth-DTLSv1.2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[30-server-auth-DTLSv1.2-client] +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-30] +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[31-client-auth-DTLSv1.2-request] +ssl_conf = 31-client-auth-DTLSv1.2-request-ssl + +[31-client-auth-DTLSv1.2-request-ssl] +server = 31-client-auth-DTLSv1.2-request-server +client = 31-client-auth-DTLSv1.2-request-client + +[31-client-auth-DTLSv1.2-request-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Request + +[31-client-auth-DTLSv1.2-request-client] +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-31] +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[32-client-auth-DTLSv1.2-require-fail] +ssl_conf = 32-client-auth-DTLSv1.2-require-fail-ssl + +[32-client-auth-DTLSv1.2-require-fail-ssl] +server = 32-client-auth-DTLSv1.2-require-fail-server +client = 32-client-auth-DTLSv1.2-require-fail-client + +[32-client-auth-DTLSv1.2-require-fail-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[32-client-auth-DTLSv1.2-require-fail-client] +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-32] +ExpectedResult = ServerFail +ExpectedServerAlert = HandshakeFailure +Method = DTLS + + +# =========================================================== + +[33-client-auth-DTLSv1.2-require] +ssl_conf = 33-client-auth-DTLSv1.2-require-ssl + +[33-client-auth-DTLSv1.2-require-ssl] +server = 33-client-auth-DTLSv1.2-require-server +client = 33-client-auth-DTLSv1.2-require-client + +[33-client-auth-DTLSv1.2-require-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[33-client-auth-DTLSv1.2-require-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-33] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[34-client-auth-DTLSv1.2-require-non-empty-names] +ssl_conf = 34-client-auth-DTLSv1.2-require-non-empty-names-ssl + +[34-client-auth-DTLSv1.2-require-non-empty-names-ssl] +server = 34-client-auth-DTLSv1.2-require-non-empty-names-server +client = 34-client-auth-DTLSv1.2-require-non-empty-names-client + +[34-client-auth-DTLSv1.2-require-non-empty-names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[34-client-auth-DTLSv1.2-require-non-empty-names-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-34] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedResult = Success +Method = DTLS + + +# =========================================================== + +[35-client-auth-DTLSv1.2-noroot] +ssl_conf = 35-client-auth-DTLSv1.2-noroot-ssl + +[35-client-auth-DTLSv1.2-noroot-ssl] +server = 35-client-auth-DTLSv1.2-noroot-server +client = 35-client-auth-DTLSv1.2-noroot-client + +[35-client-auth-DTLSv1.2-noroot-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Require + +[35-client-auth-DTLSv1.2-noroot-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = DTLSv1.2 +MinProtocol = DTLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-35] ExpectedResult = ServerFail ExpectedServerAlert = UnknownCA +Method = DTLS diff --git a/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf.in b/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf.in index 8738aaa769..b9c014d2c0 100644 --- a/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/04-client_auth.conf.in @@ -8,116 +8,189 @@ use strict; use warnings; use OpenSSL::Test; -use OpenSSL::Test::Utils qw(anydisabled); +use OpenSSL::Test::Utils qw(anydisabled disabled); setup("no_test_here"); # We test version-flexible negotiation (undef) and each protocol version. -my @protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"); +my @protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "DTLSv1", "DTLSv1.2"); my @is_disabled = (0); -push @is_disabled, anydisabled("ssl3", "tls1", "tls1_1", "tls1_2"); +push @is_disabled, anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "dtls1", "dtls1_2"); our @tests = (); sub generate_tests() { - foreach (0..$#protocols) { my $protocol = $protocols[$_]; my $protocol_name = $protocol || "flex"; my $caalert; + my $method; + my $sctpenabled = 0; if (!$is_disabled[$_]) { if ($protocol_name eq "SSLv3") { $caalert = "BadCertificate"; } else { $caalert = "UnknownCA"; } - # Sanity-check simple handshake. - push @tests, { - name => "server-auth-${protocol_name}", - server => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol - }, - client => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol - }, - test => { "ExpectedResult" => "Success" }, - }; + if ($protocol_name =~ m/^DTLS/) { + $method = "DTLS"; + $sctpenabled = 1 if !disabled("sctp"); + } + my $clihash; + my $clisigtype; + my $clisigalgs; + # TODO(TLS1.3) add TLSv1.3 versions + if ($protocol_name eq "TLSv1.2") { + $clihash = "SHA256"; + $clisigtype = "RSA"; + $clisigalgs = "SHA256+RSA"; + } + for (my $sctp = 0; $sctp <= $sctpenabled; $sctp++) { + # Sanity-check simple handshake. + push @tests, { + name => "server-auth-${protocol_name}" + .($sctp ? "-sctp" : ""), + server => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol + }, + client => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol + }, + test => { + "ExpectedResult" => "Success", + "Method" => $method, + }, + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; - # Handshake with client cert requested but not required or received. - push @tests, { - name => "client-auth-${protocol_name}-request", - server => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol, - "VerifyMode" => "Request" - }, - client => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol - }, - test => { "ExpectedResult" => "Success" }, - }; + # Handshake with client cert requested but not required or received. + push @tests, { + name => "client-auth-${protocol_name}-request" + .($sctp ? "-sctp" : ""), + server => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "VerifyMode" => "Request" + }, + client => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol + }, + test => { + "ExpectedResult" => "Success", + "Method" => $method, + }, + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; - # Handshake with client cert required but not present. - push @tests, { - name => "client-auth-${protocol_name}-require-fail", - server => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol, - "VerifyCAFile" => test_pem("root-cert.pem"), - "VerifyMode" => "Require", - }, - client => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol - }, - test => { - "ExpectedResult" => "ServerFail", - "ExpectedServerAlert" => "HandshakeFailure", - }, - }; + # Handshake with client cert required but not present. + push @tests, { + name => "client-auth-${protocol_name}-require-fail" + .($sctp ? "-sctp" : ""), + server => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require", + }, + client => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol + }, + test => { + "ExpectedResult" => "ServerFail", + "ExpectedServerAlert" => + ($protocol_name eq "flex" && !disabled("tls1_3")) + ? "CertificateRequired" : "HandshakeFailure", + "Method" => $method, + }, + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; - # Successful handshake with client authentication. - push @tests, { - name => "client-auth-${protocol_name}-require", - server => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol, - "VerifyCAFile" => test_pem("root-cert.pem"), - "VerifyMode" => "Request", - }, - client => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol, - "Certificate" => test_pem("ee-client-chain.pem"), - "PrivateKey" => test_pem("ee-key.pem"), - }, - test => { "ExpectedResult" => "Success" }, - }; + # Successful handshake with client authentication. + push @tests, { + name => "client-auth-${protocol_name}-require" + .($sctp ? "-sctp" : ""), + server => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "ClientSignatureAlgorithms" => $clisigalgs, + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Request", + }, + client => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "ExpectedResult" => "Success", + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignType" => $clisigtype, + "ExpectedClientSignHash" => $clihash, + "ExpectedClientCANames" => "empty", + "Method" => $method, + }, + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; - # Handshake with client authentication but without the root certificate. - push @tests, { - name => "client-auth-${protocol_name}-noroot", - server => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol, - "VerifyMode" => "Require", - }, - client => { - "MinProtocol" => $protocol, - "MaxProtocol" => $protocol, - "Certificate" => test_pem("ee-client-chain.pem"), - "PrivateKey" => test_pem("ee-key.pem"), - }, - test => { - "ExpectedResult" => "ServerFail", - "ExpectedServerAlert" => $caalert, - }, - }; + # Successful handshake with client authentication non-empty names + push @tests, { + name => "client-auth-${protocol_name}-require-non-empty-names" + .($sctp ? "-sctp" : ""), + server => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "ClientSignatureAlgorithms" => $clisigalgs, + "ClientCAFile" => test_pem("root-cert.pem"), + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Request", + }, + client => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "ExpectedResult" => "Success", + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignType" => $clisigtype, + "ExpectedClientSignHash" => $clihash, + "ExpectedClientCANames" => test_pem("root-cert.pem"), + "Method" => $method, + }, + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; + + # Handshake with client authentication but without the root certificate. + push @tests, { + name => "client-auth-${protocol_name}-noroot" + .($sctp ? "-sctp" : ""), + server => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "VerifyMode" => "Require", + }, + client => { + "MinProtocol" => $protocol, + "MaxProtocol" => $protocol, + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "ExpectedResult" => "ServerFail", + "ExpectedServerAlert" => $caalert, + "Method" => $method, + }, + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; + } } } } - + generate_tests(); diff --git a/deps/openssl/openssl/test/ssl-tests/05-sni.conf b/deps/openssl/openssl/test/ssl-tests/05-sni.conf index e1fb3d9d89..a6c7f43911 100644 --- a/deps/openssl/openssl/test/ssl-tests/05-sni.conf +++ b/deps/openssl/openssl/test/ssl-tests/05-sni.conf @@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 6 +num_tests = 9 test-0 = 0-SNI-switch-context test-1 = 1-SNI-keep-context @@ -8,6 +8,9 @@ test-2 = 2-SNI-no-server-support test-3 = 3-SNI-no-client-support test-4 = 4-SNI-bad-sni-ignore-mismatch test-5 = 5-SNI-bad-sni-reject-mismatch +test-6 = 6-SNI-bad-clienthello-sni-ignore-mismatch +test-7 = 7-SNI-bad-clienthello-sni-reject-mismatch +test-8 = 8-SNI-clienthello-disable-v12 # =========================================================== [0-SNI-switch-context] @@ -201,3 +204,105 @@ ServerNameCallback = RejectMismatch ServerName = invalid +# =========================================================== + +[6-SNI-bad-clienthello-sni-ignore-mismatch] +ssl_conf = 6-SNI-bad-clienthello-sni-ignore-mismatch-ssl + +[6-SNI-bad-clienthello-sni-ignore-mismatch-ssl] +server = 6-SNI-bad-clienthello-sni-ignore-mismatch-server +client = 6-SNI-bad-clienthello-sni-ignore-mismatch-client +server2 = 6-SNI-bad-clienthello-sni-ignore-mismatch-server + +[6-SNI-bad-clienthello-sni-ignore-mismatch-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[6-SNI-bad-clienthello-sni-ignore-mismatch-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +ExpectedResult = Success +ExpectedServerName = server1 +server = 6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra +server2 = 6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra +client = 6-SNI-bad-clienthello-sni-ignore-mismatch-client-extra + +[6-SNI-bad-clienthello-sni-ignore-mismatch-server-extra] +ServerNameCallback = ClientHelloIgnoreMismatch + +[6-SNI-bad-clienthello-sni-ignore-mismatch-client-extra] +ServerName = invalid + + +# =========================================================== + +[7-SNI-bad-clienthello-sni-reject-mismatch] +ssl_conf = 7-SNI-bad-clienthello-sni-reject-mismatch-ssl + +[7-SNI-bad-clienthello-sni-reject-mismatch-ssl] +server = 7-SNI-bad-clienthello-sni-reject-mismatch-server +client = 7-SNI-bad-clienthello-sni-reject-mismatch-client +server2 = 7-SNI-bad-clienthello-sni-reject-mismatch-server + +[7-SNI-bad-clienthello-sni-reject-mismatch-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[7-SNI-bad-clienthello-sni-reject-mismatch-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +ExpectedResult = ServerFail +ExpectedServerAlert = UnrecognizedName +server = 7-SNI-bad-clienthello-sni-reject-mismatch-server-extra +server2 = 7-SNI-bad-clienthello-sni-reject-mismatch-server-extra +client = 7-SNI-bad-clienthello-sni-reject-mismatch-client-extra + +[7-SNI-bad-clienthello-sni-reject-mismatch-server-extra] +ServerNameCallback = ClientHelloRejectMismatch + +[7-SNI-bad-clienthello-sni-reject-mismatch-client-extra] +ServerName = invalid + + +# =========================================================== + +[8-SNI-clienthello-disable-v12] +ssl_conf = 8-SNI-clienthello-disable-v12-ssl + +[8-SNI-clienthello-disable-v12-ssl] +server = 8-SNI-clienthello-disable-v12-server +client = 8-SNI-clienthello-disable-v12-client +server2 = 8-SNI-clienthello-disable-v12-server + +[8-SNI-clienthello-disable-v12-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[8-SNI-clienthello-disable-v12-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedProtocol = TLSv1.1 +ExpectedServerName = server2 +server = 8-SNI-clienthello-disable-v12-server-extra +server2 = 8-SNI-clienthello-disable-v12-server-extra +client = 8-SNI-clienthello-disable-v12-client-extra + +[8-SNI-clienthello-disable-v12-server-extra] +ServerNameCallback = ClientHelloNoV12 + +[8-SNI-clienthello-disable-v12-client-extra] +ServerName = server2 + + diff --git a/deps/openssl/openssl/test/ssl-tests/05-sni.conf.in b/deps/openssl/openssl/test/ssl-tests/05-sni.conf.in index 76003e7623..a993a3421a 100644 --- a/deps/openssl/openssl/test/ssl-tests/05-sni.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/05-sni.conf.in @@ -13,6 +13,7 @@ use strict; use warnings; package ssltests; +use OpenSSL::Test::Utils; our @tests = ( { @@ -109,4 +110,60 @@ our @tests = ( "ExpectedServerAlert" => "UnrecognizedName" }, }, + { + name => "SNI-bad-clienthello-sni-ignore-mismatch", + server => { + extra => { + "ServerNameCallback" => "ClientHelloIgnoreMismatch", + }, + }, + client => { + extra => { + "ServerName" => "invalid", + }, + }, + test => { + "ExpectedServerName" => "server1", + "ExpectedResult" => "Success" + }, + }, + { + name => "SNI-bad-clienthello-sni-reject-mismatch", + server => { + extra => { + "ServerNameCallback" => "ClientHelloRejectMismatch", + }, + }, + client => { + extra => { + "ServerName" => "invalid", + }, + }, + test => { + "ExpectedResult" => "ServerFail", + "ExpectedServerAlert" => "UnrecognizedName" + }, + }, ); + +our @tests_tls_1_1 = ( + { + name => "SNI-clienthello-disable-v12", + server => { + extra => { + "ServerNameCallback" => "ClientHelloNoV12", + }, + }, + client => { + extra => { + "ServerName" => "server2", + }, + }, + test => { + "ExpectedProtocol" => "TLSv1.1", + "ExpectedServerName" => "server2", + }, + }, +); + +push @tests, @tests_tls_1_1 unless disabled("tls1_1"); diff --git a/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf b/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf index 9620e015a1..a3a9c78f06 100644 --- a/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf +++ b/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf @@ -43,6 +43,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -84,6 +85,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -91,6 +93,7 @@ VerifyMode = Peer [test-1] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = Yes server = 1-sni-session-ticket-server-extra client = 1-sni-session-ticket-client-extra @@ -126,6 +129,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -133,6 +137,7 @@ VerifyMode = Peer [test-2] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = Yes server = 2-sni-session-ticket-server-extra client = 2-sni-session-ticket-client-extra @@ -168,6 +173,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -175,6 +181,7 @@ VerifyMode = Peer [test-3] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = Yes server = 3-sni-session-ticket-server-extra client = 3-sni-session-ticket-client-extra @@ -210,6 +217,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -217,6 +225,7 @@ VerifyMode = Peer [test-4] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 4-sni-session-ticket-server-extra client = 4-sni-session-ticket-client-extra @@ -252,6 +261,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -259,6 +269,7 @@ VerifyMode = Peer [test-5] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = No server = 5-sni-session-ticket-server-extra client = 5-sni-session-ticket-client-extra @@ -294,6 +305,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -301,6 +313,7 @@ VerifyMode = Peer [test-6] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 6-sni-session-ticket-server-extra client = 6-sni-session-ticket-client-extra @@ -336,6 +349,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -343,6 +357,7 @@ VerifyMode = Peer [test-7] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = No server = 7-sni-session-ticket-server-extra client = 7-sni-session-ticket-client-extra @@ -378,6 +393,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -385,6 +401,7 @@ VerifyMode = Peer [test-8] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 8-sni-session-ticket-server-extra client = 8-sni-session-ticket-client-extra @@ -420,6 +437,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -427,6 +445,7 @@ VerifyMode = Peer [test-9] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = No server = 9-sni-session-ticket-server-extra client = 9-sni-session-ticket-client-extra @@ -462,6 +481,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -469,6 +489,7 @@ VerifyMode = Peer [test-10] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 10-sni-session-ticket-server-extra client = 10-sni-session-ticket-client-extra @@ -504,6 +525,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -511,6 +533,7 @@ VerifyMode = Peer [test-11] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = No server = 11-sni-session-ticket-server-extra client = 11-sni-session-ticket-client-extra @@ -546,6 +569,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -553,6 +577,7 @@ VerifyMode = Peer [test-12] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 12-sni-session-ticket-server-extra client = 12-sni-session-ticket-client-extra @@ -588,6 +613,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -595,6 +621,7 @@ VerifyMode = Peer [test-13] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = No server = 13-sni-session-ticket-server-extra client = 13-sni-session-ticket-client-extra @@ -630,6 +657,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -637,6 +665,7 @@ VerifyMode = Peer [test-14] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 14-sni-session-ticket-server-extra client = 14-sni-session-ticket-client-extra @@ -672,6 +701,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -679,6 +709,7 @@ VerifyMode = Peer [test-15] ExpectedResult = Success ExpectedServerName = server1 +SessionIdExpected = Yes SessionTicketExpected = No server = 15-sni-session-ticket-server-extra client = 15-sni-session-ticket-client-extra @@ -714,6 +745,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-sni-session-ticket-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = -SessionTicket VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -721,6 +753,7 @@ VerifyMode = Peer [test-16] ExpectedResult = Success ExpectedServerName = server2 +SessionIdExpected = Yes SessionTicketExpected = No server = 16-sni-session-ticket-server-extra client = 16-sni-session-ticket-client-extra diff --git a/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf.in b/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf.in index ea92b627b4..b4f4ffc29d 100644 --- a/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/06-sni-ticket.conf.in @@ -7,7 +7,7 @@ # https://www.openssl.org/source/license.html -## Test Session ticket +## Test SNI/Session tickets use strict; use warnings; @@ -17,12 +17,15 @@ package ssltests; our @tests = (); +#Note: MaxProtocol is set to TLSv1.2 as session tickets work differently in +#TLSv1.3. sub generate_tests() { foreach my $c ("SessionTicket", "-SessionTicket") { - foreach my $s1 ("SessionTicket", "-SessionTicket") { - foreach my $s2 ("SessionTicket", "-SessionTicket") { - foreach my $n ("server1", "server2") { - my $result = expected_result($c, $s1, $s2, $n); + foreach my $s1 ("SessionTicket", "-SessionTicket") { + foreach my $s2 ("SessionTicket", "-SessionTicket") { + foreach my $n ("server1", "server2") { + my $ticket_result = expected_result($c, $s1, $s2, $n); + my $session_id_result = "Yes"; # always, even with a ticket push @tests, { "name" => "sni-session-ticket", "client" => { @@ -30,6 +33,7 @@ sub generate_tests() { "extra" => { "ServerName" => $n, }, + "MaxProtocol" => "TLSv1.2" }, "server" => { "Options" => $s1, @@ -38,13 +42,14 @@ sub generate_tests() { "ServerNameCallback" => "IgnoreMismatch", }, }, - "server2" => { - "Options" => $s2, - }, + "server2" => { + "Options" => $s2, + }, "test" => { "ExpectedServerName" => $n, "ExpectedResult" => "Success", - "SessionTicketExpected" => $result, + "SessionIdExpected" => $session_id_result, + "SessionTicketExpected" => $ticket_result, } }; } @@ -72,23 +77,24 @@ sub expected_result { push @tests, { "name" => "sni-session-ticket", "client" => { - "Options" => "SessionTicket", + "MaxProtocol" => "TLSv1.2", + "Options" => "SessionTicket", "extra" => { "ServerName" => "server1", } }, "server" => { - "Options" => "SessionTicket", + "Options" => "SessionTicket", "extra" => { "BrokenSessionTicket" => "Yes", }, }, "server2" => { - "Options" => "SessionTicket", + "Options" => "SessionTicket", }, "test" => { - "ExpectedResult" => "Success", - "SessionTicketExpected" => "No", + "ExpectedResult" => "Success", + "SessionTicketExpected" => "No", } }; diff --git a/deps/openssl/openssl/test/ssl-tests/08-npn.conf b/deps/openssl/openssl/test/ssl-tests/08-npn.conf index 9115ef458b..f38b3f6975 100644 --- a/deps/openssl/openssl/test/ssl-tests/08-npn.conf +++ b/deps/openssl/openssl/test/ssl-tests/08-npn.conf @@ -38,6 +38,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-npn-simple-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -69,6 +70,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-npn-client-finds-match-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -100,6 +102,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-npn-client-honours-server-pref-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -131,6 +134,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-npn-client-first-pref-on-mismatch-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -162,6 +166,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-npn-no-server-support-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -188,6 +193,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-npn-no-client-support-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -220,6 +226,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-npn-with-sni-no-context-switch-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -264,6 +271,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-npn-with-sni-context-switch-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -308,6 +316,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-npn-selected-sni-server-supports-npn-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -351,6 +360,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-npn-selected-sni-server-does-not-support-npn-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -384,6 +394,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-alpn-preferred-over-npn-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -423,6 +434,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-sni-npn-preferred-over-alpn-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -464,6 +476,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-npn-simple-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -506,6 +519,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-npn-server-switch-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -546,11 +560,13 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-npn-client-switch-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [14-npn-client-switch-resumption-resume-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -596,6 +612,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-npn-client-first-pref-on-mismatch-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -641,6 +658,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-npn-no-server-support-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -676,11 +694,13 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-npn-no-client-support-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [17-npn-no-client-support-resumption-resume-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -721,6 +741,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [18-alpn-preferred-over-npn-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -768,6 +789,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-npn-used-if-alpn-not-supported-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/deps/openssl/openssl/test/ssl-tests/08-npn.conf.in b/deps/openssl/openssl/test/ssl-tests/08-npn.conf.in index bcb632f051..b5df13d5a9 100644 --- a/deps/openssl/openssl/test/ssl-tests/08-npn.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/08-npn.conf.in @@ -7,14 +7,13 @@ # https://www.openssl.org/source/license.html -## Test NPN negotiation +## Test NPN. Note that NPN is only supported up to TLSv1.2 use strict; use warnings; package ssltests; - our @tests = ( { name => "npn-simple", @@ -27,6 +26,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedNPNProtocol" => "foo", @@ -43,6 +43,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo,bar", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedNPNProtocol" => "bar", @@ -59,6 +60,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo,bar", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedNPNProtocol" => "bar", @@ -75,6 +77,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo,bar", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedNPNProtocol" => "foo", @@ -82,11 +85,12 @@ our @tests = ( }, { name => "npn-no-server-support", - server => { }, + server => {}, client => { extra => { "NPNProtocols" => "foo", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedNPNProtocol" => undef, @@ -99,7 +103,9 @@ our @tests = ( "NPNProtocols" => "foo", }, }, - client => { }, + client => { + "MaxProtocol" => "TLSv1.2" + }, test => { "ExpectedNPNProtocol" => undef, }, @@ -122,6 +128,7 @@ our @tests = ( "NPNProtocols" => "foo,bar", "ServerName" => "server1", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedServerName" => "server1", @@ -146,6 +153,7 @@ our @tests = ( "NPNProtocols" => "foo,bar", "ServerName" => "server2", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedServerName" => "server2", @@ -169,6 +177,7 @@ our @tests = ( "NPNProtocols" => "foo,bar", "ServerName" => "server2", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedServerName" => "server2", @@ -189,6 +198,7 @@ our @tests = ( "NPNProtocols" => "foo,bar", "ServerName" => "server2", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedServerName" => "server2", @@ -208,6 +218,7 @@ our @tests = ( "ALPNProtocols" => "foo", "NPNProtocols" => "bar", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedALPNProtocol" => "foo", @@ -233,6 +244,7 @@ our @tests = ( "ALPNProtocols" => "foo", "NPNProtocols" => "bar", }, + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedALPNProtocol" => undef, @@ -251,6 +263,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", @@ -274,6 +287,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo,bar,baz", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", @@ -292,11 +306,13 @@ our @tests = ( extra => { "NPNProtocols" => "foo,baz", }, + "MaxProtocol" => "TLSv1.2" }, resume_client => { extra => { "NPNProtocols" => "bar,baz", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", @@ -320,6 +336,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo,bar", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", @@ -339,6 +356,7 @@ our @tests = ( extra => { "NPNProtocols" => "foo", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", @@ -357,8 +375,11 @@ our @tests = ( extra => { "NPNProtocols" => "foo", }, + "MaxProtocol" => "TLSv1.2" + }, + resume_client => { + "MaxProtocol" => "TLSv1.2" }, - resume_client => { }, test => { "HandshakeMode" => "Resume", "ResumptionExpected" => "Yes", @@ -383,6 +404,7 @@ our @tests = ( "ALPNProtocols" => "foo", "NPNProtocols" => "bar,baz", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", @@ -409,6 +431,7 @@ our @tests = ( "ALPNProtocols" => "foo", "NPNProtocols" => "bar,baz", }, + "MaxProtocol" => "TLSv1.2" }, test => { "HandshakeMode" => "Resume", diff --git a/deps/openssl/openssl/test/ssl-tests/09-alpn.conf.in b/deps/openssl/openssl/test/ssl-tests/09-alpn.conf.in index 37035f1d84..6e86375af1 100644 --- a/deps/openssl/openssl/test/ssl-tests/09-alpn.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/09-alpn.conf.in @@ -7,7 +7,7 @@ # https://www.openssl.org/source/license.html -## Test ALPN negotiation +## Test version negotiation use strict; use warnings; @@ -314,7 +314,8 @@ our @tests = ( "ALPNProtocols" => "foo", }, }, - resume_client => { }, + resume_client => { + }, test => { "HandshakeMode" => "Resume", "ResumptionExpected" => "Yes", diff --git a/deps/openssl/openssl/test/ssl-tests/10-resumption.conf b/deps/openssl/openssl/test/ssl-tests/10-resumption.conf index b2deee4209..73de974ab0 100644 --- a/deps/openssl/openssl/test/ssl-tests/10-resumption.conf +++ b/deps/openssl/openssl/test/ssl-tests/10-resumption.conf @@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 36 +num_tests = 65 test-0 = 0-resumption test-1 = 1-resumption @@ -38,6 +38,35 @@ test-32 = 32-resumption test-33 = 33-resumption test-34 = 34-resumption test-35 = 35-resumption +test-36 = 36-resumption +test-37 = 37-resumption +test-38 = 38-resumption +test-39 = 39-resumption +test-40 = 40-resumption +test-41 = 41-resumption +test-42 = 42-resumption +test-43 = 43-resumption +test-44 = 44-resumption +test-45 = 45-resumption +test-46 = 46-resumption +test-47 = 47-resumption +test-48 = 48-resumption +test-49 = 49-resumption +test-50 = 50-resumption +test-51 = 51-resumption +test-52 = 52-resumption +test-53 = 53-resumption +test-54 = 54-resumption +test-55 = 55-resumption +test-56 = 56-resumption +test-57 = 57-resumption +test-58 = 58-resumption +test-59 = 59-resumption +test-60 = 60-resumption +test-61 = 61-resumption +test-62 = 62-resumption +test-63 = 63-resumption +test-64 = 64-resumption-with-hrr # =========================================================== [0-resumption] @@ -61,6 +90,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-resumption-client] @@ -97,6 +127,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-resumption-client] @@ -133,6 +164,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-resumption-client] @@ -169,6 +201,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-resumption-client] @@ -205,6 +238,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-resumption-client] @@ -241,6 +275,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.2 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-resumption-client] @@ -268,15 +303,16 @@ resume-client = 6-resumption-client [6-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-resumption-client] @@ -285,7 +321,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-6] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -304,15 +340,16 @@ resume-client = 7-resumption-client [7-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.3 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-resumption-client] @@ -321,7 +358,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-7] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -348,7 +385,8 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-resumption-client] @@ -357,9 +395,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-8] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -384,7 +422,8 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-resumption-client] @@ -393,9 +432,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-9] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -420,7 +459,8 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-resumption-client] @@ -429,9 +469,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-10] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -456,7 +496,8 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-resumption-client] @@ -465,9 +506,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-11] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -484,15 +525,16 @@ resume-client = 12-resumption-client [12-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-resumption-client] @@ -501,7 +543,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-12] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume ResumptionExpected = No @@ -520,15 +562,16 @@ resume-client = 13-resumption-client [13-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 +MaxProtocol = TLSv1.2 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-resumption-client] @@ -537,7 +580,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-13] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume ResumptionExpected = No @@ -556,15 +599,16 @@ resume-client = 14-resumption-client [14-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-resumption-client] @@ -573,7 +617,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-14] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -592,15 +636,16 @@ resume-client = 15-resumption-client [15-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1.3 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-resumption-client] @@ -609,7 +654,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-15] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -636,7 +681,8 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-resumption-client] @@ -645,9 +691,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-16] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -672,7 +718,8 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-resumption-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-resumption-client] @@ -681,9 +728,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-17] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -694,32 +741,33 @@ ssl_conf = 18-resumption-ssl [18-resumption-ssl] server = 18-resumption-server client = 18-resumption-client -resume-server = 18-resumption-server -resume-client = 18-resumption-resume-client +resume-server = 18-resumption-resume-server +resume-client = 18-resumption-client [18-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[18-resumption-client] +[18-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.1 +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[18-resumption-resume-client] +[18-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-18] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -730,32 +778,33 @@ ssl_conf = 19-resumption-ssl [19-resumption-ssl] server = 19-resumption-server client = 19-resumption-client -resume-server = 19-resumption-server -resume-client = 19-resumption-resume-client +resume-server = 19-resumption-resume-server +resume-client = 19-resumption-client [19-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[19-resumption-client] +[19-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.1 +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[19-resumption-resume-client] +[19-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-19] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -766,32 +815,33 @@ ssl_conf = 20-resumption-ssl [20-resumption-ssl] server = 20-resumption-server client = 20-resumption-client -resume-server = 20-resumption-server -resume-client = 20-resumption-resume-client +resume-server = 20-resumption-resume-server +resume-client = 20-resumption-client [20-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[20-resumption-client] +[20-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.2 +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[20-resumption-resume-client] +[20-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-20] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -802,32 +852,33 @@ ssl_conf = 21-resumption-ssl [21-resumption-ssl] server = 21-resumption-server client = 21-resumption-client -resume-server = 21-resumption-server -resume-client = 21-resumption-resume-client +resume-server = 21-resumption-resume-server +resume-client = 21-resumption-client [21-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[21-resumption-client] +[21-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.2 +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[21-resumption-resume-client] +[21-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-21] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1.2 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -838,30 +889,31 @@ ssl_conf = 22-resumption-ssl [22-resumption-ssl] server = 22-resumption-server client = 22-resumption-client -resume-server = 22-resumption-server -resume-client = 22-resumption-resume-client +resume-server = 22-resumption-resume-server +resume-client = 22-resumption-client [22-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[22-resumption-client] +[22-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.3 +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[22-resumption-resume-client] +[22-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-22] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -874,30 +926,31 @@ ssl_conf = 23-resumption-ssl [23-resumption-ssl] server = 23-resumption-server client = 23-resumption-client -resume-server = 23-resumption-server -resume-client = 23-resumption-resume-client +resume-server = 23-resumption-resume-server +resume-client = 23-resumption-client [23-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[23-resumption-client] +[23-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1 -MinProtocol = TLSv1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.3 +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[23-resumption-resume-client] +[23-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-23] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume ResumptionExpected = No @@ -910,25 +963,26 @@ ssl_conf = 24-resumption-ssl [24-resumption-ssl] server = 24-resumption-server client = 24-resumption-client -resume-server = 24-resumption-server -resume-client = 24-resumption-resume-client +resume-server = 24-resumption-resume-server +resume-client = 24-resumption-client [24-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[24-resumption-client] +[24-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1 +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[24-resumption-resume-client] +[24-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -946,25 +1000,26 @@ ssl_conf = 25-resumption-ssl [25-resumption-ssl] server = 25-resumption-server client = 25-resumption-client -resume-server = 25-resumption-server -resume-client = 25-resumption-resume-client +resume-server = 25-resumption-resume-server +resume-client = 25-resumption-client [25-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[25-resumption-client] +[25-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1 +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[25-resumption-resume-client] +[25-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -982,32 +1037,33 @@ ssl_conf = 26-resumption-ssl [26-resumption-ssl] server = 26-resumption-server client = 26-resumption-client -resume-server = 26-resumption-server -resume-client = 26-resumption-resume-client +resume-server = 26-resumption-resume-server +resume-client = 26-resumption-client [26-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[26-resumption-client] +[26-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[26-resumption-resume-client] +[26-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-26] ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -1018,32 +1074,33 @@ ssl_conf = 27-resumption-ssl [27-resumption-ssl] server = 27-resumption-server client = 27-resumption-client -resume-server = 27-resumption-server -resume-client = 27-resumption-resume-client +resume-server = 27-resumption-resume-server +resume-client = 27-resumption-client [27-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[27-resumption-client] +[27-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[27-resumption-resume-client] +[27-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-27] ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -1054,25 +1111,26 @@ ssl_conf = 28-resumption-ssl [28-resumption-ssl] server = 28-resumption-server client = 28-resumption-client -resume-server = 28-resumption-server -resume-client = 28-resumption-resume-client +resume-server = 28-resumption-resume-server +resume-client = 28-resumption-client [28-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[28-resumption-client] +[28-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.2 +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[28-resumption-resume-client] +[28-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1090,25 +1148,26 @@ ssl_conf = 29-resumption-ssl [29-resumption-ssl] server = 29-resumption-server client = 29-resumption-client -resume-server = 29-resumption-server -resume-client = 29-resumption-resume-client +resume-server = 29-resumption-resume-server +resume-client = 29-resumption-client [29-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[29-resumption-client] +[29-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.1 -MinProtocol = TLSv1.1 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.2 +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[29-resumption-resume-client] +[29-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -1126,32 +1185,33 @@ ssl_conf = 30-resumption-ssl [30-resumption-ssl] server = 30-resumption-server client = 30-resumption-client -resume-server = 30-resumption-server -resume-client = 30-resumption-resume-client +resume-server = 30-resumption-resume-server +resume-client = 30-resumption-client [30-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[30-resumption-client] +[30-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.3 +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[30-resumption-resume-client] +[30-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-30] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1162,32 +1222,33 @@ ssl_conf = 31-resumption-ssl [31-resumption-ssl] server = 31-resumption-server client = 31-resumption-client -resume-server = 31-resumption-server -resume-client = 31-resumption-resume-client +resume-server = 31-resumption-resume-server +resume-client = 31-resumption-client [31-resumption-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[31-resumption-client] +[31-resumption-resume-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 -VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem -VerifyMode = Peer +MaxProtocol = TLSv1.3 +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem -[31-resumption-resume-client] +[31-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-31] -ExpectedProtocol = TLSv1 +ExpectedProtocol = TLSv1.3 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1209,21 +1270,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [32-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [32-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-32] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1245,21 +1306,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [33-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [33-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.1 +MaxProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-33] -ExpectedProtocol = TLSv1.1 +ExpectedProtocol = TLSv1 HandshakeMode = Resume -ResumptionExpected = No +ResumptionExpected = Yes # =========================================================== @@ -1281,21 +1342,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [34-resumption-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 -MinProtocol = TLSv1.2 +MaxProtocol = TLSv1 +MinProtocol = TLSv1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [34-resumption-resume-client] CipherString = DEFAULT -MaxProtocol = TLSv1.2 +MaxProtocol = TLSv1.1 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer [test-34] -ExpectedProtocol = TLSv1.2 +ExpectedProtocol = TLSv1.1 HandshakeMode = Resume -ResumptionExpected = Yes +ResumptionExpected = No # =========================================================== @@ -1317,20 +1378,1062 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [35-resumption-client] CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[35-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-35] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[36-resumption] +ssl_conf = 36-resumption-ssl + +[36-resumption-ssl] +server = 36-resumption-server +client = 36-resumption-client +resume-server = 36-resumption-server +resume-client = 36-resumption-resume-client + +[36-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[36-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[36-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-36] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[37-resumption] +ssl_conf = 37-resumption-ssl + +[37-resumption-ssl] +server = 37-resumption-server +client = 37-resumption-client +resume-server = 37-resumption-server +resume-client = 37-resumption-resume-client + +[37-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[37-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[37-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-37] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[38-resumption] +ssl_conf = 38-resumption-ssl + +[38-resumption-ssl] +server = 38-resumption-server +client = 38-resumption-client +resume-server = 38-resumption-server +resume-client = 38-resumption-resume-client + +[38-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[38-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[38-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-38] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[39-resumption] +ssl_conf = 39-resumption-ssl + +[39-resumption-ssl] +server = 39-resumption-server +client = 39-resumption-client +resume-server = 39-resumption-server +resume-client = 39-resumption-resume-client + +[39-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[39-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +MinProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[39-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-39] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[40-resumption] +ssl_conf = 40-resumption-ssl + +[40-resumption-ssl] +server = 40-resumption-server +client = 40-resumption-client +resume-server = 40-resumption-server +resume-client = 40-resumption-resume-client + +[40-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[40-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[40-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-40] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[41-resumption] +ssl_conf = 41-resumption-ssl + +[41-resumption-ssl] +server = 41-resumption-server +client = 41-resumption-client +resume-server = 41-resumption-server +resume-client = 41-resumption-resume-client + +[41-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[41-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[41-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-41] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[42-resumption] +ssl_conf = 42-resumption-ssl + +[42-resumption-ssl] +server = 42-resumption-server +client = 42-resumption-client +resume-server = 42-resumption-server +resume-client = 42-resumption-resume-client + +[42-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[42-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[42-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-42] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[43-resumption] +ssl_conf = 43-resumption-ssl + +[43-resumption-ssl] +server = 43-resumption-server +client = 43-resumption-client +resume-server = 43-resumption-server +resume-client = 43-resumption-resume-client + +[43-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[43-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[43-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-43] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[44-resumption] +ssl_conf = 44-resumption-ssl + +[44-resumption-ssl] +server = 44-resumption-server +client = 44-resumption-client +resume-server = 44-resumption-server +resume-client = 44-resumption-resume-client + +[44-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[44-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[44-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-44] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[45-resumption] +ssl_conf = 45-resumption-ssl + +[45-resumption-ssl] +server = 45-resumption-server +client = 45-resumption-client +resume-server = 45-resumption-server +resume-client = 45-resumption-resume-client + +[45-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[45-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[45-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-45] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[46-resumption] +ssl_conf = 46-resumption-ssl + +[46-resumption-ssl] +server = 46-resumption-server +client = 46-resumption-client +resume-server = 46-resumption-server +resume-client = 46-resumption-resume-client + +[46-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[46-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[46-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-46] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[47-resumption] +ssl_conf = 47-resumption-ssl + +[47-resumption-ssl] +server = 47-resumption-server +client = 47-resumption-client +resume-server = 47-resumption-server +resume-client = 47-resumption-resume-client + +[47-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[47-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +MinProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[47-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-47] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[48-resumption] +ssl_conf = 48-resumption-ssl + +[48-resumption-ssl] +server = 48-resumption-server +client = 48-resumption-client +resume-server = 48-resumption-server +resume-client = 48-resumption-resume-client + +[48-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[48-resumption-client] +CipherString = DEFAULT MaxProtocol = TLSv1.2 MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[35-resumption-resume-client] +[48-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-48] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[49-resumption] +ssl_conf = 49-resumption-ssl + +[49-resumption-ssl] +server = 49-resumption-server +client = 49-resumption-client +resume-server = 49-resumption-server +resume-client = 49-resumption-resume-client + +[49-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[49-resumption-client] CipherString = DEFAULT MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer -[test-35] +[49-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-49] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[50-resumption] +ssl_conf = 50-resumption-ssl + +[50-resumption-ssl] +server = 50-resumption-server +client = 50-resumption-client +resume-server = 50-resumption-server +resume-client = 50-resumption-resume-client + +[50-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[50-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[50-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-50] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[51-resumption] +ssl_conf = 51-resumption-ssl + +[51-resumption-ssl] +server = 51-resumption-server +client = 51-resumption-client +resume-server = 51-resumption-server +resume-client = 51-resumption-resume-client + +[51-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[51-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[51-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-51] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[52-resumption] +ssl_conf = 52-resumption-ssl + +[52-resumption-ssl] +server = 52-resumption-server +client = 52-resumption-client +resume-server = 52-resumption-server +resume-client = 52-resumption-resume-client + +[52-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[52-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[52-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-52] ExpectedProtocol = TLSv1.2 HandshakeMode = Resume ResumptionExpected = Yes +# =========================================================== + +[53-resumption] +ssl_conf = 53-resumption-ssl + +[53-resumption-ssl] +server = 53-resumption-server +client = 53-resumption-client +resume-server = 53-resumption-server +resume-client = 53-resumption-resume-client + +[53-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[53-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[53-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-53] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[54-resumption] +ssl_conf = 54-resumption-ssl + +[54-resumption-ssl] +server = 54-resumption-server +client = 54-resumption-client +resume-server = 54-resumption-server +resume-client = 54-resumption-resume-client + +[54-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[54-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[54-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-54] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[55-resumption] +ssl_conf = 55-resumption-ssl + +[55-resumption-ssl] +server = 55-resumption-server +client = 55-resumption-client +resume-server = 55-resumption-server +resume-client = 55-resumption-resume-client + +[55-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[55-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[55-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-55] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[56-resumption] +ssl_conf = 56-resumption-ssl + +[56-resumption-ssl] +server = 56-resumption-server +client = 56-resumption-client +resume-server = 56-resumption-server +resume-client = 56-resumption-resume-client + +[56-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[56-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[56-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-56] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[57-resumption] +ssl_conf = 57-resumption-ssl + +[57-resumption-ssl] +server = 57-resumption-server +client = 57-resumption-client +resume-server = 57-resumption-server +resume-client = 57-resumption-resume-client + +[57-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[57-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[57-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-57] +ExpectedProtocol = TLSv1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[58-resumption] +ssl_conf = 58-resumption-ssl + +[58-resumption-ssl] +server = 58-resumption-server +client = 58-resumption-client +resume-server = 58-resumption-server +resume-client = 58-resumption-resume-client + +[58-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[58-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[58-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-58] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[59-resumption] +ssl_conf = 59-resumption-ssl + +[59-resumption-ssl] +server = 59-resumption-server +client = 59-resumption-client +resume-server = 59-resumption-server +resume-client = 59-resumption-resume-client + +[59-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[59-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[59-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-59] +ExpectedProtocol = TLSv1.1 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[60-resumption] +ssl_conf = 60-resumption-ssl + +[60-resumption-ssl] +server = 60-resumption-server +client = 60-resumption-client +resume-server = 60-resumption-server +resume-client = 60-resumption-resume-client + +[60-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[60-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[60-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-60] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[61-resumption] +ssl_conf = 61-resumption-ssl + +[61-resumption-ssl] +server = 61-resumption-server +client = 61-resumption-client +resume-server = 61-resumption-server +resume-client = 61-resumption-resume-client + +[61-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[61-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[61-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-61] +ExpectedProtocol = TLSv1.2 +HandshakeMode = Resume +ResumptionExpected = No + + +# =========================================================== + +[62-resumption] +ssl_conf = 62-resumption-ssl + +[62-resumption-ssl] +server = 62-resumption-server +client = 62-resumption-client +resume-server = 62-resumption-server +resume-client = 62-resumption-resume-client + +[62-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[62-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[62-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-62] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[63-resumption] +ssl_conf = 63-resumption-ssl + +[63-resumption-ssl] +server = 63-resumption-server +client = 63-resumption-client +resume-server = 63-resumption-server +resume-client = 63-resumption-resume-client + +[63-resumption-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = -SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[63-resumption-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[63-resumption-resume-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-63] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +ResumptionExpected = Yes + + +# =========================================================== + +[64-resumption-with-hrr] +ssl_conf = 64-resumption-with-hrr-ssl + +[64-resumption-with-hrr-ssl] +server = 64-resumption-with-hrr-server +client = 64-resumption-with-hrr-client +resume-server = 64-resumption-with-hrr-server +resume-client = 64-resumption-with-hrr-resume-client + +[64-resumption-with-hrr-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = P-256 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[64-resumption-with-hrr-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[64-resumption-with-hrr-resume-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-64] +ExpectedProtocol = TLSv1.3 +HandshakeMode = Resume +Method = TLS +ResumptionExpected = Yes + + diff --git a/deps/openssl/openssl/test/ssl-tests/11-dtls_resumption.conf b/deps/openssl/openssl/test/ssl-tests/11-dtls_resumption.conf index ceed959744..a981fa51df 100644 --- a/deps/openssl/openssl/test/ssl-tests/11-dtls_resumption.conf +++ b/deps/openssl/openssl/test/ssl-tests/11-dtls_resumption.conf @@ -41,6 +41,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-resumption-client] @@ -78,6 +79,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-resumption-client] @@ -115,6 +117,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1.2 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-resumption-client] @@ -152,6 +155,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1.2 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-resumption-client] @@ -189,6 +193,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-resumption-client] @@ -226,6 +231,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-resumption-client] @@ -263,6 +269,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1.2 +Options = SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-resumption-client] @@ -300,6 +307,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT MaxProtocol = DTLSv1.2 +Options = -SessionTicket PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-resumption-client] diff --git a/deps/openssl/openssl/test/ssl-tests/12-ct.conf.in b/deps/openssl/openssl/test/ssl-tests/12-ct.conf.in index d412dfd058..7c0304995f 100644 --- a/deps/openssl/openssl/test/ssl-tests/12-ct.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/12-ct.conf.in @@ -7,7 +7,7 @@ # https://www.openssl.org/source/license.html -## Test CT support +## Test version negotiation use strict; use warnings; diff --git a/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf b/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf index 4c1e9e2b33..649387c7b7 100644 --- a/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf +++ b/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf @@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 16 +num_tests = 22 test-0 = 0-one-fragment-minus-app-data test-1 = 1-one-fragment-app-data @@ -18,6 +18,12 @@ test-12 = 12-large-app-data-aes-sha1-multibuffer-odd-fragment test-13 = 13-large-app-data-aes-sha2-multibuffer-odd-fragment test-14 = 14-small-app-data-aes-sha1-multibuffer test-15 = 15-small-app-data-aes-sha2-multibuffer +test-16 = 16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled +test-17 = 17-Maximum Fragment Len extension equal FragmentSize to 2048 +test-18 = 18-Maximum Fragment Len extension 512 lower than FragmentSize 1024 +test-19 = 19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024 +test-20 = 20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048 +test-21 = 21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024 # =========================================================== [0-one-fragment-minus-app-data] @@ -267,6 +273,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-large-app-data-aes-sha1-multibuffer-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -291,6 +298,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-large-app-data-aes-sha2-multibuffer-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -315,6 +323,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-large-app-data-aes-sha1-multibuffer-odd-fragment-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -339,6 +348,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-large-app-data-aes-sha2-multibuffer-odd-fragment-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -363,6 +373,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-small-app-data-aes-sha1-multibuffer-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -387,6 +398,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-small-app-data-aes-sha2-multibuffer-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -395,3 +407,171 @@ ApplicationData = 4096 MaxFragmentSize = 4096 +# =========================================================== + +[16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled] +ssl_conf = 16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-ssl + +[16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-ssl] +server = 16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-server +client = 16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-client + +[16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-16] +ApplicationData = 3072 +MaxFragmentSize = 16384 +client = 16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-client-extra + +[16-Maximum Fragment Len extension set to 1024 w. FragmentSize disabled-client-extra] +MaxFragmentLenExt = 1024 + + +# =========================================================== + +[17-Maximum Fragment Len extension equal FragmentSize to 2048] +ssl_conf = 17-Maximum Fragment Len extension equal FragmentSize to 2048-ssl + +[17-Maximum Fragment Len extension equal FragmentSize to 2048-ssl] +server = 17-Maximum Fragment Len extension equal FragmentSize to 2048-server +client = 17-Maximum Fragment Len extension equal FragmentSize to 2048-client + +[17-Maximum Fragment Len extension equal FragmentSize to 2048-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[17-Maximum Fragment Len extension equal FragmentSize to 2048-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-17] +ApplicationData = 3072 +MaxFragmentSize = 2048 +client = 17-Maximum Fragment Len extension equal FragmentSize to 2048-client-extra + +[17-Maximum Fragment Len extension equal FragmentSize to 2048-client-extra] +MaxFragmentLenExt = 2048 + + +# =========================================================== + +[18-Maximum Fragment Len extension 512 lower than FragmentSize 1024] +ssl_conf = 18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-ssl + +[18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-ssl] +server = 18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-server +client = 18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-client + +[18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-18] +ApplicationData = 3072 +MaxFragmentSize = 1024 +client = 18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-client-extra + +[18-Maximum Fragment Len extension 512 lower than FragmentSize 1024-client-extra] +MaxFragmentLenExt = 512 + + +# =========================================================== + +[19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024] +ssl_conf = 19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-ssl + +[19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-ssl] +server = 19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-server +client = 19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-client + +[19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-19] +ApplicationData = 3072 +MaxFragmentSize = 1024 +client = 19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-client-extra + +[19-Maximum Fragment Len extension 1024 lower than FragmentSize 1024-client-extra] +MaxFragmentLenExt = 2048 + + +# =========================================================== + +[20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048] +ssl_conf = 20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-ssl + +[20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-ssl] +server = 20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-server +client = 20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-client + +[20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-20] +ApplicationData = 8196 +MaxFragmentSize = 2048 +client = 20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-client-extra + +[20-Maximum Fragment Len extension 4096 greater than FragmentSize 2048-client-extra] +MaxFragmentLenExt = 4096 + + +# =========================================================== + +[21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024] +ssl_conf = 21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-ssl + +[21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-ssl] +server = 21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-server +client = 21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-client + +[21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-21] +ApplicationData = 3072 +MaxFragmentSize = 1024 +client = 21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-client-extra + +[21-Maximum Fragment Len extension 2048 greater than FragmentSize 1024-client-extra] +MaxFragmentLenExt = 2048 + + diff --git a/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf.in b/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf.in index 6c2501b8b0..7c80c431c3 100644 --- a/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/13-fragmentation.conf.in @@ -1,5 +1,5 @@ # -*- mode: perl; -*- -# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -104,7 +104,7 @@ our @tests = ( # When the buffer / fragment size ratio is sufficiently large, # multi-buffer code kicks in on some platforms for AES-SHA. The # exact minimum ratio depends on the platform, and is usually - # around 4. Since the the test buffer is 64kB, a 4kB fragment is + # around 4. Since the test buffer is 64kB, a 4kB fragment is # easily sufficient. # # (We run this test on all platforms though it's only true multibuffer @@ -114,6 +114,7 @@ our @tests = ( server => { }, client => { CipherString => "AES128-SHA", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024, @@ -125,6 +126,7 @@ our @tests = ( server => { }, client => { CipherString => "AES128-SHA256", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024, @@ -136,6 +138,7 @@ our @tests = ( server => { }, client => { CipherString => "AES128-SHA", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024 + 3, @@ -147,6 +150,7 @@ our @tests = ( server => { }, client => { CipherString => "AES128-SHA256", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 1024 * 1024 - 3, @@ -161,6 +165,7 @@ our @tests = ( server => { }, client => { CipherString => "AES128-SHA", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 4 * 1024, @@ -172,10 +177,92 @@ our @tests = ( server => { }, client => { CipherString => "AES128-SHA256", + MaxProtocol => "TLSv1.2" }, test => { ApplicationData => 4 * 1024, MaxFragmentSize => 4 * 1024, } }, + ############################################ + # Default (Max) Fragment Size is 512. + # Default Application data size is 256. + { + name => "Maximum Fragment Len extension set to 1024 w. FragmentSize disabled", + server => { }, + client => { + extra => { + MaxFragmentLenExt => 1024, + }, + }, + test => { + ApplicationData => 3072, + MaxFragmentSize => 16384, + } + }, + { + name => "Maximum Fragment Len extension equal FragmentSize to 2048", + server => { }, + client => { + extra => { + MaxFragmentLenExt => 2048, + }, + }, + test => { + ApplicationData => 3072, + MaxFragmentSize => 2048, + } + }, + { + name => "Maximum Fragment Len extension 512 lower than FragmentSize 1024", + server => { }, + client => { + extra => { + MaxFragmentLenExt => 512, + }, + }, + test => { + ApplicationData => 3072, + MaxFragmentSize => 1024, + } + }, + { + name => "Maximum Fragment Len extension 1024 lower than FragmentSize 1024", + server => { }, + client => { + extra => { + MaxFragmentLenExt => 2048, + }, + }, + test => { + ApplicationData => 3072, + MaxFragmentSize => 1024, + } + }, + { + name => "Maximum Fragment Len extension 4096 greater than FragmentSize 2048", + server => { }, + client => { + extra => { + MaxFragmentLenExt => 4096, + }, + }, + test => { + ApplicationData => 8196, + MaxFragmentSize => 2048, + } + }, + { + name => "Maximum Fragment Len extension 2048 greater than FragmentSize 1024", + server => { }, + client => { + extra => { + MaxFragmentLenExt => 2048, + }, + }, + test => { + ApplicationData => 3072, + MaxFragmentSize => 1024, + } + }, ); diff --git a/deps/openssl/openssl/test/ssl-tests/14-curves.conf b/deps/openssl/openssl/test/ssl-tests/14-curves.conf index 7f7ac4ba8d..f76f08fd7d 100644 --- a/deps/openssl/openssl/test/ssl-tests/14-curves.conf +++ b/deps/openssl/openssl/test/ssl-tests/14-curves.conf @@ -1,6 +1,6 @@ # Generated with generate_ssl_tests.pl -num_tests = 29 +num_tests = 30 test-0 = 0-curve-sect163k1 test-1 = 1-curve-sect163r1 @@ -31,6 +31,7 @@ test-25 = 25-curve-brainpoolP256r1 test-26 = 26-curve-brainpoolP384r1 test-27 = 27-curve-brainpoolP512r1 test-28 = 28-curve-X25519 +test-29 = 29-curve-X448 # =========================================================== [0-curve-sect163k1] @@ -44,11 +45,13 @@ client = 0-curve-sect163k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect163k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-curve-sect163k1-client] CipherString = ECDHE Curves = sect163k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -70,11 +73,13 @@ client = 1-curve-sect163r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect163r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-curve-sect163r1-client] CipherString = ECDHE Curves = sect163r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -96,11 +101,13 @@ client = 2-curve-sect163r2-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect163r2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-curve-sect163r2-client] CipherString = ECDHE Curves = sect163r2 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -122,11 +129,13 @@ client = 3-curve-sect193r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect193r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-curve-sect193r1-client] CipherString = ECDHE Curves = sect193r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -148,11 +157,13 @@ client = 4-curve-sect193r2-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect193r2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-curve-sect193r2-client] CipherString = ECDHE Curves = sect193r2 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -174,11 +185,13 @@ client = 5-curve-sect233k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect233k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-curve-sect233k1-client] CipherString = ECDHE Curves = sect233k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -200,11 +213,13 @@ client = 6-curve-sect233r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect233r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-curve-sect233r1-client] CipherString = ECDHE Curves = sect233r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -226,11 +241,13 @@ client = 7-curve-sect239k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect239k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-curve-sect239k1-client] CipherString = ECDHE Curves = sect239k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -252,11 +269,13 @@ client = 8-curve-sect283k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect283k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-curve-sect283k1-client] CipherString = ECDHE Curves = sect283k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -278,11 +297,13 @@ client = 9-curve-sect283r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect283r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-curve-sect283r1-client] CipherString = ECDHE Curves = sect283r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -304,11 +325,13 @@ client = 10-curve-sect409k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect409k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [10-curve-sect409k1-client] CipherString = ECDHE Curves = sect409k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -330,11 +353,13 @@ client = 11-curve-sect409r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect409r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [11-curve-sect409r1-client] CipherString = ECDHE Curves = sect409r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -356,11 +381,13 @@ client = 12-curve-sect571k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect571k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [12-curve-sect571k1-client] CipherString = ECDHE Curves = sect571k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -382,11 +409,13 @@ client = 13-curve-sect571r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = sect571r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [13-curve-sect571r1-client] CipherString = ECDHE Curves = sect571r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -408,11 +437,13 @@ client = 14-curve-secp160k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp160k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [14-curve-secp160k1-client] CipherString = ECDHE Curves = secp160k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -434,11 +465,13 @@ client = 15-curve-secp160r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp160r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [15-curve-secp160r1-client] CipherString = ECDHE Curves = secp160r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -460,11 +493,13 @@ client = 16-curve-secp160r2-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp160r2 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [16-curve-secp160r2-client] CipherString = ECDHE Curves = secp160r2 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -486,11 +521,13 @@ client = 17-curve-secp192k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp192k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [17-curve-secp192k1-client] CipherString = ECDHE Curves = secp192k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -512,11 +549,13 @@ client = 18-curve-prime192v1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = prime192v1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [18-curve-prime192v1-client] CipherString = ECDHE Curves = prime192v1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -538,11 +577,13 @@ client = 19-curve-secp224k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp224k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [19-curve-secp224k1-client] CipherString = ECDHE Curves = secp224k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -564,11 +605,13 @@ client = 20-curve-secp224r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp224r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [20-curve-secp224r1-client] CipherString = ECDHE Curves = secp224r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -590,11 +633,13 @@ client = 21-curve-secp256k1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp256k1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [21-curve-secp256k1-client] CipherString = ECDHE Curves = secp256k1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -616,11 +661,13 @@ client = 22-curve-prime256v1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = prime256v1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [22-curve-prime256v1-client] CipherString = ECDHE Curves = prime256v1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -642,11 +689,13 @@ client = 23-curve-secp384r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp384r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [23-curve-secp384r1-client] CipherString = ECDHE Curves = secp384r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -668,11 +717,13 @@ client = 24-curve-secp521r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = secp521r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [24-curve-secp521r1-client] CipherString = ECDHE Curves = secp521r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -694,11 +745,13 @@ client = 25-curve-brainpoolP256r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = brainpoolP256r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [25-curve-brainpoolP256r1-client] CipherString = ECDHE Curves = brainpoolP256r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -720,11 +773,13 @@ client = 26-curve-brainpoolP384r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = brainpoolP384r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [26-curve-brainpoolP384r1-client] CipherString = ECDHE Curves = brainpoolP384r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -746,11 +801,13 @@ client = 27-curve-brainpoolP512r1-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = brainpoolP512r1 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [27-curve-brainpoolP512r1-client] CipherString = ECDHE Curves = brainpoolP512r1 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -772,11 +829,13 @@ client = 28-curve-X25519-client Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT Curves = X25519 +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [28-curve-X25519-client] CipherString = ECDHE Curves = X25519 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -785,3 +844,31 @@ ExpectedResult = Success ExpectedTmpKeyType = X25519 +# =========================================================== + +[29-curve-X448] +ssl_conf = 29-curve-X448-ssl + +[29-curve-X448-ssl] +server = 29-curve-X448-server +client = 29-curve-X448-client + +[29-curve-X448-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Curves = X448 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[29-curve-X448-client] +CipherString = ECDHE +Curves = X448 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-29] +ExpectedResult = Success +ExpectedTmpKeyType = X448 + + diff --git a/deps/openssl/openssl/test/ssl-tests/14-curves.conf.in b/deps/openssl/openssl/test/ssl-tests/14-curves.conf.in index 0b7c09cc3f..2f8077c44a 100644 --- a/deps/openssl/openssl/test/ssl-tests/14-curves.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/14-curves.conf.in @@ -17,7 +17,7 @@ my @curves = ("sect163k1", "sect163r1", "sect163r2", "sect193r1", "secp160r2", "secp192k1", "prime192v1", "secp224k1", "secp224r1", "secp256k1", "prime256v1", "secp384r1", "secp521r1", "brainpoolP256r1", "brainpoolP384r1", - "brainpoolP512r1", "X25519"); + "brainpoolP512r1", "X25519", "X448"); our @tests = (); @@ -25,12 +25,15 @@ sub generate_tests() { foreach (0..$#curves) { my $curve = $curves[$_]; push @tests, { - name => "curve-${curve}", + name => "curve-${curve}", server => { - "Curves" => $curve + "Curves" => $curve, + # TODO(TLS1.3): Can we get this to work for TLSv1.3? + "MaxProtocol" => "TLSv1.2" }, client => { - "CipherString" => "ECDHE", + "CipherString" => "ECDHE", + "MaxProtocol" => "TLSv1.2", "Curves" => $curve }, test => { diff --git a/deps/openssl/openssl/test/ssl-tests/16-dtls-certstatus.conf.in b/deps/openssl/openssl/test/ssl-tests/16-dtls-certstatus.conf.in index 7280029e65..2d1766d5e3 100644 --- a/deps/openssl/openssl/test/ssl-tests/16-dtls-certstatus.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/16-dtls-certstatus.conf.in @@ -13,7 +13,7 @@ use strict; use warnings; package ssltests; - +use OpenSSL::Test::Utils; our @tests = ( { @@ -41,5 +41,38 @@ our @tests = ( "Method" => "DTLS", "ExpectedResult" => "ClientFail" } + } +); + +our @tests_sctp = ( + { + name => "certstatus-good", + server => { + extra => { + "CertStatus" => "GoodResponse", + }, + }, + client => {}, + test => { + "Method" => "DTLS", + "UseSCTP" => "Yes", + "ExpectedResult" => "Success" + } + }, + { + name => "certstatus-bad", + server => { + extra => { + "CertStatus" => "BadResponse", + }, + }, + client => {}, + test => { + "Method" => "DTLS", + "UseSCTP" => "Yes", + "ExpectedResult" => "ClientFail" + } }, ); + +push @tests, @tests_sctp unless disabled("sctp") || disabled("sock"); diff --git a/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf b/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf index 48f569fad6..12cf791310 100644 --- a/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf +++ b/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf @@ -28,6 +28,7 @@ client = 0-renegotiate-client-no-resume-client [0-renegotiate-client-no-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -55,6 +56,7 @@ client = 1-renegotiate-client-resume-client [1-renegotiate-client-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-renegotiate-client-resume-client] @@ -81,6 +83,7 @@ client = 2-renegotiate-server-no-resume-client [2-renegotiate-server-no-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem @@ -108,6 +111,7 @@ client = 3-renegotiate-server-resume-client [3-renegotiate-server-resume-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT +MaxProtocol = TLSv1.2 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-renegotiate-server-resume-client] @@ -198,12 +202,12 @@ client = 6-renegotiate-aead-to-non-aead-client [6-renegotiate-aead-to-non-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [6-renegotiate-aead-to-non-aead-client] CipherString = AES128-GCM-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -230,12 +234,12 @@ client = 7-renegotiate-non-aead-to-aead-client [7-renegotiate-non-aead-to-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [7-renegotiate-non-aead-to-aead-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -262,12 +266,12 @@ client = 8-renegotiate-non-aead-to-non-aead-client [8-renegotiate-non-aead-to-non-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [8-renegotiate-non-aead-to-non-aead-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -294,12 +298,12 @@ client = 9-renegotiate-aead-to-aead-client [9-renegotiate-aead-to-aead-server] Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem CipherString = DEFAULT -MaxProtocol = TLSv1.2 Options = NoResumptionOnRenegotiation PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [9-renegotiate-aead-to-aead-client] CipherString = AES128-GCM-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf.in b/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf.in index bd656d02fd..35175dce51 100644 --- a/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/17-renegotiate.conf.in @@ -1,5 +1,5 @@ # -*- mode: perl; -*- -# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -19,7 +19,8 @@ our @tests = ( { name => "renegotiate-client-no-resume", server => { - "Options" => "NoResumptionOnRenegotiation" + "Options" => "NoResumptionOnRenegotiation", + "MaxProtocol" => "TLSv1.2" }, client => {}, test => { @@ -31,7 +32,9 @@ our @tests = ( }, { name => "renegotiate-client-resume", - server => {}, + server => { + "MaxProtocol" => "TLSv1.2" + }, client => {}, test => { "Method" => "TLS", @@ -43,7 +46,8 @@ our @tests = ( { name => "renegotiate-server-no-resume", server => { - "Options" => "NoResumptionOnRenegotiation" + "Options" => "NoResumptionOnRenegotiation", + "MaxProtocol" => "TLSv1.2" }, client => {}, test => { @@ -55,7 +59,9 @@ our @tests = ( }, { name => "renegotiate-server-resume", - server => {}, + server => { + "MaxProtocol" => "TLSv1.2" + }, client => {}, test => { "Method" => "TLS", @@ -108,10 +114,10 @@ our @tests_tls1_2 = ( name => "renegotiate-aead-to-non-aead", server => { "Options" => "NoResumptionOnRenegotiation", - "MaxProtocol" => "TLSv1.2" }, client => { "CipherString" => "AES128-GCM-SHA256", + "MaxProtocol" => "TLSv1.2", extra => { "RenegotiateCiphers" => "AES128-SHA" } @@ -127,10 +133,10 @@ our @tests_tls1_2 = ( name => "renegotiate-non-aead-to-aead", server => { "Options" => "NoResumptionOnRenegotiation", - "MaxProtocol" => "TLSv1.2" }, client => { "CipherString" => "AES128-SHA", + "MaxProtocol" => "TLSv1.2", extra => { "RenegotiateCiphers" => "AES128-GCM-SHA256" } @@ -146,10 +152,10 @@ our @tests_tls1_2 = ( name => "renegotiate-non-aead-to-non-aead", server => { "Options" => "NoResumptionOnRenegotiation", - "MaxProtocol" => "TLSv1.2" }, client => { "CipherString" => "AES128-SHA", + "MaxProtocol" => "TLSv1.2", extra => { "RenegotiateCiphers" => "AES256-SHA" } @@ -165,10 +171,10 @@ our @tests_tls1_2 = ( name => "renegotiate-aead-to-aead", server => { "Options" => "NoResumptionOnRenegotiation", - "MaxProtocol" => "TLSv1.2" }, client => { "CipherString" => "AES128-GCM-SHA256", + "MaxProtocol" => "TLSv1.2", extra => { "RenegotiateCiphers" => "AES256-GCM-SHA384" } diff --git a/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf b/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf index 3d8ebd74c4..9204dd2c5d 100644 --- a/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf +++ b/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf @@ -36,6 +36,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateClient Method = DTLS ResumptionExpected = No +UseSCTP = No # =========================================================== @@ -62,6 +63,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateClient Method = DTLS ResumptionExpected = Yes +UseSCTP = No # =========================================================== @@ -88,6 +90,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateServer Method = DTLS ResumptionExpected = No +UseSCTP = No # =========================================================== @@ -118,6 +121,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateServer Method = DTLS ResumptionExpected = No +UseSCTP = No # =========================================================== @@ -148,6 +152,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateServer Method = DTLS ResumptionExpected = No +UseSCTP = No # =========================================================== @@ -175,6 +180,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateClient Method = DTLS ResumptionExpected = No +UseSCTP = No client = 5-renegotiate-aead-to-non-aead-client-extra [5-renegotiate-aead-to-non-aead-client-extra] @@ -206,6 +212,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateClient Method = DTLS ResumptionExpected = No +UseSCTP = No client = 6-renegotiate-non-aead-to-aead-client-extra [6-renegotiate-non-aead-to-aead-client-extra] @@ -237,6 +244,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateClient Method = DTLS ResumptionExpected = No +UseSCTP = No client = 7-renegotiate-non-aead-to-non-aead-client-extra [7-renegotiate-non-aead-to-non-aead-client-extra] @@ -268,6 +276,7 @@ ExpectedResult = Success HandshakeMode = RenegotiateClient Method = DTLS ResumptionExpected = No +UseSCTP = No client = 8-renegotiate-aead-to-aead-client-extra [8-renegotiate-aead-to-aead-client-extra] diff --git a/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf.in b/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf.in index 7a65a85618..467d6f26c9 100644 --- a/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/18-dtls-renegotiate.conf.in @@ -15,160 +15,178 @@ use warnings; package ssltests; use OpenSSL::Test::Utils; -our @tests = ( - { - name => "renegotiate-client-no-resume", - server => { - "Options" => "NoResumptionOnRenegotiation" - }, - client => {}, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateClient", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - }, - { - name => "renegotiate-client-resume", - server => {}, - client => {}, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateClient", - "ResumptionExpected" => "Yes", - "ExpectedResult" => "Success" - } - }, -# Note: Unlike the TLS tests, we will never do resumption with server -# initiated reneg. This is because an OpenSSL DTLS client will always do a full -# handshake (i.e. it doesn't supply a session id) when it receives a -# HelloRequest. This is different to the OpenSSL TLS implementation where an -# OpenSSL client will always try an abbreviated handshake (i.e. it will supply -# the session id). This goes all the way to commit 48ae85b6f when abbreviated -# handshake support was first added. Neither behaviour is wrong, but the -# discrepancy is strange. TODO: Should we harmonise the TLS and DTLS behaviour, -# and if so, what to? - { - name => "renegotiate-server-resume", - server => {}, - client => {}, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateServer", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - }, - { - name => "renegotiate-client-auth-require", - server => { - "VerifyCAFile" => test_pem("root-cert.pem"), - "VerifyMode" => "Require", - }, - client => { - "Certificate" => test_pem("ee-client-chain.pem"), - "PrivateKey" => test_pem("ee-key.pem"), - }, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateServer", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - }, - { - name => "renegotiate-client-auth-once", - server => { - "VerifyCAFile" => test_pem("root-cert.pem"), - "VerifyMode" => "Once", - }, - client => { - "Certificate" => test_pem("ee-client-chain.pem"), - "PrivateKey" => test_pem("ee-key.pem"), - }, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateServer", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - } -); -our @tests_dtls1_2 = ( - { - name => "renegotiate-aead-to-non-aead", - server => { - "Options" => "NoResumptionOnRenegotiation" +our @tests = (); + +foreach my $sctp ("No", "Yes") +{ + next if disabled("sctp") && $sctp eq "Yes"; + + my $suffix = ($sctp eq "No") ? "" : "-sctp"; + our @tests_basic = ( + { + name => "renegotiate-client-no-resume".$suffix, + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => {}, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } }, - client => { - "CipherString" => "AES128-GCM-SHA256", - extra => { - "RenegotiateCiphers" => "AES128-SHA" + { + name => "renegotiate-client-resume".$suffix, + server => {}, + client => {}, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "Yes", + "ExpectedResult" => "Success" } }, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateClient", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - }, - { - name => "renegotiate-non-aead-to-aead", - server => { - "Options" => "NoResumptionOnRenegotiation" + # Note: Unlike the TLS tests, we will never do resumption with server + # initiated reneg. This is because an OpenSSL DTLS client will always do a full + # handshake (i.e. it doesn't supply a session id) when it receives a + # HelloRequest. This is different to the OpenSSL TLS implementation where an + # OpenSSL client will always try an abbreviated handshake (i.e. it will supply + # the session id). This goes all the way to commit 48ae85b6f when abbreviated + # handshake support was first added. Neither behaviour is wrong, but the + # discrepancy is strange. TODO: Should we harmonise the TLS and DTLS behaviour, + # and if so, what to? + { + name => "renegotiate-server-resume".$suffix, + server => {}, + client => {}, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateServer", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } }, - client => { - "CipherString" => "AES128-SHA", - extra => { - "RenegotiateCiphers" => "AES128-GCM-SHA256" + { + name => "renegotiate-client-auth-require".$suffix, + server => { + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require", + }, + client => { + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateServer", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" } }, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateClient", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" + { + name => "renegotiate-client-auth-once".$suffix, + server => { + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Once", + }, + client => { + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateServer", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } } - }, - { - name => "renegotiate-non-aead-to-non-aead", - server => { - "Options" => "NoResumptionOnRenegotiation" + ); + push @tests, @tests_basic; + + next if disabled("dtls1_2"); + our @tests_dtls1_2 = ( + { + name => "renegotiate-aead-to-non-aead".$suffix, + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => { + "CipherString" => "AES128-GCM-SHA256", + extra => { + "RenegotiateCiphers" => "AES128-SHA" + } + }, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } }, - client => { - "CipherString" => "AES128-SHA", - extra => { - "RenegotiateCiphers" => "AES256-SHA" + { + name => "renegotiate-non-aead-to-aead".$suffix, + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => { + "CipherString" => "AES128-SHA", + extra => { + "RenegotiateCiphers" => "AES128-GCM-SHA256" + } + }, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" } }, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateClient", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - }, - { - name => "renegotiate-aead-to-aead", - server => { - "Options" => "NoResumptionOnRenegotiation" + { + name => "renegotiate-non-aead-to-non-aead".$suffix, + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => { + "CipherString" => "AES128-SHA", + extra => { + "RenegotiateCiphers" => "AES256-SHA" + } + }, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } }, - client => { - "CipherString" => "AES128-GCM-SHA256", - extra => { - "RenegotiateCiphers" => "AES256-GCM-SHA384" + { + name => "renegotiate-aead-to-aead".$suffix, + server => { + "Options" => "NoResumptionOnRenegotiation" + }, + client => { + "CipherString" => "AES128-GCM-SHA256", + extra => { + "RenegotiateCiphers" => "AES256-GCM-SHA384" + } + }, + test => { + "Method" => "DTLS", + "UseSCTP" => $sctp, + "HandshakeMode" => "RenegotiateClient", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" } }, - test => { - "Method" => "DTLS", - "HandshakeMode" => "RenegotiateClient", - "ResumptionExpected" => "No", - "ExpectedResult" => "Success" - } - }, -); - - -push @tests, @tests_dtls1_2 unless disabled("dtls1_2"); + ); + push @tests, @tests_dtls1_2; +} diff --git a/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf b/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf index 40480edbf8..0dd384ea6c 100644 --- a/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf +++ b/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf @@ -25,6 +25,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [0-disable-encrypt-then-mac-server-sha-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -48,6 +49,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [1-disable-encrypt-then-mac-client-sha-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 Options = -EncryptThenMac VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -73,6 +75,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [2-disable-encrypt-then-mac-both-sha-client] CipherString = AES128-SHA +MaxProtocol = TLSv1.2 Options = -EncryptThenMac VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -98,6 +101,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [3-disable-encrypt-then-mac-server-sha2-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -121,6 +125,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [4-disable-encrypt-then-mac-client-sha2-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 Options = -EncryptThenMac VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer @@ -146,6 +151,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem [5-disable-encrypt-then-mac-both-sha2-client] CipherString = AES128-SHA256 +MaxProtocol = TLSv1.2 Options = -EncryptThenMac VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem VerifyMode = Peer diff --git a/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf.in b/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf.in index 01afe251a7..dfe529c9cd 100644 --- a/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf.in +++ b/deps/openssl/openssl/test/ssl-tests/19-mac-then-encrypt.conf.in @@ -11,6 +11,8 @@ package ssltests; +use OpenSSL::Test::Utils; + our @tests = ( { name => "disable-encrypt-then-mac-server-sha", @@ -19,6 +21,7 @@ our @tests = ( }, client => { "CipherString" => "AES128-SHA", + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedResult" => "Success", @@ -31,6 +34,7 @@ our @tests = ( client => { "CipherString" => "AES128-SHA", "Options" => "-EncryptThenMac", + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedResult" => "Success", @@ -44,11 +48,15 @@ our @tests = ( client => { "CipherString" => "AES128-SHA", "Options" => "-EncryptThenMac", + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedResult" => "Success", }, }, +); + +my @tests_tls1_2 = ( { name => "disable-encrypt-then-mac-server-sha2", server => { @@ -56,6 +64,7 @@ our @tests = ( }, client => { "CipherString" => "AES128-SHA256", + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedResult" => "Success", @@ -68,6 +77,7 @@ our @tests = ( client => { "CipherString" => "AES128-SHA256", "Options" => "-EncryptThenMac", + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedResult" => "Success", @@ -81,9 +91,12 @@ our @tests = ( client => { "CipherString" => "AES128-SHA256", "Options" => "-EncryptThenMac", + "MaxProtocol" => "TLSv1.2" }, test => { "ExpectedResult" => "Success", }, }, ); + +push @tests, @tests_tls1_2 unless disabled("tls1_2"); diff --git a/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf new file mode 100644 index 0000000000..0bcd23d7f0 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf @@ -0,0 +1,1680 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 51 + +test-0 = 0-ECDSA CipherString Selection +test-1 = 1-ECDSA CipherString Selection +test-2 = 2-ECDSA CipherString Selection +test-3 = 3-Ed25519 CipherString and Signature Algorithm Selection +test-4 = 4-Ed448 CipherString and Signature Algorithm Selection +test-5 = 5-ECDSA with brainpool +test-6 = 6-RSA CipherString Selection +test-7 = 7-RSA-PSS Certificate CipherString Selection +test-8 = 8-P-256 CipherString and Signature Algorithm Selection +test-9 = 9-Ed25519 CipherString and Curves Selection +test-10 = 10-Ed448 CipherString and Curves Selection +test-11 = 11-ECDSA CipherString Selection, no ECDSA certificate +test-12 = 12-ECDSA Signature Algorithm Selection +test-13 = 13-ECDSA Signature Algorithm Selection SHA384 +test-14 = 14-ECDSA Signature Algorithm Selection SHA1 +test-15 = 15-ECDSA Signature Algorithm Selection compressed point +test-16 = 16-ECDSA Signature Algorithm Selection, no ECDSA certificate +test-17 = 17-RSA Signature Algorithm Selection +test-18 = 18-RSA-PSS Signature Algorithm Selection +test-19 = 19-RSA-PSS Certificate Legacy Signature Algorithm Selection +test-20 = 20-RSA-PSS Certificate Unified Signature Algorithm Selection +test-21 = 21-Only RSA-PSS Certificate +test-22 = 22-RSA-PSS Certificate, no PSS signature algorithms +test-23 = 23-RSA key exchange with all RSA certificate types +test-24 = 24-RSA key exchange with only RSA-PSS certificate +test-25 = 25-Suite B P-256 Hash Algorithm Selection +test-26 = 26-Suite B P-384 Hash Algorithm Selection +test-27 = 27-TLS 1.2 Ed25519 Client Auth +test-28 = 28-TLS 1.2 Ed448 Client Auth +test-29 = 29-Only RSA-PSS Certificate, TLS v1.1 +test-30 = 30-TLS 1.3 ECDSA Signature Algorithm Selection +test-31 = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point +test-32 = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1 +test-33 = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS +test-34 = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS +test-35 = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate +test-36 = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS +test-37 = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection +test-38 = 38-TLS 1.3 Ed25519 Signature Algorithm Selection +test-39 = 39-TLS 1.3 Ed448 Signature Algorithm Selection +test-40 = 40-TLS 1.3 Ed25519 CipherString and Groups Selection +test-41 = 41-TLS 1.3 Ed448 CipherString and Groups Selection +test-42 = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection +test-43 = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names +test-44 = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection +test-45 = 45-TLS 1.3 Ed25519 Client Auth +test-46 = 46-TLS 1.3 Ed448 Client Auth +test-47 = 47-TLS 1.3 ECDSA with brainpool +test-48 = 48-TLS 1.2 DSA Certificate Test +test-49 = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms +test-50 = 50-TLS 1.3 DSA Certificate Test +# =========================================================== + +[0-ECDSA CipherString Selection] +ssl_conf = 0-ECDSA CipherString Selection-ssl + +[0-ECDSA CipherString Selection-ssl] +server = 0-ECDSA CipherString Selection-server +client = 0-ECDSA CipherString Selection-client + +[0-ECDSA CipherString Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-ECDSA CipherString Selection-client] +CipherString = aECDSA +MaxProtocol = TLSv1.2 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = P-256 +ExpectedServerSignType = EC + + +# =========================================================== + +[1-ECDSA CipherString Selection] +ssl_conf = 1-ECDSA CipherString Selection-ssl + +[1-ECDSA CipherString Selection-ssl] +server = 1-ECDSA CipherString Selection-server +client = 1-ECDSA CipherString Selection-client + +[1-ECDSA CipherString Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Groups = P-384 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-ECDSA CipherString Selection-client] +CipherString = aECDSA +Groups = P-256:P-384 +MaxProtocol = TLSv1.2 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = P-256 +ExpectedServerSignType = EC + + +# =========================================================== + +[2-ECDSA CipherString Selection] +ssl_conf = 2-ECDSA CipherString Selection-ssl + +[2-ECDSA CipherString Selection-ssl] +server = 2-ECDSA CipherString Selection-server +client = 2-ECDSA CipherString Selection-client + +[2-ECDSA CipherString Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Groups = P-256:P-384 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-ECDSA CipherString Selection-client] +CipherString = aECDSA +Groups = P-384 +MaxProtocol = TLSv1.2 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = ServerFail + + +# =========================================================== + +[3-Ed25519 CipherString and Signature Algorithm Selection] +ssl_conf = 3-Ed25519 CipherString and Signature Algorithm Selection-ssl + +[3-Ed25519 CipherString and Signature Algorithm Selection-ssl] +server = 3-Ed25519 CipherString and Signature Algorithm Selection-server +client = 3-Ed25519 CipherString and Signature Algorithm Selection-client + +[3-Ed25519 CipherString and Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-Ed25519 CipherString and Signature Algorithm Selection-client] +CipherString = aECDSA +MaxProtocol = TLSv1.2 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +SignatureAlgorithms = ed25519:ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = Ed25519 +ExpectedServerSignType = Ed25519 + + +# =========================================================== + +[4-Ed448 CipherString and Signature Algorithm Selection] +ssl_conf = 4-Ed448 CipherString and Signature Algorithm Selection-ssl + +[4-Ed448 CipherString and Signature Algorithm Selection-ssl] +server = 4-Ed448 CipherString and Signature Algorithm Selection-server +client = 4-Ed448 CipherString and Signature Algorithm Selection-client + +[4-Ed448 CipherString and Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[4-Ed448 CipherString and Signature Algorithm Selection-client] +CipherString = aECDSA +MaxProtocol = TLSv1.2 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +SignatureAlgorithms = ed448:ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-4] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = Ed448 +ExpectedServerSignType = Ed448 + + +# =========================================================== + +[5-ECDSA with brainpool] +ssl_conf = 5-ECDSA with brainpool-ssl + +[5-ECDSA with brainpool-ssl] +server = 5-ECDSA with brainpool-server +client = 5-ECDSA with brainpool-client + +[5-ECDSA with brainpool-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem +CipherString = DEFAULT +Groups = brainpoolP256r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem + +[5-ECDSA with brainpool-client] +CipherString = aECDSA +Groups = brainpoolP256r1 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = brainpoolP256r1 +ExpectedServerSignType = EC + + +# =========================================================== + +[6-RSA CipherString Selection] +ssl_conf = 6-RSA CipherString Selection-ssl + +[6-RSA CipherString Selection-ssl] +server = 6-RSA CipherString Selection-server +client = 6-RSA CipherString Selection-client + +[6-RSA CipherString Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[6-RSA CipherString Selection-client] +CipherString = aRSA +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +ExpectedResult = Success +ExpectedServerCertType = RSA +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[7-RSA-PSS Certificate CipherString Selection] +ssl_conf = 7-RSA-PSS Certificate CipherString Selection-ssl + +[7-RSA-PSS Certificate CipherString Selection-ssl] +server = 7-RSA-PSS Certificate CipherString Selection-server +client = 7-RSA-PSS Certificate CipherString Selection-client + +[7-RSA-PSS Certificate CipherString Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[7-RSA-PSS Certificate CipherString Selection-client] +CipherString = aRSA +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +ExpectedResult = Success +ExpectedServerCertType = RSA-PSS +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[8-P-256 CipherString and Signature Algorithm Selection] +ssl_conf = 8-P-256 CipherString and Signature Algorithm Selection-ssl + +[8-P-256 CipherString and Signature Algorithm Selection-ssl] +server = 8-P-256 CipherString and Signature Algorithm Selection-server +client = 8-P-256 CipherString and Signature Algorithm Selection-client + +[8-P-256 CipherString and Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[8-P-256 CipherString and Signature Algorithm Selection-client] +CipherString = aECDSA +MaxProtocol = TLSv1.2 +SignatureAlgorithms = ECDSA+SHA256:ed25519 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[9-Ed25519 CipherString and Curves Selection] +ssl_conf = 9-Ed25519 CipherString and Curves Selection-ssl + +[9-Ed25519 CipherString and Curves Selection-ssl] +server = 9-Ed25519 CipherString and Curves Selection-server +client = 9-Ed25519 CipherString and Curves Selection-client + +[9-Ed25519 CipherString and Curves Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[9-Ed25519 CipherString and Curves Selection-client] +CipherString = aECDSA +Curves = X25519 +MaxProtocol = TLSv1.2 +SignatureAlgorithms = ECDSA+SHA256:ed25519 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-9] +ExpectedResult = Success +ExpectedServerCertType = Ed25519 +ExpectedServerSignType = Ed25519 + + +# =========================================================== + +[10-Ed448 CipherString and Curves Selection] +ssl_conf = 10-Ed448 CipherString and Curves Selection-ssl + +[10-Ed448 CipherString and Curves Selection-ssl] +server = 10-Ed448 CipherString and Curves Selection-server +client = 10-Ed448 CipherString and Curves Selection-client + +[10-Ed448 CipherString and Curves Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[10-Ed448 CipherString and Curves Selection-client] +CipherString = aECDSA +Curves = X448 +MaxProtocol = TLSv1.2 +SignatureAlgorithms = ECDSA+SHA256:ed448 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-10] +ExpectedResult = Success +ExpectedServerCertType = Ed448 +ExpectedServerSignType = Ed448 + + +# =========================================================== + +[11-ECDSA CipherString Selection, no ECDSA certificate] +ssl_conf = 11-ECDSA CipherString Selection, no ECDSA certificate-ssl + +[11-ECDSA CipherString Selection, no ECDSA certificate-ssl] +server = 11-ECDSA CipherString Selection, no ECDSA certificate-server +client = 11-ECDSA CipherString Selection, no ECDSA certificate-client + +[11-ECDSA CipherString Selection, no ECDSA certificate-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[11-ECDSA CipherString Selection, no ECDSA certificate-client] +CipherString = aECDSA +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-11] +ExpectedResult = ServerFail + + +# =========================================================== + +[12-ECDSA Signature Algorithm Selection] +ssl_conf = 12-ECDSA Signature Algorithm Selection-ssl + +[12-ECDSA Signature Algorithm Selection-ssl] +server = 12-ECDSA Signature Algorithm Selection-server +client = 12-ECDSA Signature Algorithm Selection-client + +[12-ECDSA Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[12-ECDSA Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-12] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[13-ECDSA Signature Algorithm Selection SHA384] +ssl_conf = 13-ECDSA Signature Algorithm Selection SHA384-ssl + +[13-ECDSA Signature Algorithm Selection SHA384-ssl] +server = 13-ECDSA Signature Algorithm Selection SHA384-server +client = 13-ECDSA Signature Algorithm Selection SHA384-client + +[13-ECDSA Signature Algorithm Selection SHA384-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[13-ECDSA Signature Algorithm Selection SHA384-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA384 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-13] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA384 +ExpectedServerSignType = EC + + +# =========================================================== + +[14-ECDSA Signature Algorithm Selection SHA1] +ssl_conf = 14-ECDSA Signature Algorithm Selection SHA1-ssl + +[14-ECDSA Signature Algorithm Selection SHA1-ssl] +server = 14-ECDSA Signature Algorithm Selection SHA1-server +client = 14-ECDSA Signature Algorithm Selection SHA1-client + +[14-ECDSA Signature Algorithm Selection SHA1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[14-ECDSA Signature Algorithm Selection SHA1-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-14] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA1 +ExpectedServerSignType = EC + + +# =========================================================== + +[15-ECDSA Signature Algorithm Selection compressed point] +ssl_conf = 15-ECDSA Signature Algorithm Selection compressed point-ssl + +[15-ECDSA Signature Algorithm Selection compressed point-ssl] +server = 15-ECDSA Signature Algorithm Selection compressed point-server +client = 15-ECDSA Signature Algorithm Selection compressed point-client + +[15-ECDSA Signature Algorithm Selection compressed point-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[15-ECDSA Signature Algorithm Selection compressed point-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-15] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[16-ECDSA Signature Algorithm Selection, no ECDSA certificate] +ssl_conf = 16-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl + +[16-ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] +server = 16-ECDSA Signature Algorithm Selection, no ECDSA certificate-server +client = 16-ECDSA Signature Algorithm Selection, no ECDSA certificate-client + +[16-ECDSA Signature Algorithm Selection, no ECDSA certificate-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[16-ECDSA Signature Algorithm Selection, no ECDSA certificate-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-16] +ExpectedResult = ServerFail + + +# =========================================================== + +[17-RSA Signature Algorithm Selection] +ssl_conf = 17-RSA Signature Algorithm Selection-ssl + +[17-RSA Signature Algorithm Selection-ssl] +server = 17-RSA Signature Algorithm Selection-server +client = 17-RSA Signature Algorithm Selection-client + +[17-RSA Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[17-RSA Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = RSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-17] +ExpectedResult = Success +ExpectedServerCertType = RSA +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = RSA + + +# =========================================================== + +[18-RSA-PSS Signature Algorithm Selection] +ssl_conf = 18-RSA-PSS Signature Algorithm Selection-ssl + +[18-RSA-PSS Signature Algorithm Selection-ssl] +server = 18-RSA-PSS Signature Algorithm Selection-server +client = 18-RSA-PSS Signature Algorithm Selection-client + +[18-RSA-PSS Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[18-RSA-PSS Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = RSA-PSS+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-18] +ExpectedResult = Success +ExpectedServerCertType = RSA +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[19-RSA-PSS Certificate Legacy Signature Algorithm Selection] +ssl_conf = 19-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl + +[19-RSA-PSS Certificate Legacy Signature Algorithm Selection-ssl] +server = 19-RSA-PSS Certificate Legacy Signature Algorithm Selection-server +client = 19-RSA-PSS Certificate Legacy Signature Algorithm Selection-client + +[19-RSA-PSS Certificate Legacy Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[19-RSA-PSS Certificate Legacy Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = RSA-PSS+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-19] +ExpectedResult = Success +ExpectedServerCertType = RSA +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[20-RSA-PSS Certificate Unified Signature Algorithm Selection] +ssl_conf = 20-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl + +[20-RSA-PSS Certificate Unified Signature Algorithm Selection-ssl] +server = 20-RSA-PSS Certificate Unified Signature Algorithm Selection-server +client = 20-RSA-PSS Certificate Unified Signature Algorithm Selection-client + +[20-RSA-PSS Certificate Unified Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.2 +PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[20-RSA-PSS Certificate Unified Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = rsa_pss_pss_sha256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-20] +ExpectedResult = Success +ExpectedServerCertType = RSA-PSS +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[21-Only RSA-PSS Certificate] +ssl_conf = 21-Only RSA-PSS Certificate-ssl + +[21-Only RSA-PSS Certificate-ssl] +server = 21-Only RSA-PSS Certificate-server +client = 21-Only RSA-PSS Certificate-client + +[21-Only RSA-PSS Certificate-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem + +[21-Only RSA-PSS Certificate-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-21] +ExpectedResult = Success +ExpectedServerCertType = RSA-PSS +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[22-RSA-PSS Certificate, no PSS signature algorithms] +ssl_conf = 22-RSA-PSS Certificate, no PSS signature algorithms-ssl + +[22-RSA-PSS Certificate, no PSS signature algorithms-ssl] +server = 22-RSA-PSS Certificate, no PSS signature algorithms-server +client = 22-RSA-PSS Certificate, no PSS signature algorithms-client + +[22-RSA-PSS Certificate, no PSS signature algorithms-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem + +[22-RSA-PSS Certificate, no PSS signature algorithms-client] +CipherString = DEFAULT +SignatureAlgorithms = RSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-22] +ExpectedResult = ServerFail + + +# =========================================================== + +[23-RSA key exchange with all RSA certificate types] +ssl_conf = 23-RSA key exchange with all RSA certificate types-ssl + +[23-RSA key exchange with all RSA certificate types-ssl] +server = 23-RSA key exchange with all RSA certificate types-server +client = 23-RSA key exchange with all RSA certificate types-client + +[23-RSA key exchange with all RSA certificate types-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[23-RSA key exchange with all RSA certificate types-client] +CipherString = kRSA +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-23] +ExpectedResult = Success +ExpectedServerCertType = RSA + + +# =========================================================== + +[24-RSA key exchange with only RSA-PSS certificate] +ssl_conf = 24-RSA key exchange with only RSA-PSS certificate-ssl + +[24-RSA key exchange with only RSA-PSS certificate-ssl] +server = 24-RSA key exchange with only RSA-PSS certificate-server +client = 24-RSA key exchange with only RSA-PSS certificate-client + +[24-RSA key exchange with only RSA-PSS certificate-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem + +[24-RSA key exchange with only RSA-PSS certificate-client] +CipherString = kRSA +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-24] +ExpectedResult = ServerFail + + +# =========================================================== + +[25-Suite B P-256 Hash Algorithm Selection] +ssl_conf = 25-Suite B P-256 Hash Algorithm Selection-ssl + +[25-Suite B P-256 Hash Algorithm Selection-ssl] +server = 25-Suite B P-256 Hash Algorithm Selection-server +client = 25-Suite B P-256 Hash Algorithm Selection-client + +[25-Suite B P-256 Hash Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = SUITEB128 +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[25-Suite B P-256 Hash Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem +VerifyMode = Peer + +[test-25] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[26-Suite B P-384 Hash Algorithm Selection] +ssl_conf = 26-Suite B P-384 Hash Algorithm Selection-ssl + +[26-Suite B P-384 Hash Algorithm Selection-ssl] +server = 26-Suite B P-384 Hash Algorithm Selection-server +client = 26-Suite B P-384 Hash Algorithm Selection-client + +[26-Suite B P-384 Hash Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = SUITEB128 +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[26-Suite B P-384 Hash Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem +VerifyMode = Peer + +[test-26] +ExpectedResult = Success +ExpectedServerCertType = P-384 +ExpectedServerSignHash = SHA384 +ExpectedServerSignType = EC + + +# =========================================================== + +[27-TLS 1.2 Ed25519 Client Auth] +ssl_conf = 27-TLS 1.2 Ed25519 Client Auth-ssl + +[27-TLS 1.2 Ed25519 Client Auth-ssl] +server = 27-TLS 1.2 Ed25519 Client Auth-server +client = 27-TLS 1.2 Ed25519 Client Auth-client + +[27-TLS 1.2 Ed25519 Client Auth-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[27-TLS 1.2 Ed25519 Client Auth-client] +CipherString = DEFAULT +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-27] +ExpectedClientCertType = Ed25519 +ExpectedClientSignType = Ed25519 +ExpectedResult = Success + + +# =========================================================== + +[28-TLS 1.2 Ed448 Client Auth] +ssl_conf = 28-TLS 1.2 Ed448 Client Auth-ssl + +[28-TLS 1.2 Ed448 Client Auth-ssl] +server = 28-TLS 1.2 Ed448 Client Auth-server +client = 28-TLS 1.2 Ed448 Client Auth-client + +[28-TLS 1.2 Ed448 Client Auth-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[28-TLS 1.2 Ed448 Client Auth-client] +CipherString = DEFAULT +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-28] +ExpectedClientCertType = Ed448 +ExpectedClientSignType = Ed448 +ExpectedResult = Success + + +# =========================================================== + +[29-Only RSA-PSS Certificate, TLS v1.1] +ssl_conf = 29-Only RSA-PSS Certificate, TLS v1.1-ssl + +[29-Only RSA-PSS Certificate, TLS v1.1-ssl] +server = 29-Only RSA-PSS Certificate, TLS v1.1-server +client = 29-Only RSA-PSS Certificate, TLS v1.1-client + +[29-Only RSA-PSS Certificate, TLS v1.1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem + +[29-Only RSA-PSS Certificate, TLS v1.1-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-29] +ExpectedResult = ServerFail + + +# =========================================================== + +[30-TLS 1.3 ECDSA Signature Algorithm Selection] +ssl_conf = 30-TLS 1.3 ECDSA Signature Algorithm Selection-ssl + +[30-TLS 1.3 ECDSA Signature Algorithm Selection-ssl] +server = 30-TLS 1.3 ECDSA Signature Algorithm Selection-server +client = 30-TLS 1.3 ECDSA Signature Algorithm Selection-client + +[30-TLS 1.3 ECDSA Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[30-TLS 1.3 ECDSA Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-30] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point] +ssl_conf = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl + +[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl] +server = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server +client = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client + +[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-31] +ExpectedResult = Success +ExpectedServerCANames = empty +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1] +ssl_conf = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl + +[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl] +server = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server +client = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client + +[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-32] +ExpectedResult = ServerFail + + +# =========================================================== + +[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS] +ssl_conf = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl + +[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl] +server = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server +client = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client + +[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client] +CipherString = DEFAULT +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-33] +ExpectedResult = Success +ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedServerCertType = P-256 +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = EC + + +# =========================================================== + +[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS] +ssl_conf = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl + +[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl] +server = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server +client = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client + +[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-34] +ExpectedResult = Success +ExpectedServerCertType = RSA +ExpectedServerSignHash = SHA384 +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate] +ssl_conf = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl + +[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl] +server = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server +client = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client + +[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client] +CipherString = DEFAULT +SignatureAlgorithms = ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-35] +ExpectedResult = ServerFail + + +# =========================================================== + +[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS] +ssl_conf = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl + +[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl] +server = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server +client = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client + +[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client] +CipherString = DEFAULT +SignatureAlgorithms = RSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-36] +ExpectedResult = ServerFail + + +# =========================================================== + +[37-TLS 1.3 RSA-PSS Signature Algorithm Selection] +ssl_conf = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl + +[37-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl] +server = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection-server +client = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection-client + +[37-TLS 1.3 RSA-PSS Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[37-TLS 1.3 RSA-PSS Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = RSA-PSS+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-37] +ExpectedResult = Success +ExpectedServerCertType = RSA +ExpectedServerSignHash = SHA256 +ExpectedServerSignType = RSA-PSS + + +# =========================================================== + +[38-TLS 1.3 Ed25519 Signature Algorithm Selection] +ssl_conf = 38-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl + +[38-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl] +server = 38-TLS 1.3 Ed25519 Signature Algorithm Selection-server +client = 38-TLS 1.3 Ed25519 Signature Algorithm Selection-client + +[38-TLS 1.3 Ed25519 Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[38-TLS 1.3 Ed25519 Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = ed25519 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-38] +ExpectedResult = Success +ExpectedServerCertType = Ed25519 +ExpectedServerSignType = Ed25519 + + +# =========================================================== + +[39-TLS 1.3 Ed448 Signature Algorithm Selection] +ssl_conf = 39-TLS 1.3 Ed448 Signature Algorithm Selection-ssl + +[39-TLS 1.3 Ed448 Signature Algorithm Selection-ssl] +server = 39-TLS 1.3 Ed448 Signature Algorithm Selection-server +client = 39-TLS 1.3 Ed448 Signature Algorithm Selection-client + +[39-TLS 1.3 Ed448 Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[39-TLS 1.3 Ed448 Signature Algorithm Selection-client] +CipherString = DEFAULT +SignatureAlgorithms = ed448 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-39] +ExpectedResult = Success +ExpectedServerCertType = Ed448 +ExpectedServerSignType = Ed448 + + +# =========================================================== + +[40-TLS 1.3 Ed25519 CipherString and Groups Selection] +ssl_conf = 40-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl + +[40-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl] +server = 40-TLS 1.3 Ed25519 CipherString and Groups Selection-server +client = 40-TLS 1.3 Ed25519 CipherString and Groups Selection-client + +[40-TLS 1.3 Ed25519 CipherString and Groups Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[40-TLS 1.3 Ed25519 CipherString and Groups Selection-client] +CipherString = DEFAULT +Groups = X25519 +SignatureAlgorithms = ECDSA+SHA256:ed25519 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-40] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignType = EC + + +# =========================================================== + +[41-TLS 1.3 Ed448 CipherString and Groups Selection] +ssl_conf = 41-TLS 1.3 Ed448 CipherString and Groups Selection-ssl + +[41-TLS 1.3 Ed448 CipherString and Groups Selection-ssl] +server = 41-TLS 1.3 Ed448 CipherString and Groups Selection-server +client = 41-TLS 1.3 Ed448 CipherString and Groups Selection-client + +[41-TLS 1.3 Ed448 CipherString and Groups Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem +Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem +Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem +Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[41-TLS 1.3 Ed448 CipherString and Groups Selection-client] +CipherString = DEFAULT +Groups = X448 +SignatureAlgorithms = ECDSA+SHA256:ed448 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-41] +ExpectedResult = Success +ExpectedServerCertType = P-256 +ExpectedServerSignType = EC + + +# =========================================================== + +[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection] +ssl_conf = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl + +[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl] +server = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server +client = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client + +[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientSignatureAlgorithms = PSS+SHA256 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client] +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-42] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA-PSS +ExpectedResult = Success + + +# =========================================================== + +[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names] +ssl_conf = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl + +[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl] +server = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server +client = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client + +[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientSignatureAlgorithms = PSS+SHA256 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client] +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-43] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA-PSS +ExpectedResult = Success + + +# =========================================================== + +[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection] +ssl_conf = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl + +[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl] +server = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server +client = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client + +[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientSignatureAlgorithms = ECDSA+SHA256 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client] +CipherString = DEFAULT +ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem +ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-44] +ExpectedClientCertType = P-256 +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = EC +ExpectedResult = Success + + +# =========================================================== + +[45-TLS 1.3 Ed25519 Client Auth] +ssl_conf = 45-TLS 1.3 Ed25519 Client Auth-ssl + +[45-TLS 1.3 Ed25519 Client Auth-ssl] +server = 45-TLS 1.3 Ed25519 Client Auth-server +client = 45-TLS 1.3 Ed25519 Client Auth-client + +[45-TLS 1.3 Ed25519 Client Auth-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[45-TLS 1.3 Ed25519 Client Auth-client] +CipherString = DEFAULT +EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem +EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-45] +ExpectedClientCertType = Ed25519 +ExpectedClientSignType = Ed25519 +ExpectedResult = Success + + +# =========================================================== + +[46-TLS 1.3 Ed448 Client Auth] +ssl_conf = 46-TLS 1.3 Ed448 Client Auth-ssl + +[46-TLS 1.3 Ed448 Client Auth-ssl] +server = 46-TLS 1.3 Ed448 Client Auth-server +client = 46-TLS 1.3 Ed448 Client Auth-client + +[46-TLS 1.3 Ed448 Client Auth-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[46-TLS 1.3 Ed448 Client Auth-client] +CipherString = DEFAULT +EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem +EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-46] +ExpectedClientCertType = Ed448 +ExpectedClientSignType = Ed448 +ExpectedResult = Success + + +# =========================================================== + +[47-TLS 1.3 ECDSA with brainpool] +ssl_conf = 47-TLS 1.3 ECDSA with brainpool-ssl + +[47-TLS 1.3 ECDSA with brainpool-ssl] +server = 47-TLS 1.3 ECDSA with brainpool-server +client = 47-TLS 1.3 ECDSA with brainpool-client + +[47-TLS 1.3 ECDSA with brainpool-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem +CipherString = DEFAULT +Groups = brainpoolP256r1 +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem + +[47-TLS 1.3 ECDSA with brainpool-client] +CipherString = DEFAULT +Groups = brainpoolP256r1 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-47] +ExpectedResult = ServerFail + + +# =========================================================== + +[48-TLS 1.2 DSA Certificate Test] +ssl_conf = 48-TLS 1.2 DSA Certificate Test-ssl + +[48-TLS 1.2 DSA Certificate Test-ssl] +server = 48-TLS 1.2 DSA Certificate Test-server +client = 48-TLS 1.2 DSA Certificate Test-client + +[48-TLS 1.2 DSA Certificate Test-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ALL +DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem +DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem +DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[48-TLS 1.2 DSA Certificate Test-client] +CipherString = ALL +SignatureAlgorithms = DSA+SHA256:DSA+SHA1 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-48] +ExpectedResult = Success + + +# =========================================================== + +[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms] +ssl_conf = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl + +[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl] +server = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server +client = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client + +[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-49] +ExpectedResult = ServerFail + + +# =========================================================== + +[50-TLS 1.3 DSA Certificate Test] +ssl_conf = 50-TLS 1.3 DSA Certificate Test-ssl + +[50-TLS 1.3 DSA Certificate Test-ssl] +server = 50-TLS 1.3 DSA Certificate Test-server +client = 50-TLS 1.3 DSA Certificate Test-client + +[50-TLS 1.3 DSA Certificate Test-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ALL +DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem +DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[50-TLS 1.3 DSA Certificate Test-client] +CipherString = ALL +SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-50] +ExpectedResult = ServerFail + + diff --git a/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in new file mode 100644 index 0000000000..bdf53c6e1e --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in @@ -0,0 +1,864 @@ +# -*- mode: perl; -*- + +## SSL test configurations + + +use strict; +use warnings; + +package ssltests; +use OpenSSL::Test::Utils; + +my $server = { + "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), + "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), + "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), + "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), + "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), + "MaxProtocol" => "TLSv1.2" +}; + +my $server_pss = { + "PSS.Certificate" => test_pem("server-pss-cert.pem"), + "PSS.PrivateKey" => test_pem("server-pss-key.pem"), + "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), + "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), + "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), + "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), + "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), + "MaxProtocol" => "TLSv1.2" +}; + +my $server_pss_only = { + "Certificate" => test_pem("server-pss-cert.pem"), + "PrivateKey" => test_pem("server-pss-key.pem"), +}; + +my $server_rsa_all = { + "PSS.Certificate" => test_pem("server-pss-cert.pem"), + "PSS.PrivateKey" => test_pem("server-pss-key.pem"), + "Certificate" => test_pem("servercert.pem"), + "PrivateKey" => test_pem("serverkey.pem"), +}; + +our @tests = ( + { + name => "ECDSA CipherString Selection", + server => $server, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "RequestCAFile" => test_pem("root-cert.pem"), + }, + test => { + "ExpectedServerCertType" =>, "P-256", + "ExpectedServerSignType" =>, "EC", + # Note: certificate_authorities not sent for TLS < 1.3 + "ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA CipherString Selection", + server => { + "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), + "MaxProtocol" => "TLSv1.2", + #Deliberately set supported_groups to one not in the cert. This + #should be tolerated + "Groups" => "P-384" + }, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "Groups" => "P-256:P-384", + "RequestCAFile" => test_pem("root-cert.pem"), + }, + test => { + "ExpectedServerCertType" =>, "P-256", + "ExpectedServerSignType" =>, "EC", + # Note: certificate_authorities not sent for TLS < 1.3 + "ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA CipherString Selection", + server => { + "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), + "MaxProtocol" => "TLSv1.2", + "Groups" => "P-256:P-384" + }, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + #Deliberately set groups to not include the certificate group. This + #should fail + "Groups" => "P-384", + "RequestCAFile" => test_pem("root-cert.pem"), + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "Ed25519 CipherString and Signature Algorithm Selection", + server => $server, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "SignatureAlgorithms" => "ed25519:ECDSA+SHA256", + "RequestCAFile" => test_pem("root-cert.pem"), + }, + test => { + "ExpectedServerCertType" =>, "Ed25519", + "ExpectedServerSignType" =>, "Ed25519", + # Note: certificate_authorities not sent for TLS < 1.3 + "ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "Ed448 CipherString and Signature Algorithm Selection", + server => $server, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "SignatureAlgorithms" => "ed448:ECDSA+SHA256", + "RequestCAFile" => test_pem("root-cert.pem"), + }, + test => { + "ExpectedServerCertType" =>, "Ed448", + "ExpectedServerSignType" =>, "Ed448", + # Note: certificate_authorities not sent for TLS < 1.3 + "ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA with brainpool", + server => { + "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), + "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), + "Groups" => "brainpoolP256r1", + }, + client => { + #We don't restrict this to TLSv1.2, although use of brainpool + #should force this anyway so that this should succeed + "CipherString" => "aECDSA", + "RequestCAFile" => test_pem("root-cert.pem"), + "Groups" => "brainpoolP256r1", + }, + test => { + "ExpectedServerCertType" =>, "brainpoolP256r1", + "ExpectedServerSignType" =>, "EC", + # Note: certificate_authorities not sent for TLS < 1.3 + "ExpectedServerCANames" =>, "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA CipherString Selection", + server => $server, + client => { + "CipherString" => "aRSA", + "MaxProtocol" => "TLSv1.2", + }, + test => { + "ExpectedServerCertType" =>, "RSA", + "ExpectedServerSignType" =>, "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA-PSS Certificate CipherString Selection", + server => $server_pss, + client => { + "CipherString" => "aRSA", + "MaxProtocol" => "TLSv1.2", + }, + test => { + "ExpectedServerCertType" =>, "RSA-PSS", + "ExpectedServerSignType" =>, "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "P-256 CipherString and Signature Algorithm Selection", + server => $server, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "Ed25519 CipherString and Curves Selection", + server => $server, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", + # Excluding P-256 from the supported curves list means server + # certificate should be Ed25519 and not P-256 + "Curves" => "X25519" + }, + test => { + "ExpectedServerCertType" =>, "Ed25519", + "ExpectedServerSignType" =>, "Ed25519", + "ExpectedResult" => "Success" + }, + }, + { + name => "Ed448 CipherString and Curves Selection", + server => $server, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2", + "SignatureAlgorithms" => "ECDSA+SHA256:ed448", + # Excluding P-256 from the supported curves list means server + # certificate should be Ed25519 and not P-256 + "Curves" => "X448" + }, + test => { + "ExpectedServerCertType" =>, "Ed448", + "ExpectedServerSignType" =>, "Ed448", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA CipherString Selection, no ECDSA certificate", + server => { + "MaxProtocol" => "TLSv1.2" + }, + client => { + "CipherString" => "aECDSA", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "ECDSA Signature Algorithm Selection", + server => $server, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA Signature Algorithm Selection SHA384", + server => $server, + client => { + "SignatureAlgorithms" => "ECDSA+SHA384", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA384", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA Signature Algorithm Selection SHA1", + server => $server, + client => { + "SignatureAlgorithms" => "ECDSA+SHA1", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA1", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA Signature Algorithm Selection compressed point", + server => { + "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"), + "MaxProtocol" => "TLSv1.2" + }, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "ECDSA Signature Algorithm Selection, no ECDSA certificate", + server => { + "MaxProtocol" => "TLSv1.2" + }, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "RSA Signature Algorithm Selection", + server => $server, + client => { + "SignatureAlgorithms" => "RSA+SHA256", + }, + test => { + "ExpectedServerCertType" => "RSA", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "RSA", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA-PSS Signature Algorithm Selection", + server => $server, + client => { + "SignatureAlgorithms" => "RSA-PSS+SHA256", + }, + test => { + "ExpectedServerCertType" => "RSA", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA-PSS Certificate Legacy Signature Algorithm Selection", + server => $server_pss, + client => { + "SignatureAlgorithms" => "RSA-PSS+SHA256", + }, + test => { + "ExpectedServerCertType" => "RSA", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA-PSS Certificate Unified Signature Algorithm Selection", + server => $server_pss, + client => { + "SignatureAlgorithms" => "rsa_pss_pss_sha256", + }, + test => { + "ExpectedServerCertType" => "RSA-PSS", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "Only RSA-PSS Certificate", + server => $server_pss_only, + client => {}, + test => { + "ExpectedServerCertType" => "RSA-PSS", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA-PSS Certificate, no PSS signature algorithms", + server => $server_pss_only, + client => { + "SignatureAlgorithms" => "RSA+SHA256", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "RSA key exchange with all RSA certificate types", + server => $server_rsa_all, + client => { + "CipherString" => "kRSA", + "MaxProtocol" => "TLSv1.2", + }, + test => { + "ExpectedServerCertType" =>, "RSA", + "ExpectedResult" => "Success" + }, + }, + { + name => "RSA key exchange with only RSA-PSS certificate", + server => $server_pss_only, + client => { + "CipherString" => "kRSA", + "MaxProtocol" => "TLSv1.2", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "Suite B P-256 Hash Algorithm Selection", + server => { + "ECDSA.Certificate" => test_pem("p256-server-cert.pem"), + "ECDSA.PrivateKey" => test_pem("p256-server-key.pem"), + "MaxProtocol" => "TLSv1.2", + "CipherString" => "SUITEB128" + }, + client => { + "VerifyCAFile" => test_pem("p384-root.pem"), + "SignatureAlgorithms" => "ECDSA+SHA384:ECDSA+SHA256" + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "Suite B P-384 Hash Algorithm Selection", + server => { + "ECDSA.Certificate" => test_pem("p384-server-cert.pem"), + "ECDSA.PrivateKey" => test_pem("p384-server-key.pem"), + "MaxProtocol" => "TLSv1.2", + "CipherString" => "SUITEB128" + }, + client => { + "VerifyCAFile" => test_pem("p384-root.pem"), + "SignatureAlgorithms" => "ECDSA+SHA256:ECDSA+SHA384" + }, + test => { + "ExpectedServerCertType" => "P-384", + "ExpectedServerSignHash" => "SHA384", + "ExpectedServerSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.2 Ed25519 Client Auth", + server => { + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => { + "Ed25519.Certificate" => test_pem("client-ed25519-cert.pem"), + "Ed25519.PrivateKey" => test_pem("client-ed25519-key.pem"), + "MinProtocol" => "TLSv1.2", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "ExpectedClientCertType" => "Ed25519", + "ExpectedClientSignType" => "Ed25519", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.2 Ed448 Client Auth", + server => { + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => { + "Ed448.Certificate" => test_pem("client-ed448-cert.pem"), + "Ed448.PrivateKey" => test_pem("client-ed448-key.pem"), + "MinProtocol" => "TLSv1.2", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "ExpectedClientCertType" => "Ed448", + "ExpectedClientSignType" => "Ed448", + "ExpectedResult" => "Success" + }, + }, +); + +my @tests_tls_1_1 = ( + { + name => "Only RSA-PSS Certificate, TLS v1.1", + server => $server_pss_only, + client => { + "MaxProtocol" => "TLSv1.1", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, +); + +push @tests, @tests_tls_1_1 unless disabled("tls1_1"); + +my $server_tls_1_3 = { + "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), + "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), + "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), + "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), + "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" +}; + +my $server_tls_1_3_pss = { + "PSS.Certificate" => test_pem("server-pss-cert.pem"), + "PSS.PrivateKey" => test_pem("server-pss-key.pem"), + "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"), + "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"), + "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"), + "Ed448.Certificate" => test_pem("server-ed448-cert.pem"), + "Ed448.PrivateKey" => test_pem("server-ed449-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" +}; + +my $client_tls_1_3 = { + "RSA.Certificate" => test_pem("ee-client-chain.pem"), + "RSA.PrivateKey" => test_pem("ee-key.pem"), + "ECDSA.Certificate" => test_pem("ee-ecdsa-client-chain.pem"), + "ECDSA.PrivateKey" => test_pem("ee-ecdsa-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" +}; + +my @tests_tls_1_3 = ( + { + name => "TLS 1.3 ECDSA Signature Algorithm Selection", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedServerCANames" => "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 ECDSA Signature Algorithm Selection compressed point", + server => { + "ECDSA.Certificate" => test_pem("server-cecdsa-cert.pem"), + "ECDSA.PrivateKey" => test_pem("server-cecdsa-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" + }, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256", + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedServerCANames" => "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 ECDSA Signature Algorithm Selection SHA1", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ECDSA+SHA1", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "TLS 1.3 ECDSA Signature Algorithm Selection with PSS", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256:RSA-PSS+SHA256", + "RequestCAFile" => test_pem("root-cert.pem"), + }, + test => { + "ExpectedServerCertType" => "P-256", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "EC", + "ExpectedServerCANames" => test_pem("root-cert.pem"), + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ECDSA+SHA384:RSA-PSS+SHA384", + }, + test => { + "ExpectedServerCertType" => "RSA", + "ExpectedServerSignHash" => "SHA384", + "ExpectedServerSignType" => "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" + }, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "TLS 1.3 RSA Signature Algorithm Selection, no PSS", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "RSA+SHA256", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "TLS 1.3 RSA-PSS Signature Algorithm Selection", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "RSA-PSS+SHA256", + }, + test => { + "ExpectedServerCertType" => "RSA", + "ExpectedServerSignHash" => "SHA256", + "ExpectedServerSignType" => "RSA-PSS", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 Ed25519 Signature Algorithm Selection", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ed25519", + }, + test => { + "ExpectedServerCertType" => "Ed25519", + "ExpectedServerSignType" => "Ed25519", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 Ed448 Signature Algorithm Selection", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ed448", + }, + test => { + "ExpectedServerCertType" => "Ed448", + "ExpectedServerSignType" => "Ed448", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 Ed25519 CipherString and Groups Selection", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256:ed25519", + # Excluding P-256 from the supported groups list should + # mean server still uses a P-256 certificate because supported + # groups is not used in signature selection for TLS 1.3 + "Groups" => "X25519" + }, + test => { + "ExpectedServerCertType" =>, "P-256", + "ExpectedServerSignType" =>, "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 Ed448 CipherString and Groups Selection", + server => $server_tls_1_3, + client => { + "SignatureAlgorithms" => "ECDSA+SHA256:ed448", + # Excluding P-256 from the supported groups list should + # mean server still uses a P-256 certificate because supported + # groups is not used in signature selection for TLS 1.3 + "Groups" => "X448" + }, + test => { + "ExpectedServerCertType" =>, "P-256", + "ExpectedServerSignType" =>, "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection", + server => { + "ClientSignatureAlgorithms" => "PSS+SHA256", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => $client_tls_1_3, + test => { + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientSignType" => "RSA-PSS", + "ExpectedClientCANames" => "empty", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names", + server => { + "ClientSignatureAlgorithms" => "PSS+SHA256", + "VerifyCAFile" => test_pem("root-cert.pem"), + "RequestCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => $client_tls_1_3, + test => { + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientSignType" => "RSA-PSS", + "ExpectedClientCANames" => test_pem("root-cert.pem"), + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 ECDSA Client Auth Signature Algorithm Selection", + server => { + "ClientSignatureAlgorithms" => "ECDSA+SHA256", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => $client_tls_1_3, + test => { + "ExpectedClientCertType" => "P-256", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientSignType" => "EC", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 Ed25519 Client Auth", + server => { + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => { + "EdDSA.Certificate" => test_pem("client-ed25519-cert.pem"), + "EdDSA.PrivateKey" => test_pem("client-ed25519-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" + }, + test => { + "ExpectedClientCertType" => "Ed25519", + "ExpectedClientSignType" => "Ed25519", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 Ed448 Client Auth", + server => { + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require" + }, + client => { + "EdDSA.Certificate" => test_pem("client-ed448-cert.pem"), + "EdDSA.PrivateKey" => test_pem("client-ed448-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" + }, + test => { + "ExpectedClientCertType" => "Ed448", + "ExpectedClientSignType" => "Ed448", + "ExpectedResult" => "Success" + }, + }, + { + name => "TLS 1.3 ECDSA with brainpool", + server => { + "Certificate" => test_pem("server-ecdsa-brainpoolP256r1-cert.pem"), + "PrivateKey" => test_pem("server-ecdsa-brainpoolP256r1-key.pem"), + "Groups" => "brainpoolP256r1", + }, + client => { + "RequestCAFile" => test_pem("root-cert.pem"), + "Groups" => "brainpoolP256r1", + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3" + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, +); + +push @tests, @tests_tls_1_3 unless disabled("tls1_3"); + +my @tests_dsa_tls_1_2 = ( + { + name => "TLS 1.2 DSA Certificate Test", + server => { + "DSA.Certificate" => test_pem("server-dsa-cert.pem"), + "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), + "DHParameters" => test_pem("dhp2048.pem"), + "MinProtocol" => "TLSv1.2", + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ALL", + }, + client => { + "SignatureAlgorithms" => "DSA+SHA256:DSA+SHA1", + "CipherString" => "ALL", + }, + test => { + "ExpectedResult" => "Success" + }, + }, +); + +my @tests_dsa_tls_1_3 = ( + { + name => "TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms", + server => { + "ClientSignatureAlgorithms" => "ECDSA+SHA1:DSA+SHA256:RSA+SHA256", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Request" + }, + client => {}, + test => { + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "TLS 1.3 DSA Certificate Test", + server => { + "DSA.Certificate" => test_pem("server-dsa-cert.pem"), + "DSA.PrivateKey" => test_pem("server-dsa-key.pem"), + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "CipherString" => "ALL", + }, + client => { + "SignatureAlgorithms" => "DSA+SHA1:DSA+SHA256:ECDSA+SHA256", + "CipherString" => "ALL", + }, + test => { + "ExpectedResult" => "ServerFail" + }, + }, +); + +if (!disabled("dsa")) { + push @tests, @tests_dsa_tls_1_2 unless disabled("dh"); + push @tests, @tests_dsa_tls_1_3 unless disabled("tls1_3"); +} diff --git a/deps/openssl/openssl/test/ssl-tests/21-key-update.conf b/deps/openssl/openssl/test/ssl-tests/21-key-update.conf new file mode 100644 index 0000000000..b79eb44494 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/21-key-update.conf @@ -0,0 +1,112 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 4 + +test-0 = 0-update-key-client-update-not-requested +test-1 = 1-update-key-server-update-not-requested +test-2 = 2-update-key-client-update-requested +test-3 = 3-update-key-server-update-requested +# =========================================================== + +[0-update-key-client-update-not-requested] +ssl_conf = 0-update-key-client-update-not-requested-ssl + +[0-update-key-client-update-not-requested-ssl] +server = 0-update-key-client-update-not-requested-server +client = 0-update-key-client-update-not-requested-client + +[0-update-key-client-update-not-requested-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-update-key-client-update-not-requested-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success +HandshakeMode = KeyUpdateClient +KeyUpdateType = KeyUpdateNotRequested +ResumptionExpected = No + + +# =========================================================== + +[1-update-key-server-update-not-requested] +ssl_conf = 1-update-key-server-update-not-requested-ssl + +[1-update-key-server-update-not-requested-ssl] +server = 1-update-key-server-update-not-requested-server +client = 1-update-key-server-update-not-requested-client + +[1-update-key-server-update-not-requested-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-update-key-server-update-not-requested-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success +HandshakeMode = KeyUpdateServer +KeyUpdateType = KeyUpdateNotRequested +ResumptionExpected = No + + +# =========================================================== + +[2-update-key-client-update-requested] +ssl_conf = 2-update-key-client-update-requested-ssl + +[2-update-key-client-update-requested-ssl] +server = 2-update-key-client-update-requested-server +client = 2-update-key-client-update-requested-client + +[2-update-key-client-update-requested-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-update-key-client-update-requested-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = Success +HandshakeMode = KeyUpdateClient +KeyUpdateType = KeyUpdateRequested +ResumptionExpected = No + + +# =========================================================== + +[3-update-key-server-update-requested] +ssl_conf = 3-update-key-server-update-requested-ssl + +[3-update-key-server-update-requested-ssl] +server = 3-update-key-server-update-requested-server +client = 3-update-key-server-update-requested-client + +[3-update-key-server-update-requested-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-update-key-server-update-requested-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success +HandshakeMode = KeyUpdateServer +KeyUpdateType = KeyUpdateRequested +ResumptionExpected = No + + diff --git a/deps/openssl/openssl/test/ssl-tests/21-key-update.conf.in b/deps/openssl/openssl/test/ssl-tests/21-key-update.conf.in new file mode 100644 index 0000000000..4bebb487d6 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/21-key-update.conf.in @@ -0,0 +1,62 @@ +# -*- mode: perl; -*- +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test KeyUpdate + +use strict; +use warnings; + +package ssltests; + +our @tests = ( + { + name => "update-key-client-update-not-requested", + server => {}, + client => {}, + test => { + "HandshakeMode" => "KeyUpdateClient", + "KeyUpdateType" => "KeyUpdateNotRequested", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "update-key-server-update-not-requested", + server => {}, + client => {}, + test => { + "HandshakeMode" => "KeyUpdateServer", + "KeyUpdateType" => "KeyUpdateNotRequested", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "update-key-client-update-requested", + server => {}, + client => {}, + test => { + "HandshakeMode" => "KeyUpdateClient", + "KeyUpdateType" => "KeyUpdateRequested", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "update-key-server-update-requested", + server => {}, + client => {}, + test => { + "HandshakeMode" => "KeyUpdateServer", + "KeyUpdateType" => "KeyUpdateRequested", + "ResumptionExpected" => "No", + "ExpectedResult" => "Success" + } + } +); diff --git a/deps/openssl/openssl/test/ssl-tests/22-compression.conf b/deps/openssl/openssl/test/ssl-tests/22-compression.conf new file mode 100644 index 0000000000..c85d3129ab --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/22-compression.conf @@ -0,0 +1,216 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 8 + +test-0 = 0-tlsv1_3-both-compress +test-1 = 1-tlsv1_3-client-compress +test-2 = 2-tlsv1_3-server-compress +test-3 = 3-tlsv1_3-neither-compress +test-4 = 4-tlsv1_2-both-compress +test-5 = 5-tlsv1_2-client-compress +test-6 = 6-tlsv1_2-server-compress +test-7 = 7-tlsv1_2-neither-compress +# =========================================================== + +[0-tlsv1_3-both-compress] +ssl_conf = 0-tlsv1_3-both-compress-ssl + +[0-tlsv1_3-both-compress-ssl] +server = 0-tlsv1_3-both-compress-server +client = 0-tlsv1_3-both-compress-client + +[0-tlsv1_3-both-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = Compression +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-tlsv1_3-both-compress-client] +CipherString = DEFAULT +Options = Compression +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[1-tlsv1_3-client-compress] +ssl_conf = 1-tlsv1_3-client-compress-ssl + +[1-tlsv1_3-client-compress-ssl] +server = 1-tlsv1_3-client-compress-server +client = 1-tlsv1_3-client-compress-client + +[1-tlsv1_3-client-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-tlsv1_3-client-compress-client] +CipherString = DEFAULT +Options = Compression +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[2-tlsv1_3-server-compress] +ssl_conf = 2-tlsv1_3-server-compress-ssl + +[2-tlsv1_3-server-compress-ssl] +server = 2-tlsv1_3-server-compress-server +client = 2-tlsv1_3-server-compress-client + +[2-tlsv1_3-server-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = Compression +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-tlsv1_3-server-compress-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[3-tlsv1_3-neither-compress] +ssl_conf = 3-tlsv1_3-neither-compress-ssl + +[3-tlsv1_3-neither-compress-ssl] +server = 3-tlsv1_3-neither-compress-server +client = 3-tlsv1_3-neither-compress-client + +[3-tlsv1_3-neither-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-tlsv1_3-neither-compress-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[4-tlsv1_2-both-compress] +ssl_conf = 4-tlsv1_2-both-compress-ssl + +[4-tlsv1_2-both-compress-ssl] +server = 4-tlsv1_2-both-compress-server +client = 4-tlsv1_2-both-compress-client + +[4-tlsv1_2-both-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = Compression +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[4-tlsv1_2-both-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +Options = Compression +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-4] +CompressionExpected = Yes +ExpectedResult = Success + + +# =========================================================== + +[5-tlsv1_2-client-compress] +ssl_conf = 5-tlsv1_2-client-compress-ssl + +[5-tlsv1_2-client-compress-ssl] +server = 5-tlsv1_2-client-compress-server +client = 5-tlsv1_2-client-compress-client + +[5-tlsv1_2-client-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[5-tlsv1_2-client-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +Options = Compression +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[6-tlsv1_2-server-compress] +ssl_conf = 6-tlsv1_2-server-compress-ssl + +[6-tlsv1_2-server-compress-ssl] +server = 6-tlsv1_2-server-compress-server +client = 6-tlsv1_2-server-compress-client + +[6-tlsv1_2-server-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = Compression +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[6-tlsv1_2-server-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +CompressionExpected = No +ExpectedResult = Success + + +# =========================================================== + +[7-tlsv1_2-neither-compress] +ssl_conf = 7-tlsv1_2-neither-compress-ssl + +[7-tlsv1_2-neither-compress-ssl] +server = 7-tlsv1_2-neither-compress-server +client = 7-tlsv1_2-neither-compress-client + +[7-tlsv1_2-neither-compress-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[7-tlsv1_2-neither-compress-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +CompressionExpected = No +ExpectedResult = Success + + diff --git a/deps/openssl/openssl/test/ssl-tests/22-compression.conf.in b/deps/openssl/openssl/test/ssl-tests/22-compression.conf.in new file mode 100644 index 0000000000..8d4d823345 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/22-compression.conf.in @@ -0,0 +1,127 @@ +# -*- mode: perl; -*- +# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test Compression + +use strict; +use warnings; + +package ssltests; +use OpenSSL::Test::Utils; + +our @tests = (); + +our @tests_tls1_3 = ( + { + name => "tlsv1_3-both-compress", + server => { + "Options" => "Compression" + }, + client => { + "Options" => "Compression" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_3-client-compress", + server => { + }, + client => { + "Options" => "Compression" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_3-server-compress", + server => { + "Options" => "Compression" + }, + client => { + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_3-neither-compress", + server => { + }, + client => { + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, +); +our @tests_tls1_2 = ( + { + name => "tlsv1_2-both-compress", + server => { + "Options" => "Compression" + }, + client => { + "Options" => "Compression", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "Yes", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_2-client-compress", + server => { + }, + client => { + "Options" => "Compression", + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_2-server-compress", + server => { + "Options" => "Compression" + }, + client => { + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, + { + name => "tlsv1_2-neither-compress", + server => { + }, + client => { + "MaxProtocol" => "TLSv1.2" + }, + test => { + "CompressionExpected" => "No", + "ExpectedResult" => "Success" + } + }, +); + +push @tests, @tests_tls1_3 unless disabled("tls1_3"); +push @tests, @tests_tls1_2 unless alldisabled(("tls1_2", "tls1_1", "tls1", + "ssl3")); diff --git a/deps/openssl/openssl/test/ssl-tests/23-srp.conf b/deps/openssl/openssl/test/ssl-tests/23-srp.conf new file mode 100644 index 0000000000..610a0bb08a --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/23-srp.conf @@ -0,0 +1,148 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 4 + +test-0 = 0-srp +test-1 = 1-srp-bad-password +test-2 = 2-srp-auth +test-3 = 3-srp-auth-bad-password +# =========================================================== + +[0-srp] +ssl_conf = 0-srp-ssl + +[0-srp-ssl] +server = 0-srp-server +client = 0-srp-client + +[0-srp-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = SRP +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-srp-client] +CipherString = SRP +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success +server = 0-srp-server-extra +client = 0-srp-client-extra + +[0-srp-server-extra] +SRPPassword = password +SRPUser = user + +[0-srp-client-extra] +SRPPassword = password +SRPUser = user + + +# =========================================================== + +[1-srp-bad-password] +ssl_conf = 1-srp-bad-password-ssl + +[1-srp-bad-password-ssl] +server = 1-srp-bad-password-server +client = 1-srp-bad-password-client + +[1-srp-bad-password-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = SRP +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-srp-bad-password-client] +CipherString = SRP +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = ServerFail +server = 1-srp-bad-password-server-extra +client = 1-srp-bad-password-client-extra + +[1-srp-bad-password-server-extra] +SRPPassword = password +SRPUser = user + +[1-srp-bad-password-client-extra] +SRPPassword = passw0rd +SRPUser = user + + +# =========================================================== + +[2-srp-auth] +ssl_conf = 2-srp-auth-ssl + +[2-srp-auth-ssl] +server = 2-srp-auth-server +client = 2-srp-auth-client + +[2-srp-auth-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = aSRP +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-srp-auth-client] +CipherString = aSRP +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = Success +server = 2-srp-auth-server-extra +client = 2-srp-auth-client-extra + +[2-srp-auth-server-extra] +SRPPassword = password +SRPUser = user + +[2-srp-auth-client-extra] +SRPPassword = password +SRPUser = user + + +# =========================================================== + +[3-srp-auth-bad-password] +ssl_conf = 3-srp-auth-bad-password-ssl + +[3-srp-auth-bad-password-ssl] +server = 3-srp-auth-bad-password-server +client = 3-srp-auth-bad-password-client + +[3-srp-auth-bad-password-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = aSRP +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-srp-auth-bad-password-client] +CipherString = aSRP +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = ServerFail +server = 3-srp-auth-bad-password-server-extra +client = 3-srp-auth-bad-password-client-extra + +[3-srp-auth-bad-password-server-extra] +SRPPassword = password +SRPUser = user + +[3-srp-auth-bad-password-client-extra] +SRPPassword = passw0rd +SRPUser = user + + diff --git a/deps/openssl/openssl/test/ssl-tests/23-srp.conf.in b/deps/openssl/openssl/test/ssl-tests/23-srp.conf.in new file mode 100644 index 0000000000..dcbd9f4ff9 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/23-srp.conf.in @@ -0,0 +1,107 @@ +# -*- mode: perl; -*- +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +package ssltests; + +# SRP is only supported up to TLSv1.2 + +our @tests = ( + { + name => "srp", + server => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + test => { + "ExpectedResult" => "Success" + }, + }, + { + name => "srp-bad-password", + server => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "SRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "passw0rd", + }, + }, + test => { + # Server fails first with bad client Finished. + "ExpectedResult" => "ServerFail" + }, + }, + { + name => "srp-auth", + server => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + test => { + "ExpectedResult" => "Success" + }, + }, + { + name => "srp-auth-bad-password", + server => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "password", + }, + }, + client => { + "CipherString" => "aSRP", + "MaxProtocol" => "TLSv1.2", + extra => { + "SRPUser" => "user", + "SRPPassword" => "passw0rd", + }, + }, + test => { + # Server fails first with bad client Finished. + "ExpectedResult" => "ServerFail" + }, + }, +); diff --git a/deps/openssl/openssl/test/ssl-tests/24-padding.conf b/deps/openssl/openssl/test/ssl-tests/24-padding.conf new file mode 100644 index 0000000000..3c9f450102 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/24-padding.conf @@ -0,0 +1,34 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 1 + +test-0 = 0-default +# =========================================================== + +[0-default] +ssl_conf = 0-default-ssl + +[0-default-ssl] +server = 0-default-server +client = 0-default-client + +[0-default-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +RecordPadding = 64 + +[0-default-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +RecordPadding = 11 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success + + diff --git a/deps/openssl/openssl/test/ssl-tests/24-padding.conf.in b/deps/openssl/openssl/test/ssl-tests/24-padding.conf.in new file mode 100644 index 0000000000..7bf256c8db --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/24-padding.conf.in @@ -0,0 +1,25 @@ +# -*- mode: perl; -*- +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## SSL test configurations + +package ssltests; + +our @tests = ( + { + name => "default", + server => { "RecordPadding" => 64, + "MaxProtocol" => "TLSv1.3", + "MinProtocol" => "TLSv1.3" }, + client => { "RecordPadding" => 11, + "MaxProtocol" => "TLSv1.3", + "MinProtocol" => "TLSv1.3" }, + test => { "ExpectedResult" => "Success" }, + }, +); diff --git a/deps/openssl/openssl/test/ssl-tests/25-cipher.conf b/deps/openssl/openssl/test/ssl-tests/25-cipher.conf new file mode 100644 index 0000000000..a28c1f7bed --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/25-cipher.conf @@ -0,0 +1,244 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 9 + +test-0 = 0-cipher-server-1 +test-1 = 1-cipher-server-2 +test-2 = 2-cipher-server-client-list +test-3 = 3-cipher-server-pref-1 +test-4 = 4-cipher-server-pref-2 +test-5 = 5-cipher-server-pref-client-list +test-6 = 6-cipher-server-pref-not-mobile +test-7 = 7-cipher-server-pref-mobile +test-8 = 8-cipher-server-pref-mobile2 +# =========================================================== + +[0-cipher-server-1] +ssl_conf = 0-cipher-server-1-ssl + +[0-cipher-server-1-ssl] +server = 0-cipher-server-1-server +client = 0-cipher-server-1-client + +[0-cipher-server-1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-cipher-server-1-client] +CipherString = ECDHE-RSA-AES256-SHA384 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedCipher = ECDHE-RSA-AES256-SHA384 + + +# =========================================================== + +[1-cipher-server-2] +ssl_conf = 1-cipher-server-2-ssl + +[1-cipher-server-2-ssl] +server = 1-cipher-server-2-server +client = 1-cipher-server-2-client + +[1-cipher-server-2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-cipher-server-2-client] +CipherString = ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedCipher = ECDHE-RSA-AES128-SHA256 + + +# =========================================================== + +[2-cipher-server-client-list] +ssl_conf = 2-cipher-server-client-list-ssl + +[2-cipher-server-client-list-ssl] +server = 2-cipher-server-client-list-server +client = 2-cipher-server-client-list-client + +[2-cipher-server-client-list-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-cipher-server-client-list-client] +CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedCipher = ECDHE-RSA-AES128-SHA256 + + +# =========================================================== + +[3-cipher-server-pref-1] +ssl_conf = 3-cipher-server-pref-1-ssl + +[3-cipher-server-pref-1-ssl] +server = 3-cipher-server-pref-1-server +client = 3-cipher-server-pref-1-client + +[3-cipher-server-pref-1-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +Options = ServerPreference +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-cipher-server-pref-1-client] +CipherString = ECDHE-RSA-AES256-SHA384 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedCipher = ECDHE-RSA-AES256-SHA384 + + +# =========================================================== + +[4-cipher-server-pref-2] +ssl_conf = 4-cipher-server-pref-2-ssl + +[4-cipher-server-pref-2-ssl] +server = 4-cipher-server-pref-2-server +client = 4-cipher-server-pref-2-client + +[4-cipher-server-pref-2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +Options = ServerPreference +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[4-cipher-server-pref-2-client] +CipherString = ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-4] +ExpectedCipher = ECDHE-RSA-AES128-SHA256 + + +# =========================================================== + +[5-cipher-server-pref-client-list] +ssl_conf = 5-cipher-server-pref-client-list-ssl + +[5-cipher-server-pref-client-list-ssl] +server = 5-cipher-server-pref-client-list-server +client = 5-cipher-server-pref-client-list-client + +[5-cipher-server-pref-client-list-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256 +MaxProtocol = TLSv1.2 +Options = ServerPreference +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[5-cipher-server-pref-client-list-client] +CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] +ExpectedCipher = ECDHE-RSA-AES256-SHA384 + + +# =========================================================== + +[6-cipher-server-pref-not-mobile] +ssl_conf = 6-cipher-server-pref-not-mobile-ssl + +[6-cipher-server-pref-not-mobile-ssl] +server = 6-cipher-server-pref-not-mobile-server +client = 6-cipher-server-pref-not-mobile-client + +[6-cipher-server-pref-not-mobile-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305 +MaxProtocol = TLSv1.2 +Options = ServerPreference +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[6-cipher-server-pref-not-mobile-client] +CipherString = ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +ExpectedCipher = ECDHE-RSA-AES256-SHA384 + + +# =========================================================== + +[7-cipher-server-pref-mobile] +ssl_conf = 7-cipher-server-pref-mobile-ssl + +[7-cipher-server-pref-mobile-ssl] +server = 7-cipher-server-pref-mobile-server +client = 7-cipher-server-pref-mobile-client + +[7-cipher-server-pref-mobile-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305 +MaxProtocol = TLSv1.2 +Options = ServerPreference,PrioritizeChaCha +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[7-cipher-server-pref-mobile-client] +CipherString = ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +ExpectedCipher = ECDHE-RSA-AES256-SHA384 + + +# =========================================================== + +[8-cipher-server-pref-mobile2] +ssl_conf = 8-cipher-server-pref-mobile2-ssl + +[8-cipher-server-pref-mobile2-ssl] +server = 8-cipher-server-pref-mobile2-server +client = 8-cipher-server-pref-mobile2-client + +[8-cipher-server-pref-mobile2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305 +MaxProtocol = TLSv1.2 +Options = ServerPreference,PrioritizeChaCha +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[8-cipher-server-pref-mobile2-client] +CipherString = ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384 +MaxProtocol = TLSv1.2 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedCipher = ECDHE-RSA-CHACHA20-POLY1305 + + diff --git a/deps/openssl/openssl/test/ssl-tests/25-cipher.conf.in b/deps/openssl/openssl/test/ssl-tests/25-cipher.conf.in new file mode 100644 index 0000000000..8d3917e12e --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/25-cipher.conf.in @@ -0,0 +1,156 @@ +# -*- mode: perl; -*- +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test version negotiation + +use strict; +use warnings; + +package ssltests; +use OpenSSL::Test::Utils; + +our @tests = ( + { + name => "cipher-server-1", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384" + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", + }, + }, + { + name => "cipher-server-2", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES128-SHA256" + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256", + }, + }, + { + name => "cipher-server-client-list", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256", + }, + }, + { + name => "cipher-server-pref-1", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", + "Options" => "ServerPreference", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384" + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", + }, + }, + { + name => "cipher-server-pref-2", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", + "Options" => "ServerPreference", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES128-SHA256" + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES128-SHA256", + }, + }, + { + name => "cipher-server-pref-client-list", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256", + "Options" => "ServerPreference", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", + }, + }, + { + name => "cipher-server-pref-not-mobile", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305", + "Options" => "ServerPreference", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", + }, + }, + { + name => "cipher-server-pref-mobile", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305", + "Options" => "ServerPreference,PrioritizeChaCha", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-CHACHA20-POLY1305", + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384", + }, + }, +); + +my @tests_poly1305 = ( + { + name => "cipher-server-pref-mobile2", + server => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305", + "Options" => "ServerPreference,PrioritizeChaCha", + }, + client => { + "MaxProtocol" => "TLSv1.2", + "CipherString" => "ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384", + }, + test => { + "ExpectedCipher" => "ECDHE-RSA-CHACHA20-POLY1305", + }, + }, +); + +push @tests, @tests_poly1305 unless disabled("poly1305") || disabled("chacha"); diff --git a/deps/openssl/openssl/test/ssl-tests/26-tls13_client_auth.conf b/deps/openssl/openssl/test/ssl-tests/26-tls13_client_auth.conf new file mode 100644 index 0000000000..9c42391906 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/26-tls13_client_auth.conf @@ -0,0 +1,488 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 14 + +test-0 = 0-server-auth-TLSv1.3 +test-1 = 1-client-auth-TLSv1.3-request +test-2 = 2-client-auth-TLSv1.3-require-fail +test-3 = 3-client-auth-TLSv1.3-require +test-4 = 4-client-auth-TLSv1.3-require-non-empty-names +test-5 = 5-client-auth-TLSv1.3-noroot +test-6 = 6-client-auth-TLSv1.3-request-post-handshake +test-7 = 7-client-auth-TLSv1.3-require-fail-post-handshake +test-8 = 8-client-auth-TLSv1.3-require-post-handshake +test-9 = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake +test-10 = 10-client-auth-TLSv1.3-noroot-post-handshake +test-11 = 11-client-auth-TLSv1.3-request-force-client-post-handshake +test-12 = 12-client-auth-TLSv1.3-request-force-server-post-handshake +test-13 = 13-client-auth-TLSv1.3-request-force-both-post-handshake +# =========================================================== + +[0-server-auth-TLSv1.3] +ssl_conf = 0-server-auth-TLSv1.3-ssl + +[0-server-auth-TLSv1.3-ssl] +server = 0-server-auth-TLSv1.3-server +client = 0-server-auth-TLSv1.3-client + +[0-server-auth-TLSv1.3-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-server-auth-TLSv1.3-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success + + +# =========================================================== + +[1-client-auth-TLSv1.3-request] +ssl_conf = 1-client-auth-TLSv1.3-request-ssl + +[1-client-auth-TLSv1.3-request-ssl] +server = 1-client-auth-TLSv1.3-request-server +client = 1-client-auth-TLSv1.3-request-client + +[1-client-auth-TLSv1.3-request-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Request + +[1-client-auth-TLSv1.3-request-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success + + +# =========================================================== + +[2-client-auth-TLSv1.3-require-fail] +ssl_conf = 2-client-auth-TLSv1.3-require-fail-ssl + +[2-client-auth-TLSv1.3-require-fail-ssl] +server = 2-client-auth-TLSv1.3-require-fail-server +client = 2-client-auth-TLSv1.3-require-fail-client + +[2-client-auth-TLSv1.3-require-fail-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Require + +[2-client-auth-TLSv1.3-require-fail-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = ServerFail +ExpectedServerAlert = CertificateRequired + + +# =========================================================== + +[3-client-auth-TLSv1.3-require] +ssl_conf = 3-client-auth-TLSv1.3-require-ssl + +[3-client-auth-TLSv1.3-require-ssl] +server = 3-client-auth-TLSv1.3-require-server +client = 3-client-auth-TLSv1.3-require-client + +[3-client-auth-TLSv1.3-require-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientSignatureAlgorithms = PSS+SHA256 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[3-client-auth-TLSv1.3-require-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA-PSS +ExpectedResult = Success + + +# =========================================================== + +[4-client-auth-TLSv1.3-require-non-empty-names] +ssl_conf = 4-client-auth-TLSv1.3-require-non-empty-names-ssl + +[4-client-auth-TLSv1.3-require-non-empty-names-ssl] +server = 4-client-auth-TLSv1.3-require-non-empty-names-server +client = 4-client-auth-TLSv1.3-require-non-empty-names-client + +[4-client-auth-TLSv1.3-require-non-empty-names-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ClientSignatureAlgorithms = PSS+SHA256 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = Request + +[4-client-auth-TLSv1.3-require-non-empty-names-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-4] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA-PSS +ExpectedResult = Success + + +# =========================================================== + +[5-client-auth-TLSv1.3-noroot] +ssl_conf = 5-client-auth-TLSv1.3-noroot-ssl + +[5-client-auth-TLSv1.3-noroot-ssl] +server = 5-client-auth-TLSv1.3-noroot-server +client = 5-client-auth-TLSv1.3-noroot-client + +[5-client-auth-TLSv1.3-noroot-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = Require + +[5-client-auth-TLSv1.3-noroot-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-5] +ExpectedResult = ServerFail +ExpectedServerAlert = UnknownCA + + +# =========================================================== + +[6-client-auth-TLSv1.3-request-post-handshake] +ssl_conf = 6-client-auth-TLSv1.3-request-post-handshake-ssl + +[6-client-auth-TLSv1.3-request-post-handshake-ssl] +server = 6-client-auth-TLSv1.3-request-post-handshake-server +client = 6-client-auth-TLSv1.3-request-post-handshake-client + +[6-client-auth-TLSv1.3-request-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = RequestPostHandshake + +[6-client-auth-TLSv1.3-request-post-handshake-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-6] +ExpectedResult = ServerFail +HandshakeMode = PostHandshakeAuth + + +# =========================================================== + +[7-client-auth-TLSv1.3-require-fail-post-handshake] +ssl_conf = 7-client-auth-TLSv1.3-require-fail-post-handshake-ssl + +[7-client-auth-TLSv1.3-require-fail-post-handshake-ssl] +server = 7-client-auth-TLSv1.3-require-fail-post-handshake-server +client = 7-client-auth-TLSv1.3-require-fail-post-handshake-client + +[7-client-auth-TLSv1.3-require-fail-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = RequirePostHandshake + +[7-client-auth-TLSv1.3-require-fail-post-handshake-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-7] +ExpectedResult = ServerFail +HandshakeMode = PostHandshakeAuth + + +# =========================================================== + +[8-client-auth-TLSv1.3-require-post-handshake] +ssl_conf = 8-client-auth-TLSv1.3-require-post-handshake-ssl + +[8-client-auth-TLSv1.3-require-post-handshake-ssl] +server = 8-client-auth-TLSv1.3-require-post-handshake-server +client = 8-client-auth-TLSv1.3-require-post-handshake-client + +[8-client-auth-TLSv1.3-require-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientSignatureAlgorithms = PSS+SHA256 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = RequestPostHandshake + +[8-client-auth-TLSv1.3-require-post-handshake-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-8] +ExpectedClientCANames = empty +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA-PSS +ExpectedResult = Success +HandshakeMode = PostHandshakeAuth +client = 8-client-auth-TLSv1.3-require-post-handshake-client-extra + +[8-client-auth-TLSv1.3-require-post-handshake-client-extra] +EnablePHA = Yes + + +# =========================================================== + +[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake] +ssl_conf = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-ssl + +[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-ssl] +server = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-server +client = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client + +[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ClientSignatureAlgorithms = PSS+SHA256 +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem +VerifyMode = RequestPostHandshake + +[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-9] +ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem +ExpectedClientCertType = RSA +ExpectedClientSignHash = SHA256 +ExpectedClientSignType = RSA-PSS +ExpectedResult = Success +HandshakeMode = PostHandshakeAuth +client = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client-extra + +[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client-extra] +EnablePHA = Yes + + +# =========================================================== + +[10-client-auth-TLSv1.3-noroot-post-handshake] +ssl_conf = 10-client-auth-TLSv1.3-noroot-post-handshake-ssl + +[10-client-auth-TLSv1.3-noroot-post-handshake-ssl] +server = 10-client-auth-TLSv1.3-noroot-post-handshake-server +client = 10-client-auth-TLSv1.3-noroot-post-handshake-client + +[10-client-auth-TLSv1.3-noroot-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = RequirePostHandshake + +[10-client-auth-TLSv1.3-noroot-post-handshake-client] +Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-10] +ExpectedResult = ServerFail +ExpectedServerAlert = UnknownCA +HandshakeMode = PostHandshakeAuth +client = 10-client-auth-TLSv1.3-noroot-post-handshake-client-extra + +[10-client-auth-TLSv1.3-noroot-post-handshake-client-extra] +EnablePHA = Yes + + +# =========================================================== + +[11-client-auth-TLSv1.3-request-force-client-post-handshake] +ssl_conf = 11-client-auth-TLSv1.3-request-force-client-post-handshake-ssl + +[11-client-auth-TLSv1.3-request-force-client-post-handshake-ssl] +server = 11-client-auth-TLSv1.3-request-force-client-post-handshake-server +client = 11-client-auth-TLSv1.3-request-force-client-post-handshake-client + +[11-client-auth-TLSv1.3-request-force-client-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = RequestPostHandshake + +[11-client-auth-TLSv1.3-request-force-client-post-handshake-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-11] +ExpectedResult = Success +HandshakeMode = PostHandshakeAuth +client = 11-client-auth-TLSv1.3-request-force-client-post-handshake-client-extra + +[11-client-auth-TLSv1.3-request-force-client-post-handshake-client-extra] +EnablePHA = Yes + + +# =========================================================== + +[12-client-auth-TLSv1.3-request-force-server-post-handshake] +ssl_conf = 12-client-auth-TLSv1.3-request-force-server-post-handshake-ssl + +[12-client-auth-TLSv1.3-request-force-server-post-handshake-ssl] +server = 12-client-auth-TLSv1.3-request-force-server-post-handshake-server +client = 12-client-auth-TLSv1.3-request-force-server-post-handshake-client + +[12-client-auth-TLSv1.3-request-force-server-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = RequestPostHandshake + +[12-client-auth-TLSv1.3-request-force-server-post-handshake-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-12] +ExpectedResult = ClientFail +HandshakeMode = PostHandshakeAuth +server = 12-client-auth-TLSv1.3-request-force-server-post-handshake-server-extra + +[12-client-auth-TLSv1.3-request-force-server-post-handshake-server-extra] +ForcePHA = Yes + + +# =========================================================== + +[13-client-auth-TLSv1.3-request-force-both-post-handshake] +ssl_conf = 13-client-auth-TLSv1.3-request-force-both-post-handshake-ssl + +[13-client-auth-TLSv1.3-request-force-both-post-handshake-ssl] +server = 13-client-auth-TLSv1.3-request-force-both-post-handshake-server +client = 13-client-auth-TLSv1.3-request-force-both-post-handshake-client + +[13-client-auth-TLSv1.3-request-force-both-post-handshake-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +VerifyMode = RequestPostHandshake + +[13-client-auth-TLSv1.3-request-force-both-post-handshake-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-13] +ExpectedResult = Success +HandshakeMode = PostHandshakeAuth +server = 13-client-auth-TLSv1.3-request-force-both-post-handshake-server-extra +client = 13-client-auth-TLSv1.3-request-force-both-post-handshake-client-extra + +[13-client-auth-TLSv1.3-request-force-both-post-handshake-server-extra] +ForcePHA = Yes + +[13-client-auth-TLSv1.3-request-force-both-post-handshake-client-extra] +EnablePHA = Yes + + diff --git a/deps/openssl/openssl/test/ssl-tests/26-tls13_client_auth.conf.in b/deps/openssl/openssl/test/ssl-tests/26-tls13_client_auth.conf.in new file mode 100644 index 0000000000..018dd825be --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/26-tls13_client_auth.conf.in @@ -0,0 +1,302 @@ +# -*- mode: perl; -*- +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test TLSv1.3 certificate authentication +## Similar to 04-client_auth.conf.in output, but specific for +## TLSv1.3 and post-handshake authentication + +use strict; +use warnings; + +package ssltests; +use OpenSSL::Test::Utils; + +our @tests = ( + { + name => "server-auth-TLSv1.3", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + test => { + "ExpectedResult" => "Success", + }, + }, + { + name => "client-auth-TLSv1.3-request", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "Request", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + test => { + "ExpectedResult" => "Success", + }, + }, + { + name => "client-auth-TLSv1.3-require-fail", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Require", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + test => { + "ExpectedResult" => "ServerFail", + "ExpectedServerAlert" => "CertificateRequired", + }, + }, + { + name => "client-auth-TLSv1.3-require", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "ClientSignatureAlgorithms" => "PSS+SHA256", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Request", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "ExpectedResult" => "Success", + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignType" => "RSA-PSS", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientCANames" => "empty" + }, + }, + { + name => "client-auth-TLSv1.3-require-non-empty-names", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientCAFile" => test_pem("root-cert.pem"), + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "Request", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "ExpectedResult" => "Success", + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignType" => "RSA-PSS", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientCANames" => test_pem("root-cert.pem"), + }, + }, + { + name => "client-auth-TLSv1.3-noroot", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "Require", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + }, + test => { + "ExpectedResult" => "ServerFail", + "ExpectedServerAlert" => "UnknownCA", + }, + }, + { + name => "client-auth-TLSv1.3-request-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "RequestPostHandshake", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + test => { + "ExpectedResult" => "ServerFail", + "HandshakeMode" => "PostHandshakeAuth", + }, + }, + { + name => "client-auth-TLSv1.3-require-fail-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "RequirePostHandshake", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + test => { + "ExpectedResult" => "ServerFail", + "HandshakeMode" => "PostHandshakeAuth", + }, + }, + { + name => "client-auth-TLSv1.3-require-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "ClientSignatureAlgorithms" => "PSS+SHA256", + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "RequestPostHandshake", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + extra => { + "EnablePHA" => "Yes", + }, + }, + test => { + "ExpectedResult" => "Success", + "HandshakeMode" => "PostHandshakeAuth", + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignType" => "RSA-PSS", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientCANames" => "empty" + }, + }, + { + name => "client-auth-TLSv1.3-require-non-empty-names-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "ClientSignatureAlgorithms" => "PSS+SHA256", + "ClientCAFile" => test_pem("root-cert.pem"), + "VerifyCAFile" => test_pem("root-cert.pem"), + "VerifyMode" => "RequestPostHandshake", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + extra => { + "EnablePHA" => "Yes", + }, + }, + test => { + "ExpectedResult" => "Success", + "HandshakeMode" => "PostHandshakeAuth", + "ExpectedClientCertType" => "RSA", + "ExpectedClientSignType" => "RSA-PSS", + "ExpectedClientSignHash" => "SHA256", + "ExpectedClientCANames" => test_pem("root-cert.pem"), + }, + }, + { + name => "client-auth-TLSv1.3-noroot-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "RequirePostHandshake", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "Certificate" => test_pem("ee-client-chain.pem"), + "PrivateKey" => test_pem("ee-key.pem"), + extra => { + "EnablePHA" => "Yes", + }, + }, + test => { + "ExpectedResult" => "ServerFail", + "HandshakeMode" => "PostHandshakeAuth", + "ExpectedServerAlert" => "UnknownCA", + }, + }, + { + name => "client-auth-TLSv1.3-request-force-client-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "RequestPostHandshake", + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + extra => { + "EnablePHA" => "Yes", + }, + }, + test => { + "ExpectedResult" => "Success", + "HandshakeMode" => "PostHandshakeAuth", + }, + }, + { + name => "client-auth-TLSv1.3-request-force-server-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "RequestPostHandshake", + extra => { + "ForcePHA" => "Yes", + }, + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + }, + test => { + "ExpectedResult" => "ClientFail", + "HandshakeMode" => "PostHandshakeAuth", + }, + }, + { + name => "client-auth-TLSv1.3-request-force-both-post-handshake", + server => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + "VerifyMode" => "RequestPostHandshake", + extra => { + "ForcePHA" => "Yes", + }, + }, + client => { + "MinProtocol" => "TLSv1.3", + "MaxProtocol" => "TLSv1.3", + extra => { + "EnablePHA" => "Yes", + }, + }, + test => { + "ExpectedResult" => "Success", + "HandshakeMode" => "PostHandshakeAuth", + }, + }, +); diff --git a/deps/openssl/openssl/test/ssl-tests/27-ticket-appdata.conf b/deps/openssl/openssl/test/ssl-tests/27-ticket-appdata.conf new file mode 100644 index 0000000000..863ca7a901 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/27-ticket-appdata.conf @@ -0,0 +1,146 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 4 + +test-0 = 0-session-ticket-app-data12 +test-1 = 1-session-ticket-app-data12 +test-2 = 2-session-ticket-app-data13 +test-3 = 3-session-ticket-app-data13 +# =========================================================== + +[0-session-ticket-app-data12] +ssl_conf = 0-session-ticket-app-data12-ssl + +[0-session-ticket-app-data12-ssl] +server = 0-session-ticket-app-data12-server +client = 0-session-ticket-app-data12-client +resume-server = 0-session-ticket-app-data12-server +resume-client = 0-session-ticket-app-data12-client + +[0-session-ticket-app-data12-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-session-ticket-app-data12-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +Options = SessionTicket +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success +ExpectedSessionTicketAppData = HelloWorld +HandshakeMode = Resume +ResumptionExpected = Yes +SessionTicketExpected = Yes +server = 0-session-ticket-app-data12-server-extra +resume-server = 0-session-ticket-app-data12-server-extra + +[0-session-ticket-app-data12-server-extra] +SessionTicketAppData = HelloWorld + + +# =========================================================== + +[1-session-ticket-app-data12] +ssl_conf = 1-session-ticket-app-data12-ssl + +[1-session-ticket-app-data12-ssl] +server = 1-session-ticket-app-data12-server +client = 1-session-ticket-app-data12-client +resume-server = 1-session-ticket-app-data12-server +resume-client = 1-session-ticket-app-data12-client + +[1-session-ticket-app-data12-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[1-session-ticket-app-data12-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.2 +Options = SessionTicket +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success +ExpectedSessionTicketAppData = +HandshakeMode = Resume +ResumptionExpected = Yes +SessionTicketExpected = Yes + + +# =========================================================== + +[2-session-ticket-app-data13] +ssl_conf = 2-session-ticket-app-data13-ssl + +[2-session-ticket-app-data13-ssl] +server = 2-session-ticket-app-data13-server +client = 2-session-ticket-app-data13-client +resume-server = 2-session-ticket-app-data13-server +resume-client = 2-session-ticket-app-data13-client + +[2-session-ticket-app-data13-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[2-session-ticket-app-data13-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +Options = SessionTicket +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = Success +ExpectedSessionTicketAppData = HelloWorld +HandshakeMode = Resume +ResumptionExpected = Yes +SessionTicketExpected = Yes +server = 2-session-ticket-app-data13-server-extra +resume-server = 2-session-ticket-app-data13-server-extra + +[2-session-ticket-app-data13-server-extra] +SessionTicketAppData = HelloWorld + + +# =========================================================== + +[3-session-ticket-app-data13] +ssl_conf = 3-session-ticket-app-data13-ssl + +[3-session-ticket-app-data13-ssl] +server = 3-session-ticket-app-data13-server +client = 3-session-ticket-app-data13-client +resume-server = 3-session-ticket-app-data13-server +resume-client = 3-session-ticket-app-data13-client + +[3-session-ticket-app-data13-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +Options = SessionTicket +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[3-session-ticket-app-data13-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +Options = SessionTicket +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success +ExpectedSessionTicketAppData = +HandshakeMode = Resume +ResumptionExpected = Yes +SessionTicketExpected = Yes + + diff --git a/deps/openssl/openssl/test/ssl-tests/27-ticket-appdata.conf.in b/deps/openssl/openssl/test/ssl-tests/27-ticket-appdata.conf.in new file mode 100644 index 0000000000..ed919d9bae --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/27-ticket-appdata.conf.in @@ -0,0 +1,99 @@ +# -*- mode: perl; -*- +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## Test session ticket app data + +use strict; +use warnings; + +package ssltests; +use OpenSSL::Test::Utils; + +our @tests12 = ( + { + "name" => "session-ticket-app-data12", + "client" => { + "MaxProtocol" => "TLSv1.2", + "Options" => "SessionTicket", + }, + "server" => { + "Options" => "SessionTicket", + "extra" => { + "SessionTicketAppData" => "HelloWorld", + }, + }, + "test" => { + "HandshakeMode" => "Resume", + "ExpectedResult" => "Success", + "SessionTicketExpected" => "Yes", + "ResumptionExpected" => "Yes", + "ExpectedSessionTicketAppData" => "HelloWorld", + } + }, + { + "name" => "session-ticket-app-data12", + "client" => { + "MaxProtocol" => "TLSv1.2", + "Options" => "SessionTicket", + }, + "server" => { + "Options" => "SessionTicket", + }, + "test" => { + "HandshakeMode" => "Resume", + "ExpectedResult" => "Success", + "SessionTicketExpected" => "Yes", + "ResumptionExpected" => "Yes", + "ExpectedSessionTicketAppData" => "", + } + } +); +our @tests13 = ( + { + "name" => "session-ticket-app-data13", + "client" => { + "MaxProtocol" => "TLSv1.3", + "Options" => "SessionTicket", + }, + "server" => { + "Options" => "SessionTicket", + "extra" => { + "SessionTicketAppData" => "HelloWorld", + }, + }, + "test" => { + "HandshakeMode" => "Resume", + "ExpectedResult" => "Success", + "SessionTicketExpected" => "Yes", + "ResumptionExpected" => "Yes", + "ExpectedSessionTicketAppData" => "HelloWorld", + } + }, + { + "name" => "session-ticket-app-data13", + "client" => { + "MaxProtocol" => "TLSv1.3", + "Options" => "SessionTicket", + }, + "server" => { + "Options" => "SessionTicket", + }, + "test" => { + "HandshakeMode" => "Resume", + "ExpectedResult" => "Success", + "SessionTicketExpected" => "Yes", + "ResumptionExpected" => "Yes", + "ExpectedSessionTicketAppData" => "", + } + } +); + +our @tests = (); +push @tests, @tests12 unless disabled("tls1_2"); +push @tests, @tests13 unless disabled("tls1_3"); diff --git a/deps/openssl/openssl/test/ssl-tests/28-seclevel.conf b/deps/openssl/openssl/test/ssl-tests/28-seclevel.conf new file mode 100644 index 0000000000..f863f68b08 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/28-seclevel.conf @@ -0,0 +1,102 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 4 + +test-0 = 0-SECLEVEL 3 with default key +test-1 = 1-SECLEVEL 3 with ED448 key +test-2 = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE +test-3 = 3-SECLEVEL 3 with ED448 key, TLSv1.2 +# =========================================================== + +[0-SECLEVEL 3 with default key] +ssl_conf = 0-SECLEVEL 3 with default key-ssl + +[0-SECLEVEL 3 with default key-ssl] +server = 0-SECLEVEL 3 with default key-server +client = 0-SECLEVEL 3 with default key-client + +[0-SECLEVEL 3 with default key-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT:@SECLEVEL=3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem + +[0-SECLEVEL 3 with default key-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = ServerFail + + +# =========================================================== + +[1-SECLEVEL 3 with ED448 key] +ssl_conf = 1-SECLEVEL 3 with ED448 key-ssl + +[1-SECLEVEL 3 with ED448 key-ssl] +server = 1-SECLEVEL 3 with ED448 key-server +client = 1-SECLEVEL 3 with ED448 key-client + +[1-SECLEVEL 3 with ED448 key-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +CipherString = DEFAULT:@SECLEVEL=3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem + +[1-SECLEVEL 3 with ED448 key-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-1] +ExpectedResult = Success + + +# =========================================================== + +[2-SECLEVEL 3 with P-384 key, X25519 ECDHE] +ssl_conf = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl + +[2-SECLEVEL 3 with P-384 key, X25519 ECDHE-ssl] +server = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE-server +client = 2-SECLEVEL 3 with P-384 key, X25519 ECDHE-client + +[2-SECLEVEL 3 with P-384 key, X25519 ECDHE-server] +Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem +CipherString = DEFAULT:@SECLEVEL=3 +Groups = X25519 +PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem + +[2-SECLEVEL 3 with P-384 key, X25519 ECDHE-client] +CipherString = ECDHE:@SECLEVEL=3 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem +VerifyMode = Peer + +[test-2] +ExpectedResult = Success + + +# =========================================================== + +[3-SECLEVEL 3 with ED448 key, TLSv1.2] +ssl_conf = 3-SECLEVEL 3 with ED448 key, TLSv1.2-ssl + +[3-SECLEVEL 3 with ED448 key, TLSv1.2-ssl] +server = 3-SECLEVEL 3 with ED448 key, TLSv1.2-server +client = 3-SECLEVEL 3 with ED448 key, TLSv1.2-client + +[3-SECLEVEL 3 with ED448 key, TLSv1.2-server] +Certificate = ${ENV::TEST_CERTS_DIR}/server-ed448-cert.pem +CipherString = DEFAULT:@SECLEVEL=3 +MaxProtocol = TLSv1.2 +PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed448-key.pem + +[3-SECLEVEL 3 with ED448 key, TLSv1.2-client] +CipherString = DEFAULT +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-3] +ExpectedResult = Success + + diff --git a/deps/openssl/openssl/test/ssl-tests/28-seclevel.conf.in b/deps/openssl/openssl/test/ssl-tests/28-seclevel.conf.in new file mode 100644 index 0000000000..12b9021199 --- /dev/null +++ b/deps/openssl/openssl/test/ssl-tests/28-seclevel.conf.in @@ -0,0 +1,58 @@ +# -*- mode: perl; -*- +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## SSL test configurations + +package ssltests; +use OpenSSL::Test::Utils; + +our @tests = ( + { + name => "SECLEVEL 3 with default key", + server => { "CipherString" => "DEFAULT:\@SECLEVEL=3" }, + client => { }, + test => { "ExpectedResult" => "ServerFail" }, + }, +); + +our @tests_ec = ( + { + name => "SECLEVEL 3 with ED448 key", + server => { "CipherString" => "DEFAULT:\@SECLEVEL=3", + "Certificate" => test_pem("server-ed448-cert.pem"), + "PrivateKey" => test_pem("server-ed448-key.pem") }, + client => { }, + test => { "ExpectedResult" => "Success" }, + }, + { + name => "SECLEVEL 3 with P-384 key, X25519 ECDHE", + server => { "CipherString" => "DEFAULT:\@SECLEVEL=3", + "Certificate" => test_pem("p384-server-cert.pem"), + "PrivateKey" => test_pem("p384-server-key.pem"), + "Groups" => "X25519" }, + client => { "CipherString" => "ECDHE:\@SECLEVEL=3", + "VerifyCAFile" => test_pem("p384-root.pem") }, + test => { "ExpectedResult" => "Success" }, + }, +); + +our @tests_tls1_2 = ( + { + name => "SECLEVEL 3 with ED448 key, TLSv1.2", + server => { "CipherString" => "DEFAULT:\@SECLEVEL=3", + "Certificate" => test_pem("server-ed448-cert.pem"), + "PrivateKey" => test_pem("server-ed448-key.pem"), + "MaxProtocol" => "TLSv1.2" }, + client => { }, + test => { "ExpectedResult" => "Success" }, + }, +); + +push @tests, @tests_ec unless disabled("ec"); +push @tests, @tests_tls1_2 unless disabled("tls1_2") || disabled("ec"); diff --git a/deps/openssl/openssl/test/ssl-tests/protocol_version.pm b/deps/openssl/openssl/test/ssl-tests/protocol_version.pm index c711362949..943719e84a 100644 --- a/deps/openssl/openssl/test/ssl-tests/protocol_version.pm +++ b/deps/openssl/openssl/test/ssl-tests/protocol_version.pm @@ -1,5 +1,5 @@ # -*- mode: perl; -*- -# Copyright 2016-2016 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -17,15 +17,15 @@ use warnings; use List::Util qw/max min/; use OpenSSL::Test; -use OpenSSL::Test::Utils qw/anydisabled alldisabled/; +use OpenSSL::Test::Utils qw/anydisabled alldisabled disabled/; setup("no_test_here"); -my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"); +my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"); # undef stands for "no limit". -my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"); -my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", undef); +my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"); +my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef); -my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2"); +my @is_tls_disabled = anydisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3"); my $min_tls_enabled; my $max_tls_enabled; @@ -74,7 +74,7 @@ foreach my $i (0..$#dtls_protocols) { sub no_tests { my ($dtls) = @_; return $dtls ? alldisabled("dtls1", "dtls1_2") : - alldisabled("ssl3", "tls1", "tls1_1", "tls1_2"); + alldisabled("ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3"); } sub generate_version_tests { @@ -96,35 +96,72 @@ sub generate_version_tests { my @tests = (); - foreach my $c_min (0..$#min_protocols) { - my $c_max_min = $c_min == 0 ? 0 : $c_min - 1; - foreach my $c_max ($c_max_min..$#max_protocols) { - foreach my $s_min (0..$#min_protocols) { - my $s_max_min = $s_min == 0 ? 0 : $s_min - 1; - foreach my $s_max ($s_max_min..$#max_protocols) { - my ($result, $protocol) = - expected_result($c_min, $c_max, $s_min, $s_max, - $min_enabled, $max_enabled, \@protocols); - push @tests, { - "name" => "version-negotiation", - "client" => { - "MinProtocol" => $min_protocols[$c_min], - "MaxProtocol" => $max_protocols[$c_max], - }, - "server" => { - "MinProtocol" => $min_protocols[$s_min], - "MaxProtocol" => $max_protocols[$s_max], - }, - "test" => { - "ExpectedResult" => $result, - "ExpectedProtocol" => $protocol, - "Method" => $method, - } - }; + for (my $sctp = 0; $sctp < ($dtls && !disabled("sctp") ? 2 : 1); $sctp++) { + foreach my $c_min (0..$#min_protocols) { + my $c_max_min = $c_min == 0 ? 0 : $c_min - 1; + foreach my $c_max ($c_max_min..$#max_protocols) { + foreach my $s_min (0..$#min_protocols) { + my $s_max_min = $s_min == 0 ? 0 : $s_min - 1; + foreach my $s_max ($s_max_min..$#max_protocols) { + my ($result, $protocol) = + expected_result($c_min, $c_max, $s_min, $s_max, + $min_enabled, $max_enabled, + \@protocols); + push @tests, { + "name" => "version-negotiation", + "client" => { + "MinProtocol" => $min_protocols[$c_min], + "MaxProtocol" => $max_protocols[$c_max], + }, + "server" => { + "MinProtocol" => $min_protocols[$s_min], + "MaxProtocol" => $max_protocols[$s_max], + }, + "test" => { + "ExpectedResult" => $result, + "ExpectedProtocol" => $protocol, + "Method" => $method, + } + }; + $tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; + } } } } } + return @tests if disabled("tls1_3") || disabled("tls1_2") || $dtls; + + #Add some version/ciphersuite sanity check tests + push @tests, { + "name" => "ciphersuite-sanity-check-client", + "client" => { + #Offering only <=TLSv1.2 ciphersuites with TLSv1.3 should fail + "CipherString" => "AES128-SHA", + "Ciphersuites" => "", + }, + "server" => { + "MaxProtocol" => "TLSv1.2" + }, + "test" => { + "ExpectedResult" => "ClientFail", + } + }; + push @tests, { + "name" => "ciphersuite-sanity-check-server", + "client" => { + "CipherString" => "AES128-SHA", + "MaxProtocol" => "TLSv1.2" + }, + "server" => { + #Allowing only <=TLSv1.2 ciphersuites with TLSv1.3 should fail + "CipherString" => "AES128-SHA", + "Ciphersuites" => "", + }, + "test" => { + "ExpectedResult" => "ServerFail", + } + }; + return @tests; } @@ -137,6 +174,7 @@ sub generate_resumption_tests { my @protocols = $dtls ? @dtls_protocols : @tls_protocols; my $min_enabled = $dtls ? $min_dtls_enabled : $min_tls_enabled; + my $max_enabled = $dtls ? $max_dtls_enabled : $max_tls_enabled; if (no_tests($dtls)) { return; @@ -146,10 +184,10 @@ sub generate_resumption_tests { my @client_tests = (); # Obtain the first session against a fixed-version server/client. - foreach my $original_protocol($min_enabled..$#protocols) { + foreach my $original_protocol($min_enabled..$max_enabled) { # Upgrade or downgrade the server/client max version support and test # that it upgrades, downgrades or resumes the session as well. - foreach my $resume_protocol($min_enabled..$#protocols) { + foreach my $resume_protocol($min_enabled..$max_enabled) { my $resumption_expected; # We should only resume on exact version match. if ($original_protocol eq $resume_protocol) { @@ -158,50 +196,75 @@ sub generate_resumption_tests { $resumption_expected = "No"; } - foreach my $ticket ("SessionTicket", "-SessionTicket") { - # Client is flexible, server upgrades/downgrades. - push @server_tests, { - "name" => "resumption", - "client" => { }, - "server" => { - "MinProtocol" => $protocols[$original_protocol], - "MaxProtocol" => $protocols[$original_protocol], - "Options" => $ticket, - }, - "resume_server" => { - "MaxProtocol" => $protocols[$resume_protocol], - }, - "test" => { - "ExpectedProtocol" => $protocols[$resume_protocol], - "Method" => $method, - "HandshakeMode" => "Resume", - "ResumptionExpected" => $resumption_expected, - } - }; - # Server is flexible, client upgrades/downgrades. - push @client_tests, { - "name" => "resumption", - "client" => { - "MinProtocol" => $protocols[$original_protocol], - "MaxProtocol" => $protocols[$original_protocol], - }, - "server" => { - "Options" => $ticket, - }, - "resume_client" => { - "MaxProtocol" => $protocols[$resume_protocol], - }, - "test" => { - "ExpectedProtocol" => $protocols[$resume_protocol], - "Method" => $method, - "HandshakeMode" => "Resume", - "ResumptionExpected" => $resumption_expected, - } - }; + for (my $sctp = 0; $sctp < ($dtls && !disabled("sctp") ? 2 : 1); + $sctp++) { + foreach my $ticket ("SessionTicket", "-SessionTicket") { + # Client is flexible, server upgrades/downgrades. + push @server_tests, { + "name" => "resumption", + "client" => { }, + "server" => { + "MinProtocol" => $protocols[$original_protocol], + "MaxProtocol" => $protocols[$original_protocol], + "Options" => $ticket, + }, + "resume_server" => { + "MaxProtocol" => $protocols[$resume_protocol], + "Options" => $ticket, + }, + "test" => { + "ExpectedProtocol" => $protocols[$resume_protocol], + "Method" => $method, + "HandshakeMode" => "Resume", + "ResumptionExpected" => $resumption_expected, + } + }; + $server_tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; + # Server is flexible, client upgrades/downgrades. + push @client_tests, { + "name" => "resumption", + "client" => { + "MinProtocol" => $protocols[$original_protocol], + "MaxProtocol" => $protocols[$original_protocol], + }, + "server" => { + "Options" => $ticket, + }, + "resume_client" => { + "MaxProtocol" => $protocols[$resume_protocol], + }, + "test" => { + "ExpectedProtocol" => $protocols[$resume_protocol], + "Method" => $method, + "HandshakeMode" => "Resume", + "ResumptionExpected" => $resumption_expected, + } + }; + $client_tests[-1]{"test"}{"UseSCTP"} = "Yes" if $sctp; + } } } } + if (!disabled("tls1_3") && !$dtls) { + push @client_tests, { + "name" => "resumption-with-hrr", + "client" => { + }, + "server" => { + "Curves" => "P-256" + }, + "resume_client" => { + }, + "test" => { + "ExpectedProtocol" => "TLSv1.3", + "Method" => "TLS", + "HandshakeMode" => "Resume", + "ResumptionExpected" => "Yes", + } + }; + } + return (@server_tests, @client_tests); } @@ -224,9 +287,7 @@ sub expected_result { if ($c_min > $c_max) { # Client should fail to even send a hello. - # This results in an internal error since the server will be - # waiting for input that never arrives. - return ("InternalError", undef); + return ("ClientFail", undef); } elsif ($s_min > $s_max) { # Server has no protocols, should always fail. return ("ServerFail", undef); @@ -234,9 +295,16 @@ sub expected_result { # Server doesn't support the client range. return ("ServerFail", undef); } elsif ($c_min > $s_max) { - # Server will try with a version that is lower than the lowest - # supported client version. - return ("ClientFail", undef); + my @prots = @$protocols; + if ($prots[$c_max] eq "TLSv1.3") { + # Client will have sent supported_versions, so server will know + # that there are no overlapping versions. + return ("ServerFail", undef); + } else { + # Server will try with a version that is lower than the lowest + # supported client version. + return ("ClientFail", undef); + } } else { # Server and client ranges overlap. my $max_common = $s_max < $c_max ? $s_max : $c_max; diff --git a/deps/openssl/openssl/test/ssl_test.c b/deps/openssl/openssl/test/ssl_test.c index 2cbbddd6a9..7453a9d10e 100644 --- a/deps/openssl/openssl/test/ssl_test.c +++ b/deps/openssl/openssl/test/ssl_test.c @@ -23,18 +23,6 @@ static CONF *conf = NULL; /* Currently the section names are of the form test-<number>, e.g. test-15. */ #define MAX_TESTCASE_NAME_LENGTH 100 -typedef struct ssl_test_ctx_test_fixture { - const char *test_case_name; - char test_app[MAX_TESTCASE_NAME_LENGTH]; -} SSL_TEST_FIXTURE; - -static SSL_TEST_FIXTURE set_up(const char *const test_case_name) -{ - SSL_TEST_FIXTURE fixture; - fixture.test_case_name = test_case_name; - return fixture; -} - static const char *print_alert(int alert) { return alert ? SSL_alert_desc_string_long(alert) : "no alert"; @@ -42,10 +30,10 @@ static const char *print_alert(int alert) static int check_result(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { - if (result->result != test_ctx->expected_result) { - fprintf(stderr, "ExpectedResult mismatch: expected %s, got %s.\n", - ssl_test_result_name(test_ctx->expected_result), - ssl_test_result_name(result->result)); + if (!TEST_int_eq(result->result, test_ctx->expected_result)) { + TEST_info("ExpectedResult mismatch: expected %s, got %s.", + ssl_test_result_name(test_ctx->expected_result), + ssl_test_result_name(result->result)); return 0; } return 1; @@ -53,10 +41,11 @@ static int check_result(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { - if (result->client_alert_sent != result->client_alert_received) { - fprintf(stderr, "Client sent alert %s but server received %s\n.", - print_alert(result->client_alert_sent), - print_alert(result->client_alert_received)); + if (!TEST_int_eq(result->client_alert_sent, + result->client_alert_received)) { + TEST_info("Client sent alert %s but server received %s.", + print_alert(result->client_alert_sent), + print_alert(result->client_alert_received)); /* * We can't bail here because the peer doesn't always get far enough * to process a received alert. Specifically, in protocol version @@ -71,10 +60,11 @@ static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) /* return 0; */ } - if (result->server_alert_sent != result->server_alert_received) { - fprintf(stderr, "Server sent alert %s but client received %s\n.", - print_alert(result->server_alert_sent), - print_alert(result->server_alert_received)); + if (!TEST_int_eq(result->server_alert_sent, + result->server_alert_received)) { + TEST_info("Server sent alert %s but client received %s.", + print_alert(result->server_alert_sent), + print_alert(result->server_alert_received)); /* return 0; */ } @@ -86,47 +76,42 @@ static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) * where the low byte is the alert code and the high byte is other stuff. */ && (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) { - fprintf(stderr, "ClientAlert mismatch: expected %s, got %s.\n", - print_alert(test_ctx->expected_client_alert), - print_alert(result->client_alert_sent)); + TEST_error("ClientAlert mismatch: expected %s, got %s.", + print_alert(test_ctx->expected_client_alert), + print_alert(result->client_alert_sent)); return 0; } if (test_ctx->expected_server_alert && (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) { - fprintf(stderr, "ServerAlert mismatch: expected %s, got %s.\n", - print_alert(test_ctx->expected_server_alert), - print_alert(result->server_alert_sent)); + TEST_error("ServerAlert mismatch: expected %s, got %s.", + print_alert(test_ctx->expected_server_alert), + print_alert(result->server_alert_sent)); return 0; } - if (result->client_num_fatal_alerts_sent > 1) { - fprintf(stderr, "Client sent %d fatal alerts.\n", - result->client_num_fatal_alerts_sent); + if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1)) return 0; - } - if (result->server_num_fatal_alerts_sent > 1) { - fprintf(stderr, "Server sent %d alerts.\n", - result->server_num_fatal_alerts_sent); + if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1)) return 0; - } return 1; } static int check_protocol(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { - if (result->client_protocol != result->server_protocol) { - fprintf(stderr, "Client has protocol %s but server has %s\n.", - ssl_protocol_name(result->client_protocol), - ssl_protocol_name(result->server_protocol)); + if (!TEST_int_eq(result->client_protocol, result->server_protocol)) { + TEST_info("Client has protocol %s but server has %s.", + ssl_protocol_name(result->client_protocol), + ssl_protocol_name(result->server_protocol)); return 0; } if (test_ctx->expected_protocol) { - if (result->client_protocol != test_ctx->expected_protocol) { - fprintf(stderr, "Protocol mismatch: expected %s, got %s.\n", - ssl_protocol_name(test_ctx->expected_protocol), - ssl_protocol_name(result->client_protocol)); + if (!TEST_int_eq(result->client_protocol, + test_ctx->expected_protocol)) { + TEST_info("Protocol mismatch: expected %s, got %s.\n", + ssl_protocol_name(test_ctx->expected_protocol), + ssl_protocol_name(result->client_protocol)); return 0; } } @@ -135,10 +120,10 @@ static int check_protocol(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) static int check_servername(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { - if (result->servername != test_ctx->expected_servername) { - fprintf(stderr, "Client ServerName mismatch, expected %s, got %s\n.", - ssl_servername_name(test_ctx->expected_servername), - ssl_servername_name(result->servername)); + if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) { + TEST_info("Client ServerName mismatch, expected %s, got %s.", + ssl_servername_name(test_ctx->expected_servername), + ssl_servername_name(result->servername)); return 0; } return 1; @@ -148,25 +133,45 @@ static int check_session_ticket(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx { if (test_ctx->session_ticket_expected == SSL_TEST_SESSION_TICKET_IGNORE) return 1; - if (result->session_ticket != test_ctx->session_ticket_expected) { - fprintf(stderr, "Client SessionTicketExpected mismatch, expected %s, got %s\n.", - ssl_session_ticket_name(test_ctx->session_ticket_expected), - ssl_session_ticket_name(result->session_ticket)); + if (!TEST_int_eq(result->session_ticket, + test_ctx->session_ticket_expected)) { + TEST_info("Client SessionTicketExpected mismatch, expected %s, got %s.", + ssl_session_ticket_name(test_ctx->session_ticket_expected), + ssl_session_ticket_name(result->session_ticket)); + return 0; + } + return 1; +} + +static int check_session_id(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) +{ + if (test_ctx->session_id_expected == SSL_TEST_SESSION_ID_IGNORE) + return 1; + if (!TEST_int_eq(result->session_id, test_ctx->session_id_expected)) { + TEST_info("Client SessionIdExpected mismatch, expected %s, got %s\n.", + ssl_session_id_name(test_ctx->session_id_expected), + ssl_session_id_name(result->session_id)); return 0; } return 1; } +static int check_compression(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) +{ + if (!TEST_int_eq(result->compression, test_ctx->compression_expected)) + return 0; + return 1; +} #ifndef OPENSSL_NO_NEXTPROTONEG static int check_npn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { int ret = 1; - ret &= strings_equal("NPN Negotiated (client vs server)", - result->client_npn_negotiated, - result->server_npn_negotiated); - ret &= strings_equal("ExpectedNPNProtocol", - test_ctx->expected_npn_protocol, - result->client_npn_negotiated); + if (!TEST_str_eq(result->client_npn_negotiated, + result->server_npn_negotiated)) + ret = 0; + if (!TEST_str_eq(test_ctx->expected_npn_protocol, + result->client_npn_negotiated)) + ret = 0; return ret; } #endif @@ -174,39 +179,176 @@ static int check_npn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) static int check_alpn(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { int ret = 1; - ret &= strings_equal("ALPN Negotiated (client vs server)", - result->client_alpn_negotiated, - result->server_alpn_negotiated); - ret &= strings_equal("ExpectedALPNProtocol", - test_ctx->expected_alpn_protocol, - result->client_alpn_negotiated); + if (!TEST_str_eq(result->client_alpn_negotiated, + result->server_alpn_negotiated)) + ret = 0; + if (!TEST_str_eq(test_ctx->expected_alpn_protocol, + result->client_alpn_negotiated)) + ret = 0; return ret; } +static int check_session_ticket_app_data(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + size_t result_len = 0; + size_t expected_len = 0; + + /* consider empty and NULL strings to be the same */ + if (result->result_session_ticket_app_data != NULL) + result_len = strlen(result->result_session_ticket_app_data); + if (test_ctx->expected_session_ticket_app_data != NULL) + expected_len = strlen(test_ctx->expected_session_ticket_app_data); + if (result_len == 0 && expected_len == 0) + return 1; + + if (!TEST_str_eq(result->result_session_ticket_app_data, + test_ctx->expected_session_ticket_app_data)) + return 0; + + return 1; +} + static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { - if (result->client_resumed != result->server_resumed) { - fprintf(stderr, "Resumption mismatch (client vs server): %d vs %d\n", - result->client_resumed, result->server_resumed); + if (!TEST_int_eq(result->client_resumed, result->server_resumed)) return 0; - } - if (result->client_resumed != test_ctx->resumption_expected) { - fprintf(stderr, "ResumptionExpected mismatch: %d vs %d\n", - test_ctx->resumption_expected, result->client_resumed); + if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected)) return 0; + return 1; +} + +static int check_nid(const char *name, int expected_nid, int nid) +{ + if (expected_nid == 0 || expected_nid == nid) + return 1; + TEST_error("%s type mismatch, %s vs %s\n", + name, OBJ_nid2ln(expected_nid), + nid == NID_undef ? "absent" : OBJ_nid2ln(nid)); + return 0; +} + +static void print_ca_names(STACK_OF(X509_NAME) *names) +{ + int i; + + if (names == NULL || sk_X509_NAME_num(names) == 0) { + TEST_note(" <empty>"); + return; + } + for (i = 0; i < sk_X509_NAME_num(names); i++) { + X509_NAME_print_ex(bio_err, sk_X509_NAME_value(names, i), 4, + XN_FLAG_ONELINE); + BIO_puts(bio_err, "\n"); + } +} + +static int check_ca_names(const char *name, + STACK_OF(X509_NAME) *expected_names, + STACK_OF(X509_NAME) *names) +{ + int i; + + if (expected_names == NULL) + return 1; + if (names == NULL || sk_X509_NAME_num(names) == 0) { + if (TEST_int_eq(sk_X509_NAME_num(expected_names), 0)) + return 1; + goto err; + } + if (sk_X509_NAME_num(names) != sk_X509_NAME_num(expected_names)) + goto err; + for (i = 0; i < sk_X509_NAME_num(names); i++) { + if (!TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(names, i), + sk_X509_NAME_value(expected_names, i)), + 0)) { + goto err; + } } return 1; +err: + TEST_info("%s: list mismatch", name); + TEST_note("Expected Names:"); + print_ca_names(expected_names); + TEST_note("Received Names:"); + print_ca_names(names); + return 0; } static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { - if (test_ctx->expected_tmp_key_type == 0 - || test_ctx->expected_tmp_key_type == result->tmp_key_type) + return check_nid("Tmp key", test_ctx->expected_tmp_key_type, + result->tmp_key_type); +} + +static int check_server_cert_type(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_nid("Server certificate", test_ctx->expected_server_cert_type, + result->server_cert_type); +} + +static int check_server_sign_hash(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_nid("Server signing hash", test_ctx->expected_server_sign_hash, + result->server_sign_hash); +} + +static int check_server_sign_type(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_nid("Server signing", test_ctx->expected_server_sign_type, + result->server_sign_type); +} + +static int check_server_ca_names(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_ca_names("Server CA names", + test_ctx->expected_server_ca_names, + result->server_ca_names); +} + +static int check_client_cert_type(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_nid("Client certificate", test_ctx->expected_client_cert_type, + result->client_cert_type); +} + +static int check_client_sign_hash(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_nid("Client signing hash", test_ctx->expected_client_sign_hash, + result->client_sign_hash); +} + +static int check_client_sign_type(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_nid("Client signing", test_ctx->expected_client_sign_type, + result->client_sign_type); +} + +static int check_client_ca_names(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_ca_names("Client CA names", + test_ctx->expected_client_ca_names, + result->client_ca_names); +} + +static int check_cipher(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) +{ + if (test_ctx->expected_cipher == NULL) return 1; - fprintf(stderr, "Tmp key type mismatch, %s vs %s\n", - OBJ_nid2ln(test_ctx->expected_tmp_key_type), - OBJ_nid2ln(result->tmp_key_type)); - return 0; + if (!TEST_ptr(result->cipher)) + return 0; + if (!TEST_str_eq(test_ctx->expected_cipher, + result->cipher)) + return 0; + return 1; } /* @@ -223,80 +365,117 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) ret &= check_protocol(result, test_ctx); ret &= check_servername(result, test_ctx); ret &= check_session_ticket(result, test_ctx); + ret &= check_compression(result, test_ctx); + ret &= check_session_id(result, test_ctx); ret &= (result->session_ticket_do_not_call == 0); #ifndef OPENSSL_NO_NEXTPROTONEG ret &= check_npn(result, test_ctx); #endif + ret &= check_cipher(result, test_ctx); ret &= check_alpn(result, test_ctx); + ret &= check_session_ticket_app_data(result, test_ctx); ret &= check_resumption(result, test_ctx); ret &= check_tmp_key(result, test_ctx); + ret &= check_server_cert_type(result, test_ctx); + ret &= check_server_sign_hash(result, test_ctx); + ret &= check_server_sign_type(result, test_ctx); + ret &= check_server_ca_names(result, test_ctx); + ret &= check_client_cert_type(result, test_ctx); + ret &= check_client_sign_hash(result, test_ctx); + ret &= check_client_sign_type(result, test_ctx); + ret &= check_client_ca_names(result, test_ctx); } return ret; } -static int execute_test(SSL_TEST_FIXTURE fixture) +static int test_handshake(int idx) { int ret = 0; SSL_CTX *server_ctx = NULL, *server2_ctx = NULL, *client_ctx = NULL, *resume_server_ctx = NULL, *resume_client_ctx = NULL; SSL_TEST_CTX *test_ctx = NULL; HANDSHAKE_RESULT *result = NULL; + char test_app[MAX_TESTCASE_NAME_LENGTH]; - test_ctx = SSL_TEST_CTX_create(conf, fixture.test_app); - if (test_ctx == NULL) + BIO_snprintf(test_app, sizeof(test_app), "test-%d", idx); + + test_ctx = SSL_TEST_CTX_create(conf, test_app); + if (!TEST_ptr(test_ctx)) goto err; #ifndef OPENSSL_NO_DTLS if (test_ctx->method == SSL_TEST_METHOD_DTLS) { server_ctx = SSL_CTX_new(DTLS_server_method()); - TEST_check(SSL_CTX_set_max_proto_version(server_ctx, DTLS_MAX_VERSION)); + if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, + DTLS_MAX_VERSION))) + goto err; if (test_ctx->extra.server.servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { - server2_ctx = SSL_CTX_new(DTLS_server_method()); - TEST_check(server2_ctx != NULL); + if (!TEST_ptr(server2_ctx = SSL_CTX_new(DTLS_server_method()))) + goto err; } client_ctx = SSL_CTX_new(DTLS_client_method()); - TEST_check(SSL_CTX_set_max_proto_version(client_ctx, DTLS_MAX_VERSION)); + if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, + DTLS_MAX_VERSION))) + goto err; if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { resume_server_ctx = SSL_CTX_new(DTLS_server_method()); - TEST_check(SSL_CTX_set_max_proto_version(resume_server_ctx, - DTLS_MAX_VERSION)); + if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, + DTLS_MAX_VERSION))) + goto err; resume_client_ctx = SSL_CTX_new(DTLS_client_method()); - TEST_check(SSL_CTX_set_max_proto_version(resume_client_ctx, - DTLS_MAX_VERSION)); - TEST_check(resume_server_ctx != NULL); - TEST_check(resume_client_ctx != NULL); + if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, + DTLS_MAX_VERSION))) + goto err; + if (!TEST_ptr(resume_server_ctx) + || !TEST_ptr(resume_client_ctx)) + goto err; } } #endif if (test_ctx->method == SSL_TEST_METHOD_TLS) { server_ctx = SSL_CTX_new(TLS_server_method()); - TEST_check(SSL_CTX_set_max_proto_version(server_ctx, TLS_MAX_VERSION)); + if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, + TLS_MAX_VERSION))) + goto err; /* SNI on resumption isn't supported/tested yet. */ if (test_ctx->extra.server.servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { - server2_ctx = SSL_CTX_new(TLS_server_method()); - TEST_check(server2_ctx != NULL); + if (!TEST_ptr(server2_ctx = SSL_CTX_new(TLS_server_method()))) + goto err; + if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, + TLS_MAX_VERSION))) + goto err; } client_ctx = SSL_CTX_new(TLS_client_method()); - TEST_check(SSL_CTX_set_max_proto_version(client_ctx, TLS_MAX_VERSION)); + if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, + TLS_MAX_VERSION))) + goto err; if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { resume_server_ctx = SSL_CTX_new(TLS_server_method()); - TEST_check(SSL_CTX_set_max_proto_version(resume_server_ctx, - TLS_MAX_VERSION)); + if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, + TLS_MAX_VERSION))) + goto err; resume_client_ctx = SSL_CTX_new(TLS_client_method()); - TEST_check(SSL_CTX_set_max_proto_version(resume_client_ctx, - TLS_MAX_VERSION)); - TEST_check(resume_server_ctx != NULL); - TEST_check(resume_client_ctx != NULL); + if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, + TLS_MAX_VERSION))) + goto err; + if (!TEST_ptr(resume_server_ctx) + || !TEST_ptr(resume_client_ctx)) + goto err; } } - TEST_check(server_ctx != NULL); - TEST_check(client_ctx != NULL); +#ifdef OPENSSL_NO_AUTOLOAD_CONFIG + if (!TEST_true(OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL))) + goto err; +#endif - TEST_check(CONF_modules_load(conf, fixture.test_app, 0) > 0); + if (!TEST_ptr(server_ctx) + || !TEST_ptr(client_ctx) + || !TEST_int_gt(CONF_modules_load(conf, test_app, 0), 0)) + goto err; if (!SSL_CTX_config(server_ctx, "server") || !SSL_CTX_config(client_ctx, "client")) { @@ -315,7 +494,8 @@ static int execute_test(SSL_TEST_FIXTURE fixture) result = do_handshake(server_ctx, server2_ctx, client_ctx, resume_server_ctx, resume_client_ctx, test_ctx); - ret = check_test(result, test_ctx); + if (result != NULL) + ret = check_test(result, test_ctx); err: CONF_modules_unload(0); @@ -325,47 +505,26 @@ err: SSL_CTX_free(resume_server_ctx); SSL_CTX_free(resume_client_ctx); SSL_TEST_CTX_free(test_ctx); - if (ret != 1) - ERR_print_errors_fp(stderr); HANDSHAKE_RESULT_free(result); return ret; } -static void tear_down(SSL_TEST_FIXTURE fixture) +int setup_tests(void) { -} + long num_tests; -#define SETUP_SSL_TEST_FIXTURE() \ - SETUP_TEST_FIXTURE(SSL_TEST_FIXTURE, set_up) -#define EXECUTE_SSL_TEST() \ - EXECUTE_TEST(execute_test, tear_down) + if (!TEST_ptr(conf = NCONF_new(NULL)) + /* argv[1] should point to the test conf file */ + || !TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0) + || !TEST_int_ne(NCONF_get_number_e(conf, NULL, "num_tests", + &num_tests), 0)) + return 0; -static int test_handshake(int idx) -{ - SETUP_SSL_TEST_FIXTURE(); - BIO_snprintf(fixture.test_app, sizeof(fixture.test_app), - "test-%d", idx); - EXECUTE_SSL_TEST(); + ADD_ALL_TESTS(test_handshake, (int)num_tests); + return 1; } -int main(int argc, char **argv) +void cleanup_tests(void) { - int result = 0; - long num_tests; - - if (argc != 2) - return 1; - - conf = NCONF_new(NULL); - TEST_check(conf != NULL); - - /* argv[1] should point to the test conf file */ - TEST_check(NCONF_load(conf, argv[1], NULL) > 0); - - TEST_check(NCONF_get_number_e(conf, NULL, "num_tests", &num_tests)); - - ADD_ALL_TESTS(test_handshake, (int)(num_tests)); - result = run_tests(argv[0]); - - return result; + NCONF_free(conf); } diff --git a/deps/openssl/openssl/test/ssl_test_ctx.c b/deps/openssl/openssl/test/ssl_test_ctx.c index 28ee5c701b..753338530d 100644 --- a/deps/openssl/openssl/test/ssl_test_ctx.c +++ b/deps/openssl/openssl/test/ssl_test_ctx.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -12,10 +12,14 @@ #include <openssl/e_os2.h> #include <openssl/crypto.h> -#include "e_os.h" +#include "internal/nelem.h" #include "ssl_test_ctx.h" #include "testutil.h" +#ifdef OPENSSL_SYS_WINDOWS +# define strcasecmp _stricmp +#endif + static const int default_app_data_size = 256; /* Default set to be as small as possible to exercise fragmentation. */ static const int default_max_fragment_size = 512; @@ -30,6 +34,7 @@ static int parse_boolean(const char *value, int *result) *result = 0; return 1; } + TEST_error("parse_boolean given: '%s'", value); return 0; } @@ -44,8 +49,7 @@ static int parse_boolean(const char *value, int *result) { \ OPENSSL_free(ctx->field); \ ctx->field = OPENSSL_strdup(value); \ - TEST_check(ctx->field != NULL); \ - return 1; \ + return TEST_ptr(ctx->field); \ } #define IMPLEMENT_SSL_TEST_INT_OPTION(struct_type, name, field) \ @@ -95,6 +99,7 @@ static const test_enum ssl_test_results[] = { {"ServerFail", SSL_TEST_SERVER_FAIL}, {"ClientFail", SSL_TEST_CLIENT_FAIL}, {"InternalError", SSL_TEST_INTERNAL_ERROR}, + {"FirstHandshakeFailed", SSL_TEST_FIRST_HANDSHAKE_FAILED}, }; __owur static int parse_expected_result(SSL_TEST_CTX *test_ctx, const char *value) @@ -121,6 +126,7 @@ static const test_enum ssl_alerts[] = { {"UnrecognizedName", SSL_AD_UNRECOGNIZED_NAME}, {"BadCertificate", SSL_AD_BAD_CERTIFICATE}, {"NoApplicationProtocol", SSL_AD_NO_APPLICATION_PROTOCOL}, + {"CertificateRequired", SSL_AD_CERTIFICATE_REQUIRED}, }; __owur static int parse_alert(int *alert, const char *value) @@ -146,6 +152,7 @@ const char *ssl_alert_name(int alert) /* ExpectedProtocol */ static const test_enum ssl_protocols[] = { + {"TLSv1.3", TLS1_3_VERSION}, {"TLSv1.2", TLS1_2_VERSION}, {"TLSv1.1", TLS1_1_VERSION}, {"TLSv1", TLS1_VERSION}, @@ -236,6 +243,11 @@ static const test_enum ssl_servername_callbacks[] = { {"None", SSL_TEST_SERVERNAME_CB_NONE}, {"IgnoreMismatch", SSL_TEST_SERVERNAME_IGNORE_MISMATCH}, {"RejectMismatch", SSL_TEST_SERVERNAME_REJECT_MISMATCH}, + {"ClientHelloIgnoreMismatch", + SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH}, + {"ClientHelloRejectMismatch", + SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH}, + {"ClientHelloNoV12", SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12}, }; __owur static int parse_servername_callback(SSL_TEST_SERVER_CONF *server_conf, @@ -282,6 +294,36 @@ const char *ssl_session_ticket_name(ssl_session_ticket_t server) server); } +/* CompressionExpected */ + +IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CTX, test, compression_expected) + +/* SessionIdExpected */ + +static const test_enum ssl_session_id[] = { + {"Ignore", SSL_TEST_SESSION_ID_IGNORE}, + {"Yes", SSL_TEST_SESSION_ID_YES}, + {"No", SSL_TEST_SESSION_ID_NO}, +}; + +__owur static int parse_session_id(SSL_TEST_CTX *test_ctx, const char *value) +{ + int ret_value; + if (!parse_enum(ssl_session_id, OSSL_NELEM(ssl_session_id), + &ret_value, value)) { + return 0; + } + test_ctx->session_id_expected = ret_value; + return 1; +} + +const char *ssl_session_id_name(ssl_session_id_t server) +{ + return enum_name(ssl_session_id, + OSSL_NELEM(ssl_session_id), + server); +} + /* Method */ static const test_enum ssl_test_methods[] = { @@ -314,6 +356,16 @@ IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CLIENT_CONF, client, alpn_protocols) IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_SERVER_CONF, server, alpn_protocols) IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CTX, test, expected_alpn_protocol) +/* SRP options */ +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CLIENT_CONF, client, srp_user) +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_SERVER_CONF, server, srp_user) +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CLIENT_CONF, client, srp_password) +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_SERVER_CONF, server, srp_password) + +/* Session Ticket App Data options */ +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CTX, test, expected_session_ticket_app_data) +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_SERVER_CONF, server, session_ticket_app_data) + /* Handshake mode */ static const test_enum ssl_handshake_modes[] = { @@ -321,6 +373,9 @@ static const test_enum ssl_handshake_modes[] = { {"Resume", SSL_TEST_HANDSHAKE_RESUME}, {"RenegotiateServer", SSL_TEST_HANDSHAKE_RENEG_SERVER}, {"RenegotiateClient", SSL_TEST_HANDSHAKE_RENEG_CLIENT}, + {"KeyUpdateServer", SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER}, + {"KeyUpdateClient", SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT}, + {"PostHandshakeAuth", SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH}, }; __owur static int parse_handshake_mode(SSL_TEST_CTX *test_ctx, const char *value) @@ -344,6 +399,24 @@ const char *ssl_handshake_mode_name(ssl_handshake_mode_t mode) IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CLIENT_CONF, client, reneg_ciphers) +/* KeyUpdateType */ + +static const test_enum ssl_key_update_types[] = { + {"KeyUpdateRequested", SSL_KEY_UPDATE_REQUESTED}, + {"KeyUpdateNotRequested", SSL_KEY_UPDATE_NOT_REQUESTED}, +}; + +__owur static int parse_key_update_type(SSL_TEST_CTX *test_ctx, const char *value) +{ + int ret_value; + if (!parse_enum(ssl_key_update_types, OSSL_NELEM(ssl_key_update_types), + &ret_value, value)) { + return 0; + } + test_ctx->key_update_type = ret_value; + return 1; +} + /* CT Validation */ static const test_enum ssl_ct_validation_modes[] = { @@ -372,6 +445,7 @@ const char *ssl_ct_validation_name(ssl_ct_validation_t mode) IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CTX, test, resumption_expected) IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_SERVER_CONF, server, broken_session_ticket) +IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CTX, test, use_sctp) /* CertStatus */ @@ -408,17 +482,49 @@ IMPLEMENT_SSL_TEST_INT_OPTION(SSL_TEST_CTX, test, app_data_size) IMPLEMENT_SSL_TEST_INT_OPTION(SSL_TEST_CTX, test, max_fragment_size) +/* Maximum-Fragment-Length TLS extension mode */ +static const test_enum ssl_max_fragment_len_mode[] = { + {"None", TLSEXT_max_fragment_length_DISABLED}, + { "512", TLSEXT_max_fragment_length_512}, + {"1024", TLSEXT_max_fragment_length_1024}, + {"2048", TLSEXT_max_fragment_length_2048}, + {"4096", TLSEXT_max_fragment_length_4096} +}; -/* ExpectedTmpKeyType */ - -__owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx, +__owur static int parse_max_fragment_len_mode(SSL_TEST_CLIENT_CONF *client_conf, const char *value) { + int ret_value; + + if (!parse_enum(ssl_max_fragment_len_mode, + OSSL_NELEM(ssl_max_fragment_len_mode), &ret_value, value)) { + return 0; + } + client_conf->max_fragment_len_mode = ret_value; + return 1; +} + +const char *ssl_max_fragment_len_name(int MFL_mode) +{ + return enum_name(ssl_max_fragment_len_mode, + OSSL_NELEM(ssl_max_fragment_len_mode), MFL_mode); +} + + +/* Expected key and signature types */ + +__owur static int parse_expected_key_type(int *ptype, const char *value) +{ int nid; + const EVP_PKEY_ASN1_METHOD *ameth; if (value == NULL) return 0; - nid = OBJ_sn2nid(value); + ameth = EVP_PKEY_asn1_find_str(NULL, value, -1); + if (ameth != NULL) + EVP_PKEY_asn1_get0_info(&nid, NULL, NULL, NULL, NULL, ameth); + else + nid = OBJ_sn2nid(value); if (nid == NID_undef) nid = OBJ_ln2nid(value); #ifndef OPENSSL_NO_EC @@ -427,10 +533,107 @@ __owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx, #endif if (nid == NID_undef) return 0; - test_ctx->expected_tmp_key_type = nid; + *ptype = nid; return 1; } +__owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_key_type(&test_ctx->expected_tmp_key_type, value); +} + +__owur static int parse_expected_server_cert_type(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_key_type(&test_ctx->expected_server_cert_type, + value); +} + +__owur static int parse_expected_server_sign_type(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_key_type(&test_ctx->expected_server_sign_type, + value); +} + +__owur static int parse_expected_client_cert_type(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_key_type(&test_ctx->expected_client_cert_type, + value); +} + +__owur static int parse_expected_client_sign_type(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_key_type(&test_ctx->expected_client_sign_type, + value); +} + + +/* Expected signing hash */ + +__owur static int parse_expected_sign_hash(int *ptype, const char *value) +{ + int nid; + + if (value == NULL) + return 0; + nid = OBJ_sn2nid(value); + if (nid == NID_undef) + nid = OBJ_ln2nid(value); + if (nid == NID_undef) + return 0; + *ptype = nid; + return 1; +} + +__owur static int parse_expected_server_sign_hash(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_sign_hash(&test_ctx->expected_server_sign_hash, + value); +} + +__owur static int parse_expected_client_sign_hash(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_sign_hash(&test_ctx->expected_client_sign_hash, + value); +} + +__owur static int parse_expected_ca_names(STACK_OF(X509_NAME) **pnames, + const char *value) +{ + if (value == NULL) + return 0; + if (!strcmp(value, "empty")) + *pnames = sk_X509_NAME_new_null(); + else + *pnames = SSL_load_client_CA_file(value); + return *pnames != NULL; +} +__owur static int parse_expected_server_ca_names(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_ca_names(&test_ctx->expected_server_ca_names, value); +} +__owur static int parse_expected_client_ca_names(SSL_TEST_CTX *test_ctx, + const char *value) +{ + return parse_expected_ca_names(&test_ctx->expected_client_ca_names, value); +} + +/* ExpectedCipher */ + +IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CTX, test, expected_cipher) + +/* Client and Server PHA */ + +IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CLIENT_CONF, client, enable_pha) +IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_SERVER_CONF, server, force_pha) + /* Known test options and their corresponding parse methods. */ /* Top-level options. */ @@ -446,14 +649,28 @@ static const ssl_test_ctx_option ssl_test_ctx_options[] = { { "ExpectedProtocol", &parse_protocol }, { "ExpectedServerName", &parse_expected_servername }, { "SessionTicketExpected", &parse_session_ticket }, + { "CompressionExpected", &parse_test_compression_expected }, + { "SessionIdExpected", &parse_session_id }, { "Method", &parse_test_method }, { "ExpectedNPNProtocol", &parse_test_expected_npn_protocol }, { "ExpectedALPNProtocol", &parse_test_expected_alpn_protocol }, { "HandshakeMode", &parse_handshake_mode }, + { "KeyUpdateType", &parse_key_update_type }, { "ResumptionExpected", &parse_test_resumption_expected }, { "ApplicationData", &parse_test_app_data_size }, { "MaxFragmentSize", &parse_test_max_fragment_size }, { "ExpectedTmpKeyType", &parse_expected_tmp_key_type }, + { "ExpectedServerCertType", &parse_expected_server_cert_type }, + { "ExpectedServerSignHash", &parse_expected_server_sign_hash }, + { "ExpectedServerSignType", &parse_expected_server_sign_type }, + { "ExpectedServerCANames", &parse_expected_server_ca_names }, + { "ExpectedClientCertType", &parse_expected_client_cert_type }, + { "ExpectedClientSignHash", &parse_expected_client_sign_hash }, + { "ExpectedClientSignType", &parse_expected_client_sign_type }, + { "ExpectedClientCANames", &parse_expected_client_ca_names }, + { "UseSCTP", &parse_test_use_sctp }, + { "ExpectedCipher", &parse_test_expected_cipher }, + { "ExpectedSessionTicketAppData", &parse_test_expected_session_ticket_app_data }, }; /* Nested client options. */ @@ -469,6 +686,10 @@ static const ssl_test_client_option ssl_test_client_options[] = { { "ALPNProtocols", &parse_client_alpn_protocols }, { "CTValidation", &parse_ct_validation }, { "RenegotiateCiphers", &parse_client_reneg_ciphers}, + { "SRPUser", &parse_client_srp_user }, + { "SRPPassword", &parse_client_srp_password }, + { "MaxFragmentLenExt", &parse_max_fragment_len_mode }, + { "EnablePHA", &parse_client_enable_pha }, }; /* Nested server options. */ @@ -483,19 +704,21 @@ static const ssl_test_server_option ssl_test_server_options[] = { { "ALPNProtocols", &parse_server_alpn_protocols }, { "BrokenSessionTicket", &parse_server_broken_session_ticket }, { "CertStatus", &parse_certstatus }, + { "SRPUser", &parse_server_srp_user }, + { "SRPPassword", &parse_server_srp_password }, + { "ForcePHA", &parse_server_force_pha }, + { "SessionTicketAppData", &parse_server_session_ticket_app_data }, }; -/* - * Since these methods are used to create tests, we use TEST_check liberally - * for malloc failures and other internal errors. - */ -SSL_TEST_CTX *SSL_TEST_CTX_new() +SSL_TEST_CTX *SSL_TEST_CTX_new(void) { SSL_TEST_CTX *ret; - ret = OPENSSL_zalloc(sizeof(*ret)); - TEST_check(ret != NULL); - ret->app_data_size = default_app_data_size; - ret->max_fragment_size = default_max_fragment_size; + + /* The return code is checked by caller */ + if ((ret = OPENSSL_zalloc(sizeof(*ret))) != NULL) { + ret->app_data_size = default_app_data_size; + ret->max_fragment_size = default_max_fragment_size; + } return ret; } @@ -508,6 +731,14 @@ static void ssl_test_extra_conf_free_data(SSL_TEST_EXTRA_CONF *conf) OPENSSL_free(conf->server.alpn_protocols); OPENSSL_free(conf->server2.alpn_protocols); OPENSSL_free(conf->client.reneg_ciphers); + OPENSSL_free(conf->server.srp_user); + OPENSSL_free(conf->server.srp_password); + OPENSSL_free(conf->server2.srp_user); + OPENSSL_free(conf->server2.srp_password); + OPENSSL_free(conf->client.srp_user); + OPENSSL_free(conf->client.srp_password); + OPENSSL_free(conf->server.session_ticket_app_data); + OPENSSL_free(conf->server2.session_ticket_app_data); } static void ssl_test_ctx_free_extra_data(SSL_TEST_CTX *ctx) @@ -521,6 +752,10 @@ void SSL_TEST_CTX_free(SSL_TEST_CTX *ctx) ssl_test_ctx_free_extra_data(ctx); OPENSSL_free(ctx->expected_npn_protocol); OPENSSL_free(ctx->expected_alpn_protocol); + OPENSSL_free(ctx->expected_session_ticket_app_data); + sk_X509_NAME_pop_free(ctx->expected_server_ca_names, X509_NAME_free); + sk_X509_NAME_pop_free(ctx->expected_client_ca_names, X509_NAME_free); + OPENSSL_free(ctx->expected_cipher); OPENSSL_free(ctx); } @@ -531,8 +766,8 @@ static int parse_client_options(SSL_TEST_CLIENT_CONF *client, const CONF *conf, int i; size_t j; - sk_conf = NCONF_get_section(conf, client_section); - TEST_check(sk_conf != NULL); + if (!TEST_ptr(sk_conf = NCONF_get_section(conf, client_section))) + return 0; for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) { int found = 0; @@ -540,8 +775,8 @@ static int parse_client_options(SSL_TEST_CLIENT_CONF *client, const CONF *conf, for (j = 0; j < OSSL_NELEM(ssl_test_client_options); j++) { if (strcmp(option->name, ssl_test_client_options[j].name) == 0) { if (!ssl_test_client_options[j].parse(client, option->value)) { - fprintf(stderr, "Bad value %s for option %s\n", - option->value, option->name); + TEST_info("Bad value %s for option %s", + option->value, option->name); return 0; } found = 1; @@ -549,7 +784,7 @@ static int parse_client_options(SSL_TEST_CLIENT_CONF *client, const CONF *conf, } } if (!found) { - fprintf(stderr, "Unknown test option: %s\n", option->name); + TEST_info("Unknown test option: %s", option->name); return 0; } } @@ -564,8 +799,8 @@ static int parse_server_options(SSL_TEST_SERVER_CONF *server, const CONF *conf, int i; size_t j; - sk_conf = NCONF_get_section(conf, server_section); - TEST_check(sk_conf != NULL); + if (!TEST_ptr(sk_conf = NCONF_get_section(conf, server_section))) + return 0; for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) { int found = 0; @@ -573,8 +808,8 @@ static int parse_server_options(SSL_TEST_SERVER_CONF *server, const CONF *conf, for (j = 0; j < OSSL_NELEM(ssl_test_server_options); j++) { if (strcmp(option->name, ssl_test_server_options[j].name) == 0) { if (!ssl_test_server_options[j].parse(server, option->value)) { - fprintf(stderr, "Bad value %s for option %s\n", - option->value, option->name); + TEST_info("Bad value %s for option %s", + option->value, option->name); return 0; } found = 1; @@ -582,7 +817,7 @@ static int parse_server_options(SSL_TEST_SERVER_CONF *server, const CONF *conf, } } if (!found) { - fprintf(stderr, "Unknown test option: %s\n", option->name); + TEST_info("Unknown test option: %s", option->name); return 0; } } @@ -592,16 +827,14 @@ static int parse_server_options(SSL_TEST_SERVER_CONF *server, const CONF *conf, SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section) { - STACK_OF(CONF_VALUE) *sk_conf; - SSL_TEST_CTX *ctx; + STACK_OF(CONF_VALUE) *sk_conf = NULL; + SSL_TEST_CTX *ctx = NULL; int i; size_t j; - sk_conf = NCONF_get_section(conf, test_section); - TEST_check(sk_conf != NULL); - - ctx = SSL_TEST_CTX_new(); - TEST_check(ctx != NULL); + if (!TEST_ptr(sk_conf = NCONF_get_section(conf, test_section)) + || !TEST_ptr(ctx = SSL_TEST_CTX_new())) + goto err; for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) { int found = 0; @@ -609,16 +842,13 @@ SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section) /* Subsections */ if (strcmp(option->name, "client") == 0) { - if (!parse_client_options(&ctx->extra.client, conf, - option->value)) + if (!parse_client_options(&ctx->extra.client, conf, option->value)) goto err; } else if (strcmp(option->name, "server") == 0) { - if (!parse_server_options(&ctx->extra.server, conf, - option->value)) + if (!parse_server_options(&ctx->extra.server, conf, option->value)) goto err; } else if (strcmp(option->name, "server2") == 0) { - if (!parse_server_options(&ctx->extra.server2, conf, - option->value)) + if (!parse_server_options(&ctx->extra.server2, conf, option->value)) goto err; } else if (strcmp(option->name, "resume-client") == 0) { if (!parse_client_options(&ctx->resume_extra.client, conf, @@ -632,13 +862,12 @@ SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section) if (!parse_server_options(&ctx->resume_extra.server2, conf, option->value)) goto err; - } else { for (j = 0; j < OSSL_NELEM(ssl_test_ctx_options); j++) { if (strcmp(option->name, ssl_test_ctx_options[j].name) == 0) { if (!ssl_test_ctx_options[j].parse(ctx, option->value)) { - fprintf(stderr, "Bad value %s for option %s\n", - option->value, option->name); + TEST_info("Bad value %s for option %s", + option->value, option->name); goto err; } found = 1; @@ -646,7 +875,7 @@ SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section) } } if (!found) { - fprintf(stderr, "Unknown test option: %s\n", option->name); + TEST_info("Unknown test option: %s", option->name); goto err; } } diff --git a/deps/openssl/openssl/test/ssl_test_ctx.h b/deps/openssl/openssl/test/ssl_test_ctx.h index 28a4566716..86d227d865 100644 --- a/deps/openssl/openssl/test/ssl_test_ctx.h +++ b/deps/openssl/openssl/test/ssl_test_ctx.h @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -38,7 +38,10 @@ typedef enum { typedef enum { SSL_TEST_SERVERNAME_CB_NONE = 0, /* Default */ SSL_TEST_SERVERNAME_IGNORE_MISMATCH, - SSL_TEST_SERVERNAME_REJECT_MISMATCH + SSL_TEST_SERVERNAME_REJECT_MISMATCH, + SSL_TEST_SERVERNAME_CLIENT_HELLO_IGNORE_MISMATCH, + SSL_TEST_SERVERNAME_CLIENT_HELLO_REJECT_MISMATCH, + SSL_TEST_SERVERNAME_CLIENT_HELLO_NO_V12 } ssl_servername_callback_t; typedef enum { @@ -49,6 +52,17 @@ typedef enum { } ssl_session_ticket_t; typedef enum { + SSL_TEST_COMPRESSION_NO = 0, /* Default */ + SSL_TEST_COMPRESSION_YES +} ssl_compression_t; + +typedef enum { + SSL_TEST_SESSION_ID_IGNORE = 0, /* Default */ + SSL_TEST_SESSION_ID_YES, + SSL_TEST_SESSION_ID_NO +} ssl_session_id_t; + +typedef enum { SSL_TEST_METHOD_TLS = 0, /* Default */ SSL_TEST_METHOD_DTLS } ssl_test_method_t; @@ -57,7 +71,10 @@ typedef enum { SSL_TEST_HANDSHAKE_SIMPLE = 0, /* Default */ SSL_TEST_HANDSHAKE_RESUME, SSL_TEST_HANDSHAKE_RENEG_SERVER, - SSL_TEST_HANDSHAKE_RENEG_CLIENT + SSL_TEST_HANDSHAKE_RENEG_CLIENT, + SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER, + SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT, + SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH } ssl_handshake_mode_t; typedef enum { @@ -71,6 +88,7 @@ typedef enum { SSL_TEST_CERT_STATUS_GOOD_RESPONSE, SSL_TEST_CERT_STATUS_BAD_RESPONSE } ssl_cert_status_t; + /* * Server/client settings that aren't supported by the SSL CONF library, * such as callbacks. @@ -80,12 +98,18 @@ typedef struct { ssl_verify_callback_t verify_callback; /* One of a number of predefined server names use by the client */ ssl_servername_t servername; + /* Maximum Fragment Length extension mode */ + int max_fragment_len_mode; /* Supported NPN and ALPN protocols. A comma-separated list. */ char *npn_protocols; char *alpn_protocols; ssl_ct_validation_t ct_validation; /* Ciphersuites to set on a renegotiation */ char *reneg_ciphers; + char *srp_user; + char *srp_password; + /* PHA enabled */ + int enable_pha; } SSL_TEST_CLIENT_CONF; typedef struct { @@ -98,6 +122,12 @@ typedef struct { int broken_session_ticket; /* Should we send a CertStatus message? */ ssl_cert_status_t cert_status; + /* An SRP user known to the server. */ + char *srp_user; + char *srp_password; + /* Forced PHA */ + int force_pha; + char *session_ticket_app_data; } SSL_TEST_SERVER_CONF; typedef struct { @@ -121,6 +151,8 @@ typedef struct { int app_data_size; /* Maximum send fragment size. */ int max_fragment_size; + /* KeyUpdate type */ + int key_update_type; /* * Extra server/client configurations. Per-handshake. @@ -156,6 +188,7 @@ typedef struct { */ ssl_servername_t expected_servername; ssl_session_ticket_t session_ticket_expected; + int compression_expected; /* The expected NPN/ALPN protocol to negotiate. */ char *expected_npn_protocol; char *expected_alpn_protocol; @@ -163,6 +196,29 @@ typedef struct { int resumption_expected; /* Expected temporary key type */ int expected_tmp_key_type; + /* Expected server certificate key type */ + int expected_server_cert_type; + /* Expected server signing hash */ + int expected_server_sign_hash; + /* Expected server signature type */ + int expected_server_sign_type; + /* Expected server CA names */ + STACK_OF(X509_NAME) *expected_server_ca_names; + /* Expected client certificate key type */ + int expected_client_cert_type; + /* Expected client signing hash */ + int expected_client_sign_hash; + /* Expected client signature type */ + int expected_client_sign_type; + /* Expected CA names for client auth */ + STACK_OF(X509_NAME) *expected_client_ca_names; + /* Whether to use SCTP for the transport */ + int use_sctp; + /* Whether to expect a session id from the server */ + ssl_session_id_t session_id_expected; + char *expected_cipher; + /* Expected Session Ticket Application Data */ + char *expected_session_ticket_app_data; } SSL_TEST_CTX; const char *ssl_test_result_name(ssl_test_result_t result); @@ -173,10 +229,12 @@ const char *ssl_servername_name(ssl_servername_t server); const char *ssl_servername_callback_name(ssl_servername_callback_t servername_callback); const char *ssl_session_ticket_name(ssl_session_ticket_t server); +const char *ssl_session_id_name(ssl_session_id_t server); const char *ssl_test_method_name(ssl_test_method_t method); const char *ssl_handshake_mode_name(ssl_handshake_mode_t mode); const char *ssl_ct_validation_name(ssl_ct_validation_t mode); const char *ssl_certstatus_name(ssl_cert_status_t cert_status); +const char *ssl_max_fragment_len_name(int MFL_mode); /* * Load the test case context from |conf|. diff --git a/deps/openssl/openssl/test/ssl_test_ctx_test.c b/deps/openssl/openssl/test/ssl_test_ctx_test.c index 0f321c60f3..ffbbfbc12b 100644 --- a/deps/openssl/openssl/test/ssl_test_ctx_test.c +++ b/deps/openssl/openssl/test/ssl_test_ctx_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -15,7 +15,7 @@ #include <stdio.h> #include <string.h> -#include "e_os.h" +#include "internal/nelem.h" #include "ssl_test_ctx.h" #include "testutil.h" #include <openssl/e_os2.h> @@ -33,181 +33,101 @@ typedef struct ssl_test_ctx_test_fixture { } SSL_TEST_CTX_TEST_FIXTURE; -static int SSL_TEST_CLIENT_CONF_equal(SSL_TEST_CLIENT_CONF *client, - SSL_TEST_CLIENT_CONF *client2) +static int clientconf_eq(SSL_TEST_CLIENT_CONF *conf1, + SSL_TEST_CLIENT_CONF *conf2) { - if (client->verify_callback != client2->verify_callback) { - fprintf(stderr, "ClientVerifyCallback mismatch: %s vs %s.\n", - ssl_verify_callback_name(client->verify_callback), - ssl_verify_callback_name(client2->verify_callback)); + if (!TEST_int_eq(conf1->verify_callback, conf2->verify_callback) + || !TEST_int_eq(conf1->servername, conf2->servername) + || !TEST_str_eq(conf1->npn_protocols, conf2->npn_protocols) + || !TEST_str_eq(conf1->alpn_protocols, conf2->alpn_protocols) + || !TEST_int_eq(conf1->ct_validation, conf2->ct_validation) + || !TEST_int_eq(conf1->max_fragment_len_mode, + conf2->max_fragment_len_mode)) return 0; - } - if (client->servername != client2->servername) { - fprintf(stderr, "ServerName mismatch: %s vs %s.\n", - ssl_servername_name(client->servername), - ssl_servername_name(client2->servername)); - return 0; - } - if (!strings_equal("Client NPNProtocols", client->npn_protocols, - client2->npn_protocols)) - return 0; - if (!strings_equal("Client ALPNProtocols", client->alpn_protocols, - client2->alpn_protocols)) - return 0; - if (client->ct_validation != client2->ct_validation) { - fprintf(stderr, "CTValidation mismatch: %s vs %s.\n", - ssl_ct_validation_name(client->ct_validation), - ssl_ct_validation_name(client2->ct_validation)); - return 0; - } return 1; } -static int SSL_TEST_SERVER_CONF_equal(SSL_TEST_SERVER_CONF *server, - SSL_TEST_SERVER_CONF *server2) +static int serverconf_eq(SSL_TEST_SERVER_CONF *serv, + SSL_TEST_SERVER_CONF *serv2) { - if (server->servername_callback != server2->servername_callback) { - fprintf(stderr, "ServerNameCallback mismatch: %s vs %s.\n", - ssl_servername_callback_name(server->servername_callback), - ssl_servername_callback_name(server2->servername_callback)); - return 0; - } - if (!strings_equal("Server NPNProtocols", server->npn_protocols, - server2->npn_protocols)) - return 0; - if (!strings_equal("Server ALPNProtocols", server->alpn_protocols, - server2->alpn_protocols)) - return 0; - if (server->broken_session_ticket != server2->broken_session_ticket) { - fprintf(stderr, "Broken session ticket mismatch: %d vs %d.\n", - server->broken_session_ticket, server2->broken_session_ticket); + if (!TEST_int_eq(serv->servername_callback, serv2->servername_callback) + || !TEST_str_eq(serv->npn_protocols, serv2->npn_protocols) + || !TEST_str_eq(serv->alpn_protocols, serv2->alpn_protocols) + || !TEST_int_eq(serv->broken_session_ticket, + serv2->broken_session_ticket) + || !TEST_str_eq(serv->session_ticket_app_data, + serv2->session_ticket_app_data) + || !TEST_int_eq(serv->cert_status, serv2->cert_status)) return 0; - } - if (server->cert_status != server2->cert_status) { - fprintf(stderr, "CertStatus mismatch: %s vs %s.\n", - ssl_certstatus_name(server->cert_status), - ssl_certstatus_name(server2->cert_status)); - return 0; - } return 1; } -static int SSL_TEST_EXTRA_CONF_equal(SSL_TEST_EXTRA_CONF *extra, - SSL_TEST_EXTRA_CONF *extra2) +static int extraconf_eq(SSL_TEST_EXTRA_CONF *extra, + SSL_TEST_EXTRA_CONF *extra2) { - return SSL_TEST_CLIENT_CONF_equal(&extra->client, &extra2->client) - && SSL_TEST_SERVER_CONF_equal(&extra->server, &extra2->server) - && SSL_TEST_SERVER_CONF_equal(&extra->server2, &extra2->server2); + if (!TEST_true(clientconf_eq(&extra->client, &extra2->client)) + || !TEST_true(serverconf_eq(&extra->server, &extra2->server)) + || !TEST_true(serverconf_eq(&extra->server2, &extra2->server2))) + return 0; + return 1; } -/* Returns 1 if the contexts are equal, 0 otherwise. */ -static int SSL_TEST_CTX_equal(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) +static int testctx_eq(SSL_TEST_CTX *ctx, SSL_TEST_CTX *ctx2) { - if (ctx->method != ctx2->method) { - fprintf(stderr, "Method mismatch: %s vs %s.\n", - ssl_test_method_name(ctx->method), - ssl_test_method_name(ctx2->method)); - return 0; - } - if (ctx->handshake_mode != ctx2->handshake_mode) { - fprintf(stderr, "HandshakeMode mismatch: %s vs %s.\n", - ssl_handshake_mode_name(ctx->handshake_mode), - ssl_handshake_mode_name(ctx2->handshake_mode)); - return 0; - } - if (ctx->app_data_size != ctx2->app_data_size) { - fprintf(stderr, "ApplicationData mismatch: %d vs %d.\n", - ctx->app_data_size, ctx2->app_data_size); - return 0; - } - - if (ctx->max_fragment_size != ctx2->max_fragment_size) { - fprintf(stderr, "MaxFragmentSize mismatch: %d vs %d.\n", - ctx->max_fragment_size, ctx2->max_fragment_size); - return 0; - } - - if (!SSL_TEST_EXTRA_CONF_equal(&ctx->extra, &ctx2->extra)) { - fprintf(stderr, "Extra conf mismatch.\n"); - return 0; - } - if (!SSL_TEST_EXTRA_CONF_equal(&ctx->resume_extra, &ctx2->resume_extra)) { - fprintf(stderr, "Resume extra conf mismatch.\n"); - return 0; - } - - if (ctx->expected_result != ctx2->expected_result) { - fprintf(stderr, "ExpectedResult mismatch: %s vs %s.\n", - ssl_test_result_name(ctx->expected_result), - ssl_test_result_name(ctx2->expected_result)); - return 0; - } - if (ctx->expected_client_alert != ctx2->expected_client_alert) { - fprintf(stderr, "ClientAlert mismatch: %s vs %s.\n", - ssl_alert_name(ctx->expected_client_alert), - ssl_alert_name(ctx2->expected_client_alert)); - return 0; - } - if (ctx->expected_server_alert != ctx2->expected_server_alert) { - fprintf(stderr, "ServerAlert mismatch: %s vs %s.\n", - ssl_alert_name(ctx->expected_server_alert), - ssl_alert_name(ctx2->expected_server_alert)); - return 0; - } - if (ctx->expected_protocol != ctx2->expected_protocol) { - fprintf(stderr, "ClientAlert mismatch: %s vs %s.\n", - ssl_protocol_name(ctx->expected_protocol), - ssl_protocol_name(ctx2->expected_protocol)); - return 0; - } - if (ctx->expected_servername != ctx2->expected_servername) { - fprintf(stderr, "ExpectedServerName mismatch: %s vs %s.\n", - ssl_servername_name(ctx->expected_servername), - ssl_servername_name(ctx2->expected_servername)); - return 0; - } - if (ctx->session_ticket_expected != ctx2->session_ticket_expected) { - fprintf(stderr, "SessionTicketExpected mismatch: %s vs %s.\n", - ssl_session_ticket_name(ctx->session_ticket_expected), - ssl_session_ticket_name(ctx2->session_ticket_expected)); - return 0; - } - if (!strings_equal("ExpectedNPNProtocol", ctx->expected_npn_protocol, - ctx2->expected_npn_protocol)) + if (!TEST_int_eq(ctx->method, ctx2->method) + || !TEST_int_eq(ctx->handshake_mode, ctx2->handshake_mode) + || !TEST_int_eq(ctx->app_data_size, ctx2->app_data_size) + || !TEST_int_eq(ctx->max_fragment_size, ctx2->max_fragment_size) + || !extraconf_eq(&ctx->extra, &ctx2->extra) + || !extraconf_eq(&ctx->resume_extra, &ctx2->resume_extra) + || !TEST_int_eq(ctx->expected_result, ctx2->expected_result) + || !TEST_int_eq(ctx->expected_client_alert, + ctx2->expected_client_alert) + || !TEST_int_eq(ctx->expected_server_alert, + ctx2->expected_server_alert) + || !TEST_int_eq(ctx->expected_protocol, ctx2->expected_protocol) + || !TEST_int_eq(ctx->expected_servername, ctx2->expected_servername) + || !TEST_int_eq(ctx->session_ticket_expected, + ctx2->session_ticket_expected) + || !TEST_int_eq(ctx->compression_expected, + ctx2->compression_expected) + || !TEST_str_eq(ctx->expected_npn_protocol, + ctx2->expected_npn_protocol) + || !TEST_str_eq(ctx->expected_alpn_protocol, + ctx2->expected_alpn_protocol) + || !TEST_str_eq(ctx->expected_cipher, + ctx2->expected_cipher) + || !TEST_str_eq(ctx->expected_session_ticket_app_data, + ctx2->expected_session_ticket_app_data) + || !TEST_int_eq(ctx->resumption_expected, + ctx2->resumption_expected) + || !TEST_int_eq(ctx->session_id_expected, + ctx2->session_id_expected)) return 0; - if (!strings_equal("ExpectedALPNProtocol", ctx->expected_alpn_protocol, - ctx2->expected_alpn_protocol)) - return 0; - if (ctx->resumption_expected != ctx2->resumption_expected) { - fprintf(stderr, "ResumptionExpected mismatch: %d vs %d.\n", - ctx->resumption_expected, ctx2->resumption_expected); - return 0; - } return 1; } -static SSL_TEST_CTX_TEST_FIXTURE set_up(const char *const test_case_name) +static SSL_TEST_CTX_TEST_FIXTURE *set_up(const char *const test_case_name) { - SSL_TEST_CTX_TEST_FIXTURE fixture; - fixture.test_case_name = test_case_name; - fixture.expected_ctx = SSL_TEST_CTX_new(); - TEST_check(fixture.expected_ctx != NULL); + SSL_TEST_CTX_TEST_FIXTURE *fixture; + + if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) + return NULL; + fixture->test_case_name = test_case_name; + if (!TEST_ptr(fixture->expected_ctx = SSL_TEST_CTX_new())) { + OPENSSL_free(fixture); + return NULL; + } return fixture; } -static int execute_test(SSL_TEST_CTX_TEST_FIXTURE fixture) +static int execute_test(SSL_TEST_CTX_TEST_FIXTURE *fixture) { int success = 0; + SSL_TEST_CTX *ctx; - SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, fixture.test_section); - - if (ctx == NULL) { - fprintf(stderr, "Failed to parse good configuration %s.\n", - fixture.test_section); - goto err; - } - - if (!SSL_TEST_CTX_equal(ctx, fixture.expected_ctx)) + if (!TEST_ptr(ctx = SSL_TEST_CTX_create(conf, fixture->test_section)) + || !testctx_eq(ctx, fixture->expected_ctx)) goto err; success = 1; @@ -216,78 +136,76 @@ static int execute_test(SSL_TEST_CTX_TEST_FIXTURE fixture) return success; } -static int execute_failure_test(SSL_TEST_CTX_TEST_FIXTURE fixture) +static void tear_down(SSL_TEST_CTX_TEST_FIXTURE *fixture) { - SSL_TEST_CTX *ctx = SSL_TEST_CTX_create(conf, fixture.test_section); - - if (ctx != NULL) { - fprintf(stderr, "Parsing bad configuration %s succeeded.\n", - fixture.test_section); - SSL_TEST_CTX_free(ctx); - return 0; - } - - return 1; -} - -static void tear_down(SSL_TEST_CTX_TEST_FIXTURE fixture) -{ - SSL_TEST_CTX_free(fixture.expected_ctx); - ERR_print_errors_fp(stderr); + SSL_TEST_CTX_free(fixture->expected_ctx); + OPENSSL_free(fixture); } -#define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ - SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up) -#define EXECUTE_SSL_TEST_CTX_TEST() \ +#define SETUP_SSL_TEST_CTX_TEST_FIXTURE() \ + SETUP_TEST_FIXTURE(SSL_TEST_CTX_TEST_FIXTURE, set_up); +#define EXECUTE_SSL_TEST_CTX_TEST() \ EXECUTE_TEST(execute_test, tear_down) -#define EXECUTE_SSL_TEST_CTX_FAILURE_TEST() \ - EXECUTE_TEST(execute_failure_test, tear_down) -static int test_empty_configuration() +static int test_empty_configuration(void) { SETUP_SSL_TEST_CTX_TEST_FIXTURE(); - fixture.test_section = "ssltest_default"; - fixture.expected_ctx->expected_result = SSL_TEST_SUCCESS; + if (fixture == NULL) + return 0; + fixture->test_section = "ssltest_default"; + fixture->expected_ctx->expected_result = SSL_TEST_SUCCESS; EXECUTE_SSL_TEST_CTX_TEST(); + return result; } -static int test_good_configuration() +static int test_good_configuration(void) { SETUP_SSL_TEST_CTX_TEST_FIXTURE(); - fixture.test_section = "ssltest_good"; - fixture.expected_ctx->method = SSL_TEST_METHOD_DTLS; - fixture.expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; - fixture.expected_ctx->app_data_size = 1024; - fixture.expected_ctx->max_fragment_size = 2048; - - fixture.expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; - fixture.expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; - fixture.expected_ctx->expected_server_alert = 0; /* No alert. */ - fixture.expected_ctx->expected_protocol = TLS1_1_VERSION; - fixture.expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; - fixture.expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; - fixture.expected_ctx->resumption_expected = 1; - - fixture.expected_ctx->extra.client.verify_callback = + if (fixture == NULL) + return 0; + fixture->test_section = "ssltest_good"; + fixture->expected_ctx->method = SSL_TEST_METHOD_DTLS; + fixture->expected_ctx->handshake_mode = SSL_TEST_HANDSHAKE_RESUME; + fixture->expected_ctx->app_data_size = 1024; + fixture->expected_ctx->max_fragment_size = 2048; + + fixture->expected_ctx->expected_result = SSL_TEST_SERVER_FAIL; + fixture->expected_ctx->expected_client_alert = SSL_AD_UNKNOWN_CA; + fixture->expected_ctx->expected_server_alert = 0; /* No alert. */ + fixture->expected_ctx->expected_protocol = TLS1_1_VERSION; + fixture->expected_ctx->expected_servername = SSL_TEST_SERVERNAME_SERVER2; + fixture->expected_ctx->session_ticket_expected = SSL_TEST_SESSION_TICKET_YES; + fixture->expected_ctx->compression_expected = SSL_TEST_COMPRESSION_NO; + fixture->expected_ctx->session_id_expected = SSL_TEST_SESSION_ID_IGNORE; + fixture->expected_ctx->resumption_expected = 1; + + fixture->expected_ctx->extra.client.verify_callback = SSL_TEST_VERIFY_REJECT_ALL; - fixture.expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; - fixture.expected_ctx->extra.client.npn_protocols = + fixture->expected_ctx->extra.client.servername = SSL_TEST_SERVERNAME_SERVER2; + fixture->expected_ctx->extra.client.npn_protocols = OPENSSL_strdup("foo,bar"); - TEST_check(fixture.expected_ctx->extra.client.npn_protocols != NULL); + if (!TEST_ptr(fixture->expected_ctx->extra.client.npn_protocols)) + goto err; + fixture->expected_ctx->extra.client.max_fragment_len_mode = 0; - fixture.expected_ctx->extra.server.servername_callback = + fixture->expected_ctx->extra.server.servername_callback = SSL_TEST_SERVERNAME_IGNORE_MISMATCH; - fixture.expected_ctx->extra.server.broken_session_ticket = 1; + fixture->expected_ctx->extra.server.broken_session_ticket = 1; - fixture.expected_ctx->resume_extra.server2.alpn_protocols = + fixture->expected_ctx->resume_extra.server2.alpn_protocols = OPENSSL_strdup("baz"); - TEST_check( - fixture.expected_ctx->resume_extra.server2.alpn_protocols != NULL); + if (!TEST_ptr(fixture->expected_ctx->resume_extra.server2.alpn_protocols)) + goto err; - fixture.expected_ctx->resume_extra.client.ct_validation = + fixture->expected_ctx->resume_extra.client.ct_validation = SSL_TEST_CT_VALIDATION_STRICT; EXECUTE_SSL_TEST_CTX_TEST(); + return result; + +err: + tear_down(fixture); + return 0; } static const char *bad_configurations[] = { @@ -300,39 +218,45 @@ static const char *bad_configurations[] = { "ssltest_unknown_servername", "ssltest_unknown_servername_callback", "ssltest_unknown_session_ticket_expected", + "ssltest_unknown_compression_expected", + "ssltest_unknown_session_id_expected", "ssltest_unknown_method", "ssltest_unknown_handshake_mode", "ssltest_unknown_resumption_expected", "ssltest_unknown_ct_validation", + "ssltest_invalid_max_fragment_len", }; static int test_bad_configuration(int idx) { - SETUP_SSL_TEST_CTX_TEST_FIXTURE(); - fixture.test_section = bad_configurations[idx]; - EXECUTE_SSL_TEST_CTX_FAILURE_TEST(); -} - -int main(int argc, char **argv) -{ - int result = 0; + SSL_TEST_CTX *ctx; - if (argc != 2) - return 1; + if (!TEST_ptr_null(ctx = SSL_TEST_CTX_create(conf, + bad_configurations[idx]))) { + SSL_TEST_CTX_free(ctx); + return 0; + } - conf = NCONF_new(NULL); - TEST_check(conf != NULL); + return 1; +} - /* argv[1] should point to test/ssl_test_ctx_test.conf */ - TEST_check(NCONF_load(conf, argv[1], NULL) > 0); +int setup_tests(void) +{ + if (!TEST_ptr(conf = NCONF_new(NULL))) + return 0; + /* argument should point to test/ssl_test_ctx_test.conf */ + if (!TEST_int_gt(NCONF_load(conf, test_get_argument(0), NULL), 0)) { + TEST_note("Missing file argument"); + return 0; + } ADD_TEST(test_empty_configuration); ADD_TEST(test_good_configuration); ADD_ALL_TESTS(test_bad_configuration, OSSL_NELEM(bad_configurations)); + return 1; +} - result = run_tests(argv[0]); - +void cleanup_tests(void) +{ NCONF_free(conf); - - return result; } diff --git a/deps/openssl/openssl/test/ssl_test_ctx_test.conf b/deps/openssl/openssl/test/ssl_test_ctx_test.conf index a062d75a10..91e1465ffe 100644 --- a/deps/openssl/openssl/test/ssl_test_ctx_test.conf +++ b/deps/openssl/openssl/test/ssl_test_ctx_test.conf @@ -72,6 +72,12 @@ ServerNameCallback = Foo [ssltest_unknown_session_ticket_expected] SessionTicketExpected = Foo +[ssltest_unknown_compression_expected] +CompressionExpected = Foo + +[ssltest_unknown_session_id_expected] +SessionIdExpected = Foo + [ssltest_unknown_method] Method = TLS2 @@ -86,3 +92,6 @@ client = ssltest_unknown_ct_validation_client [ssltest_unknown_ct_validation_client] CTCallback = Foo + +[ssltest_invalid_max_fragment_len] +MaxFragmentLenExt = 421 diff --git a/deps/openssl/openssl/test/sslapitest.c b/deps/openssl/openssl/test/sslapitest.c index 8badd284e3..108d57e478 100644 --- a/deps/openssl/openssl/test/sslapitest.c +++ b/deps/openssl/openssl/test/sslapitest.c @@ -14,13 +14,45 @@ #include <openssl/crypto.h> #include <openssl/ssl.h> #include <openssl/ocsp.h> +#include <openssl/srp.h> +#include <openssl/txt_db.h> +#include <openssl/aes.h> #include "ssltestlib.h" #include "testutil.h" -#include "e_os.h" +#include "testutil/output.h" +#include "internal/nelem.h" +#include "../ssl/ssl_locl.h" + +#ifndef OPENSSL_NO_TLS1_3 + +static SSL_SESSION *clientpsk = NULL; +static SSL_SESSION *serverpsk = NULL; +static const char *pskid = "Identity"; +static const char *srvid; + +static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id, + size_t *idlen, SSL_SESSION **sess); +static int find_session_cb(SSL *ssl, const unsigned char *identity, + size_t identity_len, SSL_SESSION **sess); + +static int use_session_cb_cnt = 0; +static int find_session_cb_cnt = 0; + +static SSL_SESSION *create_a_psk(SSL *ssl); +#endif static char *cert = NULL; static char *privkey = NULL; +static char *srpvfile = NULL; +static char *tmpfilename = NULL; + +#define LOG_BUFFER_SIZE 2048 +static char server_log_buffer[LOG_BUFFER_SIZE + 1] = {0}; +static size_t server_log_buffer_index = 0; +static char client_log_buffer[LOG_BUFFER_SIZE + 1] = {0}; +static size_t client_log_buffer_index = 0; +static int error_writing_log = 0; #ifndef OPENSSL_NO_OCSP static const unsigned char orespder[] = "Dummy OCSP Response"; @@ -32,6 +64,521 @@ static X509 *ocspcert = NULL; #endif #define NUM_EXTRA_CERTS 40 +#define CLIENT_VERSION_LEN 2 + +/* + * This structure is used to validate that the correct number of log messages + * of various types are emitted when emitting secret logs. + */ +struct sslapitest_log_counts { + unsigned int rsa_key_exchange_count; + unsigned int master_secret_count; + unsigned int client_early_secret_count; + unsigned int client_handshake_secret_count; + unsigned int server_handshake_secret_count; + unsigned int client_application_secret_count; + unsigned int server_application_secret_count; + unsigned int early_exporter_secret_count; + unsigned int exporter_secret_count; +}; + + +static unsigned char serverinfov1[] = { + 0xff, 0xff, /* Dummy extension type */ + 0x00, 0x01, /* Extension length is 1 byte */ + 0xff /* Dummy extension data */ +}; + +static unsigned char serverinfov2[] = { + 0x00, 0x00, 0x00, + (unsigned char)(SSL_EXT_CLIENT_HELLO & 0xff), /* Dummy context - 4 bytes */ + 0xff, 0xff, /* Dummy extension type */ + 0x00, 0x01, /* Extension length is 1 byte */ + 0xff /* Dummy extension data */ +}; + +static void client_keylog_callback(const SSL *ssl, const char *line) +{ + int line_length = strlen(line); + + /* If the log doesn't fit, error out. */ + if (client_log_buffer_index + line_length > sizeof(client_log_buffer) - 1) { + TEST_info("Client log too full"); + error_writing_log = 1; + return; + } + + strcat(client_log_buffer, line); + client_log_buffer_index += line_length; + client_log_buffer[client_log_buffer_index++] = '\n'; +} + +static void server_keylog_callback(const SSL *ssl, const char *line) +{ + int line_length = strlen(line); + + /* If the log doesn't fit, error out. */ + if (server_log_buffer_index + line_length > sizeof(server_log_buffer) - 1) { + TEST_info("Server log too full"); + error_writing_log = 1; + return; + } + + strcat(server_log_buffer, line); + server_log_buffer_index += line_length; + server_log_buffer[server_log_buffer_index++] = '\n'; +} + +static int compare_hex_encoded_buffer(const char *hex_encoded, + size_t hex_length, + const uint8_t *raw, + size_t raw_length) +{ + size_t i, j; + char hexed[3]; + + if (!TEST_size_t_eq(raw_length * 2, hex_length)) + return 1; + + for (i = j = 0; i < raw_length && j + 1 < hex_length; i++, j += 2) { + sprintf(hexed, "%02x", raw[i]); + if (!TEST_int_eq(hexed[0], hex_encoded[j]) + || !TEST_int_eq(hexed[1], hex_encoded[j + 1])) + return 1; + } + + return 0; +} + +static int test_keylog_output(char *buffer, const SSL *ssl, + const SSL_SESSION *session, + struct sslapitest_log_counts *expected) +{ + char *token = NULL; + unsigned char actual_client_random[SSL3_RANDOM_SIZE] = {0}; + size_t client_random_size = SSL3_RANDOM_SIZE; + unsigned char actual_master_key[SSL_MAX_MASTER_KEY_LENGTH] = {0}; + size_t master_key_size = SSL_MAX_MASTER_KEY_LENGTH; + unsigned int rsa_key_exchange_count = 0; + unsigned int master_secret_count = 0; + unsigned int client_early_secret_count = 0; + unsigned int client_handshake_secret_count = 0; + unsigned int server_handshake_secret_count = 0; + unsigned int client_application_secret_count = 0; + unsigned int server_application_secret_count = 0; + unsigned int early_exporter_secret_count = 0; + unsigned int exporter_secret_count = 0; + + for (token = strtok(buffer, " \n"); token != NULL; + token = strtok(NULL, " \n")) { + if (strcmp(token, "RSA") == 0) { + /* + * Premaster secret. Tokens should be: 16 ASCII bytes of + * hex-encoded encrypted secret, then the hex-encoded pre-master + * secret. + */ + if (!TEST_ptr(token = strtok(NULL, " \n"))) + return 0; + if (!TEST_size_t_eq(strlen(token), 16)) + return 0; + if (!TEST_ptr(token = strtok(NULL, " \n"))) + return 0; + /* + * We can't sensibly check the log because the premaster secret is + * transient, and OpenSSL doesn't keep hold of it once the master + * secret is generated. + */ + rsa_key_exchange_count++; + } else if (strcmp(token, "CLIENT_RANDOM") == 0) { + /* + * Master secret. Tokens should be: 64 ASCII bytes of hex-encoded + * client random, then the hex-encoded master secret. + */ + client_random_size = SSL_get_client_random(ssl, + actual_client_random, + SSL3_RANDOM_SIZE); + if (!TEST_size_t_eq(client_random_size, SSL3_RANDOM_SIZE)) + return 0; + + if (!TEST_ptr(token = strtok(NULL, " \n"))) + return 0; + if (!TEST_size_t_eq(strlen(token), 64)) + return 0; + if (!TEST_false(compare_hex_encoded_buffer(token, 64, + actual_client_random, + client_random_size))) + return 0; + + if (!TEST_ptr(token = strtok(NULL, " \n"))) + return 0; + master_key_size = SSL_SESSION_get_master_key(session, + actual_master_key, + master_key_size); + if (!TEST_size_t_ne(master_key_size, 0)) + return 0; + if (!TEST_false(compare_hex_encoded_buffer(token, strlen(token), + actual_master_key, + master_key_size))) + return 0; + master_secret_count++; + } else if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0 + || strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0 + || strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0 + || strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0 + || strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0 + || strcmp(token, "EARLY_EXPORTER_SECRET") == 0 + || strcmp(token, "EXPORTER_SECRET") == 0) { + /* + * TLSv1.3 secret. Tokens should be: 64 ASCII bytes of hex-encoded + * client random, and then the hex-encoded secret. In this case, + * we treat all of these secrets identically and then just + * distinguish between them when counting what we saw. + */ + if (strcmp(token, "CLIENT_EARLY_TRAFFIC_SECRET") == 0) + client_early_secret_count++; + else if (strcmp(token, "CLIENT_HANDSHAKE_TRAFFIC_SECRET") == 0) + client_handshake_secret_count++; + else if (strcmp(token, "SERVER_HANDSHAKE_TRAFFIC_SECRET") == 0) + server_handshake_secret_count++; + else if (strcmp(token, "CLIENT_TRAFFIC_SECRET_0") == 0) + client_application_secret_count++; + else if (strcmp(token, "SERVER_TRAFFIC_SECRET_0") == 0) + server_application_secret_count++; + else if (strcmp(token, "EARLY_EXPORTER_SECRET") == 0) + early_exporter_secret_count++; + else if (strcmp(token, "EXPORTER_SECRET") == 0) + exporter_secret_count++; + + client_random_size = SSL_get_client_random(ssl, + actual_client_random, + SSL3_RANDOM_SIZE); + if (!TEST_size_t_eq(client_random_size, SSL3_RANDOM_SIZE)) + return 0; + + if (!TEST_ptr(token = strtok(NULL, " \n"))) + return 0; + if (!TEST_size_t_eq(strlen(token), 64)) + return 0; + if (!TEST_false(compare_hex_encoded_buffer(token, 64, + actual_client_random, + client_random_size))) + return 0; + + if (!TEST_ptr(token = strtok(NULL, " \n"))) + return 0; + + /* + * TODO(TLS1.3): test that application traffic secrets are what + * we expect */ + } else { + TEST_info("Unexpected token %s\n", token); + return 0; + } + } + + /* Got what we expected? */ + if (!TEST_size_t_eq(rsa_key_exchange_count, + expected->rsa_key_exchange_count) + || !TEST_size_t_eq(master_secret_count, + expected->master_secret_count) + || !TEST_size_t_eq(client_early_secret_count, + expected->client_early_secret_count) + || !TEST_size_t_eq(client_handshake_secret_count, + expected->client_handshake_secret_count) + || !TEST_size_t_eq(server_handshake_secret_count, + expected->server_handshake_secret_count) + || !TEST_size_t_eq(client_application_secret_count, + expected->client_application_secret_count) + || !TEST_size_t_eq(server_application_secret_count, + expected->server_application_secret_count) + || !TEST_size_t_eq(early_exporter_secret_count, + expected->early_exporter_secret_count) + || !TEST_size_t_eq(exporter_secret_count, + expected->exporter_secret_count)) + return 0; + return 1; +} + +#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) +static int test_keylog(void) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + struct sslapitest_log_counts expected = {0}; + + /* Clean up logging space */ + memset(client_log_buffer, 0, sizeof(client_log_buffer)); + memset(server_log_buffer, 0, sizeof(server_log_buffer)); + client_log_buffer_index = 0; + server_log_buffer_index = 0; + error_writing_log = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + return 0; + + /* We cannot log the master secret for TLSv1.3, so we should forbid it. */ + SSL_CTX_set_options(cctx, SSL_OP_NO_TLSv1_3); + SSL_CTX_set_options(sctx, SSL_OP_NO_TLSv1_3); + + /* We also want to ensure that we use RSA-based key exchange. */ + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "RSA"))) + goto end; + + if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) == NULL) + || !TEST_true(SSL_CTX_get_keylog_callback(sctx) == NULL)) + goto end; + SSL_CTX_set_keylog_callback(cctx, client_keylog_callback); + if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) + == client_keylog_callback)) + goto end; + SSL_CTX_set_keylog_callback(sctx, server_keylog_callback); + if (!TEST_true(SSL_CTX_get_keylog_callback(sctx) + == server_keylog_callback)) + goto end; + + /* Now do a handshake and check that the logs have been written to. */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(error_writing_log) + || !TEST_int_gt(client_log_buffer_index, 0) + || !TEST_int_gt(server_log_buffer_index, 0)) + goto end; + + /* + * Now we want to test that our output data was vaguely sensible. We + * do that by using strtok and confirming that we have more or less the + * data we expect. For both client and server, we expect to see one master + * secret. The client should also see a RSA key exchange. + */ + expected.rsa_key_exchange_count = 1; + expected.master_secret_count = 1; + if (!TEST_true(test_keylog_output(client_log_buffer, clientssl, + SSL_get_session(clientssl), &expected))) + goto end; + + expected.rsa_key_exchange_count = 0; + if (!TEST_true(test_keylog_output(server_log_buffer, serverssl, + SSL_get_session(serverssl), &expected))) + goto end; + + testresult = 1; + +end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif + +#ifndef OPENSSL_NO_TLS1_3 +static int test_keylog_no_master_key(void) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + SSL_SESSION *sess = NULL; + int testresult = 0; + struct sslapitest_log_counts expected = {0}; + unsigned char buf[1]; + size_t readbytes, written; + + /* Clean up logging space */ + memset(client_log_buffer, 0, sizeof(client_log_buffer)); + memset(server_log_buffer, 0, sizeof(server_log_buffer)); + client_log_buffer_index = 0; + server_log_buffer_index = 0; + error_writing_log = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey)) + || !TEST_true(SSL_CTX_set_max_early_data(sctx, + SSL3_RT_MAX_PLAIN_LENGTH))) + return 0; + + if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) == NULL) + || !TEST_true(SSL_CTX_get_keylog_callback(sctx) == NULL)) + goto end; + + SSL_CTX_set_keylog_callback(cctx, client_keylog_callback); + if (!TEST_true(SSL_CTX_get_keylog_callback(cctx) + == client_keylog_callback)) + goto end; + + SSL_CTX_set_keylog_callback(sctx, server_keylog_callback); + if (!TEST_true(SSL_CTX_get_keylog_callback(sctx) + == server_keylog_callback)) + goto end; + + /* Now do a handshake and check that the logs have been written to. */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(error_writing_log)) + goto end; + + /* + * Now we want to test that our output data was vaguely sensible. For this + * test, we expect no CLIENT_RANDOM entry because it doesn't make sense for + * TLSv1.3, but we do expect both client and server to emit keys. + */ + expected.client_handshake_secret_count = 1; + expected.server_handshake_secret_count = 1; + expected.client_application_secret_count = 1; + expected.server_application_secret_count = 1; + expected.exporter_secret_count = 1; + if (!TEST_true(test_keylog_output(client_log_buffer, clientssl, + SSL_get_session(clientssl), &expected)) + || !TEST_true(test_keylog_output(server_log_buffer, serverssl, + SSL_get_session(serverssl), + &expected))) + goto end; + + /* Terminate old session and resume with early data. */ + sess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + /* Reset key log */ + memset(client_log_buffer, 0, sizeof(client_log_buffer)); + memset(server_log_buffer, 0, sizeof(server_log_buffer)); + client_log_buffer_index = 0; + server_log_buffer_index = 0; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, sess)) + /* Here writing 0 length early data is enough. */ + || !TEST_true(SSL_write_early_data(clientssl, NULL, 0, &written)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_ERROR) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_ACCEPTED) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl))) + goto end; + + /* In addition to the previous entries, expect early secrets. */ + expected.client_early_secret_count = 1; + expected.early_exporter_secret_count = 1; + if (!TEST_true(test_keylog_output(client_log_buffer, clientssl, + SSL_get_session(clientssl), &expected)) + || !TEST_true(test_keylog_output(server_log_buffer, serverssl, + SSL_get_session(serverssl), + &expected))) + goto end; + + testresult = 1; + +end: + SSL_SESSION_free(sess); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif + +#ifndef OPENSSL_NO_TLS1_2 +static int full_client_hello_callback(SSL *s, int *al, void *arg) +{ + int *ctr = arg; + const unsigned char *p; + int *exts; + /* We only configure two ciphers, but the SCSV is added automatically. */ +#ifdef OPENSSL_NO_EC + const unsigned char expected_ciphers[] = {0x00, 0x9d, 0x00, 0xff}; +#else + const unsigned char expected_ciphers[] = {0x00, 0x9d, 0xc0, + 0x2c, 0x00, 0xff}; +#endif + const int expected_extensions[] = { +#ifndef OPENSSL_NO_EC + 11, 10, +#endif + 35, 22, 23, 13}; + size_t len; + + /* Make sure we can defer processing and get called back. */ + if ((*ctr)++ == 0) + return SSL_CLIENT_HELLO_RETRY; + + len = SSL_client_hello_get0_ciphers(s, &p); + if (!TEST_mem_eq(p, len, expected_ciphers, sizeof(expected_ciphers)) + || !TEST_size_t_eq( + SSL_client_hello_get0_compression_methods(s, &p), 1) + || !TEST_int_eq(*p, 0)) + return SSL_CLIENT_HELLO_ERROR; + if (!SSL_client_hello_get1_extensions_present(s, &exts, &len)) + return SSL_CLIENT_HELLO_ERROR; + if (len != OSSL_NELEM(expected_extensions) || + memcmp(exts, expected_extensions, len * sizeof(*exts)) != 0) { + printf("ClientHello callback expected extensions mismatch\n"); + OPENSSL_free(exts); + return SSL_CLIENT_HELLO_ERROR; + } + OPENSSL_free(exts); + return SSL_CLIENT_HELLO_SUCCESS; +} + +static int test_client_hello_cb(void) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testctr = 0, testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + SSL_CTX_set_client_hello_cb(sctx, full_client_hello_callback, &testctr); + + /* The gimpy cipher list we configure can't do TLS 1.3. */ + SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION); + + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, + "AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384")) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_WANT_CLIENT_HELLO_CB)) + /* + * Passing a -1 literal is a hack since + * the real value was lost. + * */ + || !TEST_int_eq(SSL_get_error(serverssl, -1), + SSL_ERROR_WANT_CLIENT_HELLO_CB) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + testresult = 1; + +end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif static int execute_test_large_message(const SSL_METHOD *smeth, const SSL_METHOD *cmeth, @@ -42,29 +589,23 @@ static int execute_test_large_message(const SSL_METHOD *smeth, SSL *clientssl = NULL, *serverssl = NULL; int testresult = 0; int i; - BIO *certbio = BIO_new_file(cert, "r"); + BIO *certbio = NULL; X509 *chaincert = NULL; int certlen; - if (certbio == NULL) { - printf("Can't load the certificate file\n"); + if (!TEST_ptr(certbio = BIO_new_file(cert, "r"))) goto end; - } chaincert = PEM_read_bio_X509(certbio, NULL, NULL, NULL); BIO_free(certbio); certbio = NULL; - if (chaincert == NULL) { - printf("Unable to load certificate for chain\n"); + if (!TEST_ptr(chaincert)) goto end; - } - if (!create_ssl_ctx_pair(smeth, cmeth, min_version, max_version, &sctx, - &cctx, cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(smeth, cmeth, min_version, max_version, + &sctx, &cctx, cert, privkey))) goto end; - } - if(read_ahead) { + if (read_ahead) { /* * Test that read_ahead works correctly when dealing with large * records @@ -76,42 +617,33 @@ static int execute_test_large_message(const SSL_METHOD *smeth, * We assume the supplied certificate is big enough so that if we add * NUM_EXTRA_CERTS it will make the overall message large enough. The * default buffer size is requested to be 16k, but due to the way BUF_MEM - * works, it ends up allocating a little over 21k (16 * 4/3). So, in this test - * we need to have a message larger than that. + * works, it ends up allocating a little over 21k (16 * 4/3). So, in this + * test we need to have a message larger than that. */ certlen = i2d_X509(chaincert, NULL); - OPENSSL_assert((certlen * NUM_EXTRA_CERTS) - > ((SSL3_RT_MAX_PLAIN_LENGTH * 4) / 3)); + OPENSSL_assert(certlen * NUM_EXTRA_CERTS > + (SSL3_RT_MAX_PLAIN_LENGTH * 4) / 3); for (i = 0; i < NUM_EXTRA_CERTS; i++) { - if (!X509_up_ref(chaincert)) { - printf("Unable to up ref cert\n"); + if (!X509_up_ref(chaincert)) goto end; - } if (!SSL_CTX_add_extra_chain_cert(sctx, chaincert)) { - printf("Unable to add extra chain cert %d\n", i); X509_free(chaincert); goto end; } } - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { - printf("Unable to create SSL objects\n"); - goto end; - } - - if (!create_ssl_connection(serverssl, clientssl)) { - printf("Unable to create SSL connection\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) goto end; - } /* * Calling SSL_clear() first is not required but this tests that SSL_clear() * doesn't leak (when using enable-crypto-mdebug). */ - if (!SSL_clear(serverssl)) { - printf("Unexpected failure from SSL_clear()\n"); + if (!TEST_true(SSL_clear(serverssl))) goto end; - } testresult = 1; end: @@ -156,7 +688,7 @@ static int test_large_message_dtls(void) static int ocsp_server_cb(SSL *s, void *arg) { int *argi = (int *)arg; - unsigned char *orespdercopy = NULL; + unsigned char *copy = NULL; STACK_OF(OCSP_RESPID) *ids = NULL; OCSP_RESPID *id = NULL; @@ -173,15 +705,11 @@ static int ocsp_server_cb(SSL *s, void *arg) return SSL_TLSEXT_ERR_ALERT_FATAL; } - - orespdercopy = OPENSSL_memdup(orespder, sizeof(orespder)); - if (orespdercopy == NULL) + if (!TEST_ptr(copy = OPENSSL_memdup(orespder, sizeof(orespder)))) return SSL_TLSEXT_ERR_ALERT_FATAL; - SSL_set_tlsext_status_ocsp_resp(s, orespdercopy, sizeof(orespder)); - + SSL_set_tlsext_status_ocsp_resp(s, copy, sizeof(orespder)); ocsp_server_called = 1; - return SSL_TLSEXT_ERR_OK; } @@ -195,12 +723,10 @@ static int ocsp_client_cb(SSL *s, void *arg) return 0; len = SSL_get_tlsext_status_ocsp_resp(s, &respderin); - - if (memcmp(orespder, respderin, len) != 0) + if (!TEST_mem_eq(orespder, len, respderin, len)) return 0; ocsp_client_called = 1; - return 1; } @@ -214,56 +740,33 @@ static int test_tlsext_status_type(void) BIO *certbio = NULL; if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey)) return 0; - } - if (SSL_CTX_get_tlsext_status_type(cctx) != -1) { - printf("Unexpected initial value for " - "SSL_CTX_get_tlsext_status_type()\n"); + if (SSL_CTX_get_tlsext_status_type(cctx) != -1) goto end; - } /* First just do various checks getting and setting tlsext_status_type */ clientssl = SSL_new(cctx); - if (SSL_get_tlsext_status_type(clientssl) != -1) { - printf("Unexpected initial value for SSL_get_tlsext_status_type()\n"); - goto end; - } - - if (!SSL_set_tlsext_status_type(clientssl, TLSEXT_STATUSTYPE_ocsp)) { - printf("Unexpected fail for SSL_set_tlsext_status_type()\n"); - goto end; - } - - if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) { - printf("Unexpected result for SSL_get_tlsext_status_type()\n"); + if (!TEST_int_eq(SSL_get_tlsext_status_type(clientssl), -1) + || !TEST_true(SSL_set_tlsext_status_type(clientssl, + TLSEXT_STATUSTYPE_ocsp)) + || !TEST_int_eq(SSL_get_tlsext_status_type(clientssl), + TLSEXT_STATUSTYPE_ocsp)) goto end; - } SSL_free(clientssl); clientssl = NULL; - if (!SSL_CTX_set_tlsext_status_type(cctx, TLSEXT_STATUSTYPE_ocsp)) { - printf("Unexpected fail for SSL_CTX_set_tlsext_status_type()\n"); - goto end; - } - - if (SSL_CTX_get_tlsext_status_type(cctx) != TLSEXT_STATUSTYPE_ocsp) { - printf("Unexpected result for SSL_CTX_get_tlsext_status_type()\n"); + if (!SSL_CTX_set_tlsext_status_type(cctx, TLSEXT_STATUSTYPE_ocsp) + || SSL_CTX_get_tlsext_status_type(cctx) != TLSEXT_STATUSTYPE_ocsp) goto end; - } clientssl = SSL_new(cctx); - - if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) { - printf("Unexpected result for SSL_get_tlsext_status_type() (test 2)\n"); + if (SSL_get_tlsext_status_type(clientssl) != TLSEXT_STATUSTYPE_ocsp) goto end; - } - SSL_free(clientssl); clientssl = NULL; @@ -271,27 +774,17 @@ static int test_tlsext_status_type(void) * Now actually do a handshake and check OCSP information is exchanged and * the callbacks get called */ - SSL_CTX_set_tlsext_status_cb(cctx, ocsp_client_cb); SSL_CTX_set_tlsext_status_arg(cctx, &cdummyarg); SSL_CTX_set_tlsext_status_cb(sctx, ocsp_server_cb); SSL_CTX_set_tlsext_status_arg(sctx, &cdummyarg); - - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { - printf("Unable to create SSL objects\n"); - goto end; - } - - if (!create_ssl_connection(serverssl, clientssl)) { - printf("Unable to create SSL connection\n"); - goto end; - } - - if (!ocsp_client_called || !ocsp_server_called) { - printf("OCSP callbacks not called\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(ocsp_client_called) + || !TEST_true(ocsp_server_called)) goto end; - } - SSL_free(serverssl); SSL_free(clientssl); serverssl = NULL; @@ -301,23 +794,14 @@ static int test_tlsext_status_type(void) ocsp_client_called = 0; ocsp_server_called = 0; cdummyarg = 0; - - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { - printf("Unable to create SSL objects\n"); - goto end; - } - - /* This should fail because the callback will fail */ - if (create_ssl_connection(serverssl, clientssl)) { - printf("Unexpected success creating the connection\n"); - goto end; - } - - if (ocsp_client_called || ocsp_server_called) { - printf("OCSP callbacks successfully called unexpectedly\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + /* This should fail because the callback will fail */ + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(ocsp_client_called) + || !TEST_false(ocsp_server_called)) goto end; - } - SSL_free(serverssl); SSL_free(clientssl); serverssl = NULL; @@ -330,30 +814,22 @@ static int test_tlsext_status_type(void) ocsp_client_called = 0; ocsp_server_called = 0; cdummyarg = 2; - - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { - printf("Unable to create SSL objects\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL))) goto end; - } /* * We'll just use any old cert for this test - it doesn't have to be an OCSP * specific one. We'll use the server cert. */ - certbio = BIO_new_file(cert, "r"); - if (certbio == NULL) { - printf("Can't load the certificate file\n"); - goto end; - } - id = OCSP_RESPID_new(); - ids = sk_OCSP_RESPID_new_null(); - ocspcert = PEM_read_bio_X509(certbio, NULL, NULL, NULL); - if (id == NULL || ids == NULL || ocspcert == NULL - || !OCSP_RESPID_set_by_key(id, ocspcert) - || !sk_OCSP_RESPID_push(ids, id)) { - printf("Unable to set OCSP_RESPIDs\n"); + if (!TEST_ptr(certbio = BIO_new_file(cert, "r")) + || !TEST_ptr(id = OCSP_RESPID_new()) + || !TEST_ptr(ids = sk_OCSP_RESPID_new_null()) + || !TEST_ptr(ocspcert = PEM_read_bio_X509(certbio, + NULL, NULL, NULL)) + || !TEST_true(OCSP_RESPID_set_by_key(id, ocspcert)) + || !TEST_true(sk_OCSP_RESPID_push(ids, id))) goto end; - } id = NULL; SSL_set_tlsext_status_ids(clientssl, ids); /* Control has been transferred */ @@ -362,15 +838,11 @@ static int test_tlsext_status_type(void) BIO_free(certbio); certbio = NULL; - if (!create_ssl_connection(serverssl, clientssl)) { - printf("Unable to create SSL connection\n"); + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(ocsp_client_called) + || !TEST_true(ocsp_server_called)) goto end; - } - - if (!ocsp_client_called || !ocsp_server_called) { - printf("OCSP callbacks not called\n"); - goto end; - } testresult = 1; @@ -387,38 +859,19 @@ static int test_tlsext_status_type(void) return testresult; } -#endif /* ndef OPENSSL_NO_OCSP */ - -typedef struct ssl_session_test_fixture { - const char *test_case_name; - int use_ext_cache; - int use_int_cache; -} SSL_SESSION_TEST_FIXTURE; - -static int new_called = 0, remove_called = 0; - -static SSL_SESSION_TEST_FIXTURE -ssl_session_set_up(const char *const test_case_name) -{ - SSL_SESSION_TEST_FIXTURE fixture; - - fixture.test_case_name = test_case_name; - fixture.use_ext_cache = 1; - fixture.use_int_cache = 1; - - new_called = remove_called = 0; - - return fixture; -} +#endif -static void ssl_session_tear_down(SSL_SESSION_TEST_FIXTURE fixture) -{ -} +#if !defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2) +static int new_called, remove_called, get_called; static int new_session_cb(SSL *ssl, SSL_SESSION *sess) { new_called++; - + /* + * sess has been up-refed for us, but we don't actually need it so free it + * immediately. + */ + SSL_SESSION_free(sess); return 1; } @@ -427,35 +880,52 @@ static void remove_session_cb(SSL_CTX *ctx, SSL_SESSION *sess) remove_called++; } -static int execute_test_session(SSL_SESSION_TEST_FIXTURE fix) +static SSL_SESSION *get_sess_val = NULL; + +static SSL_SESSION *get_session_cb(SSL *ssl, const unsigned char *id, int len, + int *copy) +{ + get_called++; + *copy = 1; + return get_sess_val; +} + +static int execute_test_session(int maxprot, int use_int_cache, + int use_ext_cache) { SSL_CTX *sctx = NULL, *cctx = NULL; SSL *serverssl1 = NULL, *clientssl1 = NULL; SSL *serverssl2 = NULL, *clientssl2 = NULL; -#ifndef OPENSSL_NO_TLS1_1 +# ifndef OPENSSL_NO_TLS1_1 SSL *serverssl3 = NULL, *clientssl3 = NULL; -#endif +# endif SSL_SESSION *sess1 = NULL, *sess2 = NULL; - int testresult = 0; + int testresult = 0, numnewsesstick = 1; - if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + new_called = remove_called = 0; + + /* TLSv1.3 sends 2 NewSessionTickets */ + if (maxprot == TLS1_3_VERSION) + numnewsesstick = 2; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) return 0; - } -#ifndef OPENSSL_NO_TLS1_2 - /* Only allow TLS1.2 so we can force a connection failure later */ - SSL_CTX_set_min_proto_version(cctx, TLS1_2_VERSION); -#endif + /* + * Only allow the max protocol version so we can force a connection failure + * later + */ + SSL_CTX_set_min_proto_version(cctx, maxprot); + SSL_CTX_set_max_proto_version(cctx, maxprot); /* Set up session cache */ - if (fix.use_ext_cache) { + if (use_ext_cache) { SSL_CTX_sess_set_new_cb(cctx, new_session_cb); SSL_CTX_sess_set_remove_cb(cctx, remove_session_cb); } - if (fix.use_int_cache) { + if (use_int_cache) { /* Also covers instance where both are set */ SSL_CTX_set_session_cache_mode(cctx, SSL_SESS_CACHE_CLIENT); } else { @@ -464,141 +934,226 @@ static int execute_test_session(SSL_SESSION_TEST_FIXTURE fix) | SSL_SESS_CACHE_NO_INTERNAL_STORE); } - if (!create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, NULL, - NULL)) { - printf("Unable to create SSL objects\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl1, clientssl1, + SSL_ERROR_NONE)) + || !TEST_ptr(sess1 = SSL_get1_session(clientssl1))) goto end; - } - if (!create_ssl_connection(serverssl1, clientssl1)) { - printf("Unable to create SSL connection\n"); + /* Should fail because it should already be in the cache */ + if (use_int_cache && !TEST_false(SSL_CTX_add_session(cctx, sess1))) goto end; - } - sess1 = SSL_get1_session(clientssl1); - if (sess1 == NULL) { - printf("Unexpected NULL session\n"); - goto end; - } + if (use_ext_cache + && (!TEST_int_eq(new_called, numnewsesstick) - if (fix.use_int_cache && SSL_CTX_add_session(cctx, sess1)) { - /* Should have failed because it should already be in the cache */ - printf("Unexpected success adding session to cache\n"); + || !TEST_int_eq(remove_called, 0))) goto end; - } - if (fix.use_ext_cache && (new_called != 1 || remove_called != 0)) { - printf("Session not added to cache\n"); + new_called = remove_called = 0; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl2, + &clientssl2, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl2, sess1)) + || !TEST_true(create_ssl_connection(serverssl2, clientssl2, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl2))) goto end; + + if (maxprot == TLS1_3_VERSION) { + /* + * In TLSv1.3 we should have created a new session even though we have + * resumed. Since we attempted a resume we should also have removed the + * old ticket from the cache so that we try to only use tickets once. + */ + if (use_ext_cache + && (!TEST_int_eq(new_called, 1) + || !TEST_int_eq(remove_called, 1))) + goto end; + } else { + /* + * In TLSv1.2 we expect to have resumed so no sessions added or + * removed. + */ + if (use_ext_cache + && (!TEST_int_eq(new_called, 0) + || !TEST_int_eq(remove_called, 0))) + goto end; } - if (!create_ssl_objects(sctx, cctx, &serverssl2, &clientssl2, NULL, NULL)) { - printf("Unable to create second SSL objects\n"); + SSL_SESSION_free(sess1); + if (!TEST_ptr(sess1 = SSL_get1_session(clientssl2))) goto end; - } + shutdown_ssl_connection(serverssl2, clientssl2); + serverssl2 = clientssl2 = NULL; - if (!create_ssl_connection(serverssl2, clientssl2)) { - printf("Unable to create second SSL connection\n"); + new_called = remove_called = 0; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl2, + &clientssl2, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl2, clientssl2, + SSL_ERROR_NONE))) goto end; - } - sess2 = SSL_get1_session(clientssl2); - if (sess2 == NULL) { - printf("Unexpected NULL session from clientssl2\n"); + if (!TEST_ptr(sess2 = SSL_get1_session(clientssl2))) goto end; - } - if (fix.use_ext_cache && (new_called != 2 || remove_called != 0)) { - printf("Remove session callback unexpectedly called\n"); + if (use_ext_cache + && (!TEST_int_eq(new_called, numnewsesstick) + || !TEST_int_eq(remove_called, 0))) goto end; - } + new_called = remove_called = 0; /* - * This should clear sess2 from the cache because it is a "bad" session. See - * SSL_set_session() documentation. + * This should clear sess2 from the cache because it is a "bad" session. + * See SSL_set_session() documentation. */ - if (!SSL_set_session(clientssl2, sess1)) { - printf("Unexpected failure setting session\n"); + if (!TEST_true(SSL_set_session(clientssl2, sess1))) goto end; - } - - if (fix.use_ext_cache && (new_called != 2 || remove_called != 1)) { - printf("Failed to call callback to remove session\n"); + if (use_ext_cache + && (!TEST_int_eq(new_called, 0) || !TEST_int_eq(remove_called, 1))) goto end; - } - - - if (SSL_get_session(clientssl2) != sess1) { - printf("Unexpected session found\n"); + if (!TEST_ptr_eq(SSL_get_session(clientssl2), sess1)) goto end; - } - - if (fix.use_int_cache) { - if (!SSL_CTX_add_session(cctx, sess2)) { - /* - * Should have succeeded because it should not already be in the cache - */ - printf("Unexpected failure adding session to cache\n"); - goto end; - } - if (!SSL_CTX_remove_session(cctx, sess2)) { - printf("Unexpected failure removing session from cache\n"); + if (use_int_cache) { + /* Should succeeded because it should not already be in the cache */ + if (!TEST_true(SSL_CTX_add_session(cctx, sess2)) + || !TEST_true(SSL_CTX_remove_session(cctx, sess2))) goto end; - } - - /* This is for the purposes of internal cache testing...ignore the - * counter for external cache - */ - if (fix.use_ext_cache) - remove_called--; } + new_called = remove_called = 0; /* This shouldn't be in the cache so should fail */ - if (SSL_CTX_remove_session(cctx, sess2)) { - printf("Unexpected success removing session from cache\n"); + if (!TEST_false(SSL_CTX_remove_session(cctx, sess2))) goto end; - } - if (fix.use_ext_cache && (new_called != 2 || remove_called != 2)) { - printf("Failed to call callback to remove session #2\n"); + if (use_ext_cache + && (!TEST_int_eq(new_called, 0) || !TEST_int_eq(remove_called, 1))) goto end; - } -#if !defined(OPENSSL_NO_TLS1_1) && !defined(OPENSSL_NO_TLS1_2) +# if !defined(OPENSSL_NO_TLS1_1) + new_called = remove_called = 0; /* Force a connection failure */ SSL_CTX_set_max_proto_version(sctx, TLS1_1_VERSION); - - if (!create_ssl_objects(sctx, cctx, &serverssl3, &clientssl3, NULL, NULL)) { - printf("Unable to create third SSL objects\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl3, + &clientssl3, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl3, sess1)) + /* This should fail because of the mismatched protocol versions */ + || !TEST_false(create_ssl_connection(serverssl3, clientssl3, + SSL_ERROR_NONE))) goto end; - } - if (!SSL_set_session(clientssl3, sess1)) { - printf("Unable to set session for third connection\n"); + /* We should have automatically removed the session from the cache */ + if (use_ext_cache + && (!TEST_int_eq(new_called, 0) || !TEST_int_eq(remove_called, 1))) goto end; - } - /* This should fail because of the mismatched protocol versions */ - if (create_ssl_connection(serverssl3, clientssl3)) { - printf("Unable to create third SSL connection\n"); + /* Should succeed because it should not already be in the cache */ + if (use_int_cache && !TEST_true(SSL_CTX_add_session(cctx, sess2))) goto end; +# endif + + /* Now do some tests for server side caching */ + if (use_ext_cache) { + SSL_CTX_sess_set_new_cb(cctx, NULL); + SSL_CTX_sess_set_remove_cb(cctx, NULL); + SSL_CTX_sess_set_new_cb(sctx, new_session_cb); + SSL_CTX_sess_set_remove_cb(sctx, remove_session_cb); + SSL_CTX_sess_set_get_cb(sctx, get_session_cb); + get_sess_val = NULL; } + SSL_CTX_set_session_cache_mode(cctx, 0); + /* Internal caching is the default on the server side */ + if (!use_int_cache) + SSL_CTX_set_session_cache_mode(sctx, + SSL_SESS_CACHE_SERVER + | SSL_SESS_CACHE_NO_INTERNAL_STORE); - /* We should have automatically removed the session from the cache */ - if (fix.use_ext_cache && (new_called != 2 || remove_called != 3)) { - printf("Failed to call callback to remove session #2\n"); + SSL_free(serverssl1); + SSL_free(clientssl1); + serverssl1 = clientssl1 = NULL; + SSL_free(serverssl2); + SSL_free(clientssl2); + serverssl2 = clientssl2 = NULL; + SSL_SESSION_free(sess1); + sess1 = NULL; + SSL_SESSION_free(sess2); + sess2 = NULL; + + SSL_CTX_set_max_proto_version(sctx, maxprot); + if (maxprot == TLS1_2_VERSION) + SSL_CTX_set_options(sctx, SSL_OP_NO_TICKET); + new_called = remove_called = get_called = 0; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl1, &clientssl1, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl1, clientssl1, + SSL_ERROR_NONE)) + || !TEST_ptr(sess1 = SSL_get1_session(clientssl1)) + || !TEST_ptr(sess2 = SSL_get1_session(serverssl1))) goto end; + + if (use_int_cache) { + if (maxprot == TLS1_3_VERSION && !use_ext_cache) { + /* + * In TLSv1.3 it should not have been added to the internal cache, + * except in the case where we also have an external cache (in that + * case it gets added to the cache in order to generate remove + * events after timeout). + */ + if (!TEST_false(SSL_CTX_remove_session(sctx, sess2))) + goto end; + } else { + /* Should fail because it should already be in the cache */ + if (!TEST_false(SSL_CTX_add_session(sctx, sess2))) + goto end; + } } - if (fix.use_int_cache && !SSL_CTX_add_session(cctx, sess2)) { + if (use_ext_cache) { + SSL_SESSION *tmp = sess2; + + if (!TEST_int_eq(new_called, numnewsesstick) + || !TEST_int_eq(remove_called, 0) + || !TEST_int_eq(get_called, 0)) + goto end; /* - * Should have succeeded because it should not already be in the cache + * Delete the session from the internal cache to force a lookup from + * the external cache. We take a copy first because + * SSL_CTX_remove_session() also marks the session as non-resumable. */ - printf("Unexpected failure adding session to cache #2\n"); + if (use_int_cache && maxprot != TLS1_3_VERSION) { + if (!TEST_ptr(tmp = SSL_SESSION_dup(sess2)) + || !TEST_true(SSL_CTX_remove_session(sctx, sess2))) + goto end; + SSL_SESSION_free(sess2); + } + sess2 = tmp; + } + + new_called = remove_called = get_called = 0; + get_sess_val = sess2; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl2, + &clientssl2, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl2, sess1)) + || !TEST_true(create_ssl_connection(serverssl2, clientssl2, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl2))) goto end; + + if (use_ext_cache) { + if (!TEST_int_eq(remove_called, 0)) + goto end; + + if (maxprot == TLS1_3_VERSION) { + if (!TEST_int_eq(new_called, 1) + || !TEST_int_eq(get_called, 0)) + goto end; + } else { + if (!TEST_int_eq(new_called, 0) + || !TEST_int_eq(get_called, 1)) + goto end; + } } -#endif testresult = 1; @@ -607,55 +1162,369 @@ static int execute_test_session(SSL_SESSION_TEST_FIXTURE fix) SSL_free(clientssl1); SSL_free(serverssl2); SSL_free(clientssl2); -#ifndef OPENSSL_NO_TLS1_1 +# ifndef OPENSSL_NO_TLS1_1 SSL_free(serverssl3); SSL_free(clientssl3); -#endif +# endif SSL_SESSION_free(sess1); SSL_SESSION_free(sess2); - /* - * Check if we need to remove any sessions up-refed for the external cache - */ - if (new_called >= 1) - SSL_SESSION_free(sess1); - if (new_called >= 2) - SSL_SESSION_free(sess2); SSL_CTX_free(sctx); SSL_CTX_free(cctx); return testresult; } +#endif /* !defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2) */ static int test_session_with_only_int_cache(void) { - SETUP_TEST_FIXTURE(SSL_SESSION_TEST_FIXTURE, ssl_session_set_up); - - fixture.use_ext_cache = 0; +#ifndef OPENSSL_NO_TLS1_3 + if (!execute_test_session(TLS1_3_VERSION, 1, 0)) + return 0; +#endif - EXECUTE_TEST(execute_test_session, ssl_session_tear_down); +#ifndef OPENSSL_NO_TLS1_2 + return execute_test_session(TLS1_2_VERSION, 1, 0); +#else + return 1; +#endif } static int test_session_with_only_ext_cache(void) { - SETUP_TEST_FIXTURE(SSL_SESSION_TEST_FIXTURE, ssl_session_set_up); - - fixture.use_int_cache = 0; +#ifndef OPENSSL_NO_TLS1_3 + if (!execute_test_session(TLS1_3_VERSION, 0, 1)) + return 0; +#endif - EXECUTE_TEST(execute_test_session, ssl_session_tear_down); +#ifndef OPENSSL_NO_TLS1_2 + return execute_test_session(TLS1_2_VERSION, 0, 1); +#else + return 1; +#endif } static int test_session_with_both_cache(void) { - SETUP_TEST_FIXTURE(SSL_SESSION_TEST_FIXTURE, ssl_session_set_up); +#ifndef OPENSSL_NO_TLS1_3 + if (!execute_test_session(TLS1_3_VERSION, 1, 1)) + return 0; +#endif + +#ifndef OPENSSL_NO_TLS1_2 + return execute_test_session(TLS1_2_VERSION, 1, 1); +#else + return 1; +#endif +} + +#ifndef OPENSSL_NO_TLS1_3 +static SSL_SESSION *sesscache[6]; +static int do_cache; + +static int new_cachesession_cb(SSL *ssl, SSL_SESSION *sess) +{ + if (do_cache) { + sesscache[new_called] = sess; + } else { + /* We don't need the reference to the session, so free it */ + SSL_SESSION_free(sess); + } + new_called++; + + return 1; +} + +static int post_handshake_verify(SSL *sssl, SSL *cssl) +{ + SSL_set_verify(sssl, SSL_VERIFY_PEER, NULL); + if (!TEST_true(SSL_verify_client_post_handshake(sssl))) + return 0; + + /* Start handshake on the server and client */ + if (!TEST_int_eq(SSL_do_handshake(sssl), 1) + || !TEST_int_le(SSL_read(cssl, NULL, 0), 0) + || !TEST_int_le(SSL_read(sssl, NULL, 0), 0) + || !TEST_true(create_ssl_connection(sssl, cssl, + SSL_ERROR_NONE))) + return 0; + + return 1; +} + +static int setup_ticket_test(int stateful, int idx, SSL_CTX **sctx, + SSL_CTX **cctx) +{ + int sess_id_ctx = 1; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, sctx, + cctx, cert, privkey)) + || !TEST_true(SSL_CTX_set_num_tickets(*sctx, idx)) + || !TEST_true(SSL_CTX_set_session_id_context(*sctx, + (void *)&sess_id_ctx, + sizeof(sess_id_ctx)))) + return 0; + + if (stateful) + SSL_CTX_set_options(*sctx, SSL_OP_NO_TICKET); + + SSL_CTX_set_session_cache_mode(*cctx, SSL_SESS_CACHE_CLIENT + | SSL_SESS_CACHE_NO_INTERNAL_STORE); + SSL_CTX_sess_set_new_cb(*cctx, new_cachesession_cb); + + return 1; +} + +static int check_resumption(int idx, SSL_CTX *sctx, SSL_CTX *cctx, int succ) +{ + SSL *serverssl = NULL, *clientssl = NULL; + int i; + + /* Test that we can resume with all the tickets we got given */ + for (i = 0; i < idx * 2; i++) { + new_called = 0; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, sesscache[i]))) + goto end; + + SSL_set_post_handshake_auth(clientssl, 1); + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + /* + * Following a successful resumption we only get 1 ticket. After a + * failed one we should get idx tickets. + */ + if (succ) { + if (!TEST_true(SSL_session_reused(clientssl)) + || !TEST_int_eq(new_called, 1)) + goto end; + } else { + if (!TEST_false(SSL_session_reused(clientssl)) + || !TEST_int_eq(new_called, idx)) + goto end; + } + + new_called = 0; + /* After a post-handshake authentication we should get 1 new ticket */ + if (succ + && (!post_handshake_verify(serverssl, clientssl) + || !TEST_int_eq(new_called, 1))) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + SSL_SESSION_free(sesscache[i]); + sesscache[i] = NULL; + } + + return 1; + + end: + SSL_free(clientssl); + SSL_free(serverssl); + return 0; +} + +static int test_tickets(int stateful, int idx) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + int testresult = 0; + size_t j; + + /* idx is the test number, but also the number of tickets we want */ + + new_called = 0; + do_cache = 1; + + if (!setup_ticket_test(stateful, idx, &sctx, &cctx)) + goto end; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL))) + goto end; + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + /* Check we got the number of tickets we were expecting */ + || !TEST_int_eq(idx, new_called)) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + clientssl = serverssl = NULL; + sctx = cctx = NULL; + + /* + * Now we try to resume with the tickets we previously created. The + * resumption attempt is expected to fail (because we're now using a new + * SSL_CTX). We should see idx number of tickets issued again. + */ + + /* Stop caching sessions - just count them */ + do_cache = 0; + + if (!setup_ticket_test(stateful, idx, &sctx, &cctx)) + goto end; + + if (!check_resumption(idx, sctx, cctx, 0)) + goto end; + + /* Start again with caching sessions */ + new_called = 0; + do_cache = 1; + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + sctx = cctx = NULL; + + if (!setup_ticket_test(stateful, idx, &sctx, &cctx)) + goto end; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL))) + goto end; + + SSL_set_post_handshake_auth(clientssl, 1); + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + /* Check we got the number of tickets we were expecting */ + || !TEST_int_eq(idx, new_called)) + goto end; + + /* After a post-handshake authentication we should get new tickets issued */ + if (!post_handshake_verify(serverssl, clientssl) + || !TEST_int_eq(idx * 2, new_called)) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + /* Stop caching sessions - just count them */ + do_cache = 0; + + /* + * Check we can resume with all the tickets we created. This time around the + * resumptions should all be successful. + */ + if (!check_resumption(idx, sctx, cctx, 1)) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + for (j = 0; j < OSSL_NELEM(sesscache); j++) { + SSL_SESSION_free(sesscache[j]); + sesscache[j] = NULL; + } + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); - EXECUTE_TEST(execute_test_session, ssl_session_tear_down); + return testresult; } -#define USE_NULL 0 -#define USE_BIO_1 1 -#define USE_BIO_2 2 +static int test_stateless_tickets(int idx) +{ + return test_tickets(0, idx); +} -#define TOTAL_SSL_SET_BIO_TESTS (3 * 3 * 3 * 3) +static int test_stateful_tickets(int idx) +{ + return test_tickets(1, idx); +} + +static int test_psk_tickets(void) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + int testresult = 0; + int sess_id_ctx = 1; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, &sctx, + &cctx, NULL, NULL)) + || !TEST_true(SSL_CTX_set_session_id_context(sctx, + (void *)&sess_id_ctx, + sizeof(sess_id_ctx)))) + goto end; + + SSL_CTX_set_session_cache_mode(cctx, SSL_SESS_CACHE_CLIENT + | SSL_SESS_CACHE_NO_INTERNAL_STORE); + SSL_CTX_set_psk_use_session_callback(cctx, use_session_cb); + SSL_CTX_set_psk_find_session_callback(sctx, find_session_cb); + SSL_CTX_sess_set_new_cb(cctx, new_session_cb); + use_session_cb_cnt = 0; + find_session_cb_cnt = 0; + srvid = pskid; + new_called = 0; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + clientpsk = serverpsk = create_a_psk(clientssl); + if (!TEST_ptr(clientpsk)) + goto end; + SSL_SESSION_up_ref(clientpsk); + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_int_eq(1, find_session_cb_cnt) + || !TEST_int_eq(1, use_session_cb_cnt) + /* We should always get 1 ticket when using external PSK */ + || !TEST_int_eq(1, new_called)) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + + return testresult; +} +#endif + +#define USE_NULL 0 +#define USE_BIO_1 1 +#define USE_BIO_2 2 +#define USE_DEFAULT 3 + +#define CONNTYPE_CONNECTION_SUCCESS 0 +#define CONNTYPE_CONNECTION_FAIL 1 +#define CONNTYPE_NO_CONNECTION 2 + +#define TOTAL_NO_CONN_SSL_SET_BIO_TESTS (3 * 3 * 3 * 3) +#define TOTAL_CONN_SUCCESS_SSL_SET_BIO_TESTS (2 * 2) +#if !defined(OPENSSL_NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_2) +# define TOTAL_CONN_FAIL_SSL_SET_BIO_TESTS (2 * 2) +#else +# define TOTAL_CONN_FAIL_SSL_SET_BIO_TESTS 0 +#endif + +#define TOTAL_SSL_SET_BIO_TESTS TOTAL_NO_CONN_SSL_SET_BIO_TESTS \ + + TOTAL_CONN_SUCCESS_SSL_SET_BIO_TESTS \ + + TOTAL_CONN_FAIL_SSL_SET_BIO_TESTS static void setupbio(BIO **res, BIO *bio1, BIO *bio2, int type) { @@ -672,67 +1541,104 @@ static void setupbio(BIO **res, BIO *bio1, BIO *bio2, int type) } } + +/* + * Tests calls to SSL_set_bio() under various conditions. + * + * For the first 3 * 3 * 3 * 3 = 81 tests we do 2 calls to SSL_set_bio() with + * various combinations of valid BIOs or NULL being set for the rbio/wbio. We + * then do more tests where we create a successful connection first using our + * standard connection setup functions, and then call SSL_set_bio() with + * various combinations of valid BIOs or NULL. We then repeat these tests + * following a failed connection. In this last case we are looking to check that + * SSL_set_bio() functions correctly in the case where s->bbio is not NULL. + */ static int test_ssl_set_bio(int idx) { - SSL_CTX *ctx = SSL_CTX_new(TLS_method()); + SSL_CTX *sctx = NULL, *cctx = NULL; BIO *bio1 = NULL; BIO *bio2 = NULL; BIO *irbio = NULL, *iwbio = NULL, *nrbio = NULL, *nwbio = NULL; - SSL *ssl = NULL; - int initrbio, initwbio, newrbio, newwbio; + SSL *serverssl = NULL, *clientssl = NULL; + int initrbio, initwbio, newrbio, newwbio, conntype; int testresult = 0; - if (ctx == NULL) { - printf("Failed to allocate SSL_CTX\n"); - goto end; + if (idx < TOTAL_NO_CONN_SSL_SET_BIO_TESTS) { + initrbio = idx % 3; + idx /= 3; + initwbio = idx % 3; + idx /= 3; + newrbio = idx % 3; + idx /= 3; + newwbio = idx % 3; + conntype = CONNTYPE_NO_CONNECTION; + } else { + idx -= TOTAL_NO_CONN_SSL_SET_BIO_TESTS; + initrbio = initwbio = USE_DEFAULT; + newrbio = idx % 2; + idx /= 2; + newwbio = idx % 2; + idx /= 2; + conntype = idx % 2; } - ssl = SSL_new(ctx); - if (ssl == NULL) { - printf("Failed to allocate SSL object\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) goto end; + + if (conntype == CONNTYPE_CONNECTION_FAIL) { + /* + * We won't ever get here if either TLSv1.3 or TLSv1.2 is disabled + * because we reduced the number of tests in the definition of + * TOTAL_CONN_FAIL_SSL_SET_BIO_TESTS to avoid this scenario. By setting + * mismatched protocol versions we will force a connection failure. + */ + SSL_CTX_set_min_proto_version(sctx, TLS1_3_VERSION); + SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION); } - initrbio = idx % 3; - idx /= 3; - initwbio = idx % 3; - idx /= 3; - newrbio = idx % 3; - idx /= 3; - newwbio = idx; - OPENSSL_assert(newwbio <= 2); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; - if (initrbio == USE_BIO_1 || initwbio == USE_BIO_1 || newrbio == USE_BIO_1 + if (initrbio == USE_BIO_1 + || initwbio == USE_BIO_1 + || newrbio == USE_BIO_1 || newwbio == USE_BIO_1) { - bio1 = BIO_new(BIO_s_mem()); - if (bio1 == NULL) { - printf("Failed to allocate bio1\n"); + if (!TEST_ptr(bio1 = BIO_new(BIO_s_mem()))) goto end; - } } - if (initrbio == USE_BIO_2 || initwbio == USE_BIO_2 || newrbio == USE_BIO_2 + if (initrbio == USE_BIO_2 + || initwbio == USE_BIO_2 + || newrbio == USE_BIO_2 || newwbio == USE_BIO_2) { - bio2 = BIO_new(BIO_s_mem()); - if (bio2 == NULL) { - printf("Failed to allocate bio2\n"); + if (!TEST_ptr(bio2 = BIO_new(BIO_s_mem()))) goto end; - } } - setupbio(&irbio, bio1, bio2, initrbio); - setupbio(&iwbio, bio1, bio2, initwbio); + if (initrbio != USE_DEFAULT) { + setupbio(&irbio, bio1, bio2, initrbio); + setupbio(&iwbio, bio1, bio2, initwbio); + SSL_set_bio(clientssl, irbio, iwbio); - /* - * We want to maintain our own refs to these BIO, so do an up ref for each - * BIO that will have ownership transferred in the SSL_set_bio() call - */ - if (irbio != NULL) - BIO_up_ref(irbio); - if (iwbio != NULL && iwbio != irbio) - BIO_up_ref(iwbio); + /* + * We want to maintain our own refs to these BIO, so do an up ref for + * each BIO that will have ownership transferred in the SSL_set_bio() + * call + */ + if (irbio != NULL) + BIO_up_ref(irbio); + if (iwbio != NULL && iwbio != irbio) + BIO_up_ref(iwbio); + } - SSL_set_bio(ssl, irbio, iwbio); + if (conntype != CONNTYPE_NO_CONNECTION + && !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE) + == (conntype == CONNTYPE_CONNECTION_SUCCESS))) + goto end; setupbio(&nrbio, bio1, bio2, newrbio); setupbio(&nwbio, bio1, bio2, newwbio); @@ -742,76 +1648,50 @@ static int test_ssl_set_bio(int idx) * SSL_set_bio() has some really complicated ownership rules where BIOs have * already been set! */ - if (nrbio != NULL && nrbio != irbio && (nwbio != iwbio || nrbio != nwbio)) + if (nrbio != NULL + && nrbio != irbio + && (nwbio != iwbio || nrbio != nwbio)) BIO_up_ref(nrbio); - if (nwbio != NULL && nwbio != nrbio && (nwbio != iwbio || (nwbio == iwbio && irbio == iwbio))) + if (nwbio != NULL + && nwbio != nrbio + && (nwbio != iwbio || (nwbio == iwbio && irbio == iwbio))) BIO_up_ref(nwbio); - SSL_set_bio(ssl, nrbio, nwbio); + SSL_set_bio(clientssl, nrbio, nwbio); testresult = 1; end: - SSL_free(ssl); BIO_free(bio1); BIO_free(bio2); + /* * This test is checking that the ref counting for SSL_set_bio is correct. * If we get here and we did too many frees then we will fail in the above * functions. If we haven't done enough then this will only be detected in * a crypto-mdebug build */ - SSL_CTX_free(ctx); - + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); return testresult; } -typedef struct ssl_bio_test_fixture { - const char *test_case_name; - int pop_ssl; - enum { NO_BIO_CHANGE, CHANGE_RBIO, CHANGE_WBIO } change_bio; -} SSL_BIO_TEST_FIXTURE; +typedef enum { NO_BIO_CHANGE, CHANGE_RBIO, CHANGE_WBIO } bio_change_t; -static SSL_BIO_TEST_FIXTURE ssl_bio_set_up(const char *const test_case_name) -{ - SSL_BIO_TEST_FIXTURE fixture; - - fixture.test_case_name = test_case_name; - fixture.pop_ssl = 0; - fixture.change_bio = NO_BIO_CHANGE; - - return fixture; -} - -static void ssl_bio_tear_down(SSL_BIO_TEST_FIXTURE fixture) -{ -} - -static int execute_test_ssl_bio(SSL_BIO_TEST_FIXTURE fix) +static int execute_test_ssl_bio(int pop_ssl, bio_change_t change_bio) { BIO *sslbio = NULL, *membio1 = NULL, *membio2 = NULL; - SSL_CTX *ctx = SSL_CTX_new(TLS_method()); + SSL_CTX *ctx; SSL *ssl = NULL; int testresult = 0; - if (ctx == NULL) { - printf("Failed to allocate SSL_CTX\n"); - return 0; - } - - ssl = SSL_new(ctx); - if (ssl == NULL) { - printf("Failed to allocate SSL object\n"); - goto end; - } - - sslbio = BIO_new(BIO_f_ssl()); - membio1 = BIO_new(BIO_s_mem()); - - if (sslbio == NULL || membio1 == NULL) { - printf("Malloc failure creating BIOs\n"); + if (!TEST_ptr(ctx = SSL_CTX_new(TLS_method())) + || !TEST_ptr(ssl = SSL_new(ctx)) + || !TEST_ptr(sslbio = BIO_new(BIO_f_ssl())) + || !TEST_ptr(membio1 = BIO_new(BIO_s_mem()))) goto end; - } BIO_set_ssl(sslbio, ssl, BIO_CLOSE); @@ -822,20 +1702,17 @@ static int execute_test_ssl_bio(SSL_BIO_TEST_FIXTURE fix) BIO_push(sslbio, membio1); /* Verify changing the rbio/wbio directly does not cause leaks */ - if (fix.change_bio != NO_BIO_CHANGE) { - membio2 = BIO_new(BIO_s_mem()); - if (membio2 == NULL) { - printf("Malloc failure creating membio2\n"); + if (change_bio != NO_BIO_CHANGE) { + if (!TEST_ptr(membio2 = BIO_new(BIO_s_mem()))) goto end; - } - if (fix.change_bio == CHANGE_RBIO) + if (change_bio == CHANGE_RBIO) SSL_set0_rbio(ssl, membio2); else SSL_set0_wbio(ssl, membio2); } ssl = NULL; - if (fix.pop_ssl) + if (pop_ssl) BIO_pop(sslbio); else BIO_pop(membio1); @@ -852,38 +1729,25 @@ static int execute_test_ssl_bio(SSL_BIO_TEST_FIXTURE fix) static int test_ssl_bio_pop_next_bio(void) { - SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); - - EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); + return execute_test_ssl_bio(0, NO_BIO_CHANGE); } static int test_ssl_bio_pop_ssl_bio(void) { - SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); - - fixture.pop_ssl = 1; - - EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); + return execute_test_ssl_bio(1, NO_BIO_CHANGE); } static int test_ssl_bio_change_rbio(void) { - SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); - - fixture.change_bio = CHANGE_RBIO; - - EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); + return execute_test_ssl_bio(0, CHANGE_RBIO); } static int test_ssl_bio_change_wbio(void) { - SETUP_TEST_FIXTURE(SSL_BIO_TEST_FIXTURE, ssl_bio_set_up); - - fixture.change_bio = CHANGE_WBIO; - - EXECUTE_TEST(execute_test_ssl_bio, ssl_bio_tear_down); + return execute_test_ssl_bio(0, CHANGE_WBIO); } +#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) typedef struct { /* The list of sig algs */ const int *list; @@ -898,19 +1762,25 @@ typedef struct { } sigalgs_list; static const int validlist1[] = {NID_sha256, EVP_PKEY_RSA}; +# ifndef OPENSSL_NO_EC static const int validlist2[] = {NID_sha256, EVP_PKEY_RSA, NID_sha512, EVP_PKEY_EC}; static const int validlist3[] = {NID_sha512, EVP_PKEY_EC}; +# endif static const int invalidlist1[] = {NID_undef, EVP_PKEY_RSA}; static const int invalidlist2[] = {NID_sha256, NID_undef}; static const int invalidlist3[] = {NID_sha256, EVP_PKEY_RSA, NID_sha256}; static const int invalidlist4[] = {NID_sha256}; static const sigalgs_list testsigalgs[] = { {validlist1, OSSL_NELEM(validlist1), NULL, 1, 1}, +# ifndef OPENSSL_NO_EC {validlist2, OSSL_NELEM(validlist2), NULL, 1, 1}, {validlist3, OSSL_NELEM(validlist3), NULL, 1, 0}, +# endif {NULL, 0, "RSA+SHA256", 1, 1}, +# ifndef OPENSSL_NO_EC {NULL, 0, "RSA+SHA256:ECDSA+SHA512", 1, 1}, {NULL, 0, "ECDSA+SHA512", 1, 0}, +# endif {invalidlist1, OSSL_NELEM(invalidlist1), NULL, 0, 0}, {invalidlist2, OSSL_NELEM(invalidlist2), NULL, 0, 0}, {invalidlist3, OSSL_NELEM(invalidlist3), NULL, 0, 0}, @@ -918,7 +1788,8 @@ static const sigalgs_list testsigalgs[] = { {NULL, 0, "RSA", 0, 0}, {NULL, 0, "SHA256", 0, 0}, {NULL, 0, "RSA+SHA256:SHA256", 0, 0}, - {NULL, 0, "Invalid", 0, 0}}; + {NULL, 0, "Invalid", 0, 0} +}; static int test_set_sigalgs(int idx) { @@ -929,22 +1800,27 @@ static int test_set_sigalgs(int idx) int testctx; /* Should never happen */ - if ((size_t)idx >= OSSL_NELEM(testsigalgs) * 2) + if (!TEST_size_t_le((size_t)idx, OSSL_NELEM(testsigalgs) * 2)) return 0; testctx = ((size_t)idx < OSSL_NELEM(testsigalgs)); curr = testctx ? &testsigalgs[idx] : &testsigalgs[idx - OSSL_NELEM(testsigalgs)]; - if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) return 0; - } + + /* + * TODO(TLS1.3): These APIs cannot set TLSv1.3 sig algs so we just test it + * for TLSv1.2 for now until we add a new API. + */ + SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION); if (testctx) { int ret; + if (curr->list != NULL) ret = SSL_CTX_set1_sigalgs(cctx, curr->list, curr->listlen); else @@ -952,22 +1828,20 @@ static int test_set_sigalgs(int idx) if (!ret) { if (curr->valid) - printf("Unexpected failure setting sigalgs in SSL_CTX (%d)\n", - idx); + TEST_info("Failure setting sigalgs in SSL_CTX (%d)\n", idx); else testresult = 1; goto end; } if (!curr->valid) { - printf("Unexpected success setting sigalgs in SSL_CTX (%d)\n", idx); + TEST_info("Not-failed setting sigalgs in SSL_CTX (%d)\n", idx); goto end; } } - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL)) { - printf("Unable to create SSL objects\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL))) goto end; - } if (!testctx) { int ret; @@ -978,25 +1852,1223 @@ static int test_set_sigalgs(int idx) ret = SSL_set1_sigalgs_list(clientssl, curr->liststr); if (!ret) { if (curr->valid) - printf("Unexpected failure setting sigalgs in SSL (%d)\n", idx); + TEST_info("Failure setting sigalgs in SSL (%d)\n", idx); else testresult = 1; goto end; } - if (!curr->valid) { - printf("Unexpected success setting sigalgs in SSL (%d)\n", idx); + if (!curr->valid) + goto end; + } + + if (!TEST_int_eq(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE), + curr->connsuccess)) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif + +#ifndef OPENSSL_NO_TLS1_3 +static int psk_client_cb_cnt = 0; +static int psk_server_cb_cnt = 0; + +static int use_session_cb(SSL *ssl, const EVP_MD *md, const unsigned char **id, + size_t *idlen, SSL_SESSION **sess) +{ + switch (++use_session_cb_cnt) { + case 1: + /* The first call should always have a NULL md */ + if (md != NULL) + return 0; + break; + + case 2: + /* The second call should always have an md */ + if (md == NULL) + return 0; + break; + + default: + /* We should only be called a maximum of twice */ + return 0; + } + + if (clientpsk != NULL) + SSL_SESSION_up_ref(clientpsk); + + *sess = clientpsk; + *id = (const unsigned char *)pskid; + *idlen = strlen(pskid); + + return 1; +} + +#ifndef OPENSSL_NO_PSK +static unsigned int psk_client_cb(SSL *ssl, const char *hint, char *id, + unsigned int max_id_len, + unsigned char *psk, + unsigned int max_psk_len) +{ + unsigned int psklen = 0; + + psk_client_cb_cnt++; + + if (strlen(pskid) + 1 > max_id_len) + return 0; + + /* We should only ever be called a maximum of twice per connection */ + if (psk_client_cb_cnt > 2) + return 0; + + if (clientpsk == NULL) + return 0; + + /* We'll reuse the PSK we set up for TLSv1.3 */ + if (SSL_SESSION_get_master_key(clientpsk, NULL, 0) > max_psk_len) + return 0; + psklen = SSL_SESSION_get_master_key(clientpsk, psk, max_psk_len); + strncpy(id, pskid, max_id_len); + + return psklen; +} +#endif /* OPENSSL_NO_PSK */ + +static int find_session_cb(SSL *ssl, const unsigned char *identity, + size_t identity_len, SSL_SESSION **sess) +{ + find_session_cb_cnt++; + + /* We should only ever be called a maximum of twice per connection */ + if (find_session_cb_cnt > 2) + return 0; + + if (serverpsk == NULL) + return 0; + + /* Identity should match that set by the client */ + if (strlen(srvid) != identity_len + || strncmp(srvid, (const char *)identity, identity_len) != 0) { + /* No PSK found, continue but without a PSK */ + *sess = NULL; + return 1; + } + + SSL_SESSION_up_ref(serverpsk); + *sess = serverpsk; + + return 1; +} + +#ifndef OPENSSL_NO_PSK +static unsigned int psk_server_cb(SSL *ssl, const char *identity, + unsigned char *psk, unsigned int max_psk_len) +{ + unsigned int psklen = 0; + + psk_server_cb_cnt++; + + /* We should only ever be called a maximum of twice per connection */ + if (find_session_cb_cnt > 2) + return 0; + + if (serverpsk == NULL) + return 0; + + /* Identity should match that set by the client */ + if (strcmp(srvid, identity) != 0) { + return 0; + } + + /* We'll reuse the PSK we set up for TLSv1.3 */ + if (SSL_SESSION_get_master_key(serverpsk, NULL, 0) > max_psk_len) + return 0; + psklen = SSL_SESSION_get_master_key(serverpsk, psk, max_psk_len); + + return psklen; +} +#endif /* OPENSSL_NO_PSK */ + +#define MSG1 "Hello" +#define MSG2 "World." +#define MSG3 "This" +#define MSG4 "is" +#define MSG5 "a" +#define MSG6 "test" +#define MSG7 "message." + +#define TLS13_AES_256_GCM_SHA384_BYTES ((const unsigned char *)"\x13\x02") +#define TLS13_AES_128_GCM_SHA256_BYTES ((const unsigned char *)"\x13\x01") + + +static SSL_SESSION *create_a_psk(SSL *ssl) +{ + const SSL_CIPHER *cipher = NULL; + const unsigned char key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, + 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, + 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, + 0x2c, 0x2d, 0x2e, 0x2f + }; + SSL_SESSION *sess = NULL; + + cipher = SSL_CIPHER_find(ssl, TLS13_AES_256_GCM_SHA384_BYTES); + sess = SSL_SESSION_new(); + if (!TEST_ptr(sess) + || !TEST_ptr(cipher) + || !TEST_true(SSL_SESSION_set1_master_key(sess, key, + sizeof(key))) + || !TEST_true(SSL_SESSION_set_cipher(sess, cipher)) + || !TEST_true( + SSL_SESSION_set_protocol_version(sess, + TLS1_3_VERSION))) { + SSL_SESSION_free(sess); + return NULL; + } + return sess; +} + +/* + * Helper method to setup objects for early data test. Caller frees objects on + * error. + */ +static int setupearly_data_test(SSL_CTX **cctx, SSL_CTX **sctx, SSL **clientssl, + SSL **serverssl, SSL_SESSION **sess, int idx) +{ + if (*sctx == NULL + && !TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + sctx, cctx, cert, privkey))) + return 0; + + if (!TEST_true(SSL_CTX_set_max_early_data(*sctx, SSL3_RT_MAX_PLAIN_LENGTH))) + return 0; + + if (idx == 1) { + /* When idx == 1 we repeat the tests with read_ahead set */ + SSL_CTX_set_read_ahead(*cctx, 1); + SSL_CTX_set_read_ahead(*sctx, 1); + } else if (idx == 2) { + /* When idx == 2 we are doing early_data with a PSK. Set up callbacks */ + SSL_CTX_set_psk_use_session_callback(*cctx, use_session_cb); + SSL_CTX_set_psk_find_session_callback(*sctx, find_session_cb); + use_session_cb_cnt = 0; + find_session_cb_cnt = 0; + srvid = pskid; + } + + if (!TEST_true(create_ssl_objects(*sctx, *cctx, serverssl, clientssl, + NULL, NULL))) + return 0; + + /* + * For one of the run throughs (doesn't matter which one), we'll try sending + * some SNI data in the initial ClientHello. This will be ignored (because + * there is no SNI cb set up by the server), so it should not impact + * early_data. + */ + if (idx == 1 + && !TEST_true(SSL_set_tlsext_host_name(*clientssl, "localhost"))) + return 0; + + if (idx == 2) { + clientpsk = create_a_psk(*clientssl); + if (!TEST_ptr(clientpsk) + /* + * We just choose an arbitrary value for max_early_data which + * should be big enough for testing purposes. + */ + || !TEST_true(SSL_SESSION_set_max_early_data(clientpsk, + 0x100)) + || !TEST_true(SSL_SESSION_up_ref(clientpsk))) { + SSL_SESSION_free(clientpsk); + clientpsk = NULL; + return 0; + } + serverpsk = clientpsk; + + if (sess != NULL) { + if (!TEST_true(SSL_SESSION_up_ref(clientpsk))) { + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + return 0; + } + *sess = clientpsk; + } + return 1; + } + + if (sess == NULL) + return 1; + + if (!TEST_true(create_ssl_connection(*serverssl, *clientssl, + SSL_ERROR_NONE))) + return 0; + + *sess = SSL_get1_session(*clientssl); + SSL_shutdown(*clientssl); + SSL_shutdown(*serverssl); + SSL_free(*serverssl); + SSL_free(*clientssl); + *serverssl = *clientssl = NULL; + + if (!TEST_true(create_ssl_objects(*sctx, *cctx, serverssl, + clientssl, NULL, NULL)) + || !TEST_true(SSL_set_session(*clientssl, *sess))) + return 0; + + return 1; +} + +static int test_early_data_read_write(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + SSL_SESSION *sess = NULL; + unsigned char buf[20], data[1024]; + size_t readbytes, written, eoedlen, rawread, rawwritten; + BIO *rbio; + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, idx))) + goto end; + + /* Write and read some early data */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written)) + || !TEST_size_t_eq(written, strlen(MSG1)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, + sizeof(buf), &readbytes), + SSL_READ_EARLY_DATA_SUCCESS) + || !TEST_mem_eq(MSG1, readbytes, buf, strlen(MSG1)) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_ACCEPTED)) + goto end; + + /* + * Server should be able to write data, and client should be able to + * read it. + */ + if (!TEST_true(SSL_write_early_data(serverssl, MSG2, strlen(MSG2), + &written)) + || !TEST_size_t_eq(written, strlen(MSG2)) + || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2))) + goto end; + + /* Even after reading normal data, client should be able write early data */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG3, strlen(MSG3), + &written)) + || !TEST_size_t_eq(written, strlen(MSG3))) + goto end; + + /* Server should still be able read early data after writing data */ + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_SUCCESS) + || !TEST_mem_eq(buf, readbytes, MSG3, strlen(MSG3))) + goto end; + + /* Write more data from server and read it from client */ + if (!TEST_true(SSL_write_early_data(serverssl, MSG4, strlen(MSG4), + &written)) + || !TEST_size_t_eq(written, strlen(MSG4)) + || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG4, strlen(MSG4))) + goto end; + + /* + * If client writes normal data it should mean writing early data is no + * longer possible. + */ + if (!TEST_true(SSL_write_ex(clientssl, MSG5, strlen(MSG5), &written)) + || !TEST_size_t_eq(written, strlen(MSG5)) + || !TEST_int_eq(SSL_get_early_data_status(clientssl), + SSL_EARLY_DATA_ACCEPTED)) + goto end; + + /* + * At this point the client has written EndOfEarlyData, ClientFinished and + * normal (fully protected) data. We are going to cause a delay between the + * arrival of EndOfEarlyData and ClientFinished. We read out all the data + * in the read BIO, and then just put back the EndOfEarlyData message. + */ + rbio = SSL_get_rbio(serverssl); + if (!TEST_true(BIO_read_ex(rbio, data, sizeof(data), &rawread)) + || !TEST_size_t_lt(rawread, sizeof(data)) + || !TEST_size_t_gt(rawread, SSL3_RT_HEADER_LENGTH)) + goto end; + + /* Record length is in the 4th and 5th bytes of the record header */ + eoedlen = SSL3_RT_HEADER_LENGTH + (data[3] << 8 | data[4]); + if (!TEST_true(BIO_write_ex(rbio, data, eoedlen, &rawwritten)) + || !TEST_size_t_eq(rawwritten, eoedlen)) + goto end; + + /* Server should be told that there is no more early data */ + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_FINISH) + || !TEST_size_t_eq(readbytes, 0)) + goto end; + + /* + * Server has not finished init yet, so should still be able to write early + * data. + */ + if (!TEST_true(SSL_write_early_data(serverssl, MSG6, strlen(MSG6), + &written)) + || !TEST_size_t_eq(written, strlen(MSG6))) + goto end; + + /* Push the ClientFinished and the normal data back into the server rbio */ + if (!TEST_true(BIO_write_ex(rbio, data + eoedlen, rawread - eoedlen, + &rawwritten)) + || !TEST_size_t_eq(rawwritten, rawread - eoedlen)) + goto end; + + /* Server should be able to read normal data */ + if (!TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_size_t_eq(readbytes, strlen(MSG5))) + goto end; + + /* Client and server should not be able to write/read early data now */ + if (!TEST_false(SSL_write_early_data(clientssl, MSG6, strlen(MSG6), + &written))) + goto end; + ERR_clear_error(); + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_ERROR)) + goto end; + ERR_clear_error(); + + /* Client should be able to read the data sent by the server */ + if (!TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG6, strlen(MSG6))) + goto end; + + /* + * Make sure we process the two NewSessionTickets. These arrive + * post-handshake. We attempt reads which we do not expect to return any + * data. + */ + if (!TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_false(SSL_read_ex(clientssl, buf, sizeof(buf), + &readbytes))) + goto end; + + /* Server should be able to write normal data */ + if (!TEST_true(SSL_write_ex(serverssl, MSG7, strlen(MSG7), &written)) + || !TEST_size_t_eq(written, strlen(MSG7)) + || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG7, strlen(MSG7))) + goto end; + + SSL_SESSION_free(sess); + sess = SSL_get1_session(clientssl); + use_session_cb_cnt = 0; + find_session_cb_cnt = 0; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, sess))) + goto end; + + /* Write and read some early data */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written)) + || !TEST_size_t_eq(written, strlen(MSG1)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_SUCCESS) + || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1))) + goto end; + + if (!TEST_int_gt(SSL_connect(clientssl), 0) + || !TEST_int_gt(SSL_accept(serverssl), 0)) + goto end; + + /* Client and server should not be able to write/read early data now */ + if (!TEST_false(SSL_write_early_data(clientssl, MSG6, strlen(MSG6), + &written))) + goto end; + ERR_clear_error(); + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_ERROR)) + goto end; + ERR_clear_error(); + + /* Client and server should be able to write/read normal data */ + if (!TEST_true(SSL_write_ex(clientssl, MSG5, strlen(MSG5), &written)) + || !TEST_size_t_eq(written, strlen(MSG5)) + || !TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_size_t_eq(readbytes, strlen(MSG5))) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(sess); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +static int allow_ed_cb_called = 0; + +static int allow_early_data_cb(SSL *s, void *arg) +{ + int *usecb = (int *)arg; + + allow_ed_cb_called++; + + if (*usecb == 1) + return 0; + + return 1; +} + +/* + * idx == 0: Standard early_data setup + * idx == 1: early_data setup using read_ahead + * usecb == 0: Don't use a custom early data callback + * usecb == 1: Use a custom early data callback and reject the early data + * usecb == 2: Use a custom early data callback and accept the early data + * confopt == 0: Configure anti-replay directly + * confopt == 1: Configure anti-replay using SSL_CONF + */ +static int test_early_data_replay_int(int idx, int usecb, int confopt) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + SSL_SESSION *sess = NULL; + size_t readbytes, written; + unsigned char buf[20]; + + allow_ed_cb_called = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, &sctx, + &cctx, cert, privkey))) + return 0; + + if (usecb > 0) { + if (confopt == 0) { + SSL_CTX_set_options(sctx, SSL_OP_NO_ANTI_REPLAY); + } else { + SSL_CONF_CTX *confctx = SSL_CONF_CTX_new(); + + if (!TEST_ptr(confctx)) + goto end; + SSL_CONF_CTX_set_flags(confctx, SSL_CONF_FLAG_FILE + | SSL_CONF_FLAG_SERVER); + SSL_CONF_CTX_set_ssl_ctx(confctx, sctx); + if (!TEST_int_eq(SSL_CONF_cmd(confctx, "Options", "-AntiReplay"), + 2)) { + SSL_CONF_CTX_free(confctx); + goto end; + } + SSL_CONF_CTX_free(confctx); + } + SSL_CTX_set_allow_early_data_cb(sctx, allow_early_data_cb, &usecb); + } + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, idx))) + goto end; + + /* + * The server is configured to accept early data. Create a connection to + * "use up" the ticket + */ + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl))) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, sess))) + goto end; + + /* Write and read some early data */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written)) + || !TEST_size_t_eq(written, strlen(MSG1))) + goto end; + + if (usecb <= 1) { + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_FINISH) + /* + * The ticket was reused, so the we should have rejected the + * early data + */ + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_REJECTED)) + goto end; + } else { + /* In this case the callback decides to accept the early data */ + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_SUCCESS) + || !TEST_mem_eq(MSG1, strlen(MSG1), buf, readbytes) + /* + * Server will have sent its flight so client can now send + * end of early data and complete its half of the handshake + */ + || !TEST_int_gt(SSL_connect(clientssl), 0) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_FINISH) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_ACCEPTED)) + goto end; + } + + /* Complete the connection */ + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) + || !TEST_int_eq(SSL_session_reused(clientssl), (usecb > 0) ? 1 : 0) + || !TEST_int_eq(allow_ed_cb_called, usecb > 0 ? 1 : 0)) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(sess); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +static int test_early_data_replay(int idx) +{ + int ret = 1, usecb, confopt; + + for (usecb = 0; usecb < 3; usecb++) { + for (confopt = 0; confopt < 2; confopt++) + ret &= test_early_data_replay_int(idx, usecb, confopt); + } + + return ret; +} + +/* + * Helper function to test that a server attempting to read early data can + * handle a connection from a client where the early data should be skipped. + * testtype: 0 == No HRR + * testtype: 1 == HRR + * testtype: 2 == HRR, invalid early_data sent after HRR + * testtype: 3 == recv_max_early_data set to 0 + */ +static int early_data_skip_helper(int testtype, int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + SSL_SESSION *sess = NULL; + unsigned char buf[20]; + size_t readbytes, written; + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, idx))) + goto end; + + if (testtype == 1 || testtype == 2) { + /* Force an HRR to occur */ + if (!TEST_true(SSL_set1_groups_list(serverssl, "P-256"))) + goto end; + } else if (idx == 2) { + /* + * We force early_data rejection by ensuring the PSK identity is + * unrecognised + */ + srvid = "Dummy Identity"; + } else { + /* + * Deliberately corrupt the creation time. We take 20 seconds off the + * time. It could be any value as long as it is not within tolerance. + * This should mean the ticket is rejected. + */ + if (!TEST_true(SSL_SESSION_set_time(sess, (long)(time(NULL) - 20)))) + goto end; + } + + if (testtype == 3 + && !TEST_true(SSL_set_recv_max_early_data(serverssl, 0))) + goto end; + + /* Write some early data */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written)) + || !TEST_size_t_eq(written, strlen(MSG1))) + goto end; + + /* Server should reject the early data */ + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_FINISH) + || !TEST_size_t_eq(readbytes, 0) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_REJECTED)) + goto end; + + switch (testtype) { + case 0: + /* Nothing to do */ + break; + + case 1: + /* + * Finish off the handshake. We perform the same writes and reads as + * further down but we expect them to fail due to the incomplete + * handshake. + */ + if (!TEST_false(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written)) + || !TEST_false(SSL_read_ex(serverssl, buf, sizeof(buf), + &readbytes))) goto end; + break; + + case 2: + { + BIO *wbio = SSL_get_wbio(clientssl); + /* A record that will appear as bad early_data */ + const unsigned char bad_early_data[] = { + 0x17, 0x03, 0x03, 0x00, 0x01, 0x00 + }; + + /* + * We force the client to attempt a write. This will fail because + * we're still in the handshake. It will cause the second + * ClientHello to be sent. + */ + if (!TEST_false(SSL_write_ex(clientssl, MSG2, strlen(MSG2), + &written))) + goto end; + + /* + * Inject some early_data after the second ClientHello. This should + * cause the server to fail + */ + if (!TEST_true(BIO_write_ex(wbio, bad_early_data, + sizeof(bad_early_data), &written))) + goto end; + } + /* fallthrough */ + + case 3: + /* + * This client has sent more early_data than we are willing to skip + * (case 3) or sent invalid early_data (case 2) so the connection should + * abort. + */ + if (!TEST_false(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_int_eq(SSL_get_error(serverssl, 0), SSL_ERROR_SSL)) + goto end; + + /* Connection has failed - nothing more to do */ + testresult = 1; + goto end; + + default: + TEST_error("Invalid test type"); + goto end; + } + + /* + * Should be able to send normal data despite rejection of early data. The + * early_data should be skipped. + */ + if (!TEST_true(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written)) + || !TEST_size_t_eq(written, strlen(MSG2)) + || !TEST_int_eq(SSL_get_early_data_status(clientssl), + SSL_EARLY_DATA_REJECTED) + || !TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2))) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_SESSION_free(sess); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +/* + * Test that a server attempting to read early data can handle a connection + * from a client where the early data is not acceptable. + */ +static int test_early_data_skip(int idx) +{ + return early_data_skip_helper(0, idx); +} + +/* + * Test that a server attempting to read early data can handle a connection + * from a client where an HRR occurs. + */ +static int test_early_data_skip_hrr(int idx) +{ + return early_data_skip_helper(1, idx); +} + +/* + * Test that a server attempting to read early data can handle a connection + * from a client where an HRR occurs and correctly fails if early_data is sent + * after the HRR + */ +static int test_early_data_skip_hrr_fail(int idx) +{ + return early_data_skip_helper(2, idx); +} + +/* + * Test that a server attempting to read early data will abort if it tries to + * skip over too much. + */ +static int test_early_data_skip_abort(int idx) +{ + return early_data_skip_helper(3, idx); +} + +/* + * Test that a server attempting to read early data can handle a connection + * from a client that doesn't send any. + */ +static int test_early_data_not_sent(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + SSL_SESSION *sess = NULL; + unsigned char buf[20]; + size_t readbytes, written; + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, idx))) + goto end; + + /* Write some data - should block due to handshake with server */ + SSL_set_connect_state(clientssl); + if (!TEST_false(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written))) + goto end; + + /* Server should detect that early data has not been sent */ + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_FINISH) + || !TEST_size_t_eq(readbytes, 0) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_NOT_SENT) + || !TEST_int_eq(SSL_get_early_data_status(clientssl), + SSL_EARLY_DATA_NOT_SENT)) + goto end; + + /* Continue writing the message we started earlier */ + if (!TEST_true(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)) + || !TEST_size_t_eq(written, strlen(MSG1)) + || !TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1)) + || !SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written) + || !TEST_size_t_eq(written, strlen(MSG2))) + goto end; + + if (!TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2))) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(sess); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +static int hostname_cb(SSL *s, int *al, void *arg) +{ + const char *hostname = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name); + + if (hostname != NULL && strcmp(hostname, "goodhost") == 0) + return SSL_TLSEXT_ERR_OK; + + return SSL_TLSEXT_ERR_NOACK; +} + +static const char *servalpn; + +static int alpn_select_cb(SSL *ssl, const unsigned char **out, + unsigned char *outlen, const unsigned char *in, + unsigned int inlen, void *arg) +{ + unsigned int protlen = 0; + const unsigned char *prot; + + for (prot = in; prot < in + inlen; prot += protlen) { + protlen = *prot++; + if (in + inlen < prot + protlen) + return SSL_TLSEXT_ERR_NOACK; + + if (protlen == strlen(servalpn) + && memcmp(prot, servalpn, protlen) == 0) { + *out = prot; + *outlen = protlen; + return SSL_TLSEXT_ERR_OK; } } - if (curr->connsuccess != create_ssl_connection(serverssl, clientssl)) { - printf("Unexpected return value creating SSL connection (%d)\n", idx); + return SSL_TLSEXT_ERR_NOACK; +} + +/* Test that a PSK can be used to send early_data */ +static int test_early_data_psk(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + SSL_SESSION *sess = NULL; + unsigned char alpnlist[] = { + 0x08, 'g', 'o', 'o', 'd', 'a', 'l', 'p', 'n', 0x07, 'b', 'a', 'd', 'a', + 'l', 'p', 'n' + }; +#define GOODALPNLEN 9 +#define BADALPNLEN 8 +#define GOODALPN (alpnlist) +#define BADALPN (alpnlist + GOODALPNLEN) + int err = 0; + unsigned char buf[20]; + size_t readbytes, written; + int readearlyres = SSL_READ_EARLY_DATA_SUCCESS, connectres = 1; + int edstatus = SSL_EARLY_DATA_ACCEPTED; + + /* We always set this up with a final parameter of "2" for PSK */ + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, 2))) + goto end; + + servalpn = "goodalpn"; + + /* + * Note: There is no test for inconsistent SNI with late client detection. + * This is because servers do not acknowledge SNI even if they are using + * it in a resumption handshake - so it is not actually possible for a + * client to detect a problem. + */ + switch (idx) { + case 0: + /* Set inconsistent SNI (early client detection) */ + err = SSL_R_INCONSISTENT_EARLY_DATA_SNI; + if (!TEST_true(SSL_SESSION_set1_hostname(sess, "goodhost")) + || !TEST_true(SSL_set_tlsext_host_name(clientssl, "badhost"))) + goto end; + break; + + case 1: + /* Set inconsistent ALPN (early client detection) */ + err = SSL_R_INCONSISTENT_EARLY_DATA_ALPN; + /* SSL_set_alpn_protos returns 0 for success and 1 for failure */ + if (!TEST_true(SSL_SESSION_set1_alpn_selected(sess, GOODALPN, + GOODALPNLEN)) + || !TEST_false(SSL_set_alpn_protos(clientssl, BADALPN, + BADALPNLEN))) + goto end; + break; + + case 2: + /* + * Set invalid protocol version. Technically this affects PSKs without + * early_data too, but we test it here because it is similar to the + * SNI/ALPN consistency tests. + */ + err = SSL_R_BAD_PSK; + if (!TEST_true(SSL_SESSION_set_protocol_version(sess, TLS1_2_VERSION))) + goto end; + break; + + case 3: + /* + * Set inconsistent SNI (server detected). In this case the connection + * will succeed but reject early_data. + */ + SSL_SESSION_free(serverpsk); + serverpsk = SSL_SESSION_dup(clientpsk); + if (!TEST_ptr(serverpsk) + || !TEST_true(SSL_SESSION_set1_hostname(serverpsk, "badhost"))) + goto end; + edstatus = SSL_EARLY_DATA_REJECTED; + readearlyres = SSL_READ_EARLY_DATA_FINISH; + /* Fall through */ + case 4: + /* Set consistent SNI */ + if (!TEST_true(SSL_SESSION_set1_hostname(sess, "goodhost")) + || !TEST_true(SSL_set_tlsext_host_name(clientssl, "goodhost")) + || !TEST_true(SSL_CTX_set_tlsext_servername_callback(sctx, + hostname_cb))) + goto end; + break; + + case 5: + /* + * Set inconsistent ALPN (server detected). In this case the connection + * will succeed but reject early_data. + */ + servalpn = "badalpn"; + edstatus = SSL_EARLY_DATA_REJECTED; + readearlyres = SSL_READ_EARLY_DATA_FINISH; + /* Fall through */ + case 6: + /* + * Set consistent ALPN. + * SSL_set_alpn_protos returns 0 for success and 1 for failure. It + * accepts a list of protos (each one length prefixed). + * SSL_set1_alpn_selected accepts a single protocol (not length + * prefixed) + */ + if (!TEST_true(SSL_SESSION_set1_alpn_selected(sess, GOODALPN + 1, + GOODALPNLEN - 1)) + || !TEST_false(SSL_set_alpn_protos(clientssl, GOODALPN, + GOODALPNLEN))) + goto end; + + SSL_CTX_set_alpn_select_cb(sctx, alpn_select_cb, NULL); + break; + + case 7: + /* Set inconsistent ALPN (late client detection) */ + SSL_SESSION_free(serverpsk); + serverpsk = SSL_SESSION_dup(clientpsk); + if (!TEST_ptr(serverpsk) + || !TEST_true(SSL_SESSION_set1_alpn_selected(clientpsk, + BADALPN + 1, + BADALPNLEN - 1)) + || !TEST_true(SSL_SESSION_set1_alpn_selected(serverpsk, + GOODALPN + 1, + GOODALPNLEN - 1)) + || !TEST_false(SSL_set_alpn_protos(clientssl, alpnlist, + sizeof(alpnlist)))) + goto end; + SSL_CTX_set_alpn_select_cb(sctx, alpn_select_cb, NULL); + edstatus = SSL_EARLY_DATA_ACCEPTED; + readearlyres = SSL_READ_EARLY_DATA_SUCCESS; + /* SSL_connect() call should fail */ + connectres = -1; + break; + + default: + TEST_error("Bad test index"); goto end; } + SSL_set_connect_state(clientssl); + if (err != 0) { + if (!TEST_false(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written)) + || !TEST_int_eq(SSL_get_error(clientssl, 0), SSL_ERROR_SSL) + || !TEST_int_eq(ERR_GET_REASON(ERR_get_error()), err)) + goto end; + } else { + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written))) + goto end; + + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), readearlyres) + || (readearlyres == SSL_READ_EARLY_DATA_SUCCESS + && !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1))) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), edstatus) + || !TEST_int_eq(SSL_connect(clientssl), connectres)) + goto end; + } + + testresult = 1; + + end: + SSL_SESSION_free(sess); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +/* + * Test that a server that doesn't try to read early data can handle a + * client sending some. + */ +static int test_early_data_not_expected(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + SSL_SESSION *sess = NULL; + unsigned char buf[20]; + size_t readbytes, written; + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, idx))) + goto end; + + /* Write some early data */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written))) + goto end; + + /* + * Server should skip over early data and then block waiting for client to + * continue handshake + */ + if (!TEST_int_le(SSL_accept(serverssl), 0) + || !TEST_int_gt(SSL_connect(clientssl), 0) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_REJECTED) + || !TEST_int_gt(SSL_accept(serverssl), 0) + || !TEST_int_eq(SSL_get_early_data_status(clientssl), + SSL_EARLY_DATA_REJECTED)) + goto end; + + /* Send some normal data from client to server */ + if (!TEST_true(SSL_write_ex(clientssl, MSG2, strlen(MSG2), &written)) + || !TEST_size_t_eq(written, strlen(MSG2))) + goto end; + + if (!TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2))) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(sess); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + + +# ifndef OPENSSL_NO_TLS1_2 +/* + * Test that a server attempting to read early data can handle a connection + * from a TLSv1.2 client. + */ +static int test_early_data_tls1_2(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + unsigned char buf[20]; + size_t readbytes, written; + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, NULL, idx))) + goto end; + + /* Write some data - should block due to handshake with server */ + SSL_set_max_proto_version(clientssl, TLS1_2_VERSION); + SSL_set_connect_state(clientssl); + if (!TEST_false(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written))) + goto end; + + /* + * Server should do TLSv1.2 handshake. First it will block waiting for more + * messages from client after ServerDone. Then SSL_read_early_data should + * finish and detect that early data has not been sent + */ + if (!TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_ERROR)) + goto end; + + /* + * Continue writing the message we started earlier. Will still block waiting + * for the CCS/Finished from server + */ + if (!TEST_false(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_FINISH) + || !TEST_size_t_eq(readbytes, 0) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_NOT_SENT)) + goto end; + + /* Continue writing the message we started earlier */ + if (!TEST_true(SSL_write_ex(clientssl, MSG1, strlen(MSG1), &written)) + || !TEST_size_t_eq(written, strlen(MSG1)) + || !TEST_int_eq(SSL_get_early_data_status(clientssl), + SSL_EARLY_DATA_NOT_SENT) + || !TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_mem_eq(buf, readbytes, MSG1, strlen(MSG1)) + || !TEST_true(SSL_write_ex(serverssl, MSG2, strlen(MSG2), &written)) + || !TEST_size_t_eq(written, strlen(MSG2)) + || !SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes) + || !TEST_mem_eq(buf, readbytes, MSG2, strlen(MSG2))) + goto end; + testresult = 1; end: + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; SSL_free(serverssl); SSL_free(clientssl); SSL_CTX_free(sctx); @@ -1004,25 +3076,588 @@ static int test_set_sigalgs(int idx) return testresult; } +# endif /* OPENSSL_NO_TLS1_2 */ -static int clntaddcb = 0; -static int clntparsecb = 0; -static int srvaddcb = 0; -static int srvparsecb = 0; +/* + * Test configuring the TLSv1.3 ciphersuites + * + * Test 0: Set a default ciphersuite in the SSL_CTX (no explicit cipher_list) + * Test 1: Set a non-default ciphersuite in the SSL_CTX (no explicit cipher_list) + * Test 2: Set a default ciphersuite in the SSL (no explicit cipher_list) + * Test 3: Set a non-default ciphersuite in the SSL (no explicit cipher_list) + * Test 4: Set a default ciphersuite in the SSL_CTX (SSL_CTX cipher_list) + * Test 5: Set a non-default ciphersuite in the SSL_CTX (SSL_CTX cipher_list) + * Test 6: Set a default ciphersuite in the SSL (SSL_CTX cipher_list) + * Test 7: Set a non-default ciphersuite in the SSL (SSL_CTX cipher_list) + * Test 8: Set a default ciphersuite in the SSL (SSL cipher_list) + * Test 9: Set a non-default ciphersuite in the SSL (SSL cipher_list) + */ +static int test_set_ciphersuite(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey)) + || !TEST_true(SSL_CTX_set_ciphersuites(sctx, + "TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256"))) + goto end; + + if (idx >=4 && idx <= 7) { + /* SSL_CTX explicit cipher list */ + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES256-GCM-SHA384"))) + goto end; + } + + if (idx == 0 || idx == 4) { + /* Default ciphersuite */ + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_AES_128_GCM_SHA256"))) + goto end; + } else if (idx == 1 || idx == 5) { + /* Non default ciphersuite */ + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_AES_128_CCM_SHA256"))) + goto end; + } + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL))) + goto end; + + if (idx == 8 || idx == 9) { + /* SSL explicit cipher list */ + if (!TEST_true(SSL_set_cipher_list(clientssl, "AES256-GCM-SHA384"))) + goto end; + } + + if (idx == 2 || idx == 6 || idx == 8) { + /* Default ciphersuite */ + if (!TEST_true(SSL_set_ciphersuites(clientssl, + "TLS_AES_128_GCM_SHA256"))) + goto end; + } else if (idx == 3 || idx == 7 || idx == 9) { + /* Non default ciphersuite */ + if (!TEST_true(SSL_set_ciphersuites(clientssl, + "TLS_AES_128_CCM_SHA256"))) + goto end; + } + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +static int test_ciphersuite_change(void) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + SSL_SESSION *clntsess = NULL; + int testresult = 0; + const SSL_CIPHER *aes_128_gcm_sha256 = NULL; + + /* Create a session based on SHA-256 */ + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey)) + || !TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_AES_128_GCM_SHA256")) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + clntsess = SSL_get1_session(clientssl); + /* Save for later */ + aes_128_gcm_sha256 = SSL_SESSION_get0_cipher(clntsess); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + +# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) + /* Check we can resume a session with a different SHA-256 ciphersuite */ + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_CHACHA20_POLY1305_SHA256")) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, clntsess)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl))) + goto end; + + SSL_SESSION_free(clntsess); + clntsess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; +# endif + + /* + * Check attempting to resume a SHA-256 session with no SHA-256 ciphersuites + * succeeds but does not resume. + */ + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_256_GCM_SHA384")) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, clntsess)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_SSL)) + || !TEST_false(SSL_session_reused(clientssl))) + goto end; + + SSL_SESSION_free(clntsess); + clntsess = NULL; + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + /* Create a session based on SHA384 */ + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, "TLS_AES_256_GCM_SHA384")) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + clntsess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384")) + || !TEST_true(SSL_CTX_set_ciphersuites(sctx, + "TLS_AES_256_GCM_SHA384")) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, clntsess)) + /* + * We use SSL_ERROR_WANT_READ below so that we can pause the + * connection after the initial ClientHello has been sent to + * enable us to make some session changes. + */ + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_WANT_READ))) + goto end; + + /* Trick the client into thinking this session is for a different digest */ + clntsess->cipher = aes_128_gcm_sha256; + clntsess->cipher_id = clntsess->cipher->id; + + /* + * Continue the previously started connection. Server has selected a SHA-384 + * ciphersuite, but client thinks the session is for SHA-256, so it should + * bail out. + */ + if (!TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_SSL)) + || !TEST_int_eq(ERR_GET_REASON(ERR_get_error()), + SSL_R_CIPHERSUITE_DIGEST_HAS_CHANGED)) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(clntsess); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +/* + * Test TLSv1.3 PSKs + * Test 0 = Test new style callbacks + * Test 1 = Test both new and old style callbacks + * Test 2 = Test old style callbacks + * Test 3 = Test old style callbacks with no certificate + */ +static int test_tls13_psk(int idx) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + const SSL_CIPHER *cipher = NULL; + const unsigned char key[] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, + 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, + 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f + }; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, idx == 3 ? NULL : cert, + idx == 3 ? NULL : privkey))) + goto end; + + if (idx != 3) { + /* + * We use a ciphersuite with SHA256 to ease testing old style PSK + * callbacks which will always default to SHA256. This should not be + * necessary if we have no cert/priv key. In that case the server should + * prefer SHA256 automatically. + */ + if (!TEST_true(SSL_CTX_set_ciphersuites(cctx, + "TLS_AES_128_GCM_SHA256"))) + goto end; + } + + /* + * Test 0: New style callbacks only + * Test 1: New and old style callbacks (only the new ones should be used) + * Test 2: Old style callbacks only + */ + if (idx == 0 || idx == 1) { + SSL_CTX_set_psk_use_session_callback(cctx, use_session_cb); + SSL_CTX_set_psk_find_session_callback(sctx, find_session_cb); + } +#ifndef OPENSSL_NO_PSK + if (idx >= 1) { + SSL_CTX_set_psk_client_callback(cctx, psk_client_cb); + SSL_CTX_set_psk_server_callback(sctx, psk_server_cb); + } +#endif + srvid = pskid; + use_session_cb_cnt = 0; + find_session_cb_cnt = 0; + psk_client_cb_cnt = 0; + psk_server_cb_cnt = 0; + + if (idx != 3) { + /* + * Check we can create a connection if callback decides not to send a + * PSK + */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(SSL_session_reused(clientssl)) + || !TEST_false(SSL_session_reused(serverssl))) + goto end; + + if (idx == 0 || idx == 1) { + if (!TEST_true(use_session_cb_cnt == 1) + || !TEST_true(find_session_cb_cnt == 0) + /* + * If no old style callback then below should be 0 + * otherwise 1 + */ + || !TEST_true(psk_client_cb_cnt == idx) + || !TEST_true(psk_server_cb_cnt == 0)) + goto end; + } else { + if (!TEST_true(use_session_cb_cnt == 0) + || !TEST_true(find_session_cb_cnt == 0) + || !TEST_true(psk_client_cb_cnt == 1) + || !TEST_true(psk_server_cb_cnt == 0)) + goto end; + } + + shutdown_ssl_connection(serverssl, clientssl); + serverssl = clientssl = NULL; + use_session_cb_cnt = psk_client_cb_cnt = 0; + } + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + /* Create the PSK */ + cipher = SSL_CIPHER_find(clientssl, TLS13_AES_128_GCM_SHA256_BYTES); + clientpsk = SSL_SESSION_new(); + if (!TEST_ptr(clientpsk) + || !TEST_ptr(cipher) + || !TEST_true(SSL_SESSION_set1_master_key(clientpsk, key, + sizeof(key))) + || !TEST_true(SSL_SESSION_set_cipher(clientpsk, cipher)) + || !TEST_true(SSL_SESSION_set_protocol_version(clientpsk, + TLS1_3_VERSION)) + || !TEST_true(SSL_SESSION_up_ref(clientpsk))) + goto end; + serverpsk = clientpsk; + + /* Check we can create a connection and the PSK is used */ + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl)) + || !TEST_true(SSL_session_reused(serverssl))) + goto end; + + if (idx == 0 || idx == 1) { + if (!TEST_true(use_session_cb_cnt == 1) + || !TEST_true(find_session_cb_cnt == 1) + || !TEST_true(psk_client_cb_cnt == 0) + || !TEST_true(psk_server_cb_cnt == 0)) + goto end; + } else { + if (!TEST_true(use_session_cb_cnt == 0) + || !TEST_true(find_session_cb_cnt == 0) + || !TEST_true(psk_client_cb_cnt == 1) + || !TEST_true(psk_server_cb_cnt == 1)) + goto end; + } + + shutdown_ssl_connection(serverssl, clientssl); + serverssl = clientssl = NULL; + use_session_cb_cnt = find_session_cb_cnt = 0; + psk_client_cb_cnt = psk_server_cb_cnt = 0; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + /* Force an HRR */ + if (!TEST_true(SSL_set1_groups_list(serverssl, "P-256"))) + goto end; + + /* + * Check we can create a connection, the PSK is used and the callbacks are + * called twice. + */ + if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl)) + || !TEST_true(SSL_session_reused(serverssl))) + goto end; + + if (idx == 0 || idx == 1) { + if (!TEST_true(use_session_cb_cnt == 2) + || !TEST_true(find_session_cb_cnt == 2) + || !TEST_true(psk_client_cb_cnt == 0) + || !TEST_true(psk_server_cb_cnt == 0)) + goto end; + } else { + if (!TEST_true(use_session_cb_cnt == 0) + || !TEST_true(find_session_cb_cnt == 0) + || !TEST_true(psk_client_cb_cnt == 2) + || !TEST_true(psk_server_cb_cnt == 2)) + goto end; + } + + shutdown_ssl_connection(serverssl, clientssl); + serverssl = clientssl = NULL; + use_session_cb_cnt = find_session_cb_cnt = 0; + psk_client_cb_cnt = psk_server_cb_cnt = 0; + + if (idx != 3) { + /* + * Check that if the server rejects the PSK we can still connect, but with + * a full handshake + */ + srvid = "Dummy Identity"; + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(SSL_session_reused(clientssl)) + || !TEST_false(SSL_session_reused(serverssl))) + goto end; + + if (idx == 0 || idx == 1) { + if (!TEST_true(use_session_cb_cnt == 1) + || !TEST_true(find_session_cb_cnt == 1) + || !TEST_true(psk_client_cb_cnt == 0) + /* + * If no old style callback then below should be 0 + * otherwise 1 + */ + || !TEST_true(psk_server_cb_cnt == idx)) + goto end; + } else { + if (!TEST_true(use_session_cb_cnt == 0) + || !TEST_true(find_session_cb_cnt == 0) + || !TEST_true(psk_client_cb_cnt == 1) + || !TEST_true(psk_server_cb_cnt == 1)) + goto end; + } + + shutdown_ssl_connection(serverssl, clientssl); + serverssl = clientssl = NULL; + } + testresult = 1; + + end: + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +static unsigned char cookie_magic_value[] = "cookie magic"; + +static int generate_cookie_callback(SSL *ssl, unsigned char *cookie, + unsigned int *cookie_len) +{ + /* + * Not suitable as a real cookie generation function but good enough for + * testing! + */ + memcpy(cookie, cookie_magic_value, sizeof(cookie_magic_value) - 1); + *cookie_len = sizeof(cookie_magic_value) - 1; + + return 1; +} + +static int verify_cookie_callback(SSL *ssl, const unsigned char *cookie, + unsigned int cookie_len) +{ + if (cookie_len == sizeof(cookie_magic_value) - 1 + && memcmp(cookie, cookie_magic_value, cookie_len) == 0) + return 1; + + return 0; +} + +static int generate_stateless_cookie_callback(SSL *ssl, unsigned char *cookie, + size_t *cookie_len) +{ + unsigned int temp; + int res = generate_cookie_callback(ssl, cookie, &temp); + *cookie_len = temp; + return res; +} + +static int verify_stateless_cookie_callback(SSL *ssl, const unsigned char *cookie, + size_t cookie_len) +{ + return verify_cookie_callback(ssl, cookie, cookie_len); +} + +static int test_stateless(void) +{ + SSL_CTX *sctx = NULL, *cctx = NULL; + SSL *serverssl = NULL, *clientssl = NULL; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + + /* The arrival of CCS messages can confuse the test */ + SSL_CTX_clear_options(cctx, SSL_OP_ENABLE_MIDDLEBOX_COMPAT); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + /* Send the first ClientHello */ + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_WANT_READ)) + /* + * This should fail with a -1 return because we have no callbacks + * set up + */ + || !TEST_int_eq(SSL_stateless(serverssl), -1)) + goto end; + + /* Fatal error so abandon the connection from this client */ + SSL_free(clientssl); + clientssl = NULL; + + /* Set up the cookie generation and verification callbacks */ + SSL_CTX_set_stateless_cookie_generate_cb(sctx, generate_stateless_cookie_callback); + SSL_CTX_set_stateless_cookie_verify_cb(sctx, verify_stateless_cookie_callback); + + /* + * Create a new connection from the client (we can reuse the server SSL + * object). + */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + /* Send the first ClientHello */ + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_WANT_READ)) + /* This should fail because there is no cookie */ + || !TEST_int_eq(SSL_stateless(serverssl), 0)) + goto end; + + /* Abandon the connection from this client */ + SSL_free(clientssl); + clientssl = NULL; + + /* + * Now create a connection from a new client but with the same server SSL + * object + */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + /* Send the first ClientHello */ + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_WANT_READ)) + /* This should fail because there is no cookie */ + || !TEST_int_eq(SSL_stateless(serverssl), 0) + /* Send the second ClientHello */ + || !TEST_false(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_WANT_READ)) + /* This should succeed because a cookie is now present */ + || !TEST_int_eq(SSL_stateless(serverssl), 1) + /* Complete the connection */ + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + shutdown_ssl_connection(serverssl, clientssl); + serverssl = clientssl = NULL; + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; + +} +#endif /* OPENSSL_NO_TLS1_3 */ + +static int clntaddoldcb = 0; +static int clntparseoldcb = 0; +static int srvaddoldcb = 0; +static int srvparseoldcb = 0; +static int clntaddnewcb = 0; +static int clntparsenewcb = 0; +static int srvaddnewcb = 0; +static int srvparsenewcb = 0; static int snicb = 0; #define TEST_EXT_TYPE1 0xff00 -static int add_cb(SSL *s, unsigned int ext_type, const unsigned char **out, - size_t *outlen, int *al, void *add_arg) +static int old_add_cb(SSL *s, unsigned int ext_type, const unsigned char **out, + size_t *outlen, int *al, void *add_arg) { int *server = (int *)add_arg; unsigned char *data; if (SSL_is_server(s)) - srvaddcb++; + srvaddoldcb++; else - clntaddcb++; + clntaddoldcb++; if (*server != SSL_is_server(s) || (data = OPENSSL_malloc(sizeof(*data))) == NULL) @@ -1034,21 +3669,21 @@ static int add_cb(SSL *s, unsigned int ext_type, const unsigned char **out, return 1; } -static void free_cb(SSL *s, unsigned int ext_type, const unsigned char *out, - void *add_arg) +static void old_free_cb(SSL *s, unsigned int ext_type, const unsigned char *out, + void *add_arg) { OPENSSL_free((unsigned char *)out); } -static int parse_cb(SSL *s, unsigned int ext_type, const unsigned char *in, - size_t inlen, int *al, void *parse_arg) +static int old_parse_cb(SSL *s, unsigned int ext_type, const unsigned char *in, + size_t inlen, int *al, void *parse_arg) { int *server = (int *)parse_arg; if (SSL_is_server(s)) - srvparsecb++; + srvparseoldcb++; else - clntparsecb++; + clntparseoldcb++; if (*server != SSL_is_server(s) || inlen != sizeof(char) @@ -1058,6 +3693,52 @@ static int parse_cb(SSL *s, unsigned int ext_type, const unsigned char *in, return 1; } +static int new_add_cb(SSL *s, unsigned int ext_type, unsigned int context, + const unsigned char **out, size_t *outlen, X509 *x, + size_t chainidx, int *al, void *add_arg) +{ + int *server = (int *)add_arg; + unsigned char *data; + + if (SSL_is_server(s)) + srvaddnewcb++; + else + clntaddnewcb++; + + if (*server != SSL_is_server(s) + || (data = OPENSSL_malloc(sizeof(*data))) == NULL) + return -1; + + *data = 1; + *out = data; + *outlen = sizeof(*data); + return 1; +} + +static void new_free_cb(SSL *s, unsigned int ext_type, unsigned int context, + const unsigned char *out, void *add_arg) +{ + OPENSSL_free((unsigned char *)out); +} + +static int new_parse_cb(SSL *s, unsigned int ext_type, unsigned int context, + const unsigned char *in, size_t inlen, X509 *x, + size_t chainidx, int *al, void *parse_arg) +{ + int *server = (int *)parse_arg; + + if (SSL_is_server(s)) + srvparsenewcb++; + else + clntparsenewcb++; + + if (*server != SSL_is_server(s) + || inlen != sizeof(char) || *in != 1) + return -1; + + return 1; +} + static int sni_cb(SSL *s, int *al, void *arg) { SSL_CTX *ctx = (SSL_CTX *)arg; @@ -1072,8 +3753,11 @@ static int sni_cb(SSL *s, int *al, void *arg) /* * Custom call back tests. - * Test 0: callbacks in TLSv1.2 - * Test 1: callbacks in TLSv1.2 with SNI + * Test 0: Old style callbacks in TLSv1.2 + * Test 1: New style callbacks in TLSv1.2 + * Test 2: New style callbacks in TLSv1.2 with SNI + * Test 3: New style callbacks in TLSv1.3. Extensions in CH and EE + * Test 4: New style callbacks in TLSv1.3. Extensions in CH, SH, EE, Cert + NST */ static int test_custom_exts(int tst) { @@ -1083,126 +3767,1171 @@ static int test_custom_exts(int tst) static int server = 1; static int client = 0; SSL_SESSION *sess = NULL; + unsigned int context; + +#if defined(OPENSSL_NO_TLS1_2) && !defined(OPENSSL_NO_TLS1_3) + /* Skip tests for TLSv1.2 and below in this case */ + if (tst < 3) + return 1; +#endif /* Reset callback counters */ - clntaddcb = clntparsecb = srvaddcb = srvparsecb = 0; + clntaddoldcb = clntparseoldcb = srvaddoldcb = srvparseoldcb = 0; + clntaddnewcb = clntparsenewcb = srvaddnewcb = srvparsenewcb = 0; snicb = 0; - if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) goto end; - } - if (tst == 1 - && !create_ssl_ctx_pair(TLS_server_method(), NULL, - TLS1_VERSION, TLS_MAX_VERSION, &sctx2, NULL, - cert, privkey)) { - printf("Unable to create SSL_CTX pair (2)\n"); + if (tst == 2 + && !TEST_true(create_ssl_ctx_pair(TLS_server_method(), NULL, + TLS1_VERSION, TLS_MAX_VERSION, + &sctx2, NULL, cert, privkey))) goto end; + + + if (tst < 3) { + SSL_CTX_set_options(cctx, SSL_OP_NO_TLSv1_3); + SSL_CTX_set_options(sctx, SSL_OP_NO_TLSv1_3); + if (sctx2 != NULL) + SSL_CTX_set_options(sctx2, SSL_OP_NO_TLSv1_3); + } + + if (tst == 4) { + context = SSL_EXT_CLIENT_HELLO + | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_SERVER_HELLO + | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS + | SSL_EXT_TLS1_3_CERTIFICATE + | SSL_EXT_TLS1_3_NEW_SESSION_TICKET; + } else { + context = SSL_EXT_CLIENT_HELLO + | SSL_EXT_TLS1_2_SERVER_HELLO + | SSL_EXT_TLS1_3_ENCRYPTED_EXTENSIONS; } /* Create a client side custom extension */ - if (!SSL_CTX_add_client_custom_ext(cctx, TEST_EXT_TYPE1, add_cb, free_cb, - &client, parse_cb, &client)) { - printf("Unable to add client custom extension\n"); + if (tst == 0) { + if (!TEST_true(SSL_CTX_add_client_custom_ext(cctx, TEST_EXT_TYPE1, + old_add_cb, old_free_cb, + &client, old_parse_cb, + &client))) + goto end; + } else { + if (!TEST_true(SSL_CTX_add_custom_ext(cctx, TEST_EXT_TYPE1, context, + new_add_cb, new_free_cb, + &client, new_parse_cb, &client))) + goto end; + } + + /* Should not be able to add duplicates */ + if (!TEST_false(SSL_CTX_add_client_custom_ext(cctx, TEST_EXT_TYPE1, + old_add_cb, old_free_cb, + &client, old_parse_cb, + &client)) + || !TEST_false(SSL_CTX_add_custom_ext(cctx, TEST_EXT_TYPE1, + context, new_add_cb, + new_free_cb, &client, + new_parse_cb, &client))) goto end; + + /* Create a server side custom extension */ + if (tst == 0) { + if (!TEST_true(SSL_CTX_add_server_custom_ext(sctx, TEST_EXT_TYPE1, + old_add_cb, old_free_cb, + &server, old_parse_cb, + &server))) + goto end; + } else { + if (!TEST_true(SSL_CTX_add_custom_ext(sctx, TEST_EXT_TYPE1, context, + new_add_cb, new_free_cb, + &server, new_parse_cb, &server))) + goto end; + if (sctx2 != NULL + && !TEST_true(SSL_CTX_add_custom_ext(sctx2, TEST_EXT_TYPE1, + context, new_add_cb, + new_free_cb, &server, + new_parse_cb, &server))) + goto end; } /* Should not be able to add duplicates */ - if (SSL_CTX_add_client_custom_ext(cctx, TEST_EXT_TYPE1, add_cb, free_cb, - &client, parse_cb, &client)) { - printf("Unexpected success adding duplicate extension\n"); + if (!TEST_false(SSL_CTX_add_server_custom_ext(sctx, TEST_EXT_TYPE1, + old_add_cb, old_free_cb, + &server, old_parse_cb, + &server)) + || !TEST_false(SSL_CTX_add_custom_ext(sctx, TEST_EXT_TYPE1, + context, new_add_cb, + new_free_cb, &server, + new_parse_cb, &server))) goto end; + + if (tst == 2) { + /* Set up SNI */ + if (!TEST_true(SSL_CTX_set_tlsext_servername_callback(sctx, sni_cb)) + || !TEST_true(SSL_CTX_set_tlsext_servername_arg(sctx, sctx2))) + goto end; } - /* Create a server side custom extension */ - if (!SSL_CTX_add_server_custom_ext(sctx, TEST_EXT_TYPE1, add_cb, free_cb, - &server, parse_cb, &server)) { - printf("Unable to add server custom extension\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) goto end; + + if (tst == 0) { + if (clntaddoldcb != 1 + || clntparseoldcb != 1 + || srvaddoldcb != 1 + || srvparseoldcb != 1) + goto end; + } else if (tst == 1 || tst == 2 || tst == 3) { + if (clntaddnewcb != 1 + || clntparsenewcb != 1 + || srvaddnewcb != 1 + || srvparsenewcb != 1 + || (tst != 2 && snicb != 0) + || (tst == 2 && snicb != 1)) + goto end; + } else { + /* In this case there 2 NewSessionTicket messages created */ + if (clntaddnewcb != 1 + || clntparsenewcb != 5 + || srvaddnewcb != 5 + || srvparsenewcb != 1) + goto end; } - if (sctx2 != NULL - && !SSL_CTX_add_server_custom_ext(sctx2, TEST_EXT_TYPE1, - add_cb, free_cb, - &server, parse_cb, - &server)) { - printf("Unable to add server custom extension for SNI\n"); + + sess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + if (tst == 3) { + /* We don't bother with the resumption aspects for this test */ + testresult = 1; goto end; } - /* Should not be able to add duplicates */ - if (SSL_CTX_add_server_custom_ext(sctx, TEST_EXT_TYPE1, add_cb, free_cb, - &server, parse_cb, &server)) { - printf("Unexpected success adding duplicate extension (2)\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(SSL_set_session(clientssl, sess)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) goto end; + + /* + * For a resumed session we expect to add the ClientHello extension. For the + * old style callbacks we ignore it on the server side because they set + * SSL_EXT_IGNORE_ON_RESUMPTION. The new style callbacks do not ignore + * them. + */ + if (tst == 0) { + if (clntaddoldcb != 2 + || clntparseoldcb != 1 + || srvaddoldcb != 1 + || srvparseoldcb != 1) + goto end; + } else if (tst == 1 || tst == 2 || tst == 3) { + if (clntaddnewcb != 2 + || clntparsenewcb != 2 + || srvaddnewcb != 2 + || srvparsenewcb != 2) + goto end; + } else { + /* + * No Certificate message extensions in the resumption handshake, + * 2 NewSessionTickets in the initial handshake, 1 in the resumption + */ + if (clntaddnewcb != 2 + || clntparsenewcb != 8 + || srvaddnewcb != 8 + || srvparsenewcb != 2) + goto end; } - if (tst == 1) { - /* Set up SNI */ - if (!SSL_CTX_set_tlsext_servername_callback(sctx, sni_cb) - || !SSL_CTX_set_tlsext_servername_arg(sctx, sctx2)) { - printf("Cannot set SNI callbacks\n"); + testresult = 1; + +end: + SSL_SESSION_free(sess); + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx2); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} + +/* + * Test loading of serverinfo data in various formats. test_sslmessages actually + * tests to make sure the extensions appear in the handshake + */ +static int test_serverinfo(int tst) +{ + unsigned int version; + unsigned char *sibuf; + size_t sibuflen; + int ret, expected, testresult = 0; + SSL_CTX *ctx; + + ctx = SSL_CTX_new(TLS_method()); + if (!TEST_ptr(ctx)) + goto end; + + if ((tst & 0x01) == 0x01) + version = SSL_SERVERINFOV2; + else + version = SSL_SERVERINFOV1; + + if ((tst & 0x02) == 0x02) { + sibuf = serverinfov2; + sibuflen = sizeof(serverinfov2); + expected = (version == SSL_SERVERINFOV2); + } else { + sibuf = serverinfov1; + sibuflen = sizeof(serverinfov1); + expected = (version == SSL_SERVERINFOV1); + } + + if ((tst & 0x04) == 0x04) { + ret = SSL_CTX_use_serverinfo_ex(ctx, version, sibuf, sibuflen); + } else { + ret = SSL_CTX_use_serverinfo(ctx, sibuf, sibuflen); + + /* + * The version variable is irrelevant in this case - it's what is in the + * buffer that matters + */ + if ((tst & 0x02) == 0x02) + expected = 0; + else + expected = 1; + } + + if (!TEST_true(ret == expected)) + goto end; + + testresult = 1; + + end: + SSL_CTX_free(ctx); + + return testresult; +} + +/* + * Test that SSL_export_keying_material() produces expected results. There are + * no test vectors so all we do is test that both sides of the communication + * produce the same results for different protocol versions. + */ +static int test_export_key_mat(int tst) +{ + int testresult = 0; + SSL_CTX *cctx = NULL, *sctx = NULL, *sctx2 = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + const char label[] = "test label"; + const unsigned char context[] = "context"; + const unsigned char *emptycontext = NULL; + unsigned char ckeymat1[80], ckeymat2[80], ckeymat3[80]; + unsigned char skeymat1[80], skeymat2[80], skeymat3[80]; + const int protocols[] = { + TLS1_VERSION, + TLS1_1_VERSION, + TLS1_2_VERSION, + TLS1_3_VERSION + }; + +#ifdef OPENSSL_NO_TLS1 + if (tst == 0) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_1 + if (tst == 1) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_2 + if (tst == 2) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_3 + if (tst == 3) + return 1; +#endif + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + + OPENSSL_assert(tst >= 0 && (size_t)tst < OSSL_NELEM(protocols)); + SSL_CTX_set_max_proto_version(cctx, protocols[tst]); + SSL_CTX_set_min_proto_version(cctx, protocols[tst]); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, + NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + if (!TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat1, + sizeof(ckeymat1), label, + sizeof(label) - 1, context, + sizeof(context) - 1, 1), 1) + || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat2, + sizeof(ckeymat2), label, + sizeof(label) - 1, + emptycontext, + 0, 1), 1) + || !TEST_int_eq(SSL_export_keying_material(clientssl, ckeymat3, + sizeof(ckeymat3), label, + sizeof(label) - 1, + NULL, 0, 0), 1) + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat1, + sizeof(skeymat1), label, + sizeof(label) - 1, + context, + sizeof(context) -1, 1), + 1) + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat2, + sizeof(skeymat2), label, + sizeof(label) - 1, + emptycontext, + 0, 1), 1) + || !TEST_int_eq(SSL_export_keying_material(serverssl, skeymat3, + sizeof(skeymat3), label, + sizeof(label) - 1, + NULL, 0, 0), 1) + /* + * Check that both sides created the same key material with the + * same context. + */ + || !TEST_mem_eq(ckeymat1, sizeof(ckeymat1), skeymat1, + sizeof(skeymat1)) + /* + * Check that both sides created the same key material with an + * empty context. + */ + || !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), skeymat2, + sizeof(skeymat2)) + /* + * Check that both sides created the same key material without a + * context. + */ + || !TEST_mem_eq(ckeymat3, sizeof(ckeymat3), skeymat3, + sizeof(skeymat3)) + /* Different contexts should produce different results */ + || !TEST_mem_ne(ckeymat1, sizeof(ckeymat1), ckeymat2, + sizeof(ckeymat2))) + goto end; + + /* + * Check that an empty context and no context produce different results in + * protocols less than TLSv1.3. In TLSv1.3 they should be the same. + */ + if ((tst != 3 && !TEST_mem_ne(ckeymat2, sizeof(ckeymat2), ckeymat3, + sizeof(ckeymat3))) + || (tst ==3 && !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), ckeymat3, + sizeof(ckeymat3)))) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx2); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +#ifndef OPENSSL_NO_TLS1_3 +/* + * Test that SSL_export_keying_material_early() produces expected + * results. There are no test vectors so all we do is test that both + * sides of the communication produce the same results for different + * protocol versions. + */ +static int test_export_key_mat_early(int idx) +{ + static const char label[] = "test label"; + static const unsigned char context[] = "context"; + int testresult = 0; + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + SSL_SESSION *sess = NULL; + const unsigned char *emptycontext = NULL; + unsigned char ckeymat1[80], ckeymat2[80]; + unsigned char skeymat1[80], skeymat2[80]; + unsigned char buf[1]; + size_t readbytes, written; + + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, &serverssl, + &sess, idx))) + goto end; + + /* Here writing 0 length early data is enough. */ + if (!TEST_true(SSL_write_early_data(clientssl, NULL, 0, &written)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, sizeof(buf), + &readbytes), + SSL_READ_EARLY_DATA_ERROR) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_ACCEPTED)) + goto end; + + if (!TEST_int_eq(SSL_export_keying_material_early( + clientssl, ckeymat1, sizeof(ckeymat1), label, + sizeof(label) - 1, context, sizeof(context) - 1), 1) + || !TEST_int_eq(SSL_export_keying_material_early( + clientssl, ckeymat2, sizeof(ckeymat2), label, + sizeof(label) - 1, emptycontext, 0), 1) + || !TEST_int_eq(SSL_export_keying_material_early( + serverssl, skeymat1, sizeof(skeymat1), label, + sizeof(label) - 1, context, sizeof(context) - 1), 1) + || !TEST_int_eq(SSL_export_keying_material_early( + serverssl, skeymat2, sizeof(skeymat2), label, + sizeof(label) - 1, emptycontext, 0), 1) + /* + * Check that both sides created the same key material with the + * same context. + */ + || !TEST_mem_eq(ckeymat1, sizeof(ckeymat1), skeymat1, + sizeof(skeymat1)) + /* + * Check that both sides created the same key material with an + * empty context. + */ + || !TEST_mem_eq(ckeymat2, sizeof(ckeymat2), skeymat2, + sizeof(skeymat2)) + /* Different contexts should produce different results */ + || !TEST_mem_ne(ckeymat1, sizeof(ckeymat1), ckeymat2, + sizeof(ckeymat2))) + goto end; + + testresult = 1; + + end: + SSL_SESSION_free(sess); + SSL_SESSION_free(clientpsk); + SSL_SESSION_free(serverpsk); + clientpsk = serverpsk = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif /* OPENSSL_NO_TLS1_3 */ + +static int test_ssl_clear(int idx) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + +#ifdef OPENSSL_NO_TLS1_2 + if (idx == 1) + return 1; +#endif + + /* Create an initial connection */ + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey)) + || (idx == 1 + && !TEST_true(SSL_CTX_set_max_proto_version(cctx, + TLS1_2_VERSION))) + || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + serverssl = NULL; + + /* Clear clientssl - we're going to reuse the object */ + if (!TEST_true(SSL_clear(clientssl))) + goto end; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl))) + goto end; + + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +/* Parse CH and retrieve any MFL extension value if present */ +static int get_MFL_from_client_hello(BIO *bio, int *mfl_codemfl_code) +{ + long len; + unsigned char *data; + PACKET pkt = {0}, pkt2 = {0}, pkt3 = {0}; + unsigned int MFL_code = 0, type = 0; + + if (!TEST_uint_gt( len = BIO_get_mem_data( bio, (char **) &data ), 0 ) ) + goto end; + + if (!TEST_true( PACKET_buf_init( &pkt, data, len ) ) + /* Skip the record header */ + || !PACKET_forward(&pkt, SSL3_RT_HEADER_LENGTH) + /* Skip the handshake message header */ + || !TEST_true(PACKET_forward(&pkt, SSL3_HM_HEADER_LENGTH)) + /* Skip client version and random */ + || !TEST_true(PACKET_forward(&pkt, CLIENT_VERSION_LEN + + SSL3_RANDOM_SIZE)) + /* Skip session id */ + || !TEST_true(PACKET_get_length_prefixed_1(&pkt, &pkt2)) + /* Skip ciphers */ + || !TEST_true(PACKET_get_length_prefixed_2(&pkt, &pkt2)) + /* Skip compression */ + || !TEST_true(PACKET_get_length_prefixed_1(&pkt, &pkt2)) + /* Extensions len */ + || !TEST_true(PACKET_as_length_prefixed_2(&pkt, &pkt2))) + goto end; + + /* Loop through all extensions */ + while (PACKET_remaining(&pkt2)) { + if (!TEST_true(PACKET_get_net_2(&pkt2, &type)) + || !TEST_true(PACKET_get_length_prefixed_2(&pkt2, &pkt3))) goto end; + + if (type == TLSEXT_TYPE_max_fragment_length) { + if (!TEST_uint_ne(PACKET_remaining(&pkt3), 0) + || !TEST_true(PACKET_get_1(&pkt3, &MFL_code))) + goto end; + + *mfl_codemfl_code = MFL_code; + return 1; } } - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL) - || !create_ssl_connection(serverssl, clientssl)) { - printf("Cannot create SSL connection\n"); + end: + return 0; +} + +/* Maximum-Fragment-Length TLS extension mode to test */ +static const unsigned char max_fragment_len_test[] = { + TLSEXT_max_fragment_length_512, + TLSEXT_max_fragment_length_1024, + TLSEXT_max_fragment_length_2048, + TLSEXT_max_fragment_length_4096 +}; + +static int test_max_fragment_len_ext(int idx_tst) +{ + SSL_CTX *ctx; + SSL *con = NULL; + int testresult = 0, MFL_mode = 0; + BIO *rbio, *wbio; + + ctx = SSL_CTX_new(TLS_method()); + if (!TEST_ptr(ctx)) + goto end; + + if (!TEST_true(SSL_CTX_set_tlsext_max_fragment_length( + ctx, max_fragment_len_test[idx_tst]))) + goto end; + + con = SSL_new(ctx); + if (!TEST_ptr(con)) + goto end; + + rbio = BIO_new(BIO_s_mem()); + wbio = BIO_new(BIO_s_mem()); + if (!TEST_ptr(rbio)|| !TEST_ptr(wbio)) { + BIO_free(rbio); + BIO_free(wbio); goto end; } - if (clntaddcb != 1 - || clntparsecb != 1 - || srvaddcb != 1 - || srvparsecb != 1 - || (tst != 1 && snicb != 0) - || (tst == 1 && snicb != 1)) { - printf("Incorrect callback counts\n"); + SSL_set_bio(con, rbio, wbio); + SSL_set_connect_state(con); + + if (!TEST_int_le(SSL_connect(con), 0)) { + /* This shouldn't succeed because we don't have a server! */ goto end; } - sess = SSL_get1_session(clientssl); + if (!TEST_true(get_MFL_from_client_hello(wbio, &MFL_mode))) + /* no MFL in client hello */ + goto end; + if (!TEST_true(max_fragment_len_test[idx_tst] == MFL_mode)) + goto end; + + testresult = 1; + +end: + SSL_free(con); + SSL_CTX_free(ctx); + + return testresult; +} + +#ifndef OPENSSL_NO_TLS1_3 +static int test_pha_key_update(void) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + return 0; + + if (!TEST_true(SSL_CTX_set_min_proto_version(sctx, TLS1_3_VERSION)) + || !TEST_true(SSL_CTX_set_max_proto_version(sctx, TLS1_3_VERSION)) + || !TEST_true(SSL_CTX_set_min_proto_version(cctx, TLS1_3_VERSION)) + || !TEST_true(SSL_CTX_set_max_proto_version(cctx, TLS1_3_VERSION))) + goto end; + + SSL_CTX_set_post_handshake_auth(cctx, 1); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + SSL_set_verify(serverssl, SSL_VERIFY_PEER, NULL); + if (!TEST_true(SSL_verify_client_post_handshake(serverssl))) + goto end; + + if (!TEST_true(SSL_key_update(clientssl, SSL_KEY_UPDATE_NOT_REQUESTED))) + goto end; + + /* Start handshake on the server */ + if (!TEST_int_eq(SSL_do_handshake(serverssl), 1)) + goto end; + + /* Starts with SSL_connect(), but it's really just SSL_do_handshake() */ + if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + SSL_shutdown(clientssl); SSL_shutdown(serverssl); + + testresult = 1; + + end: SSL_free(serverssl); SSL_free(clientssl); - serverssl = clientssl = NULL; + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + return testresult; +} +#endif - if (tst == 1) { - /* We don't bother with the resumption aspects for this test */ - testresult = 1; +#if !defined(OPENSSL_NO_SRP) && !defined(OPENSSL_NO_TLS1_2) + +static SRP_VBASE *vbase = NULL; + +static int ssl_srp_cb(SSL *s, int *ad, void *arg) +{ + int ret = SSL3_AL_FATAL; + char *username; + SRP_user_pwd *user = NULL; + + username = SSL_get_srp_username(s); + if (username == NULL) { + *ad = SSL_AD_INTERNAL_ERROR; + goto err; + } + + user = SRP_VBASE_get1_by_user(vbase, username); + if (user == NULL) { + *ad = SSL_AD_INTERNAL_ERROR; + goto err; + } + + if (SSL_set_srp_server_param(s, user->N, user->g, user->s, user->v, + user->info) <= 0) { + *ad = SSL_AD_INTERNAL_ERROR; + goto err; + } + + ret = 0; + + err: + SRP_user_pwd_free(user); + return ret; +} + +static int create_new_vfile(char *userid, char *password, const char *filename) +{ + char *gNid = NULL; + OPENSSL_STRING *row = OPENSSL_zalloc(sizeof(row) * (DB_NUMBER + 1)); + TXT_DB *db = NULL; + int ret = 0; + BIO *out = NULL, *dummy = BIO_new_mem_buf("", 0); + size_t i; + + if (!TEST_ptr(dummy) || !TEST_ptr(row)) + goto end; + + gNid = SRP_create_verifier(userid, password, &row[DB_srpsalt], + &row[DB_srpverifier], NULL, NULL); + if (!TEST_ptr(gNid)) goto end; + + /* + * The only way to create an empty TXT_DB is to provide a BIO with no data + * in it! + */ + db = TXT_DB_read(dummy, DB_NUMBER); + if (!TEST_ptr(db)) + goto end; + + out = BIO_new_file(filename, "w"); + if (!TEST_ptr(out)) + goto end; + + row[DB_srpid] = OPENSSL_strdup(userid); + row[DB_srptype] = OPENSSL_strdup("V"); + row[DB_srpgN] = OPENSSL_strdup(gNid); + + if (!TEST_ptr(row[DB_srpid]) + || !TEST_ptr(row[DB_srptype]) + || !TEST_ptr(row[DB_srpgN]) + || !TEST_true(TXT_DB_insert(db, row))) + goto end; + + row = NULL; + + if (!TXT_DB_write(out, db)) + goto end; + + ret = 1; + end: + if (row != NULL) { + for (i = 0; i < DB_NUMBER; i++) + OPENSSL_free(row[i]); } + OPENSSL_free(row); + BIO_free(dummy); + BIO_free(out); + TXT_DB_free(db); + + return ret; +} - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL) - || !SSL_set_session(clientssl, sess) - || !create_ssl_connection(serverssl, clientssl)) { - printf("Cannot create resumption connection\n"); +static int create_new_vbase(char *userid, char *password) +{ + BIGNUM *verifier = NULL, *salt = NULL; + const SRP_gN *lgN = NULL; + SRP_user_pwd *user_pwd = NULL; + int ret = 0; + + lgN = SRP_get_default_gN(NULL); + if (!TEST_ptr(lgN)) + goto end; + + if (!TEST_true(SRP_create_verifier_BN(userid, password, &salt, &verifier, + lgN->N, lgN->g))) + goto end; + + user_pwd = OPENSSL_zalloc(sizeof(*user_pwd)); + if (!TEST_ptr(user_pwd)) + goto end; + + user_pwd->N = lgN->N; + user_pwd->g = lgN->g; + user_pwd->id = OPENSSL_strdup(userid); + if (!TEST_ptr(user_pwd->id)) + goto end; + + user_pwd->v = verifier; + user_pwd->s = salt; + verifier = salt = NULL; + + if (sk_SRP_user_pwd_insert(vbase->users_pwd, user_pwd, 0) == 0) + goto end; + user_pwd = NULL; + + ret = 1; +end: + SRP_user_pwd_free(user_pwd); + BN_free(salt); + BN_free(verifier); + + return ret; +} + +/* + * SRP tests + * + * Test 0: Simple successful SRP connection, new vbase + * Test 1: Connection failure due to bad password, new vbase + * Test 2: Simple successful SRP connection, vbase loaded from existing file + * Test 3: Connection failure due to bad password, vbase loaded from existing + * file + * Test 4: Simple successful SRP connection, vbase loaded from new file + * Test 5: Connection failure due to bad password, vbase loaded from new file + */ +static int test_srp(int tst) +{ + char *userid = "test", *password = "password", *tstsrpfile; + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int ret, testresult = 0; + + vbase = SRP_VBASE_new(NULL); + if (!TEST_ptr(vbase)) goto end; + + if (tst == 0 || tst == 1) { + if (!TEST_true(create_new_vbase(userid, password))) + goto end; + } else { + if (tst == 4 || tst == 5) { + if (!TEST_true(create_new_vfile(userid, password, tmpfilename))) + goto end; + tstsrpfile = tmpfilename; + } else { + tstsrpfile = srpvfile; + } + if (!TEST_int_eq(SRP_VBASE_init(vbase, tstsrpfile), SRP_NO_ERROR)) + goto end; + } + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + + if (!TEST_int_gt(SSL_CTX_set_srp_username_callback(sctx, ssl_srp_cb), 0) + || !TEST_true(SSL_CTX_set_cipher_list(cctx, "SRP-AES-128-CBC-SHA")) + || !TEST_true(SSL_CTX_set_max_proto_version(sctx, TLS1_2_VERSION)) + || !TEST_true(SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION)) + || !TEST_int_gt(SSL_CTX_set_srp_username(cctx, userid), 0)) + goto end; + + if (tst % 2 == 1) { + if (!TEST_int_gt(SSL_CTX_set_srp_password(cctx, "badpass"), 0)) + goto end; + } else { + if (!TEST_int_gt(SSL_CTX_set_srp_password(cctx, password), 0)) + goto end; + } + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + ret = create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE); + if (ret) { + if (!TEST_true(tst % 2 == 0)) + goto end; + } else { + if (!TEST_true(tst % 2 == 1)) + goto end; + } + + testresult = 1; + + end: + SRP_VBASE_free(vbase); + vbase = NULL; + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} +#endif + +static int info_cb_failed = 0; +static int info_cb_offset = 0; +static int info_cb_this_state = -1; + +static struct info_cb_states_st { + int where; + const char *statestr; +} info_cb_states[][60] = { + { + /* TLSv1.2 server followed by resumption */ + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"}, + {SSL_CB_LOOP, "TWSC"}, {SSL_CB_LOOP, "TWSKE"}, {SSL_CB_LOOP, "TWSD"}, + {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWSD"}, {SSL_CB_LOOP, "TRCKE"}, + {SSL_CB_LOOP, "TRCCS"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWST"}, + {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, + {SSL_CB_LOOP, "TWSH"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TRCCS"}, + {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_EXIT, NULL}, {0, NULL}, + }, { + /* TLSv1.2 client followed by resumption */ + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"}, + {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TRSC"}, {SSL_CB_LOOP, "TRSKE"}, + {SSL_CB_LOOP, "TRSD"}, {SSL_CB_LOOP, "TWCKE"}, {SSL_CB_LOOP, "TWCCS"}, + {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_LOOP, "TRST"}, {SSL_CB_LOOP, "TRCCS"}, {SSL_CB_LOOP, "TRFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {SSL_CB_ALERT, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"}, + {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TRCCS"}, {SSL_CB_LOOP, "TRFIN"}, + {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {0, NULL}, + }, { + /* TLSv1.3 server followed by resumption */ + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"}, + {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWSC"}, + {SSL_CB_LOOP, "TRSCV"}, {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TED"}, + {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "TWST"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TWST"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, + {SSL_CB_LOOP, "TWSH"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, + {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_LOOP, "TED"}, {SSL_CB_EXIT, NULL}, + {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "TWST"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_EXIT, NULL}, {0, NULL}, + }, { + /* TLSv1.3 client followed by resumption */ + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, {SSL_CB_LOOP, "TWCH"}, + {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, {SSL_CB_LOOP, "TRSC"}, + {SSL_CB_LOOP, "TRSCV"}, {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWCCS"}, + {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_EXIT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "SSLOK "}, + {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_ALERT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TWCH"}, {SSL_CB_EXIT, NULL}, + {SSL_CB_LOOP, "TWCH"}, {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, + {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "SSLOK "}, + {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {0, NULL}, + }, { + /* TLSv1.3 server, early_data */ + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "PINIT "}, {SSL_CB_LOOP, "TRCH"}, {SSL_CB_LOOP, "TWSH"}, + {SSL_CB_LOOP, "TWCCS"}, {SSL_CB_LOOP, "TWEE"}, {SSL_CB_LOOP, "TWFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TED"}, + {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TWEOED"}, {SSL_CB_LOOP, "TRFIN"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "TWST"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_EXIT, NULL}, {0, NULL}, + }, { + /* TLSv1.3 client, early_data */ + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "PINIT "}, + {SSL_CB_LOOP, "TWCH"}, {SSL_CB_LOOP, "TWCCS"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, + {SSL_CB_HANDSHAKE_START, NULL}, {SSL_CB_LOOP, "TED"}, + {SSL_CB_LOOP, "TED"}, {SSL_CB_LOOP, "TRSH"}, {SSL_CB_LOOP, "TREE"}, + {SSL_CB_LOOP, "TRFIN"}, {SSL_CB_LOOP, "TPEDE"}, {SSL_CB_LOOP, "TWEOED"}, + {SSL_CB_LOOP, "TWFIN"}, {SSL_CB_HANDSHAKE_DONE, NULL}, + {SSL_CB_EXIT, NULL}, {SSL_CB_HANDSHAKE_START, NULL}, + {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "SSLOK "}, {SSL_CB_LOOP, "TRST"}, + {SSL_CB_HANDSHAKE_DONE, NULL}, {SSL_CB_EXIT, NULL}, {0, NULL}, + }, { + {0, NULL}, + } +}; + +static void sslapi_info_callback(const SSL *s, int where, int ret) +{ + struct info_cb_states_st *state = info_cb_states[info_cb_offset]; + + /* We do not ever expect a connection to fail in this test */ + if (!TEST_false(ret == 0)) { + info_cb_failed = 1; + return; } /* - * For a resumed session we expect to add the ClientHello extension but we - * should ignore it on the server side. + * Do some sanity checks. We never expect these things to happen in this + * test */ - if (clntaddcb != 2 - || clntparsecb != 1 - || srvaddcb != 1 - || srvparsecb != 1) { - printf("Incorrect resumption callback counts\n"); + if (!TEST_false((SSL_is_server(s) && (where & SSL_ST_CONNECT) != 0)) + || !TEST_false(!SSL_is_server(s) && (where & SSL_ST_ACCEPT) != 0) + || !TEST_int_ne(state[++info_cb_this_state].where, 0)) { + info_cb_failed = 1; + return; + } + + /* Now check we're in the right state */ + if (!TEST_true((where & state[info_cb_this_state].where) != 0)) { + info_cb_failed = 1; + return; + } + if ((where & SSL_CB_LOOP) != 0 + && !TEST_int_eq(strcmp(SSL_state_string(s), + state[info_cb_this_state].statestr), 0)) { + info_cb_failed = 1; + return; + } + + /* Check that, if we've got SSL_CB_HANDSHAKE_DONE we are not in init */ + if ((where & SSL_CB_HANDSHAKE_DONE) && SSL_in_init((SSL *)s) != 0) { + info_cb_failed = 1; + return; + } +} + +/* + * Test the info callback gets called when we expect it to. + * + * Test 0: TLSv1.2, server + * Test 1: TLSv1.2, client + * Test 2: TLSv1.3, server + * Test 3: TLSv1.3, client + * Test 4: TLSv1.3, server, early_data + * Test 5: TLSv1.3, client, early_data + */ +static int test_info_callback(int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + SSL_SESSION *clntsess = NULL; + int testresult = 0; + int tlsvers; + + if (tst < 2) { +/* We need either ECDHE or DHE for the TLSv1.2 test to work */ +#if !defined(OPENSSL_NO_TLS1_2) && (!defined(OPENSSL_NO_EC) \ + || !defined(OPENSSL_NO_DH)) + tlsvers = TLS1_2_VERSION; +#else + return 1; +#endif + } else { +#ifndef OPENSSL_NO_TLS1_3 + tlsvers = TLS1_3_VERSION; +#else + return 1; +#endif + } + + /* Reset globals */ + info_cb_failed = 0; + info_cb_this_state = -1; + info_cb_offset = tst; + +#ifndef OPENSSL_NO_TLS1_3 + if (tst >= 4) { + SSL_SESSION *sess = NULL; + size_t written, readbytes; + unsigned char buf[80]; + + /* early_data tests */ + if (!TEST_true(setupearly_data_test(&cctx, &sctx, &clientssl, + &serverssl, &sess, 0))) + goto end; + + /* We don't actually need this reference */ + SSL_SESSION_free(sess); + + SSL_set_info_callback((tst % 2) == 0 ? serverssl : clientssl, + sslapi_info_callback); + + /* Write and read some early data and then complete the connection */ + if (!TEST_true(SSL_write_early_data(clientssl, MSG1, strlen(MSG1), + &written)) + || !TEST_size_t_eq(written, strlen(MSG1)) + || !TEST_int_eq(SSL_read_early_data(serverssl, buf, + sizeof(buf), &readbytes), + SSL_READ_EARLY_DATA_SUCCESS) + || !TEST_mem_eq(MSG1, readbytes, buf, strlen(MSG1)) + || !TEST_int_eq(SSL_get_early_data_status(serverssl), + SSL_EARLY_DATA_ACCEPTED) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(info_cb_failed)) + goto end; + + testresult = 1; goto end; } +#endif + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + tlsvers, tlsvers, &sctx, &cctx, cert, + privkey))) + goto end; + + /* + * For even numbered tests we check the server callbacks. For odd numbers we + * check the client. + */ + SSL_CTX_set_info_callback((tst % 2) == 0 ? sctx : cctx, + sslapi_info_callback); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, + &clientssl, NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_false(info_cb_failed)) + goto end; + + + + clntsess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + /* Now do a resumption */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, + NULL)) + || !TEST_true(SSL_set_session(clientssl, clntsess)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_true(SSL_session_reused(clientssl)) + || !TEST_false(info_cb_failed)) + goto end; testresult = 1; -end: - SSL_SESSION_free(sess); + end: SSL_free(serverssl); SSL_free(clientssl); - SSL_CTX_free(sctx2); + SSL_SESSION_free(clntsess); SSL_CTX_free(sctx); SSL_CTX_free(cctx); return testresult; @@ -1215,45 +4944,389 @@ static int test_ssl_pending(int tst) int testresult = 0; char msg[] = "A test message"; char buf[5]; - size_t written; + size_t written, readbytes; if (tst == 0) { - if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, - &sctx, &cctx, cert, privkey)) { - printf("Failed creating SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) goto end; - } } else { #ifndef OPENSSL_NO_DTLS - if (!create_ssl_ctx_pair(DTLS_server_method(), DTLS_client_method(), - DTLS1_VERSION, DTLS_MAX_VERSION, - &sctx, &cctx, cert, privkey)) { - printf("Failed creating SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(DTLS_server_method(), + DTLS_client_method(), + DTLS1_VERSION, DTLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) goto end; - } #else return 1; #endif } - if (!create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, NULL) - || !create_ssl_connection(serverssl, clientssl)) { - printf("Failed creating connection\n"); + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + if (!TEST_int_eq(SSL_pending(clientssl), 0) + || !TEST_false(SSL_has_pending(clientssl)) + || !TEST_int_eq(SSL_pending(serverssl), 0) + || !TEST_false(SSL_has_pending(serverssl)) + || !TEST_true(SSL_write_ex(serverssl, msg, sizeof(msg), &written)) + || !TEST_size_t_eq(written, sizeof(msg)) + || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), &readbytes)) + || !TEST_size_t_eq(readbytes, sizeof(buf)) + || !TEST_int_eq(SSL_pending(clientssl), (int)(written - readbytes)) + || !TEST_true(SSL_has_pending(clientssl))) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +static struct { + unsigned int maxprot; + const char *clntciphers; + const char *clnttls13ciphers; + const char *srvrciphers; + const char *srvrtls13ciphers; + const char *shared; +} shared_ciphers_data[] = { +/* + * We can't establish a connection (even in TLSv1.1) with these ciphersuites if + * TLSv1.3 is enabled but TLSv1.2 is disabled. + */ +#if defined(OPENSSL_NO_TLS1_3) || !defined(OPENSSL_NO_TLS1_2) + { + TLS1_2_VERSION, + "AES128-SHA:AES256-SHA", + NULL, + "AES256-SHA:DHE-RSA-AES128-SHA", + NULL, + "AES256-SHA" + }, + { + TLS1_2_VERSION, + "AES128-SHA:DHE-RSA-AES128-SHA:AES256-SHA", + NULL, + "AES128-SHA:DHE-RSA-AES256-SHA:AES256-SHA", + NULL, + "AES128-SHA:AES256-SHA" + }, + { + TLS1_2_VERSION, + "AES128-SHA:AES256-SHA", + NULL, + "AES128-SHA:DHE-RSA-AES128-SHA", + NULL, + "AES128-SHA" + }, +#endif +/* + * This test combines TLSv1.3 and TLSv1.2 ciphersuites so they must both be + * enabled. + */ +#if !defined(OPENSSL_NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_2) \ + && !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305) + { + TLS1_3_VERSION, + "AES128-SHA:AES256-SHA", + NULL, + "AES256-SHA:AES128-SHA256", + NULL, + "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:" + "TLS_AES_128_GCM_SHA256:AES256-SHA" + }, +#endif +#ifndef OPENSSL_NO_TLS1_3 + { + TLS1_3_VERSION, + "AES128-SHA", + "TLS_AES_256_GCM_SHA384", + "AES256-SHA", + "TLS_AES_256_GCM_SHA384", + "TLS_AES_256_GCM_SHA384" + }, +#endif +}; + +static int test_ssl_get_shared_ciphers(int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + char buf[1024]; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + shared_ciphers_data[tst].maxprot, + &sctx, &cctx, cert, privkey))) + goto end; + + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, + shared_ciphers_data[tst].clntciphers)) + || (shared_ciphers_data[tst].clnttls13ciphers != NULL + && !TEST_true(SSL_CTX_set_ciphersuites(cctx, + shared_ciphers_data[tst].clnttls13ciphers))) + || !TEST_true(SSL_CTX_set_cipher_list(sctx, + shared_ciphers_data[tst].srvrciphers)) + || (shared_ciphers_data[tst].srvrtls13ciphers != NULL + && !TEST_true(SSL_CTX_set_ciphersuites(sctx, + shared_ciphers_data[tst].srvrtls13ciphers)))) + goto end; + + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + if (!TEST_ptr(SSL_get_shared_ciphers(serverssl, buf, sizeof(buf))) + || !TEST_int_eq(strcmp(buf, shared_ciphers_data[tst].shared), 0)) { + TEST_info("Shared ciphers are: %s\n", buf); goto end; } - written = SSL_write(serverssl, msg, sizeof(msg)); - if (written != sizeof(msg) - || SSL_read(clientssl, buf, sizeof(buf)) != sizeof(buf) - || SSL_pending(clientssl) != (int)(written - sizeof(buf))) { - printf("Failed checking SSL_pending\n"); + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +static const char *appdata = "Hello World"; +static int gen_tick_called, dec_tick_called, tick_key_cb_called; +static int tick_key_renew = 0; +static SSL_TICKET_RETURN tick_dec_ret = SSL_TICKET_RETURN_ABORT; + +static int gen_tick_cb(SSL *s, void *arg) +{ + gen_tick_called = 1; + + return SSL_SESSION_set1_ticket_appdata(SSL_get_session(s), appdata, + strlen(appdata)); +} + +static SSL_TICKET_RETURN dec_tick_cb(SSL *s, SSL_SESSION *ss, + const unsigned char *keyname, + size_t keyname_length, + SSL_TICKET_STATUS status, + void *arg) +{ + void *tickdata; + size_t tickdlen; + + dec_tick_called = 1; + + if (status == SSL_TICKET_EMPTY) + return SSL_TICKET_RETURN_IGNORE_RENEW; + + if (!TEST_true(status == SSL_TICKET_SUCCESS + || status == SSL_TICKET_SUCCESS_RENEW)) + return SSL_TICKET_RETURN_ABORT; + + if (!TEST_true(SSL_SESSION_get0_ticket_appdata(ss, &tickdata, + &tickdlen)) + || !TEST_size_t_eq(tickdlen, strlen(appdata)) + || !TEST_int_eq(memcmp(tickdata, appdata, tickdlen), 0)) + return SSL_TICKET_RETURN_ABORT; + + if (tick_key_cb_called) { + /* Don't change what the ticket key callback wanted to do */ + switch (status) { + case SSL_TICKET_NO_DECRYPT: + return SSL_TICKET_RETURN_IGNORE_RENEW; + + case SSL_TICKET_SUCCESS: + return SSL_TICKET_RETURN_USE; + + case SSL_TICKET_SUCCESS_RENEW: + return SSL_TICKET_RETURN_USE_RENEW; + + default: + return SSL_TICKET_RETURN_ABORT; + } + } + return tick_dec_ret; + +} + +static int tick_key_cb(SSL *s, unsigned char key_name[16], + unsigned char iv[EVP_MAX_IV_LENGTH], EVP_CIPHER_CTX *ctx, + HMAC_CTX *hctx, int enc) +{ + const unsigned char tick_aes_key[16] = "0123456789abcdef"; + const unsigned char tick_hmac_key[16] = "0123456789abcdef"; + + tick_key_cb_called = 1; + memset(iv, 0, AES_BLOCK_SIZE); + memset(key_name, 0, 16); + if (!EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, tick_aes_key, iv, enc) + || !HMAC_Init_ex(hctx, tick_hmac_key, sizeof(tick_hmac_key), + EVP_sha256(), NULL)) + return -1; + + return tick_key_renew ? 2 : 1; +} + +/* + * Test the various ticket callbacks + * Test 0: TLSv1.2, no ticket key callback, no ticket, no renewal + * Test 1: TLSv1.3, no ticket key callback, no ticket, no renewal + * Test 2: TLSv1.2, no ticket key callback, no ticket, renewal + * Test 3: TLSv1.3, no ticket key callback, no ticket, renewal + * Test 4: TLSv1.2, no ticket key callback, ticket, no renewal + * Test 5: TLSv1.3, no ticket key callback, ticket, no renewal + * Test 6: TLSv1.2, no ticket key callback, ticket, renewal + * Test 7: TLSv1.3, no ticket key callback, ticket, renewal + * Test 8: TLSv1.2, ticket key callback, ticket, no renewal + * Test 9: TLSv1.3, ticket key callback, ticket, no renewal + * Test 10: TLSv1.2, ticket key callback, ticket, renewal + * Test 11: TLSv1.3, ticket key callback, ticket, renewal + */ +static int test_ticket_callbacks(int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + SSL_SESSION *clntsess = NULL; + int testresult = 0; + +#ifdef OPENSSL_NO_TLS1_2 + if (tst % 2 == 0) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_3 + if (tst % 2 == 1) + return 1; +#endif + + gen_tick_called = dec_tick_called = tick_key_cb_called = 0; + + /* Which tests the ticket key callback should request renewal for */ + if (tst == 10 || tst == 11) + tick_key_renew = 1; + else + tick_key_renew = 0; + + /* Which tests the decrypt ticket callback should request renewal for */ + switch (tst) { + case 0: + case 1: + tick_dec_ret = SSL_TICKET_RETURN_IGNORE; + break; + + case 2: + case 3: + tick_dec_ret = SSL_TICKET_RETURN_IGNORE_RENEW; + break; + + case 4: + case 5: + tick_dec_ret = SSL_TICKET_RETURN_USE; + break; + + case 6: + case 7: + tick_dec_ret = SSL_TICKET_RETURN_USE_RENEW; + break; + + default: + tick_dec_ret = SSL_TICKET_RETURN_ABORT; + } + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + ((tst % 2) == 0) ? TLS1_2_VERSION + : TLS1_3_VERSION, + &sctx, &cctx, cert, privkey))) goto end; + + /* + * We only want sessions to resume from tickets - not the session cache. So + * switch the cache off. + */ + if (!TEST_true(SSL_CTX_set_session_cache_mode(sctx, SSL_SESS_CACHE_OFF))) + goto end; + + if (!TEST_true(SSL_CTX_set_session_ticket_cb(sctx, gen_tick_cb, dec_tick_cb, + NULL))) + goto end; + + if (tst >= 8 + && !TEST_true(SSL_CTX_set_tlsext_ticket_key_cb(sctx, tick_key_cb))) + goto end; + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + /* + * The decrypt ticket key callback in TLSv1.2 should be called even though + * we have no ticket yet, because it gets called with a status of + * SSL_TICKET_EMPTY (the client indicates support for tickets but does not + * actually send any ticket data). This does not happen in TLSv1.3 because + * it is not valid to send empty ticket data in TLSv1.3. + */ + if (!TEST_int_eq(gen_tick_called, 1) + || !TEST_int_eq(dec_tick_called, ((tst % 2) == 0) ? 1 : 0)) + goto end; + + gen_tick_called = dec_tick_called = 0; + + clntsess = SSL_get1_session(clientssl); + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); + serverssl = clientssl = NULL; + + /* Now do a resumption */ + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, NULL, + NULL)) + || !TEST_true(SSL_set_session(clientssl, clntsess)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + if (tick_dec_ret == SSL_TICKET_RETURN_IGNORE + || tick_dec_ret == SSL_TICKET_RETURN_IGNORE_RENEW) { + if (!TEST_false(SSL_session_reused(clientssl))) + goto end; + } else { + if (!TEST_true(SSL_session_reused(clientssl))) + goto end; } + if (!TEST_int_eq(gen_tick_called, + (tick_key_renew + || tick_dec_ret == SSL_TICKET_RETURN_IGNORE_RENEW + || tick_dec_ret == SSL_TICKET_RETURN_USE_RENEW) + ? 1 : 0) + || !TEST_int_eq(dec_tick_called, 1)) + goto end; + testresult = 1; end: + SSL_SESSION_free(clntsess); SSL_free(serverssl); SSL_free(clientssl); SSL_CTX_free(sctx); @@ -1262,24 +5335,515 @@ static int test_ssl_pending(int tst) return testresult; } +/* + * Test bi-directional shutdown. + * Test 0: TLSv1.2 + * Test 1: TLSv1.2, server continues to read/write after client shutdown + * Test 2: TLSv1.3, no pending NewSessionTicket messages + * Test 3: TLSv1.3, pending NewSessionTicket messages + * Test 4: TLSv1.3, server continues to read/write after client shutdown, server + * sends key update, client reads it + * Test 5: TLSv1.3, server continues to read/write after client shutdown, server + * sends CertificateRequest, client reads and ignores it + * Test 6: TLSv1.3, server continues to read/write after client shutdown, client + * doesn't read it + */ +static int test_shutdown(int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + char msg[] = "A test message"; + char buf[80]; + size_t written, readbytes; + SSL_SESSION *sess; + +#ifdef OPENSSL_NO_TLS1_2 + if (tst <= 1) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_3 + if (tst >= 2) + return 1; +#endif + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + (tst <= 1) ? TLS1_2_VERSION + : TLS1_3_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + + if (tst == 5) + SSL_CTX_set_post_handshake_auth(cctx, 1); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + if (tst == 3) { + if (!TEST_true(create_bare_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_ptr_ne(sess = SSL_get_session(clientssl), NULL) + || !TEST_false(SSL_SESSION_is_resumable(sess))) + goto end; + } else if (!TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE)) + || !TEST_ptr_ne(sess = SSL_get_session(clientssl), NULL) + || !TEST_true(SSL_SESSION_is_resumable(sess))) { + goto end; + } + + if (!TEST_int_eq(SSL_shutdown(clientssl), 0)) + goto end; + + if (tst >= 4) { + /* + * Reading on the server after the client has sent close_notify should + * fail and provide SSL_ERROR_ZERO_RETURN + */ + if (!TEST_false(SSL_read_ex(serverssl, buf, sizeof(buf), &readbytes)) + || !TEST_int_eq(SSL_get_error(serverssl, 0), + SSL_ERROR_ZERO_RETURN) + || !TEST_int_eq(SSL_get_shutdown(serverssl), + SSL_RECEIVED_SHUTDOWN) + /* + * Even though we're shutdown on receive we should still be + * able to write. + */ + || !TEST_true(SSL_write(serverssl, msg, sizeof(msg)))) + goto end; + if (tst == 4 + && !TEST_true(SSL_key_update(serverssl, + SSL_KEY_UPDATE_REQUESTED))) + goto end; + if (tst == 5) { + SSL_set_verify(serverssl, SSL_VERIFY_PEER, NULL); + if (!TEST_true(SSL_verify_client_post_handshake(serverssl))) + goto end; + } + if ((tst == 4 || tst == 5) + && !TEST_true(SSL_write(serverssl, msg, sizeof(msg)))) + goto end; + if (!TEST_int_eq(SSL_shutdown(serverssl), 1)) + goto end; + if (tst == 4 || tst == 5) { + /* Should still be able to read data from server */ + if (!TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), + &readbytes)) + || !TEST_size_t_eq(readbytes, sizeof(msg)) + || !TEST_int_eq(memcmp(msg, buf, readbytes), 0) + || !TEST_true(SSL_read_ex(clientssl, buf, sizeof(buf), + &readbytes)) + || !TEST_size_t_eq(readbytes, sizeof(msg)) + || !TEST_int_eq(memcmp(msg, buf, readbytes), 0)) + goto end; + } + } + + /* Writing on the client after sending close_notify shouldn't be possible */ + if (!TEST_false(SSL_write_ex(clientssl, msg, sizeof(msg), &written))) + goto end; -int main(int argc, char *argv[]) + if (tst < 4) { + /* + * For these tests the client has sent close_notify but it has not yet + * been received by the server. The server has not sent close_notify + * yet. + */ + if (!TEST_int_eq(SSL_shutdown(serverssl), 0) + /* + * Writing on the server after sending close_notify shouldn't + * be possible. + */ + || !TEST_false(SSL_write_ex(serverssl, msg, sizeof(msg), &written)) + || !TEST_int_eq(SSL_shutdown(clientssl), 1) + || !TEST_ptr_ne(sess = SSL_get_session(clientssl), NULL) + || !TEST_true(SSL_SESSION_is_resumable(sess)) + || !TEST_int_eq(SSL_shutdown(serverssl), 1)) + goto end; + } else if (tst == 4 || tst == 5) { + /* + * In this test the client has sent close_notify and it has been + * received by the server which has responded with a close_notify. The + * client needs to read the close_notify sent by the server. + */ + if (!TEST_int_eq(SSL_shutdown(clientssl), 1) + || !TEST_ptr_ne(sess = SSL_get_session(clientssl), NULL) + || !TEST_true(SSL_SESSION_is_resumable(sess))) + goto end; + } else { + /* + * tst == 6 + * + * The client has sent close_notify and is expecting a close_notify + * back, but instead there is application data first. The shutdown + * should fail with a fatal error. + */ + if (!TEST_int_eq(SSL_shutdown(clientssl), -1) + || !TEST_int_eq(SSL_get_error(clientssl, -1), SSL_ERROR_SSL)) + goto end; + } + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3) +static int cert_cb_cnt; + +static int cert_cb(SSL *s, void *arg) +{ + SSL_CTX *ctx = (SSL_CTX *)arg; + + if (cert_cb_cnt == 0) { + /* Suspend the handshake */ + cert_cb_cnt++; + return -1; + } else if (cert_cb_cnt == 1) { + /* + * Update the SSL_CTX, set the certificate and private key and then + * continue the handshake normally. + */ + if (ctx != NULL && !TEST_ptr(SSL_set_SSL_CTX(s, ctx))) + return 0; + + if (!TEST_true(SSL_use_certificate_file(s, cert, SSL_FILETYPE_PEM)) + || !TEST_true(SSL_use_PrivateKey_file(s, privkey, + SSL_FILETYPE_PEM)) + || !TEST_true(SSL_check_private_key(s))) + return 0; + cert_cb_cnt++; + return 1; + } + + /* Abort the handshake */ + return 0; +} + +/* + * Test the certificate callback. + * Test 0: Callback fails + * Test 1: Success - no SSL_set_SSL_CTX() in the callback + * Test 2: Success - SSL_set_SSL_CTX() in the callback + */ +static int test_cert_cb_int(int prot, int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL, *snictx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0, ret; + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + prot, + &sctx, &cctx, NULL, NULL))) + goto end; + + if (tst == 0) + cert_cb_cnt = -1; + else + cert_cb_cnt = 0; + if (tst == 2) + snictx = SSL_CTX_new(TLS_server_method()); + SSL_CTX_set_cert_cb(sctx, cert_cb, snictx); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL))) + goto end; + + ret = create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE); + if (!TEST_true(tst == 0 ? !ret : ret) + || (tst > 0 && !TEST_int_eq(cert_cb_cnt, 2))) { + goto end; + } + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + SSL_CTX_free(snictx); + + return testresult; +} +#endif + +static int test_cert_cb(int tst) { - BIO *err = NULL; int testresult = 1; - if (argc != 3) { - printf("Invalid argument count\n"); +#ifndef OPENSSL_NO_TLS1_2 + testresult &= test_cert_cb_int(TLS1_2_VERSION, tst); +#endif +#ifndef OPENSSL_NO_TLS1_3 + testresult &= test_cert_cb_int(TLS1_3_VERSION, tst); +#endif + + return testresult; +} + +static int client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) +{ + X509 *xcert, *peer; + EVP_PKEY *privpkey; + BIO *in = NULL; + + /* Check that SSL_get_peer_certificate() returns something sensible */ + peer = SSL_get_peer_certificate(ssl); + if (!TEST_ptr(peer)) + return 0; + X509_free(peer); + + in = BIO_new_file(cert, "r"); + if (!TEST_ptr(in)) + return 0; + + xcert = PEM_read_bio_X509(in, NULL, NULL, NULL); + BIO_free(in); + if (!TEST_ptr(xcert)) + return 0; + + in = BIO_new_file(privkey, "r"); + if (!TEST_ptr(in)) { + X509_free(xcert); + return 0; + } + + privpkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL); + BIO_free(in); + if (!TEST_ptr(privpkey)) { + X509_free(xcert); + return 0; + } + + *x509 = xcert; + *pkey = privpkey; + + return 1; +} + +static int verify_cb(int preverify_ok, X509_STORE_CTX *x509_ctx) +{ + return 1; +} + +static int test_client_cert_cb(int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + +#ifdef OPENSSL_NO_TLS1_2 + if (tst == 0) + return 1; +#endif +#ifdef OPENSSL_NO_TLS1_3 + if (tst == 1) return 1; +#endif + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + tst == 0 ? TLS1_2_VERSION + : TLS1_3_VERSION, + &sctx, &cctx, cert, privkey))) + goto end; + + /* + * Test that setting a client_cert_cb results in a client certificate being + * sent. + */ + SSL_CTX_set_client_cert_cb(cctx, client_cert_cb); + SSL_CTX_set_verify(sctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, + verify_cb); + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + + return testresult; +} + +#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3) +/* + * Test setting certificate authorities on both client and server. + * + * Test 0: SSL_CTX_set0_CA_list() only + * Test 1: Both SSL_CTX_set0_CA_list() and SSL_CTX_set_client_CA_list() + * Test 2: Only SSL_CTX_set_client_CA_list() + */ +static int test_ca_names_int(int prot, int tst) +{ + SSL_CTX *cctx = NULL, *sctx = NULL; + SSL *clientssl = NULL, *serverssl = NULL; + int testresult = 0; + size_t i; + X509_NAME *name[] = { NULL, NULL, NULL, NULL }; + char *strnames[] = { "Jack", "Jill", "John", "Joanne" }; + STACK_OF(X509_NAME) *sk1 = NULL, *sk2 = NULL; + const STACK_OF(X509_NAME) *sktmp = NULL; + + for (i = 0; i < OSSL_NELEM(name); i++) { + name[i] = X509_NAME_new(); + if (!TEST_ptr(name[i]) + || !TEST_true(X509_NAME_add_entry_by_txt(name[i], "CN", + MBSTRING_ASC, + (unsigned char *) + strnames[i], + -1, -1, 0))) + goto end; + } + + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), + TLS_client_method(), + TLS1_VERSION, + prot, + &sctx, &cctx, cert, privkey))) + goto end; + + SSL_CTX_set_verify(sctx, SSL_VERIFY_PEER, NULL); + + if (tst == 0 || tst == 1) { + if (!TEST_ptr(sk1 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[0]))) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[1]))) + || !TEST_ptr(sk2 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[0]))) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[1])))) + goto end; + + SSL_CTX_set0_CA_list(sctx, sk1); + SSL_CTX_set0_CA_list(cctx, sk2); + sk1 = sk2 = NULL; + } + if (tst == 1 || tst == 2) { + if (!TEST_ptr(sk1 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[2]))) + || !TEST_true(sk_X509_NAME_push(sk1, X509_NAME_dup(name[3]))) + || !TEST_ptr(sk2 = sk_X509_NAME_new_null()) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[2]))) + || !TEST_true(sk_X509_NAME_push(sk2, X509_NAME_dup(name[3])))) + goto end; + + SSL_CTX_set_client_CA_list(sctx, sk1); + SSL_CTX_set_client_CA_list(cctx, sk2); + sk1 = sk2 = NULL; + } + + if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl, + NULL, NULL)) + || !TEST_true(create_ssl_connection(serverssl, clientssl, + SSL_ERROR_NONE))) + goto end; + + /* + * We only expect certificate authorities to have been sent to the server + * if we are using TLSv1.3 and SSL_set0_CA_list() was used + */ + sktmp = SSL_get0_peer_CA_list(serverssl); + if (prot == TLS1_3_VERSION + && (tst == 0 || tst == 1)) { + if (!TEST_ptr(sktmp) + || !TEST_int_eq(sk_X509_NAME_num(sktmp), 2) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 0), + name[0]), 0) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 1), + name[1]), 0)) + goto end; + } else if (!TEST_ptr_null(sktmp)) { + goto end; } - cert = argv[1]; - privkey = argv[2]; + /* + * In all tests we expect certificate authorities to have been sent to the + * client. However, SSL_set_client_CA_list() should override + * SSL_set0_CA_list() + */ + sktmp = SSL_get0_peer_CA_list(clientssl); + if (!TEST_ptr(sktmp) + || !TEST_int_eq(sk_X509_NAME_num(sktmp), 2) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 0), + name[tst == 0 ? 0 : 2]), 0) + || !TEST_int_eq(X509_NAME_cmp(sk_X509_NAME_value(sktmp, 1), + name[tst == 0 ? 1 : 3]), 0)) + goto end; + + testresult = 1; + + end: + SSL_free(serverssl); + SSL_free(clientssl); + SSL_CTX_free(sctx); + SSL_CTX_free(cctx); + for (i = 0; i < OSSL_NELEM(name); i++) + X509_NAME_free(name[i]); + sk_X509_NAME_pop_free(sk1, X509_NAME_free); + sk_X509_NAME_pop_free(sk2, X509_NAME_free); + + return testresult; +} +#endif + +static int test_ca_names(int tst) +{ + int testresult = 1; - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); +#ifndef OPENSSL_NO_TLS1_2 + testresult &= test_ca_names_int(TLS1_2_VERSION, tst); +#endif +#ifndef OPENSSL_NO_TLS1_3 + testresult &= test_ca_names_int(TLS1_3_VERSION, tst); +#endif - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + return testresult; +} + +int setup_tests(void) +{ + if (!TEST_ptr(cert = test_get_argument(0)) + || !TEST_ptr(privkey = test_get_argument(1)) + || !TEST_ptr(srpvfile = test_get_argument(2)) + || !TEST_ptr(tmpfilename = test_get_argument(3))) + return 0; + + if (getenv("OPENSSL_TEST_GETCOUNTS") != NULL) { +#ifdef OPENSSL_NO_CRYPTO_MDEBUG + TEST_error("not supported in this build"); + return 0; +#else + int i, mcount, rcount, fcount; + + for (i = 0; i < 4; i++) + test_export_key_mat(i); + CRYPTO_get_alloc_counts(&mcount, &rcount, &fcount); + test_printf_stdout("malloc %d realloc %d free %d\n", + mcount, rcount, fcount); + return 1; +#endif + } ADD_TEST(test_large_message_tls); ADD_TEST(test_large_message_tls_read_ahead); @@ -1292,27 +5856,80 @@ int main(int argc, char *argv[]) ADD_TEST(test_session_with_only_int_cache); ADD_TEST(test_session_with_only_ext_cache); ADD_TEST(test_session_with_both_cache); +#ifndef OPENSSL_NO_TLS1_3 + ADD_ALL_TESTS(test_stateful_tickets, 3); + ADD_ALL_TESTS(test_stateless_tickets, 3); + ADD_TEST(test_psk_tickets); +#endif ADD_ALL_TESTS(test_ssl_set_bio, TOTAL_SSL_SET_BIO_TESTS); ADD_TEST(test_ssl_bio_pop_next_bio); ADD_TEST(test_ssl_bio_pop_ssl_bio); ADD_TEST(test_ssl_bio_change_rbio); ADD_TEST(test_ssl_bio_change_wbio); +#if !defined(OPENSSL_NO_TLS1_2) || defined(OPENSSL_NO_TLS1_3) ADD_ALL_TESTS(test_set_sigalgs, OSSL_NELEM(testsigalgs) * 2); - ADD_ALL_TESTS(test_custom_exts, 2); + ADD_TEST(test_keylog); +#endif +#ifndef OPENSSL_NO_TLS1_3 + ADD_TEST(test_keylog_no_master_key); +#endif +#ifndef OPENSSL_NO_TLS1_2 + ADD_TEST(test_client_hello_cb); +#endif +#ifndef OPENSSL_NO_TLS1_3 + ADD_ALL_TESTS(test_early_data_read_write, 3); + /* + * We don't do replay tests for external PSK. Replay protection isn't used + * in that scenario. + */ + ADD_ALL_TESTS(test_early_data_replay, 2); + ADD_ALL_TESTS(test_early_data_skip, 3); + ADD_ALL_TESTS(test_early_data_skip_hrr, 3); + ADD_ALL_TESTS(test_early_data_skip_hrr_fail, 3); + ADD_ALL_TESTS(test_early_data_skip_abort, 3); + ADD_ALL_TESTS(test_early_data_not_sent, 3); + ADD_ALL_TESTS(test_early_data_psk, 8); + ADD_ALL_TESTS(test_early_data_not_expected, 3); +# ifndef OPENSSL_NO_TLS1_2 + ADD_ALL_TESTS(test_early_data_tls1_2, 3); +# endif +#endif +#ifndef OPENSSL_NO_TLS1_3 + ADD_ALL_TESTS(test_set_ciphersuite, 10); + ADD_TEST(test_ciphersuite_change); +#ifdef OPENSSL_NO_PSK + ADD_ALL_TESTS(test_tls13_psk, 1); +#else + ADD_ALL_TESTS(test_tls13_psk, 4); +#endif /* OPENSSL_NO_PSK */ + ADD_ALL_TESTS(test_custom_exts, 5); + ADD_TEST(test_stateless); + ADD_TEST(test_pha_key_update); +#else + ADD_ALL_TESTS(test_custom_exts, 3); +#endif + ADD_ALL_TESTS(test_serverinfo, 8); + ADD_ALL_TESTS(test_export_key_mat, 4); +#ifndef OPENSSL_NO_TLS1_3 + ADD_ALL_TESTS(test_export_key_mat_early, 3); +#endif + ADD_ALL_TESTS(test_ssl_clear, 2); + ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test)); +#if !defined(OPENSSL_NO_SRP) && !defined(OPENSSL_NO_TLS1_2) + ADD_ALL_TESTS(test_srp, 6); +#endif + ADD_ALL_TESTS(test_info_callback, 6); ADD_ALL_TESTS(test_ssl_pending, 2); + ADD_ALL_TESTS(test_ssl_get_shared_ciphers, OSSL_NELEM(shared_ciphers_data)); + ADD_ALL_TESTS(test_ticket_callbacks, 12); + ADD_ALL_TESTS(test_shutdown, 7); + ADD_ALL_TESTS(test_cert_cb, 3); + ADD_ALL_TESTS(test_client_cert_cb, 2); + ADD_ALL_TESTS(test_ca_names, 3); + return 1; +} - testresult = run_tests(argv[0]); - +void cleanup_tests(void) +{ bio_s_mempacket_test_free(); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 1; -#endif - BIO_free(err); - - if (!testresult) - printf("PASS\n"); - - return testresult; } diff --git a/deps/openssl/openssl/test/sslcorrupttest.c b/deps/openssl/openssl/test/sslcorrupttest.c index d584be3b5c..d06c8c729b 100644 --- a/deps/openssl/openssl/test/sslcorrupttest.c +++ b/deps/openssl/openssl/test/sslcorrupttest.c @@ -7,9 +7,12 @@ * https://www.openssl.org/source/license.html */ +#include <string.h> #include "ssltestlib.h" #include "testutil.h" +static int docorrupt = 0; + static void copy_flags(BIO *bio) { int flags; @@ -37,9 +40,9 @@ static int tls_corrupt_write(BIO *bio, const char *in, int inl) BIO *next = BIO_next(bio); char *copy; - if (in[0] == SSL3_RT_APPLICATION_DATA) { - copy = BUF_memdup(in, inl); - TEST_check(copy != NULL); + if (docorrupt) { + if (!TEST_ptr(copy = BUF_memdup(in, inl))) + return 0; /* corrupt last bit of application data */ copy[inl-1] ^= 1; ret = BIO_write(next, copy, inl); @@ -134,19 +137,17 @@ static void bio_f_tls_corrupt_filter_free(void) */ static const char **cipher_list = NULL; -static int setup_cipher_list() +static int setup_cipher_list(void) { SSL_CTX *ctx = NULL; SSL *ssl = NULL; - static STACK_OF(SSL_CIPHER) *sk_ciphers = NULL; - int i, numciphers; + STACK_OF(SSL_CIPHER) *sk_ciphers = NULL; + int i, j, numciphers = 0; - ctx = SSL_CTX_new(TLS_server_method()); - TEST_check(ctx != NULL); - ssl = SSL_new(ctx); - TEST_check(ssl != NULL); - sk_ciphers = SSL_get1_supported_ciphers(ssl); - TEST_check(sk_ciphers != NULL); + if (!TEST_ptr(ctx = SSL_CTX_new(TLS_server_method())) + || !TEST_ptr(ssl = SSL_new(ctx)) + || !TEST_ptr(sk_ciphers = SSL_get1_supported_ciphers(ssl))) + goto err; /* * The |cipher_list| will be filled only with names of RSA ciphers, @@ -155,16 +156,19 @@ static int setup_cipher_list() */ cipher_list = OPENSSL_malloc(sk_SSL_CIPHER_num(sk_ciphers) * sizeof(cipher_list[0])); - TEST_check(cipher_list != NULL); + if (!TEST_ptr(cipher_list)) + goto err; - for (numciphers = 0, i = 0; i < sk_SSL_CIPHER_num(sk_ciphers); i++) { + for (j = 0, i = 0; i < sk_SSL_CIPHER_num(sk_ciphers); i++) { const SSL_CIPHER *cipher = sk_SSL_CIPHER_value(sk_ciphers, i); if (SSL_CIPHER_get_auth_nid(cipher) == NID_auth_rsa) - cipher_list[numciphers++] = SSL_CIPHER_get_name(cipher); + cipher_list[j++] = SSL_CIPHER_get_name(cipher); } - TEST_check(numciphers != 0); + if (TEST_int_ne(j, 0)) + numciphers = j; +err: sk_SSL_CIPHER_free(sk_ciphers); SSL_free(ssl); SSL_CTX_free(ctx); @@ -177,62 +181,59 @@ static char *privkey = NULL; static int test_ssl_corrupt(int testidx) { + static unsigned char junk[16000] = { 0 }; SSL_CTX *sctx = NULL, *cctx = NULL; SSL *server = NULL, *client = NULL; BIO *c_to_s_fbio; int testresult = 0; - static unsigned char junk[16000] = { 0 }; + STACK_OF(SSL_CIPHER) *ciphers; + const SSL_CIPHER *currcipher; + + docorrupt = 0; - printf("Starting Test %d, %s\n", testidx, cipher_list[testidx]); + TEST_info("Starting #%d, %s", testidx, cipher_list[testidx]); - if (!create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), - TLS1_VERSION, TLS_MAX_VERSION, &sctx, &cctx, - cert, privkey)) { - printf("Unable to create SSL_CTX pair\n"); + if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(), TLS_client_method(), + TLS1_VERSION, TLS_MAX_VERSION, + &sctx, &cctx, cert, privkey))) return 0; - } - if (!SSL_CTX_set_cipher_list(cctx, cipher_list[testidx])) { - printf("Failed setting cipher list\n"); + if (!TEST_true(SSL_CTX_set_cipher_list(cctx, cipher_list[testidx])) + || !TEST_true(SSL_CTX_set_ciphersuites(cctx, "")) + || !TEST_ptr(ciphers = SSL_CTX_get_ciphers(cctx)) + || !TEST_int_eq(sk_SSL_CIPHER_num(ciphers), 1) + || !TEST_ptr(currcipher = sk_SSL_CIPHER_value(ciphers, 0))) + goto end; + + /* + * No ciphers we are using are TLSv1.3 compatible so we should not attempt + * to negotiate TLSv1.3 + */ + if (!TEST_true(SSL_CTX_set_max_proto_version(cctx, TLS1_2_VERSION))) goto end; - } - c_to_s_fbio = BIO_new(bio_f_tls_corrupt_filter()); - if (c_to_s_fbio == NULL) { - printf("Failed to create filter BIO\n"); + if (!TEST_ptr(c_to_s_fbio = BIO_new(bio_f_tls_corrupt_filter()))) goto end; - } /* BIO is freed by create_ssl_connection on error */ - if (!create_ssl_objects(sctx, cctx, &server, &client, NULL, - c_to_s_fbio)) { - printf("Unable to create SSL objects\n"); - ERR_print_errors_fp(stdout); + if (!TEST_true(create_ssl_objects(sctx, cctx, &server, &client, NULL, + c_to_s_fbio))) goto end; - } - if (!create_ssl_connection(server, client)) { - printf("Unable to create SSL connection\n"); - ERR_print_errors_fp(stdout); + if (!TEST_true(create_ssl_connection(server, client, SSL_ERROR_NONE))) goto end; - } - if (SSL_write(client, junk, sizeof(junk)) < 0) { - printf("Unable to SSL_write\n"); - ERR_print_errors_fp(stdout); + docorrupt = 1; + + if (!TEST_int_ge(SSL_write(client, junk, sizeof(junk)), 0)) goto end; - } - if (SSL_read(server, junk, sizeof(junk)) >= 0) { - printf("Read should have failed with \"bad record mac\"\n"); + if (!TEST_int_lt(SSL_read(server, junk, sizeof(junk)), 0)) goto end; - } - if (ERR_GET_REASON(ERR_peek_error()) != - SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC) { - ERR_print_errors_fp(stdout); + if (!TEST_int_eq(ERR_GET_REASON(ERR_peek_error()), + SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC)) goto end; - } testresult = 1; end: @@ -240,44 +241,27 @@ static int test_ssl_corrupt(int testidx) SSL_free(client); SSL_CTX_free(sctx); SSL_CTX_free(cctx); - return testresult; } -int main(int argc, char *argv[]) +int setup_tests(void) { - BIO *err = NULL; - int testresult = 1; + int n; - if (argc != 3) { - printf("Invalid argument count\n"); - return 1; + if (!TEST_ptr(cert = test_get_argument(0)) + || !TEST_ptr(privkey = test_get_argument(1))) { + TEST_note("Usage error: require cert and private key files"); + return 0; } - cert = argv[1]; - privkey = argv[2]; - - err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - ADD_ALL_TESTS(test_ssl_corrupt, setup_cipher_list()); - - testresult = run_tests(argv[0]); + n = setup_cipher_list(); + if (n > 0) + ADD_ALL_TESTS(test_ssl_corrupt, n); + return 1; +} +void cleanup_tests(void) +{ bio_f_tls_corrupt_filter_free(); - OPENSSL_free(cipher_list); - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(err) <= 0) - testresult = 1; -#endif - BIO_free(err); - - if (!testresult) - printf("PASS\n"); - - return testresult; } diff --git a/deps/openssl/openssl/test/ssltest_old.c b/deps/openssl/openssl/test/ssltest_old.c index e77c69209d..92970776fd 100644 --- a/deps/openssl/openssl/test/ssltest_old.c +++ b/deps/openssl/openssl/test/ssltest_old.c @@ -1,5 +1,7 @@ /* * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved + * Copyright 2005 Nokia. All rights reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,37 +9,7 @@ * https://www.openssl.org/source/license.html */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * ECC cipher suite support in OpenSSL originally developed by - * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. - */ -/* ==================================================================== - * Copyright 2005 Nokia. All rights reserved. - * - * The portions of the attached software ("Contribution") is developed by - * Nokia Corporation and is licensed pursuant to the OpenSSL open source - * license. - * - * The Contribution, originally written by Mika Kousa and Pasi Eronen of - * Nokia Corporation, consists of the "PSK" (Pre-Shared Key) ciphersuites - * support (see RFC 4279) to OpenSSL. - * - * No patent licenses or other rights except those expressly stated in - * the OpenSSL open source license shall be deemed granted or received - * expressly, by implication, estoppel, or otherwise. - * - * No assurances are provided by Nokia that the Contribution does not - * infringe the patent or other intellectual property rights of any third - * party or that the license provides you with all the necessary rights - * to make use of the Contribution. - * - * THE SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IN - * ADDITION TO THE DISCLAIMERS INCLUDED IN THE LICENSE, NOKIA - * SPECIFICALLY DISCLAIMS ANY LIABILITY FOR CLAIMS BROUGHT BY YOU OR ANY - * OTHER ENTITY BASED ON INFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS OR - * OTHERWISE. - */ +#include "e_os.h" /* Or gethostname won't be declared properly on Linux and GNU platforms. */ #ifndef _BSD_SOURCE @@ -55,8 +27,7 @@ #include <string.h> #include <time.h> -#define USE_SOCKETS -#include "e_os.h" +#include "internal/nelem.h" #ifdef OPENSSL_SYS_VMS /* @@ -84,9 +55,6 @@ #ifndef OPENSSL_NO_DH # include <openssl/dh.h> #endif -#ifndef OPENSSL_NO_SRP -# include <openssl/srp.h> -#endif #include <openssl/bn.h> #ifndef OPENSSL_NO_CT # include <openssl/ct.h> @@ -141,45 +109,6 @@ static unsigned int psk_server_callback(SSL *ssl, const char *identity, unsigned int max_psk_len); #endif -#ifndef OPENSSL_NO_SRP -/* SRP client */ -/* This is a context that we pass to all callbacks */ -typedef struct srp_client_arg_st { - char *srppassin; - char *srplogin; -} SRP_CLIENT_ARG; - -# define PWD_STRLEN 1024 - -static char *ssl_give_srp_client_pwd_cb(SSL *s, void *arg) -{ - SRP_CLIENT_ARG *srp_client_arg = (SRP_CLIENT_ARG *)arg; - return OPENSSL_strdup((char *)srp_client_arg->srppassin); -} - -/* SRP server */ -/* This is a context that we pass to SRP server callbacks */ -typedef struct srp_server_arg_st { - char *expected_user; - char *pass; -} SRP_SERVER_ARG; - -static int ssl_srp_server_param_cb(SSL *s, int *ad, void *arg) -{ - SRP_SERVER_ARG *p = (SRP_SERVER_ARG *)arg; - - if (strcmp(p->expected_user, SSL_get_srp_username(s)) != 0) { - fprintf(stderr, "User %s doesn't exist\n", SSL_get_srp_username(s)); - return SSL3_AL_FATAL; - } - if (SSL_set_srp_server_param_pw(s, p->expected_user, p->pass, "1024") < 0) { - *ad = SSL_AD_INTERNAL_ERROR; - return SSL3_AL_FATAL; - } - return SSL_ERROR_NONE; -} -#endif - static BIO *bio_err = NULL; static BIO *bio_stdout = NULL; @@ -352,7 +281,7 @@ static unsigned char *next_protos_parse(size_t *outlen, OPENSSL_free(out); return NULL; } - out[start] = i - start; + out[start] = (unsigned char)(i - start); start = i + 1; } else out[i + 1] = in[i]; @@ -494,7 +423,7 @@ static int serverinfo_cli_parse_cb(SSL *s, unsigned int ext_type, return 1; } -static int verify_serverinfo() +static int verify_serverinfo(void) { if (serverinfo_sct != serverinfo_sct_seen) return -1; @@ -683,10 +612,9 @@ static int custom_ext_3_srv_add_cb(SSL *s, unsigned int ext_type, } static char *cipher = NULL; +static char *ciphersuites = NULL; static int verbose = 0; static int debug = 0; -static const char rnd_seed[] = - "string to make the random number generator think it has entropy"; int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long bytes, clock_t *s_time, clock_t *c_time); @@ -698,9 +626,6 @@ static void sv_usage(void) { fprintf(stderr, "usage: ssltest [args ...]\n"); fprintf(stderr, "\n"); -#ifdef OPENSSL_FIPS - fprintf(stderr, "-F - run test in FIPS mode\n"); -#endif fprintf(stderr, " -server_auth - check server certificate\n"); fprintf(stderr, " -client_auth - do client authentication\n"); fprintf(stderr, " -v - more output\n"); @@ -724,10 +649,6 @@ static void sv_usage(void) #ifndef OPENSSL_NO_PSK fprintf(stderr, " -psk arg - PSK in hex (without 0x)\n"); #endif -#ifndef OPENSSL_NO_SRP - fprintf(stderr, " -srpuser user - SRP username to use\n"); - fprintf(stderr, " -srppass arg - password for 'user'\n"); -#endif #ifndef OPENSSL_NO_SSL3 fprintf(stderr, " -ssl3 - use SSLv3\n"); #endif @@ -751,7 +672,8 @@ static void sv_usage(void) fprintf(stderr, " -c_cert arg - Client certificate file\n"); fprintf(stderr, " -c_key arg - Client key file (default: same as -c_cert)\n"); - fprintf(stderr, " -cipher arg - The cipher list\n"); + fprintf(stderr, " -cipher arg - The TLSv1.2 and below cipher list\n"); + fprintf(stderr, " -ciphersuites arg - The TLSv1.3 ciphersuites\n"); fprintf(stderr, " -bio_pair - Use BIO pairs\n"); fprintf(stderr, " -ipv4 - Use IPv4 connection on localhost\n"); fprintf(stderr, " -ipv6 - Use IPv6 connection on localhost\n"); @@ -857,7 +779,7 @@ static void print_details(SSL *c_ssl, const char *prefix) } X509_free(cert); } - if (SSL_get_server_tmp_key(c_ssl, &pkey)) { + if (SSL_get_peer_tmp_key(c_ssl, &pkey)) { BIO_puts(bio_stdout, ", temp key: "); print_key_details(bio_stdout, pkey); EVP_PKEY_free(pkey); @@ -883,6 +805,7 @@ static int protocol_from_string(const char *value) {"tls1", TLS1_VERSION}, {"tls1.1", TLS1_1_VERSION}, {"tls1.2", TLS1_2_VERSION}, + {"tls1.3", TLS1_3_VERSION}, {"dtls1", DTLS1_VERSION}, {"dtls1.2", DTLS1_2_VERSION}}; size_t i; @@ -955,7 +878,8 @@ int main(int argc, char *argv[]) int badop = 0; enum { BIO_MEM, BIO_PAIR, BIO_IPV4, BIO_IPV6 } bio_type = BIO_MEM; int force = 0; - int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, ssl3 = 0, ret = 1; + int dtls1 = 0, dtls12 = 0, dtls = 0, tls1 = 0, tls1_2 = 0, ssl3 = 0; + int ret = EXIT_FAILURE; int client_auth = 0; int server_auth = 0, i; struct app_verify_arg app_verify_arg = @@ -972,12 +896,6 @@ int main(int argc, char *argv[]) DH *dh; int dhe512 = 0, dhe1024dsa = 0; #endif -#ifndef OPENSSL_NO_SRP - /* client */ - SRP_CLIENT_ARG srp_client_arg = { NULL, NULL }; - /* server */ - SRP_SERVER_ARG srp_server_arg = { NULL, NULL }; -#endif int no_dhe = 0; int no_psk = 0; int print_time = 0; @@ -987,9 +905,6 @@ int main(int argc, char *argv[]) COMP_METHOD *cm = NULL; STACK_OF(SSL_COMP) *ssl_comp_methods = NULL; #endif -#ifdef OPENSSL_FIPS - int fips_mode = 0; -#endif int no_protocol; int min_version = 0, max_version = 0; #ifndef OPENSSL_NO_CT @@ -1005,7 +920,6 @@ int main(int argc, char *argv[]) verbose = 0; debug = 0; - cipher = 0; bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); @@ -1014,8 +928,6 @@ int main(int argc, char *argv[]) CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - RAND_seed(rnd_seed, sizeof(rnd_seed)); - bio_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); s_cctx = SSL_CONF_CTX_new(); @@ -1058,13 +970,9 @@ int main(int argc, char *argv[]) while (argc >= 1) { if (strcmp(*argv, "-F") == 0) { -#ifdef OPENSSL_FIPS - fips_mode = 1; -#else fprintf(stderr, "not compiled with FIPS support, so exiting without running.\n"); EXIT(0); -#endif } else if (strcmp(*argv, "-server_auth") == 0) server_auth = 1; else if (strcmp(*argv, "-client_auth") == 0) @@ -1106,21 +1014,9 @@ int main(int argc, char *argv[]) no_psk = 1; #endif } -#ifndef OPENSSL_NO_SRP - else if (strcmp(*argv, "-srpuser") == 0) { - if (--argc < 1) - goto bad; - srp_server_arg.expected_user = srp_client_arg.srplogin = - *(++argv); - min_version = TLS1_VERSION; - } else if (strcmp(*argv, "-srppass") == 0) { - if (--argc < 1) - goto bad; - srp_server_arg.pass = srp_client_arg.srppassin = *(++argv); - min_version = TLS1_VERSION; - } -#endif - else if (strcmp(*argv, "-tls1") == 0) { + else if (strcmp(*argv, "-tls1_2") == 0) { + tls1_2 = 1; + } else if (strcmp(*argv, "-tls1") == 0) { tls1 = 1; } else if (strcmp(*argv, "-ssl3") == 0) { ssl3 = 1; @@ -1151,6 +1047,10 @@ int main(int argc, char *argv[]) if (--argc < 1) goto bad; cipher = *(++argv); + } else if (strcmp(*argv, "-ciphersuites") == 0) { + if (--argc < 1) + goto bad; + ciphersuites = *(++argv); } else if (strcmp(*argv, "-CApath") == 0) { if (--argc < 1) goto bad; @@ -1326,8 +1226,8 @@ int main(int argc, char *argv[]) goto end; } - if (ssl3 + tls1 + dtls + dtls1 + dtls12 > 1) { - fprintf(stderr, "At most one of -ssl3, -tls1, -dtls, -dtls1 or -dtls12 should " + if (ssl3 + tls1 + tls1_2 + dtls + dtls1 + dtls12 > 1) { + fprintf(stderr, "At most one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1 or -dtls12 should " "be requested.\n"); EXIT(1); } @@ -1342,6 +1242,11 @@ int main(int argc, char *argv[]) no_protocol = 1; else #endif +#ifdef OPENSSL_NO_TLS1_2 + if (tls1_2) + no_protocol = 1; + else +#endif #if defined(OPENSSL_NO_DTLS) || defined(OPENSSL_NO_DTLS1) if (dtls1) no_protocol = 1; @@ -1362,26 +1267,18 @@ int main(int argc, char *argv[]) if (no_protocol) { fprintf(stderr, "Testing was requested for a disabled protocol. " "Skipping tests.\n"); - ret = 0; + ret = EXIT_SUCCESS; goto end; } - if (!ssl3 && !tls1 && !dtls && !dtls1 && !dtls12 && number > 1 && !reuse && !force) { + if (!ssl3 && !tls1 && !tls1_2 && !dtls && !dtls1 && !dtls12 && number > 1 + && !reuse && !force) { fprintf(stderr, "This case cannot work. Use -f to perform " "the test anyway (and\n-d to see what happens), " - "or add one of -ssl3, -tls1, -dtls, -dtls1, -dtls12, -reuse\n" + "or add one of -ssl3, -tls1, -tls1_2, -dtls, -dtls1, -dtls12, -reuse\n" "to avoid protocol mismatch.\n"); EXIT(1); } -#ifdef OPENSSL_FIPS - if (fips_mode) { - if (!FIPS_mode_set(1)) { - ERR_print_errors(bio_err); - EXIT(1); - } else - fprintf(stderr, "*** IN FIPS MODE ***\n"); - } -#endif if (print_time) { if (bio_type != BIO_PAIR) { @@ -1393,8 +1290,6 @@ int main(int argc, char *argv[]) "Warning: For accurate timings, use more connections (e.g. -num 1000)\n"); } -/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */ - #ifndef OPENSSL_NO_COMP if (comp == COMP_ZLIB) cm = COMP_zlib(); @@ -1432,6 +1327,9 @@ int main(int argc, char *argv[]) } else if (tls1) { min_version = TLS1_VERSION; max_version = TLS1_VERSION; + } else if (tls1_2) { + min_version = TLS1_2_VERSION; + max_version = TLS1_2_VERSION; } else { min_version = SSL3_VERSION; max_version = TLS_MAX_VERSION; @@ -1474,26 +1372,14 @@ int main(int argc, char *argv[]) SSL_CTX_set_options(s_ctx, SSL_OP_NO_TICKET); } - if (SSL_CTX_set_min_proto_version(c_ctx, min_version) == 0) { - printf("Unable to set client min protocol version (0x%X)\n", - min_version); + if (SSL_CTX_set_min_proto_version(c_ctx, min_version) == 0) goto end; - } - if (SSL_CTX_set_max_proto_version(c_ctx, max_version) == 0) { - printf("Unable to set client max protocol version (0x%X)\n", - max_version); + if (SSL_CTX_set_max_proto_version(c_ctx, max_version) == 0) goto end; - } - if (SSL_CTX_set_min_proto_version(s_ctx, min_version) == 0) { - printf("Unable to set server min protocol version (0x%X)\n", - min_version); + if (SSL_CTX_set_min_proto_version(s_ctx, min_version) == 0) goto end; - } - if (SSL_CTX_set_max_proto_version(s_ctx, max_version) == 0) { - printf("Unable to set server max protocol version (0x%X)\n", - max_version); + if (SSL_CTX_set_max_proto_version(s_ctx, max_version) == 0) goto end; - } if (cipher != NULL) { if (!SSL_CTX_set_cipher_list(c_ctx, cipher) @@ -1503,6 +1389,14 @@ int main(int argc, char *argv[]) goto end; } } + if (ciphersuites != NULL) { + if (!SSL_CTX_set_ciphersuites(c_ctx, ciphersuites) + || !SSL_CTX_set_ciphersuites(s_ctx, ciphersuites) + || !SSL_CTX_set_ciphersuites(s_ctx2, ciphersuites)) { + ERR_print_errors(bio_err); + goto end; + } + } #ifndef OPENSSL_NO_CT if (ct_validation && @@ -1563,9 +1457,7 @@ int main(int argc, char *argv[]) (!SSL_CTX_set_default_verify_paths(s_ctx2)) || (!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) || (!SSL_CTX_set_default_verify_paths(c_ctx))) { - /* fprintf(stderr,"SSL_load_verify_locations\n"); */ ERR_print_errors(bio_err); - /* goto end; */ } #ifndef OPENSSL_NO_CT @@ -1617,7 +1509,7 @@ int main(int argc, char *argv[]) * if PSK is not compiled in and psk key is given, do nothing and * exit successfully */ - ret = 0; + ret = EXIT_SUCCESS; goto end; } #ifndef OPENSSL_NO_PSK @@ -1634,29 +1526,6 @@ int main(int argc, char *argv[]) } #endif } -#ifndef OPENSSL_NO_SRP - if (srp_client_arg.srplogin) { - if (!SSL_CTX_set_srp_username(c_ctx, srp_client_arg.srplogin)) { - BIO_printf(bio_err, "Unable to set SRP username\n"); - goto end; - } - SSL_CTX_set_srp_cb_arg(c_ctx, &srp_client_arg); - SSL_CTX_set_srp_client_pwd_callback(c_ctx, - ssl_give_srp_client_pwd_cb); - /* - * SSL_CTX_set_srp_strength(c_ctx, srp_client_arg.strength); - */ - } - - if (srp_server_arg.expected_user != NULL) { - SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback); - SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback); - SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg); - SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg); - SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb); - SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb); - } -#endif #ifndef OPENSSL_NO_NEXTPROTONEG if (npn_client) { @@ -1668,14 +1537,12 @@ int main(int argc, char *argv[]) "Can't have both -npn_server and -npn_server_reject\n"); goto end; } - SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_npn, NULL); - SSL_CTX_set_next_protos_advertised_cb(s_ctx2, cb_server_npn, NULL); + SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_npn, NULL); + SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_npn, NULL); } if (npn_server_reject) { - SSL_CTX_set_next_protos_advertised_cb(s_ctx, cb_server_rejects_npn, - NULL); - SSL_CTX_set_next_protos_advertised_cb(s_ctx2, cb_server_rejects_npn, - NULL); + SSL_CTX_set_npn_advertised_cb(s_ctx, cb_server_rejects_npn, NULL); + SSL_CTX_set_npn_advertised_cb(s_ctx2, cb_server_rejects_npn, NULL); } #endif @@ -1861,26 +1728,26 @@ int main(int argc, char *argv[]) #else case BIO_IPV4: case BIO_IPV6: - ret = 1; + ret = EXIT_FAILURE; goto err; #endif } - if (ret) break; + if (ret != EXIT_SUCCESS) break; } - if (should_negotiate && ret == 0 && + if (should_negotiate && ret == EXIT_SUCCESS && strcmp(should_negotiate, "fail-server") != 0 && strcmp(should_negotiate, "fail-client") != 0) { int version = protocol_from_string(should_negotiate); if (version < 0) { BIO_printf(bio_err, "Error parsing: %s\n", should_negotiate); - ret = 1; + ret = EXIT_FAILURE; goto err; } if (SSL_version(c_ssl) != version) { BIO_printf(bio_err, "Unexpected version negotiated. " "Expected: %s, got %s\n", should_negotiate, SSL_get_version(c_ssl)); - ret = 1; + ret = EXIT_FAILURE; goto err; } } @@ -1891,20 +1758,20 @@ int main(int argc, char *argv[]) BIO_printf(bio_err, "Unexpected session reuse state. " "Expected: %d, server: %d, client: %d\n", should_reuse, SSL_session_reused(s_ssl), SSL_session_reused(c_ssl)); - ret = 1; + ret = EXIT_FAILURE; goto err; } } if (server_sess_out != NULL) { if (write_session(server_sess_out, SSL_get_session(s_ssl)) == 0) { - ret = 1; + ret = EXIT_FAILURE; goto err; } } if (client_sess_out != NULL) { if (write_session(client_sess_out, SSL_get_session(c_ssl)) == 0) { - ret = 1; + ret = EXIT_FAILURE; goto err; } } @@ -1951,7 +1818,7 @@ int main(int argc, char *argv[]) #ifndef OPENSSL_NO_CRYPTO_MDEBUG if (CRYPTO_mem_leaks(bio_err) <= 0) - ret = 1; + ret = EXIT_FAILURE; #endif BIO_free(bio_err); EXIT(ret); @@ -1965,11 +1832,12 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count, BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; BIO *acpt = NULL, *server = NULL, *client = NULL; char addr_str[40]; - int ret = 1; + int ret = EXIT_FAILURE; int err_in_client = 0; int err_in_server = 0; - acpt = BIO_new_accept("0"); + acpt = BIO_new_accept(family == BIO_FAMILY_IPV4 ? "127.0.0.1:0" + : "[::1]:0"); if (acpt == NULL) goto err; BIO_set_accept_ip_family(acpt, family); @@ -2198,35 +2066,26 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count, if (verbose) print_details(c_ssl, "DONE via TCP connect: "); # ifndef OPENSSL_NO_NEXTPROTONEG - if (verify_npn(c_ssl, s_ssl) < 0) { - ret = 1; + if (verify_npn(c_ssl, s_ssl) < 0) goto end; - } # endif if (verify_serverinfo() < 0) { fprintf(stderr, "Server info verify error\n"); - ret = 1; - goto err; - } - if (verify_alpn(c_ssl, s_ssl) < 0) { - ret = 1; goto err; } - if (verify_servername(c_ssl, s_ssl) < 0) { - ret = 1; + if (verify_alpn(c_ssl, s_ssl) < 0 + || verify_servername(c_ssl, s_ssl) < 0) goto err; - } if (custom_ext_error) { fprintf(stderr, "Custom extension error\n"); - ret = 1; goto err; } # ifndef OPENSSL_NO_NEXTPROTONEG end: # endif - ret = 0; + ret = EXIT_SUCCESS; err: ERR_print_errors(bio_err); @@ -2238,9 +2097,9 @@ int doit_localhost(SSL *s_ssl, SSL *c_ssl, int family, long count, BIO_free(c_ssl_bio); if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0) - ret = (err_in_client != 0) ? 0 : 1; + ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE; else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0) - ret = (err_in_server != 0) ? 0 : 1; + ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE; return ret; } @@ -2252,7 +2111,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, long cw_num = count, cr_num = count, sw_num = count, sr_num = count; BIO *s_ssl_bio = NULL, *c_ssl_bio = NULL; BIO *server = NULL, *server_io = NULL, *client = NULL, *client_io = NULL; - int ret = 1; + int ret = EXIT_FAILURE; int err_in_client = 0; int err_in_server = 0; @@ -2307,7 +2166,7 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, * Useful functions for querying the state of BIO pair endpoints: * * BIO_ctrl_pending(bio) number of bytes we can read now - * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfil + * BIO_ctrl_get_read_request(bio) number of bytes needed to fulfill * other side's read attempt * BIO_ctrl_get_write_guarantee(bio) number of bytes we can write now * @@ -2581,35 +2440,26 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, if (verbose) print_details(c_ssl, "DONE via BIO pair: "); #ifndef OPENSSL_NO_NEXTPROTONEG - if (verify_npn(c_ssl, s_ssl) < 0) { - ret = 1; + if (verify_npn(c_ssl, s_ssl) < 0) goto end; - } #endif if (verify_serverinfo() < 0) { fprintf(stderr, "Server info verify error\n"); - ret = 1; goto err; } - if (verify_alpn(c_ssl, s_ssl) < 0) { - ret = 1; + if (verify_alpn(c_ssl, s_ssl) < 0 + || verify_servername(c_ssl, s_ssl) < 0) goto err; - } - if (verify_servername(c_ssl, s_ssl) < 0) { - ret = 1; - goto err; - } if (custom_ext_error) { fprintf(stderr, "Custom extension error\n"); - ret = 1; goto err; } #ifndef OPENSSL_NO_NEXTPROTONEG end: #endif - ret = 0; + ret = EXIT_SUCCESS; err: ERR_print_errors(bio_err); @@ -2622,9 +2472,9 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count, BIO_free(c_ssl_bio); if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0) - ret = (err_in_client != 0) ? 0 : 1; + ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE; else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0) - ret = (err_in_server != 0) ? 0 : 1; + ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE; return ret; } @@ -2640,7 +2490,7 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) long bufsiz; long cw_num = count, cr_num = count; long sw_num = count, sr_num = count; - int ret = 1; + int ret = EXIT_FAILURE; BIO *c_to_s = NULL; BIO *s_to_c = NULL; BIO *c_bio = NULL; @@ -2729,22 +2579,12 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) if (SSL_in_init(s_ssl)) printf("server waiting in SSL_accept - %s\n", SSL_state_string_long(s_ssl)); -/*- - else if (s_write) - printf("server:SSL_write()\n"); - else - printf("server:SSL_read()\n"); */ } if (do_client && debug) { if (SSL_in_init(c_ssl)) printf("client waiting in SSL_connect - %s\n", SSL_state_string_long(c_ssl)); -/*- - else if (c_write) - printf("client:SSL_write()\n"); - else - printf("client:SSL_read()\n"); */ } if (!do_client && !do_server) { @@ -2898,22 +2738,18 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) if (verbose) print_details(c_ssl, "DONE: "); #ifndef OPENSSL_NO_NEXTPROTONEG - if (verify_npn(c_ssl, s_ssl) < 0) { - ret = 1; + if (verify_npn(c_ssl, s_ssl) < 0) goto err; - } #endif if (verify_serverinfo() < 0) { fprintf(stderr, "Server info verify error\n"); - ret = 1; goto err; } if (custom_ext_error) { fprintf(stderr, "Custom extension error\n"); - ret = 1; goto err; } - ret = 0; + ret = EXIT_SUCCESS; err: BIO_free(c_to_s); BIO_free(s_to_c); @@ -2923,11 +2759,11 @@ int doit(SSL *s_ssl, SSL *c_ssl, long count) OPENSSL_free(sbuf); if (should_negotiate != NULL && strcmp(should_negotiate, "fail-client") == 0) - ret = (err_in_client != 0) ? 0 : 1; + ret = (err_in_client != 0) ? EXIT_SUCCESS : EXIT_FAILURE; else if (should_negotiate != NULL && strcmp(should_negotiate, "fail-server") == 0) - ret = (err_in_server != 0) ? 0 : 1; + ret = (err_in_server != 0) ? EXIT_SUCCESS : EXIT_FAILURE; - return (ret); + return ret; } static int verify_callback(int ok, X509_STORE_CTX *ctx) @@ -2962,7 +2798,7 @@ static int verify_callback(int ok, X509_STORE_CTX *ctx) } } - return (ok); + return ok; } static int app_verify_callback(X509_STORE_CTX *ctx, void *arg) @@ -2984,12 +2820,12 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg) printf("cert depth=%d %s\n", X509_STORE_CTX_get_error_depth(ctx), buf); } - return (1); + return 1; } ok = X509_verify_cert(ctx); - return (ok); + return ok; } #ifndef OPENSSL_NO_DH @@ -3000,7 +2836,7 @@ static int app_verify_callback(X509_STORE_CTX *ctx, void *arg) * $ openssl dhparam -C -noout -dsaparam 1024 * (The third function has been renamed to avoid name conflicts.) */ -static DH *get_dh512() +static DH *get_dh512(void) { static unsigned char dh512_p[] = { 0xCB, 0xC8, 0xE1, 0x86, 0xD0, 0x1F, 0x94, 0x17, 0xA6, 0x99, 0xF0, @@ -3022,19 +2858,19 @@ static DH *get_dh512() BIGNUM *p, *g; if ((dh = DH_new()) == NULL) - return (NULL); + return NULL; p = BN_bin2bn(dh512_p, sizeof(dh512_p), NULL); g = BN_bin2bn(dh512_g, sizeof(dh512_g), NULL); if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) { DH_free(dh); BN_free(p); BN_free(g); - return (NULL); + return NULL; } - return (dh); + return dh; } -static DH *get_dh1024() +static DH *get_dh1024(void) { static unsigned char dh1024_p[] = { 0xF8, 0x81, 0x89, 0x7D, 0x14, 0x24, 0xC5, 0xD1, 0xE6, 0xF7, 0xBF, @@ -3066,19 +2902,19 @@ static DH *get_dh1024() BIGNUM *p, *g; if ((dh = DH_new()) == NULL) - return (NULL); + return NULL; p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) { DH_free(dh); BN_free(p); BN_free(g); - return (NULL); + return NULL; } - return (dh); + return dh; } -static DH *get_dh1024dsa() +static DH *get_dh1024dsa(void) { static unsigned char dh1024_p[] = { 0xC8, 0x00, 0xF7, 0x08, 0x07, 0x89, 0x4D, 0x90, 0x53, 0xF3, 0xD5, @@ -3130,17 +2966,17 @@ static DH *get_dh1024dsa() BIGNUM *p, *g; if ((dh = DH_new()) == NULL) - return (NULL); + return NULL; p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); if ((p == NULL) || (g == NULL) || !DH_set0_pqg(dh, p, NULL, g)) { DH_free(dh); BN_free(p); BN_free(g); - return (NULL); + return NULL; } DH_set_length(dh, 160); - return (dh); + return dh; } #endif diff --git a/deps/openssl/openssl/test/ssltestlib.c b/deps/openssl/openssl/test/ssltestlib.c index b824f15248..eafac3cc42 100644 --- a/deps/openssl/openssl/test/ssltestlib.c +++ b/deps/openssl/openssl/test/ssltestlib.c @@ -9,8 +9,37 @@ #include <string.h> -#include "e_os.h" +#include "internal/nelem.h" #include "ssltestlib.h" +#include "testutil.h" +#include "e_os.h" + +#ifdef OPENSSL_SYS_UNIX +# include <unistd.h> + +static ossl_inline void ossl_sleep(unsigned int millis) { + usleep(millis * 1000); +} +#elif defined(_WIN32) +# include <windows.h> + +static ossl_inline void ossl_sleep(unsigned int millis) { + Sleep(millis); +} +#else +/* Fallback to a busy wait */ +static ossl_inline void ossl_sleep(unsigned int millis) { + struct timeval start, now; + unsigned int elapsedms; + + gettimeofday(&start, NULL); + do { + gettimeofday(&now, NULL); + elapsedms = (((now.tv_sec - start.tv_sec) * 1000000) + + now.tv_usec - start.tv_usec) / 1000; + } while (elapsedms < millis); +} +#endif static int tls_dump_new(BIO *bi); static int tls_dump_free(BIO *a); @@ -21,12 +50,11 @@ static int tls_dump_gets(BIO *bp, char *buf, int size); static int tls_dump_puts(BIO *bp, const char *str); /* Choose a sufficiently large type likely to be unused for this custom BIO */ -# define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER) - -# define BIO_TYPE_MEMPACKET_TEST 0x81 +#define BIO_TYPE_TLS_DUMP_FILTER (0x80 | BIO_TYPE_FILTER) +#define BIO_TYPE_MEMPACKET_TEST 0x81 static BIO_METHOD *method_tls_dump = NULL; -static BIO_METHOD *method_mempacket_test = NULL; +static BIO_METHOD *meth_mem = NULL; /* Note: Not thread safe! */ const BIO_METHOD *bio_f_tls_dump_filter(void) @@ -156,7 +184,7 @@ static void dump_data(const char *data, int len) printf("*** Message Fragment len: %d\n", fraglen); if (fragoff + fraglen > msglen) printf("***---- HANDSHAKE MESSAGE FRAGMENT INVALID ----\n"); - else if(reclen < fraglen) + else if (reclen < fraglen) printf("**---- HANDSHAKE MESSAGE FRAGMENT TRUNCATED ----\n"); else printf("**---- END OF HANDSHAKE MESSAGE FRAGMENT ----\n"); @@ -252,7 +280,11 @@ typedef struct mempacket_test_ctx_st { unsigned int currrec; unsigned int currpkt; unsigned int lastpkt; + unsigned int injected; unsigned int noinject; + unsigned int dropepoch; + int droprec; + int duprec; } MEMPACKET_TEST_CTX; static int mempacket_test_new(BIO *bi); @@ -265,37 +297,38 @@ static int mempacket_test_puts(BIO *bp, const char *str); const BIO_METHOD *bio_s_mempacket_test(void) { - if (method_mempacket_test == NULL) { - method_mempacket_test = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST, - "Mem Packet Test"); - if ( method_mempacket_test == NULL - || !BIO_meth_set_write(method_mempacket_test, mempacket_test_write) - || !BIO_meth_set_read(method_mempacket_test, mempacket_test_read) - || !BIO_meth_set_puts(method_mempacket_test, mempacket_test_puts) - || !BIO_meth_set_gets(method_mempacket_test, mempacket_test_gets) - || !BIO_meth_set_ctrl(method_mempacket_test, mempacket_test_ctrl) - || !BIO_meth_set_create(method_mempacket_test, mempacket_test_new) - || !BIO_meth_set_destroy(method_mempacket_test, mempacket_test_free)) + if (meth_mem == NULL) { + if (!TEST_ptr(meth_mem = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST, + "Mem Packet Test")) + || !TEST_true(BIO_meth_set_write(meth_mem, mempacket_test_write)) + || !TEST_true(BIO_meth_set_read(meth_mem, mempacket_test_read)) + || !TEST_true(BIO_meth_set_puts(meth_mem, mempacket_test_puts)) + || !TEST_true(BIO_meth_set_gets(meth_mem, mempacket_test_gets)) + || !TEST_true(BIO_meth_set_ctrl(meth_mem, mempacket_test_ctrl)) + || !TEST_true(BIO_meth_set_create(meth_mem, mempacket_test_new)) + || !TEST_true(BIO_meth_set_destroy(meth_mem, mempacket_test_free))) return NULL; } - return method_mempacket_test; + return meth_mem; } void bio_s_mempacket_test_free(void) { - BIO_meth_free(method_mempacket_test); + BIO_meth_free(meth_mem); } static int mempacket_test_new(BIO *bio) { - MEMPACKET_TEST_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); - if (ctx == NULL) + MEMPACKET_TEST_CTX *ctx; + + if (!TEST_ptr(ctx = OPENSSL_zalloc(sizeof(*ctx)))) return 0; - ctx->pkts = sk_MEMPACKET_new_null(); - if (ctx->pkts == NULL) { + if (!TEST_ptr(ctx->pkts = sk_MEMPACKET_new_null())) { OPENSSL_free(ctx); return 0; } + ctx->dropepoch = 0; + ctx->droprec = -1; BIO_set_init(bio, 1); BIO_set_data(bio, ctx); return 1; @@ -309,13 +342,12 @@ static int mempacket_test_free(BIO *bio) OPENSSL_free(ctx); BIO_set_data(bio, NULL); BIO_set_init(bio, 0); - return 1; } /* Record Header values */ -#define EPOCH_HI 4 -#define EPOCH_LO 5 +#define EPOCH_HI 3 +#define EPOCH_LO 4 #define RECORD_SEQUENCE 10 #define RECORD_LEN_HI 11 #define RECORD_LEN_LO 12 @@ -331,7 +363,6 @@ static int mempacket_test_read(BIO *bio, char *out, int outl) unsigned int seq, offset, len, epoch; BIO_clear_retry_flags(bio); - thispkt = sk_MEMPACKET_value(ctx->pkts, 0); if (thispkt == NULL || thispkt->num != ctx->currpkt) { /* Probably run out of data */ @@ -344,19 +375,17 @@ static int mempacket_test_read(BIO *bio, char *out, int outl) if (outl > thispkt->len) outl = thispkt->len; - if (thispkt->type != INJECT_PACKET_IGNORE_REC_SEQ) { + if (thispkt->type != INJECT_PACKET_IGNORE_REC_SEQ + && (ctx->injected || ctx->droprec >= 0)) { /* * Overwrite the record sequence number. We strictly number them in * the order received. Since we are actually a reliable transport * we know that there won't be any re-ordering. We overwrite to deal * with any packets that have been injected */ - rem = thispkt->len; - rec = thispkt->data; - while (rem > 0) { - if (rem < DTLS1_RT_HEADER_LENGTH) { + for (rem = thispkt->len, rec = thispkt->data; rem > 0; rem -= len) { + if (rem < DTLS1_RT_HEADER_LENGTH) return -1; - } epoch = (rec[EPOCH_HI] << 8) | rec[EPOCH_LO]; if (epoch != ctx->epoch) { ctx->epoch = epoch; @@ -369,20 +398,28 @@ static int mempacket_test_read(BIO *bio, char *out, int outl) seq >>= 8; offset++; } while (seq > 0); - ctx->currrec++; len = ((rec[RECORD_LEN_HI] << 8) | rec[RECORD_LEN_LO]) + DTLS1_RT_HEADER_LENGTH; + if (rem < (int)len) + return -1; + if (ctx->droprec == (int)ctx->currrec && ctx->dropepoch == epoch) { + if (rem > (int)len) + memmove(rec, rec + len, rem - len); + outl -= len; + ctx->droprec = -1; + if (outl == 0) + BIO_set_retry_read(bio); + } else { + rec += len; + } - rec += len; - rem -= len; + ctx->currrec++; } } memcpy(out, thispkt->data, outl); - mempacket_free(thispkt); - return outl; } @@ -390,42 +427,64 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, int type) { MEMPACKET_TEST_CTX *ctx = BIO_get_data(bio); - MEMPACKET *thispkt, *looppkt, *nextpkt; - int i; + MEMPACKET *thispkt = NULL, *looppkt, *nextpkt, *allpkts[3]; + int i, duprec = ctx->duprec > 0; + const unsigned char *inu = (const unsigned char *)in; + size_t len = ((inu[RECORD_LEN_HI] << 8) | inu[RECORD_LEN_LO]) + + DTLS1_RT_HEADER_LENGTH; if (ctx == NULL) return -1; + if ((size_t)inl < len) + return -1; + + if ((size_t)inl == len) + duprec = 0; + + /* We don't support arbitrary injection when duplicating records */ + if (duprec && pktnum != -1) + return -1; + /* We only allow injection before we've started writing any data */ if (pktnum >= 0) { if (ctx->noinject) return -1; + ctx->injected = 1; } else { ctx->noinject = 1; } - thispkt = OPENSSL_malloc(sizeof(MEMPACKET)); - if (thispkt == NULL) - return -1; + for (i = 0; i < (duprec ? 3 : 1); i++) { + if (!TEST_ptr(allpkts[i] = OPENSSL_malloc(sizeof(*thispkt)))) + goto err; + thispkt = allpkts[i]; - thispkt->data = OPENSSL_malloc(inl); - if (thispkt->data == NULL) { - mempacket_free(thispkt); - return -1; + if (!TEST_ptr(thispkt->data = OPENSSL_malloc(inl))) + goto err; + /* + * If we are duplicating the packet, we duplicate it three times. The + * first two times we drop the first record if there are more than one. + * In this way we know that libssl will not be able to make progress + * until it receives the last packet, and hence will be forced to + * buffer these records. + */ + if (duprec && i != 2) { + memcpy(thispkt->data, in + len, inl - len); + thispkt->len = inl - len; + } else { + memcpy(thispkt->data, in, inl); + thispkt->len = inl; + } + thispkt->num = (pktnum >= 0) ? (unsigned int)pktnum : ctx->lastpkt + i; + thispkt->type = type; } - memcpy(thispkt->data, in, inl); - thispkt->len = inl; - thispkt->num = (pktnum >= 0) ? (unsigned int)pktnum : ctx->lastpkt; - thispkt->type = type; - for(i = 0; (looppkt = sk_MEMPACKET_value(ctx->pkts, i)) != NULL; i++) { /* Check if we found the right place to insert this packet */ if (looppkt->num > thispkt->num) { - if (sk_MEMPACKET_insert(ctx->pkts, thispkt, i) == 0) { - mempacket_free(thispkt); - return -1; - } + if (sk_MEMPACKET_insert(ctx->pkts, thispkt, i) == 0) + goto err; /* If we're doing up front injection then we're done */ if (pktnum >= 0) return inl; @@ -443,10 +502,10 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, else return inl; } while(1); - } else if(looppkt->num == thispkt->num) { + } else if (looppkt->num == thispkt->num) { if (!ctx->noinject) { /* We injected two packets with the same packet number! */ - return -1; + goto err; } ctx->lastpkt++; thispkt->num++; @@ -456,15 +515,21 @@ int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, * We didn't find any packets with a packet number equal to or greater than * this one, so we just add it onto the end */ - if (!sk_MEMPACKET_push(ctx->pkts, thispkt)) { - mempacket_free(thispkt); - return -1; - } + for (i = 0; i < (duprec ? 3 : 1); i++) { + thispkt = allpkts[i]; + if (!sk_MEMPACKET_push(ctx->pkts, thispkt)) + goto err; - if (pktnum < 0) - ctx->lastpkt++; + if (pktnum < 0) + ctx->lastpkt++; + } return inl; + + err: + for (i = 0; i < (ctx->duprec > 0 ? 3 : 1); i++) + mempacket_free(allpkts[i]); + return -1; } static int mempacket_test_write(BIO *bio, const char *in, int inl) @@ -501,6 +566,18 @@ static long mempacket_test_ctrl(BIO *bio, int cmd, long num, void *ptr) case BIO_CTRL_FLUSH: ret = 1; break; + case MEMPACKET_CTRL_SET_DROP_EPOCH: + ctx->dropepoch = (unsigned int)num; + break; + case MEMPACKET_CTRL_SET_DROP_REC: + ctx->droprec = (int)num; + break; + case MEMPACKET_CTRL_GET_DROP_REC: + ret = ctx->droprec; + break; + case MEMPACKET_CTRL_SET_DUPLICATE_REC: + ctx->duprec = (int)num; + break; case BIO_CTRL_RESET: case BIO_CTRL_DUP: case BIO_CTRL_PUSH: @@ -531,50 +608,34 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, SSL_CTX *serverctx = NULL; SSL_CTX *clientctx = NULL; - serverctx = SSL_CTX_new(sm); - if (cctx != NULL) - clientctx = SSL_CTX_new(cm); - if (serverctx == NULL || (cctx != NULL && clientctx == NULL)) { - printf("Failed to create SSL_CTX\n"); + if (!TEST_ptr(serverctx = SSL_CTX_new(sm)) + || (cctx != NULL && !TEST_ptr(clientctx = SSL_CTX_new(cm)))) goto err; - } - if (min_proto_version > 0 - && !SSL_CTX_set_min_proto_version(serverctx, min_proto_version)) { - printf("Unable to set server min protocol versions\n"); + if ((min_proto_version > 0 + && !TEST_true(SSL_CTX_set_min_proto_version(serverctx, + min_proto_version))) + || (max_proto_version > 0 + && !TEST_true(SSL_CTX_set_max_proto_version(serverctx, + max_proto_version)))) goto err; - } - if (max_proto_version > 0 - && !SSL_CTX_set_max_proto_version(serverctx, max_proto_version)) { - printf("Unable to set server max protocol versions\n"); + if (clientctx != NULL + && ((min_proto_version > 0 + && !TEST_true(SSL_CTX_set_min_proto_version(clientctx, + min_proto_version))) + || (max_proto_version > 0 + && !TEST_true(SSL_CTX_set_max_proto_version(clientctx, + max_proto_version))))) goto err; - } - if (clientctx != NULL) { - if (min_proto_version > 0 - && !SSL_CTX_set_max_proto_version(clientctx, max_proto_version)) { - printf("Unable to set client max protocol versions\n"); - goto err; - } - if (max_proto_version > 0 - && !SSL_CTX_set_min_proto_version(clientctx, min_proto_version)) { - printf("Unable to set client min protocol versions\n"); + if (certfile != NULL && privkeyfile != NULL) { + if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, + privkeyfile, + SSL_FILETYPE_PEM), 1) + || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) goto err; - } - } - - if (SSL_CTX_use_certificate_file(serverctx, certfile, - SSL_FILETYPE_PEM) <= 0) { - printf("Failed to load server certificate\n"); - goto err; - } - if (SSL_CTX_use_PrivateKey_file(serverctx, privkeyfile, - SSL_FILETYPE_PEM) <= 0) { - printf("Failed to load server private key\n"); - } - if (SSL_CTX_check_private_key(serverctx) <= 0) { - printf("Failed to check private key\n"); - goto err; } #ifndef OPENSSL_NO_DH @@ -584,15 +645,15 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, *sctx = serverctx; if (cctx != NULL) *cctx = clientctx; - return 1; + err: SSL_CTX_free(serverctx); SSL_CTX_free(clientctx); return 0; } -#define MAXLOOPS 100000 +#define MAXLOOPS 1000000 /* * NOTE: Transfers control of the BIOs - this function will free them on error @@ -600,62 +661,46 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, SSL **cssl, BIO *s_to_c_fbio, BIO *c_to_s_fbio) { - SSL *serverssl, *clientssl; + SSL *serverssl = NULL, *clientssl = NULL; BIO *s_to_c_bio = NULL, *c_to_s_bio = NULL; - if (*sssl == NULL) - serverssl = SSL_new(serverctx); - else + if (*sssl != NULL) serverssl = *sssl; - if (*cssl == NULL) - clientssl = SSL_new(clientctx); - else + else if (!TEST_ptr(serverssl = SSL_new(serverctx))) + goto error; + if (*cssl != NULL) clientssl = *cssl; - - if (serverssl == NULL || clientssl == NULL) { - printf("Failed to create SSL object\n"); + else if (!TEST_ptr(clientssl = SSL_new(clientctx))) goto error; - } if (SSL_is_dtls(clientssl)) { - s_to_c_bio = BIO_new(bio_s_mempacket_test()); - c_to_s_bio = BIO_new(bio_s_mempacket_test()); + if (!TEST_ptr(s_to_c_bio = BIO_new(bio_s_mempacket_test())) + || !TEST_ptr(c_to_s_bio = BIO_new(bio_s_mempacket_test()))) + goto error; } else { - s_to_c_bio = BIO_new(BIO_s_mem()); - c_to_s_bio = BIO_new(BIO_s_mem()); - } - if (s_to_c_bio == NULL || c_to_s_bio == NULL) { - printf("Failed to create mem BIOs\n"); - goto error; + if (!TEST_ptr(s_to_c_bio = BIO_new(BIO_s_mem())) + || !TEST_ptr(c_to_s_bio = BIO_new(BIO_s_mem()))) + goto error; } - if (s_to_c_fbio != NULL) - s_to_c_bio = BIO_push(s_to_c_fbio, s_to_c_bio); - if (c_to_s_fbio != NULL) - c_to_s_bio = BIO_push(c_to_s_fbio, c_to_s_bio); - if (s_to_c_bio == NULL || c_to_s_bio == NULL) { - printf("Failed to create chained BIOs\n"); + if (s_to_c_fbio != NULL + && !TEST_ptr(s_to_c_bio = BIO_push(s_to_c_fbio, s_to_c_bio))) + goto error; + if (c_to_s_fbio != NULL + && !TEST_ptr(c_to_s_bio = BIO_push(c_to_s_fbio, c_to_s_bio))) goto error; - } /* Set Non-blocking IO behaviour */ BIO_set_mem_eof_return(s_to_c_bio, -1); BIO_set_mem_eof_return(c_to_s_bio, -1); /* Up ref these as we are passing them to two SSL objects */ + SSL_set_bio(serverssl, c_to_s_bio, s_to_c_bio); BIO_up_ref(s_to_c_bio); BIO_up_ref(c_to_s_bio); - - SSL_set_bio(serverssl, c_to_s_bio, s_to_c_bio); SSL_set_bio(clientssl, s_to_c_bio, c_to_s_bio); - - /* BIOs will now be freed when SSL objects are freed */ - s_to_c_bio = c_to_s_bio = NULL; - s_to_c_fbio = c_to_s_fbio = NULL; - *sssl = serverssl; *cssl = clientssl; - return 1; error: @@ -669,10 +714,15 @@ int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, return 0; } -int create_ssl_connection(SSL *serverssl, SSL *clientssl) +/* + * Create an SSL connection, but does not ready any post-handshake + * NewSessionTicket messages. + */ +int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want) { int retc = -1, rets = -1, err, abortctr = 0; int clienterr = 0, servererr = 0; + int isdtls = SSL_is_dtls(serverssl); do { err = SSL_ERROR_WANT_WRITE; @@ -683,9 +733,11 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl) } if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) { - printf("SSL_connect() failed %d, %d\n", retc, err); + TEST_info("SSL_connect() failed %d, %d", retc, err); clienterr = 1; } + if (want != SSL_ERROR_NONE && err == want) + return 0; err = SSL_ERROR_WANT_WRITE; while (!servererr && rets <= 0 && err == SSL_ERROR_WANT_WRITE) { @@ -694,17 +746,74 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl) err = SSL_get_error(serverssl, rets); } - if (!servererr && rets <= 0 && err != SSL_ERROR_WANT_READ) { - printf("SSL_accept() failed %d, %d\n", retc, err); + if (!servererr && rets <= 0 + && err != SSL_ERROR_WANT_READ + && err != SSL_ERROR_WANT_X509_LOOKUP) { + TEST_info("SSL_accept() failed %d, %d", rets, err); servererr = 1; } + if (want != SSL_ERROR_NONE && err == want) + return 0; if (clienterr && servererr) return 0; + if (isdtls) { + if (rets > 0 && retc <= 0) + DTLSv1_handle_timeout(serverssl); + if (retc > 0 && rets <= 0) + DTLSv1_handle_timeout(clientssl); + } if (++abortctr == MAXLOOPS) { - printf("No progress made\n"); + TEST_info("No progress made"); return 0; } + if (isdtls && abortctr <= 50 && (abortctr % 10) == 0) { + /* + * It looks like we're just spinning. Pause for a short period to + * give the DTLS timer a chance to do something. We only do this for + * the first few times to prevent hangs. + */ + ossl_sleep(50); + } } while (retc <=0 || rets <= 0); return 1; } + +/* + * Create an SSL connection including any post handshake NewSessionTicket + * messages. + */ +int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want) +{ + int i; + unsigned char buf; + size_t readbytes; + + if (!create_bare_ssl_connection(serverssl, clientssl, want)) + return 0; + + /* + * We attempt to read some data on the client side which we expect to fail. + * This will ensure we have received the NewSessionTicket in TLSv1.3 where + * appropriate. We do this twice because there are 2 NewSesionTickets. + */ + for (i = 0; i < 2; i++) { + if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) { + if (!TEST_ulong_eq(readbytes, 0)) + return 0; + } else if (!TEST_int_eq(SSL_get_error(clientssl, 0), + SSL_ERROR_WANT_READ)) { + return 0; + } + } + + return 1; +} + +void shutdown_ssl_connection(SSL *serverssl, SSL *clientssl) +{ + SSL_shutdown(clientssl); + SSL_shutdown(serverssl); + SSL_free(serverssl); + SSL_free(clientssl); +} diff --git a/deps/openssl/openssl/test/ssltestlib.h b/deps/openssl/openssl/test/ssltestlib.h index 5e8ea6e00e..27b040c3cf 100644 --- a/deps/openssl/openssl/test/ssltestlib.h +++ b/deps/openssl/openssl/test/ssltestlib.h @@ -18,7 +18,9 @@ int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, char *privkeyfile); int create_ssl_objects(SSL_CTX *serverctx, SSL_CTX *clientctx, SSL **sssl, SSL **cssl, BIO *s_to_c_fbio, BIO *c_to_s_fbio); -int create_ssl_connection(SSL *serverssl, SSL *clientssl); +int create_bare_ssl_connection(SSL *serverssl, SSL *clientssl, int want); +int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want); +void shutdown_ssl_connection(SSL *serverssl, SSL *clientssl); /* Note: Not thread safe! */ const BIO_METHOD *bio_f_tls_dump_filter(void); @@ -31,6 +33,15 @@ void bio_s_mempacket_test_free(void); #define INJECT_PACKET 1 #define INJECT_PACKET_IGNORE_REC_SEQ 2 +/* + * Mempacket BIO ctrls. We make them large enough to not clash with standard BIO + * ctrl codes. + */ +#define MEMPACKET_CTRL_SET_DROP_EPOCH (1 << 15) +#define MEMPACKET_CTRL_SET_DROP_REC (2 << 15) +#define MEMPACKET_CTRL_GET_DROP_REC (3 << 15) +#define MEMPACKET_CTRL_SET_DUPLICATE_REC (4 << 15) + int mempacket_test_inject(BIO *bio, const char *in, int inl, int pktnum, int type); diff --git a/deps/openssl/openssl/test/sysdefault.cnf b/deps/openssl/openssl/test/sysdefault.cnf new file mode 100644 index 0000000000..5473d837c1 --- /dev/null +++ b/deps/openssl/openssl/test/sysdefault.cnf @@ -0,0 +1,15 @@ +# Configuration file to test system default SSL configuration + +openssl_conf = default_conf + +[ default_conf ] + +ssl_conf = ssl_sect + +[ssl_sect] + +system_default = ssl_default_sect + +[ssl_default_sect] +MaxProtocol = TLSv1.2 +MinProtocol = TLSv1.2 diff --git a/deps/openssl/openssl/test/testutil.c b/deps/openssl/openssl/test/testutil.c deleted file mode 100644 index a16ef0fa07..0000000000 --- a/deps/openssl/openssl/test/testutil.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include "testutil.h" - -#include <assert.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include "e_os.h" - -/* - * Declares the structures needed to register each test case function. - */ -typedef struct test_info { - const char *test_case_name; - int (*test_fn) (); - int (*param_test_fn)(int idx); - int num; -} TEST_INFO; - -static TEST_INFO all_tests[1024]; -static int num_tests = 0; -/* - * A parameterised tests runs a loop of test cases. - * |num_test_cases| counts the total number of test cases - * across all tests. - */ -static int num_test_cases = 0; - -void add_test(const char *test_case_name, int (*test_fn) ()) -{ - assert(num_tests != OSSL_NELEM(all_tests)); - all_tests[num_tests].test_case_name = test_case_name; - all_tests[num_tests].test_fn = test_fn; - all_tests[num_tests].num = -1; - ++num_test_cases; - ++num_tests; -} - -void add_all_tests(const char *test_case_name, int(*test_fn)(int idx), - int num) -{ - assert(num_tests != OSSL_NELEM(all_tests)); - all_tests[num_tests].test_case_name = test_case_name; - all_tests[num_tests].param_test_fn = test_fn; - all_tests[num_tests].num = num; - ++num_tests; - num_test_cases += num; -} - -int run_tests(const char *test_prog_name) -{ - int num_failed = 0; - - int i, j; - - printf("%s: %d test case%s\n", test_prog_name, num_test_cases, - num_test_cases == 1 ? "" : "s"); - - for (i = 0; i != num_tests; ++i) { - if (all_tests[i].num == -1) { - if (!all_tests[i].test_fn()) { - printf("** %s failed **\n--------\n", - all_tests[i].test_case_name); - ++num_failed; - } - } else { - for (j = 0; j < all_tests[i].num; j++) { - if (!all_tests[i].param_test_fn(j)) { - printf("** %s failed test %d\n--------\n", - all_tests[i].test_case_name, j); - ++num_failed; - } - } - } - } - - if (num_failed != 0) { - printf("%s: %d test%s failed (out of %d)\n", test_prog_name, - num_failed, num_failed != 1 ? "s" : "", num_test_cases); - return EXIT_FAILURE; - } - printf(" All tests passed.\n"); - return EXIT_SUCCESS; -} - -static const char *print_string_maybe_null(const char *s) -{ - return s == NULL ? "(NULL)" : s; -} - -int strings_equal(const char *desc, const char *s1, const char *s2) -{ - if (s1 == NULL && s2 == NULL) - return 1; - if (s1 == NULL || s2 == NULL || strcmp(s1, s2) != 0) { - fprintf(stderr, "%s mismatch: %s vs %s\n", desc, print_string_maybe_null(s1), - print_string_maybe_null(s2)); - return 0; - } - return 1; -} diff --git a/deps/openssl/openssl/test/testutil.h b/deps/openssl/openssl/test/testutil.h index aaaee2780e..6391905647 100644 --- a/deps/openssl/openssl/test/testutil.h +++ b/deps/openssl/openssl/test/testutil.h @@ -1,5 +1,5 @@ /* - * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,20 +10,68 @@ #ifndef HEADER_TESTUTIL_H # define HEADER_TESTUTIL_H +#include <stdarg.h> + #include <openssl/err.h> +#include <openssl/e_os2.h> +#include <openssl/bn.h> /*- + * Simple unit tests should implement setup_tests(). + * This function should return zero if the registration process fails. + * To register tests, call ADD_TEST or ADD_ALL_TESTS: + * + * int setup_tests(void) + * { + * ADD_TEST(test_foo); + * ADD_ALL_TESTS(test_bar, num_test_bar); + * return 1; + * } + * + * Tests that require clean up after execution should implement: + * + * void cleanup_tests(void); + * + * The cleanup_tests function will be called even if setup_tests() + * returns failure. + * + * In some cases, early initialization before the framework is set up + * may be needed. In such a case, this should be implemented: + * + * int global_init(void); + * + * This function should return zero if there is an unrecoverable error and + * non-zero if the initialization was successful. + */ + +/* Adds a simple test case. */ +# define ADD_TEST(test_function) add_test(#test_function, test_function) + +/* + * Simple parameterized tests. Calls test_function(idx) for each 0 <= idx < num. + */ +# define ADD_ALL_TESTS(test_function, num) \ + add_all_tests(#test_function, test_function, num, 1) +/* + * A variant of the same without TAP output. + */ +# define ADD_ALL_TESTS_NOSUBTEST(test_function, num) \ + add_all_tests(#test_function, test_function, num, 0) + +/*- + * Test cases that share common setup should use the helper * SETUP_TEST_FIXTURE and EXECUTE_TEST macros for test case functions. * * SETUP_TEST_FIXTURE will call set_up() to create a new TEST_FIXTURE_TYPE * object called "fixture". It will also allocate the "result" variable used * by EXECUTE_TEST. set_up() should take a const char* specifying the test - * case name and return a TEST_FIXTURE_TYPE by value. + * case name and return a TEST_FIXTURE_TYPE by reference. * - * EXECUTE_TEST will pass fixture to execute_func() by value, call + * EXECUTE_TEST will pass fixture to execute_func() by reference, call * tear_down(), and return the result of execute_func(). execute_func() should - * take a TEST_FIXTURE_TYPE by value and return 1 on success and 0 on - * failure. + * take a TEST_FIXTURE_TYPE by reference and return 1 on success and 0 on + * failure. The tear_down function is responsible for deallocation of the + * result variable, if required. * * Unit tests can define their own SETUP_TEST_FIXTURE and EXECUTE_TEST * variations like so: @@ -44,13 +92,14 @@ * } */ # define SETUP_TEST_FIXTURE(TEST_FIXTURE_TYPE, set_up)\ - TEST_FIXTURE_TYPE fixture = set_up(TEST_CASE_NAME); \ + TEST_FIXTURE_TYPE *fixture = set_up(TEST_CASE_NAME); \ int result = 0 # define EXECUTE_TEST(execute_func, tear_down)\ + if (fixture != NULL) {\ result = execute_func(fixture);\ tear_down(fixture);\ - return result + } /* * TEST_CASE_NAME is defined as the name of the test case function where @@ -69,43 +118,340 @@ # endif /* __STDC_VERSION__ */ /* - * In main(), call ADD_TEST to register each test case function, then call - * run_tests() to execute all tests and report the results. The result - * returned from run_tests() should be used as the return value for main(). + * Tests that need access to command line arguments should use the functions: + * test_get_argument(int n) to get the nth argument, the first argument is + * argument 0. This function returns NULL on error. + * test_get_argument_count() to get the count of the arguments. + * test_has_option(const char *) to check if the specified option was passed. + * test_get_option_argument(const char *) to get an option which includes an + * argument. NULL is returns if the option is not found. + * const char *test_get_program_name(void) returns the name of the test program + * being executed. */ -# define ADD_TEST(test_function) add_test(#test_function, test_function) +const char *test_get_program_name(void); +char *test_get_argument(size_t n); +size_t test_get_argument_count(void); +int test_has_option(const char *option); +const char *test_get_option_argument(const char *option); /* - * Simple parameterized tests. Adds a test_function(idx) test for each - * 0 <= idx < num. + * Internal helpers. Test programs shouldn't use these directly, but should + * rather link to one of the helper main() methods. */ -# define ADD_ALL_TESTS(test_function, num) \ - add_all_tests(#test_function, test_function, num) -void add_test(const char *test_case_name, int (*test_fn) ()); -void add_all_tests(const char *test_case_name, int (*test_fn)(int idx), int num); -int run_tests(const char *test_prog_name); +void add_test(const char *test_case_name, int (*test_fn) (void)); +void add_all_tests(const char *test_case_name, int (*test_fn)(int idx), int num, + int subtest); + +/* + * Declarations for user defined functions. + * The first two return a boolean indicating that the test should not proceed. + */ +int global_init(void); +int setup_tests(void); +void cleanup_tests(void); /* * Test assumption verification helpers. */ +#define PRINTF_FORMAT(a, b) +#if defined(__GNUC__) && defined(__STDC_VERSION__) + /* + * Because we support the 'z' modifier, which made its appearance in C99, + * we can't use __attribute__ with pre C99 dialects. + */ +# if __STDC_VERSION__ >= 199901L +# undef PRINTF_FORMAT +# define PRINTF_FORMAT(a, b) __attribute__ ((format(printf, a, b))) +# endif +#endif + +# define DECLARE_COMPARISON(type, name, opname) \ + int test_ ## name ## _ ## opname(const char *, int, \ + const char *, const char *, \ + const type, const type); + +# define DECLARE_COMPARISONS(type, name) \ + DECLARE_COMPARISON(type, name, eq) \ + DECLARE_COMPARISON(type, name, ne) \ + DECLARE_COMPARISON(type, name, lt) \ + DECLARE_COMPARISON(type, name, le) \ + DECLARE_COMPARISON(type, name, gt) \ + DECLARE_COMPARISON(type, name, ge) + +DECLARE_COMPARISONS(int, int) +DECLARE_COMPARISONS(unsigned int, uint) +DECLARE_COMPARISONS(char, char) +DECLARE_COMPARISONS(unsigned char, uchar) +DECLARE_COMPARISONS(long, long) +DECLARE_COMPARISONS(unsigned long, ulong) +DECLARE_COMPARISONS(time_t, time_t) /* - * Returns 1 if |s1| and |s2| are both NULL or equal. - * Otherwise, returns 0 and pretty-prints diagnostics using |desc|. + * Because this comparison uses a printf format specifier that's not + * universally known (yet), we provide an option to not have it declared. */ -int strings_equal(const char *desc, const char *s1, const char *s2); -#endif /* HEADER_TESTUTIL_H */ +# ifndef TESTUTIL_NO_size_t_COMPARISON +DECLARE_COMPARISONS(size_t, size_t) +# endif + +/* + * Pointer comparisons against other pointers and null. + * These functions return 1 if the test is true. + * Otherwise, they return 0 and pretty-print diagnostics. + * These should not be called directly, use the TEST_xxx macros below instead. + */ +DECLARE_COMPARISON(void *, ptr, eq) +DECLARE_COMPARISON(void *, ptr, ne) +int test_ptr(const char *file, int line, const char *s, const void *p); +int test_ptr_null(const char *file, int line, const char *s, const void *p); + +/* + * Equality tests for strings where NULL is a legitimate value. + * These calls return 1 if the two passed strings compare true. + * Otherwise, they return 0 and pretty-print diagnostics. + * These should not be called directly, use the TEST_xxx macros below instead. + */ +DECLARE_COMPARISON(char *, str, eq) +DECLARE_COMPARISON(char *, str, ne) + +/* + * Same as above, but for strncmp. + */ +int test_strn_eq(const char *file, int line, const char *, const char *, + const char *a, const char *b, size_t s); +int test_strn_ne(const char *file, int line, const char *, const char *, + const char *a, const char *b, size_t s); + +/* + * Equality test for memory blocks where NULL is a legitimate value. + * These calls return 1 if the two memory blocks compare true. + * Otherwise, they return 0 and pretty-print diagnostics. + * These should not be called directly, use the TEST_xxx macros below instead. + */ +int test_mem_eq(const char *, int, const char *, const char *, + const void *, size_t, const void *, size_t); +int test_mem_ne(const char *, int, const char *, const char *, + const void *, size_t, const void *, size_t); + +/* + * Check a boolean result for being true or false. + * They return 1 if the condition is true (i.e. the value is non-zero). + * Otherwise, they return 0 and pretty-prints diagnostics using |s|. + * These should not be called directly, use the TEST_xxx macros below instead. + */ +int test_true(const char *file, int line, const char *s, int b); +int test_false(const char *file, int line, const char *s, int b); + +/* + * Comparisons between BIGNUMs. + * BIGNUMS can be compared against other BIGNUMs or zero. + * Some additional equality tests against 1 & specific values are provided. + * Tests for parity are included as well. + */ +DECLARE_COMPARISONS(BIGNUM *, BN) +int test_BN_eq_zero(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_ne_zero(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_lt_zero(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_le_zero(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_gt_zero(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_ge_zero(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_eq_one(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_odd(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_even(const char *file, int line, const char *s, const BIGNUM *a); +int test_BN_eq_word(const char *file, int line, const char *bns, const char *ws, + const BIGNUM *a, BN_ULONG w); +int test_BN_abs_eq_word(const char *file, int line, const char *bns, + const char *ws, const BIGNUM *a, BN_ULONG w); /* - * For "impossible" conditions such as malloc failures or bugs in test code, - * where continuing the test would be meaningless. Note that OPENSSL_assert - * is fatal, and is never compiled out. + * Pretty print a failure message. + * These should not be called directly, use the TEST_xxx macros below instead. */ -#define TEST_check(condition) \ - do { \ - if (!(condition)) { \ - ERR_print_errors_fp(stderr); \ - OPENSSL_assert(!#condition); \ - } \ - } while (0); +void test_error(const char *file, int line, const char *desc, ...) + PRINTF_FORMAT(3, 4); +void test_error_c90(const char *desc, ...) PRINTF_FORMAT(1, 2); +void test_info(const char *file, int line, const char *desc, ...) + PRINTF_FORMAT(3, 4); +void test_info_c90(const char *desc, ...) PRINTF_FORMAT(1, 2); +void test_note(const char *desc, ...) PRINTF_FORMAT(1, 2); +void test_openssl_errors(void); +void test_perror(const char *s); + +/* + * The following macros provide wrapper calls to the test functions with + * a default description that indicates the file and line number of the error. + * + * The following macros guarantee to evaluate each argument exactly once. + * This allows constructs such as: if (!TEST_ptr(ptr = OPENSSL_malloc(..))) + * to produce better contextual output than: + * ptr = OPENSSL_malloc(..); + * if (!TEST_ptr(ptr)) + */ +# define TEST_int_eq(a, b) test_int_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_int_ne(a, b) test_int_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_int_lt(a, b) test_int_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_int_le(a, b) test_int_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_int_gt(a, b) test_int_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_int_ge(a, b) test_int_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_uint_eq(a, b) test_uint_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uint_ne(a, b) test_uint_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uint_lt(a, b) test_uint_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uint_le(a, b) test_uint_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uint_gt(a, b) test_uint_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uint_ge(a, b) test_uint_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_char_eq(a, b) test_char_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_char_ne(a, b) test_char_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_char_lt(a, b) test_char_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_char_le(a, b) test_char_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_char_gt(a, b) test_char_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_char_ge(a, b) test_char_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_uchar_eq(a, b) test_uchar_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uchar_ne(a, b) test_uchar_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uchar_lt(a, b) test_uchar_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uchar_le(a, b) test_uchar_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uchar_gt(a, b) test_uchar_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_uchar_ge(a, b) test_uchar_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_long_eq(a, b) test_long_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_long_ne(a, b) test_long_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_long_lt(a, b) test_long_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_long_le(a, b) test_long_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_long_gt(a, b) test_long_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_long_ge(a, b) test_long_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_ulong_eq(a, b) test_ulong_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ulong_ne(a, b) test_ulong_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ulong_lt(a, b) test_ulong_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ulong_le(a, b) test_ulong_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ulong_gt(a, b) test_ulong_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ulong_ge(a, b) test_ulong_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_size_t_eq(a, b) test_size_t_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_size_t_ne(a, b) test_size_t_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_size_t_lt(a, b) test_size_t_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_size_t_le(a, b) test_size_t_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_size_t_gt(a, b) test_size_t_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_size_t_ge(a, b) test_size_t_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_time_t_eq(a, b) test_time_t_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_time_t_ne(a, b) test_time_t_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_time_t_lt(a, b) test_time_t_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_time_t_le(a, b) test_time_t_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_time_t_gt(a, b) test_time_t_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_time_t_ge(a, b) test_time_t_ge(__FILE__, __LINE__, #a, #b, a, b) + +# define TEST_ptr_eq(a, b) test_ptr_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ptr_ne(a, b) test_ptr_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_ptr(a) test_ptr(__FILE__, __LINE__, #a, a) +# define TEST_ptr_null(a) test_ptr_null(__FILE__, __LINE__, #a, a) + +# define TEST_str_eq(a, b) test_str_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_str_ne(a, b) test_str_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_strn_eq(a, b, n) test_strn_eq(__FILE__, __LINE__, #a, #b, a, b, n) +# define TEST_strn_ne(a, b, n) test_strn_ne(__FILE__, __LINE__, #a, #b, a, b, n) + +# define TEST_mem_eq(a, m, b, n) test_mem_eq(__FILE__, __LINE__, #a, #b, a, m, b, n) +# define TEST_mem_ne(a, m, b, n) test_mem_ne(__FILE__, __LINE__, #a, #b, a, m, b, n) + +# define TEST_true(a) test_true(__FILE__, __LINE__, #a, (a) != 0) +# define TEST_false(a) test_false(__FILE__, __LINE__, #a, (a) != 0) + +# define TEST_BN_eq(a, b) test_BN_eq(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_BN_ne(a, b) test_BN_ne(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_BN_lt(a, b) test_BN_lt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_BN_gt(a, b) test_BN_gt(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_BN_le(a, b) test_BN_le(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_BN_ge(a, b) test_BN_ge(__FILE__, __LINE__, #a, #b, a, b) +# define TEST_BN_eq_zero(a) test_BN_eq_zero(__FILE__, __LINE__, #a, a) +# define TEST_BN_ne_zero(a) test_BN_ne_zero(__FILE__, __LINE__, #a, a) +# define TEST_BN_lt_zero(a) test_BN_lt_zero(__FILE__, __LINE__, #a, a) +# define TEST_BN_gt_zero(a) test_BN_gt_zero(__FILE__, __LINE__, #a, a) +# define TEST_BN_le_zero(a) test_BN_le_zero(__FILE__, __LINE__, #a, a) +# define TEST_BN_ge_zero(a) test_BN_ge_zero(__FILE__, __LINE__, #a, a) +# define TEST_BN_eq_one(a) test_BN_eq_one(__FILE__, __LINE__, #a, a) +# define TEST_BN_eq_word(a, w) test_BN_eq_word(__FILE__, __LINE__, #a, #w, a, w) +# define TEST_BN_abs_eq_word(a, w) test_BN_abs_eq_word(__FILE__, __LINE__, #a, #w, a, w) +# define TEST_BN_odd(a) test_BN_odd(__FILE__, __LINE__, #a, a) +# define TEST_BN_even(a) test_BN_even(__FILE__, __LINE__, #a, a) + +/* + * TEST_error(desc, ...) prints an informative error message in the standard + * format. |desc| is a printf format string. + */ +# if !defined(__STDC_VERSION__) || __STDC_VERSION__ < 199901L +# define TEST_error test_error_c90 +# define TEST_info test_info_c90 +# else +# define TEST_error(...) test_error(__FILE__, __LINE__, __VA_ARGS__) +# define TEST_info(...) test_info(__FILE__, __LINE__, __VA_ARGS__) +# endif +# define TEST_note test_note +# define TEST_openssl_errors test_openssl_errors +# define TEST_perror test_perror + +extern BIO *bio_out; +extern BIO *bio_err; + +/* + * Formatted output for strings, memory and bignums. + */ +void test_output_string(const char *name, const char *m, size_t l); +void test_output_bignum(const char *name, const BIGNUM *bn); +void test_output_memory(const char *name, const unsigned char *m, size_t l); + + +/* + * Utilities to parse a test file. + */ +#define TESTMAXPAIRS 20 + +typedef struct pair_st { + char *key; + char *value; +} PAIR; + +typedef struct stanza_st { + const char *test_file; /* Input file name */ + BIO *fp; /* Input file */ + int curr; /* Current line in file */ + int start; /* Line where test starts */ + int errors; /* Error count */ + int numtests; /* Number of tests */ + int numskip; /* Number of skipped tests */ + int numpairs; + PAIR pairs[TESTMAXPAIRS]; + BIO *key; /* temp memory BIO for reading in keys */ + char buff[4096]; /* Input buffer for a single key/value */ +} STANZA; + +/* + * Prepare to start reading the file |testfile| as input. + */ +int test_start_file(STANZA *s, const char *testfile); +int test_end_file(STANZA *s); + +/* + * Read a stanza from the test file. A stanza consists of a block + * of lines of the form + * key = value + * The block is terminated by EOF or a blank line. + * Return 1 if found, 0 on EOF or error. + */ +int test_readstanza(STANZA *s); + +/* + * Clear a stanza, release all allocated memory. + */ +void test_clearstanza(STANZA *s); + +/* + * Glue an array of strings together and return it as an allocated string. + * Optionally return the whole length of this string in |out_len| + */ +char *glue_strings(const char *list[], size_t *out_len); + +#endif /* HEADER_TESTUTIL_H */ diff --git a/deps/openssl/openssl/test/testutil/basic_output.c b/deps/openssl/openssl/test/testutil/basic_output.c new file mode 100644 index 0000000000..e442da864a --- /dev/null +++ b/deps/openssl/openssl/test/testutil/basic_output.c @@ -0,0 +1,58 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "../testutil.h" +#include "output.h" +#include "tu_local.h" + +#include <openssl/crypto.h> +#include <openssl/bio.h> + +BIO *bio_out = NULL; +BIO *bio_err = NULL; + +void test_open_streams(void) +{ + bio_out = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT); + bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); +#ifdef __VMS + bio_out = BIO_push(BIO_new(BIO_f_linebuffer()), bio_out); + bio_err = BIO_push(BIO_new(BIO_f_linebuffer()), bio_err); +#endif + bio_err = BIO_push(BIO_new(BIO_f_tap()), bio_err); + + OPENSSL_assert(bio_out != NULL); + OPENSSL_assert(bio_err != NULL); +} + +void test_close_streams(void) +{ + BIO_free_all(bio_out); + BIO_free_all(bio_err); +} + +int test_vprintf_stdout(const char *fmt, va_list ap) +{ + return BIO_vprintf(bio_out, fmt, ap); +} + +int test_vprintf_stderr(const char *fmt, va_list ap) +{ + return BIO_vprintf(bio_err, fmt, ap); +} + +int test_flush_stdout(void) +{ + return BIO_flush(bio_out); +} + +int test_flush_stderr(void) +{ + return BIO_flush(bio_err); +} diff --git a/deps/openssl/openssl/test/testutil/cb.c b/deps/openssl/openssl/test/testutil/cb.c new file mode 100644 index 0000000000..4f5ba080cc --- /dev/null +++ b/deps/openssl/openssl/test/testutil/cb.c @@ -0,0 +1,16 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "output.h" +#include "tu_local.h" + +int openssl_error_cb(const char *str, size_t len, void *u) +{ + return test_printf_stderr("%s", str); +} diff --git a/deps/openssl/openssl/test/testutil/driver.c b/deps/openssl/openssl/test/testutil/driver.c new file mode 100644 index 0000000000..6e9914c48d --- /dev/null +++ b/deps/openssl/openssl/test/testutil/driver.c @@ -0,0 +1,299 @@ +/* + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "../testutil.h" +#include "output.h" +#include "tu_local.h" + +#include <string.h> +#include <assert.h> + +#include "internal/nelem.h" +#include <openssl/bio.h> + +#ifdef _WIN32 +# define strdup _strdup +#endif + +/* + * Declares the structures needed to register each test case function. + */ +typedef struct test_info { + const char *test_case_name; + int (*test_fn) (void); + int (*param_test_fn)(int idx); + int num; + + /* flags */ + int subtest:1; +} TEST_INFO; + +static TEST_INFO all_tests[1024]; +static int num_tests = 0; +static int seed = 0; +/* + * A parameterised tests runs a loop of test cases. + * |num_test_cases| counts the total number of test cases + * across all tests. + */ +static int num_test_cases = 0; + +void add_test(const char *test_case_name, int (*test_fn) (void)) +{ + assert(num_tests != OSSL_NELEM(all_tests)); + all_tests[num_tests].test_case_name = test_case_name; + all_tests[num_tests].test_fn = test_fn; + all_tests[num_tests].num = -1; + ++num_tests; + ++num_test_cases; +} + +void add_all_tests(const char *test_case_name, int(*test_fn)(int idx), + int num, int subtest) +{ + assert(num_tests != OSSL_NELEM(all_tests)); + all_tests[num_tests].test_case_name = test_case_name; + all_tests[num_tests].param_test_fn = test_fn; + all_tests[num_tests].num = num; + all_tests[num_tests].subtest = subtest; + ++num_tests; + num_test_cases += num; +} + +static int level = 0; + +int subtest_level(void) +{ + return level; +} + +#ifndef OPENSSL_NO_CRYPTO_MDEBUG +static int should_report_leaks(void) +{ + /* + * When compiled with enable-crypto-mdebug, OPENSSL_DEBUG_MEMORY=0 + * can be used to disable leak checking at runtime. + * Note this only works when running the test binary manually; + * the test harness always enables OPENSSL_DEBUG_MEMORY. + */ + char *mem_debug_env = getenv("OPENSSL_DEBUG_MEMORY"); + + return mem_debug_env == NULL + || (strcmp(mem_debug_env, "0") && strcmp(mem_debug_env, "")); +} +#endif + +static int gcd(int a, int b) +{ + while (b != 0) { + int t = b; + b = a % b; + a = t; + } + return a; +} + +void setup_test_framework() +{ + char *TAP_levels = getenv("HARNESS_OSSL_LEVEL"); + char *test_seed = getenv("OPENSSL_TEST_RAND_ORDER"); + + level = TAP_levels != NULL ? 4 * atoi(TAP_levels) : 0; + + if (test_seed != NULL) { + seed = atoi(test_seed); + if (seed <= 0) + seed = (int)time(NULL); + test_printf_stdout("%*s# RAND SEED %d\n", subtest_level(), "", seed); + test_flush_stdout(); + srand(seed); + } + +#ifndef OPENSSL_NO_CRYPTO_MDEBUG + if (should_report_leaks()) { + CRYPTO_set_mem_debug(1); + CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); + } +#endif +} + +int pulldown_test_framework(int ret) +{ + set_test_title(NULL); +#ifndef OPENSSL_NO_CRYPTO_MDEBUG + if (should_report_leaks() + && CRYPTO_mem_leaks_cb(openssl_error_cb, NULL) <= 0) + return EXIT_FAILURE; +#endif + + return ret; +} + +static void finalize(int success) +{ + if (success) + ERR_clear_error(); + else + ERR_print_errors_cb(openssl_error_cb, NULL); +} + +static char *test_title = NULL; + +void set_test_title(const char *title) +{ + free(test_title); + test_title = title == NULL ? NULL : strdup(title); +} + +PRINTF_FORMAT(2, 3) static void test_verdict(int pass, const char *extra, ...) +{ + va_list ap; + + test_flush_stdout(); + test_flush_stderr(); + + test_printf_stdout("%*s%s", level, "", pass ? "ok" : "not ok"); + if (extra != NULL) { + test_printf_stdout(" "); + va_start(ap, extra); + test_vprintf_stdout(extra, ap); + va_end(ap); + } + test_printf_stdout("\n"); + test_flush_stdout(); +} + +int run_tests(const char *test_prog_name) +{ + int num_failed = 0; + int verdict = 1; + int ii, i, jj, j, jstep; + int permute[OSSL_NELEM(all_tests)]; + + if (num_tests < 1) { + test_printf_stdout("%*s1..0 # Skipped: %s\n", level, "", + test_prog_name); + } else { + if (level > 0) + test_printf_stdout("%*s# Subtest: %s\n", level, "", test_prog_name); + test_printf_stdout("%*s1..%d\n", level, "", num_tests); + } + test_flush_stdout(); + + for (i = 0; i < num_tests; i++) + permute[i] = i; + if (seed != 0) + for (i = num_tests - 1; i >= 1; i--) { + j = rand() % (1 + i); + ii = permute[j]; + permute[j] = permute[i]; + permute[i] = ii; + } + + for (ii = 0; ii != num_tests; ++ii) { + i = permute[ii]; + if (all_tests[i].num == -1) { + int ret = 0; + + set_test_title(all_tests[i].test_case_name); + ret = all_tests[i].test_fn(); + + verdict = 1; + if (!ret) { + verdict = 0; + ++num_failed; + } + test_verdict(verdict, "%d - %s", ii + 1, test_title); + finalize(ret); + } else { + int num_failed_inner = 0; + + level += 4; + if (all_tests[i].subtest) { + test_printf_stdout("%*s# Subtest: %s\n", level, "", + all_tests[i].test_case_name); + test_printf_stdout("%*s%d..%d\n", level, "", 1, + all_tests[i].num); + test_flush_stdout(); + } + + j = -1; + if (seed == 0 || all_tests[i].num < 3) + jstep = 1; + else + do + jstep = rand() % all_tests[i].num; + while (jstep == 0 || gcd(all_tests[i].num, jstep) != 1); + + for (jj = 0; jj < all_tests[i].num; jj++) { + int ret; + + j = (j + jstep) % all_tests[i].num; + set_test_title(NULL); + ret = all_tests[i].param_test_fn(j); + + if (!ret) + ++num_failed_inner; + + finalize(ret); + + if (all_tests[i].subtest) { + verdict = 1; + if (!ret) { + verdict = 0; + ++num_failed_inner; + } + if (test_title != NULL) + test_verdict(verdict, "%d - %s", jj + 1, test_title); + else + test_verdict(verdict, "%d - iteration %d", + jj + 1, j + 1); + } + } + + level -= 4; + verdict = 1; + if (num_failed_inner) { + verdict = 0; + ++num_failed; + } + test_verdict(verdict, "%d - %s", ii + 1, + all_tests[i].test_case_name); + } + } + if (num_failed != 0) + return EXIT_FAILURE; + return EXIT_SUCCESS; +} + +/* + * Glue an array of strings together and return it as an allocated string. + * Optionally return the whole length of this string in |out_len| + */ +char *glue_strings(const char *list[], size_t *out_len) +{ + size_t len = 0; + char *p, *ret; + int i; + + for (i = 0; list[i] != NULL; i++) + len += strlen(list[i]); + + if (out_len != NULL) + *out_len = len; + + if (!TEST_ptr(ret = p = OPENSSL_malloc(len + 1))) + return NULL; + + for (i = 0; list[i] != NULL; i++) + p += strlen(strcpy(p, list[i])); + + return ret; +} + diff --git a/deps/openssl/openssl/test/testutil/format_output.c b/deps/openssl/openssl/test/testutil/format_output.c new file mode 100644 index 0000000000..6ee2a1d266 --- /dev/null +++ b/deps/openssl/openssl/test/testutil/format_output.c @@ -0,0 +1,529 @@ +/* + * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "../testutil.h" +#include "output.h" +#include "tu_local.h" + +#include <string.h> +#include <ctype.h> +#include "internal/nelem.h" + +/* The size of memory buffers to display on failure */ +#define MEM_BUFFER_SIZE (2000) +#define MAX_STRING_WIDTH (80) +#define BN_OUTPUT_SIZE (8) + +/* Output a diff header */ +static void test_diff_header(const char *left, const char *right) +{ + test_printf_stderr("--- %s\n", left); + test_printf_stderr("+++ %s\n", right); +} + +/* Formatted string output routines */ +static void test_string_null_empty(const char *m, char c) +{ + if (m == NULL) + test_printf_stderr("% 4s %c NULL\n", "", c); + else + test_printf_stderr("% 4u:%c ''\n", 0u, c); +} + +static void test_fail_string_common(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const char *m1, size_t l1, + const char *m2, size_t l2) +{ + const size_t width = (MAX_STRING_WIDTH - subtest_level() - 12) / 16 * 16; + char b1[MAX_STRING_WIDTH + 1], b2[MAX_STRING_WIDTH + 1]; + char bdiff[MAX_STRING_WIDTH + 1]; + size_t n1, n2, i; + unsigned int cnt = 0, diff; + + test_fail_message_prefix(prefix, file, line, type, left, right, op); + if (m1 == NULL) + l1 = 0; + if (m2 == NULL) + l2 = 0; + if (l1 == 0 && l2 == 0) { + if ((m1 == NULL) == (m2 == NULL)) { + test_string_null_empty(m1, ' '); + } else { + test_diff_header(left, right); + test_string_null_empty(m1, '-'); + test_string_null_empty(m2, '+'); + } + goto fin; + } + + if (l1 != l2 || strcmp(m1, m2) != 0) + test_diff_header(left, right); + + while (l1 > 0 || l2 > 0) { + n1 = n2 = 0; + if (l1 > 0) { + b1[n1 = l1 > width ? width : l1] = 0; + for (i = 0; i < n1; i++) + b1[i] = isprint((unsigned char)m1[i]) ? m1[i] : '.'; + } + if (l2 > 0) { + b2[n2 = l2 > width ? width : l2] = 0; + for (i = 0; i < n2; i++) + b2[i] = isprint((unsigned char)m2[i]) ? m2[i] : '.'; + } + diff = 0; + i = 0; + if (n1 > 0 && n2 > 0) { + const size_t j = n1 < n2 ? n1 : n2; + + for (; i < j; i++) + if (m1[i] == m2[i]) { + bdiff[i] = ' '; + } else { + bdiff[i] = '^'; + diff = 1; + } + bdiff[i] = '\0'; + } + if (n1 == n2 && !diff) { + test_printf_stderr("% 4u: '%s'\n", cnt, n2 > n1 ? b2 : b1); + } else { + if (cnt == 0 && (m1 == NULL || *m1 == '\0')) + test_string_null_empty(m1, '-'); + else if (n1 > 0) + test_printf_stderr("% 4u:- '%s'\n", cnt, b1); + if (cnt == 0 && (m2 == NULL || *m2 == '\0')) + test_string_null_empty(m2, '+'); + else if (n2 > 0) + test_printf_stderr("% 4u:+ '%s'\n", cnt, b2); + if (diff && i > 0) + test_printf_stderr("% 4s %s\n", "", bdiff); + } + m1 += n1; + m2 += n2; + l1 -= n1; + l2 -= n2; + cnt += width; + } +fin: + test_flush_stderr(); +} + +/* + * Wrapper routines so that the underlying code can be shared. + * The first is the call from inside the test utilities when a conditional + * fails. The second is the user's call to dump a string. + */ +void test_fail_string_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const char *m1, size_t l1, + const char *m2, size_t l2) +{ + test_fail_string_common(prefix, file, line, type, left, right, op, + m1, l1, m2, l2); + test_printf_stderr("\n"); +} + +void test_output_string(const char *name, const char *m, size_t l) +{ + test_fail_string_common("string", NULL, 0, NULL, NULL, NULL, name, + m, l, m, l); +} + +/* BIGNUM formatted output routines */ + +/* + * A basic memory byte to hex digit converter with allowance for spacing + * every so often. + */ +static void hex_convert_memory(const unsigned char *m, size_t n, char *b, + size_t width) +{ + size_t i; + + for (i = 0; i < n; i++) { + const unsigned char c = *m++; + + *b++ = "0123456789abcdef"[c >> 4]; + *b++ = "0123456789abcdef"[c & 15]; + if (i % width == width - 1 && i != n - 1) + *b++ = ' '; + } + *b = '\0'; +} + +/* + * Constants to define the number of bytes to display per line and the number + * of characters these take. + */ +static const int bn_bytes = (MAX_STRING_WIDTH - 9) / (BN_OUTPUT_SIZE * 2 + 1) + * BN_OUTPUT_SIZE; +static const int bn_chars = (MAX_STRING_WIDTH - 9) / (BN_OUTPUT_SIZE * 2 + 1) + * (BN_OUTPUT_SIZE * 2 + 1) - 1; + +/* + * Output the header line for the bignum + */ +static void test_bignum_header_line(void) +{ + test_printf_stderr(" %*s\n", bn_chars + 6, "bit position"); +} + +static const char *test_bignum_zero_null(const BIGNUM *bn) +{ + if (bn != NULL) + return BN_is_negative(bn) ? "-0" : "0"; + return "NULL"; +} + +/* + * Print a bignum zero taking care to include the correct sign. + * This routine correctly deals with a NULL bignum pointer as input. + */ +static void test_bignum_zero_print(const BIGNUM *bn, char sep) +{ + const char *v = test_bignum_zero_null(bn); + const char *suf = bn != NULL ? ": 0" : ""; + + test_printf_stderr("%c%*s%s\n", sep, bn_chars, v, suf); +} + +/* + * Convert a section of memory from inside a bignum into a displayable + * string with appropriate visual aid spaces inserted. + */ +static int convert_bn_memory(const unsigned char *in, size_t bytes, + char *out, int *lz, const BIGNUM *bn) +{ + int n = bytes * 2, i; + char *p = out, *q = NULL; + + if (bn != NULL && !BN_is_zero(bn)) { + hex_convert_memory(in, bytes, out, BN_OUTPUT_SIZE); + if (*lz) { + for (; *p == '0' || *p == ' '; p++) + if (*p == '0') { + q = p; + *p = ' '; + n--; + } + if (*p == '\0') { + /* + * in[bytes] is defined because we're converting a non-zero + * number and we've not seen a non-zero yet. + */ + if ((in[bytes] & 0xf0) != 0 && BN_is_negative(bn)) { + *lz = 0; + *q = '-'; + n++; + } + } else { + *lz = 0; + if (BN_is_negative(bn)) { + /* + * This is valid because we always convert more digits than + * the number holds. + */ + *q = '-'; + n++; + } + } + } + return n; + } + + for (i = 0; i < n; i++) { + *p++ = ' '; + if (i % (2 * BN_OUTPUT_SIZE) == 2 * BN_OUTPUT_SIZE - 1 && i != n - 1) + *p++ = ' '; + } + *p = '\0'; + if (bn == NULL) + q = "NULL"; + else + q = BN_is_negative(bn) ? "-0" : "0"; + strcpy(p - strlen(q), q); + return 0; +} + +/* + * Common code to display either one or two bignums, including the diff + * pointers for changes (only when there are two). + */ +static void test_fail_bignum_common(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, + const BIGNUM *bn1, const BIGNUM *bn2) +{ + const size_t bytes = bn_bytes; + char b1[MAX_STRING_WIDTH + 1], b2[MAX_STRING_WIDTH + 1]; + char *p, bdiff[MAX_STRING_WIDTH + 1]; + size_t l1, l2, n1, n2, i, len; + unsigned int cnt, diff, real_diff; + unsigned char *m1 = NULL, *m2 = NULL; + int lz1 = 1, lz2 = 1; + unsigned char buffer[MEM_BUFFER_SIZE * 2], *bufp = buffer; + + test_fail_message_prefix(prefix, file, line, type, left, right, op); + l1 = bn1 == NULL ? 0 : (BN_num_bytes(bn1) + (BN_is_negative(bn1) ? 1 : 0)); + l2 = bn2 == NULL ? 0 : (BN_num_bytes(bn2) + (BN_is_negative(bn2) ? 1 : 0)); + if (l1 == 0 && l2 == 0) { + if ((bn1 == NULL) == (bn2 == NULL)) { + test_bignum_header_line(); + test_bignum_zero_print(bn1, ' '); + } else { + test_diff_header(left, right); + test_bignum_header_line(); + test_bignum_zero_print(bn1, '-'); + test_bignum_zero_print(bn2, '+'); + } + goto fin; + } + + if (l1 != l2 || bn1 == NULL || bn2 == NULL || BN_cmp(bn1, bn2) != 0) + test_diff_header(left, right); + test_bignum_header_line(); + + len = ((l1 > l2 ? l1 : l2) + bytes - 1) / bytes * bytes; + + if (len > MEM_BUFFER_SIZE && (bufp = OPENSSL_malloc(len * 2)) == NULL) { + bufp = buffer; + len = MEM_BUFFER_SIZE; + test_printf_stderr("WARNING: these BIGNUMs have been truncated\n"); + } + + if (bn1 != NULL) { + m1 = bufp; + BN_bn2binpad(bn1, m1, len); + } + if (bn2 != NULL) { + m2 = bufp + len; + BN_bn2binpad(bn2, m2, len); + } + + while (len > 0) { + cnt = 8 * (len - bytes); + n1 = convert_bn_memory(m1, bytes, b1, &lz1, bn1); + n2 = convert_bn_memory(m2, bytes, b2, &lz2, bn2); + + diff = real_diff = 0; + i = 0; + p = bdiff; + for (i=0; b1[i] != '\0'; i++) + if (b1[i] == b2[i] || b1[i] == ' ' || b2[i] == ' ') { + *p++ = ' '; + diff |= b1[i] != b2[i]; + } else { + *p++ = '^'; + real_diff = diff = 1; + } + *p++ = '\0'; + if (!diff) { + test_printf_stderr(" %s:% 5d\n", n2 > n1 ? b2 : b1, cnt); + } else { + if (cnt == 0 && bn1 == NULL) + test_printf_stderr("-%s\n", b1); + else if (cnt == 0 || n1 > 0) + test_printf_stderr("-%s:% 5d\n", b1, cnt); + if (cnt == 0 && bn2 == NULL) + test_printf_stderr("+%s\n", b2); + else if (cnt == 0 || n2 > 0) + test_printf_stderr("+%s:% 5d\n", b2, cnt); + if (real_diff && (cnt == 0 || (n1 > 0 && n2 > 0)) + && bn1 != NULL && bn2 != NULL) + test_printf_stderr(" %s\n", bdiff); + } + if (m1 != NULL) + m1 += bytes; + if (m2 != NULL) + m2 += bytes; + len -= bytes; + } +fin: + test_flush_stderr(); + if (bufp != buffer) + OPENSSL_free(bufp); +} + +/* + * Wrapper routines so that the underlying code can be shared. + * The first two are calls from inside the test utilities when a conditional + * fails. The third is the user's call to dump a bignum. + */ +void test_fail_bignum_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, + const BIGNUM *bn1, const BIGNUM *bn2) +{ + test_fail_bignum_common(prefix, file, line, type, left, right, op, bn1, bn2); + test_printf_stderr("\n"); +} + +void test_fail_bignum_mono_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const BIGNUM *bn) +{ + test_fail_bignum_common(prefix, file, line, type, left, right, op, bn, bn); + test_printf_stderr("\n"); +} + +void test_output_bignum(const char *name, const BIGNUM *bn) +{ + if (bn == NULL || BN_is_zero(bn)) { + test_printf_stderr("bignum: '%s' = %s\n", name, + test_bignum_zero_null(bn)); + } else if (BN_num_bytes(bn) <= BN_OUTPUT_SIZE) { + unsigned char buf[BN_OUTPUT_SIZE]; + char out[2 * sizeof(buf) + 1]; + char *p = out; + int n = BN_bn2bin(bn, buf); + + hex_convert_memory(buf, n, p, BN_OUTPUT_SIZE); + while (*p == '0' && *++p != '\0') + ; + test_printf_stderr("bignum: '%s' = %s0x%s\n", name, + BN_is_negative(bn) ? "-" : "", p); + } else { + test_fail_bignum_common("bignum", NULL, 0, NULL, NULL, NULL, name, + bn, bn); + } +} + +/* Memory output routines */ + +/* + * Handle zero length blocks of memory or NULL pointers to memory + */ +static void test_memory_null_empty(const unsigned char *m, char c) +{ + if (m == NULL) + test_printf_stderr("% 4s %c%s\n", "", c, "NULL"); + else + test_printf_stderr("%04x %c%s\n", 0u, c, "empty"); +} + +/* + * Common code to display one or two blocks of memory. + */ +static void test_fail_memory_common(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, + const unsigned char *m1, size_t l1, + const unsigned char *m2, size_t l2) +{ + const size_t bytes = (MAX_STRING_WIDTH - 9) / 17 * 8; + char b1[MAX_STRING_WIDTH + 1], b2[MAX_STRING_WIDTH + 1]; + char *p, bdiff[MAX_STRING_WIDTH + 1]; + size_t n1, n2, i; + unsigned int cnt = 0, diff; + + test_fail_message_prefix(prefix, file, line, type, left, right, op); + if (m1 == NULL) + l1 = 0; + if (m2 == NULL) + l2 = 0; + if (l1 == 0 && l2 == 0) { + if ((m1 == NULL) == (m2 == NULL)) { + test_memory_null_empty(m1, ' '); + } else { + test_diff_header(left, right); + test_memory_null_empty(m1, '-'); + test_memory_null_empty(m2, '+'); + } + goto fin; + } + + if (l1 != l2 || (m1 != m2 && memcmp(m1, m2, l1) != 0)) + test_diff_header(left, right); + + while (l1 > 0 || l2 > 0) { + n1 = n2 = 0; + if (l1 > 0) { + n1 = l1 > bytes ? bytes : l1; + hex_convert_memory(m1, n1, b1, 8); + } + if (l2 > 0) { + n2 = l2 > bytes ? bytes : l2; + hex_convert_memory(m2, n2, b2, 8); + } + + diff = 0; + i = 0; + p = bdiff; + if (n1 > 0 && n2 > 0) { + const size_t j = n1 < n2 ? n1 : n2; + + for (; i < j; i++) { + if (m1[i] == m2[i]) { + *p++ = ' '; + *p++ = ' '; + } else { + *p++ = '^'; + *p++ = '^'; + diff = 1; + } + if (i % 8 == 7 && i != j - 1) + *p++ = ' '; + } + *p++ = '\0'; + } + + if (n1 == n2 && !diff) { + test_printf_stderr("%04x: %s\n", cnt, b1); + } else { + if (cnt == 0 && (m1 == NULL || l1 == 0)) + test_memory_null_empty(m1, '-'); + else if (n1 > 0) + test_printf_stderr("%04x:-%s\n", cnt, b1); + if (cnt == 0 && (m2 == NULL || l2 == 0)) + test_memory_null_empty(m2, '+'); + else if (n2 > 0) + test_printf_stderr("%04x:+%s\n", cnt, b2); + if (diff && i > 0) + test_printf_stderr("% 4s %s\n", "", bdiff); + } + m1 += n1; + m2 += n2; + l1 -= n1; + l2 -= n2; + cnt += bytes; + } +fin: + test_flush_stderr(); +} + +/* + * Wrapper routines so that the underlying code can be shared. + * The first is the call from inside the test utilities when a conditional + * fails. The second is the user's call to dump memory. + */ +void test_fail_memory_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, + const unsigned char *m1, size_t l1, + const unsigned char *m2, size_t l2) +{ + test_fail_memory_common(prefix, file, line, type, left, right, op, + m1, l1, m2, l2); + test_printf_stderr("\n"); +} + +void test_output_memory(const char *name, const unsigned char *m, size_t l) +{ + test_fail_memory_common("memory", NULL, 0, NULL, NULL, NULL, name, + m, l, m, l); +} diff --git a/deps/openssl/openssl/test/testutil/init.c b/deps/openssl/openssl/test/testutil/init.c new file mode 100644 index 0000000000..5095c7f7e3 --- /dev/null +++ b/deps/openssl/openssl/test/testutil/init.c @@ -0,0 +1,15 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "../testutil.h" + +int global_init(void) +{ + return 1; +} diff --git a/deps/openssl/openssl/test/testutil/main.c b/deps/openssl/openssl/test/testutil/main.c new file mode 100644 index 0000000000..6781a5245a --- /dev/null +++ b/deps/openssl/openssl/test/testutil/main.c @@ -0,0 +1,106 @@ +/* + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "../testutil.h" +#include "internal/nelem.h" +#include "output.h" +#include "tu_local.h" + +#include <string.h> + +static size_t arg_count; +static char **args; +static unsigned char arg_used[1000]; + +static void check_arg_usage(void) +{ + size_t i, n = arg_count < OSSL_NELEM(arg_used) ? arg_count + : OSSL_NELEM(arg_used); + + for (i = 0; i < n; i++) + if (!arg_used[i+1]) + test_printf_stderr("Warning ignored command-line argument %d: %s\n", + i, args[i+1]); + if (i < arg_count) + test_printf_stderr("Warning arguments %zu and later unchecked\n", i); +} + +int main(int argc, char *argv[]) +{ + int ret = EXIT_FAILURE; + + test_open_streams(); + + if (!global_init()) { + test_printf_stderr("Global init failed - aborting\n"); + return ret; + } + + arg_count = argc - 1; + args = argv; + + setup_test_framework(); + + if (setup_tests()) + ret = run_tests(argv[0]); + cleanup_tests(); + check_arg_usage(); + + ret = pulldown_test_framework(ret); + test_close_streams(); + return ret; +} + +const char *test_get_program_name(void) +{ + return args[0]; +} + +char *test_get_argument(size_t n) +{ + if (n > arg_count) + return NULL; + if (n + 1 < OSSL_NELEM(arg_used)) + arg_used[n + 1] = 1; + return args[n + 1]; +} + +size_t test_get_argument_count(void) +{ + return arg_count; +} + +int test_has_option(const char *option) +{ + size_t i; + + for (i = 1; i <= arg_count; i++) + if (strcmp(args[i], option) == 0) { + arg_used[i] = 1; + return 1; + } + return 0; +} + +const char *test_get_option_argument(const char *option) +{ + size_t i, n = strlen(option); + + for (i = 1; i <= arg_count; i++) + if (strncmp(args[i], option, n) == 0) { + arg_used[i] = 1; + if (args[i][n] == '\0' && i + 1 < arg_count) { + arg_used[++i] = 1; + return args[i]; + } + return args[i] + n; + } + return NULL; +} + diff --git a/deps/openssl/openssl/test/testutil/output.h b/deps/openssl/openssl/test/testutil/output.h new file mode 100644 index 0000000000..8e2b2a340a --- /dev/null +++ b/deps/openssl/openssl/test/testutil/output.h @@ -0,0 +1,32 @@ +/* + * Copyright 2014-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_TU_OUTPUT_H +# define HEADER_TU_OUTPUT_H + +#include <stdarg.h> + +/* + * The basic I/O functions used internally by the test framework. These + * can be overridden when needed. Note that if one is, then all must be. + */ +void test_open_streams(void); +void test_close_streams(void); +/* The following ALL return the number of characters written */ +int test_vprintf_stdout(const char *fmt, va_list ap); +int test_vprintf_stderr(const char *fmt, va_list ap); +/* These return failure or success */ +int test_flush_stdout(void); +int test_flush_stderr(void); + +/* Commodity functions. There's no need to override these */ +int test_printf_stdout(const char *fmt, ...); +int test_printf_stderr(const char *fmt, ...); + +#endif /* HEADER_TU_OUTPUT_H */ diff --git a/deps/openssl/openssl/test/testutil/output_helpers.c b/deps/openssl/openssl/test/testutil/output_helpers.c new file mode 100644 index 0000000000..93514743e2 --- /dev/null +++ b/deps/openssl/openssl/test/testutil/output_helpers.c @@ -0,0 +1,34 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "output.h" + +int test_printf_stdout(const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = test_vprintf_stdout(fmt, ap); + va_end(ap); + + return ret; +} + +int test_printf_stderr(const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = test_vprintf_stderr(fmt, ap); + va_end(ap); + + return ret; +} diff --git a/deps/openssl/openssl/test/testutil/stanza.c b/deps/openssl/openssl/test/testutil/stanza.c new file mode 100644 index 0000000000..09fc181080 --- /dev/null +++ b/deps/openssl/openssl/test/testutil/stanza.c @@ -0,0 +1,158 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#include <assert.h> +#include <errno.h> +#include <stdio.h> +#include <string.h> +#include <ctype.h> + +#include "internal/nelem.h" +#include "../testutil.h" +#include "tu_local.h" + +int test_start_file(STANZA *s, const char *testfile) +{ + TEST_info("Reading %s", testfile); + set_test_title(testfile); + memset(s, 0, sizeof(*s)); + if (!TEST_ptr(s->fp = BIO_new_file(testfile, "r"))) + return 0; + s->test_file = testfile; + return 1; +} + +int test_end_file(STANZA *s) +{ + TEST_info("Completed %d tests with %d errors and %d skipped", + s->numtests, s->errors, s->numskip); + BIO_free(s->fp); + return 1; +} + +/* + * Read a PEM block. Return 1 if okay, 0 on error. + */ +static int read_key(STANZA *s) +{ + char tmpbuf[128]; + + if (s->key == NULL) { + if (!TEST_ptr(s->key = BIO_new(BIO_s_mem()))) + return 0; + } else if (!TEST_int_gt(BIO_reset(s->key), 0)) { + return 0; + } + + /* Read to PEM end line and place content in memory BIO */ + while (BIO_gets(s->fp, tmpbuf, sizeof(tmpbuf))) { + s->curr++; + if (!TEST_int_gt(BIO_puts(s->key, tmpbuf), 0)) + return 0; + if (strncmp(tmpbuf, "-----END", 8) == 0) + return 1; + } + TEST_error("Can't find key end"); + return 0; +} + + +/* + * Delete leading and trailing spaces from a string + */ +static char *strip_spaces(char *p) +{ + char *q; + + /* Skip over leading spaces */ + while (*p && isspace((unsigned char)*p)) + p++; + if (!*p) + return NULL; + + for (q = p + strlen(p) - 1; q != p && isspace((unsigned char)*q); ) + *q-- = '\0'; + return *p ? p : NULL; +} + +/* + * Read next test stanza; return 1 if found, 0 on EOF or error. + */ +int test_readstanza(STANZA *s) +{ + PAIR *pp = s->pairs; + char *p, *equals, *key, *value; + + for (s->numpairs = 0; BIO_gets(s->fp, s->buff, sizeof(s->buff)); ) { + s->curr++; + if (!TEST_ptr(p = strchr(s->buff, '\n'))) { + TEST_info("Line %d too long", s->curr); + return 0; + } + *p = '\0'; + + /* Blank line marks end of tests. */ + if (s->buff[0] == '\0') + break; + + /* Lines starting with a pound sign are ignored. */ + if (s->buff[0] == '#') + continue; + + /* Parse into key=value */ + if (!TEST_ptr(equals = strchr(s->buff, '='))) { + TEST_info("Missing = at line %d\n", s->curr); + return 0; + } + *equals++ = '\0'; + if (!TEST_ptr(key = strip_spaces(s->buff))) { + TEST_info("Empty field at line %d\n", s->curr); + return 0; + } + if ((value = strip_spaces(equals)) == NULL) + value = ""; + + if (strcmp(key, "Title") == 0) { + TEST_info("Starting \"%s\" tests at line %d", value, s->curr); + continue; + } + + if (s->numpairs == 0) + s->start = s->curr; + + if (strcmp(key, "PrivateKey") == 0) { + if (!read_key(s)) + return 0; + } + if (strcmp(key, "PublicKey") == 0) { + if (!read_key(s)) + return 0; + } + + if (!TEST_int_lt(s->numpairs++, TESTMAXPAIRS) + || !TEST_ptr(pp->key = OPENSSL_strdup(key)) + || !TEST_ptr(pp->value = OPENSSL_strdup(value))) + return 0; + pp++; + } + + /* If we read anything, return ok. */ + return 1; +} + +void test_clearstanza(STANZA *s) +{ + PAIR *pp = s->pairs; + int i = s->numpairs; + + for ( ; --i >= 0; pp++) { + OPENSSL_free(pp->key); + OPENSSL_free(pp->value); + } + s->numpairs = 0; +} diff --git a/deps/openssl/openssl/test/testutil/tap_bio.c b/deps/openssl/openssl/test/testutil/tap_bio.c new file mode 100644 index 0000000000..a6c903b5ae --- /dev/null +++ b/deps/openssl/openssl/test/testutil/tap_bio.c @@ -0,0 +1,154 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <string.h> +#include "tu_local.h" + +static int tap_write_ex(BIO *b, const char *buf, size_t size, size_t *in_size); +static int tap_read_ex(BIO *b, char *buf, size_t size, size_t *out_size); +static int tap_puts(BIO *b, const char *str); +static int tap_gets(BIO *b, char *str, int size); +static long tap_ctrl(BIO *b, int cmd, long arg1, void *arg2); +static int tap_new(BIO *b); +static int tap_free(BIO *b); +static long tap_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); + +const BIO_METHOD *BIO_f_tap(void) +{ + static BIO_METHOD *tap = NULL; + + if (tap == NULL) { + tap = BIO_meth_new(BIO_TYPE_START | BIO_TYPE_FILTER, "tap"); + if (tap != NULL) { + BIO_meth_set_write_ex(tap, tap_write_ex); + BIO_meth_set_read_ex(tap, tap_read_ex); + BIO_meth_set_puts(tap, tap_puts); + BIO_meth_set_gets(tap, tap_gets); + BIO_meth_set_ctrl(tap, tap_ctrl); + BIO_meth_set_create(tap, tap_new); + BIO_meth_set_destroy(tap, tap_free); + BIO_meth_set_callback_ctrl(tap, tap_callback_ctrl); + } + } + return tap; +} + +static int tap_new(BIO *b) +{ + BIO_set_data(b, NULL); + BIO_set_init(b, 1); + return 1; +} + +static int tap_free(BIO *b) +{ + if (b == NULL) + return 0; + BIO_set_data(b, NULL); + BIO_set_init(b, 0); + return 1; +} + +static int tap_read_ex(BIO *b, char *buf, size_t size, size_t *out_size) +{ + BIO *next = BIO_next(b); + int ret = 0; + + ret = BIO_read_ex(next, buf, size, out_size); + BIO_clear_retry_flags(b); + BIO_copy_next_retry(b); + return ret; +} + +/* + * Output a string to the specified bio and return 1 if successful. + */ +static int write_string(BIO *b, const char *buf, size_t n) +{ + size_t m; + + return BIO_write_ex(b, buf, n, &m) != 0 && m == n; +} + +/* + * Write some data. + * + * This function implements a simple state machine that detects new lines. + * It indents the output and prefixes it with a '#' character. + * + * It returns the number of input characters that were output in in_size. + * More characters than this will likely have been output however any calling + * code will be unable to correctly assess the actual number of characters + * emitted and would be prone to failure if the actual number were returned. + * + * The BIO_data field is used as our state. If it is NULL, we've just + * seen a new line. If it is not NULL, we're processing characters in a line. + */ +static int tap_write_ex(BIO *b, const char *buf, size_t size, size_t *in_size) +{ + BIO *next = BIO_next(b); + size_t i; + int j; + + for (i = 0; i < size; i++) { + if (BIO_get_data(b) == NULL) { + BIO_set_data(b, ""); + for (j = 0; j < subtest_level(); j++) + if (!write_string(next, " ", 1)) + goto err; + if (!write_string(next, "# ", 2)) + goto err; + } + if (!write_string(next, buf + i, 1)) + goto err; + if (buf[i] == '\n') + BIO_set_data(b, NULL); + } + *in_size = i; + return 1; + +err: + *in_size = i; + return 0; +} + +static long tap_ctrl(BIO *b, int cmd, long num, void *ptr) +{ + BIO *next = BIO_next(b); + + switch (cmd) { + case BIO_CTRL_RESET: + BIO_set_data(b, NULL); + break; + + default: + break; + } + return BIO_ctrl(next, cmd, num, ptr); +} + +static long tap_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) +{ + return BIO_callback_ctrl(BIO_next(b), cmd, fp); +} + +static int tap_gets(BIO *b, char *buf, int size) +{ + return BIO_gets(BIO_next(b), buf, size); +} + +static int tap_puts(BIO *b, const char *str) +{ + size_t m; + + if (!tap_write_ex(b, str, strlen(str), &m)) + return 0; + return m; +} diff --git a/deps/openssl/openssl/test/r160test.c b/deps/openssl/openssl/test/testutil/test_cleanup.c index 06033eb91f..0fdd2e959c 100644 --- a/deps/openssl/openssl/test/r160test.c +++ b/deps/openssl/openssl/test/testutil/test_cleanup.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,3 +7,8 @@ * https://www.openssl.org/source/license.html */ +#include "../testutil.h" + +void cleanup_tests(void) +{ +} diff --git a/deps/openssl/openssl/test/testutil/tests.c b/deps/openssl/openssl/test/testutil/tests.c new file mode 100644 index 0000000000..a60af0764f --- /dev/null +++ b/deps/openssl/openssl/test/testutil/tests.c @@ -0,0 +1,448 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "../testutil.h" +#include "output.h" +#include "tu_local.h" + +#include <errno.h> +#include <string.h> +#include <ctype.h> +#include "internal/nelem.h" +#include <openssl/asn1.h> + +/* + * Output a failed test first line. + * All items are optional are generally not preinted if passed as NULL. + * The special cases are for prefix where "ERROR" is assumed and for left + * and right where a non-failure message is produced if either is NULL. + */ +void test_fail_message_prefix(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op) +{ + test_printf_stderr("%s: ", prefix != NULL ? prefix : "ERROR"); + if (type) + test_printf_stderr("(%s) ", type); + if (op != NULL) { + if (left != NULL && right != NULL) + test_printf_stderr("'%s %s %s' failed", left, op, right); + else + test_printf_stderr("'%s'", op); + } + if (file != NULL) { + test_printf_stderr(" @ %s:%d", file, line); + } + test_printf_stderr("\n"); +} + +/* + * A common routine to output test failure messages. Generally this should not + * be called directly, rather it should be called by the following functions. + * + * |desc| is a printf formatted description with arguments |args| that is + * supplied by the user and |desc| can be NULL. |type| is the data type + * that was tested (int, char, ptr, ...). |fmt| is a system provided + * printf format with following arguments that spell out the failure + * details i.e. the actual values compared and the operator used. + * + * The typical use for this is from an utility test function: + * + * int test6(const char *file, int line, int n) { + * if (n != 6) { + * test_fail_message(1, file, line, "int", "value %d is not %d", n, 6); + * return 0; + * } + * return 1; + * } + * + * calling test6(3, "oops") will return 0 and produce out along the lines of: + * FAIL oops: (int) value 3 is not 6\n + */ +static void test_fail_message(const char *prefix, const char *file, int line, + const char *type, const char *left, + const char *right, const char *op, + const char *fmt, ...) + PRINTF_FORMAT(8, 9); + +static void test_fail_message_va(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const char *fmt, va_list ap) +{ + test_fail_message_prefix(prefix, file, line, type, left, right, op); + if (fmt != NULL) { + test_vprintf_stderr(fmt, ap); + test_printf_stderr("\n"); + } + test_flush_stderr(); +} + +static void test_fail_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const char *fmt, ...) +{ + va_list ap; + + va_start(ap, fmt); + test_fail_message_va(prefix, file, line, type, left, right, op, fmt, ap); + va_end(ap); +} + +void test_info_c90(const char *desc, ...) +{ + va_list ap; + + va_start(ap, desc); + test_fail_message_va("INFO", NULL, -1, NULL, NULL, NULL, NULL, desc, ap); + va_end(ap); +} + +void test_info(const char *file, int line, const char *desc, ...) +{ + va_list ap; + + va_start(ap, desc); + test_fail_message_va("INFO", file, line, NULL, NULL, NULL, NULL, desc, ap); + va_end(ap); +} + +void test_error_c90(const char *desc, ...) +{ + va_list ap; + + va_start(ap, desc); + test_fail_message_va(NULL, NULL, -1, NULL, NULL, NULL, NULL, desc, ap); + va_end(ap); + test_printf_stderr("\n"); +} + +void test_error(const char *file, int line, const char *desc, ...) +{ + va_list ap; + + va_start(ap, desc); + test_fail_message_va(NULL, file, line, NULL, NULL, NULL, NULL, desc, ap); + va_end(ap); + test_printf_stderr("\n"); +} + +void test_perror(const char *s) +{ + /* + * Using openssl_strerror_r causes linking issues since it isn't + * exported from libcrypto.so + */ + TEST_error("%s: %s", s, strerror(errno)); +} + +void test_note(const char *fmt, ...) +{ + if (fmt != NULL) { + va_list ap; + + va_start(ap, fmt); + test_vprintf_stderr(fmt, ap); + va_end(ap); + test_printf_stderr("\n"); + } + test_flush_stderr(); +} + +void test_openssl_errors(void) +{ + ERR_print_errors_cb(openssl_error_cb, NULL); + ERR_clear_error(); +} + +/* + * Define some comparisons between pairs of various types. + * These functions return 1 if the test is true. + * Otherwise, they return 0 and pretty-print diagnostics. + * + * In each case the functions produced are: + * int test_name_eq(const type t1, const type t2, const char *desc, ...); + * int test_name_ne(const type t1, const type t2, const char *desc, ...); + * int test_name_lt(const type t1, const type t2, const char *desc, ...); + * int test_name_le(const type t1, const type t2, const char *desc, ...); + * int test_name_gt(const type t1, const type t2, const char *desc, ...); + * int test_name_ge(const type t1, const type t2, const char *desc, ...); + * + * The t1 and t2 arguments are to be compared for equality, inequality, + * less than, less than or equal to, greater than and greater than or + * equal to respectively. If the specified condition holds, the functions + * return 1. If the condition does not hold, the functions print a diagnostic + * message and return 0. + * + * The desc argument is a printf format string followed by its arguments and + * this is included in the output if the condition being tested for is false. + */ +#define DEFINE_COMPARISON(type, name, opname, op, fmt) \ + int test_ ## name ## _ ## opname(const char *file, int line, \ + const char *s1, const char *s2, \ + const type t1, const type t2) \ + { \ + if (t1 op t2) \ + return 1; \ + test_fail_message(NULL, file, line, #type, s1, s2, #op, \ + "[" fmt "] compared to [" fmt "]", \ + t1, t2); \ + return 0; \ + } + +#define DEFINE_COMPARISONS(type, name, fmt) \ + DEFINE_COMPARISON(type, name, eq, ==, fmt) \ + DEFINE_COMPARISON(type, name, ne, !=, fmt) \ + DEFINE_COMPARISON(type, name, lt, <, fmt) \ + DEFINE_COMPARISON(type, name, le, <=, fmt) \ + DEFINE_COMPARISON(type, name, gt, >, fmt) \ + DEFINE_COMPARISON(type, name, ge, >=, fmt) + +DEFINE_COMPARISONS(int, int, "%d") +DEFINE_COMPARISONS(unsigned int, uint, "%u") +DEFINE_COMPARISONS(char, char, "%c") +DEFINE_COMPARISONS(unsigned char, uchar, "%u") +DEFINE_COMPARISONS(long, long, "%ld") +DEFINE_COMPARISONS(unsigned long, ulong, "%lu") +DEFINE_COMPARISONS(size_t, size_t, "%zu") + +DEFINE_COMPARISON(void *, ptr, eq, ==, "%p") +DEFINE_COMPARISON(void *, ptr, ne, !=, "%p") + +int test_ptr_null(const char *file, int line, const char *s, const void *p) +{ + if (p == NULL) + return 1; + test_fail_message(NULL, file, line, "ptr", s, "NULL", "==", "%p", p); + return 0; +} + +int test_ptr(const char *file, int line, const char *s, const void *p) +{ + if (p != NULL) + return 1; + test_fail_message(NULL, file, line, "ptr", s, "NULL", "!=", "%p", p); + return 0; +} + +int test_true(const char *file, int line, const char *s, int b) +{ + if (b) + return 1; + test_fail_message(NULL, file, line, "bool", s, "true", "==", "false"); + return 0; +} + +int test_false(const char *file, int line, const char *s, int b) +{ + if (!b) + return 1; + test_fail_message(NULL, file, line, "bool", s, "false", "==", "true"); + return 0; +} + +int test_str_eq(const char *file, int line, const char *st1, const char *st2, + const char *s1, const char *s2) +{ + if (s1 == NULL && s2 == NULL) + return 1; + if (s1 == NULL || s2 == NULL || strcmp(s1, s2) != 0) { + test_fail_string_message(NULL, file, line, "string", st1, st2, "==", + s1, s1 == NULL ? 0 : strlen(s1), + s2, s2 == NULL ? 0 : strlen(s2)); + return 0; + } + return 1; +} + +int test_str_ne(const char *file, int line, const char *st1, const char *st2, + const char *s1, const char *s2) +{ + if ((s1 == NULL) ^ (s2 == NULL)) + return 1; + if (s1 == NULL || strcmp(s1, s2) == 0) { + test_fail_string_message(NULL, file, line, "string", st1, st2, "!=", + s1, s1 == NULL ? 0 : strlen(s1), + s2, s2 == NULL ? 0 : strlen(s2)); + return 0; + } + return 1; +} + +int test_strn_eq(const char *file, int line, const char *st1, const char *st2, + const char *s1, const char *s2, size_t len) +{ + if (s1 == NULL && s2 == NULL) + return 1; + if (s1 == NULL || s2 == NULL || strncmp(s1, s2, len) != 0) { + test_fail_string_message(NULL, file, line, "string", st1, st2, "==", + s1, s1 == NULL ? 0 : OPENSSL_strnlen(s1, len), + s2, s2 == NULL ? 0 : OPENSSL_strnlen(s2, len)); + return 0; + } + return 1; +} + +int test_strn_ne(const char *file, int line, const char *st1, const char *st2, + const char *s1, const char *s2, size_t len) +{ + if ((s1 == NULL) ^ (s2 == NULL)) + return 1; + if (s1 == NULL || strncmp(s1, s2, len) == 0) { + test_fail_string_message(NULL, file, line, "string", st1, st2, "!=", + s1, s1 == NULL ? 0 : OPENSSL_strnlen(s1, len), + s2, s2 == NULL ? 0 : OPENSSL_strnlen(s2, len)); + return 0; + } + return 1; +} + +int test_mem_eq(const char *file, int line, const char *st1, const char *st2, + const void *s1, size_t n1, const void *s2, size_t n2) +{ + if (s1 == NULL && s2 == NULL) + return 1; + if (n1 != n2 || s1 == NULL || s2 == NULL || memcmp(s1, s2, n1) != 0) { + test_fail_memory_message(NULL, file, line, "memory", st1, st2, "==", + s1, n1, s2, n2); + return 0; + } + return 1; +} + +int test_mem_ne(const char *file, int line, const char *st1, const char *st2, + const void *s1, size_t n1, const void *s2, size_t n2) +{ + if ((s1 == NULL) ^ (s2 == NULL)) + return 1; + if (n1 != n2) + return 1; + if (s1 == NULL || memcmp(s1, s2, n1) == 0) { + test_fail_memory_message(NULL, file, line, "memory", st1, st2, "!=", + s1, n1, s2, n2); + return 0; + } + return 1; +} + +#define DEFINE_BN_COMPARISONS(opname, op, zero_cond) \ + int test_BN_ ## opname(const char *file, int line, \ + const char *s1, const char *s2, \ + const BIGNUM *t1, const BIGNUM *t2) \ + { \ + if (BN_cmp(t1, t2) op 0) \ + return 1; \ + test_fail_bignum_message(NULL, file, line, "BIGNUM", s1, s2, \ + #op, t1, t2); \ + return 0; \ + } \ + int test_BN_ ## opname ## _zero(const char *file, int line, \ + const char *s, const BIGNUM *a) \ + { \ + if (a != NULL &&(zero_cond)) \ + return 1; \ + test_fail_bignum_mono_message(NULL, file, line, "BIGNUM", \ + s, "0", #op, a); \ + return 0; \ + } + +DEFINE_BN_COMPARISONS(eq, ==, BN_is_zero(a)) +DEFINE_BN_COMPARISONS(ne, !=, !BN_is_zero(a)) +DEFINE_BN_COMPARISONS(gt, >, !BN_is_negative(a) && !BN_is_zero(a)) +DEFINE_BN_COMPARISONS(ge, >=, !BN_is_negative(a) || BN_is_zero(a)) +DEFINE_BN_COMPARISONS(lt, <, BN_is_negative(a) && !BN_is_zero(a)) +DEFINE_BN_COMPARISONS(le, <=, BN_is_negative(a) || BN_is_zero(a)) + +int test_BN_eq_one(const char *file, int line, const char *s, const BIGNUM *a) +{ + if (a != NULL && BN_is_one(a)) + return 1; + test_fail_bignum_mono_message(NULL, file, line, "BIGNUM", s, "1", "==", a); + return 0; +} + +int test_BN_odd(const char *file, int line, const char *s, const BIGNUM *a) +{ + if (a != NULL && BN_is_odd(a)) + return 1; + test_fail_bignum_mono_message(NULL, file, line, "BIGNUM", "ODD(", ")", s, a); + return 0; +} + +int test_BN_even(const char *file, int line, const char *s, const BIGNUM *a) +{ + if (a != NULL && !BN_is_odd(a)) + return 1; + test_fail_bignum_mono_message(NULL, file, line, "BIGNUM", "EVEN(", ")", s, + a); + return 0; +} + +int test_BN_eq_word(const char *file, int line, const char *bns, const char *ws, + const BIGNUM *a, BN_ULONG w) +{ + BIGNUM *bw; + + if (a != NULL && BN_is_word(a, w)) + return 1; + bw = BN_new(); + BN_set_word(bw, w); + test_fail_bignum_message(NULL, file, line, "BIGNUM", bns, ws, "==", a, bw); + BN_free(bw); + return 0; +} + +int test_BN_abs_eq_word(const char *file, int line, const char *bns, + const char *ws, const BIGNUM *a, BN_ULONG w) +{ + BIGNUM *bw, *aa; + + if (a != NULL && BN_abs_is_word(a, w)) + return 1; + bw = BN_new(); + aa = BN_dup(a); + BN_set_negative(aa, 0); + BN_set_word(bw, w); + test_fail_bignum_message(NULL, file, line, "BIGNUM", bns, ws, "abs==", + aa, bw); + BN_free(bw); + BN_free(aa); + return 0; +} + +static const char *print_time(const ASN1_TIME *t) +{ + return t == NULL ? "<null>" : (char *)ASN1_STRING_get0_data(t); +} + +#define DEFINE_TIME_T_COMPARISON(opname, op) \ + int test_time_t_ ## opname(const char *file, int line, \ + const char *s1, const char *s2, \ + const time_t t1, const time_t t2) \ + { \ + ASN1_TIME *at1 = ASN1_TIME_set(NULL, t1); \ + ASN1_TIME *at2 = ASN1_TIME_set(NULL, t2); \ + int r = at1 != NULL && at2 != NULL \ + && ASN1_TIME_compare(at1, at2) op 0; \ + if (!r) \ + test_fail_message(NULL, file, line, "time_t", s1, s2, #op, \ + "[%s] compared to [%s]", \ + print_time(at1), print_time(at2)); \ + ASN1_STRING_free(at1); \ + ASN1_STRING_free(at2); \ + return r; \ + } +DEFINE_TIME_T_COMPARISON(eq, ==) +DEFINE_TIME_T_COMPARISON(ne, !=) +DEFINE_TIME_T_COMPARISON(gt, >) +DEFINE_TIME_T_COMPARISON(ge, >=) +DEFINE_TIME_T_COMPARISON(lt, <) +DEFINE_TIME_T_COMPARISON(le, <=) diff --git a/deps/openssl/openssl/test/testutil/tu_local.h b/deps/openssl/openssl/test/testutil/tu_local.h new file mode 100644 index 0000000000..d2e65b5963 --- /dev/null +++ b/deps/openssl/openssl/test/testutil/tu_local.h @@ -0,0 +1,51 @@ +/* + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stdlib.h> /* size_t */ +#include <openssl/bn.h> +#include <openssl/bio.h> +#include "../testutil.h" + +int subtest_level(void); +int openssl_error_cb(const char *str, size_t len, void *u); +const BIO_METHOD *BIO_f_tap(void); + +void test_fail_message_prefix(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op); + +void test_fail_string_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const char *m1, size_t l1, + const char *m2, size_t l2); + +void test_fail_bignum_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, + const BIGNUM *bn1, const BIGNUM *bn2); +void test_fail_bignum_mono_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, const BIGNUM *bn); + +void test_fail_memory_message(const char *prefix, const char *file, + int line, const char *type, + const char *left, const char *right, + const char *op, + const unsigned char *m1, size_t l1, + const unsigned char *m2, size_t l2); + +void setup_test_framework(void); +__owur int pulldown_test_framework(int ret); + +__owur int run_tests(const char *test_prog_name); +void set_test_title(const char *title); diff --git a/deps/openssl/openssl/test/threadstest.c b/deps/openssl/openssl/test/threadstest.c index b2e96fa3a1..ee09f86930 100644 --- a/deps/openssl/openssl/test/threadstest.c +++ b/deps/openssl/openssl/test/threadstest.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -11,9 +11,8 @@ # include <windows.h> #endif -#include <stdio.h> - #include <openssl/crypto.h> +#include "testutil.h" #if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG) @@ -85,15 +84,9 @@ static int test_lock(void) { CRYPTO_RWLOCK *lock = CRYPTO_THREAD_lock_new(); - if (!CRYPTO_THREAD_read_lock(lock)) { - fprintf(stderr, "CRYPTO_THREAD_read_lock() failed\n"); - return 0; - } - - if (!CRYPTO_THREAD_unlock(lock)) { - fprintf(stderr, "CRYPTO_THREAD_unlock() failed\n"); + if (!TEST_true(CRYPTO_THREAD_read_lock(lock)) + || !TEST_true(CRYPTO_THREAD_unlock(lock))) return 0; - } CRYPTO_THREAD_lock_free(lock); @@ -116,23 +109,12 @@ static void once_run_thread_cb(void) static int test_once(void) { thread_t thread; - if (!run_thread(&thread, once_run_thread_cb) || - !wait_for_thread(thread)) - { - fprintf(stderr, "run_thread() failed\n"); - return 0; - } - - if (!CRYPTO_THREAD_run_once(&once_run, once_do_run)) { - fprintf(stderr, "CRYPTO_THREAD_run_once() failed\n"); - return 0; - } - if (once_run_count != 1) { - fprintf(stderr, "once run %u times\n", once_run_count); + if (!TEST_true(run_thread(&thread, once_run_thread_cb)) + || !TEST_true(wait_for_thread(thread)) + || !CRYPTO_THREAD_run_once(&once_run, once_do_run) + || !TEST_int_eq(once_run_count, 1)) return 0; - } - return 1; } @@ -157,21 +139,14 @@ static void thread_local_thread_cb(void) void *ptr; ptr = CRYPTO_THREAD_get_local(&thread_local_key); - if (ptr != NULL) { - fprintf(stderr, "ptr not NULL\n"); + if (!TEST_ptr_null(ptr) + || !TEST_true(CRYPTO_THREAD_set_local(&thread_local_key, + &destructor_run_count))) return; - } - - if (!CRYPTO_THREAD_set_local(&thread_local_key, &destructor_run_count)) { - fprintf(stderr, "CRYPTO_THREAD_set_local() failed\n"); - return; - } ptr = CRYPTO_THREAD_get_local(&thread_local_key); - if (ptr != &destructor_run_count) { - fprintf(stderr, "invalid ptr\n"); + if (!TEST_ptr_eq(ptr, &destructor_run_count)) return; - } thread_local_thread_cb_ok = 1; } @@ -181,66 +156,38 @@ static int test_thread_local(void) thread_t thread; void *ptr = NULL; - if (!CRYPTO_THREAD_init_local(&thread_local_key, thread_local_destructor)) { - fprintf(stderr, "CRYPTO_THREAD_init_local() failed\n"); + if (!TEST_true(CRYPTO_THREAD_init_local(&thread_local_key, + thread_local_destructor))) return 0; - } ptr = CRYPTO_THREAD_get_local(&thread_local_key); - if (ptr != NULL) { - fprintf(stderr, "ptr not NULL\n"); - return 0; - } - - if (!run_thread(&thread, thread_local_thread_cb) || - !wait_for_thread(thread)) - { - fprintf(stderr, "run_thread() failed\n"); - return 0; - } - - if (thread_local_thread_cb_ok != 1) { - fprintf(stderr, "thread-local thread callback failed\n"); + if (!TEST_ptr_null(ptr) + || !TEST_true(run_thread(&thread, thread_local_thread_cb)) + || !TEST_true(wait_for_thread(thread)) + || !TEST_int_eq(thread_local_thread_cb_ok, 1)) return 0; - } #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG) ptr = CRYPTO_THREAD_get_local(&thread_local_key); - if (ptr != NULL) { - fprintf(stderr, "ptr not NULL\n"); + if (!TEST_ptr_null(ptr)) return 0; - } # if !defined(OPENSSL_SYS_WINDOWS) - if (destructor_run_count != 1) { - fprintf(stderr, "thread-local destructor run %u times\n", - destructor_run_count); + if (!TEST_int_eq(destructor_run_count, 1)) return 0; - } # endif - #endif - if (!CRYPTO_THREAD_cleanup_local(&thread_local_key)) { - fprintf(stderr, "CRYPTO_THREAD_cleanup_local() failed\n"); + if (!TEST_true(CRYPTO_THREAD_cleanup_local(&thread_local_key))) return 0; - } - return 1; } -int main(int argc, char **argv) +int setup_tests(void) { - if (!test_lock()) - return 1; - - if (!test_once()) - return 1; - - if (!test_thread_local()) - return 1; - - printf("PASS\n"); - return 0; + ADD_TEST(test_lock); + ADD_TEST(test_once); + ADD_TEST(test_thread_local); + return 1; } diff --git a/deps/openssl/openssl/test/v3ext.c b/deps/openssl/openssl/test/v3ext.c index 1c1f788a73..14ae49969d 100644 --- a/deps/openssl/openssl/test/v3ext.c +++ b/deps/openssl/openssl/test/v3ext.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -13,30 +13,35 @@ #include <openssl/pem.h> #include <openssl/err.h> -int main(int ac, char **av) +#include "testutil.h" + +static const char *infile; + +static int test_pathlen(void) { X509 *x = NULL; BIO *b = NULL; long pathlen; - int ret = 1; + int ret = 0; - if (ac != 2) { - fprintf(stderr, "Usage error\n"); - goto end; - } - b = BIO_new_file(av[1], "r"); - if (b == NULL) + if (!TEST_ptr(b = BIO_new_file(infile, "r")) + || !TEST_ptr(x = PEM_read_bio_X509(b, NULL, NULL, NULL)) + || !TEST_int_eq(pathlen = X509_get_pathlen(x), 6)) goto end; - x = PEM_read_bio_X509(b, NULL, NULL, NULL); - if (x == NULL) - goto end; - pathlen = X509_get_pathlen(x); - if (pathlen == 6) - ret = 0; + + ret = 1; end: - ERR_print_errors_fp(stderr); BIO_free(b); X509_free(x); return ret; } + +int setup_tests(void) +{ + if (!TEST_ptr(infile = test_get_argument(0))) + return 0; + + ADD_TEST(test_pathlen); + return 1; +} diff --git a/deps/openssl/openssl/test/v3nametest.c b/deps/openssl/openssl/test/v3nametest.c index 648c1df4dd..86f3829aed 100644 --- a/deps/openssl/openssl/test/v3nametest.c +++ b/deps/openssl/openssl/test/v3nametest.c @@ -1,5 +1,5 @@ /* - * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2012-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,10 +7,17 @@ * https://www.openssl.org/source/license.html */ +#include <string.h> + +#include <openssl/e_os2.h> #include <openssl/x509.h> #include <openssl/x509v3.h> -#include "../e_os.h" -#include <string.h> +#include "internal/nelem.h" +#include "testutil.h" + +#ifdef OPENSSL_SYS_WINDOWS +# define strcasecmp _stricmp +#endif static const char *const names[] = { "a", "b", ".", "*", "@", @@ -72,6 +79,7 @@ static const char *const exceptions[] = { static int is_exception(const char *msg) { const char *const *p; + for (p = exceptions; *p; ++p) if (strcmp(msg, *p) == 0) return 1; @@ -83,13 +91,16 @@ static int set_cn(X509 *crt, ...) int ret = 0; X509_NAME *n = NULL; va_list ap; + va_start(ap, crt); n = X509_NAME_new(); if (n == NULL) goto out; + while (1) { int nid; const char *name; + nid = va_arg(ap, int); if (nid == 0) break; @@ -238,59 +249,55 @@ static const struct set_name_fn name_fns[] = { {set_email_and_cn, "set emailAddress", 0, 1}, {set_altname_dns, "set dnsName", 1, 0}, {set_altname_email, "set rfc822Name", 0, 1}, - {NULL, NULL, 0} }; -static X509 *make_cert() +static X509 *make_cert(void) { - X509 *ret = NULL; X509 *crt = NULL; - X509_NAME *issuer = NULL; - crt = X509_new(); - if (crt == NULL) - goto out; - if (!X509_set_version(crt, 3)) - goto out; - ret = crt; - crt = NULL; - out: - X509_NAME_free(issuer); - return ret; -} -static int errors; + if (!TEST_ptr(crt = X509_new())) + return NULL; + if (!TEST_true(X509_set_version(crt, 2))) { + X509_free(crt); + return NULL; + } + return crt; +} -static void check_message(const struct set_name_fn *fn, const char *op, - const char *nameincert, int match, const char *name) +static int check_message(const struct set_name_fn *fn, const char *op, + const char *nameincert, int match, const char *name) { char msg[1024]; + if (match < 0) - return; + return 1; BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]", fn->name, op, nameincert, match ? "matches" : "does not match", name); if (is_exception(msg)) - return; - puts(msg); - ++errors; + return 1; + TEST_error("%s", msg); + return 0; } -static void run_cert(X509 *crt, const char *nameincert, +static int run_cert(X509 *crt, const char *nameincert, const struct set_name_fn *fn) { const char *const *pname = names; - while (*pname) { + int failed = 0; + + for (; *pname != NULL; ++pname) { int samename = strcasecmp(nameincert, *pname) == 0; size_t namelen = strlen(*pname); - char *name = malloc(namelen); + char *name = OPENSSL_malloc(namelen); int match, ret; + memcpy(name, *pname, namelen); - ret = X509_check_host(crt, name, namelen, 0, NULL); match = -1; - if (ret < 0) { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; + if (!TEST_int_ge(ret = X509_check_host(crt, name, namelen, 0, NULL), + 0)) { + failed = 1; } else if (fn->host) { if (ret == 1 && !samename) match = 1; @@ -298,14 +305,14 @@ static void run_cert(X509 *crt, const char *nameincert, match = 0; } else if (ret == 1) match = 1; - check_message(fn, "host", nameincert, match, *pname); + if (!TEST_true(check_message(fn, "host", nameincert, match, *pname))) + failed = 1; - ret = X509_check_host(crt, name, namelen, - X509_CHECK_FLAG_NO_WILDCARDS, NULL); match = -1; - if (ret < 0) { - fprintf(stderr, "internal error in X509_check_host"); - ++errors; + if (!TEST_int_ge(ret = X509_check_host(crt, name, namelen, + X509_CHECK_FLAG_NO_WILDCARDS, + NULL), 0)) { + failed = 1; } else if (fn->host) { if (ret == 1 && !samename) match = 1; @@ -313,10 +320,12 @@ static void run_cert(X509 *crt, const char *nameincert, match = 0; } else if (ret == 1) match = 1; - check_message(fn, "host-no-wildcards", nameincert, match, *pname); + if (!TEST_true(check_message(fn, "host-no-wildcards", + nameincert, match, *pname))) + failed = 1; - ret = X509_check_email(crt, name, namelen, 0); match = -1; + ret = X509_check_email(crt, name, namelen, 0); if (fn->email) { if (ret && !samename) match = 1; @@ -324,32 +333,34 @@ static void run_cert(X509 *crt, const char *nameincert, match = 0; } else if (ret) match = 1; - check_message(fn, "email", nameincert, match, *pname); - ++pname; - free(name); + if (!TEST_true(check_message(fn, "email", nameincert, match, *pname))) + failed = 1; + OPENSSL_free(name); } + + return failed == 0; } -int main(void) +static int call_run_cert(int i) { - const struct set_name_fn *pfn = name_fns; - while (pfn->name) { - const char *const *pname = names; - while (*pname) { - X509 *crt = make_cert(); - if (crt == NULL) { - fprintf(stderr, "make_cert failed\n"); - return 1; - } - if (!pfn->fn(crt, *pname)) { - fprintf(stderr, "X509 name setting failed\n"); - return 1; - } - run_cert(crt, *pname, pfn); - X509_free(crt); - ++pname; - } - ++pfn; + int failed = 0; + const struct set_name_fn *pfn = &name_fns[i]; + X509 *crt; + const char *const *pname; + + TEST_info("%s", pfn->name); + for (pname = names; *pname != NULL; pname++) { + if (!TEST_ptr(crt = make_cert()) + || !TEST_true(pfn->fn(crt, *pname)) + || !run_cert(crt, *pname, pfn)) + failed = 1; + X509_free(crt); } - return errors > 0 ? 1 : 0; + return failed == 0; +} + +int setup_tests(void) +{ + ADD_ALL_TESTS(call_run_cert, OSSL_NELEM(name_fns)); + return 1; } diff --git a/deps/openssl/openssl/test/verify_extra_test.c b/deps/openssl/openssl/test/verify_extra_test.c index fabc1dc59f..d9d1498954 100644 --- a/deps/openssl/openssl/test/verify_extra_test.c +++ b/deps/openssl/openssl/test/verify_extra_test.c @@ -13,6 +13,11 @@ #include <openssl/x509.h> #include <openssl/pem.h> #include <openssl/err.h> +#include "testutil.h" + +static const char *roots_f; +static const char *untrusted_f; +static const char *bad_f; static STACK_OF(X509) *load_certs_from_file(const char *filename) { @@ -82,9 +87,7 @@ static STACK_OF(X509) *load_certs_from_file(const char *filename) * CA=FALSE, and will therefore incorrectly verify bad * */ -static int test_alt_chains_cert_forgery(const char *roots_f, - const char *untrusted_f, - const char *bad_f) +static int test_alt_chains_cert_forgery(void) { int ret = 0; int i; @@ -102,7 +105,7 @@ static int test_alt_chains_cert_forgery(const char *roots_f, lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); if (lookup == NULL) goto err; - if(!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM)) + if (!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM)) goto err; untrusted = load_certs_from_file(untrusted_f); @@ -110,7 +113,7 @@ static int test_alt_chains_cert_forgery(const char *roots_f, if ((bio = BIO_new_file(bad_f, "r")) == NULL) goto err; - if((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL) + if ((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL) goto err; sctx = X509_STORE_CTX_new(); @@ -132,12 +135,10 @@ static int test_alt_chains_cert_forgery(const char *roots_f, BIO_free(bio); sk_X509_pop_free(untrusted, X509_free); X509_STORE_free(store); - if (ret != 1) - ERR_print_errors_fp(stderr); return ret; } -static int test_store_ctx(const char *bad_f) +static int test_store_ctx(void) { X509_STORE_CTX *sctx = NULL; X509 *x = NULL; @@ -174,31 +175,16 @@ static int test_store_ctx(const char *bad_f) return testresult; } -int main(int argc, char **argv) +int setup_tests(void) { - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - if (argc != 4) { - fprintf(stderr, "usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); - return 1; - } - - if (!test_alt_chains_cert_forgery(argv[1], argv[2], argv[3])) { - fprintf(stderr, "Test alt chains cert forgery failed\n"); - return 1; + if (!TEST_ptr(roots_f = test_get_argument(0)) + || !TEST_ptr(untrusted_f = test_get_argument(1)) + || !TEST_ptr(bad_f = test_get_argument(2))) { + TEST_error("usage: verify_extra_test roots.pem untrusted.pem bad.pem\n"); + return 0; } - if (!test_store_ctx(argv[3])) { - fprintf(stderr, "Test X509_STORE_CTX failed\n"); - return 1; - } - -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; -#endif - - printf("PASS\n"); - return 0; + ADD_TEST(test_alt_chains_cert_forgery); + ADD_TEST(test_store_ctx); + return 1; } diff --git a/deps/openssl/openssl/test/wp_test.c b/deps/openssl/openssl/test/wp_test.c deleted file mode 100644 index 7b5cc04a16..0000000000 --- a/deps/openssl/openssl/test/wp_test.c +++ /dev/null @@ -1,233 +0,0 @@ -/* - * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include <stdio.h> -#include <string.h> -#include <stdlib.h> - -#include <openssl/whrlpool.h> -#include <openssl/crypto.h> - -#if defined(OPENSSL_NO_WHIRLPOOL) -int main(int argc, char *argv[]) -{ - printf("No Whirlpool support\n"); - return (0); -} -#else - -/* ISO/IEC 10118-3 test vector set */ -static const unsigned char iso_test_1[WHIRLPOOL_DIGEST_LENGTH] = { - 0x19, 0xFA, 0x61, 0xD7, 0x55, 0x22, 0xA4, 0x66, - 0x9B, 0x44, 0xE3, 0x9C, 0x1D, 0x2E, 0x17, 0x26, - 0xC5, 0x30, 0x23, 0x21, 0x30, 0xD4, 0x07, 0xF8, - 0x9A, 0xFE, 0xE0, 0x96, 0x49, 0x97, 0xF7, 0xA7, - 0x3E, 0x83, 0xBE, 0x69, 0x8B, 0x28, 0x8F, 0xEB, - 0xCF, 0x88, 0xE3, 0xE0, 0x3C, 0x4F, 0x07, 0x57, - 0xEA, 0x89, 0x64, 0xE5, 0x9B, 0x63, 0xD9, 0x37, - 0x08, 0xB1, 0x38, 0xCC, 0x42, 0xA6, 0x6E, 0xB3 -}; - -static const unsigned char iso_test_2[WHIRLPOOL_DIGEST_LENGTH] = { - 0x8A, 0xCA, 0x26, 0x02, 0x79, 0x2A, 0xEC, 0x6F, - 0x11, 0xA6, 0x72, 0x06, 0x53, 0x1F, 0xB7, 0xD7, - 0xF0, 0xDF, 0xF5, 0x94, 0x13, 0x14, 0x5E, 0x69, - 0x73, 0xC4, 0x50, 0x01, 0xD0, 0x08, 0x7B, 0x42, - 0xD1, 0x1B, 0xC6, 0x45, 0x41, 0x3A, 0xEF, 0xF6, - 0x3A, 0x42, 0x39, 0x1A, 0x39, 0x14, 0x5A, 0x59, - 0x1A, 0x92, 0x20, 0x0D, 0x56, 0x01, 0x95, 0xE5, - 0x3B, 0x47, 0x85, 0x84, 0xFD, 0xAE, 0x23, 0x1A -}; - -static const unsigned char iso_test_3[WHIRLPOOL_DIGEST_LENGTH] = { - 0x4E, 0x24, 0x48, 0xA4, 0xC6, 0xF4, 0x86, 0xBB, - 0x16, 0xB6, 0x56, 0x2C, 0x73, 0xB4, 0x02, 0x0B, - 0xF3, 0x04, 0x3E, 0x3A, 0x73, 0x1B, 0xCE, 0x72, - 0x1A, 0xE1, 0xB3, 0x03, 0xD9, 0x7E, 0x6D, 0x4C, - 0x71, 0x81, 0xEE, 0xBD, 0xB6, 0xC5, 0x7E, 0x27, - 0x7D, 0x0E, 0x34, 0x95, 0x71, 0x14, 0xCB, 0xD6, - 0xC7, 0x97, 0xFC, 0x9D, 0x95, 0xD8, 0xB5, 0x82, - 0xD2, 0x25, 0x29, 0x20, 0x76, 0xD4, 0xEE, 0xF5 -}; - -static const unsigned char iso_test_4[WHIRLPOOL_DIGEST_LENGTH] = { - 0x37, 0x8C, 0x84, 0xA4, 0x12, 0x6E, 0x2D, 0xC6, - 0xE5, 0x6D, 0xCC, 0x74, 0x58, 0x37, 0x7A, 0xAC, - 0x83, 0x8D, 0x00, 0x03, 0x22, 0x30, 0xF5, 0x3C, - 0xE1, 0xF5, 0x70, 0x0C, 0x0F, 0xFB, 0x4D, 0x3B, - 0x84, 0x21, 0x55, 0x76, 0x59, 0xEF, 0x55, 0xC1, - 0x06, 0xB4, 0xB5, 0x2A, 0xC5, 0xA4, 0xAA, 0xA6, - 0x92, 0xED, 0x92, 0x00, 0x52, 0x83, 0x8F, 0x33, - 0x62, 0xE8, 0x6D, 0xBD, 0x37, 0xA8, 0x90, 0x3E -}; - -static const unsigned char iso_test_5[WHIRLPOOL_DIGEST_LENGTH] = { - 0xF1, 0xD7, 0x54, 0x66, 0x26, 0x36, 0xFF, 0xE9, - 0x2C, 0x82, 0xEB, 0xB9, 0x21, 0x2A, 0x48, 0x4A, - 0x8D, 0x38, 0x63, 0x1E, 0xAD, 0x42, 0x38, 0xF5, - 0x44, 0x2E, 0xE1, 0x3B, 0x80, 0x54, 0xE4, 0x1B, - 0x08, 0xBF, 0x2A, 0x92, 0x51, 0xC3, 0x0B, 0x6A, - 0x0B, 0x8A, 0xAE, 0x86, 0x17, 0x7A, 0xB4, 0xA6, - 0xF6, 0x8F, 0x67, 0x3E, 0x72, 0x07, 0x86, 0x5D, - 0x5D, 0x98, 0x19, 0xA3, 0xDB, 0xA4, 0xEB, 0x3B -}; - -static const unsigned char iso_test_6[WHIRLPOOL_DIGEST_LENGTH] = { - 0xDC, 0x37, 0xE0, 0x08, 0xCF, 0x9E, 0xE6, 0x9B, - 0xF1, 0x1F, 0x00, 0xED, 0x9A, 0xBA, 0x26, 0x90, - 0x1D, 0xD7, 0xC2, 0x8C, 0xDE, 0xC0, 0x66, 0xCC, - 0x6A, 0xF4, 0x2E, 0x40, 0xF8, 0x2F, 0x3A, 0x1E, - 0x08, 0xEB, 0xA2, 0x66, 0x29, 0x12, 0x9D, 0x8F, - 0xB7, 0xCB, 0x57, 0x21, 0x1B, 0x92, 0x81, 0xA6, - 0x55, 0x17, 0xCC, 0x87, 0x9D, 0x7B, 0x96, 0x21, - 0x42, 0xC6, 0x5F, 0x5A, 0x7A, 0xF0, 0x14, 0x67 -}; - -static const unsigned char iso_test_7[WHIRLPOOL_DIGEST_LENGTH] = { - 0x46, 0x6E, 0xF1, 0x8B, 0xAB, 0xB0, 0x15, 0x4D, - 0x25, 0xB9, 0xD3, 0x8A, 0x64, 0x14, 0xF5, 0xC0, - 0x87, 0x84, 0x37, 0x2B, 0xCC, 0xB2, 0x04, 0xD6, - 0x54, 0x9C, 0x4A, 0xFA, 0xDB, 0x60, 0x14, 0x29, - 0x4D, 0x5B, 0xD8, 0xDF, 0x2A, 0x6C, 0x44, 0xE5, - 0x38, 0xCD, 0x04, 0x7B, 0x26, 0x81, 0xA5, 0x1A, - 0x2C, 0x60, 0x48, 0x1E, 0x88, 0xC5, 0xA2, 0x0B, - 0x2C, 0x2A, 0x80, 0xCF, 0x3A, 0x9A, 0x08, 0x3B -}; - -static const unsigned char iso_test_8[WHIRLPOOL_DIGEST_LENGTH] = { - 0x2A, 0x98, 0x7E, 0xA4, 0x0F, 0x91, 0x70, 0x61, - 0xF5, 0xD6, 0xF0, 0xA0, 0xE4, 0x64, 0x4F, 0x48, - 0x8A, 0x7A, 0x5A, 0x52, 0xDE, 0xEE, 0x65, 0x62, - 0x07, 0xC5, 0x62, 0xF9, 0x88, 0xE9, 0x5C, 0x69, - 0x16, 0xBD, 0xC8, 0x03, 0x1B, 0xC5, 0xBE, 0x1B, - 0x7B, 0x94, 0x76, 0x39, 0xFE, 0x05, 0x0B, 0x56, - 0x93, 0x9B, 0xAA, 0xA0, 0xAD, 0xFF, 0x9A, 0xE6, - 0x74, 0x5B, 0x7B, 0x18, 0x1C, 0x3B, 0xE3, 0xFD -}; - -static const unsigned char iso_test_9[WHIRLPOOL_DIGEST_LENGTH] = { - 0x0C, 0x99, 0x00, 0x5B, 0xEB, 0x57, 0xEF, 0xF5, - 0x0A, 0x7C, 0xF0, 0x05, 0x56, 0x0D, 0xDF, 0x5D, - 0x29, 0x05, 0x7F, 0xD8, 0x6B, 0x20, 0xBF, 0xD6, - 0x2D, 0xEC, 0xA0, 0xF1, 0xCC, 0xEA, 0x4A, 0xF5, - 0x1F, 0xC1, 0x54, 0x90, 0xED, 0xDC, 0x47, 0xAF, - 0x32, 0xBB, 0x2B, 0x66, 0xC3, 0x4F, 0xF9, 0xAD, - 0x8C, 0x60, 0x08, 0xAD, 0x67, 0x7F, 0x77, 0x12, - 0x69, 0x53, 0xB2, 0x26, 0xE4, 0xED, 0x8B, 0x01 -}; - -int main(int argc, char *argv[]) -{ - unsigned char md[WHIRLPOOL_DIGEST_LENGTH]; - int i; - WHIRLPOOL_CTX ctx; - - fprintf(stdout, "Testing Whirlpool "); - - WHIRLPOOL("", 0, md); - if (memcmp(md, iso_test_1, sizeof(iso_test_1))) { - fflush(stdout); - fprintf(stderr, "\nTEST 1 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("a", 1, md); - if (memcmp(md, iso_test_2, sizeof(iso_test_2))) { - fflush(stdout); - fprintf(stderr, "\nTEST 2 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("abc", 3, md); - if (memcmp(md, iso_test_3, sizeof(iso_test_3))) { - fflush(stdout); - fprintf(stderr, "\nTEST 3 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("message digest", 14, md); - if (memcmp(md, iso_test_4, sizeof(iso_test_4))) { - fflush(stdout); - fprintf(stderr, "\nTEST 4 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("abcdefghijklmnopqrstuvwxyz", 26, md); - if (memcmp(md, iso_test_5, sizeof(iso_test_5))) { - fflush(stdout); - fprintf(stderr, "\nTEST 5 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz" "0123456789", 62, md); - if (memcmp(md, iso_test_6, sizeof(iso_test_6))) { - fflush(stdout); - fprintf(stderr, "\nTEST 6 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("1234567890" "1234567890" "1234567890" "1234567890" - "1234567890" "1234567890" "1234567890" "1234567890", 80, md); - if (memcmp(md, iso_test_7, sizeof(iso_test_7))) { - fflush(stdout); - fprintf(stderr, "\nTEST 7 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL("abcdbcdecdefdefgefghfghighijhijk", 32, md); - if (memcmp(md, iso_test_8, sizeof(iso_test_8))) { - fflush(stdout); - fprintf(stderr, "\nTEST 8 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - WHIRLPOOL_Init(&ctx); - for (i = 0; i < 1000000; i += 288) - WHIRLPOOL_Update(&ctx, "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa", - (1000000 - i) < 288 ? 1000000 - i : 288); - WHIRLPOOL_Final(md, &ctx); - if (memcmp(md, iso_test_9, sizeof(iso_test_9))) { - fflush(stdout); - fprintf(stderr, "\nTEST 9 of 9 failed.\n"); - return 1; - } else - fprintf(stdout, "."); - fflush(stdout); - - fprintf(stdout, " passed.\n"); - fflush(stdout); - - return 0; -} -#endif diff --git a/deps/openssl/openssl/test/x509_dup_cert_test.c b/deps/openssl/openssl/test/x509_dup_cert_test.c index 7f7adebbb0..e639c01945 100644 --- a/deps/openssl/openssl/test/x509_dup_cert_test.c +++ b/deps/openssl/openssl/test/x509_dup_cert_test.c @@ -1,5 +1,6 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,64 +8,40 @@ * https://www.openssl.org/source/license.html */ -/* ==================================================================== - * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved. - */ - #include <stdio.h> #include <openssl/err.h> #include <openssl/x509_vfy.h> -static int test_509_dup_cert(const char *cert_f) +#include "testutil.h" + +static int test_509_dup_cert(int n) { int ret = 0; X509_STORE_CTX *sctx = NULL; X509_STORE *store = NULL; X509_LOOKUP *lookup = NULL; + const char *cert_f = test_get_argument(n); - store = X509_STORE_new(); - if (store == NULL) - goto err; - - lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file()); - if (lookup == NULL) - goto err; - - if (!X509_load_cert_file(lookup, cert_f, X509_FILETYPE_PEM)) - goto err; - if (!X509_load_cert_file(lookup, cert_f, X509_FILETYPE_PEM)) - goto err; + if (TEST_ptr(store = X509_STORE_new()) + && TEST_ptr(lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file())) + && TEST_true(X509_load_cert_file(lookup, cert_f, X509_FILETYPE_PEM)) + && TEST_true(X509_load_cert_file(lookup, cert_f, X509_FILETYPE_PEM))) + ret = 1; - ret = 1; - - err: X509_STORE_CTX_free(sctx); X509_STORE_free(store); - if (ret != 1) - ERR_print_errors_fp(stderr); return ret; } -int main(int argc, char **argv) +int setup_tests(void) { - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - if (argc != 2) { - fprintf(stderr, "usage: x509_dup_cert_test cert.pem\n"); - return 1; - } + size_t n = test_get_argument_count(); - if (!test_509_dup_cert(argv[1])) { - fprintf(stderr, "Test X509 duplicate cert failed\n"); - return 1; + if (!TEST_int_gt(n, 0)) { + TEST_note("usage: x509_dup_cert_test cert.pem..."); + return 0; } -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks_fp(stderr) <= 0) - return 1; -#endif - - printf("PASS\n"); - return 0; + ADD_ALL_TESTS(test_509_dup_cert, n); + return 1; } diff --git a/deps/openssl/openssl/test/x509_time_test.c b/deps/openssl/openssl/test/x509_time_test.c index 32d65c8761..b6fd38a5c5 100644 --- a/deps/openssl/openssl/test/x509_time_test.c +++ b/deps/openssl/openssl/test/x509_time_test.c @@ -15,7 +15,7 @@ #include <openssl/asn1.h> #include <openssl/x509.h> #include "testutil.h" -#include "e_os.h" +#include "internal/nelem.h" typedef struct { const char *data; @@ -25,6 +25,115 @@ typedef struct { int expected; } TESTDATA; +typedef struct { + const char *data; + /* 0 for check-only mode, 1 for set-string mode */ + int set_string; + /* 0 for error, 1 if succeed */ + int expected; + /* + * The following 2 fields are ignored if set_string field is set to '0' + * (in check only mode). + * + * But they can still be ignored explicitly in set-string mode by: + * setting -1 to expected_type and setting NULL to expected_string. + * + * It's useful in a case of set-string mode but the expected result + * is a 'parsing error'. + */ + int expected_type; + const char *expected_string; +} TESTDATA_FORMAT; + +/* + * Actually, the "loose" mode has been tested in + * those time-compare-cases, so we may not test it again. + */ +static TESTDATA_FORMAT x509_format_tests[] = { + /* GeneralizedTime */ + { + /* good format, check only */ + "20170217180105Z", 0, 1, -1, NULL, + }, + { + /* not leap year, check only */ + "20170229180105Z", 0, 0, -1, NULL, + }, + { + /* leap year, check only */ + "20160229180105Z", 0, 1, -1, NULL, + }, + { + /* SS is missing, check only */ + "201702171801Z", 0, 0, -1, NULL, + }, + { + /* fractional seconds, check only */ + "20170217180105.001Z", 0, 0, -1, NULL, + }, + { + /* time zone, check only */ + "20170217180105+0800", 0, 0, -1, NULL, + }, + { + /* SS is missing, set string */ + "201702171801Z", 1, 0, -1, NULL, + }, + { + /* fractional seconds, set string */ + "20170217180105.001Z", 1, 0, -1, NULL, + }, + { + /* time zone, set string */ + "20170217180105+0800", 1, 0, -1, NULL, + }, + { + /* good format, check returned 'turned' string */ + "20170217180154Z", 1, 1, V_ASN1_UTCTIME, "170217180154Z", + }, + { + /* good format, check returned string */ + "20510217180154Z", 1, 1, V_ASN1_GENERALIZEDTIME, "20510217180154Z", + }, + { + /* good format but out of UTC range, check returned string */ + "19230419180154Z", 1, 1, V_ASN1_GENERALIZEDTIME, "19230419180154Z", + }, + /* UTC */ + { + /* SS is missing, check only */ + "1702171801Z", 0, 0, -1, NULL, + }, + { + /* not leap year, check only */ + "050229180101Z", 0, 0, -1, NULL, + }, + { + /* leap year, check only */ + "040229180101Z", 0, 1, -1, NULL, + }, + { + /* time zone, check only */ + "170217180154+0800", 0, 0, -1, NULL, + }, + { + /* SS is missing, set string */ + "1702171801Z", 1, 0, -1, NULL, + }, + { + /* time zone, set string */ + "170217180154+0800", 1, 0, -1, NULL, + }, + { + /* 2017, good format, check returned string */ + "170217180154Z", 1, 1, V_ASN1_UTCTIME, "170217180154Z", + }, + { + /* 1998, good format, check returned string */ + "981223180154Z", 1, 1, V_ASN1_UTCTIME, "981223180154Z", + }, +}; + static TESTDATA x509_cmp_tests[] = { { "20170217180154Z", V_ASN1_GENERALIZEDTIME, @@ -153,17 +262,18 @@ static int test_x509_cmp_time(int idx) t.type = x509_cmp_tests[idx].type; t.data = (unsigned char*)(x509_cmp_tests[idx].data); t.length = strlen(x509_cmp_tests[idx].data); + t.flags = 0; result = X509_cmp_time(&t, &x509_cmp_tests[idx].cmp_time); - if (result != x509_cmp_tests[idx].expected) { - fprintf(stderr, "test_x509_cmp_time(%d) failed: expected %d, got %d\n", + if (!TEST_int_eq(result, x509_cmp_tests[idx].expected)) { + TEST_info("test_x509_cmp_time(%d) failed: expected %d, got %d\n", idx, x509_cmp_tests[idx].expected, result); return 0; } return 1; } -static int test_x509_cmp_time_current() +static int test_x509_cmp_time_current(void) { time_t now = time(NULL); /* Pick a day earlier and later, relative to any system clock. */ @@ -174,18 +284,12 @@ static int test_x509_cmp_time_current() asn1_after = ASN1_TIME_adj(NULL, now, 1, 0); cmp_result = X509_cmp_time(asn1_before, NULL); - if (cmp_result != -1) { - fprintf(stderr, "test_x509_cmp_time_current failed: expected -1, got %d\n", - cmp_result); + if (!TEST_int_eq(cmp_result, -1)) failed = 1; - } cmp_result = X509_cmp_time(asn1_after, NULL); - if (cmp_result != 1) { - fprintf(stderr, "test_x509_cmp_time_current failed: expected 1, got %d\n", - cmp_result); + if (!TEST_int_eq(cmp_result, 1)) failed = 1; - } ASN1_TIME_free(asn1_before); ASN1_TIME_free(asn1_after); @@ -193,20 +297,197 @@ static int test_x509_cmp_time_current() return failed == 0; } -int main(int argc, char **argv) +static int test_x509_time(int idx) +{ + ASN1_TIME *t = NULL; + int result, rv = 0; + + if (x509_format_tests[idx].set_string) { + /* set-string mode */ + t = ASN1_TIME_new(); + if (t == NULL) { + TEST_info("test_x509_time(%d) failed: internal error\n", idx); + return 0; + } + } + + result = ASN1_TIME_set_string_X509(t, x509_format_tests[idx].data); + /* time string parsing result is always checked against what's expected */ + if (!TEST_int_eq(result, x509_format_tests[idx].expected)) { + TEST_info("test_x509_time(%d) failed: expected %d, got %d\n", + idx, x509_format_tests[idx].expected, result); + goto out; + } + + /* if t is not NULL but expected_type is ignored(-1), it is an 'OK' case */ + if (t != NULL && x509_format_tests[idx].expected_type != -1) { + if (!TEST_int_eq(t->type, x509_format_tests[idx].expected_type)) { + TEST_info("test_x509_time(%d) failed: expected_type %d, got %d\n", + idx, x509_format_tests[idx].expected_type, t->type); + goto out; + } + } + + /* if t is not NULL but expected_string is NULL, it is an 'OK' case too */ + if (t != NULL && x509_format_tests[idx].expected_string) { + if (!TEST_str_eq((const char *)t->data, + x509_format_tests[idx].expected_string)) { + TEST_info("test_x509_time(%d) failed: expected_string %s, got %s\n", + idx, x509_format_tests[idx].expected_string, t->data); + goto out; + } + } + + rv = 1; +out: + if (t != NULL) + ASN1_TIME_free(t); + return rv; +} + +static const struct { + int y, m, d; + int yd, wd; +} day_of_week_tests[] = { + /*YYYY MM DD DoY DoW */ + { 1900, 1, 1, 0, 1 }, + { 1900, 2, 28, 58, 3 }, + { 1900, 3, 1, 59, 4 }, + { 1900, 12, 31, 364, 1 }, + { 1901, 1, 1, 0, 2 }, + { 1970, 1, 1, 0, 4 }, + { 1999, 1, 10, 9, 0 }, + { 1999, 12, 31, 364, 5 }, + { 2000, 1, 1, 0, 6 }, + { 2000, 2, 28, 58, 1 }, + { 2000, 2, 29, 59, 2 }, + { 2000, 3, 1, 60, 3 }, + { 2000, 12, 31, 365, 0 }, + { 2001, 1, 1, 0, 1 }, + { 2008, 1, 1, 0, 2 }, + { 2008, 2, 28, 58, 4 }, + { 2008, 2, 29, 59, 5 }, + { 2008, 3, 1, 60, 6 }, + { 2008, 12, 31, 365, 3 }, + { 2009, 1, 1, 0, 4 }, + { 2011, 1, 1, 0, 6 }, + { 2011, 2, 28, 58, 1 }, + { 2011, 3, 1, 59, 2 }, + { 2011, 12, 31, 364, 6 }, + { 2012, 1, 1, 0, 0 }, + { 2019, 1, 2, 1, 3 }, + { 2019, 2, 2, 32, 6 }, + { 2019, 3, 2, 60, 6 }, + { 2019, 4, 2, 91, 2 }, + { 2019, 5, 2, 121, 4 }, + { 2019, 6, 2, 152, 0 }, + { 2019, 7, 2, 182, 2 }, + { 2019, 8, 2, 213, 5 }, + { 2019, 9, 2, 244, 1 }, + { 2019, 10, 2, 274, 3 }, + { 2019, 11, 2, 305, 6 }, + { 2019, 12, 2, 335, 1 }, + { 2020, 1, 2, 1, 4 }, + { 2020, 2, 2, 32, 0 }, + { 2020, 3, 2, 61, 1 }, + { 2020, 4, 2, 92, 4 }, + { 2020, 5, 2, 122, 6 }, + { 2020, 6, 2, 153, 2 }, + { 2020, 7, 2, 183, 4 }, + { 2020, 8, 2, 214, 0 }, + { 2020, 9, 2, 245, 3 }, + { 2020, 10, 2, 275, 5 }, + { 2020, 11, 2, 306, 1 }, + { 2020, 12, 2, 336, 3 } +}; + +static int test_days(int n) +{ + char d[16]; + ASN1_TIME *a = NULL; + struct tm t; + int r; + + BIO_snprintf(d, sizeof(d), "%04d%02d%02d050505Z", + day_of_week_tests[n].y, day_of_week_tests[n].m, + day_of_week_tests[n].d); + + if (!TEST_ptr(a = ASN1_TIME_new())) + return 0; + + r = TEST_true(ASN1_TIME_set_string(a, d)) + && TEST_true(ASN1_TIME_to_tm(a, &t)) + && TEST_int_eq(t.tm_yday, day_of_week_tests[n].yd) + && TEST_int_eq(t.tm_wday, day_of_week_tests[n].wd); + + ASN1_TIME_free(a); + return r; +} + +#define construct_asn1_time(s, t, e) \ + { { sizeof(s) - 1, t, (unsigned char*)s, 0 }, e } + +static const struct { + ASN1_TIME asn1; + const char *readable; +} x509_print_tests [] = { + /* Generalized Time */ + construct_asn1_time("20170731222050Z", V_ASN1_GENERALIZEDTIME, + "Jul 31 22:20:50 2017 GMT"), + /* Generalized Time, no seconds */ + construct_asn1_time("201707312220Z", V_ASN1_GENERALIZEDTIME, + "Jul 31 22:20:00 2017 GMT"), + /* Generalized Time, fractional seconds (3 digits) */ + construct_asn1_time("20170731222050.123Z", V_ASN1_GENERALIZEDTIME, + "Jul 31 22:20:50.123 2017 GMT"), + /* Generalized Time, fractional seconds (1 digit) */ + construct_asn1_time("20170731222050.1Z", V_ASN1_GENERALIZEDTIME, + "Jul 31 22:20:50.1 2017 GMT"), + /* Generalized Time, fractional seconds (0 digit) */ + construct_asn1_time("20170731222050.Z", V_ASN1_GENERALIZEDTIME, + "Bad time value"), + /* UTC Time */ + construct_asn1_time("170731222050Z", V_ASN1_UTCTIME, + "Jul 31 22:20:50 2017 GMT"), + /* UTC Time, no seconds */ + construct_asn1_time("1707312220Z", V_ASN1_UTCTIME, + "Jul 31 22:20:00 2017 GMT"), +}; + +static int test_x509_time_print(int idx) { - int ret = 0; - unsigned int idx; + BIO *m; + int ret = 0, rv; + char *pp; + const char *readable; - if (!test_x509_cmp_time_current()) - ret = 1; + if (!TEST_ptr(m = BIO_new(BIO_s_mem()))) + goto err; - for (idx=0 ; idx < OSSL_NELEM(x509_cmp_tests) ; ++idx) { - if (!test_x509_cmp_time(idx)) - ret = 1; + rv = ASN1_TIME_print(m, &x509_print_tests[idx].asn1); + readable = x509_print_tests[idx].readable; + + if (rv == 0 && !TEST_str_eq(readable, "Bad time value")) { + /* only if the test case intends to fail... */ + goto err; } + if (!TEST_int_ne(rv = BIO_get_mem_data(m, &pp), 0) + || !TEST_int_eq(rv, (int)strlen(readable)) + || !TEST_strn_eq(pp, readable, rv)) + goto err; - if (ret == 0) - printf("PASS\n"); + ret = 1; + err: + BIO_free(m); return ret; } + +int setup_tests(void) +{ + ADD_TEST(test_x509_cmp_time_current); + ADD_ALL_TESTS(test_x509_cmp_time, OSSL_NELEM(x509_cmp_tests)); + ADD_ALL_TESTS(test_x509_time, OSSL_NELEM(x509_format_tests)); + ADD_ALL_TESTS(test_days, OSSL_NELEM(day_of_week_tests)); + ADD_ALL_TESTS(test_x509_time_print, OSSL_NELEM(x509_print_tests)); + return 1; +} diff --git a/deps/openssl/openssl/test/x509aux.c b/deps/openssl/openssl/test/x509aux.c index 2c20d6d743..c8bef0094d 100644 --- a/deps/openssl/openssl/test/x509aux.c +++ b/deps/openssl/openssl/test/x509aux.c @@ -1,5 +1,5 @@ /* - * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL licenses, (the "License"); * you may not use this file except in compliance with the License. @@ -16,37 +16,12 @@ #include <openssl/pem.h> #include <openssl/conf.h> #include <openssl/err.h> +#include "internal/nelem.h" +#include "testutil.h" -#include "../e_os.h" - -static const char *progname; - -static void test_usage(void) -{ - fprintf(stderr, "usage: %s certfile\n", progname); -} - -static void print_errors(void) +static int test_certs(int num) { - unsigned long err; - char buffer[1024]; - const char *file; - const char *data; - int line; - int flags; - - while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) { - ERR_error_string_n(err, buffer, sizeof(buffer)); - if (flags & ERR_TXT_STRING) - fprintf(stderr, "Error: %s:%s:%d:%s\n", buffer, file, line, data); - else - fprintf(stderr, "Error: %s:%s:%d\n", buffer, file, line); - } -} - -static int test_certs(BIO *fp) -{ - int count; + int c; char *name = 0; char *header = 0; unsigned char *data = 0; @@ -54,30 +29,33 @@ static int test_certs(BIO *fp) typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long); typedef int (*i2d_X509_t)(X509 *, unsigned char **); int err = 0; + BIO *fp = BIO_new_file(test_get_argument(num), "r"); + + if (!TEST_ptr(fp)) + return 0; + + for (c = 0; !err && PEM_read_bio(fp, &name, &header, &data, &len); ++c) { + const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0); - for (count = 0; - !err && PEM_read_bio(fp, &name, &header, &data, &len); - ++count) { - int trusted = strcmp(name, PEM_STRING_X509_TRUSTED) == 0; d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509; i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509; X509 *cert = NULL; - const unsigned char *p = data; + const unsigned char *p = data; unsigned char *buf = NULL; unsigned char *bufp; long enclen; - if (!trusted + if (!trusted && strcmp(name, PEM_STRING_X509) != 0 - && strcmp(name, PEM_STRING_X509_OLD) != 0) { - fprintf(stderr, "unexpected PEM object: %s\n", name); + && strcmp(name, PEM_STRING_X509_OLD) != 0) { + TEST_error("unexpected PEM object: %s", name); err = 1; - goto next; + goto next; } cert = d2i(NULL, &p, len); if (cert == NULL || (p - data) != len) { - fprintf(stderr, "error parsing input %s\n", name); + TEST_error("error parsing input %s", name); err = 1; goto next; } @@ -85,33 +63,31 @@ static int test_certs(BIO *fp) /* Test traditional 2-pass encoding into caller allocated buffer */ enclen = i2d(cert, NULL); if (len != enclen) { - fprintf(stderr, "encoded length %ld of %s != input length %ld\n", - enclen, name, len); + TEST_error("encoded length %ld of %s != input length %ld", + enclen, name, len); err = 1; goto next; } if ((buf = bufp = OPENSSL_malloc(len)) == NULL) { - perror("malloc"); + TEST_perror("malloc"); err = 1; goto next; } enclen = i2d(cert, &bufp); if (len != enclen) { - fprintf(stderr, "encoded length %ld of %s != input length %ld\n", - enclen, name, len); + TEST_error("encoded length %ld of %s != input length %ld", + enclen, name, len); err = 1; goto next; } enclen = (long) (bufp - buf); if (enclen != len) { - fprintf(stderr, "unexpected buffer position after encoding %s\n", - name); + TEST_error("unexpected buffer position after encoding %s", name); err = 1; goto next; } if (memcmp(buf, data, len) != 0) { - fprintf(stderr, "encoded content of %s does not match input\n", - name); + TEST_error("encoded content of %s does not match input", name); err = 1; goto next; } @@ -121,14 +97,13 @@ static int test_certs(BIO *fp) /* Test 1-pass encoding into library allocated buffer */ enclen = i2d(cert, &buf); if (len != enclen) { - fprintf(stderr, "encoded length %ld of %s != input length %ld\n", - enclen, name, len); + TEST_error("encoded length %ld of %s != input length %ld", + enclen, name, len); err = 1; goto next; } if (memcmp(buf, data, len) != 0) { - fprintf(stderr, "encoded content of %s does not match input\n", - name); + TEST_error("encoded content of %s does not match input", name); err = 1; goto next; } @@ -141,91 +116,51 @@ static int test_certs(BIO *fp) /* Test 1-pass encoding into library allocated buffer */ enclen = i2d(cert, &buf); if (enclen > len) { - fprintf(stderr, "encoded length %ld of %s > input length %ld\n", - enclen, name, len); + TEST_error("encoded length %ld of %s > input length %ld", + enclen, name, len); err = 1; goto next; } if (memcmp(buf, data, enclen) != 0) { - fprintf(stderr, "encoded cert content does not match input\n"); + TEST_error("encoded cert content does not match input"); err = 1; goto next; } } - /* - * If any of these were null, PEM_read() would have failed. - */ + /* + * If any of these were null, PEM_read() would have failed. + */ next: X509_free(cert); OPENSSL_free(buf); - OPENSSL_free(name); - OPENSSL_free(header); - OPENSSL_free(data); + OPENSSL_free(name); + OPENSSL_free(header); + OPENSSL_free(data); } + BIO_free(fp); if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) { /* Reached end of PEM file */ - if (count > 0) { + if (c > 0) { ERR_clear_error(); return 1; } } /* Some other PEM read error */ - print_errors(); return 0; } -int main(int argc, char *argv[]) +int setup_tests(void) { - BIO *bio_err; - const char *p; - int ret = 1; - - progname = argv[0]; - if (argc < 2) { - test_usage(); - EXIT(ret); - } - - bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); - - p = getenv("OPENSSL_DEBUG_MEMORY"); - if (p != NULL && strcmp(p, "on") == 0) - CRYPTO_set_mem_debug(1); - CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); - - argc--; - argv++; - - while (argc >= 1) { - BIO *f = BIO_new_file(*argv, "r"); - int ok; - - if (f == NULL) { - fprintf(stderr, "%s: Error opening cert file: '%s': %s\n", - progname, *argv, strerror(errno)); - EXIT(ret); - } - ret = !(ok = test_certs(f)); - BIO_free(f); - - if (!ok) { - printf("%s ERROR\n", *argv); - ret = 1; - break; - } - printf("%s OK\n", *argv); + size_t n = test_get_argument_count(); - argc--; - argv++; + if (n == 0) { + TEST_error("usage: %s certfile...", test_get_program_name()); + return 0; } -#ifndef OPENSSL_NO_CRYPTO_MDEBUG - if (CRYPTO_mem_leaks(bio_err) <= 0) - ret = 1; -#endif - BIO_free(bio_err); - EXIT(ret); + ADD_ALL_TESTS(test_certs, (int)n); + return 1; } |