From: Dr. Stephen Henson Date: Sat, 10 Dec 2016 13:59:29 +0000 (+0000) Subject: Additional error tests in evp_test.c X-Git-Tag: OpenSSL_1_1_0d~87 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=c6720f816f4c9373890939d6ec63a7dc29835fdd;p=oweals%2Fopenssl.git Additional error tests in evp_test.c Support checking for errors during test initialisation and parsing. Add errors and tests for key operation initalisation and ctrl errors. Reviewed-by: Rich Salz (cherry picked from commit cce65266299e2e89303a90c131e8171225a1bf88) --- diff --git a/test/evp_test.c b/test/evp_test.c index 907e083c9f..9dfd4a1719 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -354,8 +354,7 @@ static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth) t->nskip++; } else { /* run the test */ - t->err = NULL; - if (t->meth->run_test(t) != 1) { + if (t->err == NULL && t->meth->run_test(t) != 1) { fprintf(stderr, "%s test error line %d\n", t->meth->name, t->start_line); return 0; @@ -567,6 +566,7 @@ int main(int argc, char **argv) return 1; } t.in = in; + t.err = NULL; while (BIO_gets(in, buf, sizeof(buf))) { t.line++; if (!process_test(&t, buf, 0)) @@ -1234,7 +1234,7 @@ static int pkey_test_init(struct evp_test *t, const char *name, if (!kdata->ctx) return 0; if (keyopinit(kdata->ctx) <= 0) - return 0; + t->err = "KEYOP_INIT_ERROR"; return 1; } @@ -1260,11 +1260,21 @@ static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx, if (p != NULL) *p++ = 0; rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p); - if (p != NULL && rv <= 0 && rv != -2) { - /* If p has an OID assume disabled algorithm */ - if (OBJ_sn2nid(p) != NID_undef || OBJ_ln2nid(p) != NID_undef) { + if (rv == -2) { + t->err = "PKEY_CTRL_INVALID"; + rv = 1; + } else if (p != NULL && rv <= 0) { + /* If p has an OID and lookup fails assume disabled algorithm */ + int nid = OBJ_sn2nid(p); + if (nid == NID_undef) + nid = OBJ_ln2nid(p); + if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL && + EVP_get_cipherbynid(nid) == NULL) { t->skip = 1; rv = 1; + } else { + t->err = "PKEY_CTRL_ERROR"; + rv = 1; } } OPENSSL_free(tmpval); diff --git a/test/evptests.txt b/test/evptests.txt index 83da703d04..1818893862 100644 --- a/test/evptests.txt +++ b/test/evptests.txt @@ -2770,6 +2770,15 @@ Ctrl = digest:SHA1 Input = "0123456789ABCDEF1234" Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad +# Illegal RSA key derivation +Derive = RSA-2048 +Result = KEYOP_INIT_ERROR + +# Invalid ctrl +Sign = RSA-2048 +Ctrl = rsa_mgf1_md:sha1 +Result = PKEY_CTRL_INVALID + # EC tests Verify = P-256 @@ -3588,3 +3597,11 @@ SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742 Derive=Bob-25519 PeerKey=Alice-25519-PUBLIC SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742 + +# Illegal sign/verify operations with X25519 key + +Sign=Alice-25519 +Result = KEYOP_INIT_ERROR + +Verify=Alice-25519 +Result = KEYOP_INIT_ERROR