[openssl] master update
Richard Levitte
levitte at openssl.org
Thu May 14 08:06:27 UTC 2020
The branch master has been updated
via a87820e16bbbbb1f8a68ddaf3aa1159da886acca (commit)
via bcb018e70b596811146a17d95532498bbe3ef13a (commit)
from c4e3a727209b8ae165a0abe085488845e246ea0e (commit)
- Log -----------------------------------------------------------------
commit a87820e16bbbbb1f8a68ddaf3aa1159da886acca
Author: Richard Levitte <levitte at openssl.org>
Date: Tue May 12 15:27:32 2020 +0200
test/evp_extra_test.c: Add test for CMAC keygen with a NULL engine
Verifies that #11671 is fixed
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11674)
commit bcb018e70b596811146a17d95532498bbe3ef13a
Author: Richard Levitte <levitte at openssl.org>
Date: Wed Apr 29 06:55:40 2020 +0200
EVP: Only use the engine when one is defined, in pkey_mac_ctrl()
Fixes #11671
Reviewed-by: Shane Lontis <shane.lontis at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11674)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/pkey_mac.c | 18 +++++++++++-------
test/evp_extra_test.c | 22 ++++++++++++++++++++++
2 files changed, 33 insertions(+), 7 deletions(-)
diff --git a/crypto/evp/pkey_mac.c b/crypto/evp/pkey_mac.c
index 56231e3938..3503aac6d3 100644
--- a/crypto/evp/pkey_mac.c
+++ b/crypto/evp/pkey_mac.c
@@ -308,11 +308,14 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
OSSL_PARAM params[3];
size_t params_n = 0;
char *ciphname = (char *)OBJ_nid2sn(EVP_CIPHER_nid(p2));
+
#ifndef OPENSSL_NO_ENGINE
- char *engineid = (char *)ENGINE_get_id(ctx->engine);
+ if (ctx->engine != NULL) {
+ char *engid = (char *)ENGINE_get_id(ctx->engine);
- params[params_n++] =
- OSSL_PARAM_construct_utf8_string("engine", engineid, 0);
+ params[params_n++] =
+ OSSL_PARAM_construct_utf8_string("engine", engid, 0);
+ }
#endif
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER,
@@ -458,13 +461,14 @@ static int pkey_mac_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
size_t params_n = 0;
char *mdname =
(char *)OBJ_nid2sn(EVP_MD_nid(hctx->raw_data.md));
+
#ifndef OPENSSL_NO_ENGINE
- char *engineid = ctx->engine == NULL
- ? NULL : (char *)ENGINE_get_id(ctx->engine);
+ if (ctx->engine != NULL) {
+ char *engid = (char *)ENGINE_get_id(ctx->engine);
- if (engineid != NULL)
params[params_n++] =
- OSSL_PARAM_construct_utf8_string("engine", engineid, 0);
+ OSSL_PARAM_construct_utf8_string("engine", engid, 0);
+ }
#endif
params[params_n++] =
OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_DIGEST,
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 9deae29c47..bbd95850c6 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1179,6 +1179,27 @@ static int test_EVP_PKEY_check(int i)
return ret;
}
+static int test_CMAC_keygen(void)
+{
+ /*
+ * This is a legacy method for CMACs, but should still work.
+ * This verifies that it works without an ENGINE.
+ */
+ EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
+ int ret = 0;
+
+ if (!TEST_true(EVP_PKEY_keygen_init(kctx) > 0)
+ && !TEST_true(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
+ EVP_PKEY_CTRL_CIPHER,
+ 0, (void *)EVP_aes_256_ecb()) > 0))
+ goto done;
+ ret = 1;
+
+ done:
+ EVP_PKEY_CTX_free(kctx);
+ return ret;
+}
+
static int test_HKDF(void)
{
EVP_PKEY_CTX *pctx;
@@ -1630,6 +1651,7 @@ int setup_tests(void)
if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
return 0;
ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
+ ADD_TEST(test_CMAC_keygen);
ADD_TEST(test_HKDF);
#ifndef OPENSSL_NO_EC
ADD_TEST(test_X509_PUBKEY_inplace);
More information about the openssl-commits
mailing list