[openssl] openssl-3.0 update
Matt Caswell
matt at openssl.org
Fri Oct 22 07:53:44 UTC 2021
The branch openssl-3.0 has been updated
via beb00a330c7e1c213c72a249894ed23f0f8df5a2 (commit)
via 726c6cc71155494ba99cf8719cd1281403e49ed8 (commit)
via e3c654c813ebd4e456060f594964107f03ca3e12 (commit)
via 60722c167cd3f26f1670d50a8638ee21979bea36 (commit)
via 60f5e48f44b0d4e4179960741e8b73e5c475d3e8 (commit)
via 1974be5912fc10c4f589c328063aba7a09d3aa93 (commit)
via 55398b354f55955a1f504f591b8cf64a559a5793 (commit)
via 4fffef3dedcb80d2bfa657d4b7c2850dddaef1b4 (commit)
via 97c453a6395c5c5a53331c514d55b82be926d141 (commit)
from 04b0646950449e2e0eaa40427a9d0e0040b028dc (commit)
- Log -----------------------------------------------------------------
commit beb00a330c7e1c213c72a249894ed23f0f8df5a2
Author: Matt Caswell <matt at openssl.org>
Date: Wed Oct 20 15:47:22 2021 +0100
Update pyca-cryptography sub-module
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit 7cce994d3e57345ba729388b9321d9bf8b661b4f)
commit 726c6cc71155494ba99cf8719cd1281403e49ed8
Author: Matt Caswell <matt at openssl.org>
Date: Mon Oct 11 13:43:19 2021 +0100
Fix acvp_test sig_gen
Ensure we set the size of the signature buffer before we call
EVP_DigestSign()
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit 1b327433e52c8acd6db0a69bc772d4bd1800a109)
commit e3c654c813ebd4e456060f594964107f03ca3e12
Author: Matt Caswell <matt at openssl.org>
Date: Mon Oct 11 13:12:49 2021 +0100
Fix test_CMAC_keygen
Make sure we correctly pass through the size of the buffer to
EVP_DigestSignFinal
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit cff7d58eb4c8e0ef43e2fd0b12bc067bd3540e2c)
commit 60722c167cd3f26f1670d50a8638ee21979bea36
Author: Matt Caswell <matt at openssl.org>
Date: Mon Oct 11 12:08:29 2021 +0100
Fix a bug in signature self tests in the FIPS module
When calling EVP_PKEY_sign(), the size of the signature buffer must
be passed in *siglen.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit 61adb6cf950b65a7bfce9a8d78a7744dfae9f978)
commit 60f5e48f44b0d4e4179960741e8b73e5c475d3e8
Author: Matt Caswell <matt at openssl.org>
Date: Fri Oct 8 14:43:17 2021 +0100
Add an additional note to EVP_DigestSign() documentation
Clarify what happens if it fails. Make it clear that you can pass a NULL
"sig" buffer to get the "siglen".
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit dc3f057ce1701d5fd77cc4fcc1d14afe3e3122a3)
commit 1974be5912fc10c4f589c328063aba7a09d3aa93
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 7 14:15:47 2021 +0100
Test short buffers
Test that calling EVP_DigestSign(), EVP_DigestSignFinal(),
EVP_PKEY_sign(), EVP_PKEY_get_raw_private_key(), or
EVP_PKEY_get_raw_public_key() with a short output buffer results in a
failure.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit 15ff7d7c2569a1aceaf6e85b61aee62422628fc9)
commit 55398b354f55955a1f504f591b8cf64a559a5793
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 7 14:14:52 2021 +0100
Fix SSKDF to not claim a buffer size that is too small for the MAC
We also check that our buffer is sufficiently sized for the MAC output
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit 7be8ba546267787c1b0df8a4fddaf9cb29944cbb)
commit 4fffef3dedcb80d2bfa657d4b7c2850dddaef1b4
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 7 14:06:32 2021 +0100
Enforce a size check in EVP_MAC_final()
Make sure that the outsize for the buffer is large enough for the
output from the MAC.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit b97f4dd73b4711eebf731ae0efa6e9b77c7f3304)
commit 97c453a6395c5c5a53331c514d55b82be926d141
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 7 11:33:17 2021 +0100
Prevent an overflow if an application supplies a buffer that is too small
If an application bug means that a buffer smaller than is necessary is
passed to various functions then OpenSSL does not spot that the buffer
is too small and fills it anyway. This PR prevents that.
Since it requires an application bug to hit this problem, no CVE is
allocated.
Thanks to David Benjamin for reporting this issue.
Reviewed-by: Tomas Mraz <tomas at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16789)
(cherry picked from commit 43da9a14f0e73f42f28ae34219929b44df5d1a11)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/m_sigver.c | 7 +-
crypto/evp/mac_lib.c | 8 +-
crypto/evp/p_lib.c | 6 +-
crypto/evp/signature.c | 2 +-
doc/man3/EVP_DigestSignInit.pod | 6 +-
providers/fips/self_test_kats.c | 2 +-
providers/implementations/kdfs/sskdf.c | 4 +-
pyca-cryptography | 2 +-
test/acvp_test.c | 1 +
test/evp_extra_test.c | 159 +++++++++++++++++++++++++++------
10 files changed, 160 insertions(+), 37 deletions(-)
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 806ef3224c..70669c3e6d 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -411,14 +411,14 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
if (sigret == NULL || (ctx->flags & EVP_MD_CTX_FLAG_FINALISE) != 0)
return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
sigret, siglen,
- SIZE_MAX);
+ (sigret == NULL) ? 0 : *siglen);
dctx = EVP_PKEY_CTX_dup(pctx);
if (dctx == NULL)
return 0;
r = dctx->op.sig.signature->digest_sign_final(dctx->op.sig.algctx,
sigret, siglen,
- SIZE_MAX);
+ (sigret == NULL) ? 0 : *siglen);
EVP_PKEY_CTX_free(dctx);
return r;
@@ -506,7 +506,8 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
&& pctx->op.sig.signature != NULL) {
if (pctx->op.sig.signature->digest_sign != NULL)
return pctx->op.sig.signature->digest_sign(pctx->op.sig.algctx,
- sigret, siglen, SIZE_MAX,
+ sigret, siglen,
+ sigret == NULL ? 0 : *siglen,
tbs, tbslen);
} else {
/* legacy */
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 1a68c58919..24fdb35c8e 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -132,6 +132,7 @@ static int evp_mac_final(EVP_MAC_CTX *ctx, int xof,
size_t l;
int res;
OSSL_PARAM params[2];
+ size_t macsize;
if (ctx == NULL || ctx->meth == NULL) {
ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
@@ -142,14 +143,19 @@ static int evp_mac_final(EVP_MAC_CTX *ctx, int xof,
return 0;
}
+ macsize = EVP_MAC_CTX_get_mac_size(ctx);
if (out == NULL) {
if (outl == NULL) {
ERR_raise(ERR_LIB_EVP, ERR_R_PASSED_NULL_PARAMETER);
return 0;
}
- *outl = EVP_MAC_CTX_get_mac_size(ctx);
+ *outl = macsize;
return 1;
}
+ if (outsize < macsize) {
+ ERR_raise(ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL);
+ return 0;
+ }
if (xof) {
params[0] = OSSL_PARAM_construct_int(OSSL_MAC_PARAM_XOF, &xof);
params[1] = OSSL_PARAM_construct_end();
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index aabd92d555..38e22f3b6c 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -529,12 +529,14 @@ static int get_raw_key_details(const OSSL_PARAM params[], void *arg)
if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PRIV_KEY))
!= NULL)
return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key,
- SIZE_MAX, raw_key->len);
+ raw_key->key == NULL ? 0 : *raw_key->len,
+ raw_key->len);
} else if (raw_key->selection == OSSL_KEYMGMT_SELECT_PUBLIC_KEY) {
if ((p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_PUB_KEY))
!= NULL)
return OSSL_PARAM_get_octet_string(p, (void **)raw_key->key,
- SIZE_MAX, raw_key->len);
+ raw_key->key == NULL ? 0 : *raw_key->len,
+ raw_key->len);
}
return 0;
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index e3bfdd56a2..b636889c3b 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -582,7 +582,7 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
goto legacy;
ret = ctx->op.sig.signature->sign(ctx->op.sig.algctx, sig, siglen,
- SIZE_MAX, tbs, tbslen);
+ (sig == NULL) ? 0 : *siglen, tbs, tbslen);
return ret;
legacy:
diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod
index 8748014465..c8385949fb 100644
--- a/doc/man3/EVP_DigestSignInit.pod
+++ b/doc/man3/EVP_DigestSignInit.pod
@@ -130,7 +130,11 @@ written to I<siglen>.
EVP_DigestSign() signs I<tbslen> bytes of data at I<tbs> and places the
signature in I<sig> and its length in I<siglen> in a similar way to
-EVP_DigestSignFinal().
+EVP_DigestSignFinal(). In the event of a failure EVP_DigestSign() cannot be
+called again without reinitialising the EVP_MD_CTX. If I<sig> is NULL before the
+call then I<siglen> will be populated with the required size for the I<sig>
+buffer. If I<sig> is non-NULL before the call then I<siglen> should contain the
+length of the I<sig> buffer.
=head1 RETURN VALUES
diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c
index 81f7226ba1..94a0cf842c 100644
--- a/providers/fips/self_test_kats.c
+++ b/providers/fips/self_test_kats.c
@@ -446,7 +446,7 @@ static int self_test_sign(const ST_KAT_SIGN *t,
EVP_PKEY *pkey = NULL;
unsigned char sig[256];
BN_CTX *bnctx = NULL;
- size_t siglen = 0;
+ size_t siglen = sizeof(sig);
static const unsigned char dgst[] = {
0x7f, 0x83, 0xb1, 0x65, 0x7f, 0xf1, 0xfc, 0x53, 0xb9, 0x2d, 0xc1, 0x81,
0x48, 0xa1, 0xd6, 0x5d, 0xfc, 0x2d, 0x4b, 0x1f, 0xa3, 0xd6, 0x77, 0x28,
diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c
index 56ac1e6334..297ddcdc2d 100644
--- a/providers/implementations/kdfs/sskdf.c
+++ b/providers/implementations/kdfs/sskdf.c
@@ -239,7 +239,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
goto end;
out_len = EVP_MAC_CTX_get_mac_size(ctx_init); /* output size */
- if (out_len <= 0)
+ if (out_len <= 0 || (mac == mac_buf && out_len > sizeof(mac_buf)))
goto end;
len = derived_key_len;
@@ -263,7 +263,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init,
if (len == 0)
break;
} else {
- if (!EVP_MAC_final(ctx, mac, NULL, len))
+ if (!EVP_MAC_final(ctx, mac, NULL, out_len))
goto end;
memcpy(out, mac, len);
break;
diff --git a/pyca-cryptography b/pyca-cryptography
index 0034926f2c..fa84d185c0 160000
--- a/pyca-cryptography
+++ b/pyca-cryptography
@@ -1 +1 @@
-Subproject commit 0034926f2cca02258f50e9faccb90ec344790159
+Subproject commit fa84d185c0fefa7d612759e02a26def2f948fe34
diff --git a/test/acvp_test.c b/test/acvp_test.c
index 0e2d54dab6..10621c3e48 100644
--- a/test/acvp_test.c
+++ b/test/acvp_test.c
@@ -94,6 +94,7 @@ static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name,
size_t sig_len;
size_t sz = EVP_PKEY_get_size(pkey);
+ sig_len = sz;
if (!TEST_ptr(sig = OPENSSL_malloc(sz))
|| !TEST_ptr(md_ctx = EVP_MD_CTX_new())
|| !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, libctx,
diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index baa93beb11..b241387b5e 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -600,6 +600,14 @@ static EVP_PKEY *load_example_dsa_key(void)
}
#endif
+#ifndef OPENSSL_NO_EC
+static EVP_PKEY *load_example_ec_key(void)
+{
+ return load_example_key("EC", kExampleECKeyDER,
+ sizeof(kExampleECKeyDER));
+}
+#endif
+
#ifndef OPENSSL_NO_DEPRECATED_3_0
# ifndef OPENSSL_NO_DH
static EVP_PKEY *load_example_dh_key(void)
@@ -610,12 +618,6 @@ static EVP_PKEY *load_example_dh_key(void)
# endif
# ifndef OPENSSL_NO_EC
-static EVP_PKEY *load_example_ec_key(void)
-{
- return load_example_key("EC", kExampleECKeyDER,
- sizeof(kExampleECKeyDER));
-}
-
static EVP_PKEY *load_example_ed25519_key(void)
{
return load_example_key("ED25519", kExampleED25519KeyDER,
@@ -979,6 +981,66 @@ static int test_EC_priv_only_legacy(void)
# endif /* OPENSSL_NO_DEPRECATED_3_0 */
#endif /* OPENSSL_NO_EC */
+static int test_EVP_PKEY_sign(int tst)
+{
+ int ret = 0;
+ EVP_PKEY *pkey = NULL;
+ unsigned char *sig = NULL;
+ size_t sig_len = 0, shortsig_len = 1;
+ EVP_PKEY_CTX *ctx = NULL;
+ unsigned char tbs[] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b,
+ 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13
+ };
+
+ if (tst == 0 ) {
+ if (!TEST_ptr(pkey = load_example_rsa_key()))
+ goto out;
+ } else if (tst == 1) {
+#ifndef OPENSSL_NO_DSA
+ if (!TEST_ptr(pkey = load_example_dsa_key()))
+ goto out;
+#else
+ ret = 1;
+ goto out;
+#endif
+ } else {
+#ifndef OPENSSL_NO_EC
+ if (!TEST_ptr(pkey = load_example_ec_key()))
+ goto out;
+#else
+ ret = 1;
+ goto out;
+#endif
+ }
+
+ ctx = EVP_PKEY_CTX_new_from_pkey(testctx, pkey, NULL);
+ if (!TEST_ptr(ctx)
+ || !TEST_int_gt(EVP_PKEY_sign_init(ctx), 0)
+ || !TEST_int_gt(EVP_PKEY_sign(ctx, NULL, &sig_len, tbs,
+ sizeof(tbs)), 0))
+ goto out;
+ sig = OPENSSL_malloc(sig_len);
+ if (!TEST_ptr(sig)
+ /* Test sending a signature buffer that is too short is rejected */
+ || !TEST_int_le(EVP_PKEY_sign(ctx, sig, &shortsig_len, tbs,
+ sizeof(tbs)), 0)
+ || !TEST_int_gt(EVP_PKEY_sign(ctx, sig, &sig_len, tbs, sizeof(tbs)),
+ 0)
+ /* Test the signature round-trips */
+ || !TEST_int_gt(EVP_PKEY_verify_init(ctx), 0)
+ || !TEST_int_gt(EVP_PKEY_verify(ctx, sig, sig_len, tbs, sizeof(tbs)),
+ 0))
+ goto out;
+
+ ret = 1;
+ out:
+ EVP_PKEY_CTX_free(ctx);
+ OPENSSL_free(sig);
+ EVP_PKEY_free(pkey);
+ return ret;
+}
+
/*
* n = 0 => test using legacy cipher
* n = 1 => test using fetched cipher
@@ -1047,13 +1109,19 @@ err:
* Test 6: Use an MD BIO to do the Update calls instead (RSA)
* Test 7: Use an MD BIO to do the Update calls instead (DSA)
* Test 8: Use an MD BIO to do the Update calls instead (HMAC)
+ * Test 9: Use EVP_DigestSign (Implicit fetch digest, RSA, short sig)
+ * Test 10: Use EVP_DigestSign (Implicit fetch digest, DSA, short sig)
+ * Test 11: Use EVP_DigestSign (Implicit fetch digest, HMAC, short sig)
+ * Test 12: Use EVP_DigestSign (Implicit fetch digest, RSA)
+ * Test 13: Use EVP_DigestSign (Implicit fetch digest, DSA)
+ * Test 14: Use EVP_DigestSign (Implicit fetch digest, HMAC)
*/
static int test_EVP_DigestSignInit(int tst)
{
int ret = 0;
EVP_PKEY *pkey = NULL;
unsigned char *sig = NULL, *sig2 = NULL;
- size_t sig_len = 0, sig2_len = 0;
+ size_t sig_len = 0, sig2_len = 0, shortsig_len = 1;
EVP_MD_CTX *md_ctx = NULL, *md_ctx_verify = NULL;
EVP_MD_CTX *a_md_ctx = NULL, *a_md_ctx_verify = NULL;
BIO *mdbio = NULL, *membio = NULL;
@@ -1064,7 +1132,7 @@ static int test_EVP_DigestSignInit(int tst)
if (nullprov != NULL)
return TEST_skip("Test does not support a non-default library context");
- if (tst >= 6) {
+ if (tst >= 6 && tst <= 8) {
membio = BIO_new(BIO_s_mem());
mdbio = BIO_new(BIO_f_md());
if (!TEST_ptr(membio) || !TEST_ptr(mdbio))
@@ -1078,10 +1146,10 @@ static int test_EVP_DigestSignInit(int tst)
goto out;
}
- if (tst == 0 || tst == 3 || tst == 6) {
+ if (tst % 3 == 0) {
if (!TEST_ptr(pkey = load_example_rsa_key()))
goto out;
- } else if (tst == 1 || tst == 4 || tst == 7) {
+ } else if (tst % 3 == 1) {
#ifndef OPENSSL_NO_DSA
if (!TEST_ptr(pkey = load_example_dsa_key()))
goto out;
@@ -1102,26 +1170,54 @@ static int test_EVP_DigestSignInit(int tst)
if (!TEST_true(EVP_DigestSignInit(md_ctx, NULL, md, NULL, pkey)))
goto out;
- if (tst >= 6) {
+ if (tst >= 6 && tst <= 8) {
if (!BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written))
goto out;
- } else {
+ } else if (tst < 6) {
if (!TEST_true(EVP_DigestSignUpdate(md_ctx, kMsg, sizeof(kMsg))))
goto out;
}
- /* Determine the size of the signature. */
- if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
- || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
- || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
- goto out;
+ if (tst >= 9) {
+ /* Determine the size of the signature. */
+ if (!TEST_true(EVP_DigestSign(md_ctx, NULL, &sig_len, kMsg,
+ sizeof(kMsg)))
+ || !TEST_ptr(sig = OPENSSL_malloc(sig_len)))
+ goto out;
+ if (tst <= 11) {
+ /* Test that supply a short sig buffer fails */
+ if (!TEST_false(EVP_DigestSign(md_ctx, sig, &shortsig_len, kMsg,
+ sizeof(kMsg))))
+ goto out;
+ /*
+ * We end here because once EVP_DigestSign() has failed you should
+ * not call it again without re-initing the ctx
+ */
+ ret = 1;
+ goto out;
+ }
+ if (!TEST_true(EVP_DigestSign(md_ctx, sig, &sig_len, kMsg,
+ sizeof(kMsg))))
+ goto out;
+ } else {
+ /* Determine the size of the signature. */
+ if (!TEST_true(EVP_DigestSignFinal(md_ctx, NULL, &sig_len))
+ || !TEST_ptr(sig = OPENSSL_malloc(sig_len))
+ /*
+ * Trying to create a signature with a deliberately short
+ * buffer should fail.
+ */
+ || !TEST_false(EVP_DigestSignFinal(md_ctx, sig, &shortsig_len))
+ || !TEST_true(EVP_DigestSignFinal(md_ctx, sig, &sig_len)))
+ goto out;
+ }
/*
* Ensure that the signature round-trips (Verification isn't supported for
* HMAC via EVP_DigestVerify*)
*/
- if (tst != 2 && tst != 5 && tst != 8) {
- if (tst >= 6) {
+ if (tst % 3 != 2) {
+ if (tst >= 6 && tst <= 8) {
if (!TEST_int_gt(BIO_reset(mdbio), 0)
|| !TEST_int_gt(BIO_get_md_ctx(mdbio, &md_ctx_verify), 0))
goto out;
@@ -1131,7 +1227,7 @@ static int test_EVP_DigestSignInit(int tst)
NULL, pkey)))
goto out;
- if (tst >= 6) {
+ if (tst >= 6 && tst <= 8) {
if (!TEST_true(BIO_write_ex(mdbio, kMsg, sizeof(kMsg), &written)))
goto out;
} else {
@@ -1806,7 +1902,7 @@ static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
int ret = 0;
unsigned char buf[80];
unsigned char *in;
- size_t inlen, len = 0;
+ size_t inlen, len = 0, shortlen = 1;
EVP_PKEY *pkey;
/* Check if this algorithm supports public keys */
@@ -1856,8 +1952,20 @@ static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx)
|| !TEST_int_eq(EVP_PKEY_eq(pkey, pkey), 1)
|| (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, NULL, &len)))
|| (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, NULL, &len)))
- || !TEST_true(len == inlen)
- || (!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
+ || !TEST_true(len == inlen))
+ goto done;
+ if (tst != 1) {
+ /*
+ * Test that supplying a buffer that is too small fails. Doesn't apply
+ * to HMAC with a zero length key
+ */
+ if ((!pub && !TEST_false(EVP_PKEY_get_raw_private_key(pkey, buf,
+ &shortlen)))
+ || (pub && !TEST_false(EVP_PKEY_get_raw_public_key(pkey, buf,
+ &shortlen))))
+ goto done;
+ }
+ if ((!pub && !TEST_true(EVP_PKEY_get_raw_private_key(pkey, buf, &len)))
|| (pub && !TEST_true(EVP_PKEY_get_raw_public_key(pkey, buf, &len)))
|| !TEST_mem_eq(in, inlen, buf, len))
goto done;
@@ -1962,7 +2070,7 @@ static int get_cmac_val(EVP_PKEY *pkey, unsigned char *mac)
{
EVP_MD_CTX *mdctx = EVP_MD_CTX_new();
const char msg[] = "Hello World";
- size_t maclen;
+ size_t maclen = AES_BLOCK_SIZE;
int ret = 1;
if (!TEST_ptr(mdctx)
@@ -4033,9 +4141,10 @@ int setup_tests(void)
}
ADD_TEST(test_EVP_set_default_properties);
- ADD_ALL_TESTS(test_EVP_DigestSignInit, 9);
+ ADD_ALL_TESTS(test_EVP_DigestSignInit, 15);
ADD_TEST(test_EVP_DigestVerifyInit);
ADD_TEST(test_EVP_Digest);
+ ADD_ALL_TESTS(test_EVP_PKEY_sign, 3);
ADD_ALL_TESTS(test_EVP_Enveloped, 2);
ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata));
ADD_TEST(test_privatekey_to_pkcs8);
More information about the openssl-commits
mailing list