mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

TEST: correct test/recipes/30-test_evp_data/evppkey_ecdh.txt

Browse Source 
Some keys with groups that aren't supported by FIPS were still used
for Derive stanzas, even when testing with the FIPS provider.
This was due to the flaw in evp_keymgmt_util_try_import() that meant
that even though the key was invalid for FIPS, it could still come
through, because the imported keydata wasn't cleared on import error.
With that flaw corrected, these few Derive stanzas start failing.

We mitigate this by making of "offending" Derive stanzas only
available with the default provider.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15008)
This commit is contained in:
Richard Levitte 2021-04-23 15:52:02 +02:00
parent 3d80b5e611
commit a70936a845
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
test/recipes/30-test_evp_data/evppkey_ecdh.txt
View File

@ -947,12 +947,14 @@ PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB
# ECDH Alice with Bob peer # ECDH Alice with Bob peer
Availablein=default
Derive=ALICE_sect163r1 Derive=ALICE_sect163r1
PeerKey=BOB_sect163r1_PUB PeerKey=BOB_sect163r1_PUB
SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
# ECDH Bob with Alice peer # ECDH Bob with Alice peer
Availablein=default
Derive=BOB_sect163r1 Derive=BOB_sect163r1
PeerKey=ALICE_sect163r1_PUB PeerKey=ALICE_sect163r1_PUB
SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4
@ -993,12 +995,14 @@ PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB
# ECDH Alice with Bob peer # ECDH Alice with Bob peer
Availablein=default
Derive=ALICE_sect193r1 Derive=ALICE_sect193r1
PeerKey=BOB_sect193r1_PUB PeerKey=BOB_sect193r1_PUB
SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
# ECDH Bob with Alice peer # ECDH Bob with Alice peer
Availablein=default
Derive=BOB_sect193r1 Derive=BOB_sect193r1
PeerKey=ALICE_sect193r1_PUB PeerKey=ALICE_sect193r1_PUB
SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47
@ -1039,12 +1043,14 @@ PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB
# ECDH Alice with Bob peer # ECDH Alice with Bob peer
Availablein=default
Derive=ALICE_sect193r2 Derive=ALICE_sect193r2
PeerKey=BOB_sect193r2_PUB PeerKey=BOB_sect193r2_PUB
SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
# ECDH Bob with Alice peer # ECDH Bob with Alice peer
Availablein=default
Derive=BOB_sect193r2 Derive=BOB_sect193r2
PeerKey=ALICE_sect193r2_PUB PeerKey=ALICE_sect193r2_PUB
SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891
@ -1085,12 +1091,14 @@ PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB
# ECDH Alice with Bob peer # ECDH Alice with Bob peer
Availablein=default
Derive=ALICE_sect239k1 Derive=ALICE_sect239k1
PeerKey=BOB_sect239k1_PUB PeerKey=BOB_sect239k1_PUB
SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8
# ECDH Bob with Alice peer # ECDH Bob with Alice peer
Availablein=default
Derive=BOB_sect239k1 Derive=BOB_sect239k1
PeerKey=ALICE_sect239k1_PUB PeerKey=ALICE_sect239k1_PUB
SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8