mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-03-01 19:28:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Don't abuse the API when that's not what is tested

Browse Source 
test_EVP_PKEY_CTX_get_set_params() in test/evp_extra_test.c abused
previously sloppy checking in EVP_PKEY_sign_init_ex(), by passing a
"key to sign with" that was really just domain parameters.

Now that underlying provider import of key payload has become a bit
more strict, that leads to errors, so we need to provide at least a
public part (even though fake), and because this is a signing
operation, a private part as well.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10169)
This commit is contained in:
Richard Levitte 2019-10-15 11:35:09 +02:00
parent 13aa5d2960
commit cd32a0f589
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
test/evp_extra_test.c
View File

@ -1201,7 +1201,7 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
const OSSL_PARAM *params;
OSSL_PARAM ourparams[2], *param = ourparams;
DSA *dsa = NULL;
BIGNUM *p = NULL, *q = NULL, *g = NULL;
BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub = NULL, *priv = NULL;
EVP_PKEY *pkey = NULL;
int ret = 0;
const EVP_MD *md;
@ -1209,21 +1209,24 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
char ssl3ms[48];
/*
* Setup the parameters for our DSA object. For our purposes they don't have
* to actually be *valid* parameters. We just need to set something. We
* don't even need a pub_key/priv_key.
* Setup the parameters for our DSA object. For our purposes they don't
* have to actually be *valid* parameters. We just need to set something.
*/
dsa = DSA_new();
p = BN_new();
q = BN_new();
g = BN_new();
pub = BN_new();
priv = BN_new();
if (!TEST_ptr(dsa)
|| !TEST_ptr(p)
|| !TEST_ptr(q)
|| !TEST_ptr(g)
|| !DSA_set0_pqg(dsa, p, q, g))
|| !TEST_ptr(pub)
|| !DSA_set0_pqg(dsa, p, q, g)
|| !DSA_set0_key(dsa, pub, priv))
goto err;
p = q = g = NULL;
p = q = g = pub = priv = NULL;
pkey = EVP_PKEY_new();
if (!TEST_ptr(pkey)
@ -1331,6 +1334,8 @@ static int test_EVP_PKEY_CTX_get_set_params(void)
BN_free(p);
BN_free(q);
BN_free(g);
BN_free(pub);
BN_free(priv);
return ret;
}