Additional error tests in evp_test.c

Support checking for errors during test initialisation and parsing. Add errors and tests for key operation initalisation and ctrl errors. Reviewed-by: N Rich Salz <rsalz@openssl.org>

Additional error tests in evp_test.c
Support checking for errors during test initialisation and parsing. Add errors and tests for key operation initalisation and ctrl errors. Reviewed-by: N Rich Salz <rsalz@openssl.org>
cce65266 · Dr. Stephen Henson · c922ebe2 · cce65266 · cce65266
隐藏空白更改
内联并排

Showing with 33 addition and 6 deletion

test/evp_test.c test/evp_test.c +16 -6

test/evptests.txt test/evptests.txt +17 -0

未找到文件。
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -354,8 +354,7 @@ static int setup_test(struct evp_test *t, const struct evp_test_method *tmeth)
            t->nskip++;
        } else {
            /* run the test */
-            t->err = NULL;
-            if (t->meth->run_test(t) != 1) {
+            if (t->err == NULL && t->meth->run_test(t) != 1) {
                fprintf(stderr, "%s test error line %d\n",
                        t->meth->name, t->start_line);
                return 0;
@@ -567,6 +566,7 @@ int main(int argc, char **argv)
        return 1;
    }
    t.in = in;
+    t.err = NULL;
    while (BIO_gets(in, buf, sizeof(buf))) {
        t.line++;
        if (!process_test(&t, buf, 0))
@@ -1234,7 +1234,7 @@ static int pkey_test_init(struct evp_test *t, const char *name,
    if (!kdata->ctx)
        return 0;
    if (keyopinit(kdata->ctx) <= 0)
-        return 0;
+        t->err = "KEYOP_INIT_ERROR";
    return 1;
 }

@@ -1260,11 +1260,21 @@ static int pkey_test_ctrl(struct evp_test *t, EVP_PKEY_CTX *pctx,
    if (p != NULL)
        *p++ = 0;
    rv = EVP_PKEY_CTX_ctrl_str(pctx, tmpval, p);
-    if (p != NULL && rv <= 0 && rv != -2) {
-        /* If p has an OID assume disabled algorithm */
-        if (OBJ_sn2nid(p) != NID_undef || OBJ_ln2nid(p) != NID_undef) {
+    if (rv == -2) {
+        t->err = "PKEY_CTRL_INVALID";
+        rv = 1;
+    } else if (p != NULL && rv <= 0) {
+        /* If p has an OID and lookup fails assume disabled algorithm */
+        int nid = OBJ_sn2nid(p);
+        if (nid == NID_undef)
+             nid = OBJ_ln2nid(p);
+        if ((nid != NID_undef) && EVP_get_digestbynid(nid) == NULL &&
+            EVP_get_cipherbynid(nid) == NULL) {
            t->skip = 1;
            rv = 1;
+        } else {
+            t->err = "PKEY_CTRL_ERROR";
+            rv = 1;
        }
    }
    OPENSSL_free(tmpval);

--- a/test/evptests.txt
+++ b/test/evptests.txt
@@ -2770,6 +2770,15 @@ Ctrl = digest:SHA1
 Input = "0123456789ABCDEF1234"
 Output = c09d402423cbf233d26cae21f954547bc43fe80fd41360a0336cfdbe9aedad05bef6fd2eaee6cd60089a52482d4809a238149520df3bdde4cb9e23d9307b05c0a6f327052325a29adf2cc95b66523be7024e2a585c3d4db15dfbe146efe0ecdc0402e33fe5d40324ee96c5c3edd374a15cdc0f5d84aa243c0f07e188c6518fbfceae158a9943be398e31097da81b62074f626eff738be6160741d5a26957a482b3251fd85d8df78b98148459de10aa93305dbb4a5230aa1da291a9b0e481918f99b7638d72bb687f97661d304ae145d64a474437a4ef39d7b8059332ddeb07e92bf6e0e3acaf8afedc93795e4511737ec1e7aab6d5bc9466afc950c1c17b48ad

+# Illegal RSA key derivation
+Derive = RSA-2048
+Result = KEYOP_INIT_ERROR
+
+# Invalid ctrl
+Sign = RSA-2048
+Ctrl = rsa_mgf1_md:sha1
+Result = PKEY_CTRL_INVALID
+
 # EC tests

 Verify = P-256
@@ -3694,3 +3703,11 @@ SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
 Derive=Bob-25519
 PeerKey=Alice-25519-PUBLIC
 SharedSecret=4A5D9D5BA4CE2DE1728E3BF480350F25E07E21C947D19E3376F09B3C1E161742
+
+# Illegal sign/verify operations with X25519 key
+
+Sign=Alice-25519
+Result = KEYOP_INIT_ERROR
+
+Verify=Alice-25519
+Result = KEYOP_INIT_ERROR