diff options
| author | Richard Levitte <levitte@openssl.org> | 2020-10-04 16:34:31 +0200 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-11-18 23:38:34 +0100 |
| commit | d7e498ac55f12bc2f4e7f948cbb8de2e3eeafc74 (patch) | |
| tree | 755ca6bcbcd3b85d0371713d754b26f4a9d70250 /test | |
| parent | b24d6c335d3beb431f8f9847623d4db39ae1f96b (diff) | |
Deprecate RSA harder
This deprecates all functions that deal with the types RSA and RSA_METHOD
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13096)
Diffstat (limited to 'test')
| -rw-r--r-- | test/endecoder_legacy_test.c | 6 | ||||
| -rw-r--r-- | test/evp_extra_test.c | 73 | ||||
| -rw-r--r-- | test/keymgmt_internal_test.c | 6 | ||||
| -rw-r--r-- | test/rsa_sp800_56b_test.c | 7 |
4 files changed, 57 insertions, 35 deletions
diff --git a/test/endecoder_legacy_test.c b/test/endecoder_legacy_test.c index 1bdbda79fa..6fd7b356cd 100644 --- a/test/endecoder_legacy_test.c +++ b/test/endecoder_legacy_test.c @@ -35,6 +35,12 @@ #include <stdlib.h> #include <string.h> + +/* + * We test deprecated functions, so we need to suppress deprecation warnings. + */ +#define OPENSSL_SUPPRESS_DEPRECATED + #include <openssl/bio.h> #include <openssl/evp.h> #include <openssl/asn1.h> diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index e0f6af1f06..e2f78f1496 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -18,16 +18,17 @@ #include <openssl/crypto.h> #include <openssl/err.h> #include <openssl/evp.h> -#include <openssl/rsa.h> #include <openssl/x509.h> #include <openssl/pem.h> #include <openssl/kdf.h> #include <openssl/provider.h> #include <openssl/core_names.h> #include <openssl/params.h> +#include <openssl/param_build.h> #include <openssl/dsa.h> #include <openssl/dh.h> #include <openssl/aes.h> +#include <openssl/decoder.h> #include "testutil.h" #include "internal/nelem.h" #include "internal/sizes.h" @@ -410,28 +411,25 @@ static APK_DATA keycheckdata[] = { #endif }; -static EVP_PKEY *load_example_rsa_key(void) +static EVP_PKEY *load_example_key(const char *keytype, + const unsigned char *data, size_t data_len) { - EVP_PKEY *ret = NULL; - const unsigned char *derp = kExampleRSAKeyDER; + const unsigned char **pdata = &data; EVP_PKEY *pkey = NULL; - RSA *rsa = NULL; - - if (!TEST_true(d2i_RSAPrivateKey(&rsa, &derp, sizeof(kExampleRSAKeyDER)))) - return NULL; - - if (!TEST_ptr(pkey = EVP_PKEY_new()) - || !TEST_true(EVP_PKEY_set1_RSA(pkey, rsa))) - goto end; + OSSL_DECODER_CTX *dctx = + OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, "DER", NULL, keytype, 0, + testctx, NULL); - ret = pkey; - pkey = NULL; - -end: - EVP_PKEY_free(pkey); - RSA_free(rsa); + /* |pkey| will be NULL on error */ + (void)OSSL_DECODER_from_data(dctx, pdata, &data_len); + OSSL_DECODER_CTX_free(dctx); + return pkey; +} - return ret; +static EVP_PKEY *load_example_rsa_key(void) +{ + return load_example_key("RSA", kExampleRSAKeyDER, + sizeof(kExampleRSAKeyDER)); } #ifndef OPENSSL_NO_DSA @@ -1690,8 +1688,10 @@ static int test_DSA_get_set_params(void) static int test_RSA_get_set_params(void) { - RSA *rsa = NULL; + OSSL_PARAM_BLD *bld = NULL; + OSSL_PARAM *params = NULL; BIGNUM *n = NULL, *e = NULL, *d = NULL; + EVP_PKEY_CTX *pctx = NULL; EVP_PKEY *pkey = NULL; int ret = 0; @@ -1699,30 +1699,33 @@ static int test_RSA_get_set_params(void) * Setup the parameters for our RSA object. For our purposes they don't * have to actually be *valid* parameters. We just need to set something. */ - rsa = RSA_new(); - n = BN_new(); - e = BN_new(); - d = BN_new(); - if (!TEST_ptr(rsa) - || !TEST_ptr(n) - || !TEST_ptr(e) - || !TEST_ptr(d) - || !RSA_set0_key(rsa, n, e, d)) + if (!TEST_ptr(pctx = EVP_PKEY_CTX_new_from_name(testctx, "RSA", NULL)) + || !TEST_ptr(bld = OSSL_PARAM_BLD_new()) + || !TEST_ptr(n = BN_new()) + || !TEST_ptr(e = BN_new()) + || !TEST_ptr(d = BN_new())) + goto err; + if (!TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_N, n)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_E, e)) + || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_RSA_D, d))) + goto err; + if (!TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) goto err; - n = e = d = NULL; - pkey = EVP_PKEY_new(); - if (!TEST_ptr(pkey) - || !TEST_true(EVP_PKEY_assign_RSA(pkey, rsa))) + if (!TEST_int_gt(EVP_PKEY_key_fromdata_init(pctx), 0) + || !TEST_int_gt(EVP_PKEY_fromdata(pctx, &pkey, params), 0)) goto err; - rsa = NULL; + if (!TEST_ptr(pkey)) + goto err; ret = test_EVP_PKEY_CTX_get_set_params(pkey); err: EVP_PKEY_free(pkey); - RSA_free(rsa); + EVP_PKEY_CTX_free(pctx); + OSSL_PARAM_BLD_free_params(params); + OSSL_PARAM_BLD_free(bld); BN_free(n); BN_free(e); BN_free(d); diff --git a/test/keymgmt_internal_test.c b/test/keymgmt_internal_test.c index 596019d294..77414dbc27 100644 --- a/test/keymgmt_internal_test.c +++ b/test/keymgmt_internal_test.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * RSA low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <string.h> #include <openssl/bio.h> diff --git a/test/rsa_sp800_56b_test.c b/test/rsa_sp800_56b_test.c index 72451b37ca..94369ce701 100644 --- a/test/rsa_sp800_56b_test.c +++ b/test/rsa_sp800_56b_test.c @@ -7,6 +7,12 @@ * https://www.openssl.org/source/license.html */ +/* + * RSA low level APIs are deprecated for public use, but still ok for + * internal use. + */ +#include "internal/deprecated.h" + #include <stdio.h> #include <string.h> @@ -215,6 +221,7 @@ static int test_check_prime_factor(void) return ret; } +/* This test uses legacy functions because they can take invalid numbers */ static int test_check_private_exponent(void) { int ret = 0; |