diff options
author | Neil Horman <nhorman@openssl.org> | 2023-12-20 10:01:17 -0500 |
---|---|---|
committer | Neil Horman <nhorman@openssl.org> | 2024-01-01 13:28:36 -0500 |
commit | 0f973b9a9bbef456f81bfca0f7c27bd5e19e2c40 (patch) | |
tree | 14ff956560942b20306bb16e88dd7176f04c5e42 /test | |
parent | 40346e8377bc65812e8159d831ae137911d6b237 (diff) |
gate calling of evp_method_id on having a non-zero name id
If a name is passed to EVP_<OBJ>_fetch of the form:
name1:name2:name3
The names are parsed on the separator ':' and added to the store, but
during the lookup in inner_evp_generic_fetch, the subsequent search of
the store uses the full name1:name2:name3 string, which fails lookup,
and causes subsequent assertion failures in evp_method_id.
instead catch the failure in inner_evp_generic_fetch and return an error
code if the name_id against a colon separated list of names fails. This
provides a graceful error return path without asserts, and leaves room
for a future feature in which such formatted names can be parsed and
searched for iteratively
Add a simple test to verify that providing a colon separated name
results in an error indicating an invalid lookup.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/23110)
(cherry picked from commit 94be985cbcc1f0a5cf4f172d4a8d06c5c623122b)
Diffstat (limited to 'test')
-rw-r--r-- | test/evp_extra_test2.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/test/evp_extra_test2.c b/test/evp_extra_test2.c index a06bd69794..32ca15bc9a 100644 --- a/test/evp_extra_test2.c +++ b/test/evp_extra_test2.c @@ -1326,6 +1326,24 @@ err: } #endif +/* + * Currently, EVP_<OBJ>_fetch doesn't support + * colon separated alternative names for lookup + * so add a test here to ensure that when one is provided + * libcrypto returns an error + */ +static int evp_test_name_parsing(void) +{ + EVP_MD *md; + + if (!TEST_ptr_null(md = EVP_MD_fetch(mainctx, "SHA256:BogusName", NULL))) { + EVP_MD_free(md); + return 0; + } + + return 1; +} + int setup_tests(void) { if (!test_get_libctx(&mainctx, &nullprov, NULL, NULL, NULL)) { @@ -1334,6 +1352,7 @@ int setup_tests(void) return 0; } + ADD_TEST(evp_test_name_parsing); ADD_TEST(test_alternative_default); ADD_ALL_TESTS(test_d2i_AutoPrivateKey_ex, OSSL_NELEM(keydata)); #ifndef OPENSSL_NO_EC |