diff options
author | Richard Levitte <levitte@openssl.org> | 2021-04-23 15:52:02 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2021-04-23 20:22:49 +0200 |
commit | a70936a8453a307992820f2a9d3e252f6c4f9ad6 (patch) | |
tree | 03bb388e2b609507cdf1b20a2af7a5b1a6941f4d /test | |
parent | 3d80b5e611f112fd004a4320cb5ecce93c73b7d4 (diff) |
TEST: correct test/recipes/30-test_evp_data/evppkey_ecdh.txt
Some keys with groups that aren't supported by FIPS were still used
for Derive stanzas, even when testing with the FIPS provider.
This was due to the flaw in evp_keymgmt_util_try_import() that meant
that even though the key was invalid for FIPS, it could still come
through, because the imported keydata wasn't cleared on import error.
With that flaw corrected, these few Derive stanzas start failing.
We mitigate this by making of "offending" Derive stanzas only
available with the default provider.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/15008)
Diffstat (limited to 'test')
-rw-r--r-- | test/recipes/30-test_evp_data/evppkey_ecdh.txt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/test/recipes/30-test_evp_data/evppkey_ecdh.txt b/test/recipes/30-test_evp_data/evppkey_ecdh.txt index 9d3ef6c292..d50b2d166e 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecdh.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecdh.txt @@ -947,12 +947,14 @@ PrivPubKeyPair = BOB_sect163r1:BOB_sect163r1_PUB # ECDH Alice with Bob peer +Availablein=default Derive=ALICE_sect163r1 PeerKey=BOB_sect163r1_PUB SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 # ECDH Bob with Alice peer +Availablein=default Derive=BOB_sect163r1 PeerKey=ALICE_sect163r1_PUB SharedSecret=02355c765bbc07fcc44bb1496e490912f6df56e6d4 @@ -993,12 +995,14 @@ PrivPubKeyPair = BOB_sect193r1:BOB_sect193r1_PUB # ECDH Alice with Bob peer +Availablein=default Derive=ALICE_sect193r1 PeerKey=BOB_sect193r1_PUB SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 # ECDH Bob with Alice peer +Availablein=default Derive=BOB_sect193r1 PeerKey=ALICE_sect193r1_PUB SharedSecret=00458b4c5ad122de5a377bea0adf1ab87bcb961b24ed764f47 @@ -1039,12 +1043,14 @@ PrivPubKeyPair = BOB_sect193r2:BOB_sect193r2_PUB # ECDH Alice with Bob peer +Availablein=default Derive=ALICE_sect193r2 PeerKey=BOB_sect193r2_PUB SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 # ECDH Bob with Alice peer +Availablein=default Derive=BOB_sect193r2 PeerKey=ALICE_sect193r2_PUB SharedSecret=019d1f316d204a9cd1b9632cebb4accddb204158be3e435891 @@ -1085,12 +1091,14 @@ PrivPubKeyPair = BOB_sect239k1:BOB_sect239k1_PUB # ECDH Alice with Bob peer +Availablein=default Derive=ALICE_sect239k1 PeerKey=BOB_sect239k1_PUB SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 # ECDH Bob with Alice peer +Availablein=default Derive=BOB_sect239k1 PeerKey=ALICE_sect239k1_PUB SharedSecret=4d1c9a8ae73f754d0a593d6e426114f4f67d7c8082ccc4e04a72b0d2aff8 |