From: Benjamin Kaduk Date: Thu, 9 Jul 2020 21:29:33 +0000 (-0700) Subject: Avoid deprecated API in evp_test.c X-Git-Tag: openssl-3.0.0-alpha7~583 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=bdc0df8ab5f3096aafd54d170c85887366920c4b;p=thirdparty%2Fopenssl.git Avoid deprecated API in evp_test.c Use EVP_CIPHER_CTX_get_iv_state() in cipher_test_enc() rather than the deprecated EVP_CIPHER_CTX_iv(). [extended tests] Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12233) --- diff --git a/test/evp_test.c b/test/evp_test.c index f384a8d863c..b980abc9440 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -760,12 +760,16 @@ static int cipher_test_enc(EVP_TEST *t, int enc, } /* Check that we get the same IV back */ - if (expected->iv != NULL - && (EVP_CIPHER_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0 - && !TEST_mem_eq(expected->iv, expected->iv_len, - EVP_CIPHER_CTX_iv(ctx_base), expected->iv_len)) { - t->err = "INVALID_IV"; - goto err; + if (expected->iv != NULL) { + /* Some (e.g., GCM) tests use IVs longer than EVP_MAX_IV_LENGTH. */ + unsigned char iv[128]; + if (!TEST_true(EVP_CIPHER_CTX_get_iv_state(ctx_base, iv, sizeof(iv))) + || ((EVP_CIPHER_flags(expected->cipher) & EVP_CIPH_CUSTOM_IV) == 0 + && !TEST_mem_eq(expected->iv, expected->iv_len, iv, + expected->iv_len))) { + t->err = "INVALID_IV"; + goto err; + } } /* Test that the cipher dup functions correctly if it is supported */