From: Norbert Pocs <norbertp@openssl.org>
Date: Tue, 17 Jun 2025 10:43:12 +0000 (+0200)
Subject: Deprecate ASN1_METH related tests
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3a90d5f83cbcc151a04b994856fc22c85b52d8f3;p=thirdparty%2Fopenssl.git

Deprecate ASN1_METH related tests

ASN1 tests had to be turned off, but the biggest change is the
ssl_test_ctx, where the NID resolution does not equal to the old one and
a little hack had to be used to make the test work.

Signed-off-by: Norbert Pocs <norbertp@openssl.org>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27727)
---

diff --git a/test/helpers/ssl_test_ctx.c b/test/helpers/ssl_test_ctx.c
index ec2c7885ba7..e5fc064ce5b 100644
--- a/test/helpers/ssl_test_ctx.c
+++ b/test/helpers/ssl_test_ctx.c
@@ -7,6 +7,11 @@
  * https://www.openssl.org/source/license.html
  */
 
+/*
+ * Because of *asn1_*
+ */
+#define OPENSSL_SUPPRESS_DEPRECATED
+
 #include <string.h>
 
 #include <openssl/e_os2.h>
@@ -519,17 +524,40 @@ const char *ssl_max_fragment_len_name(int MFL_mode)
 __owur static int parse_expected_key_type(int *ptype, const char *value)
 {
     int nid;
+#ifndef OPENSSL_NO_DEPRECATED_3_6
     const EVP_PKEY_ASN1_METHOD *ameth;
+#endif
 
     if (value == NULL)
         return 0;
+#ifndef OPENSSL_NO_DEPRECATED_3_6
     ameth = EVP_PKEY_asn1_find_str(NULL, value, -1);
     if (ameth != NULL)
         EVP_PKEY_asn1_get0_info(&nid, NULL, NULL, NULL, NULL, ameth);
     else
         nid = OBJ_sn2nid(value);
-    if (nid == NID_undef)
+#else
+    /*
+     * These functions map the values differently than
+     * EVP_PKEY_asn1_find_str (which was used before) so use this hack
+     * to make it work
+     */
+    if (strcmp("RSA", value) == 0) {
+        nid = OBJ_ln2nid("rsaEncryption");
+    } else if (strcmp("RSA-PSS", value) == 0) {
+        nid = OBJ_ln2nid("rsassaPss");
+    } else if (strcmp("Ed448", value) == 0) {
+        nid = OBJ_sn2nid("ED448");
+    } else if (strcmp("Ed25519", value) == 0) {
+        nid = OBJ_sn2nid("ED25519");
+    } else if (strcmp("EC", value) == 0) {
+        nid = OBJ_sn2nid("id-ecPublicKey");
+    } else {
         nid = OBJ_ln2nid(value);
+    }
+#endif
+    if (nid == NID_undef)
+        nid = OBJ_sn2nid(value);
 #ifndef OPENSSL_NO_EC
     if (nid == NID_undef)
         nid = EC_curve_nist2nid(value);
diff --git a/test/pkey_meth_test.c b/test/pkey_meth_test.c
index d3c6c796843..89712cbccc4 100644
--- a/test/pkey_meth_test.c
+++ b/test/pkey_meth_test.c
@@ -9,7 +9,9 @@
 
 /* Internal tests for EVP_PKEY method ordering */
 
-/* We need to use some deprecated APIs */
+/*
+ * Because of *asn1_*
+ */
 #define OPENSSL_SUPPRESS_DEPRECATED
 
 #include <stdio.h>
@@ -18,6 +20,7 @@
 #include <openssl/evp.h>
 #include "testutil.h"
 
+#ifndef OPENSSL_NO_DEPRECATED_3_6
 /* Test of EVP_PKEY_ASN1_METHOD ordering */
 static int test_asn1_meths(void)
 {
@@ -49,6 +52,7 @@ static int test_asn1_meths(void)
     }
     return good;
 }
+#endif
 
 #ifndef OPENSSL_NO_DEPRECATED_3_0
 /* Test of EVP_PKEY_METHOD ordering */
@@ -82,7 +86,9 @@ static int test_pkey_meths(void)
 
 int setup_tests(void)
 {
+#ifndef OPENSSL_NO_DEPRECATED_3_6
     ADD_TEST(test_asn1_meths);
+#endif
 #ifndef OPENSSL_NO_DEPRECATED_3_0
     ADD_TEST(test_pkey_meths);
 #endif