From: Matt Caswell <matt@openssl.org>
Date: Tue, 6 Dec 2022 15:12:59 +0000 (+0000)
Subject: Add a CMS test for a bad encryption algorithm
X-Git-Tag: openssl-3.2.0-alpha1~1567
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5a8fcd27bb1be7db7945adb77125015553efdbdd;p=thirdparty%2Fopenssl.git

Add a CMS test for a bad encryption algorithm

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19918)
---

diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t
index 5d755c989d7..bef6577d449 100644
--- a/test/recipes/80-test_cms.t
+++ b/test/recipes/80-test_cms.t
@@ -50,7 +50,7 @@ my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
 
 $no_rc2 = 1 if disabled("legacy");
 
-plan tests => 16;
+plan tests => 17;
 
 ok(run(test(["pkcs7_test"])), "test pkcs7");
 
@@ -887,6 +887,24 @@ subtest "CMS Check that bad attributes fail when verifying signers\n" => sub {
     }
 };
 
+subtest "CMS Check that bad encryption algorithm fails\n" => sub {
+    plan tests => 1;
+
+    SKIP: {
+        skip "DES or Legacy isn't supported in this build", 1
+            if disabled("des") || disabled("legacy");
+
+        my $out = "smtst.txt";
+
+        ok(!run(app(["openssl", "cms", @legacyprov, "-encrypt",
+                    "-in", $smcont,
+                    "-stream", "-recip", $smrsa1,
+                    "-des-ede3",
+                    "-out", $out ])),
+           "Decrypt message from OpenSSL 1.1.1");
+    }
+};
+
 subtest "CMS Decrypt message encrypted with OpenSSL 1.1.1\n" => sub {
     plan tests => 1;