From: slontis Date: Tue, 15 Jul 2025 04:28:14 +0000 (+1000) Subject: evp_test Fix tests that were always skipped X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e1e04709de4241c639df8e60ffb93b43ba15e21e;p=thirdparty%2Fopenssl.git evp_test Fix tests that were always skipped The "Verify-Message" type looks for private keys only, which meant anything using a public key got skipped. Changed the entries to "Verify-Message-Public" which tries the public key first. This uncovered one test that needed to be removed since ECDSA-MD5 is not a valid fetchable algorithm (in any OpenSSL provider). Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale Reviewed-by: Neil Horman (Merged from https://github.com/openssl/openssl/pull/28040) --- diff --git a/test/recipes/30-test_evp_data/evppkey_ecdsa_sigalg.txt b/test/recipes/30-test_evp_data/evppkey_ecdsa_sigalg.txt index 7c339c272b3..5faaca452ff 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecdsa_sigalg.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecdsa_sigalg.txt @@ -92,7 +92,7 @@ Output = 3045022100b1d1cb1a577035bccdd5a86c6148c2cc7c633cd42b7234139b593076d041e Title = Sign-Message and Verify-Message FIPSversion = >=3.4.0 -Verify-Message = ECDSA-SHA256:P-256-PUBLIC +Verify-Message-Public = ECDSA-SHA256:P-256-PUBLIC Input = "Hello World" Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 @@ -104,13 +104,13 @@ twD8guGxyFRaoMDTtW47/nifwYqRaIfC -----END PUBLIC KEY----- FIPSversion = >=3.4.0 -Verify-Message = ECDSA-SHA384:P-384-PUBLIC +Verify-Message-Public = ECDSA-SHA384:P-384-PUBLIC Input = "123400" Output = 304d0218389cb27e0bc8d21fa7e5f24cb74f58851313e696333ad68b023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52970 # Oneshot tests FIPSversion = >=3.4.0 -Verify-Message = ECDSA-SHA256:P-256-PUBLIC +Verify-Message-Public = ECDSA-SHA256:P-256-PUBLIC Input = "Hello World" Output = 3046022100e7515177ec3817b77a4a94066ab3070817b7aa9d44a8a09f040da250116e8972022100ba59b0f631258e59a9026be5d84f60685f4cf22b9165a0c2736d5c21c8ec1862 @@ -220,13 +220,6 @@ Securitycheck = 1 Input = "0123456789ABCDEF1234" Result = KEYOP_INIT_ERROR -# Invalid non-approved digest -Availablein = fips -FIPSversion = >=3.4.0 -Verify-Message = ECDSA-MD5:P-256-PUBLIC -Securitycheck = 1 -Result = KEYOP_INIT_ERROR - Title = FIPS Indicator tests # Check that the indicator callback is triggered # We check for signature mismatch since the signature is unique diff --git a/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt b/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt index 88a839948c6..ca959d01c61 100644 --- a/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt +++ b/test/recipes/30-test_evp_data/evppkey_ecx_sigalg.txt @@ -115,20 +115,20 @@ Output = dc2a4459e7369633a52b1bf277839a00201009a3efbf3ecb69bea2186c26b58909351fc # Verify test FIPSversion = >=3.4.0 -Verify-Message = ED25519:ED25519-1-PUBLIC +Verify-Message-Public = ED25519:ED25519-1-PUBLIC Input = "" Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b # Corrupted input FIPSversion = >=3.4.0 -Verify-Message = ED25519:ED25519-1-PUBLIC +Verify-Message-Public = ED25519:ED25519-1-PUBLIC Input = "bad" Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b Result = VERIFY_ERROR # Corrupted signature FIPSversion = >=3.4.0 -Verify-Message = ED25519:ED25519-1-PUBLIC +Verify-Message-Public = ED25519:ED25519-1-PUBLIC Input = "" Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100c Result = VERIFY_ERROR @@ -144,14 +144,14 @@ Input = "" Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b FIPSversion = >=3.4.0 -Verify-Message = ED25519:ED25519-1-PUBLIC-Raw +Verify-Message-Public = ED25519:ED25519-1-PUBLIC-Raw Input = "" Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b #Signature maleability test. #Same as the verify operation above but with the order added to s FIPSversion = >=3.4.0 -Verify-Message = ED25519:ED25519-1-PUBLIC-Raw +Verify-Message-Public = ED25519:ED25519-1-PUBLIC-Raw Input = "" Output = e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901554c8c7872aa064e049dbb3013fbf29380d25bf5f0595bbe24655141438e7a101b Result = VERIFY_ERROR @@ -325,20 +325,20 @@ Output = e301345a41a39a4d72fff8df69c98075a0cc082b802fc9b2b6bc503f926b65bddf7f4c8 # Verify test FIPSversion = >=3.4.0 -Verify-Message = ED448:ED448-1-PUBLIC +Verify-Message-Public = ED448:ED448-1-PUBLIC Input = "" Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 # Corrupted input FIPSversion = >=3.4.0 -Verify-Message = ED448:ED448-1-PUBLIC +Verify-Message-Public = ED448:ED448-1-PUBLIC Input = "bad" Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 Result = VERIFY_ERROR # Corrupted signature FIPSversion = >=3.4.0 -Verify-Message = ED448:ED448-1-PUBLIC +Verify-Message-Public = ED448:ED448-1-PUBLIC Input = "" Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652601 Result = VERIFY_ERROR @@ -350,14 +350,14 @@ Input = "" Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 FIPSversion = >=3.4.0 -Verify-Message = ED448:ED448-1-PUBLIC-Raw +Verify-Message-Public = ED448:ED448-1-PUBLIC-Raw Input = "" Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980ff0d2028d4b18a9df63e006c5d1c2d345b925d8dc00b4104852db99ac5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e652600 #Signature malelability test. #Same as the verify operation above but with the order added to s FIPSversion = >=3.4.0 -Verify-Message = ED448:ED448-1-PUBLIC-Raw +Verify-Message-Public = ED448:ED448-1-PUBLIC-Raw Input = "" Output = 533a37f6bbe457251f023c0d88f976ae2dfb504a843e34d2074fd823d41a591f2b233f034f628281f2fd7a22ddd47d7828c59bd0a21bfd3980f25278d3667403c14bcec5f9cfde9955ebc8333c0ae78fc86e518317c5c7cdda8530a113a0f4dbb61149f05a7363268c71d95808ff2e656600 Result = VERIFY_ERROR