From 45e72d1f279fc56045459839407ae44e806414f0 Mon Sep 17 00:00:00 2001
From: Pauli <pauli@openssl.org>
Date: Thu, 22 Apr 2021 10:21:30 +1000
Subject: [PATCH] test: separate some DES based tests out to permit a no-des
 build to work

One of the KDFs and one of the MACs use DES as an underlying algorithm in some
tests.  Separate these out into their own files which are conditionally excluded.

Fixes #14958

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14975)
---
 test/recipes/30-test_evp.t                    |  5 ++++
 test/recipes/30-test_evp_data/evpkdf_x942.txt | 18 ------------
 .../30-test_evp_data/evpkdf_x942_des.txt      | 26 +++++++++++++++++
 .../30-test_evp_data/evpmac_cmac_des.txt      | 28 +++++++++++++++++++
 .../30-test_evp_data/evpmac_common.txt        | 12 --------
 5 files changed, 59 insertions(+), 30 deletions(-)
 create mode 100644 test/recipes/30-test_evp_data/evpkdf_x942_des.txt
 create mode 100644 test/recipes/30-test_evp_data/evpmac_cmac_des.txt

diff --git a/test/recipes/30-test_evp.t b/test/recipes/30-test_evp.t
index 2cb25478d71..8a5c26629ce 100644
--- a/test/recipes/30-test_evp.t
+++ b/test/recipes/30-test_evp.t
@@ -22,6 +22,7 @@ use lib bldtop_dir('.');
 
 my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 my $no_legacy = disabled('legacy') || ($ENV{NO_LEGACY} // 0);
+my $no_des = disabled("des");
 my $no_dh = disabled("dh");
 my $no_dsa = disabled("dsa");
 my $no_ec = disabled("ec");
@@ -60,6 +61,10 @@ push @files, qw(
                 evppkey_ffdhe.txt
                 evppkey_dh.txt
                ) unless $no_dh;
+push @files, qw(
+                evpkdf_x942_des.txt
+                evpmac_cmac_des.txt
+               ) unless $no_des;
 push @files, qw(evppkey_dsa.txt) unless $no_dsa;
 push @files, qw(evppkey_ecx.txt) unless $no_ec;
 push @files, qw(
diff --git a/test/recipes/30-test_evp_data/evpkdf_x942.txt b/test/recipes/30-test_evp_data/evpkdf_x942.txt
index 34d43297350..dd53d120f6b 100644
--- a/test/recipes/30-test_evp_data/evpkdf_x942.txt
+++ b/test/recipes/30-test_evp_data/evpkdf_x942.txt
@@ -11,15 +11,6 @@
 #       PrivPubKeyPair Sign Verify VerifyRecover
 # and continue until a blank line. Lines starting with a pound sign are ignored.
 
-Title = X9.42 KDF tests (from RFC2631 test vectors)
-
-Availablein = default
-KDF = X942KDF-ASN1
-Ctrl.digest = digest:SHA1
-Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
-Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
-Output = a09661392376f7044d9052a397883246b67f5f1ef63eb5fb
-
 Title = X9.42 KDF tests (RFC3565 2.3.2 Examples)
 
 KDF = X942KDF
@@ -86,15 +77,6 @@ Output = 2c5c1f028c6d1fc9ba752e41fdb9edb2ea936f1b2449f214acd56d31
 
 Title = X9.42 KDF tests (ACVP test vectors)
 
-Availablein = default
-KDF = X942KDF-ASN1
-Ctrl.digest = digest:SHA256
-Ctrl.hexsecret = hexsecret:6B
-Ctrl.use-keybits = use-keybits:0
-Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
-Ctrl.hexacvp-info = hexacvp-info:a020299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BCa12080D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759Aa2203C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6Aa320FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC
-Output = A7758EC5DA5373C736F1E4CF18A4B6349B23ED86227234185B44638C69EBB222
-
 KDF = X942KDF-ASN1
 Ctrl.digest = digest:SHA256
 Ctrl.hexsecret = hexsecret:6B
diff --git a/test/recipes/30-test_evp_data/evpkdf_x942_des.txt b/test/recipes/30-test_evp_data/evpkdf_x942_des.txt
new file mode 100644
index 00000000000..89caaa2e5be
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpkdf_x942_des.txt
@@ -0,0 +1,26 @@
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+
+Title = X9.42 KDF tests (from RFC2631 test vectors)
+
+Availablein = default
+KDF = X942KDF-ASN1
+Ctrl.digest = digest:SHA1
+Ctrl.hexsecret = hexsecret:000102030405060708090a0b0c0d0e0f10111213
+Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
+Output = a09661392376f7044d9052a397883246b67f5f1ef63eb5fb
+
+Title = X9.42 KDF tests (ACVP test vectors)
+
+Availablein = default
+KDF = X942KDF-ASN1
+Ctrl.digest = digest:SHA256
+Ctrl.hexsecret = hexsecret:6B
+Ctrl.use-keybits = use-keybits:0
+Ctrl.cekalg = cekalg:id-smime-alg-CMS3DESwrap
+Ctrl.hexacvp-info = hexacvp-info:a020299D468D60BC6A257E0B6523D691A3FC1602453B35F308C762FBBAC6069A88BCa12080D49BFE5BE01C7D56489AB017663C22B8CBB34C3174D1D71F00CB7505AC759Aa2203C21A5EA5988562C007986E0503D039E7231D9F152FE72A231A1FD98C59BCA6Aa320FD47477542989B51E4A0845DFABD6EEAA465F69B3D75349B2520051782C7F3FC
+Output = A7758EC5DA5373C736F1E4CF18A4B6349B23ED86227234185B44638C69EBB222
diff --git a/test/recipes/30-test_evp_data/evpmac_cmac_des.txt b/test/recipes/30-test_evp_data/evpmac_cmac_des.txt
new file mode 100644
index 00000000000..cf42927e11d
--- /dev/null
+++ b/test/recipes/30-test_evp_data/evpmac_cmac_des.txt
@@ -0,0 +1,28 @@
+#
+# Copyright 2001-2021 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Tests start with one of these keywords
+#       Cipher Decrypt Derive Digest Encoding KDF MAC PBE
+#       PrivPubKeyPair Sign Verify VerifyRecover
+# and continue until a blank line. Lines starting with a pound sign are ignored.
+# The keyword Availablein must appear before the test name if needed.
+
+Title = CMAC tests (from FIPS module)
+
+MAC = CMAC
+Algorithm = DES-EDE3-CBC
+Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
+Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
+Output = 8F49A1B7D6AA2258
+
+MAC = CMAC by EVP_PKEY
+Algorithm = DES-EDE3-CBC
+Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
+Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
+Output = 8F49A1B7D6AA2258
+
diff --git a/test/recipes/30-test_evp_data/evpmac_common.txt b/test/recipes/30-test_evp_data/evpmac_common.txt
index 7ddecefc2a8..411ce40beff 100644
--- a/test/recipes/30-test_evp_data/evpmac_common.txt
+++ b/test/recipes/30-test_evp_data/evpmac_common.txt
@@ -236,18 +236,6 @@ Key = 0B122AC8F34ED1FE082A3625D157561454167AC145A10BBF77C6A70596D574F1
 Input = 498B53FDEC87EDCBF07097DCCDE93A084BAD7501A224E388DF349CE18959FE8485F8AD1537F0D896EA73BEDC7214713F
 Output = F62C46329B41085625669BAF51DEA66A
 
-MAC = CMAC
-Algorithm = DES-EDE3-CBC
-Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
-Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
-Output = 8F49A1B7D6AA2258
-
-MAC = CMAC by EVP_PKEY
-Algorithm = DES-EDE3-CBC
-Key = 89BCD952A8C8AB371AF48AC7D07085D5EFF702E6D62CDC23
-Input = FA620C1BBE97319E9A0CF0492121F7A20EB08A6A709DCBD00AAF38E4F99E754E
-Output = 8F49A1B7D6AA2258
-
 Title = GMAC Tests (from NIST)
 
 MAC = GMAC
-- 
2.47.2