add new keytype test for EVP_PKEY_Q_keygen

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25972)
2024-11-23 10:03:32 +08:00 · 2024-11-16 17:12:18 +01:00 · 2024-11-16 17:12:18 +01:00 · 0c64b1ca03
commit 0c64b1ca03
parent 47a80fd203
2 changed files with 54 additions and 1 deletions
--- a/test/build.info
+++ b/test/build.info
@ -209,7 +209,7 @@ IF[{- !$disabled{tests} -}]
  INCLUDE[hpke_test]=../include ../apps/include
  DEPEND[hpke_test]=../libcrypto.a libtestutil.a

-  SOURCE[evp_extra_test2]=evp_extra_test2.c $INITSRC
+  SOURCE[evp_extra_test2]=evp_extra_test2.c $INITSRC tls-provider.c
  INCLUDE[evp_extra_test2]=../include ../apps/include
  DEPEND[evp_extra_test2]=../libcrypto libtestutil.a

--- a/test/evp_extra_test2.c
+++ b/test/evp_extra_test2.c
@ -30,6 +30,12 @@
 #include "crypto/evp.h"
 #include "../crypto/evp/evp_local.h"

+/* Defined in tls-provider.c */
+int tls_provider_init(const OSSL_CORE_HANDLE *handle,
+                      const OSSL_DISPATCH *in,
+                      const OSSL_DISPATCH **out,
+                      void **provctx);
+
 static OSSL_LIB_CTX *mainctx = NULL;
 static OSSL_PROVIDER *nullprov = NULL;

@ -452,6 +458,52 @@ static int test_dh_paramfromdata(void)

 #endif

+/* Test that calling EVP_PKEY_Q_keygen() for a non-standard keytype works as expected */
+static int test_new_keytype(void)
+{
+    int ret = 0;
+    EVP_PKEY *key = NULL;
+    OSSL_PROVIDER *tlsprov = NULL;
+    EVP_PKEY_CTX *ctx = NULL;
+    size_t outlen, secretlen, secretlen2;
+    unsigned char *out = NULL, *secret = NULL, *secret2 = NULL;
+
+    /* without tls-provider key should not be create-able */
+    if (TEST_ptr(key = EVP_PKEY_Q_keygen(mainctx, NULL, "XOR")))
+        goto err;
+    /* prepare & load tls-provider */
+    if (!TEST_true(OSSL_PROVIDER_add_builtin(mainctx, "tls-provider",
+                                             tls_provider_init))
+        || !TEST_ptr(tlsprov = OSSL_PROVIDER_load(mainctx, "tls-provider")))
+        goto err;
+    /* now try creating key again, should work this time */
+    if (!TEST_ptr(key = EVP_PKEY_Q_keygen(mainctx, NULL, "XOR")))
+        goto err;
+    /* now do encaps/decaps to validate all is good */
+    if (!TEST_ptr(ctx = EVP_PKEY_CTX_new(key, NULL))
+        || !TEST_int_eq(EVP_PKEY_encapsulate_init(ctx, NULL), 1)
+        || !TEST_int_eq(EVP_PKEY_encapsulate(ctx, NULL, &outlen, NULL, &secretlen), 1))
+        goto err;
+    out = OPENSSL_malloc(outlen);
+    secret = OPENSSL_malloc(secretlen);
+    secret2 = OPENSSL_malloc(secretlen);
+    if (out == NULL || secret == NULL || secret2 == NULL
+        || !TEST_int_eq(EVP_PKEY_encapsulate(ctx, out, &outlen, secret, &secretlen), 1)
+        || !TEST_int_eq(EVP_PKEY_decapsulate_init(ctx, NULL), 1)
+        || !TEST_int_eq(EVP_PKEY_decapsulate(ctx, secret2, &secretlen2, out, outlen), 1)
+        || !TEST_mem_eq(secret, secretlen, secret2, secretlen2))
+        goto err;
+    ret = OSSL_PROVIDER_unload(tlsprov);
+
+err:
+    OPENSSL_free(out);
+    OPENSSL_free(secret);
+    OPENSSL_free(secret2);
+    EVP_PKEY_CTX_free(ctx);
+    EVP_PKEY_free(key);
+    return ret;
+}
+
 #ifndef OPENSSL_NO_EC

 static int test_ec_d2i_i2d_pubkey(void)
@ -1397,6 +1449,7 @@ int setup_tests(void)
    ADD_TEST(evp_test_name_parsing);
    ADD_TEST(test_alternative_default);
    ADD_ALL_TESTS(test_d2i_AutoPrivateKey_ex, OSSL_NELEM(keydata));
+    ADD_TEST(test_new_keytype);
 #ifndef OPENSSL_NO_EC
    ADD_ALL_TESTS(test_d2i_PrivateKey_ex, 2);
    ADD_TEST(test_ec_tofrom_data_select);