#include "testutil.h"
#include "evp_test.h"
-DEFINE_STACK_OF_STRING()
-
#define AAD_NUM 4
typedef struct evp_test_method_st EVP_TEST_METHOD;
OBJ_nid2sn(expected->type), expected->alg);
if (expected->type == EVP_PKEY_CMAC) {
- if (is_cipher_disabled(expected->alg)) {
+ if (expected->alg != NULL && is_cipher_disabled(expected->alg)) {
TEST_info("skipping, PKEY CMAC '%s' is disabled", expected->alg);
t->skip = 1;
t->err = NULL;
t->err = "MAC_KEY_CREATE_ERROR";
goto err;
}
- key = EVP_PKEY_new_CMAC_key(NULL, expected->key, expected->key_len,
- cipher);
+ key = EVP_PKEY_new_CMAC_key_with_libctx(expected->key,
+ expected->key_len,
+ EVP_CIPHER_name(cipher),
+ libctx, NULL);
} else {
key = EVP_PKEY_new_raw_private_key_with_libctx(libctx,
OBJ_nid2sn(expected->type),
goto err;
}
- if (expected->type == EVP_PKEY_HMAC) {
+ if (expected->type == EVP_PKEY_HMAC && expected->alg != NULL) {
if (is_digest_disabled(expected->alg)) {
TEST_info("skipping, HMAC '%s' is disabled", expected->alg);
t->skip = 1;
EVP_PKEY *peer;
if (find_key(&peer, value, public_keys) == 0)
return -1;
- if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
- return -1;
+ if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0) {
+ t->err = "DERIVE_SET_PEER_ERROR";
+ return 1;
+ }
+ t->err = NULL;
return 1;
}
if (strcmp(keyword, "SharedSecret") == 0)
*/
static int key_unsupported(void)
{
- long err = ERR_peek_error();
+ long err = ERR_peek_last_error();
if (ERR_GET_LIB(err) == ERR_LIB_EVP
- && (ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM
- || ERR_GET_REASON(err) == EVP_R_FETCH_FAILED)) {
+ && (ERR_GET_REASON(err) == EVP_R_UNSUPPORTED_ALGORITHM)) {
ERR_clear_error();
return 1;
}
* disabled).
*/
if (ERR_GET_LIB(err) == ERR_LIB_EC
- && ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP) {
+ && (ERR_GET_REASON(err) == EC_R_UNKNOWN_GROUP
+ || ERR_GET_REASON(err) == EC_R_INVALID_CURVE)) {
ERR_clear_error();
return 1;
}
}
for (pp++, i = 1; i < (t->s.numpairs - skip_availablein); pp++, i++) {
- if (strcmp(pp->key, "Availablein") == 0) {
+ if (strcmp(pp->key, "Securitycheck") == 0) {
+#if defined(OPENSSL_NO_FIPS_SECURITYCHECKS)
+ TEST_info("skipping, securitycheck is not available: %s:%d",
+ t->s.test_file, t->s.start);
+ t->skip = 1;
+ return 0;
+#endif
+ } else if (strcmp(pp->key, "Availablein") == 0) {
TEST_info("Line %d: 'Availablein' should be the first option",
t->s.curr);
return 0;