From a87820e16bbbbb1f8a68ddaf3aa1159da886acca Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Tue, 12 May 2020 15:27:32 +0200
Subject: [PATCH 1/1] test/evp_extra_test.c: Add test for CMAC keygen with a
 NULL engine

Verifies that #11671 is fixed

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11674)
---
 test/evp_extra_test.c | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
index 9deae29c47..bbd95850c6 100644
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@@ -1179,6 +1179,27 @@ static int test_EVP_PKEY_check(int i)
     return ret;
 }
 
+static int test_CMAC_keygen(void)
+{
+    /*
+     * This is a legacy method for CMACs, but should still work.
+     * This verifies that it works without an ENGINE.
+     */
+    EVP_PKEY_CTX *kctx = EVP_PKEY_CTX_new_id(EVP_PKEY_CMAC, NULL);
+    int ret = 0;
+
+    if (!TEST_true(EVP_PKEY_keygen_init(kctx) > 0)
+        && !TEST_true(EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
+                                        EVP_PKEY_CTRL_CIPHER,
+                                        0, (void *)EVP_aes_256_ecb()) > 0))
+        goto done;
+    ret = 1;
+
+ done:
+    EVP_PKEY_CTX_free(kctx);
+    return ret;
+}
+
 static int test_HKDF(void)
 {
     EVP_PKEY_CTX *pctx;
@@ -1630,6 +1651,7 @@ int setup_tests(void)
     if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1))
         return 0;
     ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata));
+    ADD_TEST(test_CMAC_keygen);
     ADD_TEST(test_HKDF);
 #ifndef OPENSSL_NO_EC
     ADD_TEST(test_X509_PUBKEY_inplace);
-- 
2.34.1