New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
(3.x) Known result tests for EC compression compatibility validation + #16624 changes #18320
Conversation
Now, could we rebase #16624 on top of this? |
…o UNCOMPRESSED Original patch by Nicola Tuveri.
PR updated to incorporate Nicola's changes. These don't in themselves appear to be enough to have the tests pass. @romen |
The SM2 curve test failure is expected and correct. We no longer support SM2 curve with EC in 3.x. So that part of the tests needs to be dropped. |
Updated to drop SM2. |
This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I sort of wonder about the need for 1100 test files but more tests is better generally.
@@ -1209,9 +1216,17 @@ static int test_fromdata_ec(void) | |||
if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME, | |||
curve, 0) <= 0) | |||
goto err; | |||
/* | |||
* We intentionally provide the input point in compressed format, | |||
* and avoid to set `OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and avoid setting ...
|| !TEST_true(out_pub[0] == (POINT_CONVERSION_COMPRESSED + 1)) | ||
|
||
/* | ||
* Our providers use uncompressed format as default if |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use uncompressed format by default if
} | ||
|
||
SKIP: { | ||
skip "EC is not supported by this OpenSSL build", scalar @curves if disabled("ec"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Might a plan skip_all
up at the plan
be clearer?
size_t i; | ||
|
||
num_known_curves = EC_get_builtin_curves(NULL, 0); | ||
known_curves = OPENSSL_malloc(num_known_curves*sizeof(*known_curves)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
space around the multiply
if (known_curve_names == NULL) | ||
goto fail; | ||
|
||
for (i=0; i<num_known_curves; ++i) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
spaces around the equals and less than.
BIO *b = NULL; | ||
char filename[256]; | ||
|
||
OPENSSL_assert(param_formats_i[param_format_i] >= 0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TEST_xxx instead of asserts perhaps?
* serialization and deserialization. | ||
*/ | ||
/* For each supported compression format (and unspecified) */ | ||
for (ci=0; ci<OSSL_NELEM(comp_formats_i); ++ci) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Spaces around operators here and elsewhere.
This PR is in a state where it requires action by @openssl/otc but the last update was 30 days ago |
@hlandau Hi, do you have any update on this? Do you need any help with it? It is open for quite a long time and I would like to have the changes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems like overkill to me. @romen Is there a subset of this that would be sufficient for coverage?
Well, that's for OTC to say: so far I only indicated what was asked by the OTC before evaluating the merge of #16624. Looking at my notes, the OTC ask was to:
|
As far as I recall this PR revealed that the behaviour does not match that of 1.1.1. So revision to #16624 would be needed. |
This PR already includes the changes from #16624 AFAICT. IIRC, by asking the thorough testing mentioned before, OTC basically wanted to see 3 things before deciding:
|
Closing and reopening to trigger the tests again, and see what fails |
Also, looking at the last commit, I think that while dropping SM2 from testing for 3.0 makes some sense, as it is handled differently, the fact that it shares the same encoding format as EC keys means that OTC should take an explicit decision about what to do with it.
|
@InfoHunter could you please tell us anything about SM2? |
Closing as non-current; can be re-opened if this is revisited |
Follow-on from #18083.
These tests enforce 1.1 behaviour so they will naturally fail. I trust these results will be of interest.