You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
77 lines
2.7 KiB
77 lines
2.7 KiB
diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c |
|
index 78dc69082fab..8a86c9108d0d 100644 |
|
--- a/providers/implementations/keymgmt/ec_kmgmt.c |
|
+++ b/providers/implementations/keymgmt/ec_kmgmt.c |
|
@@ -470,9 +470,6 @@ int ec_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, |
|
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0 |
|
&& (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) == 0) |
|
return 0; |
|
- if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0 |
|
- && (selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == 0) |
|
- return 0; |
|
|
|
tmpl = OSSL_PARAM_BLD_new(); |
|
if (tmpl == NULL) |
|
diff --git a/test/recipes/15-test_ecparam.t b/test/recipes/15-test_ecparam.t |
|
index 766524e8cfa9..80bac6741290 100644 |
|
--- a/test/recipes/15-test_ecparam.t |
|
+++ b/test/recipes/15-test_ecparam.t |
|
@@ -13,7 +13,7 @@ use warnings; |
|
use File::Spec; |
|
use File::Compare qw/compare_text/; |
|
use OpenSSL::Glob; |
|
-use OpenSSL::Test qw/:DEFAULT data_file/; |
|
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/; |
|
use OpenSSL::Test::Utils; |
|
|
|
setup("test_ecparam"); |
|
@@ -25,7 +25,7 @@ my @valid = glob(data_file("valid", "*.pem")); |
|
my @noncanon = glob(data_file("noncanon", "*.pem")); |
|
my @invalid = glob(data_file("invalid", "*.pem")); |
|
|
|
-plan tests => 11; |
|
+plan tests => 12; |
|
|
|
sub checkload { |
|
my $files = shift; # List of files |
|
@@ -59,6 +59,8 @@ sub checkcompare { |
|
} |
|
} |
|
|
|
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); |
|
+ |
|
subtest "Check loading valid parameters by ecparam with -check" => sub { |
|
plan tests => scalar(@valid); |
|
checkload(\@valid, 1, "ecparam", "-check"); |
|
@@ -113,3 +115,31 @@ subtest "Check pkeyparam does not change the parameter file on output" => sub { |
|
plan tests => 2 * scalar(@valid); |
|
checkcompare(\@valid, "pkeyparam"); |
|
}; |
|
+ |
|
+subtest "Check loading of fips and non-fips params" => sub { |
|
+ plan skip_all => "FIPS is disabled" |
|
+ if $no_fips; |
|
+ plan tests => 3; |
|
+ |
|
+ my $fipsconf = srctop_file("test", "fips-and-base.cnf"); |
|
+ my $defaultconf = srctop_file("test", "default.cnf"); |
|
+ |
|
+ $ENV{OPENSSL_CONF} = $fipsconf; |
|
+ |
|
+ ok(run(app(['openssl', 'ecparam', |
|
+ '-in', data_file('valid', 'secp384r1-explicit.pem'), |
|
+ '-check'])), |
|
+ "Loading explicitly encoded valid curve"); |
|
+ |
|
+ ok(run(app(['openssl', 'ecparam', |
|
+ '-in', data_file('valid', 'secp384r1-named.pem'), |
|
+ '-check'])), |
|
+ "Loading named valid curve"); |
|
+ |
|
+ ok(!run(app(['openssl', 'ecparam', |
|
+ '-in', data_file('valid', 'secp112r1-named.pem'), |
|
+ '-check'])), |
|
+ "Fail loading named non-fips curve"); |
|
+ |
|
+ $ENV{OPENSSL_CONF} = $defaultconf; |
|
+};
|
|
|