Skip to content

Extended tests are failing due to hard coded pyca test errors #8968

New issue
New issue
Closed
Closed
Extended tests are failing due to hard coded pyca test errors#8968
Labels
inactiveThis label should not be applied to open issues anymore.triaged: bugThe issue/pr is/fixes a bug
@mattcaswell

Description

@mattcaswell
mattcaswell
opened on May 21, 2019

The external pyca tests are currently failing due to hard coded OpenSSL error constants having been included in the tests. Due to recent refactoring a number of error codes have changed (in particular because errors that used to be raised by the EVP sub-lib are now being raised by providers instead).

I can get the pyca tests to pass by applying the following patch/hack:

diff --git a/include/openssl/err.h b/include/openssl/err.h
index 7398029bee..b096717580 100644
--- a/include/openssl/err.h
+++ b/include/openssl/err.h
@@ -141,7 +141,10 @@ typedef struct err_state_st {
 # define SM2err(f,r) ERR_PUT_error(ERR_LIB_SM2,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
 # define ESSerr(f,r) ERR_PUT_error(ERR_LIB_ESS,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
 # define PROPerr(f,r) ERR_PUT_error(ERR_LIB_PROP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
+#if 0
 # define PROVerr(f,r) ERR_PUT_error(ERR_LIB_PROV,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
+#endif
+# define PROVerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),OPENSSL_FILE,OPENSSL_LINE)
 
 # define ERR_PACK(l,f,r) ( \
         (((unsigned int)(l) & 0x0FF) << 24L) | \
diff --git a/providers/common/ciphers/aes.c b/providers/common/ciphers/aes.c
index 8d91ff4804..92b5bfb8d2 100644
--- a/providers/common/ciphers/aes.c
+++ b/providers/common/ciphers/aes.c
@@ -162,7 +162,11 @@ static int aes_block_final(void *vctx, unsigned char *out, size_t *outl,
             *outl = 0;
             return 1;
         } else if (ctx->bufsz != AES_BLOCK_SIZE) {
+#if 0
             PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
+#endif
+            EVPerr(EVP_F_EVP_ENCRYPTFINAL_EX,
+                   EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
             return 0;
         }
 
@@ -185,7 +189,11 @@ static int aes_block_final(void *vctx, unsigned char *out, size_t *outl,
             *outl = 0;
             return 1;
         }
+#if 0
         PROVerr(PROV_F_AES_BLOCK_FINAL, PROV_R_WRONG_FINAL_BLOCK_LENGTH);
+#endif
+        EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,
+               EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH);
         return 0;
     }

This is clearly not the correct solution. I think probably the right answer is for the pyca tests to change to be more accepting of different errors being raised.

Ping @reaperhulk, @alex

Metadata

Metadata

Assignees

No one assigned

    Labels

    inactiveThis label should not be applied to open issues anymore.triaged: bugThe issue/pr is/fixes a bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions