From 563f9c951d9b050378b9d3659a932c98ab587b21 Mon Sep 17 00:00:00 2001

From: Petr Gotthard <petr.gotthard@centrum.cz>

Date: Sat, 17 Jul 2021 21:22:28 +0200

Subject: FAPI Test: Call EVP_DigestSignInit in the correct order

MIME-Version: 1.0

Content-Type: text/plain; charset=UTF-8

Content-Transfer-Encoding: 8bit

The EVP_DigestSignInit should be called only once and before calling

EVP_PKEY_CTX_set_rsa_padding. See a corresponding example

[here](https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_sign_init.html)

Current code works with OpenSSL 1.x, but fails with OpenSSL 3.0.

This PR makes the code compatible with OpenSSL 1.0 through 3.0.

Signed-off-by: Petr Gotthard <petr.gotthard@centrum.cz>

---

 test/integration/fapi-data-crypt.int.c               | 8 ++------

 test/integration/fapi-key-create-policy-signed.int.c | 8 ++------

 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/test/integration/fapi-data-crypt.int.c b/test/integration/fapi-data-crypt.int.c

index b2d20b28..d42466db 100644

--- a/test/integration/fapi-data-crypt.int.c

+++ b/test/integration/fapi-data-crypt.int.c

@@ -129,8 +129,8 @@ signatureCallback(

     mdctx = EVP_MD_CTX_create();

     chknull(mdctx);

-    if (1 != EVP_DigestSignInit(mdctx, &pctx, NULL, NULL, priv_key)) {

-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL digest sign init.",

+    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {

+        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",

                    error_cleanup);

     }

     if (EVP_PKEY_type(EVP_PKEY_id(priv_key)) == EVP_PKEY_RSA) {

@@ -140,10 +140,6 @@ signatureCallback(

                        error_cleanup);

         }

     }

-    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {

-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",

-                   error_cleanup);

-    }

     if (1 != EVP_DigestSignUpdate(mdctx, dataToSign, dataToSignSize)) {

         goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign update.",

                    error_cleanup);

diff --git a/test/integration/fapi-key-create-policy-signed.int.c b/test/integration/fapi-key-create-policy-signed.int.c

index e51289a6..b903dec0 100644

--- a/test/integration/fapi-key-create-policy-signed.int.c

+++ b/test/integration/fapi-key-create-policy-signed.int.c

@@ -144,8 +144,8 @@ signatureCallback(

     mdctx = EVP_MD_CTX_create();

     chknull(mdctx);

-    if (1 != EVP_DigestSignInit(mdctx, &pctx, NULL, NULL, priv_key)) {

-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL digest sign init.",

+    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {

+        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",

                    error_cleanup);

     }

     if (EVP_PKEY_type(EVP_PKEY_id(priv_key)) == EVP_PKEY_RSA) {

@@ -155,10 +155,6 @@ signatureCallback(

                        error_cleanup);

         }

     }

-    if (1 != EVP_DigestSignInit(mdctx, &pctx, ossl_hash, NULL, priv_key)) {

-        goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign init.",

-                   error_cleanup);

-    }

     if (1 != EVP_DigestSignUpdate(mdctx, dataToSign, dataToSignSize)) {

         goto_error(r, TSS2_FAPI_RC_GENERAL_FAILURE, "OSSL sign update.",

                    error_cleanup);

-- 

2.26.3