Skip to content

Commit b762849

Browse files
qmuntalqmuntal
committed
skip if curve not supported
1 parent 40a9794 commit b762849

File tree

2 files changed

+33
-0
lines changed

2 files changed

+33
-0
lines changed

ec.go

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,31 @@ package openssl
55
import (
66
"errors"
77
"strconv"
8+
"sync"
89

910
"github.com/golang-fips/openssl/v2/internal/ossl"
1011
)
1112

13+
func SupportsCurve(curve string) bool {
14+
switch curve {
15+
case "P-224", "P-256", "P-384", "P-521":
16+
return true
17+
case "X25519":
18+
return supportsX25519()
19+
default:
20+
return false
21+
}
22+
}
23+
24+
var supportsX25519 = sync.OnceValue(func() bool {
25+
ctx, _ := ossl.EVP_PKEY_CTX_new_id(ossl.EVP_PKEY_X25519, nil)
26+
if ctx != nil {
27+
ossl.EVP_PKEY_CTX_free(ctx)
28+
return true
29+
}
30+
return false
31+
})
32+
1233
func curveID(curve string) int32 {
1334
switch curve {
1435
case "P-224":

ecdh_test.go

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ func TestECDH(t *testing.T) {
1414
for _, tt := range []string{"P-256", "P-384", "P-521", "X25519"} {
1515
t.Run(tt, func(t *testing.T) {
1616
name := tt
17+
skipUnsupportedCurve(t, name)
1718
aliceKey, alicPrivBytes, err := openssl.GenerateKeyECDH(name)
1819
if err != nil {
1920
t.Fatal(err)
@@ -121,6 +122,7 @@ var ecdhvectors = []struct {
121122
func TestECDHVectors(t *testing.T) {
122123
for _, tt := range ecdhvectors {
123124
t.Run(tt.Name, func(t *testing.T) {
125+
skipUnsupportedCurve(t, tt.Name)
124126
key, err := openssl.NewPrivateKeyECDH(tt.Name, hexDecode(t, tt.PrivateKey))
125127
if err != nil {
126128
t.Fatal(err)
@@ -285,6 +287,7 @@ var invalidECDHPublicKeys = map[string][]string{
285287
func TestECDHNewPrivateKeyECDH_Invalid(t *testing.T) {
286288
for _, curve := range []string{"P-256", "P-384", "P-521", "X25519"} {
287289
t.Run(curve, func(t *testing.T) {
290+
skipUnsupportedCurve(t, curve)
288291
for _, input := range invalidECDHPrivateKeys[curve] {
289292
k, err := openssl.NewPrivateKeyECDH(curve, hexDecode(t, input))
290293
if err == nil {
@@ -300,6 +303,7 @@ func TestECDHNewPrivateKeyECDH_Invalid(t *testing.T) {
300303
func TestECDHNewPublicKeyECDH_Invalid(t *testing.T) {
301304
for _, curve := range []string{"P-256", "P-384", "P-521", "X25519"} {
302305
t.Run(curve, func(t *testing.T) {
306+
skipUnsupportedCurve(t, curve)
303307
for _, input := range invalidECDHPublicKeys[curve] {
304308
k, err := openssl.NewPublicKeyECDH(curve, hexDecode(t, input))
305309
if err == nil {
@@ -313,6 +317,7 @@ func TestECDHNewPublicKeyECDH_Invalid(t *testing.T) {
313317
}
314318

315319
func TestX25519Failure(t *testing.T) {
320+
skipUnsupportedCurve(t, "X25519")
316321
identity := hexDecode(t, "0000000000000000000000000000000000000000000000000000000000000000")
317322
lowOrderPoint := hexDecode(t, "e0eb7a7c3b41b8ae1656e3faf19fc46ada098deb9c32b1fd866205165f49b800")
318323
randomScalar := make([]byte, 32)
@@ -340,3 +345,10 @@ func testX25519Failure(t *testing.T, private, public []byte) {
340345
t.Errorf("unexpected ECDH output: %x", secret)
341346
}
342347
}
348+
349+
func skipUnsupportedCurve(t *testing.T, curve string) {
350+
t.Helper()
351+
if !openssl.SupportsCurve(curve) {
352+
t.Skipf("skipping test: curve %q is not supported", curve)
353+
}
354+
}

0 commit comments

Comments
 (0)