Skip to content

test/psk: add compat vector for OpenSSL < 3.2#1059

Closed
hreinecke wants to merge 1 commit intolinux-nvme:masterfrom
hreinecke:psk-ssl-compat
Closed

test/psk: add compat vector for OpenSSL < 3.2#1059
hreinecke wants to merge 1 commit intolinux-nvme:masterfrom
hreinecke:psk-ssl-compat

Conversation

@hreinecke
Copy link
Copy Markdown
Collaborator

OpenSSL versions earlier than 3.2 have a bug where EVP_PKEY_CTX_add1_hkdf_info() will always overwrite the existing 'info' value, and thus calculate a different identity hash. This issue has been uncovered by the PSK testcases, and has always been present.
We have fixed this with eff0ffe ("linux: fix HKDF TLS key derivation back to OpenSSL 3.0.8"), but the PSK testcases will still fail. So add the resulting hash values for the 'compat' test, and select the correct test vector based on the OpenSSL version.

Fixes: #1053

Comment thread test/psk.c Outdated
* existing 'info' string. So add the resulting 'compat'
* identity hash vector here to make the tests succeed.
*/
#ifdef OPENSSL_VERSION_MINOR <= 1
Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this doesn't compile, should be an #if

@cleech
Copy link
Copy Markdown
Contributor

cleech commented Sep 3, 2025

I haven't tested at all these boundaries, but I think the conditional should be

#if ((OPENSSL_VERSION_MINOR == 0 && OPENSSL_VERSION_PATCH < 14) \
       || (OPENSSL_VERSION_MINOR == 1 && OPENSSL_VERSION_PATCH < 6) \
       || (OPENSSL_VERSION_MINOR == 2 && OPENSSL_VERSION_PATCH < 2) \
       || (OPENSSL_VERSION_MINOR == 3 && OPENSSL_VERSION_PATCH < 2))

after looking through all the openssl git release branches to find the back-ports

Older OpenSSL versions have a bug where
EVP_PKEY_CTX_add1_hkdf_info() will always overwrite the existing
'info' value, and thus calculate a different identity hash.
This issue has been uncovered by the PSK testcases, and has always
been present.
We have fixed this with eff0ffe ("linux: fix HKDF TLS key derivation
back to OpenSSL 3.0.8"), but the PSK testcases will still fail.
So add the resulting hash values for the 'compat' test, and select
the correct test vector based on the OpenSSL version.

Signed-off-by: Hannes Reinecke <[email protected]>
@hreinecke
Copy link
Copy Markdown
Collaborator Author

I haven't tested at all these boundaries, but I think the conditional should be

#if ((OPENSSL_VERSION_MINOR == 0 && OPENSSL_VERSION_PATCH < 14) \
       || (OPENSSL_VERSION_MINOR == 1 && OPENSSL_VERSION_PATCH < 6) \
       || (OPENSSL_VERSION_MINOR == 2 && OPENSSL_VERSION_PATCH < 2) \
       || (OPENSSL_VERSION_MINOR == 3 && OPENSSL_VERSION_PATCH < 2))

after looking through all the openssl git release branches to find the back-ports

Not on my system; 3.1.4 doesn't have the issue. Fixed up the version numbers to convince the test case to pass.

@hreinecke hreinecke closed this Sep 4, 2025
@hreinecke hreinecke deleted the psk-ssl-compat branch September 4, 2025 12:07
@hreinecke hreinecke restored the psk-ssl-compat branch September 5, 2025 06:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

TLS key generation not comptiable with OpenSSL 3.0.x LTS.

2 participants