From 9bcbcfa0193491800b3d0afa140828488b6b84de Mon Sep 17 00:00:00 2001
From: Vitaly Chikunov <vt@altlinux.org>
Date: Sun, 27 Jan 2019 02:15:00 +0300
Subject: [PATCH] test_params: Avoid calls to fill_GOST_EC_params and bind_gost

Use external API to generate key with parameters instead of calling
fill_GOST_EC_params(). Use OPENSSL_CONF trick like in test_sign to avoid
calling bind_gost(). Reverting 1716316de77 ("Export bind_gost to allow
local engine init") as not needed anymore.
---
 gost_eng.c    |  2 +-
 gost_lcl.h    |  3 ---
 test_params.c | 29 ++++++++++++++++++++++++-----
 3 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/gost_eng.c b/gost_eng.c
index 74fe13e..69f9975 100644
--- a/gost_eng.c
+++ b/gost_eng.c
@@ -164,7 +164,7 @@ static int gost_engine_destroy(ENGINE* e) {
     return 1;
 }
 
-int bind_gost(ENGINE* e, const char* id) {
+static int bind_gost(ENGINE* e, const char* id) {
     int ret = 0;
     if (id != NULL && strcmp(id, engine_gost_id) != 0)
         return 0;
diff --git a/gost_lcl.h b/gost_lcl.h
index 512d947..6623d6d 100644
--- a/gost_lcl.h
+++ b/gost_lcl.h
@@ -301,7 +301,4 @@ int pack_sign_cp(ECDSA_SIG *s, int order, unsigned char *sig, size_t *siglen);
 /* Get private key as BIGNUM from both 34.10-2001 keys*/
 /* Returns pointer into EVP_PKEY structure */
 BIGNUM *gost_get0_priv_key(const EVP_PKEY *pkey);
-
-int bind_gost(ENGINE* e, const char* id);
-
 #endif
diff --git a/test_params.c b/test_params.c
index b477662..972af24 100644
--- a/test_params.c
+++ b/test_params.c
@@ -928,6 +928,28 @@ static int test_cert(struct test_cert *tc)
     return err != 1;
 }
 
+/* Generate EC_KEY with proper parameters using temporary PKEYs.
+ * This emulates fill_GOST_EC_params() call.
+ */
+static int EC_KEY_create(int type, int param_nid, EC_KEY *dst)
+{
+    EVP_PKEY *pkey;
+    T(pkey = EVP_PKEY_new());
+    T(EVP_PKEY_set_type(pkey, type));
+    EVP_PKEY_CTX *ctx;
+    T(ctx = EVP_PKEY_CTX_new(pkey, NULL));
+    T(EVP_PKEY_paramgen_init(ctx));
+    T(EVP_PKEY_CTX_ctrl(ctx, type, -1, EVP_PKEY_CTRL_GOST_PARAMSET, param_nid, NULL));
+    EVP_PKEY *pkey2 = NULL;
+    int err;
+    TE((err = EVP_PKEY_paramgen(ctx, &pkey2)) == 1);
+    T(EC_KEY_copy(dst, EVP_PKEY_get0(pkey2)));
+    EVP_PKEY_CTX_free(ctx);
+    EVP_PKEY_free(pkey);
+    EVP_PKEY_free(pkey2);
+    return err;
+}
+
 static int test_param(struct test_param *t)
 {
     int ret = 0, err = 0;
@@ -936,7 +958,6 @@ static int test_param(struct test_param *t)
     const char *sn = OBJ_nid2sn(t->param);
 
     printf(cBLUE "Test %s (cp):\n" cNORM, sn);
-    //T(pkey = EVP_PKEY_new_raw_public_key(NID_id_GostR3410_2001, NULL, t->pub_key, 64));
 
     switch (t->len) {
 	case 256 / 8:
@@ -962,7 +983,7 @@ static int test_param(struct test_param *t)
     /* Manually construct public key */
     EC_KEY *ec;
     T(ec = EC_KEY_new());
-    T(fill_GOST_EC_params(ec, t->param));
+    T(EC_KEY_create(type, t->param, ec));
     const EC_GROUP *group;
     T(group = EC_KEY_get0_group(ec));
     unsigned char *pub_key;
@@ -1025,11 +1046,9 @@ int main(int argc, char **argv)
 {
     int ret = 0;
 
+    setenv("OPENSSL_CONF", "../example.conf", 0);
     OPENSSL_add_all_algorithms_conf();
     ERR_load_crypto_strings();
-    ENGINE *e = ENGINE_new();
-    bind_gost(e, "gost");
-    ENGINE_register_complete(e);
 
     struct test_param **tpp;
     for (tpp = test_params; *tpp; tpp++)
-- 
2.39.2