From 070151c96f5b605db83c802d6c37de87d6eb4402 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Thu, 7 Jun 2018 09:29:54 -0700
Subject: [PATCH] Update ECDH and EVP tests to accept latest Wycheproof
 vectors.

(This upstreams a change that was landed internally.)

Change-Id: Ic32793f8b1ae2d03e8ccbb0a9ac5f62add4c295b
Reviewed-on: https://boringssl-review.googlesource.com/28984
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
---
 crypto/ecdh/ecdh_test.cc |  1 +
 crypto/evp/evp_test.cc   | 22 ++++++++++++++++++----
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/crypto/ecdh/ecdh_test.cc b/crypto/ecdh/ecdh_test.cc
index 60b45a17..1fbbd4b1 100644
--- a/crypto/ecdh/ecdh_test.cc
+++ b/crypto/ecdh/ecdh_test.cc
@@ -122,6 +122,7 @@ TEST(ECDHTest, Wycheproof) {
   FileTestGTest("third_party/wycheproof_testvectors/ecdh_test.txt",
                 [](FileTest *t) {
     t->IgnoreInstruction("curve");  // This is redundant with the per-test one.
+    t->IgnoreInstruction("encoding");
 
     bssl::UniquePtr<EC_GROUP> group = GetWycheproofCurve(t, "curve", false);
     ASSERT_TRUE(group);
diff --git a/crypto/evp/evp_test.cc b/crypto/evp/evp_test.cc
index c9ab2d2d..85795ee5 100644
--- a/crypto/evp/evp_test.cc
+++ b/crypto/evp/evp_test.cc
@@ -425,6 +425,7 @@ static void RunWycheproofTest(const char *path) {
     t->IgnoreInstruction("key.keySize");
     t->IgnoreInstruction("key.wx");
     t->IgnoreInstruction("key.wy");
+    t->IgnoreInstruction("key.uncompressed");
     // Extra RSA fields.
     t->IgnoreInstruction("e");
     t->IgnoreInstruction("keyAsn");
@@ -470,14 +471,27 @@ static void RunWycheproofTest(const char *path) {
       bool sig_ok = DSA_check_signature(&valid, digest, digest_len, sig.data(),
                                         sig.size(), dsa) &&
                     valid;
-      EXPECT_EQ(result == WycheproofResult::kValid, sig_ok);
+      if (result == WycheproofResult::kValid) {
+        EXPECT_TRUE(sig_ok);
+      } else if (result == WycheproofResult::kInvalid) {
+        EXPECT_FALSE(sig_ok);
+      } else {
+        // this is a legacy signature, which may or may not be accepted.
+      }
     } else {
       bssl::ScopedEVP_MD_CTX ctx;
       ASSERT_TRUE(
           EVP_DigestVerifyInit(ctx.get(), nullptr, md, nullptr, key.get()));
-      EXPECT_EQ(result == WycheproofResult::kValid ? 1 : 0,
-                EVP_DigestVerify(ctx.get(), sig.data(), sig.size(), msg.data(),
-                                 msg.size()));
+      int ret = EVP_DigestVerify(ctx.get(), sig.data(), sig.size(), msg.data(),
+                                 msg.size());
+      if (result == WycheproofResult::kValid) {
+        EXPECT_EQ(1, ret);
+      } else if (result == WycheproofResult::kInvalid) {
+        EXPECT_EQ(0, ret);
+      } else {
+        // this is a legacy signature, which may or may not be accepted.
+        EXPECT_TRUE(ret == 1 || ret == 0);
+      }
     }
   });
 }