465515 – QCA-2.3.4/5: Test "PublicKeyInfrastructure" fails after updating OpenSSL to 3.0.8

Bug 465515 - QCA-2.3.4/5: Test "PublicKeyInfrastructure" fails after updating OpenSSL to 3.0.8

Summary: QCA-2.3.4/5: Test "PublicKeyInfrastructure" fails after updating OpenSSL to 3...

Status:	RESOLVED FIXED

Alias:	None

Product:	qca
Classification:	Frameworks and Libraries
Component:	general (show other bugs)
Version:	2.3.4
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Ivan Romanov

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-02-09 18:13 UTC by imaginator
Modified:	2023-02-20 08:57 UTC (History)
CC List:	4 users (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description imaginator 2023-02-09 18:13:16 UTC

After updating OpenSSL to 3.0.8 (from 3.0.7), test "PublicKeyInfrastructure" fails when building/testing QCA-2.3.4 and -2.3.5.  The other tests are OK.  Going back to OpenSSL-3.0.7 fixes the issue.

From the test-log:
[...]
20/25 Testing: PublicKeyInfrastructure
20/25 Test: PublicKeyInfrastructure
Command:
"/home/user/Downloads/LFS/BLFS/BLFS-11.1/qca-2.3.4/build/bin/pkits"
Directory: /home/user/Downloads/LFS/BLFS/BLFS-11.1/qca-2.3.4/build/bin
"PublicKeyInfrastructure" start time: Feb 09 12:16 CET
Output:
----------------------------------------------------------
********* Start testing of Pkits *********
Config: Using QtTest library 5.15.2, Qt 5.15.2
(x86_64-little_endian-lp64 shared (dynamic) release build; by GCC
11.2.0), unknown unknown
PASS   : Pkits::initTestCase()
PASS   : Pkits::pkits4_1_1()
PASS   : Pkits::pkits4_1_2()
PASS   : Pkits::pkits4_1_3()
PASS   : Pkits::pkits4_1_4()
FAIL!  : Pkits::pkits4_1_5() Compared values are not the same
   Loc:
[/home/user/Downloads/LFS/BLFS/BLFS-11.1/qca-2.3.4/unittest/pkits/pkits.cpp(298)]
PASS   : Pkits::pkits4_1_6()
[...]


System is Linux From Scratch. I hope this is the right place to report this. Let me know if you need more information.
Thanks.

Comment 1 imaginator 2023-02-11 11:02:36 UTC

Perhaps this may help you:

When I configure qca-2.3.4/5 with the not recommended
	
	-DQCA_SUFFIX=OFF

then all tests succeed for qca-2.3.4 but for qca-2.3.5 test "Hashing" fails while "PublicKeyInfrastructure" passes:

[...]
      Start  8: Hashing
8/25 Test  #8: Hashing ..........................Subprocess aborted***Exception:   0.34 sec
 [...]
      Start 19: PublicKeyInfrastructure
19/25 Test #19: PublicKeyInfrastructure ..........   Passed    0.00 sec
[...]
 

The question that bothers me a bit is whether the test-failures indicate a security risk when using qca-2.3.4/5 with OpenSSL-3.0.8 or whether just the tests need to be adapted.
BTW: the problem has been confirmed by an other LFS-user. 
Thanks.

Comment 2 Albert Astals Cid 2023-02-13 22:07:45 UTC

looks like an openssl regression to me https://github.com/openssl/openssl/commit/fab4973801bdc11c29c4c8ccf65cf39cbc63ce9b

Comment 3 imaginator 2023-02-14 08:03:16 UTC

(In reply to Albert Astals Cid from comment #2)
> looks like an openssl regression to me
> https://github.com/openssl/openssl/commit/
> fab4973801bdc11c29c4c8ccf65cf39cbc63ce9b

Thanks. Shows that the tests are important. I hope OpenSSL respond soon.

Comment 4 imaginator 2023-02-14 15:31:30 UTC

This may be related: https://github.com/openssl/openssl/issues/20233

Comment 5 Albert Astals Cid 2023-02-19 23:20:42 UTC

https://invent.kde.org/libraries/qca/-/merge_requests/93

Comment 6 imaginator 2023-02-20 08:57:43 UTC

(In reply to Albert Astals Cid from comment #5)
> https://invent.kde.org/libraries/qca/-/merge_requests/93

Thanks. I'll let the LFS-editors know, so that they can add a note for qca that one test is known to fail for qca-2.3.5 and OpenSSL-3.0.8. Or patch the sources according to your commit.
Thanks again.