pyca · reaperhulk · Mar 1, 2023 · Feb 28, 2023
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
@@ -22,7 +22,7 @@ for various cryptographic algorithms. These are not included in the repository
 continuous integration environments.
 
 We have ensured all test vectors are used as of commit
-``2196000605e45d91097147c9c71f26b72af58003``.
+``b063b4aedae951c69df014cd25fa6d69ae9e8cb9``.
 
 Asymmetric ciphers
 ~~~~~~~~~~~~~~~~~~

diff --git a/src/cryptography/hazmat/backends/openssl/utils.py b/src/cryptography/hazmat/backends/openssl/utils.py
@@ -18,7 +18,10 @@ def _evp_pkey_derive(backend: "Backend", evp_pkey, peer_public_key) -> bytes:
     res = backend._lib.EVP_PKEY_derive_init(ctx)
     backend.openssl_assert(res == 1)
     res = backend._lib.EVP_PKEY_derive_set_peer(ctx, peer_public_key._evp_pkey)
-    backend.openssl_assert(res == 1)
+    if res != 1:
+        errors_with_text = backend._consume_errors_with_text()
+        raise ValueError("Error computing shared key.", errors_with_text)
+
     keylen = backend._ffi.new("size_t *")
     res = backend._lib.EVP_PKEY_derive(ctx, backend._ffi.NULL, keylen)
     backend.openssl_assert(res == 1)

diff --git a/tests/wycheproof/test_ecdh.py b/tests/wycheproof/test_ecdh.py
@@ -21,6 +21,12 @@
     "secp521r1": ec.SECP521R1(),
     "secp224k1": None,
     "secp256k1": ec.SECP256K1(),
+    "sect283r1": ec.SECT283R1(),
+    "sect409r1": ec.SECT409R1(),
+    "sect571r1": ec.SECT571R1(),
+    "sect283k1": ec.SECT283K1(),
+    "sect409k1": ec.SECT409K1(),
+    "sect571k1": ec.SECT571K1(),
     "brainpoolP224r1": None,
     "brainpoolP256r1": ec.BrainpoolP256R1(),
     "brainpoolP320r1": None,
@@ -31,6 +37,7 @@
     "brainpoolP320t1": None,
     "brainpoolP384t1": None,
     "brainpoolP512t1": None,
+    "FRP256v1": None,
 }
 
 
@@ -46,6 +53,12 @@
     "ecdh_secp256r1_test.json",
     "ecdh_secp384r1_test.json",
     "ecdh_secp521r1_test.json",
+    "ecdh_sect283k1_test.json",
+    "ecdh_sect283r1_test.json",
+    "ecdh_sect409k1_test.json",
+    "ecdh_sect409r1_test.json",
+    "ecdh_sect571k1_test.json",
+    "ecdh_sect571r1_test.json",
 )
 def test_ecdh(backend, wycheproof):
     curve = _CURVES[wycheproof.testgroup["curve"]]
@@ -70,7 +83,13 @@ def test_ecdh(backend, wycheproof):
     except UnsupportedAlgorithm:
         return
 
-    if wycheproof.valid or wycheproof.acceptable:
+    if wycheproof.valid or (
+        wycheproof.acceptable
+        and not (
+            wycheproof.has_flag("LowOrderPublic")
+            and backend._lib.CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
+        )
+    ):
         computed_shared = private_key.exchange(ec.ECDH(), public_key)
         expected_shared = binascii.unhexlify(wycheproof.testcase["shared"])
         assert computed_shared == expected_shared

diff --git a/tests/wycheproof/test_ecdsa.py b/tests/wycheproof/test_ecdsa.py
@@ -53,6 +53,11 @@
     "ecdsa_secp384r1_sha3_512_test.json",
     "ecdsa_secp521r1_sha512_test.json",
     "ecdsa_secp521r1_sha3_512_test.json",
+    "ecdsa_secp160k1_sha256_test.json",
+    "ecdsa_secp160r1_sha256_test.json",
+    "ecdsa_secp160r2_sha256_test.json",
+    "ecdsa_secp192k1_sha256_test.json",
+    "ecdsa_secp192r1_sha256_test.json",
 )
 def test_ecdsa_signature(backend, wycheproof):
     try: