fix openssl 3

dsa.go

@@ -280,7 +280,7 @@ func newDSA3(params DSAParameters, x, y BigInt) (C.GO_EVP_PKEY_PTR, error) {
 		return nil, err
 	}
 	defer C.go_openssl_OSSL_PARAM_free(bldparams)
-	pkey, err := newEvpFromParams(C.GO_EVP_PKEY_DSA, selection, bldparams, false)
+	pkey, err := newEvpFromParams(C.GO_EVP_PKEY_DSA, selection, bldparams)
 	if err != nil {
 		return nil, err
 	}

ecdh.go

@@ -210,7 +210,28 @@ func newECDHPkey3(nid C.int, bytes []byte, isPrivate bool) (C.GO_EVP_PKEY_PTR, e
 		return nil, err
 	}
 	defer C.go_openssl_OSSL_PARAM_free(params)
-	return newEvpFromParams(C.GO_EVP_PKEY_EC, selection, params, true)
+	pkey, err := newEvpFromParams(C.GO_EVP_PKEY_EC, selection, params)
+	if err != nil {
+		return nil, err
+	}
+	ctx := C.go_openssl_EVP_PKEY_CTX_new(pkey, nil)
+	if ctx == nil {
+		return nil, newOpenSSLError("EVP_PKEY_CTX_new")
+	}
+	defer C.go_openssl_EVP_PKEY_CTX_free(ctx)
+	if isPrivate {
+		if C.go_openssl_EVP_PKEY_private_check(ctx) != 1 {
+			// Match upstream error message.
+			return nil, errors.New("crypto/ecdh: invalid private key")
+		}
+	} else {
+		// Upstream Go does a partial check here, so do we.
+		if C.go_openssl_EVP_PKEY_public_check_quick(ctx) != 1 {
+			// Match upstream error message.
+			return nil, errors.New("crypto/ecdh: invalid public key")
+		}
+	}
+	return pkey, nil
 }
 
 func pointMult(group C.GO_EC_GROUP_PTR, priv C.GO_BIGNUM_PTR) (C.GO_EC_POINT_PTR, error) {

ecdsa.go

@@ -207,5 +207,5 @@ func newECDSAKey3(nid C.int, bx, by, bd C.GO_BIGNUM_PTR) (C.GO_EVP_PKEY_PTR, err
 		return nil, err
 	}
 	defer C.go_openssl_OSSL_PARAM_free(params)
-	return newEvpFromParams(C.GO_EVP_PKEY_EC, selection, params, false)
+	return newEvpFromParams(C.GO_EVP_PKEY_EC, selection, params)
 }

evp.go

@@ -502,7 +502,7 @@ func getECKey(pkey C.GO_EVP_PKEY_PTR) (key C.GO_EC_KEY_PTR) {
 	return key
 }
 
-func newEvpFromParams(id C.int, selection C.int, params C.GO_OSSL_PARAM_PTR, validate bool) (C.GO_EVP_PKEY_PTR, error) {
+func newEvpFromParams(id C.int, selection C.int, params C.GO_OSSL_PARAM_PTR) (C.GO_EVP_PKEY_PTR, error) {
 	ctx := C.go_openssl_EVP_PKEY_CTX_new_id(id, nil)
 	if ctx == nil {
 		return nil, newOpenSSLError("EVP_PKEY_CTX_new_id")
@@ -515,18 +515,5 @@ func newEvpFromParams(id C.int, selection C.int, params C.GO_OSSL_PARAM_PTR, val
 	if C.go_openssl_EVP_PKEY_fromdata(ctx, &pkey, selection, params) != 1 {
 		return nil, newOpenSSLError("EVP_PKEY_fromdata")
 	}
-	if validate {
-		if selection == C.GO_EVP_PKEY_KEYPAIR { // Private key
-			if C.go_openssl_EVP_PKEY_private_check(ctx) != 1 {
-				// Match upstream error message.
-				return nil, errors.New("crypto/ecdh: invalid private key")
-			}
-		} else { // Public key
-			if C.go_openssl_EVP_PKEY_public_check_quick(ctx) != 1 {
-				// Match upstream error message.
-				return nil, errors.New("crypto/ecdh: invalid public key")
-			}
-		}
-	}
 	return pkey, nil
 }

rsa.go

@@ -238,7 +238,7 @@ func saltLength(saltLen int, sign bool) (C.int, error) {
 	// A salt length of -2 is valid in OpenSSL, but not in crypto/rsa, so reject
 	// it, and lengths < -2, before we convert to the OpenSSL sentinel values.
 	if saltLen <= -2 {
-		return 0, errors.New("crypto/rsa: PSSOptions.SaltLength cannot be negative")
+		return 0, errors.New("crypto/rsa: invalid PSS salt length")
 	}
 	// OpenSSL uses sentinel salt length values like Go crypto does,
 	// but the values don't fully match for rsa.PSSSaltLengthAuto (0).
@@ -404,5 +404,5 @@ func newRSAKey3(isPriv bool, n, e, d, p, q, dp, dq, qinv BigInt) (C.GO_EVP_PKEY_
 	if isPriv {
 		selection = C.GO_EVP_PKEY_KEYPAIR
 	}
-	return newEvpFromParams(C.GO_EVP_PKEY_RSA, C.int(selection), params, false)
+	return newEvpFromParams(C.GO_EVP_PKEY_RSA, C.int(selection), params)
 }