Added negative testing for initialized keys

Author: jakemas

crypto/evp_extra/p_kem_test.cc

@@ -927,3 +927,44 @@ TEST(KEMTest, InvalidSeedLength) {
 
   OPENSSL_free(der_priv);
 }
+
+TEST_P(KEMTest, SetRawKeypairFromSeedOnInitializedKey) {
+  // Test that KEM_KEY_set_raw_keypair_from_seed fails when called on an
+  // already initialized key. This should trigger the "Ensure key is uninitialized"
+  // check and fail with ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
+  
+  const KEMTestVector &test = GetParam();
+  
+  // ---- 1. Create and initialize a KEM_KEY ----
+  KEM_KEY *key = KEM_KEY_new();
+  ASSERT_TRUE(key);
+  
+  const KEM *kem = KEM_find_kem_by_nid(test.nid);
+  ASSERT_TRUE(kem);
+  ASSERT_TRUE(KEM_KEY_init(key, kem));
+  
+  // ---- 2. Pre-initialize the key by setting a public key ----
+  std::vector<uint8_t> dummy_public_key(kem->public_key_len, 0x42);
+  ASSERT_TRUE(KEM_KEY_set_raw_public_key(key, dummy_public_key.data()));
+  
+  // ---- 3. Create a valid 64-byte seed ----
+  std::vector<uint8_t> seed(64);
+  for (size_t i = 0; i < 64; i++) {
+    seed[i] = static_cast<uint8_t>(i);
+  }
+  
+  CBS seed_cbs;
+  CBS_init(&seed_cbs, seed.data(), seed.size());
+  
+  // ---- 4. Try to call KEM_KEY_set_raw_keypair_from_seed on the already initialized key ----
+  // This should fail because key->public_key is not NULL
+  ASSERT_FALSE(KEM_KEY_set_raw_keypair_from_seed(key, &seed_cbs));
+  
+  // ---- 5. Verify the correct error was set ----
+  uint32_t err = ERR_get_error();
+  EXPECT_EQ(ERR_GET_LIB(err), ERR_LIB_CRYPTO);
+  EXPECT_EQ(ERR_GET_REASON(err), ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+  
+  // ---- 6. Clean up ----
+  KEM_KEY_free(key);
+}