]>
Commit | Line | Data |
---|---|---|
596d6b7e | 1 | #! /usr/bin/env perl |
8020d79b | 2 | # Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. |
596d6b7e | 3 | # |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
596d6b7e RS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
4fb35f8f RL |
9 | |
10 | use strict; | |
11 | use warnings; | |
12 | ||
7bb82f92 | 13 | use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop_file); |
23ccf13d | 14 | use OpenSSL::Test::Utils; |
4fb35f8f | 15 | |
7bb82f92 | 16 | BEGIN { |
5ccada09 | 17 | setup("test_evp"); |
7bb82f92 SL |
18 | } |
19 | ||
20 | use lib srctop_dir('Configurations'); | |
21 | use lib bldtop_dir('.'); | |
4fb35f8f | 22 | |
e0d952fc RL |
23 | my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); |
24 | my $no_legacy = disabled('legacy') || ($ENV{NO_LEGACY} // 0); | |
5e26c339 DDO |
25 | my $no_dh = disabled("dh"); |
26 | my $no_dsa = disabled("dsa"); | |
27 | my $no_ec = disabled("ec"); | |
28 | my $no_gost = disabled("gost"); | |
29 | my $no_sm2 = disabled("sm2"); | |
e0d952fc | 30 | |
23ccf13d | 31 | # Default config depends on if the legacy module is built or not |
e0d952fc | 32 | my $defaultcnf = $no_legacy ? 'default.cnf' : 'default-and-legacy.cnf'; |
23ccf13d RL |
33 | |
34 | my @configs = ( $defaultcnf ); | |
35 | # Only add the FIPS config if the FIPS module has been built | |
7192e4df | 36 | push @configs, 'fips-and-base.cnf' unless $no_fips; |
23ccf13d | 37 | |
5ccada09 SL |
38 | # A list of tests that run with both the default and fips provider. |
39 | my @files = qw( | |
40 | evpciph_aes_ccm_cavs.txt | |
41 | evpciph_aes_common.txt | |
3dafbd44 | 42 | evpciph_aes_cts.txt |
8ea761bf | 43 | evpciph_aes_wrap.txt |
5ccada09 SL |
44 | evpciph_des3_common.txt |
45 | evpkdf_hkdf.txt | |
46 | evpkdf_pbkdf2.txt | |
47 | evpkdf_ss.txt | |
48 | evpkdf_ssh.txt | |
49 | evpkdf_tls12_prf.txt | |
89cccbea | 50 | evpkdf_x942.txt |
5ccada09 SL |
51 | evpkdf_x963.txt |
52 | evpmac_common.txt | |
53 | evpmd_sha.txt | |
54 | evppbe_pbkdf2.txt | |
5e26c339 DDO |
55 | evppkey_kdf_hkdf.txt |
56 | evppkey_rsa_common.txt | |
57 | evprand.txt | |
58 | ); | |
59 | push @files, qw(evppkey_ffdhe.txt) unless $no_dh; | |
60 | push @files, qw(evppkey_dsa.txt) unless $no_dsa; | |
61 | push @files, qw(evppkey_ecx.txt) unless $no_ec; | |
62 | push @files, qw( | |
96b92410 RL |
63 | evppkey_ecc.txt |
64 | evppkey_ecdh.txt | |
5ccada09 | 65 | evppkey_ecdsa.txt |
5ccada09 | 66 | evppkey_kas.txt |
5ccada09 | 67 | evppkey_mismatch.txt |
5e26c339 | 68 | ) unless $no_ec || $no_gost; |
5ccada09 SL |
69 | |
70 | # A list of tests that only run with the default provider | |
71 | # (i.e. The algorithms are not present in the fips provider) | |
72 | my @defltfiles = qw( | |
5ccada09 SL |
73 | evpciph_aes_ocb.txt |
74 | evpciph_aes_siv.txt | |
75 | evpciph_aria.txt | |
76 | evpciph_bf.txt | |
77 | evpciph_camellia.txt | |
78 | evpciph_cast5.txt | |
79 | evpciph_chacha.txt | |
80 | evpciph_des.txt | |
81 | evpciph_idea.txt | |
82 | evpciph_rc2.txt | |
83 | evpciph_rc4.txt | |
84 | evpciph_rc5.txt | |
85 | evpciph_seed.txt | |
86 | evpciph_sm4.txt | |
87 | evpencod.txt | |
88 | evpkdf_krb5.txt | |
89 | evpkdf_scrypt.txt | |
90 | evpkdf_tls11_prf.txt | |
5ccada09 SL |
91 | evpmac_blake.txt |
92 | evpmac_poly1305.txt | |
93 | evpmac_siphash.txt | |
94 | evpmd_blake.txt | |
95 | evpmd_md.txt | |
96 | evpmd_mdc2.txt | |
97 | evpmd_ripemd.txt | |
98 | evpmd_sm3.txt | |
99 | evpmd_whirlpool.txt | |
100 | evppbe_scrypt.txt | |
0e53cd52 | 101 | evppbe_pkcs12.txt |
5ccada09 SL |
102 | evppkey_kdf_scrypt.txt |
103 | evppkey_kdf_tls1_prf.txt | |
3f699197 | 104 | evppkey_rsa.txt |
5ccada09 | 105 | ); |
5e26c339 DDO |
106 | push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; |
107 | push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; | |
ed5cb177 | 108 | |
e0d952fc | 109 | plan tests => |
e0d952fc | 110 | + (scalar(@configs) * scalar(@files)) |
66066e1b DDO |
111 | + scalar(@defltfiles) |
112 | + 3; # error output tests | |
e0d952fc | 113 | |
e2f72313 | 114 | foreach (@configs) { |
5ccada09 | 115 | my $conf = srctop_file("test", $_); |
e2f72313 RL |
116 | |
117 | foreach my $f ( @files ) { | |
5ccada09 SL |
118 | ok(run(test(["evp_test", |
119 | "-config", $conf, | |
120 | data_file("$f")])), | |
121 | "running evp_test -config $conf $f"); | |
e2f72313 | 122 | } |
6b7b3433 | 123 | } |
f305ecda | 124 | |
5ccada09 | 125 | my $conf = srctop_file("test", $defaultcnf); |
f305ecda | 126 | foreach my $f ( @defltfiles ) { |
5ccada09 SL |
127 | ok(run(test(["evp_test", |
128 | "-config", $conf, | |
129 | data_file("$f")])), | |
130 | "running evp_test -config $conf $f"); | |
f305ecda | 131 | } |
66066e1b DDO |
132 | |
133 | sub test_errors { # actually tests diagnostics of OSSL_STORE | |
134 | my ($expected, $key, @opts) = @_; | |
135 | my $infile = srctop_file('test', 'certs', $key); | |
136 | my @args = qw(openssl pkey -in); | |
137 | push(@args, $infile, @opts); | |
138 | my $tmpfile = 'out.txt'; | |
139 | my $res = !run(app([@args], stderr => $tmpfile)); | |
140 | my $found = 0; | |
141 | open(my $in, '<', $tmpfile) or die "Could not open file $tmpfile"; | |
142 | while(<$in>) { | |
143 | print; # this may help debugging | |
144 | $res &&= !m/asn1 encoding/; # output must not include ASN.1 parse errors | |
145 | $found = 1 if m/$expected/; # output must include $expected | |
146 | } | |
147 | close $in; | |
148 | # $tmpfile is kept to help with investigation in case of failure | |
149 | return $res && $found; | |
150 | } | |
151 | ||
152 | SKIP: { | |
153 | skip "DSA not disabled", 2 if !disabled("dsa"); | |
154 | ||
155 | ok(test_errors("unsupported algorithm", "server-dsa-key.pem"), | |
156 | "error loading unsupported dsa private key"); | |
157 | ok(test_errors("unsupported algorithm", "server-dsa-pubkey.pem", "-pubin"), | |
158 | "error loading unsupported dsa public key"); | |
159 | } | |
160 | ||
161 | SKIP: { | |
162 | skip "sm2 not disabled", 1 if !disabled("sm2"); | |
163 | ||
164 | ok(test_errors("unknown group|unsupported algorithm", "sm2.key"), | |
165 | "error loading unsupported sm2 private key"); | |
166 | } |