]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/30-test_evp_fetch_prov.t
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update some nits around the FIPS module
[thirdparty/openssl.git] / test / recipes / 30-test_evp_fetch_prov.t
1 #! /usr/bin/env perl
2 # Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
3 #
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
8
9 use strict;
10 use warnings;
11
12 use OpenSSL::Test qw(:DEFAULT bldtop_dir srctop_file srctop_dir bldtop_file);
13 use OpenSSL::Test::Utils;
14
15 BEGIN {
16 setup("test_evp_fetch_prov");
17 }
18
19 use lib srctop_dir('Configurations');
20 use lib bldtop_dir('.');
21 use platform;
22
23 my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
24
25 my @types = ( "digest", "cipher" );
26
27 $ENV{OPENSSL_MODULES} = bldtop_dir("providers");
28 $ENV{OPENSSL_CONF_INCLUDE} = bldtop_dir("providers");
29
30 my @setups = ();
31 my @testdata = (
32 { config => srctop_file("test", "default.cnf"),
33 providers => [ 'default' ],
34 tests => [ { providers => [] },
35 { },
36 { args => [ '-property', 'provider=default' ],
37 message => 'using property "provider=default"' },
38 { args => [ '-property', 'provider!=fips' ],
39 message => 'using property "provider!=fips"' },
40 { args => [ '-property', 'provider!=default', '-fetchfail' ],
41 message =>
42 'using property "provider!=default" is expected to fail' },
43 { args => [ '-property', 'provider=fips', '-fetchfail' ],
44 message =>
45 'using property "provider=fips" is expected to fail' } ] }
46 );
47
48 unless ($no_fips) {
49 push @setups, {
50 cmd => app(['openssl', 'fipsinstall',
51 '-out', bldtop_file('providers', 'fipsmodule.cnf'),
52 '-module', bldtop_file('providers', platform->dso('fips')),
53 '-provider_name', 'fips', '-mac_name', 'HMAC',
54 '-macopt', 'digest:SHA256', '-macopt', 'hexkey:00',
55 '-section_name', 'fips_sect']),
56 message => "fipsinstall"
57 };
58 push @testdata, (
59 { config => srctop_file("test", "fips.cnf"),
60 providers => [ 'fips' ],
61 tests => [
62 { args => [ '-property', '' ] },
63 { args => [ '-property', 'provider=fips' ],
64 message => 'using property "provider=fips"' },
65 { args => [ '-property', 'provider!=default' ],
66 message => 'using property "provider!=default"' },
67 { args => [ '-property', 'provider=default', '-fetchfail' ],
68 message =>
69 'using property "provider=default" is expected to fail' },
70 { args => [ '-property', 'provider!=fips', '-fetchfail' ],
71 message =>
72 'using property "provider!=fips" is expected to fail' },
73 { args => [ '-property', 'fips=yes' ],
74 message => 'using property "fips=yes"' },
75 { args => [ '-property', 'fips!=no' ],
76 message => 'using property "fips!=no"' },
77 { args => [ '-property', '-fips' ],
78 message => 'using property "-fips"' },
79 { args => [ '-property', 'fips=no', '-fetchfail' ],
80 message => 'using property "fips=no is expected to fail"' },
81 { args => [ '-property', 'fips!=yes', '-fetchfail' ],
82 message => 'using property "fips!=yes is expected to fail"' } ] },
83 { config => srctop_file("test", "default-and-fips.cnf"),
84 providers => [ 'default', 'fips' ],
85 tests => [
86 { args => [ '-property', '' ] },
87 { args => [ '-property', 'provider!=default' ],
88 message => 'using property "provider!=default"' },
89 { args => [ '-property', 'provider=default' ],
90 message => 'using property "provider=default"' },
91 { args => [ '-property', 'provider!=fips' ],
92 message => 'using property "provider!=fips"' },
93 { args => [ '-property', 'provider=fips' ],
94 message => 'using property "provider=fips"' },
95 { args => [ '-property', 'fips=yes' ],
96 message => 'using property "fips=yes"' },
97 { args => [ '-property', 'fips!=no' ],
98 message => 'using property "fips!=no"' },
99 { args => [ '-property', '-fips' ],
100 message => 'using property "-fips"' },
101 { args => [ '-property', 'fips=no' ],
102 message => 'using property "fips=no"' },
103 { args => [ '-property', 'fips!=yes' ],
104 message => 'using property "fips!=yes"' } ] },
105 );
106 }
107
108 my $testcount = 0;
109 foreach (@testdata) {
110 $testcount += scalar @{$_->{tests}};
111 }
112
113 plan tests => 1 + scalar @setups + $testcount * scalar(@types);
114
115 ok(run(test(["evp_fetch_prov_test", "-defaultctx"])),
116 "running evp_fetch_prov_test using the default libctx");
117
118 foreach my $setup (@setups) {
119 ok(run($setup->{cmd}), $setup->{message});
120 }
121
122 foreach my $alg (@types) {
123 foreach my $testcase (@testdata) {
124 $ENV{OPENSSL_CONF} = "";
125 foreach my $test (@{$testcase->{tests}}) {
126 my @testproviders =
127 @{ $test->{providers} // $testcase->{providers} };
128 my $testprovstr = @testproviders
129 ? ' and loaded providers ' . join(' & ',
130 map { "'$_'" } @testproviders)
131 : '';
132 my @testargs = @{ $test->{args} // [] };
133 my $testmsg =
134 defined $test->{message} ? ' '.$test->{message} : '';
135
136 my $message =
137 "running evp_fetch_prov_test with $alg$testprovstr$testmsg";
138
139 ok(run(test(["evp_fetch_prov_test", "-type", "$alg",
140 "-config", "$testcase->{config}",
141 @testargs, @testproviders])),
142 $message);
143 }
144 }
145 }
A mirror of the official openssl repository