]>
git.ipfire.org Git - thirdparty/openssl.git/blob - test/recipes/30-test_evp.t
2 # Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved.
4 # Licensed under the Apache License 2.0 (the "License"). You may not use
5 # this file except in compliance with the License. You can obtain a copy
6 # in the file LICENSE in the source distribution or at
7 # https://www.openssl.org/source/license.html
13 use OpenSSL
::Test
qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop_file);
14 use OpenSSL
::Test
::Utils
;
20 use lib srctop_dir
('Configurations');
21 use lib bldtop_dir
('.');
23 my $no_fips = disabled
('fips') || ($ENV{NO_FIPS
} // 0);
24 my $no_legacy = disabled
('legacy') || ($ENV{NO_LEGACY
} // 0);
25 my $no_des = disabled
("des");
26 my $no_dh = disabled
("dh");
27 my $no_dsa = disabled
("dsa");
28 my $no_ec = disabled
("ec");
29 my $no_ec2m = disabled
("ec2m");
30 my $no_sm2 = disabled
("sm2");
31 my $no_siv = disabled
("siv");
32 my $no_argon2 = disabled
("argon2");
34 # Default config depends on if the legacy module is built or not
35 my $defaultcnf = $no_legacy ?
'default.cnf' : 'default-and-legacy.cnf';
37 my @configs = ( $defaultcnf );
38 # Only add the FIPS config if the FIPS module has been built
39 push @configs, 'fips-and-base.cnf' unless $no_fips;
41 # A list of tests that run with both the default and fips provider.
43 evpciph_aes_ccm_cavs.txt
44 evpciph_aes_common.txt
47 evpciph_aes_stitched.txt
48 evpciph_des3_common.txt
50 evpkdf_kbkdf_counter.txt
64 evppkey_rsa_common.txt
75 push @files, qw(evppkey_dsa.txt) unless $no_dsa;
76 push @files, qw(evppkey_ecx.txt) unless $no_ec;
85 # A list of tests that only run with the default provider
86 # (i.e. The algorithms are not present in the fips provider)
92 evpciph_camellia_cts.txt
99 evpciph_rc4_stitched.txt
120 evppkey_kdf_scrypt.txt
121 evppkey_kdf_tls1_prf.txt
124 push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec;
125 push @defltfiles, qw(evppkey_ecdsa_rfc6979.txt) unless $no_ec;
126 push @defltfiles, qw(evppkey_dsa_rfc6979.txt) unless $no_dsa;
127 push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2;
128 push @defltfiles, qw(evpciph_aes_gcm_siv.txt) unless $no_siv;
129 push @defltfiles, qw(evpciph_aes_siv.txt) unless $no_siv;
130 push @defltfiles, qw(evpkdf_argon2.txt) unless $no_argon2;
133 + (scalar(@configs) * scalar(@files))
134 + scalar(@defltfiles)
135 + 3; # error output tests
138 my $conf = srctop_file
("test", $_);
140 foreach my $f ( @files ) {
141 ok
(run
(test
(["evp_test",
144 "running evp_test -config $conf $f");
148 my $conf = srctop_file
("test", $defaultcnf);
149 foreach my $f ( @defltfiles ) {
150 ok
(run
(test
(["evp_test",
153 "running evp_test -config $conf $f");
156 # test_errors OPTIONS
158 # OPTIONS may include:
160 # key => "filename" # expected to be found in $SRCDIR/test/certs
161 # out => "filename" # file to write error strings to
162 # args => [ ... extra openssl pkey args ... ]
163 # expected => regexps to match error lines against
164 sub test_errors
{ # actually tests diagnostics of OSSL_STORE
166 my $infile = srctop_file
('test', 'certs', $opts{key
});
167 my @args = ( qw(openssl pkey -in), $infile, @
{$opts{args
} // []} );
168 my $res = !run
(app
([@args], stderr
=> $opts{out
}));
169 my $found = !exists $opts{expected
};
170 open(my $in, '<', $opts{out
}) or die "Could not open file $opts{out}";
171 while(my $errline = <$in>) {
172 print $errline; # this may help debugging
174 # output must not include ASN.1 parse errors
175 $res &&= $errline !~ m/asn1 encoding/;
176 # output must include what is expressed in $opts{$expected}
178 if exists $opts{expected
} && $errline =~ m/$opts{expected}/;
181 # $tmpfile is kept to help with investigation in case of failure
182 return $res && $found;
186 skip
"DSA not disabled", 2 if !disabled
("dsa");
188 ok
(test_errors
(key
=> 'server-dsa-key.pem',
189 out
=> 'server-dsa-key.err'),
190 "expected error loading unsupported dsa private key");
191 ok
(test_errors
(key
=> 'server-dsa-pubkey.pem',
192 out
=> 'server-dsa-pubkey.err',
193 args
=> [ '-pubin' ],
194 expected
=> 'unsupported'),
195 "expected error loading unsupported dsa public key");
199 skip
"SM2 not disabled", 1 if !disabled
("sm2");
201 ok
(test_errors
(key
=> 'sm2.key', out
=> 'sm2.err'),
202 "expected error loading unsupported sm2 private key");