]>
Commit | Line | Data |
---|---|---|
596d6b7e | 1 | #! /usr/bin/env perl |
8020d79b | 2 | # Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. |
596d6b7e | 3 | # |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
596d6b7e RS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
4fb35f8f RL |
9 | |
10 | use strict; | |
11 | use warnings; | |
12 | ||
7bb82f92 | 13 | use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop_file); |
23ccf13d | 14 | use OpenSSL::Test::Utils; |
4fb35f8f | 15 | |
7bb82f92 | 16 | BEGIN { |
5ccada09 | 17 | setup("test_evp"); |
7bb82f92 SL |
18 | } |
19 | ||
20 | use lib srctop_dir('Configurations'); | |
21 | use lib bldtop_dir('.'); | |
4fb35f8f | 22 | |
e0d952fc RL |
23 | my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); |
24 | my $no_legacy = disabled('legacy') || ($ENV{NO_LEGACY} // 0); | |
45e72d1f | 25 | my $no_des = disabled("des"); |
5e26c339 DDO |
26 | my $no_dh = disabled("dh"); |
27 | my $no_dsa = disabled("dsa"); | |
28 | my $no_ec = disabled("ec"); | |
29 | my $no_gost = disabled("gost"); | |
30 | my $no_sm2 = disabled("sm2"); | |
0113ec84 | 31 | my $no_siv = disabled("siv"); |
e0d952fc | 32 | |
23ccf13d | 33 | # Default config depends on if the legacy module is built or not |
e0d952fc | 34 | my $defaultcnf = $no_legacy ? 'default.cnf' : 'default-and-legacy.cnf'; |
23ccf13d RL |
35 | |
36 | my @configs = ( $defaultcnf ); | |
37 | # Only add the FIPS config if the FIPS module has been built | |
7192e4df | 38 | push @configs, 'fips-and-base.cnf' unless $no_fips; |
23ccf13d | 39 | |
5ccada09 SL |
40 | # A list of tests that run with both the default and fips provider. |
41 | my @files = qw( | |
42 | evpciph_aes_ccm_cavs.txt | |
43 | evpciph_aes_common.txt | |
3dafbd44 | 44 | evpciph_aes_cts.txt |
8ea761bf | 45 | evpciph_aes_wrap.txt |
f53c079f | 46 | evpciph_aes_stitched.txt |
5ccada09 SL |
47 | evpciph_des3_common.txt |
48 | evpkdf_hkdf.txt | |
0e9a265e | 49 | evpkdf_kbkdf_counter.txt |
0f183675 | 50 | evpkdf_pbkdf1.txt |
5ccada09 SL |
51 | evpkdf_pbkdf2.txt |
52 | evpkdf_ss.txt | |
53 | evpkdf_ssh.txt | |
54 | evpkdf_tls12_prf.txt | |
d209fc6c | 55 | evpkdf_tls13_kdf.txt |
89cccbea | 56 | evpkdf_x942.txt |
5ccada09 SL |
57 | evpkdf_x963.txt |
58 | evpmac_common.txt | |
59 | evpmd_sha.txt | |
60 | evppbe_pbkdf2.txt | |
5e26c339 DDO |
61 | evppkey_kdf_hkdf.txt |
62 | evppkey_rsa_common.txt | |
63 | evprand.txt | |
64 | ); | |
46eee710 SL |
65 | push @files, qw( |
66 | evppkey_ffdhe.txt | |
67 | evppkey_dh.txt | |
68 | ) unless $no_dh; | |
45e72d1f P |
69 | push @files, qw( |
70 | evpkdf_x942_des.txt | |
71 | evpmac_cmac_des.txt | |
72 | ) unless $no_des; | |
5e26c339 DDO |
73 | push @files, qw(evppkey_dsa.txt) unless $no_dsa; |
74 | push @files, qw(evppkey_ecx.txt) unless $no_ec; | |
75 | push @files, qw( | |
96b92410 RL |
76 | evppkey_ecc.txt |
77 | evppkey_ecdh.txt | |
5ccada09 | 78 | evppkey_ecdsa.txt |
5ccada09 | 79 | evppkey_kas.txt |
5ccada09 | 80 | evppkey_mismatch.txt |
46eee710 | 81 | ) unless $no_ec || $no_gost; |
5ccada09 SL |
82 | |
83 | # A list of tests that only run with the default provider | |
84 | # (i.e. The algorithms are not present in the fips provider) | |
85 | my @defltfiles = qw( | |
5ccada09 | 86 | evpciph_aes_ocb.txt |
5ccada09 SL |
87 | evpciph_aria.txt |
88 | evpciph_bf.txt | |
89 | evpciph_camellia.txt | |
7f5a9399 | 90 | evpciph_camellia_cts.txt |
5ccada09 SL |
91 | evpciph_cast5.txt |
92 | evpciph_chacha.txt | |
93 | evpciph_des.txt | |
94 | evpciph_idea.txt | |
95 | evpciph_rc2.txt | |
96 | evpciph_rc4.txt | |
f53c079f | 97 | evpciph_rc4_stitched.txt |
5ccada09 SL |
98 | evpciph_rc5.txt |
99 | evpciph_seed.txt | |
100 | evpciph_sm4.txt | |
101 | evpencod.txt | |
102 | evpkdf_krb5.txt | |
103 | evpkdf_scrypt.txt | |
104 | evpkdf_tls11_prf.txt | |
5ccada09 SL |
105 | evpmac_blake.txt |
106 | evpmac_poly1305.txt | |
107 | evpmac_siphash.txt | |
0648ec1c | 108 | evpmac_sm3.txt |
5ccada09 SL |
109 | evpmd_blake.txt |
110 | evpmd_md.txt | |
111 | evpmd_mdc2.txt | |
112 | evpmd_ripemd.txt | |
113 | evpmd_sm3.txt | |
114 | evpmd_whirlpool.txt | |
115 | evppbe_scrypt.txt | |
0e53cd52 | 116 | evppbe_pkcs12.txt |
5ccada09 SL |
117 | evppkey_kdf_scrypt.txt |
118 | evppkey_kdf_tls1_prf.txt | |
3f699197 | 119 | evppkey_rsa.txt |
5ccada09 | 120 | ); |
5e26c339 DDO |
121 | push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; |
122 | push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; | |
0113ec84 TS |
123 | push @defltfiles, qw(evpciph_aes_gcm_siv.txt) unless $no_siv; |
124 | push @defltfiles, qw(evpciph_aes_siv.txt) unless $no_siv; | |
ed5cb177 | 125 | |
e0d952fc | 126 | plan tests => |
e0d952fc | 127 | + (scalar(@configs) * scalar(@files)) |
66066e1b DDO |
128 | + scalar(@defltfiles) |
129 | + 3; # error output tests | |
e0d952fc | 130 | |
e2f72313 | 131 | foreach (@configs) { |
5ccada09 | 132 | my $conf = srctop_file("test", $_); |
e2f72313 RL |
133 | |
134 | foreach my $f ( @files ) { | |
5ccada09 SL |
135 | ok(run(test(["evp_test", |
136 | "-config", $conf, | |
137 | data_file("$f")])), | |
138 | "running evp_test -config $conf $f"); | |
e2f72313 | 139 | } |
6b7b3433 | 140 | } |
f305ecda | 141 | |
5ccada09 | 142 | my $conf = srctop_file("test", $defaultcnf); |
f305ecda | 143 | foreach my $f ( @defltfiles ) { |
5ccada09 SL |
144 | ok(run(test(["evp_test", |
145 | "-config", $conf, | |
146 | data_file("$f")])), | |
147 | "running evp_test -config $conf $f"); | |
f305ecda | 148 | } |
66066e1b | 149 | |
55d9ccca RL |
150 | # test_errors OPTIONS |
151 | # | |
152 | # OPTIONS may include: | |
153 | # | |
154 | # key => "filename" # expected to be found in $SRCDIR/test/certs | |
155 | # out => "filename" # file to write error strings to | |
156 | # args => [ ... extra openssl pkey args ... ] | |
157 | # expected => regexps to match error lines against | |
66066e1b | 158 | sub test_errors { # actually tests diagnostics of OSSL_STORE |
55d9ccca RL |
159 | my %opts = @_; |
160 | my $infile = srctop_file('test', 'certs', $opts{key}); | |
161 | my @args = ( qw(openssl pkey -in), $infile, @{$opts{args} // []} ); | |
162 | my $res = !run(app([@args], stderr => $opts{out})); | |
163 | my $found = !exists $opts{expected}; | |
164 | open(my $in, '<', $opts{out}) or die "Could not open file $opts{out}"; | |
165 | while(my $errline = <$in>) { | |
166 | print $errline; # this may help debugging | |
167 | ||
168 | # output must not include ASN.1 parse errors | |
169 | $res &&= $errline !~ m/asn1 encoding/; | |
170 | # output must include what is expressed in $opts{$expected} | |
171 | $found = 1 | |
172 | if exists $opts{expected} && $errline =~ m/$opts{expected}/; | |
66066e1b DDO |
173 | } |
174 | close $in; | |
175 | # $tmpfile is kept to help with investigation in case of failure | |
176 | return $res && $found; | |
177 | } | |
178 | ||
179 | SKIP: { | |
180 | skip "DSA not disabled", 2 if !disabled("dsa"); | |
181 | ||
55d9ccca RL |
182 | ok(test_errors(key => 'server-dsa-key.pem', |
183 | out => 'server-dsa-key.err'), | |
184 | "expected error loading unsupported dsa private key"); | |
185 | ok(test_errors(key => 'server-dsa-pubkey.pem', | |
186 | out => 'server-dsa-pubkey.err', | |
187 | args => [ '-pubin' ], | |
7aef2000 | 188 | expected => 'unsupported'), |
55d9ccca | 189 | "expected error loading unsupported dsa public key"); |
66066e1b DDO |
190 | } |
191 | ||
192 | SKIP: { | |
55d9ccca | 193 | skip "SM2 not disabled", 1 if !disabled("sm2"); |
66066e1b | 194 | |
55d9ccca RL |
195 | ok(test_errors(key => 'sm2.key', out => 'sm2.err'), |
196 | "expected error loading unsupported sm2 private key"); | |
66066e1b | 197 | } |