]>
Commit | Line | Data |
---|---|---|
596d6b7e | 1 | #! /usr/bin/env perl |
8020d79b | 2 | # Copyright 2015-2021 The OpenSSL Project Authors. All Rights Reserved. |
596d6b7e | 3 | # |
909f1a2e | 4 | # Licensed under the Apache License 2.0 (the "License"). You may not use |
596d6b7e RS |
5 | # this file except in compliance with the License. You can obtain a copy |
6 | # in the file LICENSE in the source distribution or at | |
7 | # https://www.openssl.org/source/license.html | |
8 | ||
4fb35f8f RL |
9 | |
10 | use strict; | |
11 | use warnings; | |
12 | ||
7bb82f92 | 13 | use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop_file); |
23ccf13d | 14 | use OpenSSL::Test::Utils; |
4fb35f8f | 15 | |
7bb82f92 | 16 | BEGIN { |
5ccada09 | 17 | setup("test_evp"); |
7bb82f92 SL |
18 | } |
19 | ||
20 | use lib srctop_dir('Configurations'); | |
21 | use lib bldtop_dir('.'); | |
4fb35f8f | 22 | |
e0d952fc RL |
23 | my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); |
24 | my $no_legacy = disabled('legacy') || ($ENV{NO_LEGACY} // 0); | |
45e72d1f | 25 | my $no_des = disabled("des"); |
5e26c339 DDO |
26 | my $no_dh = disabled("dh"); |
27 | my $no_dsa = disabled("dsa"); | |
28 | my $no_ec = disabled("ec"); | |
4032cd9a | 29 | my $no_ecx = disabled("ecx"); |
6b3d2875 | 30 | my $no_ec2m = disabled("ec2m"); |
5e26c339 | 31 | my $no_sm2 = disabled("sm2"); |
0113ec84 | 32 | my $no_siv = disabled("siv"); |
6dfa998f | 33 | my $no_argon2 = disabled("argon2"); |
e0d952fc | 34 | |
23ccf13d | 35 | # Default config depends on if the legacy module is built or not |
e0d952fc | 36 | my $defaultcnf = $no_legacy ? 'default.cnf' : 'default-and-legacy.cnf'; |
23ccf13d RL |
37 | |
38 | my @configs = ( $defaultcnf ); | |
39 | # Only add the FIPS config if the FIPS module has been built | |
7192e4df | 40 | push @configs, 'fips-and-base.cnf' unless $no_fips; |
23ccf13d | 41 | |
5ccada09 SL |
42 | # A list of tests that run with both the default and fips provider. |
43 | my @files = qw( | |
44 | evpciph_aes_ccm_cavs.txt | |
45 | evpciph_aes_common.txt | |
3dafbd44 | 46 | evpciph_aes_cts.txt |
8ea761bf | 47 | evpciph_aes_wrap.txt |
f53c079f | 48 | evpciph_aes_stitched.txt |
c69cf38e | 49 | evpciph_des3_common.txt |
5ccada09 | 50 | evpkdf_hkdf.txt |
0e9a265e | 51 | evpkdf_kbkdf_counter.txt |
211c47ca | 52 | evpkdf_kbkdf_kmac.txt |
0f183675 | 53 | evpkdf_pbkdf1.txt |
5ccada09 SL |
54 | evpkdf_pbkdf2.txt |
55 | evpkdf_ss.txt | |
56 | evpkdf_ssh.txt | |
57 | evpkdf_tls12_prf.txt | |
d209fc6c | 58 | evpkdf_tls13_kdf.txt |
89cccbea | 59 | evpkdf_x942.txt |
5ccada09 SL |
60 | evpkdf_x963.txt |
61 | evpmac_common.txt | |
62 | evpmd_sha.txt | |
63 | evppbe_pbkdf2.txt | |
5e26c339 DDO |
64 | evppkey_kdf_hkdf.txt |
65 | evppkey_rsa_common.txt | |
66 | evprand.txt | |
67 | ); | |
46eee710 SL |
68 | push @files, qw( |
69 | evppkey_ffdhe.txt | |
70 | evppkey_dh.txt | |
71 | ) unless $no_dh; | |
45e72d1f P |
72 | push @files, qw( |
73 | evpkdf_x942_des.txt | |
c69cf38e | 74 | evpmac_cmac_des.txt |
45e72d1f | 75 | ) unless $no_des; |
5e26c339 | 76 | push @files, qw(evppkey_dsa.txt) unless $no_dsa; |
4032cd9a YL |
77 | push @files, qw( |
78 | evppkey_ecx.txt | |
79 | evppkey_mismatch_ecx.txt | |
80 | ) unless $no_ecx; | |
5e26c339 | 81 | push @files, qw( |
96b92410 RL |
82 | evppkey_ecc.txt |
83 | evppkey_ecdh.txt | |
5ccada09 | 84 | evppkey_ecdsa.txt |
5ccada09 | 85 | evppkey_kas.txt |
5ccada09 | 86 | evppkey_mismatch.txt |
9ba4f489 | 87 | ) unless $no_ec; |
5ccada09 SL |
88 | |
89 | # A list of tests that only run with the default provider | |
90 | # (i.e. The algorithms are not present in the fips provider) | |
91 | my @defltfiles = qw( | |
5ccada09 | 92 | evpciph_aes_ocb.txt |
5ccada09 SL |
93 | evpciph_aria.txt |
94 | evpciph_bf.txt | |
95 | evpciph_camellia.txt | |
7f5a9399 | 96 | evpciph_camellia_cts.txt |
5ccada09 SL |
97 | evpciph_cast5.txt |
98 | evpciph_chacha.txt | |
99 | evpciph_des.txt | |
100 | evpciph_idea.txt | |
101 | evpciph_rc2.txt | |
102 | evpciph_rc4.txt | |
f53c079f | 103 | evpciph_rc4_stitched.txt |
5ccada09 SL |
104 | evpciph_rc5.txt |
105 | evpciph_seed.txt | |
106 | evpciph_sm4.txt | |
107 | evpencod.txt | |
108 | evpkdf_krb5.txt | |
109 | evpkdf_scrypt.txt | |
110 | evpkdf_tls11_prf.txt | |
f3090fc7 | 111 | evpkdf_hmac_drbg.txt |
5ccada09 SL |
112 | evpmac_blake.txt |
113 | evpmac_poly1305.txt | |
114 | evpmac_siphash.txt | |
0648ec1c | 115 | evpmac_sm3.txt |
5ccada09 SL |
116 | evpmd_blake.txt |
117 | evpmd_md.txt | |
118 | evpmd_mdc2.txt | |
119 | evpmd_ripemd.txt | |
120 | evpmd_sm3.txt | |
121 | evpmd_whirlpool.txt | |
122 | evppbe_scrypt.txt | |
0e53cd52 | 123 | evppbe_pkcs12.txt |
5ccada09 SL |
124 | evppkey_kdf_scrypt.txt |
125 | evppkey_kdf_tls1_prf.txt | |
3f699197 | 126 | evppkey_rsa.txt |
5ccada09 | 127 | ); |
5e26c339 | 128 | push @defltfiles, qw(evppkey_brainpool.txt) unless $no_ec; |
6b3d2875 | 129 | push @defltfiles, qw(evppkey_ecdsa_rfc6979.txt) unless $no_ec; |
130 | push @defltfiles, qw(evppkey_dsa_rfc6979.txt) unless $no_dsa; | |
5e26c339 | 131 | push @defltfiles, qw(evppkey_sm2.txt) unless $no_sm2; |
a5ad0158 | 132 | push @defltfiles, qw(evpciph_aes_gcm_siv.txt) unless $no_siv; |
0113ec84 | 133 | push @defltfiles, qw(evpciph_aes_siv.txt) unless $no_siv; |
6dfa998f | 134 | push @defltfiles, qw(evpkdf_argon2.txt) unless $no_argon2; |
ed5cb177 | 135 | |
e0d952fc | 136 | plan tests => |
e0d952fc | 137 | + (scalar(@configs) * scalar(@files)) |
66066e1b DDO |
138 | + scalar(@defltfiles) |
139 | + 3; # error output tests | |
e0d952fc | 140 | |
e2f72313 | 141 | foreach (@configs) { |
5ccada09 | 142 | my $conf = srctop_file("test", $_); |
e2f72313 RL |
143 | |
144 | foreach my $f ( @files ) { | |
5ccada09 SL |
145 | ok(run(test(["evp_test", |
146 | "-config", $conf, | |
147 | data_file("$f")])), | |
148 | "running evp_test -config $conf $f"); | |
e2f72313 | 149 | } |
6b7b3433 | 150 | } |
f305ecda | 151 | |
5ccada09 | 152 | my $conf = srctop_file("test", $defaultcnf); |
f305ecda | 153 | foreach my $f ( @defltfiles ) { |
5ccada09 SL |
154 | ok(run(test(["evp_test", |
155 | "-config", $conf, | |
156 | data_file("$f")])), | |
157 | "running evp_test -config $conf $f"); | |
f305ecda | 158 | } |
66066e1b | 159 | |
55d9ccca RL |
160 | # test_errors OPTIONS |
161 | # | |
162 | # OPTIONS may include: | |
163 | # | |
164 | # key => "filename" # expected to be found in $SRCDIR/test/certs | |
165 | # out => "filename" # file to write error strings to | |
166 | # args => [ ... extra openssl pkey args ... ] | |
167 | # expected => regexps to match error lines against | |
66066e1b | 168 | sub test_errors { # actually tests diagnostics of OSSL_STORE |
55d9ccca RL |
169 | my %opts = @_; |
170 | my $infile = srctop_file('test', 'certs', $opts{key}); | |
171 | my @args = ( qw(openssl pkey -in), $infile, @{$opts{args} // []} ); | |
172 | my $res = !run(app([@args], stderr => $opts{out})); | |
173 | my $found = !exists $opts{expected}; | |
174 | open(my $in, '<', $opts{out}) or die "Could not open file $opts{out}"; | |
175 | while(my $errline = <$in>) { | |
176 | print $errline; # this may help debugging | |
177 | ||
178 | # output must not include ASN.1 parse errors | |
179 | $res &&= $errline !~ m/asn1 encoding/; | |
180 | # output must include what is expressed in $opts{$expected} | |
181 | $found = 1 | |
182 | if exists $opts{expected} && $errline =~ m/$opts{expected}/; | |
66066e1b DDO |
183 | } |
184 | close $in; | |
185 | # $tmpfile is kept to help with investigation in case of failure | |
186 | return $res && $found; | |
187 | } | |
188 | ||
189 | SKIP: { | |
190 | skip "DSA not disabled", 2 if !disabled("dsa"); | |
191 | ||
55d9ccca RL |
192 | ok(test_errors(key => 'server-dsa-key.pem', |
193 | out => 'server-dsa-key.err'), | |
194 | "expected error loading unsupported dsa private key"); | |
195 | ok(test_errors(key => 'server-dsa-pubkey.pem', | |
196 | out => 'server-dsa-pubkey.err', | |
197 | args => [ '-pubin' ], | |
7aef2000 | 198 | expected => 'unsupported'), |
55d9ccca | 199 | "expected error loading unsupported dsa public key"); |
66066e1b DDO |
200 | } |
201 | ||
202 | SKIP: { | |
55d9ccca | 203 | skip "SM2 not disabled", 1 if !disabled("sm2"); |
66066e1b | 204 | |
55d9ccca RL |
205 | ok(test_errors(key => 'sm2.key', out => 'sm2.err'), |
206 | "expected error loading unsupported sm2 private key"); | |
66066e1b | 207 | } |