]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/provider_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix BIO_get_new_index() to return an error when it is exhausted.
[thirdparty/openssl.git] / test / provider_test.c
1 /*
2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stddef.h>
11 #include <openssl/provider.h>
12 #include <openssl/param_build.h>
13 #include "testutil.h"
14
15 extern OSSL_provider_init_fn PROVIDER_INIT_FUNCTION_NAME;
16
17 static char buf[256];
18 static OSSL_PARAM greeting_request[] = {
19 { "greeting", OSSL_PARAM_UTF8_STRING, buf, sizeof(buf) },
20 { NULL, 0, NULL, 0, 0 }
21 };
22
23 static unsigned int digestsuccess = 0;
24 static OSSL_PARAM digest_check[] = {
25 { "digest-check", OSSL_PARAM_UNSIGNED_INTEGER, &digestsuccess,
26 sizeof(digestsuccess) },
27 { NULL, 0, NULL, 0, 0 }
28 };
29
30 static unsigned int stopsuccess = 0;
31 static OSSL_PARAM stop_property_mirror[] = {
32 { "stop-property-mirror", OSSL_PARAM_UNSIGNED_INTEGER, &stopsuccess,
33 sizeof(stopsuccess) },
34 { NULL, 0, NULL, 0, 0 }
35 };
36
37 static int test_provider(OSSL_LIB_CTX **libctx, const char *name,
38 OSSL_PROVIDER *legacy)
39 {
40 OSSL_PROVIDER *prov = NULL;
41 const char *greeting = NULL;
42 char expected_greeting[256];
43 int ok = 0;
44 long err;
45 int dolegacycheck = (legacy != NULL);
46 OSSL_PROVIDER *deflt = NULL, *base = NULL;
47
48 BIO_snprintf(expected_greeting, sizeof(expected_greeting),
49 "Hello OpenSSL %.20s, greetings from %s!",
50 OPENSSL_VERSION_STR, name);
51
52
53 /*
54 * We set properties that we know the providers we are using don't have.
55 * This should mean that the p_test provider will fail any fetches - which
56 * is something we test inside the provider.
57 */
58 EVP_set_default_properties(*libctx, "fips=yes");
59 /*
60 * Check that it is possible to have a built-in provider mirrored in
61 * a child lib ctx.
62 */
63 if (!TEST_ptr(base = OSSL_PROVIDER_load(*libctx, "base")))
64 goto err;
65 if (!TEST_ptr(prov = OSSL_PROVIDER_load(*libctx, name)))
66 goto err;
67
68 /*
69 * Once the provider is loaded we clear the default properties and fetches
70 * should start working again.
71 */
72 EVP_set_default_properties(*libctx, "");
73 if (dolegacycheck) {
74 if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
75 || !TEST_true(digestsuccess))
76 goto err;
77
78 /*
79 * Check that a provider can prevent property mirroring if it sets its
80 * own properties explicitly
81 */
82 if (!TEST_true(OSSL_PROVIDER_get_params(prov, stop_property_mirror))
83 || !TEST_true(stopsuccess))
84 goto err;
85 EVP_set_default_properties(*libctx, "fips=yes");
86 if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
87 || !TEST_true(digestsuccess))
88 goto err;
89 EVP_set_default_properties(*libctx, "");
90 }
91 if (!TEST_true(OSSL_PROVIDER_get_params(prov, greeting_request))
92 || !TEST_ptr(greeting = greeting_request[0].data)
93 || !TEST_size_t_gt(greeting_request[0].data_size, 0)
94 || !TEST_str_eq(greeting, expected_greeting))
95 goto err;
96
97 /* Make sure we got the error we were expecting */
98 err = ERR_peek_last_error();
99 if (!TEST_int_gt(err, 0)
100 || !TEST_int_eq(ERR_GET_REASON(err), 1))
101 goto err;
102
103 OSSL_PROVIDER_unload(legacy);
104 legacy = NULL;
105
106 if (dolegacycheck) {
107 /* Legacy provider should also be unloaded from child libctx */
108 if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
109 || !TEST_false(digestsuccess))
110 goto err;
111 /*
112 * Loading the legacy provider again should make it available again in
113 * the child libctx. Loading and unloading the default provider should
114 * have no impact on the child because the child loads it explicitly
115 * before this point.
116 */
117 legacy = OSSL_PROVIDER_load(*libctx, "legacy");
118 deflt = OSSL_PROVIDER_load(*libctx, "default");
119 if (!TEST_ptr(deflt)
120 || !TEST_true(OSSL_PROVIDER_available(*libctx, "default")))
121 goto err;
122 OSSL_PROVIDER_unload(deflt);
123 deflt = NULL;
124 if (!TEST_ptr(legacy)
125 || !TEST_false(OSSL_PROVIDER_available(*libctx, "default"))
126 || !TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
127 || !TEST_true(digestsuccess))
128 goto err;
129 OSSL_PROVIDER_unload(legacy);
130 legacy = NULL;
131 }
132
133 if (!TEST_true(OSSL_PROVIDER_unload(base)))
134 goto err;
135 base = NULL;
136 if (!TEST_true(OSSL_PROVIDER_unload(prov)))
137 goto err;
138 prov = NULL;
139
140 /*
141 * We must free the libctx to force the provider to really be unloaded from
142 * memory
143 */
144 OSSL_LIB_CTX_free(*libctx);
145 *libctx = NULL;
146
147 /* We print out all the data to make sure it can still be accessed */
148 ERR_print_errors_fp(stderr);
149 ok = 1;
150 err:
151 OSSL_PROVIDER_unload(base);
152 OSSL_PROVIDER_unload(deflt);
153 OSSL_PROVIDER_unload(legacy);
154 legacy = NULL;
155 OSSL_PROVIDER_unload(prov);
156 OSSL_LIB_CTX_free(*libctx);
157 *libctx = NULL;
158 return ok;
159 }
160
161 #ifndef NO_PROVIDER_MODULE
162 static int test_provider_ex(OSSL_LIB_CTX **libctx, const char *name)
163 {
164 OSSL_PROVIDER *prov = NULL;
165 const char *greeting = NULL;
166 int ok = 0;
167 long err;
168 const char custom_buf[] = "Custom greeting";
169 OSSL_PARAM_BLD *bld = NULL;
170 OSSL_PARAM *params = NULL;
171
172 if (!TEST_ptr(bld = OSSL_PARAM_BLD_new())
173 || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, "greeting", custom_buf,
174 strlen(custom_buf)))
175 || !TEST_ptr(params = OSSL_PARAM_BLD_to_param(bld))) {
176 goto err;
177 }
178
179 if (!TEST_ptr(prov = OSSL_PROVIDER_load_ex(*libctx, name, params)))
180 goto err;
181
182 if (!TEST_true(OSSL_PROVIDER_get_params(prov, greeting_request))
183 || !TEST_ptr(greeting = greeting_request[0].data)
184 || !TEST_size_t_gt(greeting_request[0].data_size, 0)
185 || !TEST_str_eq(greeting, custom_buf))
186 goto err;
187
188 /* Make sure we got the error we were expecting */
189 err = ERR_peek_last_error();
190 if (!TEST_int_gt(err, 0)
191 || !TEST_int_eq(ERR_GET_REASON(err), 1))
192 goto err;
193
194 if (!TEST_true(OSSL_PROVIDER_unload(prov)))
195 goto err;
196 prov = NULL;
197
198 /*
199 * We must free the libctx to force the provider to really be unloaded from
200 * memory
201 */
202 OSSL_LIB_CTX_free(*libctx);
203 *libctx = NULL;
204
205 /* We print out all the data to make sure it can still be accessed */
206 ERR_print_errors_fp(stderr);
207 ok = 1;
208 err:
209 OSSL_PARAM_BLD_free(bld);
210 OSSL_PARAM_free(params);
211 OSSL_PROVIDER_unload(prov);
212 OSSL_LIB_CTX_free(*libctx);
213 *libctx = NULL;
214 return ok;
215 }
216 #endif
217
218 static int test_builtin_provider(void)
219 {
220 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
221 const char *name = "p_test_builtin";
222 int ok;
223
224 ok =
225 TEST_ptr(libctx)
226 && TEST_true(OSSL_PROVIDER_add_builtin(libctx, name,
227 PROVIDER_INIT_FUNCTION_NAME))
228 && test_provider(&libctx, name, NULL);
229
230 OSSL_LIB_CTX_free(libctx);
231
232 return ok;
233 }
234
235 /* Test relies on fetching the MD4 digest from the legacy provider */
236 #ifndef OPENSSL_NO_MD4
237 static int test_builtin_provider_with_child(void)
238 {
239 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
240 const char *name = "p_test";
241 OSSL_PROVIDER *legacy;
242
243 if (!TEST_ptr(libctx))
244 return 0;
245
246 legacy = OSSL_PROVIDER_load(libctx, "legacy");
247 if (legacy == NULL) {
248 /*
249 * In this case we assume we've been built with "no-legacy" and skip
250 * this test (there is no OPENSSL_NO_LEGACY)
251 */
252 OSSL_LIB_CTX_free(libctx);
253 return 1;
254 }
255
256 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, name,
257 PROVIDER_INIT_FUNCTION_NAME))) {
258 OSSL_LIB_CTX_free(libctx);
259 return 0;
260 }
261
262 /* test_provider will free libctx and unload legacy as part of the test */
263 return test_provider(&libctx, name, legacy);
264 }
265 #endif
266
267 #ifndef NO_PROVIDER_MODULE
268 static int test_loaded_provider(void)
269 {
270 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
271 const char *name = "p_test";
272 int res = 0;
273
274 if (!TEST_ptr(libctx))
275 return 0;
276
277 /* test_provider will free libctx as part of the test */
278 res = test_provider(&libctx, name, NULL);
279
280 libctx = OSSL_LIB_CTX_new();
281 if (!TEST_ptr(libctx))
282 return 0;
283
284 /* test_provider_ex will free libctx as part of the test */
285 res = res && test_provider_ex(&libctx, name);
286
287 return res;
288 }
289 #endif
290
291 typedef enum OPTION_choice {
292 OPT_ERR = -1,
293 OPT_EOF = 0,
294 OPT_LOADED,
295 OPT_TEST_ENUM
296 } OPTION_CHOICE;
297
298 const OPTIONS *test_get_options(void)
299 {
300 static const OPTIONS test_options[] = {
301 OPT_TEST_OPTIONS_DEFAULT_USAGE,
302 { "loaded", OPT_LOADED, '-', "Run test with a loaded provider" },
303 { NULL }
304 };
305 return test_options;
306 }
307
308 int setup_tests(void)
309 {
310 OPTION_CHOICE o;
311 int loaded = 0;
312
313 while ((o = opt_next()) != OPT_EOF) {
314 switch (o) {
315 case OPT_TEST_CASES:
316 break;
317 case OPT_LOADED:
318 loaded = 1;
319 break;
320 default:
321 return 0;
322 }
323 }
324
325 if (!loaded) {
326 ADD_TEST(test_builtin_provider);
327 #ifndef OPENSSL_NO_MD4
328 ADD_TEST(test_builtin_provider_with_child);
329 #endif
330 }
331 #ifndef NO_PROVIDER_MODULE
332 else {
333 ADD_TEST(test_loaded_provider);
334 }
335 #endif
336 return 1;
337 }
338
A mirror of the official openssl repository