From: Tomas Mraz <tomas@openssl.org>
Date: Wed, 22 Sep 2021 15:24:09 +0000 (+0200)
Subject: tests: Add test for X509_dup with ENGINE based key
X-Git-Tag: openssl-3.2.0-alpha1~3432
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bf585c9c071ec606ebb4606e749e63354140ca30;p=thirdparty%2Fopenssl.git

tests: Add test for X509_dup with ENGINE based key

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16648)
---

diff --git a/test/enginetest.c b/test/enginetest.c
index 4c4aeb9b8d4..d8654887703 100644
--- a/test/enginetest.c
+++ b/test/enginetest.c
@@ -352,6 +352,62 @@ static int test_redirect(void)
     OPENSSL_free(tmp);
     return to_return;
 }
+
+static int test_x509_dup_w_engine(void)
+{
+    ENGINE *e = NULL;
+    X509 *cert = NULL, *dupcert = NULL;
+    int ret = 0;
+    BIO *b = NULL;
+    RSA_METHOD *rsameth = NULL;
+
+    if (!TEST_ptr(b = BIO_new_file(test_get_argument(0), "r"))
+        || !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL)))
+        goto err;
+
+    /* Dup without an engine */
+    if (!TEST_ptr(dupcert = X509_dup(cert)))
+        goto err;
+    X509_free(dupcert);
+    dupcert = NULL;
+    X509_free(cert);
+    cert = NULL;
+
+    /* Create a test ENGINE */
+    if (!TEST_ptr(e = ENGINE_new())
+            || !TEST_true(ENGINE_set_id(e, "Test dummy engine"))
+            || !TEST_true(ENGINE_set_name(e, "Test dummy engine")))
+        goto err;
+
+    if (!TEST_ptr(rsameth = RSA_meth_dup(RSA_get_default_method())))
+        goto err;
+
+    ENGINE_set_RSA(e, rsameth);
+
+    if (!TEST_true(ENGINE_set_default_RSA(e)))
+        goto err;
+
+    if (!TEST_int_ge(BIO_seek(b, 0), 0)
+        || !TEST_ptr(cert = PEM_read_bio_X509(b, NULL, NULL, NULL)))
+        goto err;
+
+    /* Dup with an engine set on the key */
+    if (!TEST_ptr(dupcert = X509_dup(cert)))
+        goto err;
+
+    ret = 1;
+
+ err:
+    X509_free(cert);
+    X509_free(dupcert);
+    if (e != NULL) {
+        ENGINE_unregister_RSA(e);
+        ENGINE_free(e);
+    }
+    RSA_meth_free(rsameth);
+    BIO_free(b);
+    return ret;
+}
 #endif
 
 int global_init(void)
@@ -363,13 +419,27 @@ int global_init(void)
     return OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL);
 }
 
+OPT_TEST_DECLARE_USAGE("certfile\n")
+
 int setup_tests(void)
 {
 #ifdef OPENSSL_NO_ENGINE
     TEST_note("No ENGINE support");
 #else
+    int n;
+
+    if (!test_skip_common_options()) {
+        TEST_error("Error parsing test options\n");
+        return 0;
+    }
+
+    n = test_get_argument_count();
+    if (n == 0)
+        return 0;
+
     ADD_TEST(test_engines);
     ADD_TEST(test_redirect);
+    ADD_TEST(test_x509_dup_w_engine);
 #endif
     return 1;
 }
diff --git a/test/recipes/30-test_engine.t b/test/recipes/30-test_engine.t
index 57a2479b042..88db8ec9a7f 100644
--- a/test/recipes/30-test_engine.t
+++ b/test/recipes/30-test_engine.t
@@ -10,13 +10,16 @@
 use strict;
 use warnings;
 
-use OpenSSL::Test;
+use OpenSSL::Test qw/:DEFAULT srctop_file/;
 use OpenSSL::Test::Utils;
 
 setup("test_engine");
 
+my @path = qw(test certs);
+
 plan skip_all => "engines are deprecated"
     if disabled('deprecated-3.0');
 
 plan tests => 1;
-ok(run(test(["enginetest"])), "running enginetest");
+ok(run(test(["enginetest", srctop_file(@path, "root-cert.pem")])),
+   "running enginetest");