diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-18 17:14:19 +0200 |
|---|---|---|
| committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-21 09:04:13 +0200 |
| commit | 4561f15fdb0cf86257fd30292a9b82893c248350 (patch) | |
| tree | 63eab0f950b04f8c401d529f6d5ba75669f4e1c1 | |
| parent | Add libctx/provider support to cmp_vfy_test (diff) | |
| download | openssl-4561f15fdb0cf86257fd30292a9b82893c248350.tar.xz openssl-4561f15fdb0cf86257fd30292a9b82893c248350.zip | |
Add libctx/provider support to cmp_protect_test
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
| -rw-r--r-- | test/cmp_protect_test.c | 32 | ||||
| -rw-r--r-- | test/recipes/65-test_cmp_protect.t | 51 |
2 files changed, 56 insertions, 27 deletions
diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c index 680d707e58..6413c20a23 100644 --- a/test/cmp_protect_test.c +++ b/test/cmp_protect_test.c @@ -33,6 +33,9 @@ typedef struct test_fixture { int expected; } CMP_PROTECT_TEST_FIXTURE; +static OPENSSL_CTX *libctx = NULL; +static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; + static void tear_down(CMP_PROTECT_TEST_FIXTURE *fixture) { OSSL_CMP_CTX_free(fixture->cmp_ctx); @@ -53,7 +56,7 @@ static CMP_PROTECT_TEST_FIXTURE *set_up(const char *const test_case_name) if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) return NULL; fixture->test_case_name = test_case_name; - if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))) { + if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))) { tear_down(fixture); return NULL; } @@ -477,9 +480,14 @@ void cleanup_tests(void) X509_free(intermediate); OSSL_CMP_MSG_free(ir_protected); OSSL_CMP_MSG_free(ir_unprotected); - + OPENSSL_CTX_free(libctx); } +#define USAGE "server.pem IR_protected.der IR_unprotected.der IP_PBM.der " \ + "server.crt server.pem EndEntity1.crt EndEntity2.crt Root_CA.crt " \ + "Intermediate_CA.crt module_name [module_conf_file]\n" +OPT_TEST_DECLARE_USAGE(USAGE) + int setup_tests(void) { char *server_f; @@ -506,15 +514,15 @@ int setup_tests(void) || !TEST_ptr(endentity2_f = test_get_argument(7)) || !TEST_ptr(root_f = test_get_argument(8)) || !TEST_ptr(intermediate_f = test_get_argument(9))) { - TEST_error("usage: cmp_protect_test server.pem " - "IR_protected.der IR_unprotected.der IP_PBM.der " - "server.crt server.pem" - "EndEntity1.crt EndEntity2.crt " - "Root_CA.crt Intermediate_CA.crt\n"); + TEST_error("usage: cmp_protect_test %s", USAGE); return 0; } + + if (!test_get_libctx(&libctx, &default_null_provider, &provider, 10, USAGE)) + return 0; + if (!TEST_ptr(loadedkey = load_pem_key(server_key_f)) - || !TEST_ptr(cert = load_pem_cert(server_cert_f, NULL))) + || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx))) return 0; if (!TEST_ptr(loadedprivkey = load_pem_key(server_f))) @@ -524,10 +532,10 @@ int setup_tests(void) if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f)) || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f))) return 0; - if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, NULL)) - || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, NULL)) - || !TEST_ptr(root = load_pem_cert(root_f, NULL)) - || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, NULL))) + if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx)) + || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx)) + || !TEST_ptr(root = load_pem_cert(root_f, libctx)) + || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx))) return 0; if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH))) return 0; diff --git a/test/recipes/65-test_cmp_protect.t b/test/recipes/65-test_cmp_protect.t index cc36d2674d..19185e112b 100644 --- a/test/recipes/65-test_cmp_protect.t +++ b/test/recipes/65-test_cmp_protect.t @@ -9,10 +9,18 @@ # https://www.openssl.org/source/license.html use strict; -use OpenSSL::Test qw/:DEFAULT data_file/; +use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/; use OpenSSL::Test::Utils; -setup("test_cmp_protect"); +BEGIN { + setup("test_cmp_protect"); +} + +use lib srctop_dir('Configurations'); +use lib bldtop_dir('.'); +use platform; + +my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); plan skip_all => "This test is not supported in a no-cmp build" if disabled("cmp"); @@ -20,16 +28,29 @@ plan skip_all => "This test is not supported in a no-cmp build" plan skip_all => "This test is not supported in a shared library build on Windows" if $^O eq 'MSWin32' && !disabled("shared"); -plan tests => 1; - -ok(run(test(["cmp_protect_test", - data_file("server.pem"), - data_file("IR_protected.der"), - data_file("IR_unprotected.der"), - data_file("IP_PBM.der"), - data_file("server.crt"), - data_file("server.pem"), - data_file("EndEntity1.crt"), - data_file("EndEntity2.crt"), - data_file("Root_CA.crt"), - data_file("Intermediate_CA.crt")]))); +plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test + +my @basic_cmd = ("cmp_protect_test", + data_file("server.pem"), + data_file("IR_protected.der"), + data_file("IR_unprotected.der"), + data_file("IP_PBM.der"), + data_file("server.crt"), + data_file("server.pem"), + data_file("EndEntity1.crt"), + data_file("EndEntity2.crt"), + data_file("Root_CA.crt"), + data_file("Intermediate_CA.crt")); + +ok(run(test([@basic_cmd, "none"]))); + +ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")]))); + +unless ($no_fips) { + ok(run(app(['openssl', 'fipsinstall', + '-out', bldtop_file('providers', 'fipsmodule.cnf'), + '-module', bldtop_file('providers', platform->dso('fips'))])), + "fipsinstall"); + + ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")]))); +} |