diff options
| -rw-r--r-- | CMakeLists.txt | 58 | ||||
| -rw-r--r-- | test/00-engine.t | 2 | ||||
| -rw-r--r-- | test/00-provider.t | 60 | ||||
| -rw-r--r-- | test/01-digest.t | 2 | ||||
| -rw-r--r-- | test/02-mac.t | 2 | ||||
| -rw-r--r-- | test/03-encrypt.t | 2 | ||||
| -rw-r--r-- | test/04-pkey.t | 2 | ||||
| -rw-r--r-- | test/empty.cnf | 0 | ||||
| -rw-r--r-- | test/provider.cnf | 8 |
9 files changed, 117 insertions, 19 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index b6476e7..499fc7e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -201,24 +201,36 @@ set(GOST_PROV_SOURCE_FILES gost_prov.c ) -set(TEST_ENVIRONMENT +set(TEST_ENVIRONMENT_COMMON CMAKE_CURRENT_SOURCE_DIR=${CMAKE_CURRENT_SOURCE_DIR} PERL5LIB=${CMAKE_CURRENT_SOURCE_DIR}/test - OPENSSL_ENGINES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY} OPENSSL_PROGRAM=${OPENSSL_PROGRAM} OPENSSL_CRYPTO_LIBRARY=${OPENSSL_CRYPTO_LIBRARY} + ) + +set(TEST_ENVIRONMENT_ENGINE + ${TEST_ENVIRONMENT_COMMON} + OPENSSL_ENGINES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY} OPENSSL_CONF=${CMAKE_CURRENT_SOURCE_DIR}/test/engine.cnf ) +set(TEST_ENVIRONMENT_PROVIDER + ${TEST_ENVIRONMENT_COMMON} + OPENSSL_MODULES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY} + OPENSSL_CONF=${CMAKE_CURRENT_SOURCE_DIR}/test/provider.cnf + ) + add_executable(test_digest test_digest.c) target_link_libraries(test_digest OpenSSL::Crypto) -add_test(NAME digest COMMAND test_digest) -set_tests_properties(digest PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME digest-with-engine COMMAND test_digest) +set_tests_properties(digest-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") add_executable(test_ciphers test_ciphers.c) target_link_libraries(test_ciphers OpenSSL::Crypto) -add_test(NAME ciphers COMMAND test_ciphers) -set_tests_properties(ciphers PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME ciphers-with-engine COMMAND test_ciphers) +set_tests_properties(ciphers-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") # test_curves is an internals testing program, it doesn't need a test env add_executable(test_curves test_curves.c) @@ -227,28 +239,33 @@ add_test(NAME curves COMMAND test_curves) add_executable(test_params test_params.c) target_link_libraries(test_params OpenSSL::Crypto) -add_test(NAME parameters COMMAND test_params) -set_tests_properties(parameters PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME parameters-with-engine COMMAND test_params) +set_tests_properties(parameters-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") add_executable(test_derive test_derive.c) target_link_libraries(test_derive OpenSSL::Crypto) -add_test(NAME derive COMMAND test_derive) -set_tests_properties(derive PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME derive-with-engine COMMAND test_derive) +set_tests_properties(derive-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") add_executable(test_sign test_sign.c) target_link_libraries(test_sign OpenSSL::Crypto) -add_test(NAME sign/verify COMMAND test_sign) -set_tests_properties(sign/verify PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME sign/verify-with-engine COMMAND test_sign) +set_tests_properties(sign/verify-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") add_executable(test_tls test_tls.c) target_link_libraries(test_tls OpenSSL::SSL) -add_test(NAME TLS COMMAND test_tls) -set_tests_properties(TLS PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME TLS-with-engine COMMAND test_tls) +set_tests_properties(TLS-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") add_executable(test_context test_context.c) target_link_libraries(test_context OpenSSL::Crypto) -add_test(NAME context COMMAND test_context) -set_tests_properties(context PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") +add_test(NAME context-with-engine COMMAND test_context) +set_tests_properties(context-with-engine + PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") # test_keyexpimp is an internals testing program, it doesn't need a test env add_executable(test_keyexpimp test_keyexpimp.c) @@ -266,10 +283,13 @@ if(NOT SKIP_PERL_TESTS) ERROR_QUIET RESULT_VARIABLE HAVE_TEST2_V0) if(NOT HAVE_TEST2_V0) add_test(NAME engine - COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test) - set_tests_properties(engine PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}") + COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test :: engine) + set_tests_properties(engine PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}") + add_test(NAME provider + COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test :: provider) + set_tests_properties(provider PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_PROVIDER}") else() - message(STATUS "No Test2::V0 perl module (engine tests skipped)") + message(STATUS "No Test2::V0 perl module (engine and provider tests skipped)") endif() endif() diff --git a/test/00-engine.t b/test/00-engine.t index a09cfe5..9f37555 100644 --- a/test/00-engine.t +++ b/test/00-engine.t @@ -1,5 +1,7 @@ #!/usr/bin/perl use Test2::V0; +skip_all('This test is only suitable for the engine') + unless $ARGV[0] eq 'engine'; plan(7); use Cwd 'abs_path'; diff --git a/test/00-provider.t b/test/00-provider.t new file mode 100644 index 0000000..85ad249 --- /dev/null +++ b/test/00-provider.t @@ -0,0 +1,60 @@ +#!/usr/bin/perl +use Test2::V0; +skip_all('This test is only suitable for the provider') + unless $ARGV[0] eq 'provider'; +plan(1); +use Cwd 'abs_path'; + +my $provider = 'gostprov'; +my $provider_info = <<EOINF; +Providers: + gostprov +EOINF + +# Normally, this test recipe tests the default GOST provider. However, it's +# also possible to test a different provider as well, possibly a custom build. +# In that case, use the environment variable PROVIDER_NAME to name it. This +# overrides a few things: +# +# - if it exists, we get the text that 'openssl provider -c ${PROVIDER_NAME}' +# should print from the file "${PROVIDER_NAME}.info". +# - we create an OpenSSL config file for that provider, and use that instead +# of the default. We do this by overriding the environment variable +# OPENSSL_CONF +# +# If PROVIDER_NAME isn't set, we rely on an existing OPENSSL_CONF +# +if ($ENV{'PROVIDER_NAME'}) { + $provider=$ENV{'PROVIDER_NAME'}; + + if ( -f $provider . ".info") { + diag("Reading $provider.info"); + open my $F, "<", $provider . ".info"; + read $F,$provider_info,1024; + close $F; + } + + open my $F,">","$provider.cnf"; + print $F <<EOCFG; +openssl_conf = openssl_def +[openssl_def] +providers = providers +[providers] +${provider}=gost_conf +[gost_conf] +default_algorithms = ALL +EOCFG + close $F; + $ENV{'OPENSSL_CONF'}=abs_path("$provider.cnf"); +} + +# Let's check that we can load the provider without config file +# Note that this still requires a properly defined OPENSSL_MODULES +{ + local $ENV{'OPENSSL_CONF'}=abs_path("no_such_file.cfg"); + my $cmd = "openssl list -provider $provider -providers"; + unless (is(`$cmd`, $provider_info, + "load provider without any config")) { + diag("Command was: $cmd"); + } +} diff --git a/test/01-digest.t b/test/01-digest.t index b3a6355..8d537b6 100644 --- a/test/01-digest.t +++ b/test/01-digest.t @@ -1,5 +1,7 @@ #!/usr/bin/perl use Test2::V0; +skip_all('TODO: add digest support in provider') + unless $ARGV[0] eq 'engine'; plan(16); # Set engine name from environment to allow testing of different engines diff --git a/test/02-mac.t b/test/02-mac.t index 9dca47e..04a6377 100644 --- a/test/02-mac.t +++ b/test/02-mac.t @@ -1,5 +1,7 @@ #!/usr/bin/perl use Test2::V0; +skip_all('TODO: add mac support in provider') + unless $ARGV[0] eq 'engine'; plan(19); # prepare data for diff --git a/test/03-encrypt.t b/test/03-encrypt.t index 408278a..5b25f30 100644 --- a/test/03-encrypt.t +++ b/test/03-encrypt.t @@ -1,5 +1,7 @@ #!/usr/bin/perl use Test2::V0; +skip_all('TODO: add symmetric cipher support in provider') + unless $ARGV[0] eq 'engine'; plan(48); use Cwd 'abs_path'; diff --git a/test/04-pkey.t b/test/04-pkey.t index 532656c..4469f86 100644 --- a/test/04-pkey.t +++ b/test/04-pkey.t @@ -1,5 +1,7 @@ #!/usr/bin/perl use Test2::V0; +skip_all('TODO: add pkey support in provider') + unless $ARGV[0] eq 'engine'; plan(2); use Cwd 'abs_path'; diff --git a/test/empty.cnf b/test/empty.cnf deleted file mode 100644 index e69de29..0000000 --- a/test/empty.cnf +++ /dev/null diff --git a/test/provider.cnf b/test/provider.cnf new file mode 100644 index 0000000..d2c231a --- /dev/null +++ b/test/provider.cnf @@ -0,0 +1,8 @@ +openssl_conf = openssl_def +[openssl_def] +providers = providers +[providers] +gostprov = provider_conf +default = provider_conf +[provider_conf] +activate = 1 |