Commit graph

179 commits

Author SHA1 Message Date
FdaSilvaYY
69687aa829 More typo fixes
Fix some comments too
[skip ci]

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3069)
2017-03-29 07:14:29 +02:00
Pauli
2fae041d6c Test infrastructure additions.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3011)
2017-03-29 08:51:43 +10:00
Rich Salz
43708c1545 Move PRIu64, OSSLzu to e_os.h
Those macros are private, not public.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3044)
2017-03-28 08:43:48 -04:00
Pauli
508ee8f5ff Add unit tests for the lhash functionality.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2965)
2017-03-16 20:24:49 -04:00
Dr. Stephen Henson
2e21539b2b Add ExpectedClientCANames
Add ExpectedClientCANames: for client auth this checks to see if the
list of certificate authorities supplied by the server matches the
expected value.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2969)
2017-03-16 18:07:19 +00:00
Matt Caswell
6bc6ca623b Add tests for the padding extension
Check that the padding extension pads correctly for various scenarios.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2968)
2017-03-16 15:37:41 +00:00
Pauli
9837496142 Unit tests for crypto/stack.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2924)
2017-03-15 14:15:08 +01:00
Andy Polyakov
ee6d9dfb39 test: add chacha_internal_test.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-03-07 10:56:07 +01:00
Matt Caswell
c1074ce096 Add a test to check that we correctly handle record overflows
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2861)
2017-03-06 20:07:40 +00:00
Emilia Kasper
2f0ca54c32 Remove some obsolete/obscure internal define switches:
- FLAT_INC
- PKCS1_CHECK (the SSL_OP_PKCS1_CHECK options have been
  no-oped)
- PKCS_TESTVECT (debugging leftovers)
- SSL_AD_MISSING_SRP_USERNAME (unfinished feature)
- DTLS_AD_MISSING_HANDSHAKE_MESSAGE (unfinished feature)
- USE_OBJ_MAC (note this removes a define from the public header but
   very unlikely someone would be depending on it)
- SSL_FORBID_ENULL

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
2017-03-01 10:44:49 +01:00
Rich Salz
629192c1b9 Exdata test was never enabled.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2787)
2017-02-28 13:50:40 -05:00
Dr. Stephen Henson
c5055adf35 Revert rc4test removal, it performs additional tests not in evptests.txt
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2789)
2017-02-28 16:08:42 +00:00
Dr. Stephen Henson
816060d212 Remove more redundant tests: md4, md5, rmd, rc4, p5_crpt2
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2784)
2017-02-28 15:30:12 +00:00
Dr. Stephen Henson
a2121e1425 Remove wp_test.c: exactly the same tests are in evptests.txt
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2783)
2017-02-28 14:52:28 +00:00
Emilia Kasper
80770da39e X509 time: tighten validation per RFC 5280
- Reject fractional seconds
- Reject offsets
- Check that the date/time digits are in valid range.
- Add documentation for X509_cmp_time

GH issue 2620

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2017-02-24 17:37:08 +01:00
Benjamin Kaduk
6e3dac1995 Tests for SSL_bytes_to_cipher_list()
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2279)
2017-02-23 19:40:25 +01:00
Todd Short
3f5616d734 Add support for parameterized SipHash
The core SipHash supports either 8 or 16-byte output and a configurable
number of rounds.
The default behavior, as added to EVP, is to use 16-byte output and
2,4 rounds, which matches the behavior of most implementations.
There is an EVP_PKEY_CTRL that can control the output size.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2216)
2017-02-01 14:14:36 -05:00
Matt Caswell
e463cb39d3 Enable wpacket test on shared builds
Now that we support internal tests properly, we can test wpacket even in
shared builds.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)
2017-01-30 10:18:24 +00:00
Richard Levitte
6a15d5b637 UI: fix uitest for VMS
- On VMS, apps/apps.c depends on apps/vms_term_sock.c, so add it to
  the build
- On VMS, apps/*.c are compiled with default symbol settings,
  i.e. uppercased and truncated symbols, which differs from test
  programs.  Make sure uitest.c knows that with a few pragmas.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2218)
2017-01-12 15:23:15 +01:00
Richard Levitte
66ed24b162 Add a test "uitest"
It tests both the use of UI_METHOD (through the apps/apps.h API) and
wrapping an older style PEM password callback in a UI_METHOD.

Replace the earlier UI test with a run of this test program

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2204)
2017-01-11 18:27:27 +01:00
Matt Caswell
f1b25aaed3 Provide some tests for the sig algs API
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2160)
2016-12-30 20:58:58 +00:00
Rich Salz
2b40699082 CRL critical extension bugfix
More importantly, port CRL test from boringSSL crypto/x509/x509_test.cc

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1775)
2016-12-14 12:32:49 -05:00
Matt Caswell
f01675c6b7 Add a test for TLSv1.3 encryption using the new nonce construction
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-29 23:31:10 +00:00
Rich Salz
8d1ebff41c Make bntest be (mostly) file-based.
Test suite used from boring, written by David Benjamin.
Test driver converted from C++ to C.
Added a Perl program to check the testsuite file.
Extensive review feedback incorporated (thanks folks).

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-28 12:26:05 -05:00
Matt Caswell
fb83f20c30 Update tls13secretstest to use the new simpler test framework
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-23 15:44:08 +00:00
Dr. Stephen Henson
52fe14e662 Add test to check EVP_PKEY method ordering.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-20 00:22:02 +00:00
Richard Levitte
e72040c1dc Remove heartbeat support
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1669)
2016-11-13 16:24:02 -05:00
Richard Levitte
cf551a51d2 Link internal tests with static OpenSSL libraries when needed
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1889)
2016-11-10 15:51:43 +01:00
Andy Polyakov
c5a569927f test: add TLS application data corruption test.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-11-10 13:04:11 +00:00
Emilia Kasper
e364c3b24e Add main() test methods to reduce test boilerplate.
Simple tests only need to implement register_tests().
Tests that need a custom main() should implement test_main(). This will
be wrapped in a main() that performs common setup/teardown (currently
crypto-mdebug).

Note that for normal development, enable-asan is usually
sufficient for detecting leaks, and more versatile.

enable-crypto-mdebug is stricter as it will also
insist that all static variables be freed. This is useful for debugging
library init/deinit; however, it also means that test_main() must free
everything it allocates.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-09 16:07:16 +01:00
Matt Caswell
134bfe56c4 Add a test for the TLS1.3 secret generation
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-09 14:08:14 +00:00
Richard Levitte
b93cb1657a Correct internal tests sources
The sources for internal tests were sometimes badly formed, assuming
perl variables such as $target{cpuid_asm_src} contains only one file
name.  This change correctly massages all file names in such a
variable.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1850)
2016-11-04 15:37:13 +01:00
Richard Levitte
97f1e97114 Convert mdc2 test print to internal test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Richard Levitte
f12d6273a5 Convert x509 selftests to internal test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Richard Levitte
f2ae2348ce Convert modes selftests (cts128 and gcm128) to internal test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Richard Levitte
2c16617148 Convert asn1 selftests (a_strnid and ameth_lib) into internal test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Richard Levitte
b5b7c61fe3 Explain the deal with internal test programs
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Richard Levitte
aeac218372 Convert poly1305 selftest into internal test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Richard Levitte
9c89c8460a test/build.info: typo, $ missing
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1832)
2016-11-03 11:31:12 +01:00
Matt Caswell
b987d748e4 Add a test to dynamically load and unload the libraries
This should demonstrate that the atexit() handling is working properly (or
at least not crashing) on process exit.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-11-02 23:32:50 +00:00
David Woodhouse
02e22dd444 Add test cases for DTLS_get_data_mtu()
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-11-02 14:00:11 +00:00
David Woodhouse
542dd9c587 Add unit test for ssl_cipher_get_overhead()
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-11-02 14:00:11 +00:00
Matt Caswell
d6c4cc2939 Add tests for the WPACKET implementation
The tests will only work in no-shared builds because WPACKET is an
internal only API that does not get exported by the shared library.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-13 09:41:21 +01:00
Andy Polyakov
e6ed2b9108 Add test/bio_enc_test.c.
RT#4628

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-21 23:34:26 +02:00
Matt Caswell
6fc1748ec6 Add a DTLS unprocesed records test
Add a test to inject a record from the next epoch during the handshake and
make sure it doesn't get processed immediately.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-19 13:52:40 +01:00
Richard Levitte
5cdad22f3e Move the building of test/buildtest_*. to be done unconditionally
These were guarded by $disabled{tests}.  However, 'tests' is disabled
if we configure 'no-stdio', which means that we don't detect the lack
of OPENSSL_NO_STDIO guards in our public header files.  So we move the
generation and build of test/buildtest_*.c to be unconditional.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 21:17:05 +02:00
Richard Levitte
9cc76cc40a VMS: Fix building of bad_dtls_test
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-05 10:14:56 +02:00
David Woodhouse
16938284cf Add basic test for Cisco DTLS1_BAD_VER and record replay handling
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-04 20:56:24 +01:00
Richard Levitte
7218ae5134 Use _NO_INST in some build.info files
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18 20:49:54 +02:00
Rich Salz
cc75cbc4ed Platform sanity test
Replace nptest with sanity test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-08 15:56:55 -04:00
Richard Levitte
0483f58652 Simplify INCLUDE statements in build.info files
Now that INCLUDE considers both the source and build trees, no need
for the rel2abs perl fragment hacks any more.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-01 18:36:08 +02:00
Matt Caswell
c887104f4a Update sslapitest to use the test framework
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Matt Caswell
2cb4b5f63a Add some session API tests
This commit adds some session API tests, and in particular tests the
modified behaviour of SSL_set_session() introduced in the last commit. To
do this I have factored out some common code from the asynciotest into a
new ssltestlib.c file. I've also renamed getsettest to sslapitest as this
more closely matches what it now is!

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-13 17:35:18 +01:00
Rich Salz
e417070c9f Add some accessor API's
GH1098: Add X509_get_pathlen() (and a test)
GH1097:  Add SSL_is_dtls() function.

Documented.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-08 11:37:06 -04:00
Matt Caswell
8f09ba471c Add an SSL get/set test
We just do the getters/setter for tlsext_status_type. This could be extended
for others in the future.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-07 17:05:52 +01:00
Richard Levitte
bffb149054 Generate simple build test files
Generate small test programs to check that external programs can be
built with our stuff at a very basic level.

For now, they check that each of our header files can be included
individually without compile failure.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-04 01:22:08 +02:00
Matt Caswell
f8f686ec1c Add a test for printing floating point format specifiers
Previous commits fixed the implementation of the %e and %g format
specifiers as well as other issues. This commit adds a test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-27 10:25:31 +01:00
Richard Levitte
7030e35d07 build.info files: add quotes around any spec that may contain spaces
RT#4492

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-05-25 11:50:44 +02:00
Matt Caswell
d7295cd6d2 Add an async io test
This adds an async IO test. There are two test runs. The first one does
a normal handshake with lots of async IO events. The second one does the
same but this time breaks up all the written records into multiple records
of one byte in length. We do this all the way up until the CCS.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-05-20 14:39:45 +01:00
Emilia Kasper
5a22cf96a0 Replace cipherlist test
The old cipherlist test in ssltest.c only tests the internal order of
the cipher table, which is pretty useless.

Replace this test with a test that catches inadvertent changes to the
default cipherlist.

Fix run_tests.pl to correctly filter tests that have "list" in their name.

(Also includes a small drive-by fix in .gitignore.)

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-11 18:59:46 +02:00
Viktor Dukhovni
fde2257f05 Fix i2d_X509_AUX, update docs and add tests
When *pp is NULL, don't write garbage, return an unexpected pointer
or leak memory on error.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-05-11 01:46:06 -04:00
Matt Caswell
d90a6beb0e Fix no-stdio and no-autoalginit
no-stdio does not work with the apps. Since the tests also need the apps
it doesn't support that either. Therefore we disable building of both.

no-autoalginit is not compatible with the apps because it requires explicit
loading of the algorithms, and the apps don't do that. Therefore we disable
building the apps for this option. Similarly the tests depend on the apps
so we also disable the tests. Finally the whole point about no-autoalginit
is to avoid excessive executable sizes when doing static linking. Therefore
we disable "shared" if this option is selected.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-14 16:41:03 +01:00
Emilia Kasper
69853045e1 Rename ssltest -> ssltest_old
ssltest_old.c is deprecated. New tests should use ssl_test.c, and the
recipes in 80-test_ssl_new.t

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-05 17:07:09 +02:00
Emilia Kasper
453dfd8d5e New SSL test framework
Currently, SSL tests are configured via command-line switches to
ssltest.c. This results in a lot of duplication between ssltest.c and
apps, and a complex setup. ssltest.c is also simply old and needs
maintenance.

Instead, we already have a way to configure SSL servers and clients, so
we leverage that. SSL tests can now be configured from a configuration
file. Test servers and clients are configured using the standard
ssl_conf module. Additional test settings are configured via a test
configuration.

Moreover, since the CONF language involves unnecessary boilerplate, the
test conf itself is generated from a shorter Perl syntax.

The generated testcase files are checked in to the repo to make
it easier to verify that the intended test cases are in fact run; and to
simplify debugging failures.

To demonstrate the approach, min/max protocol tests are converted to the
new format. This change also fixes MinProtocol and MaxProtocol
handling. It was previously requested that an SSL_CTX have both the
server and client flags set for these commands; this clearly can never work.

Guide to this PR:
 - test/ssl_test.c - test framework
 - test/ssl_test_ctx.* - test configuration structure
 - test/handshake_helper.* - new SSL test handshaking code
 - test/ssl-tests/ - test configurations
 - test/generate_ssl_tests.pl - script for generating CONF-style test
   configurations from perl inputs

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-05 13:44:46 +02:00
Emilia Kasper
1400f013e1 Fix memory leaks in ASN.1
These leaks affect 1.1.0 dev branch only; introduced around commit
f93ad22f6a

Found with LibFuzzer

Reviewed-by: Ben Laurie <ben@openssl.org>
2016-04-04 13:26:06 +02:00
Richard Levitte
ef33d13185 Add a test to see that signals are caught as failures
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-18 15:25:23 +01:00
clucey
d245844010 Adding afalg test
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-07 13:36:17 +00:00
Richard Levitte
b37d6abf8c ct_test.c doesn't need to include from source top, only testutil.c does
The INCLUDE statement can handle setting extra include directories for
individual object files, let's use it.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-27 21:40:20 +01:00
Ben Laurie
c490b9b5c2 testutil.c includes e_os.h.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-27 16:22:38 +00:00
Rob Percival
186d04a543 GH752 ct_test uses testutil, so include that
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-26 14:52:35 -05:00
Richard Levitte
17436ce532 Normalise the include directives in ct_test.c
build.info needed a slight update, one more include directory.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-26 12:28:35 +01:00
Alessandro Ghedini
71a04cfca0 Implement new multi-threading API
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-26 10:00:36 +00:00
Rich Salz
9666ffb333 Update test build/run for unified
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-25 21:48:09 -05:00
Rich Salz
dba3177745 Remove JPAKE
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-02-17 09:46:10 -05:00
Richard Levitte
5caef3b502 Add inclusion directory crypto/include for BN compilations
Some files in crypto/bn depend on internal/bn_conf.h, and so does
test/bntest.  Therefore, we add another inclusion directory.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-11 14:39:57 +01:00
Richard Levitte
e8461ee1d1 Simplify the specification of include dirs in the build dir
In build.info files, make the include directory in the build directory
absolute, or Configure will think it should be added to the source
directory top.  Configure will turn it into a relative path if
possible.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-02-10 05:09:39 +01:00
Richard Levitte
6b9686e694 dtlsv1listentest includes e_os.h, reflect that in include dirs
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-08 12:05:41 +01:00
Richard Levitte
04949088bd Add build.info lines for dtlsv1listentest
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-02-06 13:11:27 +01:00
Richard Levitte
777a288270 unified build scheme: add build.info files
Now that we have the foundation for the "unified" build scheme in
place, we add build.info files.  They have been generated from the
Makefiles in the same directories.  Things that are platform specific
will appear in later commits.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-01 12:46:58 +01:00