wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/test
History
Rob Percival 2094ea070a Add SSL tests for certificates with embedded SCTs 
The only SSL tests prior to this tested using certificates with no
embedded Signed Certificate Timestamps (SCTs), which meant they couldn't
confirm whether Certificate Transparency checks in "strict" mode were
working.

These tests reveal a bug in the validation of SCT timestamps, which is
fixed by the next commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3138)
2017-04-12 19:08:57 +02:00
..
certs Add SSL tests for certificates with embedded SCTs 2017-04-12 19:08:57 +02:00
ct Verify SCT signatures 2016-03-01 11:59:28 -05:00
d2i-tests add test for CVE-2016-7053 2016-11-10 13:04:11 +00:00
ocsp-tests Fix OCSP checking. 2012-12-07 18:47:47 +00:00
ossl_shim More typo fixes 2017-03-29 07:14:29 +02:00
recipes OpenSSL::Test: supported filtered command output 2017-04-12 15:53:09 +02:00
smime-certs spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
ssl-tests Add SSL tests for certificates with embedded SCTs 2017-04-12 19:08:57 +02:00
testlib OpenSSL::Test: supported filtered command output 2017-04-12 15:53:09 +02:00
aborttest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
afalgtest.c Handle inability to create AFALG socket 2016-06-13 17:28:40 +01:00
asn1_encode_test.c Add tests of custom negative 1 2017-04-12 12:30:38 +02:00
asn1_internal_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
asynciotest.c Convert asynciotest for the new test framework 2017-04-11 23:59:09 +01:00
asynctest.c asynctest: don't depend on apps 2017-03-28 14:40:25 +02:00
bad_dtls_test.c Convert bad_dtls_test for the new test framework 2017-04-11 23:40:37 +01:00
bftest.c Remove unused variable. Thanks @pauli-oracle 2017-04-12 10:27:16 +01:00
bio_enc_test.c Fix bio_enc_test 2016-08-23 09:24:29 +01:00
bioprinttest.c bio/b_print.c: recognize even 'j' format modifier. 2017-03-30 19:33:32 +02:00
bntest.c bntest: do not stop on first fautl encountered 2017-02-01 02:03:29 +01:00
bntests.pl Make bntest be (mostly) file-based. 2016-11-28 12:26:05 -05:00
bntests.txt bntests.txt: add a couple of checks of possibly negative zero 2017-02-01 02:03:29 +01:00
build.info Convert x509aux, cipherlist, casttest 2017-04-12 10:01:26 -04:00
CAss.cnf RT3809: basicConstraints is critical 2016-06-13 09:18:22 -04:00
CAssdh.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
CAssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
CAssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
casttest.c Address review feedback (to be squashed) 2017-04-12 11:20:48 -04:00
CAtsa.cnf Use better defaults for TSA. 2015-11-20 13:40:53 +00:00
chacha_internal_test.c Update the internal chacha test to use the framework 2017-04-12 11:51:34 +01:00
cipher_overhead_test.c Add unit test for ssl_cipher_get_overhead() 2016-11-02 14:00:11 +00:00
cipherbytes_test.c cipherbytes_test: remove unused includes 2017-03-29 12:48:41 +02:00
cipherlist_test.c Convert x509aux, cipherlist, casttest 2017-04-12 10:01:26 -04:00
clienthellotest.c Convert clienthellotest for the new test framework 2017-04-12 00:02:40 +01:00
cms-examples.pl Copyright consolidation: perl files 2016-04-20 09:45:40 -04:00
constant_time_test.c constant time test: include our internal/numbers.h rather than limits.h 2016-11-05 11:38:29 +01:00
crltest.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
ct_test.c Make sure things get deleted when test setup fails in ct_test.c 2016-11-16 13:54:17 +00:00
d2i_test.c Update d2i_test to use the test infrastructure 2017-04-12 10:56:31 +01:00
danetest.c Fix some -Wshadow warnings 2017-03-14 11:44:31 -05:00
danetest.in Perform DANE-EE(3) name checks by default 2016-07-12 10:16:34 -04:00
danetest.pem DANE support for X509_verify_cert() 2016-01-07 13:48:59 -05:00
destest.c Update destest to use the test infrastructure 2017-04-12 15:02:44 +02:00
dhtest.c Fix the build and tests following constification of DH, DSA, RSA 2016-06-16 13:34:44 +01:00
dsatest.c Fix the build and tests following constification of DH, DSA, RSA 2016-06-16 13:34:44 +01:00
dtls_mtu_test.c Let test handshakes stop on certain errors 2017-02-23 19:40:27 +01:00
dtlstest.c Update dtlstest to use the test infrastructure 2017-04-11 13:54:08 +01:00
dtlsv1listentest.c Simplify and rename SSL_set_rbio() and SSL_set_wbio() 2016-07-29 14:09:57 +01:00
ecdhtest.c Remove more stale code in ecdhtest.c 2017-04-12 15:04:17 +02:00
ecdhtest_cavs.h Whitespace cleanup in apps 2016-06-29 09:56:39 -04:00
ecdsatest.c spelling fixes, just comments and readme. 2016-08-05 19:07:30 -04:00
ectest.c Remove some obsolete/obscure internal define switches: 2017-03-01 10:44:49 +01:00
enginetest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
evp_extra_test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
evp_test.c Fixed PKCS5_PBKDF2_HMAC() to adhere to the documentation. 2017-03-17 08:47:11 -04:00
evptests.txt ecdhtest.c: move KATs to evptests.txt 2017-04-12 15:04:17 +02:00
exdatatest.c Convert exdata tests to new test framework 2017-04-12 08:32:13 +02:00
exptest.c Change callers to use the new constants. 2016-08-10 10:07:37 -04:00
generate_buildtest.pl Move the building of test/buildtest_*. to be done unconditionally 2016-08-05 21:17:05 +02:00
generate_ssl_tests.pl Reorganize SSL test structures 2016-08-08 12:06:26 +02:00
gmdifftest.c Update gmdifftime to use the test infrastructure 2017-04-12 11:03:09 +01:00
handshake_helper.c Allow an ALPN callback to pretend to not exist 2017-04-10 11:57:37 -04:00
handshake_helper.h Add ExpectedServerCANames 2017-04-03 23:47:22 +01:00
hmactest.c Fix hmac test case 6 2016-06-30 08:52:37 -04:00
ideatest.c Update ideatest to use the test infrastructure 2017-04-12 11:05:57 +01:00
igetest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
lhash_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
md2test.c Update md2test to use the test infrastructure 2017-04-11 13:49:51 +01:00
mdc2_internal_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
mdc2test.c Update mdc2test to use the test infrastructure 2017-04-12 09:45:11 +01:00
memleaktest.c Update secmemtest and memeleaktest to use the test infrastructure. 2017-04-12 10:59:53 +01:00
modes_internal_test.c Add main() test methods to reduce test boilerplate. 2016-11-09 16:07:16 +01:00
P1ss.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
P2ss.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
packettest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
pbelutest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
pkcs7-1.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
pkcs7.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
pkey_meth_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
pkits-test.pl Remove trailing whitespace from some files. 2016-10-10 23:36:21 +01:00
poly1305_internal_test.c Remove fprintfs from the poly1305 internal test but keep the test number 2017-04-12 13:37:12 +02:00
randtest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
rc2test.c Update rc2test to use the test infrastructure 2017-04-10 20:27:48 -04:00
rc4test.c Update rc4test to use the test infrastructure 2017-04-12 09:54:08 +01:00
rc5test.c Update rc5test to use the test infrastructure 2017-04-12 09:53:03 +01:00
README Test infrastructure additions. 2017-03-29 08:51:43 +10:00
README.external Add Python Cryptography.io external test suite 2017-03-15 01:26:36 +01:00
README.ssltest.md Add ExpectedServerCANames 2017-04-03 23:47:22 +01:00
recordlentest.c More typo fixes 2017-03-29 07:14:29 +02:00
rsa_test.c Remove seed completely... 2017-04-12 10:07:32 +01:00
run_tests.pl Make it possible to select or deselect test groups by number 2017-03-10 00:54:57 +01:00
sanitytest.c Update sanitytest to use the test infrastructure 2017-04-12 11:10:09 +01:00
secmemtest.c Update secmemtest and memeleaktest to use the test infrastructure. 2017-04-12 10:59:53 +01:00
serverinfo.pem Require ServerInfo PEMs to be named "BEGIN SERVERINFO FOR"... 2013-09-13 19:32:55 -07:00
session.pem Add tests for the padding extension 2017-03-16 15:37:41 +00:00
sha1test.c Update sha1test to use the test infrastructure 2017-04-12 09:41:47 +01:00
sha256t.c Update sha256t and sha512t to use the test infrastructure 2017-04-12 09:38:47 +01:00
sha512t.c Update sha256t and sha512t to use the test infrastructure 2017-04-12 09:38:47 +01:00
shibboleth.pfx Add PKCS#12 UTF-8 interoperability test. 2016-08-22 13:52:51 +02:00
shlibloadtest.c Fix no-dso (shlibloadtest) 2016-11-10 10:12:00 +00:00
siphash_internal_test.c Use the z modifier instead of OSSLzu with BIO_printf 2017-03-29 16:16:25 +02:00
smcont.txt test/smcont.txt: trigger assertion in bio_enc.c. 2016-07-31 17:03:17 +02:00
srptest.c Add SRP test vectors from RFC5054 2016-10-01 13:46:54 +01:00
ssl_test.c Add ExpectedServerCANames 2017-04-03 23:47:22 +01:00
ssl_test.tmpl test/ssl_test.tmpl: make it work with elderly perl. 2016-08-16 12:43:44 +02:00
ssl_test_ctx.c Add ExpectedServerCANames 2017-04-03 23:47:22 +01:00
ssl_test_ctx.h Add ExpectedServerCANames 2017-04-03 23:47:22 +01:00
ssl_test_ctx_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
ssl_test_ctx_test.conf Add compression tests 2017-03-02 16:49:28 +00:00
sslapitest.c Fix a test failure when configured without TLSv1.3 2017-04-07 13:41:04 +01:00
sslcorrupttest.c Let test handshakes stop on certain errors 2017-02-23 19:40:27 +01:00
ssltest_old.c More typo fixes 2017-03-29 07:14:29 +02:00
ssltestlib.c Move PRIu64, OSSLzu to e_os.h 2017-03-28 08:43:48 -04:00
ssltestlib.h Let test handshakes stop on certain errors 2017-02-23 19:40:27 +01:00
Sssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Sssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
stack_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
test.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
test_main.c Add main() test methods to reduce test boilerplate. 2016-11-09 16:07:16 +01:00
test_main.h Add main() test methods to reduce test boilerplate. 2016-11-09 16:07:16 +01:00
test_main_custom.c Add main() test methods to reduce test boilerplate. 2016-11-09 16:07:16 +01:00
test_main_custom.h Add main() test methods to reduce test boilerplate. 2016-11-09 16:07:16 +01:00
test_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
testcrl.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testdsa.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testdsapub.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testec-p256.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testecpub-p256.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testp7.pem Change PKCS#7 test data to take account of removal of 2000-08-25 01:29:41 +00:00
testreq2.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testrsa.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testrsapub.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testsid.pem Remove SSLv2 support 2014-12-04 11:55:03 +01:00
testutil.c test/testutil.c: Flush stdout when running tests 2017-04-12 15:00:51 +02:00
testutil.h Make test marcos for true/false checks reliable for all integral types. 2017-04-10 19:44:02 -04:00
testx509.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
threadstest.c Update threadstest to use the test framework 2017-04-12 13:01:12 +02:00
tls13encryptiontest.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
tls13secretstest.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
uitest.c UI: fix uitest for VMS 2017-01-12 15:23:15 +01:00
Uss.cnf Create DSA and ECDSA certificates. 2015-09-02 21:22:44 +01:00
v3-cert1.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
v3-cert2.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
v3ext.c Add some accessor API's 2016-06-08 11:37:06 -04:00
v3nametest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
verify_extra_test.c Fix some extra or missing whitespaces... 2017-01-25 09:06:34 +00:00
wpackettest.c Add a test for WPACKET_fill_lengths() 2017-01-30 10:18:24 +00:00
x509_internal_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
x509_time_test.c Test infrastructure additions. 2017-03-29 08:51:43 +10:00
x509aux.c Address review feedback (to be squashed) 2017-04-12 11:20:48 -04:00

README 

How to add recipes
==================

For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.

Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile.  More on this later.


Naming conventions
=================

A test executable is named test/{name}test.c

A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.

The number {nn} is (somewhat loosely) grouped as follows:

00-04  sanity, internal and essential API tests
05-09  individual symmetric cipher algorithms
10-14  math (bignum)
15-19  individual asymmetric cipher algorithms
20-24  openssl commands (some otherwise not tested)
25-29  certificate forms, generation and verification
30-35  engine and evp
60-79  APIs
   70  PACKET layer
80-89  "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98  misc
99     most time consuming tests [such as test_fuzz]


A recipe that just runs a test executable
=========================================

A script that just runs a program looks like this:

    #! /usr/bin/perl
    
    use OpenSSL::Test::Simple;
    
    simple_test("test_{name}", "{name}test", "{name}");

{name} is the unique name you have chosen for your test.

The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/

For documentation on OpenSSL::Test::Simple, do
`perldoc test/testlib/OpenSSL/Test/Simple.pm'.


A recipe that runs a more complex test
======================================

For more complex tests, you will need to read up on Test::More and
OpenSSL::Test.  Test::More is normally preinstalled, do `man Test::More' for
documentation.  For OpenSSL::Test, do `perldoc test/testlib/OpenSSL/Test.pm'.

A script to start from could be this:

    #! /usr/bin/perl
    
    use strict;
    use warnings;
    use OpenSSL::Test;
    
    setup("test_{name}");
    
    plan tests => 2;                # The number of tests being performed
    
    ok(test1, "test1");
    ok(test2, "test1");
    
    sub test1
    {
        # test feature 1
    }
    
    sub test2
    {
        # test feature 2
    }
    

Changes to test/build.info
==========================

Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):

* add {name} to the list of programs under PROGRAMS_NO_INST

* create a three line description of how to build the test, you will have
to modify the include paths and source files if you don't want to use the
basic test framework:

    SOURCE[{name}]={name}.c testutil.c test_main.c
    INCLUDE[{name}]=.. ../include
    DEPEND[{name}]=../libcrypto

Generic form of C test executables
==================================

    #include "test_main.h"
    #include "testutil.h"

    static int my_test(void)
    {
        int testresult = 0;                 /* Assume the test will fail    */
        int observed;

        observed = function();              /* Call the code under test     */
        if (!TEST_int_equal(observed, 2))   /* Check the result is correct  */
            goto end;                       /* Exit on failure - optional   */

        testresult = 1;                     /* Mark the test case a success */
    end:
        cleanup();                          /* Any cleanup you require      */
        return testresult;
    }

    void register_tests(void)
    {
        ADD_TEST(my_test);                  /* Add each test separately     */
    }

You should use the TEST_xxx macros provided by testutil.h to test all failure
conditions.  These macros produce an error message in a standard format if the
condition is not met (and nothing if the condition is met).  Additional
information can be presented with the TEST_info macro that takes a printf
format string and arguments.  TEST_error is useful for complicated conditions,
it also takes a printf format string and argument.