openssl/test
Matt Caswell 10e6d23549 Fix SSLv3 ClientAuth alert checking
In TLS during ClientAuth if the CA is not recognised you should get an
UnknownCA alert. In SSLv3 this does not exist and you should get a
BadCertificate alert.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-07-18 14:30:14 +01:00
..
certs Extend mkcert.sh to support nameConstraints generation and more complex 2016-07-11 23:30:04 +01:00
ct Verify SCT signatures 2016-03-01 11:59:28 -05:00
d2i-tests Add ASN.1 INTEGER tests. 2016-05-03 13:06:15 +01:00
ocsp-tests Fix OCSP checking. 2012-12-07 18:47:47 +00:00
recipes Extend mkcert.sh to support nameConstraints generation and more complex 2016-07-11 23:30:04 +01:00
smime-certs Add final(?) set of copyrights. 2016-06-01 11:27:25 -04:00
ssl-tests Fix SSLv3 ClientAuth alert checking 2016-07-18 14:30:14 +01:00
testlib/OpenSSL Run the fuzzing corpora as tests. 2016-07-01 13:45:45 +01:00
aborttest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
afalgtest.c Handle inability to create AFALG socket 2016-06-13 17:28:40 +01:00
asynciotest.c Add some session API tests 2016-06-13 17:35:18 +01:00
asynctest.c include/openssl: don't include <windows.h> in public headers. 2016-07-08 11:49:44 +02:00
bftest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
bioprinttest.c Whitespace cleanup in apps 2016-06-29 09:56:39 -04:00
bntest.c Add a BN_mod_word test() 2016-06-07 21:55:31 +01:00
build.info Platform sanity test 2016-07-08 15:56:55 -04:00
CAss.cnf RT3809: basicConstraints is critical 2016-06-13 09:18:22 -04:00
CAssdh.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
CAssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
CAssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
casttest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
CAtsa.cnf Use better defaults for TSA. 2015-11-20 13:40:53 +00:00
cipherlist_test.c Replace cipherlist test 2016-05-11 18:59:46 +02:00
clienthellotest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
cms-examples.pl Copyright consolidation: perl files 2016-04-20 09:45:40 -04:00
constant_time_test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
ct_test.c Tests should check validation status directly 2016-06-20 11:54:56 +01:00
d2i_test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
danetest.c Perform DANE-EE(3) name checks by default 2016-07-12 10:16:34 -04:00
danetest.in Perform DANE-EE(3) name checks by default 2016-07-12 10:16:34 -04:00
danetest.pem DANE support for X509_verify_cert() 2016-01-07 13:48:59 -05:00
destest.c RT4337: Crash in DES 2016-06-01 09:28:53 -04:00
dhtest.c Fix the build and tests following constification of DH, DSA, RSA 2016-06-16 13:34:44 +01:00
dsatest.c Fix the build and tests following constification of DH, DSA, RSA 2016-06-16 13:34:44 +01:00
dtlsv1listentest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
ecdhtest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
ecdhtest_cavs.h Whitespace cleanup in apps 2016-06-29 09:56:39 -04:00
ecdsatest.c Make DSA_SIG and ECDSA_SIG getters const. 2016-06-20 14:58:36 +02:00
ectest.c RT 4242: reject invalid EC point coordinates 2016-06-09 23:58:20 +02:00
enginetest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
evp_extra_test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
evp_test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
evptests.txt RT2867: des_ede3_cfb1 ignored "size in bits" flag 2016-06-23 10:03:50 -04:00
exdatatest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
exptest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
generate_buildtest.pl Generate simple build test files 2016-06-04 01:22:08 +02:00
generate_ssl_tests.pl SSL test: only write out server2 when testing SNI 2016-06-13 18:31:33 +02:00
gmdifftest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
handshake_helper.c SSL test framework: port SNI tests 2016-06-28 17:26:24 +02:00
handshake_helper.h Clean up following new SNI tests 2016-06-13 16:03:06 +02:00
heartbeat_test.c Simplify SSL BIO buffering logic 2016-05-20 14:11:11 +01:00
hmactest.c Fix hmac test case 6 2016-06-30 08:52:37 -04:00
ideatest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
igetest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
md2test.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
md4test.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
md5test.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
mdc2test.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
memleaktest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
methtest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
P1ss.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
P2ss.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
p5_crpt2_test.c Useless includes 2016-06-18 16:30:24 -04:00
packettest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
pbelutest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
pkcs7-1.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
pkcs7.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
pkits-test.pl Copyright consolidation: perl files 2016-04-20 09:45:40 -04:00
r160test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
randtest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
rc2test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
rc4test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
rc5test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
README Add documentation for the new testing framework 2015-09-07 16:10:58 +02:00
README.ssltest.md SSL test framework: port SNI tests 2016-06-28 17:26:24 +02:00
rmdtest.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
rsa_test.c Deprecate the flags that switch off constant time 2016-06-06 11:09:06 +01:00
run_tests.pl perl: use the 'if' module to conditionally load File::Glob 2016-05-30 11:55:46 +02:00
sanitytest.c Platform sanity test 2016-07-08 15:56:55 -04:00
secmemtest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
serverinfo.pem Require ServerInfo PEMs to be named "BEGIN SERVERINFO FOR"... 2013-09-13 19:32:55 -07:00
sha1test.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
sha256t.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
sha512t.c check return values for EVP_Digest*() APIs 2016-07-15 14:09:05 +01:00
smcont.txt Add extensive PCKS7 and CMS consistency test script. 2008-03-18 14:37:59 +00:00
srptest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
ssl_test.c SSL test framework: port SNI tests 2016-06-28 17:26:24 +02:00
ssl_test.tmpl SSL test: only write out server2 when testing SNI 2016-06-13 18:31:33 +02:00
ssl_test_ctx.c Fix SSLv3 ClientAuth alert checking 2016-07-18 14:30:14 +01:00
ssl_test_ctx.h SSL test framework: port SNI tests 2016-06-28 17:26:24 +02:00
ssl_test_ctx_test.c SSL test framework: port SNI tests 2016-06-28 17:26:24 +02:00
ssl_test_ctx_test.conf SSL test framework: port SNI tests 2016-06-28 17:26:24 +02:00
sslapitest.c Update sslapitest to use the test framework 2016-06-13 17:35:18 +01:00
ssltest_old.c Useless includes 2016-06-18 16:30:24 -04:00
ssltestlib.c Use the SSL_METHODs passed to create_ssl_ctx_pair() 2016-07-01 23:23:16 +01:00
ssltestlib.h Add some session API tests 2016-06-13 17:35:18 +01:00
Sssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Sssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
test.cnf Use 2K RSA and SHA256 in tests 2015-04-20 07:23:04 -04:00
testcrl.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testdsa.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testdsapub.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testec-p256.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testecpub-p256.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testp7.pem Change PKCS#7 test data to take account of removal of 2000-08-25 01:29:41 +00:00
testreq2.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testrsa.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
testrsapub.pem Add private/public key conversion tests 2015-03-29 03:26:12 +01:00
testsid.pem Remove SSLv2 support 2014-12-04 11:55:03 +01:00
testutil.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
testutil.h Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
testx509.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
threadstest.c include/openssl: don't include <windows.h> in public headers. 2016-07-08 11:49:44 +02:00
Uss.cnf Create DSA and ECDSA certificates. 2015-09-02 21:22:44 +01:00
v3-cert1.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
v3-cert2.pem Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00
v3ext.c Add some accessor API's 2016-06-08 11:37:06 -04:00
v3nametest.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
verify_extra_test.c Copyright consolidation 02/10 2016-05-17 14:20:27 -04:00
wp_test.c crypto/cryptlib.c: omit OPENSSL_ia32cap_loc(). 2016-06-22 20:20:37 +02:00
x509aux.c Fix i2d_X509_AUX, update docs and add tests 2016-05-11 01:46:06 -04:00

How to add recipes
==================

For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.

Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile.  More on this later.


Naming convetions
=================

A test executable is named test/{name}test.c

A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.

The number {nn} is (somewhat loosely) grouped as follows:

05  individual symmetric cipher algorithms
10  math (bignum)
15  individual asymmetric cipher algorithms
20  openssl enc
25  certificate forms, generation and verification
30  engine and evp
70  PACKET layer
80  "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90  misc


A recipe that just runs a test executable
=========================================

A script that just runs a program looks like this:

    #! /usr/bin/perl
    
    use OpenSSL::Test::Simple;
    
    simple_test("test_{name}", "{name}test", "{name}");

{name} is the unique name you have chosen for your test.

The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/

For documentation on OpenSSL::Test::Simple, do
`perldoc test/testlib/OpenSSL/Test/Simple.pm'.


A recipe that runs a more complex test
======================================

For more complex tests, you will need to read up on Test::More and
OpenSSL::Test.  Test::More is normally preinstalled, do `man Test::More' for
documentation.  For OpenSSL::Test, do `perldoc test/testlib/OpenSSL/Test.pm'.

A script to start from could be this:

    #! /usr/bin/perl
    
    use strict;
    use warnings;
    use OpenSSL::Test;
    
    setup("test_{name}");
    
    plan tests => 2;                # The number of tests being performed
    
    ok(test1, "test1");
    ok(test2, "test1");
    
    sub test1
    {
        # test feature 1
    }
    
    sub test2
    {
        # test feature 2
    }
    

Changes to test/Makefile
========================

Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):

* among the variables for test executables at the beginning, add a line like
  this:

    {NAME}TEST= {name}test

* add `$({NAME}TEST)$(EXE_EXT)' to the assignment of EXE:

* add `$({NAME}TEST).o' to the assignment of OBJ:

* add `$({NAME}TEST).c' to the assignment of SRC:

* add the following lines for building the executable:

    $({NAME}TEST)$(EXE_EXT): $({NAME}TEST).o $(DLIBCRYPTO)
           @target=$({NAME}TEST); $(BUILD_CMD)