QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-03 04:59:39 +00:00
Code Issues Projects Releases Wiki Activity

TEST: Ensure that the base provider i activated when needed

Browse Source 
The fips providers can't be activated alone if encoding, decoding or
STORE are going to be used.

To enable this, we selectively use test/fips-and-base.cnf instead of
test/fips.cnf in our test recipes.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12587)
This commit is contained in:
Richard Levitte 2020-08-30 09:53:22 +02:00
parent 96b924105f
commit 7192e4dfa1
10 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
test/recipes/15-test_genrsa.t
View File

@ -117,10 +117,9 @@ ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'RSA',
} }
unless ($no_fips) { unless ($no_fips) {
my $provconf = srctop_file("test", "fips.cnf"); my $provconf = srctop_file("test", "fips-and-base.cnf");
my $provpath = bldtop_dir("providers"); my $provpath = bldtop_dir("providers");
my @prov = ( "-provider-path", $provpath, my @prov = ( "-provider-path", $provpath,
"-provider", "base",
"-config", $provconf); "-config", $provconf);
my $infile = bldtop_file('providers', platform->dso('fips')); my $infile = bldtop_file('providers', platform->dso('fips'));

2
test/recipes/15-test_rsaoaep.t
View File

@ -27,7 +27,7 @@ plan tests =>
+ 9; + 9;
my @prov = ( ); my @prov = ( );
my $provconf = srctop_file("test", "fips.cnf"); my $provconf = srctop_file("test", "fips-and-base.cnf");
my $provpath = bldtop_dir("providers"); my $provpath = bldtop_dir("providers");
my $msg_file = data_file("plain_text"); my $msg_file = data_file("plain_text");
my $enc1_file = "enc1.bin"; my $enc1_file = "enc1.bin";

2
test/recipes/30-test_evp.t
View File

@ -29,7 +29,7 @@ my $defaultcnf = $no_legacy ? 'default.cnf' : 'default-and-legacy.cnf';
my @configs = ( $defaultcnf ); my @configs = ( $defaultcnf );
# Only add the FIPS config if the FIPS module has been built # Only add the FIPS config if the FIPS module has been built
push @configs, 'fips.cnf' unless $no_fips; push @configs, 'fips-and-base.cnf' unless $no_fips;
# A list of tests that run with both the default and fips provider. # A list of tests that run with both the default and fips provider.
my @files = qw( my @files = qw(

2
test/recipes/65-test_cmp_client.t
View File

@ -44,5 +44,5 @@ unless ($no_fips) {
'-module', bldtop_file('providers', platform->dso('fips'))])), '-module', bldtop_file('providers', platform->dso('fips'))])),
"fipsinstall"); "fipsinstall");
ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")]))); ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips-and-base.cnf")])));
} }

3
test/recipes/65-test_cmp_msg.t
View File

@ -42,5 +42,6 @@ unless ($no_fips) {
'-module', bldtop_file('providers', platform->dso('fips'))])), '-module', bldtop_file('providers', platform->dso('fips'))])),
"fipsinstall"); "fipsinstall");
ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")]))); ok(run(test([@basic_cmd,
"fips", srctop_file("test", "fips-and-base.cnf")])));
} }

3
test/recipes/65-test_cmp_protect.t
View File

@ -52,5 +52,6 @@ unless ($no_fips) {
'-module', bldtop_file('providers', platform->dso('fips'))])), '-module', bldtop_file('providers', platform->dso('fips'))])),
"fipsinstall"); "fipsinstall");
ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")]))); ok(run(test([@basic_cmd,
"fips", srctop_file("test", "fips-and-base.cnf")])));
} }

2
test/recipes/80-test_cms.t
View File

@ -59,7 +59,7 @@ unless ($no_fips) {
'-out', bldtop_file('providers', 'fipsmodule.cnf'), '-out', bldtop_file('providers', 'fipsmodule.cnf'),
'-module', $infile])), '-module', $infile])),
"fipsinstall"); "fipsinstall");
@config = ( "-config", srctop_file("test", "fips.cnf") ); @config = ( "-config", srctop_file("test", "fips-and-base.cnf") );
$provname = 'fips'; $provname = 'fips';
} }

2
test/recipes/80-test_ssl_new.t
View File

@ -171,7 +171,7 @@ sub test_conf {
if ($provider eq "fips") { if ($provider eq "fips") {
ok(run(test(["ssl_test", $output_file, $provider, ok(run(test(["ssl_test", $output_file, $provider,
srctop_file("test", "fips.cnf")])), srctop_file("test", "fips-and-base.cnf")])),
"running ssl_test $conf"); "running ssl_test $conf");
} else { } else {
ok(run(test(["ssl_test", $output_file, $provider])), ok(run(test(["ssl_test", $output_file, $provider])),

3
test/recipes/80-test_ssl_old.t
View File

@ -106,7 +106,8 @@ subtest 'test_ss' => sub {
note('test_ssl -- key U'); note('test_ssl -- key U');
testssl("keyU.ss", $Ucert, $CAcert, "default", srctop_file("test","default.cnf")); testssl("keyU.ss", $Ucert, $CAcert, "default", srctop_file("test","default.cnf"));
unless ($no_fips) { unless ($no_fips) {
testssl("keyU.ss", $Ucert, $CAcert, "fips", srctop_file("test","fips.cnf")); testssl("keyU.ss", $Ucert, $CAcert, "fips",
srctop_file("test","fips-and-base.cnf"));
} }
# ----------- # -----------

2
test/recipes/90-test_sslapi.t
View File

@ -45,7 +45,7 @@ unless ($no_fips) {
ok(run(test(["sslapitest", srctop_dir("test", "certs"), ok(run(test(["sslapitest", srctop_dir("test", "certs"),
srctop_file("test", "recipes", "90-test_sslapi_data", srctop_file("test", "recipes", "90-test_sslapi_data",
"passwd.txt"), $tmpfilename, "fips", "passwd.txt"), $tmpfilename, "fips",
srctop_file("test", "fips.cnf")])), srctop_file("test", "fips-and-base.cnf")])),
"running sslapitest"); "running sslapitest");
} }