QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-10 16:39:40 +00:00
Code Issues Projects Releases Wiki Activity

Clean up some SM2 related TODOs in the tests

Browse Source 
Now that we have full SM2 support, we can remove some TODOs from the tests.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12913)
This commit is contained in:
Matt Caswell 2020-09-18 10:41:58 +01:00
parent ce64d3eee0
commit fb2a6954fb
3 changed files with 7 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
test/evp_extra_test.c
View File

@ -1070,13 +1070,6 @@ static int test_EVP_SM2(void)
goto done; goto done;
/* now check encryption/decryption */ /* now check encryption/decryption */
/*
* SM2 public key encrytion is not moved into default provider yet,
* so we make sure the key gets downgraded for the moment being.
* TODO Remove this call when provided SM2 encryption is implemented
*/
if (!TEST_ptr(EVP_PKEY_get0(pkey)))
goto done;
if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL))) if (!TEST_ptr(cctx = EVP_PKEY_CTX_new(pkey, NULL)))
goto done; goto done;

10
test/recipes/20-test_pkeyutl.t
View File

@ -24,20 +24,14 @@ SKIP: {
skip "Skipping tests that require EC, SM2 or SM3", 2 skip "Skipping tests that require EC, SM2 or SM3", 2
if disabled("ec") || disabled("sm2") || disabled("sm3"); if disabled("ec") || disabled("sm2") || disabled("sm3");
# TODO(3.0) Remove this when we have a SM2 keymgmt and decoder
my @tmp_sm2_hack = qw(-engine loader_attic)
unless disabled('dynamic-engine') || disabled('deprecated-3.0');
skip "Skipping tests that require dynamic enginess (temporary meaasure)", 2
unless @tmp_sm2_hack;
# SM2 # SM2
ok_nofips(run(app(([ 'openssl', 'pkeyutl', @tmp_sm2_hack, '-sign', ok_nofips(run(app(([ 'openssl', 'pkeyutl', '-sign',
'-in', srctop_file('test', 'certs', 'sm2.pem'), '-in', srctop_file('test', 'certs', 'sm2.pem'),
'-inkey', srctop_file('test', 'certs', 'sm2.key'), '-inkey', srctop_file('test', 'certs', 'sm2.key'),
'-out', 'sm2.sig', '-rawin', '-out', 'sm2.sig', '-rawin',
'-digest', 'sm3', '-pkeyopt', 'distid:someid']))), '-digest', 'sm3', '-pkeyopt', 'distid:someid']))),
"Sign a piece of data using SM2"); "Sign a piece of data using SM2");
ok_nofips(run(app(([ 'openssl', 'pkeyutl', @tmp_sm2_hack, ok_nofips(run(app(([ 'openssl', 'pkeyutl',
'-verify', '-certin', '-verify', '-certin',
'-in', srctop_file('test', 'certs', 'sm2.pem'), '-in', srctop_file('test', 'certs', 'sm2.pem'),
'-inkey', srctop_file('test', 'certs', 'sm2.pem'), '-inkey', srctop_file('test', 'certs', 'sm2.pem'),

18
test/recipes/25-test_req.t
View File

@ -29,14 +29,6 @@ if (disabled("rsa")) {
note("There should not be more that at most 80 per line"); note("There should not be more that at most 80 per line");
} }
# TODO(3.0) This should be removed as soon as missing support is added
# Identified problems:
# - SM2 lacks provider-native keymgmt and decoder
# - ED25519, ED448, X25519 and X448 signature implementations do not
# respond to the "algorithm-id" parameter request.
my @tmp_loader_hack = qw(-engine loader_attic)
unless disabled('dynamic-engine') || disabled('deprecated-3.0');
# Check for duplicate -addext parameters, and one "working" case. # Check for duplicate -addext parameters, and one "working" case.
my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem", my @addext_args = ( "openssl", "req", "-new", "-out", "testreq.pem",
"-config", srctop_file("test", "test.cnf"), @req_new ); "-config", srctop_file("test", "test.cnf"), @req_new );
@ -195,28 +187,28 @@ subtest "generating SM2 certificate requests" => sub {
SKIP: { SKIP: {
skip "SM2 is not supported by this OpenSSL build", 4 skip "SM2 is not supported by this OpenSSL build", 4
if disabled("sm2") || !@tmp_loader_hack; if disabled("sm2");
ok(run(app(["openssl", "req", @tmp_loader_hack, ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"), "-config", srctop_file("test", "test.cnf"),
"-new", "-key", srctop_file("test", "certs", "sm2.key"), "-new", "-key", srctop_file("test", "certs", "sm2.key"),
"-sigopt", "distid:1234567812345678", "-sigopt", "distid:1234567812345678",
"-out", "testreq-sm2.pem", "-sm3"])), "-out", "testreq-sm2.pem", "-sm3"])),
"Generating SM2 certificate request"); "Generating SM2 certificate request");
ok(run(app(["openssl", "req", @tmp_loader_hack, ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"), "-config", srctop_file("test", "test.cnf"),
"-verify", "-in", "testreq-sm2.pem", "-noout", "-verify", "-in", "testreq-sm2.pem", "-noout",
"-vfyopt", "distid:1234567812345678", "-sm3"])), "-vfyopt", "distid:1234567812345678", "-sm3"])),
"Verifying signature on SM2 certificate request"); "Verifying signature on SM2 certificate request");
ok(run(app(["openssl", "req", @tmp_loader_hack, ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"), "-config", srctop_file("test", "test.cnf"),
"-new", "-key", srctop_file("test", "certs", "sm2.key"), "-new", "-key", srctop_file("test", "certs", "sm2.key"),
"-sigopt", "hexdistid:DEADBEEF", "-sigopt", "hexdistid:DEADBEEF",
"-out", "testreq-sm2.pem", "-sm3"])), "-out", "testreq-sm2.pem", "-sm3"])),
"Generating SM2 certificate request with hex id"); "Generating SM2 certificate request with hex id");
ok(run(app(["openssl", "req", @tmp_loader_hack, ok(run(app(["openssl", "req",
"-config", srctop_file("test", "test.cnf"), "-config", srctop_file("test", "test.cnf"),
"-verify", "-in", "testreq-sm2.pem", "-noout", "-verify", "-in", "testreq-sm2.pem", "-noout",
"-vfyopt", "hexdistid:DEADBEEF", "-sm3"])), "-vfyopt", "hexdistid:DEADBEEF", "-sm3"])),