EVP_get_default_properties - tests

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25434)
2024-09-11 16:48:44 +02:00 · 2024-09-11 16:48:44 +02:00 · d81709316f
commit d81709316f
parent ac645995c4
3 changed files with 90 additions and 3 deletions
--- a/test/default-for-evptest.cnf
+++ b/test/default-for-evptest.cnf
@ -0,0 +1,21 @@
+openssl_conf = openssl_init
+
+# Comment out the next line to ignore configuration errors
+config_diagnostics = 1
+
+[openssl_init]
+providers = provider_sect
+alg_section = evp_properties
+
+[provider_sect]
+default = default_sect
+legacy  = legacy_sect
+
+[default_sect]
+activate = true
+
+[legacy_sect]
+activate = false
+
+[evp_properties]
+default_properties="test.fizzbuzz=buzzfizz"
--- a/test/evp_extra_test.c
+++ b/test/evp_extra_test.c
@ -863,11 +863,33 @@ static EVP_PKEY *load_example_hmac_key(void)
    return pkey;
 }

+static int test_EVP_set_config_properties(void)
+{
+    char *fetched_properties = NULL;
+    const char test_propq[] = "test.fizzbuzz=buzzfizz";
+    int res = 0;
+
+    fetched_properties = EVP_get1_default_properties(OSSL_LIB_CTX_get0_global_default());
+    if (!TEST_ptr(fetched_properties)
+            || !TEST_str_eq(fetched_properties, test_propq))
+        goto err;
+    OPENSSL_free(fetched_properties);
+    fetched_properties = NULL;
+
+    res = 1;
+err:
+    OPENSSL_free(fetched_properties);
+    return res;
+}
+
 static int test_EVP_set_default_properties(void)
 {
    OSSL_LIB_CTX *ctx;
    EVP_MD *md = NULL;
    int res = 0;
+    char *fetched_properties = NULL;
+    const char test_propq[] = "provider=fizzbang";
+    const char test_fips_propq[] = "fips=yes,provider=fizzbang";

    if (!TEST_ptr(ctx = OSSL_LIB_CTX_new())
            || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
@ -875,18 +897,38 @@ static int test_EVP_set_default_properties(void)
    EVP_MD_free(md);
    md = NULL;

-    if (!TEST_true(EVP_set_default_properties(ctx, "provider=fizzbang"))
+    if (!TEST_true(EVP_set_default_properties(ctx, test_propq))
            || !TEST_ptr_null(md = EVP_MD_fetch(ctx, "sha256", NULL))
            || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", "-provider")))
        goto err;
    EVP_MD_free(md);
    md = NULL;

+    fetched_properties = EVP_get1_default_properties(ctx);
+    if (!TEST_ptr(fetched_properties)
+            || !TEST_str_eq(fetched_properties, test_propq))
+        goto err;
+    OPENSSL_free(fetched_properties);
+    fetched_properties = NULL;
+
+    if (!TEST_true(EVP_default_properties_enable_fips(ctx, 1)))
+        goto err;
+    fetched_properties = EVP_get1_default_properties(ctx);
+    if (!TEST_ptr(fetched_properties)
+            || !TEST_str_eq(fetched_properties, test_fips_propq))
+        goto err;
+    OPENSSL_free(fetched_properties);
+    fetched_properties = NULL;
+
+    if (!TEST_true(EVP_default_properties_enable_fips(ctx, 0)))
+        goto err;
+
    if (!TEST_true(EVP_set_default_properties(ctx, NULL))
            || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL)))
        goto err;
    res = 1;
 err:
+    OPENSSL_free(fetched_properties);
    EVP_MD_free(md);
    OSSL_LIB_CTX_free(ctx);
    return res;
@ -5461,6 +5503,7 @@ typedef enum OPTION_choice {
    OPT_ERR = -1,
    OPT_EOF = 0,
    OPT_CONTEXT,
+    OPT_CONFIG_FILE,
    OPT_TEST_ENUM
 } OPTION_CHOICE;

@ -5469,6 +5512,8 @@ const OPTIONS *test_get_options(void)
    static const OPTIONS options[] = {
        OPT_TEST_OPTIONS_DEFAULT_USAGE,
        { "context", OPT_CONTEXT, '-', "Explicitly use a non-default library context" },
+        { "config", OPT_CONFIG_FILE, '<',
+          "The configuration file to use for the libctx" },
        { NULL }
    };
    return options;
@ -5868,6 +5913,7 @@ static int test_invalid_ctx_for_digest(void)

 int setup_tests(void)
 {
+    char *config_file = NULL;
    OPTION_CHOICE o;

    while ((o = opt_next()) != OPT_EOF) {
@ -5893,6 +5939,11 @@ int setup_tests(void)
            lgcyprov = OSSL_PROVIDER_load(testctx, "legacy");
 #endif
            break;
+        case OPT_CONFIG_FILE:
+            config_file = opt_arg();
+            if (!test_get_libctx(&testctx, &nullprov, config_file, NULL, NULL))
+                return 0;
+            break;
        case OPT_TEST_CASES:
            break;
        default:
@ -5900,6 +5951,11 @@ int setup_tests(void)
        }
    }

+    if (config_file != NULL) {
+        ADD_TEST(test_EVP_set_config_properties);
+        return 1;
+    }
+
    ADD_TEST(test_EVP_set_default_properties);
    ADD_ALL_TESTS(test_EVP_DigestSignInit, 30);
    ADD_TEST(test_EVP_DigestVerifyInit);
--- a/test/recipes/30-test_evp_extra.t
+++ b/test/recipes/30-test_evp_extra.t
@ -10,14 +10,24 @@
 use strict;
 use warnings;

-use OpenSSL::Test qw/:DEFAULT bldtop_dir/;
+use OpenSSL::Test qw/:DEFAULT bldtop_dir srctop_file/;
+use OpenSSL::Test::Utils;

 setup("test_evp_extra");

-plan tests => 3;
+my $no_conf_autoload = disabled('autoload-config');
+
+plan tests => $no_conf_autoload ? 3 : 4;

 ok(run(test(["evp_extra_test"])), "running evp_extra_test");

+unless ($no_conf_autoload) {
+    local $ENV{OPENSSL_CONF} = srctop_file("test","default-for-evptest.cnf");
+    ok(run(test(["evp_extra_test", "-config", srctop_file("test","default-for-evptest.cnf")])),
+       "running evp_extra_test to test evp properties set in config");
+    delete local $ENV{OPENSSL_CONF};
+}
+
 # Run tests with a non-default library context
 ok(run(test(["evp_extra_test", "-context"])), "running evp_extra_test with a non-default library context");