Test that properties are mirrored as we expect

Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15242)
2024-11-27 05:21:51 +08:00 · 2021-05-11 11:44:43 +01:00 · 2021-05-11 11:44:43 +01:00 · 18cb5c31e1
commit 18cb5c31e1
parent 447588b69a
3 changed files with 41 additions and 4 deletions
--- a/test/p_test.c
+++ b/test/p_test.c
@ -266,6 +266,18 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
        p_teardown(ctx);
        return 0;
    }
+    /*
+     * The default provider is loaded - but the default properties should not
+     * allow its use.
+     */
+    {
+        EVP_MD *sha256 = EVP_MD_fetch(ctx->libctx, "SHA2-256", NULL);
+        if (sha256 != NULL) {
+            EVP_MD_free(sha256);
+            p_teardown(ctx);
+            return 0;
+        }
+    }
 #endif

    /*
--- a/test/provider_internal_test.c
+++ b/test/provider_internal_test.c
@ -53,11 +53,23 @@ static int test_builtin_provider(void)
 {
    const char *name = "p_test_builtin";
    OSSL_PROVIDER *prov = NULL;
+    int ret;

-    return
+    /*
+     * We set properties that we know the providers we are using don't have.
+     * This should mean that the p_test provider will fail any fetches - which
+     * is something we test inside the provider.
+     */
+    EVP_set_default_properties(NULL, "fips=yes");
+
+    ret =
        TEST_ptr(prov =
                 ossl_provider_new(NULL, name, PROVIDER_INIT_FUNCTION_NAME, 0))
        && test_provider(prov, expected_greeting1(name));
+
+    EVP_set_default_properties(NULL, "");
+
+    return ret;
 }

 #ifndef NO_PROVIDER_MODULE
--- a/test/provider_test.c
+++ b/test/provider_test.c
@ -41,14 +41,27 @@ static int test_provider(OSSL_LIB_CTX **libctx, const char *name,
                 "Hello OpenSSL %.20s, greetings from %s!",
                 OPENSSL_VERSION_STR, name);

+
    /*
-        * Check that it is possible to have a built-in provider mirrored in
-        * a child lib ctx.
-        */
+     * We set properties that we know the providers we are using don't have.
+     * This should mean that the p_test provider will fail any fetches - which
+     * is something we test inside the provider.
+     */
+    EVP_set_default_properties(*libctx, "fips=yes");
+    /*
+     * Check that it is possible to have a built-in provider mirrored in
+     * a child lib ctx.
+     */
    if (!TEST_ptr(base = OSSL_PROVIDER_load(*libctx, "base")))
        goto err;
    if (!TEST_ptr(prov = OSSL_PROVIDER_load(*libctx, name)))
        goto err;
+
+    /*
+     * Once the provider is loaded we clear the default properties and fetches
+     * should start working again.
+     */
+    EVP_set_default_properties(*libctx, "");
    if (dolegacycheck) {
        if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
                || !TEST_true(digestsuccess))