mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-18 13:44:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add test for openssl ecparam with fips and base providers

Browse Source 
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17981)
This commit is contained in:
Tomas Mraz 2022-03-30 16:04:55 +02:00
parent e20af37d06
commit 269c349a76
1 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
test/recipes/15-test_ecparam.t
View File

@ -13,7 +13,7 @@ use warnings;
use File::Spec;
use File::Compare qw/compare_text/;
use OpenSSL::Glob;
use OpenSSL::Test qw/:DEFAULT data_file/;
use OpenSSL::Test qw/:DEFAULT data_file srctop_file bldtop_dir/;
use OpenSSL::Test::Utils;
setup("test_ecparam");
@ -25,7 +25,7 @@ my @valid = glob(data_file("valid", "*.pem"));
my @noncanon = glob(data_file("noncanon", "*.pem"));
my @invalid = glob(data_file("invalid", "*.pem"));
plan tests => 11;
plan tests => 12;
sub checkload {
my $files = shift; # List of files
@ -59,6 +59,8 @@ sub checkcompare {
}
}
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
subtest "Check loading valid parameters by ecparam with -check" => sub {
plan tests => scalar(@valid);
checkload(\@valid, 1, "ecparam", "-check");
@ -113,3 +115,31 @@ subtest "Check pkeyparam does not change the parameter file on output" => sub {
plan tests => 2 * scalar(@valid);
checkcompare(\@valid, "pkeyparam");
};
subtest "Check loading of fips and non-fips params" => sub {
plan skip_all => "FIPS is disabled"
if $no_fips;
plan tests => 3;
my $fipsconf = srctop_file("test", "fips-and-base.cnf");
my $defaultconf = srctop_file("test", "default.cnf");
$ENV{OPENSSL_CONF} = $fipsconf;
ok(run(app(['openssl', 'ecparam',
'-in', data_file('valid', 'secp384r1-explicit.pem'),
'-check'])),
"Loading explicitly encoded valid curve");
ok(run(app(['openssl', 'ecparam',
'-in', data_file('valid', 'secp384r1-named.pem'),
'-check'])),
"Loading named valid curve");
ok(!run(app(['openssl', 'ecparam',
'-in', data_file('valid', 'secp112r1-named.pem'),
'-check'])),
"Fail loading named non-fips curve");
$ENV{OPENSSL_CONF} = $defaultconf;
};