openssl/test
Bernd Edlinger 1fa2bf9b18 Fix handling of NULL sig parameter in ECDSA_sign and similar
The problem is, that it almost works to pass sig=NULL to the
ECDSA_sign, ECDSA_sign_ex and DSA_sign, to compute the necessary
space for the resulting signature.
But since the ECDSA signature is non-deterministic
(except when ECDSA_sign_setup/ECDSA_sign_ex are used)
the resulting length may be different when the API is called again.
This can easily cause random memory corruption.
Several internal APIs had the same issue, but since they are
never called with sig=NULL, it is better to make them return an
error in that case, instead of making the code more complex.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23529)
2024-04-02 17:47:29 +02:00
..
certs test: add verify test for EC cert signed with SHA3 2023-10-02 12:46:24 +02:00
ct Add config_diagnostics to our configuration files. 2021-08-04 08:15:14 +10:00
d2i-tests
helpers Add a test using the bandwidth limit filter 2024-03-15 10:19:19 +01:00
ocsp-tests s_server: test ocsp with "-cert_chain" 2024-03-12 19:54:27 +01:00
recipes Fix openssl req with -addext subjectAltName=dirName 2024-04-02 17:35:25 +02:00
smime-certs cms: avoid intermittent test failure 2023-12-18 12:18:24 +01:00
smime-eml test: add test case for deadlock reported in #19643 2022-12-08 11:11:11 +01:00
ssl-tests Set max protocol version for dtls renegotiation tests to dtls1.2 2024-01-03 12:25:00 +01:00
testutil Copyright year updates 2023-09-28 14:23:29 +01:00
aborttest.c
acvp_test.c Fix the checks of EVP_PKEY_CTX_set/get_* functions 2022-06-02 11:06:41 +02:00
acvp_test.inc
aesgcmtest.c Remove FIPS condition on IV gen test. 2022-09-21 17:02:59 +10:00
afalgtest.c Copyright year updates 2023-09-28 14:23:29 +01:00
algorithmid_test.c Fix the return check of OBJ_obj2txt 2021-11-22 11:17:48 +01:00
asn1_decode_test.c Add appropriate lower bound checks for GeneralizedTime and UTCTime 2024-02-25 09:17:41 +01:00
asn1_dsa_internal_test.c
asn1_encode_test.c Update copyright year 2021-07-29 15:41:35 +01:00
asn1_internal_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
asn1_stable_parse_test.c Fix NULL pointer deref when parsing the stable section 2024-01-12 10:37:22 +01:00
asn1_string_table_test.c
asn1_time_test.c Add appropriate lower bound checks for GeneralizedTime and UTCTime 2024-02-25 09:17:41 +01:00
asynciotest.c
asynctest.c test: Fix memory leak of asynctest 2022-09-23 14:30:09 +01:00
bad_dtls_test.c test/bad_dtls_test.c: Add checks for the EVP_MD_CTX_get_size() 2024-04-01 13:13:46 -04:00
bftest.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
bio_addr_test.c Fix the BIO_addr test 2023-10-09 10:15:40 +02:00
bio_callback_test.c
bio_comp_test.c Fix a compilation failure in bio_comp_test.c 2022-10-24 14:15:15 +01:00
bio_core_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
bio_dgram_test.c Further fix in bio_dgram_test for BIO_s_dgram_mem() 2023-09-13 11:53:13 +01:00
bio_enc_test.c Update copyright year 2022-05-03 13:34:51 +01:00
bio_memleak_test.c Fix SMIME_crlf_copy() to properly report an error 2022-12-22 11:01:06 +01:00
bio_meth_test.c Fix BIO_get_new_index() to return an error when it is exhausted. 2024-03-11 11:34:25 +00:00
bio_prefix_text.c BIO_set_indent: fix return check 2021-11-22 14:43:44 +01:00
bio_readbuffer_test.c
bio_tfo_test.c Fix asan finding in bio_tfo_test 2022-08-12 16:13:13 +01:00
bioprinttest.c
bn_internal_test.c
bn_rand_range.h
bntest.c Extend the test of BN_GF2m_mod_inv 2023-12-12 16:08:59 +00:00
bntests.pl
build_wincrypt_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
build.info Fix BIO_get_new_index() to return an error when it is exhausted. 2024-03-11 11:34:25 +00:00
ca_internals_test.c libcrypto and test: rename asn1_string_to_time_t to ossl_asn1_string_to_time_t 2022-07-19 08:44:19 +02:00
ca-and-certs.cnf APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given 2023-01-24 15:16:47 +01:00
casttest.c
CAtsa.cnf Changed the default value of the "ess_cert_id_alg" option 2023-08-25 15:05:51 +02:00
cc_dummy.c Copyright year updates 2023-09-07 09:59:15 +01:00
cert_comp_test.c Fix coverity 1516095 deadcode 2022-10-21 10:34:55 +11:00
chacha_internal_test.c Copyright year updates 2023-09-28 14:23:29 +01:00
cipher_overhead_test.c
cipherbytes_test.c
cipherlist_test.c Allow cipher strings to be given using its standard name 2021-09-30 12:20:01 +02:00
ciphername_test.c
clienthellotest.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
cmactest.c Fix new typos found by codespell 2023-06-18 16:53:09 +10:00
cmp_asn_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
cmp_client_test.c crypto/cmp/,apps/lib/cmp_mock_srv.c: various improvements on delayed delivery 2023-12-21 23:06:42 +01:00
cmp_ctx_test.c Don't free aliased pointers in ctx cmp_ctx tests 2023-12-01 10:52:01 -05:00
cmp_hdr_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
cmp_msg_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
cmp_protect_test.c cmp: add null pointer check in tear_down test function 2023-10-13 17:35:05 +02:00
cmp_server_test.c crypto/cmp/,apps/lib/cmp_mock_srv.c: various improvements on delayed delivery 2023-12-21 23:06:42 +01:00
cmp_status_test.c CMP+CRMF: fix formatting nits in crypto/, include/, and test/ 2022-11-24 13:45:06 +01:00
cmp_vfy_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
cms-examples.pl
cmsapitest.c Copyright year updates 2023-09-07 09:59:15 +01:00
conf_include_test.c Add config tests for including provider config files 2023-11-09 13:27:56 +01:00
confdump.c
constant_time_test.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
context_internal_test.c Update copyright year 2022-05-03 13:34:51 +01:00
crltest.c Update copyright year 2022-05-03 13:34:51 +01:00
ct_test.c Update copyright year 2022-05-03 13:34:51 +01:00
ctype_internal_test.c
curve448_internal_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
d2i_test.c
dane-cross.in Apply the correct Apache v2 license 2022-02-14 10:08:21 +01:00
danetest.c add OSSL_STACK_OF_X509_free() for commonly used pattern 2021-12-21 12:11:49 +01:00
danetest.in Add last missing TLSA usage/selector/mtype test case 2023-11-29 10:31:42 +01:00
danetest.pem
data2.bin
data.bin
decoder_propq_test.c Fix decoders so that they use the passed in propq. 2023-08-16 18:02:51 +02:00
default-and-fips.cnf Make the activate setting more intuitive 2023-12-21 09:22:40 -05:00
default-and-legacy.cnf Add config_diagnostics to our configuration files. 2021-08-04 08:15:14 +10:00
default.cnf Make the activate setting more intuitive 2023-12-21 09:22:40 -05:00
defltfips_test.c Fix copyrights 2022-02-03 13:56:38 +01:00
destest.c Copyright year updates 2023-09-07 09:59:15 +01:00
dhkem_test.inc Copyright year updates 2023-09-07 09:59:15 +01:00
dhtest.c Copyright year updates 2023-09-07 09:59:15 +01:00
drbgtest.c Copyright year updates 2023-09-28 14:23:29 +01:00
dsa_no_digest_size_test.c
dsatest.c Fix handling of NULL sig parameter in ECDSA_sign and similar 2024-04-02 17:47:29 +02:00
dtls_mtu_test.c SSL object refactoring using SSL_CONNECTION object 2022-07-28 10:04:28 +01:00
dtlstest.c Copyright year updates 2023-09-07 09:59:15 +01:00
dtlsv1listentest.c
ec_internal_test.c Add test for EC_KEY_set_private_key() 2022-08-04 12:17:08 +03:00
ecdsatest.c Fix handling of NULL sig parameter in ECDSA_sign and similar 2024-04-02 17:47:29 +02:00
ecdsatest.h
ecstresstest.c
ectest.c "foo * bar" should be "foo *bar" 2023-09-11 10:15:30 +02:00
endecode_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
endecoder_legacy_test.c
enginetest.c Update copyright year 2022-05-03 13:34:51 +01:00
errtest.c Add a test for OSSL_ERR_STATE_save_to_mark() 2023-10-23 10:08:22 +01:00
event_queue_test.c Make OSSL_TIME a structure 2022-08-12 15:44:01 +01:00
evp_extra_test2.c gate calling of evp_method_id on having a non-zero name id 2024-01-01 12:57:59 -05:00
evp_extra_test.c Fix testcases to run on duplicated keys 2024-02-07 11:15:50 +01:00
evp_fetch_prov_test.c Make the activate setting more intuitive 2023-12-21 09:22:40 -05:00
evp_kdf_test.c validate requested key length in kdf_pbkdf1_do_derive 2024-01-03 10:05:49 -05:00
evp_libctx_test.c Fix new typos found by codespell 2024-02-14 09:36:11 +01:00
evp_pkey_ctx_new_from_name.c Testing the EVP_PKEY_CTX_new_from_name without preliminary init 2022-04-29 14:13:02 +02:00
evp_pkey_dhkem_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
evp_pkey_dparams_test.c Update copyright year 2022-05-03 13:34:51 +01:00
evp_pkey_provided_test.c Fix testcases to run on duplicated keys 2024-02-07 11:15:50 +01:00
evp_test.c fix missing null check in kdf_test_ctrl 2024-01-30 09:53:14 -05:00
evp_xof_test.c Add EVP_DigestSqueeze() API. 2023-11-10 13:27:00 +01:00
exdatatest.c
exptest.c Copyright year updates 2023-09-07 09:59:15 +01:00
ext_internal_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
fake_rsaprov.c Add Test to verify open_ex password checking works 2023-09-19 12:24:07 +02:00
fake_rsaprov.h Copyright year updates 2023-09-28 14:23:29 +01:00
fatalerrtest.c
ffc_internal_test.c DH_check_pub_key() should not fail when setting result code 2023-10-11 16:22:27 +02:00
filterprov.c Copyright year updates 2023-09-07 09:59:15 +01:00
filterprov.h
fips_version_test.c With fips provider 3.0.0 skip tests related to explicit curves handling 2022-09-16 08:34:53 +10:00
fips-alt.cnf Add some testing for the case where the FIPS provider fails to load 2021-07-28 10:35:06 +10:00
fips-and-base.cnf test: note that a default property query must be included for FIPS validity 2023-01-24 12:35:37 +00:00
fips.cnf Add config_diagnostics to our configuration files. 2021-08-04 08:15:14 +10:00
generate_buildtest.pl
generate_ssl_tests.pl
gmdifftest.c
hexstr_test.c
hmactest.c Add test case to verify that the use after free issue is fixed. 2021-12-17 14:39:20 +11:00
hpke_test.c Add additional internal HPKE hardening checks resulting from code audit. 2023-11-03 09:10:19 +01:00
http_test.c Minor docfix for OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines(3) 2024-03-15 11:36:25 +01:00
ideatest.c
igetest.c
insta_ca.cert.pem Remove executable mode attributes of non-executable files 2021-07-13 16:04:32 +10:00
insta.priv.pem Remove executable mode attributes of non-executable files 2021-07-13 16:04:32 +10:00
invalid-x509.cnf Validate config options during x509 extension creation 2024-01-05 13:20:34 -05:00
json_test.c Try to fix intermittent CI failures in quic_multistream test 2024-03-15 17:21:35 +01:00
keymgmt_internal_test.c Fix testcases to run on duplicated keys 2024-02-07 11:15:50 +01:00
legacy.cnf Add config_diagnostics to our configuration files. 2021-08-04 08:15:14 +10:00
lhash_test.c Add deprecation macro for 3.1 and deprecate OPENSSL_LH_stats 2022-06-22 09:36:14 +02:00
list_test.c list: add debug sanity checks 2022-11-16 18:02:02 +11:00
localetest.c Include the e_os.h before string.h 2022-05-13 08:30:41 +02:00
mdc2_internal_test.c
mdc2test.c Cleanup : directly include of internal/nelem.h when required. 2022-11-23 18:08:25 +01:00
membio_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
memleaktest.c
modes_internal_test.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
moduleloadtest.c
namemap_internal_test.c
nodefltctxtest.c Add a test for no initialisation of the default config file 2023-02-22 10:03:14 +11:00
null.cnf Add a test for no initialisation of the default config file 2023-02-22 10:03:14 +11:00
ocspapitest.c Copyright year updates 2023-09-28 14:23:29 +01:00
ossl_store_test.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
p_minimal.c Add a minimal test provider 2023-12-04 15:12:34 +01:00
p_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
packettest.c Copyright year updates 2023-09-07 09:59:15 +01:00
pairwise_fail_test.c Implement PCT for EDDSA 2024-03-01 11:06:03 +01:00
param_build_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
params_api_test.c Check appropriate OSSL_PARAM_get_* functions for NULL 2024-01-09 16:56:55 +01:00
params_conversion_test.c Update copyright year 2022-05-03 13:34:51 +01:00
params_test.c Have OSSL_PARAM_allocate_from_text() fail on odd number of hex digits 2024-01-25 16:36:55 +01:00
pbelutest.c
pbetest.c Copyright year updates 2023-09-07 09:59:15 +01:00
pem_read_depr_test.c Update copyright year 2021-07-29 15:41:35 +01:00
pemtest.c Copyright year updates 2023-09-07 09:59:15 +01:00
pkcs7_test.c
pkcs7-1.pem
pkcs7.pem
pkcs12_api_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
pkcs12_format_test.c Copyright year updates 2023-09-28 14:23:29 +01:00
pkey_meth_kdf_test.c
pkey_meth_test.c
pkits-test.pl
poly1305_internal_test.c
priority_queue_test.c Add unit test for #22644 2023-11-08 11:09:12 +00:00
property_test.c Add overflow checks to parse_number/parse_hex/parse_oct 2023-12-07 12:07:43 -05:00
prov_config_test.c Detect and prevent recursive config parsing 2023-12-21 13:38:31 -05:00
provfetchtest.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_default_search_path_test.c Implement OSSL_PROVIDER_get0_default_search_path, add docs and tests. 2022-12-06 18:24:06 +01:00
provider_fallback_test.c
provider_internal_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
provider_internal_test.cnf.in Add config_diagnostics to our configuration files. 2021-08-04 08:15:14 +10:00
provider_pkey_test.c Copyright year updates 2023-09-28 14:23:29 +01:00
provider_status_test.c
provider_test.c test_provider_ex(): Add missing call failure checks 2023-10-09 10:21:19 +11:00
proxy.cnf Add config_diagnostics to our configuration files. 2021-08-04 08:15:14 +10:00
punycode_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_ackm_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_cc_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_cfq_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
quic_client_test.c Raise the timeout in quic_client_test.c 2023-08-28 10:02:23 +02:00
quic_fc_test.c QUIC: Uniform changes for QUIC error code definitions rename 2024-03-07 23:48:49 +00:00
quic_fifd_test.c QUIC FIFD: Allow QLOG instance retrieval via callback 2024-02-19 10:15:46 +01:00
quic_lcidm_test.c QUIC LCIDM: Minor fixes 2023-12-06 10:40:11 +00:00
quic_multistream_test.c QUIC MULTISTREAM TEST: Test write buffer statistics queries 2024-03-09 08:56:59 +00:00
quic_newcid_test.c Add the ability to do client side tracing in quictestlib.c 2023-09-22 13:56:43 +01:00
quic_qlog_test.c QUIC QLOG: Fix ANSI 2024-03-06 20:44:48 +00:00
quic_rcidm_test.c QUIC RCIDM: Minor updates 2024-01-11 11:16:27 +01:00
quic_record_test_util.h Copyright year updates 2023-09-07 09:59:15 +01:00
quic_record_test.c QUIC QRL TEST: Remove dependency on legacy DEMUX-QRX routing 2023-12-21 08:12:00 +00:00
quic_srt_gen_test.c QUIC SRT GEN: Minor updates 2023-11-25 09:14:05 +00:00
quic_srtm_test.c QUIC SRTM: Add test 2023-11-23 14:46:01 +00:00
quic_stream_test.c QUIC SSTREAM: Fix bug in ossl_quic_sstream_is_totally_acked 2023-11-02 08:49:01 +00:00
quic_tserver_test.c quic_tserver_test: Raise the initial timeout limit 2023-10-25 09:35:31 +01:00
quic_txp_test.c QUIC TXP TEST: Remove dependency on legacy DEMUX-QRX routing 2023-12-21 08:12:00 +00:00
quic_txpim_test.c QUIC TXPIM 2022-11-07 18:18:04 +00:00
quic_wire_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
quicapitest.c Add a test using the bandwidth limit filter 2024-03-15 10:19:19 +01:00
quicfaultstest.c QUIC: Uniform changes for QUIC error code definitions rename 2024-03-07 23:48:49 +00:00
rand_status_test.c
rand_test.c Add test case for uniform random generators 2023-11-01 12:05:28 +01:00
rc2test.c
rc4test.c
rc5test.c
rdcpu_sanitytest.c Update copyright year 2022-05-03 13:34:51 +01:00
README-dev.md testutil: allow a failure return from setup_tests that doesn't print help 2023-08-04 11:57:27 +10:00
README-external.md updated (lib+)oqsprovider to latest releases 2023-06-15 08:39:10 +10:00
README.md Fix instructions for running tests on Windows 2023-12-18 10:47:31 +01:00
README.ssltest.md Make running individual ssl-test easier 2022-05-27 14:17:29 -04:00
recordlentest.c Copyright year updates 2023-09-07 09:59:15 +01:00
recursive.cnf Detect and prevent recursive config parsing 2023-12-21 13:38:31 -05:00
rpktest.c configure: introduce no-ecx to remove ECX related feature 2023-06-14 13:06:22 +10:00
rsa_complex.c djgpp: Skip test/rsa_complex.c 2022-09-29 12:48:23 +02:00
rsa_mp_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
rsa_sp800_56b_test.c rsa: Add SP800-56Br2 6.4.1.2.1 (3.c) check 2023-10-25 09:26:51 +01:00
rsa_test.c Fix Coverity 1547856: memset() uses only the lowest byte of c 2023-10-24 14:23:50 +01:00
rsa_x931_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
run_tests.pl Use GH action commands to group/collapse filtered output 2023-12-21 09:05:42 -05:00
safe_math_test.c Update copyright year 2022-05-03 13:34:51 +01:00
sanitytest.c Copyright year updates 2023-09-07 09:59:15 +01:00
secmemtest.c Update copyright year 2022-05-03 13:34:51 +01:00
serverinfo2.pem
serverinfo.pem
servername_test.c
session.pem
sha_test.c
shibboleth.pfx
shlibloadtest.c
simpledynamic.c Update copyright year 2021-07-29 15:41:35 +01:00
simpledynamic.h
siphash_internal_test.c Uninitialized array variable 2024-01-19 14:04:11 +01:00
sm2_internal_test.c feat: Add sm2 signature test case from GM/T 0003.5-2012 2021-10-12 18:09:14 +02:00
sm3_internal_test.c Apply the correct Apache v2 license 2022-02-14 10:08:21 +01:00
sm4_internal_test.c
smcont_zero.txt
smcont.bin
smcont.txt
sparse_array_test.c
srptest.c
ssl_cert_table_internal_test.c Cast values to match printf format strings. 2022-11-14 07:47:53 +00:00
ssl_ctx_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_handshake_rtt_test.c [feat] SSL RTT in both client and server statem. SSL_get_handshake_rtt makes it available 2023-06-02 05:46:46 +02:00
ssl_old_test.c Correct ssl_old_test stream handling 2024-01-05 12:13:19 +01:00
ssl_test_ctx_test.c
ssl_test_ctx_test.cnf
ssl_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
ssl_test.tmpl
sslapitest.c Add test for ignoring unknown sigalgs and groups marked with ? 2024-03-06 10:42:05 +01:00
sslbuffertest.c Copyright year updates 2023-09-07 09:59:15 +01:00
sslcorrupttest.c tests: clear error queue before executing a testcase 2022-10-27 18:39:29 +02:00
stack_test.c fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
sysdefault.cnf Test that incorrect entry in the ssl section is not fatal 2023-12-19 12:03:02 +01:00
sysdefaulttest.c
test_asn1_parse.cnf Harden asn1 oid loader to invalid inputs 2023-12-13 11:10:36 -05:00
test_test.c test: placate Clang's --Wbitwise-instead-of-logical 2022-06-27 11:43:47 +10:00
test.cnf Fix openssl req with -addext subjectAltName=dirName 2024-04-02 17:35:25 +02:00
testcrl.pem
testdsa.pem
testdsapub.pem
testec-p112r1.pem TEST: Check property query support of apps/pkey 2022-08-17 09:20:41 +02:00
testec-p256.pem
testecpub-p256.pem
tested448.pem
tested448pub.pem
tested25519.pem
tested25519pub.pem
testp7.pem
testreq2.pem
testrsa2048.pem
testrsa2048pub.pem Test that signatures using hash name commands work properly 2022-11-07 14:40:09 +01:00
testrsa_withattrs.der
testrsa_withattrs.pem
testrsa.pem
testrsapss.pem
testrsapssmandatory.pem
testrsapub.pem
testsid.pem
testutil.h Copyright year updates 2023-09-07 09:59:15 +01:00
testx509.pem
threadpool_test.c Split out thread pool tests into threadpool_test 2022-11-22 17:08:23 +01:00
threadstest_fips.c
threadstest.c Add locking to atomic operations in rw/rcu tests 2024-04-02 04:12:16 -04:00
threadstest.h
time_offset_test.c
time_test.c Add a test for converting OSSL_TIME to struct timeval 2023-10-20 16:33:40 +01:00
timing_load_creds.c timing_load_creds requires POSIX1.2001 due to rusage 2022-12-15 12:04:01 +01:00
tls13ccstest.c Update tls13ccstest.c, removal of deadcode 2024-03-13 17:00:48 +01:00
tls13encryptiontest.c Add tests for return codes for EVP_CIPHER_CTX_get[block_size|iv_length] 2024-01-25 08:36:17 -05:00
tls13secretstest.c Copyright year updates 2023-09-07 09:59:15 +01:00
tls-provider.c Add check for xor_get_aid() 2024-03-12 19:32:32 +01:00
trace_api_test.c trace_api_test.c: Separate tracing statements 2023-10-13 15:04:42 +02:00
uitest.c Fix the checks of UI_add_input_string 2022-06-02 10:36:56 -04:00
upcallstest.c Copyright year updates 2023-09-07 09:59:15 +01:00
user_property_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
v3_ca_exts.cnf
v3-cert1.pem
v3-cert2.pem
v3ext.c Fix coverity issues in X509v3_addr 2022-11-21 12:41:25 +01:00
v3nametest.c Copyright year updates 2023-09-07 09:59:15 +01:00
verify_extra_test.c Update copyright year 2022-05-03 13:34:51 +01:00
versions.c
wpackettest.c Copyright year updates 2023-09-07 09:59:15 +01:00
x509_check_cert_pkey_test.c Copyright year updates 2023-09-07 09:59:15 +01:00
x509_dup_cert_test.c Remove unused variable 'sctx' 2021-10-27 11:05:35 +02:00
x509_internal_test.c Update copyright year 2021-09-07 13:35:43 +02:00
x509_load_cert_file_test.c Fix a memory leak on successful load of CRL 2024-03-07 11:03:31 +01:00
x509_test.c Add test for X509 sign TBS cache regression. 2022-11-02 11:14:32 +01:00
x509_time_test.c Add appropriate lower bound checks for GeneralizedTime and UTCTime 2024-02-25 09:17:41 +01:00
x509aux.c Cleanup : directly include of internal/nelem.h when required. 2022-11-23 18:08:25 +01:00

Using OpenSSL Tests

After a successful build, and before installing, the libraries should be tested. Run:

$ make test                                      # Unix
$ mms test                                       ! OpenVMS
$ nmake test                                     # Windows

Warning: you MUST run the tests from an unprivileged account (or disable your privileges temporarily if your platform allows it).

If some tests fail, take a look at the section Test Failures below.

Test Failures

If some tests fail, look at the output. There may be reasons for the failure that isn't a problem in OpenSSL itself (like an OS malfunction or a Perl issue). You may want increased verbosity, that can be accomplished like this:

Full verbosity, showing full output of all successful and failed test cases (make macro VERBOSE or V):

$ make V=1 test                                  # Unix
$ mms /macro=(V=1) test                          ! OpenVMS
$ nmake V=1 test                                 # Windows

Verbosity on failed (sub-)tests only (VERBOSE_FAILURE or VF or REPORT_FAILURES):

$ make test VF=1

Verbosity on failed (sub-)tests, in addition progress on succeeded (sub-)tests (VERBOSE_FAILURE_PROGRESS or VFP or REPORT_FAILURES_PROGRESS):

$ make test VFP=1

If you want to run just one or a few specific tests, you can use the make variable TESTS to specify them, like this:

$ make TESTS='test_rsa test_dsa' test            # Unix
$ mms/macro="TESTS=test_rsa test_dsa" test       ! OpenVMS
$ nmake TESTS="test_rsa test_dsa" test           # Windows

And of course, you can combine (Unix examples shown):

$ make test TESTS='test_rsa test_dsa' VF=1
$ make test TESTS="test_cmp_*" VFP=1

You can find the list of available tests like this:

$ make list-tests                                # Unix
$ mms list-tests                                 ! OpenVMS
$ nmake list-tests                               # Windows

Have a look at the manual for the perl module Test::Harness to see what other HARNESS_* variables there are.

To report a bug please open an issue on GitHub, at https://github.com/openssl/openssl/issues.

For more details on how the make variables TESTS can be used, see section Running Selected Tests below.

Running Selected Tests

The make variable TESTS supports a versatile set of space separated tokens with which you can specify a set of tests to be performed. With a "current set of tests" in mind, initially being empty, here are the possible tokens:

 alltests      The current set of tests becomes the whole set of available
               tests (as listed when you do 'make list-tests' or similar).

 xxx           Adds the test 'xxx' to the current set of tests.

-xxx           Removes 'xxx' from the current set of tests.  If this is the
               first token in the list, the current set of tests is first
               assigned the whole set of available tests, effectively making
               this token equivalent to TESTS="alltests -xxx".

 nn            Adds the test group 'nn' (which is a number) to the current
               set of tests.

-nn            Removes the test group 'nn' from the current set of tests.
               If this is the first token in the list, the current set of
               tests is first assigned the whole set of available tests,
               effectively making this token equivalent to
               TESTS="alltests -xxx".

Also, all tokens except for "alltests" may have wildcards, such as *. (on Unix and Windows, BSD style wildcards are supported, while on VMS, it's VMS style wildcards)

Examples

Run all tests except for the fuzz tests:

$ make TESTS='-test_fuzz*' test

or, if you want to be explicit:

$ make TESTS='alltests -test_fuzz*' test

Run all tests that have a name starting with "test_ssl" but not those starting with "test_ssl_":

$ make TESTS='test_ssl* -test_ssl_*' test

Run only test group 10:

$ make TESTS='10' test

Run all tests except the slow group (group 99):

$ make TESTS='-99' test

Run all tests in test groups 80 to 99 except for tests in group 90:

$ make TESTS='[89]? -90' test

To run specific fuzz tests you can use for instance:

$ make test TESTS='test_fuzz_cmp test_fuzz_cms'

To stochastically verify that the algorithm that produces uniformly distributed random numbers is operating correctly (with a false positive rate of 0.01%):

$ ./util/wrap.sh test/bntest -stochastic

Running Tests in Parallel

By default the test harness will execute the selected tests sequentially. Depending on the platform characteristics, running more than one test job in parallel may speed up test execution. This can be requested by setting the HARNESS_JOBS environment variable to a positive integer value. This specifies the maximum number of test jobs to run in parallel.

Depending on the Perl version different strategies could be adopted to select which test recipes can be run in parallel. In recent versions of Perl, unless specified otherwise, any task can be run in parallel. Consult the documentation for TAP::Harness to know more.

To run up to four tests in parallel at any given time:

$ make HARNESS_JOBS=4 test

Random numbers in tests

Some tests use random numbers as part of the test. In some cases a test failure may occur for some random numbers, but not for others. The seed used for the rand number generator can be set via the OPENSSL_TEST_RAND_SEED environment variable. It can also be set via the OPENSSL_TEST_RAND_ORDER environment variable which additionally randomises the order tests are run in (see below).

When a test fails the test harness will display the seed used during the test (displaying either the OPENSSL_TEST_RAND_SEED or OPENSSL_TEST_RAND_ORDER environment variable value that must be used to recreate the results), e.g.

$ make OPENSSL_TEST_RAND_SEED=42 test

Randomisation of Test Ordering

By default, the test harness will execute tests in the order they were added. By setting the OPENSSL_TEST_RAND_ORDER environment variable to zero, the test ordering will be randomised. This additionally seeds the random number generator used within the tests as described in the section above. If a randomly ordered test fails, the seed value used will be reported. Setting the OPENSSL_TEST_RAND_ORDER environment variable to this value will rerun the tests in the same order and will also seed the test random number generator. This assures repeatability of randomly ordered test runs. This repeatability is independent of the operating system, processor or platform used.

To randomise the test ordering:

$ make OPENSSL_TEST_RAND_ORDER=0 test

To run the tests using the order defined by the random seed 42:

$ make OPENSSL_TEST_RAND_ORDER=42 test