openssl/test
Tomas Mraz 3cb55fe47c Add test cases for the non CA certificate with pathlen:0
Accept verification without -x509_strict and reject it with it.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11463)
2020-04-06 10:26:14 +02:00
..
certs Add test cases for the non CA certificate with pathlen:0 2020-04-06 10:26:14 +02:00
ct Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
d2i-tests
ocsp-tests
ossl_shim Replace BUF_ string function calls with OPENSSL_ ones 2019-10-17 23:19:59 +02:00
recipes Add test cases for the non CA certificate with pathlen:0 2020-04-06 10:26:14 +02:00
smime-certs Remove RANDFILE settings from configuration files 2019-11-24 08:35:14 +01:00
ssl-tests Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
testutil Fix common test framework options 2020-02-03 11:41:56 +00:00
aborttest.c
aesgcmtest.c Add EVP_CIPHER_CTX_tag_length() 2019-09-11 17:52:30 +10:00
afalgtest.c
asn1_decode_test.c Update source files for deprecation at 3.0 2019-11-07 11:37:25 +01:00
asn1_dsa_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
asn1_encode_test.c Update source files for deprecation at 3.0 2019-11-07 11:37:25 +01:00
asn1_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
asn1_string_table_test.c
asn1_time_test.c Add duplication APIs to ASN1_TIME and related types 2020-01-17 11:30:33 +08:00
asynciotest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
asynctest.c Deprecate most of debug-memory 2019-12-14 20:57:35 +01:00
bad_dtls_test.c TLS: use EVP for HMAC throughout libssl. 2020-01-29 19:49:23 +10:00
bftest.c Deprecate Low Level Blowfish APIs 2020-01-08 11:25:25 +00:00
bio_callback_test.c
bio_enc_test.c
bio_memleak_test.c Deprecate most of debug-memory 2019-12-14 20:57:35 +01:00
bio_prefix_text.c TEST: Add test recipe and help program to test BIO_f_prefix() 2019-12-18 19:42:44 +01:00
bioprinttest.c
bn_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
bn_rand_range.h
bntest.c Fix some typos 2019-12-11 19:04:01 +01:00
bntests.pl
build.info HTTP client: make server/proxy and port params more consistent; minor other improvements 2020-04-02 18:31:06 +02:00
CAss.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
casttest.c Deprecate the Low Level CAST APIs 2020-01-13 13:44:27 +00:00
CAtsa.cnf Remove RANDFILE settings from configuration files 2019-11-24 08:35:14 +01:00
chacha_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
cipher_overhead_test.c Reorganize local header files 2019-09-28 20:26:35 +02:00
cipherbytes_test.c
cipherlist_test.c
ciphername_test.c TLS Cipher Suite 0xC102 Support 2020-04-02 18:01:41 +03:00
clienthellotest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
cmp_asn_test.c chunk 6 of CMP contribution to OpenSSL 2019-12-12 10:57:25 +00:00
cmp_client_test.c Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests 2020-03-25 14:10:18 +01:00
cmp_ctx_test.c HTTP client: make server/proxy and port params more consistent; minor other improvements 2020-04-02 18:31:06 +02:00
cmp_hdr_test.c Fix handling of CMP msg senderKID and improve doc of related CTX functions 2020-03-10 16:09:44 +01:00
cmp_msg_test.c Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests 2020-03-25 14:10:18 +01:00
cmp_protect_test.c Fix handling of CMP msg senderKID and improve doc of related CTX functions 2020-03-10 16:09:44 +01:00
cmp_server_test.c Chunk 8 of CMP contribution to OpenSSL: CMP server and cmp_mock_srv.c for testing 2020-03-10 16:09:44 +01:00
cmp_status_test.c Chunk 8 of CMP contribution to OpenSSL: CMP server and cmp_mock_srv.c for testing 2020-03-10 16:09:44 +01:00
cmp_testlib.c Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests 2020-03-25 14:10:18 +01:00
cmp_testlib.h Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests 2020-03-25 14:10:18 +01:00
cmp_vfy_test.c Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests 2020-03-25 14:10:18 +01:00
cms-examples.pl
cmsapitest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
conf_include_test.c Remove RANDFILE settings from configuration files 2019-11-24 08:35:14 +01:00
confdump.c Make sure we free the CONF structure allocated by confdump 2019-11-15 11:08:18 +00:00
constant_time_test.c Reorganize local header files 2019-09-28 20:26:35 +02:00
context_internal_test.c
crltest.c
ct_test.c Create a new embeddedSCTs1 that's signed using SHA256 2020-02-05 22:04:37 +01:00
ctype_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
curve448_internal_test.c Implement a stricter ECX_KEY type 2020-02-11 22:32:47 +00:00
d2i_test.c Fix common test framework options 2020-02-03 11:41:56 +00:00
danetest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
danetest.in
danetest.pem
default-and-fips.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
default-and-legacy.cnf test/recipes/30-test_evp.t: Modify to test with different providers 2019-07-26 18:14:41 +02:00
default.cnf test/recipes/30-test_evp.t: Modify to test with different providers 2019-07-26 18:14:41 +02:00
destest.c Deprecate the low level DES functions. 2020-01-25 09:30:59 +10:00
dhtest.c Change DH_get_nid() to set the value of q if it is not already set 2020-03-07 07:47:58 +10:00
drbg_cavs_data_ctr.c
drbg_cavs_data_hash.c
drbg_cavs_data_hmac.c
drbg_cavs_data.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
drbg_cavs_test.c Reorganize local header files 2019-09-28 20:26:35 +02:00
drbg_extra_test.c AES CTR-DRGB: add test for 32-bit counter overflow 2020-03-11 12:14:11 +01:00
drbg_extra_test.h AES CTR-DRGB: add test for 32-bit counter overflow 2020-03-11 12:14:11 +01:00
drbgtest.c tests/drbgtest: use new RAND_DRBG callback_data API instead of ex_data 2020-02-07 11:38:57 +01:00
drbgtest.h
dsa_no_digest_size_test.c Deprecate the low level DSA functions. 2020-02-12 08:52:41 +10:00
dsatest.c Deprecate the low level DSA functions. 2020-02-12 08:52:41 +10:00
dtls_mtu_test.c Reorganize local header files 2019-09-28 20:26:35 +02:00
dtlstest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
dtlsv1listentest.c
ec_internal_test.c Deprecate the ECDSA and EV_KEY_METHOD functions. 2020-02-04 20:02:55 +10:00
ecdsatest.c TEST: Adapt all applicable tests to the new distinguishing ID 2020-03-15 19:42:05 +01:00
ecdsatest.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
ecstresstest.c Remove tab characters from C source files. 2019-07-16 20:24:10 +10:00
ectest.c Add self-test for EC_POINT_hex2point 2019-11-13 18:02:51 +02:00
enginetest.c test/enginetest.c: Make sure no config file is loaded 2019-07-19 20:18:34 +02:00
errtest.c Modernise the ERR functionality further (new functions and deprecations) 2019-09-12 17:59:52 +02:00
evp_extra_test.c Make it possible to easily specify a libctx for EVP_DigestSign* 2020-03-23 11:09:49 +00:00
evp_fetch_prov_test.c Add support for passing the libctx to the config loader 2020-03-20 20:25:39 +10:00
evp_kdf_test.c Fix no-cmac and no-camellia 2019-11-14 09:44:18 +00:00
evp_pkey_dparams_test.c
evp_pkey_provided_test.c Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields 2020-04-01 15:51:18 +10:00
evp_test.c test/evp_test.c: fix keygen_test_run() 2020-03-12 10:44:02 +01:00
evp_test.h
exdatatest.c
exptest.c
fatalerrtest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
ffc_internal_test.c Coverity 1458438: fix uninitialised memory access. 2020-02-17 19:29:05 +10:00
fips.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
generate_buildtest.pl
generate_ssl_tests.pl TEST: Optionally silence OpenSSL::Test::setup() 2020-02-18 09:45:53 +01:00
gmdifftest.c
gosttest.c TLS Cipher Suite 0xC102 Support 2020-04-02 18:01:41 +03:00
handshake_helper.c TLS: use EVP for HMAC throughout libssl. 2020-01-29 19:49:23 +10:00
handshake_helper.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
hmactest.c Deprecate the low level HMAC functions 2020-01-29 19:49:23 +10:00
http_test.c Chunk 10 of CMP contribution to OpenSSL: CMP http client and related tests 2020-04-02 18:17:00 +02:00
ideatest.c Deprecate the low level IDEA functions. 2020-01-19 10:38:49 +10:00
igetest.c Deprecate the AES_ige_*() functions 2019-12-04 17:46:38 +00:00
keymgmt_internal_test.c Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields 2020-04-01 15:51:18 +10:00
legacy.cnf test/recipes/30-test_evp.t: Modify to test with different providers 2019-07-26 18:14:41 +02:00
lhash_test.c
mdc2_internal_test.c Deprecate the low level MDC2 functions. 2020-01-12 12:02:17 +10:00
mdc2test.c Deprecate the low level MDC2 functions. 2020-01-12 12:02:17 +10:00
memleaktest.c test/memleaktest.c: Modify for use with address/leak sanitizer 2019-12-10 14:16:12 +01:00
modes_internal_test.c Deprecate the low level AES functions 2020-01-06 15:09:57 +00:00
namemap_internal_test.c Modify EVP_CIPHER_is_a() and EVP_MD_is_a() to handle legacy methods too 2020-01-17 08:59:41 +01:00
ocspapitest.c Constify various mostly X509-related parameter types in crypto/ and apps/ 2020-03-23 08:30:37 +01:00
ossl_test_endian.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
P1ss.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
P2ss.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
p_test.c Add test for providers exposing OSSL_FUNC_PROVIDER_GET_REASON_STRINGS 2020-03-30 17:06:56 +03:00
packettest.c Make the PACKET/WPACKET code available to both libcrypto and libssl 2019-07-12 06:26:46 +10:00
param_build_test.c Param builder: Remove the static size limit. 2020-03-28 12:27:22 +10:00
params_api_test.c test/params_api_test.c: Correct the checks of OSSL_PARAM_set_BN() 2019-11-03 11:19:04 +01:00
params_conversion_test.c Fix common test framework options 2020-02-03 11:41:56 +00:00
params_test.c
pbelutest.c
pemtest.c
pkcs7-1.pem
pkcs7.pem
pkey_meth_kdf_test.c
pkey_meth_test.c
pkits-test.pl
poly1305_internal_test.c Add ChaCha related ciphers to default provider 2019-10-16 16:18:42 +10:00
property_test.c Properties: make query cache reference count aware. 2019-11-18 18:51:26 +10:00
provider_internal_test.c Load the config file by default 2019-08-01 09:59:20 +01:00
provider_internal_test.cnf.in Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
provider_test.c
rc2test.c Deprecate the low level RC2 functions 2020-01-16 07:07:27 +10:00
rc4test.c Deprecate the low level SHA functions. 2020-01-19 10:14:39 +10:00
rc5test.c Deprecate the low level RC5 functions 2020-01-16 07:07:27 +10:00
rdrand_sanitytest.c Remove extern declarations of OPENSSL_ia32cap_P 2019-09-01 15:41:58 +02:00
README TEST: Add test recipe and help program to test BIO_f_prefix() 2019-12-18 19:42:44 +01:00
README.external
README.ssltest.md Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
recordlentest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
rsa_complex.c
rsa_mp_test.c Deprecate the low level RSA functions. 2020-02-20 18:58:40 +10:00
rsa_sp800_56b_test.c RSA generation: Use more bits of 1/sqrt(2) 2019-11-09 16:01:54 +01:00
rsa_test.c Deprecate the low level RSA functions. 2020-02-20 18:58:40 +10:00
run_tests.pl Rework test/run_tests.pl to support selective verbosity and TAP copy 2019-09-12 14:38:00 +02:00
sanitytest.c
secmemtest.c Make secure-memory be a config option 2020-02-14 15:18:27 +01:00
serverinfo2.pem
serverinfo.pem
servername_test.c Fix common test framework options 2020-02-03 11:41:56 +00:00
session.pem
shibboleth.pfx
shlibloadtest.c Reorganize public header files (part 1) 2019-09-28 20:26:36 +02:00
siphash_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
sm2_internal_test.c [test] Make sm2_internal_test less fragile to changes in the ec module 2020-04-01 18:50:20 +03:00
sm4_internal_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
smcont.txt
sparse_array_test.c Reorganize private crypto header files 2019-09-28 20:26:34 +02:00
srptest.c
ssl_cert_table_internal_test.c Reorganize local header files 2019-09-28 20:26:35 +02:00
ssl_ctx_test.c Add ssl_ctx_test to test suite. 2019-11-08 08:23:15 +01:00
ssl_test_ctx_test.c Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
ssl_test_ctx_test.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
ssl_test_ctx.c
ssl_test_ctx.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
ssl_test.c Fix common test framework options 2020-02-03 11:41:56 +00:00
ssl_test.tmpl
sslapitest.c Use the new library context aware SRP functions in sslapitest 2020-03-27 11:29:26 +00:00
sslbuffertest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
sslcorrupttest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
sslprovidertest.c Extend the sslprovider_test to be able to additionally test FIPS 2020-04-01 17:29:13 +01:00
ssltest_old.c Deprecate the low level Diffie-Hellman functions. 2020-02-20 19:04:57 +10:00
ssltestlib.c Describe the "want" parameter in int create_bare_ssl_connection() 2020-03-30 14:39:29 +01:00
ssltestlib.h Fix header file include guard names 2019-09-28 20:26:36 +02:00
stack_test.c
sysdefault.cnf
sysdefaulttest.c
test_test.c Fix --strict-warnings build 2019-08-18 21:45:16 +02:00
test.cnf Add -section option to 'req' command 2020-03-07 12:58:02 +03:00
testcrl.pem
testdsa.pem
testdsapub.pem
testec-p256.pem
testecpub-p256.pem
tested448.pem More testing for CLI usage of Ed25519 and Ed448 keys 2019-12-11 18:37:53 +01:00
tested448pub.pem More testing for CLI usage of Ed25519 and Ed448 keys 2019-12-11 18:37:53 +01:00
tested25519.pem More testing for CLI usage of Ed25519 and Ed448 keys 2019-12-11 18:37:53 +01:00
tested25519pub.pem More testing for CLI usage of Ed25519 and Ed448 keys 2019-12-11 18:37:53 +01:00
testp7.pem
testreq2.pem
testrsa.pem
testrsapub.pem
testsid.pem
testutil.h Fix common test framework options 2020-02-03 11:41:56 +00:00
testx509.pem
threadstest.c
time_offset_test.c
tls13ccstest.c Fix common test framework options 2020-02-03 11:41:56 +00:00
tls13encryptiontest.c Reorganize local header files 2019-09-28 20:26:35 +02:00
tls13secretstest.c Use a fetched cipher for the TLSv1.3 early secret 2020-03-26 13:46:43 +00:00
uitest.c
Uss.cnf Use .cnf for config files, not .conf 2020-03-06 18:25:13 +01:00
v3-cert1.pem
v3-cert2.pem
v3ext.c Fix common test framework options 2020-02-03 11:41:56 +00:00
v3nametest.c
verify_extra_test.c TEST: Adapt all applicable tests to the new distinguishing ID 2020-03-15 19:42:05 +01:00
versions.c
wpackettest.c Add a WPACKET test for the new DER capability 2020-04-04 10:35:09 +01:00
x509_check_cert_pkey_test.c Fix common test framework options 2020-02-03 11:41:56 +00:00
x509_dup_cert_test.c Fix common test framework options 2020-02-03 11:41:56 +00:00
x509_internal_test.c
x509_time_test.c coverity 1456639: fix NULL dereference 2020-01-05 18:05:14 +10:00
x509aux.c Fix common test framework options 2020-02-03 11:41:56 +00:00

How to add recipes
==================

For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.

Please note that if a test involves a new testing executable, you will need to
do some additions in test/build.info. Please refer to the section "Changes to 
test/build.info" below.


Naming conventions
=================

A test executable is named test/{name}test.c

A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.

The number {nn} is (somewhat loosely) grouped as follows:

00-04  sanity, internal and essential API tests
05-09  individual symmetric cipher algorithms
10-14  math (bignum)
15-19  individual asymmetric cipher algorithms
20-24  openssl commands (some otherwise not tested)
25-29  certificate forms, generation and verification
30-35  engine and evp
60-79  APIs:
   60  X509 subsystem
   61  BIO subsystem
   65  CMP subsystem
   70  PACKET layer
80-89  "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98  misc
99     most time consuming tests [such as test_fuzz]


A recipe that just runs a test executable
=========================================

A script that just runs a program looks like this:

    #! /usr/bin/perl

    use OpenSSL::Test::Simple;

    simple_test("test_{name}", "{name}test", "{name}");

{name} is the unique name you have chosen for your test.

The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/

For documentation on OpenSSL::Test::Simple, do
`perldoc util/perl/OpenSSL/Test/Simple.pm'.


A recipe that runs a more complex test
======================================

For more complex tests, you will need to read up on Test::More and
OpenSSL::Test.  Test::More is normally preinstalled, do `man Test::More' for
documentation.  For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm'.

A script to start from could be this:

    #! /usr/bin/perl

    use strict;
    use warnings;
    use OpenSSL::Test;

    setup("test_{name}");

    plan tests => 2;                # The number of tests being performed

    ok(test1, "test1");
    ok(test2, "test1");

    sub test1
    {
        # test feature 1
    }

    sub test2
    {
        # test feature 2
    }


Changes to test/build.info
==========================

Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):

* add {name} to the list of programs under PROGRAMS_NO_INST

* create a three line description of how to build the test, you will have
to modify the include paths and source files if you don't want to use the
basic test framework:

    SOURCE[{name}]={name}.c
    INCLUDE[{name}]=.. ../include ../apps/include
    DEPEND[{name}]=../libcrypto libtestutil.a

Generic form of C test executables
==================================

    #include "testutil.h"

    static int my_test(void)
    {
        int testresult = 0;                 /* Assume the test will fail    */
        int observed;

        observed = function();              /* Call the code under test     */
        if (!TEST_int_eq(observed, 2))      /* Check the result is correct  */
            goto end;                       /* Exit on failure - optional   */

        testresult = 1;                     /* Mark the test case a success */
    end:
        cleanup();                          /* Any cleanup you require      */
        return testresult;
    }

    int setup_tests(void)
    {
        ADD_TEST(my_test);                  /* Add each test separately     */
        return 1;                           /* Indicate success             */
    }

You should use the TEST_xxx macros provided by testutil.h to test all failure
conditions.  These macros produce an error message in a standard format if the
condition is not met (and nothing if the condition is met).  Additional
information can be presented with the TEST_info macro that takes a printf
format string and arguments.  TEST_error is useful for complicated conditions,
it also takes a printf format string and argument.  In all cases the TEST_xxx
macros are guaranteed to evaluate their arguments exactly once.  This means
that expressions with side effects are allowed as parameters.  Thus,

    if (!TEST_ptr(ptr = OPENSSL_malloc(..)))

works fine and can be used in place of:

    ptr = OPENSSL_malloc(..);
    if (!TEST_ptr(ptr))

The former produces a more meaningful message on failure than the latter.