mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
04cb5ec0b7
The default and legacy providers currently return 1 for status and self test checks. Added test to show the 3 different stages the self test can be run (for installation, loading and on demand). For the fips provider: - If the on demand self test fails, then any subsequent fetches should also fail. To implement this the cached algorithms are flushed on failure. - getting the self test callback in the fips provider is a bit complicated since the callback hangs off the core libctx (as it is set by the application) not the actual fips library context. Also the callback can be set at any time not just during the OSSL_provider_init() so it is calculated each time before doing any self test. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11752)
41 lines
1.1 KiB
Perl
41 lines
1.1 KiB
Perl
#! /usr/bin/env perl
|
|
# Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
# this file except in compliance with the License. You can obtain a copy
|
|
# in the file LICENSE in the source distribution or at
|
|
# https://www.openssl.org/source/license.html
|
|
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use OpenSSL::Test qw(:DEFAULT data_file bldtop_dir srctop_file srctop_dir bldtop_file);
|
|
use OpenSSL::Test::Utils;
|
|
|
|
BEGIN {
|
|
setup("test_provider_status");
|
|
}
|
|
|
|
use lib srctop_dir('Configurations');
|
|
use lib bldtop_dir('.');
|
|
use platform;
|
|
|
|
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
|
|
|
|
plan skip_all => "provider_status is not supported by this test"
|
|
if $no_fips;
|
|
|
|
plan tests => 2;
|
|
|
|
my $infile = bldtop_file('providers', platform->dso('fips'));
|
|
|
|
ok(run(app(['openssl', 'fipsinstall',
|
|
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
|
|
'-module', $infile])),
|
|
"fipsinstall");
|
|
|
|
ok(run(test(["provider_status_test", "-config", srctop_file("test","fips.cnf"),
|
|
"-provider_name", "fips"])),
|
|
"running provider_status_test");
|