openssl/test
Dr. Matthias St. Pierre 8212d50576 crypto/rand: restore the generic DRBG implementation
The DRGB concept described in NIST SP 800-90A provides for having different
algorithms to generate random output. In fact, the FIPS object module used to
implement three of them, CTR DRBG, HASH DRBG and HMAC DRBG.

When the FIPS code was ported to master in #4019, two of the three algorithms
were dropped, and together with those the entire code that made RAND_DRBG
generic was removed, since only one concrete implementation was left.

This commit restores the original generic implementation of the DRBG, making it
possible again to add additional implementations using different algorithms
(like RAND_DRBG_CHACHA20) in the future.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4998)
2018-01-04 11:47:31 +10:00
..
certs Modify expected output of a CRL to match the changed printout 2017-11-16 01:19:55 +01:00
ct
d2i-tests
ocsp-tests Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL 2017-08-16 14:32:38 -04:00
ossl_shim Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
recipes Test that supported_groups is permitted in ServerHello 2018-01-03 09:43:54 -06:00
smime-certs Add alternative CMS P-256 cert 2017-08-10 16:48:18 +01:00
ssl-tests Fix minor 'the the' typos 2018-01-02 15:30:22 +00:00
testutil Fix invalid function type casts. 2017-12-15 19:33:48 +01:00
aborttest.c
afalgtest.c fix --strict-warnings 2017-12-08 10:39:52 +00:00
asn1_encode_test.c Resolve warnings in VC-WIN32 build, which allows to add /WX. 2017-11-13 10:58:57 +01:00
asn1_internal_test.c Fix AppVeyor/VC build failure 2017-11-16 14:02:27 +01:00
asn1_string_table_test.c [Win] Fix some test method signatures ... 2017-08-16 10:36:34 -04:00
asn1_time_test.c Resolve warnings in VC-WIN32 build, which allows to add /WX. 2017-11-13 10:58:57 +01:00
asynciotest.c Update ServerHello to new draft-22 format 2017-12-14 15:06:37 +00:00
asynctest.c
bad_dtls_test.c Remove unicode characters from source 2017-12-08 11:56:37 +01:00
bftest.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
bio_enc_test.c Fix no-chacha and no-poly1305 2017-08-25 11:34:08 +01:00
bioprinttest.c
bntest.c test/bntest.c: add rsaz_1024_mul_avx2 regression test. 2017-12-06 15:36:20 +00:00
bntests.pl
build.info Add some TLSv1.3 CCS tests 2017-12-14 15:06:38 +00:00
CAss.cnf
CAssdh.cnf
CAssdsa.cnf
CAssrsa.cnf
casttest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
CAtsa.cnf
chacha_internal_test.c
cipher_overhead_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
cipherbytes_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
cipherlist_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
ciphername_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
clienthellotest.c Implement session id TLSv1.3 middlebox compatibility mode 2017-12-14 15:06:37 +00:00
cms-examples.pl
constant_time_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
crltest.c Factorise duplicated code. 2017-11-13 07:52:35 -05:00
ct_test.c Resolve warnings in VC-WIN32 build, which allows to add /WX. 2017-11-13 10:58:57 +01:00
ctype_internal_test.c e_os.h removal from other headers and source files. 2017-08-30 07:20:43 +10:00
d2i_test.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
danetest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
danetest.in
danetest.pem
destest.c
dhtest.c Allow DH_set0_key with only private key. 2017-09-26 14:48:51 +02:00
drbgtest.c crypto/rand: restore the generic DRBG implementation 2018-01-04 11:47:31 +10:00
drbgtest.h
dsatest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
dtls_mtu_test.c
dtlstest.c add callback handler for setting DTLS timer interval 2017-09-06 08:30:00 +02:00
dtlsv1listentest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
ecdsatest.c [Win] Fix some test method signatures ... 2017-08-16 10:36:34 -04:00
ecstresstest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
ectest.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
enginetest.c Add EVP_PKEY_METHOD redirection test 2017-10-12 00:03:32 +01:00
evp_extra_test.c Fix no-ec 2017-12-08 08:29:17 -06:00
evp_test.c Don't assume shared key length matches expected length 2017-10-12 02:40:30 +01:00
evp_test.h
exdatatest.c
exptest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
fatalerrtest.c Fix the buffer sizing in the fatalerrtest 2017-12-07 14:35:30 +00:00
generate_buildtest.pl
generate_ssl_tests.pl Consolidate the locations where we have our internal perl modules 2017-08-15 11:30:47 +02:00
gmdifftest.c
handshake_helper.c Fix coverity nit in handshake_helper.c 2017-12-08 09:16:36 -06:00
handshake_helper.h Use ChaCha only if prioritized by clnt 2017-11-30 07:13:08 +10:00
hmactest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
ideatest.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
igetest.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
lhash_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
md2test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
mdc2_internal_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
mdc2test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
memleaktest.c
modes_internal_test.c Create a prototype for OPENSSL_rdtsc 2017-11-25 14:30:11 +01:00
ocspapitest.c Wrap more of ocspapitest.c in OPENSSL_NO_OCSP 2017-12-08 09:16:36 -06:00
P1ss.cnf
P2ss.cnf
packettest.c Resolve warnings in VC-WIN32 build, which allows to add /WX. 2017-11-13 10:58:57 +01:00
pbelutest.c
pemtest.c
pkcs7-1.pem
pkcs7.pem
pkey_meth_kdf_test.c Add PKEY_CTX setter tests for TLS1-PRF 2017-08-21 10:05:14 +01:00
pkey_meth_test.c [Win] Fix some test method signatures ... 2017-08-16 10:36:34 -04:00
pkits-test.pl Many spelling fixes/typo's corrected. 2017-11-11 19:03:10 -05:00
poly1305_internal_test.c Create a prototype for OPENSSL_rdtsc 2017-11-25 14:30:11 +01:00
rc2test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
rc4test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
rc5test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
README Fix test documentation. 2017-09-08 13:58:59 -05:00
README.external Many spelling fixes/typo's corrected. 2017-11-11 19:03:10 -05:00
README.ssltest.md Session resume broken switching contexts 2017-10-04 10:21:08 +10:00
recordlentest.c
rsa_mp_test.c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits. 2017-11-28 20:05:48 +01:00
rsa_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
run_tests.pl test/run_tests.pl: don't use Module::Load::Conditional. 2017-09-02 20:20:51 +02:00
sanitytest.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
secmemtest.c Fix some Typos and indents 2017-08-11 10:16:33 -04:00
serverinfo2.pem
serverinfo.pem
servername_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
session.pem
shibboleth.pfx
shlibloadtest.c
siphash_internal_test.c Create a prototype for OPENSSL_rdtsc 2017-11-25 14:30:11 +01:00
sm4_internal_test.c SM4: Add SM4 block cipher to EVP 2017-10-31 15:19:14 +10:00
smcont.txt
srptest.c
ssl_cert_table_internal_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
ssl_test_ctx_test.c Use ChaCha only if prioritized by clnt 2017-11-30 07:13:08 +10:00
ssl_test_ctx_test.conf Implement Maximum Fragment Length TLS extension. 2017-11-05 17:46:48 +01:00
ssl_test_ctx.c Use ChaCha only if prioritized by clnt 2017-11-30 07:13:08 +10:00
ssl_test_ctx.h Use ChaCha only if prioritized by clnt 2017-11-30 07:13:08 +10:00
ssl_test.c Use ChaCha only if prioritized by clnt 2017-11-30 07:13:08 +10:00
ssl_test.tmpl
sslapitest.c If a server is not acknowledging SNI then don't reject early_data 2017-11-21 17:46:22 +00:00
sslbuffertest.c Fix some typo and comments 2017-08-12 20:07:17 +02:00
sslcorrupttest.c
ssltest_old.c Consistent formatting for sizeof(foo) 2017-12-07 19:11:49 -05:00
ssltestlib.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
ssltestlib.h
Sssdsa.cnf
Sssrsa.cnf
stack_test.c Add a reserve call to the stack data structure. 2017-09-28 06:53:40 +10:00
test_test.c Test support for time_t comparisons. 2017-11-28 08:56:45 +10:00
test.cnf
testcrl.pem
testdsa.pem
testdsapub.pem
testec-p256.pem
testecpub-p256.pem
testp7.pem
testreq2.pem
testrsa.pem
testrsapub.pem
testsid.pem
testutil.h Test support for time_t comparisons. 2017-11-28 08:56:45 +10:00
testx509.pem
threadstest.c
time_offset_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
tls13ccstest.c Fix some clang compilation errors 2017-12-14 15:06:38 +00:00
tls13encryptiontest.c e_os.h removal from other headers and source files. 2017-08-30 07:20:43 +10:00
tls13secretstest.c Convert the state machine code to use SSLfatal() 2017-12-04 13:31:48 +00:00
uitest.c [Win] Fix some test method signatures ... 2017-08-16 10:36:34 -04:00
Uss.cnf
v3-cert1.pem
v3-cert2.pem
v3ext.c
v3nametest.c Move e_os.h to be the very first include. 2017-08-30 07:20:44 +10:00
verify_extra_test.c
wpackettest.c
x509_check_cert_pkey_test.c
x509_dup_cert_test.c
x509_internal_test.c Iron out /WX errors in VC-WIN32. 2017-11-17 21:22:26 +01:00
x509_time_test.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00
x509aux.c Use "" not <> for internal/ includes 2017-08-22 09:54:20 -04:00

How to add recipes
==================

For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.

Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile.  More on this later.


Naming conventions
=================

A test executable is named test/{name}test.c

A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.

The number {nn} is (somewhat loosely) grouped as follows:

00-04  sanity, internal and essential API tests
05-09  individual symmetric cipher algorithms
10-14  math (bignum)
15-19  individual asymmetric cipher algorithms
20-24  openssl commands (some otherwise not tested)
25-29  certificate forms, generation and verification
30-35  engine and evp
60-79  APIs
   70  PACKET layer
80-89  "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98  misc
99     most time consuming tests [such as test_fuzz]


A recipe that just runs a test executable
=========================================

A script that just runs a program looks like this:

    #! /usr/bin/perl

    use OpenSSL::Test::Simple;

    simple_test("test_{name}", "{name}test", "{name}");

{name} is the unique name you have chosen for your test.

The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/

For documentation on OpenSSL::Test::Simple, do
`perldoc util/perl/OpenSSL/Test/Simple.pm'.


A recipe that runs a more complex test
======================================

For more complex tests, you will need to read up on Test::More and
OpenSSL::Test.  Test::More is normally preinstalled, do `man Test::More' for
documentation.  For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm'.

A script to start from could be this:

    #! /usr/bin/perl

    use strict;
    use warnings;
    use OpenSSL::Test;

    setup("test_{name}");

    plan tests => 2;                # The number of tests being performed

    ok(test1, "test1");
    ok(test2, "test1");

    sub test1
    {
        # test feature 1
    }

    sub test2
    {
        # test feature 2
    }


Changes to test/build.info
==========================

Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):

* add {name} to the list of programs under PROGRAMS_NO_INST

* create a three line description of how to build the test, you will have
to modify the include paths and source files if you don't want to use the
basic test framework:

    SOURCE[{name}]={name}.c
    INCLUDE[{name}]=.. ../include
    DEPEND[{name}]=../libcrypto libtestutil.a

Generic form of C test executables
==================================

    #include "testutil.h"

    static int my_test(void)
    {
        int testresult = 0;                 /* Assume the test will fail    */
        int observed;

        observed = function();              /* Call the code under test     */
        if (!TEST_int_equal(observed, 2))   /* Check the result is correct  */
            goto end;                       /* Exit on failure - optional   */

        testresult = 1;                     /* Mark the test case a success */
    end:
        cleanup();                          /* Any cleanup you require      */
        return testresult;
    }

    int setup_tests(void)
    {
        ADD_TEST(my_test);                  /* Add each test separately     */
        return 1;                           /* Indicate success             */
    }

You should use the TEST_xxx macros provided by testutil.h to test all failure
conditions.  These macros produce an error message in a standard format if the
condition is not met (and nothing if the condition is met).  Additional
information can be presented with the TEST_info macro that takes a printf
format string and arguments.  TEST_error is useful for complicated conditions,
it also takes a printf format string and argument.  In all cases the TEST_xxx
macros are guaranteed to evaluate their arguments exactly once.  This means
that expressions with side effects are allowed as parameters.  Thus,

    if (!TEST_ptr(ptr = OPENSSL_malloc(..)))

works fine and can be used in place of:

    ptr = OPENSSL_malloc(..);
    if (!TEST_ptr(ptr))

The former produces a more meaningful message on failure than the latter.