openssl/test
Ingo Franzki e113a92e29 test/hmactest: Add further tests for HMAC with multiple update calls
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25161)
2024-08-19 18:23:35 +02:00
..
certs test: the basicAttConstraints X.509v3 extension 2024-07-24 16:14:17 -04:00
ct
d2i-tests
helpers that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
ocsp-tests
quic-openssl-docker Move docker files to test 2024-08-16 14:34:08 -04:00
recipes Revert "test: update EdDSA tests for FIPS and no pre-hashing" 2024-08-16 11:32:37 +10:00
smime-certs
smime-eml
ssl-tests Allow an empty NPN/ALPN protocol list in the tests 2024-06-27 10:30:51 +01:00
testutil Add FIPS DSA Keygen tests 2024-08-06 11:01:13 +02:00
aborttest.c
acvp_test.c CI: Fix GCM IV check in acvp_test for crosstest 2024-08-19 10:25:41 +02:00
acvp_test.inc Restrict salt length for RSA-PSS in the FIPS provider 2024-08-13 09:55:36 +10:00
aesgcmtest.c
afalgtest.c
algorithmid_test.c
asn1_decode_test.c
asn1_dsa_internal_test.c
asn1_encode_test.c Prefer ARRAY_SIZE(...) 2024-07-22 06:55:35 -04:00
asn1_internal_test.c
asn1_stable_parse_test.c
asn1_string_table_test.c
asn1_time_test.c
asynciotest.c
asynctest.c
bad_dtls_test.c Fix potential memory leak in test_bad_dtls 2024-05-29 13:26:05 +01:00
bftest.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
bio_addr_test.c
bio_callback_test.c
bio_comp_test.c
bio_core_test.c
bio_dgram_test.c
bio_enc_test.c fix Coverity 1604662 2024-07-27 10:07:35 -04:00
bio_memleak_test.c
bio_meth_test.c
bio_prefix_text.c
bio_readbuffer_test.c
bio_tfo_test.c
bioprinttest.c Prefer ARRAY_SIZE(...) 2024-07-22 06:55:35 -04:00
bn_internal_test.c
bn_rand_range.h
bntest.c open brace '{' following struct go on the same line 2024-07-22 06:55:35 -04:00
bntests.pl
build_wincrypt_test.c
build.info Remove the event queue code 2024-08-07 19:48:26 +02:00
ca_internals_test.c
ca-and-certs.cnf
casttest.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
CAtsa.cnf
cc_dummy.c
cert_comp_test.c
chacha_internal_test.c
cipher_overhead_test.c
cipherbytes_test.c
cipherlist_test.c
ciphername_test.c Add support for integrity-only cipher suites for TLS v1.3 2024-05-14 15:39:15 +02:00
clienthellotest.c ssl_sess.c: deprecate SSL_SESSION_get_time/SSL_SESSION_set_time 2024-05-30 18:31:22 +02:00
cmactest.c
cmp_asn_test.c
cmp_client_test.c
cmp_ctx_test.c
cmp_hdr_test.c cmp_hdr_test.c: Fix leaks in error cases 2024-05-30 18:43:12 +02:00
cmp_msg_test.c
cmp_protect_test.c Revert "test: omit failing test when using a FIPS provider that supports eddsa_no_verify_digested" 2024-08-16 11:32:37 +10:00
cmp_server_test.c
cmp_status_test.c
cmp_vfy_test.c
cms-examples.pl
cmsapitest.c Fix coverity-993406 2024-07-26 13:16:10 -04:00
conf_include_test.c
confdump.c
constant_time_test.c
context_internal_test.c
crltest.c Fix unpredictible refcount handling of d2i functions 2024-08-16 10:07:52 +02:00
ct_test.c
ctype_internal_test.c
curve448_internal_test.c
d2i_test.c
dane-cross.in
danetest.c
danetest.in
danetest.pem
data2.bin
data.bin
decap_out.bin Encap/decap in pkeyutl - tests 2024-08-13 11:03:11 +02:00
decoder_propq_test.c
default-and-fips.cnf
default-and-jitter.cnf jitter: add a new provider containing a jitter entropy source alone 2024-07-31 14:44:51 +10:00
default-and-legacy.cnf
default.cnf
defltfips_test.c
destest.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
dhkem_test.inc
dhtest.c
drbgtest.c fips: allow to customize provider vendor name 2024-08-15 08:33:48 +10:00
dsa_no_digest_size_test.c
dsatest.c Add FIPS DSA Keygen tests 2024-08-06 11:01:13 +02:00
dtls_mtu_test.c
dtlstest.c
dtlsv1listentest.c
ec_internal_test.c Allow group methods to customize initialization for speed 2024-06-05 11:11:52 +02:00
ecdsatest.c
ecdsatest.h
ecstresstest.c ecstresstest.c: Fix memory leak on error 2024-05-28 15:54:40 +02:00
ectest.c
encap_out.bin Encap/decap in pkeyutl - tests 2024-08-13 11:03:11 +02:00
encap_secret.bin Encap/decap in pkeyutl - tests 2024-08-13 11:03:11 +02:00
endecode_test.c
endecoder_legacy_test.c
enginetest.c
errtest.c
evp_byname_test.c evp_get_digest/cipherbyname_ex(): Try to fetch if not found 2024-07-31 11:25:55 +02:00
evp_extra_test2.c
evp_extra_test.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
evp_fetch_prov_test.c
evp_kdf_test.c Restrict digest algorithm used in KDFs 2024-07-24 13:16:08 +10:00
evp_libctx_test.c Add FIPS DSA Keygen tests 2024-08-06 11:01:13 +02:00
evp_pkey_ctx_new_from_name.c
evp_pkey_dhkem_test.c
evp_pkey_dparams_test.c
evp_pkey_provided_test.c
evp_test.c Change existing evp_test KeyGen Ctrls to use provider algorithm 2024-08-15 15:21:14 -04:00
evp_xof_test.c Intentionally break EVP_DigestFinal for SHAKE128 and SHAKE256 2024-05-15 12:10:32 +02:00
exdatatest.c
exptest.c
ext_internal_test.c
fake_rsaprov.c
fake_rsaprov.h
fatalerrtest.c
ffc_internal_test.c
filterprov.c
filterprov.h
fips_version_test.c
fips-alt.cnf
fips-and-base.cnf
fips.cnf
generate_buildtest.pl
generate_ssl_tests.pl
gmdifftest.c
hexstr_test.c open brace '{' following struct go on the same line 2024-07-22 06:55:35 -04:00
hmactest.c test/hmactest: Add further tests for HMAC with multiple update calls 2024-08-19 18:23:35 +02:00
hpke_test.c open brace '{' following struct go on the same line 2024-07-22 06:55:35 -04:00
http_test.c
ideatest.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
igetest.c
insta_ca.cert.pem
insta.priv.pem
invalid-x509.cnf
json_test.c
keymgmt_internal_test.c
legacy.cnf
lhash_test.c
list_test.c
localetest.c
mdc2_internal_test.c
mdc2test.c
membio_test.c
memleaktest.c
modes_internal_test.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
moduleloadtest.c
namemap_internal_test.c
nodefltctxtest.c
null.cnf
ocspapitest.c
ossl_store_test.c
p_minimal.c
p_test.c
packettest.c
pairwise_fail_test.c
param_build_test.c
params_api_test.c
params_conversion_test.c
params_test.c
pathed.cnf
pbelutest.c
pbetest.c
pem_read_depr_test.c
pemtest.c
pkcs7_test.c
pkcs7-1.pem
pkcs7.pem
pkcs12_api_test.c
pkcs12_format_test.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
pkey_meth_kdf_test.c
pkey_meth_test.c
pkits-test.pl
poly1305_internal_test.c
priority_queue_test.c
property_test.c
prov_config_test.c test/prov_config_test.c: Cleanup and fix potential leaks 2024-06-07 08:42:46 +02:00
provfetchtest.c
provider_default_search_path_test.c
provider_fallback_test.c
provider_internal_test.c test: add a default greeting to avoid printing a null pointer. 2024-08-19 08:31:15 +10:00
provider_internal_test.cnf.in
provider_pkey_test.c
provider_status_test.c Fix usage of deallocated EVP_RAND_CTX after execution of FIPS on-demand self tests 2024-06-24 19:02:43 +02:00
provider_test.c
proxy.cnf
punycode_test.c
quic_ackm_test.c
quic_cc_test.c
quic_cfq_test.c
quic_client_test.c unnecessary whitespace before a quoted newline 2024-07-22 06:55:35 -04:00
quic_fc_test.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
quic_fifd_test.c
quic_lcidm_test.c
quic_multistream_test.c Disable 70-test_quic_multistream.t when building with PUT threads. 2024-06-04 14:43:45 +02:00
quic_newcid_test.c
quic_qlog_test.c
quic_rcidm_test.c
quic_record_test_util.h
quic_record_test.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
quic_srt_gen_test.c
quic_srtm_test.c
quic_stream_test.c
quic_tserver_test.c
quic_txp_test.c
quic_txpim_test.c
quic_wire_test.c
quicapitest.c Add support for integrity-only cipher suites for TLS v1.3 2024-05-14 15:39:15 +02:00
quicfaultstest.c
rand_status_test.c
rand_test.c Fix the provider compatibility CI 2024-07-19 17:32:05 +02:00
rc2test.c
rc4test.c
rc5test.c
rdcpu_sanitytest.c
README-dev.md
README-external.md
README.md
README.ssltest.md
recordlentest.c
recursive.cnf
rpktest.c
rsa_complex.c
rsa_mp_test.c
rsa_sp800_56b_test.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
rsa_test.c
rsa_x931_test.c
run_tests.pl
safe_math_test.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
sanitytest.c
secmemtest.c
serverinfo2.pem
serverinfo.pem
servername_test.c
session.pem
sha_test.c
shibboleth.pfx
shlibloadtest.c
simpledynamic.c
simpledynamic.h
siphash_internal_test.c
sm2_internal_test.c
sm3_internal_test.c
sm4_internal_test.c
smcont_zero.txt
smcont.bin
smcont.txt
sparse_array_test.c
srptest.c
ssl_cert_table_internal_test.c
ssl_ctx_test.c
ssl_handshake_rtt_test.c
ssl_old_test.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
ssl_test_ctx_test.c
ssl_test_ctx_test.cnf
ssl_test.c
ssl_test.tmpl
sslapitest.c sslapitest: add meaningful skip messages 2024-08-07 19:35:51 +02:00
sslbuffertest.c that open brace { should be on the previous line 2024-07-22 06:55:35 -04:00
sslcorrupttest.c
stack_test.c
strtoultest.c Fix typos found by codespell 2024-08-07 19:09:43 +02:00
sysdefaulttest.c Suppress a spurious error from the sysdefault test 2024-05-15 12:14:24 +02:00
test_asn1_parse.cnf
test_test.c
test.cnf extend X509_REQ_add_extensions_nid() and thuis APPS/req to support augmenting/overriding existing extensions 2024-07-10 16:19:26 +02:00
testcrl.pem
testdsa.pem
testdsapub.pem
testec-p112r1.pem
testec-p256.pem
testecpub-p256.pem
tested448.pem
tested448pub.pem
tested25519.pem
tested25519pub.pem
testp7.pem
testreq2.pem
testrsa2048.pem
testrsa2048pub.pem
testrsa_withattrs.der
testrsa_withattrs.pem
testrsa.pem
testrsapss.pem
testrsapssmandatory.pem
testrsapub.pem
testsid.pem
testutil.h
testx509.pem
threadpool_test.c Fix mem leak in threadpool_test.c 2024-05-20 10:11:35 +02:00
threadstest_fips.c
threadstest.c threads_win: fix build error with VS2010 x86 2024-07-01 10:02:02 +02:00
threadstest.h
time_offset_test.c
time_test.c
timing_load_creds.c
tls13ccstest.c
tls13encryptiontest.c
tls13secretstest.c Add support for integrity-only cipher suites for TLS v1.3 2024-05-14 15:39:15 +02:00
tls-provider.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
trace_api_test.c
uitest.c
upcallstest.c
user_property_test.c
v3_ca_exts.cnf
v3-cert1.pem
v3-cert2.pem
v3ext.c
v3nametest.c
verify_extra_test.c
versions.c
wpackettest.c Remove trailing whitespace 2024-07-22 06:55:35 -04:00
x509_acert_test.c
x509_check_cert_pkey_test.c
x509_dup_cert_test.c
x509_internal_test.c stricter parser for ipv4_from_asc 2024-06-24 15:43:12 +02:00
x509_load_cert_file_test.c
x509_req_test.c Fix memory leak in x509_req_test 2024-06-25 16:09:22 +02:00
x509_test.c Add test for ASN1_item_verify() 2024-06-21 10:03:42 +02:00
x509_time_test.c
x509aux.c

Using OpenSSL Tests

After a successful build, and before installing, the libraries should be tested. Run:

$ make test                                      # Unix
$ mms test                                       ! OpenVMS
$ nmake test                                     # Windows

Warning: you MUST run the tests from an unprivileged account (or disable your privileges temporarily if your platform allows it).

If some tests fail, take a look at the section Test Failures below.

Test Failures

If some tests fail, look at the output. There may be reasons for the failure that isn't a problem in OpenSSL itself (like an OS malfunction or a Perl issue). You may want increased verbosity, that can be accomplished like this:

Full verbosity, showing full output of all successful and failed test cases (make macro VERBOSE or V):

$ make V=1 test                                  # Unix
$ mms /macro=(V=1) test                          ! OpenVMS
$ nmake V=1 test                                 # Windows

Verbosity on failed (sub-)tests only (VERBOSE_FAILURE or VF or REPORT_FAILURES):

$ make test VF=1

Verbosity on failed (sub-)tests, in addition progress on succeeded (sub-)tests (VERBOSE_FAILURE_PROGRESS or VFP or REPORT_FAILURES_PROGRESS):

$ make test VFP=1

If you want to run just one or a few specific tests, you can use the make variable TESTS to specify them, like this:

$ make TESTS='test_rsa test_dsa' test            # Unix
$ mms/macro="TESTS=test_rsa test_dsa" test       ! OpenVMS
$ nmake TESTS="test_rsa test_dsa" test           # Windows

And of course, you can combine (Unix examples shown):

$ make test TESTS='test_rsa test_dsa' VF=1
$ make test TESTS="test_cmp_*" VFP=1

You can find the list of available tests like this:

$ make list-tests                                # Unix
$ mms list-tests                                 ! OpenVMS
$ nmake list-tests                               # Windows

Have a look at the manual for the perl module Test::Harness to see what other HARNESS_* variables there are.

To report a bug please open an issue on GitHub, at https://github.com/openssl/openssl/issues.

For more details on how the make variables TESTS can be used, see section Running Selected Tests below.

Running Selected Tests

The make variable TESTS supports a versatile set of space separated tokens with which you can specify a set of tests to be performed. With a "current set of tests" in mind, initially being empty, here are the possible tokens:

 alltests      The current set of tests becomes the whole set of available
               tests (as listed when you do 'make list-tests' or similar).

 xxx           Adds the test 'xxx' to the current set of tests.

-xxx           Removes 'xxx' from the current set of tests.  If this is the
               first token in the list, the current set of tests is first
               assigned the whole set of available tests, effectively making
               this token equivalent to TESTS="alltests -xxx".

 nn            Adds the test group 'nn' (which is a number) to the current
               set of tests.

-nn            Removes the test group 'nn' from the current set of tests.
               If this is the first token in the list, the current set of
               tests is first assigned the whole set of available tests,
               effectively making this token equivalent to
               TESTS="alltests -xxx".

Also, all tokens except for "alltests" may have wildcards, such as *. (on Unix and Windows, BSD style wildcards are supported, while on VMS, it's VMS style wildcards)

Examples

Run all tests except for the fuzz tests:

$ make TESTS='-test_fuzz*' test

or, if you want to be explicit:

$ make TESTS='alltests -test_fuzz*' test

Run all tests that have a name starting with "test_ssl" but not those starting with "test_ssl_":

$ make TESTS='test_ssl* -test_ssl_*' test

Run only test group 10:

$ make TESTS='10' test

Run all tests except the slow group (group 99):

$ make TESTS='-99' test

Run all tests in test groups 80 to 99 except for tests in group 90:

$ make TESTS='[89]? -90' test

To run specific fuzz tests you can use for instance:

$ make test TESTS='test_fuzz_cmp test_fuzz_cms'

To stochastically verify that the algorithm that produces uniformly distributed random numbers is operating correctly (with a false positive rate of 0.01%):

$ ./util/wrap.sh test/bntest -stochastic

Running Tests in Parallel

By default the test harness will execute the selected tests sequentially. Depending on the platform characteristics, running more than one test job in parallel may speed up test execution. This can be requested by setting the HARNESS_JOBS environment variable to a positive integer value. This specifies the maximum number of test jobs to run in parallel.

Depending on the Perl version different strategies could be adopted to select which test recipes can be run in parallel. In recent versions of Perl, unless specified otherwise, any task can be run in parallel. Consult the documentation for TAP::Harness to know more.

To run up to four tests in parallel at any given time:

$ make HARNESS_JOBS=4 test

Random numbers in tests

Some tests use random numbers as part of the test. In some cases a test failure may occur for some random numbers, but not for others. The seed used for the rand number generator can be set via the OPENSSL_TEST_RAND_SEED environment variable. It can also be set via the OPENSSL_TEST_RAND_ORDER environment variable which additionally randomises the order tests are run in (see below).

When a test fails the test harness will display the seed used during the test (displaying either the OPENSSL_TEST_RAND_SEED or OPENSSL_TEST_RAND_ORDER environment variable value that must be used to recreate the results), e.g.

$ make OPENSSL_TEST_RAND_SEED=42 test

Randomisation of Test Ordering

By default, the test harness will execute tests in the order they were added. By setting the OPENSSL_TEST_RAND_ORDER environment variable to zero, the test ordering will be randomised. This additionally seeds the random number generator used within the tests as described in the section above. If a randomly ordered test fails, the seed value used will be reported. Setting the OPENSSL_TEST_RAND_ORDER environment variable to this value will rerun the tests in the same order and will also seed the test random number generator. This assures repeatability of randomly ordered test runs. This repeatability is independent of the operating system, processor or platform used.

To randomise the test ordering:

$ make OPENSSL_TEST_RAND_ORDER=0 test

To run the tests using the order defined by the random seed 42:

$ make OPENSSL_TEST_RAND_ORDER=42 test