mirror of
https://github.com/openssl/openssl.git
synced 2025-03-01 14:46:32 +08:00
e8cee55718
Generate a fresh certificate and DSA private key in their respective PEM files. Modify the resulting ASCII in various ways so as to produce input files that might be generated by non-openssl programs (openssl always generates "standard" PEM files, with base64 data in 64-character lines except for a possible shorter last line). Exercise various combinations of line lengths, leading/trailing whitespace, non-base64 characters, comments, and padding, for both unencrypted and encrypted files. (We do not have any other test coverage that uses encrypted files, as far as I can see, and the parser enforces different rules for the body of encrypted files.) Add a recipe to parse these test files and verify that they contain the expected string or are rejected, according to the expected status. Some of the current behavior is perhaps suboptimal and could be revisited. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2756) |
||
|---|---|---|
| .. | ||
| certs | ||
| ct | ||
| d2i-tests | ||
| ocsp-tests | ||
| ossl_shim | ||
| recipes | ||
| smime-certs | ||
| ssl-tests | ||
| testlib | ||
| aborttest.c | ||
| afalgtest.c | ||
| asn1_internal_test.c | ||
| asynciotest.c | ||
| asynctest.c | ||
| bad_dtls_test.c | ||
| bftest.c | ||
| bio_enc_test.c | ||
| bioprinttest.c | ||
| bntest.c | ||
| bntests.pl | ||
| bntests.txt | ||
| build.info | ||
| CAss.cnf | ||
| CAssdh.cnf | ||
| CAssdsa.cnf | ||
| CAssrsa.cnf | ||
| casttest.c | ||
| CAtsa.cnf | ||
| cipher_overhead_test.c | ||
| cipherbytes_test.c | ||
| cipherlist_test.c | ||
| clienthellotest.c | ||
| cms-examples.pl | ||
| constant_time_test.c | ||
| crltest.c | ||
| ct_test.c | ||
| d2i_test.c | ||
| danetest.c | ||
| danetest.in | ||
| danetest.pem | ||
| destest.c | ||
| dhtest.c | ||
| dsatest.c | ||
| dtls_mtu_test.c | ||
| dtlstest.c | ||
| dtlsv1listentest.c | ||
| ecdhtest_cavs.h | ||
| ecdhtest.c | ||
| ecdsatest.c | ||
| ectest.c | ||
| enginetest.c | ||
| evp_extra_test.c | ||
| evp_test.c | ||
| evptests.txt | ||
| exdatatest.c | ||
| exptest.c | ||
| generate_buildtest.pl | ||
| generate_ssl_tests.pl | ||
| gmdifftest.c | ||
| handshake_helper.c | ||
| handshake_helper.h | ||
| hmactest.c | ||
| ideatest.c | ||
| igetest.c | ||
| md2test.c | ||
| mdc2_internal_test.c | ||
| mdc2test.c | ||
| memleaktest.c | ||
| modes_internal_test.c | ||
| P1ss.cnf | ||
| P2ss.cnf | ||
| packettest.c | ||
| pbelutest.c | ||
| pkcs7-1.pem | ||
| pkcs7.pem | ||
| pkey_meth_test.c | ||
| pkits-test.pl | ||
| poly1305_internal_test.c | ||
| randtest.c | ||
| rc2test.c | ||
| rc4test.c | ||
| rc5test.c | ||
| README | ||
| README.external | ||
| README.ssltest.md | ||
| rsa_test.c | ||
| run_tests.pl | ||
| sanitytest.c | ||
| secmemtest.c | ||
| serverinfo.pem | ||
| sha1test.c | ||
| sha256t.c | ||
| sha512t.c | ||
| shibboleth.pfx | ||
| shlibloadtest.c | ||
| siphash_internal_test.c | ||
| smcont.txt | ||
| srptest.c | ||
| ssl_test_ctx_test.c | ||
| ssl_test_ctx_test.conf | ||
| ssl_test_ctx.c | ||
| ssl_test_ctx.h | ||
| ssl_test.c | ||
| ssl_test.tmpl | ||
| sslapitest.c | ||
| sslcorrupttest.c | ||
| ssltest_old.c | ||
| ssltestlib.c | ||
| ssltestlib.h | ||
| Sssdsa.cnf | ||
| Sssrsa.cnf | ||
| test_main_custom.c | ||
| test_main_custom.h | ||
| test_main.c | ||
| test_main.h | ||
| test.cnf | ||
| testcrl.pem | ||
| testdsa.pem | ||
| testdsapub.pem | ||
| testec-p256.pem | ||
| testecpub-p256.pem | ||
| testp7.pem | ||
| testreq2.pem | ||
| testrsa.pem | ||
| testrsapub.pem | ||
| testsid.pem | ||
| testutil.c | ||
| testutil.h | ||
| testx509.pem | ||
| threadstest.c | ||
| tls13encryptiontest.c | ||
| tls13secretstest.c | ||
| uitest.c | ||
| Uss.cnf | ||
| v3-cert1.pem | ||
| v3-cert2.pem | ||
| v3ext.c | ||
| v3nametest.c | ||
| verify_extra_test.c | ||
| wpackettest.c | ||
| x509_internal_test.c | ||
| x509_time_test.c | ||
| x509aux.c | ||
How to add recipes
==================
For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.
Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile. More on this later.
Naming conventions
=================
A test executable is named test/{name}test.c
A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.
The number {nn} is (somewhat loosely) grouped as follows:
00-04 sanity, internal and essential API tests
05-09 individual symmetric cipher algorithms
10-14 math (bignum)
15-19 individual asymmetric cipher algorithms
20-24 openssl commands (some otherwise not tested)
25-29 certificate forms, generation and verification
30-35 engine and evp
60-79 APIs
70 PACKET layer
80-89 "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98 misc
99 most time consuming tests [such as test_fuzz]
A recipe that just runs a test executable
=========================================
A script that just runs a program looks like this:
#! /usr/bin/perl
use OpenSSL::Test::Simple;
simple_test("test_{name}", "{name}test", "{name}");
{name} is the unique name you have chosen for your test.
The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/
For documentation on OpenSSL::Test::Simple, do
`perldoc test/testlib/OpenSSL/Test/Simple.pm'.
A recipe that runs a more complex test
======================================
For more complex tests, you will need to read up on Test::More and
OpenSSL::Test. Test::More is normally preinstalled, do `man Test::More' for
documentation. For OpenSSL::Test, do `perldoc test/testlib/OpenSSL/Test.pm'.
A script to start from could be this:
#! /usr/bin/perl
use strict;
use warnings;
use OpenSSL::Test;
setup("test_{name}");
plan tests => 2; # The number of tests being performed
ok(test1, "test1");
ok(test2, "test1");
sub test1
{
# test feature 1
}
sub test2
{
# test feature 2
}
Changes to test/Makefile
========================
Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):
* among the variables for test executables at the beginning, add a line like
this:
{NAME}TEST= {name}test
* add `$({NAME}TEST)$(EXE_EXT)' to the assignment of EXE:
* add `$({NAME}TEST).o' to the assignment of OBJ:
* add `$({NAME}TEST).c' to the assignment of SRC:
* add the following lines for building the executable:
$({NAME}TEST)$(EXE_EXT): $({NAME}TEST).o $(DLIBCRYPTO)
@target=$({NAME}TEST); $(BUILD_CMD)