decoder_propq_test.c 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119
  1. /*
  2. * Copyright 2023 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <openssl/pem.h>
  10. #include <openssl/evp.h>
  11. #include "testutil.h"
  12. static OSSL_LIB_CTX *libctx = NULL;
  13. static OSSL_PROVIDER *nullprov = NULL;
  14. static OSSL_PROVIDER *libprov = NULL;
  15. static const char *filename = NULL;
  16. static pem_password_cb passcb;
  17. typedef enum OPTION_choice {
  18. OPT_ERR = -1,
  19. OPT_EOF = 0,
  20. OPT_CONFIG_FILE,
  21. OPT_PROVIDER_NAME,
  22. OPT_TEST_ENUM
  23. } OPTION_CHOICE;
  24. const OPTIONS *test_get_options(void)
  25. {
  26. static const OPTIONS test_options[] = {
  27. OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("file\n"),
  28. { "config", OPT_CONFIG_FILE, '<',
  29. "The configuration file to use for the libctx" },
  30. { "provider", OPT_PROVIDER_NAME, 's',
  31. "The provider to load (The default value is 'default')" },
  32. { OPT_HELP_STR, 1, '-', "file\tFile to decode.\n" },
  33. { NULL }
  34. };
  35. return test_options;
  36. }
  37. static int passcb(char *buf, int size, int rwflag, void *userdata)
  38. {
  39. strcpy(buf, "pass");
  40. return strlen(buf);
  41. }
  42. static int test_decode_nonfipsalg(void)
  43. {
  44. int ret = 0;
  45. EVP_PKEY *privkey = NULL;
  46. BIO *bio = NULL;
  47. /*
  48. * Apply the "fips=true" property to all fetches for the libctx.
  49. * We do this to test that we are using the propq override
  50. */
  51. EVP_default_properties_enable_fips(libctx, 1);
  52. if (!TEST_ptr(bio = BIO_new_file(filename, "r")))
  53. goto err;
  54. /*
  55. * If NULL is passed as the propq here it uses the global property "fips=true",
  56. * Which we expect to fail if the decode uses a non FIPS algorithm
  57. */
  58. if (!TEST_ptr_null(PEM_read_bio_PrivateKey_ex(bio, &privkey, &passcb, NULL, libctx, NULL)))
  59. goto err;
  60. /*
  61. * Pass if we override the libctx global prop query to optionally use fips=true
  62. * This assumes that the libctx contains the default provider
  63. */
  64. if (!TEST_ptr_null(PEM_read_bio_PrivateKey_ex(bio, &privkey, &passcb, NULL, libctx, "?fips=true")))
  65. goto err;
  66. ret = 1;
  67. err:
  68. BIO_free(bio);
  69. EVP_PKEY_free(privkey);
  70. return ret;
  71. }
  72. int setup_tests(void)
  73. {
  74. const char *prov_name = "default";
  75. char *config_file = NULL;
  76. OPTION_CHOICE o;
  77. while ((o = opt_next()) != OPT_EOF) {
  78. switch (o) {
  79. case OPT_PROVIDER_NAME:
  80. prov_name = opt_arg();
  81. break;
  82. case OPT_CONFIG_FILE:
  83. config_file = opt_arg();
  84. break;
  85. case OPT_TEST_CASES:
  86. break;
  87. default:
  88. case OPT_ERR:
  89. return 0;
  90. }
  91. }
  92. filename = test_get_argument(0);
  93. if (!test_get_libctx(&libctx, &nullprov, config_file, &libprov, prov_name))
  94. return 0;
  95. ADD_TEST(test_decode_nonfipsalg);
  96. return 1;
  97. }
  98. void cleanup_tests(void)
  99. {
  100. OSSL_PROVIDER_unload(libprov);
  101. OSSL_LIB_CTX_free(libctx);
  102. OSSL_PROVIDER_unload(nullprov);
  103. }