Making a gost provider - Refactor the testing foundation

This makes space for provider tests.

As a beginning, test/00-provider.t is added.  It corresponds to
test/00-engine.t.

All other test/*.t are currently skipped unless the engine is tested.
They will be re-enabled as support for each algorithm type is added in
the provider code.

diff --git a/CMakeLists.txt b/CMakeLists.txt
index b6476e7bc684f0974772f2192c57933ae74333da..499fc7e13d009f275adf443c85fc0bd7ac61e3bf 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -201,24 +201,36 @@ set(GOST_PROV_SOURCE_FILES
         gost_prov.c
         )
 
-set(TEST_ENVIRONMENT
+set(TEST_ENVIRONMENT_COMMON
         CMAKE_CURRENT_SOURCE_DIR=${CMAKE_CURRENT_SOURCE_DIR}
         PERL5LIB=${CMAKE_CURRENT_SOURCE_DIR}/test
-        OPENSSL_ENGINES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY}
         OPENSSL_PROGRAM=${OPENSSL_PROGRAM}
         OPENSSL_CRYPTO_LIBRARY=${OPENSSL_CRYPTO_LIBRARY}
+        )
+
+set(TEST_ENVIRONMENT_ENGINE
+        ${TEST_ENVIRONMENT_COMMON}
+        OPENSSL_ENGINES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY}
         OPENSSL_CONF=${CMAKE_CURRENT_SOURCE_DIR}/test/engine.cnf
         )
 
+set(TEST_ENVIRONMENT_PROVIDER
+        ${TEST_ENVIRONMENT_COMMON}
+        OPENSSL_MODULES=${CMAKE_RUNTIME_OUTPUT_DIRECTORY}
+        OPENSSL_CONF=${CMAKE_CURRENT_SOURCE_DIR}/test/provider.cnf
+        )
+
 add_executable(test_digest test_digest.c)
 target_link_libraries(test_digest OpenSSL::Crypto)
-add_test(NAME digest COMMAND test_digest)
-set_tests_properties(digest PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME digest-with-engine COMMAND test_digest)
+set_tests_properties(digest-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 add_executable(test_ciphers test_ciphers.c)
 target_link_libraries(test_ciphers OpenSSL::Crypto)
-add_test(NAME ciphers COMMAND test_ciphers)
-set_tests_properties(ciphers PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME ciphers-with-engine COMMAND test_ciphers)
+set_tests_properties(ciphers-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 # test_curves is an internals testing program, it doesn't need a test env
 add_executable(test_curves test_curves.c)
@@ -227,28 +239,33 @@ add_test(NAME curves COMMAND test_curves)
 
 add_executable(test_params test_params.c)
 target_link_libraries(test_params OpenSSL::Crypto)
-add_test(NAME parameters COMMAND test_params)
-set_tests_properties(parameters PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME parameters-with-engine COMMAND test_params)
+set_tests_properties(parameters-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 add_executable(test_derive test_derive.c)
 target_link_libraries(test_derive OpenSSL::Crypto)
-add_test(NAME derive COMMAND test_derive)
-set_tests_properties(derive PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME derive-with-engine COMMAND test_derive)
+set_tests_properties(derive-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 add_executable(test_sign test_sign.c)
 target_link_libraries(test_sign OpenSSL::Crypto)
-add_test(NAME sign/verify COMMAND test_sign)
-set_tests_properties(sign/verify PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME sign/verify-with-engine COMMAND test_sign)
+set_tests_properties(sign/verify-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 add_executable(test_tls test_tls.c)
 target_link_libraries(test_tls OpenSSL::SSL)
-add_test(NAME TLS COMMAND test_tls)
-set_tests_properties(TLS PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME TLS-with-engine COMMAND test_tls)
+set_tests_properties(TLS-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 add_executable(test_context test_context.c)
 target_link_libraries(test_context OpenSSL::Crypto)
-add_test(NAME context COMMAND test_context)
-set_tests_properties(context PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+add_test(NAME context-with-engine COMMAND test_context)
+set_tests_properties(context-with-engine
+  PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
 
 # test_keyexpimp is an internals testing program, it doesn't need a test env
 add_executable(test_keyexpimp test_keyexpimp.c)
@@ -266,10 +283,13 @@ if(NOT SKIP_PERL_TESTS)
        ERROR_QUIET RESULT_VARIABLE HAVE_TEST2_V0)
     if(NOT HAVE_TEST2_V0)
        add_test(NAME engine
-           COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test)
-       set_tests_properties(engine PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT}")
+           COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test :: engine)
+       set_tests_properties(engine PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_ENGINE}")
+       add_test(NAME provider
+           COMMAND prove --merge -PWrapOpenSSL ${CMAKE_CURRENT_SOURCE_DIR}/test :: provider)
+       set_tests_properties(provider PROPERTIES ENVIRONMENT "${TEST_ENVIRONMENT_PROVIDER}")
     else()
-      message(STATUS "No Test2::V0 perl module (engine tests skipped)")
+        message(STATUS "No Test2::V0 perl module (engine and provider tests skipped)")
     endif()
 endif()
 

diff --git a/test/00-engine.t b/test/00-engine.t
index a09cfe5b762597ef1b1d2117614e636d70bc1712..9f37555465020f5eeadcb61a00b90fee86e634ec 100644 (file)
--- a/test/00-engine.t
+++ b/test/00-engine.t
@@ -1,5 +1,7 @@
 #!/usr/bin/perl
 use Test2::V0;
+skip_all('This test is only suitable for the engine')
+    unless $ARGV[0] eq 'engine';
 plan(7);
 use Cwd 'abs_path';
 

diff --git a/test/00-provider.t b/test/00-provider.t
new file mode 100644 (file)
index 0000000..85ad249
--- /dev/null
+++ b/test/00-provider.t
@@ -0,0 +1,60 @@
+#!/usr/bin/perl 
+use Test2::V0;
+skip_all('This test is only suitable for the provider')
+    unless $ARGV[0] eq 'provider';
+plan(1);
+use Cwd 'abs_path';
+
+my $provider = 'gostprov';
+my $provider_info = <<EOINF;
+Providers:
+  gostprov
+EOINF
+
+# Normally, this test recipe tests the default GOST provider.  However, it's
+# also possible to test a different provider as well, possibly a custom build.
+# In that case, use the environment variable PROVIDER_NAME to name it.  This
+# overrides a few things:
+#
+# - if it exists, we get the text that 'openssl provider -c ${PROVIDER_NAME}'
+#   should print from the file "${PROVIDER_NAME}.info".
+# - we create an OpenSSL config file for that provider, and use that instead
+#   of the default.  We do this by overriding the environment variable
+#   OPENSSL_CONF
+#
+# If PROVIDER_NAME isn't set, we rely on an existing OPENSSL_CONF
+#
+if ($ENV{'PROVIDER_NAME'}) {
+    $provider=$ENV{'PROVIDER_NAME'};
+
+    if ( -f $provider . ".info") {
+        diag("Reading $provider.info");
+        open my $F, "<", $provider . ".info";
+        read $F,$provider_info,1024;
+        close $F;
+    }
+
+    open my $F,">","$provider.cnf";
+    print $F <<EOCFG;
+openssl_conf = openssl_def
+[openssl_def]
+providers = providers
+[providers]
+${provider}=gost_conf
+[gost_conf]
+default_algorithms = ALL
+EOCFG
+    close $F;
+    $ENV{'OPENSSL_CONF'}=abs_path("$provider.cnf");
+}
+
+# Let's check that we can load the provider without config file
+# Note that this still requires a properly defined OPENSSL_MODULES
+{
+    local $ENV{'OPENSSL_CONF'}=abs_path("no_such_file.cfg");
+    my $cmd = "openssl list -provider $provider -providers";
+    unless (is(`$cmd`, $provider_info,
+               "load provider without any config")) {
+        diag("Command was: $cmd");
+    }
+}

diff --git a/test/01-digest.t b/test/01-digest.t
index b3a6355ca6c39eeb85a3f5f33e0a1d8a47cf3aa6..8d537b6e167f1c6a379a2edd10af4e24fec2ccb6 100644 (file)
--- a/test/01-digest.t
+++ b/test/01-digest.t
@@ -1,5 +1,7 @@
 #!/usr/bin/perl 
 use Test2::V0;
+skip_all('TODO: add digest support in provider')
+    unless $ARGV[0] eq 'engine';
 plan(16);
 
 # Set engine name from environment to allow testing of different engines

diff --git a/test/02-mac.t b/test/02-mac.t
index 9dca47e133d220684890594bbd51a0899be53c34..04a637720ac0e702993809ce6204d6223b276447 100644 (file)
--- a/test/02-mac.t
+++ b/test/02-mac.t
@@ -1,5 +1,7 @@
 #!/usr/bin/perl 
 use Test2::V0;
+skip_all('TODO: add mac support in provider')
+    unless $ARGV[0] eq 'engine';
 plan(19);
 
 # prepare data for 

diff --git a/test/03-encrypt.t b/test/03-encrypt.t
index 408278ac9d4c736631aa5d286a43516e16eafdf7..5b25f30977ed57753ad9ed4757828f8a90a7e6c0 100644 (file)
--- a/test/03-encrypt.t
+++ b/test/03-encrypt.t
@@ -1,5 +1,7 @@
 #!/usr/bin/perl
 use Test2::V0;
+skip_all('TODO: add symmetric cipher support in provider')
+    unless $ARGV[0] eq 'engine';
 plan(48);
 use Cwd 'abs_path';
 

diff --git a/test/04-pkey.t b/test/04-pkey.t
index 532656cb27a8f7ff035c02c7fc449bde5d1e10cc..4469f86b2fc78d639d97f3551206628e03d89272 100644 (file)
--- a/test/04-pkey.t
+++ b/test/04-pkey.t
@@ -1,5 +1,7 @@
 #!/usr/bin/perl
 use Test2::V0;
+skip_all('TODO: add pkey support in provider')
+    unless $ARGV[0] eq 'engine';
 plan(2);
 use Cwd 'abs_path';
 

diff --git a/test/empty.cnf b/test/empty.cnf
deleted file mode 100644 (file)
index e69de29..0000000

diff --git a/test/provider.cnf b/test/provider.cnf
new file mode 100644 (file)
index 0000000..d2c231a
--- /dev/null
+++ b/test/provider.cnf
@@ -0,0 +1,8 @@
+openssl_conf = openssl_def
+[openssl_def]
+providers = providers
+[providers]
+gostprov = provider_conf
+default = provider_conf
+[provider_conf]
+activate = 1