A local copy of OpenSSL from GitHub
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 
Matt Caswell 5627f9f217 Don't detect a downgrade where the server has a protocol version hole 4 years ago
..
certs Limit scope of CN name constraints 4 years ago
ct Verify SCT signatures 7 years ago
d2i-tests add test for CVE-2016-7053 6 years ago
ocsp-tests Fix OCSP_basic_verify() cert chain construction in case bs->certs is NULL 5 years ago
ossl_shim Fix ossl_shim SNI handling 4 years ago
recipes Don't detect a downgrade where the server has a protocol version hole 4 years ago
smime-certs Add alternative CMS P-256 cert 5 years ago
ssl-tests Change Post Handshake auth so that it is opt-in 4 years ago
testutil testutil/driver.c: Fix function prototype warning [-Wstrict-prototypes] 4 years ago
CAss.cnf RT3809: basicConstraints is critical 6 years ago
CAssdh.cnf Import of old SSLeay release: SSLeay 0.9.0b 24 years ago
CAssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 24 years ago
CAssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 24 years ago
CAtsa.cnf Added support for ESSCertIDv2 5 years ago
P1ss.cnf Use 2K RSA and SHA256 in tests 7 years ago
P2ss.cnf Use 2K RSA and SHA256 in tests 7 years ago
README Fix test documentation. 5 years ago
README.external Many spelling fixes/typo's corrected. 5 years ago
README.ssltest.md Session resume broken switching contexts 5 years ago
Sssdsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 24 years ago
Sssrsa.cnf Import of old SSLeay release: SSLeay 0.9.0b 24 years ago
Uss.cnf Create DSA and ECDSA certificates. 7 years ago
aborttest.c Copyright consolidation 02/10 6 years ago
afalgtest.c Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded" 5 years ago
asn1_encode_test.c Update copyright year 5 years ago
asn1_internal_test.c test/asn1_internal_test.c: silence the new check for the ASN1 method table 4 years ago
asn1_string_table_test.c [Win] Fix some test method signatures ... 5 years ago
asn1_time_test.c test/asn1_time_test.c: make it work on 64-bit HP-UX. 4 years ago
asynciotest.c Update code for the final RFC version of TLSv1.3 (RFC8446) 4 years ago
asynctest.c Update copyright year 4 years ago
bad_dtls_test.c Remove unicode characters from source 5 years ago
bftest.c Consistent formatting for sizeof(foo) 5 years ago
bio_callback_test.c Fix bio callback backward compatibility 4 years ago
bio_enc_test.c Fix no-chacha and no-poly1305 5 years ago
bioprinttest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
bntest.c Fixed range of random produced in BN_is_prime_fasttest_ex() to be 1 < rand < w-1. It was using 1<= rand < w (which is wrong by 1 on both ends) 4 years ago
bntests.pl Make bntest be (mostly) file-based. 6 years ago
build.info Add test for DSA signatures of raw digests of various sizes 4 years ago
casttest.c Use "" not <> for internal/ includes 5 years ago
chacha_internal_test.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
cipher_overhead_test.c Use "" not <> for internal/ includes 5 years ago
cipherbytes_test.c Use "" not <> for internal/ includes 5 years ago
cipherlist_test.c Use void in all function definitions that do not take any arguments 4 years ago
ciphername_test.c Use "" not <> for internal/ includes 5 years ago
clienthellotest.c Enhance ssltestlib's create_ssl_ctx_pair to take min and max proto version 4 years ago
cms-examples.pl Copyright consolidation: perl files 6 years ago
cmsapitest.c Add a CMS API test 4 years ago
conf_include_test.c NCONF_get_number refix. 4 years ago
constant_time_test.c Update copyright year 5 years ago
crltest.c Factorise duplicated code. 5 years ago
ct_test.c test/ct_test.c: remove dependency on -lm. 5 years ago
ctype_internal_test.c Update copyright year 4 years ago
curve448_internal_test.c Update copyright year 5 years ago
d2i_test.c Consistent formatting for sizeof(foo) 5 years ago
danetest.c Use "" not <> for internal/ includes 5 years ago
danetest.in Perform DANE-EE(3) name checks by default 6 years ago
danetest.pem DANE support for X509_verify_cert() 7 years ago
destest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
dhtest.c Update copyright year 4 years ago
drbg_cavs_data.c Update copyright year 4 years ago
drbg_cavs_data.h Update copyright year 4 years ago
drbg_cavs_test.c Update copyright year 4 years ago
drbgtest.c Use void in all function definitions that do not take any arguments 4 years ago
drbgtest.h Add DRBG random method 5 years ago
dsa_no_digest_size_test.c Add test for DSA signatures of raw digests of various sizes 4 years ago
dsatest.c Use "" not <> for internal/ includes 5 years ago
dtls_mtu_test.c Update copyright year 4 years ago
dtlstest.c Fix no-ec in combination with no-dh 4 years ago
dtlsv1listentest.c Update copyright year 4 years ago
ecdsatest.c Update copyright year 4 years ago
ecstresstest.c Use the new non-curve type specific EC functions internally 4 years ago
ectest.c Use the new non-curve type specific EC functions internally 4 years ago
enginetest.c Add EVP_PKEY_METHOD redirection test 5 years ago
errtest.c Save and restore the Windows error around TlsGetValue. 4 years ago
evp_extra_test.c Update copyright year 4 years ago
evp_test.c Add a helper routine so that evp_test can compare memory without producing 4 years ago
evp_test.h Add support for multiple update calls in evp_test 5 years ago
exdatatest.c Update copyright year 4 years ago
exptest.c Use "" not <> for internal/ includes 5 years ago
fatalerrtest.c Update copyright year 4 years ago
generate_buildtest.pl Update copyright year 4 years ago
generate_ssl_tests.pl Consolidate the locations where we have our internal perl modules 5 years ago
gmdifftest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
gosttest.c Add a GOST test 4 years ago
handshake_helper.c Change Post Handshake auth so that it is opt-in 4 years ago
handshake_helper.h Update copyright year 4 years ago
hmactest.c Use "" not <> for internal/ includes 5 years ago
ideatest.c Use "" not <> for internal/ includes 5 years ago
igetest.c Consistent formatting for sizeof(foo) 5 years ago
lhash_test.c Use "" not <> for internal/ includes 5 years ago
md2test.c Use "" not <> for internal/ includes 5 years ago
mdc2_internal_test.c Update copyright year 4 years ago
mdc2test.c Use "" not <> for internal/ includes 5 years ago
memleaktest.c Update secmemtest and memeleaktest to use the test infrastructure. 5 years ago
modes_internal_test.c Use void in all function definitions that do not take any arguments 4 years ago
ocspapitest.c Wrap more of ocspapitest.c in OPENSSL_NO_OCSP 5 years ago
packettest.c Update copyright year 4 years ago
pbelutest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
pemtest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
pkcs7-1.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
pkcs7.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
pkey_meth_kdf_test.c Update copyright year 4 years ago
pkey_meth_test.c Update copyright year 4 years ago
pkits-test.pl Many spelling fixes/typo's corrected. 5 years ago
poly1305_internal_test.c Update copyright year 5 years ago
rc2test.c Use "" not <> for internal/ includes 5 years ago
rc4test.c Use "" not <> for internal/ includes 5 years ago
rc5test.c Use "" not <> for internal/ includes 5 years ago
rdrand_sanitytest.c Use void in all function definitions that do not take any arguments 4 years ago
recordlentest.c Update copyright year 4 years ago
rsa_mp_test.c rsa/rsa_gen.c: harmonize keygen's ability with RSA_security_bits. 5 years ago
rsa_test.c Use "" not <> for internal/ includes 5 years ago
run_tests.pl Update copyright year 4 years ago
sanitytest.c Relocate memcmp test. 4 years ago
secmemtest.c Zero memory in CRYPTO_secure_malloc. 4 years ago
serverinfo.pem Require ServerInfo PEMs to be named "BEGIN SERVERINFO FOR"... 9 years ago
serverinfo2.pem Add a SERVERINFOV2 format test file 5 years ago
servername_test.c Use "" not <> for internal/ includes 5 years ago
session.pem Don't store the ticket nonce in the session 4 years ago
shibboleth.pfx Add PKCS#12 UTF-8 interoperability test. 6 years ago
shlibloadtest.c Fix a gcc-8 warning -Wcast-function-type 4 years ago
siphash_internal_test.c Update copyright year 5 years ago
sm2_internal_test.c Use the new non-curve type specific EC functions internally 4 years ago
sm4_internal_test.c SM4: Add SM4 block cipher to EVP 5 years ago
smcont.txt test/smcont.txt: trigger assertion in bio_enc.c. 6 years ago
srptest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
ssl_cert_table_internal_test.c Use void in all function definitions that do not take any arguments 4 years ago
ssl_test.c Add a config option to disable automatic config loading 4 years ago
ssl_test.tmpl test/ssl_test.tmpl: make it work with elderly perl. 6 years ago
ssl_test_ctx.c Change Post Handshake auth so that it is opt-in 4 years ago
ssl_test_ctx.h Change Post Handshake auth so that it is opt-in 4 years ago
ssl_test_ctx_test.c Update copyright year 4 years ago
ssl_test_ctx_test.conf Implement Maximum Fragment Length TLS extension. 5 years ago
sslapitest.c Add support for SSL_CTX_set_post_handshake_auth() 4 years ago
sslbuffertest.c Update copyright year 4 years ago
sslcorrupttest.c Use void in all function definitions that do not take any arguments 4 years ago
ssltest_old.c Use void in all function definitions that do not take any arguments 4 years ago
ssltestlib.c Add a bi-directional shutdown test 4 years ago
ssltestlib.h Add a bi-directional shutdown test 4 years ago
stack_test.c Add a reserve call to the stack data structure. 5 years ago
sysdefault.cnf Apply system_default configuration on SSL_CTX_new(). 4 years ago
sysdefaulttest.c Update copyright year 4 years ago
test.cnf Use 2K RSA and SHA256 in tests 7 years ago
test_test.c Relocate memcmp test. 4 years ago
testcrl.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
testdsa.pem Add private/public key conversion tests 7 years ago
testdsapub.pem Add private/public key conversion tests 7 years ago
testec-p256.pem Add private/public key conversion tests 7 years ago
testecpub-p256.pem Add private/public key conversion tests 7 years ago
testp7.pem Change PKCS#7 test data to take account of removal of 22 years ago
testreq2.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
testrsa.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
testrsapub.pem Add private/public key conversion tests 7 years ago
testsid.pem Remove SSLv2 support 8 years ago
testutil.h Test support for time_t comparisons. 5 years ago
testx509.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
threadstest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
time_offset_test.c Update copyright year 4 years ago
tls13ccstest.c Use void in all function definitions that do not take any arguments 4 years ago
tls13encryptiontest.c Update the TLSv1.3 test vectors 4 years ago
tls13secretstest.c Update the TLSv1.3 test vectors 4 years ago
uitest.c [Win] Fix some test method signatures ... 5 years ago
v3-cert1.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
v3-cert2.pem Import of old SSLeay release: SSLeay 0.8.1b 24 years ago
v3ext.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
v3nametest.c Use void in all function definitions that do not take any arguments 4 years ago
verify_extra_test.c Update copyright year 4 years ago
versions.c Refuse to run test_cipherlist unless shared library matches build 4 years ago
wpackettest.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
x509_check_cert_pkey_test.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
x509_dup_cert_test.c Update the test framework so that the need for test_main is removed. Everything 5 years ago
x509_internal_test.c Update copyright year 4 years ago
x509_time_test.c Update copyright year 4 years ago
x509aux.c Update copyright year 4 years ago

README

How to add recipes
==================

For any test that you want to perform, you write a script located in
test/recipes/, named {nn}-test_{name}.t, where {nn} is a two digit number and
{name} is a unique name of your choice.

Please note that if a test involves a new testing executable, you will need to
do some additions in test/Makefile. More on this later.


Naming conventions
=================

A test executable is named test/{name}test.c

A test recipe is named test/recipes/{nn}-test_{name}.t, where {nn} is a two
digit number and {name} is a unique name of your choice.

The number {nn} is (somewhat loosely) grouped as follows:

00-04 sanity, internal and essential API tests
05-09 individual symmetric cipher algorithms
10-14 math (bignum)
15-19 individual asymmetric cipher algorithms
20-24 openssl commands (some otherwise not tested)
25-29 certificate forms, generation and verification
30-35 engine and evp
60-79 APIs
70 PACKET layer
80-89 "larger" protocols (CA, CMS, OCSP, SSL, TSA)
90-98 misc
99 most time consuming tests [such as test_fuzz]


A recipe that just runs a test executable
=========================================

A script that just runs a program looks like this:

#! /usr/bin/perl

use OpenSSL::Test::Simple;

simple_test("test_{name}", "{name}test", "{name}");

{name} is the unique name you have chosen for your test.

The second argument to `simple_test' is the test executable, and `simple_test'
expects it to be located in test/

For documentation on OpenSSL::Test::Simple, do
`perldoc util/perl/OpenSSL/Test/Simple.pm'.


A recipe that runs a more complex test
======================================

For more complex tests, you will need to read up on Test::More and
OpenSSL::Test. Test::More is normally preinstalled, do `man Test::More' for
documentation. For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm'.

A script to start from could be this:

#! /usr/bin/perl

use strict;
use warnings;
use OpenSSL::Test;

setup("test_{name}");

plan tests => 2; # The number of tests being performed

ok(test1, "test1");
ok(test2, "test1");

sub test1
{
# test feature 1
}

sub test2
{
# test feature 2
}


Changes to test/build.info
==========================

Whenever a new test involves a new test executable you need to do the
following (at all times, replace {NAME} and {name} with the name of your
test):

* add {name} to the list of programs under PROGRAMS_NO_INST

* create a three line description of how to build the test, you will have
to modify the include paths and source files if you don't want to use the
basic test framework:

SOURCE[{name}]={name}.c
INCLUDE[{name}]=.. ../include
DEPEND[{name}]=../libcrypto libtestutil.a

Generic form of C test executables
==================================

#include "testutil.h"

static int my_test(void)
{
int testresult = 0; /* Assume the test will fail */
int observed;

observed = function(); /* Call the code under test */
if (!TEST_int_equal(observed, 2)) /* Check the result is correct */
goto end; /* Exit on failure - optional */

testresult = 1; /* Mark the test case a success */
end:
cleanup(); /* Any cleanup you require */
return testresult;
}

int setup_tests(void)
{
ADD_TEST(my_test); /* Add each test separately */
return 1; /* Indicate success */
}

You should use the TEST_xxx macros provided by testutil.h to test all failure
conditions. These macros produce an error message in a standard format if the
condition is not met (and nothing if the condition is met). Additional
information can be presented with the TEST_info macro that takes a printf
format string and arguments. TEST_error is useful for complicated conditions,
it also takes a printf format string and argument. In all cases the TEST_xxx
macros are guaranteed to evaluate their arguments exactly once. This means
that expressions with side effects are allowed as parameters. Thus,

if (!TEST_ptr(ptr = OPENSSL_malloc(..)))

works fine and can be used in place of:

ptr = OPENSSL_malloc(..);
if (!TEST_ptr(ptr))

The former produces a more meaningful message on failure than the latter.