2 * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/provider.h>
14 extern OSSL_provider_init_fn PROVIDER_INIT_FUNCTION_NAME;
17 static OSSL_PARAM greeting_request[] = {
18 { "greeting", OSSL_PARAM_UTF8_STRING, buf, sizeof(buf) },
19 { NULL, 0, NULL, 0, 0 }
22 static unsigned int digestsuccess = 0;
23 static OSSL_PARAM digest_check[] = {
24 { "digest-check", OSSL_PARAM_UNSIGNED_INTEGER, &digestsuccess,
25 sizeof(digestsuccess) },
26 { NULL, 0, NULL, 0, 0 }
29 static unsigned int stopsuccess = 0;
30 static OSSL_PARAM stop_property_mirror[] = {
31 { "stop-property-mirror", OSSL_PARAM_UNSIGNED_INTEGER, &stopsuccess,
32 sizeof(stopsuccess) },
33 { NULL, 0, NULL, 0, 0 }
36 static int test_provider(OSSL_LIB_CTX **libctx, const char *name,
37 OSSL_PROVIDER *legacy)
39 OSSL_PROVIDER *prov = NULL;
40 const char *greeting = NULL;
41 char expected_greeting[256];
44 int dolegacycheck = (legacy != NULL);
45 OSSL_PROVIDER *deflt = NULL, *base = NULL;
47 BIO_snprintf(expected_greeting, sizeof(expected_greeting),
48 "Hello OpenSSL %.20s, greetings from %s!",
49 OPENSSL_VERSION_STR, name);
53 * We set properties that we know the providers we are using don't have.
54 * This should mean that the p_test provider will fail any fetches - which
55 * is something we test inside the provider.
57 EVP_set_default_properties(*libctx, "fips=yes");
59 * Check that it is possible to have a built-in provider mirrored in
62 if (!TEST_ptr(base = OSSL_PROVIDER_load(*libctx, "base")))
64 if (!TEST_ptr(prov = OSSL_PROVIDER_load(*libctx, name)))
68 * Once the provider is loaded we clear the default properties and fetches
69 * should start working again.
71 EVP_set_default_properties(*libctx, "");
73 if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
74 || !TEST_true(digestsuccess))
78 * Check that a provider can prevent property mirroring if it sets its
79 * own properties explicitly
81 if (!TEST_true(OSSL_PROVIDER_get_params(prov, stop_property_mirror))
82 || !TEST_true(stopsuccess))
84 EVP_set_default_properties(*libctx, "fips=yes");
85 if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
86 || !TEST_true(digestsuccess))
88 EVP_set_default_properties(*libctx, "");
90 if (!TEST_true(OSSL_PROVIDER_get_params(prov, greeting_request))
91 || !TEST_ptr(greeting = greeting_request[0].data)
92 || !TEST_size_t_gt(greeting_request[0].data_size, 0)
93 || !TEST_str_eq(greeting, expected_greeting))
96 /* Make sure we got the error we were expecting */
97 err = ERR_peek_last_error();
98 if (!TEST_int_gt(err, 0)
99 || !TEST_int_eq(ERR_GET_REASON(err), 1))
102 OSSL_PROVIDER_unload(legacy);
106 /* Legacy provider should also be unloaded from child libctx */
107 if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
108 || !TEST_false(digestsuccess))
111 * Loading the legacy provider again should make it available again in
112 * the child libctx. Loading and unloading the default provider should
113 * have no impact on the child because the child loads it explicitly
116 legacy = OSSL_PROVIDER_load(*libctx, "legacy");
117 deflt = OSSL_PROVIDER_load(*libctx, "default");
119 || !TEST_true(OSSL_PROVIDER_available(*libctx, "default")))
121 OSSL_PROVIDER_unload(deflt);
123 if (!TEST_ptr(legacy)
124 || !TEST_false(OSSL_PROVIDER_available(*libctx, "default"))
125 || !TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
126 || !TEST_true(digestsuccess))
128 OSSL_PROVIDER_unload(legacy);
132 if (!TEST_true(OSSL_PROVIDER_unload(base)))
135 if (!TEST_true(OSSL_PROVIDER_unload(prov)))
140 * We must free the libctx to force the provider to really be unloaded from
143 OSSL_LIB_CTX_free(*libctx);
146 /* We print out all the data to make sure it can still be accessed */
147 ERR_print_errors_fp(stderr);
150 OSSL_PROVIDER_unload(base);
151 OSSL_PROVIDER_unload(deflt);
152 OSSL_PROVIDER_unload(legacy);
154 OSSL_PROVIDER_unload(prov);
155 OSSL_LIB_CTX_free(*libctx);
160 static int test_builtin_provider(void)
162 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
163 const char *name = "p_test_builtin";
168 && TEST_true(OSSL_PROVIDER_add_builtin(libctx, name,
169 PROVIDER_INIT_FUNCTION_NAME))
170 && test_provider(&libctx, name, NULL);
172 OSSL_LIB_CTX_free(libctx);
177 /* Test relies on fetching the MD4 digest from the legacy provider */
178 #ifndef OPENSSL_NO_MD4
179 static int test_builtin_provider_with_child(void)
181 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
182 const char *name = "p_test";
183 OSSL_PROVIDER *legacy;
185 if (!TEST_ptr(libctx))
188 legacy = OSSL_PROVIDER_load(libctx, "legacy");
189 if (legacy == NULL) {
191 * In this case we assume we've been built with "no-legacy" and skip
192 * this test (there is no OPENSSL_NO_LEGACY)
197 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, name,
198 PROVIDER_INIT_FUNCTION_NAME)))
201 /* test_provider will free libctx and unload legacy as part of the test */
202 return test_provider(&libctx, name, legacy);
206 #ifndef NO_PROVIDER_MODULE
207 static int test_loaded_provider(void)
209 OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new();
210 const char *name = "p_test";
212 if (!TEST_ptr(libctx))
215 /* test_provider will free libctx as part of the test */
216 return test_provider(&libctx, name, NULL);
220 typedef enum OPTION_choice {
227 const OPTIONS *test_get_options(void)
229 static const OPTIONS test_options[] = {
230 OPT_TEST_OPTIONS_DEFAULT_USAGE,
231 { "loaded", OPT_LOADED, '-', "Run test with a loaded provider" },
237 int setup_tests(void)
242 while ((o = opt_next()) != OPT_EOF) {
255 ADD_TEST(test_builtin_provider);
256 #ifndef OPENSSL_NO_MD4
257 ADD_TEST(test_builtin_provider_with_child);
260 #ifndef NO_PROVIDER_MODULE
262 ADD_TEST(test_loaded_provider);