2 * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/provider.h>
13 #include <openssl/params.h>
14 #include <openssl/core_names.h>
15 #include <openssl/evp.h>
17 #include "fake_rsaprov.h"
19 static OSSL_LIB_CTX *libctx = NULL;
21 /* Fetch SIGNATURE method using a libctx and propq */
22 static int fetch_sig(OSSL_LIB_CTX *ctx, const char *alg, const char *propq,
23 OSSL_PROVIDER *expected_prov)
26 EVP_SIGNATURE *sig = EVP_SIGNATURE_fetch(ctx, "RSA", propq);
32 if (!TEST_ptr(prov = EVP_SIGNATURE_get0_provider(sig)))
35 if (!TEST_ptr_eq(prov, expected_prov)) {
36 TEST_info("Fetched provider: %s, Expected provider: %s",
37 OSSL_PROVIDER_get0_name(prov),
38 OSSL_PROVIDER_get0_name(expected_prov));
44 EVP_SIGNATURE_free(sig);
49 static int test_pkey_sig(void)
51 OSSL_PROVIDER *deflt = NULL;
52 OSSL_PROVIDER *fake_rsa = NULL;
54 EVP_PKEY *pkey = NULL;
55 EVP_PKEY_CTX *ctx = NULL;
57 if (!TEST_ptr(fake_rsa = fake_rsa_start(libctx)))
60 if (!TEST_ptr(deflt = OSSL_PROVIDER_load(libctx, "default")))
63 /* Do a direct fetch to see it works */
64 if (!TEST_true(fetch_sig(libctx, "RSA", "provider=fake-rsa", fake_rsa))
65 || !TEST_true(fetch_sig(libctx, "RSA", "?provider=fake-rsa", fake_rsa)))
68 /* Construct a pkey using precise propq to use our provider */
69 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_name(libctx, "RSA",
71 || !TEST_true(EVP_PKEY_fromdata_init(ctx))
72 || !TEST_true(EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEYPAIR, NULL))
76 EVP_PKEY_CTX_free(ctx);
79 /* try exercising signature_init ops a few times */
80 for (i = 0; i < 3; i++) {
84 * Create a signing context for our pkey with optional propq.
85 * The sign init should pick both keymgmt and signature from
86 * fake-rsa as the key is not exportable.
88 if (!TEST_ptr(ctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey,
89 "?provider=default")))
93 * If this picks the wrong signature without realizing it
94 * we can get a segfault or some internal error. At least watch
95 * whether fake-rsa sign_init is is exercised by calling sign.
97 if (!TEST_int_eq(EVP_PKEY_sign_init(ctx), 1))
100 if (!TEST_int_eq(EVP_PKEY_sign(ctx, NULL, &siglen, NULL, 0), 1)
101 || !TEST_size_t_eq(siglen, 256))
104 EVP_PKEY_CTX_free(ctx);
111 fake_rsa_finish(fake_rsa);
112 OSSL_PROVIDER_unload(deflt);
113 EVP_PKEY_CTX_free(ctx);
118 int setup_tests(void)
120 libctx = OSSL_LIB_CTX_new();
124 ADD_TEST(test_pkey_sig);
129 void cleanup_tests(void)
131 OSSL_LIB_CTX_free(libctx);