p_teardown(ctx);
return 0;
}
+ /*
+ * The default provider is loaded - but the default properties should not
+ * allow its use.
+ */
+ {
+ EVP_MD *sha256 = EVP_MD_fetch(ctx->libctx, "SHA2-256", NULL);
+ if (sha256 != NULL) {
+ EVP_MD_free(sha256);
+ p_teardown(ctx);
+ return 0;
+ }
+ }
#endif
/*
{
const char *name = "p_test_builtin";
OSSL_PROVIDER *prov = NULL;
+ int ret;
- return
+ /*
+ * We set properties that we know the providers we are using don't have.
+ * This should mean that the p_test provider will fail any fetches - which
+ * is something we test inside the provider.
+ */
+ EVP_set_default_properties(NULL, "fips=yes");
+
+ ret =
TEST_ptr(prov =
ossl_provider_new(NULL, name, PROVIDER_INIT_FUNCTION_NAME, 0))
&& test_provider(prov, expected_greeting1(name));
+
+ EVP_set_default_properties(NULL, "");
+
+ return ret;
}
#ifndef NO_PROVIDER_MODULE
"Hello OpenSSL %.20s, greetings from %s!",
OPENSSL_VERSION_STR, name);
+
+ /*
+ * We set properties that we know the providers we are using don't have.
+ * This should mean that the p_test provider will fail any fetches - which
+ * is something we test inside the provider.
+ */
+ EVP_set_default_properties(*libctx, "fips=yes");
/*
- * Check that it is possible to have a built-in provider mirrored in
- * a child lib ctx.
- */
+ * Check that it is possible to have a built-in provider mirrored in
+ * a child lib ctx.
+ */
if (!TEST_ptr(base = OSSL_PROVIDER_load(*libctx, "base")))
goto err;
if (!TEST_ptr(prov = OSSL_PROVIDER_load(*libctx, name)))
goto err;
+
+ /*
+ * Once the provider is loaded we clear the default properties and fetches
+ * should start working again.
+ */
+ EVP_set_default_properties(*libctx, "");
if (dolegacycheck) {
if (!TEST_true(OSSL_PROVIDER_get_params(prov, digest_check))
|| !TEST_true(digestsuccess))
projects / openssl.git / commitdiff