summaryrefslogtreecommitdiff
path: root/src/regress (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Enable for TLSv1.3 now that shutdown behaviour matches the legacy stack.jsing2024-01-271-3/+1
|
* Add 'openssl x509 -new' functionality to the libcrypto CLI utilityjob2024-01-261-1/+50
| | | | | | | | | The ability to generate a new certificate is useful for testing and experimentation with rechaining PKIs. While there, alias '-key' to '-signkey' for compatibility. with and OK tb@
* Replace more occurrences of OBJ_NAME_do_all_sorted() withtb2024-01-211-7/+4
| | | | OBJ_NAME_do_all()
* Enable shutdown regress test.jsing2024-01-191-1/+2
|
* Add regress test coverage for SSL_shutdown().jsing2024-01-192-0/+546
| | | | | | | This tests and codifies the behaviour of SSL_shutdown() with respect to SSL_quiet_shutdown() and SSL_set_shutdown(). For now, only the legacy stack (TLSv1.2) is tested, as there are currently some subtle differences with the TLSv1.3 stack.
* ec_point_conversion: zap an empty linetb2024-01-181-2/+1
|
* Run the pkey cleanup test also for {Ed,X}25519tb2024-01-151-1/+3
|
* Switch to EVP_CIPHER_do_all() now that snaps are available on most archestb2024-01-151-5/+3
|
* appstest: Zap a trailing tab added in previoustb2024-01-121-2/+2
|
* Add -force_pubkey -multivalue-rdn -set_issuer -set_subject -utf8 to x509 appjob2024-01-121-1/+26
| | | | | | | | The -set_issuer, -set_subject, and -force_pubkey features can be used to 'rechain' PKIs, for more information see https://labs.apnic.net/nro-ta/ and https://blog.apnic.net/2023/12/14/models-of-trust-for-the-rpki/ OK tb@
* Remove the evp_pkey_method() testtb2024-01-111-38/+1
| | | | | This is a minimal test for an API that will be removed in a subsequent commit.
* Sprinkle a handfull of missing continuetb2023-12-311-1/+10
|
* Add extended regress coverage for ASN.1 methodstb2023-12-301-1/+147
| | | | | | | | Validate that every alias resolves to a non-alias in one step and that non-aliases have pkey_id == pkey_base_id, an info string and a pem_str. They can be looked up by their pkey_id or pem_str. Conversely, all these are false for aliases.
* Add initial regress for CRYPTO_EX_DATA.jsing2023-12-273-1/+237
|
* Remove engine regress.jsing2023-12-273-264/+1
| | | | | | Engines are no longer a thing. Discussed with tb@
* c2sp: replace openssl 3.0 with 3.2 supporttb2023-12-171-2/+2
|
* Remove the string_table testtb2023-12-152-130/+1
| | | | | | | | If it wasn't for security/xca, all of the ASN1_STRING_TABLE API would hit the attic before long. API design by a trained professional... The table can at least be made immutable, which in turn makes this test entirely pointless.
* rfc3779: remove redundant const.tb2023-12-131-5/+5
| | | | | This is already included in the typedef (yuck) and makes some Windows compilers unhappy.
* tlsexttest: \178 isn't a valid octal escape sequencetb2023-12-131-2/+2
|
* constraints: \178 isn't a valid octal escape sequencetb2023-12-131-2/+2
|
* x509_asn1: avoid lookup table that makes some compilers whinetb2023-12-131-59/+37
|
* evp_test: zap extra empty linetb2023-12-101-2/+1
|
* Add regress coverage for OBJ_NAME_do_all*()tb2023-12-081-2/+99
| | | | | | | While this may seem a bit out of place since is an objects API by name, it really is about EVP. Plus, we want to leverage some things we already needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all* but that will change soon).
* EVP test: fix includestb2023-11-271-3/+3
|
* EVP test: add regress coverage for the do_all() APItb2023-11-271-1/+132
|
* Still need engine.h for ENGINE_free()tb2023-11-201-1/+2
| | | | But do away with the OPENSSL_NO_ENGINE dance.
* Remove last OPENSSL_NO_ENGINE from libssl regresstb2023-11-191-7/+1
|
* Unifdef OPENSSL_NO_ENGINE in libcrypto regresstb2023-11-198-68/+8
|
* Fix an error message left out in the mustDecodeHexString() conversiontb2023-11-071-2/+2
|
* Pull up the handling of the two webcrypto special snowflakestb2023-11-071-13/+9
|
* Drop a useless line and bump copyright yearstb2023-11-071-4/+3
|
* Unwrap a few linestb2023-11-071-72/+32
|
* Wrap hex.DecodeString() into mustDecodeHexString()tb2023-11-071-390/+78
| | | | | | | | | | | | | The hex decoding is only done from the JSON files provided by the wycheproof-testvectors package. Failure is always fatal. So there is no need for repeated error checks, and we can use an ergonomic wrapper. Also rework the calculation of the message digest from input data this had a similar deficit. All in all this shaves off about 10% of the code and removes a lot of tedious repetition.
* Use maps to retrieve various AES variantstb2023-11-071-60/+72
|
* Convert hashEvpMdFromString() to a maptb2023-11-071-26/+19
|
* Add stringer interfaces to the test groupstb2023-11-071-102/+126
| | | | This simplifies and unifies a lot of error messages.
* Pull everything except the actual run call out of the closuretb2023-11-061-11/+9
| | | | | | | | The determination of the test group type and the JSON unmarshalling can be done before the closure without performance impact. This is more readable and eliminates the need of a temporary variable again. Suggested by jsing
* Introduce testGroupFromAlgorithm()tb2023-11-061-50/+54
| | | | | This factors another ugly switch into a helper function. This should probably become a map eventually, but for now keep things straightforward.
* Add a wycheproofTestGroupRunner interfacetb2023-11-061-72/+26
| | | | | This allows us to use a simpler way of running the individual test groups and gets rid of an ugly mostly copy-pasted switch inside a closure.
* Add aliases for AES AEAD constructions and ChaChatb2023-11-061-9/+12
| | | | | These used the wycheproofTestGroupAead type but an upcoming change requires to change this. Introduce the aliases now to make the next diff cleaner.
* Fix a for loop bug introduced in the concurrency refactortb2023-11-061-3/+4
| | | | | | | | | | | | | Due to Go's idiosyncratic semantics of for loops, tests would only run some of the test groups in the JSON file because by the time the closure is called, the array index could be changed. For example, on fast 8 core machines, the CMAC tests would run the last test group with key size 320 eight times rather than each of the eight test groups once. Make a copy of the pointer before passing it to the closure to avoid this issue. Simpler version of my initial fix from jsing
* Uncomment json webcrypto line. Packages will have caught up...tb2023-11-061-3/+2
|
* Remove 3 expected failures those got fixed in the regress code.claudio2023-10-311-4/+1
|
* unlink("/") just needs to error. Checking for a specific errno makesclaudio2023-10-311-2/+2
| | | | | | little sense here since there are multiple possible errnos that could be returned. On OpenBSD this returns EISDIR and not EBUSY. OK mbuhl@ millert@
* When creating a file in a directory the file gid is inherited fromclaudio2023-10-311-2/+2
| | | | | the directory and so checking against getgid() makes no sense. OK mbuhl@ millert@
* Ignore closefrom() failure. This fails normally since fd 4 and up are allclaudio2023-10-311-3/+2
| | | | | closed. OK mbuhl@ millert@
* Add support for OpenSSL 3.1 interop teststb2023-10-308-11/+74
| | | | | | Until OpenSSL 3.1 has replaced OpenSSL 3.0 on most architectures, run both tests. Installed packages of OpenSSL 3.0 will update automatically to 3.1, so regress runners should not need to do anything.
* Include wait(2) status in error message, in the hopes of providing cluesanton2023-10-271-2/+2
| | | | on why this occasionally fails.
* Provide prototype for X509_ALGOR_set_md()tb2023-10-261-1/+3
| | | | | | Once we remove X509_ALGOR_set_md() we can link this test statically and use X509_ALGOR_set_evp_md() but for now make sure the documented workaround for this garbage API works.
* A few more testsotto2023-10-221-1/+15
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 21:30:04 +0000