diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-05-02 06:17:54 +0200 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2020-05-02 06:17:54 +0200 |
commit | e0624f0d702b57e23ecaf5236ce1bafdd85ec649 (patch) | |
tree | efb58c3011ac51de4fdcf093380e76df083941fa /test/property_test.c | |
parent | make update for SSL_new_session_ticket (diff) | |
download | openssl-e0624f0d702b57e23ecaf5236ce1bafdd85ec649.tar.xz openssl-e0624f0d702b57e23ecaf5236ce1bafdd85ec649.zip |
Add default property API's to enable and test for fips
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11239)
Diffstat (limited to 'test/property_test.c')
-rw-r--r-- | test/property_test.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/test/property_test.c b/test/property_test.c index ca407b2ba4..aad43b9184 100644 --- a/test/property_test.c +++ b/test/property_test.c @@ -9,6 +9,7 @@ */ #include <stdarg.h> +#include <openssl/evp.h> #include "testutil.h" #include "internal/nelem.h" #include "internal/property.h" @@ -383,6 +384,35 @@ err: return res; } +static int test_fips_mode(void) +{ + int ret = 0; + OPENSSL_CTX *ctx = NULL; + + if (!TEST_ptr(ctx = OPENSSL_CTX_new())) + goto err; + + ret = TEST_true(EVP_set_default_properties(ctx, "default=yes,fips=yes")) + && TEST_true(EVP_default_properties_is_fips_enabled(ctx)) + && TEST_true(EVP_set_default_properties(ctx, "fips=no,default=yes")) + && TEST_false(EVP_default_properties_is_fips_enabled(ctx)) + && TEST_true(EVP_set_default_properties(ctx, "fips=no")) + && TEST_false(EVP_default_properties_is_fips_enabled(ctx)) + && TEST_true(EVP_set_default_properties(ctx, "fips!=no")) + && TEST_true(EVP_default_properties_is_fips_enabled(ctx)) + && TEST_true(EVP_set_default_properties(ctx, "fips=no")) + && TEST_false(EVP_default_properties_is_fips_enabled(ctx)) + && TEST_true(EVP_set_default_properties(ctx, "fips=no,default=yes")) + && TEST_true(EVP_default_properties_enable_fips(ctx, 1)) + && TEST_true(EVP_default_properties_is_fips_enabled(ctx)) + && TEST_true(EVP_default_properties_enable_fips(ctx, 0)) + && TEST_false(EVP_default_properties_is_fips_enabled(ctx)); +err: + OPENSSL_CTX_free(ctx); + return ret; +} + + int setup_tests(void) { ADD_TEST(test_property_string); @@ -393,5 +423,6 @@ int setup_tests(void) ADD_TEST(test_register_deregister); ADD_TEST(test_property); ADD_TEST(test_query_cache_stochastic); + ADD_TEST(test_fips_mode); return 1; } |