diff options
author | Matt Caswell <matt@openssl.org> | 2018-07-13 16:11:46 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2018-07-13 18:14:43 +0100 |
commit | 1e839545803107b230a8177875de5994f85984de (patch) | |
tree | 85ccaf345b3d507ac44dc5de7df2991599090154 /test/recipes | |
parent | baa45c3e74e1202eb963d22821ed87c097506b05 (diff) |
Add a GOST test
Test that we never negotiate TLSv1.3 using GOST
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6650)
Diffstat (limited to 'test/recipes')
-rw-r--r-- | test/recipes/90-test_gost.t | 37 | ||||
-rw-r--r-- | test/recipes/90-test_gost_data/gost.conf | 13 | ||||
-rw-r--r-- | test/recipes/90-test_gost_data/server-cert2001.pem | 13 | ||||
-rw-r--r-- | test/recipes/90-test_gost_data/server-cert2012.pem | 13 | ||||
-rw-r--r-- | test/recipes/90-test_gost_data/server-key2001.pem | 4 | ||||
-rw-r--r-- | test/recipes/90-test_gost_data/server-key2012.pem | 4 |
6 files changed, 84 insertions, 0 deletions
diff --git a/test/recipes/90-test_gost.t b/test/recipes/90-test_gost.t new file mode 100644 index 0000000000..00f95af20c --- /dev/null +++ b/test/recipes/90-test_gost.t @@ -0,0 +1,37 @@ +#! /usr/bin/env perl +# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use OpenSSL::Test::Utils; +use OpenSSL::Test qw/:DEFAULT srctop_file/; + +setup("test_gost"); + +plan skip_all => "GOST support is disabled in this OpenSSL build" + if disabled("gost"); + +plan skip_all => "TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build" + if disabled("tls1_3") || disabled("tls1_2"); + +plan skip_all => "No test GOST engine found" + if !$ENV{OPENSSL_GOST_ENGINE_SO}; + +plan tests => 1; + +$ENV{OPENSSL_CONF} = srctop_file("test", "recipes", "90-test_gost_data", + "gost.conf"); + +ok(run(test(["gosttest", + srctop_file("test", "recipes", "90-test_gost_data", + "server-cert2001.pem"), + srctop_file("test", "recipes", "90-test_gost_data", + "server-key2001.pem"), + srctop_file("test", "recipes", "90-test_gost_data", + "server-cert2012.pem"), + srctop_file("test", "recipes", "90-test_gost_data", + "server-key2012.pem")])), + "running gosttest"); diff --git a/test/recipes/90-test_gost_data/gost.conf b/test/recipes/90-test_gost_data/gost.conf new file mode 100644 index 0000000000..1f42b9d87f --- /dev/null +++ b/test/recipes/90-test_gost_data/gost.conf @@ -0,0 +1,13 @@ +openssl_conf = openssl_def +[openssl_def] +engines = engine_section + +[engine_section] +gost = gost_section + +[gost_section] +engine_id = gost +dynamic_path = $ENV::OPENSSL_GOST_ENGINE_SO +default_algorithms = ALL +CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet + diff --git a/test/recipes/90-test_gost_data/server-cert2001.pem b/test/recipes/90-test_gost_data/server-cert2001.pem new file mode 100644 index 0000000000..e287821f82 --- /dev/null +++ b/test/recipes/90-test_gost_data/server-cert2001.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB4jCCAY+gAwIBAgIUNKO10+LkPoYGkOqNJ2wv1YI8RpQwCgYGKoUDAgIDBQAw +RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu +dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xODA3MTMxNTAzMDFaFw0yODA3MTAx +NTAzMDFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD +VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwYzAcBgYqhQMCAhMwEgYHKoUD +AgIjAQYHKoUDAgIeAQNDAARAyDUhXsZP1JSLkvZ3xaU4aHXxAGKDwpawJ89+3B+N +lD7FS48QUIeoQrv9hn1B/kVuVxJwU4CeZRQohLvc5IkzJ6NTMFEwHQYDVR0OBBYE +FEz6BbScOOWYqklNGMTbyikZG/cRMB8GA1UdIwQYMBaAFEz6BbScOOWYqklNGMTb +yikZG/cRMA8GA1UdEwEB/wQFMAMBAf8wCgYGKoUDAgIDBQADQQAbkdWo441FqSbB +13JTW498NOzHZn69wnjYsOmMHLCdEHBTHVCa/g1wHPc4CyYk4UfMRWz5awzb6zNB +TncjMl2a +-----END CERTIFICATE----- diff --git a/test/recipes/90-test_gost_data/server-cert2012.pem b/test/recipes/90-test_gost_data/server-cert2012.pem new file mode 100644 index 0000000000..85d13c6388 --- /dev/null +++ b/test/recipes/90-test_gost_data/server-cert2012.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB6TCCAZSgAwIBAgIUVF/ajykAyHqQm1n6K1JdMFX/O6owDAYIKoUDBwEBAwIF +ADBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwY +SW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMB4XDTE4MDcxMzE0MzcxNVoXDTI4MDcx +MDE0MzcxNVowRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAf +BgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDBmMB8GCCqFAwcBAQEBMBMG +ByqFAwICIwEGCCqFAwcBAQICA0MABEDIj2JgFybRexBIdkG7bI//Z8woXbpC/hpg +62qflBE/dHnWVnbzpJUVeSd5sAkP7Ta0qrrs5YdW4MBIM/VPbDVOo1MwUTAdBgNV +HQ4EFgQUFZtRh6plQ3nHf1A+7ayjYw9B1X0wHwYDVR0jBBgwFoAUFZtRh6plQ3nH +f1A+7ayjYw9B1X0wDwYDVR0TAQH/BAUwAwEB/zAMBggqhQMHAQEDAgUAA0EAMttA +fMPa3YFO9db/xIS9wMB7ntbtibeZEJlngaPu5gvfdNmCY0uzjY2c3yPr9dDq84j7 +gSqY1VwVBLuKrpLC+w== +-----END CERTIFICATE----- diff --git a/test/recipes/90-test_gost_data/server-key2001.pem b/test/recipes/90-test_gost_data/server-key2001.pem new file mode 100644 index 0000000000..92a59d8e68 --- /dev/null +++ b/test/recipes/90-test_gost_data/server-key2001.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEMCAQAwHAYGKoUDAgITMBIGByqFAwICIwEGByqFAwICHgEEIJgoLqJR/05zND0f +8Wnma1MFMxE7ezisZhkS/DL4DXb6 +-----END PRIVATE KEY----- diff --git a/test/recipes/90-test_gost_data/server-key2012.pem b/test/recipes/90-test_gost_data/server-key2012.pem new file mode 100644 index 0000000000..e932f0dd77 --- /dev/null +++ b/test/recipes/90-test_gost_data/server-key2012.pem @@ -0,0 +1,4 @@ +-----BEGIN PRIVATE KEY----- +MEYCAQAwHwYIKoUDBwEBAQEwEwYHKoUDAgIjAQYIKoUDBwEBAgIEILemtIak5CeX +Jd75HfVqAMi1MfhxW7kGvGDj8l1/nF45 +-----END PRIVATE KEY----- |