From f648f74bb3880871a182f3a7d507f56ba8ff3096 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 6 Mar 2024 13:32:20 +0100 Subject: [PATCH 1/5] correct static build testing --- test/oqs_test_endecode.c | 3 +-- test/oqs_test_kems.c | 7 +++---- test/oqs_test_signatures.c | 6 +++--- test/oqs_test_tlssig.c | 6 +++++- test/test_common.c | 6 ++++-- test/test_common.h | 2 +- 6 files changed, 17 insertions(+), 13 deletions(-) diff --git a/test/oqs_test_endecode.c b/test/oqs_test_endecode.c index 1427d121..8f20e78f 100644 --- a/test/oqs_test_endecode.c +++ b/test/oqs_test_endecode.c @@ -248,11 +248,10 @@ int main(int argc, char *argv[]) keyctx = OSSL_LIB_CTX_new(); - load_oqs_provider(keyctx, modulename, configfile); + oqsprov = load_oqs_provider(keyctx, modulename, configfile); dfltprov = OSSL_PROVIDER_load(keyctx, "default"); keyprov = OSSL_PROVIDER_load(keyctx, modulename); - oqsprov = OSSL_PROVIDER_load(libctx, modulename); algs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_SIGNATURE, &query_nocache); diff --git a/test/oqs_test_kems.c b/test/oqs_test_kems.c index 4b734aa9..ca345c31 100644 --- a/test/oqs_test_kems.c +++ b/test/oqs_test_kems.c @@ -87,9 +87,7 @@ int main(int argc, char *argv[]) modulename = argv[1]; configfile = argv[2]; - load_oqs_provider(libctx, modulename, configfile); - - oqsprov = OSSL_PROVIDER_load(libctx, modulename); + oqsprov = load_oqs_provider(libctx, modulename, configfile); kemalgs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_KEM, &query_nocache); @@ -108,7 +106,8 @@ int main(int argc, char *argv[]) } OSSL_LIB_CTX_free(libctx); - + if (OPENSSL_VERSION_PREREQ(3, 1)) + OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x TEST_ASSERT(errcnt == 0) return !test; } diff --git a/test/oqs_test_signatures.c b/test/oqs_test_signatures.c index b1137839..547a29ba 100644 --- a/test/oqs_test_signatures.c +++ b/test/oqs_test_signatures.c @@ -103,9 +103,7 @@ int main(int argc, char *argv[]) modulename = argv[1]; configfile = argv[2]; - load_oqs_provider(libctx, modulename, configfile); - - oqsprov = OSSL_PROVIDER_load(libctx, modulename); + oqsprov = load_oqs_provider(libctx, modulename, configfile); sigalgs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_SIGNATURE, &query_nocache); @@ -125,6 +123,8 @@ int main(int argc, char *argv[]) } OSSL_LIB_CTX_free(libctx); + if (OPENSSL_VERSION_PREREQ(3, 1)) + OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x TEST_ASSERT(errcnt == 0) return !test; diff --git a/test/oqs_test_tlssig.c b/test/oqs_test_tlssig.c index a735570a..405e343e 100644 --- a/test/oqs_test_tlssig.c +++ b/test/oqs_test_tlssig.c @@ -149,6 +149,7 @@ int main(int argc, char *argv[]) { size_t i; int errcnt = 0, test = 0; + OSSL_PROVIDER *oqsprov = NULL; #ifndef OPENSSL_NO_TRACE fprintf(stderr, @@ -163,9 +164,10 @@ int main(int argc, char *argv[]) configfile = argv[2]; certsdir = argv[3]; - load_oqs_provider(libctx, modulename, configfile); + oqsprov = load_oqs_provider(libctx, modulename, configfile); T(OSSL_PROVIDER_available(libctx, "default")); + T(OSSL_PROVIDER_available(libctx, modulename)); #ifdef OSSL_CAPABILITY_TLS_SIGALG_NAME // crashes: EVP_SIGNATURE_do_all_provided(libctx, test_oqs_sigs, &errcnt); @@ -177,6 +179,8 @@ int main(int argc, char *argv[]) #endif OSSL_LIB_CTX_free(libctx); + if (OPENSSL_VERSION_PREREQ(3, 1)) + OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x TEST_ASSERT(errcnt == 0) return !test; } diff --git a/test/test_common.c b/test/test_common.c index 19382c9c..7f2b384b 100644 --- a/test/test_common.c +++ b/test/test_common.c @@ -44,11 +44,12 @@ int alg_is_enabled(const char *algname) #ifndef OQS_PROVIDER_STATIC /* Loads the oqs-provider from a shared module (.so). */ -void load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, +OSSL_PROVIDER *load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, const char *configfile) { T(OSSL_LIB_CTX_load_config(libctx, configfile)); T(OSSL_PROVIDER_available(libctx, modulename)); + return OSSL_PROVIDER_load(libctx, modulename); } #else @@ -56,13 +57,14 @@ void load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, extern OSSL_provider_init_fn OQS_PROVIDER_ENTRYPOINT_NAME; /* Loads the statically linked oqs-provider. */ -void load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, +OSSL_PROVIDER *load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, const char *configfile) { (void)configfile; T(OSSL_PROVIDER_add_builtin(libctx, modulename, OQS_PROVIDER_ENTRYPOINT_NAME)); T(OSSL_PROVIDER_load(libctx, "default")); + return OSSL_PROVIDER_load(libctx, modulename); } #endif // ifndef OQS_PROVIDER_STATIC diff --git a/test/test_common.h b/test/test_common.h index 844796a0..99cede16 100644 --- a/test/test_common.h +++ b/test/test_common.h @@ -37,5 +37,5 @@ void hexdump(const void *ptr, size_t len); int alg_is_enabled(const char *algname); /* Loads the oqs-provider. */ -void load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, +OSSL_PROVIDER* load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, const char *configfile); From 8be88ad752ae339ebf3b05ec1a12b559c7a234b0 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 6 Mar 2024 13:35:32 +0100 Subject: [PATCH 2/5] fix clang-formatting errors --- test/test_common.c | 4 ++-- test/test_common.h | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test/test_common.c b/test/test_common.c index 7f2b384b..c7fdfa8f 100644 --- a/test/test_common.c +++ b/test/test_common.c @@ -45,7 +45,7 @@ int alg_is_enabled(const char *algname) /* Loads the oqs-provider from a shared module (.so). */ OSSL_PROVIDER *load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, - const char *configfile) + const char *configfile) { T(OSSL_LIB_CTX_load_config(libctx, configfile)); T(OSSL_PROVIDER_available(libctx, modulename)); @@ -58,7 +58,7 @@ extern OSSL_provider_init_fn OQS_PROVIDER_ENTRYPOINT_NAME; /* Loads the statically linked oqs-provider. */ OSSL_PROVIDER *load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, - const char *configfile) + const char *configfile) { (void)configfile; T(OSSL_PROVIDER_add_builtin(libctx, modulename, diff --git a/test/test_common.h b/test/test_common.h index 99cede16..6f45973e 100644 --- a/test/test_common.h +++ b/test/test_common.h @@ -37,5 +37,5 @@ void hexdump(const void *ptr, size_t len); int alg_is_enabled(const char *algname); /* Loads the oqs-provider. */ -OSSL_PROVIDER* load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, - const char *configfile); +OSSL_PROVIDER *load_oqs_provider(OSSL_LIB_CTX *libctx, const char *modulename, + const char *configfile); From 6c7c9da59487b4273e4a50d2b69d84ea52ceda32 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 6 Mar 2024 15:52:54 +0100 Subject: [PATCH 3/5] unload before free --- test/oqs_test_kems.c | 2 +- test/oqs_test_signatures.c | 2 +- test/oqs_test_tlssig.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/test/oqs_test_kems.c b/test/oqs_test_kems.c index ca345c31..3b55bd38 100644 --- a/test/oqs_test_kems.c +++ b/test/oqs_test_kems.c @@ -105,9 +105,9 @@ int main(int argc, char *argv[]) } } - OSSL_LIB_CTX_free(libctx); if (OPENSSL_VERSION_PREREQ(3, 1)) OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x + OSSL_LIB_CTX_free(libctx); TEST_ASSERT(errcnt == 0) return !test; } diff --git a/test/oqs_test_signatures.c b/test/oqs_test_signatures.c index 547a29ba..1277ff0a 100644 --- a/test/oqs_test_signatures.c +++ b/test/oqs_test_signatures.c @@ -122,9 +122,9 @@ int main(int argc, char *argv[]) } } - OSSL_LIB_CTX_free(libctx); if (OPENSSL_VERSION_PREREQ(3, 1)) OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x + OSSL_LIB_CTX_free(libctx); TEST_ASSERT(errcnt == 0) return !test; diff --git a/test/oqs_test_tlssig.c b/test/oqs_test_tlssig.c index 405e343e..d1f114b0 100644 --- a/test/oqs_test_tlssig.c +++ b/test/oqs_test_tlssig.c @@ -178,9 +178,9 @@ int main(int argc, char *argv[]) "TLS-SIG handshake test not enabled. Update OpenSSL to more current version.\n"); #endif - OSSL_LIB_CTX_free(libctx); if (OPENSSL_VERSION_PREREQ(3, 1)) OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x + OSSL_LIB_CTX_free(libctx); TEST_ASSERT(errcnt == 0) return !test; } From 260f27a531c1f8d23cce420d27e7c748ae379613 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 6 Mar 2024 16:21:53 +0100 Subject: [PATCH 4/5] add prov load/unload pattern to encode_decode test --- test/oqs_test_endecode.c | 15 ++++++++------- test/oqs_test_groups.c | 5 ++++- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/test/oqs_test_endecode.c b/test/oqs_test_endecode.c index 8f20e78f..21e13c34 100644 --- a/test/oqs_test_endecode.c +++ b/test/oqs_test_endecode.c @@ -244,13 +244,13 @@ int main(int argc, char *argv[]) modulename = argv[1]; configfile = argv[2]; - load_oqs_provider(libctx, modulename, configfile); + oqsprov = load_oqs_provider(libctx, modulename, configfile); keyctx = OSSL_LIB_CTX_new(); - oqsprov = load_oqs_provider(keyctx, modulename, configfile); - dfltprov = OSSL_PROVIDER_load(keyctx, "default"); + + // possible as oqs_provider init (static or dynamic) has already been done: keyprov = OSSL_PROVIDER_load(keyctx, modulename); algs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_SIGNATURE, @@ -276,10 +276,11 @@ int main(int argc, char *argv[]) } #endif /* OQS_KEM_ENCODERS */ - OSSL_PROVIDER_unload(dfltprov); - OSSL_PROVIDER_unload(keyprov); - if (OPENSSL_VERSION_PREREQ(3, 1)) - OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x + if (OPENSSL_VERSION_PREREQ(3, 1)) { // avoid crash in 3.0.x + OSSL_PROVIDER_unload(dfltprov); + OSSL_PROVIDER_unload(keyprov); + OSSL_PROVIDER_unload(oqsprov); + } OSSL_LIB_CTX_free(libctx); OSSL_LIB_CTX_free(keyctx); diff --git a/test/oqs_test_groups.c b/test/oqs_test_groups.c index 171d2b44..eb31b38a 100644 --- a/test/oqs_test_groups.c +++ b/test/oqs_test_groups.c @@ -132,6 +132,7 @@ int main(int argc, char *argv[]) { size_t i; int errcnt = 0, test = 0; + OSSL_PROVIDER *oqsprov = NULL; T((libctx = OSSL_LIB_CTX_new()) != NULL); T(argc == 4); @@ -142,7 +143,7 @@ int main(int argc, char *argv[]) T(cert = test_mk_file_path(certsdir, "servercert.pem")); T(privkey = test_mk_file_path(certsdir, "serverkey.pem")); - load_oqs_provider(libctx, modulename, configfile); + oqsprov = load_oqs_provider(libctx, modulename, configfile); T(OSSL_PROVIDER_available(libctx, "default")); @@ -150,6 +151,8 @@ int main(int argc, char *argv[]) OPENSSL_free(cert); OPENSSL_free(privkey); + if (OPENSSL_VERSION_PREREQ(3, 1)) + OSSL_PROVIDER_unload(oqsprov); // avoid crash in 3.0.x OSSL_LIB_CTX_free(libctx); TEST_ASSERT(errcnt == 0) return !test; From a8aedb95c65394bfc3227bf818f6dde91deb99b2 Mon Sep 17 00:00:00 2001 From: Michael Baentsch <57787676+baentsch@users.noreply.github.com> Date: Wed, 6 Mar 2024 16:48:06 +0100 Subject: [PATCH 5/5] correct en/decode keyprov load --- test/oqs_test_endecode.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/oqs_test_endecode.c b/test/oqs_test_endecode.c index 21e13c34..e777045c 100644 --- a/test/oqs_test_endecode.c +++ b/test/oqs_test_endecode.c @@ -250,8 +250,7 @@ int main(int argc, char *argv[]) dfltprov = OSSL_PROVIDER_load(keyctx, "default"); - // possible as oqs_provider init (static or dynamic) has already been done: - keyprov = OSSL_PROVIDER_load(keyctx, modulename); + keyprov = load_oqs_provider(keyctx, modulename, configfile); algs = OSSL_PROVIDER_query_operation(oqsprov, OSSL_OP_SIGNATURE, &query_nocache);