Test infrastructure additions.

    }

Changes to test/Makefile

========================

Changes to test/build.info

==========================

Whenever a new test involves a new test executable you need to do the

following (at all times, replace {NAME} and {name} with the name of your

test):

* among the variables for test executables at the beginning, add a line like

  this:

* add {name} to the list of programs under PROGRAMS_NO_INST

    {NAME}TEST= {name}test

* create a three line description of how to build the test, you will have

to modify the include paths and source files if you don't want to use the

basic test framework:

* add `$({NAME}TEST)$(EXE_EXT)' to the assignment of EXE:

    SOURCE[{name}]={name}.c testutil.c test_main.c

    INCLUDE[{name}]=.. ../include

    DEPEND[{name}]=../libcrypto

* add `$({NAME}TEST).o' to the assignment of OBJ:

Generic form of C test executables

==================================

* add `$({NAME}TEST).c' to the assignment of SRC:

    #include "test_main.h"

    #include "testutil.h"

* add the following lines for building the executable:

    static int my_test(void)

    {

        int testresult = 0;                 /* Assume the test will fail    */

        int observed;

        observed = function();              /* Call the code under test     */

        if (!TEST_int_equal(observed, 2))   /* Check the result is correct  */

            goto end;                       /* Exit on failure - optional   */

        testresult = 1;                     /* Mark the test case a success */

    end:

        cleanup();                          /* Any cleanup you require      */

        return testresult;

    }

    void register_tests(void)

    {

        ADD_TEST(my_test);                  /* Add each test separately     */

    }

    $({NAME}TEST)$(EXE_EXT): $({NAME}TEST).o $(DLIBCRYPTO)

           @target=$({NAME}TEST); $(BUILD_CMD)

You should use the TEST_xxx macros provided by testutil.h to test all failure

conditions.  These macros produce an error message in a standard format if the

condition is not met (and nothing if the condition is met).  Additional

information can be presented with the TEST_info macro that takes a printf

format string and arguments.  TEST_error is useful for complicated conditions,

it also takes a printf format string and argument.

        return 1;

    }

    TEST_error("asn1 standard methods out of order");

    for (tmp = standard_methods, i = 0; i < OSSL_NELEM(standard_methods);

         i++, tmp++)

        fprintf(stderr, "asn1 standard methods: Index %" OSSLzu

-}

IF[{- !$disabled{tests} -}]

  PROGRAMS_NO_INST=\

          aborttest \

          aborttest test_test \

          sanitytest exdatatest bntest \

          ectest ecdsatest ecdhtest gmdifftest pbelutest ideatest \

          md2test \

  INCLUDE[sanitytest]=../include

  DEPEND[sanitytest]=../libcrypto

  SOURCE[test_test]=test_test.c testutil.c test_main.c

  INCLUDE[test_test]=.. ../include

  DEPEND[test_test]=../libcrypto

  SOURCE[exdatatest]=exdatatest.c

  INCLUDE[exdatatest]=../include

  DEPEND[exdatatest]=../libcrypto

    OPENSSL_assert(ciphers != NULL);

    num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order);

    num_ciphers = sk_SSL_CIPHER_num(ciphers);

    if (num_ciphers != num_expected_ciphers) {

        fprintf(stderr, "Expected %d supported ciphers, got %d.\n",

                num_expected_ciphers, num_ciphers);

    if (!TEST_int_eq(num_ciphers, num_expected_ciphers))

        goto err;

    }

    for (i = 0; i < num_ciphers; i++) {

        expected_cipher_id = default_ciphers_in_order[i];

        cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i));

        if (cipher_id != expected_cipher_id) {

            fprintf(stderr, "Wrong cipher at position %d: expected %x, "

                    "got %x\n", i, expected_cipher_id, cipher_id);

        if (!TEST_int_eq(cipher_id, expected_cipher_id)) {

            TEST_info("Wrong cipher at position %d", i);

            goto err;

        }

    }

    STACK_OF(X509) *roots = sk_X509_new_null();

    int status = X509_V_ERR_UNSPECIFIED;

    if (ctx == NULL || store == NULL || param == NULL || roots == NULL)

    if (!TEST_ptr(ctx))

        goto err;

    if (!TEST_ptr(store))

        goto err;

    if (!TEST_ptr(param))

        goto err;

    if (!TEST_ptr(roots))

        goto err;

    /* Create a stack; upref the cert because we free it below. */

    X509_up_ref(root);

    if (!sk_X509_push(roots, root))

    if (!TEST_true(sk_X509_push(roots, root)))

        goto err;

    if (!X509_STORE_CTX_init(ctx, store, leaf, NULL))

    if (!TEST_true(X509_STORE_CTX_init(ctx, store, leaf, NULL)))

        goto err;

    X509_STORE_CTX_set0_trusted_stack(ctx, roots);

    X509_STORE_CTX_set0_crls(ctx, crls);

    X509_VERIFY_PARAM_set_time(param, PARAM_TIME);

    if (X509_VERIFY_PARAM_get_time(param) != PARAM_TIME) {

        fprintf(stderr, "set_time/get_time mismatch.\n");

    if (!TEST_long_eq(X509_VERIFY_PARAM_get_time(param), PARAM_TIME)) {

        TEST_info("set_time/get_time mismatch.");

        goto err;

    }

    X509_VERIFY_PARAM_set_depth(param, 16);

    X509_CRL *unknown_critical_crl2 = CRL_from_strings(kUnknownCriticalCRL2);

    int status = 0;

    if (root == NULL || leaf == NULL || basic_crl == NULL

            || revoked_crl == NULL || bad_issuer_crl == NULL

            || known_critical_crl == NULL || unknown_critical_crl == NULL

            || unknown_critical_crl2 == NULL) {

        fprintf(stderr, "Failed to parse certificates and CRLs.\n");

    if (!TEST_ptr(root))

        goto err;

    if (!TEST_ptr(leaf))

        goto err;

    if (!TEST_ptr(basic_crl))

        goto err;

    if (!TEST_ptr(revoked_crl))

        goto err;

    if (!TEST_ptr(bad_issuer_crl))

        goto err;

    if (!TEST_ptr(known_critical_crl))

        goto err;

    if (!TEST_ptr(unknown_critical_crl))

        goto err;

    if (!TEST_ptr(unknown_critical_crl2))

        goto err;

    }

    if (verify(leaf, root, make_CRL_stack(basic_crl, NULL),

               X509_V_FLAG_CRL_CHECK) != X509_V_OK) {

        fprintf(stderr, "Cert with CRL didn't verify.\n");

        TEST_info("Cert with CRL didn't verify.");

        goto err;

    }

    if (verify(leaf, root, make_CRL_stack(basic_crl, revoked_crl),

               X509_V_FLAG_CRL_CHECK) != X509_V_ERR_CERT_REVOKED) {

        fprintf(stderr, "Revoked CRL wasn't checked.\n");

        TEST_info("Revoked CRL wasn't checked.");

        goto err;

    }

    if (verify(leaf, root, NULL,

               X509_V_FLAG_CRL_CHECK) != X509_V_ERR_UNABLE_TO_GET_CRL) {

        fprintf(stderr, "CRLs were not required.\n");

        TEST_info("CRLs were not required.");

        goto err;

    }

    if (verify(leaf, root, make_CRL_stack(bad_issuer_crl, NULL),

               X509_V_FLAG_CRL_CHECK) != X509_V_ERR_UNABLE_TO_GET_CRL) {

        fprintf(stderr, "Bad CRL issuer was unnoticed.\n");

        TEST_info("Bad CRL issuer was unnoticed.");

        goto err;

    }

    if (verify(leaf, root, make_CRL_stack(known_critical_crl, NULL),

               X509_V_FLAG_CRL_CHECK) != X509_V_OK) {

        fprintf(stderr, "CRL with known critical extension was rejected.\n");

        TEST_info("CRL with known critical extension was rejected.");

        goto err;

    }

    if (verify(leaf, root, make_CRL_stack(unknown_critical_crl, NULL),

               X509_V_FLAG_CRL_CHECK) !=

            X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION) {

        fprintf(stderr, "CRL with unknown critical extension was accepted.\n");

        TEST_info("CRL with unknown critical extension was accepted.");

        goto err;

    }

    if (verify(leaf, root, make_CRL_stack(unknown_critical_crl2, NULL),

               X509_V_FLAG_CRL_CHECK) !=

            X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION) {

        fprintf(stderr, "CRL with unknown critical extension (2) was accepted.\n");

        TEST_info("CRL with unknown critical extension (2) was accepted.");

        goto err;

    }