# Auto generated test cases for info.csv
# Load Tcl Test package
if {[lsearch [namespace children] ::tcltest] == -1} {
package require tcltest
namespace import ::tcltest::*
}
set auto_path [concat [list [file dirname [file dirname [info script]]]] $auto_path]
package require tls
# Make sure path includes location of OpenSSL executable
if {[info exists ::env(OPENSSL)]} {set ::env(path) [string cat [file join $::env(OPENSSL) bin] ";" $::env(path)]}
# Constraints
source [file join [file dirname [info script]] common.tcl]
# Helper functions
proc lcompare {list1 list2} {
set m ""
set u ""
foreach i $list1 {
if {$i ni $list2} {
lappend m $i
}
}
foreach i $list2 {
if {$i ni $list1} {
lappend u $i
}
}
return [list "missing" $m "unexpected" $u]
}
proc exec_get {delim args} {
return [split [exec openssl {*}$args] $delim]
}
proc exec_get_ciphers {} {
set list [list]
set data [exec openssl list -cipher-algorithms]
foreach line [split $data "\n"] {
set line [string trim $line]
if {$line eq "Legacy:"} continue
if {$line eq "Provided:"} break
foreach {cipher ptr alias} [split [string trim $line]] {
lappend list [string tolower $cipher]
}
}
return [lsort -unique $list]
}
proc exec_get_digests {} {
set list [list]
set data [exec openssl dgst -list]
foreach line [split $data "\n"] {
foreach digest $line {
if {[string match "-*" $digest]} {
lappend list [string trimleft $digest "-"]}
}
}
return [lsort $list]
}
proc exec_get_pkeys {} {
set list [list]
set data [exec openssl list -public-key-methods]
foreach line [split $data "\n"] {
set line [string trim $line]
if {$line eq "Legacy:" || [string match "Type:*" $line]} continue
if {$line eq "Provided:"} break
lappend list [string trim $line]
}
return $list
}
proc exec_get_macs {} {
return [list cmac hmac]
}
proc list_tolower {list} {
set result [list]
foreach element $list {
lappend result [string tolower $element]
}
return $result
}
# Test list ciphers
test Ciphers_List-1.1 {All} -body {
lcompare [lsort [exec_get_ciphers]] [list_tolower [lsort [::tls::ciphers]]]
} -result {missing {} unexpected {aes-128-ccm aes-128-gcm aes-192-ccm aes-192-gcm aes-256-ccm aes-256-gcm}}
# Test list ciphers for protocols
test Ciphers_By_Protocol-2.1 {SSL2} -constraints {ssl2} -body {
lcompare [exec_get ":" ciphers -ssl2] [::tls::ciphers ssl2]
} -result {missing {} unexpected {}}
test Ciphers_By_Protocol-2.2 {SSL3} -constraints {ssl3} -body {
lcompare [exec_get ":" ciphers -ssl3] [::tls::ciphers ssl3]
} -result {missing {} unexpected {}}
test Ciphers_By_Protocol-2.3 {TLS1.0} -constraints {tls1} -body {
lcompare [exec_get ":" ciphers -tls1] [::tls::ciphers tls1]
} -result {missing {} unexpected {}}
test Ciphers_By_Protocol-2.4 {TLS1.1} -constraints {tls1.1} -body {
lcompare [exec_get ":" ciphers -tls1_1] [::tls::ciphers tls1.1]
} -result {missing {} unexpected {}}
test Ciphers_By_Protocol-2.5 {TLS1.2} -constraints {tls1.2} -body {
lcompare [exec_get ":" ciphers -tls1_2] [::tls::ciphers tls1.2]
} -result {missing {} unexpected {}}
test Ciphers_By_Protocol-2.6 {TLS1.3} -constraints {tls1.3} -body {
lcompare [exec_get ":" ciphers -tls1_3] [::tls::ciphers tls1.3]
} -result {missing {} unexpected {}}
# Test cipher descriptions
test Ciphers_With_Descriptions-3.1 {SSL2} -constraints {ssl2} -body {
lcompare [exec_get "\r\n" ciphers -ssl2 -v] [split [string trim [::tls::ciphers ssl2 1]] \n]
} -result {missing {} unexpected {}}
test Ciphers_With_Descriptions-3.2 {SSL3} -constraints {ssl3} -body {
lcompare [exec_get "\r\n" ciphers -ssl3 -v] [split [string trim [::tls::ciphers ssl3 1]] \n]
} -result {missing {} unexpected {}}
test Ciphers_With_Descriptions-3.3 {TLS1.0} -constraints {tls1} -body {
lcompare [exec_get "\r\n" ciphers -tls1 -v] [split [string trim [::tls::ciphers tls1 1]] \n]
} -result {missing {} unexpected {}}
test Ciphers_With_Descriptions-3.4 {TLS1.1} -constraints {tls1.1} -body {
lcompare [exec_get "\r\n" ciphers -tls1_1 -v] [split [string trim [::tls::ciphers tls1.1 1]] \n]
} -result {missing {} unexpected {}}
test Ciphers_With_Descriptions-3.5 {TLS1.2} -constraints {tls1.2} -body {
lcompare [exec_get "\r\n" ciphers -tls1_2 -v] [split [string trim [::tls::ciphers tls1.2 1]] \n]
} -result {missing {} unexpected {}}
test Ciphers_With_Descriptions-3.6 {TLS1.3} -constraints {tls1.3} -body {
lcompare [exec_get "\r\n" ciphers -tls1_3 -v] [split [string trim [::tls::ciphers tls1.3 1]] \n]
} -result {missing {} unexpected {}}
# Test protocol specific ciphers
test Ciphers_Protocol_Specific-4.1 {SSL2} -constraints {ssl2} -body {
lcompare [exec_get ":" ciphers -ssl2 -s] [::tls::ciphers ssl2 0 1]
} -result {missing {} unexpected {}}
test Ciphers_Protocol_Specific-4.2 {SSL3} -constraints {ssl3} -body {
lcompare [exec_get ":" ciphers -ssl3 -s] [::tls::ciphers ssl3 0 1]
} -result {missing {} unexpected {}}
test Ciphers_Protocol_Specific-4.3 {TLS1.0} -constraints {tls1} -body {
lcompare [exec_get ":" ciphers -tls1 -s] [::tls::ciphers tls1 0 1]
} -result {missing {} unexpected {}}
test Ciphers_Protocol_Specific-4.4 {TLS1.1} -constraints {tls1.1} -body {
lcompare [exec_get ":" ciphers -tls1_1 -s] [::tls::ciphers tls1.1 0 1]
} -result {missing {} unexpected {}}
test Ciphers_Protocol_Specific-4.5 {TLS1.2} -constraints {tls1.2} -body {
lcompare [exec_get ":" ciphers -tls1_2 -s] [::tls::ciphers tls1.2 0 1]
} -result {missing {} unexpected {}}
test Ciphers_Protocol_Specific-4.6 {TLS1.3} -constraints {tls1.3} -body {
lcompare [exec_get ":" ciphers -tls1_3 -s] [::tls::ciphers tls1.3 0 1]
} -result {missing {} unexpected {}}
# Ciphers Error Cases
test Ciphers_Errors-5.1 {Too many args} -body {
::tls::ciphers too many args to pass
} -result {wrong # args: should be "::tls::ciphers ?protocol? ?verbose? ?supported?"} -returnCodes {1}
test Ciphers_Errors-5.2 {Invalid protocol} -body {
::tls::ciphers bogus
} -result {bad protocol "bogus": must be ssl2, ssl3, tls1, tls1.1, tls1.2, or tls1.3} -returnCodes {1}
test Ciphers_Errors-5.3 {Invalid verbose} -body {
::tls::ciphers tls1.3 bogus
} -result {expected boolean value but got "bogus"} -returnCodes {1}
test Ciphers_Errors-5.4 {Invalid supported} -body {
::tls::ciphers tls1.3 1 bogus
} -result {expected boolean value but got "bogus"} -returnCodes {1}
test Ciphers_Errors-5.5 {SSL2} -constraints {!ssl2} -body {
::tls::ciphers ssl2
} -result {ssl2: protocol not supported} -returnCodes {1}
test Ciphers_Errors-5.6 {SSL3} -constraints {!ssl3} -body {
::tls::ciphers ssl3
} -result {ssl3: protocol not supported} -returnCodes {1}
test Ciphers_Errors-5.7 {TLS1.0} -constraints {!tls1} -body {
::tls::ciphers tls1
} -result {tls1: protocol not supported} -returnCodes {1}
test Ciphers_Errors-5.8 {TLS1.1} -constraints {!tls1.1} -body {
::tls::ciphers tls1.1
} -result {tls1.0: protocol not supported} -returnCodes {1}
test Ciphers_Errors-5.9 {TLS1.2} -constraints {!tls1.2} -body {
::tls::ciphers tls1.2
} -result {tls1.1: protocol not supported} -returnCodes {1}
test Ciphers_Errors-5.10 {TLS1.3} -constraints {!tls1.3} -body {
::tls::ciphers tls1.3
} -result {tls1.3: protocol not supported} -returnCodes {1}
# Test Cipher Info
test Cipher_Info-6.1 {AES-256-CCM} -body {
tls::cipher aes-256-ccm
} -result {nid aes-256-ccm name id-aes256-CCM description {} block_size 1 key_length 32 iv_length 12 type aes-256-ccm provider {} mode CCM flags {{Variable Length} 0 {Always Call Init} 1 {Custom IV} 1 {Control Init} 1 {Custom Cipher} 1 {AEAD Cipher} 1 {Custom Copy} 1 {Non FIPS Allow} 0} tag_length 16 aad_length 13}
# Test list digests
test Digests_List-7.1 {All} -body {
lcompare [lsort [exec_get_digests]] [lsort [tls::digests]]
} -result {missing {} unexpected {}}
# Test Digest Info
test Digest_Info-8.1 {md5} -body {
tls::digests md5
} -result {name MD5 description {} size 16 block_size 64 provider {} type md5 pkey_type md5WithRSAEncryption flags {One-shot 0 XOF 0 DigestAlgorithmId_NULL 0 DigestAlgorithmId_Abscent 0 DigestAlgorithmId_Custom 0 FIPS 0}}
# Test list MACs
test MAC_List-9.1 {All} -body {
lcompare [exec_get_macs] [tls::macs]
} -result {missing {} unexpected {}}
# Test list Pkeys
test Pkey_List-10.1 {All} -body {
lcompare [exec_get_pkeys] [tls::pkeys]
} -result {missing {} unexpected {}}
# Test list protocols
test Protocols-11.1 {All} -body {
lcompare $::protocols [::tls::protocols]
} -result {missing {ssl2 ssl3} unexpected {}}
# Test show version
test Version-12.1 {All} -body {
::tls::version
} -match {glob} -result {*}
test Version-12.2 {OpenSSL} -constraints {OpenSSL} -body {
::tls::version
} -match {glob} -result {OpenSSL*}
# Error Cases
test Error_Cases-13.1 {Cipher too many args} -body {
::tls::cipher too many args
} -result {wrong # args: should be "::tls::cipher ?name?"} -returnCodes {1}
test Error_Cases-13.2 {Digests too many args} -body {
::tls::digests too many args
} -result {wrong # args: should be "::tls::digests ?name?"} -returnCodes {1}
test Error_Cases-13.3 {MACs too many args} -body {
::tls::macs too many args
} -result {wrong # args: should be "::tls::macs ?name?"} -returnCodes {1}
test Error_Cases-13.4 {Pkeys too many args} -body {
::tls::pkeys too many args
} -result {wrong # args: should be "::tls::pkeys ?name?"} -returnCodes {1}
test Error_Cases-13.5 {Protocols too many args} -body {
::tls::protocols too many args
} -result {wrong # args: should be "::tls::protocols"} -returnCodes {1}
test Error_Cases-13.6 {Version too many args} -body {
::tls::version too many args
} -result {wrong # args: should be "::tls::version"} -returnCodes {1}
# Provider command
test Provider-14.1 {Provider too few args} -constraints {new_api} -body {
::tls::provider
} -result {wrong # args: should be "::tls::provider name"} -returnCodes {1}
test Provider-14.2 {Provider too few args} -constraints {new_api} -body {
::tls::provider too many args
} -result {wrong # args: should be "::tls::provider name"} -returnCodes {1}
test Provider-14.3 {Provider invalid arg} -constraints {new_api} -body {
::tls::provider invalid
} -result {could not load the shared library} -returnCodes {1}
test Provider-14.4 {Provider legacy provider} -constraints {new_api} -body {
::tls::provider legacy
}
# Cleanup
::tcltest::cleanupTests
return