Add test crate

Signed-off-by: Gowtham Suresh Kumar <gowtham.sureshkumar@arm.com>

Author: gowthamsk-arm

Cargo.toml

@@ -4,4 +4,5 @@ members = [
     "parsec-openssl2",
     "parsec-openssl-provider",
     "parsec-openssl-provider-shared",
+    "parsec-openssl-provider-shared-test",
 ]

parsec-openssl-provider-shared-test/Cargo.toml

@@ -0,0 +1,21 @@
+[package]
+name = "parsec-openssl-provider-shared-test"
+version = "0.1.0"
+authors = ["Parsec Project Contributors"]
+description = "A parsec openssl provider dynamic library"
+license = "Apache-2.0"
+readme = "README.md"
+keywords = ["security", "service"]
+categories = ["cryptography", "hardware-support"]
+edition = "2021"
+
+[dependencies]
+openssl = "0.10.63"
+parsec-openssl2 = { path = "../parsec-openssl2" }
+foreign-types = "0.3"
+foreign-types-shared = "0.1"
+parsec-openssl-provider = { path ="../parsec-openssl-provider" }
+
+[build-dependencies]
+pkg-config = "0.3.18"
+bindgen = { version = "0.66.1" }

parsec-openssl-provider-shared-test/build.rs

@@ -0,0 +1,39 @@
+// Copyright 2024 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+use std::env;
+use std::io::{Error, ErrorKind};
+use std::path::PathBuf;
+
+const MINIMUM_VERSION: &str = "3.0.0";
+
+fn main() -> std::io::Result<()> {
+    // Use package config to ensure openssl version 3.0.0 or higher is installed
+    let openssl = pkg_config::Config::new()
+        .atleast_version(MINIMUM_VERSION)
+        .probe("openssl")
+        .expect("Failed to find openssl version above 3.0.0");
+
+    // The include path points to the openssl development headers installed by libss-dev
+    let openssl_include_path = openssl.include_paths[0]
+        .clone()
+        .into_os_string()
+        .into_string()
+        .expect("Error converting OsString to String.");
+
+    // Generate bindings for the required headers
+    let openssl_builder = bindgen::Builder::default()
+        .header(format!("{}/openssl/evp.h", openssl_include_path))
+        .header(format!("{}/openssl/provider.h", openssl_include_path))
+        .generate_comments(false)
+        .size_t_is_usize(true);
+
+    // Build the bindings
+    let openssl_bindings = openssl_builder
+        .generate()
+        .map_err(|_| Error::new(ErrorKind::Other, "Unable to generate bindings to openssl"))?;
+
+    let out_path = PathBuf::from(env::var("OUT_DIR").unwrap());
+    openssl_bindings.write_to_file(out_path.join("openssl_test_bindings.rs"))?;
+
+    Ok(())
+}

parsec-openssl-provider-shared-test/src/lib.rs

@@ -0,0 +1,59 @@
+// Copyright 2024 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use openssl::error::ErrorStack;
+use openssl::{lib_ctx::LibCtx, provider::Provider};
+use parsec_openssl2::openssl_binding;
+use parsec_openssl2::types::VOID_PTR_PTR;
+
+#[allow(non_camel_case_types)]
+#[allow(non_upper_case_globals)]
+#[allow(non_snake_case)]
+#[allow(improper_ctypes)]
+#[ignore]
+pub mod openssl_test_bindings {
+
+    include!(concat!(env!("OUT_DIR"), "/openssl_test_bindings.rs"));
+}
+use openssl_test_bindings::*;
+
+use foreign_types_shared::ForeignType;
+pub const PARSEC_PROVIDER_RSA: &[u8; 4] = b"RSA\0";
+pub const PARSEC_PROVIDER_PROPERTY: &[u8; 17] = b"provider=default\0";
+
+pub fn load_provider(lib_ctx: &LibCtx, provider_name: &String, provider_path: String) -> Provider {
+    assert_eq!(
+        Provider::set_default_search_path(Some(&lib_ctx), &provider_path).is_ok(),
+        true
+    );
+    let provider = Provider::load(Some(&lib_ctx), &provider_name).unwrap();
+    provider
+}
+
+pub unsafe fn load_key(
+    lib_ctx: LibCtx,
+    param_ptr: *mut OSSL_PARAM,
+    mut parsec_pkey: *mut EVP_PKEY,
+) -> LibCtx {
+    let mut evp_ctx: *mut EVP_PKEY_CTX = EVP_PKEY_CTX_new_from_name(
+        lib_ctx.as_ptr() as *mut ossl_lib_ctx_st,
+        PARSEC_PROVIDER_RSA.as_ptr() as *const ::std::os::raw::c_char,
+        PARSEC_PROVIDER_PROPERTY.as_ptr() as *const ::std::os::raw::c_char,
+    );
+    assert_ne!(evp_ctx, std::ptr::null_mut());
+    assert_eq!(EVP_PKEY_fromdata_init(evp_ctx), 1);
+    assert_eq!(
+        EVP_PKEY_fromdata(
+            evp_ctx,
+            &mut parsec_pkey as *mut *mut EVP_PKEY,
+            // Change 3: Select the appropriate macro here to load the param value
+            EVP_PKEY_KEY_PARAMETERS.try_into().unwrap(),
+            param_ptr,
+        ),
+        1
+    );
+    assert_ne!(parsec_pkey, std::ptr::null_mut());
+
+    EVP_PKEY_CTX_free(evp_ctx);
+    lib_ctx
+}

parsec-openssl-provider-shared-test/tests/provider.rs

@@ -0,0 +1,181 @@
+// Copyright 2024 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use foreign_types_shared::ForeignType;
+use openssl::{lib_ctx::LibCtx, provider::Provider};
+use openssl_test_bindings::*;
+use parsec_openssl2::openssl_binding;
+use parsec_openssl2::{openssl_returns_nonnull, ossl_param};
+use parsec_openssl_provider::provider::PARSEC_PROVIDER_NAME;
+use parsec_openssl_provider::provider::PARSEC_PROVIDER_PARAM_TYPES;
+use parsec_openssl_provider_shared_test::*;
+use std::ffi::CStr;
+
+// Simple test to load a provider. Test fails if load_provider function reports error
+#[test]
+fn test_loading_parsec_provider() {
+    let provider_path = String::from("../target/debug");
+    let provider_name = String::from("libparsec_openssl_provider_shared");
+    //let provider_name = String::from("default");
+    let mut lib_ctx: LibCtx = LibCtx::new().unwrap();
+    let mut provider: Provider = load_provider(&lib_ctx, &provider_name, provider_path);
+}
+
+#[test]
+fn test_parsec_provider_name() {
+    let provider_path = String::from("../target/debug/");
+    let provider_name = String::from("libparsec_openssl_provider_shared");
+    //let provider_name = String::from("default");
+    let mut lib_ctx: LibCtx = LibCtx::new().unwrap();
+    let mut provider: Provider = load_provider(&lib_ctx, &provider_name, provider_path);
+    unsafe {
+        let prov_name = OSSL_PROVIDER_get0_name(provider.as_ptr() as *const ossl_provider_st);
+        let prov_name = CStr::from_ptr(prov_name);
+        let prov_name = prov_name.to_str().unwrap();
+        // assert_eq!(prov_name.to_bytes().len(), provider_name.len());
+        //prov_name= prov_name.to_string_lossy();//.to_string();
+        assert_eq!(prov_name, provider_name);
+    }
+}
+
+// Loads a keys from the provider and returns an EVP_PKEY object with the details
+// This is working against the default provider and currently loads a key with
+// no parameters. In order to test it with the parsec provider 3 changes are needed
+// explained in comments below.
+#[test]
+fn test_loading_keys() {
+    // Change 1: toggle comment below to load the parsec provider
+    let provider_path = String::from("../target/debug/");
+    //let provider_name = String::from("libparsec_openssl_provider_shared");
+
+    let provider_name = String::from("default");
+
+    let mut lib_ctx: LibCtx = LibCtx::new().unwrap();
+    let mut parsec_pkey: *mut EVP_PKEY = std::ptr::null_mut();
+    let mut provider: Provider = load_provider(&lib_ctx, &provider_name, provider_path);
+
+    // Change 2: Setup the param as needed for the parsec provider.
+    // Create a key beforehand using the parsec-tool and then run the test.
+    let mut param = ossl_param!();
+    unsafe {
+        lib_ctx = load_key(lib_ctx, &mut param, parsec_pkey);
+        EVP_PKEY_free(parsec_pkey);
+    }
+
+    //OSSL_PARAM_free(param_ptr);
+}
+
+#[test]
+fn test_parsec_provider_gettable_param() {
+    let provider_path = String::from("../target/debug/");
+    let provider_name = String::from("libparsec_openssl_provider_shared");
+    //let provider_name = String::from("default");
+    let mut lib_ctx: LibCtx = LibCtx::new().unwrap();
+    let mut provider: Provider = load_provider(&lib_ctx, &provider_name, provider_path);
+    unsafe {
+        let gettable_params: *const OSSL_PARAM =
+            OSSL_PROVIDER_gettable_params(provider.as_ptr() as *const ossl_provider_st);
+        assert_ne!(
+            openssl_binding::OSSL_PARAM_locate(
+                gettable_params as _,
+                openssl_binding::OSSL_PROV_PARAM_NAME.as_ptr() as *const std::os::raw::c_char,
+            ),
+            std::ptr::null_mut()
+        );
+        assert_ne!(
+            openssl_binding::OSSL_PARAM_locate(
+                gettable_params as _,
+                openssl_binding::OSSL_PROV_PARAM_VERSION.as_ptr() as *const std::os::raw::c_char,
+            ),
+            std::ptr::null_mut()
+        );
+        assert_ne!(
+            openssl_binding::OSSL_PARAM_locate(
+                gettable_params as _,
+                openssl_binding::OSSL_PROV_PARAM_STATUS.as_ptr() as *const std::os::raw::c_char,
+            ),
+            std::ptr::null_mut()
+        );
+    }
+}
+
+#[test]
+fn test_parsec_provider_get_param() {
+    let provider_path = String::from("../target/debug/");
+    let provider_name = String::from("libparsec_openssl_provider_shared");
+    //let provider_name = String::from("default");
+    let mut lib_ctx: LibCtx = LibCtx::new().unwrap();
+    let mut provider: Provider = load_provider(&lib_ctx, &provider_name, provider_path);
+
+    let mut prov_name: *mut i8 = std::ptr::null_mut();
+    let mut prov_version: *mut i8 = std::ptr::null_mut();
+    let mut prov_status: i32 = 0;
+    unsafe {
+        let mut params: [OSSL_PARAM; 4] =
+            [ossl_param!(), ossl_param!(), ossl_param!(), ossl_param!()];
+        params[0] = OSSL_PARAM_construct_utf8_ptr(
+            openssl_binding::OSSL_PROV_PARAM_NAME.as_ptr() as _,
+            &mut prov_name,
+            0,
+        );
+        params[1] = OSSL_PARAM_construct_utf8_ptr(
+            openssl_binding::OSSL_PROV_PARAM_VERSION.as_ptr() as _,
+            &mut prov_version,
+            0,
+        );
+        params[2] = OSSL_PARAM_construct_int(
+            openssl_binding::OSSL_PROV_PARAM_STATUS.as_ptr() as _,
+            &mut prov_status as *mut i32,
+        );
+        assert_eq!(OSSL_PARAM_modified(&params as _), 0);
+        assert_eq!(OSSL_PARAM_modified(&params[1] as _), 0);
+        assert_eq!(OSSL_PARAM_modified(&params[2] as _), 0);
+        assert_eq!(
+            OSSL_PROVIDER_get_params(
+                provider.as_ptr() as *const ossl_provider_st,
+                params.as_ptr() as *mut OSSL_PARAM,
+            ),
+            1
+        );
+        assert_eq!(OSSL_PARAM_modified(&params as _), 1);
+        assert_eq!(OSSL_PARAM_modified(&params[1] as _), 1);
+        assert_eq!(OSSL_PARAM_modified(&params[2] as _), 1);
+
+        let prov_name = CStr::from_ptr(prov_name);
+        let prov_name = prov_name.to_str().unwrap();
+        assert_eq!(prov_name, "Parsec OpenSSL Provider");
+
+        let prov_version = CStr::from_ptr(prov_version);
+        let prov_version = prov_version.to_str().unwrap();
+        assert_eq!(prov_version, "0.1.0");
+    }
+}
+
+#[test]
+fn test_provider_query() {
+    let provider_path = String::from("../target/debug");
+    let provider_name = String::from("libparsec_openssl_provider_shared");
+    //let provider_name = String::from("default");
+    let mut lib_ctx: LibCtx = LibCtx::new().unwrap();
+    let mut provider: Provider = load_provider(&lib_ctx, &provider_name, provider_path);
+
+    let mut no_cache: i32 = 0;
+    unsafe {
+        assert_ne!(
+            OSSL_PROVIDER_query_operation(
+                provider.as_ptr() as _,
+                OSSL_OP_KEYMGMT.try_into().unwrap(),
+                &mut no_cache as _,
+            ),
+            std::ptr::null_mut()
+        );
+        assert_eq!(
+            OSSL_PROVIDER_query_operation(
+                provider.as_ptr() as _,
+                OSSL_OP_RAND.try_into().unwrap(),
+                &mut no_cache as _,
+            ),
+            std::ptr::null_mut()
+        );
+    }
+}

parsec-openssl-provider/src/lib.rs

@@ -16,7 +16,8 @@ use parsec_openssl2::types::VOID_PTR;
 use parsec_openssl2::{openssl_binding, types};
 
 mod keymgmt;
-mod provider;
+
+pub mod provider;
 use provider::*;
 
 mod catch;
@@ -30,7 +31,7 @@ pub unsafe fn parsec_provider_provider_init(
     out: *mut *const OSSL_DISPATCH,
     provctx: types::VOID_PTR_PTR,
 ) -> Result<(), parsec_openssl2::Error> {
-    env_logger::init();
+    //env_logger::init();
 
     let parsec_provider_teardown_ptr: ProviderTeardownPtr = parsec_provider_teardown;
 

parsec-openssl-provider/src/provider.rs

@@ -22,7 +22,7 @@ pub const PARSEC_PROVIDER_NAME: &[u8; 24] = b"Parsec OpenSSL Provider\0";
 pub const PARSEC_PROVIDER_VERSION: &[u8; 6] = b"0.1.0\0";
 
 // The types of parameters the provider supplies to the openssl library
-const PARSEC_PROVIDER_PARAM_TYPES: [OSSL_PARAM; 5] = [
+pub const PARSEC_PROVIDER_PARAM_TYPES: [OSSL_PARAM; 5] = [
     // Provider name
     ossl_param!(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR),
     // Provider version