From 281cb45a8514e616a777a7a5b93c1dd28ae428e9 Mon Sep 17 00:00:00 2001
From: Juergen Christ <jchrist@linux.ibm.com>
Date: Mon, 3 May 2021 11:47:59 +0200
Subject: [PATCH] Fix test problems on non-z15 without CEX cards

The tests assumed to run on a z15 with a CEX card that supports secp384r1.
Check these assumptions and skip tests if they are not valid.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>
---
 test/loadtest-ec.c | 49 ++++++++++++++++++++++++++++++++++++++++++----
 test/loadtest.c    | 13 ++++++++++--
 test/threadtest.c  | 16 ++++++++++++++-
 3 files changed, 71 insertions(+), 7 deletions(-)

diff --git a/test/loadtest-ec.c b/test/loadtest-ec.c
index a5821b7..cd35729 100644
--- a/test/loadtest-ec.c
+++ b/test/loadtest-ec.c
@@ -11,7 +11,11 @@
 int setup()
 {
     const SSL_METHOD *req_method;
-    SSL_CTX *ctx;
+    SSL_CTX          *ctx;
+    EC_KEY           *eckey = NULL;
+    ENGINE           *ibmca;
+    ENGINE           *actual;
+    int               ret = 0;
 
     /* Start code copy from libcurl 7.61.1 Curl_ossl_init function */
     OPENSSL_load_builtin_modules();
@@ -52,6 +56,24 @@ int setup()
     OpenSSL_add_all_algorithms();
 #endif
     /* End code copy from libcurl 7.61.1 Curl_ossl_init function */
+
+    ibmca = ENGINE_by_id("ibmca");
+    if (ibmca == NULL) {
+        fprintf(stderr, "Failed to retrieve ibmca engine\n");
+        goto out;
+    }
+    
+    eckey = EC_KEY_new_by_curve_name(NID_secp384r1);
+    if (eckey == NULL) {
+        /* error */
+        fprintf(stderr, "Failed to create EC_KEY for secp384r1\n");
+        goto out;
+    }
+    actual = EC_KEY_get0_engine(eckey);
+    if (ibmca != actual) {
+        fprintf(stderr, "EC_KEY not associated with ibmca\n");
+        goto out;
+    }
     
     /* Start extraction from libcurl 7.61.1 ossl_connect_step1 */
     req_method = TLS_client_method();
@@ -59,7 +81,11 @@ int setup()
        second time. */
     ctx = SSL_CTX_new(req_method);
     SSL_CTX_free(ctx);
-    return 1;
+    ret = 1;
+ out:
+    if (eckey)
+        EC_KEY_free(eckey);
+    return ret;
 }
 
 int check_globals()
@@ -68,8 +94,16 @@ int check_globals()
     ECDSA_SIG     *sig = NULL;
     EC_KEY        *eckey = NULL;
     unsigned char  digest[20];
+    ENGINE        *ibmca;
+    ENGINE        *actual;
 
     memset(digest, 0, sizeof(digest));
+
+    ibmca = ENGINE_by_id("ibmca");
+    if (ibmca == NULL) {
+        fprintf(stderr, "Failed to retrieve ibmca engine\n");
+        goto out;
+    }
     
     eckey = EC_KEY_new_by_curve_name(NID_secp384r1);
     if (eckey == NULL) {
@@ -82,6 +116,13 @@ int check_globals()
         fprintf(stderr, "Failed to generate EC_KEY\n");
         goto out;
     }
+
+    actual = EC_KEY_get0_engine(eckey);
+    if (ibmca != actual) {
+        fprintf(stderr, "EC_KEY not associated with ibmca\n");
+        goto out;
+    }
+    
     sig = ECDSA_do_sign(digest, sizeof(digest), eckey);
     if (sig == NULL) {
         /* error */
@@ -123,8 +164,8 @@ int main(int argc, char **argv)
     }
     
     if (!setup()) {
-        fprintf(stderr, "Setup failed!\n");
-        return 99;
+        fprintf(stderr, "Setup failed!  Skipping...\n");
+        return 77;
     }
     if (!check_globals()) {
         fprintf(stderr, "Check for global variables failed!\n");
diff --git a/test/loadtest.c b/test/loadtest.c
index fea6f62..19f0cf9 100644
--- a/test/loadtest.c
+++ b/test/loadtest.c
@@ -12,6 +12,8 @@ int setup()
 {
     const SSL_METHOD *req_method;
     SSL_CTX *ctx;
+    ENGINE        *engine;
+    EVP_PKEY_CTX  *pctx = NULL;
 
     /* Start code copy from libcurl 7.61.1 Curl_ossl_init function */
     OPENSSL_load_builtin_modules();
@@ -52,6 +54,13 @@ int setup()
     OpenSSL_add_all_algorithms();
 #endif
     /* End code copy from libcurl 7.61.1 Curl_ossl_init function */
+
+    engine = ENGINE_by_id("ibmca");
+    pctx = EVP_PKEY_CTX_new_id(NID_X25519, engine);
+    if (pctx == NULL) {
+        return 0;
+    }
+    EVP_PKEY_CTX_free(pctx);
     
     /* Start extraction from libcurl 7.61.1 ossl_connect_step1 */
     req_method = TLS_client_method();
@@ -112,8 +121,8 @@ int main(int argc, char **argv)
     }
     
     if (!setup()) {
-        fprintf(stderr, "Setup failed!\n");
-        return 99;
+        fprintf(stderr, "Setup failed!  Skipping...\n");
+        return 77;
     }
     if (!check_globals()) {
         fprintf(stderr, "Check for global variables failed!\n");
diff --git a/test/threadtest.c b/test/threadtest.c
index 159c363..662ebf5 100644
--- a/test/threadtest.c
+++ b/test/threadtest.c
@@ -17,6 +17,9 @@
 
 static int setup()
 {
+    ENGINE        *engine;
+    EVP_PKEY_CTX  *pctx = NULL;
+
     OPENSSL_load_builtin_modules();
 
     ENGINE_load_builtin_engines();
@@ -37,6 +40,14 @@ static int setup()
 #else
     OpenSSL_add_all_algorithms();
 #endif
+
+    engine = ENGINE_by_id("ibmca");
+    pctx = EVP_PKEY_CTX_new_id(NID_X25519, engine);
+    if (pctx == NULL) {
+        return 0;
+    }
+    EVP_PKEY_CTX_free(pctx);
+
     return 1;
 }
 
@@ -132,7 +143,10 @@ int main(int argc, char **argv)
         return 1;
     }
 
-    setup();
+    if (setup() != 1) {
+        fprintf(stderr, "Failed to set up test.  Skipping...\n");
+        return 77;
+    }
     
     me = pthread_self();
     // Start threads
-- 
2.31.1