Name Date Size #Lines LOC

..17-Dec-2024-

certs/HToday-

ct/H04-Aug-2021-

d2i-tests/H24-Feb-2020-

helpers/H05-Sep-2024-

ocsp-tests/H19-Jun-2024-

quic-openssl-docker/H04-Oct-2024-

recipes/HToday-

smime-certs/H19-Jun-2024-

smime-eml/H19-Jun-2024-

ssl-tests/H05-Sep-2024-

testutil/H05-Sep-2024-

CAtsa.cnfH A D19-Jun-20244.9 KiB165128

README-dev.mdH A D19-Jun-20245.3 KiB161117

README-external.mdH A D21-Oct-20244.9 KiB177111

README.mdH A D19-Jun-20246.9 KiB187125

README.ssltest.mdH A D27-May-202210.8 KiB297212

aborttest.cH A D24-Feb-2020467 176

acvp_test.cH A D05-Nov-202461.4 KiB1,7721,553

acvp_test.incH A D30-Sep-202486.7 KiB2,1862,113

aesgcmtest.cH A D19-Jun-20244.8 KiB137114

afalgtest.cH A D19-Jun-20244.6 KiB161123

algorithmid_test.cH A D22-Nov-202110.3 KiB329268

asn1_decode_test.cH A D19-Jun-20247.6 KiB289200

asn1_dsa_internal_test.cH A D15-Oct-20205.7 KiB185138

asn1_encode_test.cH A D05-Sep-202429.6 KiB908697

asn1_internal_test.cH A D19-Jun-20247.8 KiB277179

asn1_stable_parse_test.cH A D19-Jun-20241.8 KiB8255

asn1_string_table_test.cH A D24-Feb-20201.9 KiB7853

asn1_time_test.cH A D19-Jun-202420 KiB512405

asynciotest.cH A D01-Dec-202012.3 KiB418297

asynctest.cH A D19-Jun-202414 KiB484392

bad_dtls_test.cH A D05-Sep-202420.4 KiB613440

bftest.cH A D05-Sep-202415.9 KiB490416

bio_addr_test.cH A D19-Jun-20243.8 KiB177130

bio_base64_test.cH A D05-Sep-202413.9 KiB489318

bio_callback_test.cH A D17-Jun-202113.6 KiB361316

bio_comp_test.cH A D19-Jun-20243.4 KiB154121

bio_core_test.cH A D19-Jun-20243.4 KiB12089

bio_dgram_test.cH A D19-Jun-202421.4 KiB795570

bio_enc_test.cH A D05-Sep-20247.5 KiB273219

bio_memleak_test.cH A D19-Jun-20247.2 KiB292240

bio_meth_test.cH A D19-Jun-20242.1 KiB7250

bio_prefix_text.cH A D22-Nov-20217.4 KiB268209

bio_pw_callback_test.cH A D09-Sep-202410 KiB403342

bio_readbuffer_test.cH A D23-May-20213.8 KiB13296

bio_tfo_test.cH A D12-Aug-202213.4 KiB421328

bioprinttest.cH A D06-Dec-202412.5 KiB362291

bn_internal_test.cH A D23-May-20212.6 KiB10675

bn_rand_range.hH A D24-Feb-20202 KiB5944

bntest.cH A D22-Nov-2024105.4 KiB3,4372,850

bntests.plH A D24-Feb-20204.5 KiB157121

build.infoH A D17-Dec-202449 KiB1,2671,008

build_wincrypt_test.cH A D19-Jun-20241 KiB4728

ca-and-certs.cnfH A D19-Jun-20242.2 KiB9277

ca_internals_test.cH A D05-Sep-20242.3 KiB9465

casttest.cH A D05-Sep-20243.2 KiB12086

cc_dummy.cH A D19-Jun-20243.5 KiB152114

cert_comp_test.cH A D19-Jun-20248.1 KiB288206

chacha_internal_test.cH A D19-Jun-20248 KiB191163

cipher_overhead_test.cH A D18-Feb-20211.7 KiB6342

cipherbytes_test.cH A D13-Sep-20204.4 KiB150115

cipherlist_test.cH A D30-Sep-20217.4 KiB270212

ciphername_test.cH A D05-Sep-202420.7 KiB473438

clienthellotest.cH A D05-Sep-20248.5 KiB270178

cmactest.cH A D12-Oct-202410.8 KiB350283

cmp_asn_test.cH A D19-Jun-20244 KiB136105

cmp_client_test.cH A D19-Jun-202419.5 KiB578483

cmp_ctx_test.cH A D19-Jun-202431 KiB912787

cmp_hdr_test.cH A D05-Sep-202414 KiB508396

cmp_msg_test.cH A D19-Jun-202418.2 KiB597506

cmp_protect_test.cH A D16-Aug-202421.9 KiB641550

cmp_server_test.cH A D19-Jun-20245.5 KiB174123

cmp_status_test.cH A D19-Jun-20243.2 KiB11072

cmp_vfy_test.cH A D07-Oct-202424.2 KiB725615

cms-examples.plH A D24-Feb-20208.7 KiB366289

cmsapitest.cH A D05-Sep-202416.6 KiB443383

conf_include_test.cH A D12-Oct-20247.7 KiB302237

confdump.cH A D17-Jun-20211.4 KiB5236

constant_time_test.cH A D28-Oct-202112.3 KiB415351

context_internal_test.cH A D05-Sep-20242.1 KiB8452

crltest.cH A D05-Sep-202415.9 KiB455362

ct_test.cH A D05-Sep-202415.8 KiB533421

ctype_internal_test.cH A D24-Feb-20202.7 KiB9167

curve448_internal_test.cH A D19-Jun-202435.9 KiB738643

d2i_test.cH A D23-Apr-20204.1 KiB170120

dane-cross.inH A D14-Feb-20226.9 KiB114112

danetest.cH A D21-Dec-202111 KiB431343

danetest.inH A D19-Jun-202494.5 KiB2,0081,946

danetest.pemH A D24-Feb-2020652 1514

data.binH A D24-Nov-2020128 53

data2.binH A D23-May-20213.7 KiB6256

decap_out.binH A D13-Aug-2024256

decoder_propq_test.cH A D19-Jun-20243.1 KiB12083

default-and-fips.cnfH A D19-Jun-2024266 1711

default-and-jitter.cnfH A D31-Jul-2024260 1812

default-and-legacy.cnfH A D04-Aug-2021271 1812

default-for-evptest.cnfH A D16-Sep-2024370 2215

default.cnfH A D19-Jun-2024279 1812

defltfips_test.cH A D03-Feb-20223 KiB10969

destest.cH A D05-Sep-202431.4 KiB906769

dhkem_test.incH A D19-Jun-202426.6 KiB718675

dhtest.cH A D19-Jun-202436 KiB955771

drbgtest.cH A D12-Oct-202426.8 KiB901580

dsa_no_digest_size_test.cH A D23-Apr-20208.5 KiB252185

dsatest.cH A D05-Sep-202418 KiB506440

dtls_mtu_test.cH A D28-Jul-20227.2 KiB246170

dtlstest.cH A D19-Jun-202421.4 KiB670472

dtlsv1listentest.cH A D24-Feb-202012.3 KiB358299

ec_internal_test.cH A D16-Oct-202417.4 KiB578436

ecdsatest.cH A D05-Sep-202414.6 KiB424288

ecdsatest.hH A D24-Feb-2020673.6 KiB10,21510,189

ecstresstest.cH A D05-Sep-20244.1 KiB157112

ectest.cH A D19-Jun-2024125.9 KiB3,1582,496

encap_out.binH A D13-Aug-2024256

encap_secret.binH A D13-Aug-2024256

endecode_test.cH A D05-Sep-202458.5 KiB1,5311,302

endecoder_legacy_test.cH A D30-Jun-202127.8 KiB732595

enginetest.cH A D12-Oct-202413.1 KiB466342

errtest.cH A D19-Jun-202413.2 KiB441311

evp_byname_test.cH A D31-Jul-2024900 4125

evp_extra_test.cH A D19-Dec-2024217.2 KiB6,3275,186

evp_extra_test2.cH A D21-Nov-202460.6 KiB1,5021,245

evp_fetch_prov_test.cH A D19-Jun-202410.9 KiB415326

evp_kdf_test.cH A D24-Jul-202473.3 KiB2,0931,749

evp_libctx_test.cH A D05-Nov-202431.8 KiB842669

evp_pkey_ctx_new_from_name.cH A D29-Apr-2022279 1511

evp_pkey_dhkem_test.cH A D19-Jun-202431.9 KiB884722

evp_pkey_dparams_test.cH A D03-May-202213.5 KiB325289

evp_pkey_provided_test.cH A D19-Jun-202489.4 KiB2,2161,889

evp_test.cH A D30-Aug-2024156.1 KiB5,3174,467

evp_xof_test.cH A D06-Sep-202418.7 KiB555465

exdatatest.cH A D23-May-20218.1 KiB320246

exptest.cH A D19-Jun-20249.3 KiB339263

ext_internal_test.cH A D19-Jun-20242.9 KiB10991

fake_pipelineprov.cH A D17-Dec-202413.3 KiB345284

fake_pipelineprov.hH A D17-Dec-2024520 153

fake_rsaprov.cH A D19-Jun-202422.7 KiB756584

fake_rsaprov.hH A D19-Jun-2024635 196

fatalerrtest.cH A D01-Dec-20202.9 KiB10269

ffc_internal_test.cH A D19-Jun-202427.5 KiB712578

filterprov.cH A D19-Jun-20247.3 KiB239167

filterprov.hH A D24-Feb-2021523 154

fips-alt.cnfH A D28-Jul-2021376 1712

fips-and-base.cnfH A D19-Jun-2024469 2316

fips.cnfH A D04-Aug-2021474 2014

fips_version_test.cH A D19-Jun-20241.7 KiB7958

generate_buildtest.plH A D24-Feb-2020796 3521

generate_ssl_tests.plH A D17-Jun-20214.7 KiB15692

gmdifftest.cH A D23-May-20211.9 KiB6845

hexstr_test.cH A D05-Sep-20243.6 KiB139113

hmactest.cH A D12-Oct-202413.2 KiB445371

hpke_test.cH A D05-Sep-202474.7 KiB2,0071,726

http_test.cH A D19-Jun-202415.9 KiB523431

ideatest.cH A D05-Sep-20243.9 KiB12893

igetest.cH A D24-Feb-202016.4 KiB463378

insta.priv.pemH A D13-Jul-20211.6 KiB2827

insta_ca.cert.pemH A D13-Jul-20211.3 KiB2322

invalid-x509.cnfH A D19-Jun-2024125 75

json_test.cH A D19-Jun-202418.5 KiB697577

keymgmt_internal_test.cH A D19-Jun-202411.5 KiB363279

legacy.cnfH A D04-Aug-2021219 149

lhash_test.cH A D13-Dec-202419.3 KiB729584

list_test.cH A D19-Jun-20245.9 KiB181147

localetest.cH A D13-May-20226.4 KiB137117

mdc2_internal_test.cH A D23-Apr-20201.7 KiB7840

mdc2test.cH A D19-Jun-20242.6 KiB9870

membio_test.cH A D19-Jun-20244.3 KiB12788

memleaktest.cH A D23-May-20211.7 KiB6332

modes_internal_test.cH A D05-Sep-202429.2 KiB901743

moduleloadtest.cH A D23-May-20211.3 KiB5432

namemap_internal_test.cH A D05-Sep-20244.8 KiB184134

nocache-and-default.cnfH A D20-Dec-2024301 1913

nodefltctxtest.cH A D19-Jun-20241.7 KiB6128

null.cnfH A D19-Jun-2024213 149

ocspapitest.cH A D19-Jun-20246.3 KiB237195

ossl_store_test.cH A D28-Oct-20215.9 KiB239199

p_minimal.cH A D19-Jun-2024765 259

p_test.cH A D20-Dec-202411.7 KiB347245

packettest.cH A D19-Jun-202418.3 KiB612500

pairwise_fail_test.cH A D05-Nov-20245.4 KiB185158

param_build_test.cH A D19-Jun-202422 KiB565495

params_api_test.cH A D19-Jun-202428.4 KiB839713

params_conversion_test.cH A D03-May-202212.2 KiB374324

params_test.cH A D19-Jun-202424.3 KiB713501

pathed.cnfH A D19-Jun-2024356 2316

pbelutest.cH A D24-Feb-20201.4 KiB5130

pbetest.cH A D19-Jun-20244.8 KiB168122

pem_read_depr_test.cH A D29-Jul-20214.1 KiB217158

pemtest.cH A D19-Jun-20244.5 KiB168134

pkcs12_api_test.cH A D19-Jun-20247.9 KiB303249

pkcs12_format_test.cH A D12-Oct-202437.6 KiB1,053788

pkcs7-1.pemH A D24-Feb-2020851 1615

pkcs7.pemH A D24-Feb-20203.7 KiB5554

pkcs7_test.cH A D21-Oct-202424.9 KiB398332

pkey_meth_kdf_test.cH A D05-Sep-20246.8 KiB236211

pkey_meth_test.cH A D06-Aug-20202.3 KiB9166

pkits-test.plH A D24-Feb-202031.2 KiB906843

poly1305_internal_test.cH A D24-Feb-202056.2 KiB1,5761,402

priority_queue_test.cH A D19-Jun-20247.7 KiB261208

property_test.cH A D19-Jun-202424.6 KiB706606

prov_config_test.cH A D05-Sep-20243.4 KiB14198

provfetchtest.cH A D19-Jun-20248.4 KiB298235

provider_default_search_path_test.cH A D19-Jun-20241.9 KiB6039

provider_fallback_test.cH A D05-Sep-20241.5 KiB6443

provider_internal_test.cH A D05-Sep-20244.1 KiB152111

provider_internal_test.cnf.inH A D04-Aug-2021347 1712

provider_pkey_test.cH A D19-Jun-202412.4 KiB447326

provider_status_test.cH A D05-Sep-20247.7 KiB259211

provider_test.cH A D05-Sep-20249.6 KiB340241

proxy.cnfH A D04-Aug-20211.7 KiB6150

punycode_test.cH A D19-Jun-202410 KiB295253

quic_ackm_test.cH A D19-Jun-202435.6 KiB1,117805

quic_cc_test.cH A D19-Jun-202417 KiB630374

quic_cfq_test.cH A D19-Jun-20245.5 KiB178139

quic_client_test.cH A D05-Sep-20246 KiB227164

quic_fc_test.cH A D22-Jul-202422.7 KiB644508

quic_fifd_test.cH A D19-Jun-202413 KiB375282

quic_lcidm_test.cH A D19-Jun-20245 KiB10788

quic_multistream_test.cH A D13-Nov-2024178.3 KiB5,9724,438

quic_newcid_test.cH A D19-Jun-20245.2 KiB186127

quic_qlog_test.cH A D19-Jun-20249 KiB249205

quic_rcidm_test.cH A D19-Jun-20245.4 KiB13397

quic_record_test.cH A D05-Sep-2024160.5 KiB3,7193,229

quic_record_test_util.hH A D19-Jun-20241.8 KiB5537

quic_srt_gen_test.cH A D19-Jun-20242.3 KiB8461

quic_srtm_test.cH A D19-Jun-20243.2 KiB8567

quic_stream_test.cH A D19-Jun-202421.4 KiB606469

quic_tserver_test.cH A D19-Jun-202413.1 KiB437304

quic_txp_test.cH A D19-Jun-202463 KiB1,7041,420

quic_txpim_test.cH A D19-Jun-20241.9 KiB6847

quic_wire_test.cH A D19-Jun-202444.1 KiB1,6461,226

quicapitest.cH A D08-Nov-202475 KiB2,3711,748

quicfaultstest.cH A D19-Jun-202411.4 KiB412263

rand_status_test.cH A D28-Aug-2020673 2811

rand_test.cH A D30-Sep-20246.1 KiB185145

rc2test.cH A D23-Apr-20202.1 KiB7549

rc4test.cH A D23-Apr-20204.1 KiB135104

rc5test.cH A D23-Apr-20209.1 KiB244207

rdcpu_sanitytest.cH A D03-May-20224.1 KiB151106

recordlentest.cH A D19-Jun-20245.4 KiB205153

recursive.cnfH A D19-Jun-2024129 96

rpktest.cH A D19-Jun-202426.7 KiB762634

rsa_complex.cH A D19-Jun-2024904 3313

rsa_mp_test.cH A D19-Jun-202412.1 KiB330261

rsa_sp800_56b_test.cH A D05-Sep-202422.2 KiB591480

rsa_test.cH A D19-Jun-202430.3 KiB721595

rsa_x931_test.cH A D19-Jun-20241.1 KiB4932

run_tests.plH A D19-Jun-202413.3 KiB367257

safe_math_test.cH A D05-Sep-202411.3 KiB373311

sanitytest.cH A D19-Jun-20244.9 KiB164116

secmemtest.cH A D03-May-20225.9 KiB184112

serverinfo.pemH A D24-Feb-2020740 1715

serverinfo2.pemH A D24-Feb-2020412 98

servername_test.cH A D23-May-20217.4 KiB269194

session.pemH A D24-Feb-20201.9 KiB3231

sha_test.cH A D16-Jun-20213.7 KiB11188

shibboleth.pfxH A D24-Feb-20202.5 KiB

shlibloadtest.cH A D23-May-20218.9 KiB293230

simpledynamic.cH A D29-Jul-20211.7 KiB7955

simpledynamic.hH A D24-Jun-20211.2 KiB5230

siphash_internal_test.cH A D19-Jun-202417.1 KiB292244

sm2_internal_test.cH A D05-Sep-202416.3 KiB485375

sm3_internal_test.cH A D14-Feb-20222.6 KiB8554

sm4_internal_test.cH A D23-May-20212.3 KiB8749

smcont.binH A D23-May-20217.8 KiB2035

smcont.txtH A D24-Feb-202083 11

smcont_zero.txtH A D08-Oct-20200

sparse_array_test.cH A D17-Jun-20215.6 KiB198164

srptest.cH A D18-Feb-20218.1 KiB283204

ssl_cert_table_internal_test.cH A D19-Jun-20242.2 KiB6645

ssl_ctx_test.cH A D19-Jun-20245.4 KiB141108

ssl_handshake_rtt_test.cH A D19-Jun-20243.9 KiB139101

ssl_old_test.cH A D22-Jul-202499.1 KiB3,0172,481

ssl_test.cH A D19-Jun-202420.2 KiB578478

ssl_test.tmplH A D24-Feb-20204.3 KiB127122

ssl_test_ctx_test.cH A D01-Dec-20209.1 KiB265215

ssl_test_ctx_test.cnfH A D06-Mar-20202 KiB9869

sslapitest.cH A D22-Nov-2024421.2 KiB12,7599,380

sslbuffertest.cH A D05-Sep-202411.8 KiB382243

sslcorrupttest.cH A D19-Jun-20247.3 KiB281198

stack_test.cH A D28-Oct-20219.4 KiB389304

strtoultest.cH A D07-Aug-20242.6 KiB10767

sysdefaulttest.cH A D05-Sep-20241.9 KiB8969

test.cnfH A D30-Oct-20242.3 KiB8369

test_asn1_parse.cnfH A D19-Jun-2024240 139

test_test.cH A D27-Jun-202218.2 KiB580504

testcrl.pemH A D24-Feb-2020938 1716

testdsa.pemH A D24-Feb-2020672 1312

testdsapub.pemH A D24-Feb-2020654 1312

testec-p112r1.pemH A D17-Aug-2022221 87

testec-p256.pemH A D24-Feb-2020227 65

testecpub-p256.pemH A D24-Feb-2020178 54

tested25519.pemH A D24-Feb-2020119 43

tested25519pub.pemH A D24-Feb-2020113 43

tested448.pemH A D24-Feb-2020156 54

tested448pub.pemH A D24-Feb-2020146 54

testp7.pemH A D24-Feb-20202.8 KiB4746

testreq2.pemH A D24-Feb-2020371 87

testrsa.pemH A D09-Sep-2020526 1110

testrsa2048.pemH A D18-Sep-20201.7 KiB3028

testrsa2048pub.pemH A D19-Jun-2024451 109

testrsa_withattrs.derH A D23-May-20211.2 KiB

testrsa_withattrs.pemH A D23-May-20211.7 KiB3029

testrsapss.pemH A D29-Jan-20211.7 KiB2928

testrsapssmandatory.pemH A D05-Feb-20211.7 KiB3029

testrsapub.pemH A D24-Feb-2020182 54

testsid.pemH A D23-May-20212.3 KiB3938

testutil.hH A D05-Sep-202427.7 KiB653328

testx509.pemH A D11-Sep-2020562 1110

threadpool_test.cH A D05-Sep-20248.7 KiB308224

threadstest.cH A D10-Dec-202436.8 KiB1,3661,095

threadstest.hH A D05-Sep-20241.5 KiB8453

threadstest_fips.cH A D24-May-20211.1 KiB5028

time_offset_test.cH A D24-Feb-20203.2 KiB11483

time_test.cH A D19-Jun-20242.4 KiB8055

timing_load_creds.cH A D19-Jun-20245.8 KiB216184

tls-provider.cH A D22-Jul-2024110.2 KiB3,2872,429

tls13ccstest.cH A D19-Jun-202415.1 KiB509383

tls13encryptiontest.cH A D19-Jun-202414 KiB405314

tls13secretstest.cH A D05-Sep-202412.4 KiB422325

trace_api_test.cH A D19-Nov-20246.5 KiB212171

uitest.cH A D02-Jun-20222.2 KiB9563

upcallstest.cH A D19-Jun-20245.5 KiB167122

user_property_test.cH A D19-Jun-20243.8 KiB133101

v3-cert1.pemH A D24-Feb-2020944 1716

v3-cert2.pemH A D24-Feb-2020940 1716

v3_ca_exts.cnfH A D20-Jan-2021136 64

v3ext.cH A D05-Sep-202416.1 KiB488381

v3nametest.cH A D19-Jun-202419.8 KiB717509

verify_extra_test.cH A D22-Nov-20248.7 KiB342244

versions.cH A D24-Feb-2020674 2210

wpackettest.cH A D05-Sep-202426.5 KiB655487

x509_acert_test.cH A D05-Sep-20244.4 KiB175124

x509_check_cert_pkey_test.cH A D19-Jun-20245 KiB182136

x509_dup_cert_test.cH A D27-Oct-20211.3 KiB5232

x509_internal_test.cH A D05-Sep-20245.4 KiB181124

x509_load_cert_file_test.cH A D19-Jun-20241.8 KiB7049

x509_req_test.cH A D25-Jun-20241.9 KiB7448

x509_test.cH A D05-Sep-20249.1 KiB222168

x509_time_test.cH A D19-Jun-202417.6 KiB605455

x509aux.cH A D19-Jun-20245.2 KiB186148

README-dev.md

1Guidelines for test developers
2==============================
3
4How to add recipes
5------------------
6
7For any test that you want to perform, you write a script located in
8`test/recipes/`, named `{nn}-test_{name}.t`,
9where `{nn}` is a two digit number and
10`{name}` is a unique name of your choice.
11
12Please note that if a test involves a new testing executable, you will need to
13do some additions in test/build.info. Please refer to the section
14["Changes to test/build.info"](README.md#changes-to-testbuildinfo) below.
15
16Naming conventions
17------------------
18
19A test executable is named `test/{name}test.c`
20
21A test recipe is named `test/recipes/{nn}-test_{name}.t`, where `{nn}` is a two
22digit number and `{name}` is a unique name of your choice.
23
24The number `{nn}` is (somewhat loosely) grouped as follows:
25
26    00-04  sanity, internal and essential API tests
27    05-09  individual symmetric cipher algorithms
28    10-14  math (bignum)
29    15-19  individual asymmetric cipher algorithms
30    20-24  openssl commands (some otherwise not tested)
31    25-29  certificate forms, generation and verification
32    30-35  engine and evp
33    60-79  APIs:
34       60  X509 subsystem
35       61  BIO subsystem
36       65  CMP subsystem
37       70  PACKET layer
38    80-89  "larger" protocols (CA, CMS, OCSP, SSL, TSA)
39    90-98  misc
40    99     most time consuming tests [such as test_fuzz]
41
42A recipe that just runs a test executable
43-----------------------------------------
44
45A script that just runs a program looks like this:
46
47    #! /usr/bin/env perl
48
49    use OpenSSL::Test::Simple;
50
51    simple_test("test_{name}", "{name}test", "{name}");
52
53`{name}` is the unique name you have chosen for your test.
54
55The second argument to `simple_test` is the test executable, and `simple_test`
56expects it to be located in `test/`
57
58For documentation on `OpenSSL::Test::Simple`,
59do `perldoc util/perl/OpenSSL/Test/Simple.pm`.
60
61A recipe that runs a more complex test
62--------------------------------------
63
64For more complex tests, you will need to read up on Test::More and
65OpenSSL::Test.  Test::More is normally preinstalled, do `man Test::More` for
66documentation.  For OpenSSL::Test, do `perldoc util/perl/OpenSSL/Test.pm`.
67
68A script to start from could be this:
69
70    #! /usr/bin/env perl
71
72    use strict;
73    use warnings;
74    use OpenSSL::Test;
75
76    setup("test_{name}");
77
78    plan tests => 2;                # The number of tests being performed
79
80    ok(test1, "test1");
81    ok(test2, "test1");
82
83    sub test1
84    {
85        # test feature 1
86    }
87
88    sub test2
89    {
90        # test feature 2
91    }
92
93Changes to test/build.info
94--------------------------
95
96Whenever a new test involves a new test executable you need to do the
97following (at all times, replace {NAME} and {name} with the name of your
98test):
99
100 * add `{name}` to the list of programs under `PROGRAMS_NO_INST`
101
102 * create a three line description of how to build the test, you will have
103   to modify the include paths and source files if you don't want to use the
104   basic test framework:
105
106       SOURCE[{name}]={name}.c
107       INCLUDE[{name}]=.. ../include ../apps/include
108       DEPEND[{name}]=../libcrypto libtestutil.a
109
110Generic form of C test executables
111----------------------------------
112
113    #include "testutil.h"
114
115    static int my_test(void)
116    {
117        int testresult = 0;                 /* Assume the test will fail    */
118        int observed;
119
120        observed = function();              /* Call the code under test     */
121        if (!TEST_int_eq(observed, 2))      /* Check the result is correct  */
122            goto end;                       /* Exit on failure - optional   */
123
124        testresult = 1;                     /* Mark the test case a success */
125    end:
126        cleanup();                          /* Any cleanup you require      */
127        return testresult;
128    }
129
130    int setup_tests(void)
131    {
132        ADD_TEST(my_test);                  /* Add each test separately     */
133        return 1;                           /* Indicates success.  Return 0 */
134                                            /* to produce an error with a   */
135                                            /* usage message and -1 for     */
136                                            /* failure to set up with no    */
137                                            /* usage message.               */
138    }
139
140You should use the `TEST_xxx` macros provided by `testutil.h` to test all failure
141conditions.  These macros produce an error message in a standard format if the
142condition is not met (and nothing if the condition is met).  Additional
143information can be presented with the `TEST_info` macro that takes a `printf`
144format string and arguments.  `TEST_error` is useful for complicated conditions,
145it also takes a `printf` format string and argument.  In all cases the `TEST_xxx`
146macros are guaranteed to evaluate their arguments exactly once.  This means
147that expressions with side effects are allowed as parameters.  Thus,
148
149    if (!TEST_ptr(ptr = OPENSSL_malloc(..)))
150
151works fine and can be used in place of:
152
153    ptr = OPENSSL_malloc(..);
154    if (!TEST_ptr(ptr))
155
156The former produces a more meaningful message on failure than the latter.
157
158Note that the test infrastructure automatically sets up all required environment
159variables (such as `OPENSSL_MODULES`, `OPENSSL_CONF`, etc.) for the tests.
160Individual tests may choose to override the default settings as required.
161

README-external.md

1Running external test suites with OpenSSL
2=========================================
3
4It is possible to integrate external test suites into OpenSSL's `make test`.
5This capability is considered a developer option and does not work on all
6platforms.
7
8Python PYCA/Cryptography test suite
9===================================
10
11This python test suite runs cryptographic tests with a local OpenSSL build as
12the implementation.
13
14First checkout the `PYCA/Cryptography` module into `./pyca-cryptography` using:
15
16    $ git submodule update --init
17
18Then configure/build OpenSSL compatible with the python module:
19
20    $ ./config enable-external-tests
21    $ make
22
23The tests will run in a python virtual environment which requires virtualenv
24to be installed.
25
26    $ make test VERBOSE=1 TESTS=test_external_pyca
27
28Test failures and suppressions
29------------------------------
30
31Some tests target older (<=1.0.2) versions so will not run. Other tests target
32other crypto implementations so are not relevant. Currently no tests fail.
33
34krb5 test suite
35===============
36
37Much like the PYCA/Cryptography test suite, this builds and runs the krb5
38tests against the local OpenSSL build.
39
40You will need a git checkout of krb5 at the top level:
41
42    $ git clone https://github.com/krb5/krb5
43
44krb5's master has to pass this same CI, but a known-good version is
45krb5-1.15.1-final if you want to be sure.
46
47    $ cd krb5
48    $ git checkout krb5-1.15.1-final
49    $ cd ..
50
51OpenSSL must be built with external tests enabled:
52
53    $ ./config enable-external-tests
54    $ make
55
56krb5's tests will then be run as part of the rest of the suite, or can be
57explicitly run (with more debugging):
58
59    $ VERBOSE=1 make TESTS=test_external_krb5 test
60
61Test-failures suppressions
62--------------------------
63
64krb5 will automatically adapt its test suite to account for the configuration
65of your system.  Certain tests may require more installed packages to run.  No
66tests are expected to fail.
67
68GOST engine test suite
69======================
70
71Much like the PYCA/Cryptography test suite, this builds and runs the GOST engine
72tests against the local OpenSSL build.
73
74You will need a git checkout of gost-engine at the top level:
75
76    $ git submodule update --init
77
78Then configure/build OpenSSL enabling external tests:
79
80    $ ./config enable-external-tests
81    $ make
82
83GOST engine requires CMake for the build process.
84
85GOST engine tests will then be run as part of the rest of the suite, or can be
86explicitly run (with more debugging):
87
88    $ make test VERBOSE=1 TESTS=test_external_gost_engine
89
90OQSprovider test suite
91======================
92
93Much like the PYCA/Cryptography test suite, this builds and runs the OQS
94(OpenQuantumSafe -- www.openquantumsafe.org) provider tests against the
95local OpenSSL build.
96
97You will need a git checkout of oqsprovider at the top level:
98
99    $ git submodule update --init
100
101Then configure/build OpenSSL enabling external tests:
102
103    $ ./config enable-external-tests
104    $ make
105
106oqsprovider requires CMake for the build process.
107
108OQSprovider tests will then be run as part of the rest of the suite, or can be
109explicitly run (with more debugging):
110
111    $ make test VERBOSE=1 TESTS=test_external_oqsprovider
112
113The environment variable `OQS_SKIP_TESTS` can be set to select tests and
114algorithms to be skipped, e.g. as follows:
115
116    OQS_SKIP_TESTS=kyber make test TESTS=test_external_oqsprovider
117
118The names of all supported quantum-safe algorithms are available at
119<https://github.com/open-quantum-safe/oqs-provider#algorithms>
120
121pkcs11-provider test suite
122==========================
123
124This builds and runs pkcs11-provider tests against the local OpenSSL build.
125
126You will need a git checkout of pkcs11-provider at the top level:
127
128    $ git submodule update --init
129
130Then configure/build OpenSSL enabling external tests:
131
132    $ ./config enable-external-tests
133    $ make
134
135pkcs11-provider requires meson for the build process. Moreover, it requires
136softhsm and nss softokn tokens and certtool, certutil, pkcs11-tool and expect
137to run the tests.
138
139Tests will then be run as part of the rest of the suite, or can be
140explicitly run (with more debugging):
141
142    $ make test VERBOSE=1 TESTS=test_external_pkcs11_provider
143
144Test failures and suppressions
145------------------------------
146
147There are tests for different software tokens - softhsm, nss-softokn and kryoptic.
148Kryoptic tests will not run at this point. Currently no test fails.
149
150Updating test suites
151====================
152
153To update the commit for any of the above test suites:
154
155- Make sure the submodules are cloned locally:
156
157    $ git submodule update --init --recursive
158
159- Enter subdirectory and pull from the repository (use a specific branch/tag if required):
160
161    $ cd `<submodule-dir>`
162    $ git pull origin master
163
164- Go to root directory, there should be a new git status:
165
166    $ cd ../
167    $ git status
168      ...
169      #       modified:   `<submodule-dir>` (new commits)
170      ...
171
172- Add/commit/push the update
173
174    $ git add `<submodule-dir>`
175    $ git commit -m `"Updated <submodule> to latest commit"`
176    $ git push
177

README.md

1Using OpenSSL Tests
2===================
3
4After a successful build, and before installing, the libraries should be tested.
5Run:
6
7    $ make test                                      # Unix
8    $ mms test                                       ! OpenVMS
9    $ nmake test                                     # Windows
10
11**Warning:** you MUST run the tests from an unprivileged account
12(or disable your privileges temporarily if your platform allows it).
13
14If some tests fail, take a look at the section Test Failures below.
15
16Test Failures
17-------------
18
19If some tests fail, look at the output.  There may be reasons for the failure
20that isn't a problem in OpenSSL itself (like an OS malfunction or a Perl issue).
21You may want increased verbosity, that can be accomplished like this:
22
23Full verbosity, showing full output of all successful and failed test cases
24(`make` macro `VERBOSE` or `V`):
25
26    $ make V=1 test                                  # Unix
27    $ mms /macro=(V=1) test                          ! OpenVMS
28    $ nmake V=1 test                                 # Windows
29
30Verbosity on failed (sub-)tests only
31(`VERBOSE_FAILURE` or `VF` or `REPORT_FAILURES`):
32
33    $ make test VF=1
34
35Verbosity on failed (sub-)tests, in addition progress on succeeded (sub-)tests
36(`VERBOSE_FAILURE_PROGRESS` or `VFP` or `REPORT_FAILURES_PROGRESS`):
37
38    $ make test VFP=1
39
40If you want to run just one or a few specific tests, you can use
41the make variable TESTS to specify them, like this:
42
43    $ make TESTS='test_rsa test_dsa' test            # Unix
44    $ mms/macro="TESTS=test_rsa test_dsa" test       ! OpenVMS
45    $ nmake TESTS="test_rsa test_dsa" test           # Windows
46
47And of course, you can combine (Unix examples shown):
48
49    $ make test TESTS='test_rsa test_dsa' VF=1
50    $ make test TESTS="test_cmp_*" VFP=1
51
52You can find the list of available tests like this:
53
54    $ make list-tests                                # Unix
55    $ mms list-tests                                 ! OpenVMS
56    $ nmake list-tests                               # Windows
57
58Have a look at the manual for the perl module Test::Harness to
59see what other HARNESS_* variables there are.
60
61To report a bug please open an issue on GitHub, at
62<https://github.com/openssl/openssl/issues>.
63
64For more details on how the `make` variables `TESTS` can be used,
65see section Running Selected Tests below.
66
67Running Selected Tests
68----------------------
69
70The `make` variable `TESTS` supports a versatile set of space separated tokens
71with which you can specify a set of tests to be performed.  With a "current
72set of tests" in mind, initially being empty, here are the possible tokens:
73
74     alltests      The current set of tests becomes the whole set of available
75                   tests (as listed when you do 'make list-tests' or similar).
76
77     xxx           Adds the test 'xxx' to the current set of tests.
78
79    -xxx           Removes 'xxx' from the current set of tests.  If this is the
80                   first token in the list, the current set of tests is first
81                   assigned the whole set of available tests, effectively making
82                   this token equivalent to TESTS="alltests -xxx".
83
84     nn            Adds the test group 'nn' (which is a number) to the current
85                   set of tests.
86
87    -nn            Removes the test group 'nn' from the current set of tests.
88                   If this is the first token in the list, the current set of
89                   tests is first assigned the whole set of available tests,
90                   effectively making this token equivalent to
91                   TESTS="alltests -xxx".
92
93Also, all tokens except for "alltests" may have wildcards, such as *.
94(on Unix and Windows, BSD style wildcards are supported, while on VMS,
95it's VMS style wildcards)
96
97### Examples
98
99Run all tests except for the fuzz tests:
100
101    $ make TESTS='-test_fuzz*' test
102
103or, if you want to be explicit:
104
105    $ make TESTS='alltests -test_fuzz*' test
106
107Run all tests that have a name starting with "test_ssl" but not those
108starting with "test_ssl_":
109
110    $ make TESTS='test_ssl* -test_ssl_*' test
111
112Run only test group 10:
113
114    $ make TESTS='10' test
115
116Run all tests except the slow group (group 99):
117
118    $ make TESTS='-99' test
119
120Run all tests in test groups 80 to 99 except for tests in group 90:
121
122    $ make TESTS='[89]? -90' test
123
124To run specific fuzz tests you can use for instance:
125
126    $ make test TESTS='test_fuzz_cmp test_fuzz_cms'
127
128To stochastically verify that the algorithm that produces uniformly distributed
129random numbers is operating correctly (with a false positive rate of 0.01%):
130
131    $ ./util/wrap.sh test/bntest -stochastic
132
133Running Tests in Parallel
134-------------------------
135
136By default the test harness will execute the selected tests sequentially.
137Depending on the platform characteristics, running more than one test job in
138parallel may speed up test execution.
139This can be requested by setting the `HARNESS_JOBS` environment variable to a
140positive integer value. This specifies the maximum number of test jobs to run in
141parallel.
142
143Depending on the Perl version different strategies could be adopted to select
144which test recipes can be run in parallel.  In recent versions of Perl, unless
145specified otherwise, any task can be run in parallel. Consult the documentation
146for `TAP::Harness` to know more.
147
148To run up to four tests in parallel at any given time:
149
150    $ make HARNESS_JOBS=4 test
151
152Random numbers in tests
153-----------------------
154
155Some tests use random numbers as part of the test. In some cases a test failure
156may occur for some random numbers, but not for others. The seed used for the
157rand number generator can be set via the `OPENSSL_TEST_RAND_SEED` environment
158variable. It can also be set via the `OPENSSL_TEST_RAND_ORDER` environment
159variable which additionally randomises the order tests are run in (see below).
160
161When a test fails the test harness will display the seed used during the test
162(displaying either the `OPENSSL_TEST_RAND_SEED` or `OPENSSL_TEST_RAND_ORDER`
163environment variable value that must be used to recreate the results), e.g.
164
165    $ make OPENSSL_TEST_RAND_SEED=42 test
166
167Randomisation of Test Ordering
168------------------------------
169
170By default, the test harness will execute tests in the order they were added.
171By setting the `OPENSSL_TEST_RAND_ORDER` environment variable to zero, the
172test ordering will be randomised. This additionally seeds the random number
173generator used within the tests as described in the section above. If a randomly
174ordered test fails, the seed value used will be reported.  Setting the
175`OPENSSL_TEST_RAND_ORDER` environment variable to this value will rerun the
176tests in the same order and will also seed the test random number generator.
177This assures repeatability of randomly ordered test runs. This repeatability is
178independent of the operating system, processor or platform used.
179
180To randomise the test ordering:
181
182    $ make OPENSSL_TEST_RAND_ORDER=0 test
183
184To run the tests using the order defined by the random seed `42`:
185
186    $ make OPENSSL_TEST_RAND_ORDER=42 test
187

README.ssltest.md

1SSL tests
2=========
3
4SSL testcases are configured in the `ssl-tests` directory.
5
6Each `ssl_*.cnf.in` file contains a number of test configurations. These files
7are used to generate testcases in the OpenSSL CONF format.
8
9The precise test output can be dependent on the library configuration. The test
10harness generates the output files on the fly.
11
12However, for verification, we also include checked-in configuration outputs
13corresponding to the default configuration. These testcases live in
14`test/ssl-tests/*.cnf` files.
15
16For more details, see `ssl-tests/01-simple.cnf.in` for an example.
17
18Configuring the test
19--------------------
20
21First, give your test a name. The names do not have to be unique.
22
23An example test input looks like this:
24
25    {
26        name => "test-default",
27        server => { "CipherString" => "DEFAULT" },
28        client => { "CipherString" => "DEFAULT" },
29        test   => { "ExpectedResult" => "Success" },
30    }
31
32The test section supports the following options
33
34### Test mode
35
36* Method - the method to test. One of DTLS or TLS.
37
38* HandshakeMode - which handshake flavour to test:
39  - Simple - plain handshake (default)
40  - Resume - test resumption
41  - RenegotiateServer - test server initiated renegotiation
42  - RenegotiateClient - test client initiated renegotiation
43
44When HandshakeMode is Resume or Renegotiate, the original handshake is expected
45to succeed. All configured test expectations are verified against the second
46handshake.
47
48* ApplicationData - amount of application data bytes to send (integer, defaults
49  to 256 bytes). Applies to both client and server. Application data is sent in
50  64kB chunks (but limited by MaxFragmentSize and available parallelization, see
51  below).
52
53* MaxFragmentSize - maximum send fragment size (integer, defaults to 512 in
54  tests - see `SSL_CTX_set_max_send_fragment` for documentation). Applies to
55  both client and server. Lowering the fragment size will split handshake and
56  application data up between more `SSL_write` calls, thus allowing to exercise
57  different code paths. In particular, if the buffer size (64kB) is at least
58  four times as large as the maximum fragment, interleaved multi-buffer crypto
59  implementations may be used on some platforms.
60
61### Test expectations
62
63* ExpectedResult - expected handshake outcome. One of
64  - Success - handshake success
65  - ServerFail - serverside handshake failure
66  - ClientFail - clientside handshake failure
67  - InternalError - some other error
68
69* ExpectedClientAlert, ExpectedServerAlert - expected alert. See
70  `test/helpers/ssl_test_ctx.c` for known values. Note: the expected alert is currently
71  matched against the _last_ received alert (i.e., a fatal alert or a
72  `close_notify`). Warning alert expectations are not yet supported. (A warning
73  alert will not be correctly matched, if followed by a `close_notify` or
74  another alert.)
75
76* ExpectedProtocol - expected negotiated protocol. One of
77  SSLv3, TLSv1, TLSv1.1, TLSv1.2.
78
79* SessionTicketExpected - whether or not a session ticket is expected
80  - Ignore - do not check for a session ticket (default)
81  - Yes - a session ticket is expected
82  - No - a session ticket is not expected
83
84* SessionIdExpected - whether or not a session id is expected
85  - Ignore - do not check for a session id (default)
86  - Yes - a session id is expected
87  - No - a session id is not expected
88
89* ResumptionExpected - whether or not resumption is expected (Resume mode only)
90  - Yes - resumed handshake
91  - No - full handshake (default)
92
93* ExpectedNPNProtocol, ExpectedALPNProtocol - NPN and ALPN expectations.
94
95* ExpectedTmpKeyType - the expected algorithm or curve of server temp key
96
97* ExpectedServerCertType, ExpectedClientCertType - the expected algorithm or
98  curve of server or client certificate
99
100* ExpectedServerSignHash, ExpectedClientSignHash - the expected
101  signing hash used by server or client certificate
102
103* ExpectedServerSignType, ExpectedClientSignType - the expected
104  signature type used by server or client when signing messages
105
106* ExpectedClientCANames - for client auth list of CA names the server must
107  send. If this is "empty" the list is expected to be empty otherwise it
108  is a file of certificates whose subject names form the list.
109
110* ExpectedServerCANames - list of CA names the client must send, TLS 1.3 only.
111  If this is "empty" the list is expected to be empty otherwise it is a file
112  of certificates whose subject names form the list.
113
114Configuring the client and server
115---------------------------------
116
117The client and server configurations can be any valid `SSL_CTX`
118configurations. For details, see the manpages for `SSL_CONF_cmd`.
119
120Give your configurations as a dictionary of CONF commands, e.g.
121
122    server => {
123        "CipherString" => "DEFAULT",
124        "MinProtocol" => "TLSv1",
125    }
126
127The following sections may optionally be defined:
128
129* server2 - this section configures a secondary context that is selected via the
130  ServerName test option. This context is used whenever a ServerNameCallback is
131  specified. If the server2 section is not present, then the configuration
132  matches server.
133* resume_server - this section configures the client to resume its session
134  against a different server. This context is used whenever HandshakeMode is
135  Resume. If the resume_server section is not present, then the configuration
136  matches server.
137* resume_client - this section configures the client to resume its session with
138  a different configuration. In practice this may occur when, for example,
139  upgraded clients reuse sessions persisted on disk.  This context is used
140  whenever HandshakeMode is Resume. If the resume_client section is not present,
141  then the configuration matches client.
142
143### Configuring callbacks and additional options
144
145Additional handshake settings can be configured in the `extra` section of each
146client and server:
147
148    client => {
149        "CipherString" => "DEFAULT",
150        extra => {
151            "ServerName" => "server2",
152        }
153    }
154
155#### Supported client-side options
156
157* ClientVerifyCallback - the client's custom certificate verify callback.
158  Used to test callback behaviour. One of
159  - None - no custom callback (default)
160  - AcceptAll - accepts all certificates.
161  - RejectAll - rejects all certificates.
162
163* ServerName - the server the client should attempt to connect to. One of
164  - None - do not use SNI (default)
165  - server1 - the initial context
166  - server2 - the secondary context
167  - invalid - an unknown context
168
169* CTValidation - Certificate Transparency validation strategy. One of
170  - None - no validation (default)
171  - Permissive - SSL_CT_VALIDATION_PERMISSIVE
172  - Strict - SSL_CT_VALIDATION_STRICT
173
174#### Supported server-side options
175
176* ServerNameCallback - the SNI switching callback to use
177  - None - no callback (default)
178  - IgnoreMismatch - continue the handshake on SNI mismatch
179  - RejectMismatch - abort the handshake on SNI mismatch
180
181* BrokenSessionTicket - a special test case where the session ticket callback
182  does not initialize crypto.
183  - No (default)
184  - Yes
185
186#### Mutually supported options
187
188* NPNProtocols, ALPNProtocols - NPN and ALPN settings. Server and client
189  protocols can be specified as a comma-separated list, and a callback with the
190  recommended behaviour will be installed automatically.
191
192* SRPUser, SRPPassword - SRP settings. For client, this is the SRP user to
193  connect as; for server, this is a known SRP user.
194
195### Default server and client configurations
196
197The default server certificate and CA files are added to the configurations
198automatically. Server certificate verification is requested by default.
199
200You can override these options by redefining them:
201
202    client => {
203        "VerifyCAFile" => "/path/to/custom/file"
204    }
205
206or by deleting them
207
208    client => {
209        "VerifyCAFile" => undef
210    }
211
212Adding a test to the test harness
213---------------------------------
214
2151. Add a new test configuration to `test/ssl-tests`, following the examples of
216   existing `*.cnf.in` files (for example, `01-simple.cnf.in`).
217
2182. Generate the generated `*.cnf` test input file. You can do so by running
219   `generate_ssl_tests.pl`:
220
221    $ ./config
222    $ cd test
223    $ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl \
224      ssl-tests/my.cnf.in default > ssl-tests/my.cnf
225
226where `my.cnf.in` is your test input file and `default` is the provider to use.
227For all the pre-generated test files you should use the default provider.
228
229For example, to generate the test cases in `ssl-tests/01-simple.cnf.in`, do
230
231    $ TOP=.. perl -I ../util/perl/ generate_ssl_tests.pl \
232      ssl-tests/01-simple.cnf.in default > ssl-tests/01-simple.cnf
233
234Alternatively (hackish but simple), you can comment out
235
236    unlink glob $tmp_file;
237
238in `test/recipes/80-test_ssl_new.t` and run
239
240    $ make TESTS=test_ssl_new test
241
242This will save the generated output in a `*.tmp` file in the build directory.
243
2443. Update the number of tests planned in `test/recipes/80-test_ssl_new.t`. If
245   the test suite has any skip conditions, update those too (see
246   `test/recipes/80-test_ssl_new.t` for details).
247
248Running the tests with the test harness
249---------------------------------------
250
251    HARNESS_VERBOSE=yes make TESTS=test_ssl_new test
252
253Running a test manually
254-----------------------
255
256These steps are only needed during development. End users should run `make test`
257or follow the instructions above to run the SSL test suite.
258
259To run an SSL test manually from the command line, the `TEST_CERTS_DIR`
260environment variable to point to the location of the certs. E.g., from the root
261OpenSSL directory, do
262
263    $ CTLOG_FILE=test/ct/log_list.cnf TEST_CERTS_DIR=test/certs test/ssl_test \
264      test/ssl-tests/01-simple.cnf default
265
266or for shared builds
267
268    $ CTLOG_FILE=test/ct/log_list.cnf  TEST_CERTS_DIR=test/certs \
269      util/wrap.pl test/ssl_test test/ssl-tests/01-simple.cnf default
270
271In the above examples, `default` is the provider to use.
272
273Note that the test expectations sometimes depend on the Configure settings. For
274example, the negotiated protocol depends on the set of available (enabled)
275protocols: a build with `enable-ssl3` has different test expectations than a
276build with `no-ssl3`.
277
278The Perl test harness automatically generates expected outputs, so users who
279just run `make test` do not need any extra steps.
280
281However, when running a test manually, keep in mind that the repository version
282of the generated `test/ssl-tests/*.cnf` correspond to expected outputs in with
283the default Configure options. To run `ssl_test` manually from the command line
284in a build with a different configuration, you may need to generate the right
285`*.cnf` file from the `*.cnf.in` input first.
286
287Running a test manually via make
288--------------------------------
289
290Individual tests may be run by adding the SSL_TESTS variable to the `make`
291command line. The SSL_TESTS variable is set to the list of input (or ".in")
292files. The values in SSL_TESTS are globbed.
293
294    $ make test TESTS=test_ssl_new SSL_TESTS="0*.cnf.in"
295
296    $ make test TESTS=test_ssl_new SSL_TESTS="01-simple.cnf.in 05-sni.cnf.in"
297