test/cmp_vfy_test.c

   1 /*
   2  * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
   3  * Copyright Nokia 2007-2019
   4  * Copyright Siemens AG 2015-2019
   5  *
   6  * Licensed under the Apache License 2.0 (the "License").  You may not use
   7  * this file except in compliance with the License.  You can obtain a copy
   8  * in the file LICENSE in the source distribution or at
   9  * https://www.openssl.org/source/license.html
  10  */
  11
  12 #include "cmp_testlib.h"
  13 #include "../crypto/crmf/crmf_local.h" /* for manipulating POPO signature */
  14 DEFINE_STACK_OF(OSSL_CRMF_MSG)
  15
  16 static const char *server_f;
  17 static const char *client_f;
  18 static const char *endentity1_f;
  19 static const char *endentity2_f;
  20 static const char *root_f;
  21 static const char *intermediate_f;
  22 static const char *ir_protected_f;
  23 static const char *ir_unprotected_f;
  24 static const char *ir_rmprotection_f;
  25 static const char *ip_waiting_f;
  26 static const char *instacert_f;
  27 static const char *instaca_f;
  28 static const char *ir_protected_0_extracerts;
  29 static const char *ir_protected_2_extracerts;
  30
  31 typedef struct test_fixture {
  32     const char *test_case_name;
  33     int expected;
  34     OSSL_CMP_CTX *cmp_ctx;
  35     OSSL_CMP_MSG *msg;
  36     X509 *cert;
  37     ossl_cmp_allow_unprotected_cb_t allow_unprotected_cb;
  38     int additional_arg;
  39 } CMP_VFY_TEST_FIXTURE;
  40
  41 static OPENSSL_CTX *libctx = NULL;
  42 static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
  43
  44 static void tear_down(CMP_VFY_TEST_FIXTURE *fixture)
  45 {
  46     OSSL_CMP_MSG_free(fixture->msg);
  47     OSSL_CMP_CTX_free(fixture->cmp_ctx);
  48     OPENSSL_free(fixture);
  49 }
  50
  51 static time_t test_time_valid = 0, test_time_after_expiration = 0;
  52
  53 static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name)
  54 {
  55     X509_STORE *ts = X509_STORE_new();
  56     CMP_VFY_TEST_FIXTURE *fixture;
  57
  58     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
  59         return NULL;
  60     fixture->test_case_name = test_case_name;
  61     if (ts == NULL
  62             || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
  63             || !OSSL_CMP_CTX_set0_trustedStore(fixture->cmp_ctx, ts)
  64             || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) {
  65         tear_down(fixture);
  66         X509_STORE_free(ts);
  67         return NULL;
  68     }
  69     X509_VERIFY_PARAM_set_time(X509_STORE_get0_param(ts), test_time_valid);
  70     X509_STORE_set_verify_cb(ts, X509_STORE_CTX_print_verify_cb);
  71     return fixture;
  72 }
  73
  74 static X509 *srvcert = NULL;
  75 static X509 *clcert = NULL;
  76 /* chain */
  77 static X509 *endentity1 = NULL, *endentity2 = NULL,
  78     *intermediate = NULL, *root = NULL;
  79 /* INSTA chain */
  80 static X509 *insta_cert = NULL, *instaca_cert = NULL;
  81
  82 static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
  83 static OSSL_CMP_MSG *ir_unprotected, *ir_rmprotection;
  84
  85 static int flip_bit(ASN1_BIT_STRING *bitstr)
  86 {
  87     int bit_num = 7;
  88     int bit = ASN1_BIT_STRING_get_bit(bitstr, bit_num);
  89
  90     return ASN1_BIT_STRING_set_bit(bitstr, bit_num, !bit);
  91 }
  92
  93 static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture)
  94 {
  95     if ((fixture->msg = load_pkimsg(ir_protected_f)) == NULL)
  96         return 0;
  97     if (fixture->expected == 0) {
  98         const OSSL_CRMF_MSGS *reqs = fixture->msg->body->value.ir;
  99         const OSSL_CRMF_MSG *req = sk_OSSL_CRMF_MSG_value(reqs, 0);
 100         if (req == NULL || !flip_bit(req->popo->value.signature->signature))
 101             return 0;
 102     }
 103     return TEST_int_eq(fixture->expected,
 104                        ossl_cmp_verify_popo(fixture->cmp_ctx, fixture->msg,
 105                                             fixture->additional_arg));
 106 }
 107
 108 static int test_verify_popo(void)
 109 {
 110     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 111     fixture->expected = 1;
 112     EXECUTE_TEST(execute_verify_popo_test, tear_down);
 113     return result;
 114 }
 115
 116 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 117 static int test_verify_popo_bad(void)
 118 {
 119     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 120     fixture->expected = 0;
 121     EXECUTE_TEST(execute_verify_popo_test, tear_down);
 122     return result;
 123 }
 124 #endif
 125
 126 static int execute_validate_msg_test(CMP_VFY_TEST_FIXTURE *fixture)
 127 {
 128     return TEST_int_eq(fixture->expected,
 129                        ossl_cmp_msg_check_update(fixture->cmp_ctx, fixture->msg,
 130                                                  NULL, 0));
 131 }
 132
 133 static int execute_validate_cert_path_test(CMP_VFY_TEST_FIXTURE *fixture)
 134 {
 135     X509_STORE *ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
 136     int res = TEST_int_eq(fixture->expected,
 137                           OSSL_CMP_validate_cert_path(fixture->cmp_ctx,
 138                                                       ts, fixture->cert));
 139
 140     OSSL_CMP_CTX_print_errors(fixture->cmp_ctx);
 141     return res;
 142 }
 143
 144 static int test_validate_msg_mac_alg_protection(void)
 145 {
 146     /* secret value belonging to cmp-test/CMP_IP_waitingStatus_PBM.der */
 147     const unsigned char sec_1[] = {
 148         '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
 149         'Q', '-', 'u', 'd', 'N', 'R'
 150     };
 151
 152     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 153
 154     fixture->expected = 1;
 155     if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1,
 156                                                  sizeof(sec_1)))
 157             || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f))) {
 158         tear_down(fixture);
 159         fixture = NULL;
 160     }
 161     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 162     return result;
 163 }
 164
 165 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 166 static int test_validate_msg_mac_alg_protection_bad(void)
 167 {
 168     const unsigned char sec_bad[] = {
 169         '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
 170         'Q', '-', 'u', 'd', 'N', 'r'
 171     };
 172
 173     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 174     fixture->expected = 0;
 175
 176     if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad,
 177                                                  sizeof(sec_bad)))
 178             || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f))) {
 179         tear_down(fixture);
 180         fixture = NULL;
 181     }
 182     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 183     return result;
 184 }
 185 #endif
 186
 187 static int add_trusted(OSSL_CMP_CTX *ctx, X509 *cert)
 188 {
 189     return X509_STORE_add_cert(OSSL_CMP_CTX_get0_trustedStore(ctx), cert);
 190 }
 191
 192 static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert)
 193 {
 194     return X509_add_cert(OSSL_CMP_CTX_get0_untrusted(ctx), cert,
 195                          X509_ADD_FLAG_UP_REF);
 196 }
 197
 198 static int test_validate_msg_signature_partial_chain(int expired)
 199 {
 200     X509_STORE *ts;
 201
 202     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 203
 204     ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
 205     fixture->expected = !expired;
 206     if (ts == NULL
 207             || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
 208             || !add_trusted(fixture->cmp_ctx, srvcert)) {
 209         tear_down(fixture);
 210         fixture = NULL;
 211     } else {
 212         X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts);
 213         X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_PARTIAL_CHAIN);
 214         if (expired)
 215             X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration);
 216     }
 217     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 218     return result;
 219 }
 220
 221 static int test_validate_msg_signature_trusted_ok(void)
 222 {
 223     return test_validate_msg_signature_partial_chain(0);
 224 }
 225
 226 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 227 static int test_validate_msg_signature_trusted_expired(void)
 228 {
 229     return test_validate_msg_signature_partial_chain(1);
 230 }
 231 #endif
 232
 233 static int test_validate_msg_signature_srvcert_wrong(void)
 234 {
 235     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 236     fixture->expected = 0;
 237     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
 238         || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, clcert))) {
 239         tear_down(fixture);
 240         fixture = NULL;
 241     }
 242     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 243     return result;
 244 }
 245
 246 static int test_validate_msg_signature_srvcert(int bad_sig)
 247 {
 248     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 249     fixture->expected = !bad_sig;
 250     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
 251         || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))
 252         || (bad_sig && !flip_bit(fixture->msg->protection))) {
 253         tear_down(fixture);
 254         fixture = NULL;
 255     }
 256     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 257     return result;
 258 }
 259
 260 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 261 static int test_validate_msg_signature_bad(void)
 262 {
 263     return test_validate_msg_signature_srvcert(1);
 264 }
 265 #endif
 266
 267 static int test_validate_msg_signature_sender_cert_srvcert(void)
 268 {
 269     return test_validate_msg_signature_srvcert(0);
 270 }
 271
 272 static int test_validate_msg_signature_sender_cert_untrusted(void)
 273 {
 274     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 275     fixture->expected = 1;
 276     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))
 277             || !add_trusted(fixture->cmp_ctx, instaca_cert)
 278             || !add_untrusted(fixture->cmp_ctx, insta_cert)) {
 279         tear_down(fixture);
 280         fixture = NULL;
 281     }
 282     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 283     return result;
 284 }
 285
 286 static int test_validate_msg_signature_sender_cert_trusted(void)
 287 {
 288     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 289     fixture->expected = 1;
 290     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))
 291             || !add_trusted(fixture->cmp_ctx, instaca_cert)
 292             || !add_trusted(fixture->cmp_ctx, insta_cert)) {
 293         tear_down(fixture);
 294         fixture = NULL;
 295     }
 296     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 297     return result;
 298 }
 299
 300 static int test_validate_msg_signature_sender_cert_extracert(void)
 301 {
 302     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 303     fixture->expected = 1;
 304     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts))
 305             || !add_trusted(fixture->cmp_ctx, instaca_cert)) {
 306         tear_down(fixture);
 307         fixture = NULL;
 308     }
 309     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 310     return result;
 311 }
 312
 313
 314 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 315 static int test_validate_msg_signature_sender_cert_absent(void)
 316 {
 317     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 318     fixture->expected = 0;
 319     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))) {
 320         tear_down(fixture);
 321         fixture = NULL;
 322     }
 323     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 324     return result;
 325 }
 326 #endif
 327
 328 static int test_validate_with_sender(const X509_NAME *name, int expected)
 329 {
 330     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 331     fixture->expected = expected;
 332     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
 333         || !TEST_true(OSSL_CMP_CTX_set1_expected_sender(fixture->cmp_ctx, name))
 334         || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))) {
 335         tear_down(fixture);
 336         fixture = NULL;
 337     }
 338     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 339     return result;
 340 }
 341
 342 static int test_validate_msg_signature_expected_sender(void)
 343 {
 344     return test_validate_with_sender(X509_get_subject_name(srvcert), 1);
 345 }
 346
 347 static int test_validate_msg_signature_unexpected_sender(void)
 348 {
 349     return test_validate_with_sender(X509_get_subject_name(root), 0);
 350 }
 351
 352 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 353 static int test_validate_msg_unprotected_request(void)
 354 {
 355     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 356     fixture->expected = 0;
 357     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f))) {
 358         tear_down(fixture);
 359         fixture = NULL;
 360     }
 361     EXECUTE_TEST(execute_validate_msg_test, tear_down);
 362     return result;
 363 }
 364 #endif
 365
 366 static void setup_path(CMP_VFY_TEST_FIXTURE **fixture, X509 *wrong, int expired)
 367 {
 368     (*fixture)->cert = endentity2;
 369     (*fixture)->expected = wrong == NULL && !expired;
 370     if (expired) {
 371         X509_STORE *ts = OSSL_CMP_CTX_get0_trustedStore((*fixture)->cmp_ctx);
 372         X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts);
 373         X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration);
 374     }
 375     if (!add_trusted((*fixture)->cmp_ctx, wrong == NULL ? root : wrong)
 376             || !add_untrusted((*fixture)->cmp_ctx, endentity1)
 377             || !add_untrusted((*fixture)->cmp_ctx, intermediate)) {
 378         tear_down((*fixture));
 379         (*fixture) = NULL;
 380     }
 381 }
 382
 383 static int test_validate_cert_path_ok(void)
 384 {
 385     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 386     setup_path(&fixture, NULL, 0);
 387     EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
 388     return result;
 389 }
 390
 391 static int test_validate_cert_path_wrong_anchor(void)
 392 {
 393     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 394     setup_path(&fixture, srvcert /* wrong/non-root cert */, 0);
 395     EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
 396     return result;
 397 }
 398
 399 static int test_validate_cert_path_expired(void)
 400 {
 401     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 402     setup_path(&fixture, NULL, 1);
 403     EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
 404     return result;
 405 }
 406
 407 static int execute_msg_check_test(CMP_VFY_TEST_FIXTURE *fixture)
 408 {
 409     const OSSL_CMP_PKIHEADER *hdr = OSSL_CMP_MSG_get0_header(fixture->msg);
 410     const ASN1_OCTET_STRING *tid = OSSL_CMP_HDR_get0_transactionID(hdr);
 411
 412     if (!TEST_int_eq(fixture->expected,
 413                      ossl_cmp_msg_check_update(fixture->cmp_ctx,
 414                                                fixture->msg,
 415                                                fixture->allow_unprotected_cb,
 416                                                fixture->additional_arg)))
 417         return 0;
 418
 419     if (fixture->expected == 0) /* error expected aready during above check */
 420         return 1;
 421     return
 422         TEST_int_eq(0,
 423                     ASN1_OCTET_STRING_cmp(ossl_cmp_hdr_get0_senderNonce(hdr),
 424                                           fixture->cmp_ctx->recipNonce))
 425         && TEST_int_eq(0,
 426                        ASN1_OCTET_STRING_cmp(tid,
 427                                              fixture->cmp_ctx->transactionID));
 428 }
 429
 430 static int allow_unprotected(const OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
 431                              int invalid_protection, int allow)
 432 {
 433     return allow;
 434 }
 435
 436 static void setup_check_update(CMP_VFY_TEST_FIXTURE **fixture, int expected,
 437                                ossl_cmp_allow_unprotected_cb_t cb, int arg,
 438                                const unsigned char *trid_data,
 439                                const unsigned char *nonce_data)
 440 {
 441     OSSL_CMP_CTX *ctx = (*fixture)->cmp_ctx;
 442     int nonce_len = OSSL_CMP_SENDERNONCE_LENGTH;
 443
 444     (*fixture)->expected = expected;
 445     (*fixture)->allow_unprotected_cb = cb;
 446     (*fixture)->additional_arg = arg;
 447     (*fixture)->msg = OSSL_CMP_MSG_dup(ir_rmprotection);
 448     if ((*fixture)->msg == NULL
 449         || (nonce_data != NULL
 450             && !ossl_cmp_asn1_octet_string_set1_bytes(&ctx->senderNonce,
 451                                                       nonce_data, nonce_len))) {
 452         tear_down((*fixture));
 453         (*fixture) = NULL;
 454     } else if (trid_data != NULL) {
 455         ASN1_OCTET_STRING *trid = ASN1_OCTET_STRING_new();
 456         if (trid == NULL
 457             || !ASN1_OCTET_STRING_set(trid, trid_data,
 458                                       OSSL_CMP_TRANSACTIONID_LENGTH)
 459             || !OSSL_CMP_CTX_set1_transactionID(ctx, trid)) {
 460             tear_down((*fixture));
 461             (*fixture) = NULL;
 462         }
 463         ASN1_OCTET_STRING_free(trid);
 464     }
 465 }
 466
 467 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 468 static int test_msg_check_no_protection_no_cb(void)
 469 {
 470     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 471     setup_check_update(&fixture, 0, NULL, 0, NULL, NULL);
 472     EXECUTE_TEST(execute_msg_check_test, tear_down);
 473     return result;
 474 }
 475
 476 static int test_msg_check_no_protection_restrictive_cb(void)
 477 {
 478     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 479     setup_check_update(&fixture, 0, allow_unprotected, 0, NULL, NULL);
 480     EXECUTE_TEST(execute_msg_check_test, tear_down);
 481     return result;
 482 }
 483 #endif
 484
 485 static int test_msg_check_no_protection_permissive_cb(void)
 486 {
 487     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 488     setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, NULL);
 489     EXECUTE_TEST(execute_msg_check_test, tear_down);
 490     return result;
 491 }
 492
 493 static int test_msg_check_transaction_id(void)
 494 {
 495     /* Transaction id belonging to CMP_IR_rmprotection.der */
 496     const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] = {
 497         0x39, 0xB6, 0x90, 0x28, 0xC4, 0xBC, 0x7A, 0xF6,
 498         0xBE, 0xC6, 0x4A, 0x88, 0x97, 0xA6, 0x95, 0x0B
 499     };
 500
 501     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 502     setup_check_update(&fixture, 1, allow_unprotected, 1, trans_id, NULL);
 503     EXECUTE_TEST(execute_msg_check_test, tear_down);
 504     return result;
 505 }
 506
 507 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 508 static int test_msg_check_transaction_id_bad(void)
 509 {
 510     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 511     setup_check_update(&fixture, 0, allow_unprotected, 1, rand_data, NULL);
 512     EXECUTE_TEST(execute_msg_check_test, tear_down);
 513     return result;
 514 }
 515 #endif
 516
 517 static int test_msg_check_recipient_nonce(void)
 518 {
 519     /* Recipient nonce belonging to CMP_IP_ir_rmprotection.der */
 520     const unsigned char rec_nonce[OSSL_CMP_SENDERNONCE_LENGTH] = {
 521         0x48, 0xF1, 0x71, 0x1F, 0xE5, 0xAF, 0x1C, 0x8B,
 522         0x21, 0x97, 0x5C, 0x84, 0x74, 0x49, 0xBA, 0x32
 523     };
 524
 525     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 526     setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, rec_nonce);
 527     EXECUTE_TEST(execute_msg_check_test, tear_down);
 528     return result;
 529 }
 530
 531 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 532 static int test_msg_check_recipient_nonce_bad(void)
 533 {
 534     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
 535     setup_check_update(&fixture, 0, allow_unprotected, 1, NULL, rand_data);
 536     EXECUTE_TEST(execute_msg_check_test, tear_down);
 537     return result;
 538 }
 539 #endif
 540
 541 void cleanup_tests(void)
 542 {
 543     X509_free(srvcert);
 544     X509_free(clcert);
 545     X509_free(endentity1);
 546     X509_free(endentity2);
 547     X509_free(intermediate);
 548     X509_free(root);
 549     X509_free(insta_cert);
 550     X509_free(instaca_cert);
 551     OSSL_CMP_MSG_free(ir_unprotected);
 552     OSSL_CMP_MSG_free(ir_rmprotection);
 553     OPENSSL_CTX_free(libctx);
 554     return;
 555 }
 556
 557
 558 #define USAGE "server.crt client.crt " \
 559     "EndEntity1.crt EndEntity2.crt " \
 560     "Root_CA.crt Intermediate_CA.crt " \
 561     "CMP_IR_protected.der CMP_IR_unprotected.der " \
 562     "IP_waitingStatus_PBM.der IR_rmprotection.der " \
 563     "insta.cert.pem insta_ca.cert.pem " \
 564     "IR_protected_0_extraCerts.der " \
 565     "IR_protected_2_extraCerts.der module_name [module_conf_file]\n"
 566 OPT_TEST_DECLARE_USAGE(USAGE)
 567
 568 int setup_tests(void)
 569 {
 570     /* Set test time stamps */
 571     struct tm ts = { 0 };
 572
 573     ts.tm_year = 2018 - 1900;      /* 2018 */
 574     ts.tm_mon = 1;                 /* February */
 575     ts.tm_mday = 18;               /* 18th */
 576     test_time_valid = mktime(&ts); /* February 18th 2018 */
 577     ts.tm_year += 10;              /* February 18th 2028 */
 578     test_time_after_expiration = mktime(&ts);
 579
 580     if (!test_skip_common_options()) {
 581         TEST_error("Error parsing test options\n");
 582         return 0;
 583     }
 584
 585     RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH);
 586     if (!TEST_ptr(server_f = test_get_argument(0))
 587             || !TEST_ptr(client_f = test_get_argument(1))
 588             || !TEST_ptr(endentity1_f = test_get_argument(2))
 589             || !TEST_ptr(endentity2_f = test_get_argument(3))
 590             || !TEST_ptr(root_f = test_get_argument(4))
 591             || !TEST_ptr(intermediate_f = test_get_argument(5))
 592             || !TEST_ptr(ir_protected_f = test_get_argument(6))
 593             || !TEST_ptr(ir_unprotected_f = test_get_argument(7))
 594             || !TEST_ptr(ip_waiting_f = test_get_argument(8))
 595             || !TEST_ptr(ir_rmprotection_f = test_get_argument(9))
 596             || !TEST_ptr(instacert_f = test_get_argument(10))
 597             || !TEST_ptr(instaca_f = test_get_argument(11))
 598             || !TEST_ptr(ir_protected_0_extracerts = test_get_argument(12))
 599             || !TEST_ptr(ir_protected_2_extracerts = test_get_argument(13))) {
 600         TEST_error("usage: cmp_vfy_test %s", USAGE);
 601         return 0;
 602     }
 603
 604     if (!test_get_libctx(&libctx, &default_null_provider, &provider, 14, USAGE))
 605         return 0;
 606
 607     /* Load certificates for cert chain */
 608     if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx))
 609             || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx))
 610             || !TEST_ptr(root = load_pem_cert(root_f, NULL))
 611             || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx)))
 612         goto err;
 613
 614     if (!TEST_ptr(insta_cert = load_pem_cert(instacert_f, libctx))
 615             || !TEST_ptr(instaca_cert = load_pem_cert(instaca_f, libctx)))
 616         goto err;
 617
 618     /* Load certificates for message validation */
 619     if (!TEST_ptr(srvcert = load_pem_cert(server_f, libctx))
 620             || !TEST_ptr(clcert = load_pem_cert(client_f, libctx)))
 621         goto err;
 622     if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
 623         goto err;
 624     if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f))
 625             || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f)))
 626         goto err;
 627
 628     /* Message validation tests */
 629     ADD_TEST(test_verify_popo);
 630 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 631     ADD_TEST(test_verify_popo_bad);
 632 #endif
 633     ADD_TEST(test_validate_msg_signature_trusted_ok);
 634 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 635     ADD_TEST(test_validate_msg_signature_trusted_expired);
 636 #endif
 637     ADD_TEST(test_validate_msg_signature_srvcert_wrong);
 638 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 639     ADD_TEST(test_validate_msg_signature_bad);
 640 #endif
 641     ADD_TEST(test_validate_msg_signature_sender_cert_srvcert);
 642     ADD_TEST(test_validate_msg_signature_sender_cert_untrusted);
 643     ADD_TEST(test_validate_msg_signature_sender_cert_trusted);
 644     ADD_TEST(test_validate_msg_signature_sender_cert_extracert);
 645 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 646     ADD_TEST(test_validate_msg_signature_sender_cert_absent);
 647 #endif
 648     ADD_TEST(test_validate_msg_signature_expected_sender);
 649     ADD_TEST(test_validate_msg_signature_unexpected_sender);
 650 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 651     ADD_TEST(test_validate_msg_unprotected_request);
 652 #endif
 653     ADD_TEST(test_validate_msg_mac_alg_protection);
 654 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 655     ADD_TEST(test_validate_msg_mac_alg_protection_bad);
 656 #endif
 657
 658     /* Cert path validation tests */
 659     ADD_TEST(test_validate_cert_path_ok);
 660     ADD_TEST(test_validate_cert_path_expired);
 661     ADD_TEST(test_validate_cert_path_wrong_anchor);
 662
 663 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 664     ADD_TEST(test_msg_check_no_protection_no_cb);
 665     ADD_TEST(test_msg_check_no_protection_restrictive_cb);
 666 #endif
 667     ADD_TEST(test_msg_check_no_protection_permissive_cb);
 668     ADD_TEST(test_msg_check_transaction_id);
 669 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 670     ADD_TEST(test_msg_check_transaction_id_bad);
 671 #endif
 672     ADD_TEST(test_msg_check_recipient_nonce);
 673 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
 674     ADD_TEST(test_msg_check_recipient_nonce_bad);
 675 #endif
 676
 677     return 1;
 678
 679  err:
 680     cleanup_tests();
 681     return 0;
 682
 683 }