LIBS{noinst,has_main}=libtestutil.a
SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output.c \
testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
- testutil/format_output.c \
+ testutil/format_output.c testutil/load.c \
testutil/test_cleanup.c testutil/main.c testutil/testutil_init.c \
testutil/options.c testutil/test_options.c testutil/provider.c \
testutil/apps_mem.c testutil/random.c $LIBAPPSSRC
SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up);
fixture->req_type = OSSL_CMP_P10CR;
fixture->expected = 1;
- if (!TEST_ptr(req = load_csr(pkcs10_f))
+ if (!TEST_ptr(req = load_csr_der(pkcs10_f))
|| !TEST_true(OSSL_CMP_CTX_set1_p10CSR(fixture->cmp_ctx, req))) {
tear_down(fixture);
fixture = NULL;
if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 5, USAGE))
return 0;
- if (!TEST_ptr(server_key = load_pem_key(server_key_f, libctx))
- || !TEST_ptr(server_cert = load_pem_cert(server_cert_f, libctx))
- || !TEST_ptr(client_key = load_pem_key(client_key_f, libctx))
- || !TEST_ptr(client_cert = load_pem_cert(client_cert_f, libctx))
+ if (!TEST_ptr(server_key = load_pkey_pem(server_key_f, libctx))
+ || !TEST_ptr(server_cert = load_cert_pem(server_cert_f, libctx))
+ || !TEST_ptr(client_key = load_pkey_pem(client_key_f, libctx))
+ || !TEST_ptr(client_cert = load_cert_pem(client_cert_f, libctx))
|| !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
cleanup_tests();
return 0;
fixture->bodytype = OSSL_CMP_PKIBODY_P10CR;
fixture->err_code = CMP_R_ERROR_CREATING_CERTREQ;
fixture->expected = 1;
- if (!TEST_ptr(p10cr = load_csr(pkcs10_f))
+ if (!TEST_ptr(p10cr = load_csr_der(pkcs10_f))
|| !TEST_true(set1_newPkey(ctx, newkey))
|| !TEST_true(OSSL_CMP_CTX_set1_p10CSR(ctx, p10cr))) {
tear_down(fixture);
switch (fixture->bodytype = bodytype) {
case OSSL_CMP_PKIBODY_P10CR:
fixture->expected = 1;
- if (!TEST_true(OSSL_CMP_CTX_set1_p10CSR(fixture->cmp_ctx,
- p10cr = load_csr(pkcs10_f)))) {
+ p10cr = load_csr_der(pkcs10_f);
+ if (!TEST_true(OSSL_CMP_CTX_set1_p10CSR(fixture->cmp_ctx, p10cr))) {
tear_down(fixture);
fixture = NULL;
}
if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 3, USAGE))
return 0;
- if (!TEST_ptr(newkey = load_pem_key(newkey_f, libctx))
- || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx))
+ if (!TEST_ptr(newkey = load_pkey_pem(newkey_f, libctx))
+ || !TEST_ptr(cert = load_cert_pem(server_cert_f, libctx))
|| !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
cleanup_tests();
return 0;
if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 10, USAGE))
return 0;
- if (!TEST_ptr(loadedkey = load_pem_key(server_key_f, libctx))
- || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx)))
+ if (!TEST_ptr(loadedkey = load_pkey_pem(server_key_f, libctx))
+ || !TEST_ptr(cert = load_cert_pem(server_cert_f, libctx)))
return 0;
- if (!TEST_ptr(loadedprivkey = load_pem_key(server_f, libctx)))
+ if (!TEST_ptr(loadedprivkey = load_pkey_pem(server_f, libctx)))
return 0;
if (TEST_true(EVP_PKEY_up_ref(loadedprivkey)))
loadedpubkey = loadedprivkey;
if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f))
|| !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f)))
return 0;
- if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx))
- || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx))
- || !TEST_ptr(root = load_pem_cert(root_f, libctx))
- || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx)))
+ if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx))
+ || !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx))
+ || !TEST_ptr(root = load_cert_pem(root_f, libctx))
+ || !TEST_ptr(intermediate = load_cert_pem(intermediate_f, libctx)))
return 0;
if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
return 0;
return 0;
/* Load certificates for cert chain */
- if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx))
- || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx))
- || !TEST_ptr(root = load_pem_cert(root_f, NULL))
- || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx)))
+ if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx))
+ || !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx))
+ || !TEST_ptr(root = load_cert_pem(root_f, NULL))
+ || !TEST_ptr(intermediate = load_cert_pem(intermediate_f, libctx)))
goto err;
- if (!TEST_ptr(insta_cert = load_pem_cert(instacert_f, libctx))
- || !TEST_ptr(instaca_cert = load_pem_cert(instaca_f, libctx)))
+ if (!TEST_ptr(insta_cert = load_cert_pem(instacert_f, libctx))
+ || !TEST_ptr(instaca_cert = load_cert_pem(instaca_f, libctx)))
goto err;
/* Load certificates for message validation */
- if (!TEST_ptr(srvcert = load_pem_cert(server_f, libctx))
- || !TEST_ptr(clcert = load_pem_cert(client_f, libctx)))
+ if (!TEST_ptr(srvcert = load_cert_pem(server_f, libctx))
+ || !TEST_ptr(clcert = load_cert_pem(client_f, libctx)))
goto err;
if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
goto err;
#include "cmp_testlib.h"
#include <openssl/rsa.h> /* needed in case config no-deprecated */
-EVP_PKEY *load_pem_key(const char *file, OSSL_LIB_CTX *libctx)
-{
- EVP_PKEY *key = NULL;
- BIO *bio = NULL;
-
- if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
- return NULL;
- if (TEST_int_gt(BIO_read_filename(bio, file), 0))
- (void)TEST_ptr(key = PEM_read_bio_PrivateKey_ex(bio, NULL, NULL, NULL,
- libctx, NULL));
-
- BIO_free(bio);
- return key;
-}
-
-X509 *load_pem_cert(const char *file, OSSL_LIB_CTX *libctx)
-{
- X509 *cert = NULL;
- BIO *bio = NULL;
-
- if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
- return NULL;
- if (TEST_int_gt(BIO_read_filename(bio, file), 0)
- && TEST_ptr(cert = X509_new_ex(libctx, NULL)))
- (void)TEST_ptr(cert = PEM_read_bio_X509(bio, &cert, NULL, NULL));
-
- BIO_free(bio);
- return cert;
-}
-
OSSL_CMP_MSG *load_pkimsg(const char *file)
{
OSSL_CMP_MSG *msg;
return msg;
}
-X509_REQ *load_csr(const char *file)
-{
- X509_REQ *csr = NULL;
- BIO *bio = NULL;
-
- if (!TEST_ptr(file) || !TEST_ptr(bio = BIO_new_file(file, "rb")))
- return NULL;
- (void)TEST_ptr(csr = d2i_X509_REQ_bio(bio, NULL));
- BIO_free(bio);
- return csr;
-}
-
/*
* Checks whether the syntax of msg conforms to ASN.1
*/
# ifndef OPENSSL_NO_CMP
# define CMP_TEST_REFVALUE_LENGTH 15 /* arbitrary value */
-EVP_PKEY *load_pem_key(const char *file, OSSL_LIB_CTX *libctx);
-X509 *load_pem_cert(const char *file, OSSL_LIB_CTX *libctx);
-X509_REQ *load_csr(const char *file);
OSSL_CMP_MSG *load_pkimsg(const char *file);
int valid_asn1_encoding(const OSSL_CMP_MSG *msg);
int STACK_OF_X509_cmp(const STACK_OF(X509) *sk1, const STACK_OF(X509) *sk2);
* Local function declarations
*/
-static X509 *load_cert(const unsigned char *bytes, int len);
-static EVP_PKEY *load_pkey(const unsigned char *bytes, int len);
-
static int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs);
static void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac);
* Test data load functions
*/
-static X509 *load_cert(const unsigned char *bytes, int len)
+static X509 *load_cert_asn1(const unsigned char *bytes, int len)
{
X509 *cert = NULL;
return cert;
}
-static EVP_PKEY *load_pkey(const unsigned char *bytes, int len)
+static EVP_PKEY *load_pkey_asn1(const unsigned char *bytes, int len)
{
EVP_PKEY *pkey = NULL;
return pkey;
}
-
/* -------------------------------------------------------------------------
* PKCS12 builder
*/
if (!pb->success)
return;
- cert = load_cert(bytes, len);
+ cert = load_cert_asn1(bytes, len);
if (!TEST_ptr(cert)) {
pb->success = 0;
return;
TEST_info("Adding key");
- pkey = load_pkey(bytes, len);
+ pkey = load_pkey_asn1(bytes, len);
if (!TEST_ptr(pkey)) {
pb->success = 0;
return;
pb->success = 0;
goto err;
}
- ref_x509 = load_cert(bytes, len);
+ ref_x509 = load_cert_asn1(bytes, len);
if (!TEST_false(X509_cmp(x509, ref_x509)))
pb->success = 0;
err:
}
/* PKEY compare returns 1 for match */
- ref_pkey = load_pkey(bytes, len);
+ ref_pkey = load_pkey_asn1(bytes, len);
if (!TEST_true(EVP_PKEY_eq(pkey, ref_pkey)))
pb->success = 0;
err:
#define RPATH "path/any.crt"
static const char *rpath;
-static X509 *load_pem_cert(const char *file)
-{
- X509 *cert = NULL;
- BIO *bio = NULL;
-
- if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
- return NULL;
- if (TEST_int_gt(BIO_read_filename(bio, file), 0))
- (void)TEST_ptr(cert = PEM_read_bio_X509(bio, NULL, NULL, NULL));
-
- BIO_free(bio);
- return cert;
-}
-
/*
* pretty trivial HTTP mock server:
* for POST, copy request headers+body from mem BIO 'in' as response to 'out'
}
x509_it = ASN1_ITEM_rptr(X509);
- if (!TEST_ptr((x509 = load_pem_cert(test_get_argument(0)))))
+ if (!TEST_ptr((x509 = load_cert_pem(test_get_argument(0), NULL))))
return 1;
ADD_TEST(test_http_url_dns);
# include <openssl/err.h>
# include <openssl/e_os2.h>
# include <openssl/bn.h>
+# include <openssl/x509.h>
# include "opt.h"
/*-
/* Create a file path from a directory and a filename */
char *test_mk_file_path(const char *dir, const char *file);
+EVP_PKEY *load_pkey_pem(const char *file, OSSL_LIB_CTX *libctx);
+X509 *load_cert_pem(const char *file, OSSL_LIB_CTX *libctx);
+X509 *load_cert_der(const unsigned char *bytes, int len);
+STACK_OF(X509) *load_certs_pem(const char *file);
+X509_REQ *load_csr_der(const char *file);
+
#endif /* OSSL_TESTUTIL_H */
--- /dev/null
+/*
+ * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+
+#include "../testutil.h"
+
+X509 *load_cert_pem(const char *file, OSSL_LIB_CTX *libctx)
+{
+ X509 *cert = NULL;
+ BIO *bio = NULL;
+
+ if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
+ return NULL;
+ if (TEST_int_gt(BIO_read_filename(bio, file), 0)
+ && TEST_ptr(cert = X509_new_ex(libctx, NULL)))
+ (void)TEST_ptr(cert = PEM_read_bio_X509(bio, &cert, NULL, NULL));
+
+ BIO_free(bio);
+ return cert;
+}
+
+STACK_OF(X509) *load_certs_pem(const char *filename)
+{
+ STACK_OF(X509) *certs;
+ BIO *bio;
+ X509 *x;
+
+ bio = BIO_new_file(filename, "r");
+
+ if (bio == NULL) {
+ return NULL;
+ }
+
+ certs = sk_X509_new_null();
+ if (certs == NULL) {
+ BIO_free(bio);
+ return NULL;
+ }
+
+ ERR_set_mark();
+ do {
+ x = PEM_read_bio_X509(bio, NULL, 0, NULL);
+ if (x != NULL && !sk_X509_push(certs, x)) {
+ sk_X509_pop_free(certs, X509_free);
+ BIO_free(bio);
+ return NULL;
+ } else if (x == NULL) {
+ /*
+ * We probably just ran out of certs, so ignore any errors
+ * generated
+ */
+ ERR_pop_to_mark();
+ }
+ } while (x != NULL);
+
+ BIO_free(bio);
+
+ return certs;
+}
+
+EVP_PKEY *load_pkey_pem(const char *file, OSSL_LIB_CTX *libctx)
+{
+ EVP_PKEY *key = NULL;
+ BIO *bio = NULL;
+
+ if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
+ return NULL;
+ if (TEST_int_gt(BIO_read_filename(bio, file), 0))
+ (void)TEST_ptr(key = PEM_read_bio_PrivateKey_ex(bio, NULL, NULL, NULL,
+ libctx, NULL));
+
+ BIO_free(bio);
+ return key;
+}
+
+X509_REQ *load_csr_der(const char *file)
+{
+ X509_REQ *csr = NULL;
+ BIO *bio = NULL;
+
+ if (!TEST_ptr(file) || !TEST_ptr(bio = BIO_new_file(file, "rb")))
+ return NULL;
+ (void)TEST_ptr(csr = d2i_X509_REQ_bio(bio, NULL));
+ BIO_free(bio);
+ return csr;
+}
static const char *bad_f;
static const char *req_f;
-static X509 *load_cert_from_file(const char *filename)
-{
- X509 *cert = NULL;
- BIO *bio;
-
- bio = BIO_new_file(filename, "r");
- if (bio != NULL)
- cert = PEM_read_bio_X509(bio, NULL, 0, NULL);
- BIO_free(bio);
- return cert;
-}
-
-static STACK_OF(X509) *load_certs_from_file(const char *filename)
-{
- STACK_OF(X509) *certs;
- BIO *bio;
- X509 *x;
-
- bio = BIO_new_file(filename, "r");
-
- if (bio == NULL) {
- return NULL;
- }
-
- certs = sk_X509_new_null();
- if (certs == NULL) {
- BIO_free(bio);
- return NULL;
- }
-
- ERR_set_mark();
- do {
- x = PEM_read_bio_X509(bio, NULL, 0, NULL);
- if (x != NULL && !sk_X509_push(certs, x)) {
- sk_X509_pop_free(certs, X509_free);
- BIO_free(bio);
- return NULL;
- } else if (x == NULL) {
- /*
- * We probably just ran out of certs, so ignore any errors
- * generated
- */
- ERR_pop_to_mark();
- }
- } while (x != NULL);
-
- BIO_free(bio);
-
- return certs;
-}
+#define load_cert_from_file(file) load_cert_pem(file, NULL)
/*
* Test for CVE-2015-1793 (Alternate Chains Certificate Forgery)
if (!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM))
goto err;
- untrusted = load_certs_from_file(untrusted_f);
+ untrusted = load_certs_pem(untrusted_f);
if ((x = load_cert_from_file(bad_f)) == NULL)
goto err;