OSSL_CMP_CTX *cmp_ctx;
/* for protection tests */
OSSL_CMP_MSG *msg;
- OSSL_CMP_PKISI *si; /* for error and response messages */
+ OSSL_CMP_PKISI *si; /* for error and response messages */
ASN1_OCTET_STRING *secret;
EVP_PKEY *privkey;
EVP_PKEY *pubkey;
ASN1_BIT_STRING *protection =
ossl_cmp_calc_protection(fixture->msg, fixture->secret, NULL);
int res = TEST_ptr(protection)
- && TEST_true(ASN1_STRING_cmp(protection, fixture->msg->protection) == 0);
+ && TEST_true(ASN1_STRING_cmp(protection,
+ fixture->msg->protection) == 0);
ASN1_BIT_STRING_free(protection);
return res;
return result;
}
+static int test_MSG_protect_pbmac_no_sender(int with_ref)
+{
+ static unsigned char secret[] = { 47, 11, 8, 15 };
+ static unsigned char ref[] = { 0xca, 0xfe, 0xba, 0xbe };
+
+ SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
+ fixture->expected = with_ref;
+ if (!TEST_ptr(fixture->msg = OSSL_CMP_MSG_dup(ir_unprotected))
+ || !SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0)
+ || !ossl_cmp_hdr_set1_sender(fixture->msg->header, NULL)
+ || !OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
+ secret, sizeof(secret))
+ || (!OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
+ with_ref ? ref : NULL,
+ sizeof(ref)))) {
+ tear_down(fixture);
+ fixture = NULL;
+ }
+ EXECUTE_TEST(execute_MSG_protect_test, tear_down);
+ return result;
+}
+
+static int test_MSG_protect_pbmac_no_sender_with_ref(void)
+{
+ return test_MSG_protect_pbmac_no_sender(1);
+}
+
+static int test_MSG_protect_pbmac_no_sender_no_ref(void)
+{
+ return test_MSG_protect_pbmac_no_sender(0);
+}
+
static int execute_MSG_add_extraCerts_test(CMP_PROTECT_TEST_FIXTURE *fixture)
{
return TEST_true(ossl_cmp_msg_add_extraCerts(fixture->cmp_ctx,
fixture->certs,
fixture->callback_arg)))
goto err;
- sk = ossl_cmp_X509_STORE_get1_certs(store);
+ sk = X509_STORE_get1_all_certs(store);
if (!TEST_int_eq(0, STACK_OF_X509_cmp(sk, fixture->chain)))
goto err;
res = 1;
static int test_X509_STORE(void)
{
SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
- fixture->callback_arg = 0; /* self-signed allowed */
+ fixture->callback_arg = 0; /* self-issued allowed */
if (!TEST_ptr(fixture->certs = sk_X509_new_null())
|| !sk_X509_push(fixture->certs, endentity1)
|| !sk_X509_push(fixture->certs, endentity2)
return result;
}
-static int test_X509_STORE_only_self_signed(void)
+static int test_X509_STORE_only_self_issued(void)
{
SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
fixture->certs = sk_X509_new_null();
fixture->chain = sk_X509_new_null();
- fixture->callback_arg = 1; /* only self-signed */
+ fixture->callback_arg = 1; /* only self-issued */
if (!TEST_true(sk_X509_push(fixture->certs, endentity1))
|| !TEST_true(sk_X509_push(fixture->certs, endentity2))
|| !TEST_true(sk_X509_push(fixture->certs, root))
ADD_TEST(test_MSG_protect_certificate_based_without_cert);
ADD_TEST(test_MSG_protect_unprotected_request);
ADD_TEST(test_MSG_protect_no_key_no_secret);
-
+ ADD_TEST(test_MSG_protect_pbmac_no_sender_with_ref);
+ ADD_TEST(test_MSG_protect_pbmac_no_sender_no_ref);
ADD_TEST(test_MSG_add_extraCerts);
#ifndef OPENSSL_NO_EC
#endif
ADD_TEST(test_X509_STORE);
- ADD_TEST(test_X509_STORE_only_self_signed);
+ ADD_TEST(test_X509_STORE_only_self_issued);
return 1;
}