int additional_arg;
} CMP_VFY_TEST_FIXTURE;
+static OPENSSL_CTX *libctx = NULL;
+static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
+
static void tear_down(CMP_VFY_TEST_FIXTURE *fixture)
{
OSSL_CMP_MSG_free(fixture->msg);
return NULL;
fixture->test_case_name = test_case_name;
if (ts == NULL
- || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))
+ || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
|| !OSSL_CMP_CTX_set0_trustedStore(fixture->cmp_ctx, ts)
|| !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) {
tear_down(fixture);
X509_free(instaca_cert);
OSSL_CMP_MSG_free(ir_unprotected);
OSSL_CMP_MSG_free(ir_rmprotection);
+ OPENSSL_CTX_free(libctx);
return;
}
+
+#define USAGE "server.crt client.crt " \
+ "EndEntity1.crt EndEntity2.crt " \
+ "Root_CA.crt Intermediate_CA.crt " \
+ "CMP_IR_protected.der CMP_IR_unprotected.der " \
+ "IP_waitingStatus_PBM.der IR_rmprotection.der " \
+ "insta.cert.pem insta_ca.cert.pem " \
+ "IR_protected_0_extraCerts.der " \
+ "IR_protected_2_extraCerts.der module_name [module_conf_file]\n"
+OPT_TEST_DECLARE_USAGE(USAGE)
+
int setup_tests(void)
{
/* Set test time stamps */
|| !TEST_ptr(instaca_f = test_get_argument(11))
|| !TEST_ptr(ir_protected_0_extracerts = test_get_argument(12))
|| !TEST_ptr(ir_protected_2_extracerts = test_get_argument(13))) {
- TEST_error("usage: cmp_vfy_test server.crt client.crt "
- "EndEntity1.crt EndEntity2.crt "
- "Root_CA.crt Intermediate_CA.crt "
- "CMP_IR_protected.der CMP_IR_unprotected.der "
- "IP_waitingStatus_PBM.der IR_rmprotection.der "
- "insta.cert.pem insta_ca.cert.pem "
- "IR_protected_0_extraCerts.der "
- "IR_protected_2_extraCerts.der\n");
+ TEST_error("usage: cmp_vfy_test %s", USAGE);
return 0;
}
+ if (!test_get_libctx(&libctx, &default_null_provider, &provider, 14, USAGE))
+ return 0;
+
/* Load certificates for cert chain */
- if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, NULL))
- || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, NULL))
+ if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f, libctx))
+ || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f, libctx))
|| !TEST_ptr(root = load_pem_cert(root_f, NULL))
- || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, NULL)))
+ || !TEST_ptr(intermediate = load_pem_cert(intermediate_f, libctx)))
goto err;
- if (!TEST_ptr(insta_cert = load_pem_cert(instacert_f, NULL))
- || !TEST_ptr(instaca_cert = load_pem_cert(instaca_f, NULL)))
+ if (!TEST_ptr(insta_cert = load_pem_cert(instacert_f, libctx))
+ || !TEST_ptr(instaca_cert = load_pem_cert(instaca_f, libctx)))
goto err;
/* Load certificates for message validation */
- if (!TEST_ptr(srvcert = load_pem_cert(server_f, NULL))
- || !TEST_ptr(clcert = load_pem_cert(client_f, NULL)))
+ if (!TEST_ptr(srvcert = load_pem_cert(server_f, libctx))
+ || !TEST_ptr(clcert = load_pem_cert(client_f, libctx)))
goto err;
if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
goto err;
# https://www.openssl.org/source/license.html
use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
use OpenSSL::Test::Utils;
-setup("test_cmp_vfy");
+BEGIN {
+ setup("test_cmp_vfy");
+}
+
+use lib srctop_dir('Configurations');
+use lib bldtop_dir('.');
+use platform;
+
+my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
plan skip_all => "This test is not supported in a no-cmp build"
if disabled("cmp");
plan skip_all => "This test is not supported in a no-ec build"
if disabled("ec");
-plan tests => 1;
-
-ok(run(test(["cmp_vfy_test",
- data_file("server.crt"), data_file("client.crt"),
- data_file("EndEntity1.crt"), data_file("EndEntity2.crt"),
- data_file("Root_CA.crt"), data_file("Intermediate_CA.crt"),
- data_file("IR_protected.der"),
- data_file("IR_unprotected.der"),
- data_file("IP_waitingStatus_PBM.der"),
- data_file("IR_rmprotection.der"),
- data_file("insta.cert.pem"),
- data_file("insta_ca.cert.pem"),
- data_file("IR_protected_0_extraCerts.der"),
- data_file("IR_protected_2_extraCerts.der")])));
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
+
+my @basic_cmd = ("cmp_vfy_test",
+ data_file("server.crt"), data_file("client.crt"),
+ data_file("EndEntity1.crt"), data_file("EndEntity2.crt"),
+ data_file("Root_CA.crt"), data_file("Intermediate_CA.crt"),
+ data_file("IR_protected.der"),
+ data_file("IR_unprotected.der"),
+ data_file("IP_waitingStatus_PBM.der"),
+ data_file("IR_rmprotection.der"),
+ data_file("insta.cert.pem"),
+ data_file("insta_ca.cert.pem"),
+ data_file("IR_protected_0_extraCerts.der"),
+ data_file("IR_protected_2_extraCerts.der"));
+
+ok(run(test([@basic_cmd, "none"])));
+
+ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
+
+unless ($no_fips) {
+ ok(run(app(['openssl', 'fipsinstall',
+ '-out', bldtop_file('providers', 'fipsmodule.cnf'),
+ '-module', bldtop_file('providers', platform->dso('fips'))])),
+ "fipsinstall");
+
+ ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
+}
projects / openssl.git / commitdiff