2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/e_os2.h>
13 #include <openssl/crypto.h>
16 #include "ssl_test_ctx.h"
18 /* True enums and other test configuration values that map to an int. */
25 __owur static int parse_enum(const test_enum *enums, size_t num_enums,
26 int *value, const char *name)
29 for (i = 0; i < num_enums; i++) {
30 if (strcmp(enums[i].name, name) == 0) {
31 *value = enums[i].value;
38 static const char *enum_name(const test_enum *enums, size_t num_enums,
42 for (i = 0; i < num_enums; i++) {
43 if (enums[i].value == value) {
47 return "InvalidValue";
55 static const test_enum ssl_test_results[] = {
56 {"Success", SSL_TEST_SUCCESS},
57 {"ServerFail", SSL_TEST_SERVER_FAIL},
58 {"ClientFail", SSL_TEST_CLIENT_FAIL},
59 {"InternalError", SSL_TEST_INTERNAL_ERROR},
62 __owur static int parse_expected_result(SSL_TEST_CTX *test_ctx, const char *value)
65 if (!parse_enum(ssl_test_results, OSSL_NELEM(ssl_test_results),
69 test_ctx->expected_result = ret_value;
73 const char *ssl_test_result_name(ssl_test_result_t result)
75 return enum_name(ssl_test_results, OSSL_NELEM(ssl_test_results), result);
78 /******************************/
79 /* ClientAlert / ServerAlert. */
80 /******************************/
82 static const test_enum ssl_alerts[] = {
83 {"UnknownCA", SSL_AD_UNKNOWN_CA},
84 {"HandshakeFailure", SSL_AD_HANDSHAKE_FAILURE},
85 {"UnrecognizedName", SSL_AD_UNRECOGNIZED_NAME},
86 {"BadCertificate", SSL_AD_BAD_CERTIFICATE},
87 {"NoApplicationProtocol", SSL_AD_NO_APPLICATION_PROTOCOL},
90 __owur static int parse_alert(int *alert, const char *value)
92 return parse_enum(ssl_alerts, OSSL_NELEM(ssl_alerts), alert, value);
95 __owur static int parse_client_alert(SSL_TEST_CTX *test_ctx, const char *value)
97 return parse_alert(&test_ctx->client_alert, value);
100 __owur static int parse_server_alert(SSL_TEST_CTX *test_ctx, const char *value)
102 return parse_alert(&test_ctx->server_alert, value);
105 const char *ssl_alert_name(int alert)
107 return enum_name(ssl_alerts, OSSL_NELEM(ssl_alerts), alert);
114 static const test_enum ssl_protocols[] = {
115 {"TLSv1.2", TLS1_2_VERSION},
116 {"TLSv1.1", TLS1_1_VERSION},
117 {"TLSv1", TLS1_VERSION},
118 {"SSLv3", SSL3_VERSION},
119 {"DTLSv1", DTLS1_VERSION},
120 {"DTLSv1.2", DTLS1_2_VERSION},
123 __owur static int parse_protocol(SSL_TEST_CTX *test_ctx, const char *value)
125 return parse_enum(ssl_protocols, OSSL_NELEM(ssl_protocols),
126 &test_ctx->protocol, value);
129 const char *ssl_protocol_name(int protocol)
131 return enum_name(ssl_protocols, OSSL_NELEM(ssl_protocols), protocol);
134 /***********************/
135 /* CertVerifyCallback. */
136 /***********************/
138 static const test_enum ssl_verify_callbacks[] = {
139 {"None", SSL_TEST_VERIFY_NONE},
140 {"AcceptAll", SSL_TEST_VERIFY_ACCEPT_ALL},
141 {"RejectAll", SSL_TEST_VERIFY_REJECT_ALL},
144 __owur static int parse_client_verify_callback(SSL_TEST_CTX *test_ctx,
148 if (!parse_enum(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
149 &ret_value, value)) {
152 test_ctx->client_verify_callback = ret_value;
156 const char *ssl_verify_callback_name(ssl_verify_callback_t callback)
158 return enum_name(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
166 static const test_enum ssl_servername[] = {
167 {"None", SSL_TEST_SERVERNAME_NONE},
168 {"server1", SSL_TEST_SERVERNAME_SERVER1},
169 {"server2", SSL_TEST_SERVERNAME_SERVER2},
170 {"invalid", SSL_TEST_SERVERNAME_INVALID},
173 __owur static int parse_servername(SSL_TEST_CTX *test_ctx,
177 if (!parse_enum(ssl_servername, OSSL_NELEM(ssl_servername),
178 &ret_value, value)) {
181 test_ctx->servername = ret_value;
185 __owur static int parse_expected_servername(SSL_TEST_CTX *test_ctx,
189 if (!parse_enum(ssl_servername, OSSL_NELEM(ssl_servername),
190 &ret_value, value)) {
193 test_ctx->expected_servername = ret_value;
197 const char *ssl_servername_name(ssl_servername_t server)
199 return enum_name(ssl_servername, OSSL_NELEM(ssl_servername),
203 /***********************/
204 /* ServerNameCallback. */
205 /***********************/
207 static const test_enum ssl_servername_callbacks[] = {
208 {"None", SSL_TEST_SERVERNAME_CB_NONE},
209 {"IgnoreMismatch", SSL_TEST_SERVERNAME_IGNORE_MISMATCH},
210 {"RejectMismatch", SSL_TEST_SERVERNAME_REJECT_MISMATCH},
213 __owur static int parse_servername_callback(SSL_TEST_CTX *test_ctx,
217 if (!parse_enum(ssl_servername_callbacks,
218 OSSL_NELEM(ssl_servername_callbacks), &ret_value, value)) {
221 test_ctx->servername_callback = ret_value;
225 const char *ssl_servername_callback_name(ssl_servername_callback_t callback)
227 return enum_name(ssl_servername_callbacks,
228 OSSL_NELEM(ssl_servername_callbacks), callback);
231 /*************************/
232 /* SessionTicketExpected */
233 /*************************/
235 static const test_enum ssl_session_ticket[] = {
236 {"Ignore", SSL_TEST_SESSION_TICKET_IGNORE},
237 {"Yes", SSL_TEST_SESSION_TICKET_YES},
238 {"No", SSL_TEST_SESSION_TICKET_NO},
239 {"Broken", SSL_TEST_SESSION_TICKET_BROKEN},
242 __owur static int parse_session_ticket(SSL_TEST_CTX *test_ctx, const char *value)
245 if (!parse_enum(ssl_session_ticket, OSSL_NELEM(ssl_session_ticket),
246 &ret_value, value)) {
249 test_ctx->session_ticket_expected = ret_value;
253 const char *ssl_session_ticket_name(ssl_session_ticket_t server)
255 return enum_name(ssl_session_ticket,
256 OSSL_NELEM(ssl_session_ticket),
260 /***********************/
262 /***********************/
264 static const test_enum ssl_test_methods[] = {
265 {"TLS", SSL_TEST_METHOD_TLS},
266 {"DTLS", SSL_TEST_METHOD_DTLS},
269 __owur static int parse_test_method(SSL_TEST_CTX *test_ctx, const char *value)
272 if (!parse_enum(ssl_test_methods, OSSL_NELEM(ssl_test_methods),
273 &ret_value, value)) {
276 test_ctx->method = ret_value;
280 const char *ssl_test_method_name(ssl_test_method_t method)
282 return enum_name(ssl_test_methods, OSSL_NELEM(ssl_test_methods), method);
285 #define IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(field) \
286 static int parse_##field(SSL_TEST_CTX *test_ctx, const char *value) \
288 OPENSSL_free(test_ctx->field); \
289 test_ctx->field = OPENSSL_strdup(value); \
290 OPENSSL_assert(test_ctx->field != NULL); \
294 /************************************/
295 /* NPN and ALPN options */
296 /************************************/
298 #ifndef OPENSSL_NO_NEXTPROTONEG
299 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(client_npn_protocols)
300 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server_npn_protocols)
301 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server2_npn_protocols)
302 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(expected_npn_protocol)
303 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(client_alpn_protocols)
304 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server_alpn_protocols)
305 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server2_alpn_protocols)
306 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(expected_alpn_protocol)
309 /***********************/
311 /***********************/
313 static const test_enum ssl_handshake_modes[] = {
314 {"Simple", SSL_TEST_HANDSHAKE_SIMPLE},
315 {"Resume", SSL_TEST_HANDSHAKE_RESUME},
316 {"Renegotiate", SSL_TEST_HANDSHAKE_RENEGOTIATE},
319 __owur static int parse_handshake_mode(SSL_TEST_CTX *test_ctx, const char *value)
322 if (!parse_enum(ssl_handshake_modes, OSSL_NELEM(ssl_handshake_modes),
323 &ret_value, value)) {
326 test_ctx->handshake_mode = ret_value;
330 const char *ssl_handshake_mode_name(ssl_handshake_mode_t mode)
332 return enum_name(ssl_handshake_modes, OSSL_NELEM(ssl_handshake_modes),
336 static int parse_boolean(const char *value, int *result)
338 if (strcasecmp(value, "Yes") == 0) {
342 else if (strcasecmp(value, "No") == 0) {
349 #define IMPLEMENT_SSL_TEST_CTX_BOOL_OPTION(field) \
350 static int parse_##field(SSL_TEST_CTX *test_ctx, const char *value) \
352 return parse_boolean(value, &test_ctx->field); \
355 IMPLEMENT_SSL_TEST_CTX_BOOL_OPTION(resumption_expected)
357 /*************************************************************/
358 /* Known test options and their corresponding parse methods. */
359 /*************************************************************/
363 int (*parse)(SSL_TEST_CTX *test_ctx, const char *value);
364 } ssl_test_ctx_option;
366 static const ssl_test_ctx_option ssl_test_ctx_options[] = {
367 { "ExpectedResult", &parse_expected_result },
368 { "ClientAlert", &parse_client_alert },
369 { "ServerAlert", &parse_server_alert },
370 { "Protocol", &parse_protocol },
371 { "ClientVerifyCallback", &parse_client_verify_callback },
372 { "ServerName", &parse_servername },
373 { "ExpectedServerName", &parse_expected_servername },
374 { "ServerNameCallback", &parse_servername_callback },
375 { "SessionTicketExpected", &parse_session_ticket },
376 { "Method", &parse_test_method },
377 #ifndef OPENSSL_NO_NEXTPROTONEG
378 { "ClientNPNProtocols", &parse_client_npn_protocols },
379 { "ServerNPNProtocols", &parse_server_npn_protocols },
380 { "Server2NPNProtocols", &parse_server2_npn_protocols },
381 { "ExpectedNPNProtocol", &parse_expected_npn_protocol },
382 { "ClientALPNProtocols", &parse_client_alpn_protocols },
383 { "ServerALPNProtocols", &parse_server_alpn_protocols },
384 { "Server2ALPNProtocols", &parse_server2_alpn_protocols },
385 { "ExpectedALPNProtocol", &parse_expected_alpn_protocol },
387 { "HandshakeMode", &parse_handshake_mode },
388 { "ResumptionExpected", &parse_resumption_expected },
392 * Since these methods are used to create tests, we use OPENSSL_assert liberally
393 * for malloc failures and other internal errors.
395 SSL_TEST_CTX *SSL_TEST_CTX_new()
398 ret = OPENSSL_zalloc(sizeof(*ret));
399 OPENSSL_assert(ret != NULL);
403 void SSL_TEST_CTX_free(SSL_TEST_CTX *ctx)
406 #ifndef OPENSSL_NO_NEXTPROTONEG
407 OPENSSL_free(ctx->client_npn_protocols);
408 OPENSSL_free(ctx->server_npn_protocols);
409 OPENSSL_free(ctx->server2_npn_protocols);
410 OPENSSL_free(ctx->client_alpn_protocols);
411 OPENSSL_free(ctx->server_alpn_protocols);
412 OPENSSL_free(ctx->server2_alpn_protocols);
413 OPENSSL_free(ctx->expected_npn_protocol);
414 OPENSSL_free(ctx->expected_alpn_protocol);
419 SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section)
421 STACK_OF(CONF_VALUE) *sk_conf;
426 sk_conf = NCONF_get_section(conf, test_section);
427 OPENSSL_assert(sk_conf != NULL);
429 ctx = SSL_TEST_CTX_new();
430 OPENSSL_assert(ctx != NULL);
432 for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) {
434 const CONF_VALUE *option = sk_CONF_VALUE_value(sk_conf, i);
435 for (j = 0; j < OSSL_NELEM(ssl_test_ctx_options); j++) {
436 if (strcmp(option->name, ssl_test_ctx_options[j].name) == 0) {
437 if (!ssl_test_ctx_options[j].parse(ctx, option->value)) {
438 fprintf(stderr, "Bad value %s for option %s\n",
439 option->value, option->name);
447 fprintf(stderr, "Unknown test option: %s\n", option->name);
455 SSL_TEST_CTX_free(ctx);