/*
- * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2021 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Nokia 2007-2019
* Copyright Siemens AG 2015-2019
*
* https://www.openssl.org/source/license.html
*/
-#include "cmp_testlib.h"
+#include "helpers/cmp_testlib.h"
#include <openssl/x509_vfy.h>
+static X509 *test_cert;
+
+/* Avoid using X509_new() via the generic macros below. */
+#define X509_new() X509_dup(test_cert)
+
typedef struct test_fixture {
const char *test_case_name;
OSSL_CMP_CTX *ctx;
if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
return NULL;
- if (!TEST_ptr(fixture->ctx = OSSL_CMP_CTX_new())) {
+ if (!TEST_ptr(fixture->ctx = OSSL_CMP_CTX_new(NULL, NULL))) {
tear_down(fixture);
return NULL;
}
static STACK_OF(X509) *sk_X509_new_1(void)
{
STACK_OF(X509) *sk = sk_X509_new_null();
- X509 *x = X509_new();
+ X509 *x = X509_dup(test_cert);
if (x == NULL || !sk_X509_push(sk, x)) {
sk_X509_free(sk);
ctx->status = 1;
ctx->failInfoCode = 1;
if (!ossl_cmp_ctx_set0_statusString(ctx, sk_ASN1_UTF8STRING_new_null())
- || !ossl_cmp_ctx_set0_newCert(ctx, X509_new())
+ || !ossl_cmp_ctx_set0_newCert(ctx, X509_dup(test_cert))
|| !TEST_ptr(certs = sk_X509_new_1())
+ || !ossl_cmp_ctx_set1_newChain(ctx, certs)
|| !ossl_cmp_ctx_set1_caPubs(ctx, certs)
|| !ossl_cmp_ctx_set1_extraCertsIn(ctx, certs)
- || !ossl_cmp_ctx_set0_validatedSrvCert(ctx, X509_new())
+ || !ossl_cmp_ctx_set0_validatedSrvCert(ctx, X509_dup(test_cert))
|| !TEST_ptr(bytes = ASN1_OCTET_STRING_new())
|| !OSSL_CMP_CTX_set1_transactionID(ctx, bytes)
|| !OSSL_CMP_CTX_set1_senderNonce(ctx, bytes)
&& ctx->failInfoCode == -1
&& ctx->statusString == NULL
&& ctx->newCert == NULL
+ && ctx->newChain == NULL
&& ctx->caPubs == NULL
&& ctx->extraCertsIn == NULL
&& ctx->validatedSrvCert == NULL
res = 0;
# ifndef OPENSSL_NO_STDIO
- CMPerr(0, CMP_R_MULTIPLE_SAN_SOURCES);
+ ERR_raise(ERR_LIB_CMP, CMP_R_MULTIPLE_SAN_SOURCES);
OSSL_CMP_CTX_print_errors(ctx); /* should print above error to STDERR */
# endif
if (!TEST_true(ctx->log_cb == msg_total_size_log_cb)) {
res = 0;
} else {
- CMPerr(0, CMP_R_INVALID_ARGS);
+ ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS);
base_err_msg_size = strlen("INVALID_ARGS");
- CMPerr(0, CMP_R_NULL_ARGUMENT);
+ ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
base_err_msg_size += strlen("NULL_ARGUMENT");
expected_size = base_err_msg_size;
- ossl_cmp_add_error_data("data1"); /* should prepend separator " : " */
- expected_size += strlen(" : " "data1");
+ ossl_cmp_add_error_data("data1"); /* should prepend separator ":" */
+ expected_size += strlen(":" "data1");
ossl_cmp_add_error_data("data2"); /* should prepend separator " : " */
expected_size += strlen(" : " "data2");
ossl_cmp_add_error_line("new line"); /* should prepend separator "\n" */
if (!TEST_int_eq(msg_total_size, expected_size))
res = 0;
- CMPerr(0, CMP_R_INVALID_ARGS);
- base_err_msg_size = strlen("INVALID_ARGS") + strlen(" : ");
+ ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS);
+ base_err_msg_size = strlen("INVALID_ARGS") + strlen(":");
expected_size = base_err_msg_size;
while (expected_size < 4096) { /* force split */
ERR_add_error_txt(STR_SEP, max_str_literal);
#define IS_NEG(x) ((x) < 0)
#define IS_0(x) ((x) == 0) /* for any type */
-#define IS_DEFAULT_PORT(x) ((x) == OSSL_CMP_DEFAULT_PORT)
#define DROP(x) (void)(x) /* dummy free() for non-pointer and function types */
-#define ERR(x) (CMPerr(0, CMP_R_NULL_ARGUMENT), x)
+#define RET_IF_NULL_ARG(ctx, ret) \
+ if (ctx == NULL) { \
+ ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); \
+ return ret; \
+ }
#define DEFINE_SET_GET_TEST(OSSL_CMP, CTX, N, M, DUP, FIELD, TYPE) \
DEFINE_SET_GET_BASE_TEST(OSSL_CMP##_##CTX, set##N, get##M, DUP, FIELD, \
#define DEFINE_SET_TEST_DEFAULT(OSSL_CMP, CTX, N, DUP, FIELD, TYPE, DEFAULT) \
static TYPE *OSSL_CMP_CTX_get0_##FIELD(const CMP_CTX *ctx) \
{ \
- return ctx == NULL ? ERR(NULL) : (TYPE *)ctx->FIELD; \
+ RET_IF_NULL_ARG(ctx, NULL); \
+ return (TYPE *)ctx->FIELD; \
} \
DEFINE_SET_GET_TEST_DEFAULT(OSSL_CMP, CTX, N, 0, DUP, FIELD, TYPE, DEFAULT)
#define DEFINE_SET_TEST(OSSL_CMP, CTX, N, DUP, FIELD, TYPE) \
#define DEFINE_SET_SK_TEST(OSSL_CMP, CTX, N, FIELD, TYPE) \
static STACK_OF(TYPE) *OSSL_CMP_CTX_get0_##FIELD(const CMP_CTX *ctx) \
{ \
- return ctx == NULL ? ERR(NULL) : ctx->FIELD; \
+ RET_IF_NULL_ARG(ctx, NULL); \
+ return ctx->FIELD; \
} \
DEFINE_SET_GET_BASE_TEST(OSSL_CMP##_##CTX, set##N, get0, 1, FIELD, \
STACK_OF(TYPE)*, NULL, IS_0, \
#define DEFINE_SET_CB_TEST(FIELD) \
static OSSL_CMP_##FIELD##_t OSSL_CMP_CTX_get_##FIELD(const CMP_CTX *ctx) \
{ \
- if (ctx == NULL) \
- CMPerr(0, CMP_R_NULL_ARGUMENT); \
- return ctx == NULL ? NULL /* cannot use ERR(NULL) here */ : ctx->FIELD;\
+ RET_IF_NULL_ARG(ctx, NULL); \
+ return ctx->FIELD; \
} \
DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set, get, 0, FIELD, \
OSSL_CMP_##FIELD##_t, NULL, IS_0, \
DEFAULT, 1, DROP)
#define DEFINE_SET_GET_INT_TEST(OSSL_CMP, CTX, FIELD) \
DEFINE_SET_GET_INT_TEST_DEFAULT(OSSL_CMP, CTX, FIELD, IS_NEG)
-#define DEFINE_SET_PORT_TEST(FIELD) \
+#define DEFINE_SET_INT_TEST(FIELD) \
static int OSSL_CMP_CTX_get_##FIELD(const CMP_CTX *ctx) \
{ \
- return ctx == NULL ? ERR(-1) : ctx->FIELD; \
+ RET_IF_NULL_ARG(ctx, -1); \
+ return ctx->FIELD; \
} \
- DEFINE_SET_GET_INT_TEST_DEFAULT(OSSL_CMP, CTX, FIELD, IS_DEFAULT_PORT)
+ DEFINE_SET_GET_INT_TEST_DEFAULT(OSSL_CMP, CTX, FIELD, IS_0)
#define DEFINE_SET_GET_ARG_FN(SETN, GETN, FIELD, ARG, T) \
static int OSSL_CMP_CTX_##SETN##_##FIELD##_##ARG(CMP_CTX *ctx, T val) \
\
static char *OSSL_CMP_CTX_get1_##FIELD##_str(const CMP_CTX *ctx) \
{ \
- const ASN1_OCTET_STRING *bytes = ctx == NULL ? ERR(NULL) : ctx->FIELD; \
+ const ASN1_OCTET_STRING *bytes = NULL; \
\
+ RET_IF_NULL_ARG(ctx, NULL); \
+ bytes = ctx->FIELD; \
return bytes == NULL ? NULL : \
OPENSSL_strndup((char *)bytes->data, bytes->length); \
}
return;
}
-DEFINE_SET_GET_ARG_FN(set, get, option, 16, int)
-/* option == OSSL_CMP_OPT_IGNORE_KEYUSAGE */
-DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set, get, 0, option_16, int, -1, IS_0, \
+DEFINE_SET_GET_ARG_FN(set, get, option, 35, int) /* OPT_IGNORE_KEYUSAGE */
+DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set, get, 0, option_35, int, -1, IS_0, \
1 /* true */, DROP)
DEFINE_SET_CB_TEST(log_cb)
DEFINE_SET_TEST_DEFAULT(OSSL_CMP, CTX, 1, 1, serverPath, char, IS_0)
-DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, serverName, char)
-DEFINE_SET_PORT_TEST(serverPort)
+DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, server, char)
+DEFINE_SET_INT_TEST(serverPort)
DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, proxy, char)
DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, no_proxy, char)
DEFINE_SET_CB_TEST(http_cb)
DEFINE_SET_GET_BASE_TEST(OSSL_CMP_CTX, set0, get0, 0, trustedStore,
X509_STORE *, NULL,
DEFAULT_STORE, X509_STORE_new_1(), X509_STORE_free)
-DEFINE_SET_GET_SK_X509_TEST(OSSL_CMP, CTX, 1, 0, untrusted_certs)
+DEFINE_SET_GET_SK_X509_TEST(OSSL_CMP, CTX, 1, 0, untrusted)
-DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 0, clCert, X509)
+DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 0, cert, X509)
DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 0, pkey, EVP_PKEY)
DEFINE_SET_TEST(OSSL_CMP, CTX, 1, 1, recipient, X509_NAME)
DEFINE_SET_GET_SK_TEST(ossl_cmp, ctx, 0, 0, statusString, ASN1_UTF8STRING)
DEFINE_SET_GET_INT_TEST(ossl_cmp, ctx, failInfoCode)
DEFINE_SET_GET_TEST(ossl_cmp, ctx, 0, 0, 0, newCert, X509)
+DEFINE_SET_GET_SK_X509_TEST(ossl_cmp, ctx, 1, 1, newChain)
DEFINE_SET_GET_SK_X509_TEST(ossl_cmp, ctx, 1, 1, caPubs)
DEFINE_SET_GET_SK_X509_TEST(ossl_cmp, ctx, 1, 1, extraCertsIn)
int setup_tests(void)
{
+ char *cert_file;
+
+ if (!test_skip_common_options()) {
+ TEST_error("Error parsing test options\n");
+ return 0;
+ }
+
+ if (!TEST_ptr(cert_file = test_get_argument(0))
+ || !TEST_ptr(test_cert = load_cert_pem(cert_file, NULL)))
+ return 0;
+
/* OSSL_CMP_CTX_new() is tested by set_up() */
/* OSSL_CMP_CTX_free() is tested by tear_down() */
ADD_TEST(test_CTX_reinit);
/* various CMP options: */
- ADD_TEST(test_CTX_set_get_option_16);
+ ADD_TEST(test_CTX_set_get_option_35);
/* CMP-specific callback for logging and outputting the error queue: */
ADD_TEST(test_CTX_set_get_log_cb);
/*
#endif
/* message transfer: */
ADD_TEST(test_CTX_set1_get0_serverPath);
- ADD_TEST(test_CTX_set1_get0_serverName);
+ ADD_TEST(test_CTX_set1_get0_server);
ADD_TEST(test_CTX_set_get_serverPort);
ADD_TEST(test_CTX_set1_get0_proxy);
ADD_TEST(test_CTX_set1_get0_no_proxy);
ADD_TEST(test_CTX_set0_get0_validatedSrvCert);
ADD_TEST(test_CTX_set1_get0_expected_sender);
ADD_TEST(test_CTX_set0_get0_trustedStore);
- ADD_TEST(test_CTX_set1_get0_untrusted_certs);
+ ADD_TEST(test_CTX_set1_get0_untrusted);
/* client authentication: */
- ADD_TEST(test_CTX_set1_get0_clCert);
+ ADD_TEST(test_CTX_set1_get0_cert);
ADD_TEST(test_CTX_set1_get0_pkey);
/* the following two also test ossl_cmp_asn1_octet_string_set1_bytes(): */
ADD_TEST(test_CTX_set1_get1_referenceValue_str);
ADD_TEST(test_CTX_set0_get0_statusString);
ADD_TEST(test_CTX_set_get_failInfoCode);
ADD_TEST(test_CTX_set0_get0_newCert);
+ ADD_TEST(test_CTX_set1_get1_newChain);
ADD_TEST(test_CTX_set1_get1_caPubs);
ADD_TEST(test_CTX_set1_get1_extraCertsIn);
/* exported for testing and debugging purposes: */
ADD_TEST(test_CTX_set1_get0_transactionID);
ADD_TEST(test_CTX_set1_get0_senderNonce);
ADD_TEST(test_CTX_set1_get0_recipNonce);
- /* ossl_cmp_build_cert_chain() is tested in cmp_protect.c */
return 1;
}