summaryrefslogtreecommitdiffstats
path: root/test
diff options
context:
space:
mode:
authorMatt Caswell <matt@openssl.org>2021-05-26 18:18:13 +0200
committerPauli <pauli@openssl.org>2021-06-05 09:39:10 +0200
commitc6313780586f94b0542f55c3ffa399f5ad2c7297 (patch)
tree4ee7a22fbbe0e507a1b974b5e2e45778836fed09 /test
parentUse the new ASN.1 libctx aware functions in CMS (diff)
downloadopenssl-c6313780586f94b0542f55c3ffa399f5ad2c7297.tar.xz
openssl-c6313780586f94b0542f55c3ffa399f5ad2c7297.zip
Use the new ASN.1 libctx aware capabilities in CMP
Make sure we pass the libctx/propq around everywhere that we need it to ensure we get provider keys when needed. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15591)
Diffstat (limited to '')
-rw-r--r--test/cmp_protect_test.c10
-rw-r--r--test/cmp_server_test.c2
-rw-r--r--test/cmp_vfy_test.c28
-rw-r--r--test/helpers/cmp_testlib.c4
-rw-r--r--test/helpers/cmp_testlib.h2
5 files changed, 23 insertions, 23 deletions
diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c
index 5fafb69475..9111b89423 100644
--- a/test/cmp_protect_test.c
+++ b/test/cmp_protect_test.c
@@ -143,7 +143,7 @@ static int execute_calc_protection_signature_test(CMP_PROTECT_TEST_FIXTURE *
static int test_cmp_calc_protection_no_key_no_secret(void)
{
SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx))
|| !TEST_ptr(fixture->msg->header->protectionAlg =
X509_ALGOR_new() /* no specific alg needed here */)) {
tear_down(fixture);
@@ -159,7 +159,7 @@ static int test_cmp_calc_protection_pkey(void)
SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
fixture->pubkey = loadedpubkey;
if (!TEST_true(OSSL_CMP_CTX_set1_pkey(fixture->cmp_ctx, loadedprivkey))
- || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))) {
+ || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))) {
tear_down(fixture);
fixture = NULL;
}
@@ -174,7 +174,7 @@ static int test_cmp_calc_protection_pbmac(void)
SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
sec_insta, sizeof(sec_insta)))
- || !TEST_ptr(fixture->msg = load_pkimsg(ip_PBM_f))) {
+ || !TEST_ptr(fixture->msg = load_pkimsg(ip_PBM_f, libctx))) {
tear_down(fixture);
fixture = NULL;
}
@@ -577,8 +577,8 @@ int setup_tests(void)
return 0;
if (TEST_true(EVP_PKEY_up_ref(loadedprivkey)))
loadedpubkey = loadedprivkey;
- if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f))
- || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f)))
+ if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f, libctx))
+ || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx)))
return 0;
if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx))
|| !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx))
diff --git a/test/cmp_server_test.c b/test/cmp_server_test.c
index bff42c8baf..d93a75db81 100644
--- a/test/cmp_server_test.c
+++ b/test/cmp_server_test.c
@@ -148,7 +148,7 @@ int setup_tests(void)
if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 1, USAGE))
return 0;
- if (!TEST_ptr(request = load_pkimsg(request_f))) {
+ if (!TEST_ptr(request = load_pkimsg(request_f, libctx))) {
cleanup_tests();
return 0;
}
diff --git a/test/cmp_vfy_test.c b/test/cmp_vfy_test.c
index 2a06e0b097..a480090363 100644
--- a/test/cmp_vfy_test.c
+++ b/test/cmp_vfy_test.c
@@ -91,7 +91,7 @@ static int flip_bit(ASN1_BIT_STRING *bitstr)
static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture)
{
- if ((fixture->msg = load_pkimsg(ir_protected_f)) == NULL)
+ if ((fixture->msg = load_pkimsg(ir_protected_f, libctx)) == NULL)
return 0;
if (fixture->expected == 0) {
const OSSL_CRMF_MSGS *reqs = fixture->msg->body->value.ir;
@@ -153,7 +153,7 @@ static int test_validate_msg_mac_alg_protection(void)
fixture->expected = 1;
if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1,
sizeof(sec_1)))
- || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f))) {
+ || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) {
tear_down(fixture);
fixture = NULL;
}
@@ -174,7 +174,7 @@ static int test_validate_msg_mac_alg_protection_bad(void)
if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad,
sizeof(sec_bad)))
- || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f))) {
+ || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) {
tear_down(fixture);
fixture = NULL;
}
@@ -203,7 +203,7 @@ static int test_validate_msg_signature_partial_chain(int expired)
ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
fixture->expected = !expired;
if (ts == NULL
- || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
+ || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
|| !add_trusted(fixture->cmp_ctx, srvcert)) {
tear_down(fixture);
fixture = NULL;
@@ -233,7 +233,7 @@ static int test_validate_msg_signature_srvcert_wrong(void)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = 0;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
|| !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, clcert))) {
tear_down(fixture);
fixture = NULL;
@@ -246,7 +246,7 @@ static int test_validate_msg_signature_srvcert(int bad_sig)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = !bad_sig;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
|| !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))
|| (bad_sig && !flip_bit(fixture->msg->protection))) {
tear_down(fixture);
@@ -272,7 +272,7 @@ static int test_validate_msg_signature_sender_cert_untrusted(void)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = 1;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))
|| !add_trusted(fixture->cmp_ctx, instaca_cert)
|| !add_untrusted(fixture->cmp_ctx, insta_cert)) {
tear_down(fixture);
@@ -286,7 +286,7 @@ static int test_validate_msg_signature_sender_cert_trusted(void)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = 1;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))
|| !add_trusted(fixture->cmp_ctx, instaca_cert)
|| !add_trusted(fixture->cmp_ctx, insta_cert)) {
tear_down(fixture);
@@ -300,7 +300,7 @@ static int test_validate_msg_signature_sender_cert_extracert(void)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = 1;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts, libctx))
|| !add_trusted(fixture->cmp_ctx, instaca_cert)) {
tear_down(fixture);
fixture = NULL;
@@ -315,7 +315,7 @@ static int test_validate_msg_signature_sender_cert_absent(void)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = 0;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))) {
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))) {
tear_down(fixture);
fixture = NULL;
}
@@ -328,7 +328,7 @@ static int test_validate_with_sender(const X509_NAME *name, int expected)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = expected;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
|| !TEST_true(OSSL_CMP_CTX_set1_expected_sender(fixture->cmp_ctx, name))
|| !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))) {
tear_down(fixture);
@@ -353,7 +353,7 @@ static int test_validate_msg_unprotected_request(void)
{
SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
fixture->expected = 0;
- if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f))) {
+ if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx))) {
tear_down(fixture);
fixture = NULL;
}
@@ -620,8 +620,8 @@ int setup_tests(void)
goto err;
if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
goto err;
- if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f))
- || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f)))
+ if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx))
+ || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f, libctx)))
goto err;
/* Message validation tests */
diff --git a/test/helpers/cmp_testlib.c b/test/helpers/cmp_testlib.c
index 2d7297c42b..e0fb1d3d34 100644
--- a/test/helpers/cmp_testlib.c
+++ b/test/helpers/cmp_testlib.c
@@ -12,11 +12,11 @@
#include "cmp_testlib.h"
#include <openssl/rsa.h> /* needed in case config no-deprecated */
-OSSL_CMP_MSG *load_pkimsg(const char *file)
+OSSL_CMP_MSG *load_pkimsg(const char *file, OSSL_LIB_CTX *libctx)
{
OSSL_CMP_MSG *msg;
- (void)TEST_ptr((msg = OSSL_CMP_MSG_read(file)));
+ (void)TEST_ptr((msg = OSSL_CMP_MSG_read(file, libctx, NULL)));
return msg;
}
diff --git a/test/helpers/cmp_testlib.h b/test/helpers/cmp_testlib.h
index 681b06ae22..50b085beca 100644
--- a/test/helpers/cmp_testlib.h
+++ b/test/helpers/cmp_testlib.h
@@ -21,7 +21,7 @@
# ifndef OPENSSL_NO_CMP
# define CMP_TEST_REFVALUE_LENGTH 15 /* arbitrary value */
-OSSL_CMP_MSG *load_pkimsg(const char *file);
+OSSL_CMP_MSG *load_pkimsg(const char *file, OSSL_LIB_CTX *libctx);
int valid_asn1_encoding(const OSSL_CMP_MSG *msg);
int STACK_OF_X509_cmp(const STACK_OF(X509) *sk1, const STACK_OF(X509) *sk2);
int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert);