diff options
author | Matt Caswell <matt@openssl.org> | 2021-05-26 18:18:13 +0200 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-06-05 09:39:10 +0200 |
commit | c6313780586f94b0542f55c3ffa399f5ad2c7297 (patch) | |
tree | 4ee7a22fbbe0e507a1b974b5e2e45778836fed09 /test | |
parent | Use the new ASN.1 libctx aware functions in CMS (diff) | |
download | openssl-c6313780586f94b0542f55c3ffa399f5ad2c7297.tar.xz openssl-c6313780586f94b0542f55c3ffa399f5ad2c7297.zip |
Use the new ASN.1 libctx aware capabilities in CMP
Make sure we pass the libctx/propq around everywhere that we need it to
ensure we get provider keys when needed.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15591)
Diffstat (limited to '')
-rw-r--r-- | test/cmp_protect_test.c | 10 | ||||
-rw-r--r-- | test/cmp_server_test.c | 2 | ||||
-rw-r--r-- | test/cmp_vfy_test.c | 28 | ||||
-rw-r--r-- | test/helpers/cmp_testlib.c | 4 | ||||
-rw-r--r-- | test/helpers/cmp_testlib.h | 2 |
5 files changed, 23 insertions, 23 deletions
diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c index 5fafb69475..9111b89423 100644 --- a/test/cmp_protect_test.c +++ b/test/cmp_protect_test.c @@ -143,7 +143,7 @@ static int execute_calc_protection_signature_test(CMP_PROTECT_TEST_FIXTURE * static int test_cmp_calc_protection_no_key_no_secret(void) { SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up); - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx)) || !TEST_ptr(fixture->msg->header->protectionAlg = X509_ALGOR_new() /* no specific alg needed here */)) { tear_down(fixture); @@ -159,7 +159,7 @@ static int test_cmp_calc_protection_pkey(void) SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up); fixture->pubkey = loadedpubkey; if (!TEST_true(OSSL_CMP_CTX_set1_pkey(fixture->cmp_ctx, loadedprivkey)) - || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))) { + || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))) { tear_down(fixture); fixture = NULL; } @@ -174,7 +174,7 @@ static int test_cmp_calc_protection_pbmac(void) SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up); if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_insta, sizeof(sec_insta))) - || !TEST_ptr(fixture->msg = load_pkimsg(ip_PBM_f))) { + || !TEST_ptr(fixture->msg = load_pkimsg(ip_PBM_f, libctx))) { tear_down(fixture); fixture = NULL; } @@ -577,8 +577,8 @@ int setup_tests(void) return 0; if (TEST_true(EVP_PKEY_up_ref(loadedprivkey))) loadedpubkey = loadedprivkey; - if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f)) - || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f))) + if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f, libctx)) + || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx))) return 0; if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx)) || !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx)) diff --git a/test/cmp_server_test.c b/test/cmp_server_test.c index bff42c8baf..d93a75db81 100644 --- a/test/cmp_server_test.c +++ b/test/cmp_server_test.c @@ -148,7 +148,7 @@ int setup_tests(void) if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 1, USAGE)) return 0; - if (!TEST_ptr(request = load_pkimsg(request_f))) { + if (!TEST_ptr(request = load_pkimsg(request_f, libctx))) { cleanup_tests(); return 0; } diff --git a/test/cmp_vfy_test.c b/test/cmp_vfy_test.c index 2a06e0b097..a480090363 100644 --- a/test/cmp_vfy_test.c +++ b/test/cmp_vfy_test.c @@ -91,7 +91,7 @@ static int flip_bit(ASN1_BIT_STRING *bitstr) static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture) { - if ((fixture->msg = load_pkimsg(ir_protected_f)) == NULL) + if ((fixture->msg = load_pkimsg(ir_protected_f, libctx)) == NULL) return 0; if (fixture->expected == 0) { const OSSL_CRMF_MSGS *reqs = fixture->msg->body->value.ir; @@ -153,7 +153,7 @@ static int test_validate_msg_mac_alg_protection(void) fixture->expected = 1; if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1, sizeof(sec_1))) - || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f))) { + || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) { tear_down(fixture); fixture = NULL; } @@ -174,7 +174,7 @@ static int test_validate_msg_mac_alg_protection_bad(void) if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad, sizeof(sec_bad))) - || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f))) { + || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) { tear_down(fixture); fixture = NULL; } @@ -203,7 +203,7 @@ static int test_validate_msg_signature_partial_chain(int expired) ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx); fixture->expected = !expired; if (ts == NULL - || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f)) + || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) || !add_trusted(fixture->cmp_ctx, srvcert)) { tear_down(fixture); fixture = NULL; @@ -233,7 +233,7 @@ static int test_validate_msg_signature_srvcert_wrong(void) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = 0; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, clcert))) { tear_down(fixture); fixture = NULL; @@ -246,7 +246,7 @@ static int test_validate_msg_signature_srvcert(int bad_sig) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = !bad_sig; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert)) || (bad_sig && !flip_bit(fixture->msg->protection))) { tear_down(fixture); @@ -272,7 +272,7 @@ static int test_validate_msg_signature_sender_cert_untrusted(void) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = 1; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx)) || !add_trusted(fixture->cmp_ctx, instaca_cert) || !add_untrusted(fixture->cmp_ctx, insta_cert)) { tear_down(fixture); @@ -286,7 +286,7 @@ static int test_validate_msg_signature_sender_cert_trusted(void) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = 1; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx)) || !add_trusted(fixture->cmp_ctx, instaca_cert) || !add_trusted(fixture->cmp_ctx, insta_cert)) { tear_down(fixture); @@ -300,7 +300,7 @@ static int test_validate_msg_signature_sender_cert_extracert(void) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = 1; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts, libctx)) || !add_trusted(fixture->cmp_ctx, instaca_cert)) { tear_down(fixture); fixture = NULL; @@ -315,7 +315,7 @@ static int test_validate_msg_signature_sender_cert_absent(void) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = 0; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts))) { + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))) { tear_down(fixture); fixture = NULL; } @@ -328,7 +328,7 @@ static int test_validate_with_sender(const X509_NAME *name, int expected) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = expected; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f)) + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) || !TEST_true(OSSL_CMP_CTX_set1_expected_sender(fixture->cmp_ctx, name)) || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))) { tear_down(fixture); @@ -353,7 +353,7 @@ static int test_validate_msg_unprotected_request(void) { SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); fixture->expected = 0; - if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f))) { + if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx))) { tear_down(fixture); fixture = NULL; } @@ -620,8 +620,8 @@ int setup_tests(void) goto err; if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH))) goto err; - if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f)) - || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f))) + if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx)) + || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f, libctx))) goto err; /* Message validation tests */ diff --git a/test/helpers/cmp_testlib.c b/test/helpers/cmp_testlib.c index 2d7297c42b..e0fb1d3d34 100644 --- a/test/helpers/cmp_testlib.c +++ b/test/helpers/cmp_testlib.c @@ -12,11 +12,11 @@ #include "cmp_testlib.h" #include <openssl/rsa.h> /* needed in case config no-deprecated */ -OSSL_CMP_MSG *load_pkimsg(const char *file) +OSSL_CMP_MSG *load_pkimsg(const char *file, OSSL_LIB_CTX *libctx) { OSSL_CMP_MSG *msg; - (void)TEST_ptr((msg = OSSL_CMP_MSG_read(file))); + (void)TEST_ptr((msg = OSSL_CMP_MSG_read(file, libctx, NULL))); return msg; } diff --git a/test/helpers/cmp_testlib.h b/test/helpers/cmp_testlib.h index 681b06ae22..50b085beca 100644 --- a/test/helpers/cmp_testlib.h +++ b/test/helpers/cmp_testlib.h @@ -21,7 +21,7 @@ # ifndef OPENSSL_NO_CMP # define CMP_TEST_REFVALUE_LENGTH 15 /* arbitrary value */ -OSSL_CMP_MSG *load_pkimsg(const char *file); +OSSL_CMP_MSG *load_pkimsg(const char *file, OSSL_LIB_CTX *libctx); int valid_asn1_encoding(const OSSL_CMP_MSG *msg); int STACK_OF_X509_cmp(const STACK_OF(X509) *sk1, const STACK_OF(X509) *sk2); int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert); |