diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/build.info | 9 | ||||
| -rw-r--r-- | test/cmp_ctx_test.c | 1 | ||||
| -rw-r--r-- | test/cmp_hdr_test.c | 4 | ||||
| -rw-r--r-- | test/cmp_msg_test.c | 10 | ||||
| -rw-r--r-- | test/cmp_server_test.c | 160 | ||||
| -rw-r--r-- | test/cmp_status_test.c | 16 | ||||
| -rw-r--r-- | test/cmp_vfy_test.c | 10 | ||||
| -rw-r--r-- | test/recipes/65-test_cmp_server.t | 26 | ||||
| -rw-r--r-- | test/recipes/65-test_cmp_server_data/CR_protected_PBM_1234.der | bin | 0 -> 420 bytes |
9 files changed, 215 insertions, 21 deletions
diff --git a/test/build.info b/test/build.info index 1573087c28..fcf2ac57ac 100644 --- a/test/build.info +++ b/test/build.info @@ -438,7 +438,8 @@ IF[{- !$disabled{tests} -}] IF[{- !$disabled{cmp} -}] PROGRAMS{noinst}=cmp_asn_test cmp_ctx_test cmp_status_test cmp_hdr_test \ - cmp_protect_test cmp_msg_test cmp_vfy_test + cmp_protect_test cmp_msg_test cmp_vfy_test \ + cmp_server_test ENDIF SOURCE[cmp_asn_test]=cmp_asn_test.c cmp_testlib.c @@ -465,10 +466,14 @@ IF[{- !$disabled{tests} -}] INCLUDE[cmp_msg_test]=.. ../include ../apps/include DEPEND[cmp_msg_test]=../libcrypto.a libtestutil.a - SOURCE[cmp_vfy_test]=cmp_status_test.c cmp_testlib.c + SOURCE[cmp_vfy_test]=cmp_vfy_test.c cmp_testlib.c INCLUDE[cmp_vfy_test]=.. ../include ../apps/include DEPEND[cmp_vfy_test]=../libcrypto.a libtestutil.a + SOURCE[cmp_server_test]=cmp_server_test.c cmp_testlib.c + INCLUDE[cmp_server_test]=.. ../include ../apps/include + DEPEND[cmp_server_test]=../libcrypto.a libtestutil.a + # Internal test programs. These are essentially a collection of internal # test routines. Some of them need to reach internal symbols that aren't # available through the shared library (at least on Linux, Solaris, Windows diff --git a/test/cmp_ctx_test.c b/test/cmp_ctx_test.c index 26c65778b9..903e204622 100644 --- a/test/cmp_ctx_test.c +++ b/test/cmp_ctx_test.c @@ -118,6 +118,7 @@ static int msg_total_size_log_cb(const char *func, const char *file, int line, OSSL_CMP_severity level, const char *msg) { msg_total_size += strlen(msg); + TEST_note("total=%d len=%ld msg='%s'\n", msg_total_size, strlen(msg), msg); return 1; } diff --git a/test/cmp_hdr_test.c b/test/cmp_hdr_test.c index c12b72f29e..25d0dad9f6 100644 --- a/test/cmp_hdr_test.c +++ b/test/cmp_hdr_test.c @@ -350,9 +350,9 @@ static int execute_HDR_set_and_check_implicitConfirm_test(CMP_HDR_TEST_FIXTURE * fixture) { - return TEST_false(ossl_cmp_hdr_check_implicitConfirm(fixture->hdr)) + return TEST_false(ossl_cmp_hdr_has_implicitConfirm(fixture->hdr)) && TEST_true(ossl_cmp_hdr_set_implicitConfirm(fixture->hdr)) - && TEST_true(ossl_cmp_hdr_check_implicitConfirm(fixture->hdr)); + && TEST_true(ossl_cmp_hdr_has_implicitConfirm(fixture->hdr)); } static int test_HDR_set_and_check_implicit_confirm(void) diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c index 8f95865869..3919480610 100644 --- a/test/cmp_msg_test.c +++ b/test/cmp_msg_test.c @@ -91,8 +91,7 @@ static int execute_errormsg_create_test(CMP_MSG_TEST_FIXTURE *fixture) { EXECUTE_MSG_CREATION_TEST(ossl_cmp_error_new(fixture->cmp_ctx, fixture->si, fixture->err_code, - NULL /* fixture->free_text */, - 0)); + "details", 0)); } static int execute_rr_create_test(CMP_MSG_TEST_FIXTURE *fixture) @@ -317,7 +316,7 @@ static int test_cmp_create_certconf_fail_info_max(void) static int test_cmp_create_error_msg(void) { SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up); - fixture->si = ossl_cmp_statusinfo_new(OSSL_CMP_PKISTATUS_rejection, + fixture->si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection, OSSL_CMP_PKIFAILUREINFO_systemFailure, NULL); fixture->err_code = -1; @@ -419,7 +418,7 @@ static int test_cmp_create_certrep(void) static int execute_rp_create(CMP_MSG_TEST_FIXTURE *fixture) { - OSSL_CMP_PKISI *si = ossl_cmp_statusinfo_new(33, 44, "a text"); + OSSL_CMP_PKISI *si = OSSL_CMP_STATUSINFO_new(33, 44, "a text"); X509_NAME *issuer = X509_NAME_new(); ASN1_INTEGER *serial = ASN1_INTEGER_new(); OSSL_CRMF_CERTID *cid = NULL; @@ -439,8 +438,7 @@ static int execute_rp_create(CMP_MSG_TEST_FIXTURE *fixture) if (!TEST_ptr(ossl_cmp_revrepcontent_get_CertId(rpmsg->body->value.rp, 0))) goto err; - if (!TEST_ptr(ossl_cmp_revrepcontent_get_pkistatusinfo(rpmsg->body-> - value.rp, 0))) + if (!TEST_ptr(ossl_cmp_revrepcontent_get_pkisi(rpmsg->body->value.rp, 0))) goto err; res = 1; diff --git a/test/cmp_server_test.c b/test/cmp_server_test.c new file mode 100644 index 0000000000..13159299e9 --- /dev/null +++ b/test/cmp_server_test.c @@ -0,0 +1,160 @@ +/* + * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. + * Copyright Nokia 2007-2020 + * Copyright Siemens AG 2015-2020 + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include "cmp_testlib.h" + +typedef struct test_fixture { + const char *test_case_name; + int expected; + OSSL_CMP_SRV_CTX *srv_ctx; + OSSL_CMP_MSG *req; +} CMP_SRV_TEST_FIXTURE; + +static OSSL_CMP_MSG *request = NULL; + +static void tear_down(CMP_SRV_TEST_FIXTURE *fixture) +{ + OSSL_CMP_SRV_CTX_free(fixture->srv_ctx); + OPENSSL_free(fixture); +} + +static CMP_SRV_TEST_FIXTURE *set_up(const char *const test_case_name) +{ + CMP_SRV_TEST_FIXTURE *fixture; + + if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) + return NULL; + fixture->test_case_name = test_case_name; + if (!TEST_ptr(fixture->srv_ctx = OSSL_CMP_SRV_CTX_new())) + goto err; + return fixture; + + err: + tear_down(fixture); + return NULL; +} + +static int dummy_errorCode = CMP_R_MULTIPLE_SAN_SOURCES; /* any reason code */ + +static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx, + const OSSL_CMP_MSG *cert_req, + int certReqId, + const OSSL_CRMF_MSG *crm, + const X509_REQ *p10cr, + X509 **certOut, + STACK_OF(X509) **chainOut, + STACK_OF(X509) **caPubs) +{ + CMPerr(0, dummy_errorCode); + return NULL; +} + +static int execute_test_handle_request(CMP_SRV_TEST_FIXTURE *fixture) +{ + OSSL_CMP_SRV_CTX *ctx = fixture->srv_ctx; + OSSL_CMP_CTX *client_ctx; + OSSL_CMP_CTX *cmp_ctx; + char *dummy_custom_ctx = "@test_dummy", *custom_ctx; + OSSL_CMP_MSG *rsp = NULL; + OSSL_CMP_ERRORMSGCONTENT *errorContent; + int res = 0; + + if (!TEST_ptr(client_ctx = OSSL_CMP_CTX_new()) + || !TEST_true(OSSL_CMP_CTX_set_transfer_cb_arg(client_ctx, ctx))) + goto end; + + if (!TEST_true(OSSL_CMP_SRV_CTX_init(ctx, dummy_custom_ctx, + process_cert_request, NULL, NULL, + NULL, NULL, NULL)) + || !TEST_ptr(custom_ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(ctx)) + || !TEST_int_eq(strcmp(custom_ctx, dummy_custom_ctx), 0)) + goto end; + + if (!TEST_true(OSSL_CMP_SRV_CTX_set_send_unprotected_errors(ctx, 0)) + || !TEST_true(OSSL_CMP_SRV_CTX_set_accept_unprotected(ctx, 0)) + || !TEST_true(OSSL_CMP_SRV_CTX_set_accept_raverified(ctx, 1)) + || !TEST_true(OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(ctx, 1))) + goto end; + + if (!TEST_ptr(cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(ctx)) + || !OSSL_CMP_CTX_set1_referenceValue(cmp_ctx, + (unsigned char *)"server", 6) + || !OSSL_CMP_CTX_set1_secretValue(cmp_ctx, + (unsigned char *)"1234", 4)) + goto end; + + if (!TEST_ptr(rsp = OSSL_CMP_CTX_server_perform(client_ctx, fixture->req)) + || !TEST_int_eq(ossl_cmp_msg_get_bodytype(rsp), + OSSL_CMP_PKIBODY_ERROR) + || !TEST_ptr(errorContent = rsp->body->value.error) + || !TEST_int_eq(ASN1_INTEGER_get(errorContent->errorCode), + dummy_errorCode)) + goto end; + + res = 1; + + end: + OSSL_CMP_MSG_free(rsp); + OSSL_CMP_CTX_free(client_ctx); + return res; +} + +static int test_handle_request(void) +{ + SETUP_TEST_FIXTURE(CMP_SRV_TEST_FIXTURE, set_up); + fixture->req = request; + fixture->expected = 1; + EXECUTE_TEST(execute_test_handle_request, tear_down); + return result; +} + +void cleanup_tests(void) +{ + OSSL_CMP_MSG_free(request); + return; +} + +int setup_tests(void) +{ + const char *request_f; + + if (!test_skip_common_options()) { + TEST_error("Error parsing test options\n"); + return 0; + } + + if (!TEST_ptr(request_f = test_get_argument(0))) { + TEST_error("usage: cmp_server_test CR_protected_PBM_1234.der\n"); + return 0; + } + + if (!TEST_ptr(request = load_pkimsg(request_f))) { + cleanup_tests(); + return 0; + } + + /* + * this (indirectly) calls + * OSSL_CMP_SRV_CTX_new(), + * OSSL_CMP_SRV_CTX_free(), + * OSSL_CMP_CTX_server_perform(), + * OSSL_CMP_SRV_process_request(), + * OSSL_CMP_SRV_CTX_init(), + * OSSL_CMP_SRV_CTX_get0_cmp_ctx(), + * OSSL_CMP_SRV_CTX_get0_custom_ctx(), + * OSSL_CMP_SRV_CTX_set_send_unprotected_errors(), + * OSSL_CMP_SRV_CTX_set_accept_unprotected(), + * OSSL_CMP_SRV_CTX_set_accept_raverified(), and + * OSSL_CMP_SRV_CTX_set_grant_implicit_confirm() + */ + ADD_TEST(test_handle_request); + return 1; +} diff --git a/test/cmp_status_test.c b/test/cmp_status_test.c index 7311c2e444..15cd6a5fd0 100644 --- a/test/cmp_status_test.c +++ b/test/cmp_status_test.c @@ -45,18 +45,18 @@ static int execute_PKISI_test(CMP_STATUS_TEST_FIXTURE *fixture) ASN1_UTF8STRING *statusString = NULL; int res = 0, i; - if (!TEST_ptr(si = ossl_cmp_statusinfo_new(fixture->pkistatus, + if (!TEST_ptr(si = OSSL_CMP_STATUSINFO_new(fixture->pkistatus, fixture->pkifailure, fixture->text))) goto end; - status = ossl_cmp_pkisi_get_pkistatus(si); + status = ossl_cmp_pkisi_get_status(si); if (!TEST_int_eq(fixture->pkistatus, status) || !TEST_str_eq(fixture->str, ossl_cmp_PKIStatus_to_string(status))) goto end; if (!TEST_ptr(statusString = - sk_ASN1_UTF8STRING_value(ossl_cmp_pkisi_get0_statusstring(si), + sk_ASN1_UTF8STRING_value(ossl_cmp_pkisi_get0_statusString(si), 0)) || !TEST_str_eq(fixture->text, (char *)statusString->data)) goto end; @@ -66,7 +66,7 @@ static int execute_PKISI_test(CMP_STATUS_TEST_FIXTURE *fixture) goto end; for (i = 0; i <= OSSL_CMP_PKIFAILUREINFO_MAX; i++) if (!TEST_int_eq((fixture->pkifailure >> i) & 1, - ossl_cmp_pkisi_pkifailureinfo_check(si, i))) + ossl_cmp_pkisi_check_pkifailureinfo(si, i))) goto end; res = 1; @@ -99,12 +99,12 @@ int setup_tests(void) { /*- * this tests all of: - * ossl_cmp_statusinfo_new() - * ossl_cmp_pkisi_get_pkistatus() + * OSSL_CMP_STATUSINFO_new() + * ossl_cmp_pkisi_get_status() * ossl_cmp_PKIStatus_to_string() - * ossl_cmp_pkisi_get0_statusstring() + * ossl_cmp_pkisi_get0_statusString() * ossl_cmp_pkisi_get_pkifailureinfo() - * ossl_cmp_pkisi_pkifailureinfo_check() + * ossl_cmp_pkisi_check_pkifailureinfo() */ ADD_TEST(test_PKISI); return 1; diff --git a/test/cmp_vfy_test.c b/test/cmp_vfy_test.c index 41ddad86ba..f52efa9855 100644 --- a/test/cmp_vfy_test.c +++ b/test/cmp_vfy_test.c @@ -69,7 +69,7 @@ static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name) return NULL; } X509_VERIFY_PARAM_set_time(X509_STORE_get0_param(ts), test_time_valid); - X509_STORE_set_verify_cb(ts, OSSL_CMP_print_cert_verify_cb); + X509_STORE_set_verify_cb(ts, X509_STORE_CTX_print_verify_cb); return fixture; } @@ -437,8 +437,7 @@ static void setup_check_received(CMP_VFY_TEST_FIXTURE **fixture, int expected, nonce_data, nonce_len))) { tear_down((*fixture)); (*fixture) = NULL; - } - else if (trid_data != NULL) { + } else if (trid_data != NULL) { ASN1_OCTET_STRING *trid = ASN1_OCTET_STRING_new(); if (trid == NULL || !ASN1_OCTET_STRING_set(trid, trid_data, @@ -549,6 +548,11 @@ int setup_tests(void) ts.tm_year += 10; /* February 18th 2028 */ test_time_after_expiration = mktime(&ts); + if (!test_skip_common_options()) { + TEST_error("Error parsing test options\n"); + return 0; + } + RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH); if (!TEST_ptr(server_f = test_get_argument(0)) || !TEST_ptr(client_f = test_get_argument(1)) diff --git a/test/recipes/65-test_cmp_server.t b/test/recipes/65-test_cmp_server.t new file mode 100644 index 0000000000..87dbdb10b2 --- /dev/null +++ b/test/recipes/65-test_cmp_server.t @@ -0,0 +1,26 @@ +#! /usr/bin/env perl +# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. +# Copyright Nokia 2007-2020 +# Copyright Siemens AG 2015-2020 +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use OpenSSL::Test qw/:DEFAULT data_file/; +use OpenSSL::Test::Utils; + +setup("test_cmp_server"); + +plan skip_all => "This test is not supported in a no-cmp build" + if disabled("cmp"); + +plan skip_all => "This test is not supported in a no-ec build" + if disabled("ec"); + +plan tests => 1; + +ok(run(test(["cmp_server_test", + data_file("CR_protected_PBM_1234.der")]))); diff --git a/test/recipes/65-test_cmp_server_data/CR_protected_PBM_1234.der b/test/recipes/65-test_cmp_server_data/CR_protected_PBM_1234.der Binary files differnew file mode 100644 index 0000000000..fc1c0aff9b --- /dev/null +++ b/test/recipes/65-test_cmp_server_data/CR_protected_PBM_1234.der |