mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-27 05:21:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new()

Browse Source 
Also remove not really to-the-point error message if call fails in apps/cmp.c

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
This commit is contained in:
Dr. David von Oheimb 2020-05-13 09:28:24 +02:00
parent 7b1a3a5062
commit 1a7cd250ad
18 changed files with 48 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apps/cmp.c
View File

@ -1156,7 +1156,8 @@ static int transform_opts(void)
static OSSL_CMP_SRV_CTX *setup_srv_ctx(ENGINE *engine)
{
OSSL_CMP_CTX *ctx; /* extra CMP (client) ctx partly used by server */
OSSL_CMP_SRV_CTX *srv_ctx = ossl_cmp_mock_srv_new();
OSSL_CMP_SRV_CTX *srv_ctx = ossl_cmp_mock_srv_new(app_get0_libctx(),
app_get0_propq());
if (srv_ctx == NULL)
return NULL;
@ -2776,10 +2777,9 @@ int cmp_main(int argc, char **argv)
}
}
if ((cmp_ctx = OSSL_CMP_CTX_new()) == NULL) {
CMP_err("out of memory");
cmp_ctx = OSSL_CMP_CTX_new(app_get0_libctx(), app_get0_propq());
if (cmp_ctx == NULL)
goto err;
}
if (!OSSL_CMP_CTX_set_log_cb(cmp_ctx, print_to_bio_out)) {
CMP_err1("cannot set up error reporting and logging for %s", prog);
goto err;

4
apps/cmp_mock_srv.c
View File

@ -388,9 +388,9 @@ static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx,
return 1;
}
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(void)
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq)
{
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new();
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, propq);
mock_srv_ctx *ctx = mock_srv_ctx_new();
if (srv_ctx != NULL && ctx != NULL

2
apps/cmp_mock_srv.h
View File

@ -16,7 +16,7 @@
# include <openssl/cmp.h>
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(void);
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq);
void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);

9
crypto/cmp/cmp_ctx.c
View File

@ -93,12 +93,16 @@ int OSSL_CMP_CTX_set1_untrusted_certs(OSSL_CMP_CTX *ctx, STACK_OF(X509) *certs)
* Allocates and initializes OSSL_CMP_CTX context structure with default values.
* Returns new context on success, NULL on error
*/
OSSL_CMP_CTX *OSSL_CMP_CTX_new(void)
OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq)
{
OSSL_CMP_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
if (ctx == NULL)
return NULL;
goto err;
ctx->libctx = libctx;
if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL)
goto err;
ctx->log_verbosity = OSSL_CMP_LOG_INFO;
@ -124,6 +128,7 @@ OSSL_CMP_CTX *OSSL_CMP_CTX_new(void)
err:
OSSL_CMP_CTX_free(ctx);
X509err(0, ERR_R_MALLOC_FAILURE);
return NULL;
}

2
crypto/cmp/cmp_local.h
View File

@ -28,6 +28,8 @@
* this structure is used to store the context for CMP sessions
*/
struct ossl_cmp_ctx_st {
OPENSSL_CTX *libctx;
const char *propq;
OSSL_CMP_log_cb_t log_cb; /* log callback for error/debug/etc. output */
OSSL_CMP_severity log_verbosity; /* level of verbosity of log output */

4
crypto/cmp/cmp_server.c
View File

@ -53,14 +53,14 @@ void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx)
OPENSSL_free(srv_ctx);
}
OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void)
OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq)
{
OSSL_CMP_SRV_CTX *ctx = OPENSSL_zalloc(sizeof(OSSL_CMP_SRV_CTX));
if (ctx == NULL)
goto err;
if ((ctx->ctx = OSSL_CMP_CTX_new()) == NULL)
if ((ctx->ctx = OSSL_CMP_CTX_new(libctx, propq)) == NULL)
goto err;
/* all other elements are initialized to 0 or NULL, respectively */

8
doc/internal/man3/ossl_cmp_mock_srv_new.pod
View File

@ -15,9 +15,9 @@ ossl_cmp_mock_srv_set_checkAfterTime
=head1 SYNOPSIS
#include <openssl/cmp.h>
#include "apps/cmp_mock_srv.h"
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(void);
OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq);
void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx);
int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert);
@ -33,7 +33,9 @@ ossl_cmp_mock_srv_set_checkAfterTime
=head1 DESCRIPTION
ossl_cmp_mock_srv_new() allocates the contexts for the CMP mock server.
ossl_cmp_mock_srv_new() allocates the contexts for the CMP mock server
associated with the library context I<libctx> and property query string
I<propq>, both of which may be NULL to select the defaults.
ossl_cmp_mock_srv_free() deallocates the contexts for the CMP mock server.

11
doc/man3/OSSL_CMP_CTX_new.pod
View File

@ -64,7 +64,7 @@ OSSL_CMP_CTX_set1_senderNonce
#include <openssl/cmp.h>
OSSL_CMP_CTX *OSSL_CMP_CTX_new(void);
OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq);
void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val);
@ -158,8 +158,13 @@ OSSL_CMP_CTX_set1_senderNonce
This is the context API for using CMP (Certificate Management Protocol) with
OpenSSL.
OSSL_CMP_CTX_new() allocates and initializes an OSSL_CMP_CTX structure to
default values, e.g., proof-of-possession method is set to POPOSigningKey.
OSSL_CMP_CTX_new() allocates an B<OSSL_CMP_CTX> structure associated with
the library context I<libctx> and property query string I<propq>,
both of which may be NULL to select the defaults.
It initializes the remaining fields to their default values - for instance,
the logging verbosity is set to OSSL_CMP_LOG_INFO,
the message timeout is set to 120 seconds,
and the proof-of-possession method is set to OSSL_CRMF_POPO_SIGNATURE.
OSSL_CMP_CTX_free() deallocates an OSSL_CMP_CTX structure.

7
doc/man3/OSSL_CMP_SRV_CTX_new.pod
View File

@ -29,7 +29,7 @@ OSSL_CMP_SRV_CTX_set_grant_implicit_confirm
const OSSL_CMP_MSG *req);
OSSL_CMP_MSG *OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx,
const OSSL_CMP_MSG *req);
OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void);
OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq);
void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx);
typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)(
@ -95,8 +95,9 @@ B<OSSL_CMP_SRV_process_request()> that can be used by a CMP client
in the same way as B<OSSL_CMP_MSG_http_perform()>.
The B<OSSL_CMP_SRV_CTX> must be set as I<transfer_cb_arg> of I<client_ctx>.
OSSL_CMP_SRV_CTX_new() creates and initializes an OSSL_CMP_SRV_CTX structure
and returns a pointer to it on success, NULL on error.
OSSL_CMP_SRV_CTX_new() creates and initializes an B<OSSL_CMP_SRV_CTX> structure
associated with the library context I<libctx> and property query string
I<propq>, both of which may be NULL to select the defaults.
OSSL_CMP_SRV_CTX_free() deletes the given I<srv_ctx>.

4
fuzz/cmp.c
View File

@ -171,8 +171,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
msg = d2i_OSSL_CMP_MSG_bio(in, NULL);
if (msg != NULL) {
BIO *out = BIO_new(BIO_s_null());
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new();
OSSL_CMP_CTX *client_ctx = OSSL_CMP_CTX_new();
OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(NULL, NULL);
OSSL_CMP_CTX *client_ctx = OSSL_CMP_CTX_new(NULL, NULL);
i2d_OSSL_CMP_MSG_bio(out, msg);
ASN1_item_print(out, (ASN1_VALUE *)msg, 4,

4
include/openssl/cmp.h
View File

@ -243,7 +243,7 @@ void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
/* from cmp_ctx.c */
OSSL_CMP_CTX *OSSL_CMP_CTX_new(void);
OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq);
void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx);
int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx);
/* various CMP options: */
@ -375,7 +375,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
const OSSL_CMP_MSG *req);
OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx,
const OSSL_CMP_MSG *req);
OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(void);
OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq);
void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx);
typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)
(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId,

4
test/cmp_client_test.c
View File

@ -62,7 +62,7 @@ static CMP_SES_TEST_FIXTURE *set_up(const char *const test_case_name)
if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
return NULL;
fixture->test_case_name = test_case_name;
if (!TEST_ptr(fixture->srv_ctx = ossl_cmp_mock_srv_new())
if (!TEST_ptr(fixture->srv_ctx = ossl_cmp_mock_srv_new(NULL, NULL))
|| !OSSL_CMP_SRV_CTX_set_accept_unprotected(fixture->srv_ctx, 1)
|| !ossl_cmp_mock_srv_set1_certOut(fixture->srv_ctx, client_cert)
|| (srv_cmp_ctx =
@ -70,7 +70,7 @@ static CMP_SES_TEST_FIXTURE *set_up(const char *const test_case_name)
|| !OSSL_CMP_CTX_set1_cert(srv_cmp_ctx, server_cert)
|| !OSSL_CMP_CTX_set1_pkey(srv_cmp_ctx, server_key))
goto err;
if (!TEST_ptr(fixture->cmp_ctx = ctx = OSSL_CMP_CTX_new())
if (!TEST_ptr(fixture->cmp_ctx = ctx = OSSL_CMP_CTX_new(NULL, NULL))
|| !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)
|| !OSSL_CMP_CTX_set_transfer_cb(ctx, OSSL_CMP_CTX_server_perform)
|| !OSSL_CMP_CTX_set_transfer_cb_arg(ctx, fixture->srv_ctx)

2
test/cmp_ctx_test.c
View File

@ -37,7 +37,7 @@ static OSSL_CMP_CTX_TEST_FIXTURE *set_up(const char *const test_case_name)
if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
return NULL;
if (!TEST_ptr(fixture->ctx = OSSL_CMP_CTX_new())) {
if (!TEST_ptr(fixture->ctx = OSSL_CMP_CTX_new(NULL, NULL))) {
tear_down(fixture);
return NULL;
}

2
test/cmp_hdr_test.c
View File

@ -38,7 +38,7 @@ static CMP_HDR_TEST_FIXTURE *set_up(const char *const test_case_name)
if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
return NULL;
fixture->test_case_name = test_case_name;
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new()))
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL)))
goto err;
if (!TEST_ptr(fixture->hdr = OSSL_CMP_PKIHEADER_new()))
goto err;

2
test/cmp_msg_test.c
View File

@ -51,7 +51,7 @@ static CMP_MSG_TEST_FIXTURE *set_up(const char *const test_case_name)
return NULL;
fixture->test_case_name = test_case_name;
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))
|| !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 1))
|| !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
ref, sizeof(ref)))) {

2
test/cmp_protect_test.c
View File

@ -56,7 +56,7 @@ static CMP_PROTECT_TEST_FIXTURE *set_up(const char *const test_case_name)
if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
return NULL;
fixture->test_case_name = test_case_name;
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())) {
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))) {
tear_down(fixture);
return NULL;
}

4
test/cmp_server_test.c
View File

@ -33,7 +33,7 @@ static CMP_SRV_TEST_FIXTURE *set_up(const char *const test_case_name)
if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
return NULL;
fixture->test_case_name = test_case_name;
if (!TEST_ptr(fixture->srv_ctx = OSSL_CMP_SRV_CTX_new()))
if (!TEST_ptr(fixture->srv_ctx = OSSL_CMP_SRV_CTX_new(NULL, NULL)))
goto err;
return fixture;
@ -67,7 +67,7 @@ static int execute_test_handle_request(CMP_SRV_TEST_FIXTURE *fixture)
OSSL_CMP_ERRORMSGCONTENT *errorContent;
int res = 0;
if (!TEST_ptr(client_ctx = OSSL_CMP_CTX_new())
if (!TEST_ptr(client_ctx = OSSL_CMP_CTX_new(NULL, NULL))
|| !TEST_true(OSSL_CMP_CTX_set_transfer_cb_arg(client_ctx, ctx)))
goto end;

2
test/cmp_vfy_test.c
View File

@ -56,7 +56,7 @@ static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name)
return NULL;
fixture->test_case_name = test_case_name;
if (ts == NULL
|| !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())
|| !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))
|| !OSSL_CMP_CTX_set0_trustedStore(fixture->cmp_ctx, ts)
|| !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) {
tear_down(fixture);