mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-30 14:01:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add libctx/provider support to cmp_msg_test

Browse Source 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11808)
This commit is contained in:
Dr. David von Oheimb 2020-08-19 00:48:57 +02:00
parent 4561f15fdb
commit 5a7734cd02
5 changed files with 90 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
test/cmp_msg_test.c
View File

@ -13,6 +13,7 @@
DEFINE_STACK_OF(OSSL_CMP_CERTRESPONSE)
static const char *newkey_f;
static const char *server_cert_f;
static const char *pkcs10_f;
@ -31,6 +32,19 @@ typedef struct test_fixture {
OSSL_CMP_PKISI *si;
} CMP_MSG_TEST_FIXTURE;
static OPENSSL_CTX *libctx = NULL;
static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
/* TODO(3.0) Clean this up - See issue #12680 */
static X509 *X509_dup_with_libctx(const X509 *cert)
{
X509 *dup = X509_dup(cert);
if (dup != NULL)
x509_set0_libctx(dup, libctx, NULL);
return dup;
}
static unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
static void tear_down(CMP_MSG_TEST_FIXTURE *fixture)
@ -51,7 +65,7 @@ static CMP_MSG_TEST_FIXTURE *set_up(const char *const test_case_name)
return NULL;
fixture->test_case_name = test_case_name;
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))
if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
|| !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 1))
|| !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
ref, sizeof(ref)))) {
@ -146,7 +160,7 @@ static int test_cmp_create_ir_protection_set(void)
fixture->bodytype = OSSL_CMP_PKIBODY_IR;
fixture->err_code = -1;
fixture->expected = 1;
if (!TEST_int_eq(1, RAND_bytes(secret, sizeof(secret)))
if (!TEST_int_eq(1, RAND_bytes_ex(libctx, secret, sizeof(secret)))
|| !TEST_true(SET_OPT_UNPROTECTED_SEND(ctx, 0))
|| !TEST_true(set1_newPkey(ctx, newkey))
|| !TEST_true(OSSL_CMP_CTX_set1_secretValue(ctx, secret,
@ -283,7 +297,7 @@ static int test_cmp_create_certconf(void)
fixture->fail_info = 0;
fixture->expected = 1;
if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
X509_dup(cert)))) {
X509_dup_with_libctx(cert)))) {
tear_down(fixture);
fixture = NULL;
}
@ -297,7 +311,7 @@ static int test_cmp_create_certconf_badAlg(void)
fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badAlg;
fixture->expected = 1;
if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
X509_dup(cert)))) {
X509_dup_with_libctx(cert)))) {
tear_down(fixture);
fixture = NULL;
}
@ -311,7 +325,7 @@ static int test_cmp_create_certconf_fail_info_max(void)
fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_MAX;
fixture->expected = 1;
if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
X509_dup(cert)))) {
X509_dup_with_libctx(cert)))) {
tear_down(fixture);
fixture = NULL;
}
@ -392,7 +406,7 @@ static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture)
cresp->certifiedKeyPair->certOrEncCert->type =
OSSL_CMP_CERTORENCCERT_CERTIFICATE;
if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate =
X509_dup(cert)) == NULL
X509_dup_with_libctx(cert)) == NULL
|| !sk_OSSL_CMP_CERTRESPONSE_push(crepmsg->response, cresp))
goto err;
cresp = NULL;
@ -538,8 +552,12 @@ void cleanup_tests(void)
{
EVP_PKEY_free(newkey);
X509_free(cert);
OPENSSL_CTX_free(libctx);
}
#define USAGE "new.key server.crt pkcs10.der module_name [module_conf_file]\n"
OPT_TEST_DECLARE_USAGE(USAGE)
int setup_tests(void)
{
if (!test_skip_common_options()) {
@ -547,15 +565,19 @@ int setup_tests(void)
return 0;
}
if (!TEST_ptr(server_cert_f = test_get_argument(0))
|| !TEST_ptr(pkcs10_f = test_get_argument(1))) {
TEST_error("usage: cmp_msg_test server.crt pkcs10.der\n");
if (!TEST_ptr(newkey_f = test_get_argument(0))
|| !TEST_ptr(server_cert_f = test_get_argument(1))
|| !TEST_ptr(pkcs10_f = test_get_argument(2))) {
TEST_error("usage: cmp_msg_test %s", USAGE);
return 0;
}
if (!TEST_ptr(newkey = gen_rsa())
|| !TEST_ptr(cert = load_pem_cert(server_cert_f, NULL))
|| !TEST_int_eq(1, RAND_bytes(ref, sizeof(ref)))) {
if (!test_get_libctx(&libctx, &default_null_provider, &provider, 3, USAGE))
return 0;
if (!TEST_ptr(newkey = load_pem_key(newkey_f))
|| !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx))
|| !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
cleanup_tests();
return 0;
}

13
test/cmp_testlib.c
View File

@ -63,19 +63,6 @@ X509_REQ *load_csr(const char *file)
return csr;
}
EVP_PKEY *gen_rsa(void)
{
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
(void)(TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL))
&& TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
&& TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048), 0)
&& TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0));
EVP_PKEY_CTX_free(ctx);
return pkey;
}
/*
* Checks whether the syntax of msg conforms to ASN.1
*/

1
test/cmp_testlib.h
View File

@ -28,7 +28,6 @@ X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx);
X509_REQ *load_csr(const char *file);
OSSL_CMP_MSG *load_pkimsg(const char *file);
int valid_asn1_encoding(const OSSL_CMP_MSG *msg);
EVP_PKEY *gen_rsa(void);
int STACK_OF_X509_cmp(const STACK_OF(X509) *sk1, const STACK_OF(X509) *sk2);
int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert);
int print_to_bio_out(const char *func, const char *file, int line,

34
test/recipes/65-test_cmp_msg.t
View File

@ -9,16 +9,38 @@
# https://www.openssl.org/source/license.html
use strict;
use OpenSSL::Test qw/:DEFAULT data_file/;
use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
use OpenSSL::Test::Utils;
setup("test_cmp_msg");
BEGIN {
setup("test_cmp_msg");
}
use lib srctop_dir('Configurations');
use lib bldtop_dir('.');
use platform;
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
plan skip_all => "This test is not supported in a no-cmp build"
if disabled("cmp");
plan tests => 1;
plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
ok(run(test(["cmp_msg_test",
data_file("server.crt"),
data_file("pkcs10.der")])));
my @basic_cmd = ("cmp_msg_test",
data_file("new.key"),
data_file("server.crt"),
data_file("pkcs10.der"));
ok(run(test([@basic_cmd, "none"])));
ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
unless ($no_fips) {
ok(run(app(['openssl', 'fipsinstall',
'-out', bldtop_file('providers', 'fipsmodule.cnf'),
'-module', bldtop_file('providers', platform->dso('fips'))])),
"fipsinstall");
ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
}

28
test/recipes/65-test_cmp_msg_data/new.key Normal file
View File

@ -0,0 +1,28 @@
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDIHp0kAPnBtK1B
/gcTQSGV20NKE1VD+OEO7qzYprfQV0/iaXX5zY/Ls4NRKNIJ6BdoEg5cID5HTNoE
Andl6pfHdSsT0+JdodEZlyg+1fiYr0g4eEh3HA9Rrpx5I4mfhwdj6nRwUun/ludQ
SungipsvVsx3i/x8XEnRkMYlqF8uK6udhTJqVo0Icr6Erb5Fp5GA+Wxd+JT+/CGG
MWF2GLFs+byX5L7bE3JJXUkADOtS8QN01nSIG+5VxLaaWFIpOG3ll6D7QLruRhir
Ez0JVkLBxX9pJQibCN4Ww0wmyX+cXIRpy7q9fPSuO8vA/NMB5VhnLn3YbC9qRY62
IN1qntYlAgMBAAECggEAJgHieHcS+F43VcRIVbjWBx8orYX0eL9pByv/efpYCOK8
UlUTSglnmRmUBDMLiUQiReq//XFGQsZu1boeMSYYA5LWRqLEaGIWU5To2N5Mo7sO
rWLy6GRU6H+QSlWcisbbeXeK+9ZTiO6BKjfAKZxJkvkaRk44+umQP5QOfhJ3WU4t
0wkwYOfm8uOEg48yZTgjUVzhIORHAq5RHH/5goLrNwO2bIqOHOqzSrXGQJJ+oDaL
JykccyVAElUGd5JaSpm5z0a43C4A5q770ppiByGxJv1L3ID1hkik1ZpWfMtwPH1Y
FIAINqlhVoeAEwOCpL9axZ5OCGQrgWLNV4LfJyG4NQKBgQDyHGDyp+ZpMJRxCtDt
8QWtthuoOfwmXOR81ZJGD3GA8rEGcG1zH4F+B4Z76/Kwb/uabH9FPURS+kcDpsuM
9Avx88JTg6YFhtpQQCcmhY7awgc+B4ve95ziz6DOMhCD8Yb36UjM7B1jY+zVLIYt
yQhZOKQEzPFqfPMrzEDsabT+GwKBgQDTmY35/l13zYi21xmCL+309KzjbZEyX0NF
SE2JjIdwcWvKSMPFlWv7l1ssIg1fF0Hu7mEbLB74eUU0fe4D0LPeoEX3ihjYej4N
M/EdKv7+WhCr11lnWwWTM+aeeFAmwdD95Gdvv0hTnG/GqxiOt19HhGhMHJueAKDL
Tmci9hPAvwKBgQCkjbM62fEZp4IMvtw4DKveYDq2AQsnC9XkHsh3Q8HScaDuDnXl
XBGIFhdKnJhrYQEx+PIbnkOU3jRr/+6zE6AWx6VZW834TaqOBrxVS0tH1b5UY46m
ccc4xQO3gYGGHB+u2ei4Fvb2eZEbZlKgRdWdxoh8FssypFAmgYHS7Rmt5wKBgEYu
symM1aGL2WGTnJFSpmFN2h4g1DzZ3e0X2yfZJX8FD5RraAub0NIE1Kehr7+vbh36
kNi7XJZbWrnbXtuDGHWpwSsmcbEzcmtcpAdhoGvqoYbtiWi/huzZFQ/Qpf0E4fWk
ES6+ShX5WBWT4DRN29tTrmg4QOE6IhrsqUauScTvAoGAKxEzsSHPgZm5rGOfVPcI
cFeSJFCsaPfVk97T9aNievhMMChKBV8vT3Unlk0RObcsMweo6OMmfnRxrHhgfVz8
elpLOlzEHfELlR8HELvxCeWWzuPgNCAPcG3BmjRnm8g5xmmkfQuRKlkQTcGbHotI
wIPT+bHg3fjx7CemHl+rZeo=
-----END PRIVATE KEY-----