1 /* 2 * Copyright 2007-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * Copyright Nokia 2007-2019 4 * Copyright Siemens AG 2015-2019 5 * 6 * Licensed under the Apache License 2.0 (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 */ 11 12 #include "helpers/cmp_testlib.h" 13 14 #include "cmp_mock_srv.h" 15 16 static const char *server_key_f; 17 static const char *server_cert_f; 18 static const char *client_key_f; 19 static const char *client_cert_f; 20 static const char *pkcs10_f; 21 22 typedef struct test_fixture { 23 const char *test_case_name; 24 OSSL_CMP_CTX *cmp_ctx; 25 OSSL_CMP_SRV_CTX *srv_ctx; 26 int req_type; 27 int expected; 28 STACK_OF(X509) *caPubs; 29 } CMP_SES_TEST_FIXTURE; 30 31 static OSSL_LIB_CTX *libctx = NULL; 32 static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; 33 34 static EVP_PKEY *server_key = NULL; 35 static X509 *server_cert = NULL; 36 static EVP_PKEY *client_key = NULL; 37 static X509 *client_cert = NULL; 38 static unsigned char ref[CMP_TEST_REFVALUE_LENGTH]; 39 40 /* 41 * For these unit tests, the client abandons message protection, and for 42 * error messages the mock server does so as well. 43 * Message protection and verification is tested in cmp_lib_test.c 44 */ 45 46 static void tear_down(CMP_SES_TEST_FIXTURE *fixture) 47 { 48 OSSL_CMP_CTX_free(fixture->cmp_ctx); 49 ossl_cmp_mock_srv_free(fixture->srv_ctx); 50 sk_X509_free(fixture->caPubs); 51 OPENSSL_free(fixture); 52 } 53 54 static CMP_SES_TEST_FIXTURE *set_up(const char *const test_case_name) 55 { 56 CMP_SES_TEST_FIXTURE *fixture; 57 OSSL_CMP_CTX *srv_cmp_ctx = NULL; 58 OSSL_CMP_CTX *ctx = NULL; /* for client */ 59 60 if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) 61 return NULL; 62 fixture->test_case_name = test_case_name; 63 if (!TEST_ptr(fixture->srv_ctx = ossl_cmp_mock_srv_new(libctx, NULL)) 64 || !OSSL_CMP_SRV_CTX_set_accept_unprotected(fixture->srv_ctx, 1) 65 || !ossl_cmp_mock_srv_set1_refCert(fixture->srv_ctx, client_cert) 66 || !ossl_cmp_mock_srv_set1_certOut(fixture->srv_ctx, client_cert) 67 || (srv_cmp_ctx = OSSL_CMP_SRV_CTX_get0_cmp_ctx(fixture->srv_ctx)) == NULL 68 || !OSSL_CMP_CTX_set1_cert(srv_cmp_ctx, server_cert) 69 || !OSSL_CMP_CTX_set1_pkey(srv_cmp_ctx, server_key)) 70 goto err; 71 if (!TEST_ptr(fixture->cmp_ctx = ctx = OSSL_CMP_CTX_new(libctx, NULL)) 72 || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out) 73 || !OSSL_CMP_CTX_set_transfer_cb(ctx, OSSL_CMP_CTX_server_perform) 74 || !OSSL_CMP_CTX_set_transfer_cb_arg(ctx, fixture->srv_ctx) 75 || !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_UNPROTECTED_SEND, 1) 76 || !OSSL_CMP_CTX_set_option(ctx, OSSL_CMP_OPT_UNPROTECTED_ERRORS, 1) 77 || !OSSL_CMP_CTX_set1_oldCert(ctx, client_cert) 78 || !OSSL_CMP_CTX_set1_pkey(ctx, client_key) 79 /* client_key is by default used also for newPkey */ 80 || !OSSL_CMP_CTX_set1_srvCert(ctx, server_cert) 81 || !OSSL_CMP_CTX_set1_referenceValue(ctx, ref, sizeof(ref))) 82 goto err; 83 fixture->req_type = -1; 84 return fixture; 85 86 err: 87 tear_down(fixture); 88 return NULL; 89 } 90 91 static int execute_exec_RR_ses_test(CMP_SES_TEST_FIXTURE *fixt) 92 { 93 return TEST_int_eq(OSSL_CMP_CTX_get_status(fixt->cmp_ctx), 94 OSSL_CMP_PKISTATUS_unspecified) 95 && TEST_int_eq(OSSL_CMP_exec_RR_ses(fixt->cmp_ctx), 96 fixt->expected == OSSL_CMP_PKISTATUS_accepted) 97 && TEST_int_eq(OSSL_CMP_CTX_get_status(fixt->cmp_ctx), fixt->expected); 98 } 99 100 static int execute_exec_GENM_ses_test_single(CMP_SES_TEST_FIXTURE *fixture) 101 { 102 OSSL_CMP_CTX *ctx = fixture->cmp_ctx; 103 ASN1_OBJECT *type = OBJ_txt2obj("1.3.6.1.5.5.7.4.2", 1); 104 OSSL_CMP_ITAV *itav = OSSL_CMP_ITAV_create(type, NULL); 105 STACK_OF(OSSL_CMP_ITAV) *itavs; 106 107 OSSL_CMP_CTX_push0_genm_ITAV(ctx, itav); 108 itavs = OSSL_CMP_exec_GENM_ses(ctx); 109 110 sk_OSSL_CMP_ITAV_pop_free(itavs, OSSL_CMP_ITAV_free); 111 return TEST_int_eq(OSSL_CMP_CTX_get_status(ctx), fixture->expected) 112 && fixture->expected == OSSL_CMP_PKISTATUS_accepted 113 ? TEST_ptr(itavs) 114 : TEST_ptr_null(itavs); 115 } 116 117 static int execute_exec_GENM_ses_test(CMP_SES_TEST_FIXTURE *fixture) 118 { 119 return execute_exec_GENM_ses_test_single(fixture) 120 && OSSL_CMP_CTX_reinit(fixture->cmp_ctx) 121 && execute_exec_GENM_ses_test_single(fixture); 122 } 123 124 static int execute_exec_certrequest_ses_test(CMP_SES_TEST_FIXTURE *fixture) 125 { 126 OSSL_CMP_CTX *ctx = fixture->cmp_ctx; 127 X509 *res = OSSL_CMP_exec_certreq(ctx, fixture->req_type, NULL); 128 int status = OSSL_CMP_CTX_get_status(ctx); 129 130 OSSL_CMP_CTX_print_errors(ctx); 131 if (!TEST_int_eq(status, fixture->expected) 132 && !(fixture->expected == OSSL_CMP_PKISTATUS_waiting 133 && TEST_int_eq(status, OSSL_CMP_PKISTATUS_trans))) 134 return 0; 135 if (fixture->expected != OSSL_CMP_PKISTATUS_accepted) 136 return TEST_ptr_null(res); 137 138 if (!TEST_ptr(res) || !TEST_int_eq(X509_cmp(res, client_cert), 0)) 139 return 0; 140 if (fixture->caPubs != NULL) { 141 STACK_OF(X509) *caPubs = OSSL_CMP_CTX_get1_caPubs(fixture->cmp_ctx); 142 int ret = TEST_int_eq(STACK_OF_X509_cmp(fixture->caPubs, caPubs), 0); 143 144 OSSL_STACK_OF_X509_free(caPubs); 145 return ret; 146 } 147 return 1; 148 } 149 150 static int test_exec_RR_ses(int request_error) 151 { 152 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 153 if (request_error) 154 OSSL_CMP_CTX_set1_oldCert(fixture->cmp_ctx, NULL); 155 fixture->expected = request_error ? OSSL_CMP_PKISTATUS_request 156 : OSSL_CMP_PKISTATUS_accepted; 157 EXECUTE_TEST(execute_exec_RR_ses_test, tear_down); 158 return result; 159 } 160 161 static int test_exec_RR_ses_ok(void) 162 { 163 return test_exec_RR_ses(0); 164 } 165 166 static int test_exec_RR_ses_request_error(void) 167 { 168 return test_exec_RR_ses(1); 169 } 170 171 static int test_exec_RR_ses_receive_error(void) 172 { 173 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 174 ossl_cmp_mock_srv_set_statusInfo(fixture->srv_ctx, 175 OSSL_CMP_PKISTATUS_rejection, 176 OSSL_CMP_CTX_FAILINFO_signerNotTrusted, 177 "test string"); 178 ossl_cmp_mock_srv_set_sendError(fixture->srv_ctx, OSSL_CMP_PKIBODY_RR); 179 fixture->expected = OSSL_CMP_PKISTATUS_rejection; 180 EXECUTE_TEST(execute_exec_RR_ses_test, tear_down); 181 return result; 182 } 183 184 static int test_exec_IR_ses(void) 185 { 186 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 187 fixture->req_type = OSSL_CMP_PKIBODY_IR; 188 fixture->expected = OSSL_CMP_PKISTATUS_accepted; 189 fixture->caPubs = sk_X509_new_null(); 190 if (!sk_X509_push(fixture->caPubs, server_cert) 191 || !sk_X509_push(fixture->caPubs, server_cert)) { 192 tear_down(fixture); 193 return 0; 194 } 195 ossl_cmp_mock_srv_set1_caPubsOut(fixture->srv_ctx, fixture->caPubs); 196 EXECUTE_TEST(execute_exec_certrequest_ses_test, tear_down); 197 return result; 198 } 199 200 static int test_exec_REQ_ses_poll(int req_type, int check_after, 201 int poll_count, int total_timeout, 202 int expect) 203 { 204 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 205 fixture->req_type = req_type; 206 fixture->expected = expect; 207 ossl_cmp_mock_srv_set_checkAfterTime(fixture->srv_ctx, check_after); 208 ossl_cmp_mock_srv_set_pollCount(fixture->srv_ctx, poll_count); 209 OSSL_CMP_CTX_set_option(fixture->cmp_ctx, 210 OSSL_CMP_OPT_TOTAL_TIMEOUT, total_timeout); 211 212 if (req_type == OSSL_CMP_PKIBODY_IR) { 213 EXECUTE_TEST(execute_exec_certrequest_ses_test, tear_down); 214 } else if (req_type == OSSL_CMP_PKIBODY_GENM) { 215 EXECUTE_TEST(execute_exec_GENM_ses_test, tear_down); 216 } 217 return result; 218 } 219 220 static int checkAfter = 1; 221 static int test_exec_IR_ses_poll_ok(void) 222 { 223 return test_exec_REQ_ses_poll(OSSL_CMP_PKIBODY_IR, checkAfter, 2, 0, 224 OSSL_CMP_PKISTATUS_accepted); 225 } 226 227 static int test_exec_IR_ses_poll_no_timeout(void) 228 { 229 return test_exec_REQ_ses_poll(OSSL_CMP_PKIBODY_IR, checkAfter, 230 2 /* pollCount */, 231 checkAfter + 14, /* usually 4 is sufficient */ 232 OSSL_CMP_PKISTATUS_accepted); 233 } 234 235 static int test_exec_IR_ses_poll_total_timeout(void) 236 { 237 return !test_exec_REQ_ses_poll(OSSL_CMP_PKIBODY_IR, checkAfter + 1, 238 3 /* pollCount */, checkAfter + 6, 239 OSSL_CMP_PKISTATUS_waiting); 240 } 241 242 static int test_exec_CR_ses(int implicit_confirm, int granted, int reject) 243 { 244 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 245 fixture->req_type = OSSL_CMP_PKIBODY_CR; 246 OSSL_CMP_CTX_set_option(fixture->cmp_ctx, 247 OSSL_CMP_OPT_IMPLICIT_CONFIRM, implicit_confirm); 248 OSSL_CMP_SRV_CTX_set_grant_implicit_confirm(fixture->srv_ctx, granted); 249 ossl_cmp_mock_srv_set_sendError(fixture->srv_ctx, 250 reject ? OSSL_CMP_PKIBODY_CERTCONF : -1); 251 fixture->expected = reject ? OSSL_CMP_PKISTATUS_rejection 252 : OSSL_CMP_PKISTATUS_accepted; 253 EXECUTE_TEST(execute_exec_certrequest_ses_test, tear_down); 254 return result; 255 } 256 257 static int test_exec_CR_ses_explicit_confirm(void) 258 { 259 return test_exec_CR_ses(0, 0, 0) 260 && test_exec_CR_ses(0, 0, 1 /* reject */); 261 } 262 263 static int test_exec_CR_ses_implicit_confirm(void) 264 { 265 return test_exec_CR_ses(1, 0, 0) 266 && test_exec_CR_ses(1, 1 /* granted */, 0); 267 } 268 269 static int test_exec_KUR_ses(int transfer_error, int pubkey, int raverified) 270 { 271 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 272 fixture->req_type = OSSL_CMP_PKIBODY_KUR; 273 /* ctx->oldCert has already been set */ 274 275 if (transfer_error) 276 OSSL_CMP_CTX_set_transfer_cb_arg(fixture->cmp_ctx, NULL); 277 if (pubkey) { 278 EVP_PKEY *key = raverified /* wrong key */ ? server_key : client_key; 279 280 if (!EVP_PKEY_up_ref(key)) 281 return 0; 282 283 OSSL_CMP_CTX_set0_newPkey(fixture->cmp_ctx, 0 /* not priv */, key); 284 OSSL_CMP_SRV_CTX_set_accept_raverified(fixture->srv_ctx, 1); 285 } 286 if (pubkey || raverified) 287 OSSL_CMP_CTX_set_option(fixture->cmp_ctx, OSSL_CMP_OPT_POPO_METHOD, 288 OSSL_CRMF_POPO_RAVERIFIED); 289 fixture->expected = transfer_error ? OSSL_CMP_PKISTATUS_trans : raverified ? OSSL_CMP_PKISTATUS_rejection 290 : OSSL_CMP_PKISTATUS_accepted; 291 EXECUTE_TEST(execute_exec_certrequest_ses_test, tear_down); 292 return result; 293 } 294 295 static int test_exec_KUR_ses_ok(void) 296 { 297 return test_exec_KUR_ses(0, 0, 0); 298 } 299 300 static int test_exec_KUR_ses_transfer_error(void) 301 { 302 return test_exec_KUR_ses(1, 0, 0); 303 } 304 305 static int test_exec_KUR_ses_wrong_popo(void) 306 { 307 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION /* cf ossl_cmp_verify_popo() */ 308 return test_exec_KUR_ses(0, 0, 1); 309 #else 310 return 1; 311 #endif 312 } 313 314 static int test_exec_KUR_ses_pub(void) 315 { 316 return test_exec_KUR_ses(0, 1, 0); 317 } 318 319 static int test_exec_KUR_ses_wrong_pub(void) 320 { 321 return test_exec_KUR_ses(0, 1, 1); 322 } 323 324 static int test_certConf_cb(OSSL_CMP_CTX *ctx, X509 *cert, int fail_info, 325 const char **txt) 326 { 327 int *reject = OSSL_CMP_CTX_get_certConf_cb_arg(ctx); 328 329 if (*reject) { 330 *txt = "not to my taste"; 331 fail_info = OSSL_CMP_PKIFAILUREINFO_badCertTemplate; 332 } 333 return fail_info; 334 } 335 336 static int test_exec_P10CR_ses(int reject) 337 { 338 OSSL_CMP_CTX *ctx; 339 X509_REQ *csr = NULL; 340 341 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 342 fixture->req_type = OSSL_CMP_PKIBODY_P10CR; 343 fixture->expected = reject ? OSSL_CMP_PKISTATUS_rejection 344 : OSSL_CMP_PKISTATUS_accepted; 345 ctx = fixture->cmp_ctx; 346 if (!TEST_ptr(csr = load_csr_der(pkcs10_f, libctx)) 347 || !TEST_true(OSSL_CMP_CTX_set1_p10CSR(ctx, csr)) 348 || !TEST_true(OSSL_CMP_CTX_set_certConf_cb(ctx, test_certConf_cb)) 349 || !TEST_true(OSSL_CMP_CTX_set_certConf_cb_arg(ctx, &reject))) { 350 tear_down(fixture); 351 fixture = NULL; 352 } 353 X509_REQ_free(csr); 354 EXECUTE_TEST(execute_exec_certrequest_ses_test, tear_down); 355 return result; 356 } 357 358 static int test_exec_P10CR_ses_ok(void) 359 { 360 return test_exec_P10CR_ses(0); 361 } 362 363 static int test_exec_P10CR_ses_reject(void) 364 { 365 return test_exec_P10CR_ses(1); 366 } 367 368 static int execute_try_certreq_poll_test(CMP_SES_TEST_FIXTURE *fixture) 369 { 370 OSSL_CMP_CTX *ctx = fixture->cmp_ctx; 371 int check_after; 372 const int CHECK_AFTER = 0; 373 const int TYPE = OSSL_CMP_PKIBODY_KUR; 374 375 ossl_cmp_mock_srv_set_pollCount(fixture->srv_ctx, 3); 376 ossl_cmp_mock_srv_set_checkAfterTime(fixture->srv_ctx, CHECK_AFTER); 377 return TEST_int_eq(-1, OSSL_CMP_try_certreq(ctx, TYPE, NULL, &check_after)) 378 && check_after == CHECK_AFTER 379 && TEST_ptr_eq(OSSL_CMP_CTX_get0_newCert(ctx), NULL) 380 && TEST_int_eq(-1, OSSL_CMP_try_certreq(ctx, TYPE, NULL, &check_after)) 381 && check_after == CHECK_AFTER 382 && TEST_ptr_eq(OSSL_CMP_CTX_get0_newCert(ctx), NULL) 383 && TEST_int_eq(fixture->expected, 384 OSSL_CMP_try_certreq(ctx, TYPE, NULL, NULL)) 385 && TEST_int_eq(0, 386 X509_cmp(OSSL_CMP_CTX_get0_newCert(ctx), client_cert)); 387 } 388 389 static int test_try_certreq_poll(void) 390 { 391 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 392 fixture->expected = 1; 393 EXECUTE_TEST(execute_try_certreq_poll_test, tear_down); 394 return result; 395 } 396 397 static int execute_try_certreq_poll_abort_test(CMP_SES_TEST_FIXTURE *fixture) 398 { 399 OSSL_CMP_CTX *ctx = fixture->cmp_ctx; 400 int check_after; 401 const int CHECK_AFTER = 99; 402 const int TYPE = OSSL_CMP_PKIBODY_CR; 403 404 ossl_cmp_mock_srv_set_pollCount(fixture->srv_ctx, 3); 405 ossl_cmp_mock_srv_set_checkAfterTime(fixture->srv_ctx, CHECK_AFTER); 406 return TEST_int_eq(-1, OSSL_CMP_try_certreq(ctx, TYPE, NULL, &check_after)) 407 && check_after == CHECK_AFTER 408 && TEST_ptr_eq(OSSL_CMP_CTX_get0_newCert(ctx), NULL) 409 && TEST_int_eq(fixture->expected, 410 OSSL_CMP_try_certreq(ctx, -1 /* abort */, NULL, NULL)) 411 && TEST_ptr_eq(OSSL_CMP_CTX_get0_newCert(fixture->cmp_ctx), NULL); 412 } 413 414 static int test_try_certreq_poll_abort(void) 415 { 416 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 417 fixture->expected = 1; 418 EXECUTE_TEST(execute_try_certreq_poll_abort_test, tear_down); 419 return result; 420 } 421 422 static int test_exec_GENM_ses_poll_ok(void) 423 { 424 return test_exec_REQ_ses_poll(OSSL_CMP_PKIBODY_GENM, checkAfter, 2, 0, 425 OSSL_CMP_PKISTATUS_accepted); 426 } 427 428 static int test_exec_GENM_ses_poll_no_timeout(void) 429 { 430 return test_exec_REQ_ses_poll(OSSL_CMP_PKIBODY_GENM, checkAfter, 431 1 /* pollCount */, checkAfter + 1, 432 OSSL_CMP_PKISTATUS_accepted); 433 } 434 435 static int test_exec_GENM_ses_poll_total_timeout(void) 436 { 437 return test_exec_REQ_ses_poll(OSSL_CMP_PKIBODY_GENM, checkAfter + 1, 438 3 /* pollCount */, checkAfter + 2, 439 OSSL_CMP_PKISTATUS_waiting); 440 } 441 442 static int test_exec_GENM_ses(int transfer_error, int total_timeout, int expect) 443 { 444 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 445 if (transfer_error) 446 OSSL_CMP_CTX_set_transfer_cb_arg(fixture->cmp_ctx, NULL); 447 /* 448 * cannot use OSSL_CMP_CTX_set_option(... OSSL_CMP_OPT_TOTAL_TIMEOUT) 449 * here because this will correct total_timeout to be >= 0 450 */ 451 fixture->cmp_ctx->total_timeout = total_timeout; 452 fixture->expected = expect; 453 EXECUTE_TEST(execute_exec_GENM_ses_test, tear_down); 454 return result; 455 } 456 457 static int test_exec_GENM_ses_ok(void) 458 { 459 return test_exec_GENM_ses(0, 0, OSSL_CMP_PKISTATUS_accepted); 460 } 461 462 static int test_exec_GENM_ses_transfer_error(void) 463 { 464 return test_exec_GENM_ses(1, 0, OSSL_CMP_PKISTATUS_trans); 465 } 466 467 static int test_exec_GENM_ses_total_timeout(void) 468 { 469 return test_exec_GENM_ses(0, -1, OSSL_CMP_PKISTATUS_trans); 470 } 471 472 static int execute_exchange_certConf_test(CMP_SES_TEST_FIXTURE *fixture) 473 { 474 int res = ossl_cmp_exchange_certConf(fixture->cmp_ctx, OSSL_CMP_CERTREQID, 475 OSSL_CMP_PKIFAILUREINFO_addInfoNotAvailable, 476 "abcdefg"); 477 478 return TEST_int_eq(fixture->expected, res); 479 } 480 481 static int execute_exchange_error_test(CMP_SES_TEST_FIXTURE *fixture) 482 { 483 int res = ossl_cmp_exchange_error(fixture->cmp_ctx, 484 OSSL_CMP_PKISTATUS_rejection, 485 1 << OSSL_CMP_PKIFAILUREINFO_unsupportedVersion, 486 "foo_status", 999, "foo_details"); 487 488 return TEST_int_eq(fixture->expected, res); 489 } 490 491 static int test_exchange_certConf(void) 492 { 493 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 494 fixture->expected = 0; /* client should not send certConf immediately */ 495 if (!ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx, X509_dup(client_cert))) { 496 tear_down(fixture); 497 fixture = NULL; 498 } 499 EXECUTE_TEST(execute_exchange_certConf_test, tear_down); 500 return result; 501 } 502 503 static int test_exchange_error(void) 504 { 505 SETUP_TEST_FIXTURE(CMP_SES_TEST_FIXTURE, set_up); 506 fixture->expected = 1; /* client may send error any time */ 507 EXECUTE_TEST(execute_exchange_error_test, tear_down); 508 return result; 509 } 510 511 void cleanup_tests(void) 512 { 513 X509_free(server_cert); 514 EVP_PKEY_free(server_key); 515 X509_free(client_cert); 516 EVP_PKEY_free(client_key); 517 OSSL_PROVIDER_unload(default_null_provider); 518 OSSL_PROVIDER_unload(provider); 519 OSSL_LIB_CTX_free(libctx); 520 return; 521 } 522 523 #define USAGE "server.key server.crt client.key client.crt client.csr module_name [module_conf_file]\n" 524 OPT_TEST_DECLARE_USAGE(USAGE) 525 526 int setup_tests(void) 527 { 528 if (!test_skip_common_options()) { 529 TEST_error("Error parsing test options\n"); 530 return 0; 531 } 532 533 if (!TEST_ptr(server_key_f = test_get_argument(0)) 534 || !TEST_ptr(server_cert_f = test_get_argument(1)) 535 || !TEST_ptr(client_key_f = test_get_argument(2)) 536 || !TEST_ptr(client_cert_f = test_get_argument(3)) 537 || !TEST_ptr(pkcs10_f = test_get_argument(4))) { 538 TEST_error("usage: cmp_client_test %s", USAGE); 539 return 0; 540 } 541 542 if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 5, USAGE)) 543 return 0; 544 545 if (!TEST_ptr(server_key = load_pkey_pem(server_key_f, libctx)) 546 || !TEST_ptr(server_cert = load_cert_pem(server_cert_f, libctx)) 547 || !TEST_ptr(client_key = load_pkey_pem(client_key_f, libctx)) 548 || !TEST_ptr(client_cert = load_cert_pem(client_cert_f, libctx)) 549 || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref), 0))) { 550 cleanup_tests(); 551 return 0; 552 } 553 554 ADD_TEST(test_exec_RR_ses_ok); 555 ADD_TEST(test_exec_RR_ses_request_error); 556 ADD_TEST(test_exec_RR_ses_receive_error); 557 ADD_TEST(test_exec_CR_ses_explicit_confirm); 558 ADD_TEST(test_exec_CR_ses_implicit_confirm); 559 ADD_TEST(test_exec_IR_ses); 560 ADD_TEST(test_exec_IR_ses_poll_ok); 561 ADD_TEST(test_exec_IR_ses_poll_no_timeout); 562 ADD_TEST(test_exec_IR_ses_poll_total_timeout); 563 ADD_TEST(test_exec_KUR_ses_ok); 564 ADD_TEST(test_exec_KUR_ses_transfer_error); 565 ADD_TEST(test_exec_KUR_ses_wrong_popo); 566 ADD_TEST(test_exec_KUR_ses_pub); 567 ADD_TEST(test_exec_KUR_ses_wrong_pub); 568 ADD_TEST(test_exec_P10CR_ses_ok); 569 ADD_TEST(test_exec_P10CR_ses_reject); 570 ADD_TEST(test_try_certreq_poll); 571 ADD_TEST(test_try_certreq_poll_abort); 572 ADD_TEST(test_exec_GENM_ses_ok); 573 ADD_TEST(test_exec_GENM_ses_transfer_error); 574 ADD_TEST(test_exec_GENM_ses_total_timeout); 575 ADD_TEST(test_exec_GENM_ses_poll_ok); 576 ADD_TEST(test_exec_GENM_ses_poll_no_timeout); 577 ADD_TEST(test_exec_GENM_ses_poll_total_timeout); 578 ADD_TEST(test_exchange_certConf); 579 ADD_TEST(test_exchange_error); 580 return 1; 581 } 582
Indexes created Sat Feb 28 05:31:39 UTC 2026