1 1.1 christos /* 2 1.1 christos * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved. 3 1.1 christos * Copyright Nokia 2007-2019 4 1.1 christos * Copyright Siemens AG 2015-2019 5 1.1 christos * 6 1.1 christos * Licensed under the Apache License 2.0 (the "License"). You may not use 7 1.1 christos * this file except in compliance with the License. You can obtain a copy 8 1.1 christos * in the file LICENSE in the source distribution or at 9 1.1 christos * https://www.openssl.org/source/license.html 10 1.1 christos */ 11 1.1 christos 12 1.1 christos #include "helpers/cmp_testlib.h" 13 1.1 christos #include "../crypto/crmf/crmf_local.h" /* for manipulating POPO signature */ 14 1.1 christos 15 1.1 christos static const char *server_f; 16 1.1 christos static const char *client_f; 17 1.1 christos static const char *endentity1_f; 18 1.1 christos static const char *endentity2_f; 19 1.1 christos static const char *root_f; 20 1.1 christos static const char *intermediate_f; 21 1.1 christos static const char *ir_protected_f; 22 1.1 christos static const char *ir_unprotected_f; 23 1.1 christos static const char *ir_rmprotection_f; 24 1.1 christos static const char *ip_waiting_f; 25 1.1 christos static const char *instacert_f; 26 1.1 christos static const char *instaca_f; 27 1.1 christos static const char *ir_protected_0_extracerts; 28 1.1 christos static const char *ir_protected_2_extracerts; 29 1.1 christos 30 1.1 christos typedef struct test_fixture { 31 1.1 christos const char *test_case_name; 32 1.1 christos int expected; 33 1.1 christos OSSL_CMP_CTX *cmp_ctx; 34 1.1 christos OSSL_CMP_MSG *msg; 35 1.1 christos X509 *cert; 36 1.1 christos ossl_cmp_allow_unprotected_cb_t allow_unprotected_cb; 37 1.1 christos int additional_arg; 38 1.1 christos } CMP_VFY_TEST_FIXTURE; 39 1.1 christos 40 1.1 christos static OSSL_LIB_CTX *libctx = NULL; 41 1.1 christos static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; 42 1.1 christos 43 1.1 christos static void tear_down(CMP_VFY_TEST_FIXTURE *fixture) 44 1.1 christos { 45 1.1 christos OSSL_CMP_MSG_free(fixture->msg); 46 1.1 christos OSSL_CMP_CTX_free(fixture->cmp_ctx); 47 1.1 christos OPENSSL_free(fixture); 48 1.1 christos } 49 1.1 christos 50 1.1 christos static time_t test_time_valid = 0, test_time_after_expiration = 0; 51 1.1 christos 52 1.1 christos static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name) 53 1.1 christos { 54 1.1 christos X509_STORE *ts; 55 1.1 christos CMP_VFY_TEST_FIXTURE *fixture; 56 1.1 christos 57 1.1 christos if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture)))) 58 1.1 christos return NULL; 59 1.1 christos 60 1.1 christos ts = X509_STORE_new(); 61 1.1 christos fixture->test_case_name = test_case_name; 62 1.1 christos if (ts == NULL 63 1.1.1.2 christos || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL)) 64 1.1.1.2 christos || !OSSL_CMP_CTX_set0_trusted(fixture->cmp_ctx, ts) 65 1.1.1.2 christos || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) { 66 1.1 christos tear_down(fixture); 67 1.1 christos X509_STORE_free(ts); 68 1.1 christos return NULL; 69 1.1 christos } 70 1.1 christos X509_VERIFY_PARAM_set_time(X509_STORE_get0_param(ts), test_time_valid); 71 1.1 christos X509_STORE_set_verify_cb(ts, X509_STORE_CTX_print_verify_cb); 72 1.1 christos return fixture; 73 1.1 christos } 74 1.1 christos 75 1.1 christos static X509 *srvcert = NULL; 76 1.1 christos static X509 *clcert = NULL; 77 1.1 christos /* chain */ 78 1.1 christos static X509 *endentity1 = NULL, *endentity2 = NULL, 79 1.1.1.2 christos *intermediate = NULL, *root = NULL; 80 1.1 christos /* INSTA chain */ 81 1.1 christos static X509 *insta_cert = NULL, *instaca_cert = NULL; 82 1.1 christos 83 1.1 christos static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH]; 84 1.1 christos static OSSL_CMP_MSG *ir_unprotected, *ir_rmprotection; 85 1.1 christos 86 1.1 christos /* secret value used for IP_waitingStatus_PBM.der */ 87 1.1 christos static const unsigned char sec_1[] = { 88 1.1 christos '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3', 89 1.1 christos 'Q', '-', 'u', 'd', 'N', 'R' 90 1.1 christos }; 91 1.1 christos 92 1.1 christos static int flip_bit(ASN1_BIT_STRING *bitstr) 93 1.1 christos { 94 1.1 christos int bit_num = 7; 95 1.1 christos int bit = ASN1_BIT_STRING_get_bit(bitstr, bit_num); 96 1.1 christos 97 1.1 christos return ASN1_BIT_STRING_set_bit(bitstr, bit_num, !bit); 98 1.1 christos } 99 1.1 christos 100 1.1 christos static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture) 101 1.1 christos { 102 1.1 christos if ((fixture->msg = load_pkimsg(ir_protected_f, libctx)) == NULL) 103 1.1 christos return 0; 104 1.1 christos if (fixture->expected == 0) { 105 1.1 christos const OSSL_CRMF_MSGS *reqs = fixture->msg->body->value.ir; 106 1.1 christos const OSSL_CRMF_MSG *req = sk_OSSL_CRMF_MSG_value(reqs, 0); 107 1.1 christos 108 1.1 christos if (req == NULL || !flip_bit(req->popo->value.signature->signature)) 109 1.1 christos return 0; 110 1.1 christos } 111 1.1 christos return TEST_int_eq(fixture->expected, 112 1.1.1.2 christos ossl_cmp_verify_popo(fixture->cmp_ctx, fixture->msg, 113 1.1.1.2 christos fixture->additional_arg)); 114 1.1 christos } 115 1.1 christos 116 1.1 christos static int test_verify_popo(void) 117 1.1 christos { 118 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 119 1.1 christos fixture->expected = 1; 120 1.1 christos EXECUTE_TEST(execute_verify_popo_test, tear_down); 121 1.1 christos return result; 122 1.1 christos } 123 1.1 christos 124 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 125 1.1 christos static int test_verify_popo_bad(void) 126 1.1 christos { 127 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 128 1.1 christos fixture->expected = 0; 129 1.1 christos EXECUTE_TEST(execute_verify_popo_test, tear_down); 130 1.1 christos return result; 131 1.1 christos } 132 1.1 christos #endif 133 1.1 christos 134 1.1 christos /* indirectly checks also OSSL_CMP_validate_msg() */ 135 1.1 christos static int execute_validate_msg_test(CMP_VFY_TEST_FIXTURE *fixture) 136 1.1 christos { 137 1.1 christos int res = TEST_int_eq(fixture->expected, 138 1.1.1.2 christos ossl_cmp_msg_check_update(fixture->cmp_ctx, 139 1.1.1.2 christos fixture->msg, NULL, 0)); 140 1.1 christos X509 *validated = OSSL_CMP_CTX_get0_validatedSrvCert(fixture->cmp_ctx); 141 1.1 christos 142 1.1 christos return res && (!fixture->expected || TEST_ptr_eq(validated, fixture->cert)); 143 1.1 christos } 144 1.1 christos 145 1.1 christos static int execute_validate_cert_path_test(CMP_VFY_TEST_FIXTURE *fixture) 146 1.1 christos { 147 1.1 christos X509_STORE *ts = OSSL_CMP_CTX_get0_trusted(fixture->cmp_ctx); 148 1.1 christos int res = TEST_int_eq(fixture->expected, 149 1.1.1.2 christos OSSL_CMP_validate_cert_path(fixture->cmp_ctx, 150 1.1.1.2 christos ts, fixture->cert)); 151 1.1 christos 152 1.1 christos OSSL_CMP_CTX_print_errors(fixture->cmp_ctx); 153 1.1 christos return res; 154 1.1 christos } 155 1.1 christos 156 1.1 christos static int test_validate_msg_mac_alg_protection(int miss, int wrong) 157 1.1 christos { 158 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 159 1.1 christos fixture->cert = NULL; 160 1.1 christos 161 1.1 christos fixture->expected = !miss && !wrong; 162 1.1 christos if (!TEST_true(miss ? OSSL_CMP_CTX_set0_trusted(fixture->cmp_ctx, NULL) 163 1.1.1.2 christos : OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1, 164 1.1.1.2 christos wrong ? 4 : sizeof(sec_1))) 165 1.1.1.2 christos || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) { 166 1.1 christos tear_down(fixture); 167 1.1 christos fixture = NULL; 168 1.1 christos } 169 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 170 1.1 christos return result; 171 1.1 christos } 172 1.1 christos 173 1.1 christos static int test_validate_msg_mac_alg_protection_ok(void) 174 1.1 christos { 175 1.1 christos return test_validate_msg_mac_alg_protection(0, 0); 176 1.1 christos } 177 1.1 christos 178 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 179 1.1 christos static int test_validate_msg_mac_alg_protection_missing(void) 180 1.1 christos { 181 1.1 christos return test_validate_msg_mac_alg_protection(1, 0); 182 1.1 christos } 183 1.1 christos 184 1.1 christos static int test_validate_msg_mac_alg_protection_wrong(void) 185 1.1 christos { 186 1.1 christos return test_validate_msg_mac_alg_protection(0, 1); 187 1.1 christos } 188 1.1 christos 189 1.1 christos static int test_validate_msg_mac_alg_protection_bad(void) 190 1.1 christos { 191 1.1 christos const unsigned char sec_bad[] = { 192 1.1 christos '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3', 193 1.1 christos 'Q', '-', 'u', 'd', 'N', 'r' 194 1.1 christos }; 195 1.1 christos 196 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 197 1.1 christos fixture->cert = NULL; 198 1.1 christos fixture->expected = 0; 199 1.1 christos 200 1.1 christos if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad, 201 1.1.1.2 christos sizeof(sec_bad))) 202 1.1.1.2 christos || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) { 203 1.1 christos tear_down(fixture); 204 1.1 christos fixture = NULL; 205 1.1 christos } 206 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 207 1.1 christos return result; 208 1.1 christos } 209 1.1 christos #endif 210 1.1 christos 211 1.1 christos static int add_trusted(OSSL_CMP_CTX *ctx, X509 *cert) 212 1.1 christos { 213 1.1 christos return X509_STORE_add_cert(OSSL_CMP_CTX_get0_trusted(ctx), cert); 214 1.1 christos } 215 1.1 christos 216 1.1 christos static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert) 217 1.1 christos { 218 1.1 christos return X509_add_cert(OSSL_CMP_CTX_get0_untrusted(ctx), cert, 219 1.1.1.2 christos X509_ADD_FLAG_UP_REF); 220 1.1 christos } 221 1.1 christos 222 1.1 christos static int test_validate_msg_signature_partial_chain(int expired) 223 1.1 christos { 224 1.1 christos X509_STORE *ts; 225 1.1 christos 226 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 227 1.1 christos fixture->cert = srvcert; 228 1.1 christos 229 1.1 christos ts = OSSL_CMP_CTX_get0_trusted(fixture->cmp_ctx); 230 1.1 christos fixture->expected = !expired; 231 1.1 christos if (ts == NULL 232 1.1.1.2 christos || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) 233 1.1.1.2 christos || !add_trusted(fixture->cmp_ctx, srvcert)) { 234 1.1 christos tear_down(fixture); 235 1.1 christos fixture = NULL; 236 1.1 christos } else { 237 1.1 christos X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts); 238 1.1 christos 239 1.1 christos X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_PARTIAL_CHAIN); 240 1.1 christos if (expired) 241 1.1 christos X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration); 242 1.1 christos } 243 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 244 1.1 christos return result; 245 1.1 christos } 246 1.1 christos 247 1.1 christos static int test_validate_msg_signature_trusted_ok(void) 248 1.1 christos { 249 1.1 christos return test_validate_msg_signature_partial_chain(0); 250 1.1 christos } 251 1.1 christos 252 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 253 1.1 christos static int test_validate_msg_signature_trusted_expired(void) 254 1.1 christos { 255 1.1 christos return test_validate_msg_signature_partial_chain(1); 256 1.1 christos } 257 1.1 christos #endif 258 1.1 christos 259 1.1 christos static int test_validate_msg_signature_srvcert(int bad_sig, int miss, int wrong) 260 1.1 christos { 261 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 262 1.1 christos fixture->cert = srvcert; 263 1.1 christos fixture->expected = !bad_sig && !wrong && !miss; 264 1.1 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) 265 1.1 christos || !TEST_true(miss ? OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, 266 1.1.1.2 christos sec_1, sizeof(sec_1)) 267 1.1.1.2 christos : OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, 268 1.1.1.2 christos wrong ? clcert : srvcert)) 269 1.1 christos || (bad_sig && !flip_bit(fixture->msg->protection))) { 270 1.1 christos tear_down(fixture); 271 1.1 christos fixture = NULL; 272 1.1 christos } 273 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 274 1.1 christos return result; 275 1.1 christos } 276 1.1 christos 277 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 278 1.1 christos static int test_validate_msg_signature_srvcert_missing(void) 279 1.1 christos { 280 1.1 christos return test_validate_msg_signature_srvcert(0, 1, 0); 281 1.1 christos } 282 1.1 christos #endif 283 1.1 christos 284 1.1 christos static int test_validate_msg_signature_srvcert_wrong(void) 285 1.1 christos { 286 1.1 christos return test_validate_msg_signature_srvcert(0, 0, 1); 287 1.1 christos } 288 1.1 christos 289 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 290 1.1 christos static int test_validate_msg_signature_bad(void) 291 1.1 christos { 292 1.1 christos return test_validate_msg_signature_srvcert(1, 0, 0); 293 1.1 christos } 294 1.1 christos #endif 295 1.1 christos 296 1.1 christos static int test_validate_msg_signature_sender_cert_srvcert(void) 297 1.1 christos { 298 1.1 christos return test_validate_msg_signature_srvcert(0, 0, 0); 299 1.1 christos } 300 1.1 christos 301 1.1 christos static int test_validate_msg_signature_sender_cert_untrusted(void) 302 1.1 christos { 303 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 304 1.1 christos fixture->cert = insta_cert; 305 1.1 christos fixture->expected = 1; 306 1.1 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx)) 307 1.1.1.2 christos || !add_trusted(fixture->cmp_ctx, instaca_cert) 308 1.1.1.2 christos || !add_untrusted(fixture->cmp_ctx, insta_cert)) { 309 1.1 christos tear_down(fixture); 310 1.1 christos fixture = NULL; 311 1.1 christos } 312 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 313 1.1 christos return result; 314 1.1 christos } 315 1.1 christos 316 1.1 christos static int test_validate_msg_signature_sender_cert_trusted(void) 317 1.1 christos { 318 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 319 1.1 christos fixture->cert = insta_cert; 320 1.1 christos fixture->expected = 1; 321 1.1 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx)) 322 1.1.1.2 christos || !add_trusted(fixture->cmp_ctx, instaca_cert) 323 1.1.1.2 christos || !add_trusted(fixture->cmp_ctx, insta_cert)) { 324 1.1 christos tear_down(fixture); 325 1.1 christos fixture = NULL; 326 1.1 christos } 327 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 328 1.1 christos return result; 329 1.1 christos } 330 1.1 christos 331 1.1 christos static int test_validate_msg_signature_sender_cert_extracert(void) 332 1.1 christos { 333 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 334 1.1 christos fixture->expected = 1; 335 1.1 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts, libctx)) 336 1.1.1.2 christos || !add_trusted(fixture->cmp_ctx, instaca_cert)) { 337 1.1 christos tear_down(fixture); 338 1.1 christos fixture = NULL; 339 1.1 christos } else { 340 1.1 christos fixture->cert = sk_X509_value(fixture->msg->extraCerts, 1); /* Insta CA */ 341 1.1 christos } 342 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 343 1.1 christos return result; 344 1.1 christos } 345 1.1 christos 346 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 347 1.1 christos static int test_validate_msg_signature_sender_cert_absent(void) 348 1.1 christos { 349 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 350 1.1 christos fixture->expected = 0; 351 1.1.1.2 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))) { 352 1.1 christos tear_down(fixture); 353 1.1 christos fixture = NULL; 354 1.1 christos } 355 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 356 1.1 christos return result; 357 1.1 christos } 358 1.1 christos #endif 359 1.1 christos 360 1.1 christos static int test_validate_with_sender(const X509_NAME *name, int expected) 361 1.1 christos { 362 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 363 1.1 christos fixture->cert = srvcert; 364 1.1 christos fixture->expected = expected; 365 1.1 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx)) 366 1.1 christos || !TEST_true(OSSL_CMP_CTX_set1_expected_sender(fixture->cmp_ctx, name)) 367 1.1 christos || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))) { 368 1.1 christos tear_down(fixture); 369 1.1 christos fixture = NULL; 370 1.1 christos } 371 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 372 1.1 christos return result; 373 1.1 christos } 374 1.1 christos 375 1.1 christos static int test_validate_msg_signature_expected_sender(void) 376 1.1 christos { 377 1.1 christos return test_validate_with_sender(X509_get_subject_name(srvcert), 1); 378 1.1 christos } 379 1.1 christos 380 1.1 christos static int test_validate_msg_signature_unexpected_sender(void) 381 1.1 christos { 382 1.1 christos return test_validate_with_sender(X509_get_subject_name(root), 0); 383 1.1 christos } 384 1.1 christos 385 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 386 1.1 christos static int test_validate_msg_unprotected_request(void) 387 1.1 christos { 388 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 389 1.1 christos fixture->expected = 0; 390 1.1 christos if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx))) { 391 1.1 christos tear_down(fixture); 392 1.1 christos fixture = NULL; 393 1.1 christos } 394 1.1 christos EXECUTE_TEST(execute_validate_msg_test, tear_down); 395 1.1 christos return result; 396 1.1 christos } 397 1.1 christos #endif 398 1.1 christos 399 1.1 christos static void setup_path(CMP_VFY_TEST_FIXTURE **fixture, X509 *wrong, int expired) 400 1.1 christos { 401 1.1 christos (*fixture)->cert = endentity2; 402 1.1 christos (*fixture)->expected = wrong == NULL && !expired; 403 1.1 christos if (expired) { 404 1.1 christos X509_STORE *ts = OSSL_CMP_CTX_get0_trusted((*fixture)->cmp_ctx); 405 1.1 christos X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts); 406 1.1 christos 407 1.1 christos X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration); 408 1.1 christos } 409 1.1 christos if (!add_trusted((*fixture)->cmp_ctx, wrong == NULL ? root : wrong) 410 1.1.1.2 christos || !add_untrusted((*fixture)->cmp_ctx, endentity1) 411 1.1.1.2 christos || !add_untrusted((*fixture)->cmp_ctx, intermediate)) { 412 1.1 christos tear_down((*fixture)); 413 1.1 christos (*fixture) = NULL; 414 1.1 christos } 415 1.1 christos } 416 1.1 christos 417 1.1 christos static int test_validate_cert_path_ok(void) 418 1.1 christos { 419 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 420 1.1 christos setup_path(&fixture, NULL, 0); 421 1.1 christos EXECUTE_TEST(execute_validate_cert_path_test, tear_down); 422 1.1 christos return result; 423 1.1 christos } 424 1.1 christos 425 1.1 christos static int test_validate_cert_path_wrong_anchor(void) 426 1.1 christos { 427 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 428 1.1 christos setup_path(&fixture, srvcert /* wrong/non-root cert */, 0); 429 1.1 christos EXECUTE_TEST(execute_validate_cert_path_test, tear_down); 430 1.1 christos return result; 431 1.1 christos } 432 1.1 christos 433 1.1 christos static int test_validate_cert_path_expired(void) 434 1.1 christos { 435 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 436 1.1 christos setup_path(&fixture, NULL, 1); 437 1.1 christos EXECUTE_TEST(execute_validate_cert_path_test, tear_down); 438 1.1 christos return result; 439 1.1 christos } 440 1.1 christos 441 1.1 christos static int execute_msg_check_test(CMP_VFY_TEST_FIXTURE *fixture) 442 1.1 christos { 443 1.1 christos const OSSL_CMP_PKIHEADER *hdr = OSSL_CMP_MSG_get0_header(fixture->msg); 444 1.1 christos const ASN1_OCTET_STRING *tid = OSSL_CMP_HDR_get0_transactionID(hdr); 445 1.1 christos 446 1.1 christos if (!TEST_int_eq(fixture->expected, 447 1.1.1.2 christos ossl_cmp_msg_check_update(fixture->cmp_ctx, 448 1.1.1.2 christos fixture->msg, 449 1.1.1.2 christos fixture->allow_unprotected_cb, 450 1.1.1.2 christos fixture->additional_arg))) 451 1.1 christos return 0; 452 1.1 christos 453 1.1 christos if (fixture->expected == 0) /* error expected already during above check */ 454 1.1 christos return 1; 455 1.1.1.2 christos return TEST_int_eq(0, 456 1.1.1.2 christos ASN1_OCTET_STRING_cmp(ossl_cmp_hdr_get0_senderNonce(hdr), 457 1.1.1.2 christos fixture->cmp_ctx->recipNonce)) 458 1.1 christos && TEST_int_eq(0, 459 1.1.1.2 christos ASN1_OCTET_STRING_cmp(tid, 460 1.1.1.2 christos fixture->cmp_ctx->transactionID)); 461 1.1 christos } 462 1.1 christos 463 1.1 christos static int allow_unprotected(const OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg, 464 1.1.1.2 christos int invalid_protection, int allow) 465 1.1 christos { 466 1.1 christos return allow; 467 1.1 christos } 468 1.1 christos 469 1.1 christos static void setup_check_update(CMP_VFY_TEST_FIXTURE **fixture, int expected, 470 1.1.1.2 christos ossl_cmp_allow_unprotected_cb_t cb, int arg, 471 1.1.1.2 christos const unsigned char *trid_data, 472 1.1.1.2 christos const unsigned char *nonce_data) 473 1.1 christos { 474 1.1 christos OSSL_CMP_CTX *ctx = (*fixture)->cmp_ctx; 475 1.1 christos int nonce_len = OSSL_CMP_SENDERNONCE_LENGTH; 476 1.1 christos 477 1.1 christos (*fixture)->expected = expected; 478 1.1 christos (*fixture)->allow_unprotected_cb = cb; 479 1.1 christos (*fixture)->additional_arg = arg; 480 1.1 christos (*fixture)->msg = OSSL_CMP_MSG_dup(ir_rmprotection); 481 1.1 christos if ((*fixture)->msg == NULL 482 1.1 christos || (nonce_data != NULL 483 1.1 christos && !ossl_cmp_asn1_octet_string_set1_bytes(&ctx->senderNonce, 484 1.1.1.2 christos nonce_data, nonce_len))) { 485 1.1 christos tear_down((*fixture)); 486 1.1 christos (*fixture) = NULL; 487 1.1 christos } else if (trid_data != NULL) { 488 1.1 christos ASN1_OCTET_STRING *trid = ASN1_OCTET_STRING_new(); 489 1.1 christos 490 1.1 christos if (trid == NULL 491 1.1 christos || !ASN1_OCTET_STRING_set(trid, trid_data, 492 1.1.1.2 christos OSSL_CMP_TRANSACTIONID_LENGTH) 493 1.1 christos || !OSSL_CMP_CTX_set1_transactionID(ctx, trid)) { 494 1.1 christos tear_down((*fixture)); 495 1.1 christos (*fixture) = NULL; 496 1.1 christos } 497 1.1 christos ASN1_OCTET_STRING_free(trid); 498 1.1 christos } 499 1.1 christos } 500 1.1 christos 501 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 502 1.1 christos static int test_msg_check_no_protection_no_cb(void) 503 1.1 christos { 504 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 505 1.1 christos setup_check_update(&fixture, 0, NULL, 0, NULL, NULL); 506 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 507 1.1 christos return result; 508 1.1 christos } 509 1.1 christos 510 1.1 christos static int test_msg_check_no_protection_restrictive_cb(void) 511 1.1 christos { 512 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 513 1.1 christos setup_check_update(&fixture, 0, allow_unprotected, 0, NULL, NULL); 514 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 515 1.1 christos return result; 516 1.1 christos } 517 1.1 christos #endif 518 1.1 christos 519 1.1 christos static int test_msg_check_no_protection_permissive_cb(void) 520 1.1 christos { 521 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 522 1.1 christos setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, NULL); 523 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 524 1.1 christos return result; 525 1.1 christos } 526 1.1 christos 527 1.1 christos static int test_msg_check_transaction_id(void) 528 1.1 christos { 529 1.1 christos /* Transaction id belonging to CMP_IR_rmprotection.der */ 530 1.1 christos const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] = { 531 1.1 christos 0x39, 0xB6, 0x90, 0x28, 0xC4, 0xBC, 0x7A, 0xF6, 532 1.1 christos 0xBE, 0xC6, 0x4A, 0x88, 0x97, 0xA6, 0x95, 0x0B 533 1.1 christos }; 534 1.1 christos 535 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 536 1.1 christos setup_check_update(&fixture, 1, allow_unprotected, 1, trans_id, NULL); 537 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 538 1.1 christos return result; 539 1.1 christos } 540 1.1 christos 541 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 542 1.1 christos static int test_msg_check_transaction_id_bad(void) 543 1.1 christos { 544 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 545 1.1 christos setup_check_update(&fixture, 0, allow_unprotected, 1, rand_data, NULL); 546 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 547 1.1 christos return result; 548 1.1 christos } 549 1.1 christos #endif 550 1.1 christos 551 1.1 christos static int test_msg_check_recipient_nonce(void) 552 1.1 christos { 553 1.1 christos /* Recipient nonce belonging to CMP_IP_ir_rmprotection.der */ 554 1.1 christos const unsigned char rec_nonce[OSSL_CMP_SENDERNONCE_LENGTH] = { 555 1.1 christos 0x48, 0xF1, 0x71, 0x1F, 0xE5, 0xAF, 0x1C, 0x8B, 556 1.1 christos 0x21, 0x97, 0x5C, 0x84, 0x74, 0x49, 0xBA, 0x32 557 1.1 christos }; 558 1.1 christos 559 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 560 1.1 christos setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, rec_nonce); 561 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 562 1.1 christos return result; 563 1.1 christos } 564 1.1 christos 565 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 566 1.1 christos static int test_msg_check_recipient_nonce_bad(void) 567 1.1 christos { 568 1.1 christos SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up); 569 1.1 christos setup_check_update(&fixture, 0, allow_unprotected, 1, NULL, rand_data); 570 1.1 christos EXECUTE_TEST(execute_msg_check_test, tear_down); 571 1.1 christos return result; 572 1.1 christos } 573 1.1 christos #endif 574 1.1 christos 575 1.1 christos void cleanup_tests(void) 576 1.1 christos { 577 1.1 christos X509_free(srvcert); 578 1.1 christos X509_free(clcert); 579 1.1 christos X509_free(endentity1); 580 1.1 christos X509_free(endentity2); 581 1.1 christos X509_free(intermediate); 582 1.1 christos X509_free(root); 583 1.1 christos X509_free(insta_cert); 584 1.1 christos X509_free(instaca_cert); 585 1.1 christos OSSL_CMP_MSG_free(ir_unprotected); 586 1.1 christos OSSL_CMP_MSG_free(ir_rmprotection); 587 1.1 christos OSSL_PROVIDER_unload(default_null_provider); 588 1.1 christos OSSL_PROVIDER_unload(provider); 589 1.1 christos OSSL_LIB_CTX_free(libctx); 590 1.1 christos return; 591 1.1 christos } 592 1.1 christos 593 1.1.1.2 christos #define USAGE "server.crt client.crt " \ 594 1.1.1.2 christos "EndEntity1.crt EndEntity2.crt " \ 595 1.1.1.2 christos "Root_CA.crt Intermediate_CA.crt " \ 596 1.1.1.2 christos "CMP_IR_protected.der CMP_IR_unprotected.der " \ 597 1.1.1.2 christos "IP_waitingStatus_PBM.der IR_rmprotection.der " \ 598 1.1.1.2 christos "insta.cert.pem insta_ca.cert.pem " \ 599 1.1.1.2 christos "IR_protected_0_extraCerts.der " \ 600 1.1.1.2 christos "IR_protected_2_extraCerts.der module_name [module_conf_file]\n" 601 1.1 christos OPT_TEST_DECLARE_USAGE(USAGE) 602 1.1 christos 603 1.1 christos int setup_tests(void) 604 1.1 christos { 605 1.1 christos /* Set test time stamps */ 606 1.1 christos struct tm ts = { 0 }; 607 1.1 christos 608 1.1.1.2 christos ts.tm_year = 2018 - 1900; /* 2018 */ 609 1.1.1.2 christos ts.tm_mon = 1; /* February */ 610 1.1.1.2 christos ts.tm_mday = 18; /* 18th */ 611 1.1 christos test_time_valid = mktime(&ts); /* February 18th 2018 */ 612 1.1.1.2 christos ts.tm_year += 10; /* February 18th 2028 */ 613 1.1 christos test_time_after_expiration = mktime(&ts); 614 1.1 christos 615 1.1 christos if (!test_skip_common_options()) { 616 1.1 christos TEST_error("Error parsing test options\n"); 617 1.1 christos return 0; 618 1.1 christos } 619 1.1 christos 620 1.1 christos RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH); 621 1.1 christos if (!TEST_ptr(server_f = test_get_argument(0)) 622 1.1.1.2 christos || !TEST_ptr(client_f = test_get_argument(1)) 623 1.1.1.2 christos || !TEST_ptr(endentity1_f = test_get_argument(2)) 624 1.1.1.2 christos || !TEST_ptr(endentity2_f = test_get_argument(3)) 625 1.1.1.2 christos || !TEST_ptr(root_f = test_get_argument(4)) 626 1.1.1.2 christos || !TEST_ptr(intermediate_f = test_get_argument(5)) 627 1.1.1.2 christos || !TEST_ptr(ir_protected_f = test_get_argument(6)) 628 1.1.1.2 christos || !TEST_ptr(ir_unprotected_f = test_get_argument(7)) 629 1.1.1.2 christos || !TEST_ptr(ip_waiting_f = test_get_argument(8)) 630 1.1.1.2 christos || !TEST_ptr(ir_rmprotection_f = test_get_argument(9)) 631 1.1.1.2 christos || !TEST_ptr(instacert_f = test_get_argument(10)) 632 1.1.1.2 christos || !TEST_ptr(instaca_f = test_get_argument(11)) 633 1.1.1.2 christos || !TEST_ptr(ir_protected_0_extracerts = test_get_argument(12)) 634 1.1.1.2 christos || !TEST_ptr(ir_protected_2_extracerts = test_get_argument(13))) { 635 1.1 christos TEST_error("usage: cmp_vfy_test %s", USAGE); 636 1.1 christos return 0; 637 1.1 christos } 638 1.1 christos 639 1.1 christos if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 14, USAGE)) 640 1.1 christos return 0; 641 1.1 christos 642 1.1 christos /* Load certificates for cert chain */ 643 1.1 christos if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx)) 644 1.1.1.2 christos || !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx)) 645 1.1.1.2 christos || !TEST_ptr(root = load_cert_pem(root_f, NULL)) 646 1.1.1.2 christos || !TEST_ptr(intermediate = load_cert_pem(intermediate_f, libctx))) 647 1.1 christos goto err; 648 1.1 christos 649 1.1 christos if (!TEST_ptr(insta_cert = load_cert_pem(instacert_f, libctx)) 650 1.1.1.2 christos || !TEST_ptr(instaca_cert = load_cert_pem(instaca_f, libctx))) 651 1.1 christos goto err; 652 1.1 christos 653 1.1 christos /* Load certificates for message validation */ 654 1.1 christos if (!TEST_ptr(srvcert = load_cert_pem(server_f, libctx)) 655 1.1.1.2 christos || !TEST_ptr(clcert = load_cert_pem(client_f, libctx))) 656 1.1 christos goto err; 657 1.1 christos if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH))) 658 1.1 christos goto err; 659 1.1 christos if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx)) 660 1.1.1.2 christos || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f, 661 1.1.1.2 christos libctx))) 662 1.1 christos goto err; 663 1.1 christos 664 1.1 christos /* Message validation tests */ 665 1.1 christos ADD_TEST(test_verify_popo); 666 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 667 1.1 christos ADD_TEST(test_verify_popo_bad); 668 1.1 christos #endif 669 1.1 christos ADD_TEST(test_validate_msg_signature_trusted_ok); 670 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 671 1.1 christos ADD_TEST(test_validate_msg_signature_trusted_expired); 672 1.1 christos ADD_TEST(test_validate_msg_signature_srvcert_missing); 673 1.1 christos #endif 674 1.1 christos ADD_TEST(test_validate_msg_signature_srvcert_wrong); 675 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 676 1.1 christos ADD_TEST(test_validate_msg_signature_bad); 677 1.1 christos #endif 678 1.1 christos ADD_TEST(test_validate_msg_signature_sender_cert_srvcert); 679 1.1 christos ADD_TEST(test_validate_msg_signature_sender_cert_untrusted); 680 1.1 christos ADD_TEST(test_validate_msg_signature_sender_cert_trusted); 681 1.1 christos ADD_TEST(test_validate_msg_signature_sender_cert_extracert); 682 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 683 1.1 christos ADD_TEST(test_validate_msg_signature_sender_cert_absent); 684 1.1 christos #endif 685 1.1 christos ADD_TEST(test_validate_msg_signature_expected_sender); 686 1.1 christos ADD_TEST(test_validate_msg_signature_unexpected_sender); 687 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 688 1.1 christos ADD_TEST(test_validate_msg_unprotected_request); 689 1.1 christos #endif 690 1.1 christos ADD_TEST(test_validate_msg_mac_alg_protection_ok); 691 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 692 1.1 christos ADD_TEST(test_validate_msg_mac_alg_protection_missing); 693 1.1 christos ADD_TEST(test_validate_msg_mac_alg_protection_wrong); 694 1.1 christos ADD_TEST(test_validate_msg_mac_alg_protection_bad); 695 1.1 christos #endif 696 1.1 christos 697 1.1 christos /* Cert path validation tests */ 698 1.1 christos ADD_TEST(test_validate_cert_path_ok); 699 1.1 christos ADD_TEST(test_validate_cert_path_expired); 700 1.1 christos ADD_TEST(test_validate_cert_path_wrong_anchor); 701 1.1 christos 702 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 703 1.1 christos ADD_TEST(test_msg_check_no_protection_no_cb); 704 1.1 christos ADD_TEST(test_msg_check_no_protection_restrictive_cb); 705 1.1 christos #endif 706 1.1 christos ADD_TEST(test_msg_check_no_protection_permissive_cb); 707 1.1 christos ADD_TEST(test_msg_check_transaction_id); 708 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 709 1.1 christos ADD_TEST(test_msg_check_transaction_id_bad); 710 1.1 christos #endif 711 1.1 christos ADD_TEST(test_msg_check_recipient_nonce); 712 1.1 christos #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 713 1.1 christos ADD_TEST(test_msg_check_recipient_nonce_bad); 714 1.1 christos #endif 715 1.1 christos 716 1.1 christos return 1; 717 1.1 christos 718 1.1.1.2 christos err: 719 1.1 christos cleanup_tests(); 720 1.1 christos return 0; 721 1.1 christos } 722
Indexes created Sun Mar 01 05:31:48 UTC 2026