1b0d17251Schristos /*
2*4170684fSchristos * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
3b0d17251Schristos * Copyright Nokia 2007-2019
4b0d17251Schristos * Copyright Siemens AG 2015-2019
5b0d17251Schristos *
6b0d17251Schristos * Licensed under the Apache License 2.0 (the "License"). You may not use
7b0d17251Schristos * this file except in compliance with the License. You can obtain a copy
8b0d17251Schristos * in the file LICENSE in the source distribution or at
9b0d17251Schristos * https://www.openssl.org/source/license.html
10b0d17251Schristos */
11b0d17251Schristos
12b0d17251Schristos #include "helpers/cmp_testlib.h"
13b0d17251Schristos
14b0d17251Schristos static const char *newkey_f;
15b0d17251Schristos static const char *server_cert_f;
16b0d17251Schristos static const char *pkcs10_f;
17b0d17251Schristos
18b0d17251Schristos typedef struct test_fixture {
19b0d17251Schristos const char *test_case_name;
20b0d17251Schristos OSSL_CMP_CTX *cmp_ctx;
21b0d17251Schristos /* for msg create tests */
22b0d17251Schristos int bodytype;
23b0d17251Schristos int err_code;
24b0d17251Schristos /* for certConf */
25b0d17251Schristos int fail_info;
26b0d17251Schristos /* for protection tests */
27b0d17251Schristos OSSL_CMP_MSG *msg;
28b0d17251Schristos int expected;
29b0d17251Schristos /* for error and response messages */
30b0d17251Schristos OSSL_CMP_PKISI *si;
31b0d17251Schristos } CMP_MSG_TEST_FIXTURE;
32b0d17251Schristos
33b0d17251Schristos static OSSL_LIB_CTX *libctx = NULL;
34b0d17251Schristos static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
35b0d17251Schristos
36b0d17251Schristos static unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
37b0d17251Schristos
tear_down(CMP_MSG_TEST_FIXTURE * fixture)38b0d17251Schristos static void tear_down(CMP_MSG_TEST_FIXTURE *fixture)
39b0d17251Schristos {
40b0d17251Schristos OSSL_CMP_CTX_free(fixture->cmp_ctx);
41b0d17251Schristos OSSL_CMP_MSG_free(fixture->msg);
42b0d17251Schristos OSSL_CMP_PKISI_free(fixture->si);
43b0d17251Schristos OPENSSL_free(fixture);
44b0d17251Schristos }
45b0d17251Schristos
46b0d17251Schristos #define SET_OPT_UNPROTECTED_SEND(ctx, val) \
47b0d17251Schristos OSSL_CMP_CTX_set_option((ctx), OSSL_CMP_OPT_UNPROTECTED_SEND, (val))
set_up(const char * const test_case_name)48b0d17251Schristos static CMP_MSG_TEST_FIXTURE *set_up(const char *const test_case_name)
49b0d17251Schristos {
50b0d17251Schristos CMP_MSG_TEST_FIXTURE *fixture;
51b0d17251Schristos
52b0d17251Schristos if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
53b0d17251Schristos return NULL;
54b0d17251Schristos fixture->test_case_name = test_case_name;
55b0d17251Schristos
56b0d17251Schristos if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
57b0d17251Schristos || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 1))
58b0d17251Schristos || !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
59b0d17251Schristos ref, sizeof(ref)))) {
60b0d17251Schristos tear_down(fixture);
61b0d17251Schristos return NULL;
62b0d17251Schristos }
63b0d17251Schristos return fixture;
64b0d17251Schristos }
65b0d17251Schristos
66b0d17251Schristos static EVP_PKEY *newkey = NULL;
67b0d17251Schristos static X509 *cert = NULL;
68b0d17251Schristos
69b0d17251Schristos #define EXECUTE_MSG_CREATION_TEST(expr) \
70b0d17251Schristos do { \
71b0d17251Schristos OSSL_CMP_MSG *msg = NULL; \
72b0d17251Schristos int good = fixture->expected != 0 ? \
73b0d17251Schristos TEST_ptr(msg = (expr)) && TEST_true(valid_asn1_encoding(msg)) : \
74b0d17251Schristos TEST_ptr_null(msg = (expr)); \
75b0d17251Schristos \
76b0d17251Schristos OSSL_CMP_MSG_free(msg); \
77b0d17251Schristos ERR_print_errors_fp(stderr); \
78b0d17251Schristos return good; \
79b0d17251Schristos } while (0)
80b0d17251Schristos
81b0d17251Schristos /*-
82b0d17251Schristos * The following tests call a cmp message creation function.
83b0d17251Schristos * if fixture->expected != 0:
84b0d17251Schristos * returns 1 if the message is created and syntactically correct.
85b0d17251Schristos * if fixture->expected == 0
86b0d17251Schristos * returns 1 if message creation returns NULL
87b0d17251Schristos */
execute_certreq_create_test(CMP_MSG_TEST_FIXTURE * fixture)88b0d17251Schristos static int execute_certreq_create_test(CMP_MSG_TEST_FIXTURE *fixture)
89b0d17251Schristos {
90b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_certreq_new(fixture->cmp_ctx,
91b0d17251Schristos fixture->bodytype,
92b0d17251Schristos NULL));
93b0d17251Schristos }
94b0d17251Schristos
execute_errormsg_create_test(CMP_MSG_TEST_FIXTURE * fixture)95b0d17251Schristos static int execute_errormsg_create_test(CMP_MSG_TEST_FIXTURE *fixture)
96b0d17251Schristos {
97b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_error_new(fixture->cmp_ctx, fixture->si,
98b0d17251Schristos fixture->err_code,
99b0d17251Schristos "details", 0));
100b0d17251Schristos }
101b0d17251Schristos
execute_rr_create_test(CMP_MSG_TEST_FIXTURE * fixture)102b0d17251Schristos static int execute_rr_create_test(CMP_MSG_TEST_FIXTURE *fixture)
103b0d17251Schristos {
104b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_rr_new(fixture->cmp_ctx));
105b0d17251Schristos }
106b0d17251Schristos
execute_certconf_create_test(CMP_MSG_TEST_FIXTURE * fixture)107b0d17251Schristos static int execute_certconf_create_test(CMP_MSG_TEST_FIXTURE *fixture)
108b0d17251Schristos {
109b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_certConf_new
110*4170684fSchristos (fixture->cmp_ctx, OSSL_CMP_CERTREQID,
111*4170684fSchristos fixture->fail_info, NULL));
112b0d17251Schristos }
113b0d17251Schristos
execute_genm_create_test(CMP_MSG_TEST_FIXTURE * fixture)114b0d17251Schristos static int execute_genm_create_test(CMP_MSG_TEST_FIXTURE *fixture)
115b0d17251Schristos {
116b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_genm_new(fixture->cmp_ctx));
117b0d17251Schristos }
118b0d17251Schristos
execute_pollreq_create_test(CMP_MSG_TEST_FIXTURE * fixture)119b0d17251Schristos static int execute_pollreq_create_test(CMP_MSG_TEST_FIXTURE *fixture)
120b0d17251Schristos {
121b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_pollReq_new(fixture->cmp_ctx, 4711));
122b0d17251Schristos }
123b0d17251Schristos
execute_pkimessage_create_test(CMP_MSG_TEST_FIXTURE * fixture)124b0d17251Schristos static int execute_pkimessage_create_test(CMP_MSG_TEST_FIXTURE *fixture)
125b0d17251Schristos {
126b0d17251Schristos EXECUTE_MSG_CREATION_TEST(ossl_cmp_msg_create
127b0d17251Schristos (fixture->cmp_ctx, fixture->bodytype));
128b0d17251Schristos }
129b0d17251Schristos
set1_newPkey(OSSL_CMP_CTX * ctx,EVP_PKEY * pkey)130b0d17251Schristos static int set1_newPkey(OSSL_CMP_CTX *ctx, EVP_PKEY *pkey)
131b0d17251Schristos {
132b0d17251Schristos if (!EVP_PKEY_up_ref(pkey))
133b0d17251Schristos return 0;
134b0d17251Schristos
135b0d17251Schristos if (!OSSL_CMP_CTX_set0_newPkey(ctx, 1, pkey)) {
136b0d17251Schristos EVP_PKEY_free(pkey);
137b0d17251Schristos return 0;
138b0d17251Schristos }
139b0d17251Schristos return 1;
140b0d17251Schristos }
141b0d17251Schristos
test_cmp_create_ir_protection_set(void)142b0d17251Schristos static int test_cmp_create_ir_protection_set(void)
143b0d17251Schristos {
144b0d17251Schristos OSSL_CMP_CTX *ctx;
145b0d17251Schristos unsigned char secret[16];
146b0d17251Schristos
147b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
148b0d17251Schristos
149b0d17251Schristos ctx = fixture->cmp_ctx;
150b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_IR;
151b0d17251Schristos fixture->err_code = -1;
152b0d17251Schristos fixture->expected = 1;
153b0d17251Schristos if (!TEST_int_eq(1, RAND_bytes_ex(libctx, secret, sizeof(secret), 0))
154b0d17251Schristos || !TEST_true(SET_OPT_UNPROTECTED_SEND(ctx, 0))
155b0d17251Schristos || !TEST_true(set1_newPkey(ctx, newkey))
156b0d17251Schristos || !TEST_true(OSSL_CMP_CTX_set1_secretValue(ctx, secret,
157b0d17251Schristos sizeof(secret)))) {
158b0d17251Schristos tear_down(fixture);
159b0d17251Schristos fixture = NULL;
160b0d17251Schristos }
161b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
162b0d17251Schristos return result;
163b0d17251Schristos }
164b0d17251Schristos
test_cmp_create_ir_protection_fails(void)165b0d17251Schristos static int test_cmp_create_ir_protection_fails(void)
166b0d17251Schristos {
167b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
168b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_IR;
169b0d17251Schristos fixture->err_code = -1;
170b0d17251Schristos fixture->expected = 0;
171b0d17251Schristos if (!TEST_true(OSSL_CMP_CTX_set1_pkey(fixture->cmp_ctx, newkey))
172b0d17251Schristos || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0))
173b0d17251Schristos /* newkey used by default for signing does not match cert: */
174b0d17251Schristos || !TEST_true(OSSL_CMP_CTX_set1_cert(fixture->cmp_ctx, cert))) {
175b0d17251Schristos tear_down(fixture);
176b0d17251Schristos fixture = NULL;
177b0d17251Schristos }
178b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
179b0d17251Schristos return result;
180b0d17251Schristos }
181b0d17251Schristos
test_cmp_create_cr_without_key(void)182b0d17251Schristos static int test_cmp_create_cr_without_key(void)
183b0d17251Schristos {
184b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
185b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_CR;
186b0d17251Schristos fixture->err_code = -1;
187b0d17251Schristos fixture->expected = 0;
188b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
189b0d17251Schristos return result;
190b0d17251Schristos }
191b0d17251Schristos
test_cmp_create_cr(void)192b0d17251Schristos static int test_cmp_create_cr(void)
193b0d17251Schristos {
194b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
195b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_CR;
196b0d17251Schristos fixture->err_code = -1;
197b0d17251Schristos fixture->expected = 1;
198b0d17251Schristos if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))) {
199b0d17251Schristos tear_down(fixture);
200b0d17251Schristos fixture = NULL;
201b0d17251Schristos }
202b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
203b0d17251Schristos return result;
204b0d17251Schristos }
205b0d17251Schristos
test_cmp_create_certreq_with_invalid_bodytype(void)206b0d17251Schristos static int test_cmp_create_certreq_with_invalid_bodytype(void)
207b0d17251Schristos {
208b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
209b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_RR;
210b0d17251Schristos fixture->err_code = -1;
211b0d17251Schristos fixture->expected = 0;
212b0d17251Schristos if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))) {
213b0d17251Schristos tear_down(fixture);
214b0d17251Schristos fixture = NULL;
215b0d17251Schristos }
216b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
217b0d17251Schristos return result;
218b0d17251Schristos }
219b0d17251Schristos
test_cmp_create_p10cr(void)220b0d17251Schristos static int test_cmp_create_p10cr(void)
221b0d17251Schristos {
222b0d17251Schristos OSSL_CMP_CTX *ctx;
223b0d17251Schristos X509_REQ *p10cr = NULL;
224b0d17251Schristos
225b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
226b0d17251Schristos ctx = fixture->cmp_ctx;
227b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_P10CR;
228b0d17251Schristos fixture->err_code = CMP_R_ERROR_CREATING_CERTREQ;
229b0d17251Schristos fixture->expected = 1;
230b0d17251Schristos if (!TEST_ptr(p10cr = load_csr_der(pkcs10_f, libctx))
231b0d17251Schristos || !TEST_true(set1_newPkey(ctx, newkey))
232b0d17251Schristos || !TEST_true(OSSL_CMP_CTX_set1_p10CSR(ctx, p10cr))) {
233b0d17251Schristos tear_down(fixture);
234b0d17251Schristos fixture = NULL;
235b0d17251Schristos }
236b0d17251Schristos X509_REQ_free(p10cr);
237b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
238b0d17251Schristos return result;
239b0d17251Schristos }
240b0d17251Schristos
test_cmp_create_p10cr_null(void)241b0d17251Schristos static int test_cmp_create_p10cr_null(void)
242b0d17251Schristos {
243b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
244b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_P10CR;
245b0d17251Schristos fixture->err_code = CMP_R_ERROR_CREATING_CERTREQ;
246b0d17251Schristos fixture->expected = 0;
247b0d17251Schristos if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))) {
248b0d17251Schristos tear_down(fixture);
249b0d17251Schristos fixture = NULL;
250b0d17251Schristos }
251b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
252b0d17251Schristos return result;
253b0d17251Schristos }
254b0d17251Schristos
test_cmp_create_kur(void)255b0d17251Schristos static int test_cmp_create_kur(void)
256b0d17251Schristos {
257b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
258b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_KUR;
259b0d17251Schristos fixture->err_code = -1;
260b0d17251Schristos fixture->expected = 1;
261b0d17251Schristos if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))
262b0d17251Schristos || !TEST_true(OSSL_CMP_CTX_set1_oldCert(fixture->cmp_ctx, cert))) {
263b0d17251Schristos tear_down(fixture);
264b0d17251Schristos fixture = NULL;
265b0d17251Schristos }
266b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
267b0d17251Schristos return result;
268b0d17251Schristos }
269b0d17251Schristos
test_cmp_create_kur_without_oldcert(void)270b0d17251Schristos static int test_cmp_create_kur_without_oldcert(void)
271b0d17251Schristos {
272b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
273b0d17251Schristos fixture->bodytype = OSSL_CMP_PKIBODY_KUR;
274b0d17251Schristos fixture->err_code = -1;
275b0d17251Schristos fixture->expected = 0;
276b0d17251Schristos if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))) {
277b0d17251Schristos tear_down(fixture);
278b0d17251Schristos fixture = NULL;
279b0d17251Schristos }
280b0d17251Schristos EXECUTE_TEST(execute_certreq_create_test, tear_down);
281b0d17251Schristos return result;
282b0d17251Schristos }
283b0d17251Schristos
test_cmp_create_certconf(void)284b0d17251Schristos static int test_cmp_create_certconf(void)
285b0d17251Schristos {
286b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
287b0d17251Schristos fixture->fail_info = 0;
288b0d17251Schristos fixture->expected = 1;
289b0d17251Schristos if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
290b0d17251Schristos X509_dup(cert)))) {
291b0d17251Schristos tear_down(fixture);
292b0d17251Schristos fixture = NULL;
293b0d17251Schristos }
294b0d17251Schristos EXECUTE_TEST(execute_certconf_create_test, tear_down);
295b0d17251Schristos return result;
296b0d17251Schristos }
297b0d17251Schristos
test_cmp_create_certconf_badAlg(void)298b0d17251Schristos static int test_cmp_create_certconf_badAlg(void)
299b0d17251Schristos {
300b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
301b0d17251Schristos fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badAlg;
302b0d17251Schristos fixture->expected = 1;
303b0d17251Schristos if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
304b0d17251Schristos X509_dup(cert)))) {
305b0d17251Schristos tear_down(fixture);
306b0d17251Schristos fixture = NULL;
307b0d17251Schristos }
308b0d17251Schristos EXECUTE_TEST(execute_certconf_create_test, tear_down);
309b0d17251Schristos return result;
310b0d17251Schristos }
311b0d17251Schristos
test_cmp_create_certconf_fail_info_max(void)312b0d17251Schristos static int test_cmp_create_certconf_fail_info_max(void)
313b0d17251Schristos {
314b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
315b0d17251Schristos fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_MAX;
316b0d17251Schristos fixture->expected = 1;
317b0d17251Schristos if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
318b0d17251Schristos X509_dup(cert)))) {
319b0d17251Schristos tear_down(fixture);
320b0d17251Schristos fixture = NULL;
321b0d17251Schristos }
322b0d17251Schristos EXECUTE_TEST(execute_certconf_create_test, tear_down);
323b0d17251Schristos return result;
324b0d17251Schristos }
325b0d17251Schristos
test_cmp_create_error_msg(void)326b0d17251Schristos static int test_cmp_create_error_msg(void)
327b0d17251Schristos {
328b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
329b0d17251Schristos fixture->si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection,
330b0d17251Schristos OSSL_CMP_PKIFAILUREINFO_systemFailure,
331b0d17251Schristos NULL);
332b0d17251Schristos fixture->err_code = -1;
333b0d17251Schristos fixture->expected = 1; /* expected: message creation is successful */
334b0d17251Schristos if (!TEST_true(set1_newPkey(fixture->cmp_ctx, newkey))) {
335b0d17251Schristos tear_down(fixture);
336b0d17251Schristos fixture = NULL;
337b0d17251Schristos }
338b0d17251Schristos EXECUTE_TEST(execute_errormsg_create_test, tear_down);
339b0d17251Schristos return result;
340b0d17251Schristos }
341b0d17251Schristos
342b0d17251Schristos
test_cmp_create_pollreq(void)343b0d17251Schristos static int test_cmp_create_pollreq(void)
344b0d17251Schristos {
345b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
346b0d17251Schristos fixture->expected = 1;
347b0d17251Schristos EXECUTE_TEST(execute_pollreq_create_test, tear_down);
348b0d17251Schristos return result;
349b0d17251Schristos }
350b0d17251Schristos
test_cmp_create_rr(void)351b0d17251Schristos static int test_cmp_create_rr(void)
352b0d17251Schristos {
353b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
354b0d17251Schristos fixture->expected = 1;
355b0d17251Schristos if (!TEST_true(OSSL_CMP_CTX_set1_oldCert(fixture->cmp_ctx, cert))) {
356b0d17251Schristos tear_down(fixture);
357b0d17251Schristos fixture = NULL;
358b0d17251Schristos }
359b0d17251Schristos EXECUTE_TEST(execute_rr_create_test, tear_down);
360b0d17251Schristos return result;
361b0d17251Schristos }
362b0d17251Schristos
test_cmp_create_genm(void)363b0d17251Schristos static int test_cmp_create_genm(void)
364b0d17251Schristos {
365b0d17251Schristos OSSL_CMP_ITAV *iv = NULL;
366b0d17251Schristos
367b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
368b0d17251Schristos fixture->expected = 1;
369b0d17251Schristos iv = OSSL_CMP_ITAV_create(OBJ_nid2obj(NID_id_it_implicitConfirm), NULL);
370b0d17251Schristos if (!TEST_ptr(iv)
371b0d17251Schristos || !TEST_true(OSSL_CMP_CTX_push0_genm_ITAV(fixture->cmp_ctx, iv))) {
372b0d17251Schristos OSSL_CMP_ITAV_free(iv);
373b0d17251Schristos tear_down(fixture);
374b0d17251Schristos fixture = NULL;
375b0d17251Schristos }
376b0d17251Schristos
377b0d17251Schristos EXECUTE_TEST(execute_genm_create_test, tear_down);
378b0d17251Schristos return result;
379b0d17251Schristos }
380b0d17251Schristos
execute_certrep_create(CMP_MSG_TEST_FIXTURE * fixture)381b0d17251Schristos static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture)
382b0d17251Schristos {
383b0d17251Schristos OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
384b0d17251Schristos OSSL_CMP_CERTREPMESSAGE *crepmsg = OSSL_CMP_CERTREPMESSAGE_new();
385b0d17251Schristos OSSL_CMP_CERTRESPONSE *read_cresp, *cresp = OSSL_CMP_CERTRESPONSE_new();
386b0d17251Schristos X509 *certfromresp = NULL;
387b0d17251Schristos int res = 0;
388b0d17251Schristos
389b0d17251Schristos if (crepmsg == NULL || cresp == NULL)
390b0d17251Schristos goto err;
391b0d17251Schristos if (!ASN1_INTEGER_set(cresp->certReqId, 99))
392b0d17251Schristos goto err;
393b0d17251Schristos if ((cresp->certifiedKeyPair = OSSL_CMP_CERTIFIEDKEYPAIR_new()) == NULL)
394b0d17251Schristos goto err;
395b0d17251Schristos cresp->certifiedKeyPair->certOrEncCert->type =
396b0d17251Schristos OSSL_CMP_CERTORENCCERT_CERTIFICATE;
397b0d17251Schristos if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate =
398b0d17251Schristos X509_dup(cert)) == NULL
399b0d17251Schristos || !sk_OSSL_CMP_CERTRESPONSE_push(crepmsg->response, cresp))
400b0d17251Schristos goto err;
401b0d17251Schristos cresp = NULL;
402b0d17251Schristos read_cresp = ossl_cmp_certrepmessage_get0_certresponse(crepmsg, 99);
403b0d17251Schristos if (!TEST_ptr(read_cresp))
404b0d17251Schristos goto err;
405b0d17251Schristos if (!TEST_ptr_null(ossl_cmp_certrepmessage_get0_certresponse(crepmsg, 88)))
406b0d17251Schristos goto err;
407*4170684fSchristos certfromresp = ossl_cmp_certresponse_get1_cert(ctx, read_cresp);
408b0d17251Schristos if (certfromresp == NULL || !TEST_int_eq(X509_cmp(cert, certfromresp), 0))
409b0d17251Schristos goto err;
410b0d17251Schristos
411b0d17251Schristos res = 1;
412b0d17251Schristos err:
413b0d17251Schristos X509_free(certfromresp);
414b0d17251Schristos OSSL_CMP_CERTRESPONSE_free(cresp);
415b0d17251Schristos OSSL_CMP_CERTREPMESSAGE_free(crepmsg);
416b0d17251Schristos return res;
417b0d17251Schristos }
418b0d17251Schristos
test_cmp_create_certrep(void)419b0d17251Schristos static int test_cmp_create_certrep(void)
420b0d17251Schristos {
421b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
422b0d17251Schristos EXECUTE_TEST(execute_certrep_create, tear_down);
423b0d17251Schristos return result;
424b0d17251Schristos }
425b0d17251Schristos
426b0d17251Schristos
execute_rp_create(CMP_MSG_TEST_FIXTURE * fixture)427b0d17251Schristos static int execute_rp_create(CMP_MSG_TEST_FIXTURE *fixture)
428b0d17251Schristos {
429b0d17251Schristos OSSL_CMP_PKISI *si = OSSL_CMP_STATUSINFO_new(33, 44, "a text");
430b0d17251Schristos X509_NAME *issuer = X509_NAME_new();
431b0d17251Schristos ASN1_INTEGER *serial = ASN1_INTEGER_new();
432b0d17251Schristos OSSL_CRMF_CERTID *cid = NULL;
433b0d17251Schristos OSSL_CMP_MSG *rpmsg = NULL;
434b0d17251Schristos int res = 0;
435b0d17251Schristos
436b0d17251Schristos if (si == NULL || issuer == NULL || serial == NULL)
437b0d17251Schristos goto err;
438b0d17251Schristos
439b0d17251Schristos if (!X509_NAME_add_entry_by_txt(issuer, "CN", MBSTRING_ASC,
440b0d17251Schristos (unsigned char *)"The Issuer", -1, -1, 0)
441b0d17251Schristos || !ASN1_INTEGER_set(serial, 99)
442b0d17251Schristos || (cid = OSSL_CRMF_CERTID_gen(issuer, serial)) == NULL
443b0d17251Schristos || (rpmsg = ossl_cmp_rp_new(fixture->cmp_ctx, si, cid, 1)) == NULL)
444b0d17251Schristos goto err;
445b0d17251Schristos
446b0d17251Schristos if (!TEST_ptr(ossl_cmp_revrepcontent_get_CertId(rpmsg->body->value.rp, 0)))
447b0d17251Schristos goto err;
448b0d17251Schristos
449b0d17251Schristos if (!TEST_ptr(ossl_cmp_revrepcontent_get_pkisi(rpmsg->body->value.rp, 0)))
450b0d17251Schristos goto err;
451b0d17251Schristos
452b0d17251Schristos res = 1;
453b0d17251Schristos err:
454b0d17251Schristos ASN1_INTEGER_free(serial);
455b0d17251Schristos X509_NAME_free(issuer);
456b0d17251Schristos OSSL_CRMF_CERTID_free(cid);
457b0d17251Schristos OSSL_CMP_PKISI_free(si);
458b0d17251Schristos OSSL_CMP_MSG_free(rpmsg);
459b0d17251Schristos return res;
460b0d17251Schristos }
461b0d17251Schristos
test_cmp_create_rp(void)462b0d17251Schristos static int test_cmp_create_rp(void)
463b0d17251Schristos {
464b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
465b0d17251Schristos EXECUTE_TEST(execute_rp_create, tear_down);
466b0d17251Schristos return result;
467b0d17251Schristos }
468b0d17251Schristos
execute_pollrep_create(CMP_MSG_TEST_FIXTURE * fixture)469b0d17251Schristos static int execute_pollrep_create(CMP_MSG_TEST_FIXTURE *fixture)
470b0d17251Schristos {
471b0d17251Schristos OSSL_CMP_MSG *pollrep;
472b0d17251Schristos int res = 0;
473b0d17251Schristos
474b0d17251Schristos pollrep = ossl_cmp_pollRep_new(fixture->cmp_ctx, 77, 2000);
475b0d17251Schristos if (!TEST_ptr(pollrep))
476b0d17251Schristos return 0;
477b0d17251Schristos if (!TEST_ptr(ossl_cmp_pollrepcontent_get0_pollrep(pollrep->body->
478b0d17251Schristos value.pollRep, 77)))
479b0d17251Schristos goto err;
480b0d17251Schristos if (!TEST_ptr_null(ossl_cmp_pollrepcontent_get0_pollrep(pollrep->body->
481b0d17251Schristos value.pollRep, 88)))
482b0d17251Schristos goto err;
483b0d17251Schristos
484b0d17251Schristos res = 1;
485b0d17251Schristos err:
486b0d17251Schristos OSSL_CMP_MSG_free(pollrep);
487b0d17251Schristos return res;
488b0d17251Schristos }
489b0d17251Schristos
test_cmp_create_pollrep(void)490b0d17251Schristos static int test_cmp_create_pollrep(void)
491b0d17251Schristos {
492b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
493b0d17251Schristos EXECUTE_TEST(execute_pollrep_create, tear_down);
494b0d17251Schristos return result;
495b0d17251Schristos }
496b0d17251Schristos
test_cmp_pkimessage_create(int bodytype)497b0d17251Schristos static int test_cmp_pkimessage_create(int bodytype)
498b0d17251Schristos {
499b0d17251Schristos X509_REQ *p10cr = NULL;
500b0d17251Schristos
501b0d17251Schristos SETUP_TEST_FIXTURE(CMP_MSG_TEST_FIXTURE, set_up);
502b0d17251Schristos
503b0d17251Schristos switch (fixture->bodytype = bodytype) {
504b0d17251Schristos case OSSL_CMP_PKIBODY_P10CR:
505b0d17251Schristos fixture->expected = 1;
506b0d17251Schristos p10cr = load_csr_der(pkcs10_f, libctx);
507b0d17251Schristos if (!TEST_true(OSSL_CMP_CTX_set1_p10CSR(fixture->cmp_ctx, p10cr))) {
508b0d17251Schristos tear_down(fixture);
509b0d17251Schristos fixture = NULL;
510b0d17251Schristos }
511b0d17251Schristos X509_REQ_free(p10cr);
512b0d17251Schristos break;
513b0d17251Schristos case OSSL_CMP_PKIBODY_IR:
514b0d17251Schristos case OSSL_CMP_PKIBODY_IP:
515b0d17251Schristos case OSSL_CMP_PKIBODY_CR:
516b0d17251Schristos case OSSL_CMP_PKIBODY_CP:
517b0d17251Schristos case OSSL_CMP_PKIBODY_KUR:
518b0d17251Schristos case OSSL_CMP_PKIBODY_KUP:
519b0d17251Schristos case OSSL_CMP_PKIBODY_RR:
520b0d17251Schristos case OSSL_CMP_PKIBODY_RP:
521b0d17251Schristos case OSSL_CMP_PKIBODY_PKICONF:
522b0d17251Schristos case OSSL_CMP_PKIBODY_GENM:
523b0d17251Schristos case OSSL_CMP_PKIBODY_GENP:
524b0d17251Schristos case OSSL_CMP_PKIBODY_ERROR:
525b0d17251Schristos case OSSL_CMP_PKIBODY_CERTCONF:
526b0d17251Schristos case OSSL_CMP_PKIBODY_POLLREQ:
527b0d17251Schristos case OSSL_CMP_PKIBODY_POLLREP:
528b0d17251Schristos fixture->expected = 1;
529b0d17251Schristos break;
530b0d17251Schristos default:
531b0d17251Schristos fixture->expected = 0;
532b0d17251Schristos break;
533b0d17251Schristos }
534b0d17251Schristos
535b0d17251Schristos EXECUTE_TEST(execute_pkimessage_create_test, tear_down);
536b0d17251Schristos return result;
537b0d17251Schristos }
538b0d17251Schristos
cleanup_tests(void)539b0d17251Schristos void cleanup_tests(void)
540b0d17251Schristos {
541b0d17251Schristos EVP_PKEY_free(newkey);
542b0d17251Schristos X509_free(cert);
543*4170684fSchristos OSSL_PROVIDER_unload(default_null_provider);
544*4170684fSchristos OSSL_PROVIDER_unload(provider);
545b0d17251Schristos OSSL_LIB_CTX_free(libctx);
546b0d17251Schristos }
547b0d17251Schristos
548b0d17251Schristos #define USAGE "new.key server.crt pkcs10.der module_name [module_conf_file]\n"
OPT_TEST_DECLARE_USAGE(USAGE)549b0d17251Schristos OPT_TEST_DECLARE_USAGE(USAGE)
550b0d17251Schristos
551b0d17251Schristos int setup_tests(void)
552b0d17251Schristos {
553b0d17251Schristos if (!test_skip_common_options()) {
554b0d17251Schristos TEST_error("Error parsing test options\n");
555b0d17251Schristos return 0;
556b0d17251Schristos }
557b0d17251Schristos
558b0d17251Schristos if (!TEST_ptr(newkey_f = test_get_argument(0))
559b0d17251Schristos || !TEST_ptr(server_cert_f = test_get_argument(1))
560b0d17251Schristos || !TEST_ptr(pkcs10_f = test_get_argument(2))) {
561b0d17251Schristos TEST_error("usage: cmp_msg_test %s", USAGE);
562b0d17251Schristos return 0;
563b0d17251Schristos }
564b0d17251Schristos
565b0d17251Schristos if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 3, USAGE))
566b0d17251Schristos return 0;
567b0d17251Schristos
568b0d17251Schristos if (!TEST_ptr(newkey = load_pkey_pem(newkey_f, libctx))
569b0d17251Schristos || !TEST_ptr(cert = load_cert_pem(server_cert_f, libctx))
570b0d17251Schristos || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref), 0))) {
571b0d17251Schristos cleanup_tests();
572b0d17251Schristos return 0;
573b0d17251Schristos }
574b0d17251Schristos
575b0d17251Schristos /* Message creation tests */
576b0d17251Schristos ADD_TEST(test_cmp_create_certreq_with_invalid_bodytype);
577b0d17251Schristos ADD_TEST(test_cmp_create_ir_protection_fails);
578b0d17251Schristos ADD_TEST(test_cmp_create_ir_protection_set);
579b0d17251Schristos ADD_TEST(test_cmp_create_error_msg);
580b0d17251Schristos ADD_TEST(test_cmp_create_certconf);
581b0d17251Schristos ADD_TEST(test_cmp_create_certconf_badAlg);
582b0d17251Schristos ADD_TEST(test_cmp_create_certconf_fail_info_max);
583b0d17251Schristos ADD_TEST(test_cmp_create_kur);
584b0d17251Schristos ADD_TEST(test_cmp_create_kur_without_oldcert);
585b0d17251Schristos ADD_TEST(test_cmp_create_cr);
586b0d17251Schristos ADD_TEST(test_cmp_create_cr_without_key);
587b0d17251Schristos ADD_TEST(test_cmp_create_p10cr);
588b0d17251Schristos ADD_TEST(test_cmp_create_p10cr_null);
589b0d17251Schristos ADD_TEST(test_cmp_create_pollreq);
590b0d17251Schristos ADD_TEST(test_cmp_create_rr);
591b0d17251Schristos ADD_TEST(test_cmp_create_rp);
592b0d17251Schristos ADD_TEST(test_cmp_create_genm);
593b0d17251Schristos ADD_TEST(test_cmp_create_certrep);
594b0d17251Schristos ADD_TEST(test_cmp_create_pollrep);
595b0d17251Schristos ADD_ALL_TESTS_NOSUBTEST(test_cmp_pkimessage_create,
596b0d17251Schristos OSSL_CMP_PKIBODY_POLLREP + 1);
597b0d17251Schristos return 1;
598b0d17251Schristos }
599