Add libctx/provider support to cmp_msg_test

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808)
2025-05-11 08:59:40 +00:00 · 2020-08-19 00:48:57 +02:00 · 2020-08-19 00:48:57 +02:00 · 5a7734cd02
commit 5a7734cd02
parent 4561f15fdb
5 changed files with 90 additions and 32 deletions
--- a/test/cmp_msg_test.c
+++ b/test/cmp_msg_test.c
@ -13,6 +13,7 @@
 DEFINE_STACK_OF(OSSL_CMP_CERTRESPONSE)
 static const char *newkey_f;
 static const char *server_cert_f;
 static const char *pkcs10_f;
@ -31,6 +32,19 @@ typedef struct test_fixture {
    OSSL_CMP_PKISI *si;
 } CMP_MSG_TEST_FIXTURE;
 static OPENSSL_CTX *libctx = NULL;
 static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
 /* TODO(3.0) Clean this up - See issue #12680 */
 static X509 *X509_dup_with_libctx(const X509 *cert)
 {
    X509 *dup = X509_dup(cert);
    if (dup != NULL)
        x509_set0_libctx(dup, libctx, NULL);
    return dup;
 }
 static unsigned char ref[CMP_TEST_REFVALUE_LENGTH];
 static void tear_down(CMP_MSG_TEST_FIXTURE *fixture)
@ -51,7 +65,7 @@ static CMP_MSG_TEST_FIXTURE *set_up(const char *const test_case_name)
        return NULL;
    fixture->test_case_name = test_case_name;
-    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(NULL, NULL))
+    if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
            || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 1))
            || !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
                                                           ref, sizeof(ref)))) {
@ -146,7 +160,7 @@ static int test_cmp_create_ir_protection_set(void)
    fixture->bodytype = OSSL_CMP_PKIBODY_IR;
    fixture->err_code = -1;
    fixture->expected = 1;
-    if (!TEST_int_eq(1, RAND_bytes(secret, sizeof(secret)))
+    if (!TEST_int_eq(1, RAND_bytes_ex(libctx, secret, sizeof(secret)))
            || !TEST_true(SET_OPT_UNPROTECTED_SEND(ctx, 0))
            || !TEST_true(set1_newPkey(ctx, newkey))
            || !TEST_true(OSSL_CMP_CTX_set1_secretValue(ctx, secret,
@ -283,7 +297,7 @@ static int test_cmp_create_certconf(void)
    fixture->fail_info = 0;
    fixture->expected = 1;
    if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
-                                             X509_dup(cert)))) {
+                                             X509_dup_with_libctx(cert)))) {
        tear_down(fixture);
        fixture = NULL;
    }
@ -297,7 +311,7 @@ static int test_cmp_create_certconf_badAlg(void)
    fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badAlg;
    fixture->expected = 1;
    if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
-                                             X509_dup(cert)))) {
+                                             X509_dup_with_libctx(cert)))) {
        tear_down(fixture);
        fixture = NULL;
    }
@ -311,7 +325,7 @@ static int test_cmp_create_certconf_fail_info_max(void)
    fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_MAX;
    fixture->expected = 1;
    if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
-                                             X509_dup(cert)))) {
+                                             X509_dup_with_libctx(cert)))) {
        tear_down(fixture);
        fixture = NULL;
    }
@ -392,7 +406,7 @@ static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture)
    cresp->certifiedKeyPair->certOrEncCert->type =
        OSSL_CMP_CERTORENCCERT_CERTIFICATE;
    if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate =
-         X509_dup(cert)) == NULL
+         X509_dup_with_libctx(cert)) == NULL
            || !sk_OSSL_CMP_CERTRESPONSE_push(crepmsg->response, cresp))
        goto err;
    cresp = NULL;
@ -538,8 +552,12 @@ void cleanup_tests(void)
 {
    EVP_PKEY_free(newkey);
    X509_free(cert);
    OPENSSL_CTX_free(libctx);
 }
 #define USAGE "new.key server.crt pkcs10.der module_name [module_conf_file]\n"
 OPT_TEST_DECLARE_USAGE(USAGE)
 int setup_tests(void)
 {
    if (!test_skip_common_options()) {
@ -547,15 +565,19 @@ int setup_tests(void)
        return 0;
    }
-    if (!TEST_ptr(server_cert_f = test_get_argument(0))
+    if (!TEST_ptr(newkey_f = test_get_argument(0))
-            || !TEST_ptr(pkcs10_f = test_get_argument(1))) {
+            || !TEST_ptr(server_cert_f = test_get_argument(1))
-        TEST_error("usage: cmp_msg_test server.crt pkcs10.der\n");
+            || !TEST_ptr(pkcs10_f = test_get_argument(2))) {
        TEST_error("usage: cmp_msg_test %s", USAGE);
        return 0;
    }
-    if (!TEST_ptr(newkey = gen_rsa())
+    if (!test_get_libctx(&libctx, &default_null_provider, &provider, 3, USAGE))
-            || !TEST_ptr(cert = load_pem_cert(server_cert_f, NULL))
+        return 0;
-            || !TEST_int_eq(1, RAND_bytes(ref, sizeof(ref)))) {
+
    if (!TEST_ptr(newkey = load_pem_key(newkey_f))
            || !TEST_ptr(cert = load_pem_cert(server_cert_f, libctx))
            || !TEST_int_eq(1, RAND_bytes_ex(libctx, ref, sizeof(ref)))) {
        cleanup_tests();
        return 0;
    }
--- a/test/cmp_testlib.c
+++ b/test/cmp_testlib.c
@ -63,19 +63,6 @@ X509_REQ *load_csr(const char *file)
    return csr;
 }
 EVP_PKEY *gen_rsa(void)
 {
    EVP_PKEY_CTX *ctx = NULL;
    EVP_PKEY *pkey = NULL;
    (void)(TEST_ptr(ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL))
               && TEST_int_gt(EVP_PKEY_keygen_init(ctx), 0)
               && TEST_int_gt(EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048), 0)
               && TEST_int_gt(EVP_PKEY_keygen(ctx, &pkey), 0));
    EVP_PKEY_CTX_free(ctx);
    return pkey;
 }
 /*
 * Checks whether the syntax of msg conforms to ASN.1
 */
--- a/test/cmp_testlib.h
+++ b/test/cmp_testlib.h
@ -28,7 +28,6 @@ X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx);
 X509_REQ *load_csr(const char *file);
 OSSL_CMP_MSG *load_pkimsg(const char *file);
 int valid_asn1_encoding(const OSSL_CMP_MSG *msg);
 EVP_PKEY *gen_rsa(void);
 int STACK_OF_X509_cmp(const STACK_OF(X509) *sk1, const STACK_OF(X509) *sk2);
 int STACK_OF_X509_push1(STACK_OF(X509) *sk, X509 *cert);
 int print_to_bio_out(const char *func, const char *file, int line,
--- a/test/recipes/65-test_cmp_msg.t
+++ b/test/recipes/65-test_cmp_msg.t
@ -9,16 +9,38 @@
 # https://www.openssl.org/source/license.html
 use strict;
-use OpenSSL::Test qw/:DEFAULT data_file/;
+use OpenSSL::Test qw/:DEFAULT data_file srctop_file srctop_dir bldtop_file bldtop_dir/;
 use OpenSSL::Test::Utils;
 BEGIN {
    setup("test_cmp_msg");
 }
 use lib srctop_dir('Configurations');
 use lib bldtop_dir('.');
 use platform;
 my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
 plan skip_all => "This test is not supported in a no-cmp build"
    if disabled("cmp");
-plan tests => 1;
+plan tests => 2 + ($no_fips ? 0 : 2); #fips install + fips test
-ok(run(test(["cmp_msg_test",
+my @basic_cmd = ("cmp_msg_test",
                 data_file("new.key"),
                 data_file("server.crt"),
-             data_file("pkcs10.der")])));
+                 data_file("pkcs10.der"));
 ok(run(test([@basic_cmd, "none"])));
 ok(run(test([@basic_cmd, "default", srctop_file("test", "default.cnf")])));
 unless ($no_fips) {
    ok(run(app(['openssl', 'fipsinstall',
                '-out', bldtop_file('providers', 'fipsmodule.cnf'),
                '-module', bldtop_file('providers', platform->dso('fips'))])),
       "fipsinstall");
    ok(run(test([@basic_cmd, "fips", srctop_file("test", "fips.cnf")])));
 }
--- a/test/recipes/65-test_cmp_msg_data/new.key
+++ b/test/recipes/65-test_cmp_msg_data/new.key
@ -0,0 +1,28 @@
 -----BEGIN PRIVATE KEY-----
 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDIHp0kAPnBtK1B
 /gcTQSGV20NKE1VD+OEO7qzYprfQV0/iaXX5zY/Ls4NRKNIJ6BdoEg5cID5HTNoE
 Andl6pfHdSsT0+JdodEZlyg+1fiYr0g4eEh3HA9Rrpx5I4mfhwdj6nRwUun/ludQ
 SungipsvVsx3i/x8XEnRkMYlqF8uK6udhTJqVo0Icr6Erb5Fp5GA+Wxd+JT+/CGG
 MWF2GLFs+byX5L7bE3JJXUkADOtS8QN01nSIG+5VxLaaWFIpOG3ll6D7QLruRhir
 Ez0JVkLBxX9pJQibCN4Ww0wmyX+cXIRpy7q9fPSuO8vA/NMB5VhnLn3YbC9qRY62
 IN1qntYlAgMBAAECggEAJgHieHcS+F43VcRIVbjWBx8orYX0eL9pByv/efpYCOK8
 UlUTSglnmRmUBDMLiUQiReq//XFGQsZu1boeMSYYA5LWRqLEaGIWU5To2N5Mo7sO
 rWLy6GRU6H+QSlWcisbbeXeK+9ZTiO6BKjfAKZxJkvkaRk44+umQP5QOfhJ3WU4t
 0wkwYOfm8uOEg48yZTgjUVzhIORHAq5RHH/5goLrNwO2bIqOHOqzSrXGQJJ+oDaL
 JykccyVAElUGd5JaSpm5z0a43C4A5q770ppiByGxJv1L3ID1hkik1ZpWfMtwPH1Y
 FIAINqlhVoeAEwOCpL9axZ5OCGQrgWLNV4LfJyG4NQKBgQDyHGDyp+ZpMJRxCtDt
 8QWtthuoOfwmXOR81ZJGD3GA8rEGcG1zH4F+B4Z76/Kwb/uabH9FPURS+kcDpsuM
 9Avx88JTg6YFhtpQQCcmhY7awgc+B4ve95ziz6DOMhCD8Yb36UjM7B1jY+zVLIYt
 yQhZOKQEzPFqfPMrzEDsabT+GwKBgQDTmY35/l13zYi21xmCL+309KzjbZEyX0NF
 SE2JjIdwcWvKSMPFlWv7l1ssIg1fF0Hu7mEbLB74eUU0fe4D0LPeoEX3ihjYej4N
 M/EdKv7+WhCr11lnWwWTM+aeeFAmwdD95Gdvv0hTnG/GqxiOt19HhGhMHJueAKDL
 Tmci9hPAvwKBgQCkjbM62fEZp4IMvtw4DKveYDq2AQsnC9XkHsh3Q8HScaDuDnXl
 XBGIFhdKnJhrYQEx+PIbnkOU3jRr/+6zE6AWx6VZW834TaqOBrxVS0tH1b5UY46m
 ccc4xQO3gYGGHB+u2ei4Fvb2eZEbZlKgRdWdxoh8FssypFAmgYHS7Rmt5wKBgEYu
 symM1aGL2WGTnJFSpmFN2h4g1DzZ3e0X2yfZJX8FD5RraAub0NIE1Kehr7+vbh36
 kNi7XJZbWrnbXtuDGHWpwSsmcbEzcmtcpAdhoGvqoYbtiWi/huzZFQ/Qpf0E4fWk
 ES6+ShX5WBWT4DRN29tTrmg4QOE6IhrsqUauScTvAoGAKxEzsSHPgZm5rGOfVPcI
 cFeSJFCsaPfVk97T9aNievhMMChKBV8vT3Unlk0RObcsMweo6OMmfnRxrHhgfVz8
 elpLOlzEHfELlR8HELvxCeWWzuPgNCAPcG3BmjRnm8g5xmmkfQuRKlkQTcGbHotI
 wIPT+bHg3fjx7CemHl+rZeo=
 -----END PRIVATE KEY-----