2
0

cmp_vfy_test.c 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723
  1. /*
  2. * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright Nokia 2007-2019
  4. * Copyright Siemens AG 2015-2019
  5. *
  6. * Licensed under the Apache License 2.0 (the "License"). You may not use
  7. * this file except in compliance with the License. You can obtain a copy
  8. * in the file LICENSE in the source distribution or at
  9. * https://www.openssl.org/source/license.html
  10. */
  11. #include "helpers/cmp_testlib.h"
  12. #include "../crypto/crmf/crmf_local.h" /* for manipulating POPO signature */
  13. static const char *server_f;
  14. static const char *client_f;
  15. static const char *endentity1_f;
  16. static const char *endentity2_f;
  17. static const char *root_f;
  18. static const char *intermediate_f;
  19. static const char *ir_protected_f;
  20. static const char *ir_unprotected_f;
  21. static const char *ir_rmprotection_f;
  22. static const char *ip_waiting_f;
  23. static const char *instacert_f;
  24. static const char *instaca_f;
  25. static const char *ir_protected_0_extracerts;
  26. static const char *ir_protected_2_extracerts;
  27. typedef struct test_fixture {
  28. const char *test_case_name;
  29. int expected;
  30. OSSL_CMP_CTX *cmp_ctx;
  31. OSSL_CMP_MSG *msg;
  32. X509 *cert;
  33. ossl_cmp_allow_unprotected_cb_t allow_unprotected_cb;
  34. int additional_arg;
  35. } CMP_VFY_TEST_FIXTURE;
  36. static OSSL_LIB_CTX *libctx = NULL;
  37. static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
  38. static void tear_down(CMP_VFY_TEST_FIXTURE *fixture)
  39. {
  40. OSSL_CMP_MSG_free(fixture->msg);
  41. OSSL_CMP_CTX_free(fixture->cmp_ctx);
  42. OPENSSL_free(fixture);
  43. }
  44. static time_t test_time_valid = 0, test_time_after_expiration = 0;
  45. static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name)
  46. {
  47. X509_STORE *ts;
  48. CMP_VFY_TEST_FIXTURE *fixture;
  49. if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
  50. return NULL;
  51. ts = X509_STORE_new();
  52. fixture->test_case_name = test_case_name;
  53. if (ts == NULL
  54. || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
  55. || !OSSL_CMP_CTX_set0_trusted(fixture->cmp_ctx, ts)
  56. || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) {
  57. tear_down(fixture);
  58. X509_STORE_free(ts);
  59. return NULL;
  60. }
  61. X509_VERIFY_PARAM_set_time(X509_STORE_get0_param(ts), test_time_valid);
  62. X509_STORE_set_verify_cb(ts, X509_STORE_CTX_print_verify_cb);
  63. return fixture;
  64. }
  65. static X509 *srvcert = NULL;
  66. static X509 *clcert = NULL;
  67. /* chain */
  68. static X509 *endentity1 = NULL, *endentity2 = NULL,
  69. *intermediate = NULL, *root = NULL;
  70. /* INSTA chain */
  71. static X509 *insta_cert = NULL, *instaca_cert = NULL;
  72. static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
  73. static OSSL_CMP_MSG *ir_unprotected, *ir_rmprotection;
  74. /* secret value used for IP_waitingStatus_PBM.der */
  75. static const unsigned char sec_1[] = {
  76. '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
  77. 'Q', '-', 'u', 'd', 'N', 'R'
  78. };
  79. static int flip_bit(ASN1_BIT_STRING *bitstr)
  80. {
  81. int bit_num = 7;
  82. int bit = ASN1_BIT_STRING_get_bit(bitstr, bit_num);
  83. return ASN1_BIT_STRING_set_bit(bitstr, bit_num, !bit);
  84. }
  85. static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture)
  86. {
  87. if ((fixture->msg = load_pkimsg(ir_protected_f, libctx)) == NULL)
  88. return 0;
  89. if (fixture->expected == 0) {
  90. const OSSL_CRMF_MSGS *reqs = fixture->msg->body->value.ir;
  91. const OSSL_CRMF_MSG *req = sk_OSSL_CRMF_MSG_value(reqs, 0);
  92. if (req == NULL || !flip_bit(req->popo->value.signature->signature))
  93. return 0;
  94. }
  95. return TEST_int_eq(fixture->expected,
  96. ossl_cmp_verify_popo(fixture->cmp_ctx, fixture->msg,
  97. fixture->additional_arg));
  98. }
  99. static int test_verify_popo(void)
  100. {
  101. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  102. fixture->expected = 1;
  103. EXECUTE_TEST(execute_verify_popo_test, tear_down);
  104. return result;
  105. }
  106. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  107. static int test_verify_popo_bad(void)
  108. {
  109. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  110. fixture->expected = 0;
  111. EXECUTE_TEST(execute_verify_popo_test, tear_down);
  112. return result;
  113. }
  114. #endif
  115. /* indirectly checks also OSSL_CMP_validate_msg() */
  116. static int execute_validate_msg_test(CMP_VFY_TEST_FIXTURE *fixture)
  117. {
  118. int res = TEST_int_eq(fixture->expected,
  119. ossl_cmp_msg_check_update(fixture->cmp_ctx,
  120. fixture->msg, NULL, 0));
  121. X509 *validated = OSSL_CMP_CTX_get0_validatedSrvCert(fixture->cmp_ctx);
  122. return res && (!fixture->expected || TEST_ptr_eq(validated, fixture->cert));
  123. }
  124. static int execute_validate_cert_path_test(CMP_VFY_TEST_FIXTURE *fixture)
  125. {
  126. X509_STORE *ts = OSSL_CMP_CTX_get0_trusted(fixture->cmp_ctx);
  127. int res = TEST_int_eq(fixture->expected,
  128. OSSL_CMP_validate_cert_path(fixture->cmp_ctx,
  129. ts, fixture->cert));
  130. OSSL_CMP_CTX_print_errors(fixture->cmp_ctx);
  131. return res;
  132. }
  133. static int test_validate_msg_mac_alg_protection(int miss, int wrong)
  134. {
  135. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  136. fixture->cert = NULL;
  137. fixture->expected = !miss && !wrong;
  138. if (!TEST_true(miss ? OSSL_CMP_CTX_set0_trusted(fixture->cmp_ctx, NULL)
  139. : OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1,
  140. wrong ? 4 : sizeof(sec_1)))
  141. || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) {
  142. tear_down(fixture);
  143. fixture = NULL;
  144. }
  145. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  146. return result;
  147. }
  148. static int test_validate_msg_mac_alg_protection_ok(void)
  149. {
  150. return test_validate_msg_mac_alg_protection(0, 0);
  151. }
  152. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  153. static int test_validate_msg_mac_alg_protection_missing(void)
  154. {
  155. return test_validate_msg_mac_alg_protection(1, 0);
  156. }
  157. static int test_validate_msg_mac_alg_protection_wrong(void)
  158. {
  159. return test_validate_msg_mac_alg_protection(0, 1);
  160. }
  161. static int test_validate_msg_mac_alg_protection_bad(void)
  162. {
  163. const unsigned char sec_bad[] = {
  164. '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
  165. 'Q', '-', 'u', 'd', 'N', 'r'
  166. };
  167. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  168. fixture->cert = NULL;
  169. fixture->expected = 0;
  170. if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad,
  171. sizeof(sec_bad)))
  172. || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) {
  173. tear_down(fixture);
  174. fixture = NULL;
  175. }
  176. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  177. return result;
  178. }
  179. #endif
  180. static int add_trusted(OSSL_CMP_CTX *ctx, X509 *cert)
  181. {
  182. return X509_STORE_add_cert(OSSL_CMP_CTX_get0_trusted(ctx), cert);
  183. }
  184. static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert)
  185. {
  186. return X509_add_cert(OSSL_CMP_CTX_get0_untrusted(ctx), cert,
  187. X509_ADD_FLAG_UP_REF);
  188. }
  189. static int test_validate_msg_signature_partial_chain(int expired)
  190. {
  191. X509_STORE *ts;
  192. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  193. fixture->cert = srvcert;
  194. ts = OSSL_CMP_CTX_get0_trusted(fixture->cmp_ctx);
  195. fixture->expected = !expired;
  196. if (ts == NULL
  197. || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
  198. || !add_trusted(fixture->cmp_ctx, srvcert)) {
  199. tear_down(fixture);
  200. fixture = NULL;
  201. } else {
  202. X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts);
  203. X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_PARTIAL_CHAIN);
  204. if (expired)
  205. X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration);
  206. }
  207. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  208. return result;
  209. }
  210. static int test_validate_msg_signature_trusted_ok(void)
  211. {
  212. return test_validate_msg_signature_partial_chain(0);
  213. }
  214. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  215. static int test_validate_msg_signature_trusted_expired(void)
  216. {
  217. return test_validate_msg_signature_partial_chain(1);
  218. }
  219. #endif
  220. static int test_validate_msg_signature_srvcert(int bad_sig, int miss, int wrong)
  221. {
  222. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  223. fixture->cert = srvcert;
  224. fixture->expected = !bad_sig && !wrong && !miss;
  225. if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
  226. || !TEST_true(miss ? OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
  227. sec_1, sizeof(sec_1))
  228. : OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx,
  229. wrong? clcert : srvcert))
  230. || (bad_sig && !flip_bit(fixture->msg->protection))) {
  231. tear_down(fixture);
  232. fixture = NULL;
  233. }
  234. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  235. return result;
  236. }
  237. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  238. static int test_validate_msg_signature_srvcert_missing(void)
  239. {
  240. return test_validate_msg_signature_srvcert(0, 1, 0);
  241. }
  242. #endif
  243. static int test_validate_msg_signature_srvcert_wrong(void)
  244. {
  245. return test_validate_msg_signature_srvcert(0, 0, 1);
  246. }
  247. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  248. static int test_validate_msg_signature_bad(void)
  249. {
  250. return test_validate_msg_signature_srvcert(1, 0, 0);
  251. }
  252. #endif
  253. static int test_validate_msg_signature_sender_cert_srvcert(void)
  254. {
  255. return test_validate_msg_signature_srvcert(0, 0, 0);
  256. }
  257. static int test_validate_msg_signature_sender_cert_untrusted(void)
  258. {
  259. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  260. fixture->cert = insta_cert;
  261. fixture->expected = 1;
  262. if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))
  263. || !add_trusted(fixture->cmp_ctx, instaca_cert)
  264. || !add_untrusted(fixture->cmp_ctx, insta_cert)) {
  265. tear_down(fixture);
  266. fixture = NULL;
  267. }
  268. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  269. return result;
  270. }
  271. static int test_validate_msg_signature_sender_cert_trusted(void)
  272. {
  273. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  274. fixture->cert = insta_cert;
  275. fixture->expected = 1;
  276. if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))
  277. || !add_trusted(fixture->cmp_ctx, instaca_cert)
  278. || !add_trusted(fixture->cmp_ctx, insta_cert)) {
  279. tear_down(fixture);
  280. fixture = NULL;
  281. }
  282. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  283. return result;
  284. }
  285. static int test_validate_msg_signature_sender_cert_extracert(void)
  286. {
  287. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  288. fixture->expected = 1;
  289. if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts, libctx))
  290. || !add_trusted(fixture->cmp_ctx, instaca_cert)) {
  291. tear_down(fixture);
  292. fixture = NULL;
  293. }
  294. fixture->cert = sk_X509_value(fixture->msg->extraCerts, 1); /* Insta CA */
  295. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  296. return result;
  297. }
  298. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  299. static int test_validate_msg_signature_sender_cert_absent(void)
  300. {
  301. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  302. fixture->expected = 0;
  303. if (!TEST_ptr(fixture->msg =
  304. load_pkimsg(ir_protected_0_extracerts, libctx))) {
  305. tear_down(fixture);
  306. fixture = NULL;
  307. }
  308. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  309. return result;
  310. }
  311. #endif
  312. static int test_validate_with_sender(const X509_NAME *name, int expected)
  313. {
  314. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  315. fixture->cert = srvcert;
  316. fixture->expected = expected;
  317. if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
  318. || !TEST_true(OSSL_CMP_CTX_set1_expected_sender(fixture->cmp_ctx, name))
  319. || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))) {
  320. tear_down(fixture);
  321. fixture = NULL;
  322. }
  323. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  324. return result;
  325. }
  326. static int test_validate_msg_signature_expected_sender(void)
  327. {
  328. return test_validate_with_sender(X509_get_subject_name(srvcert), 1);
  329. }
  330. static int test_validate_msg_signature_unexpected_sender(void)
  331. {
  332. return test_validate_with_sender(X509_get_subject_name(root), 0);
  333. }
  334. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  335. static int test_validate_msg_unprotected_request(void)
  336. {
  337. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  338. fixture->expected = 0;
  339. if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx))) {
  340. tear_down(fixture);
  341. fixture = NULL;
  342. }
  343. EXECUTE_TEST(execute_validate_msg_test, tear_down);
  344. return result;
  345. }
  346. #endif
  347. static void setup_path(CMP_VFY_TEST_FIXTURE **fixture, X509 *wrong, int expired)
  348. {
  349. (*fixture)->cert = endentity2;
  350. (*fixture)->expected = wrong == NULL && !expired;
  351. if (expired) {
  352. X509_STORE *ts = OSSL_CMP_CTX_get0_trusted((*fixture)->cmp_ctx);
  353. X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts);
  354. X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration);
  355. }
  356. if (!add_trusted((*fixture)->cmp_ctx, wrong == NULL ? root : wrong)
  357. || !add_untrusted((*fixture)->cmp_ctx, endentity1)
  358. || !add_untrusted((*fixture)->cmp_ctx, intermediate)) {
  359. tear_down((*fixture));
  360. (*fixture) = NULL;
  361. }
  362. }
  363. static int test_validate_cert_path_ok(void)
  364. {
  365. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  366. setup_path(&fixture, NULL, 0);
  367. EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
  368. return result;
  369. }
  370. static int test_validate_cert_path_wrong_anchor(void)
  371. {
  372. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  373. setup_path(&fixture, srvcert /* wrong/non-root cert */, 0);
  374. EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
  375. return result;
  376. }
  377. static int test_validate_cert_path_expired(void)
  378. {
  379. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  380. setup_path(&fixture, NULL, 1);
  381. EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
  382. return result;
  383. }
  384. static int execute_msg_check_test(CMP_VFY_TEST_FIXTURE *fixture)
  385. {
  386. const OSSL_CMP_PKIHEADER *hdr = OSSL_CMP_MSG_get0_header(fixture->msg);
  387. const ASN1_OCTET_STRING *tid = OSSL_CMP_HDR_get0_transactionID(hdr);
  388. if (!TEST_int_eq(fixture->expected,
  389. ossl_cmp_msg_check_update(fixture->cmp_ctx,
  390. fixture->msg,
  391. fixture->allow_unprotected_cb,
  392. fixture->additional_arg)))
  393. return 0;
  394. if (fixture->expected == 0) /* error expected already during above check */
  395. return 1;
  396. return
  397. TEST_int_eq(0,
  398. ASN1_OCTET_STRING_cmp(ossl_cmp_hdr_get0_senderNonce(hdr),
  399. fixture->cmp_ctx->recipNonce))
  400. && TEST_int_eq(0,
  401. ASN1_OCTET_STRING_cmp(tid,
  402. fixture->cmp_ctx->transactionID));
  403. }
  404. static int allow_unprotected(const OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
  405. int invalid_protection, int allow)
  406. {
  407. return allow;
  408. }
  409. static void setup_check_update(CMP_VFY_TEST_FIXTURE **fixture, int expected,
  410. ossl_cmp_allow_unprotected_cb_t cb, int arg,
  411. const unsigned char *trid_data,
  412. const unsigned char *nonce_data)
  413. {
  414. OSSL_CMP_CTX *ctx = (*fixture)->cmp_ctx;
  415. int nonce_len = OSSL_CMP_SENDERNONCE_LENGTH;
  416. (*fixture)->expected = expected;
  417. (*fixture)->allow_unprotected_cb = cb;
  418. (*fixture)->additional_arg = arg;
  419. (*fixture)->msg = OSSL_CMP_MSG_dup(ir_rmprotection);
  420. if ((*fixture)->msg == NULL
  421. || (nonce_data != NULL
  422. && !ossl_cmp_asn1_octet_string_set1_bytes(&ctx->senderNonce,
  423. nonce_data, nonce_len))) {
  424. tear_down((*fixture));
  425. (*fixture) = NULL;
  426. } else if (trid_data != NULL) {
  427. ASN1_OCTET_STRING *trid = ASN1_OCTET_STRING_new();
  428. if (trid == NULL
  429. || !ASN1_OCTET_STRING_set(trid, trid_data,
  430. OSSL_CMP_TRANSACTIONID_LENGTH)
  431. || !OSSL_CMP_CTX_set1_transactionID(ctx, trid)) {
  432. tear_down((*fixture));
  433. (*fixture) = NULL;
  434. }
  435. ASN1_OCTET_STRING_free(trid);
  436. }
  437. }
  438. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  439. static int test_msg_check_no_protection_no_cb(void)
  440. {
  441. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  442. setup_check_update(&fixture, 0, NULL, 0, NULL, NULL);
  443. EXECUTE_TEST(execute_msg_check_test, tear_down);
  444. return result;
  445. }
  446. static int test_msg_check_no_protection_restrictive_cb(void)
  447. {
  448. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  449. setup_check_update(&fixture, 0, allow_unprotected, 0, NULL, NULL);
  450. EXECUTE_TEST(execute_msg_check_test, tear_down);
  451. return result;
  452. }
  453. #endif
  454. static int test_msg_check_no_protection_permissive_cb(void)
  455. {
  456. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  457. setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, NULL);
  458. EXECUTE_TEST(execute_msg_check_test, tear_down);
  459. return result;
  460. }
  461. static int test_msg_check_transaction_id(void)
  462. {
  463. /* Transaction id belonging to CMP_IR_rmprotection.der */
  464. const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] = {
  465. 0x39, 0xB6, 0x90, 0x28, 0xC4, 0xBC, 0x7A, 0xF6,
  466. 0xBE, 0xC6, 0x4A, 0x88, 0x97, 0xA6, 0x95, 0x0B
  467. };
  468. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  469. setup_check_update(&fixture, 1, allow_unprotected, 1, trans_id, NULL);
  470. EXECUTE_TEST(execute_msg_check_test, tear_down);
  471. return result;
  472. }
  473. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  474. static int test_msg_check_transaction_id_bad(void)
  475. {
  476. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  477. setup_check_update(&fixture, 0, allow_unprotected, 1, rand_data, NULL);
  478. EXECUTE_TEST(execute_msg_check_test, tear_down);
  479. return result;
  480. }
  481. #endif
  482. static int test_msg_check_recipient_nonce(void)
  483. {
  484. /* Recipient nonce belonging to CMP_IP_ir_rmprotection.der */
  485. const unsigned char rec_nonce[OSSL_CMP_SENDERNONCE_LENGTH] = {
  486. 0x48, 0xF1, 0x71, 0x1F, 0xE5, 0xAF, 0x1C, 0x8B,
  487. 0x21, 0x97, 0x5C, 0x84, 0x74, 0x49, 0xBA, 0x32
  488. };
  489. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  490. setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, rec_nonce);
  491. EXECUTE_TEST(execute_msg_check_test, tear_down);
  492. return result;
  493. }
  494. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  495. static int test_msg_check_recipient_nonce_bad(void)
  496. {
  497. SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
  498. setup_check_update(&fixture, 0, allow_unprotected, 1, NULL, rand_data);
  499. EXECUTE_TEST(execute_msg_check_test, tear_down);
  500. return result;
  501. }
  502. #endif
  503. void cleanup_tests(void)
  504. {
  505. X509_free(srvcert);
  506. X509_free(clcert);
  507. X509_free(endentity1);
  508. X509_free(endentity2);
  509. X509_free(intermediate);
  510. X509_free(root);
  511. X509_free(insta_cert);
  512. X509_free(instaca_cert);
  513. OSSL_CMP_MSG_free(ir_unprotected);
  514. OSSL_CMP_MSG_free(ir_rmprotection);
  515. OSSL_PROVIDER_unload(default_null_provider);
  516. OSSL_PROVIDER_unload(provider);
  517. OSSL_LIB_CTX_free(libctx);
  518. return;
  519. }
  520. #define USAGE "server.crt client.crt " \
  521. "EndEntity1.crt EndEntity2.crt " \
  522. "Root_CA.crt Intermediate_CA.crt " \
  523. "CMP_IR_protected.der CMP_IR_unprotected.der " \
  524. "IP_waitingStatus_PBM.der IR_rmprotection.der " \
  525. "insta.cert.pem insta_ca.cert.pem " \
  526. "IR_protected_0_extraCerts.der " \
  527. "IR_protected_2_extraCerts.der module_name [module_conf_file]\n"
  528. OPT_TEST_DECLARE_USAGE(USAGE)
  529. int setup_tests(void)
  530. {
  531. /* Set test time stamps */
  532. struct tm ts = { 0 };
  533. ts.tm_year = 2018 - 1900; /* 2018 */
  534. ts.tm_mon = 1; /* February */
  535. ts.tm_mday = 18; /* 18th */
  536. test_time_valid = mktime(&ts); /* February 18th 2018 */
  537. ts.tm_year += 10; /* February 18th 2028 */
  538. test_time_after_expiration = mktime(&ts);
  539. if (!test_skip_common_options()) {
  540. TEST_error("Error parsing test options\n");
  541. return 0;
  542. }
  543. RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH);
  544. if (!TEST_ptr(server_f = test_get_argument(0))
  545. || !TEST_ptr(client_f = test_get_argument(1))
  546. || !TEST_ptr(endentity1_f = test_get_argument(2))
  547. || !TEST_ptr(endentity2_f = test_get_argument(3))
  548. || !TEST_ptr(root_f = test_get_argument(4))
  549. || !TEST_ptr(intermediate_f = test_get_argument(5))
  550. || !TEST_ptr(ir_protected_f = test_get_argument(6))
  551. || !TEST_ptr(ir_unprotected_f = test_get_argument(7))
  552. || !TEST_ptr(ip_waiting_f = test_get_argument(8))
  553. || !TEST_ptr(ir_rmprotection_f = test_get_argument(9))
  554. || !TEST_ptr(instacert_f = test_get_argument(10))
  555. || !TEST_ptr(instaca_f = test_get_argument(11))
  556. || !TEST_ptr(ir_protected_0_extracerts = test_get_argument(12))
  557. || !TEST_ptr(ir_protected_2_extracerts = test_get_argument(13))) {
  558. TEST_error("usage: cmp_vfy_test %s", USAGE);
  559. return 0;
  560. }
  561. if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 14, USAGE))
  562. return 0;
  563. /* Load certificates for cert chain */
  564. if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx))
  565. || !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx))
  566. || !TEST_ptr(root = load_cert_pem(root_f, NULL))
  567. || !TEST_ptr(intermediate = load_cert_pem(intermediate_f, libctx)))
  568. goto err;
  569. if (!TEST_ptr(insta_cert = load_cert_pem(instacert_f, libctx))
  570. || !TEST_ptr(instaca_cert = load_cert_pem(instaca_f, libctx)))
  571. goto err;
  572. /* Load certificates for message validation */
  573. if (!TEST_ptr(srvcert = load_cert_pem(server_f, libctx))
  574. || !TEST_ptr(clcert = load_cert_pem(client_f, libctx)))
  575. goto err;
  576. if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
  577. goto err;
  578. if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx))
  579. || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f,
  580. libctx)))
  581. goto err;
  582. /* Message validation tests */
  583. ADD_TEST(test_verify_popo);
  584. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  585. ADD_TEST(test_verify_popo_bad);
  586. #endif
  587. ADD_TEST(test_validate_msg_signature_trusted_ok);
  588. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  589. ADD_TEST(test_validate_msg_signature_trusted_expired);
  590. ADD_TEST(test_validate_msg_signature_srvcert_missing);
  591. #endif
  592. ADD_TEST(test_validate_msg_signature_srvcert_wrong);
  593. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  594. ADD_TEST(test_validate_msg_signature_bad);
  595. #endif
  596. ADD_TEST(test_validate_msg_signature_sender_cert_srvcert);
  597. ADD_TEST(test_validate_msg_signature_sender_cert_untrusted);
  598. ADD_TEST(test_validate_msg_signature_sender_cert_trusted);
  599. ADD_TEST(test_validate_msg_signature_sender_cert_extracert);
  600. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  601. ADD_TEST(test_validate_msg_signature_sender_cert_absent);
  602. #endif
  603. ADD_TEST(test_validate_msg_signature_expected_sender);
  604. ADD_TEST(test_validate_msg_signature_unexpected_sender);
  605. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  606. ADD_TEST(test_validate_msg_unprotected_request);
  607. #endif
  608. ADD_TEST(test_validate_msg_mac_alg_protection_ok);
  609. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  610. ADD_TEST(test_validate_msg_mac_alg_protection_missing);
  611. ADD_TEST(test_validate_msg_mac_alg_protection_wrong);
  612. ADD_TEST(test_validate_msg_mac_alg_protection_bad);
  613. #endif
  614. /* Cert path validation tests */
  615. ADD_TEST(test_validate_cert_path_ok);
  616. ADD_TEST(test_validate_cert_path_expired);
  617. ADD_TEST(test_validate_cert_path_wrong_anchor);
  618. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  619. ADD_TEST(test_msg_check_no_protection_no_cb);
  620. ADD_TEST(test_msg_check_no_protection_restrictive_cb);
  621. #endif
  622. ADD_TEST(test_msg_check_no_protection_permissive_cb);
  623. ADD_TEST(test_msg_check_transaction_id);
  624. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  625. ADD_TEST(test_msg_check_transaction_id_bad);
  626. #endif
  627. ADD_TEST(test_msg_check_recipient_nonce);
  628. #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
  629. ADD_TEST(test_msg_check_recipient_nonce_bad);
  630. #endif
  631. return 1;
  632. err:
  633. cleanup_tests();
  634. return 0;
  635. }