xref: /freebsd/crypto/openssl/test/cmp_vfy_test.c (revision e0c4386e7e71d93b0edc0c8fa156263fc4a8b0b6)
1 /*
2  * Copyright 2007-2023 The OpenSSL Project Authors. All Rights Reserved.
3  * Copyright Nokia 2007-2019
4  * Copyright Siemens AG 2015-2019
5  *
6  * Licensed under the Apache License 2.0 (the "License").  You may not use
7  * this file except in compliance with the License.  You can obtain a copy
8  * in the file LICENSE in the source distribution or at
9  * https://www.openssl.org/source/license.html
10  */
11 
12 #include "helpers/cmp_testlib.h"
13 #include "../crypto/crmf/crmf_local.h" /* for manipulating POPO signature */
14 
15 static const char *server_f;
16 static const char *client_f;
17 static const char *endentity1_f;
18 static const char *endentity2_f;
19 static const char *root_f;
20 static const char *intermediate_f;
21 static const char *ir_protected_f;
22 static const char *ir_unprotected_f;
23 static const char *ir_rmprotection_f;
24 static const char *ip_waiting_f;
25 static const char *instacert_f;
26 static const char *instaca_f;
27 static const char *ir_protected_0_extracerts;
28 static const char *ir_protected_2_extracerts;
29 
30 typedef struct test_fixture {
31     const char *test_case_name;
32     int expected;
33     OSSL_CMP_CTX *cmp_ctx;
34     OSSL_CMP_MSG *msg;
35     X509 *cert;
36     ossl_cmp_allow_unprotected_cb_t allow_unprotected_cb;
37     int additional_arg;
38 } CMP_VFY_TEST_FIXTURE;
39 
40 static OSSL_LIB_CTX *libctx = NULL;
41 static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
42 
tear_down(CMP_VFY_TEST_FIXTURE * fixture)43 static void tear_down(CMP_VFY_TEST_FIXTURE *fixture)
44 {
45     OSSL_CMP_MSG_free(fixture->msg);
46     OSSL_CMP_CTX_free(fixture->cmp_ctx);
47     OPENSSL_free(fixture);
48 }
49 
50 static time_t test_time_valid = 0, test_time_after_expiration = 0;
51 
set_up(const char * const test_case_name)52 static CMP_VFY_TEST_FIXTURE *set_up(const char *const test_case_name)
53 {
54     X509_STORE *ts;
55     CMP_VFY_TEST_FIXTURE *fixture;
56 
57     if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
58         return NULL;
59 
60     ts = X509_STORE_new();
61     fixture->test_case_name = test_case_name;
62     if (ts == NULL
63             || !TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new(libctx, NULL))
64             || !OSSL_CMP_CTX_set0_trustedStore(fixture->cmp_ctx, ts)
65             || !OSSL_CMP_CTX_set_log_cb(fixture->cmp_ctx, print_to_bio_out)) {
66         tear_down(fixture);
67         X509_STORE_free(ts);
68         return NULL;
69     }
70     X509_VERIFY_PARAM_set_time(X509_STORE_get0_param(ts), test_time_valid);
71     X509_STORE_set_verify_cb(ts, X509_STORE_CTX_print_verify_cb);
72     return fixture;
73 }
74 
75 static X509 *srvcert = NULL;
76 static X509 *clcert = NULL;
77 /* chain */
78 static X509 *endentity1 = NULL, *endentity2 = NULL,
79     *intermediate = NULL, *root = NULL;
80 /* INSTA chain */
81 static X509 *insta_cert = NULL, *instaca_cert = NULL;
82 
83 static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
84 static OSSL_CMP_MSG *ir_unprotected, *ir_rmprotection;
85 
86 /* secret value used for IP_waitingStatus_PBM.der */
87 static const unsigned char sec_1[] = {
88     '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
89     'Q', '-', 'u', 'd', 'N', 'R'
90 };
91 
flip_bit(ASN1_BIT_STRING * bitstr)92 static int flip_bit(ASN1_BIT_STRING *bitstr)
93 {
94     int bit_num = 7;
95     int bit = ASN1_BIT_STRING_get_bit(bitstr, bit_num);
96 
97     return ASN1_BIT_STRING_set_bit(bitstr, bit_num, !bit);
98 }
99 
execute_verify_popo_test(CMP_VFY_TEST_FIXTURE * fixture)100 static int execute_verify_popo_test(CMP_VFY_TEST_FIXTURE *fixture)
101 {
102     if ((fixture->msg = load_pkimsg(ir_protected_f, libctx)) == NULL)
103         return 0;
104     if (fixture->expected == 0) {
105         const OSSL_CRMF_MSGS *reqs = fixture->msg->body->value.ir;
106         const OSSL_CRMF_MSG *req = sk_OSSL_CRMF_MSG_value(reqs, 0);
107         if (req == NULL || !flip_bit(req->popo->value.signature->signature))
108             return 0;
109     }
110     return TEST_int_eq(fixture->expected,
111                        ossl_cmp_verify_popo(fixture->cmp_ctx, fixture->msg,
112                                             fixture->additional_arg));
113 }
114 
test_verify_popo(void)115 static int test_verify_popo(void)
116 {
117     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
118     fixture->expected = 1;
119     EXECUTE_TEST(execute_verify_popo_test, tear_down);
120     return result;
121 }
122 
123 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_verify_popo_bad(void)124 static int test_verify_popo_bad(void)
125 {
126     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
127     fixture->expected = 0;
128     EXECUTE_TEST(execute_verify_popo_test, tear_down);
129     return result;
130 }
131 #endif
132 
execute_validate_msg_test(CMP_VFY_TEST_FIXTURE * fixture)133 static int execute_validate_msg_test(CMP_VFY_TEST_FIXTURE *fixture)
134 {
135     return TEST_int_eq(fixture->expected,
136                        ossl_cmp_msg_check_update(fixture->cmp_ctx, fixture->msg,
137                                                  NULL, 0));
138 }
139 
execute_validate_cert_path_test(CMP_VFY_TEST_FIXTURE * fixture)140 static int execute_validate_cert_path_test(CMP_VFY_TEST_FIXTURE *fixture)
141 {
142     X509_STORE *ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
143     int res = TEST_int_eq(fixture->expected,
144                           OSSL_CMP_validate_cert_path(fixture->cmp_ctx,
145                                                       ts, fixture->cert));
146 
147     OSSL_CMP_CTX_print_errors(fixture->cmp_ctx);
148     return res;
149 }
150 
test_validate_msg_mac_alg_protection(int miss,int wrong)151 static int test_validate_msg_mac_alg_protection(int miss, int wrong)
152 {
153     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
154 
155     fixture->expected = !miss && !wrong;
156     if (!TEST_true(miss ? OSSL_CMP_CTX_set0_trustedStore(fixture->cmp_ctx, NULL)
157                    : OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_1,
158                                                    wrong ? 4 : sizeof(sec_1)))
159             || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) {
160         tear_down(fixture);
161         fixture = NULL;
162     }
163     EXECUTE_TEST(execute_validate_msg_test, tear_down);
164     return result;
165 }
166 
test_validate_msg_mac_alg_protection_ok(void)167 static int test_validate_msg_mac_alg_protection_ok(void)
168 {
169     return test_validate_msg_mac_alg_protection(0, 0);
170 }
171 
test_validate_msg_mac_alg_protection_missing(void)172 static int test_validate_msg_mac_alg_protection_missing(void)
173 {
174     return test_validate_msg_mac_alg_protection(1, 0);
175 }
176 
test_validate_msg_mac_alg_protection_wrong(void)177 static int test_validate_msg_mac_alg_protection_wrong(void)
178 {
179     return test_validate_msg_mac_alg_protection(0, 1);
180 }
181 
182 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_validate_msg_mac_alg_protection_bad(void)183 static int test_validate_msg_mac_alg_protection_bad(void)
184 {
185     const unsigned char sec_bad[] = {
186         '9', 'p', 'p', '8', '-', 'b', '3', '5', 'i', '-', 'X', 'd', '3',
187         'Q', '-', 'u', 'd', 'N', 'r'
188     };
189 
190     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
191     fixture->expected = 0;
192 
193     if (!TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx, sec_bad,
194                                                  sizeof(sec_bad)))
195             || !TEST_ptr(fixture->msg = load_pkimsg(ip_waiting_f, libctx))) {
196         tear_down(fixture);
197         fixture = NULL;
198     }
199     EXECUTE_TEST(execute_validate_msg_test, tear_down);
200     return result;
201 }
202 #endif
203 
add_trusted(OSSL_CMP_CTX * ctx,X509 * cert)204 static int add_trusted(OSSL_CMP_CTX *ctx, X509 *cert)
205 {
206     return X509_STORE_add_cert(OSSL_CMP_CTX_get0_trustedStore(ctx), cert);
207 }
208 
add_untrusted(OSSL_CMP_CTX * ctx,X509 * cert)209 static int add_untrusted(OSSL_CMP_CTX *ctx, X509 *cert)
210 {
211     return X509_add_cert(OSSL_CMP_CTX_get0_untrusted(ctx), cert,
212                          X509_ADD_FLAG_UP_REF);
213 }
214 
test_validate_msg_signature_partial_chain(int expired)215 static int test_validate_msg_signature_partial_chain(int expired)
216 {
217     X509_STORE *ts;
218 
219     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
220 
221     ts = OSSL_CMP_CTX_get0_trustedStore(fixture->cmp_ctx);
222     fixture->expected = !expired;
223     if (ts == NULL
224             || !TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
225             || !add_trusted(fixture->cmp_ctx, srvcert)) {
226         tear_down(fixture);
227         fixture = NULL;
228     } else {
229         X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts);
230         X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_PARTIAL_CHAIN);
231         if (expired)
232             X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration);
233     }
234     EXECUTE_TEST(execute_validate_msg_test, tear_down);
235     return result;
236 }
237 
test_validate_msg_signature_trusted_ok(void)238 static int test_validate_msg_signature_trusted_ok(void)
239 {
240     return test_validate_msg_signature_partial_chain(0);
241 }
242 
243 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_validate_msg_signature_trusted_expired(void)244 static int test_validate_msg_signature_trusted_expired(void)
245 {
246     return test_validate_msg_signature_partial_chain(1);
247 }
248 #endif
249 
test_validate_msg_signature_srvcert(int bad_sig,int miss,int wrong)250 static int test_validate_msg_signature_srvcert(int bad_sig, int miss, int wrong)
251 {
252     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
253     fixture->cert = srvcert;
254     fixture->expected = !bad_sig && !wrong && !miss;
255     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
256         || !TEST_true(miss ? OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
257                                                            sec_1, sizeof(sec_1))
258                       :  OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx,
259                                                    wrong? clcert : srvcert))
260         || (bad_sig && !flip_bit(fixture->msg->protection))) {
261         tear_down(fixture);
262         fixture = NULL;
263     }
264     EXECUTE_TEST(execute_validate_msg_test, tear_down);
265     return result;
266 }
267 
test_validate_msg_signature_srvcert_missing(void)268 static int test_validate_msg_signature_srvcert_missing(void)
269 {
270     return test_validate_msg_signature_srvcert(0, 1, 0);
271 }
272 
test_validate_msg_signature_srvcert_wrong(void)273 static int test_validate_msg_signature_srvcert_wrong(void)
274 {
275     return test_validate_msg_signature_srvcert(0, 0, 1);
276 }
277 
278 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_validate_msg_signature_bad(void)279 static int test_validate_msg_signature_bad(void)
280 {
281     return test_validate_msg_signature_srvcert(1, 0, 0);
282 }
283 #endif
284 
test_validate_msg_signature_sender_cert_srvcert(void)285 static int test_validate_msg_signature_sender_cert_srvcert(void)
286 {
287     return test_validate_msg_signature_srvcert(0, 0, 0);
288 }
289 
test_validate_msg_signature_sender_cert_untrusted(void)290 static int test_validate_msg_signature_sender_cert_untrusted(void)
291 {
292     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
293     fixture->expected = 1;
294     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))
295             || !add_trusted(fixture->cmp_ctx, instaca_cert)
296             || !add_untrusted(fixture->cmp_ctx, insta_cert)) {
297         tear_down(fixture);
298         fixture = NULL;
299     }
300     EXECUTE_TEST(execute_validate_msg_test, tear_down);
301     return result;
302 }
303 
test_validate_msg_signature_sender_cert_trusted(void)304 static int test_validate_msg_signature_sender_cert_trusted(void)
305 {
306     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
307     fixture->expected = 1;
308     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))
309             || !add_trusted(fixture->cmp_ctx, instaca_cert)
310             || !add_trusted(fixture->cmp_ctx, insta_cert)) {
311         tear_down(fixture);
312         fixture = NULL;
313     }
314     EXECUTE_TEST(execute_validate_msg_test, tear_down);
315     return result;
316 }
317 
test_validate_msg_signature_sender_cert_extracert(void)318 static int test_validate_msg_signature_sender_cert_extracert(void)
319 {
320     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
321     fixture->expected = 1;
322     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_2_extracerts, libctx))
323             || !add_trusted(fixture->cmp_ctx, instaca_cert)) {
324         tear_down(fixture);
325         fixture = NULL;
326     }
327     EXECUTE_TEST(execute_validate_msg_test, tear_down);
328     return result;
329 }
330 
331 
332 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_validate_msg_signature_sender_cert_absent(void)333 static int test_validate_msg_signature_sender_cert_absent(void)
334 {
335     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
336     fixture->expected = 0;
337     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_0_extracerts, libctx))) {
338         tear_down(fixture);
339         fixture = NULL;
340     }
341     EXECUTE_TEST(execute_validate_msg_test, tear_down);
342     return result;
343 }
344 #endif
345 
test_validate_with_sender(const X509_NAME * name,int expected)346 static int test_validate_with_sender(const X509_NAME *name, int expected)
347 {
348     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
349     fixture->expected = expected;
350     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f, libctx))
351         || !TEST_true(OSSL_CMP_CTX_set1_expected_sender(fixture->cmp_ctx, name))
352         || !TEST_true(OSSL_CMP_CTX_set1_srvCert(fixture->cmp_ctx, srvcert))) {
353         tear_down(fixture);
354         fixture = NULL;
355     }
356     EXECUTE_TEST(execute_validate_msg_test, tear_down);
357     return result;
358 }
359 
test_validate_msg_signature_expected_sender(void)360 static int test_validate_msg_signature_expected_sender(void)
361 {
362     return test_validate_with_sender(X509_get_subject_name(srvcert), 1);
363 }
364 
test_validate_msg_signature_unexpected_sender(void)365 static int test_validate_msg_signature_unexpected_sender(void)
366 {
367     return test_validate_with_sender(X509_get_subject_name(root), 0);
368 }
369 
370 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_validate_msg_unprotected_request(void)371 static int test_validate_msg_unprotected_request(void)
372 {
373     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
374     fixture->expected = 0;
375     if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f, libctx))) {
376         tear_down(fixture);
377         fixture = NULL;
378     }
379     EXECUTE_TEST(execute_validate_msg_test, tear_down);
380     return result;
381 }
382 #endif
383 
setup_path(CMP_VFY_TEST_FIXTURE ** fixture,X509 * wrong,int expired)384 static void setup_path(CMP_VFY_TEST_FIXTURE **fixture, X509 *wrong, int expired)
385 {
386     (*fixture)->cert = endentity2;
387     (*fixture)->expected = wrong == NULL && !expired;
388     if (expired) {
389         X509_STORE *ts = OSSL_CMP_CTX_get0_trustedStore((*fixture)->cmp_ctx);
390         X509_VERIFY_PARAM *vpm = X509_STORE_get0_param(ts);
391         X509_VERIFY_PARAM_set_time(vpm, test_time_after_expiration);
392     }
393     if (!add_trusted((*fixture)->cmp_ctx, wrong == NULL ? root : wrong)
394             || !add_untrusted((*fixture)->cmp_ctx, endentity1)
395             || !add_untrusted((*fixture)->cmp_ctx, intermediate)) {
396         tear_down((*fixture));
397         (*fixture) = NULL;
398     }
399 }
400 
test_validate_cert_path_ok(void)401 static int test_validate_cert_path_ok(void)
402 {
403     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
404     setup_path(&fixture, NULL, 0);
405     EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
406     return result;
407 }
408 
test_validate_cert_path_wrong_anchor(void)409 static int test_validate_cert_path_wrong_anchor(void)
410 {
411     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
412     setup_path(&fixture, srvcert /* wrong/non-root cert */, 0);
413     EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
414     return result;
415 }
416 
test_validate_cert_path_expired(void)417 static int test_validate_cert_path_expired(void)
418 {
419     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
420     setup_path(&fixture, NULL, 1);
421     EXECUTE_TEST(execute_validate_cert_path_test, tear_down);
422     return result;
423 }
424 
execute_msg_check_test(CMP_VFY_TEST_FIXTURE * fixture)425 static int execute_msg_check_test(CMP_VFY_TEST_FIXTURE *fixture)
426 {
427     const OSSL_CMP_PKIHEADER *hdr = OSSL_CMP_MSG_get0_header(fixture->msg);
428     const ASN1_OCTET_STRING *tid = OSSL_CMP_HDR_get0_transactionID(hdr);
429 
430     if (!TEST_int_eq(fixture->expected,
431                      ossl_cmp_msg_check_update(fixture->cmp_ctx,
432                                                fixture->msg,
433                                                fixture->allow_unprotected_cb,
434                                                fixture->additional_arg)))
435         return 0;
436 
437     if (fixture->expected == 0) /* error expected aready during above check */
438         return 1;
439     return
440         TEST_int_eq(0,
441                     ASN1_OCTET_STRING_cmp(ossl_cmp_hdr_get0_senderNonce(hdr),
442                                           fixture->cmp_ctx->recipNonce))
443         && TEST_int_eq(0,
444                        ASN1_OCTET_STRING_cmp(tid,
445                                              fixture->cmp_ctx->transactionID));
446 }
447 
allow_unprotected(const OSSL_CMP_CTX * ctx,const OSSL_CMP_MSG * msg,int invalid_protection,int allow)448 static int allow_unprotected(const OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg,
449                              int invalid_protection, int allow)
450 {
451     return allow;
452 }
453 
setup_check_update(CMP_VFY_TEST_FIXTURE ** fixture,int expected,ossl_cmp_allow_unprotected_cb_t cb,int arg,const unsigned char * trid_data,const unsigned char * nonce_data)454 static void setup_check_update(CMP_VFY_TEST_FIXTURE **fixture, int expected,
455                                ossl_cmp_allow_unprotected_cb_t cb, int arg,
456                                const unsigned char *trid_data,
457                                const unsigned char *nonce_data)
458 {
459     OSSL_CMP_CTX *ctx = (*fixture)->cmp_ctx;
460     int nonce_len = OSSL_CMP_SENDERNONCE_LENGTH;
461 
462     (*fixture)->expected = expected;
463     (*fixture)->allow_unprotected_cb = cb;
464     (*fixture)->additional_arg = arg;
465     (*fixture)->msg = OSSL_CMP_MSG_dup(ir_rmprotection);
466     if ((*fixture)->msg == NULL
467         || (nonce_data != NULL
468             && !ossl_cmp_asn1_octet_string_set1_bytes(&ctx->senderNonce,
469                                                       nonce_data, nonce_len))) {
470         tear_down((*fixture));
471         (*fixture) = NULL;
472     } else if (trid_data != NULL) {
473         ASN1_OCTET_STRING *trid = ASN1_OCTET_STRING_new();
474         if (trid == NULL
475             || !ASN1_OCTET_STRING_set(trid, trid_data,
476                                       OSSL_CMP_TRANSACTIONID_LENGTH)
477             || !OSSL_CMP_CTX_set1_transactionID(ctx, trid)) {
478             tear_down((*fixture));
479             (*fixture) = NULL;
480         }
481         ASN1_OCTET_STRING_free(trid);
482     }
483 }
484 
485 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_msg_check_no_protection_no_cb(void)486 static int test_msg_check_no_protection_no_cb(void)
487 {
488     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
489     setup_check_update(&fixture, 0, NULL, 0, NULL, NULL);
490     EXECUTE_TEST(execute_msg_check_test, tear_down);
491     return result;
492 }
493 
test_msg_check_no_protection_restrictive_cb(void)494 static int test_msg_check_no_protection_restrictive_cb(void)
495 {
496     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
497     setup_check_update(&fixture, 0, allow_unprotected, 0, NULL, NULL);
498     EXECUTE_TEST(execute_msg_check_test, tear_down);
499     return result;
500 }
501 #endif
502 
test_msg_check_no_protection_permissive_cb(void)503 static int test_msg_check_no_protection_permissive_cb(void)
504 {
505     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
506     setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, NULL);
507     EXECUTE_TEST(execute_msg_check_test, tear_down);
508     return result;
509 }
510 
test_msg_check_transaction_id(void)511 static int test_msg_check_transaction_id(void)
512 {
513     /* Transaction id belonging to CMP_IR_rmprotection.der */
514     const unsigned char trans_id[OSSL_CMP_TRANSACTIONID_LENGTH] = {
515         0x39, 0xB6, 0x90, 0x28, 0xC4, 0xBC, 0x7A, 0xF6,
516         0xBE, 0xC6, 0x4A, 0x88, 0x97, 0xA6, 0x95, 0x0B
517     };
518 
519     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
520     setup_check_update(&fixture, 1, allow_unprotected, 1, trans_id, NULL);
521     EXECUTE_TEST(execute_msg_check_test, tear_down);
522     return result;
523 }
524 
525 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_msg_check_transaction_id_bad(void)526 static int test_msg_check_transaction_id_bad(void)
527 {
528     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
529     setup_check_update(&fixture, 0, allow_unprotected, 1, rand_data, NULL);
530     EXECUTE_TEST(execute_msg_check_test, tear_down);
531     return result;
532 }
533 #endif
534 
test_msg_check_recipient_nonce(void)535 static int test_msg_check_recipient_nonce(void)
536 {
537     /* Recipient nonce belonging to CMP_IP_ir_rmprotection.der */
538     const unsigned char rec_nonce[OSSL_CMP_SENDERNONCE_LENGTH] = {
539         0x48, 0xF1, 0x71, 0x1F, 0xE5, 0xAF, 0x1C, 0x8B,
540         0x21, 0x97, 0x5C, 0x84, 0x74, 0x49, 0xBA, 0x32
541     };
542 
543     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
544     setup_check_update(&fixture, 1, allow_unprotected, 1, NULL, rec_nonce);
545     EXECUTE_TEST(execute_msg_check_test, tear_down);
546     return result;
547 }
548 
549 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
test_msg_check_recipient_nonce_bad(void)550 static int test_msg_check_recipient_nonce_bad(void)
551 {
552     SETUP_TEST_FIXTURE(CMP_VFY_TEST_FIXTURE, set_up);
553     setup_check_update(&fixture, 0, allow_unprotected, 1, NULL, rand_data);
554     EXECUTE_TEST(execute_msg_check_test, tear_down);
555     return result;
556 }
557 #endif
558 
cleanup_tests(void)559 void cleanup_tests(void)
560 {
561     X509_free(srvcert);
562     X509_free(clcert);
563     X509_free(endentity1);
564     X509_free(endentity2);
565     X509_free(intermediate);
566     X509_free(root);
567     X509_free(insta_cert);
568     X509_free(instaca_cert);
569     OSSL_CMP_MSG_free(ir_unprotected);
570     OSSL_CMP_MSG_free(ir_rmprotection);
571     OSSL_PROVIDER_unload(default_null_provider);
572     OSSL_PROVIDER_unload(provider);
573     OSSL_LIB_CTX_free(libctx);
574     return;
575 }
576 
577 
578 #define USAGE "server.crt client.crt " \
579     "EndEntity1.crt EndEntity2.crt " \
580     "Root_CA.crt Intermediate_CA.crt " \
581     "CMP_IR_protected.der CMP_IR_unprotected.der " \
582     "IP_waitingStatus_PBM.der IR_rmprotection.der " \
583     "insta.cert.pem insta_ca.cert.pem " \
584     "IR_protected_0_extraCerts.der " \
585     "IR_protected_2_extraCerts.der module_name [module_conf_file]\n"
OPT_TEST_DECLARE_USAGE(USAGE)586 OPT_TEST_DECLARE_USAGE(USAGE)
587 
588 int setup_tests(void)
589 {
590     /* Set test time stamps */
591     struct tm ts = { 0 };
592 
593     ts.tm_year = 2018 - 1900;      /* 2018 */
594     ts.tm_mon = 1;                 /* February */
595     ts.tm_mday = 18;               /* 18th */
596     test_time_valid = mktime(&ts); /* February 18th 2018 */
597     ts.tm_year += 10;              /* February 18th 2028 */
598     test_time_after_expiration = mktime(&ts);
599 
600     if (!test_skip_common_options()) {
601         TEST_error("Error parsing test options\n");
602         return 0;
603     }
604 
605     RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH);
606     if (!TEST_ptr(server_f = test_get_argument(0))
607             || !TEST_ptr(client_f = test_get_argument(1))
608             || !TEST_ptr(endentity1_f = test_get_argument(2))
609             || !TEST_ptr(endentity2_f = test_get_argument(3))
610             || !TEST_ptr(root_f = test_get_argument(4))
611             || !TEST_ptr(intermediate_f = test_get_argument(5))
612             || !TEST_ptr(ir_protected_f = test_get_argument(6))
613             || !TEST_ptr(ir_unprotected_f = test_get_argument(7))
614             || !TEST_ptr(ip_waiting_f = test_get_argument(8))
615             || !TEST_ptr(ir_rmprotection_f = test_get_argument(9))
616             || !TEST_ptr(instacert_f = test_get_argument(10))
617             || !TEST_ptr(instaca_f = test_get_argument(11))
618             || !TEST_ptr(ir_protected_0_extracerts = test_get_argument(12))
619             || !TEST_ptr(ir_protected_2_extracerts = test_get_argument(13))) {
620         TEST_error("usage: cmp_vfy_test %s", USAGE);
621         return 0;
622     }
623 
624     if (!test_arg_libctx(&libctx, &default_null_provider, &provider, 14, USAGE))
625         return 0;
626 
627     /* Load certificates for cert chain */
628     if (!TEST_ptr(endentity1 = load_cert_pem(endentity1_f, libctx))
629             || !TEST_ptr(endentity2 = load_cert_pem(endentity2_f, libctx))
630             || !TEST_ptr(root = load_cert_pem(root_f, NULL))
631             || !TEST_ptr(intermediate = load_cert_pem(intermediate_f, libctx)))
632         goto err;
633 
634     if (!TEST_ptr(insta_cert = load_cert_pem(instacert_f, libctx))
635             || !TEST_ptr(instaca_cert = load_cert_pem(instaca_f, libctx)))
636         goto err;
637 
638     /* Load certificates for message validation */
639     if (!TEST_ptr(srvcert = load_cert_pem(server_f, libctx))
640             || !TEST_ptr(clcert = load_cert_pem(client_f, libctx)))
641         goto err;
642     if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
643         goto err;
644     if (!TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f, libctx))
645             || !TEST_ptr(ir_rmprotection = load_pkimsg(ir_rmprotection_f, libctx)))
646         goto err;
647 
648     /* Message validation tests */
649     ADD_TEST(test_verify_popo);
650 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
651     ADD_TEST(test_verify_popo_bad);
652 #endif
653     ADD_TEST(test_validate_msg_signature_trusted_ok);
654 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
655     ADD_TEST(test_validate_msg_signature_trusted_expired);
656     ADD_TEST(test_validate_msg_signature_srvcert_missing);
657 #endif
658     ADD_TEST(test_validate_msg_signature_srvcert_wrong);
659 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
660     ADD_TEST(test_validate_msg_signature_bad);
661 #endif
662     ADD_TEST(test_validate_msg_signature_sender_cert_srvcert);
663     ADD_TEST(test_validate_msg_signature_sender_cert_untrusted);
664     ADD_TEST(test_validate_msg_signature_sender_cert_trusted);
665     ADD_TEST(test_validate_msg_signature_sender_cert_extracert);
666 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
667     ADD_TEST(test_validate_msg_signature_sender_cert_absent);
668 #endif
669     ADD_TEST(test_validate_msg_signature_expected_sender);
670     ADD_TEST(test_validate_msg_signature_unexpected_sender);
671 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
672     ADD_TEST(test_validate_msg_unprotected_request);
673 #endif
674     ADD_TEST(test_validate_msg_mac_alg_protection_ok);
675 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
676     ADD_TEST(test_validate_msg_mac_alg_protection_missing);
677     ADD_TEST(test_validate_msg_mac_alg_protection_wrong);
678     ADD_TEST(test_validate_msg_mac_alg_protection_bad);
679 #endif
680 
681     /* Cert path validation tests */
682     ADD_TEST(test_validate_cert_path_ok);
683     ADD_TEST(test_validate_cert_path_expired);
684     ADD_TEST(test_validate_cert_path_wrong_anchor);
685 
686 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
687     ADD_TEST(test_msg_check_no_protection_no_cb);
688     ADD_TEST(test_msg_check_no_protection_restrictive_cb);
689 #endif
690     ADD_TEST(test_msg_check_no_protection_permissive_cb);
691     ADD_TEST(test_msg_check_transaction_id);
692 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
693     ADD_TEST(test_msg_check_transaction_id_bad);
694 #endif
695     ADD_TEST(test_msg_check_recipient_nonce);
696 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
697     ADD_TEST(test_msg_check_recipient_nonce_bad);
698 #endif
699 
700     return 1;
701 
702  err:
703     cleanup_tests();
704     return 0;
705 
706 }
707