int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, char *privkeyfile) { SSL_CTX *serverctx = NULL; SSL_CTX *clientctx = NULL; if (!TEST_ptr(serverctx = SSL_CTX_new(sm)) || (cctx != NULL && !TEST_ptr(clientctx = SSL_CTX_new(cm)))) goto err; if (!TEST_int_eq(SSL_CTX_use_certificate_file(serverctx, certfile, SSL_FILETYPE_PEM), 1) || !TEST_int_eq(SSL_CTX_use_PrivateKey_file(serverctx, privkeyfile, SSL_FILETYPE_PEM), 1) || !TEST_int_eq(SSL_CTX_check_private_key(serverctx), 1)) goto err; #ifndef OPENSSL_NO_DH SSL_CTX_set_dh_auto(serverctx, 1); #endif *sctx = serverctx; if (cctx != NULL) *cctx = clientctx; return 1; err: SSL_CTX_free(serverctx); SSL_CTX_free(clientctx); return 0; }
static int test_default_cipherlist(SSL_CTX *ctx) { STACK_OF(SSL_CIPHER) *ciphers = NULL; SSL *ssl = NULL; int i, ret = 0, num_expected_ciphers, num_ciphers; uint32_t expected_cipher_id, cipher_id; if (ctx == NULL) return 0; if (!TEST_ptr(ssl = SSL_new(ctx)) || !TEST_ptr(ciphers = SSL_get1_supported_ciphers(ssl))) goto err; num_expected_ciphers = OSSL_NELEM(default_ciphers_in_order); num_ciphers = sk_SSL_CIPHER_num(ciphers); if (!TEST_int_eq(num_ciphers, num_expected_ciphers)) goto err; for (i = 0; i < num_ciphers; i++) { expected_cipher_id = default_ciphers_in_order[i]; cipher_id = SSL_CIPHER_get_id(sk_SSL_CIPHER_value(ciphers, i)); if (!TEST_int_eq(cipher_id, expected_cipher_id)) { TEST_info("Wrong cipher at position %d", i); goto err; } } ret = 1; err: sk_SSL_CIPHER_free(ciphers); SSL_free(ssl); return ret; }
static int test_v3(void) { STACK_OF(SSL_CIPHER) *sk = NULL, *scsv = NULL; /* ECDHE-ECDSA-AES256GCM, ECDHE-ECDSA-CHACHAPOLY, DHE-RSA-AES256GCM, * EMPTY-RENEGOTIATION-INFO-SCSV, FALLBACK-SCSV */ const unsigned char bytes[] = {0x00, 0x2f, 0x00, 0x33, 0x00, 0x9f, 0x00, 0xff, 0x56, 0x00}; int ret = 0; if (!SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 0, &sk, &scsv) || !TEST_ptr(sk) || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 3) || !TEST_ptr(scsv) || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 2) || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)), "AES128-SHA") || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)), "DHE-RSA-AES128-SHA") || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 2)), "DHE-RSA-AES256-GCM-SHA384") || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 0)), "TLS_EMPTY_RENEGOTIATION_INFO_SCSV") || !TEST_str_eq(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(scsv, 1)), "TLS_FALLBACK_SCSV")) goto err; ret = 1; err: sk_SSL_CIPHER_free(sk); sk_SSL_CIPHER_free(scsv); return ret; }
static int test_v2(void) { STACK_OF(SSL_CIPHER) *sk, *scsv; /* ECDHE-ECDSA-AES256GCM, SSL2_RC4_1238_WITH_MD5, * ECDHE-ECDSA-CHACHA20-POLY1305 */ const unsigned char bytes[] = {0x00, 0x00, 0x35, 0x01, 0x00, 0x80, 0x00, 0x00, 0x33}; int ret = 0; if (!TEST_true(SSL_bytes_to_cipher_list(s, bytes, sizeof(bytes), 1, &sk, &scsv)) || !TEST_ptr(sk) || !TEST_int_eq(sk_SSL_CIPHER_num(sk), 2) || !TEST_ptr(scsv) || !TEST_int_eq(sk_SSL_CIPHER_num(scsv), 0)) goto err; if (strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 0)), "AES256-SHA") != 0 || strcmp(SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk, 1)), "DHE-RSA-AES128-SHA") != 0) goto err; ret = 1; err: sk_SSL_CIPHER_free(sk); sk_SSL_CIPHER_free(scsv); return ret; }
static int test_SU_stack(void) { STACK_OF(SU) *s = sk_SU_new_null(); SU v[10]; const int n = OSSL_NELEM(v); int i; int testresult = 0; /* allocate and push */ for (i = 0; i < n; i++) { if ((i & 1) == 0) v[i].n = i; else v[i].c = 'A' + i; if (!TEST_int_eq(sk_SU_num(s), i)) { TEST_info("SU stack size %d", i); goto end; } sk_SU_push(s, v + i); } if (!TEST_int_eq(sk_SU_num(s), n)) goto end; /* check the pointers are correct */ for (i = 0; i < n; i++) if (!TEST_ptr_eq(sk_SU_value(s, i), v + i)) { TEST_info("SU pointer check %d", i); goto end; } testresult = 1; end: sk_SU_free(s); return testresult; }
static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { if (!TEST_int_eq(result->client_resumed, result->server_resumed)) return 0; if (!TEST_int_eq(result->client_resumed, test_ctx->resumption_expected)) return 0; return 1; }
static int test_func(void) { if (!TEST_int_eq(SSL_CTX_get_min_proto_version(ctx), TLS1_2_VERSION) && !TEST_int_eq(SSL_CTX_get_max_proto_version(ctx), TLS1_2_VERSION)) { TEST_info("min/max version setting incorrect"); return 0; } return 1; }
static int check_alerts(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { if (!TEST_int_eq(result->client_alert_sent, result->client_alert_received)) { TEST_info("Client sent alert %s but server received %s.", print_alert(result->client_alert_sent), print_alert(result->client_alert_received)); /* * We can't bail here because the peer doesn't always get far enough * to process a received alert. Specifically, in protocol version * negotiation tests, we have the following scenario. * Client supports TLS v1.2 only; Server supports TLS v1.1. * Client proposes TLS v1.2; server responds with 1.1; * Client now sends a protocol alert, using TLS v1.2 in the header. * The server, however, rejects the alert because of version mismatch * in the record layer; therefore, the server appears to never * receive the alert. */ /* return 0; */ } if (!TEST_int_eq(result->server_alert_sent, result->server_alert_received)) { TEST_info("Server sent alert %s but client received %s.", print_alert(result->server_alert_sent), print_alert(result->server_alert_received)); /* return 0; */ } /* Tolerate an alert if one wasn't explicitly specified in the test. */ if (test_ctx->expected_client_alert /* * The info callback alert value is computed as * (s->s3->send_alert[0] << 8) | s->s3->send_alert[1] * where the low byte is the alert code and the high byte is other stuff. */ && (result->client_alert_sent & 0xff) != test_ctx->expected_client_alert) { TEST_error("ClientAlert mismatch: expected %s, got %s.", print_alert(test_ctx->expected_client_alert), print_alert(result->client_alert_sent)); return 0; } if (test_ctx->expected_server_alert && (result->server_alert_sent & 0xff) != test_ctx->expected_server_alert) { TEST_error("ServerAlert mismatch: expected %s, got %s.", print_alert(test_ctx->expected_server_alert), print_alert(result->server_alert_sent)); return 0; } if (!TEST_int_le(result->client_num_fatal_alerts_sent, 1)) return 0; if (!TEST_int_le(result->server_num_fatal_alerts_sent, 1)) return 0; return 1; }
static int clientconf_eq(SSL_TEST_CLIENT_CONF *conf1, SSL_TEST_CLIENT_CONF *conf2) { if (!TEST_int_eq(conf1->verify_callback, conf2->verify_callback) || !TEST_int_eq(conf1->servername, conf2->servername) || !TEST_str_eq(conf1->npn_protocols, conf2->npn_protocols) || !TEST_str_eq(conf1->alpn_protocols, conf2->alpn_protocols) || !TEST_int_eq(conf1->ct_validation, conf2->ct_validation)) return 0; return 1; }
static int serverconf_eq(SSL_TEST_SERVER_CONF *serv, SSL_TEST_SERVER_CONF *serv2) { if (!TEST_int_eq(serv->servername_callback, serv2->servername_callback) || !TEST_str_eq(serv->npn_protocols, serv2->npn_protocols) || !TEST_str_eq(serv->alpn_protocols, serv2->alpn_protocols) || !TEST_int_eq(serv->broken_session_ticket, serv2->broken_session_ticket) || !TEST_int_eq(serv->cert_status, serv2->cert_status)) return 0; return 1; }
static int dsa_test(void) { BN_GENCB *cb; DSA *dsa = NULL; int counter, ret = 0, i, j; unsigned char buf[256]; unsigned long h; unsigned char sig[256]; unsigned int siglen; const BIGNUM *p = NULL, *q = NULL, *g = NULL; if (!TEST_ptr(cb = BN_GENCB_new())) goto end; BN_GENCB_set(cb, dsa_cb, NULL); if (!TEST_ptr(dsa = DSA_new()) || !TEST_true(DSA_generate_parameters_ex(dsa, 512, seed, 20, &counter, &h, cb))) goto end; if (!TEST_int_eq(counter, 105)) goto end; if (!TEST_int_eq(h, 2)) goto end; DSA_get0_pqg(dsa, &p, &q, &g); i = BN_bn2bin(q, buf); j = sizeof(out_q); if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_q, i)) goto end; i = BN_bn2bin(p, buf); j = sizeof(out_p); if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_p, i)) goto end; i = BN_bn2bin(g, buf); j = sizeof(out_g); if (!TEST_int_eq(i, j) || !TEST_mem_eq(buf, i, out_g, i)) goto end; DSA_generate_key(dsa); DSA_sign(0, str1, 20, sig, &siglen, dsa); if (TEST_true(DSA_verify(0, str1, 20, sig, siglen, dsa))) ret = 1; end: DSA_free(dsa); BN_GENCB_free(cb); return ret; }
int setup_tests(void) { ADD_TEST(test_EVP_DigestSignInit); ADD_TEST(test_EVP_DigestVerifyInit); ADD_TEST(test_EVP_Enveloped); ADD_ALL_TESTS(test_d2i_AutoPrivateKey, OSSL_NELEM(keydata)); #ifndef OPENSSL_NO_EC ADD_TEST(test_EVP_PKCS82PKEY); #endif #ifndef OPENSSL_NO_SM2 ADD_TEST(test_EVP_SM2); ADD_TEST(test_EVP_SM2_verify); #endif ADD_ALL_TESTS(test_set_get_raw_keys, OSSL_NELEM(keys)); custom_pmeth = EVP_PKEY_meth_new(0xdefaced, 0); if (!TEST_ptr(custom_pmeth)) return 0; EVP_PKEY_meth_set_check(custom_pmeth, pkey_custom_check); EVP_PKEY_meth_set_public_check(custom_pmeth, pkey_custom_pub_check); EVP_PKEY_meth_set_param_check(custom_pmeth, pkey_custom_param_check); if (!TEST_int_eq(EVP_PKEY_meth_add0(custom_pmeth), 1)) return 0; ADD_ALL_TESTS(test_EVP_PKEY_check, OSSL_NELEM(keycheckdata)); ADD_TEST(test_HKDF); #ifndef OPENSSL_NO_EC ADD_TEST(test_X509_PUBKEY_inplace); #endif return 1; }
static int fbytes(unsigned char *buf, int num) { int ret = 0; BIGNUM *tmp = NULL; if (use_fake == 0) return old_rand->bytes(buf, num); use_fake = 0; if (fbytes_counter >= 8) return 0; if (!TEST_ptr(tmp = BN_new())) return 0; if (!TEST_true(BN_dec2bn(&tmp, numbers[fbytes_counter]))) { BN_free(tmp); return 0; } fbytes_counter++; if (TEST_int_eq(BN_num_bytes(tmp), num) && TEST_true(BN_bn2bin(tmp, buf))) ret = 1; BN_free(tmp); return ret; }
/* * Create an SSL connection including any post handshake NewSessionTicket * messages. */ int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want) { int i; unsigned char buf; size_t readbytes; if (!create_bare_ssl_connection(serverssl, clientssl, want)) return 0; /* * We attempt to read some data on the client side which we expect to fail. * This will ensure we have received the NewSessionTicket in TLSv1.3 where * appropriate. We do this twice because there are 2 NewSesionTickets. */ for (i = 0; i < 2; i++) { if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) { if (!TEST_ulong_eq(readbytes, 0)) return 0; } else if (!TEST_int_eq(SSL_get_error(clientssl, 0), SSL_ERROR_WANT_READ)) { return 0; } } return 1; }
int main(int argc, char *argv[]) { #ifndef OPENSSL_NO_CRYPTO_MDEBUG char *p; char *lost; int noleak; p = getenv("OPENSSL_DEBUG_MEMORY"); if (p != NULL && strcmp(p, "on") == 0) CRYPTO_set_mem_debug(1); CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); lost = OPENSSL_malloc(3); if (!TEST_ptr(lost)) return EXIT_FAILURE; if (argv[1] && strcmp(argv[1], "freeit") == 0) { OPENSSL_free(lost); lost = NULL; } noleak = CRYPTO_mem_leaks_fp(stderr); /* If -1 return value something bad happened */ if (!TEST_int_ne(noleak, -1)) return EXIT_FAILURE; return TEST_int_eq(lost != NULL, noleak == 0) ? EXIT_SUCCESS : EXIT_FAILURE; #else return EXIT_SUCCESS; #endif }
static int test_sanity_twos_complement(void) { /* Basic two's complement checks. */ if (!TEST_int_eq(~(-1), 0) || !TEST_long_eq(~(-1L), 0L)) return 0; return 1; }
static int test_sanity_sign(void) { /* Check that values with sign bit 1 and value bits 0 are valid */ if (!TEST_int_eq(-(INT_MIN + 1), INT_MAX) || !TEST_long_eq(-(LONG_MIN + 1), LONG_MAX)) return 0; return 1; }
static int test_sanity_unsigned_convertion(void) { /* Check that unsigned-to-signed conversions preserve bit patterns */ if (!TEST_int_eq((int)((unsigned int)INT_MAX + 1), INT_MIN) || !TEST_long_eq((long)((unsigned long)LONG_MAX + 1), LONG_MIN)) return 0; return 1; }
static int test_property_string(void) { OSSL_METHOD_STORE *store; int res = 0; OSSL_PROPERTY_IDX i, j; if (TEST_ptr(store = ossl_method_store_new(NULL)) && TEST_int_eq(ossl_property_name(NULL, "fnord", 0), 0) && TEST_int_ne(ossl_property_name(NULL, "fnord", 1), 0) && TEST_int_ne(ossl_property_name(NULL, "name", 1), 0) /* Property value checks */ && TEST_int_eq(ossl_property_value(NULL, "fnord", 0), 0) && TEST_int_ne(i = ossl_property_value(NULL, "no", 0), 0) && TEST_int_ne(j = ossl_property_value(NULL, "yes", 0), 0) && TEST_int_ne(i, j) && TEST_int_eq(ossl_property_value(NULL, "yes", 1), j) && TEST_int_eq(ossl_property_value(NULL, "no", 1), i) && TEST_int_ne(i = ossl_property_value(NULL, "illuminati", 1), 0) && TEST_int_eq(j = ossl_property_value(NULL, "fnord", 1), i + 1) && TEST_int_eq(ossl_property_value(NULL, "fnord", 1), j) /* Check name and values are distinct */ && TEST_int_eq(ossl_property_value(NULL, "cold", 0), 0) && TEST_int_ne(ossl_property_name(NULL, "fnord", 0), ossl_property_value(NULL, "fnord", 0))) res = 1; ossl_method_store_free(store); return res; }
int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want) { int retc = -1, rets = -1, err, abortctr = 0; int clienterr = 0, servererr = 0; unsigned char buf; size_t readbytes; do { err = SSL_ERROR_WANT_WRITE; while (!clienterr && retc <= 0 && err == SSL_ERROR_WANT_WRITE) { retc = SSL_connect(clientssl); if (retc <= 0) err = SSL_get_error(clientssl, retc); } if (!clienterr && retc <= 0 && err != SSL_ERROR_WANT_READ) { TEST_info("SSL_connect() failed %d, %d", retc, err); clienterr = 1; } if (want != SSL_ERROR_NONE && err == want) return 0; err = SSL_ERROR_WANT_WRITE; while (!servererr && rets <= 0 && err == SSL_ERROR_WANT_WRITE) { rets = SSL_accept(serverssl); if (rets <= 0) err = SSL_get_error(serverssl, rets); } if (!servererr && rets <= 0 && err != SSL_ERROR_WANT_READ) { TEST_info("SSL_accept() failed %d, %d", rets, err); servererr = 1; } if (want != SSL_ERROR_NONE && err == want) return 0; if (clienterr && servererr) return 0; if (++abortctr == MAXLOOPS) { TEST_info("No progress made"); return 0; } } while (retc <=0 || rets <= 0); /* * We attempt to read some data on the client side which we expect to fail. * This will ensure we have received the NewSessionTicket in TLSv1.3 where * appropriate. */ if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) { if (!TEST_ulong_eq(readbytes, 0)) return 0; } else if (!TEST_int_eq(SSL_get_error(clientssl, 0), SSL_ERROR_WANT_READ)) { return 0; } return 1; }
static int test_resp_signer(void) { OCSP_BASICRESP *bs = NULL; X509 *signer = NULL, *tmp; EVP_PKEY *key = NULL; STACK_OF(X509) *extra_certs = NULL; int ret = 0; /* * Test a response with no certs at all; get the signer from the * extra certs given to OCSP_resp_get0_signer(). */ bs = make_dummy_resp(); extra_certs = sk_X509_new_null(); if (!TEST_ptr(bs) || !TEST_ptr(extra_certs) || !TEST_true(get_cert_and_key(&signer, &key)) || !TEST_true(sk_X509_push(extra_certs, signer)) || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), NULL, OCSP_NOCERTS))) goto err; if (!TEST_true(OCSP_resp_get0_signer(bs, &tmp, extra_certs)) || !TEST_int_eq(X509_cmp(tmp, signer), 0)) goto err; OCSP_BASICRESP_free(bs); /* Do it again but include the signer cert */ bs = make_dummy_resp(); tmp = NULL; if (!TEST_ptr(bs) || !TEST_true(OCSP_basic_sign(bs, signer, key, EVP_sha1(), NULL, 0))) goto err; if (!TEST_true(OCSP_resp_get0_signer(bs, &tmp, NULL)) || !TEST_int_eq(X509_cmp(tmp, signer), 0)) goto err; ret = 1; err: OCSP_BASICRESP_free(bs); sk_X509_free(extra_certs); X509_free(signer); EVP_PKEY_free(key); return ret; }
static int sanity_check_bytes(size_t (*rng)(unsigned char *, size_t), int rounds, int min_failures, int max_retries, int max_zero_words) { int testresult = 0; unsigned char prior[31] = {0}, buf[31] = {0}, check[7]; int failures = 0, zero_words = 0; int i; for (i = 0; i < rounds; i++) { size_t generated = 0; int retry; for (retry = 0; retry < max_retries; retry++) { generated = rng(buf, sizeof(buf)); if (generated == sizeof(buf)) break; failures++; } /*- * Verify that we don't have too many unexpected runs of zeroes, * implying that we might be accidentally using the 32-bit RDRAND * instead of the 64-bit one on 64-bit systems. */ size_t j; for (j = 0; j < sizeof(buf) - 1; j++) { if (buf[j] == 0 && buf[j+1] == 0) { zero_words++; } } if (!TEST_int_eq(generated, sizeof(buf))) goto end; if (!TEST_false(!memcmp(prior, buf, sizeof(buf)))) goto end; /* Verify that the last 7 bytes of buf aren't all the same value */ unsigned char *tail = &buf[sizeof(buf) - sizeof(check)]; memset(check, tail[0], 7); if (!TEST_false(!memcmp(check, tail, sizeof(check)))) goto end; /* Save the result and make sure it's different next time */ memcpy(prior, buf, sizeof(buf)); } if (!TEST_int_le(zero_words, max_zero_words)) goto end; if (!TEST_int_ge(failures, min_failures)) goto end; testresult = 1; end: return testresult; }
static int test_context(OPENSSL_CTX *ctx) { FOO *data = NULL; return TEST_true(foo_init()) && TEST_ptr(data = openssl_ctx_get_data(ctx, foo_index)) /* OPENSSL_zalloc in foo_new() initialized it to zero */ && TEST_int_eq(data->i, 42); }
static int check_servername(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { if (!TEST_int_eq(result->servername, test_ctx->expected_servername)) { TEST_info("Client ServerName mismatch, expected %s, got %s.", ssl_servername_name(test_ctx->expected_servername), ssl_servername_name(result->servername)); return 0; } return 1; }
static int check_result(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { if (!TEST_int_eq(result->result, test_ctx->expected_result)) { TEST_info("ExpectedResult mismatch: expected %s, got %s.", ssl_test_result_name(test_ctx->expected_result), ssl_test_result_name(result->result)); return 0; } return 1; }
static int test_offset(int idx) { ASN1_TIME at; const TESTDATA *testdata = &tests[idx]; int ret = -2; int day, sec; at.data = (unsigned char*)testdata->data; at.length = strlen(testdata->data); at.type = testdata->type; if (!TEST_true(ASN1_TIME_diff(&day, &sec, &the_asn1_time, &at))) { TEST_info("ASN1_TIME_diff() failed for %s\n", at.data); return 0; } if (day > 0) ret = 1; else if (day < 0) ret = -1; else if (sec > 0) ret = 1; else if (sec < 0) ret = -1; else ret = 0; if (!TEST_int_eq(testdata->time_result, ret)) { TEST_info("ASN1_TIME_diff() test failed for %s day=%d sec=%d\n", at.data, day, sec); return 0; } if (at.type == V_ASN1_UTCTIME) ret = ASN1_UTCTIME_cmp_time_t(&at, the_time); else return 1; /* no other cmp_time_t() functions available, yet */ if (!TEST_int_eq(testdata->time_result, ret)) { TEST_info("ASN1_UTCTIME_cmp_time_t() test failed for %s\n", at.data); return 0; } return 1; }
static int genkeys(void) { if (!TEST_ptr(dsakey = load_dsa_params())) return 0; if (!TEST_int_eq(DSA_generate_key(dsakey), 1)) return 0; return 1; }
static int test_big(void) { char buf[80]; /* Test excessively big number. Should fail */ if (!TEST_int_eq(BIO_snprintf(buf, sizeof(buf), "%f\n", 2 * (double)ULONG_MAX), -1)) return 0; return 1; }
/* * Usage: d2i_test <type> <file>, e.g. * d2i_test generalname bad_generalname.der */ int test_main(int argc, char *argv[]) { const char *test_type_name; const char *expected_error_string; size_t i; static error_enum expected_errors[] = { {"OK", ASN1_OK}, {"BIO", ASN1_BIO}, {"decode", ASN1_DECODE}, {"encode", ASN1_ENCODE}, {"compare", ASN1_COMPARE} }; if (!TEST_int_eq(argc, 4)) { fprintf(stderr, "Usage: d2i_test item_name expected_error file.der\n"); return 1; } test_type_name = argv[1]; expected_error_string = argv[2]; test_file = argv[3]; item_type = ASN1_ITEM_lookup(test_type_name); if (item_type == NULL) { TEST_error("Unknown type %s\n", test_type_name); fprintf(stderr, "Supported types:\n"); for (i = 0;; i++) { const ASN1_ITEM *it = ASN1_ITEM_get(i); if (it == NULL) break; fprintf(stderr, "\t%s\n", it->sname); } return 1; } for (i = 0; i < OSSL_NELEM(expected_errors); i++) { if (strcmp(expected_errors[i].str, expected_error_string) == 0) { expected_error = expected_errors[i].code; break; } } if (expected_error == ASN1_UNKNOWN) { TEST_error("Unknown expected error %s\n", expected_error_string); return 1; } ADD_TEST(test_bad_asn1); return run_tests(argv[0]); }
static int check_protocol(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) { if (!TEST_int_eq(result->client_protocol, result->server_protocol)) { TEST_info("Client has protocol %s but server has %s.", ssl_protocol_name(result->client_protocol), ssl_protocol_name(result->server_protocol)); return 0; } if (test_ctx->expected_protocol) { if (!TEST_int_eq(result->client_protocol, test_ctx->expected_protocol)) { TEST_info("Protocol mismatch: expected %s, got %s.\n", ssl_protocol_name(test_ctx->expected_protocol), ssl_protocol_name(result->client_protocol)); return 0; } } return 1; }