aboutsummaryrefslogtreecommitdiff
path: root/apps/lib/cmp_mock_srv.c
diff options
context:
space:
mode:
Diffstat (limited to 'apps/lib/cmp_mock_srv.c')
-rw-r--r--apps/lib/cmp_mock_srv.c46
1 files changed, 24 insertions, 22 deletions
diff --git a/apps/lib/cmp_mock_srv.c b/apps/lib/cmp_mock_srv.c
index b37f3dd3d89c..637bd1d0b7a4 100644
--- a/apps/lib/cmp_mock_srv.c
+++ b/apps/lib/cmp_mock_srv.c
@@ -1,5 +1,5 @@
/*
- * Copyright 2018-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
* Copyright Siemens AG 2018-2020
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
@@ -14,7 +14,7 @@
#include <openssl/cmp.h>
#include <openssl/err.h>
#include <openssl/cmperr.h>
-
+
/* the context for the CMP mock server */
typedef struct
{
@@ -22,9 +22,8 @@ typedef struct
STACK_OF(X509) *chainOut; /* chain of certOut to add to extraCerts field */
STACK_OF(X509) *caPubsOut; /* certs to return in caPubs field of ip msg */
OSSL_CMP_PKISI *statusOut; /* status for ip/cp/kup/rp msg unless polling */
- int sendError; /* send error response also on valid requests */
+ int sendError; /* send error response on given request type */
OSSL_CMP_MSG *certReq; /* ir/cr/p10cr/kur remembered while polling */
- int certReqId; /* id of last ir/cr/kur, used for polling */
int pollCount; /* number of polls before actual cert response */
int curr_pollCount; /* number of polls so far for current request */
int checkAfterTime; /* time the client should wait between polling */
@@ -54,7 +53,7 @@ static mock_srv_ctx *mock_srv_ctx_new(void)
if ((ctx->statusOut = OSSL_CMP_PKISI_new()) == NULL)
goto err;
- ctx->certReqId = -1;
+ ctx->sendError = -1;
/* all other elements are initialized to 0 or NULL, respectively */
return ctx;
@@ -130,7 +129,7 @@ int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status,
return 1;
}
-int ossl_cmp_mock_srv_set_send_error(OSSL_CMP_SRV_CTX *srv_ctx, int val)
+int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype)
{
mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
@@ -138,7 +137,8 @@ int ossl_cmp_mock_srv_set_send_error(OSSL_CMP_SRV_CTX *srv_ctx, int val)
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
return 0;
}
- ctx->sendError = val != 0;
+ /* might check bodytype, but this would require exporting all body types */
+ ctx->sendError = bodytype;
return 1;
}
@@ -172,7 +172,7 @@ int ossl_cmp_mock_srv_set_checkAfterTime(OSSL_CMP_SRV_CTX *srv_ctx, int sec)
static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
const OSSL_CMP_MSG *cert_req,
- int certReqId,
+ ossl_unused int certReqId,
const OSSL_CRMF_MSG *crm,
const X509_REQ *p10cr,
X509 **certOut,
@@ -187,7 +187,8 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
return NULL;
}
- if (ctx->sendError) {
+ if (ctx->sendError == 1
+ || ctx->sendError == OSSL_CMP_MSG_get_bodytype(cert_req)) {
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
return NULL;
}
@@ -195,7 +196,6 @@ static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
*certOut = NULL;
*chainOut = NULL;
*caPubs = NULL;
- ctx->certReqId = certReqId;
if (ctx->pollCount > 0 && ctx->curr_pollCount == 0) {
/* start polling */
@@ -270,7 +270,8 @@ static OSSL_CMP_PKISI *process_rr(OSSL_CMP_SRV_CTX *srv_ctx,
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
return NULL;
}
- if (ctx->sendError || ctx->certOut == NULL) {
+ if (ctx->certOut == NULL || ctx->sendError == 1
+ || ctx->sendError == OSSL_CMP_MSG_get_bodytype(rr)) {
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
return NULL;
}
@@ -301,7 +302,9 @@ static int process_genm(OSSL_CMP_SRV_CTX *srv_ctx,
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
return 0;
}
- if (sk_OSSL_CMP_ITAV_num(in) > 1 || ctx->sendError) {
+ if (ctx->sendError == 1
+ || ctx->sendError == OSSL_CMP_MSG_get_bodytype(genm)
+ || sk_OSSL_CMP_ITAV_num(in) > 1) {
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
return 0;
}
@@ -358,7 +361,8 @@ static void process_error(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *error,
}
static int process_certConf(OSSL_CMP_SRV_CTX *srv_ctx,
- const OSSL_CMP_MSG *certConf, int certReqId,
+ const OSSL_CMP_MSG *certConf,
+ ossl_unused int certReqId,
const ASN1_OCTET_STRING *certHash,
const OSSL_CMP_PKISI *si)
{
@@ -369,17 +373,13 @@ static int process_certConf(OSSL_CMP_SRV_CTX *srv_ctx,
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
return 0;
}
- if (ctx->sendError || ctx->certOut == NULL) {
+ if (ctx->sendError == 1
+ || ctx->sendError == OSSL_CMP_MSG_get_bodytype(certConf)
+ || ctx->certOut == NULL) {
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
return 0;
}
- if (certReqId != ctx->certReqId) {
- /* in case of error, invalid reqId -1 */
- ERR_raise(ERR_LIB_CMP, CMP_R_BAD_REQUEST_ID);
- return 0;
- }
-
if ((digest = X509_digest_sig(ctx->certOut, NULL, NULL)) == NULL)
return 0;
if (ASN1_OCTET_STRING_cmp(certHash, digest) != 0) {
@@ -392,7 +392,8 @@ static int process_certConf(OSSL_CMP_SRV_CTX *srv_ctx,
}
static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx,
- const OSSL_CMP_MSG *pollReq, int certReqId,
+ const OSSL_CMP_MSG *pollReq,
+ ossl_unused int certReqId,
OSSL_CMP_MSG **certReq, int64_t *check_after)
{
mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
@@ -402,7 +403,8 @@ static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx,
ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
return 0;
}
- if (ctx->sendError) {
+ if (ctx->sendError == 1
+ || ctx->sendError == OSSL_CMP_MSG_get_bodytype(pollReq)) {
*certReq = NULL;
ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
return 0;
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-11 00:24:42 +0000