]> git.ipfire.org Git - thirdparty/openssl.git/blob - apps/lib/cmp_mock_srv.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
crypto/cmp/,apps/lib/cmp_mock_srv.c: various improvements on delayed delivery
[thirdparty/openssl.git] / apps / lib / cmp_mock_srv.c
1 /*
2 * Copyright 2018-2023 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Siemens AG 2018-2020
4 *
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or atf
8 * https://www.openssl.org/source/license.html
9 */
10
11 #include "apps.h"
12 #include "cmp_mock_srv.h"
13
14 #include <openssl/cmp.h>
15 #include <openssl/err.h>
16 #include <openssl/cmperr.h>
17
18 /* the context for the CMP mock server */
19 typedef struct
20 {
21 X509 *refCert; /* cert to expect for oldCertID in kur/rr msg */
22 X509 *certOut; /* certificate to be returned in cp/ip/kup msg */
23 STACK_OF(X509) *chainOut; /* chain of certOut to add to extraCerts field */
24 STACK_OF(X509) *caPubsOut; /* used in caPubs of ip and in caCerts of genp */
25 X509 *newWithNew; /* to return in newWithNew of rootKeyUpdate */
26 X509 *newWithOld; /* to return in newWithOld of rootKeyUpdate */
27 X509 *oldWithNew; /* to return in oldWithNew of rootKeyUpdate */
28 OSSL_CMP_PKISI *statusOut; /* status for ip/cp/kup/rp msg unless polling */
29 int sendError; /* send error response on given request type */
30 OSSL_CMP_MSG *req; /* original request message during polling */
31 int pollCount; /* number of polls before actual cert response */
32 int curr_pollCount; /* number of polls so far for current request */
33 int checkAfterTime; /* time the client should wait between polling */
34 } mock_srv_ctx;
35
36 static void mock_srv_ctx_free(mock_srv_ctx *ctx)
37 {
38 if (ctx == NULL)
39 return;
40
41 OSSL_CMP_PKISI_free(ctx->statusOut);
42 X509_free(ctx->refCert);
43 X509_free(ctx->certOut);
44 OSSL_STACK_OF_X509_free(ctx->chainOut);
45 OSSL_STACK_OF_X509_free(ctx->caPubsOut);
46 OSSL_CMP_MSG_free(ctx->req);
47 OPENSSL_free(ctx);
48 }
49
50 static mock_srv_ctx *mock_srv_ctx_new(void)
51 {
52 mock_srv_ctx *ctx = OPENSSL_zalloc(sizeof(mock_srv_ctx));
53
54 if (ctx == NULL)
55 goto err;
56
57 if ((ctx->statusOut = OSSL_CMP_PKISI_new()) == NULL)
58 goto err;
59
60 ctx->sendError = -1;
61
62 /* all other elements are initialized to 0 or NULL, respectively */
63 return ctx;
64 err:
65 mock_srv_ctx_free(ctx);
66 return NULL;
67 }
68
69 #define DEFINE_OSSL_SET1_CERT(FIELD) \
70 int ossl_cmp_mock_srv_set1_##FIELD(OSSL_CMP_SRV_CTX *srv_ctx, \
71 X509 *cert) \
72 { \
73 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx); \
74 \
75 if (ctx == NULL) { \
76 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT); \
77 return 0; \
78 } \
79 if (cert == NULL || X509_up_ref(cert)) { \
80 X509_free(ctx->FIELD); \
81 ctx->FIELD = cert; \
82 return 1; \
83 } \
84 return 0; \
85 }
86
87 DEFINE_OSSL_SET1_CERT(refCert)
88 DEFINE_OSSL_SET1_CERT(certOut)
89
90 int ossl_cmp_mock_srv_set1_chainOut(OSSL_CMP_SRV_CTX *srv_ctx,
91 STACK_OF(X509) *chain)
92 {
93 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
94 STACK_OF(X509) *chain_copy = NULL;
95
96 if (ctx == NULL) {
97 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
98 return 0;
99 }
100 if (chain != NULL && (chain_copy = X509_chain_up_ref(chain)) == NULL)
101 return 0;
102 OSSL_STACK_OF_X509_free(ctx->chainOut);
103 ctx->chainOut = chain_copy;
104 return 1;
105 }
106
107 int ossl_cmp_mock_srv_set1_caPubsOut(OSSL_CMP_SRV_CTX *srv_ctx,
108 STACK_OF(X509) *caPubs)
109 {
110 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
111 STACK_OF(X509) *caPubs_copy = NULL;
112
113 if (ctx == NULL) {
114 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
115 return 0;
116 }
117 if (caPubs != NULL && (caPubs_copy = X509_chain_up_ref(caPubs)) == NULL)
118 return 0;
119 OSSL_STACK_OF_X509_free(ctx->caPubsOut);
120 ctx->caPubsOut = caPubs_copy;
121 return 1;
122 }
123
124 DEFINE_OSSL_SET1_CERT(newWithNew)
125 DEFINE_OSSL_SET1_CERT(newWithOld)
126 DEFINE_OSSL_SET1_CERT(oldWithNew)
127
128 int ossl_cmp_mock_srv_set_statusInfo(OSSL_CMP_SRV_CTX *srv_ctx, int status,
129 int fail_info, const char *text)
130 {
131 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
132 OSSL_CMP_PKISI *si;
133
134 if (ctx == NULL) {
135 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
136 return 0;
137 }
138 if ((si = OSSL_CMP_STATUSINFO_new(status, fail_info, text)) == NULL)
139 return 0;
140 OSSL_CMP_PKISI_free(ctx->statusOut);
141 ctx->statusOut = si;
142 return 1;
143 }
144
145 int ossl_cmp_mock_srv_set_sendError(OSSL_CMP_SRV_CTX *srv_ctx, int bodytype)
146 {
147 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
148
149 if (ctx == NULL) {
150 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
151 return 0;
152 }
153 /* might check bodytype, but this would require exporting all body types */
154 ctx->sendError = bodytype;
155 return 1;
156 }
157
158 int ossl_cmp_mock_srv_set_pollCount(OSSL_CMP_SRV_CTX *srv_ctx, int count)
159 {
160 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
161
162 if (ctx == NULL) {
163 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
164 return 0;
165 }
166 if (count < 0) {
167 ERR_raise(ERR_LIB_CMP, CMP_R_INVALID_ARGS);
168 return 0;
169 }
170 ctx->pollCount = count;
171 return 1;
172 }
173
174 int ossl_cmp_mock_srv_set_checkAfterTime(OSSL_CMP_SRV_CTX *srv_ctx, int sec)
175 {
176 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
177
178 if (ctx == NULL) {
179 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
180 return 0;
181 }
182 ctx->checkAfterTime = sec;
183 return 1;
184 }
185
186 /* determine whether to delay response to (non-polling) request */
187 static int delayed_delivery(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req)
188 {
189 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
190 int req_type = OSSL_CMP_MSG_get_bodytype(req);
191
192 if (ctx == NULL || req == NULL) {
193 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
194 return -1;
195 }
196
197 /*
198 * For ir/cr/p10cr/kur delayed delivery is handled separately in
199 * process_cert_request
200 */
201 if (req_type == OSSL_CMP_IR
202 || req_type == OSSL_CMP_CR
203 || req_type == OSSL_CMP_P10CR
204 || req_type == OSSL_CMP_KUR
205 /* Client may use error to abort the ongoing polling */
206 || req_type == OSSL_CMP_ERROR)
207 return 0;
208
209 if (ctx->pollCount > 0 && ctx->curr_pollCount == 0) {
210 /* start polling */
211 if (ctx->req != NULL) { /* TODO: move this check to cmp_server.c */
212 /* already in polling mode */
213 ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_PKIBODY);
214 return -1;
215 }
216 if ((ctx->req = OSSL_CMP_MSG_dup(req)) == NULL)
217 return -1;
218 return 1;
219 }
220 return 0;
221 }
222
223 /* check for matching reference cert components, as far as given */
224 static int refcert_cmp(const X509 *refcert,
225 const X509_NAME *issuer, const ASN1_INTEGER *serial)
226 {
227 const X509_NAME *ref_issuer;
228 const ASN1_INTEGER *ref_serial;
229
230 if (refcert == NULL)
231 return 1;
232 ref_issuer = X509_get_issuer_name(refcert);
233 ref_serial = X509_get0_serialNumber(refcert);
234 return (ref_issuer == NULL || X509_NAME_cmp(issuer, ref_issuer) == 0)
235 && (ref_serial == NULL || ASN1_INTEGER_cmp(serial, ref_serial) == 0);
236 }
237
238 /* reset the state that belongs to a transaction */
239 static int clean_transaction(OSSL_CMP_SRV_CTX *srv_ctx,
240 ossl_unused const ASN1_OCTET_STRING *id)
241 {
242 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
243
244 if (ctx == NULL) {
245 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
246 return 0;
247 }
248
249 ctx->curr_pollCount = 0;
250 OSSL_CMP_MSG_free(ctx->req);
251 ctx->req = NULL;
252 return 1;
253 }
254
255 static OSSL_CMP_PKISI *process_cert_request(OSSL_CMP_SRV_CTX *srv_ctx,
256 const OSSL_CMP_MSG *cert_req,
257 ossl_unused int certReqId,
258 const OSSL_CRMF_MSG *crm,
259 const X509_REQ *p10cr,
260 X509 **certOut,
261 STACK_OF(X509) **chainOut,
262 STACK_OF(X509) **caPubs)
263 {
264 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
265 int bodytype;
266 OSSL_CMP_PKISI *si = NULL;
267
268 if (ctx == NULL || cert_req == NULL
269 || certOut == NULL || chainOut == NULL || caPubs == NULL) {
270 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
271 return NULL;
272 }
273 bodytype = OSSL_CMP_MSG_get_bodytype(cert_req);
274 if (ctx->sendError == 1 || ctx->sendError == bodytype) {
275 ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
276 return NULL;
277 }
278
279 *certOut = NULL;
280 *chainOut = NULL;
281 *caPubs = NULL;
282
283 if (ctx->pollCount > 0 && ctx->curr_pollCount == 0) {
284 /* start polling */
285 if (ctx->req != NULL) {
286 /* already in polling mode */
287 ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_PKIBODY);
288 return NULL;
289 }
290 if ((ctx->req = OSSL_CMP_MSG_dup(cert_req)) == NULL)
291 return NULL;
292 return OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_waiting, 0, NULL);
293 }
294 if (ctx->curr_pollCount >= ctx->pollCount)
295 /* give final response after polling */
296 ctx->curr_pollCount = 0;
297
298 /* accept cert profile for cr messages only with the configured name */
299 if (OSSL_CMP_MSG_get_bodytype(cert_req) == OSSL_CMP_CR) {
300 STACK_OF(OSSL_CMP_ITAV) *itavs =
301 OSSL_CMP_HDR_get0_geninfo_ITAVs(OSSL_CMP_MSG_get0_header(cert_req));
302 int i;
303
304 for (i = 0; i < sk_OSSL_CMP_ITAV_num(itavs); i++) {
305 OSSL_CMP_ITAV *itav = sk_OSSL_CMP_ITAV_value(itavs, i);
306 ASN1_OBJECT *obj = OSSL_CMP_ITAV_get0_type(itav);
307 STACK_OF(ASN1_UTF8STRING) *strs;
308 ASN1_UTF8STRING *str;
309 const char *data;
310
311 if (OBJ_obj2nid(obj) == NID_id_it_certProfile) {
312 if (!OSSL_CMP_ITAV_get0_certProfile(itav, &strs))
313 return NULL;
314 if (sk_ASN1_UTF8STRING_num(strs) < 1) {
315 ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_CERTPROFILE);
316 return NULL;
317 }
318 str = sk_ASN1_UTF8STRING_value(strs, 0);
319 if (str == NULL
320 || (data =
321 (const char *)ASN1_STRING_get0_data(str)) == NULL) {
322 ERR_raise(ERR_LIB_CMP, ERR_R_PASSED_INVALID_ARGUMENT);
323 return NULL;
324 }
325 if (strcmp(data, "profile1") != 0) {
326 ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_CERTPROFILE);
327 return NULL;
328 }
329 break;
330 }
331 }
332 }
333
334 /* accept cert update request only for the reference cert, if given */
335 if (bodytype == OSSL_CMP_KUR
336 && crm != NULL /* thus not p10cr */ && ctx->refCert != NULL) {
337 const OSSL_CRMF_CERTID *cid = OSSL_CRMF_MSG_get0_regCtrl_oldCertID(crm);
338
339 if (cid == NULL) {
340 ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_CERTID);
341 return NULL;
342 }
343 if (!refcert_cmp(ctx->refCert,
344 OSSL_CRMF_CERTID_get0_issuer(cid),
345 OSSL_CRMF_CERTID_get0_serialNumber(cid))) {
346 ERR_raise(ERR_LIB_CMP, CMP_R_WRONG_CERTID);
347 return NULL;
348 }
349 }
350
351 if (ctx->certOut != NULL
352 && (*certOut = X509_dup(ctx->certOut)) == NULL)
353 /* Should return a cert produced from request template, see FR #16054 */
354 goto err;
355 if (ctx->chainOut != NULL
356 && (*chainOut = X509_chain_up_ref(ctx->chainOut)) == NULL)
357 goto err;
358 if (ctx->caPubsOut != NULL /* OSSL_CMP_PKIBODY_IP not visible here */
359 && (*caPubs = X509_chain_up_ref(ctx->caPubsOut)) == NULL)
360 goto err;
361 if (ctx->statusOut != NULL
362 && (si = OSSL_CMP_PKISI_dup(ctx->statusOut)) == NULL)
363 goto err;
364 return si;
365
366 err:
367 X509_free(*certOut);
368 *certOut = NULL;
369 OSSL_STACK_OF_X509_free(*chainOut);
370 *chainOut = NULL;
371 OSSL_STACK_OF_X509_free(*caPubs);
372 *caPubs = NULL;
373 return NULL;
374 }
375
376 static OSSL_CMP_PKISI *process_rr(OSSL_CMP_SRV_CTX *srv_ctx,
377 const OSSL_CMP_MSG *rr,
378 const X509_NAME *issuer,
379 const ASN1_INTEGER *serial)
380 {
381 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
382
383 if (ctx == NULL || rr == NULL) {
384 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
385 return NULL;
386 }
387 if (ctx->sendError == 1
388 || ctx->sendError == OSSL_CMP_MSG_get_bodytype(rr)) {
389 ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
390 return NULL;
391 }
392
393 /* allow any RR derived from CSR which does not include issuer and serial */
394 if ((issuer != NULL || serial != NULL)
395 /* accept revocation only for the reference cert, if given */
396 && !refcert_cmp(ctx->refCert, issuer, serial)) {
397 ERR_raise_data(ERR_LIB_CMP, CMP_R_REQUEST_NOT_ACCEPTED,
398 "wrong certificate to revoke");
399 return NULL;
400 }
401 return OSSL_CMP_PKISI_dup(ctx->statusOut);
402 }
403
404 static OSSL_CMP_ITAV *process_genm_itav(mock_srv_ctx *ctx, int req_nid,
405 const OSSL_CMP_ITAV *req)
406 {
407 OSSL_CMP_ITAV *rsp;
408
409 switch (req_nid) {
410 case NID_id_it_caCerts:
411 rsp = OSSL_CMP_ITAV_new_caCerts(ctx->caPubsOut);
412 break;
413 case NID_id_it_rootCaCert:
414 rsp = OSSL_CMP_ITAV_new_rootCaKeyUpdate(ctx->newWithNew,
415 ctx->newWithOld,
416 ctx->oldWithNew);
417 break;
418 default:
419 rsp = OSSL_CMP_ITAV_dup(req);
420 }
421 return rsp;
422 }
423
424 static int process_genm(OSSL_CMP_SRV_CTX *srv_ctx,
425 const OSSL_CMP_MSG *genm,
426 const STACK_OF(OSSL_CMP_ITAV) *in,
427 STACK_OF(OSSL_CMP_ITAV) **out)
428 {
429 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
430
431 if (ctx == NULL || genm == NULL || in == NULL || out == NULL) {
432 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
433 return 0;
434 }
435 if (ctx->sendError == 1
436 || ctx->sendError == OSSL_CMP_MSG_get_bodytype(genm)
437 || sk_OSSL_CMP_ITAV_num(in) > 1) {
438 ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
439 return 0;
440 }
441 if (sk_OSSL_CMP_ITAV_num(in) == 1) {
442 OSSL_CMP_ITAV *req = sk_OSSL_CMP_ITAV_value(in, 0), *rsp;
443 ASN1_OBJECT *obj = OSSL_CMP_ITAV_get0_type(req);
444
445 if ((*out = sk_OSSL_CMP_ITAV_new_reserve(NULL, 1)) == NULL)
446 return 0;
447 rsp = process_genm_itav(ctx, OBJ_obj2nid(obj), req);
448 if (rsp != NULL && sk_OSSL_CMP_ITAV_push(*out, rsp))
449 return 1;
450 sk_OSSL_CMP_ITAV_free(*out);
451 return 0;
452 }
453
454 *out = sk_OSSL_CMP_ITAV_deep_copy(in, OSSL_CMP_ITAV_dup,
455 OSSL_CMP_ITAV_free);
456 return *out != NULL;
457 }
458
459 static void process_error(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *error,
460 const OSSL_CMP_PKISI *statusInfo,
461 const ASN1_INTEGER *errorCode,
462 const OSSL_CMP_PKIFREETEXT *errorDetails)
463 {
464 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
465 char buf[OSSL_CMP_PKISI_BUFLEN];
466 char *sibuf;
467 int i;
468
469 if (ctx == NULL || error == NULL) {
470 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
471 return;
472 }
473
474 BIO_printf(bio_err, "mock server received error:\n");
475
476 if (statusInfo == NULL) {
477 BIO_printf(bio_err, "pkiStatusInfo absent\n");
478 } else {
479 sibuf = OSSL_CMP_snprint_PKIStatusInfo(statusInfo, buf, sizeof(buf));
480 BIO_printf(bio_err, "pkiStatusInfo: %s\n",
481 sibuf != NULL ? sibuf: "<invalid>");
482 }
483
484 if (errorCode == NULL)
485 BIO_printf(bio_err, "errorCode absent\n");
486 else
487 BIO_printf(bio_err, "errorCode: %ld\n", ASN1_INTEGER_get(errorCode));
488
489 if (sk_ASN1_UTF8STRING_num(errorDetails) <= 0) {
490 BIO_printf(bio_err, "errorDetails absent\n");
491 } else {
492 BIO_printf(bio_err, "errorDetails: ");
493 for (i = 0; i < sk_ASN1_UTF8STRING_num(errorDetails); i++) {
494 if (i > 0)
495 BIO_printf(bio_err, ", ");
496 ASN1_STRING_print_ex(bio_err,
497 sk_ASN1_UTF8STRING_value(errorDetails, i),
498 ASN1_STRFLGS_ESC_QUOTE);
499 }
500 BIO_printf(bio_err, "\n");
501 }
502 }
503
504 static int process_certConf(OSSL_CMP_SRV_CTX *srv_ctx,
505 const OSSL_CMP_MSG *certConf,
506 ossl_unused int certReqId,
507 const ASN1_OCTET_STRING *certHash,
508 const OSSL_CMP_PKISI *si)
509 {
510 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
511 ASN1_OCTET_STRING *digest;
512
513 if (ctx == NULL || certConf == NULL || certHash == NULL) {
514 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
515 return 0;
516 }
517 if (ctx->sendError == 1
518 || ctx->sendError == OSSL_CMP_MSG_get_bodytype(certConf)
519 || ctx->certOut == NULL) {
520 ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
521 return 0;
522 }
523
524 if ((digest = X509_digest_sig(ctx->certOut, NULL, NULL)) == NULL)
525 return 0;
526 if (ASN1_OCTET_STRING_cmp(certHash, digest) != 0) {
527 ASN1_OCTET_STRING_free(digest);
528 ERR_raise(ERR_LIB_CMP, CMP_R_CERTHASH_UNMATCHED);
529 return 0;
530 }
531 ASN1_OCTET_STRING_free(digest);
532 return 1;
533 }
534
535 /* return 0 on failure, 1 on success, setting *req or otherwise *check_after */
536 static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx,
537 const OSSL_CMP_MSG *pollReq,
538 ossl_unused int certReqId,
539 OSSL_CMP_MSG **req, int64_t *check_after)
540 {
541 mock_srv_ctx *ctx = OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx);
542
543 if (req != NULL)
544 *req = NULL;
545 if (ctx == NULL || pollReq == NULL
546 || req == NULL || check_after == NULL) {
547 ERR_raise(ERR_LIB_CMP, CMP_R_NULL_ARGUMENT);
548 return 0;
549 }
550
551 if (ctx->sendError == 1
552 || ctx->sendError == OSSL_CMP_MSG_get_bodytype(pollReq)) {
553 ERR_raise(ERR_LIB_CMP, CMP_R_ERROR_PROCESSING_MESSAGE);
554 return 0;
555 }
556 if (ctx->req == NULL) { /* not currently in polling mode */
557 ERR_raise(ERR_LIB_CMP, CMP_R_UNEXPECTED_POLLREQ);
558 return 0;
559 }
560
561 if (++ctx->curr_pollCount >= ctx->pollCount) {
562 /* end polling */
563 *req = ctx->req;
564 ctx->req = NULL;
565 *check_after = 0;
566 } else {
567 *check_after = ctx->checkAfterTime;
568 }
569 return 1;
570 }
571
572 OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq)
573 {
574 OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, propq);
575 mock_srv_ctx *ctx = mock_srv_ctx_new();
576
577 if (srv_ctx != NULL && ctx != NULL
578 && OSSL_CMP_SRV_CTX_init(srv_ctx, ctx, process_cert_request,
579 process_rr, process_genm, process_error,
580 process_certConf, process_pollReq)
581 && OSSL_CMP_SRV_CTX_init_trans(srv_ctx,
582 delayed_delivery, clean_transaction))
583 return srv_ctx;
584
585 mock_srv_ctx_free(ctx);
586 OSSL_CMP_SRV_CTX_free(srv_ctx);
587 return NULL;
588 }
589
590 void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx)
591 {
592 if (srv_ctx != NULL)
593 mock_srv_ctx_free(OSSL_CMP_SRV_CTX_get0_custom_ctx(srv_ctx));
594 OSSL_CMP_SRV_CTX_free(srv_ctx);
595 }
A mirror of the official openssl repository