CMP test server: Extend error reporting on cert rejected for revocation

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15053)

diff --git a/apps/cmp_mock_srv.c b/apps/cmp_mock_srv.c
index 856dbefd97ebab99cbf706f0d4d1545adda2ea25..1e6a27210c838d0ec97770c69dd2f98beef0ff8f 100644 (file)
--- a/apps/cmp_mock_srv.c
+++ b/apps/cmp_mock_srv.c
@@ -251,7 +251,8 @@ static OSSL_CMP_PKISI *process_rr(OSSL_CMP_SRV_CTX *srv_ctx,
     if (X509_NAME_cmp(issuer, X509_get_issuer_name(ctx->certOut)) != 0
             || ASN1_INTEGER_cmp(serial,
                                 X509_get0_serialNumber(ctx->certOut)) != 0) {
-        ERR_raise(ERR_LIB_CMP, CMP_R_REQUEST_NOT_ACCEPTED);
+        ERR_raise_data(ERR_LIB_CMP, CMP_R_REQUEST_NOT_ACCEPTED,
+                       "wrong certificate to revoke");
         return NULL;
     }
     return OSSL_CMP_PKISI_dup(ctx->statusOut);

diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c
index 0545d98b4ff021682f8a490801d7ae15d9fc3545..73c14841ca39ddf7dfebeabb684aa80795aa83e0 100644 (file)
--- a/crypto/cmp/cmp_server.c
+++ b/crypto/cmp/cmp_server.c
@@ -581,7 +581,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx,
         }
 
         if ((si = OSSL_CMP_STATUSINFO_new(OSSL_CMP_PKISTATUS_rejection,
-                                          fail_info, NULL)) != NULL) {
+                                          fail_info, data)) != NULL) {
             if (err != 0 && (flags & ERR_TXT_STRING) != 0)
                 data = ERR_reason_error_string(err);
             rsp = ossl_cmp_error_new(srv_ctx->ctx, si,