]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/cmp_protect_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Teach ssl_test_new how to test the FIPS module
[thirdparty/openssl.git] / test / cmp_protect_test.c
1 /*
2 * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Nokia 2007-2019
4 * Copyright Siemens AG 2015-2019
5 *
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
10 */
11
12 #include "cmp_testlib.h"
13
14 static const char *ir_protected_f;
15 static const char *ir_unprotected_f;
16 static const char *ip_PBM_f;
17
18 typedef struct test_fixture {
19 const char *test_case_name;
20 OSSL_CMP_CTX *cmp_ctx;
21 /* for protection tests */
22 OSSL_CMP_MSG *msg;
23 OSSL_CMP_PKISI *si; /* for error and response messages */
24 ASN1_OCTET_STRING *secret;
25 EVP_PKEY *privkey;
26 EVP_PKEY *pubkey;
27 unsigned char *mem;
28 int memlen;
29 X509 *cert;
30 STACK_OF(X509) *certs;
31 STACK_OF(X509) *chain;
32 int callback_arg;
33 int expected;
34 } CMP_PROTECT_TEST_FIXTURE;
35
36 static void tear_down(CMP_PROTECT_TEST_FIXTURE *fixture)
37 {
38 OSSL_CMP_CTX_free(fixture->cmp_ctx);
39 OSSL_CMP_MSG_free(fixture->msg);
40 ASN1_OCTET_STRING_free(fixture->secret);
41 OSSL_CMP_PKISI_free(fixture->si);
42
43 OPENSSL_free(fixture->mem);
44 sk_X509_free(fixture->certs);
45 sk_X509_free(fixture->chain);
46
47 OPENSSL_free(fixture);
48 }
49
50 static CMP_PROTECT_TEST_FIXTURE *set_up(const char *const test_case_name)
51 {
52 CMP_PROTECT_TEST_FIXTURE *fixture;
53
54 if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))))
55 return NULL;
56 fixture->test_case_name = test_case_name;
57 if (!TEST_ptr(fixture->cmp_ctx = OSSL_CMP_CTX_new())) {
58 tear_down(fixture);
59 return NULL;
60 }
61 return fixture;
62 }
63
64 static EVP_PKEY *loadedprivkey = NULL;
65 static EVP_PKEY *loadedpubkey = NULL;
66 static EVP_PKEY *loadedkey = NULL;
67 static X509 *cert = NULL;
68 static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
69 static OSSL_CMP_MSG *ir_unprotected, *ir_protected;
70 static X509 *endentity1 = NULL, *endentity2 = NULL,
71 *root = NULL, *intermediate = NULL;
72
73 static int execute_calc_protection_fails_test(CMP_PROTECT_TEST_FIXTURE *fixture)
74 {
75 ASN1_BIT_STRING *protection =
76 ossl_cmp_calc_protection(fixture->msg, fixture->secret,
77 fixture->privkey);
78 int res = TEST_ptr_null(protection);
79
80 ASN1_BIT_STRING_free(protection);
81 return res;
82 }
83
84 static int execute_calc_protection_pbmac_test(CMP_PROTECT_TEST_FIXTURE *fixture)
85 {
86 ASN1_BIT_STRING *protection =
87 ossl_cmp_calc_protection(fixture->msg, fixture->secret, NULL);
88 int res = TEST_ptr(protection)
89 && TEST_true(ASN1_STRING_cmp(protection,
90 fixture->msg->protection) == 0);
91
92 ASN1_BIT_STRING_free(protection);
93 return res;
94 }
95
96 /*
97 * This function works similarly to parts of CMP_verify_signature in cmp_vfy.c,
98 * but without the need for a OSSL_CMP_CTX or a X509 certificate
99 */
100 static int verify_signature(OSSL_CMP_MSG *msg,
101 ASN1_BIT_STRING *protection,
102 EVP_PKEY *pkey, int digest_nid)
103 {
104 OSSL_CMP_PROTECTEDPART prot_part;
105 unsigned char *prot_part_der = NULL;
106 int len;
107 EVP_MD_CTX *ctx = NULL;
108 const EVP_MD *digest = EVP_get_digestbynid(digest_nid);
109 int res;
110
111 prot_part.header = OSSL_CMP_MSG_get0_header(msg);
112 prot_part.body = msg->body;
113 len = i2d_OSSL_CMP_PROTECTEDPART(&prot_part, &prot_part_der);
114 res =
115 TEST_int_ge(len, 0)
116 && TEST_ptr(ctx = EVP_MD_CTX_new())
117 && TEST_true(EVP_DigestVerifyInit(ctx, NULL, digest, NULL, pkey))
118 && TEST_int_eq(EVP_DigestVerify(ctx, protection->data,
119 protection->length,
120 prot_part_der, len), 1);
121 /* cleanup */
122 EVP_MD_CTX_free(ctx);
123 OPENSSL_free(prot_part_der);
124 return res;
125 }
126
127 /* Calls OSSL_CMP_calc_protection and compares and verifies signature */
128 static int execute_calc_protection_signature_test(CMP_PROTECT_TEST_FIXTURE *
129 fixture)
130 {
131 ASN1_BIT_STRING *protection =
132 ossl_cmp_calc_protection(fixture->msg, NULL, fixture->privkey);
133 int ret = (TEST_ptr(protection)
134 && TEST_true(ASN1_STRING_cmp(protection,
135 fixture->msg->protection) == 0)
136 && TEST_true(verify_signature(fixture->msg, protection,
137 fixture->pubkey,
138 fixture->cmp_ctx->digest)));
139
140 ASN1_BIT_STRING_free(protection);
141 return ret;
142 }
143
144 static int test_cmp_calc_protection_no_key_no_secret(void)
145 {
146 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
147 if (!TEST_ptr(fixture->msg = load_pkimsg(ir_unprotected_f))
148 || !TEST_ptr(fixture->msg->header->protectionAlg =
149 X509_ALGOR_new() /* no specific alg needed here */)) {
150 tear_down(fixture);
151 fixture = NULL;
152 }
153
154 EXECUTE_TEST(execute_calc_protection_fails_test, tear_down);
155 return result;
156 }
157
158 static int test_cmp_calc_protection_pkey(void)
159 {
160 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
161 fixture->pubkey = loadedpubkey;
162 fixture->privkey = loadedprivkey;
163 if (!TEST_ptr(fixture->msg = load_pkimsg(ir_protected_f))) {
164 tear_down(fixture);
165 fixture = NULL;
166 }
167 EXECUTE_TEST(execute_calc_protection_signature_test, tear_down);
168 return result;
169 }
170
171 static int test_cmp_calc_protection_pbmac(void)
172 {
173 unsigned char sec_insta[] = { 'i', 'n', 's', 't', 'a' };
174
175 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
176 if (!TEST_ptr(fixture->secret = ASN1_OCTET_STRING_new())
177 || !TEST_true(ASN1_OCTET_STRING_set
178 (fixture->secret, sec_insta, sizeof(sec_insta)))
179 || !TEST_ptr(fixture->msg = load_pkimsg(ip_PBM_f))) {
180 tear_down(fixture);
181 fixture = NULL;
182 }
183 EXECUTE_TEST(execute_calc_protection_pbmac_test, tear_down);
184 return result;
185 }
186 static int execute_MSG_protect_test(CMP_PROTECT_TEST_FIXTURE *fixture)
187 {
188 return TEST_int_eq(fixture->expected,
189 ossl_cmp_msg_protect(fixture->cmp_ctx, fixture->msg));
190 }
191
192 #define SET_OPT_UNPROTECTED_SEND(ctx, val) \
193 OSSL_CMP_CTX_set_option((ctx), OSSL_CMP_OPT_UNPROTECTED_SEND, (val))
194 static int test_MSG_protect_unprotected_request(void)
195 {
196 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
197
198 fixture->expected = 1;
199 if (!TEST_ptr(fixture->msg = OSSL_CMP_MSG_dup(ir_unprotected))
200 || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 1))) {
201 tear_down(fixture);
202 fixture = NULL;
203 }
204 EXECUTE_TEST(execute_MSG_protect_test, tear_down);
205 return result;
206 }
207
208 static int test_MSG_protect_with_msg_sig_alg_protection_plus_rsa_key(void)
209 {
210 const size_t size = sizeof(rand_data) / 2;
211
212 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
213 fixture->expected = 1;
214
215 if (!TEST_ptr(fixture->msg =
216 OSSL_CMP_MSG_dup(ir_unprotected))
217 || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0))
218 /*
219 * Use half of the 16 bytes of random input
220 * for each reference and secret value
221 */
222 || !TEST_true(OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
223 rand_data, size))
224 || !TEST_true(OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
225 rand_data + size,
226 size))) {
227 tear_down(fixture);
228 fixture = NULL;
229 }
230 EXECUTE_TEST(execute_MSG_protect_test, tear_down);
231 return result;
232 }
233
234 static int test_MSG_protect_with_certificate_and_key(void)
235 {
236 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
237 fixture->expected = 1;
238
239 if (!TEST_ptr(fixture->msg =
240 OSSL_CMP_MSG_dup(ir_unprotected))
241 || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0))
242 || !TEST_true(OSSL_CMP_CTX_set1_pkey(fixture->cmp_ctx, loadedkey))
243 || !TEST_true(OSSL_CMP_CTX_set1_clCert(fixture->cmp_ctx, cert))) {
244 tear_down(fixture);
245 fixture = NULL;
246 }
247 EXECUTE_TEST(execute_MSG_protect_test, tear_down);
248 return result;
249 }
250
251 static int test_MSG_protect_certificate_based_without_cert(void)
252 {
253 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
254 OSSL_CMP_CTX *ctx = fixture->cmp_ctx;
255
256 fixture->expected = 0;
257 if (!TEST_ptr(fixture->msg =
258 OSSL_CMP_MSG_dup(ir_unprotected))
259 || !TEST_true(SET_OPT_UNPROTECTED_SEND(ctx, 0))
260 || !TEST_true(OSSL_CMP_CTX_set0_newPkey(ctx, 1, loadedkey))) {
261 tear_down(fixture);
262 fixture = NULL;
263 }
264 EVP_PKEY_up_ref(loadedkey);
265 EXECUTE_TEST(execute_MSG_protect_test, tear_down);
266 return result;
267 }
268
269 static int test_MSG_protect_no_key_no_secret(void)
270 {
271 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
272 fixture->expected = 0;
273 if (!TEST_ptr(fixture->msg = OSSL_CMP_MSG_dup(ir_unprotected))
274 || !TEST_true(SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0))) {
275 tear_down(fixture);
276 fixture = NULL;
277 }
278 EXECUTE_TEST(execute_MSG_protect_test, tear_down);
279 return result;
280 }
281
282 static int test_MSG_protect_pbmac_no_sender(int with_ref)
283 {
284 static unsigned char secret[] = { 47, 11, 8, 15 };
285 static unsigned char ref[] = { 0xca, 0xfe, 0xba, 0xbe };
286
287 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
288 fixture->expected = with_ref;
289 if (!TEST_ptr(fixture->msg = OSSL_CMP_MSG_dup(ir_unprotected))
290 || !SET_OPT_UNPROTECTED_SEND(fixture->cmp_ctx, 0)
291 || !ossl_cmp_hdr_set1_sender(fixture->msg->header, NULL)
292 || !OSSL_CMP_CTX_set1_secretValue(fixture->cmp_ctx,
293 secret, sizeof(secret))
294 || (!OSSL_CMP_CTX_set1_referenceValue(fixture->cmp_ctx,
295 with_ref ? ref : NULL,
296 sizeof(ref)))) {
297 tear_down(fixture);
298 fixture = NULL;
299 }
300 EXECUTE_TEST(execute_MSG_protect_test, tear_down);
301 return result;
302 }
303
304 static int test_MSG_protect_pbmac_no_sender_with_ref(void)
305 {
306 return test_MSG_protect_pbmac_no_sender(1);
307 }
308
309 static int test_MSG_protect_pbmac_no_sender_no_ref(void)
310 {
311 return test_MSG_protect_pbmac_no_sender(0);
312 }
313
314 static int execute_MSG_add_extraCerts_test(CMP_PROTECT_TEST_FIXTURE *fixture)
315 {
316 return TEST_true(ossl_cmp_msg_add_extraCerts(fixture->cmp_ctx,
317 fixture->msg));
318 }
319
320 static int test_MSG_add_extraCerts(void)
321 {
322 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
323 if (!TEST_ptr(fixture->msg = OSSL_CMP_MSG_dup(ir_protected))) {
324 tear_down(fixture);
325 fixture = NULL;
326 }
327 EXECUTE_TEST(execute_MSG_add_extraCerts_test, tear_down);
328 return result;
329 }
330
331 #ifndef OPENSSL_NO_EC
332 /* The cert chain tests use EC certs so we skip them in no-ec builds */
333 static int execute_cmp_build_cert_chain_test(CMP_PROTECT_TEST_FIXTURE *fixture)
334 {
335 STACK_OF(X509) *result = NULL;
336 int ret = 0;
337
338 if (TEST_ptr(result = ossl_cmp_build_cert_chain(fixture->certs,
339 fixture->cert))) {
340 /* Check whether chain built is equal to the expected one */
341 ret = TEST_int_eq(0, STACK_OF_X509_cmp(result, fixture->chain));
342 sk_X509_pop_free(result, X509_free);
343 }
344 return ret;
345 }
346
347 static int test_cmp_build_cert_chain(void)
348 {
349 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
350 fixture->cert = endentity2;
351 if (!TEST_ptr(fixture->certs = sk_X509_new_null())
352 || !TEST_ptr(fixture->chain = sk_X509_new_null())
353 || !TEST_true(sk_X509_push(fixture->certs, endentity1))
354 || !TEST_true(sk_X509_push(fixture->certs, root))
355 || !TEST_true(sk_X509_push(fixture->certs, intermediate))
356 || !TEST_true(sk_X509_push(fixture->chain, endentity2))
357 || !TEST_true(sk_X509_push(fixture->chain, intermediate))) {
358 tear_down(fixture);
359 fixture = NULL;
360 }
361 EXECUTE_TEST(execute_cmp_build_cert_chain_test, tear_down);
362 return result;
363 }
364
365 static int test_cmp_build_cert_chain_missing_intermediate(void)
366 {
367 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
368 fixture->cert = endentity2;
369 if (!TEST_ptr(fixture->certs = sk_X509_new_null())
370 || !TEST_ptr(fixture->chain = sk_X509_new_null())
371 || !TEST_true(sk_X509_push(fixture->certs, endentity1))
372 || !TEST_true(sk_X509_push(fixture->certs, root))
373 || !TEST_true(sk_X509_push(fixture->chain, endentity2))) {
374 tear_down(fixture);
375 fixture = NULL;
376 }
377 EXECUTE_TEST(execute_cmp_build_cert_chain_test, tear_down);
378 return result;
379 }
380
381 static int test_cmp_build_cert_chain_missing_root(void)
382 {
383 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
384 fixture->cert = endentity2;
385 if (!TEST_ptr(fixture->certs = sk_X509_new_null())
386 || !TEST_ptr(fixture->chain = sk_X509_new_null())
387 || !TEST_true(sk_X509_push(fixture->certs, endentity1))
388 || !TEST_true(sk_X509_push(fixture->certs, intermediate))
389 || !TEST_true(sk_X509_push(fixture->chain, endentity2))
390 || !TEST_true(sk_X509_push(fixture->chain, intermediate))) {
391 tear_down(fixture);
392 fixture = NULL;
393 }
394 EXECUTE_TEST(execute_cmp_build_cert_chain_test, tear_down);
395 return result;
396 }
397
398 static int test_cmp_build_cert_chain_no_certs(void)
399 {
400 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
401 fixture->cert = endentity2;
402 if (!TEST_ptr(fixture->certs = sk_X509_new_null())
403 || !TEST_ptr(fixture->chain = sk_X509_new_null())
404 || !TEST_true(sk_X509_push(fixture->chain, endentity2))) {
405 tear_down(fixture);
406 fixture = NULL;
407 }
408 EXECUTE_TEST(execute_cmp_build_cert_chain_test, tear_down);
409 return result;
410 }
411 #endif /* OPENSSL_NO_EC */
412
413 static int execute_X509_STORE_test(CMP_PROTECT_TEST_FIXTURE *fixture)
414 {
415 X509_STORE *store = X509_STORE_new();
416 STACK_OF(X509) *sk = NULL;
417 int res = 0;
418
419 if (!TEST_true(ossl_cmp_X509_STORE_add1_certs(store,
420 fixture->certs,
421 fixture->callback_arg)))
422 goto err;
423 sk = X509_STORE_get1_all_certs(store);
424 if (!TEST_int_eq(0, STACK_OF_X509_cmp(sk, fixture->chain)))
425 goto err;
426 res = 1;
427 err:
428 X509_STORE_free(store);
429 sk_X509_pop_free(sk, X509_free);
430 return res;
431
432 }
433
434 static int test_X509_STORE(void)
435 {
436 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
437 fixture->callback_arg = 0; /* self-issued allowed */
438 if (!TEST_ptr(fixture->certs = sk_X509_new_null())
439 || !sk_X509_push(fixture->certs, endentity1)
440 || !sk_X509_push(fixture->certs, endentity2)
441 || !sk_X509_push(fixture->certs, root)
442 || !sk_X509_push(fixture->certs, intermediate)
443 || !TEST_ptr(fixture->chain = sk_X509_dup(fixture->certs))) {
444 tear_down(fixture);
445 fixture = NULL;
446 }
447 EXECUTE_TEST(execute_X509_STORE_test, tear_down);
448 return result;
449 }
450
451 static int test_X509_STORE_only_self_issued(void)
452 {
453 SETUP_TEST_FIXTURE(CMP_PROTECT_TEST_FIXTURE, set_up);
454 fixture->certs = sk_X509_new_null();
455 fixture->chain = sk_X509_new_null();
456 fixture->callback_arg = 1; /* only self-issued */
457 if (!TEST_true(sk_X509_push(fixture->certs, endentity1))
458 || !TEST_true(sk_X509_push(fixture->certs, endentity2))
459 || !TEST_true(sk_X509_push(fixture->certs, root))
460 || !TEST_true(sk_X509_push(fixture->certs, intermediate))
461 || !TEST_true(sk_X509_push(fixture->chain, root))) {
462 tear_down(fixture);
463 fixture = NULL;
464 }
465 EXECUTE_TEST(execute_X509_STORE_test, tear_down);
466 return result;
467 }
468
469
470 void cleanup_tests(void)
471 {
472 EVP_PKEY_free(loadedprivkey);
473 EVP_PKEY_free(loadedpubkey);
474 EVP_PKEY_free(loadedkey);
475 X509_free(cert);
476 X509_free(endentity1);
477 X509_free(endentity2);
478 X509_free(root);
479 X509_free(intermediate);
480 OSSL_CMP_MSG_free(ir_protected);
481 OSSL_CMP_MSG_free(ir_unprotected);
482
483 }
484
485 int setup_tests(void)
486 {
487 char *server_f;
488 char *server_key_f;
489 char *server_cert_f;
490 char *endentity1_f;
491 char *endentity2_f;
492 char *root_f;
493 char *intermediate_f;
494
495 if (!test_skip_common_options()) {
496 TEST_error("Error parsing test options\n");
497 return 0;
498 }
499
500 RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH);
501 if (!TEST_ptr(server_f = test_get_argument(0))
502 || !TEST_ptr(ir_protected_f = test_get_argument(1))
503 || !TEST_ptr(ir_unprotected_f = test_get_argument(2))
504 || !TEST_ptr(ip_PBM_f = test_get_argument(3))
505 || !TEST_ptr(server_cert_f = test_get_argument(4))
506 || !TEST_ptr(server_key_f = test_get_argument(5))
507 || !TEST_ptr(endentity1_f = test_get_argument(6))
508 || !TEST_ptr(endentity2_f = test_get_argument(7))
509 || !TEST_ptr(root_f = test_get_argument(8))
510 || !TEST_ptr(intermediate_f = test_get_argument(9))) {
511 TEST_error("usage: cmp_protect_test server.pem "
512 "IR_protected.der IR_unprotected.der IP_PBM.der "
513 "server.crt server.pem"
514 "EndEntity1.crt EndEntity2.crt "
515 "Root_CA.crt Intermediate_CA.crt\n");
516 return 0;
517 }
518 if (!TEST_ptr(loadedkey = load_pem_key(server_key_f))
519 || !TEST_ptr(cert = load_pem_cert(server_cert_f)))
520 return 0;
521
522 if (!TEST_ptr(loadedprivkey = load_pem_key(server_f)))
523 return 0;
524 if (TEST_true(EVP_PKEY_up_ref(loadedprivkey)))
525 loadedpubkey = loadedprivkey;
526 if (!TEST_ptr(ir_protected = load_pkimsg(ir_protected_f))
527 || !TEST_ptr(ir_unprotected = load_pkimsg(ir_unprotected_f)))
528 return 0;
529 if (!TEST_ptr(endentity1 = load_pem_cert(endentity1_f))
530 || !TEST_ptr(endentity2 = load_pem_cert(endentity2_f))
531 || !TEST_ptr(root = load_pem_cert(root_f))
532 || !TEST_ptr(intermediate = load_pem_cert(intermediate_f)))
533 return 0;
534 if (!TEST_int_eq(1, RAND_bytes(rand_data, OSSL_CMP_TRANSACTIONID_LENGTH)))
535 return 0;
536
537 /* Message protection tests */
538 ADD_TEST(test_cmp_calc_protection_no_key_no_secret);
539 ADD_TEST(test_cmp_calc_protection_pkey);
540 ADD_TEST(test_cmp_calc_protection_pbmac);
541
542 ADD_TEST(test_MSG_protect_with_msg_sig_alg_protection_plus_rsa_key);
543 ADD_TEST(test_MSG_protect_with_certificate_and_key);
544 ADD_TEST(test_MSG_protect_certificate_based_without_cert);
545 ADD_TEST(test_MSG_protect_unprotected_request);
546 ADD_TEST(test_MSG_protect_no_key_no_secret);
547 ADD_TEST(test_MSG_protect_pbmac_no_sender_with_ref);
548 ADD_TEST(test_MSG_protect_pbmac_no_sender_no_ref);
549 ADD_TEST(test_MSG_add_extraCerts);
550
551 #ifndef OPENSSL_NO_EC
552 ADD_TEST(test_cmp_build_cert_chain);
553 ADD_TEST(test_cmp_build_cert_chain_missing_root);
554 ADD_TEST(test_cmp_build_cert_chain_missing_intermediate);
555 ADD_TEST(test_cmp_build_cert_chain_no_certs);
556 #endif
557
558 ADD_TEST(test_X509_STORE);
559 ADD_TEST(test_X509_STORE_only_self_issued);
560
561 return 1;
562 }
A mirror of the official openssl repository