1 #include <check.h>
2 #include "scep.h"
3 #include "test_message_common.c"
make_message()4 static PKCS7 *make_message()
5 {
6 PKCS7 *p7;
7 ck_assert(scep_get_cert_initial(
8 handle, req, sig_cert, sig_key,
9 sig_cacert, enc_cacert, &p7) == SCEPE_OK);
10 return p7;
11 }
12
setup()13 static void setup()
14 {
15 generic_setup();
16 p7 = make_message();
17 scep_conf_set(handle, SCEPCFG_FLAG_SET, SCEP_SKIP_SIGNER_CERT);
18 p7_nosigcert = make_message();
19 scep_conf_set(handle, SCEPCFG_FLAG_CLEAR, SCEP_SKIP_SIGNER_CERT);
20 }
21
22 #ifdef WITH_ENGINE_TESTS
setup_engine()23 static void setup_engine()
24 {
25 generic_engine_setup();
26 p7 = make_message();
27 scep_conf_set(handle, SCEPCFG_FLAG_SET, SCEP_SKIP_SIGNER_CERT);
28 p7_nosigcert = make_message();
29 scep_conf_set(handle, SCEPCFG_FLAG_CLEAR, SCEP_SKIP_SIGNER_CERT);
30 }
31 #endif /* WITH_ENGINE_TESTS */
32
teardown()33 static void teardown()
34 {
35 PKCS7_free(p7);
36 PKCS7_free(p7_nosigcert);
37 generic_teardown();
38 }
39
make_unwrap_message()40 static SCEP_DATA *make_unwrap_message()
41 {
42 PKCS7 *p7 = NULL;
43 SCEP_DATA *data;
44 SCEP_ERROR error = scep_get_cert_initial(handle, req, sig_cert, sig_key, enc_cacert, enc_cacert, &p7);
45 ck_assert(error == SCEPE_OK);
46 ck_assert(p7 != NULL);
47 ck_assert(scep_unwrap(
48 handle, p7, sig_cacert, enc_cacert, enc_cakey, &data) == SCEPE_OK);
49 PKCS7_free(p7);
50 return data;
51 }
52
free_unwrap_message(SCEP_DATA * data)53 static void free_unwrap_message(SCEP_DATA *data)
54 {
55 SCEP_DATA_free(data);
56 }
57
START_TEST(test_get_cert_initial)58 START_TEST(test_get_cert_initial)
59 {
60 BIO *data = get_decrypted_data(p7, enc_cacert, enc_cakey);
61
62 const unsigned char *data_buf;
63 int data_buf_len = BIO_get_mem_data(data, &data_buf);
64 ck_assert_int_ne(data_buf_len, 0);
65
66 ck_assert_str_eq(
67 SCEP_MSG_GETCERTINITIAL_STR,
68 get_attribute_data(p7, handle->oids->messageType));
69
70 PKCS7_ISSUER_AND_SUBJECT *ias = NULL;
71 d2i_PKCS7_ISSUER_AND_SUBJECT(&ias, &data_buf, data_buf_len);
72 ck_assert(ias != NULL);
73 char *name = X509_NAME_oneline(ias->subject, NULL, 0);
74 ck_assert_str_eq(name, "/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=foo.bar");
75 free(name);
76 name = X509_NAME_oneline(ias->issuer, NULL, 0);
77 ck_assert_str_eq(name, "/C=DE/ST=asdf/L=asdf/O=asdf/CN=ca");
78 free(name);
79 PKCS7_ISSUER_AND_SUBJECT_free(ias);
80 BIO_free(data);
81 }
82 END_TEST
83
START_TEST(test_unwrap)84 START_TEST(test_unwrap)
85 {
86 SCEP_DATA *data = make_unwrap_message();
87 ck_assert_int_eq(X509_NAME_cmp(data->issuer_and_subject->issuer, X509_get_subject_name(sig_cacert)), 0);
88 ck_assert_int_eq(X509_NAME_cmp(data->issuer_and_subject->subject, X509_REQ_get_subject_name(req)), 0);
89 free_unwrap_message(data);
90 }
91 END_TEST
92
add_get_cert_initial(Suite * s)93 void add_get_cert_initial(Suite *s)
94 {
95 TCase *tc_gci_msg = tcase_create("GetCertInitial Message");
96 tcase_add_checked_fixture(tc_gci_msg, setup, teardown);
97 tcase_add_test(tc_gci_msg, test_scep_message_transaction_id);
98 tcase_add_test(tc_gci_msg, test_scep_message_sender_nonce);
99 tcase_add_test(tc_gci_msg, test_scep_message_certificate);
100 tcase_add_test(tc_gci_msg, test_get_cert_initial);
101 suite_add_tcase(s, tc_gci_msg);
102
103 TCase *tc_unwrap = tcase_create("GetCertInitial Unwrapping");
104 tcase_add_unchecked_fixture(tc_unwrap, setup, teardown);
105 tcase_add_test(tc_unwrap, test_unwrap);
106 tcase_add_test(tc_unwrap, test_unwrap_invalid_version);
107 suite_add_tcase(s, tc_unwrap);
108
109 #ifdef WITH_ENGINE_TESTS
110 /* We need a checked fixture on all engine tests, possibly because
111 * the engine process cannot deal with the forking of check
112 */
113 TCase *tc_gci_msg_engine = tcase_create("GetCertInitial Message with Engine");
114 tcase_add_checked_fixture(tc_gci_msg_engine, setup_engine, teardown);
115 tcase_add_test(tc_gci_msg_engine, test_scep_message_transaction_id);
116 tcase_add_test(tc_gci_msg_engine, test_scep_message_sender_nonce);
117 tcase_add_test(tc_gci_msg_engine, test_scep_message_certificate);
118 tcase_add_test(tc_gci_msg_engine, test_get_cert_initial);
119 suite_add_tcase(s, tc_gci_msg_engine);
120
121 TCase *tc_unwrap_engine = tcase_create("GetCertInitial Unwrapping with Engine");
122 tcase_add_checked_fixture(tc_unwrap_engine, setup_engine, teardown);
123 tcase_add_test(tc_unwrap_engine, test_unwrap);
124 tcase_add_test(tc_unwrap_engine, test_unwrap_invalid_version);
125 suite_add_tcase(s, tc_unwrap_engine);
126 #endif /* WITH_ENGINE_TESTS */
127 }