2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
12 #include <openssl/e_os2.h>
13 #include <openssl/crypto.h>
16 #include "ssl_test_ctx.h"
18 /* True enums and other test configuration values that map to an int. */
25 __owur static int parse_enum(const test_enum *enums, size_t num_enums,
26 int *value, const char *name)
29 for (i = 0; i < num_enums; i++) {
30 if (strcmp(enums[i].name, name) == 0) {
31 *value = enums[i].value;
38 static const char *enum_name(const test_enum *enums, size_t num_enums,
42 for (i = 0; i < num_enums; i++) {
43 if (enums[i].value == value) {
47 return "InvalidValue";
55 static const test_enum ssl_test_results[] = {
56 {"Success", SSL_TEST_SUCCESS},
57 {"ServerFail", SSL_TEST_SERVER_FAIL},
58 {"ClientFail", SSL_TEST_CLIENT_FAIL},
59 {"InternalError", SSL_TEST_INTERNAL_ERROR},
62 __owur static int parse_expected_result(SSL_TEST_CTX *test_ctx, const char *value)
65 if (!parse_enum(ssl_test_results, OSSL_NELEM(ssl_test_results),
69 test_ctx->expected_result = ret_value;
73 const char *ssl_test_result_name(ssl_test_result_t result)
75 return enum_name(ssl_test_results, OSSL_NELEM(ssl_test_results), result);
78 /******************************/
79 /* ClientAlert / ServerAlert. */
80 /******************************/
82 static const test_enum ssl_alerts[] = {
83 {"UnknownCA", SSL_AD_UNKNOWN_CA},
84 {"HandshakeFailure", SSL_AD_HANDSHAKE_FAILURE},
85 {"UnrecognizedName", SSL_AD_UNRECOGNIZED_NAME},
86 {"BadCertificate", SSL_AD_BAD_CERTIFICATE},
87 {"NoApplicationProtocol", SSL_AD_NO_APPLICATION_PROTOCOL},
90 __owur static int parse_alert(int *alert, const char *value)
92 return parse_enum(ssl_alerts, OSSL_NELEM(ssl_alerts), alert, value);
95 __owur static int parse_client_alert(SSL_TEST_CTX *test_ctx, const char *value)
97 return parse_alert(&test_ctx->client_alert, value);
100 __owur static int parse_server_alert(SSL_TEST_CTX *test_ctx, const char *value)
102 return parse_alert(&test_ctx->server_alert, value);
105 const char *ssl_alert_name(int alert)
107 return enum_name(ssl_alerts, OSSL_NELEM(ssl_alerts), alert);
114 static const test_enum ssl_protocols[] = {
115 {"TLSv1.2", TLS1_2_VERSION},
116 {"TLSv1.1", TLS1_1_VERSION},
117 {"TLSv1", TLS1_VERSION},
118 {"SSLv3", SSL3_VERSION},
119 {"DTLSv1", DTLS1_VERSION},
120 {"DTLSv1.2", DTLS1_2_VERSION},
123 __owur static int parse_protocol(SSL_TEST_CTX *test_ctx, const char *value)
125 return parse_enum(ssl_protocols, OSSL_NELEM(ssl_protocols),
126 &test_ctx->protocol, value);
129 const char *ssl_protocol_name(int protocol)
131 return enum_name(ssl_protocols, OSSL_NELEM(ssl_protocols), protocol);
134 /***********************/
135 /* CertVerifyCallback. */
136 /***********************/
138 static const test_enum ssl_verify_callbacks[] = {
139 {"None", SSL_TEST_VERIFY_NONE},
140 {"AcceptAll", SSL_TEST_VERIFY_ACCEPT_ALL},
141 {"RejectAll", SSL_TEST_VERIFY_REJECT_ALL},
144 __owur static int parse_client_verify_callback(SSL_TEST_CTX *test_ctx,
148 if (!parse_enum(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
149 &ret_value, value)) {
152 test_ctx->client_verify_callback = ret_value;
156 const char *ssl_verify_callback_name(ssl_verify_callback_t callback)
158 return enum_name(ssl_verify_callbacks, OSSL_NELEM(ssl_verify_callbacks),
166 static const test_enum ssl_servername[] = {
167 {"None", SSL_TEST_SERVERNAME_NONE},
168 {"server1", SSL_TEST_SERVERNAME_SERVER1},
169 {"server2", SSL_TEST_SERVERNAME_SERVER2},
170 {"invalid", SSL_TEST_SERVERNAME_INVALID},
173 __owur static int parse_servername(SSL_TEST_CTX *test_ctx,
177 if (!parse_enum(ssl_servername, OSSL_NELEM(ssl_servername),
178 &ret_value, value)) {
181 test_ctx->servername = ret_value;
185 __owur static int parse_expected_servername(SSL_TEST_CTX *test_ctx,
189 if (!parse_enum(ssl_servername, OSSL_NELEM(ssl_servername),
190 &ret_value, value)) {
193 test_ctx->expected_servername = ret_value;
197 const char *ssl_servername_name(ssl_servername_t server)
199 return enum_name(ssl_servername, OSSL_NELEM(ssl_servername),
203 /***********************/
204 /* ServerNameCallback. */
205 /***********************/
207 static const test_enum ssl_servername_callbacks[] = {
208 {"None", SSL_TEST_SERVERNAME_CB_NONE},
209 {"IgnoreMismatch", SSL_TEST_SERVERNAME_IGNORE_MISMATCH},
210 {"RejectMismatch", SSL_TEST_SERVERNAME_REJECT_MISMATCH},
213 __owur static int parse_servername_callback(SSL_TEST_CTX *test_ctx,
217 if (!parse_enum(ssl_servername_callbacks,
218 OSSL_NELEM(ssl_servername_callbacks), &ret_value, value)) {
221 test_ctx->servername_callback = ret_value;
225 const char *ssl_servername_callback_name(ssl_servername_callback_t callback)
227 return enum_name(ssl_servername_callbacks,
228 OSSL_NELEM(ssl_servername_callbacks), callback);
231 /*************************/
232 /* SessionTicketExpected */
233 /*************************/
235 static const test_enum ssl_session_ticket[] = {
236 {"Ignore", SSL_TEST_SESSION_TICKET_IGNORE},
237 {"Yes", SSL_TEST_SESSION_TICKET_YES},
238 {"No", SSL_TEST_SESSION_TICKET_NO},
239 {"Broken", SSL_TEST_SESSION_TICKET_BROKEN},
242 __owur static int parse_session_ticket(SSL_TEST_CTX *test_ctx, const char *value)
245 if (!parse_enum(ssl_session_ticket, OSSL_NELEM(ssl_session_ticket),
246 &ret_value, value)) {
249 test_ctx->session_ticket_expected = ret_value;
253 const char *ssl_session_ticket_name(ssl_session_ticket_t server)
255 return enum_name(ssl_session_ticket,
256 OSSL_NELEM(ssl_session_ticket),
260 /***********************/
262 /***********************/
264 static const test_enum ssl_test_methods[] = {
265 {"TLS", SSL_TEST_METHOD_TLS},
266 {"DTLS", SSL_TEST_METHOD_DTLS},
269 __owur static int parse_test_method(SSL_TEST_CTX *test_ctx, const char *value)
272 if (!parse_enum(ssl_test_methods, OSSL_NELEM(ssl_test_methods),
273 &ret_value, value)) {
276 test_ctx->method = ret_value;
280 const char *ssl_test_method_name(ssl_test_method_t method)
282 return enum_name(ssl_test_methods, OSSL_NELEM(ssl_test_methods), method);
285 #define IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(field) \
286 static int parse_##field(SSL_TEST_CTX *test_ctx, const char *value) \
288 OPENSSL_free(test_ctx->field); \
289 test_ctx->field = OPENSSL_strdup(value); \
290 OPENSSL_assert(test_ctx->field != NULL); \
294 /************************************/
295 /* NPN and ALPN options */
296 /************************************/
298 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(client_npn_protocols)
299 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server_npn_protocols)
300 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server2_npn_protocols)
301 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(expected_npn_protocol)
302 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(client_alpn_protocols)
303 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server_alpn_protocols)
304 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(server2_alpn_protocols)
305 IMPLEMENT_SSL_TEST_CTX_STRING_OPTION(expected_alpn_protocol)
307 /***********************/
309 /***********************/
311 static const test_enum ssl_handshake_modes[] = {
312 {"Simple", SSL_TEST_HANDSHAKE_SIMPLE},
313 {"Resume", SSL_TEST_HANDSHAKE_RESUME},
314 {"Renegotiate", SSL_TEST_HANDSHAKE_RENEGOTIATE},
317 __owur static int parse_handshake_mode(SSL_TEST_CTX *test_ctx, const char *value)
320 if (!parse_enum(ssl_handshake_modes, OSSL_NELEM(ssl_handshake_modes),
321 &ret_value, value)) {
324 test_ctx->handshake_mode = ret_value;
328 const char *ssl_handshake_mode_name(ssl_handshake_mode_t mode)
330 return enum_name(ssl_handshake_modes, OSSL_NELEM(ssl_handshake_modes),
334 static int parse_boolean(const char *value, int *result)
336 if (strcasecmp(value, "Yes") == 0) {
340 else if (strcasecmp(value, "No") == 0) {
347 #define IMPLEMENT_SSL_TEST_CTX_BOOL_OPTION(field) \
348 static int parse_##field(SSL_TEST_CTX *test_ctx, const char *value) \
350 return parse_boolean(value, &test_ctx->field); \
353 IMPLEMENT_SSL_TEST_CTX_BOOL_OPTION(resumption_expected)
355 /*************************************************************/
356 /* Known test options and their corresponding parse methods. */
357 /*************************************************************/
361 int (*parse)(SSL_TEST_CTX *test_ctx, const char *value);
362 } ssl_test_ctx_option;
364 static const ssl_test_ctx_option ssl_test_ctx_options[] = {
365 { "ExpectedResult", &parse_expected_result },
366 { "ClientAlert", &parse_client_alert },
367 { "ServerAlert", &parse_server_alert },
368 { "Protocol", &parse_protocol },
369 { "ClientVerifyCallback", &parse_client_verify_callback },
370 { "ServerName", &parse_servername },
371 { "ExpectedServerName", &parse_expected_servername },
372 { "ServerNameCallback", &parse_servername_callback },
373 { "SessionTicketExpected", &parse_session_ticket },
374 { "Method", &parse_test_method },
375 { "ClientNPNProtocols", &parse_client_npn_protocols },
376 { "ServerNPNProtocols", &parse_server_npn_protocols },
377 { "Server2NPNProtocols", &parse_server2_npn_protocols },
378 { "ExpectedNPNProtocol", &parse_expected_npn_protocol },
379 { "ClientALPNProtocols", &parse_client_alpn_protocols },
380 { "ServerALPNProtocols", &parse_server_alpn_protocols },
381 { "Server2ALPNProtocols", &parse_server2_alpn_protocols },
382 { "ExpectedALPNProtocol", &parse_expected_alpn_protocol },
383 { "HandshakeMode", &parse_handshake_mode },
384 { "ResumptionExpected", &parse_resumption_expected },
388 * Since these methods are used to create tests, we use OPENSSL_assert liberally
389 * for malloc failures and other internal errors.
391 SSL_TEST_CTX *SSL_TEST_CTX_new()
394 ret = OPENSSL_zalloc(sizeof(*ret));
395 OPENSSL_assert(ret != NULL);
399 void SSL_TEST_CTX_free(SSL_TEST_CTX *ctx)
402 OPENSSL_free(ctx->client_npn_protocols);
403 OPENSSL_free(ctx->server_npn_protocols);
404 OPENSSL_free(ctx->server2_npn_protocols);
405 OPENSSL_free(ctx->client_alpn_protocols);
406 OPENSSL_free(ctx->server_alpn_protocols);
407 OPENSSL_free(ctx->server2_alpn_protocols);
408 OPENSSL_free(ctx->expected_npn_protocol);
409 OPENSSL_free(ctx->expected_alpn_protocol);
413 SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section)
415 STACK_OF(CONF_VALUE) *sk_conf;
420 sk_conf = NCONF_get_section(conf, test_section);
421 OPENSSL_assert(sk_conf != NULL);
423 ctx = SSL_TEST_CTX_new();
424 OPENSSL_assert(ctx != NULL);
426 for (i = 0; i < sk_CONF_VALUE_num(sk_conf); i++) {
428 const CONF_VALUE *option = sk_CONF_VALUE_value(sk_conf, i);
429 for (j = 0; j < OSSL_NELEM(ssl_test_ctx_options); j++) {
430 if (strcmp(option->name, ssl_test_ctx_options[j].name) == 0) {
431 if (!ssl_test_ctx_options[j].parse(ctx, option->value)) {
432 fprintf(stderr, "Bad value %s for option %s\n",
433 option->value, option->name);
441 fprintf(stderr, "Unknown test option: %s\n", option->name);
449 SSL_TEST_CTX_free(ctx);