mirror of https://github.com/wolfSSL/wolfssl
Clean up and Chris check added the changes.
This commit is contained in:
parent
f61c045e65
commit
813a9b05b5
197
tests/api.c
197
tests/api.c
|
@ -103,7 +103,7 @@ static int test_wolfSSL_Cleanup(void)
|
|||
}
|
||||
|
||||
|
||||
/* Initialize the wolfcrypt state.
|
||||
/* Initialize the wolfCrypt state.
|
||||
* POST: 0 success.
|
||||
*/
|
||||
static int test_wolfCrypt_Init(void)
|
||||
|
@ -211,24 +211,30 @@ static void test_wolfSSL_CTX_use_certificate_file(void)
|
|||
#endif
|
||||
}
|
||||
|
||||
/* Test function for wolfSSL_CTX_use_certificate_buffer. Load cert into
|
||||
* context using buffer.
|
||||
* PRE: NO_CERTS not defined; USE_CERT_BUFFERS_2048 defined; compile with
|
||||
* --enable-testcert flag.
|
||||
*/
|
||||
static int test_wolfSSL_CTX_use_certificate_buffer(void)
|
||||
{
|
||||
#ifndef NO_CERTS
|
||||
WOLFSSL_CTX* ctx;
|
||||
int ret;
|
||||
#if !defined(NO_CERTS) && defined(USE_CERT_BUFFERS_2048)
|
||||
WOLFSSL_CTX* ctx;
|
||||
int ret;
|
||||
|
||||
printf(testingFmt, "wolfSSL_CTX_use_certificate_buffer()");
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
|
||||
#ifdef USE_CERT_BUFFERS_2048
|
||||
ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
|
||||
printf(testingFmt, "wolfSSL_CTX_use_certificate_buffer()");
|
||||
AssertNotNull(ctx = wolfSSL_CTX_new(wolfSSLv23_server_method()));
|
||||
|
||||
ret = wolfSSL_CTX_use_certificate_buffer(ctx, server_cert_der_2048,
|
||||
sizeof_server_cert_der_2048, SSL_FILETYPE_ASN1);
|
||||
#endif
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
return ret;
|
||||
#else
|
||||
return;
|
||||
#endif
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
return ret;
|
||||
#else
|
||||
return SSL_SUCCESS;
|
||||
#endif
|
||||
|
||||
} /*END test_wolfSSL_CTX_use_certificate_buffer*/
|
||||
|
||||
static void test_wolfSSL_CTX_use_PrivateKey_file(void)
|
||||
|
@ -523,14 +529,20 @@ static void test_wolfSSL_SetTmpDH_buffer(void)
|
|||
}
|
||||
|
||||
|
||||
/* Test function for wolfSSL_SetMinVersion
|
||||
/* Test function for wolfSSL_SetMinVersion. Sets the minimum downgrade version
|
||||
* allowed.
|
||||
* POST: return 1 on success.
|
||||
*/
|
||||
static int test_wolfSSL_SetMinVersion(void)
|
||||
{
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLFSSL* ssl;
|
||||
int ret;
|
||||
int failFlag, itr;
|
||||
|
||||
const char* versionsVar[] = { "retV1", "retV1_1", "retV1_2" };
|
||||
const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1,
|
||||
WOLFSSL_TLSV1_2};
|
||||
failFlag = SSL_SUCCESS;
|
||||
|
||||
AssertTrue(wolfSSL_Init());
|
||||
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
|
@ -538,17 +550,19 @@ static int test_wolfSSL_SetMinVersion(void)
|
|||
|
||||
printf(testingFmt, "wolfSSL_SetMinVersion()");
|
||||
|
||||
ret = wolfSSL_SetMinVersion(ssl, 3);
|
||||
for (itr = 0; itr < (int)(sizeof(versionsVar)/sizeof(char*)); itr++){
|
||||
if(wolfSSL_SetMinVersion(ssl, *(versions + itr)) != SSL_SUCCESS){
|
||||
failFlag = SSL_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
printf(resultFmt, failFlag == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
AssertTrue(wolfSSL_Cleanup());
|
||||
|
||||
if(ret != SSL_SUCCESS) { return SSL_FAILURE; }
|
||||
|
||||
return SSL_SUCCESS;
|
||||
return failFlag;
|
||||
|
||||
} /* END test_wolfSSL_SetMinVersion */
|
||||
|
||||
|
@ -1894,29 +1908,38 @@ static void test_wolfSSL_X509_NAME_get_entry(void)
|
|||
#endif /* !NO_CERTS */
|
||||
}
|
||||
|
||||
/* Testing function wolfSSL_CTX_SetMinVersion
|
||||
/* Testing function wolfSSL_CTX_SetMinVersion; sets the minimum downgrade
|
||||
* version allowed.
|
||||
* POST: 1 on success.
|
||||
*/
|
||||
static int test_wolfSSL_CTX_SetMinVersion(void)
|
||||
{
|
||||
WOLFSSL_CTX* ctx;
|
||||
int ret;
|
||||
int failFlag, itr;
|
||||
|
||||
const char* versionsVar[] = { "retV1", "retV1_1", "retV1_2" };
|
||||
const int versions[] = { WOLFSSL_TLSV1, WOLFSSL_TLSV1_1,
|
||||
WOLFSSL_TLSV1_2 };
|
||||
|
||||
failFlag = SSL_SUCCESS;
|
||||
|
||||
AssertTrue(wolfSSL_Init());
|
||||
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
|
||||
printf(testingFmt, "wolfSSL_CTX_SetMinVersion()");
|
||||
|
||||
ret = wolfSSL_CTX_SetMinVersion(ctx, 3);
|
||||
for (itr = 0; itr < (int)(sizeof(versionsVar)/sizeof(char*)); itr++){
|
||||
if(wolfSSL_CTX_SetMinVersion(ctx, *(versions + itr)) != SSL_SUCCESS){
|
||||
failFlag = SSL_FAILURE;
|
||||
}
|
||||
}
|
||||
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
printf(resultFmt, failFlag == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
wolfSSL_CTX_free(ctx);
|
||||
AssertTrue(wolfSSL_Cleanup());
|
||||
|
||||
if(ret != SSL_SUCCESS) { return SSL_FAILURE; }
|
||||
|
||||
return SSL_SUCCESS;
|
||||
return failFlag;
|
||||
|
||||
} /* END test_wolfSSL_CTX_SetMinVersion */
|
||||
|
||||
|
@ -1926,78 +1949,82 @@ static int test_wolfSSL_CTX_SetMinVersion(void)
|
|||
*----------------------------------------------------------------------------*/
|
||||
|
||||
|
||||
/* Testing wolfSSL_UseOCSPStapling function.
|
||||
/* Testing wolfSSL_UseOCSPStapling function. OCSP stapling eliminates the need
|
||||
* need to contact the CA, lowering the cost of cert revocation checking.
|
||||
* PRE: HAVE_OCSP and HAVE_CERTIFICATE_STATUS_REQUEST
|
||||
* POST: 1 returned for success.
|
||||
*/
|
||||
#if defined(HAVE_OCSP)
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST)
|
||||
static int test_wolfSSL_UseOCSPStapling(void)
|
||||
{
|
||||
int ret;
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLFSSL* ssl;
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST) && defined(HAVE_OCSP)
|
||||
int ret;
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLFSSL* ssl;
|
||||
|
||||
wolfSSL_Init();
|
||||
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
ssl = wolfSSL_new(ctx);
|
||||
printf(testingFmt, "wolfSSL_UseOCSPStapling()");
|
||||
|
||||
ret = wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP,
|
||||
WOLFSSL_CSR2_OCSP_USE_NONCE);
|
||||
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
|
||||
wolfSSL_Init();
|
||||
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
ssl = wolfSSL_new(ctx);
|
||||
printf(testingFmt, "wolfSSL_UseOCSPStapling()");
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
|
||||
ret = wolfSSL_UseOCSPStapling(ssl, WOLFSSL_CSR2_OCSP,
|
||||
WOLFSSL_CSR2_OCSP_USE_NONCE);
|
||||
if(ret != SSL_SUCCESS){
|
||||
wolfSSL_Cleanup();
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
|
||||
if(ret != SSL_SUCCESS){
|
||||
wolfSSL_Cleanup();
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
|
||||
return wolfSSL_Cleanup();
|
||||
return wolfSSL_Cleanup();
|
||||
#else
|
||||
return SSL_SUCCESS;
|
||||
#endif
|
||||
|
||||
} /*END test_wolfSSL_UseOCSPStapling */
|
||||
|
||||
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST. */
|
||||
|
||||
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
|
||||
/* Testing OCSP stapling version 2, wolfSSL_UseOCSPStaplingV2 funciton. OCSP
|
||||
* stapling eliminates the need ot contact the CA and lowers cert revocation
|
||||
* check.
|
||||
* PRE: HAVE_CERTIFICATE_STATUS_REQUEST_V2 and HAVE_OCSP defined.
|
||||
*/
|
||||
static int test_wolfSSL_UseOCSPStaplingV2(void)
|
||||
{
|
||||
int ret;
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLFSSL* ssl;
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST_V2) && defined(HAVE_OCSP)
|
||||
int ret;
|
||||
WOLFSSL_CTX* ctx;
|
||||
WOLFSSL* ssl;
|
||||
|
||||
wolfSSL_Init();
|
||||
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
ssl = wolfSSL_new(ctx);
|
||||
printf(testingFmt, "wolfSSL_UseOCSPStaplingV2()");
|
||||
wolfSSL_Init();
|
||||
ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
|
||||
ssl = wolfSSL_new(ctx);
|
||||
printf(testingFmt, "wolfSSL_UseOCSPStaplingV2()");
|
||||
|
||||
ret = wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP,
|
||||
WOLFSSL_CSR2_OCSP_USE_NONCE );
|
||||
ret = wolfSSL_UseOCSPStaplingV2(ssl, WOLFSSL_CSR2_OCSP,
|
||||
WOLFSSL_CSR2_OCSP_USE_NONCE );
|
||||
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
printf(resultFmt, ret == SSL_SUCCESS ? passed : failed);
|
||||
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
wolfSSL_free(ssl);
|
||||
wolfSSL_CTX_free(ctx);
|
||||
|
||||
if(ret != SSL_SUCCESS){
|
||||
wolfSSL_Cleanup();
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
if(ret != SSL_SUCCESS){
|
||||
wolfSSL_Cleanup();
|
||||
return SSL_FAILURE;
|
||||
}
|
||||
|
||||
return wolfSSL_Cleanup();
|
||||
return wolfSSL_Cleanup();
|
||||
#else
|
||||
return SSL_SUCCESS;
|
||||
#endif
|
||||
|
||||
} /*END test_wolfSSL_UseOCSPStaplingV2*/
|
||||
|
||||
#endif /* HAVE_CERTIFICATE_STATUS_REQUEST. */
|
||||
#endif /* HAVE_OCSP*/
|
||||
|
||||
|
||||
|
||||
|
||||
/*----------------------------------------------------------------------------*
|
||||
| Main
|
||||
|
@ -2007,7 +2034,8 @@ void ApiTest(void)
|
|||
{
|
||||
printf(" Begin API Tests\n");
|
||||
AssertIntEQ(test_wolfSSL_Init(), SSL_SUCCESS);
|
||||
|
||||
/* wolfcrypt initialization tests */
|
||||
AssertFalse(test_wolfCrypt_Init());
|
||||
test_wolfSSL_Method_Allocators();
|
||||
test_wolfSSL_CTX_new(wolfSSLv23_server_method());
|
||||
test_wolfSSL_CTX_use_certificate_file();
|
||||
|
@ -2026,33 +2054,20 @@ void ApiTest(void)
|
|||
AssertIntEQ(test_wolfSSL_SetMinVersion(), SSL_SUCCESS);
|
||||
AssertIntEQ(test_wolfSSL_CTX_SetMinVersion(), SSL_SUCCESS);
|
||||
|
||||
|
||||
/* TLS extensions tests */
|
||||
test_wolfSSL_UseSNI();
|
||||
test_wolfSSL_UseMaxFragment();
|
||||
test_wolfSSL_UseTruncatedHMAC();
|
||||
test_wolfSSL_UseSupportedCurve();
|
||||
test_wolfSSL_UseALPN();
|
||||
|
||||
/* X509 tests */
|
||||
test_wolfSSL_X509_NAME_get_entry();
|
||||
|
||||
/* wolfcrypt initialization tests */
|
||||
AssertFalse(test_wolfCrypt_Init());
|
||||
|
||||
/*OCSP Stapling. */
|
||||
#if defined(HAVE_OCSP)
|
||||
#if defined(HAVE_CERTIFICATE_STATUS_REQUEST)
|
||||
|
||||
AssertIntEQ(test_wolfSSL_UseOCSPStapling(), SSL_SUCCESS);
|
||||
|
||||
#endif
|
||||
#ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
|
||||
|
||||
AssertIntEQ(test_wolfSSL_UseOCSPStaplingV2(), SSL_SUCCESS);
|
||||
|
||||
#endif
|
||||
#endif /* HAVE_OCSP. */
|
||||
|
||||
AssertIntEQ(test_wolfSSL_Cleanup(), SSL_SUCCESS);
|
||||
printf(" End API Tests\n");
|
||||
|
||||
|
|
Loading…
Reference in New Issue