Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / de953e2a242a4014f6aabca31744e195ebc63a01 / . / ap / lib / libssl / openssl-1.1.1o / test / v3nametest.c
blob: 566472ab9667ae0ba09db7040ca75934b79d657e [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/*
2 * Copyright 2012-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#include <string.h>
11
12#include <openssl/e_os2.h>
13#include <openssl/x509.h>
14#include <openssl/x509v3.h>
15#include "internal/nelem.h"
16#include "testutil.h"
17
18#ifdef OPENSSL_SYS_WINDOWS
19# define strcasecmp _stricmp
20#endif
21
22static const char *const names[] = {
23 "a", "b", ".", "*", "@",
24 ".a", "a.", ".b", "b.", ".*", "*.", "*@", "@*", "a@", "@a", "b@", "..",
25 "-example.com", "example-.com",
26 "@@", "**", "*.com", "*com", "*.*.com", "*com", "com*", "*example.com",
27 "*@example.com", "test@*.example.com", "example.com", "www.example.com",
28 "test.www.example.com", "*.example.com", "*.www.example.com",
29 "test.*.example.com", "www.*.com",
30 ".www.example.com", "*www.example.com",
31 "example.net", "xn--rger-koa.example.com",
32 "*.xn--rger-koa.example.com", "www.xn--rger-koa.example.com",
33 "*.good--example.com", "www.good--example.com",
34 "*.xn--bar.com", "xn--foo.xn--bar.com",
35 "a.example.com", "b.example.com",
36 "postmaster@example.com", "Postmaster@example.com",
37 "postmaster@EXAMPLE.COM",
38 NULL
39};
40
41static const char *const exceptions[] = {
42 "set CN: host: [*.example.com] matches [a.example.com]",
43 "set CN: host: [*.example.com] matches [b.example.com]",
44 "set CN: host: [*.example.com] matches [www.example.com]",
45 "set CN: host: [*.example.com] matches [xn--rger-koa.example.com]",
46 "set CN: host: [*.www.example.com] matches [test.www.example.com]",
47 "set CN: host: [*.www.example.com] matches [.www.example.com]",
48 "set CN: host: [*www.example.com] matches [www.example.com]",
49 "set CN: host: [test.www.example.com] matches [.www.example.com]",
50 "set CN: host: [*.xn--rger-koa.example.com] matches [www.xn--rger-koa.example.com]",
51 "set CN: host: [*.xn--bar.com] matches [xn--foo.xn--bar.com]",
52 "set CN: host: [*.good--example.com] matches [www.good--example.com]",
53 "set CN: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
54 "set CN: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
55 "set emailAddress: email: [postmaster@example.com] does not match [Postmaster@example.com]",
56 "set emailAddress: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
57 "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@example.com]",
58 "set emailAddress: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
59 "set dnsName: host: [*.example.com] matches [www.example.com]",
60 "set dnsName: host: [*.example.com] matches [a.example.com]",
61 "set dnsName: host: [*.example.com] matches [b.example.com]",
62 "set dnsName: host: [*.example.com] matches [xn--rger-koa.example.com]",
63 "set dnsName: host: [*.www.example.com] matches [test.www.example.com]",
64 "set dnsName: host-no-wildcards: [*.www.example.com] matches [.www.example.com]",
65 "set dnsName: host-no-wildcards: [test.www.example.com] matches [.www.example.com]",
66 "set dnsName: host: [*.www.example.com] matches [.www.example.com]",
67 "set dnsName: host: [*www.example.com] matches [www.example.com]",
68 "set dnsName: host: [test.www.example.com] matches [.www.example.com]",
69 "set dnsName: host: [*.xn--rger-koa.example.com] matches [www.xn--rger-koa.example.com]",
70 "set dnsName: host: [*.xn--bar.com] matches [xn--foo.xn--bar.com]",
71 "set dnsName: host: [*.good--example.com] matches [www.good--example.com]",
72 "set rfc822Name: email: [postmaster@example.com] does not match [Postmaster@example.com]",
73 "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@example.com]",
74 "set rfc822Name: email: [Postmaster@example.com] does not match [postmaster@EXAMPLE.COM]",
75 "set rfc822Name: email: [postmaster@EXAMPLE.COM] does not match [Postmaster@example.com]",
76 NULL
77};
78
79static int is_exception(const char *msg)
80{
81 const char *const *p;
82
83 for (p = exceptions; *p; ++p)
84 if (strcmp(msg, *p) == 0)
85 return 1;
86 return 0;
87}
88
89static int set_cn(X509 *crt, ...)
90{
91 int ret = 0;
92 X509_NAME *n = NULL;
93 va_list ap;
94
95 va_start(ap, crt);
96 n = X509_NAME_new();
97 if (n == NULL)
98 goto out;
99
100 while (1) {
101 int nid;
102 const char *name;
103
104 nid = va_arg(ap, int);
105 if (nid == 0)
106 break;
107 name = va_arg(ap, const char *);
108 if (!X509_NAME_add_entry_by_NID(n, nid, MBSTRING_ASC,
109 (unsigned char *)name, -1, -1, 1))
110 goto out;
111 }
112 if (!X509_set_subject_name(crt, n))
113 goto out;
114 ret = 1;
115 out:
116 X509_NAME_free(n);
117 va_end(ap);
118 return ret;
119}
120
121/*-
122int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
123X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
124 int nid, int crit, ASN1_OCTET_STRING *data);
125int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
126*/
127
128static int set_altname(X509 *crt, ...)
129{
130 int ret = 0;
131 GENERAL_NAMES *gens = NULL;
132 GENERAL_NAME *gen = NULL;
133 ASN1_IA5STRING *ia5 = NULL;
134 va_list ap;
135 va_start(ap, crt);
136 gens = sk_GENERAL_NAME_new_null();
137 if (gens == NULL)
138 goto out;
139 while (1) {
140 int type;
141 const char *name;
142 type = va_arg(ap, int);
143 if (type == 0)
144 break;
145 name = va_arg(ap, const char *);
146
147 gen = GENERAL_NAME_new();
148 if (gen == NULL)
149 goto out;
150 ia5 = ASN1_IA5STRING_new();
151 if (ia5 == NULL)
152 goto out;
153 if (!ASN1_STRING_set(ia5, name, -1))
154 goto out;
155 switch (type) {
156 case GEN_EMAIL:
157 case GEN_DNS:
158 GENERAL_NAME_set0_value(gen, type, ia5);
159 ia5 = NULL;
160 break;
161 default:
162 abort();
163 }
164 sk_GENERAL_NAME_push(gens, gen);
165 gen = NULL;
166 }
167 if (!X509_add1_ext_i2d(crt, NID_subject_alt_name, gens, 0, 0))
168 goto out;
169 ret = 1;
170 out:
171 ASN1_IA5STRING_free(ia5);
172 GENERAL_NAME_free(gen);
173 GENERAL_NAMES_free(gens);
174 va_end(ap);
175 return ret;
176}
177
178static int set_cn1(X509 *crt, const char *name)
179{
180 return set_cn(crt, NID_commonName, name, 0);
181}
182
183static int set_cn_and_email(X509 *crt, const char *name)
184{
185 return set_cn(crt, NID_commonName, name,
186 NID_pkcs9_emailAddress, "dummy@example.com", 0);
187}
188
189static int set_cn2(X509 *crt, const char *name)
190{
191 return set_cn(crt, NID_commonName, "dummy value",
192 NID_commonName, name, 0);
193}
194
195static int set_cn3(X509 *crt, const char *name)
196{
197 return set_cn(crt, NID_commonName, name,
198 NID_commonName, "dummy value", 0);
199}
200
201static int set_email1(X509 *crt, const char *name)
202{
203 return set_cn(crt, NID_pkcs9_emailAddress, name, 0);
204}
205
206static int set_email2(X509 *crt, const char *name)
207{
208 return set_cn(crt, NID_pkcs9_emailAddress, "dummy@example.com",
209 NID_pkcs9_emailAddress, name, 0);
210}
211
212static int set_email3(X509 *crt, const char *name)
213{
214 return set_cn(crt, NID_pkcs9_emailAddress, name,
215 NID_pkcs9_emailAddress, "dummy@example.com", 0);
216}
217
218static int set_email_and_cn(X509 *crt, const char *name)
219{
220 return set_cn(crt, NID_pkcs9_emailAddress, name,
221 NID_commonName, "www.example.org", 0);
222}
223
224static int set_altname_dns(X509 *crt, const char *name)
225{
226 return set_altname(crt, GEN_DNS, name, 0);
227}
228
229static int set_altname_email(X509 *crt, const char *name)
230{
231 return set_altname(crt, GEN_EMAIL, name, 0);
232}
233
234struct set_name_fn {
235 int (*fn) (X509 *, const char *);
236 const char *name;
237 int host;
238 int email;
239};
240
241static const struct set_name_fn name_fns[] = {
242 {set_cn1, "set CN", 1, 0},
243 {set_cn2, "set CN", 1, 0},
244 {set_cn3, "set CN", 1, 0},
245 {set_cn_and_email, "set CN", 1, 0},
246 {set_email1, "set emailAddress", 0, 1},
247 {set_email2, "set emailAddress", 0, 1},
248 {set_email3, "set emailAddress", 0, 1},
249 {set_email_and_cn, "set emailAddress", 0, 1},
250 {set_altname_dns, "set dnsName", 1, 0},
251 {set_altname_email, "set rfc822Name", 0, 1},
252};
253
254static X509 *make_cert(void)
255{
256 X509 *crt = NULL;
257
258 if (!TEST_ptr(crt = X509_new()))
259 return NULL;
260 if (!TEST_true(X509_set_version(crt, 2))) {
261 X509_free(crt);
262 return NULL;
263 }
264 return crt;
265}
266
267static int check_message(const struct set_name_fn *fn, const char *op,
268 const char *nameincert, int match, const char *name)
269{
270 char msg[1024];
271
272 if (match < 0)
273 return 1;
274 BIO_snprintf(msg, sizeof(msg), "%s: %s: [%s] %s [%s]",
275 fn->name, op, nameincert,
276 match ? "matches" : "does not match", name);
277 if (is_exception(msg))
278 return 1;
279 TEST_error("%s", msg);
280 return 0;
281}
282
283static int run_cert(X509 *crt, const char *nameincert,
284 const struct set_name_fn *fn)
285{
286 const char *const *pname = names;
287 int failed = 0;
288
289 for (; *pname != NULL; ++pname) {
290 int samename = strcasecmp(nameincert, *pname) == 0;
291 size_t namelen = strlen(*pname);
292 char *name = OPENSSL_malloc(namelen);
293 int match, ret;
294
295 memcpy(name, *pname, namelen);
296
297 match = -1;
298 if (!TEST_int_ge(ret = X509_check_host(crt, name, namelen, 0, NULL),
299 0)) {
300 failed = 1;
301 } else if (fn->host) {
302 if (ret == 1 && !samename)
303 match = 1;
304 if (ret == 0 && samename)
305 match = 0;
306 } else if (ret == 1)
307 match = 1;
308 if (!TEST_true(check_message(fn, "host", nameincert, match, *pname)))
309 failed = 1;
310
311 match = -1;
312 if (!TEST_int_ge(ret = X509_check_host(crt, name, namelen,
313 X509_CHECK_FLAG_NO_WILDCARDS,
314 NULL), 0)) {
315 failed = 1;
316 } else if (fn->host) {
317 if (ret == 1 && !samename)
318 match = 1;
319 if (ret == 0 && samename)
320 match = 0;
321 } else if (ret == 1)
322 match = 1;
323 if (!TEST_true(check_message(fn, "host-no-wildcards",
324 nameincert, match, *pname)))
325 failed = 1;
326
327 match = -1;
328 ret = X509_check_email(crt, name, namelen, 0);
329 if (fn->email) {
330 if (ret && !samename)
331 match = 1;
332 if (!ret && samename && strchr(nameincert, '@') != NULL)
333 match = 0;
334 } else if (ret)
335 match = 1;
336 if (!TEST_true(check_message(fn, "email", nameincert, match, *pname)))
337 failed = 1;
338 OPENSSL_free(name);
339 }
340
341 return failed == 0;
342}
343
344static int call_run_cert(int i)
345{
346 int failed = 0;
347 const struct set_name_fn *pfn = &name_fns[i];
348 X509 *crt;
349 const char *const *pname;
350
351 TEST_info("%s", pfn->name);
352 for (pname = names; *pname != NULL; pname++) {
353 if (!TEST_ptr(crt = make_cert())
354 || !TEST_true(pfn->fn(crt, *pname))
355 || !run_cert(crt, *pname, pfn))
356 failed = 1;
357 X509_free(crt);
358 }
359 return failed == 0;
360}
361
362static struct gennamedata {
363 const unsigned char der[22];
364 size_t derlen;
365} gennames[] = {
366 {
367 /*
368 * [0] {
369 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 }
370 * [0] {
371 * SEQUENCE {}
372 * }
373 * }
374 */
375 {
376 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
377 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x30, 0x00
378 },
379 21
380 }, {
381 /*
382 * [0] {
383 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 }
384 * [0] {
385 * [APPLICATION 0] {}
386 * }
387 * }
388 */
389 {
390 0xa0, 0x13, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
391 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x02, 0x60, 0x00
392 },
393 21
394 }, {
395 /*
396 * [0] {
397 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 }
398 * [0] {
399 * UTF8String { "a" }
400 * }
401 * }
402 */
403 {
404 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
405 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x61
406 },
407 22
408 }, {
409 /*
410 * [0] {
411 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.2 }
412 * [0] {
413 * UTF8String { "a" }
414 * }
415 * }
416 */
417 {
418 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
419 0x01, 0x84, 0xb7, 0x09, 0x02, 0x02, 0xa0, 0x03, 0x0c, 0x01, 0x61
420 },
421 22
422 }, {
423 /*
424 * [0] {
425 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 }
426 * [0] {
427 * UTF8String { "b" }
428 * }
429 * }
430 */
431 {
432 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
433 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x0c, 0x01, 0x62
434 },
435 22
436 }, {
437 /*
438 * [0] {
439 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 }
440 * [0] {
441 * BOOLEAN { TRUE }
442 * }
443 * }
444 */
445 {
446 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
447 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0xff
448 },
449 22
450 }, {
451 /*
452 * [0] {
453 * OBJECT_IDENTIFIER { 1.2.840.113554.4.1.72585.2.1 }
454 * [0] {
455 * BOOLEAN { FALSE }
456 * }
457 * }
458 */
459 {
460 0xa0, 0x14, 0x06, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04,
461 0x01, 0x84, 0xb7, 0x09, 0x02, 0x01, 0xa0, 0x03, 0x01, 0x01, 0x00
462 },
463 22
464 }, {
465 /* [1 PRIMITIVE] { "a" } */
466 {
467 0x81, 0x01, 0x61
468 },
469 3
470 }, {
471 /* [1 PRIMITIVE] { "b" } */
472 {
473 0x81, 0x01, 0x62
474 },
475 3
476 }, {
477 /* [2 PRIMITIVE] { "a" } */
478 {
479 0x82, 0x01, 0x61
480 },
481 3
482 }, {
483 /* [2 PRIMITIVE] { "b" } */
484 {
485 0x82, 0x01, 0x62
486 },
487 3
488 }, {
489 /*
490 * [4] {
491 * SEQUENCE {
492 * SET {
493 * SEQUENCE {
494 * # commonName
495 * OBJECT_IDENTIFIER { 2.5.4.3 }
496 * UTF8String { "a" }
497 * }
498 * }
499 * }
500 * }
501 */
502 {
503 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55,
504 0x04, 0x03, 0x0c, 0x01, 0x61
505 },
506 16
507 }, {
508 /*
509 * [4] {
510 * SEQUENCE {
511 * SET {
512 * SEQUENCE {
513 * # commonName
514 * OBJECT_IDENTIFIER { 2.5.4.3 }
515 * UTF8String { "b" }
516 * }
517 * }
518 * }
519 * }
520 */
521 {
522 0xa4, 0x0e, 0x30, 0x0c, 0x31, 0x0a, 0x30, 0x08, 0x06, 0x03, 0x55,
523 0x04, 0x03, 0x0c, 0x01, 0x62
524 },
525 16
526 }, {
527 /*
528 * [5] {
529 * [1] {
530 * UTF8String { "a" }
531 * }
532 * }
533 */
534 {
535 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x61
536 },
537 7
538 }, {
539 /*
540 * [5] {
541 * [1] {
542 * UTF8String { "b" }
543 * }
544 * }
545 */
546 {
547 0xa5, 0x05, 0xa1, 0x03, 0x0c, 0x01, 0x62
548 },
549 7
550 }, {
551 /*
552 * [5] {
553 * [0] {
554 * UTF8String {}
555 * }
556 * [1] {
557 * UTF8String { "a" }
558 * }
559 * }
560 */
561 {
562 0xa5, 0x09, 0xa0, 0x02, 0x0c, 0x00, 0xa1, 0x03, 0x0c, 0x01, 0x61
563 },
564 11
565 }, {
566 /*
567 * [5] {
568 * [0] {
569 * UTF8String { "a" }
570 * }
571 * [1] {
572 * UTF8String { "a" }
573 * }
574 * }
575 */
576 {
577 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x61, 0xa1, 0x03, 0x0c, 0x01,
578 0x61
579 },
580 12
581 }, {
582 /*
583 * [5] {
584 * [0] {
585 * UTF8String { "b" }
586 * }
587 * [1] {
588 * UTF8String { "a" }
589 * }
590 * }
591 */
592 {
593 0xa5, 0x0a, 0xa0, 0x03, 0x0c, 0x01, 0x62, 0xa1, 0x03, 0x0c, 0x01,
594 0x61
595 },
596 12
597 }, {
598 /* [6 PRIMITIVE] { "a" } */
599 {
600 0x86, 0x01, 0x61
601 },
602 3
603 }, {
604 /* [6 PRIMITIVE] { "b" } */
605 {
606 0x86, 0x01, 0x62
607 },
608 3
609 }, {
610 /* [7 PRIMITIVE] { `11111111` } */
611 {
612 0x87, 0x04, 0x11, 0x11, 0x11, 0x11
613 },
614 6
615 }, {
616 /* [7 PRIMITIVE] { `22222222`} */
617 {
618 0x87, 0x04, 0x22, 0x22, 0x22, 0x22
619 },
620 6
621 }, {
622 /* [7 PRIMITIVE] { `11111111111111111111111111111111` } */
623 {
624 0x87, 0x10, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11,
625 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11
626 },
627 18
628 }, {
629 /* [7 PRIMITIVE] { `22222222222222222222222222222222` } */
630 {
631 0x87, 0x10, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22,
632 0x22, 0x22, 0x22, 0x22, 0x22, 0x22, 0x22
633 },
634 18
635 }, {
636 /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.1 } */
637 {
638 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84,
639 0xb7, 0x09, 0x02, 0x01
640 },
641 15
642 }, {
643 /* [8 PRIMITIVE] { 1.2.840.113554.4.1.72585.2.2 } */
644 {
645 0x88, 0x0d, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84,
646 0xb7, 0x09, 0x02, 0x02
647 },
648 15
649 }, {
650 /*
651 * Regression test for CVE-2023-0286.
652 */
653 {
654 0xa3, 0x00
655 },
656 2
657 }
658};
659
660static int test_GENERAL_NAME_cmp(void)
661{
662 size_t i, j;
663 GENERAL_NAME **namesa = OPENSSL_malloc(sizeof(*namesa)
664 * OSSL_NELEM(gennames));
665 GENERAL_NAME **namesb = OPENSSL_malloc(sizeof(*namesb)
666 * OSSL_NELEM(gennames));
667 int testresult = 0;
668
669 if (!TEST_ptr(namesa) || !TEST_ptr(namesb))
670 goto end;
671
672 for (i = 0; i < OSSL_NELEM(gennames); i++) {
673 const unsigned char *derp = gennames[i].der;
674
675 /*
676 * We create two versions of each GENERAL_NAME so that we ensure when
677 * we compare them they are always different pointers.
678 */
679 namesa[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen);
680 derp = gennames[i].der;
681 namesb[i] = d2i_GENERAL_NAME(NULL, &derp, gennames[i].derlen);
682 if (!TEST_ptr(namesa[i]) || !TEST_ptr(namesb[i]))
683 goto end;
684 }
685
686 /* Every name should be equal to itself and not equal to any others. */
687 for (i = 0; i < OSSL_NELEM(gennames); i++) {
688 for (j = 0; j < OSSL_NELEM(gennames); j++) {
689 if (i == j) {
690 if (!TEST_int_eq(GENERAL_NAME_cmp(namesa[i], namesb[j]), 0))
691 goto end;
692 } else {
693 if (!TEST_int_ne(GENERAL_NAME_cmp(namesa[i], namesb[j]), 0))
694 goto end;
695 }
696 }
697 }
698 testresult = 1;
699
700 end:
701 for (i = 0; i < OSSL_NELEM(gennames); i++) {
702 if (namesa != NULL)
703 GENERAL_NAME_free(namesa[i]);
704 if (namesb != NULL)
705 GENERAL_NAME_free(namesb[i]);
706 }
707 OPENSSL_free(namesa);
708 OPENSSL_free(namesb);
709
710 return testresult;
711}
712
713int setup_tests(void)
714{
715 ADD_ALL_TESTS(call_run_cert, OSSL_NELEM(name_fns));
716 ADD_TEST(test_GENERAL_NAME_cmp);
717 return 1;
718}