aboutsummaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorDavid Benjamin <davidben@google.com>2024-02-21 23:21:16 -0500
committerBoringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>2024-02-23 18:08:53 +0000
commitec2a08dda8e7b156253abcf21f2c7ea80de39f82 (patch)
tree44b1ae747b5632d80c3860f88abc85f0267c2348 /crypto
parent85c5d9668fe3aef03dc3b5099adc549039a79ff9 (diff)
downloadboringssl-ec2a08dda8e7b156253abcf21f2c7ea80de39f82.zip
boringssl-ec2a08dda8e7b156253abcf21f2c7ea80de39f82.tar.gz
boringssl-ec2a08dda8e7b156253abcf21f2c7ea80de39f82.tar.bz2
Introduce a test helper for asserting on the error
This produces slightly nicer output, is less code, and helps us remember to check both the library and reason code. Change-Id: Ic49508accb0bc8a25cbb5b94cc7e4aeb1bd8cbd0 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/66507 Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: David Benjamin <davidben@google.com>
Diffstat (limited to 'crypto')
-rw-r--r--crypto/bio/bio_test.cc5
-rw-r--r--crypto/cipher_extra/aead_test.cc14
-rw-r--r--crypto/dsa/dsa_test.cc5
-rw-r--r--crypto/evp/evp_extra_test.cc28
-rw-r--r--crypto/evp/scrypt_test.cc5
-rw-r--r--crypto/fipsmodule/bn/bn_test.cc4
-rw-r--r--crypto/fipsmodule/service_indicator/service_indicator_test.cc3
-rw-r--r--crypto/hpke/hpke_test.cc15
-rw-r--r--crypto/pem/pem_test.cc7
-rw-r--r--crypto/rsa_extra/rsa_test.cc21
-rw-r--r--crypto/test/test_util.cc15
-rw-r--r--crypto/test/test_util.h6
-rw-r--r--crypto/x509/x509_test.cc30
13 files changed, 76 insertions, 82 deletions
diff --git a/crypto/bio/bio_test.cc b/crypto/bio/bio_test.cc
index 65324d0..d44c9dd 100644
--- a/crypto/bio/bio_test.cc
+++ b/crypto/bio/bio_test.cc
@@ -813,10 +813,7 @@ TEST_P(BIOPairTest, TestPair) {
// A closed write end may not be written to.
EXPECT_EQ(0u, BIO_ctrl_get_write_guarantee(bio1));
EXPECT_EQ(-1, BIO_write(bio1, "_____", 5));
-
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_BIO, ERR_GET_LIB(err));
- EXPECT_EQ(BIO_R_BROKEN_PIPE, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_BIO, BIO_R_BROKEN_PIPE));
// The other end is still functional.
EXPECT_EQ(5, BIO_write(bio2, "12345", 5));
diff --git a/crypto/cipher_extra/aead_test.cc b/crypto/cipher_extra/aead_test.cc
index 64c65e9..e16f5a2 100644
--- a/crypto/cipher_extra/aead_test.cc
+++ b/crypto/cipher_extra/aead_test.cc
@@ -381,7 +381,7 @@ TEST_P(PerAEADTest, TestVectorScatterGather) {
// Skip decryption for AEADs that don't implement open_gather().
if (!ret) {
- int err = ERR_peek_error();
+ uint32_t err = ERR_peek_error();
if (ERR_GET_LIB(err) == ERR_LIB_CIPHER &&
ERR_GET_REASON(err) == CIPHER_R_CTRL_NOT_IMPLEMENTED) {
t->SkipCurrent();
@@ -709,10 +709,10 @@ TEST_P(PerAEADTest, InvalidNonceLength) {
nonce.data(), nonce.size(), nullptr /* in */,
0, kZeros /* ad */, ad_len));
uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
// TODO(davidben): Merge these errors. https://crbug.com/boringssl/129.
- if (ERR_GET_REASON(err) != CIPHER_R_UNSUPPORTED_NONCE_SIZE) {
- EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+ if (!ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE)) {
+ EXPECT_TRUE(
+ ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_INVALID_NONCE_SIZE));
}
ctx.Reset();
@@ -723,9 +723,9 @@ TEST_P(PerAEADTest, InvalidNonceLength) {
nonce.data(), nonce.size(), kZeros /* in */,
sizeof(kZeros), kZeros /* ad */, ad_len));
err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err));
- if (ERR_GET_REASON(err) != CIPHER_R_UNSUPPORTED_NONCE_SIZE) {
- EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err));
+ if (!ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE)) {
+ EXPECT_TRUE(
+ ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_INVALID_NONCE_SIZE));
}
}
}
diff --git a/crypto/dsa/dsa_test.cc b/crypto/dsa/dsa_test.cc
index 22e9e13..3b83e18 100644
--- a/crypto/dsa/dsa_test.cc
+++ b/crypto/dsa/dsa_test.cc
@@ -267,9 +267,8 @@ TEST(DSATest, InvalidGroup) {
static const uint8_t kDigest[32] = {0};
EXPECT_FALSE(
DSA_sign(0, kDigest, sizeof(kDigest), sig.data(), &sig_len, dsa.get()));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_DSA, ERR_GET_LIB(err));
- EXPECT_EQ(DSA_R_INVALID_PARAMETERS, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_DSA, DSA_R_INVALID_PARAMETERS));
}
// Signing and verifying should cleanly fail when the DSA object is empty.
diff --git a/crypto/evp/evp_extra_test.cc b/crypto/evp/evp_extra_test.cc
index 948bfb5..6468386 100644
--- a/crypto/evp/evp_extra_test.cc
+++ b/crypto/evp/evp_extra_test.cc
@@ -812,7 +812,8 @@ TEST(EVPExtraTest, MarshalEmptyPublicKey) {
bssl::ScopedCBB cbb;
EXPECT_FALSE(EVP_marshal_public_key(cbb.get(), empty.get()))
<< "Marshalled empty public key.";
- EXPECT_EQ(EVP_R_UNSUPPORTED_ALGORITHM, ERR_GET_REASON(ERR_peek_last_error()));
+ EXPECT_TRUE(ErrorEquals(ERR_peek_last_error(), ERR_LIB_EVP,
+ EVP_R_UNSUPPORTED_ALGORITHM));
}
TEST(EVPExtraTest, d2i_PrivateKey) {
@@ -890,16 +891,14 @@ TEST(EVPExtraTest, Ed25519) {
// Passing too small of a buffer is noticed.
len = 31;
EXPECT_FALSE(EVP_PKEY_get_raw_public_key(pubkey.get(), buf, &len));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL));
ERR_clear_error();
// There is no private key.
EXPECT_FALSE(EVP_PKEY_get_raw_private_key(pubkey.get(), nullptr, &len));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_NOT_A_PRIVATE_KEY, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_NOT_A_PRIVATE_KEY));
ERR_clear_error();
// The public key must encode properly.
@@ -915,9 +914,8 @@ TEST(EVPExtraTest, Ed25519) {
// The public key must gracefully fail to encode as a private key.
ASSERT_TRUE(CBB_init(cbb.get(), 0));
EXPECT_FALSE(EVP_marshal_private_key(cbb.get(), pubkey.get()));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_NOT_A_PRIVATE_KEY, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_NOT_A_PRIVATE_KEY));
ERR_clear_error();
cbb.Reset();
@@ -940,9 +938,8 @@ TEST(EVPExtraTest, Ed25519) {
// Passing too small of a buffer is noticed.
len = 31;
EXPECT_FALSE(EVP_PKEY_get_raw_private_key(privkey.get(), buf, &len));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL));
ERR_clear_error();
// The public key must be extractable.
len = 32;
@@ -995,9 +992,8 @@ TEST(EVPExtraTest, Ed25519) {
EVP_DigestSignInit(ctx.get(), nullptr, nullptr, nullptr, privkey.get()));
len = 31;
EXPECT_FALSE(EVP_DigestSign(ctx.get(), buf, &len, nullptr /* msg */, 0));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL));
ERR_clear_error();
}
diff --git a/crypto/evp/scrypt_test.cc b/crypto/evp/scrypt_test.cc
index e957fd0..5a88386 100644
--- a/crypto/evp/scrypt_test.cc
+++ b/crypto/evp/scrypt_test.cc
@@ -69,9 +69,8 @@ TEST(ScryptTest, MemoryLimit) {
reinterpret_cast<const uint8_t *>(kSalt),
strlen(kSalt), 1048576 /* N */, 8 /* r */,
1 /* p */, 0 /* max_mem */, key, sizeof(key)));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_MEMORY_LIMIT_EXCEEDED, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_MEMORY_LIMIT_EXCEEDED));
}
TEST(ScryptTest, InvalidParameters) {
diff --git a/crypto/fipsmodule/bn/bn_test.cc b/crypto/fipsmodule/bn/bn_test.cc
index d62f6e4..fcc59e0 100644
--- a/crypto/fipsmodule/bn/bn_test.cc
+++ b/crypto/fipsmodule/bn/bn_test.cc
@@ -884,9 +884,7 @@ static void TestNotModSquare(BIGNUMFileTest *t, BN_CTX *ctx) {
EXPECT_FALSE(BN_mod_sqrt(ret.get(), not_mod_square.get(), p.get(), ctx))
<< "BN_mod_sqrt unexpectedly succeeded.";
- uint32_t err = ERR_peek_error();
- EXPECT_EQ(ERR_LIB_BN, ERR_GET_LIB(err));
- EXPECT_EQ(BN_R_NOT_A_SQUARE, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_peek_error(), ERR_LIB_BN, BN_R_NOT_A_SQUARE));
ERR_clear_error();
}
diff --git a/crypto/fipsmodule/service_indicator/service_indicator_test.cc b/crypto/fipsmodule/service_indicator/service_indicator_test.cc
index ee66fc3..9eac62e 100644
--- a/crypto/fipsmodule/service_indicator/service_indicator_test.cc
+++ b/crypto/fipsmodule/service_indicator/service_indicator_test.cc
@@ -657,7 +657,8 @@ TEST_P(AEADServiceIndicatorTest, EVP_AEAD) {
encrypt_output.size(), nonce.data(), nonce.size(),
kPlaintext, sizeof(kPlaintext), nullptr, 0)));
EXPECT_EQ(approved, FIPSStatus::NOT_APPROVED);
- EXPECT_EQ(ERR_GET_REASON(ERR_get_error()), CIPHER_R_INVALID_NONCE);
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_CIPHER, CIPHER_R_INVALID_NONCE));
}
}
diff --git a/crypto/hpke/hpke_test.cc b/crypto/hpke/hpke_test.cc
index 30593f9..ce68adc 100644
--- a/crypto/hpke/hpke_test.cc
+++ b/crypto/hpke/hpke_test.cc
@@ -554,9 +554,8 @@ TEST(HPKETest, SetupSenderBufferTooSmall) {
sender_ctx.get(), enc, &enc_len, sizeof(enc),
EVP_hpke_x25519_hkdf_sha256(), EVP_hpke_hkdf_sha256(),
EVP_hpke_aes_128_gcm(), public_key_r, sizeof(public_key_r), nullptr, 0));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_INVALID_BUFFER_SIZE, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_INVALID_BUFFER_SIZE));
ERR_clear_error();
}
@@ -587,9 +586,8 @@ TEST(HPKETest, SetupRecipientWrongLengthEnc) {
ASSERT_FALSE(EVP_HPKE_CTX_setup_recipient(
recipient_ctx.get(), key.get(), EVP_hpke_hkdf_sha256(),
EVP_hpke_aes_128_gcm(), bogus_enc, sizeof(bogus_enc), nullptr, 0));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_INVALID_PEER_KEY, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_INVALID_PEER_KEY));
ERR_clear_error();
}
@@ -603,9 +601,8 @@ TEST(HPKETest, SetupSenderWrongLengthPeerPublicValue) {
EVP_hpke_x25519_hkdf_sha256(), EVP_hpke_hkdf_sha256(),
EVP_hpke_aes_128_gcm(), bogus_public_key_r, sizeof(bogus_public_key_r),
nullptr, 0));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err));
- EXPECT_EQ(EVP_R_INVALID_PEER_KEY, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_INVALID_PEER_KEY));
ERR_clear_error();
}
diff --git a/crypto/pem/pem_test.cc b/crypto/pem/pem_test.cc
index aed523c..117e000 100644
--- a/crypto/pem/pem_test.cc
+++ b/crypto/pem/pem_test.cc
@@ -20,6 +20,8 @@
#include <openssl/err.h>
#include <openssl/rsa.h>
+#include "../test/test_util.h"
+
// Test that implausible ciphers, notably an IV-less RC4, aren't allowed in PEM.
// This is a regression test for https://github.com/openssl/openssl/issues/6347,
@@ -39,7 +41,6 @@ TEST(PEMTest, NoRC4) {
bssl::UniquePtr<RSA> rsa(PEM_read_bio_RSAPublicKey(
bio.get(), nullptr, nullptr, const_cast<char *>("password")));
EXPECT_FALSE(rsa);
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_PEM, ERR_GET_LIB(err));
- EXPECT_EQ(PEM_R_UNSUPPORTED_ENCRYPTION, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_PEM, PEM_R_UNSUPPORTED_ENCRYPTION));
}
diff --git a/crypto/rsa_extra/rsa_test.cc b/crypto/rsa_extra/rsa_test.cc
index 4d34fc9..82c5aa9 100644
--- a/crypto/rsa_extra/rsa_test.cc
+++ b/crypto/rsa_extra/rsa_test.cc
@@ -712,9 +712,8 @@ TEST(RSATest, GenerateSmallKey) {
ASSERT_TRUE(BN_set_word(e.get(), RSA_F4));
EXPECT_FALSE(RSA_generate_key_ex(rsa.get(), 255, e.get(), nullptr));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err));
- EXPECT_EQ(RSA_R_KEY_SIZE_TOO_SMALL, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_KEY_SIZE_TOO_SMALL));
}
// Attempting to generate an funny RSA key length should round down.
@@ -1175,17 +1174,13 @@ TEST(RSATest, MissingParameters) {
std::vector<uint8_t> out(RSA_size(sample.get()));
EXPECT_FALSE(RSA_sign(NID_sha256, kZeros, sizeof(kZeros), out.data(), &len_u,
rsa.get()));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err));
- EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING));
size_t len;
EXPECT_FALSE(RSA_decrypt(rsa.get(), &len, out.data(), out.size(),
kOAEPCiphertext1, sizeof(kOAEPCiphertext1),
RSA_PKCS1_OAEP_PADDING));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err));
- EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING));
// A private key without e cannot perform public key operations.
rsa.reset(RSA_new_private_key_no_e(RSA_get0_n(sample.get()),
@@ -1194,15 +1189,11 @@ TEST(RSATest, MissingParameters) {
EXPECT_FALSE(RSA_verify(NID_sha256, kZeros, sizeof(kZeros), sig.data(),
sig.size(), rsa.get()));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err));
- EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING));
EXPECT_FALSE(RSA_encrypt(rsa.get(), &len, out.data(), out.size(), kPlaintext,
sizeof(kPlaintext), RSA_PKCS1_OAEP_PADDING));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err));
- EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING));
}
TEST(RSATest, Negative) {
diff --git a/crypto/test/test_util.cc b/crypto/test/test_util.cc
index 23e8909..6f56476 100644
--- a/crypto/test/test_util.cc
+++ b/crypto/test/test_util.cc
@@ -16,6 +16,8 @@
#include <ostream>
+#include <openssl/err.h>
+
#include "../internal.h"
@@ -67,3 +69,16 @@ std::string EncodeHex(bssl::Span<const uint8_t> in) {
return ret;
}
+testing::AssertionResult ErrorEquals(uint32_t err, int lib, int reason) {
+ if (ERR_GET_LIB(err) == lib && ERR_GET_REASON(err) == reason) {
+ return testing::AssertionSuccess();
+ }
+
+ char buf[128], expected[128];
+ return testing::AssertionFailure()
+ << "Got \"" << ERR_error_string_n(err, buf, sizeof(buf))
+ << "\", wanted \""
+ << ERR_error_string_n(ERR_PACK(lib, reason), expected,
+ sizeof(expected))
+ << "\"";
+}
diff --git a/crypto/test/test_util.h b/crypto/test/test_util.h
index 796c931..fff6cdb 100644
--- a/crypto/test/test_util.h
+++ b/crypto/test/test_util.h
@@ -24,6 +24,8 @@
#include <string>
#include <vector>
+#include <gtest/gtest.h>
+
#include <openssl/span.h>
#include "../internal.h"
@@ -67,5 +69,9 @@ bool DecodeHex(std::vector<uint8_t> *out, const std::string &in);
// EncodeHex returns |in| encoded in hexadecimal.
std::string EncodeHex(bssl::Span<const uint8_t> in);
+// ErrorEquals asserts that |err| is an error with library |lib| and reason
+// |reason|.
+testing::AssertionResult ErrorEquals(uint32_t err, int lib, int reason);
+
#endif // OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H
diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc
index b25e8b3..8b20ade 100644
--- a/crypto/x509/x509_test.cc
+++ b/crypto/x509/x509_test.cc
@@ -2062,9 +2062,8 @@ TEST(X509Test, TestEd25519BadParameters) {
ASSERT_FALSE(X509_verify(cert.get(), pkey.get()));
- uint32_t err = ERR_get_error();
- ASSERT_EQ(ERR_LIB_X509, ERR_GET_LIB(err));
- ASSERT_EQ(X509_R_INVALID_PARAMETER, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_X509, X509_R_INVALID_PARAMETER));
ERR_clear_error();
}
@@ -2909,9 +2908,8 @@ TEST(X509Test, MismatchAlgorithms) {
ASSERT_TRUE(pkey);
EXPECT_FALSE(X509_verify(cert.get(), pkey.get()));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_X509, ERR_GET_LIB(err));
- EXPECT_EQ(X509_R_SIGNATURE_ALGORITHM_MISMATCH, ERR_GET_REASON(err));
+ EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_X509,
+ X509_R_SIGNATURE_ALGORITHM_MISMATCH));
}
TEST(X509Test, PEMX509Info) {
@@ -3044,9 +3042,8 @@ TEST(X509Test, ReadBIOEmpty) {
// certificates.
bssl::UniquePtr<X509> x509(d2i_X509_bio(bio.get(), nullptr));
EXPECT_FALSE(x509);
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_ASN1, ERR_GET_LIB(err));
- EXPECT_EQ(ASN1_R_HEADER_TOO_LONG, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_ASN1, ASN1_R_HEADER_TOO_LONG));
}
TEST(X509Test, ReadBIOOneByte) {
@@ -3058,9 +3055,8 @@ TEST(X509Test, ReadBIOOneByte) {
// to signal EOF.
bssl::UniquePtr<X509> x509(d2i_X509_bio(bio.get(), nullptr));
EXPECT_FALSE(x509);
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_ASN1, ERR_GET_LIB(err));
- EXPECT_EQ(ASN1_R_NOT_ENOUGH_DATA, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA));
}
TEST(X509Test, PartialBIOReturn) {
@@ -3773,9 +3769,8 @@ TEST(X509Test, AlgorithmParameters) {
cert = CertFromPEM(kP256InvalidParam);
ASSERT_TRUE(cert);
EXPECT_FALSE(X509_verify(cert.get(), key.get()));
- uint32_t err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_X509, ERR_GET_LIB(err));
- EXPECT_EQ(X509_R_INVALID_PARAMETER, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_X509, X509_R_INVALID_PARAMETER));
// RSA parameters should be NULL, but we accept omitted ones.
key = PrivateKeyFromPEM(kRSAKey);
@@ -3792,9 +3787,8 @@ TEST(X509Test, AlgorithmParameters) {
cert = CertFromPEM(kRSAInvalidParam);
ASSERT_TRUE(cert);
EXPECT_FALSE(X509_verify(cert.get(), key.get()));
- err = ERR_get_error();
- EXPECT_EQ(ERR_LIB_X509, ERR_GET_LIB(err));
- EXPECT_EQ(X509_R_INVALID_PARAMETER, ERR_GET_REASON(err));
+ EXPECT_TRUE(
+ ErrorEquals(ERR_get_error(), ERR_LIB_X509, X509_R_INVALID_PARAMETER));
}
TEST(X509Test, GeneralName) {
generated by cgit v1.1 at 2024-09-18 05:07:25 +0000