diff --git a/crypto/bio/bio_test.cc b/crypto/bio/bio_test.cc index 65324d002..d44c9dddf 100644 --- a/crypto/bio/bio_test.cc +++ b/crypto/bio/bio_test.cc @@ -813,10 +813,7 @@ TEST_P(BIOPairTest, TestPair) { // A closed write end may not be written to. EXPECT_EQ(0u, BIO_ctrl_get_write_guarantee(bio1)); EXPECT_EQ(-1, BIO_write(bio1, "_____", 5)); - - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_BIO, ERR_GET_LIB(err)); - EXPECT_EQ(BIO_R_BROKEN_PIPE, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_BIO, BIO_R_BROKEN_PIPE)); // The other end is still functional. EXPECT_EQ(5, BIO_write(bio2, "12345", 5)); diff --git a/crypto/cipher_extra/aead_test.cc b/crypto/cipher_extra/aead_test.cc index 64c65e9eb..e16f5a24b 100644 --- a/crypto/cipher_extra/aead_test.cc +++ b/crypto/cipher_extra/aead_test.cc @@ -381,7 +381,7 @@ TEST_P(PerAEADTest, TestVectorScatterGather) { // Skip decryption for AEADs that don't implement open_gather(). if (!ret) { - int err = ERR_peek_error(); + uint32_t err = ERR_peek_error(); if (ERR_GET_LIB(err) == ERR_LIB_CIPHER && ERR_GET_REASON(err) == CIPHER_R_CTRL_NOT_IMPLEMENTED) { t->SkipCurrent(); @@ -709,10 +709,10 @@ TEST_P(PerAEADTest, InvalidNonceLength) { nonce.data(), nonce.size(), nullptr /* in */, 0, kZeros /* ad */, ad_len)); uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err)); // TODO(davidben): Merge these errors. https://crbug.com/boringssl/129. - if (ERR_GET_REASON(err) != CIPHER_R_UNSUPPORTED_NONCE_SIZE) { - EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err)); + if (!ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE)) { + EXPECT_TRUE( + ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_INVALID_NONCE_SIZE)); } ctx.Reset(); @@ -723,9 +723,9 @@ TEST_P(PerAEADTest, InvalidNonceLength) { nonce.data(), nonce.size(), kZeros /* in */, sizeof(kZeros), kZeros /* ad */, ad_len)); err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_CIPHER, ERR_GET_LIB(err)); - if (ERR_GET_REASON(err) != CIPHER_R_UNSUPPORTED_NONCE_SIZE) { - EXPECT_EQ(CIPHER_R_INVALID_NONCE_SIZE, ERR_GET_REASON(err)); + if (!ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_UNSUPPORTED_NONCE_SIZE)) { + EXPECT_TRUE( + ErrorEquals(err, ERR_LIB_CIPHER, CIPHER_R_INVALID_NONCE_SIZE)); } } } diff --git a/crypto/dsa/dsa_test.cc b/crypto/dsa/dsa_test.cc index 22e9e13bb..3b83e1847 100644 --- a/crypto/dsa/dsa_test.cc +++ b/crypto/dsa/dsa_test.cc @@ -267,9 +267,8 @@ TEST(DSATest, InvalidGroup) { static const uint8_t kDigest[32] = {0}; EXPECT_FALSE( DSA_sign(0, kDigest, sizeof(kDigest), sig.data(), &sig_len, dsa.get())); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_DSA, ERR_GET_LIB(err)); - EXPECT_EQ(DSA_R_INVALID_PARAMETERS, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_DSA, DSA_R_INVALID_PARAMETERS)); } // Signing and verifying should cleanly fail when the DSA object is empty. diff --git a/crypto/evp/evp_extra_test.cc b/crypto/evp/evp_extra_test.cc index 948bfb5ba..64683861a 100644 --- a/crypto/evp/evp_extra_test.cc +++ b/crypto/evp/evp_extra_test.cc @@ -812,7 +812,8 @@ TEST(EVPExtraTest, MarshalEmptyPublicKey) { bssl::ScopedCBB cbb; EXPECT_FALSE(EVP_marshal_public_key(cbb.get(), empty.get())) << "Marshalled empty public key."; - EXPECT_EQ(EVP_R_UNSUPPORTED_ALGORITHM, ERR_GET_REASON(ERR_peek_last_error())); + EXPECT_TRUE(ErrorEquals(ERR_peek_last_error(), ERR_LIB_EVP, + EVP_R_UNSUPPORTED_ALGORITHM)); } TEST(EVPExtraTest, d2i_PrivateKey) { @@ -890,16 +891,14 @@ TEST(EVPExtraTest, Ed25519) { // Passing too small of a buffer is noticed. len = 31; EXPECT_FALSE(EVP_PKEY_get_raw_public_key(pubkey.get(), buf, &len)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL)); ERR_clear_error(); // There is no private key. EXPECT_FALSE(EVP_PKEY_get_raw_private_key(pubkey.get(), nullptr, &len)); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_NOT_A_PRIVATE_KEY, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_NOT_A_PRIVATE_KEY)); ERR_clear_error(); // The public key must encode properly. @@ -915,9 +914,8 @@ TEST(EVPExtraTest, Ed25519) { // The public key must gracefully fail to encode as a private key. ASSERT_TRUE(CBB_init(cbb.get(), 0)); EXPECT_FALSE(EVP_marshal_private_key(cbb.get(), pubkey.get())); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_NOT_A_PRIVATE_KEY, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_NOT_A_PRIVATE_KEY)); ERR_clear_error(); cbb.Reset(); @@ -940,9 +938,8 @@ TEST(EVPExtraTest, Ed25519) { // Passing too small of a buffer is noticed. len = 31; EXPECT_FALSE(EVP_PKEY_get_raw_private_key(privkey.get(), buf, &len)); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL)); ERR_clear_error(); // The public key must be extractable. len = 32; @@ -995,9 +992,8 @@ TEST(EVPExtraTest, Ed25519) { EVP_DigestSignInit(ctx.get(), nullptr, nullptr, nullptr, privkey.get())); len = 31; EXPECT_FALSE(EVP_DigestSign(ctx.get(), buf, &len, nullptr /* msg */, 0)); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_BUFFER_TOO_SMALL, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_BUFFER_TOO_SMALL)); ERR_clear_error(); } diff --git a/crypto/evp/scrypt_test.cc b/crypto/evp/scrypt_test.cc index e957fd0be..5a8838677 100644 --- a/crypto/evp/scrypt_test.cc +++ b/crypto/evp/scrypt_test.cc @@ -69,9 +69,8 @@ TEST(ScryptTest, MemoryLimit) { reinterpret_cast(kSalt), strlen(kSalt), 1048576 /* N */, 8 /* r */, 1 /* p */, 0 /* max_mem */, key, sizeof(key))); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_MEMORY_LIMIT_EXCEEDED, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_MEMORY_LIMIT_EXCEEDED)); } TEST(ScryptTest, InvalidParameters) { diff --git a/crypto/fipsmodule/bn/bn_test.cc b/crypto/fipsmodule/bn/bn_test.cc index d62f6e4dd..fcc59e00f 100644 --- a/crypto/fipsmodule/bn/bn_test.cc +++ b/crypto/fipsmodule/bn/bn_test.cc @@ -884,9 +884,7 @@ static void TestNotModSquare(BIGNUMFileTest *t, BN_CTX *ctx) { EXPECT_FALSE(BN_mod_sqrt(ret.get(), not_mod_square.get(), p.get(), ctx)) << "BN_mod_sqrt unexpectedly succeeded."; - uint32_t err = ERR_peek_error(); - EXPECT_EQ(ERR_LIB_BN, ERR_GET_LIB(err)); - EXPECT_EQ(BN_R_NOT_A_SQUARE, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_peek_error(), ERR_LIB_BN, BN_R_NOT_A_SQUARE)); ERR_clear_error(); } diff --git a/crypto/fipsmodule/service_indicator/service_indicator_test.cc b/crypto/fipsmodule/service_indicator/service_indicator_test.cc index ee66fc3f7..9eac62e4a 100644 --- a/crypto/fipsmodule/service_indicator/service_indicator_test.cc +++ b/crypto/fipsmodule/service_indicator/service_indicator_test.cc @@ -657,7 +657,8 @@ TEST_P(AEADServiceIndicatorTest, EVP_AEAD) { encrypt_output.size(), nonce.data(), nonce.size(), kPlaintext, sizeof(kPlaintext), nullptr, 0))); EXPECT_EQ(approved, FIPSStatus::NOT_APPROVED); - EXPECT_EQ(ERR_GET_REASON(ERR_get_error()), CIPHER_R_INVALID_NONCE); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_CIPHER, CIPHER_R_INVALID_NONCE)); } } diff --git a/crypto/hpke/hpke_test.cc b/crypto/hpke/hpke_test.cc index 30593f99a..ce68adc60 100644 --- a/crypto/hpke/hpke_test.cc +++ b/crypto/hpke/hpke_test.cc @@ -554,9 +554,8 @@ TEST(HPKETest, SetupSenderBufferTooSmall) { sender_ctx.get(), enc, &enc_len, sizeof(enc), EVP_hpke_x25519_hkdf_sha256(), EVP_hpke_hkdf_sha256(), EVP_hpke_aes_128_gcm(), public_key_r, sizeof(public_key_r), nullptr, 0)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_INVALID_BUFFER_SIZE, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_INVALID_BUFFER_SIZE)); ERR_clear_error(); } @@ -587,9 +586,8 @@ TEST(HPKETest, SetupRecipientWrongLengthEnc) { ASSERT_FALSE(EVP_HPKE_CTX_setup_recipient( recipient_ctx.get(), key.get(), EVP_hpke_hkdf_sha256(), EVP_hpke_aes_128_gcm(), bogus_enc, sizeof(bogus_enc), nullptr, 0)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_INVALID_PEER_KEY, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_INVALID_PEER_KEY)); ERR_clear_error(); } @@ -603,9 +601,8 @@ TEST(HPKETest, SetupSenderWrongLengthPeerPublicValue) { EVP_hpke_x25519_hkdf_sha256(), EVP_hpke_hkdf_sha256(), EVP_hpke_aes_128_gcm(), bogus_public_key_r, sizeof(bogus_public_key_r), nullptr, 0)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_EVP, ERR_GET_LIB(err)); - EXPECT_EQ(EVP_R_INVALID_PEER_KEY, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_EVP, EVP_R_INVALID_PEER_KEY)); ERR_clear_error(); } diff --git a/crypto/pem/pem_test.cc b/crypto/pem/pem_test.cc index aed523cd8..117e00062 100644 --- a/crypto/pem/pem_test.cc +++ b/crypto/pem/pem_test.cc @@ -20,6 +20,8 @@ #include #include +#include "../test/test_util.h" + // Test that implausible ciphers, notably an IV-less RC4, aren't allowed in PEM. // This is a regression test for https://github.com/openssl/openssl/issues/6347, @@ -39,7 +41,6 @@ TEST(PEMTest, NoRC4) { bssl::UniquePtr rsa(PEM_read_bio_RSAPublicKey( bio.get(), nullptr, nullptr, const_cast("password"))); EXPECT_FALSE(rsa); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_PEM, ERR_GET_LIB(err)); - EXPECT_EQ(PEM_R_UNSUPPORTED_ENCRYPTION, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_PEM, PEM_R_UNSUPPORTED_ENCRYPTION)); } diff --git a/crypto/rsa_extra/rsa_test.cc b/crypto/rsa_extra/rsa_test.cc index 4d34fc947..82c5aa954 100644 --- a/crypto/rsa_extra/rsa_test.cc +++ b/crypto/rsa_extra/rsa_test.cc @@ -712,9 +712,8 @@ TEST(RSATest, GenerateSmallKey) { ASSERT_TRUE(BN_set_word(e.get(), RSA_F4)); EXPECT_FALSE(RSA_generate_key_ex(rsa.get(), 255, e.get(), nullptr)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err)); - EXPECT_EQ(RSA_R_KEY_SIZE_TOO_SMALL, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_KEY_SIZE_TOO_SMALL)); } // Attempting to generate an funny RSA key length should round down. @@ -1175,17 +1174,13 @@ TEST(RSATest, MissingParameters) { std::vector out(RSA_size(sample.get())); EXPECT_FALSE(RSA_sign(NID_sha256, kZeros, sizeof(kZeros), out.data(), &len_u, rsa.get())); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err)); - EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING)); size_t len; EXPECT_FALSE(RSA_decrypt(rsa.get(), &len, out.data(), out.size(), kOAEPCiphertext1, sizeof(kOAEPCiphertext1), RSA_PKCS1_OAEP_PADDING)); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err)); - EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING)); // A private key without e cannot perform public key operations. rsa.reset(RSA_new_private_key_no_e(RSA_get0_n(sample.get()), @@ -1194,15 +1189,11 @@ TEST(RSATest, MissingParameters) { EXPECT_FALSE(RSA_verify(NID_sha256, kZeros, sizeof(kZeros), sig.data(), sig.size(), rsa.get())); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err)); - EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING)); EXPECT_FALSE(RSA_encrypt(rsa.get(), &len, out.data(), out.size(), kPlaintext, sizeof(kPlaintext), RSA_PKCS1_OAEP_PADDING)); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_RSA, ERR_GET_LIB(err)); - EXPECT_EQ(RSA_R_VALUE_MISSING, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_RSA, RSA_R_VALUE_MISSING)); } TEST(RSATest, Negative) { diff --git a/crypto/test/test_util.cc b/crypto/test/test_util.cc index 23e8909fe..6f5647681 100644 --- a/crypto/test/test_util.cc +++ b/crypto/test/test_util.cc @@ -16,6 +16,8 @@ #include +#include + #include "../internal.h" @@ -67,3 +69,16 @@ std::string EncodeHex(bssl::Span in) { return ret; } +testing::AssertionResult ErrorEquals(uint32_t err, int lib, int reason) { + if (ERR_GET_LIB(err) == lib && ERR_GET_REASON(err) == reason) { + return testing::AssertionSuccess(); + } + + char buf[128], expected[128]; + return testing::AssertionFailure() + << "Got \"" << ERR_error_string_n(err, buf, sizeof(buf)) + << "\", wanted \"" + << ERR_error_string_n(ERR_PACK(lib, reason), expected, + sizeof(expected)) + << "\""; +} diff --git a/crypto/test/test_util.h b/crypto/test/test_util.h index 796c93177..fff6cdb47 100644 --- a/crypto/test/test_util.h +++ b/crypto/test/test_util.h @@ -24,6 +24,8 @@ #include #include +#include + #include #include "../internal.h" @@ -67,5 +69,9 @@ bool DecodeHex(std::vector *out, const std::string &in); // EncodeHex returns |in| encoded in hexadecimal. std::string EncodeHex(bssl::Span in); +// ErrorEquals asserts that |err| is an error with library |lib| and reason +// |reason|. +testing::AssertionResult ErrorEquals(uint32_t err, int lib, int reason); + #endif // OPENSSL_HEADER_CRYPTO_TEST_TEST_UTIL_H diff --git a/crypto/x509/x509_test.cc b/crypto/x509/x509_test.cc index b25e8b395..8b20ade83 100644 --- a/crypto/x509/x509_test.cc +++ b/crypto/x509/x509_test.cc @@ -2062,9 +2062,8 @@ TEST(X509Test, TestEd25519BadParameters) { ASSERT_FALSE(X509_verify(cert.get(), pkey.get())); - uint32_t err = ERR_get_error(); - ASSERT_EQ(ERR_LIB_X509, ERR_GET_LIB(err)); - ASSERT_EQ(X509_R_INVALID_PARAMETER, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_X509, X509_R_INVALID_PARAMETER)); ERR_clear_error(); } @@ -2909,9 +2908,8 @@ TEST(X509Test, MismatchAlgorithms) { ASSERT_TRUE(pkey); EXPECT_FALSE(X509_verify(cert.get(), pkey.get())); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_X509, ERR_GET_LIB(err)); - EXPECT_EQ(X509_R_SIGNATURE_ALGORITHM_MISMATCH, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_X509, + X509_R_SIGNATURE_ALGORITHM_MISMATCH)); } TEST(X509Test, PEMX509Info) { @@ -3044,9 +3042,8 @@ TEST(X509Test, ReadBIOEmpty) { // certificates. bssl::UniquePtr x509(d2i_X509_bio(bio.get(), nullptr)); EXPECT_FALSE(x509); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_ASN1, ERR_GET_LIB(err)); - EXPECT_EQ(ASN1_R_HEADER_TOO_LONG, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_ASN1, ASN1_R_HEADER_TOO_LONG)); } TEST(X509Test, ReadBIOOneByte) { @@ -3058,9 +3055,8 @@ TEST(X509Test, ReadBIOOneByte) { // to signal EOF. bssl::UniquePtr x509(d2i_X509_bio(bio.get(), nullptr)); EXPECT_FALSE(x509); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_ASN1, ERR_GET_LIB(err)); - EXPECT_EQ(ASN1_R_NOT_ENOUGH_DATA, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_ASN1, ASN1_R_NOT_ENOUGH_DATA)); } TEST(X509Test, PartialBIOReturn) { @@ -3773,9 +3769,8 @@ TEST(X509Test, AlgorithmParameters) { cert = CertFromPEM(kP256InvalidParam); ASSERT_TRUE(cert); EXPECT_FALSE(X509_verify(cert.get(), key.get())); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_X509, ERR_GET_LIB(err)); - EXPECT_EQ(X509_R_INVALID_PARAMETER, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_X509, X509_R_INVALID_PARAMETER)); // RSA parameters should be NULL, but we accept omitted ones. key = PrivateKeyFromPEM(kRSAKey); @@ -3792,9 +3787,8 @@ TEST(X509Test, AlgorithmParameters) { cert = CertFromPEM(kRSAInvalidParam); ASSERT_TRUE(cert); EXPECT_FALSE(X509_verify(cert.get(), key.get())); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_X509, ERR_GET_LIB(err)); - EXPECT_EQ(X509_R_INVALID_PARAMETER, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_X509, X509_R_INVALID_PARAMETER)); } TEST(X509Test, GeneralName) { diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc index d12d49c78..d7953e506 100644 --- a/ssl/ssl_test.cc +++ b/ssl/ssl_test.cc @@ -3021,9 +3021,8 @@ TEST(SSLTest, WriteAfterWrongVersionOnEarlyData) { // The client processes the ServerHello and fails. EXPECT_EQ(-1, SSL_do_handshake(client.get())); EXPECT_EQ(SSL_ERROR_SSL, SSL_get_error(client.get(), -1)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_SSL, ERR_GET_LIB(err)); - EXPECT_EQ(SSL_R_WRONG_VERSION_ON_EARLY_DATA, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_SSL, + SSL_R_WRONG_VERSION_ON_EARLY_DATA)); // The client should have written an alert to the transport. const uint8_t *unused; @@ -3035,9 +3034,8 @@ TEST(SSLTest, WriteAfterWrongVersionOnEarlyData) { // Writing should fail, with the same error as the handshake. EXPECT_EQ(-1, SSL_write(client.get(), "a", 1)); EXPECT_EQ(SSL_ERROR_SSL, SSL_get_error(client.get(), -1)); - err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_SSL, ERR_GET_LIB(err)); - EXPECT_EQ(SSL_R_WRONG_VERSION_ON_EARLY_DATA, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_get_error(), ERR_LIB_SSL, + SSL_R_WRONG_VERSION_ON_EARLY_DATA)); // Nothing should be written to the transport. ASSERT_TRUE(BIO_mem_contents(mem.get(), &unused, &len)); @@ -5190,9 +5188,8 @@ TEST(SSLTest, NoCiphersAvailable) { int ret = SSL_do_handshake(ssl.get()); EXPECT_EQ(-1, ret); EXPECT_EQ(SSL_ERROR_SSL, SSL_get_error(ssl.get(), ret)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_SSL, ERR_GET_LIB(err)); - EXPECT_EQ(SSL_R_NO_CIPHERS_AVAILABLE, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_SSL, SSL_R_NO_CIPHERS_AVAILABLE)); } TEST_P(SSLVersionTest, SessionVersion) { @@ -7177,9 +7174,8 @@ TEST_F(QUICMethodTest, ExcessProvidedData) { // EncryptedExtensions on key change. ASSERT_EQ(SSL_do_handshake(client_.get()), -1); ASSERT_EQ(SSL_get_error(client_.get(), -1), SSL_ERROR_SSL); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_GET_LIB(err), ERR_LIB_SSL); - EXPECT_EQ(ERR_GET_REASON(err), SSL_R_EXCESS_HANDSHAKE_DATA); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_SSL, SSL_R_EXCESS_HANDSHAKE_DATA)); // The client sends an alert in response to this. The alert is sent at // handshake level because we install write secrets before read secrets and @@ -7628,9 +7624,8 @@ TEST_P(SSLVersionTest, DoubleSSLError) { // The client handshake should terminate on a certificate verification // error. EXPECT_EQ(SSL_ERROR_SSL, client_err); - uint32_t err = ERR_peek_error(); - EXPECT_EQ(ERR_LIB_SSL, ERR_GET_LIB(err)); - EXPECT_EQ(SSL_R_CERTIFICATE_VERIFY_FAILED, ERR_GET_REASON(err)); + EXPECT_TRUE(ErrorEquals(ERR_peek_error(), ERR_LIB_SSL, + SSL_R_CERTIFICATE_VERIFY_FAILED)); break; } @@ -7906,9 +7901,8 @@ TEST(SSLTest, WriteWhileExplicitRenegotiate) { // We never renegotiate as a server. ASSERT_EQ(-1, SSL_read(server.get(), buf, sizeof(buf))); ASSERT_EQ(SSL_ERROR_SSL, SSL_get_error(server.get(), -1)); - uint32_t err = ERR_get_error(); - EXPECT_EQ(ERR_LIB_SSL, ERR_GET_LIB(err)); - EXPECT_EQ(SSL_R_NO_RENEGOTIATION, ERR_GET_REASON(err)); + EXPECT_TRUE( + ErrorEquals(ERR_get_error(), ERR_LIB_SSL, SSL_R_NO_RENEGOTIATION)); } TEST(SSLTest, ConnectionPropertiesDuringRenegotiate) {