PolarSSL v1.3.9
test_suite_x509write.c
Go to the documentation of this file.
1 #if !defined(POLARSSL_CONFIG_FILE)
2 #include <polarssl/config.h>
3 #else
4 #include POLARSSL_CONFIG_FILE
5 #endif
6 
7 #ifdef POLARSSL_BIGNUM_C
8 #ifdef POLARSSL_FS_IO
9 #ifdef POLARSSL_PK_PARSE_C
10 
11 #include <polarssl/x509_crt.h>
12 #include <polarssl/x509_csr.h>
13 #include <polarssl/pem.h>
14 #include <polarssl/oid.h>
15 #endif /* POLARSSL_BIGNUM_C */
16 #endif /* POLARSSL_FS_IO */
17 #endif /* POLARSSL_PK_PARSE_C */
18 
19 
20 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
21 #include "polarssl/memory.h"
22 #endif
23 
24 #if defined(POLARSSL_PLATFORM_C)
25 #include "polarssl/platform.h"
26 #else
27 #define polarssl_malloc malloc
28 #define polarssl_free free
29 #endif
30 
31 #ifdef _MSC_VER
32 #include <basetsd.h>
33 typedef UINT32 uint32_t;
34 #else
35 #include <inttypes.h>
36 #endif
37 
38 #include <assert.h>
39 #include <stdlib.h>
40 #include <string.h>
41 
42 /*
43  * 32-bit integer manipulation macros (big endian)
44  */
45 #ifndef GET_UINT32_BE
46 #define GET_UINT32_BE(n,b,i) \
47 { \
48  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
49  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
50  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
51  | ( (uint32_t) (b)[(i) + 3] ); \
52 }
53 #endif
54 
55 #ifndef PUT_UINT32_BE
56 #define PUT_UINT32_BE(n,b,i) \
57 { \
58  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
59  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
60  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
61  (b)[(i) + 3] = (unsigned char) ( (n) ); \
62 }
63 #endif
64 
65 static int unhexify(unsigned char *obuf, const char *ibuf)
66 {
67  unsigned char c, c2;
68  int len = strlen(ibuf) / 2;
69  assert(!(strlen(ibuf) %1)); // must be even number of bytes
70 
71  while (*ibuf != 0)
72  {
73  c = *ibuf++;
74  if( c >= '0' && c <= '9' )
75  c -= '0';
76  else if( c >= 'a' && c <= 'f' )
77  c -= 'a' - 10;
78  else if( c >= 'A' && c <= 'F' )
79  c -= 'A' - 10;
80  else
81  assert( 0 );
82 
83  c2 = *ibuf++;
84  if( c2 >= '0' && c2 <= '9' )
85  c2 -= '0';
86  else if( c2 >= 'a' && c2 <= 'f' )
87  c2 -= 'a' - 10;
88  else if( c2 >= 'A' && c2 <= 'F' )
89  c2 -= 'A' - 10;
90  else
91  assert( 0 );
92 
93  *obuf++ = ( c << 4 ) | c2;
94  }
95 
96  return len;
97 }
98 
99 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
100 {
101  unsigned char l, h;
102 
103  while (len != 0)
104  {
105  h = (*ibuf) / 16;
106  l = (*ibuf) % 16;
107 
108  if( h < 10 )
109  *obuf++ = '0' + h;
110  else
111  *obuf++ = 'a' + h - 10;
112 
113  if( l < 10 )
114  *obuf++ = '0' + l;
115  else
116  *obuf++ = 'a' + l - 10;
117 
118  ++ibuf;
119  len--;
120  }
121 }
122 
130 static unsigned char *zero_alloc( size_t len )
131 {
132  void *p;
133  size_t actual_len = len != 0 ? len : 1;
134 
135  p = polarssl_malloc( actual_len );
136  assert( p != NULL );
137 
138  memset( p, 0x00, actual_len );
139 
140  return( p );
141 }
142 
153 static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
154 {
155  unsigned char *obuf;
156 
157  *olen = strlen(ibuf) / 2;
158 
159  if( *olen == 0 )
160  return( zero_alloc( *olen ) );
161 
162  obuf = polarssl_malloc( *olen );
163  assert( obuf != NULL );
164 
165  (void) unhexify( obuf, ibuf );
166 
167  return( obuf );
168 }
169 
179 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
180 {
181 #if !defined(__OpenBSD__)
182  size_t i;
183 
184  if( rng_state != NULL )
185  rng_state = NULL;
186 
187  for( i = 0; i < len; ++i )
188  output[i] = rand();
189 #else
190  if( rng_state != NULL )
191  rng_state = NULL;
192 
193  arc4random_buf( output, len );
194 #endif /* !OpenBSD */
195 
196  return( 0 );
197 }
198 
204 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
205 {
206  if( rng_state != NULL )
207  rng_state = NULL;
208 
209  memset( output, 0, len );
210 
211  return( 0 );
212 }
213 
214 typedef struct
215 {
216  unsigned char *buf;
217  size_t length;
218 } rnd_buf_info;
219 
231 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
232 {
233  rnd_buf_info *info = (rnd_buf_info *) rng_state;
234  size_t use_len;
235 
236  if( rng_state == NULL )
237  return( rnd_std_rand( NULL, output, len ) );
238 
239  use_len = len;
240  if( len > info->length )
241  use_len = info->length;
242 
243  if( use_len )
244  {
245  memcpy( output, info->buf, use_len );
246  info->buf += use_len;
247  info->length -= use_len;
248  }
249 
250  if( len - use_len > 0 )
251  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
252 
253  return( 0 );
254 }
255 
263 typedef struct
264 {
265  uint32_t key[16];
266  uint32_t v0, v1;
268 
277 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
278 {
279  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
280  uint32_t i, *k, sum, delta=0x9E3779B9;
281  unsigned char result[4], *out = output;
282 
283  if( rng_state == NULL )
284  return( rnd_std_rand( NULL, output, len ) );
285 
286  k = info->key;
287 
288  while( len > 0 )
289  {
290  size_t use_len = ( len > 4 ) ? 4 : len;
291  sum = 0;
292 
293  for( i = 0; i < 32; i++ )
294  {
295  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
296  sum += delta;
297  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
298  }
299 
300  PUT_UINT32_BE( info->v0, result, 0 );
301  memcpy( out, result, use_len );
302  len -= use_len;
303  out += 4;
304  }
305 
306  return( 0 );
307 }
308 
309 
310 #include <stdio.h>
311 #include <string.h>
312 
313 #if defined(POLARSSL_PLATFORM_C)
314 #include "polarssl/platform.h"
315 #else
316 #define polarssl_printf printf
317 #define polarssl_malloc malloc
318 #define polarssl_free free
319 #endif
320 
321 static int test_errors = 0;
322 
323 #ifdef POLARSSL_BIGNUM_C
324 #ifdef POLARSSL_FS_IO
325 #ifdef POLARSSL_PK_PARSE_C
326 
327 #define TEST_SUITE_ACTIVE
328 
329 static int test_assert( int correct, const char *test )
330 {
331  if( correct )
332  return( 0 );
333 
334  test_errors++;
335  if( test_errors == 1 )
336  printf( "FAILED\n" );
337  printf( " %s\n", test );
338 
339  return( 1 );
340 }
341 
342 #define TEST_ASSERT( TEST ) \
343  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
344  if( test_errors) goto exit; \
345  } while (0)
346 
347 int verify_string( char **str )
348 {
349  if( (*str)[0] != '"' ||
350  (*str)[strlen( *str ) - 1] != '"' )
351  {
352  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
353  return( -1 );
354  }
355 
356  (*str)++;
357  (*str)[strlen( *str ) - 1] = '\0';
358 
359  return( 0 );
360 }
361 
362 int verify_int( char *str, int *value )
363 {
364  size_t i;
365  int minus = 0;
366  int digits = 1;
367  int hex = 0;
368 
369  for( i = 0; i < strlen( str ); i++ )
370  {
371  if( i == 0 && str[i] == '-' )
372  {
373  minus = 1;
374  continue;
375  }
376 
377  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
378  str[i - 1] == '0' && str[i] == 'x' )
379  {
380  hex = 1;
381  continue;
382  }
383 
384  if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
385  ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
386  ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
387  {
388  digits = 0;
389  break;
390  }
391  }
392 
393  if( digits )
394  {
395  if( hex )
396  *value = strtol( str, NULL, 16 );
397  else
398  *value = strtol( str, NULL, 10 );
399 
400  return( 0 );
401  }
402 
403 #ifdef POLARSSL_PEM_WRITE_C
404 #ifdef POLARSSL_X509_CSR_WRITE_C
405  if( strcmp( str, "POLARSSL_MD_MD5" ) == 0 )
406  {
407  *value = ( POLARSSL_MD_MD5 );
408  return( 0 );
409  }
410 #endif // POLARSSL_PEM_WRITE_C
411 #endif // POLARSSL_X509_CSR_WRITE_C
412 #ifdef POLARSSL_PEM_WRITE_C
413 #ifdef POLARSSL_X509_CSR_WRITE_C
414  if( strcmp( str, "POLARSSL_MD_SHA384" ) == 0 )
415  {
416  *value = ( POLARSSL_MD_SHA384 );
417  return( 0 );
418  }
419 #endif // POLARSSL_PEM_WRITE_C
420 #endif // POLARSSL_X509_CSR_WRITE_C
421 #ifdef POLARSSL_PEM_WRITE_C
422 #ifdef POLARSSL_X509_CSR_WRITE_C
423  if( strcmp( str, "POLARSSL_MD_MD4" ) == 0 )
424  {
425  *value = ( POLARSSL_MD_MD4 );
426  return( 0 );
427  }
428 #endif // POLARSSL_PEM_WRITE_C
429 #endif // POLARSSL_X509_CSR_WRITE_C
430 #ifdef POLARSSL_PEM_WRITE_C
431 #ifdef POLARSSL_X509_CSR_WRITE_C
432  if( strcmp( str, "POLARSSL_MD_SHA512" ) == 0 )
433  {
434  *value = ( POLARSSL_MD_SHA512 );
435  return( 0 );
436  }
437 #endif // POLARSSL_PEM_WRITE_C
438 #endif // POLARSSL_X509_CSR_WRITE_C
439 #ifdef POLARSSL_X509_CREATE_C
440 #ifdef POLARSSL_X509_USE_C
441  if( strcmp( str, "POLARSSL_ERR_X509_UNKNOWN_OID" ) == 0 )
442  {
443  *value = ( POLARSSL_ERR_X509_UNKNOWN_OID );
444  return( 0 );
445  }
446 #endif // POLARSSL_X509_CREATE_C
447 #endif // POLARSSL_X509_USE_C
448 #ifdef POLARSSL_PEM_WRITE_C
449 #ifdef POLARSSL_X509_CRT_WRITE_C
450 #ifdef POLARSSL_SHA1_C
451  if( strcmp( str, "-1" ) == 0 )
452  {
453  *value = ( -1 );
454  return( 0 );
455  }
456 #endif // POLARSSL_PEM_WRITE_C
457 #endif // POLARSSL_X509_CRT_WRITE_C
458 #endif // POLARSSL_SHA1_C
459 #ifdef POLARSSL_PEM_WRITE_C
460 #ifdef POLARSSL_X509_CSR_WRITE_C
461  if( strcmp( str, "KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION" ) == 0 )
462  {
464  return( 0 );
465  }
466 #endif // POLARSSL_PEM_WRITE_C
467 #endif // POLARSSL_X509_CSR_WRITE_C
468 #ifdef POLARSSL_PEM_WRITE_C
469 #ifdef POLARSSL_X509_CRT_WRITE_C
470 #ifdef POLARSSL_SHA1_C
471  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
472  {
473  *value = ( POLARSSL_MD_SHA1 );
474  return( 0 );
475  }
476 #endif // POLARSSL_PEM_WRITE_C
477 #endif // POLARSSL_X509_CRT_WRITE_C
478 #endif // POLARSSL_SHA1_C
479 #ifdef POLARSSL_PEM_WRITE_C
480 #ifdef POLARSSL_X509_CSR_WRITE_C
481  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
482  {
483  *value = ( POLARSSL_MD_SHA1 );
484  return( 0 );
485  }
486 #endif // POLARSSL_PEM_WRITE_C
487 #endif // POLARSSL_X509_CSR_WRITE_C
488 #ifdef POLARSSL_PEM_WRITE_C
489 #ifdef POLARSSL_X509_CRT_WRITE_C
490 #ifdef POLARSSL_SHA1_C
491  if( strcmp( str, "KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT" ) == 0 )
492  {
494  return( 0 );
495  }
496 #endif // POLARSSL_PEM_WRITE_C
497 #endif // POLARSSL_X509_CRT_WRITE_C
498 #endif // POLARSSL_SHA1_C
499 #ifdef POLARSSL_PEM_WRITE_C
500 #ifdef POLARSSL_X509_CSR_WRITE_C
501  if( strcmp( str, "KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT" ) == 0 )
502  {
504  return( 0 );
505  }
506 #endif // POLARSSL_PEM_WRITE_C
507 #endif // POLARSSL_X509_CSR_WRITE_C
508 #ifdef POLARSSL_PEM_WRITE_C
509 #ifdef POLARSSL_X509_CSR_WRITE_C
510  if( strcmp( str, "POLARSSL_MD_SHA256" ) == 0 )
511  {
512  *value = ( POLARSSL_MD_SHA256 );
513  return( 0 );
514  }
515 #endif // POLARSSL_PEM_WRITE_C
516 #endif // POLARSSL_X509_CSR_WRITE_C
517 #ifdef POLARSSL_PEM_WRITE_C
518 #ifdef POLARSSL_X509_CSR_WRITE_C
519  if( strcmp( str, "POLARSSL_MD_SHA224" ) == 0 )
520  {
521  *value = ( POLARSSL_MD_SHA224 );
522  return( 0 );
523  }
524 #endif // POLARSSL_PEM_WRITE_C
525 #endif // POLARSSL_X509_CSR_WRITE_C
526 #ifdef POLARSSL_PEM_WRITE_C
527 #ifdef POLARSSL_X509_CSR_WRITE_C
528  if( strcmp( str, "NS_CERT_TYPE_SSL_SERVER" ) == 0 )
529  {
530  *value = ( NS_CERT_TYPE_SSL_SERVER );
531  return( 0 );
532  }
533 #endif // POLARSSL_PEM_WRITE_C
534 #endif // POLARSSL_X509_CSR_WRITE_C
535 #ifdef POLARSSL_PEM_WRITE_C
536 #ifdef POLARSSL_X509_CRT_WRITE_C
537 #ifdef POLARSSL_SHA1_C
538  if( strcmp( str, "NS_CERT_TYPE_SSL_SERVER" ) == 0 )
539  {
540  *value = ( NS_CERT_TYPE_SSL_SERVER );
541  return( 0 );
542  }
543 #endif // POLARSSL_PEM_WRITE_C
544 #endif // POLARSSL_X509_CRT_WRITE_C
545 #endif // POLARSSL_SHA1_C
546 #ifdef POLARSSL_PEM_WRITE_C
547 #ifdef POLARSSL_X509_CRT_WRITE_C
548 #ifdef POLARSSL_SHA1_C
549  if( strcmp( str, "X509_CRT_VERSION_1" ) == 0 )
550  {
551  *value = ( X509_CRT_VERSION_1 );
552  return( 0 );
553  }
554 #endif // POLARSSL_PEM_WRITE_C
555 #endif // POLARSSL_X509_CRT_WRITE_C
556 #endif // POLARSSL_SHA1_C
557 #ifdef POLARSSL_X509_CREATE_C
558 #ifdef POLARSSL_X509_USE_C
559  if( strcmp( str, "POLARSSL_ERR_X509_INVALID_NAME" ) == 0 )
560  {
561  *value = ( POLARSSL_ERR_X509_INVALID_NAME );
562  return( 0 );
563  }
564 #endif // POLARSSL_X509_CREATE_C
565 #endif // POLARSSL_X509_USE_C
566 
567 
568  printf( "Expected integer for parameter and got: %s\n", str );
569  return( -1 );
570 }
571 
572 #ifdef POLARSSL_PEM_WRITE_C
573 #ifdef POLARSSL_X509_CSR_WRITE_C
574 void test_suite_x509_csr_check( char *key_file, char *cert_req_check_file,
575  int md_type, int key_usage, int cert_type )
576 {
577  pk_context key;
578  x509write_csr req;
579  unsigned char buf[4000];
580  unsigned char check_buf[4000];
581  int ret;
582  size_t olen = 0, pem_len = 0;
583  FILE *f;
584  const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
585  rnd_pseudo_info rnd_info;
586 
587  memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
588 
589  pk_init( &key );
590  TEST_ASSERT( pk_parse_keyfile( &key, key_file, NULL ) == 0 );
591 
592  x509write_csr_init( &req );
593  x509write_csr_set_md_alg( &req, md_type );
594  x509write_csr_set_key( &req, &key );
595  TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );
596  if( key_usage != 0 )
597  TEST_ASSERT( x509write_csr_set_key_usage( &req, key_usage ) == 0 );
598  if( cert_type != 0 )
599  TEST_ASSERT( x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
600 
601  ret = x509write_csr_pem( &req, buf, sizeof(buf),
602  rnd_pseudo_rand, &rnd_info );
603  TEST_ASSERT( ret == 0 );
604 
605  pem_len = strlen( (char *) buf );
606 
607  f = fopen( cert_req_check_file, "r" );
608  TEST_ASSERT( f != NULL );
609  olen = fread( check_buf, 1, sizeof( check_buf ), f );
610  fclose( f );
611 
612  TEST_ASSERT( olen >= pem_len - 1 );
613  TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
614 
615 exit:
616  x509write_csr_free( &req );
617  pk_free( &key );
618 }
619 #endif /* POLARSSL_PEM_WRITE_C */
620 #endif /* POLARSSL_X509_CSR_WRITE_C */
621 
622 #ifdef POLARSSL_PEM_WRITE_C
623 #ifdef POLARSSL_X509_CRT_WRITE_C
624 #ifdef POLARSSL_SHA1_C
625 void test_suite_x509_crt_check( char *subject_key_file, char *subject_pwd,
626  char *subject_name, char *issuer_key_file,
627  char *issuer_pwd, char *issuer_name,
628  char *serial_str, char *not_before, char *not_after,
629  int md_type, int key_usage, int cert_type, int ver,
630  char *cert_check_file )
631 {
632  pk_context subject_key, issuer_key;
633  x509write_cert crt;
634  unsigned char buf[4000];
635  unsigned char check_buf[5000];
636  mpi serial;
637  int ret;
638  size_t olen = 0, pem_len = 0;
639  FILE *f;
640  rnd_pseudo_info rnd_info;
641 
642  memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
643  mpi_init( &serial );
644  pk_init( &subject_key );
645  pk_init( &issuer_key );
646 
647  TEST_ASSERT( pk_parse_keyfile( &subject_key, subject_key_file,
648  subject_pwd ) == 0 );
649  TEST_ASSERT( pk_parse_keyfile( &issuer_key, issuer_key_file,
650  issuer_pwd ) == 0 );
651  TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
652 
653  x509write_crt_init( &crt );
654  if( ver != -1 )
655  x509write_crt_set_version( &crt, ver );
656  TEST_ASSERT( x509write_crt_set_serial( &crt, &serial ) == 0 );
657  TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
658  not_after ) == 0 );
659  x509write_crt_set_md_alg( &crt, md_type );
660  TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
661  TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
662  x509write_crt_set_subject_key( &crt, &subject_key );
663  x509write_crt_set_issuer_key( &crt, &issuer_key );
664 
665  if( crt.version >= X509_CRT_VERSION_3 )
666  {
667  TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
670  if( key_usage != 0 )
671  TEST_ASSERT( x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
672  if( cert_type != 0 )
673  TEST_ASSERT( x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
674  }
675 
676  ret = x509write_crt_pem( &crt, buf, sizeof(buf),
677  rnd_pseudo_rand, &rnd_info );
678  TEST_ASSERT( ret == 0 );
679 
680  pem_len = strlen( (char *) buf );
681 
682  f = fopen( cert_check_file, "r" );
683  TEST_ASSERT( f != NULL );
684  olen = fread( check_buf, 1, sizeof(check_buf), f );
685  TEST_ASSERT( olen < sizeof(check_buf) );
686  fclose( f );
687 
688  TEST_ASSERT( olen >= pem_len - 1 );
689  TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
690 
691 exit:
692  x509write_crt_free( &crt );
693  pk_free( &issuer_key );
694  pk_free( &subject_key );
695  mpi_free( &serial );
696 }
697 #endif /* POLARSSL_PEM_WRITE_C */
698 #endif /* POLARSSL_X509_CRT_WRITE_C */
699 #endif /* POLARSSL_SHA1_C */
700 
701 #ifdef POLARSSL_X509_CREATE_C
702 #ifdef POLARSSL_X509_USE_C
703 void test_suite_x509_string_to_names( char *name, char *parsed_name, int result )
704 {
705  int ret;
706  size_t len = 0;
707  asn1_named_data *names = NULL;
708  x509_name parsed, *parsed_cur, *parsed_prv;
709  unsigned char buf[2048], *c;
710 
711  memset( &parsed, 0, sizeof( parsed ) );
712  memset( buf, 0, sizeof( buf ) );
713  c = buf + sizeof( buf );
714 
715  ret = x509_string_to_names( &names, name );
716  TEST_ASSERT( ret == result );
717 
718  if( ret != 0 )
719  goto exit;
720 
721  ret = x509_write_names( &c, buf, names );
722  TEST_ASSERT( ret > 0 );
723 
724  TEST_ASSERT( asn1_get_tag( &c, buf + sizeof( buf ), &len,
725  ASN1_CONSTRUCTED | ASN1_SEQUENCE ) == 0 );
726  TEST_ASSERT( x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 );
727 
728  ret = x509_dn_gets( (char *) buf, sizeof( buf ), &parsed );
729  TEST_ASSERT( ret > 0 );
730 
731  TEST_ASSERT( strcmp( (char *) buf, parsed_name ) == 0 );
732 
733 exit:
734  asn1_free_named_data_list( &names );
735 
736  parsed_cur = parsed.next;
737  while( parsed_cur != 0 )
738  {
739  parsed_prv = parsed_cur;
740  parsed_cur = parsed_cur->next;
741  polarssl_free( parsed_prv );
742  }
743 }
744 #endif /* POLARSSL_X509_CREATE_C */
745 #endif /* POLARSSL_X509_USE_C */
746 
747 
748 #endif /* POLARSSL_BIGNUM_C */
749 #endif /* POLARSSL_FS_IO */
750 #endif /* POLARSSL_PK_PARSE_C */
751 
752 
753 int dep_check( char *str )
754 {
755  if( str == NULL )
756  return( 1 );
757 
758  if( strcmp( str, "POLARSSL_CIPHER_MODE_CBC" ) == 0 )
759  {
760 #if defined(POLARSSL_CIPHER_MODE_CBC)
761  return( 0 );
762 #else
763  return( 1 );
764 #endif
765  }
766  if( strcmp( str, "POLARSSL_PKCS1_V15" ) == 0 )
767  {
768 #if defined(POLARSSL_PKCS1_V15)
769  return( 0 );
770 #else
771  return( 1 );
772 #endif
773  }
774  if( strcmp( str, "POLARSSL_SHA1_C" ) == 0 )
775  {
776 #if defined(POLARSSL_SHA1_C)
777  return( 0 );
778 #else
779  return( 1 );
780 #endif
781  }
782  if( strcmp( str, "POLARSSL_SHA512_C" ) == 0 )
783  {
784 #if defined(POLARSSL_SHA512_C)
785  return( 0 );
786 #else
787  return( 1 );
788 #endif
789  }
790  if( strcmp( str, "POLARSSL_RSA_C" ) == 0 )
791  {
792 #if defined(POLARSSL_RSA_C)
793  return( 0 );
794 #else
795  return( 1 );
796 #endif
797  }
798  if( strcmp( str, "POLARSSL_MD5_C" ) == 0 )
799  {
800 #if defined(POLARSSL_MD5_C)
801  return( 0 );
802 #else
803  return( 1 );
804 #endif
805  }
806  if( strcmp( str, "POLARSSL_DES_C" ) == 0 )
807  {
808 #if defined(POLARSSL_DES_C)
809  return( 0 );
810 #else
811  return( 1 );
812 #endif
813  }
814  if( strcmp( str, "POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
815  {
816 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
817  return( 0 );
818 #else
819  return( 1 );
820 #endif
821  }
822  if( strcmp( str, "POLARSSL_MD4_C" ) == 0 )
823  {
824 #if defined(POLARSSL_MD4_C)
825  return( 0 );
826 #else
827  return( 1 );
828 #endif
829  }
830  if( strcmp( str, "POLARSSL_ECDSA_DETERMINISTIC" ) == 0 )
831  {
832 #if defined(POLARSSL_ECDSA_DETERMINISTIC)
833  return( 0 );
834 #else
835  return( 1 );
836 #endif
837  }
838  if( strcmp( str, "POLARSSL_SHA256_C" ) == 0 )
839  {
840 #if defined(POLARSSL_SHA256_C)
841  return( 0 );
842 #else
843  return( 1 );
844 #endif
845  }
846  if( strcmp( str, "POLARSSL_ECDSA_C" ) == 0 )
847  {
848 #if defined(POLARSSL_ECDSA_C)
849  return( 0 );
850 #else
851  return( 1 );
852 #endif
853  }
854 
855 
856  return( 1 );
857 }
858 
859 int dispatch_test(int cnt, char *params[50])
860 {
861  int ret;
862  ((void) cnt);
863  ((void) params);
864 
865 #if defined(TEST_SUITE_ACTIVE)
866  if( strcmp( params[0], "x509_csr_check" ) == 0 )
867  {
868  #ifdef POLARSSL_PEM_WRITE_C
869  #ifdef POLARSSL_X509_CSR_WRITE_C
870 
871  char *param1 = params[1];
872  char *param2 = params[2];
873  int param3;
874  int param4;
875  int param5;
876 
877  if( cnt != 6 )
878  {
879  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 6 );
880  return( 2 );
881  }
882 
883  if( verify_string( &param1 ) != 0 ) return( 2 );
884  if( verify_string( &param2 ) != 0 ) return( 2 );
885  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
886  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
887  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
888 
889  test_suite_x509_csr_check( param1, param2, param3, param4, param5 );
890  return ( 0 );
891  #endif /* POLARSSL_PEM_WRITE_C */
892  #endif /* POLARSSL_X509_CSR_WRITE_C */
893 
894  return ( 3 );
895  }
896  else
897  if( strcmp( params[0], "x509_crt_check" ) == 0 )
898  {
899  #ifdef POLARSSL_PEM_WRITE_C
900  #ifdef POLARSSL_X509_CRT_WRITE_C
901  #ifdef POLARSSL_SHA1_C
902 
903  char *param1 = params[1];
904  char *param2 = params[2];
905  char *param3 = params[3];
906  char *param4 = params[4];
907  char *param5 = params[5];
908  char *param6 = params[6];
909  char *param7 = params[7];
910  char *param8 = params[8];
911  char *param9 = params[9];
912  int param10;
913  int param11;
914  int param12;
915  int param13;
916  char *param14 = params[14];
917 
918  if( cnt != 15 )
919  {
920  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 15 );
921  return( 2 );
922  }
923 
924  if( verify_string( &param1 ) != 0 ) return( 2 );
925  if( verify_string( &param2 ) != 0 ) return( 2 );
926  if( verify_string( &param3 ) != 0 ) return( 2 );
927  if( verify_string( &param4 ) != 0 ) return( 2 );
928  if( verify_string( &param5 ) != 0 ) return( 2 );
929  if( verify_string( &param6 ) != 0 ) return( 2 );
930  if( verify_string( &param7 ) != 0 ) return( 2 );
931  if( verify_string( &param8 ) != 0 ) return( 2 );
932  if( verify_string( &param9 ) != 0 ) return( 2 );
933  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
934  if( verify_int( params[11], &param11 ) != 0 ) return( 2 );
935  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
936  if( verify_int( params[13], &param13 ) != 0 ) return( 2 );
937  if( verify_string( &param14 ) != 0 ) return( 2 );
938 
939  test_suite_x509_crt_check( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
940  return ( 0 );
941  #endif /* POLARSSL_PEM_WRITE_C */
942  #endif /* POLARSSL_X509_CRT_WRITE_C */
943  #endif /* POLARSSL_SHA1_C */
944 
945  return ( 3 );
946  }
947  else
948  if( strcmp( params[0], "x509_string_to_names" ) == 0 )
949  {
950  #ifdef POLARSSL_X509_CREATE_C
951  #ifdef POLARSSL_X509_USE_C
952 
953  char *param1 = params[1];
954  char *param2 = params[2];
955  int param3;
956 
957  if( cnt != 4 )
958  {
959  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 4 );
960  return( 2 );
961  }
962 
963  if( verify_string( &param1 ) != 0 ) return( 2 );
964  if( verify_string( &param2 ) != 0 ) return( 2 );
965  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
966 
967  test_suite_x509_string_to_names( param1, param2, param3 );
968  return ( 0 );
969  #endif /* POLARSSL_X509_CREATE_C */
970  #endif /* POLARSSL_X509_USE_C */
971 
972  return ( 3 );
973  }
974  else
975 
976  {
977  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
978  fflush( stdout );
979  return( 1 );
980  }
981 #else
982  return( 3 );
983 #endif
984  return( ret );
985 }
986 
987 int get_line( FILE *f, char *buf, size_t len )
988 {
989  char *ret;
990 
991  ret = fgets( buf, len, f );
992  if( ret == NULL )
993  return( -1 );
994 
995  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
996  buf[strlen(buf) - 1] = '\0';
997  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
998  buf[strlen(buf) - 1] = '\0';
999 
1000  return( 0 );
1001 }
1002 
1003 int parse_arguments( char *buf, size_t len, char *params[50] )
1004 {
1005  int cnt = 0, i;
1006  char *cur = buf;
1007  char *p = buf, *q;
1008 
1009  params[cnt++] = cur;
1010 
1011  while( *p != '\0' && p < buf + len )
1012  {
1013  if( *p == '\\' )
1014  {
1015  p++;
1016  p++;
1017  continue;
1018  }
1019  if( *p == ':' )
1020  {
1021  if( p + 1 < buf + len )
1022  {
1023  cur = p + 1;
1024  params[cnt++] = cur;
1025  }
1026  *p = '\0';
1027  }
1028 
1029  p++;
1030  }
1031 
1032  // Replace newlines, question marks and colons in strings
1033  for( i = 0; i < cnt; i++ )
1034  {
1035  p = params[i];
1036  q = params[i];
1037 
1038  while( *p != '\0' )
1039  {
1040  if( *p == '\\' && *(p + 1) == 'n' )
1041  {
1042  p += 2;
1043  *(q++) = '\n';
1044  }
1045  else if( *p == '\\' && *(p + 1) == ':' )
1046  {
1047  p += 2;
1048  *(q++) = ':';
1049  }
1050  else if( *p == '\\' && *(p + 1) == '?' )
1051  {
1052  p += 2;
1053  *(q++) = '?';
1054  }
1055  else
1056  *(q++) = *(p++);
1057  }
1058  *q = '\0';
1059  }
1060 
1061  return( cnt );
1062 }
1063 
1064 int main()
1065 {
1066  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
1067  const char *filename = "/tmp/B.alu7eg1d/BUILD/polarssl-1.3.9/tests/suites/test_suite_x509write.data";
1068  FILE *file;
1069  char buf[5000];
1070  char *params[50];
1071 
1072 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1073  unsigned char alloc_buf[1000000];
1074  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
1075 #endif
1076 
1077  file = fopen( filename, "r" );
1078  if( file == NULL )
1079  {
1080  fprintf( stderr, "Failed to open\n" );
1081  return( 1 );
1082  }
1083 
1084  while( !feof( file ) )
1085  {
1086  int skip = 0;
1087 
1088  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1089  break;
1090  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
1091  fprintf( stdout, " " );
1092  for( i = strlen( buf ) + 1; i < 67; i++ )
1093  fprintf( stdout, "." );
1094  fprintf( stdout, " " );
1095  fflush( stdout );
1096 
1097  total_tests++;
1098 
1099  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1100  break;
1101  cnt = parse_arguments( buf, strlen(buf), params );
1102 
1103  if( strcmp( params[0], "depends_on" ) == 0 )
1104  {
1105  for( i = 1; i < cnt; i++ )
1106  if( dep_check( params[i] ) != 0 )
1107  skip = 1;
1108 
1109  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1110  break;
1111  cnt = parse_arguments( buf, strlen(buf), params );
1112  }
1113 
1114  if( skip == 0 )
1115  {
1116  test_errors = 0;
1117  ret = dispatch_test( cnt, params );
1118  }
1119 
1120  if( skip == 1 || ret == 3 )
1121  {
1122  total_skipped++;
1123  fprintf( stdout, "----\n" );
1124  fflush( stdout );
1125  }
1126  else if( ret == 0 && test_errors == 0 )
1127  {
1128  fprintf( stdout, "PASS\n" );
1129  fflush( stdout );
1130  }
1131  else if( ret == 2 )
1132  {
1133  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
1134  fclose(file);
1135  exit( 2 );
1136  }
1137  else
1138  total_errors++;
1139 
1140  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1141  break;
1142  if( strlen(buf) != 0 )
1143  {
1144  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
1145  return( 1 );
1146  }
1147  }
1148  fclose(file);
1149 
1150  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
1151  if( total_errors == 0 )
1152  fprintf( stdout, "PASSED" );
1153  else
1154  fprintf( stdout, "FAILED" );
1155 
1156  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
1157  total_tests - total_errors, total_tests, total_skipped );
1158 
1159 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1160 #if defined(POLARSSL_MEMORY_DEBUG)
1161  memory_buffer_alloc_status();
1162 #endif
1164 #endif
1165 
1166  return( total_errors != 0 );
1167 }
1168 
1169 
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509write_csr_free(x509write_csr *ctx)
Free the contents of a CSR context.
void x509write_crt_set_version(x509write_cert *ctx, int version)
Set the verion for a Certificate Default: X509_CRT_VERSION_3.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
int x509_string_to_names(asn1_named_data **head, const char *name)
int x509write_crt_set_validity(x509write_cert *ctx, const char *not_before, const char *not_after)
Set the validity period for a Certificate Timestamps should be in string format for UTC timezone i...
#define KU_NON_REPUDIATION
Definition: x509.h:94
Memory allocation layer (Deprecated to platform layer)
int x509_get_name(unsigned char **p, const unsigned char *end, x509_name *cur)
Info structure for the pseudo random function.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
void x509write_csr_set_md_alg(x509write_csr *ctx, md_type_t md_alg)
Set the MD algorithm to use for the signature (e.g.
int x509write_csr_set_ns_cert_type(x509write_csr *ctx, unsigned char ns_cert_type)
Set the Netscape Cert Type flags (e.g.
#define ASN1_SEQUENCE
Definition: asn1.h:82
Configuration options (set of defines)
#define PUT_UINT32_BE(n, b, i)
int x509write_csr_pem(x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Write a CSR (Certificate Signing Request) to a PEM string.
#define ASN1_CONSTRUCTED
Definition: asn1.h:92
void x509write_crt_set_md_alg(x509write_cert *ctx, md_type_t md_alg)
Set the MD algorithm to use for the signature (e.g.
MPI structure.
Definition: bignum.h:182
PolarSSL Platform abstraction layer.
static int test_assert(int correct, const char *test)
int x509write_csr_set_key_usage(x509write_csr *ctx, unsigned char key_usage)
Set the Key Usage Extension flags (e.g.
void mpi_init(mpi *X)
Initialize one MPI.
static int test_errors
Object Identifier (OID) database.
#define polarssl_free
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
int x509_write_names(unsigned char **p, unsigned char *start, asn1_named_data *first)
int x509write_crt_set_key_usage(x509write_cert *ctx, unsigned char key_usage)
Set the Key Usage Extension flags (e.g.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
void x509write_crt_free(x509write_cert *ctx)
Free the contents of a CRT write context.
Privacy Enhanced Mail (PEM) decoding.
#define X509_CRT_VERSION_3
Definition: x509_crt.h:104
int x509_dn_gets(char *buf, size_t size, const x509_name *dn)
Store the certificate DN in printable form into buf; no more than size characters will be written...
int x509write_crt_set_subject_key_identifier(x509write_cert *ctx)
Set the subjectKeyIdentifier extension for a CRT Requires that x509write_crt_set_subject_key() has be...
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
#define POLARSSL_ERR_X509_UNKNOWN_OID
Requested OID is unknown.
Definition: x509.h:53
int x509write_crt_set_issuer_name(x509write_cert *ctx, const char *issuer_name)
Set the issuer name for a Certificate Issuer names should contain a comma-separated list of OID types...
X.509 certificate signing request parsing and writing.
void mpi_free(mpi *X)
Unallocate one MPI.
void x509write_csr_init(x509write_csr *ctx)
Initialize a CSR context.
int main()
#define polarssl_malloc
#define TEST_ASSERT(TEST)
X.509 certificate parsing and writing.
void x509write_crt_set_issuer_key(x509write_cert *ctx, pk_context *key)
Set the issuer key used for signing the certificate.
int x509write_crt_set_serial(x509write_cert *ctx, const mpi *serial)
Set the serial number for a Certificate.
int get_line(FILE *f, char *buf, size_t len)
void x509write_csr_set_key(x509write_csr *ctx, pk_context *key)
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)...
int x509write_crt_set_authority_key_identifier(x509write_cert *ctx)
Set the authorityKeyIdentifier extension for a CRT Requires that x509write_crt_set_issuer_key() has b...
int x509write_crt_set_ns_cert_type(x509write_cert *ctx, unsigned char ns_cert_type)
Set the Netscape Cert Type flags (e.g.
Container for writing a certificate (CRT)
Definition: x509_crt.h:112
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
Container for a sequence or list of 'named' ASN.1 data items.
Definition: asn1.h:156
#define X509_CRT_VERSION_1
Definition: x509_crt.h:102
int x509write_crt_set_subject_name(x509write_cert *ctx, const char *subject_name)
Set the subject name for a Certificate Subject names should contain a comma-separated list of OID typ...
int verify_string(char **str)
void asn1_free_named_data_list(asn1_named_data **head)
Free all entries in a asn1_named_data list Head will be set to NULL.
#define POLARSSL_ERR_X509_INVALID_NAME
The name tag or value is invalid.
Definition: x509.h:58
void pk_free(pk_context *ctx)
Free a pk_context.
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
int parse_arguments(char *buf, size_t len, char *params[50])
int x509write_crt_set_basic_constraints(x509write_cert *ctx, int is_ca, int max_pathlen)
Set the basicConstraints extension for a CRT.
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)
int asn1_get_tag(unsigned char **p, const unsigned char *end, size_t *len, int tag)
Get the tag and length of the tag.
#define KU_DIGITAL_SIGNATURE
Definition: x509.h:93
#define NS_CERT_TYPE_SSL_SERVER
Definition: x509.h:107
unsigned char * buf
struct _asn1_named_data * next
The next entry in the sequence.
Definition: asn1.h:160
int x509write_csr_set_subject_name(x509write_csr *ctx, const char *subject_name)
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and v...
int dispatch_test(int cnt, char *params[50])
void x509write_crt_init(x509write_cert *ctx)
Initialize a CRT writing context.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
int verify_int(char *str, int *value)
static int unhexify(unsigned char *obuf, const char *ibuf)
void x509write_crt_set_subject_key(x509write_cert *ctx, pk_context *key)
Set the subject public key for the certificate.
int pk_parse_keyfile(pk_context *ctx, const char *path, const char *password)
Load and parse a private key.
int dep_check(char *str)
int x509write_crt_pem(x509write_cert *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Write a built up certificate to a X509 PEM string.
#define KU_KEY_ENCIPHERMENT
Definition: x509.h:95
Public key container.
Definition: pk.h:194
Container for writing a CSR.
Definition: x509_csr.h:77
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.