mbed TLS Build
Dependents: Encrypt_Decrypt1 mbed_blink_tls encrypt encrypt
tests/suites/test_suite_x509parse.function@0:cdf462088d13, 2017-01-05 (annotated)
- Committer:
- markrad
- Date:
- Thu Jan 05 00:18:44 2017 +0000
- Revision:
- 0:cdf462088d13
Initial commit
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
markrad | 0:cdf462088d13 | 1 | /* BEGIN_HEADER */ |
markrad | 0:cdf462088d13 | 2 | #include "mbedtls/x509.h" |
markrad | 0:cdf462088d13 | 3 | #include "mbedtls/x509_crt.h" |
markrad | 0:cdf462088d13 | 4 | #include "mbedtls/x509_crl.h" |
markrad | 0:cdf462088d13 | 5 | #include "mbedtls/x509_csr.h" |
markrad | 0:cdf462088d13 | 6 | #include "mbedtls/pem.h" |
markrad | 0:cdf462088d13 | 7 | #include "mbedtls/oid.h" |
markrad | 0:cdf462088d13 | 8 | #include "mbedtls/base64.h" |
markrad | 0:cdf462088d13 | 9 | |
markrad | 0:cdf462088d13 | 10 | const mbedtls_x509_crt_profile compat_profile = |
markrad | 0:cdf462088d13 | 11 | { |
markrad | 0:cdf462088d13 | 12 | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA1 ) | |
markrad | 0:cdf462088d13 | 13 | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_RIPEMD160 ) | |
markrad | 0:cdf462088d13 | 14 | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA224 ) | |
markrad | 0:cdf462088d13 | 15 | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA256 ) | |
markrad | 0:cdf462088d13 | 16 | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA384 ) | |
markrad | 0:cdf462088d13 | 17 | MBEDTLS_X509_ID_FLAG( MBEDTLS_MD_SHA512 ), |
markrad | 0:cdf462088d13 | 18 | 0xFFFFFFF, /* Any PK alg */ |
markrad | 0:cdf462088d13 | 19 | 0xFFFFFFF, /* Any curve */ |
markrad | 0:cdf462088d13 | 20 | 1024, |
markrad | 0:cdf462088d13 | 21 | }; |
markrad | 0:cdf462088d13 | 22 | |
markrad | 0:cdf462088d13 | 23 | int verify_none( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) |
markrad | 0:cdf462088d13 | 24 | { |
markrad | 0:cdf462088d13 | 25 | ((void) data); |
markrad | 0:cdf462088d13 | 26 | ((void) crt); |
markrad | 0:cdf462088d13 | 27 | ((void) certificate_depth); |
markrad | 0:cdf462088d13 | 28 | *flags |= MBEDTLS_X509_BADCERT_OTHER; |
markrad | 0:cdf462088d13 | 29 | |
markrad | 0:cdf462088d13 | 30 | return 0; |
markrad | 0:cdf462088d13 | 31 | } |
markrad | 0:cdf462088d13 | 32 | |
markrad | 0:cdf462088d13 | 33 | int verify_all( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) |
markrad | 0:cdf462088d13 | 34 | { |
markrad | 0:cdf462088d13 | 35 | ((void) data); |
markrad | 0:cdf462088d13 | 36 | ((void) crt); |
markrad | 0:cdf462088d13 | 37 | ((void) certificate_depth); |
markrad | 0:cdf462088d13 | 38 | *flags = 0; |
markrad | 0:cdf462088d13 | 39 | |
markrad | 0:cdf462088d13 | 40 | return 0; |
markrad | 0:cdf462088d13 | 41 | } |
markrad | 0:cdf462088d13 | 42 | |
markrad | 0:cdf462088d13 | 43 | /* strsep() not available on Windows */ |
markrad | 0:cdf462088d13 | 44 | char *mystrsep(char **stringp, const char *delim) |
markrad | 0:cdf462088d13 | 45 | { |
markrad | 0:cdf462088d13 | 46 | const char *p; |
markrad | 0:cdf462088d13 | 47 | char *ret = *stringp; |
markrad | 0:cdf462088d13 | 48 | |
markrad | 0:cdf462088d13 | 49 | if( *stringp == NULL ) |
markrad | 0:cdf462088d13 | 50 | return( NULL ); |
markrad | 0:cdf462088d13 | 51 | |
markrad | 0:cdf462088d13 | 52 | for( ; ; (*stringp)++ ) |
markrad | 0:cdf462088d13 | 53 | { |
markrad | 0:cdf462088d13 | 54 | if( **stringp == '\0' ) |
markrad | 0:cdf462088d13 | 55 | { |
markrad | 0:cdf462088d13 | 56 | *stringp = NULL; |
markrad | 0:cdf462088d13 | 57 | goto done; |
markrad | 0:cdf462088d13 | 58 | } |
markrad | 0:cdf462088d13 | 59 | |
markrad | 0:cdf462088d13 | 60 | for( p = delim; *p != '\0'; p++ ) |
markrad | 0:cdf462088d13 | 61 | if( **stringp == *p ) |
markrad | 0:cdf462088d13 | 62 | { |
markrad | 0:cdf462088d13 | 63 | **stringp = '\0'; |
markrad | 0:cdf462088d13 | 64 | (*stringp)++; |
markrad | 0:cdf462088d13 | 65 | goto done; |
markrad | 0:cdf462088d13 | 66 | } |
markrad | 0:cdf462088d13 | 67 | } |
markrad | 0:cdf462088d13 | 68 | |
markrad | 0:cdf462088d13 | 69 | done: |
markrad | 0:cdf462088d13 | 70 | return( ret ); |
markrad | 0:cdf462088d13 | 71 | } |
markrad | 0:cdf462088d13 | 72 | |
markrad | 0:cdf462088d13 | 73 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
markrad | 0:cdf462088d13 | 74 | typedef struct { |
markrad | 0:cdf462088d13 | 75 | char buf[512]; |
markrad | 0:cdf462088d13 | 76 | char *p; |
markrad | 0:cdf462088d13 | 77 | } verify_print_context; |
markrad | 0:cdf462088d13 | 78 | |
markrad | 0:cdf462088d13 | 79 | void verify_print_init( verify_print_context *ctx ) |
markrad | 0:cdf462088d13 | 80 | { |
markrad | 0:cdf462088d13 | 81 | memset( ctx, 0, sizeof( verify_print_context ) ); |
markrad | 0:cdf462088d13 | 82 | ctx->p = ctx->buf; |
markrad | 0:cdf462088d13 | 83 | } |
markrad | 0:cdf462088d13 | 84 | |
markrad | 0:cdf462088d13 | 85 | int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags ) |
markrad | 0:cdf462088d13 | 86 | { |
markrad | 0:cdf462088d13 | 87 | int ret; |
markrad | 0:cdf462088d13 | 88 | verify_print_context *ctx = (verify_print_context *) data; |
markrad | 0:cdf462088d13 | 89 | char *p = ctx->p; |
markrad | 0:cdf462088d13 | 90 | size_t n = ctx->buf + sizeof( ctx->buf ) - ctx->p; |
markrad | 0:cdf462088d13 | 91 | ((void) flags); |
markrad | 0:cdf462088d13 | 92 | |
markrad | 0:cdf462088d13 | 93 | ret = mbedtls_snprintf( p, n, "depth %d - serial ", certificate_depth ); |
markrad | 0:cdf462088d13 | 94 | MBEDTLS_X509_SAFE_SNPRINTF; |
markrad | 0:cdf462088d13 | 95 | |
markrad | 0:cdf462088d13 | 96 | ret = mbedtls_x509_serial_gets( p, n, &crt->serial ); |
markrad | 0:cdf462088d13 | 97 | MBEDTLS_X509_SAFE_SNPRINTF; |
markrad | 0:cdf462088d13 | 98 | |
markrad | 0:cdf462088d13 | 99 | ret = mbedtls_snprintf( p, n, " - subject " ); |
markrad | 0:cdf462088d13 | 100 | MBEDTLS_X509_SAFE_SNPRINTF; |
markrad | 0:cdf462088d13 | 101 | |
markrad | 0:cdf462088d13 | 102 | ret = mbedtls_x509_dn_gets( p, n, &crt->subject ); |
markrad | 0:cdf462088d13 | 103 | MBEDTLS_X509_SAFE_SNPRINTF; |
markrad | 0:cdf462088d13 | 104 | |
markrad | 0:cdf462088d13 | 105 | ret = mbedtls_snprintf( p, n, "\n" ); |
markrad | 0:cdf462088d13 | 106 | MBEDTLS_X509_SAFE_SNPRINTF; |
markrad | 0:cdf462088d13 | 107 | |
markrad | 0:cdf462088d13 | 108 | ctx->p = p; |
markrad | 0:cdf462088d13 | 109 | |
markrad | 0:cdf462088d13 | 110 | return( 0 ); |
markrad | 0:cdf462088d13 | 111 | } |
markrad | 0:cdf462088d13 | 112 | #endif /* MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 113 | /* END_HEADER */ |
markrad | 0:cdf462088d13 | 114 | |
markrad | 0:cdf462088d13 | 115 | /* BEGIN_DEPENDENCIES |
markrad | 0:cdf462088d13 | 116 | * depends_on:MBEDTLS_BIGNUM_C |
markrad | 0:cdf462088d13 | 117 | * END_DEPENDENCIES |
markrad | 0:cdf462088d13 | 118 | */ |
markrad | 0:cdf462088d13 | 119 | |
markrad | 0:cdf462088d13 | 120 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 121 | void x509_cert_info( char *crt_file, char *result_str ) |
markrad | 0:cdf462088d13 | 122 | { |
markrad | 0:cdf462088d13 | 123 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 124 | char buf[2000]; |
markrad | 0:cdf462088d13 | 125 | int res; |
markrad | 0:cdf462088d13 | 126 | |
markrad | 0:cdf462088d13 | 127 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 128 | memset( buf, 0, 2000 ); |
markrad | 0:cdf462088d13 | 129 | |
markrad | 0:cdf462088d13 | 130 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 131 | res = mbedtls_x509_crt_info( buf, 2000, "", &crt ); |
markrad | 0:cdf462088d13 | 132 | |
markrad | 0:cdf462088d13 | 133 | TEST_ASSERT( res != -1 ); |
markrad | 0:cdf462088d13 | 134 | TEST_ASSERT( res != -2 ); |
markrad | 0:cdf462088d13 | 135 | |
markrad | 0:cdf462088d13 | 136 | TEST_ASSERT( strcmp( buf, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 137 | |
markrad | 0:cdf462088d13 | 138 | exit: |
markrad | 0:cdf462088d13 | 139 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 140 | } |
markrad | 0:cdf462088d13 | 141 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 142 | |
markrad | 0:cdf462088d13 | 143 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ |
markrad | 0:cdf462088d13 | 144 | void mbedtls_x509_crl_info( char *crl_file, char *result_str ) |
markrad | 0:cdf462088d13 | 145 | { |
markrad | 0:cdf462088d13 | 146 | mbedtls_x509_crl crl; |
markrad | 0:cdf462088d13 | 147 | char buf[2000]; |
markrad | 0:cdf462088d13 | 148 | int res; |
markrad | 0:cdf462088d13 | 149 | |
markrad | 0:cdf462088d13 | 150 | mbedtls_x509_crl_init( &crl ); |
markrad | 0:cdf462088d13 | 151 | memset( buf, 0, 2000 ); |
markrad | 0:cdf462088d13 | 152 | |
markrad | 0:cdf462088d13 | 153 | TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); |
markrad | 0:cdf462088d13 | 154 | res = mbedtls_x509_crl_info( buf, 2000, "", &crl ); |
markrad | 0:cdf462088d13 | 155 | |
markrad | 0:cdf462088d13 | 156 | TEST_ASSERT( res != -1 ); |
markrad | 0:cdf462088d13 | 157 | TEST_ASSERT( res != -2 ); |
markrad | 0:cdf462088d13 | 158 | |
markrad | 0:cdf462088d13 | 159 | TEST_ASSERT( strcmp( buf, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 160 | |
markrad | 0:cdf462088d13 | 161 | exit: |
markrad | 0:cdf462088d13 | 162 | mbedtls_x509_crl_free( &crl ); |
markrad | 0:cdf462088d13 | 163 | } |
markrad | 0:cdf462088d13 | 164 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 165 | |
markrad | 0:cdf462088d13 | 166 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C */ |
markrad | 0:cdf462088d13 | 167 | void mbedtls_x509_csr_info( char *csr_file, char *result_str ) |
markrad | 0:cdf462088d13 | 168 | { |
markrad | 0:cdf462088d13 | 169 | mbedtls_x509_csr csr; |
markrad | 0:cdf462088d13 | 170 | char buf[2000]; |
markrad | 0:cdf462088d13 | 171 | int res; |
markrad | 0:cdf462088d13 | 172 | |
markrad | 0:cdf462088d13 | 173 | mbedtls_x509_csr_init( &csr ); |
markrad | 0:cdf462088d13 | 174 | memset( buf, 0, 2000 ); |
markrad | 0:cdf462088d13 | 175 | |
markrad | 0:cdf462088d13 | 176 | TEST_ASSERT( mbedtls_x509_csr_parse_file( &csr, csr_file ) == 0 ); |
markrad | 0:cdf462088d13 | 177 | res = mbedtls_x509_csr_info( buf, 2000, "", &csr ); |
markrad | 0:cdf462088d13 | 178 | |
markrad | 0:cdf462088d13 | 179 | TEST_ASSERT( res != -1 ); |
markrad | 0:cdf462088d13 | 180 | TEST_ASSERT( res != -2 ); |
markrad | 0:cdf462088d13 | 181 | |
markrad | 0:cdf462088d13 | 182 | TEST_ASSERT( strcmp( buf, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 183 | |
markrad | 0:cdf462088d13 | 184 | exit: |
markrad | 0:cdf462088d13 | 185 | mbedtls_x509_csr_free( &csr ); |
markrad | 0:cdf462088d13 | 186 | } |
markrad | 0:cdf462088d13 | 187 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 188 | |
markrad | 0:cdf462088d13 | 189 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 190 | void x509_verify_info( int flags, char *prefix, char *result_str ) |
markrad | 0:cdf462088d13 | 191 | { |
markrad | 0:cdf462088d13 | 192 | char buf[2000]; |
markrad | 0:cdf462088d13 | 193 | int res; |
markrad | 0:cdf462088d13 | 194 | |
markrad | 0:cdf462088d13 | 195 | memset( buf, 0, sizeof( buf ) ); |
markrad | 0:cdf462088d13 | 196 | |
markrad | 0:cdf462088d13 | 197 | res = mbedtls_x509_crt_verify_info( buf, sizeof( buf ), prefix, flags ); |
markrad | 0:cdf462088d13 | 198 | |
markrad | 0:cdf462088d13 | 199 | TEST_ASSERT( res >= 0 ); |
markrad | 0:cdf462088d13 | 200 | |
markrad | 0:cdf462088d13 | 201 | TEST_ASSERT( strcmp( buf, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 202 | } |
markrad | 0:cdf462088d13 | 203 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 204 | |
markrad | 0:cdf462088d13 | 205 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */ |
markrad | 0:cdf462088d13 | 206 | void x509_verify( char *crt_file, char *ca_file, char *crl_file, |
markrad | 0:cdf462088d13 | 207 | char *cn_name_str, int result, int flags_result, |
markrad | 0:cdf462088d13 | 208 | char *verify_callback ) |
markrad | 0:cdf462088d13 | 209 | { |
markrad | 0:cdf462088d13 | 210 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 211 | mbedtls_x509_crt ca; |
markrad | 0:cdf462088d13 | 212 | mbedtls_x509_crl crl; |
markrad | 0:cdf462088d13 | 213 | uint32_t flags = 0; |
markrad | 0:cdf462088d13 | 214 | int res; |
markrad | 0:cdf462088d13 | 215 | int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL; |
markrad | 0:cdf462088d13 | 216 | char * cn_name = NULL; |
markrad | 0:cdf462088d13 | 217 | |
markrad | 0:cdf462088d13 | 218 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 219 | mbedtls_x509_crt_init( &ca ); |
markrad | 0:cdf462088d13 | 220 | mbedtls_x509_crl_init( &crl ); |
markrad | 0:cdf462088d13 | 221 | |
markrad | 0:cdf462088d13 | 222 | if( strcmp( cn_name_str, "NULL" ) != 0 ) |
markrad | 0:cdf462088d13 | 223 | cn_name = cn_name_str; |
markrad | 0:cdf462088d13 | 224 | |
markrad | 0:cdf462088d13 | 225 | if( strcmp( verify_callback, "NULL" ) == 0 ) |
markrad | 0:cdf462088d13 | 226 | f_vrfy = NULL; |
markrad | 0:cdf462088d13 | 227 | else if( strcmp( verify_callback, "verify_none" ) == 0 ) |
markrad | 0:cdf462088d13 | 228 | f_vrfy = verify_none; |
markrad | 0:cdf462088d13 | 229 | else if( strcmp( verify_callback, "verify_all" ) == 0 ) |
markrad | 0:cdf462088d13 | 230 | f_vrfy = verify_all; |
markrad | 0:cdf462088d13 | 231 | else |
markrad | 0:cdf462088d13 | 232 | TEST_ASSERT( "No known verify callback selected" == 0 ); |
markrad | 0:cdf462088d13 | 233 | |
markrad | 0:cdf462088d13 | 234 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 235 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); |
markrad | 0:cdf462088d13 | 236 | TEST_ASSERT( mbedtls_x509_crl_parse_file( &crl, crl_file ) == 0 ); |
markrad | 0:cdf462088d13 | 237 | |
markrad | 0:cdf462088d13 | 238 | res = mbedtls_x509_crt_verify_with_profile( &crt, &ca, &crl, &compat_profile, cn_name, &flags, f_vrfy, NULL ); |
markrad | 0:cdf462088d13 | 239 | |
markrad | 0:cdf462088d13 | 240 | TEST_ASSERT( res == ( result ) ); |
markrad | 0:cdf462088d13 | 241 | TEST_ASSERT( flags == (uint32_t)( flags_result ) ); |
markrad | 0:cdf462088d13 | 242 | |
markrad | 0:cdf462088d13 | 243 | exit: |
markrad | 0:cdf462088d13 | 244 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 245 | mbedtls_x509_crt_free( &ca ); |
markrad | 0:cdf462088d13 | 246 | mbedtls_x509_crl_free( &crl ); |
markrad | 0:cdf462088d13 | 247 | } |
markrad | 0:cdf462088d13 | 248 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 249 | |
markrad | 0:cdf462088d13 | 250 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 251 | void x509_verify_callback( char *crt_file, char *ca_file, |
markrad | 0:cdf462088d13 | 252 | int exp_ret, char *exp_vrfy_out ) |
markrad | 0:cdf462088d13 | 253 | { |
markrad | 0:cdf462088d13 | 254 | int ret; |
markrad | 0:cdf462088d13 | 255 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 256 | mbedtls_x509_crt ca; |
markrad | 0:cdf462088d13 | 257 | uint32_t flags = 0; |
markrad | 0:cdf462088d13 | 258 | verify_print_context vrfy_ctx; |
markrad | 0:cdf462088d13 | 259 | |
markrad | 0:cdf462088d13 | 260 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 261 | mbedtls_x509_crt_init( &ca ); |
markrad | 0:cdf462088d13 | 262 | verify_print_init( &vrfy_ctx ); |
markrad | 0:cdf462088d13 | 263 | |
markrad | 0:cdf462088d13 | 264 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 265 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &ca, ca_file ) == 0 ); |
markrad | 0:cdf462088d13 | 266 | |
markrad | 0:cdf462088d13 | 267 | ret = mbedtls_x509_crt_verify( &crt, &ca, NULL, NULL, &flags, |
markrad | 0:cdf462088d13 | 268 | verify_print, &vrfy_ctx ); |
markrad | 0:cdf462088d13 | 269 | |
markrad | 0:cdf462088d13 | 270 | TEST_ASSERT( ret == exp_ret ); |
markrad | 0:cdf462088d13 | 271 | TEST_ASSERT( strcmp( vrfy_ctx.buf, exp_vrfy_out ) == 0 ); |
markrad | 0:cdf462088d13 | 272 | |
markrad | 0:cdf462088d13 | 273 | exit: |
markrad | 0:cdf462088d13 | 274 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 275 | mbedtls_x509_crt_free( &ca ); |
markrad | 0:cdf462088d13 | 276 | } |
markrad | 0:cdf462088d13 | 277 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 278 | |
markrad | 0:cdf462088d13 | 279 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 280 | void mbedtls_x509_dn_gets( char *crt_file, char *entity, char *result_str ) |
markrad | 0:cdf462088d13 | 281 | { |
markrad | 0:cdf462088d13 | 282 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 283 | char buf[2000]; |
markrad | 0:cdf462088d13 | 284 | int res = 0; |
markrad | 0:cdf462088d13 | 285 | |
markrad | 0:cdf462088d13 | 286 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 287 | memset( buf, 0, 2000 ); |
markrad | 0:cdf462088d13 | 288 | |
markrad | 0:cdf462088d13 | 289 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 290 | if( strcmp( entity, "subject" ) == 0 ) |
markrad | 0:cdf462088d13 | 291 | res = mbedtls_x509_dn_gets( buf, 2000, &crt.subject ); |
markrad | 0:cdf462088d13 | 292 | else if( strcmp( entity, "issuer" ) == 0 ) |
markrad | 0:cdf462088d13 | 293 | res = mbedtls_x509_dn_gets( buf, 2000, &crt.issuer ); |
markrad | 0:cdf462088d13 | 294 | else |
markrad | 0:cdf462088d13 | 295 | TEST_ASSERT( "Unknown entity" == 0 ); |
markrad | 0:cdf462088d13 | 296 | |
markrad | 0:cdf462088d13 | 297 | TEST_ASSERT( res != -1 ); |
markrad | 0:cdf462088d13 | 298 | TEST_ASSERT( res != -2 ); |
markrad | 0:cdf462088d13 | 299 | |
markrad | 0:cdf462088d13 | 300 | TEST_ASSERT( strcmp( buf, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 301 | |
markrad | 0:cdf462088d13 | 302 | exit: |
markrad | 0:cdf462088d13 | 303 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 304 | } |
markrad | 0:cdf462088d13 | 305 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 306 | |
markrad | 0:cdf462088d13 | 307 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 308 | void mbedtls_x509_time_is_past( char *crt_file, char *entity, int result ) |
markrad | 0:cdf462088d13 | 309 | { |
markrad | 0:cdf462088d13 | 310 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 311 | |
markrad | 0:cdf462088d13 | 312 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 313 | |
markrad | 0:cdf462088d13 | 314 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 315 | |
markrad | 0:cdf462088d13 | 316 | if( strcmp( entity, "valid_from" ) == 0 ) |
markrad | 0:cdf462088d13 | 317 | TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_from ) == result ); |
markrad | 0:cdf462088d13 | 318 | else if( strcmp( entity, "valid_to" ) == 0 ) |
markrad | 0:cdf462088d13 | 319 | TEST_ASSERT( mbedtls_x509_time_is_past( &crt.valid_to ) == result ); |
markrad | 0:cdf462088d13 | 320 | else |
markrad | 0:cdf462088d13 | 321 | TEST_ASSERT( "Unknown entity" == 0 ); |
markrad | 0:cdf462088d13 | 322 | |
markrad | 0:cdf462088d13 | 323 | exit: |
markrad | 0:cdf462088d13 | 324 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 325 | } |
markrad | 0:cdf462088d13 | 326 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 327 | |
markrad | 0:cdf462088d13 | 328 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 329 | void mbedtls_x509_time_is_future( char *crt_file, char *entity, int result ) |
markrad | 0:cdf462088d13 | 330 | { |
markrad | 0:cdf462088d13 | 331 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 332 | |
markrad | 0:cdf462088d13 | 333 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 334 | |
markrad | 0:cdf462088d13 | 335 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 336 | |
markrad | 0:cdf462088d13 | 337 | if( strcmp( entity, "valid_from" ) == 0 ) |
markrad | 0:cdf462088d13 | 338 | TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_from ) == result ); |
markrad | 0:cdf462088d13 | 339 | else if( strcmp( entity, "valid_to" ) == 0 ) |
markrad | 0:cdf462088d13 | 340 | TEST_ASSERT( mbedtls_x509_time_is_future( &crt.valid_to ) == result ); |
markrad | 0:cdf462088d13 | 341 | else |
markrad | 0:cdf462088d13 | 342 | TEST_ASSERT( "Unknown entity" == 0 ); |
markrad | 0:cdf462088d13 | 343 | |
markrad | 0:cdf462088d13 | 344 | exit: |
markrad | 0:cdf462088d13 | 345 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 346 | } |
markrad | 0:cdf462088d13 | 347 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 348 | |
markrad | 0:cdf462088d13 | 349 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ |
markrad | 0:cdf462088d13 | 350 | void x509parse_crt_file( char *crt_file, int result ) |
markrad | 0:cdf462088d13 | 351 | { |
markrad | 0:cdf462088d13 | 352 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 353 | |
markrad | 0:cdf462088d13 | 354 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 355 | |
markrad | 0:cdf462088d13 | 356 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == result ); |
markrad | 0:cdf462088d13 | 357 | |
markrad | 0:cdf462088d13 | 358 | exit: |
markrad | 0:cdf462088d13 | 359 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 360 | } |
markrad | 0:cdf462088d13 | 361 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 362 | |
markrad | 0:cdf462088d13 | 363 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 364 | void x509parse_crt( char *crt_data, char *result_str, int result ) |
markrad | 0:cdf462088d13 | 365 | { |
markrad | 0:cdf462088d13 | 366 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 367 | unsigned char buf[2000]; |
markrad | 0:cdf462088d13 | 368 | unsigned char output[2000]; |
markrad | 0:cdf462088d13 | 369 | int data_len, res; |
markrad | 0:cdf462088d13 | 370 | |
markrad | 0:cdf462088d13 | 371 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 372 | memset( buf, 0, 2000 ); |
markrad | 0:cdf462088d13 | 373 | memset( output, 0, 2000 ); |
markrad | 0:cdf462088d13 | 374 | |
markrad | 0:cdf462088d13 | 375 | data_len = unhexify( buf, crt_data ); |
markrad | 0:cdf462088d13 | 376 | |
markrad | 0:cdf462088d13 | 377 | TEST_ASSERT( mbedtls_x509_crt_parse( &crt, buf, data_len ) == ( result ) ); |
markrad | 0:cdf462088d13 | 378 | if( ( result ) == 0 ) |
markrad | 0:cdf462088d13 | 379 | { |
markrad | 0:cdf462088d13 | 380 | res = mbedtls_x509_crt_info( (char *) output, 2000, "", &crt ); |
markrad | 0:cdf462088d13 | 381 | |
markrad | 0:cdf462088d13 | 382 | TEST_ASSERT( res != -1 ); |
markrad | 0:cdf462088d13 | 383 | TEST_ASSERT( res != -2 ); |
markrad | 0:cdf462088d13 | 384 | |
markrad | 0:cdf462088d13 | 385 | TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 386 | } |
markrad | 0:cdf462088d13 | 387 | |
markrad | 0:cdf462088d13 | 388 | exit: |
markrad | 0:cdf462088d13 | 389 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 390 | } |
markrad | 0:cdf462088d13 | 391 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 392 | |
markrad | 0:cdf462088d13 | 393 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C */ |
markrad | 0:cdf462088d13 | 394 | void x509parse_crl( char *crl_data, char *result_str, int result ) |
markrad | 0:cdf462088d13 | 395 | { |
markrad | 0:cdf462088d13 | 396 | mbedtls_x509_crl crl; |
markrad | 0:cdf462088d13 | 397 | unsigned char buf[2000]; |
markrad | 0:cdf462088d13 | 398 | unsigned char output[2000]; |
markrad | 0:cdf462088d13 | 399 | int data_len, res; |
markrad | 0:cdf462088d13 | 400 | |
markrad | 0:cdf462088d13 | 401 | mbedtls_x509_crl_init( &crl ); |
markrad | 0:cdf462088d13 | 402 | memset( buf, 0, 2000 ); |
markrad | 0:cdf462088d13 | 403 | memset( output, 0, 2000 ); |
markrad | 0:cdf462088d13 | 404 | |
markrad | 0:cdf462088d13 | 405 | data_len = unhexify( buf, crl_data ); |
markrad | 0:cdf462088d13 | 406 | |
markrad | 0:cdf462088d13 | 407 | TEST_ASSERT( mbedtls_x509_crl_parse( &crl, buf, data_len ) == ( result ) ); |
markrad | 0:cdf462088d13 | 408 | if( ( result ) == 0 ) |
markrad | 0:cdf462088d13 | 409 | { |
markrad | 0:cdf462088d13 | 410 | res = mbedtls_x509_crl_info( (char *) output, 2000, "", &crl ); |
markrad | 0:cdf462088d13 | 411 | |
markrad | 0:cdf462088d13 | 412 | TEST_ASSERT( res != -1 ); |
markrad | 0:cdf462088d13 | 413 | TEST_ASSERT( res != -2 ); |
markrad | 0:cdf462088d13 | 414 | |
markrad | 0:cdf462088d13 | 415 | TEST_ASSERT( strcmp( (char *) output, result_str ) == 0 ); |
markrad | 0:cdf462088d13 | 416 | } |
markrad | 0:cdf462088d13 | 417 | |
markrad | 0:cdf462088d13 | 418 | exit: |
markrad | 0:cdf462088d13 | 419 | mbedtls_x509_crl_free( &crl ); |
markrad | 0:cdf462088d13 | 420 | } |
markrad | 0:cdf462088d13 | 421 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 422 | |
markrad | 0:cdf462088d13 | 423 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C */ |
markrad | 0:cdf462088d13 | 424 | void mbedtls_x509_csr_parse( char *csr_der_hex, char *ref_out, int ref_ret ) |
markrad | 0:cdf462088d13 | 425 | { |
markrad | 0:cdf462088d13 | 426 | mbedtls_x509_csr csr; |
markrad | 0:cdf462088d13 | 427 | unsigned char *csr_der = NULL; |
markrad | 0:cdf462088d13 | 428 | char my_out[1000]; |
markrad | 0:cdf462088d13 | 429 | size_t csr_der_len; |
markrad | 0:cdf462088d13 | 430 | int my_ret; |
markrad | 0:cdf462088d13 | 431 | |
markrad | 0:cdf462088d13 | 432 | mbedtls_x509_csr_init( &csr ); |
markrad | 0:cdf462088d13 | 433 | memset( my_out, 0, sizeof( my_out ) ); |
markrad | 0:cdf462088d13 | 434 | csr_der = unhexify_alloc( csr_der_hex, &csr_der_len ); |
markrad | 0:cdf462088d13 | 435 | |
markrad | 0:cdf462088d13 | 436 | my_ret = mbedtls_x509_csr_parse_der( &csr, csr_der, csr_der_len ); |
markrad | 0:cdf462088d13 | 437 | TEST_ASSERT( my_ret == ref_ret ); |
markrad | 0:cdf462088d13 | 438 | |
markrad | 0:cdf462088d13 | 439 | if( ref_ret == 0 ) |
markrad | 0:cdf462088d13 | 440 | { |
markrad | 0:cdf462088d13 | 441 | size_t my_out_len = mbedtls_x509_csr_info( my_out, sizeof( my_out ), "", &csr ); |
markrad | 0:cdf462088d13 | 442 | TEST_ASSERT( my_out_len == strlen( ref_out ) ); |
markrad | 0:cdf462088d13 | 443 | TEST_ASSERT( strcmp( my_out, ref_out ) == 0 ); |
markrad | 0:cdf462088d13 | 444 | } |
markrad | 0:cdf462088d13 | 445 | |
markrad | 0:cdf462088d13 | 446 | exit: |
markrad | 0:cdf462088d13 | 447 | mbedtls_x509_csr_free( &csr ); |
markrad | 0:cdf462088d13 | 448 | mbedtls_free( csr_der ); |
markrad | 0:cdf462088d13 | 449 | } |
markrad | 0:cdf462088d13 | 450 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 451 | |
markrad | 0:cdf462088d13 | 452 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 453 | void mbedtls_x509_crt_parse_path( char *crt_path, int ret, int nb_crt ) |
markrad | 0:cdf462088d13 | 454 | { |
markrad | 0:cdf462088d13 | 455 | mbedtls_x509_crt chain, *cur; |
markrad | 0:cdf462088d13 | 456 | int i; |
markrad | 0:cdf462088d13 | 457 | |
markrad | 0:cdf462088d13 | 458 | mbedtls_x509_crt_init( &chain ); |
markrad | 0:cdf462088d13 | 459 | |
markrad | 0:cdf462088d13 | 460 | TEST_ASSERT( mbedtls_x509_crt_parse_path( &chain, crt_path ) == ret ); |
markrad | 0:cdf462088d13 | 461 | |
markrad | 0:cdf462088d13 | 462 | /* Check how many certs we got */ |
markrad | 0:cdf462088d13 | 463 | for( i = 0, cur = &chain; cur != NULL; cur = cur->next ) |
markrad | 0:cdf462088d13 | 464 | if( cur->raw.p != NULL ) |
markrad | 0:cdf462088d13 | 465 | i++; |
markrad | 0:cdf462088d13 | 466 | |
markrad | 0:cdf462088d13 | 467 | TEST_ASSERT( i == nb_crt ); |
markrad | 0:cdf462088d13 | 468 | |
markrad | 0:cdf462088d13 | 469 | exit: |
markrad | 0:cdf462088d13 | 470 | mbedtls_x509_crt_free( &chain ); |
markrad | 0:cdf462088d13 | 471 | } |
markrad | 0:cdf462088d13 | 472 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 473 | |
markrad | 0:cdf462088d13 | 474 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ |
markrad | 0:cdf462088d13 | 475 | void mbedtls_x509_crt_verify_chain( char *chain_paths, char *trusted_ca, int flags_result ) |
markrad | 0:cdf462088d13 | 476 | { |
markrad | 0:cdf462088d13 | 477 | char* act; |
markrad | 0:cdf462088d13 | 478 | uint32_t flags; |
markrad | 0:cdf462088d13 | 479 | int result, res; |
markrad | 0:cdf462088d13 | 480 | mbedtls_x509_crt trusted, chain; |
markrad | 0:cdf462088d13 | 481 | |
markrad | 0:cdf462088d13 | 482 | result= flags_result?MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:0; |
markrad | 0:cdf462088d13 | 483 | |
markrad | 0:cdf462088d13 | 484 | mbedtls_x509_crt_init( &chain ); |
markrad | 0:cdf462088d13 | 485 | mbedtls_x509_crt_init( &trusted ); |
markrad | 0:cdf462088d13 | 486 | |
markrad | 0:cdf462088d13 | 487 | while( ( act = mystrsep( &chain_paths, " " ) ) != NULL ) |
markrad | 0:cdf462088d13 | 488 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &chain, act ) == 0 ); |
markrad | 0:cdf462088d13 | 489 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted, trusted_ca ) == 0 ); |
markrad | 0:cdf462088d13 | 490 | |
markrad | 0:cdf462088d13 | 491 | res = mbedtls_x509_crt_verify( &chain, &trusted, NULL, NULL, &flags, NULL, NULL ); |
markrad | 0:cdf462088d13 | 492 | |
markrad | 0:cdf462088d13 | 493 | TEST_ASSERT( res == ( result ) ); |
markrad | 0:cdf462088d13 | 494 | TEST_ASSERT( flags == (uint32_t)( flags_result ) ); |
markrad | 0:cdf462088d13 | 495 | |
markrad | 0:cdf462088d13 | 496 | exit: |
markrad | 0:cdf462088d13 | 497 | mbedtls_x509_crt_free( &trusted ); |
markrad | 0:cdf462088d13 | 498 | mbedtls_x509_crt_free( &chain ); |
markrad | 0:cdf462088d13 | 499 | } |
markrad | 0:cdf462088d13 | 500 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 501 | |
markrad | 0:cdf462088d13 | 502 | /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ |
markrad | 0:cdf462088d13 | 503 | void x509_oid_desc( char *oid_str, char *ref_desc ) |
markrad | 0:cdf462088d13 | 504 | { |
markrad | 0:cdf462088d13 | 505 | mbedtls_x509_buf oid; |
markrad | 0:cdf462088d13 | 506 | const char *desc = NULL; |
markrad | 0:cdf462088d13 | 507 | unsigned char buf[20]; |
markrad | 0:cdf462088d13 | 508 | int ret; |
markrad | 0:cdf462088d13 | 509 | |
markrad | 0:cdf462088d13 | 510 | memset( buf, 0, sizeof buf ); |
markrad | 0:cdf462088d13 | 511 | |
markrad | 0:cdf462088d13 | 512 | oid.tag = MBEDTLS_ASN1_OID; |
markrad | 0:cdf462088d13 | 513 | oid.len = unhexify( buf, oid_str ); |
markrad | 0:cdf462088d13 | 514 | oid.p = buf; |
markrad | 0:cdf462088d13 | 515 | |
markrad | 0:cdf462088d13 | 516 | ret = mbedtls_oid_get_extended_key_usage( &oid, &desc ); |
markrad | 0:cdf462088d13 | 517 | |
markrad | 0:cdf462088d13 | 518 | if( strcmp( ref_desc, "notfound" ) == 0 ) |
markrad | 0:cdf462088d13 | 519 | { |
markrad | 0:cdf462088d13 | 520 | TEST_ASSERT( ret != 0 ); |
markrad | 0:cdf462088d13 | 521 | TEST_ASSERT( desc == NULL ); |
markrad | 0:cdf462088d13 | 522 | } |
markrad | 0:cdf462088d13 | 523 | else |
markrad | 0:cdf462088d13 | 524 | { |
markrad | 0:cdf462088d13 | 525 | TEST_ASSERT( ret == 0 ); |
markrad | 0:cdf462088d13 | 526 | TEST_ASSERT( desc != NULL ); |
markrad | 0:cdf462088d13 | 527 | TEST_ASSERT( strcmp( desc, ref_desc ) == 0 ); |
markrad | 0:cdf462088d13 | 528 | } |
markrad | 0:cdf462088d13 | 529 | } |
markrad | 0:cdf462088d13 | 530 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 531 | |
markrad | 0:cdf462088d13 | 532 | /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ |
markrad | 0:cdf462088d13 | 533 | void x509_oid_numstr( char *oid_str, char *numstr, int blen, int ret ) |
markrad | 0:cdf462088d13 | 534 | { |
markrad | 0:cdf462088d13 | 535 | mbedtls_x509_buf oid; |
markrad | 0:cdf462088d13 | 536 | unsigned char oid_buf[20]; |
markrad | 0:cdf462088d13 | 537 | char num_buf[100]; |
markrad | 0:cdf462088d13 | 538 | |
markrad | 0:cdf462088d13 | 539 | memset( oid_buf, 0x00, sizeof oid_buf ); |
markrad | 0:cdf462088d13 | 540 | memset( num_buf, 0x2a, sizeof num_buf ); |
markrad | 0:cdf462088d13 | 541 | |
markrad | 0:cdf462088d13 | 542 | oid.tag = MBEDTLS_ASN1_OID; |
markrad | 0:cdf462088d13 | 543 | oid.len = unhexify( oid_buf, oid_str ); |
markrad | 0:cdf462088d13 | 544 | oid.p = oid_buf; |
markrad | 0:cdf462088d13 | 545 | |
markrad | 0:cdf462088d13 | 546 | TEST_ASSERT( (size_t) blen <= sizeof num_buf ); |
markrad | 0:cdf462088d13 | 547 | |
markrad | 0:cdf462088d13 | 548 | TEST_ASSERT( mbedtls_oid_get_numeric_string( num_buf, blen, &oid ) == ret ); |
markrad | 0:cdf462088d13 | 549 | |
markrad | 0:cdf462088d13 | 550 | if( ret >= 0 ) |
markrad | 0:cdf462088d13 | 551 | { |
markrad | 0:cdf462088d13 | 552 | TEST_ASSERT( num_buf[ret] == 0 ); |
markrad | 0:cdf462088d13 | 553 | TEST_ASSERT( strcmp( num_buf, numstr ) == 0 ); |
markrad | 0:cdf462088d13 | 554 | } |
markrad | 0:cdf462088d13 | 555 | } |
markrad | 0:cdf462088d13 | 556 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 557 | |
markrad | 0:cdf462088d13 | 558 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_KEY_USAGE */ |
markrad | 0:cdf462088d13 | 559 | void x509_check_key_usage( char *crt_file, int usage, int ret ) |
markrad | 0:cdf462088d13 | 560 | { |
markrad | 0:cdf462088d13 | 561 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 562 | |
markrad | 0:cdf462088d13 | 563 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 564 | |
markrad | 0:cdf462088d13 | 565 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 566 | |
markrad | 0:cdf462088d13 | 567 | TEST_ASSERT( mbedtls_x509_crt_check_key_usage( &crt, usage ) == ret ); |
markrad | 0:cdf462088d13 | 568 | |
markrad | 0:cdf462088d13 | 569 | exit: |
markrad | 0:cdf462088d13 | 570 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 571 | } |
markrad | 0:cdf462088d13 | 572 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 573 | |
markrad | 0:cdf462088d13 | 574 | /* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */ |
markrad | 0:cdf462088d13 | 575 | void x509_check_extended_key_usage( char *crt_file, char *usage_hex, int ret ) |
markrad | 0:cdf462088d13 | 576 | { |
markrad | 0:cdf462088d13 | 577 | mbedtls_x509_crt crt; |
markrad | 0:cdf462088d13 | 578 | char oid[50]; |
markrad | 0:cdf462088d13 | 579 | size_t len; |
markrad | 0:cdf462088d13 | 580 | |
markrad | 0:cdf462088d13 | 581 | mbedtls_x509_crt_init( &crt ); |
markrad | 0:cdf462088d13 | 582 | |
markrad | 0:cdf462088d13 | 583 | len = unhexify( (unsigned char *) oid, usage_hex ); |
markrad | 0:cdf462088d13 | 584 | |
markrad | 0:cdf462088d13 | 585 | TEST_ASSERT( mbedtls_x509_crt_parse_file( &crt, crt_file ) == 0 ); |
markrad | 0:cdf462088d13 | 586 | |
markrad | 0:cdf462088d13 | 587 | TEST_ASSERT( mbedtls_x509_crt_check_extended_key_usage( &crt, oid, len ) == ret ); |
markrad | 0:cdf462088d13 | 588 | |
markrad | 0:cdf462088d13 | 589 | exit: |
markrad | 0:cdf462088d13 | 590 | mbedtls_x509_crt_free( &crt ); |
markrad | 0:cdf462088d13 | 591 | } |
markrad | 0:cdf462088d13 | 592 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 593 | |
markrad | 0:cdf462088d13 | 594 | /* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ |
markrad | 0:cdf462088d13 | 595 | void x509_get_time( int tag, char *time_str, int ret, |
markrad | 0:cdf462088d13 | 596 | int year, int mon, int day, |
markrad | 0:cdf462088d13 | 597 | int hour, int min, int sec ) |
markrad | 0:cdf462088d13 | 598 | { |
markrad | 0:cdf462088d13 | 599 | mbedtls_x509_time time; |
markrad | 0:cdf462088d13 | 600 | unsigned char buf[17]; |
markrad | 0:cdf462088d13 | 601 | unsigned char* start = buf; |
markrad | 0:cdf462088d13 | 602 | unsigned char* end = buf; |
markrad | 0:cdf462088d13 | 603 | |
markrad | 0:cdf462088d13 | 604 | memset( &time, 0x00, sizeof( time ) ); |
markrad | 0:cdf462088d13 | 605 | *end = (unsigned char)tag; end++; |
markrad | 0:cdf462088d13 | 606 | if( tag == MBEDTLS_ASN1_UTC_TIME ) |
markrad | 0:cdf462088d13 | 607 | *end = 13; |
markrad | 0:cdf462088d13 | 608 | else |
markrad | 0:cdf462088d13 | 609 | *end = 15; |
markrad | 0:cdf462088d13 | 610 | end++; |
markrad | 0:cdf462088d13 | 611 | memcpy( end, time_str, (size_t)*(end - 1) ); |
markrad | 0:cdf462088d13 | 612 | end += *(end - 1); |
markrad | 0:cdf462088d13 | 613 | |
markrad | 0:cdf462088d13 | 614 | TEST_ASSERT( mbedtls_x509_get_time( &start, end, &time ) == ret ); |
markrad | 0:cdf462088d13 | 615 | if( ret == 0 ) |
markrad | 0:cdf462088d13 | 616 | { |
markrad | 0:cdf462088d13 | 617 | TEST_ASSERT( year == time.year ); |
markrad | 0:cdf462088d13 | 618 | TEST_ASSERT( mon == time.mon ); |
markrad | 0:cdf462088d13 | 619 | TEST_ASSERT( day == time.day ); |
markrad | 0:cdf462088d13 | 620 | TEST_ASSERT( hour == time.hour ); |
markrad | 0:cdf462088d13 | 621 | TEST_ASSERT( min == time.min ); |
markrad | 0:cdf462088d13 | 622 | TEST_ASSERT( sec == time.sec ); |
markrad | 0:cdf462088d13 | 623 | } |
markrad | 0:cdf462088d13 | 624 | } |
markrad | 0:cdf462088d13 | 625 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 626 | |
markrad | 0:cdf462088d13 | 627 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */ |
markrad | 0:cdf462088d13 | 628 | void x509_parse_rsassa_pss_params( char *hex_params, int params_tag, |
markrad | 0:cdf462088d13 | 629 | int ref_msg_md, int ref_mgf_md, |
markrad | 0:cdf462088d13 | 630 | int ref_salt_len, int ref_ret ) |
markrad | 0:cdf462088d13 | 631 | { |
markrad | 0:cdf462088d13 | 632 | int my_ret; |
markrad | 0:cdf462088d13 | 633 | mbedtls_x509_buf params; |
markrad | 0:cdf462088d13 | 634 | mbedtls_md_type_t my_msg_md, my_mgf_md; |
markrad | 0:cdf462088d13 | 635 | int my_salt_len; |
markrad | 0:cdf462088d13 | 636 | |
markrad | 0:cdf462088d13 | 637 | params.p = unhexify_alloc( hex_params, ¶ms.len ); |
markrad | 0:cdf462088d13 | 638 | params.tag = params_tag; |
markrad | 0:cdf462088d13 | 639 | |
markrad | 0:cdf462088d13 | 640 | my_ret = mbedtls_x509_get_rsassa_pss_params( ¶ms, &my_msg_md, &my_mgf_md, |
markrad | 0:cdf462088d13 | 641 | &my_salt_len ); |
markrad | 0:cdf462088d13 | 642 | |
markrad | 0:cdf462088d13 | 643 | TEST_ASSERT( my_ret == ref_ret ); |
markrad | 0:cdf462088d13 | 644 | |
markrad | 0:cdf462088d13 | 645 | if( ref_ret == 0 ) |
markrad | 0:cdf462088d13 | 646 | { |
markrad | 0:cdf462088d13 | 647 | TEST_ASSERT( my_msg_md == (mbedtls_md_type_t) ref_msg_md ); |
markrad | 0:cdf462088d13 | 648 | TEST_ASSERT( my_mgf_md == (mbedtls_md_type_t) ref_mgf_md ); |
markrad | 0:cdf462088d13 | 649 | TEST_ASSERT( my_salt_len == ref_salt_len ); |
markrad | 0:cdf462088d13 | 650 | } |
markrad | 0:cdf462088d13 | 651 | |
markrad | 0:cdf462088d13 | 652 | exit: |
markrad | 0:cdf462088d13 | 653 | mbedtls_free( params.p ); |
markrad | 0:cdf462088d13 | 654 | } |
markrad | 0:cdf462088d13 | 655 | /* END_CASE */ |
markrad | 0:cdf462088d13 | 656 | |
markrad | 0:cdf462088d13 | 657 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */ |
markrad | 0:cdf462088d13 | 658 | void x509_selftest() |
markrad | 0:cdf462088d13 | 659 | { |
markrad | 0:cdf462088d13 | 660 | TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 ); |
markrad | 0:cdf462088d13 | 661 | } |
markrad | 0:cdf462088d13 | 662 | /* END_CASE */ |