Willie Solano
mbed TLS Build
tests/suites/test_suite_x509write.function@0:cdf462088d13, 2017-01-05 (annotated)
- Committer:
- markrad
- Date:
- Thu Jan 05 00:18:44 2017 +0000
- Revision:
- 0:cdf462088d13
Initial commit
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| markrad | 0:cdf462088d13 | 1 | /* BEGIN_HEADER */ |
| markrad | 0:cdf462088d13 | 2 | #include "mbedtls/x509_crt.h" |
| markrad | 0:cdf462088d13 | 3 | #include "mbedtls/x509_csr.h" |
| markrad | 0:cdf462088d13 | 4 | #include "mbedtls/pem.h" |
| markrad | 0:cdf462088d13 | 5 | #include "mbedtls/oid.h" |
| markrad | 0:cdf462088d13 | 6 | /* END_HEADER */ |
| markrad | 0:cdf462088d13 | 7 | |
| markrad | 0:cdf462088d13 | 8 | /* BEGIN_DEPENDENCIES |
| markrad | 0:cdf462088d13 | 9 | * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C |
| markrad | 0:cdf462088d13 | 10 | * END_DEPENDENCIES |
| markrad | 0:cdf462088d13 | 11 | */ |
| markrad | 0:cdf462088d13 | 12 | |
| markrad | 0:cdf462088d13 | 13 | /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ |
| markrad | 0:cdf462088d13 | 14 | void x509_csr_check( char *key_file, char *cert_req_check_file, |
| markrad | 0:cdf462088d13 | 15 | int md_type, int key_usage, int cert_type ) |
| markrad | 0:cdf462088d13 | 16 | { |
| markrad | 0:cdf462088d13 | 17 | mbedtls_pk_context key; |
| markrad | 0:cdf462088d13 | 18 | mbedtls_x509write_csr req; |
| markrad | 0:cdf462088d13 | 19 | unsigned char buf[4096]; |
| markrad | 0:cdf462088d13 | 20 | unsigned char check_buf[4000]; |
| markrad | 0:cdf462088d13 | 21 | int ret; |
| markrad | 0:cdf462088d13 | 22 | size_t olen = 0, pem_len = 0; |
| markrad | 0:cdf462088d13 | 23 | int der_len = -1; |
| markrad | 0:cdf462088d13 | 24 | FILE *f; |
| markrad | 0:cdf462088d13 | 25 | const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; |
| markrad | 0:cdf462088d13 | 26 | rnd_pseudo_info rnd_info; |
| markrad | 0:cdf462088d13 | 27 | |
| markrad | 0:cdf462088d13 | 28 | memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); |
| markrad | 0:cdf462088d13 | 29 | |
| markrad | 0:cdf462088d13 | 30 | mbedtls_pk_init( &key ); |
| markrad | 0:cdf462088d13 | 31 | TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL ) == 0 ); |
| markrad | 0:cdf462088d13 | 32 | |
| markrad | 0:cdf462088d13 | 33 | mbedtls_x509write_csr_init( &req ); |
| markrad | 0:cdf462088d13 | 34 | mbedtls_x509write_csr_set_md_alg( &req, md_type ); |
| markrad | 0:cdf462088d13 | 35 | mbedtls_x509write_csr_set_key( &req, &key ); |
| markrad | 0:cdf462088d13 | 36 | TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 ); |
| markrad | 0:cdf462088d13 | 37 | if( key_usage != 0 ) |
| markrad | 0:cdf462088d13 | 38 | TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 ); |
| markrad | 0:cdf462088d13 | 39 | if( cert_type != 0 ) |
| markrad | 0:cdf462088d13 | 40 | TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 ); |
| markrad | 0:cdf462088d13 | 41 | |
| markrad | 0:cdf462088d13 | 42 | ret = mbedtls_x509write_csr_pem( &req, buf, sizeof(buf), |
| markrad | 0:cdf462088d13 | 43 | rnd_pseudo_rand, &rnd_info ); |
| markrad | 0:cdf462088d13 | 44 | TEST_ASSERT( ret == 0 ); |
| markrad | 0:cdf462088d13 | 45 | |
| markrad | 0:cdf462088d13 | 46 | pem_len = strlen( (char *) buf ); |
| markrad | 0:cdf462088d13 | 47 | |
| markrad | 0:cdf462088d13 | 48 | f = fopen( cert_req_check_file, "r" ); |
| markrad | 0:cdf462088d13 | 49 | TEST_ASSERT( f != NULL ); |
| markrad | 0:cdf462088d13 | 50 | olen = fread( check_buf, 1, sizeof( check_buf ), f ); |
| markrad | 0:cdf462088d13 | 51 | fclose( f ); |
| markrad | 0:cdf462088d13 | 52 | |
| markrad | 0:cdf462088d13 | 53 | TEST_ASSERT( olen >= pem_len - 1 ); |
| markrad | 0:cdf462088d13 | 54 | TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); |
| markrad | 0:cdf462088d13 | 55 | |
| markrad | 0:cdf462088d13 | 56 | der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ), |
| markrad | 0:cdf462088d13 | 57 | rnd_pseudo_rand, &rnd_info ); |
| markrad | 0:cdf462088d13 | 58 | TEST_ASSERT( der_len >= 0 ); |
| markrad | 0:cdf462088d13 | 59 | |
| markrad | 0:cdf462088d13 | 60 | if( der_len == 0 ) |
| markrad | 0:cdf462088d13 | 61 | goto exit; |
| markrad | 0:cdf462088d13 | 62 | |
| markrad | 0:cdf462088d13 | 63 | ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len - 1 ), |
| markrad | 0:cdf462088d13 | 64 | rnd_pseudo_rand, &rnd_info ); |
| markrad | 0:cdf462088d13 | 65 | TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); |
| markrad | 0:cdf462088d13 | 66 | |
| markrad | 0:cdf462088d13 | 67 | exit: |
| markrad | 0:cdf462088d13 | 68 | mbedtls_x509write_csr_free( &req ); |
| markrad | 0:cdf462088d13 | 69 | mbedtls_pk_free( &key ); |
| markrad | 0:cdf462088d13 | 70 | } |
| markrad | 0:cdf462088d13 | 71 | /* END_CASE */ |
| markrad | 0:cdf462088d13 | 72 | |
| markrad | 0:cdf462088d13 | 73 | /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ |
| markrad | 0:cdf462088d13 | 74 | void x509_crt_check( char *subject_key_file, char *subject_pwd, |
| markrad | 0:cdf462088d13 | 75 | char *subject_name, char *issuer_key_file, |
| markrad | 0:cdf462088d13 | 76 | char *issuer_pwd, char *issuer_name, |
| markrad | 0:cdf462088d13 | 77 | char *serial_str, char *not_before, char *not_after, |
| markrad | 0:cdf462088d13 | 78 | int md_type, int key_usage, int cert_type, int ver, |
| markrad | 0:cdf462088d13 | 79 | char *cert_check_file ) |
| markrad | 0:cdf462088d13 | 80 | { |
| markrad | 0:cdf462088d13 | 81 | mbedtls_pk_context subject_key, issuer_key; |
| markrad | 0:cdf462088d13 | 82 | mbedtls_x509write_cert crt; |
| markrad | 0:cdf462088d13 | 83 | unsigned char buf[4096]; |
| markrad | 0:cdf462088d13 | 84 | unsigned char check_buf[5000]; |
| markrad | 0:cdf462088d13 | 85 | mbedtls_mpi serial; |
| markrad | 0:cdf462088d13 | 86 | int ret; |
| markrad | 0:cdf462088d13 | 87 | size_t olen = 0, pem_len = 0; |
| markrad | 0:cdf462088d13 | 88 | int der_len = -1; |
| markrad | 0:cdf462088d13 | 89 | FILE *f; |
| markrad | 0:cdf462088d13 | 90 | rnd_pseudo_info rnd_info; |
| markrad | 0:cdf462088d13 | 91 | |
| markrad | 0:cdf462088d13 | 92 | memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) ); |
| markrad | 0:cdf462088d13 | 93 | mbedtls_mpi_init( &serial ); |
| markrad | 0:cdf462088d13 | 94 | mbedtls_pk_init( &subject_key ); |
| markrad | 0:cdf462088d13 | 95 | mbedtls_pk_init( &issuer_key ); |
| markrad | 0:cdf462088d13 | 96 | |
| markrad | 0:cdf462088d13 | 97 | TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file, |
| markrad | 0:cdf462088d13 | 98 | subject_pwd ) == 0 ); |
| markrad | 0:cdf462088d13 | 99 | TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file, |
| markrad | 0:cdf462088d13 | 100 | issuer_pwd ) == 0 ); |
| markrad | 0:cdf462088d13 | 101 | TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 ); |
| markrad | 0:cdf462088d13 | 102 | |
| markrad | 0:cdf462088d13 | 103 | mbedtls_x509write_crt_init( &crt ); |
| markrad | 0:cdf462088d13 | 104 | if( ver != -1 ) |
| markrad | 0:cdf462088d13 | 105 | mbedtls_x509write_crt_set_version( &crt, ver ); |
| markrad | 0:cdf462088d13 | 106 | TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 ); |
| markrad | 0:cdf462088d13 | 107 | TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before, |
| markrad | 0:cdf462088d13 | 108 | not_after ) == 0 ); |
| markrad | 0:cdf462088d13 | 109 | mbedtls_x509write_crt_set_md_alg( &crt, md_type ); |
| markrad | 0:cdf462088d13 | 110 | TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 ); |
| markrad | 0:cdf462088d13 | 111 | TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 ); |
| markrad | 0:cdf462088d13 | 112 | mbedtls_x509write_crt_set_subject_key( &crt, &subject_key ); |
| markrad | 0:cdf462088d13 | 113 | mbedtls_x509write_crt_set_issuer_key( &crt, &issuer_key ); |
| markrad | 0:cdf462088d13 | 114 | |
| markrad | 0:cdf462088d13 | 115 | if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 ) |
| markrad | 0:cdf462088d13 | 116 | { |
| markrad | 0:cdf462088d13 | 117 | TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 ); |
| markrad | 0:cdf462088d13 | 118 | TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 ); |
| markrad | 0:cdf462088d13 | 119 | TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 ); |
| markrad | 0:cdf462088d13 | 120 | if( key_usage != 0 ) |
| markrad | 0:cdf462088d13 | 121 | TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 ); |
| markrad | 0:cdf462088d13 | 122 | if( cert_type != 0 ) |
| markrad | 0:cdf462088d13 | 123 | TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 ); |
| markrad | 0:cdf462088d13 | 124 | } |
| markrad | 0:cdf462088d13 | 125 | |
| markrad | 0:cdf462088d13 | 126 | ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof(buf), |
| markrad | 0:cdf462088d13 | 127 | rnd_pseudo_rand, &rnd_info ); |
| markrad | 0:cdf462088d13 | 128 | TEST_ASSERT( ret == 0 ); |
| markrad | 0:cdf462088d13 | 129 | |
| markrad | 0:cdf462088d13 | 130 | pem_len = strlen( (char *) buf ); |
| markrad | 0:cdf462088d13 | 131 | |
| markrad | 0:cdf462088d13 | 132 | f = fopen( cert_check_file, "r" ); |
| markrad | 0:cdf462088d13 | 133 | TEST_ASSERT( f != NULL ); |
| markrad | 0:cdf462088d13 | 134 | olen = fread( check_buf, 1, sizeof(check_buf), f ); |
| markrad | 0:cdf462088d13 | 135 | fclose( f ); |
| markrad | 0:cdf462088d13 | 136 | TEST_ASSERT( olen < sizeof(check_buf) ); |
| markrad | 0:cdf462088d13 | 137 | |
| markrad | 0:cdf462088d13 | 138 | TEST_ASSERT( olen >= pem_len - 1 ); |
| markrad | 0:cdf462088d13 | 139 | TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 ); |
| markrad | 0:cdf462088d13 | 140 | |
| markrad | 0:cdf462088d13 | 141 | der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ), |
| markrad | 0:cdf462088d13 | 142 | rnd_pseudo_rand, &rnd_info ); |
| markrad | 0:cdf462088d13 | 143 | TEST_ASSERT( der_len >= 0 ); |
| markrad | 0:cdf462088d13 | 144 | |
| markrad | 0:cdf462088d13 | 145 | if( der_len == 0 ) |
| markrad | 0:cdf462088d13 | 146 | goto exit; |
| markrad | 0:cdf462088d13 | 147 | |
| markrad | 0:cdf462088d13 | 148 | ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len - 1 ), |
| markrad | 0:cdf462088d13 | 149 | rnd_pseudo_rand, &rnd_info ); |
| markrad | 0:cdf462088d13 | 150 | TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL ); |
| markrad | 0:cdf462088d13 | 151 | |
| markrad | 0:cdf462088d13 | 152 | exit: |
| markrad | 0:cdf462088d13 | 153 | mbedtls_x509write_crt_free( &crt ); |
| markrad | 0:cdf462088d13 | 154 | mbedtls_pk_free( &issuer_key ); |
| markrad | 0:cdf462088d13 | 155 | mbedtls_pk_free( &subject_key ); |
| markrad | 0:cdf462088d13 | 156 | mbedtls_mpi_free( &serial ); |
| markrad | 0:cdf462088d13 | 157 | } |
| markrad | 0:cdf462088d13 | 158 | /* END_CASE */ |
| markrad | 0:cdf462088d13 | 159 | |
| markrad | 0:cdf462088d13 | 160 | /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ |
| markrad | 0:cdf462088d13 | 161 | void mbedtls_x509_string_to_names( char *name, char *parsed_name, int result ) |
| markrad | 0:cdf462088d13 | 162 | { |
| markrad | 0:cdf462088d13 | 163 | int ret; |
| markrad | 0:cdf462088d13 | 164 | size_t len = 0; |
| markrad | 0:cdf462088d13 | 165 | mbedtls_asn1_named_data *names = NULL; |
| markrad | 0:cdf462088d13 | 166 | mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; |
| markrad | 0:cdf462088d13 | 167 | unsigned char buf[1024], out[1024], *c; |
| markrad | 0:cdf462088d13 | 168 | |
| markrad | 0:cdf462088d13 | 169 | memset( &parsed, 0, sizeof( parsed ) ); |
| markrad | 0:cdf462088d13 | 170 | memset( out, 0, sizeof( out ) ); |
| markrad | 0:cdf462088d13 | 171 | memset( buf, 0, sizeof( buf ) ); |
| markrad | 0:cdf462088d13 | 172 | c = buf + sizeof( buf ); |
| markrad | 0:cdf462088d13 | 173 | |
| markrad | 0:cdf462088d13 | 174 | ret = mbedtls_x509_string_to_names( &names, name ); |
| markrad | 0:cdf462088d13 | 175 | TEST_ASSERT( ret == result ); |
| markrad | 0:cdf462088d13 | 176 | |
| markrad | 0:cdf462088d13 | 177 | if( ret != 0 ) |
| markrad | 0:cdf462088d13 | 178 | goto exit; |
| markrad | 0:cdf462088d13 | 179 | |
| markrad | 0:cdf462088d13 | 180 | ret = mbedtls_x509_write_names( &c, buf, names ); |
| markrad | 0:cdf462088d13 | 181 | TEST_ASSERT( ret > 0 ); |
| markrad | 0:cdf462088d13 | 182 | |
| markrad | 0:cdf462088d13 | 183 | TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len, |
| markrad | 0:cdf462088d13 | 184 | MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 ); |
| markrad | 0:cdf462088d13 | 185 | TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 ); |
| markrad | 0:cdf462088d13 | 186 | |
| markrad | 0:cdf462088d13 | 187 | ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed ); |
| markrad | 0:cdf462088d13 | 188 | TEST_ASSERT( ret > 0 ); |
| markrad | 0:cdf462088d13 | 189 | |
| markrad | 0:cdf462088d13 | 190 | TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 ); |
| markrad | 0:cdf462088d13 | 191 | |
| markrad | 0:cdf462088d13 | 192 | exit: |
| markrad | 0:cdf462088d13 | 193 | mbedtls_asn1_free_named_data_list( &names ); |
| markrad | 0:cdf462088d13 | 194 | |
| markrad | 0:cdf462088d13 | 195 | parsed_cur = parsed.next; |
| markrad | 0:cdf462088d13 | 196 | while( parsed_cur != 0 ) |
| markrad | 0:cdf462088d13 | 197 | { |
| markrad | 0:cdf462088d13 | 198 | parsed_prv = parsed_cur; |
| markrad | 0:cdf462088d13 | 199 | parsed_cur = parsed_cur->next; |
| markrad | 0:cdf462088d13 | 200 | mbedtls_free( parsed_prv ); |
| markrad | 0:cdf462088d13 | 201 | } |
| markrad | 0:cdf462088d13 | 202 | } |
| markrad | 0:cdf462088d13 | 203 | /* END_CASE */ |
