PolarSSL v1.3.8
test_suite_x509write.c
Go to the documentation of this file.
1 #if !defined(POLARSSL_CONFIG_FILE)
2 #include <polarssl/config.h>
3 #else
4 #include POLARSSL_CONFIG_FILE
5 #endif
6 
7 #ifdef POLARSSL_BIGNUM_C
8 #ifdef POLARSSL_FS_IO
9 #ifdef POLARSSL_PK_PARSE_C
10 
11 #include <polarssl/x509_crt.h>
12 #include <polarssl/x509_csr.h>
13 #include <polarssl/pem.h>
14 #include <polarssl/oid.h>
15 #endif /* POLARSSL_BIGNUM_C */
16 #endif /* POLARSSL_FS_IO */
17 #endif /* POLARSSL_PK_PARSE_C */
18 
19 
20 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
21 #include "polarssl/memory.h"
22 #endif
23 
24 #if defined(POLARSSL_PLATFORM_C)
25 #include "polarssl/platform.h"
26 #else
27 #define polarssl_malloc malloc
28 #define polarssl_free free
29 #endif
30 
31 #ifdef _MSC_VER
32 #include <basetsd.h>
33 typedef UINT32 uint32_t;
34 #else
35 #include <inttypes.h>
36 #endif
37 
38 #include <assert.h>
39 #include <stdlib.h>
40 #include <string.h>
41 
42 /*
43  * 32-bit integer manipulation macros (big endian)
44  */
45 #ifndef GET_UINT32_BE
46 #define GET_UINT32_BE(n,b,i) \
47 { \
48  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
49  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
50  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
51  | ( (uint32_t) (b)[(i) + 3] ); \
52 }
53 #endif
54 
55 #ifndef PUT_UINT32_BE
56 #define PUT_UINT32_BE(n,b,i) \
57 { \
58  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
59  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
60  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
61  (b)[(i) + 3] = (unsigned char) ( (n) ); \
62 }
63 #endif
64 
65 static int unhexify(unsigned char *obuf, const char *ibuf)
66 {
67  unsigned char c, c2;
68  int len = strlen(ibuf) / 2;
69  assert(!(strlen(ibuf) %1)); // must be even number of bytes
70 
71  while (*ibuf != 0)
72  {
73  c = *ibuf++;
74  if( c >= '0' && c <= '9' )
75  c -= '0';
76  else if( c >= 'a' && c <= 'f' )
77  c -= 'a' - 10;
78  else if( c >= 'A' && c <= 'F' )
79  c -= 'A' - 10;
80  else
81  assert( 0 );
82 
83  c2 = *ibuf++;
84  if( c2 >= '0' && c2 <= '9' )
85  c2 -= '0';
86  else if( c2 >= 'a' && c2 <= 'f' )
87  c2 -= 'a' - 10;
88  else if( c2 >= 'A' && c2 <= 'F' )
89  c2 -= 'A' - 10;
90  else
91  assert( 0 );
92 
93  *obuf++ = ( c << 4 ) | c2;
94  }
95 
96  return len;
97 }
98 
99 static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
100 {
101  unsigned char l, h;
102 
103  while (len != 0)
104  {
105  h = (*ibuf) / 16;
106  l = (*ibuf) % 16;
107 
108  if( h < 10 )
109  *obuf++ = '0' + h;
110  else
111  *obuf++ = 'a' + h - 10;
112 
113  if( l < 10 )
114  *obuf++ = '0' + l;
115  else
116  *obuf++ = 'a' + l - 10;
117 
118  ++ibuf;
119  len--;
120  }
121 }
122 
130 static unsigned char *zero_alloc( size_t len )
131 {
132  void *p;
133  size_t actual_len = len != 0 ? len : 1;
134 
135  p = polarssl_malloc( actual_len );
136  assert( p != NULL );
137 
138  memset( p, 0x00, actual_len );
139 
140  return( p );
141 }
142 
153 static unsigned char *unhexify_alloc( const char *ibuf, size_t *olen )
154 {
155  unsigned char *obuf;
156 
157  *olen = strlen(ibuf) / 2;
158 
159  if( *olen == 0 )
160  return( zero_alloc( *olen ) );
161 
162  obuf = polarssl_malloc( *olen );
163  assert( obuf != NULL );
164 
165  (void) unhexify( obuf, ibuf );
166 
167  return( obuf );
168 }
169 
179 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
180 {
181 #if !defined(__OpenBSD__)
182  size_t i;
183 
184  if( rng_state != NULL )
185  rng_state = NULL;
186 
187  for( i = 0; i < len; ++i )
188  output[i] = rand();
189 #else
190  if( rng_state != NULL )
191  rng_state = NULL;
192 
193  arc4random_buf( output, len );
194 #endif /* !OpenBSD */
195 
196  return( 0 );
197 }
198 
204 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
205 {
206  if( rng_state != NULL )
207  rng_state = NULL;
208 
209  memset( output, 0, len );
210 
211  return( 0 );
212 }
213 
214 typedef struct
215 {
216  unsigned char *buf;
217  size_t length;
218 } rnd_buf_info;
219 
231 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
232 {
233  rnd_buf_info *info = (rnd_buf_info *) rng_state;
234  size_t use_len;
235 
236  if( rng_state == NULL )
237  return( rnd_std_rand( NULL, output, len ) );
238 
239  use_len = len;
240  if( len > info->length )
241  use_len = info->length;
242 
243  if( use_len )
244  {
245  memcpy( output, info->buf, use_len );
246  info->buf += use_len;
247  info->length -= use_len;
248  }
249 
250  if( len - use_len > 0 )
251  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
252 
253  return( 0 );
254 }
255 
263 typedef struct
264 {
265  uint32_t key[16];
266  uint32_t v0, v1;
268 
277 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
278 {
279  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
280  uint32_t i, *k, sum, delta=0x9E3779B9;
281  unsigned char result[4], *out = output;
282 
283  if( rng_state == NULL )
284  return( rnd_std_rand( NULL, output, len ) );
285 
286  k = info->key;
287 
288  while( len > 0 )
289  {
290  size_t use_len = ( len > 4 ) ? 4 : len;
291  sum = 0;
292 
293  for( i = 0; i < 32; i++ )
294  {
295  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
296  sum += delta;
297  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
298  }
299 
300  PUT_UINT32_BE( info->v0, result, 0 );
301  memcpy( out, result, use_len );
302  len -= use_len;
303  out += 4;
304  }
305 
306  return( 0 );
307 }
308 
309 
310 #include <stdio.h>
311 #include <string.h>
312 
313 #if defined(POLARSSL_PLATFORM_C)
314 #include "polarssl/platform.h"
315 #else
316 #define polarssl_printf printf
317 #define polarssl_malloc malloc
318 #define polarssl_free free
319 #endif
320 
321 static int test_errors = 0;
322 
323 #ifdef POLARSSL_BIGNUM_C
324 #ifdef POLARSSL_FS_IO
325 #ifdef POLARSSL_PK_PARSE_C
326 
327 #define TEST_SUITE_ACTIVE
328 
329 static int test_assert( int correct, const char *test )
330 {
331  if( correct )
332  return( 0 );
333 
334  test_errors++;
335  if( test_errors == 1 )
336  printf( "FAILED\n" );
337  printf( " %s\n", test );
338 
339  return( 1 );
340 }
341 
342 #define TEST_ASSERT( TEST ) \
343  do { test_assert( (TEST) ? 1 : 0, #TEST ); \
344  if( test_errors) goto exit; \
345  } while (0)
346 
347 int verify_string( char **str )
348 {
349  if( (*str)[0] != '"' ||
350  (*str)[strlen( *str ) - 1] != '"' )
351  {
352  printf( "Expected string (with \"\") for parameter and got: %s\n", *str );
353  return( -1 );
354  }
355 
356  (*str)++;
357  (*str)[strlen( *str ) - 1] = '\0';
358 
359  return( 0 );
360 }
361 
362 int verify_int( char *str, int *value )
363 {
364  size_t i;
365  int minus = 0;
366  int digits = 1;
367  int hex = 0;
368 
369  for( i = 0; i < strlen( str ); i++ )
370  {
371  if( i == 0 && str[i] == '-' )
372  {
373  minus = 1;
374  continue;
375  }
376 
377  if( ( ( minus && i == 2 ) || ( !minus && i == 1 ) ) &&
378  str[i - 1] == '0' && str[i] == 'x' )
379  {
380  hex = 1;
381  continue;
382  }
383 
384  if( ! ( ( str[i] >= '0' && str[i] <= '9' ) ||
385  ( hex && ( ( str[i] >= 'a' && str[i] <= 'f' ) ||
386  ( str[i] >= 'A' && str[i] <= 'F' ) ) ) ) )
387  {
388  digits = 0;
389  break;
390  }
391  }
392 
393  if( digits )
394  {
395  if( hex )
396  *value = strtol( str, NULL, 16 );
397  else
398  *value = strtol( str, NULL, 10 );
399 
400  return( 0 );
401  }
402 
403 #ifdef POLARSSL_PEM_WRITE_C
404 #ifdef POLARSSL_X509_CSR_WRITE_C
405  if( strcmp( str, "KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION" ) == 0 )
406  {
408  return( 0 );
409  }
410 #endif // POLARSSL_PEM_WRITE_C
411 #endif // POLARSSL_X509_CSR_WRITE_C
412 #ifdef POLARSSL_PEM_WRITE_C
413 #ifdef POLARSSL_X509_CRT_WRITE_C
414 #ifdef POLARSSL_SHA1_C
415  if( strcmp( str, "X509_CRT_VERSION_1" ) == 0 )
416  {
417  *value = ( X509_CRT_VERSION_1 );
418  return( 0 );
419  }
420 #endif // POLARSSL_PEM_WRITE_C
421 #endif // POLARSSL_X509_CRT_WRITE_C
422 #endif // POLARSSL_SHA1_C
423 #ifdef POLARSSL_PEM_WRITE_C
424 #ifdef POLARSSL_X509_CSR_WRITE_C
425  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
426  {
427  *value = ( POLARSSL_MD_SHA1 );
428  return( 0 );
429  }
430 #endif // POLARSSL_PEM_WRITE_C
431 #endif // POLARSSL_X509_CSR_WRITE_C
432 #ifdef POLARSSL_PEM_WRITE_C
433 #ifdef POLARSSL_X509_CRT_WRITE_C
434 #ifdef POLARSSL_SHA1_C
435  if( strcmp( str, "POLARSSL_MD_SHA1" ) == 0 )
436  {
437  *value = ( POLARSSL_MD_SHA1 );
438  return( 0 );
439  }
440 #endif // POLARSSL_PEM_WRITE_C
441 #endif // POLARSSL_X509_CRT_WRITE_C
442 #endif // POLARSSL_SHA1_C
443 #ifdef POLARSSL_PEM_WRITE_C
444 #ifdef POLARSSL_X509_CSR_WRITE_C
445  if( strcmp( str, "NS_CERT_TYPE_SSL_SERVER" ) == 0 )
446  {
447  *value = ( NS_CERT_TYPE_SSL_SERVER );
448  return( 0 );
449  }
450 #endif // POLARSSL_PEM_WRITE_C
451 #endif // POLARSSL_X509_CSR_WRITE_C
452 #ifdef POLARSSL_PEM_WRITE_C
453 #ifdef POLARSSL_X509_CRT_WRITE_C
454 #ifdef POLARSSL_SHA1_C
455  if( strcmp( str, "NS_CERT_TYPE_SSL_SERVER" ) == 0 )
456  {
457  *value = ( NS_CERT_TYPE_SSL_SERVER );
458  return( 0 );
459  }
460 #endif // POLARSSL_PEM_WRITE_C
461 #endif // POLARSSL_X509_CRT_WRITE_C
462 #endif // POLARSSL_SHA1_C
463 #ifdef POLARSSL_PEM_WRITE_C
464 #ifdef POLARSSL_X509_CRT_WRITE_C
465 #ifdef POLARSSL_SHA1_C
466  if( strcmp( str, "-1" ) == 0 )
467  {
468  *value = ( -1 );
469  return( 0 );
470  }
471 #endif // POLARSSL_PEM_WRITE_C
472 #endif // POLARSSL_X509_CRT_WRITE_C
473 #endif // POLARSSL_SHA1_C
474 #ifdef POLARSSL_PEM_WRITE_C
475 #ifdef POLARSSL_X509_CSR_WRITE_C
476  if( strcmp( str, "POLARSSL_MD_SHA384" ) == 0 )
477  {
478  *value = ( POLARSSL_MD_SHA384 );
479  return( 0 );
480  }
481 #endif // POLARSSL_PEM_WRITE_C
482 #endif // POLARSSL_X509_CSR_WRITE_C
483 #ifdef POLARSSL_PEM_WRITE_C
484 #ifdef POLARSSL_X509_CSR_WRITE_C
485  if( strcmp( str, "POLARSSL_MD_SHA256" ) == 0 )
486  {
487  *value = ( POLARSSL_MD_SHA256 );
488  return( 0 );
489  }
490 #endif // POLARSSL_PEM_WRITE_C
491 #endif // POLARSSL_X509_CSR_WRITE_C
492 #ifdef POLARSSL_PEM_WRITE_C
493 #ifdef POLARSSL_X509_CSR_WRITE_C
494  if( strcmp( str, "POLARSSL_MD_MD5" ) == 0 )
495  {
496  *value = ( POLARSSL_MD_MD5 );
497  return( 0 );
498  }
499 #endif // POLARSSL_PEM_WRITE_C
500 #endif // POLARSSL_X509_CSR_WRITE_C
501 #ifdef POLARSSL_PEM_WRITE_C
502 #ifdef POLARSSL_X509_CSR_WRITE_C
503  if( strcmp( str, "KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT" ) == 0 )
504  {
506  return( 0 );
507  }
508 #endif // POLARSSL_PEM_WRITE_C
509 #endif // POLARSSL_X509_CSR_WRITE_C
510 #ifdef POLARSSL_PEM_WRITE_C
511 #ifdef POLARSSL_X509_CRT_WRITE_C
512 #ifdef POLARSSL_SHA1_C
513  if( strcmp( str, "KU_DIGITAL_SIGNATURE | KU_NON_REPUDIATION | KU_KEY_ENCIPHERMENT" ) == 0 )
514  {
516  return( 0 );
517  }
518 #endif // POLARSSL_PEM_WRITE_C
519 #endif // POLARSSL_X509_CRT_WRITE_C
520 #endif // POLARSSL_SHA1_C
521 #ifdef POLARSSL_PEM_WRITE_C
522 #ifdef POLARSSL_X509_CSR_WRITE_C
523  if( strcmp( str, "POLARSSL_MD_SHA224" ) == 0 )
524  {
525  *value = ( POLARSSL_MD_SHA224 );
526  return( 0 );
527  }
528 #endif // POLARSSL_PEM_WRITE_C
529 #endif // POLARSSL_X509_CSR_WRITE_C
530 #ifdef POLARSSL_PEM_WRITE_C
531 #ifdef POLARSSL_X509_CSR_WRITE_C
532  if( strcmp( str, "POLARSSL_MD_MD4" ) == 0 )
533  {
534  *value = ( POLARSSL_MD_MD4 );
535  return( 0 );
536  }
537 #endif // POLARSSL_PEM_WRITE_C
538 #endif // POLARSSL_X509_CSR_WRITE_C
539 #ifdef POLARSSL_PEM_WRITE_C
540 #ifdef POLARSSL_X509_CSR_WRITE_C
541  if( strcmp( str, "POLARSSL_MD_SHA512" ) == 0 )
542  {
543  *value = ( POLARSSL_MD_SHA512 );
544  return( 0 );
545  }
546 #endif // POLARSSL_PEM_WRITE_C
547 #endif // POLARSSL_X509_CSR_WRITE_C
548 
549 
550  printf( "Expected integer for parameter and got: %s\n", str );
551  return( -1 );
552 }
553 
554 #ifdef POLARSSL_PEM_WRITE_C
555 #ifdef POLARSSL_X509_CSR_WRITE_C
556 void test_suite_x509_csr_check( char *key_file, char *cert_req_check_file,
557  int md_type, int key_usage, int cert_type )
558 {
559  pk_context key;
560  x509write_csr req;
561  unsigned char buf[4000];
562  unsigned char check_buf[4000];
563  int ret;
564  size_t olen = 0, pem_len = 0;
565  FILE *f;
566  const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
567  rnd_pseudo_info rnd_info;
568 
569  memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
570 
571  pk_init( &key );
572  TEST_ASSERT( pk_parse_keyfile( &key, key_file, NULL ) == 0 );
573 
574  x509write_csr_init( &req );
575  x509write_csr_set_md_alg( &req, md_type );
576  x509write_csr_set_key( &req, &key );
577  TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );
578  if( key_usage != 0 )
579  TEST_ASSERT( x509write_csr_set_key_usage( &req, key_usage ) == 0 );
580  if( cert_type != 0 )
581  TEST_ASSERT( x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
582 
583  ret = x509write_csr_pem( &req, buf, sizeof(buf),
584  rnd_pseudo_rand, &rnd_info );
585  TEST_ASSERT( ret == 0 );
586 
587  pem_len = strlen( (char *) buf );
588 
589  f = fopen( cert_req_check_file, "r" );
590  TEST_ASSERT( f != NULL );
591  olen = fread( check_buf, 1, sizeof( check_buf ), f );
592  fclose( f );
593 
594  TEST_ASSERT( olen >= pem_len - 1 );
595  TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
596 
597 exit:
598  x509write_csr_free( &req );
599  pk_free( &key );
600 }
601 #endif /* POLARSSL_PEM_WRITE_C */
602 #endif /* POLARSSL_X509_CSR_WRITE_C */
603 
604 #ifdef POLARSSL_PEM_WRITE_C
605 #ifdef POLARSSL_X509_CRT_WRITE_C
606 #ifdef POLARSSL_SHA1_C
607 void test_suite_x509_crt_check( char *subject_key_file, char *subject_pwd,
608  char *subject_name, char *issuer_key_file,
609  char *issuer_pwd, char *issuer_name,
610  char *serial_str, char *not_before, char *not_after,
611  int md_type, int key_usage, int cert_type, int ver,
612  char *cert_check_file )
613 {
614  pk_context subject_key, issuer_key;
615  x509write_cert crt;
616  unsigned char buf[4000];
617  unsigned char check_buf[5000];
618  mpi serial;
619  int ret;
620  size_t olen = 0, pem_len = 0;
621  FILE *f;
622  rnd_pseudo_info rnd_info;
623 
624  memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
625  mpi_init( &serial );
626  pk_init( &subject_key );
627  pk_init( &issuer_key );
628 
629  TEST_ASSERT( pk_parse_keyfile( &subject_key, subject_key_file,
630  subject_pwd ) == 0 );
631  TEST_ASSERT( pk_parse_keyfile( &issuer_key, issuer_key_file,
632  issuer_pwd ) == 0 );
633  TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
634 
635  x509write_crt_init( &crt );
636  if( ver != -1 )
637  x509write_crt_set_version( &crt, ver );
638  TEST_ASSERT( x509write_crt_set_serial( &crt, &serial ) == 0 );
639  TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
640  not_after ) == 0 );
641  x509write_crt_set_md_alg( &crt, md_type );
642  TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
643  TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
644  x509write_crt_set_subject_key( &crt, &subject_key );
645  x509write_crt_set_issuer_key( &crt, &issuer_key );
646 
647  if( crt.version >= X509_CRT_VERSION_3 )
648  {
649  TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
652  if( key_usage != 0 )
653  TEST_ASSERT( x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
654  if( cert_type != 0 )
655  TEST_ASSERT( x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
656  }
657 
658  ret = x509write_crt_pem( &crt, buf, sizeof(buf),
659  rnd_pseudo_rand, &rnd_info );
660  TEST_ASSERT( ret == 0 );
661 
662  pem_len = strlen( (char *) buf );
663 
664  f = fopen( cert_check_file, "r" );
665  TEST_ASSERT( f != NULL );
666  olen = fread( check_buf, 1, sizeof(check_buf), f );
667  TEST_ASSERT( olen < sizeof(check_buf) );
668  fclose( f );
669 
670  TEST_ASSERT( olen >= pem_len - 1 );
671  TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
672 
673 exit:
674  x509write_crt_free( &crt );
675  pk_free( &issuer_key );
676  pk_free( &subject_key );
677  mpi_free( &serial );
678 }
679 #endif /* POLARSSL_PEM_WRITE_C */
680 #endif /* POLARSSL_X509_CRT_WRITE_C */
681 #endif /* POLARSSL_SHA1_C */
682 
683 
684 #endif /* POLARSSL_BIGNUM_C */
685 #endif /* POLARSSL_FS_IO */
686 #endif /* POLARSSL_PK_PARSE_C */
687 
688 
689 int dep_check( char *str )
690 {
691  if( str == NULL )
692  return( 1 );
693 
694  if( strcmp( str, "POLARSSL_MD5_C" ) == 0 )
695  {
696 #if defined(POLARSSL_MD5_C)
697  return( 0 );
698 #else
699  return( 1 );
700 #endif
701  }
702  if( strcmp( str, "POLARSSL_CIPHER_MODE_CBC" ) == 0 )
703  {
704 #if defined(POLARSSL_CIPHER_MODE_CBC)
705  return( 0 );
706 #else
707  return( 1 );
708 #endif
709  }
710  if( strcmp( str, "POLARSSL_ECP_DP_SECP256R1_ENABLED" ) == 0 )
711  {
712 #if defined(POLARSSL_ECP_DP_SECP256R1_ENABLED)
713  return( 0 );
714 #else
715  return( 1 );
716 #endif
717  }
718  if( strcmp( str, "POLARSSL_ECDSA_DETERMINISTIC" ) == 0 )
719  {
720 #if defined(POLARSSL_ECDSA_DETERMINISTIC)
721  return( 0 );
722 #else
723  return( 1 );
724 #endif
725  }
726  if( strcmp( str, "POLARSSL_SHA1_C" ) == 0 )
727  {
728 #if defined(POLARSSL_SHA1_C)
729  return( 0 );
730 #else
731  return( 1 );
732 #endif
733  }
734  if( strcmp( str, "POLARSSL_DES_C" ) == 0 )
735  {
736 #if defined(POLARSSL_DES_C)
737  return( 0 );
738 #else
739  return( 1 );
740 #endif
741  }
742  if( strcmp( str, "POLARSSL_ECDSA_C" ) == 0 )
743  {
744 #if defined(POLARSSL_ECDSA_C)
745  return( 0 );
746 #else
747  return( 1 );
748 #endif
749  }
750  if( strcmp( str, "POLARSSL_SHA256_C" ) == 0 )
751  {
752 #if defined(POLARSSL_SHA256_C)
753  return( 0 );
754 #else
755  return( 1 );
756 #endif
757  }
758  if( strcmp( str, "POLARSSL_SHA512_C" ) == 0 )
759  {
760 #if defined(POLARSSL_SHA512_C)
761  return( 0 );
762 #else
763  return( 1 );
764 #endif
765  }
766  if( strcmp( str, "POLARSSL_RSA_C" ) == 0 )
767  {
768 #if defined(POLARSSL_RSA_C)
769  return( 0 );
770 #else
771  return( 1 );
772 #endif
773  }
774  if( strcmp( str, "POLARSSL_PKCS1_V15" ) == 0 )
775  {
776 #if defined(POLARSSL_PKCS1_V15)
777  return( 0 );
778 #else
779  return( 1 );
780 #endif
781  }
782  if( strcmp( str, "POLARSSL_MD4_C" ) == 0 )
783  {
784 #if defined(POLARSSL_MD4_C)
785  return( 0 );
786 #else
787  return( 1 );
788 #endif
789  }
790 
791 
792  return( 1 );
793 }
794 
795 int dispatch_test(int cnt, char *params[50])
796 {
797  int ret;
798  ((void) cnt);
799  ((void) params);
800 
801 #if defined(TEST_SUITE_ACTIVE)
802  if( strcmp( params[0], "x509_csr_check" ) == 0 )
803  {
804  #ifdef POLARSSL_PEM_WRITE_C
805  #ifdef POLARSSL_X509_CSR_WRITE_C
806 
807  char *param1 = params[1];
808  char *param2 = params[2];
809  int param3;
810  int param4;
811  int param5;
812 
813  if( cnt != 6 )
814  {
815  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 6 );
816  return( 2 );
817  }
818 
819  if( verify_string( &param1 ) != 0 ) return( 2 );
820  if( verify_string( &param2 ) != 0 ) return( 2 );
821  if( verify_int( params[3], &param3 ) != 0 ) return( 2 );
822  if( verify_int( params[4], &param4 ) != 0 ) return( 2 );
823  if( verify_int( params[5], &param5 ) != 0 ) return( 2 );
824 
825  test_suite_x509_csr_check( param1, param2, param3, param4, param5 );
826  return ( 0 );
827  #endif /* POLARSSL_PEM_WRITE_C */
828  #endif /* POLARSSL_X509_CSR_WRITE_C */
829 
830  return ( 3 );
831  }
832  else
833  if( strcmp( params[0], "x509_crt_check" ) == 0 )
834  {
835  #ifdef POLARSSL_PEM_WRITE_C
836  #ifdef POLARSSL_X509_CRT_WRITE_C
837  #ifdef POLARSSL_SHA1_C
838 
839  char *param1 = params[1];
840  char *param2 = params[2];
841  char *param3 = params[3];
842  char *param4 = params[4];
843  char *param5 = params[5];
844  char *param6 = params[6];
845  char *param7 = params[7];
846  char *param8 = params[8];
847  char *param9 = params[9];
848  int param10;
849  int param11;
850  int param12;
851  int param13;
852  char *param14 = params[14];
853 
854  if( cnt != 15 )
855  {
856  fprintf( stderr, "\nIncorrect argument count (%d != %d)\n", cnt, 15 );
857  return( 2 );
858  }
859 
860  if( verify_string( &param1 ) != 0 ) return( 2 );
861  if( verify_string( &param2 ) != 0 ) return( 2 );
862  if( verify_string( &param3 ) != 0 ) return( 2 );
863  if( verify_string( &param4 ) != 0 ) return( 2 );
864  if( verify_string( &param5 ) != 0 ) return( 2 );
865  if( verify_string( &param6 ) != 0 ) return( 2 );
866  if( verify_string( &param7 ) != 0 ) return( 2 );
867  if( verify_string( &param8 ) != 0 ) return( 2 );
868  if( verify_string( &param9 ) != 0 ) return( 2 );
869  if( verify_int( params[10], &param10 ) != 0 ) return( 2 );
870  if( verify_int( params[11], &param11 ) != 0 ) return( 2 );
871  if( verify_int( params[12], &param12 ) != 0 ) return( 2 );
872  if( verify_int( params[13], &param13 ) != 0 ) return( 2 );
873  if( verify_string( &param14 ) != 0 ) return( 2 );
874 
875  test_suite_x509_crt_check( param1, param2, param3, param4, param5, param6, param7, param8, param9, param10, param11, param12, param13, param14 );
876  return ( 0 );
877  #endif /* POLARSSL_PEM_WRITE_C */
878  #endif /* POLARSSL_X509_CRT_WRITE_C */
879  #endif /* POLARSSL_SHA1_C */
880 
881  return ( 3 );
882  }
883  else
884 
885  {
886  fprintf( stdout, "FAILED\nSkipping unknown test function '%s'\n", params[0] );
887  fflush( stdout );
888  return( 1 );
889  }
890 #else
891  return( 3 );
892 #endif
893  return( ret );
894 }
895 
896 int get_line( FILE *f, char *buf, size_t len )
897 {
898  char *ret;
899 
900  ret = fgets( buf, len, f );
901  if( ret == NULL )
902  return( -1 );
903 
904  if( strlen( buf ) && buf[strlen(buf) - 1] == '\n' )
905  buf[strlen(buf) - 1] = '\0';
906  if( strlen( buf ) && buf[strlen(buf) - 1] == '\r' )
907  buf[strlen(buf) - 1] = '\0';
908 
909  return( 0 );
910 }
911 
912 int parse_arguments( char *buf, size_t len, char *params[50] )
913 {
914  int cnt = 0, i;
915  char *cur = buf;
916  char *p = buf, *q;
917 
918  params[cnt++] = cur;
919 
920  while( *p != '\0' && p < buf + len )
921  {
922  if( *p == '\\' )
923  {
924  p++;
925  p++;
926  continue;
927  }
928  if( *p == ':' )
929  {
930  if( p + 1 < buf + len )
931  {
932  cur = p + 1;
933  params[cnt++] = cur;
934  }
935  *p = '\0';
936  }
937 
938  p++;
939  }
940 
941  // Replace newlines, question marks and colons in strings
942  for( i = 0; i < cnt; i++ )
943  {
944  p = params[i];
945  q = params[i];
946 
947  while( *p != '\0' )
948  {
949  if( *p == '\\' && *(p + 1) == 'n' )
950  {
951  p += 2;
952  *(q++) = '\n';
953  }
954  else if( *p == '\\' && *(p + 1) == ':' )
955  {
956  p += 2;
957  *(q++) = ':';
958  }
959  else if( *p == '\\' && *(p + 1) == '?' )
960  {
961  p += 2;
962  *(q++) = '?';
963  }
964  else
965  *(q++) = *(p++);
966  }
967  *q = '\0';
968  }
969 
970  return( cnt );
971 }
972 
973 int main()
974 {
975  int ret, i, cnt, total_errors = 0, total_tests = 0, total_skipped = 0;
976  const char *filename = "/tmp/B.43ee1cd1-d3e3-4a1b-8449-a820e9bbf54f/BUILD/polarssl-1.3.8/tests/suites/test_suite_x509write.data";
977  FILE *file;
978  char buf[5000];
979  char *params[50];
980 
981 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
982  unsigned char alloc_buf[1000000];
983  memory_buffer_alloc_init( alloc_buf, sizeof(alloc_buf) );
984 #endif
985 
986  file = fopen( filename, "r" );
987  if( file == NULL )
988  {
989  fprintf( stderr, "Failed to open\n" );
990  return( 1 );
991  }
992 
993  while( !feof( file ) )
994  {
995  int skip = 0;
996 
997  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
998  break;
999  fprintf( stdout, "%s%.66s", test_errors ? "\n" : "", buf );
1000  fprintf( stdout, " " );
1001  for( i = strlen( buf ) + 1; i < 67; i++ )
1002  fprintf( stdout, "." );
1003  fprintf( stdout, " " );
1004  fflush( stdout );
1005 
1006  total_tests++;
1007 
1008  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1009  break;
1010  cnt = parse_arguments( buf, strlen(buf), params );
1011 
1012  if( strcmp( params[0], "depends_on" ) == 0 )
1013  {
1014  for( i = 1; i < cnt; i++ )
1015  if( dep_check( params[i] ) != 0 )
1016  skip = 1;
1017 
1018  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1019  break;
1020  cnt = parse_arguments( buf, strlen(buf), params );
1021  }
1022 
1023  if( skip == 0 )
1024  {
1025  test_errors = 0;
1026  ret = dispatch_test( cnt, params );
1027  }
1028 
1029  if( skip == 1 || ret == 3 )
1030  {
1031  total_skipped++;
1032  fprintf( stdout, "----\n" );
1033  fflush( stdout );
1034  }
1035  else if( ret == 0 && test_errors == 0 )
1036  {
1037  fprintf( stdout, "PASS\n" );
1038  fflush( stdout );
1039  }
1040  else if( ret == 2 )
1041  {
1042  fprintf( stderr, "FAILED: FATAL PARSE ERROR\n" );
1043  fclose(file);
1044  exit( 2 );
1045  }
1046  else
1047  total_errors++;
1048 
1049  if( ( ret = get_line( file, buf, sizeof(buf) ) ) != 0 )
1050  break;
1051  if( strlen(buf) != 0 )
1052  {
1053  fprintf( stderr, "Should be empty %d\n", (int) strlen(buf) );
1054  return( 1 );
1055  }
1056  }
1057  fclose(file);
1058 
1059  fprintf( stdout, "\n----------------------------------------------------------------------------\n\n");
1060  if( total_errors == 0 )
1061  fprintf( stdout, "PASSED" );
1062  else
1063  fprintf( stdout, "FAILED" );
1064 
1065  fprintf( stdout, " (%d / %d tests (%d skipped))\n",
1066  total_tests - total_errors, total_tests, total_skipped );
1067 
1068 #if defined(POLARSSL_MEMORY_BUFFER_ALLOC_C)
1069 #if defined(POLARSSL_MEMORY_DEBUG)
1070  memory_buffer_alloc_status();
1071 #endif
1073 #endif
1074 
1075  return( total_errors != 0 );
1076 }
1077 
1078 
static int rnd_pseudo_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a pseudo random function.
void x509write_csr_free(x509write_csr *ctx)
Free the contents of a CSR context.
void x509write_crt_set_version(x509write_cert *ctx, int version)
Set the verion for a Certificate Default: X509_CRT_VERSION_3.
static int rnd_zero_rand(void *rng_state, unsigned char *output, size_t len)
This function only returns zeros.
int x509write_crt_set_validity(x509write_cert *ctx, const char *not_before, const char *not_after)
Set the validity period for a Certificate Timestamps should be in string format for UTC timezone i...
#define KU_NON_REPUDIATION
Definition: x509.h:94
Memory allocation layer (Deprecated to platform layer)
Info structure for the pseudo random function.
void memory_buffer_alloc_free(void)
Free the mutex for thread-safety and clear remaining memory.
void x509write_csr_set_md_alg(x509write_csr *ctx, md_type_t md_alg)
Set the MD algorithm to use for the signature (e.g.
int x509write_csr_set_ns_cert_type(x509write_csr *ctx, unsigned char ns_cert_type)
Set the Netscape Cert Type flags (e.g.
Configuration options (set of defines)
int x509write_csr_pem(x509write_csr *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Write a CSR (Certificate Signing Request) to a PEM string.
void x509write_crt_set_md_alg(x509write_cert *ctx, md_type_t md_alg)
Set the MD algorithm to use for the signature (e.g.
#define PUT_UINT32_BE(n, b, i)
MPI structure.
Definition: bignum.h:182
PolarSSL Platform abstraction layer.
static int test_assert(int correct, const char *test)
int x509write_csr_set_key_usage(x509write_csr *ctx, unsigned char key_usage)
Set the Key Usage Extension flags (e.g.
void mpi_init(mpi *X)
Initialize one MPI.
static int test_errors
Object Identifier (OID) database.
int memory_buffer_alloc_init(unsigned char *buf, size_t len)
Initialize use of stack-based memory allocator.
#define TEST_ASSERT(TEST)
int x509write_crt_set_key_usage(x509write_cert *ctx, unsigned char key_usage)
Set the Key Usage Extension flags (e.g.
static void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
void x509write_crt_free(x509write_cert *ctx)
Free the contents of a CRT write context.
Privacy Enhanced Mail (PEM) decoding.
#define X509_CRT_VERSION_3
Definition: x509_crt.h:104
int x509write_crt_set_subject_key_identifier(x509write_cert *ctx)
Set the subjectKeyIdentifier extension for a CRT Requires that x509write_crt_set_subject_key() has be...
static unsigned char * zero_alloc(size_t len)
Allocate and zeroize a buffer.
int x509write_crt_set_issuer_name(x509write_cert *ctx, const char *issuer_name)
Set the issuer name for a Certificate Issuer names should contain a comma-separated list of OID types...
X.509 certificate signing request parsing and writing.
void mpi_free(mpi *X)
Unallocate one MPI.
void x509write_csr_init(x509write_csr *ctx)
Initialize a CSR context.
int main()
#define polarssl_malloc
X.509 certificate parsing and writing.
void x509write_crt_set_issuer_key(x509write_cert *ctx, pk_context *key)
Set the issuer key used for signing the certificate.
int x509write_crt_set_serial(x509write_cert *ctx, const mpi *serial)
Set the serial number for a Certificate.
int get_line(FILE *f, char *buf, size_t len)
void x509write_csr_set_key(x509write_csr *ctx, pk_context *key)
Set the key for a CSR (public key will be included, private key used to sign the CSR when writing it)...
int x509write_crt_set_authority_key_identifier(x509write_cert *ctx)
Set the authorityKeyIdentifier extension for a CRT Requires that x509write_crt_set_issuer_key() has b...
int x509write_crt_set_ns_cert_type(x509write_cert *ctx, unsigned char ns_cert_type)
Set the Netscape Cert Type flags (e.g.
Container for writing a certificate (CRT)
Definition: x509_crt.h:112
int mpi_read_string(mpi *X, int radix, const char *s)
Import from an ASCII string.
#define X509_CRT_VERSION_1
Definition: x509_crt.h:102
int x509write_crt_set_subject_name(x509write_cert *ctx, const char *subject_name)
Set the subject name for a Certificate Subject names should contain a comma-separated list of OID typ...
int verify_string(char **str)
void pk_free(pk_context *ctx)
Free a pk_context.
static int rnd_std_rand(void *rng_state, unsigned char *output, size_t len)
This function just returns data from rand().
int parse_arguments(char *buf, size_t len, char *params[50])
int x509write_crt_set_basic_constraints(x509write_cert *ctx, int is_ca, int max_pathlen)
Set the basicConstraints extension for a CRT.
void pk_init(pk_context *ctx)
Initialize a pk_context (as NONE)
#define KU_DIGITAL_SIGNATURE
Definition: x509.h:93
#define NS_CERT_TYPE_SSL_SERVER
Definition: x509.h:107
unsigned char * buf
int x509write_csr_set_subject_name(x509write_csr *ctx, const char *subject_name)
Set the subject name for a CSR Subject names should contain a comma-separated list of OID types and v...
int dispatch_test(int cnt, char *params[50])
void x509write_crt_init(x509write_cert *ctx)
Initialize a CRT writing context.
static int rnd_buffer_rand(void *rng_state, unsigned char *output, size_t len)
This function returns random based on a buffer it receives.
int verify_int(char *str, int *value)
static int unhexify(unsigned char *obuf, const char *ibuf)
void x509write_crt_set_subject_key(x509write_cert *ctx, pk_context *key)
Set the subject public key for the certificate.
int pk_parse_keyfile(pk_context *ctx, const char *path, const char *password)
Load and parse a private key.
int dep_check(char *str)
int x509write_crt_pem(x509write_cert *ctx, unsigned char *buf, size_t size, int(*f_rng)(void *, unsigned char *, size_t), void *p_rng)
Write a built up certificate to a X509 PEM string.
#define KU_KEY_ENCIPHERMENT
Definition: x509.h:95
Public key container.
Definition: pk.h:194
Container for writing a CSR.
Definition: x509_csr.h:77
static unsigned char * unhexify_alloc(const char *ibuf, size_t *olen)
Allocate and fill a buffer from hex data.