2013-08-20 09:48:36 +00:00
|
|
|
/* BEGIN_HEADER */
|
2012-02-16 14:09:13 +00:00
|
|
|
#include <polarssl/x509write.h>
|
|
|
|
|
#include <polarssl/x509.h>
|
|
|
|
|
#include <polarssl/pem.h>
|
2013-04-07 20:00:46 +00:00
|
|
|
#include <polarssl/oid.h>
|
2013-08-20 09:48:36 +00:00
|
|
|
/* END_HEADER */
|
2012-02-16 14:09:13 +00:00
|
|
|
|
2013-08-20 09:48:36 +00:00
|
|
|
/* BEGIN_DEPENDENCIES
|
|
|
|
|
* depends_on:POLARSSL_X509_WRITE_C:POLARSSL_BIGNUM_C
|
|
|
|
|
* END_DEPENDENCIES
|
|
|
|
|
*/
|
2012-02-16 14:09:13 +00:00
|
|
|
|
2013-08-20 09:48:36 +00:00
|
|
|
/* BEGIN_CASE */
|
2013-08-25 09:01:31 +00:00
|
|
|
void x509_csr_check( char *key_file, int md_type,
|
2013-08-20 09:48:36 +00:00
|
|
|
char *cert_req_check_file )
|
2012-02-16 14:09:13 +00:00
|
|
|
{
|
2013-09-11 20:48:40 +00:00
|
|
|
pk_context key;
|
2012-02-16 14:09:13 +00:00
|
|
|
pem_context pem;
|
2013-09-09 10:08:11 +00:00
|
|
|
x509write_csr req;
|
2012-02-16 14:09:13 +00:00
|
|
|
unsigned char *c;
|
|
|
|
|
unsigned char buf[4000];
|
|
|
|
|
unsigned char check_buf[4000];
|
|
|
|
|
int ret;
|
2013-09-11 15:33:28 +00:00
|
|
|
size_t olen = sizeof( check_buf );
|
2012-02-16 14:09:13 +00:00
|
|
|
FILE *f;
|
2013-08-25 08:33:27 +00:00
|
|
|
char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
|
2013-09-11 20:48:40 +00:00
|
|
|
rnd_pseudo_info rnd_info;
|
2012-02-16 14:09:13 +00:00
|
|
|
|
2013-09-11 20:48:40 +00:00
|
|
|
memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
|
|
|
|
|
|
|
|
|
|
pk_init( &key );
|
|
|
|
|
TEST_ASSERT( x509parse_keyfile( &key, key_file, NULL ) == 0 );
|
2012-02-16 14:09:13 +00:00
|
|
|
|
2013-08-25 09:01:31 +00:00
|
|
|
x509write_csr_init( &req );
|
|
|
|
|
x509write_csr_set_md_alg( &req, md_type );
|
2013-09-11 20:48:40 +00:00
|
|
|
x509write_csr_set_key( &req, &key );
|
2013-08-25 09:01:31 +00:00
|
|
|
TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );
|
2013-08-25 08:18:25 +00:00
|
|
|
|
2013-09-11 20:48:40 +00:00
|
|
|
ret = x509write_csr_der( &req, buf, sizeof( buf ),
|
|
|
|
|
rnd_pseudo_rand, &rnd_info );
|
2012-02-16 14:09:13 +00:00
|
|
|
TEST_ASSERT( ret >= 0 );
|
|
|
|
|
|
2013-09-11 15:33:28 +00:00
|
|
|
c = buf + sizeof( buf ) - ret;
|
2012-02-16 14:09:13 +00:00
|
|
|
|
2013-08-20 09:48:36 +00:00
|
|
|
f = fopen( cert_req_check_file, "r" );
|
2012-02-16 14:09:13 +00:00
|
|
|
TEST_ASSERT( f != NULL );
|
2013-09-11 15:33:28 +00:00
|
|
|
fread( check_buf, 1, sizeof( check_buf ), f );
|
2012-02-16 14:09:13 +00:00
|
|
|
fclose( f );
|
|
|
|
|
|
|
|
|
|
pem_init( &pem );
|
|
|
|
|
pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( pem.buflen == (size_t) ret );
|
2013-09-11 15:33:28 +00:00
|
|
|
TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
|
2013-01-03 10:33:48 +00:00
|
|
|
|
2013-08-25 09:01:31 +00:00
|
|
|
x509write_csr_free( &req );
|
2013-01-03 10:33:48 +00:00
|
|
|
pem_free( &pem );
|
2013-09-11 20:48:40 +00:00
|
|
|
pk_free( &key );
|
2012-02-16 14:09:13 +00:00
|
|
|
}
|
2013-08-20 09:48:36 +00:00
|
|
|
/* END_CASE */
|
2013-09-08 13:58:15 +00:00
|
|
|
|
|
|
|
|
/* BEGIN_CASE */
|
|
|
|
|
void x509_crt_check( char *subject_key_file, char *subject_pwd,
|
|
|
|
|
char *subject_name, char *issuer_key_file,
|
|
|
|
|
char *issuer_pwd, char *issuer_name,
|
|
|
|
|
char *serial_str, char *not_before, char *not_after,
|
|
|
|
|
int md_type, char *cert_check_file )
|
|
|
|
|
{
|
|
|
|
|
rsa_context subject_rsa, issuer_rsa;
|
|
|
|
|
pem_context pem;
|
|
|
|
|
x509write_cert crt;
|
|
|
|
|
unsigned char *c;
|
|
|
|
|
unsigned char buf[4000];
|
|
|
|
|
unsigned char check_buf[5000];
|
|
|
|
|
mpi serial;
|
|
|
|
|
int ret;
|
2013-09-11 15:33:28 +00:00
|
|
|
size_t olen = sizeof( check_buf );
|
2013-09-08 13:58:15 +00:00
|
|
|
FILE *f;
|
|
|
|
|
|
|
|
|
|
mpi_init( &serial );
|
|
|
|
|
rsa_init( &subject_rsa, RSA_PKCS_V15, 0 );
|
|
|
|
|
rsa_init( &issuer_rsa, RSA_PKCS_V15, 0 );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( x509parse_keyfile_rsa( &subject_rsa, subject_key_file,
|
|
|
|
|
subject_pwd ) == 0 );
|
|
|
|
|
TEST_ASSERT( x509parse_keyfile_rsa( &issuer_rsa, issuer_key_file,
|
|
|
|
|
issuer_pwd ) == 0 );
|
|
|
|
|
TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
|
|
|
|
|
|
|
|
|
|
x509write_crt_init( &crt );
|
|
|
|
|
x509write_crt_set_serial( &crt, &serial );
|
|
|
|
|
TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
|
|
|
|
|
not_after ) == 0 );
|
|
|
|
|
x509write_crt_set_md_alg( &crt, md_type );
|
|
|
|
|
TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
|
|
|
|
|
TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
|
|
|
|
|
x509write_crt_set_subject_key( &crt, &subject_rsa );
|
|
|
|
|
x509write_crt_set_issuer_key( &crt, &issuer_rsa );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
|
|
|
|
|
TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
|
|
|
|
|
TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
|
|
|
|
|
|
|
|
|
|
ret = x509write_crt_der( &crt, buf, sizeof(buf) );
|
|
|
|
|
TEST_ASSERT( ret >= 0 );
|
|
|
|
|
|
2013-09-11 15:33:28 +00:00
|
|
|
c = buf + sizeof( buf ) - ret;
|
2013-09-08 13:58:15 +00:00
|
|
|
|
|
|
|
|
f = fopen( cert_check_file, "r" );
|
|
|
|
|
TEST_ASSERT( f != NULL );
|
|
|
|
|
TEST_ASSERT( fread( check_buf, 1, sizeof(check_buf), f ) < sizeof(check_buf) );
|
|
|
|
|
fclose( f );
|
|
|
|
|
|
|
|
|
|
pem_init( &pem );
|
|
|
|
|
TEST_ASSERT( pem_read_buffer( &pem, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", check_buf, NULL, 0, &olen ) >= 0 );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( pem.buflen == (size_t) ret );
|
|
|
|
|
TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
|
|
|
|
|
|
|
|
|
|
x509write_crt_free( &crt );
|
|
|
|
|
rsa_free( &issuer_rsa );
|
|
|
|
|
rsa_free( &subject_rsa );
|
|
|
|
|
pem_free( &pem );
|
|
|
|
|
mpi_free( &serial );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
2013-09-11 21:46:51 +00:00
|
|
|
|
|
|
|
|
/* BEGIN_CASE */
|
|
|
|
|
void x509_pubkey_check( char *key_file )
|
|
|
|
|
{
|
|
|
|
|
pk_context key;
|
|
|
|
|
unsigned char buf[5000];
|
|
|
|
|
unsigned char check_buf[5000];
|
|
|
|
|
int ret;
|
|
|
|
|
FILE *f;
|
|
|
|
|
|
|
|
|
|
memset( buf, 0, sizeof( buf ) );
|
|
|
|
|
memset( check_buf, 0, sizeof( check_buf ) );
|
|
|
|
|
|
|
|
|
|
pk_init( &key );
|
|
|
|
|
TEST_ASSERT( x509parse_public_keyfile( &key, key_file ) == 0 );
|
|
|
|
|
|
2013-09-11 22:59:40 +00:00
|
|
|
ret = x509write_pubkey_pem( &key, buf, sizeof( buf ) - 1);
|
2013-09-11 21:46:51 +00:00
|
|
|
TEST_ASSERT( ret >= 0 );
|
|
|
|
|
|
|
|
|
|
f = fopen( key_file, "r" );
|
|
|
|
|
TEST_ASSERT( f != NULL );
|
|
|
|
|
fread( check_buf, 1, sizeof( check_buf ) - 1, f );
|
|
|
|
|
fclose( f );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
|
|
|
|
|
|
|
|
|
|
pk_free( &key );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
2013-09-12 01:31:34 +00:00
|
|
|
|
|
|
|
|
/* BEGIN_CASE */
|
|
|
|
|
void x509_key_check( char *key_file )
|
|
|
|
|
{
|
|
|
|
|
pk_context key;
|
|
|
|
|
unsigned char buf[5000];
|
|
|
|
|
unsigned char check_buf[5000];
|
|
|
|
|
int ret;
|
|
|
|
|
FILE *f;
|
|
|
|
|
|
|
|
|
|
memset( buf, 0, sizeof( buf ) );
|
|
|
|
|
memset( check_buf, 0, sizeof( check_buf ) );
|
|
|
|
|
|
|
|
|
|
pk_init( &key );
|
|
|
|
|
TEST_ASSERT( x509parse_keyfile( &key, key_file, NULL ) == 0 );
|
|
|
|
|
|
2013-09-12 02:59:34 +00:00
|
|
|
ret = x509write_key_pem( &key, buf, sizeof( buf ) - 1);
|
2013-09-12 01:31:34 +00:00
|
|
|
TEST_ASSERT( ret >= 0 );
|
|
|
|
|
|
|
|
|
|
f = fopen( key_file, "r" );
|
|
|
|
|
TEST_ASSERT( f != NULL );
|
|
|
|
|
fread( check_buf, 1, sizeof( check_buf ) - 1, f );
|
|
|
|
|
fclose( f );
|
|
|
|
|
|
|
|
|
|
TEST_ASSERT( strncmp( (char *) buf, (char *) check_buf, sizeof( buf ) ) == 0 );
|
|
|
|
|
|
|
|
|
|
pk_free( &key );
|
|
|
|
|
}
|
|
|
|
|
/* END_CASE */
|
