PolarSSL v1.2.5
test_suite_x509write.c
Go to the documentation of this file.
1 #include "fct.h"
2 
3 #include <polarssl/x509write.h>
4 #include <polarssl/x509.h>
5 #include <polarssl/pem.h>
6 
7 #include <polarssl/config.h>
8 
9 #ifdef _MSC_VER
10 #include <basetsd.h>
11 typedef UINT32 uint32_t;
12 #else
13 #include <inttypes.h>
14 #endif
15 
16 /*
17  * 32-bit integer manipulation macros (big endian)
18  */
19 #ifndef GET_UINT32_BE
20 #define GET_UINT32_BE(n,b,i) \
21 { \
22  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
23  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
24  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
25  | ( (uint32_t) (b)[(i) + 3] ); \
26 }
27 #endif
28 
29 #ifndef PUT_UINT32_BE
30 #define PUT_UINT32_BE(n,b,i) \
31 { \
32  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
33  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
34  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
35  (b)[(i) + 3] = (unsigned char) ( (n) ); \
36 }
37 #endif
38 
39 int unhexify(unsigned char *obuf, const char *ibuf)
40 {
41  unsigned char c, c2;
42  int len = strlen(ibuf) / 2;
43  assert(!(strlen(ibuf) %1)); // must be even number of bytes
44 
45  while (*ibuf != 0)
46  {
47  c = *ibuf++;
48  if( c >= '0' && c <= '9' )
49  c -= '0';
50  else if( c >= 'a' && c <= 'f' )
51  c -= 'a' - 10;
52  else if( c >= 'A' && c <= 'F' )
53  c -= 'A' - 10;
54  else
55  assert( 0 );
56 
57  c2 = *ibuf++;
58  if( c2 >= '0' && c2 <= '9' )
59  c2 -= '0';
60  else if( c2 >= 'a' && c2 <= 'f' )
61  c2 -= 'a' - 10;
62  else if( c2 >= 'A' && c2 <= 'F' )
63  c2 -= 'A' - 10;
64  else
65  assert( 0 );
66 
67  *obuf++ = ( c << 4 ) | c2;
68  }
69 
70  return len;
71 }
72 
73 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
74 {
75  unsigned char l, h;
76 
77  while (len != 0)
78  {
79  h = (*ibuf) / 16;
80  l = (*ibuf) % 16;
81 
82  if( h < 10 )
83  *obuf++ = '0' + h;
84  else
85  *obuf++ = 'a' + h - 10;
86 
87  if( l < 10 )
88  *obuf++ = '0' + l;
89  else
90  *obuf++ = 'a' + l - 10;
91 
92  ++ibuf;
93  len--;
94  }
95 }
96 
106 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
107 {
108  size_t i;
109 
110  if( rng_state != NULL )
111  rng_state = NULL;
112 
113  for( i = 0; i < len; ++i )
114  output[i] = rand();
115 
116  return( 0 );
117 }
118 
124 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
125 {
126  if( rng_state != NULL )
127  rng_state = NULL;
128 
129  memset( output, 0, len );
130 
131  return( 0 );
132 }
133 
134 typedef struct
135 {
136  unsigned char *buf;
137  size_t length;
138 } rnd_buf_info;
139 
151 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
152 {
153  rnd_buf_info *info = (rnd_buf_info *) rng_state;
154  size_t use_len;
155 
156  if( rng_state == NULL )
157  return( rnd_std_rand( NULL, output, len ) );
158 
159  use_len = len;
160  if( len > info->length )
161  use_len = info->length;
162 
163  if( use_len )
164  {
165  memcpy( output, info->buf, use_len );
166  info->buf += use_len;
167  info->length -= use_len;
168  }
169 
170  if( len - use_len > 0 )
171  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
172 
173  return( 0 );
174 }
175 
183 typedef struct
184 {
185  uint32_t key[16];
186  uint32_t v0, v1;
188 
197 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
198 {
199  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
200  uint32_t i, *k, sum, delta=0x9E3779B9;
201  unsigned char result[4];
202 
203  if( rng_state == NULL )
204  return( rnd_std_rand( NULL, output, len ) );
205 
206  k = info->key;
207 
208  while( len > 0 )
209  {
210  size_t use_len = ( len > 4 ) ? 4 : len;
211  sum = 0;
212 
213  for( i = 0; i < 32; i++ )
214  {
215  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
216  sum += delta;
217  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
218  }
219 
220  PUT_UINT32_BE( info->v0, result, 0 );
221  memcpy( output, result, use_len );
222  len -= use_len;
223  }
224 
225  return( 0 );
226 }
227 
228 
230 {
231 #ifdef POLARSSL_X509_WRITE_C
232 #ifdef POLARSSL_BIGNUM_C
233 
234 
235  FCT_SUITE_BGN(test_suite_x509write)
236  {
237 #ifdef POLARSSL_SHA1_C
238 
239  FCT_TEST_BGN(certificate_request_check_server1_sha1)
240  {
241  rsa_context rsa;
242  pem_context pem;
243  x509_req_name req_name, *cur;
244  unsigned char *c;
245  unsigned char buf[4000];
246  unsigned char check_buf[4000];
247  int ret;
248  size_t olen = 2000;
249  FILE *f;
250 
251  cur = &req_name;
252 
253  memset( cur, 0, sizeof(x509_req_name) );
254  strcpy( cur->oid, OID_CN );
255  strcpy( cur->name, "PolarSSL Server 1" );
256  cur->next = malloc( sizeof(x509_req_name) );
257  cur = cur->next;
258 
259  memset( cur, 0, sizeof(x509_req_name) );
260  strcpy( cur->oid, OID_ORGANIZATION );
261  strcpy( cur->name, "PolarSSL" );
262  cur->next = malloc( sizeof(x509_req_name) );
263  cur = cur->next;
264 
265  memset( cur, 0, sizeof(x509_req_name) );
266  strcpy( cur->oid, OID_COUNTRY );
267  strcpy( cur->name, "NL" );
268 
269  memset( &rsa, 0, sizeof(rsa_context) );
270  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
271  fct_chk( ret == 0 );
272  if( ret != 0 )
273  return 0;
274 
275  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA1 );
276  fct_chk( ret >= 0 );
277 
278  c = buf + 3999 - ret;
279 
280  f = fopen( "data_files/server1.req.sha1", "r" );
281  fct_chk( f != NULL );
282  fread( check_buf, 1, 4000, f );
283  fclose( f );
284 
285  pem_init( &pem );
286  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
287 
288  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
289  fct_chk( pem.buflen == (size_t) ret );
290 
291  while( ( cur = req_name.next ) != NULL )
292  {
293  req_name.next = cur->next;
294  free( cur );
295  }
296 
297  rsa_free( &rsa );
298  pem_free( &pem );
299  }
300  FCT_TEST_END();
301 #endif /* POLARSSL_SHA1_C */
302 
303 #ifdef POLARSSL_SHA2_C
304 
305  FCT_TEST_BGN(certificate_request_check_server1_sha224)
306  {
307  rsa_context rsa;
308  pem_context pem;
309  x509_req_name req_name, *cur;
310  unsigned char *c;
311  unsigned char buf[4000];
312  unsigned char check_buf[4000];
313  int ret;
314  size_t olen = 2000;
315  FILE *f;
316 
317  cur = &req_name;
318 
319  memset( cur, 0, sizeof(x509_req_name) );
320  strcpy( cur->oid, OID_CN );
321  strcpy( cur->name, "PolarSSL Server 1" );
322  cur->next = malloc( sizeof(x509_req_name) );
323  cur = cur->next;
324 
325  memset( cur, 0, sizeof(x509_req_name) );
326  strcpy( cur->oid, OID_ORGANIZATION );
327  strcpy( cur->name, "PolarSSL" );
328  cur->next = malloc( sizeof(x509_req_name) );
329  cur = cur->next;
330 
331  memset( cur, 0, sizeof(x509_req_name) );
332  strcpy( cur->oid, OID_COUNTRY );
333  strcpy( cur->name, "NL" );
334 
335  memset( &rsa, 0, sizeof(rsa_context) );
336  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
337  fct_chk( ret == 0 );
338  if( ret != 0 )
339  return 0;
340 
341  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA224 );
342  fct_chk( ret >= 0 );
343 
344  c = buf + 3999 - ret;
345 
346  f = fopen( "data_files/server1.req.sha224", "r" );
347  fct_chk( f != NULL );
348  fread( check_buf, 1, 4000, f );
349  fclose( f );
350 
351  pem_init( &pem );
352  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
353 
354  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
355  fct_chk( pem.buflen == (size_t) ret );
356 
357  while( ( cur = req_name.next ) != NULL )
358  {
359  req_name.next = cur->next;
360  free( cur );
361  }
362 
363  rsa_free( &rsa );
364  pem_free( &pem );
365  }
366  FCT_TEST_END();
367 #endif /* POLARSSL_SHA2_C */
368 
369 #ifdef POLARSSL_SHA2_C
370 
371  FCT_TEST_BGN(certificate_request_check_server1_sha256)
372  {
373  rsa_context rsa;
374  pem_context pem;
375  x509_req_name req_name, *cur;
376  unsigned char *c;
377  unsigned char buf[4000];
378  unsigned char check_buf[4000];
379  int ret;
380  size_t olen = 2000;
381  FILE *f;
382 
383  cur = &req_name;
384 
385  memset( cur, 0, sizeof(x509_req_name) );
386  strcpy( cur->oid, OID_CN );
387  strcpy( cur->name, "PolarSSL Server 1" );
388  cur->next = malloc( sizeof(x509_req_name) );
389  cur = cur->next;
390 
391  memset( cur, 0, sizeof(x509_req_name) );
392  strcpy( cur->oid, OID_ORGANIZATION );
393  strcpy( cur->name, "PolarSSL" );
394  cur->next = malloc( sizeof(x509_req_name) );
395  cur = cur->next;
396 
397  memset( cur, 0, sizeof(x509_req_name) );
398  strcpy( cur->oid, OID_COUNTRY );
399  strcpy( cur->name, "NL" );
400 
401  memset( &rsa, 0, sizeof(rsa_context) );
402  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
403  fct_chk( ret == 0 );
404  if( ret != 0 )
405  return 0;
406 
407  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA256 );
408  fct_chk( ret >= 0 );
409 
410  c = buf + 3999 - ret;
411 
412  f = fopen( "data_files/server1.req.sha256", "r" );
413  fct_chk( f != NULL );
414  fread( check_buf, 1, 4000, f );
415  fclose( f );
416 
417  pem_init( &pem );
418  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
419 
420  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
421  fct_chk( pem.buflen == (size_t) ret );
422 
423  while( ( cur = req_name.next ) != NULL )
424  {
425  req_name.next = cur->next;
426  free( cur );
427  }
428 
429  rsa_free( &rsa );
430  pem_free( &pem );
431  }
432  FCT_TEST_END();
433 #endif /* POLARSSL_SHA2_C */
434 
435 #ifdef POLARSSL_SHA4_C
436 
437  FCT_TEST_BGN(certificate_request_check_server1_sha384)
438  {
439  rsa_context rsa;
440  pem_context pem;
441  x509_req_name req_name, *cur;
442  unsigned char *c;
443  unsigned char buf[4000];
444  unsigned char check_buf[4000];
445  int ret;
446  size_t olen = 2000;
447  FILE *f;
448 
449  cur = &req_name;
450 
451  memset( cur, 0, sizeof(x509_req_name) );
452  strcpy( cur->oid, OID_CN );
453  strcpy( cur->name, "PolarSSL Server 1" );
454  cur->next = malloc( sizeof(x509_req_name) );
455  cur = cur->next;
456 
457  memset( cur, 0, sizeof(x509_req_name) );
458  strcpy( cur->oid, OID_ORGANIZATION );
459  strcpy( cur->name, "PolarSSL" );
460  cur->next = malloc( sizeof(x509_req_name) );
461  cur = cur->next;
462 
463  memset( cur, 0, sizeof(x509_req_name) );
464  strcpy( cur->oid, OID_COUNTRY );
465  strcpy( cur->name, "NL" );
466 
467  memset( &rsa, 0, sizeof(rsa_context) );
468  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
469  fct_chk( ret == 0 );
470  if( ret != 0 )
471  return 0;
472 
473  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA384 );
474  fct_chk( ret >= 0 );
475 
476  c = buf + 3999 - ret;
477 
478  f = fopen( "data_files/server1.req.sha384", "r" );
479  fct_chk( f != NULL );
480  fread( check_buf, 1, 4000, f );
481  fclose( f );
482 
483  pem_init( &pem );
484  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
485 
486  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
487  fct_chk( pem.buflen == (size_t) ret );
488 
489  while( ( cur = req_name.next ) != NULL )
490  {
491  req_name.next = cur->next;
492  free( cur );
493  }
494 
495  rsa_free( &rsa );
496  pem_free( &pem );
497  }
498  FCT_TEST_END();
499 #endif /* POLARSSL_SHA4_C */
500 
501 #ifdef POLARSSL_SHA4_C
502 
503  FCT_TEST_BGN(certificate_request_check_server1_sha512)
504  {
505  rsa_context rsa;
506  pem_context pem;
507  x509_req_name req_name, *cur;
508  unsigned char *c;
509  unsigned char buf[4000];
510  unsigned char check_buf[4000];
511  int ret;
512  size_t olen = 2000;
513  FILE *f;
514 
515  cur = &req_name;
516 
517  memset( cur, 0, sizeof(x509_req_name) );
518  strcpy( cur->oid, OID_CN );
519  strcpy( cur->name, "PolarSSL Server 1" );
520  cur->next = malloc( sizeof(x509_req_name) );
521  cur = cur->next;
522 
523  memset( cur, 0, sizeof(x509_req_name) );
524  strcpy( cur->oid, OID_ORGANIZATION );
525  strcpy( cur->name, "PolarSSL" );
526  cur->next = malloc( sizeof(x509_req_name) );
527  cur = cur->next;
528 
529  memset( cur, 0, sizeof(x509_req_name) );
530  strcpy( cur->oid, OID_COUNTRY );
531  strcpy( cur->name, "NL" );
532 
533  memset( &rsa, 0, sizeof(rsa_context) );
534  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
535  fct_chk( ret == 0 );
536  if( ret != 0 )
537  return 0;
538 
539  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA512 );
540  fct_chk( ret >= 0 );
541 
542  c = buf + 3999 - ret;
543 
544  f = fopen( "data_files/server1.req.sha512", "r" );
545  fct_chk( f != NULL );
546  fread( check_buf, 1, 4000, f );
547  fclose( f );
548 
549  pem_init( &pem );
550  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
551 
552  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
553  fct_chk( pem.buflen == (size_t) ret );
554 
555  while( ( cur = req_name.next ) != NULL )
556  {
557  req_name.next = cur->next;
558  free( cur );
559  }
560 
561  rsa_free( &rsa );
562  pem_free( &pem );
563  }
564  FCT_TEST_END();
565 #endif /* POLARSSL_SHA4_C */
566 
567 #ifdef POLARSSL_MD4_C
568 
569  FCT_TEST_BGN(certificate_request_check_server1_md4)
570  {
571  rsa_context rsa;
572  pem_context pem;
573  x509_req_name req_name, *cur;
574  unsigned char *c;
575  unsigned char buf[4000];
576  unsigned char check_buf[4000];
577  int ret;
578  size_t olen = 2000;
579  FILE *f;
580 
581  cur = &req_name;
582 
583  memset( cur, 0, sizeof(x509_req_name) );
584  strcpy( cur->oid, OID_CN );
585  strcpy( cur->name, "PolarSSL Server 1" );
586  cur->next = malloc( sizeof(x509_req_name) );
587  cur = cur->next;
588 
589  memset( cur, 0, sizeof(x509_req_name) );
590  strcpy( cur->oid, OID_ORGANIZATION );
591  strcpy( cur->name, "PolarSSL" );
592  cur->next = malloc( sizeof(x509_req_name) );
593  cur = cur->next;
594 
595  memset( cur, 0, sizeof(x509_req_name) );
596  strcpy( cur->oid, OID_COUNTRY );
597  strcpy( cur->name, "NL" );
598 
599  memset( &rsa, 0, sizeof(rsa_context) );
600  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
601  fct_chk( ret == 0 );
602  if( ret != 0 )
603  return 0;
604 
605  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_MD4 );
606  fct_chk( ret >= 0 );
607 
608  c = buf + 3999 - ret;
609 
610  f = fopen( "data_files/server1.req.md4", "r" );
611  fct_chk( f != NULL );
612  fread( check_buf, 1, 4000, f );
613  fclose( f );
614 
615  pem_init( &pem );
616  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
617 
618  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
619  fct_chk( pem.buflen == (size_t) ret );
620 
621  while( ( cur = req_name.next ) != NULL )
622  {
623  req_name.next = cur->next;
624  free( cur );
625  }
626 
627  rsa_free( &rsa );
628  pem_free( &pem );
629  }
630  FCT_TEST_END();
631 #endif /* POLARSSL_MD4_C */
632 
633 #ifdef POLARSSL_MD5_C
634 
635  FCT_TEST_BGN(certificate_request_check_server1_md5)
636  {
637  rsa_context rsa;
638  pem_context pem;
639  x509_req_name req_name, *cur;
640  unsigned char *c;
641  unsigned char buf[4000];
642  unsigned char check_buf[4000];
643  int ret;
644  size_t olen = 2000;
645  FILE *f;
646 
647  cur = &req_name;
648 
649  memset( cur, 0, sizeof(x509_req_name) );
650  strcpy( cur->oid, OID_CN );
651  strcpy( cur->name, "PolarSSL Server 1" );
652  cur->next = malloc( sizeof(x509_req_name) );
653  cur = cur->next;
654 
655  memset( cur, 0, sizeof(x509_req_name) );
656  strcpy( cur->oid, OID_ORGANIZATION );
657  strcpy( cur->name, "PolarSSL" );
658  cur->next = malloc( sizeof(x509_req_name) );
659  cur = cur->next;
660 
661  memset( cur, 0, sizeof(x509_req_name) );
662  strcpy( cur->oid, OID_COUNTRY );
663  strcpy( cur->name, "NL" );
664 
665  memset( &rsa, 0, sizeof(rsa_context) );
666  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
667  fct_chk( ret == 0 );
668  if( ret != 0 )
669  return 0;
670 
671  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_MD5 );
672  fct_chk( ret >= 0 );
673 
674  c = buf + 3999 - ret;
675 
676  f = fopen( "data_files/server1.req.md5", "r" );
677  fct_chk( f != NULL );
678  fread( check_buf, 1, 4000, f );
679  fclose( f );
680 
681  pem_init( &pem );
682  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
683 
684  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
685  fct_chk( pem.buflen == (size_t) ret );
686 
687  while( ( cur = req_name.next ) != NULL )
688  {
689  req_name.next = cur->next;
690  free( cur );
691  }
692 
693  rsa_free( &rsa );
694  pem_free( &pem );
695  }
696  FCT_TEST_END();
697 #endif /* POLARSSL_MD5_C */
698 
699  }
700  FCT_SUITE_END();
701 
702 #endif /* POLARSSL_X509_WRITE_C */
703 #endif /* POLARSSL_BIGNUM_C */
704 
705 }
706 FCT_END();
707