PolarSSL v1.2.8
test_suite_x509parse.c
Go to the documentation of this file.
1 #include "fct.h"
2 #include <polarssl/config.h>
3 
4 #include <polarssl/x509.h>
5 #include <polarssl/pem.h>
6 
7 int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags )
8 {
9  ((void) data);
10  ((void) crt);
11  ((void) certificate_depth);
12  *flags |= BADCERT_OTHER;
13 
14  return 0;
15 }
16 
17 int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags )
18 {
19  ((void) data);
20  ((void) crt);
21  ((void) certificate_depth);
22  *flags = 0;
23 
24  return 0;
25 }
26 
27 
28 #ifdef _MSC_VER
29 #include <basetsd.h>
30 typedef UINT32 uint32_t;
31 #else
32 #include <inttypes.h>
33 #endif
34 
35 /*
36  * 32-bit integer manipulation macros (big endian)
37  */
38 #ifndef GET_UINT32_BE
39 #define GET_UINT32_BE(n,b,i) \
40 { \
41  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
42  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
43  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
44  | ( (uint32_t) (b)[(i) + 3] ); \
45 }
46 #endif
47 
48 #ifndef PUT_UINT32_BE
49 #define PUT_UINT32_BE(n,b,i) \
50 { \
51  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
52  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
53  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
54  (b)[(i) + 3] = (unsigned char) ( (n) ); \
55 }
56 #endif
57 
58 int unhexify(unsigned char *obuf, const char *ibuf)
59 {
60  unsigned char c, c2;
61  int len = strlen(ibuf) / 2;
62  assert(!(strlen(ibuf) %1)); // must be even number of bytes
63 
64  while (*ibuf != 0)
65  {
66  c = *ibuf++;
67  if( c >= '0' && c <= '9' )
68  c -= '0';
69  else if( c >= 'a' && c <= 'f' )
70  c -= 'a' - 10;
71  else if( c >= 'A' && c <= 'F' )
72  c -= 'A' - 10;
73  else
74  assert( 0 );
75 
76  c2 = *ibuf++;
77  if( c2 >= '0' && c2 <= '9' )
78  c2 -= '0';
79  else if( c2 >= 'a' && c2 <= 'f' )
80  c2 -= 'a' - 10;
81  else if( c2 >= 'A' && c2 <= 'F' )
82  c2 -= 'A' - 10;
83  else
84  assert( 0 );
85 
86  *obuf++ = ( c << 4 ) | c2;
87  }
88 
89  return len;
90 }
91 
92 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
93 {
94  unsigned char l, h;
95 
96  while (len != 0)
97  {
98  h = (*ibuf) / 16;
99  l = (*ibuf) % 16;
100 
101  if( h < 10 )
102  *obuf++ = '0' + h;
103  else
104  *obuf++ = 'a' + h - 10;
105 
106  if( l < 10 )
107  *obuf++ = '0' + l;
108  else
109  *obuf++ = 'a' + l - 10;
110 
111  ++ibuf;
112  len--;
113  }
114 }
115 
125 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
126 {
127  size_t i;
128 
129  if( rng_state != NULL )
130  rng_state = NULL;
131 
132  for( i = 0; i < len; ++i )
133  output[i] = rand();
134 
135  return( 0 );
136 }
137 
143 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
144 {
145  if( rng_state != NULL )
146  rng_state = NULL;
147 
148  memset( output, 0, len );
149 
150  return( 0 );
151 }
152 
153 typedef struct
154 {
155  unsigned char *buf;
156  size_t length;
157 } rnd_buf_info;
158 
170 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
171 {
172  rnd_buf_info *info = (rnd_buf_info *) rng_state;
173  size_t use_len;
174 
175  if( rng_state == NULL )
176  return( rnd_std_rand( NULL, output, len ) );
177 
178  use_len = len;
179  if( len > info->length )
180  use_len = info->length;
181 
182  if( use_len )
183  {
184  memcpy( output, info->buf, use_len );
185  info->buf += use_len;
186  info->length -= use_len;
187  }
188 
189  if( len - use_len > 0 )
190  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
191 
192  return( 0 );
193 }
194 
202 typedef struct
203 {
204  uint32_t key[16];
205  uint32_t v0, v1;
207 
216 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
217 {
218  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
219  uint32_t i, *k, sum, delta=0x9E3779B9;
220  unsigned char result[4];
221 
222  if( rng_state == NULL )
223  return( rnd_std_rand( NULL, output, len ) );
224 
225  k = info->key;
226 
227  while( len > 0 )
228  {
229  size_t use_len = ( len > 4 ) ? 4 : len;
230  sum = 0;
231 
232  for( i = 0; i < 32; i++ )
233  {
234  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
235  sum += delta;
236  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
237  }
238 
239  PUT_UINT32_BE( info->v0, result, 0 );
240  memcpy( output, result, use_len );
241  len -= use_len;
242  }
243 
244  return( 0 );
245 }
246 
247 
249 {
250 #ifdef POLARSSL_X509_PARSE_C
251 #ifdef POLARSSL_BIGNUM_C
252 
253 
254  FCT_SUITE_BGN(test_suite_x509parse)
255  {
256 #ifdef POLARSSL_PEM_C
257 #ifdef POLARSSL_FS_IO
258 
259  FCT_TEST_BGN(x509_certificate_information_1)
260  {
261  x509_cert crt;
262  char buf[2000];
263  int res;
264 
265  memset( &crt, 0, sizeof( x509_cert ) );
266  memset( buf, 0, 2000 );
267 
268  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
269  res = x509parse_cert_info( buf, 2000, "", &crt );
270 
271  x509_free( &crt );
272 
273  fct_chk( res != -1 );
274  fct_chk( res != -2 );
275 
276  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 01\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on : 2011-02-12 14:44:06\nexpires on : 2021-02-12 14:44:06\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
277  }
278  FCT_TEST_END();
279 #endif /* POLARSSL_PEM_C */
280 #endif /* POLARSSL_FS_IO */
281 
282 #ifdef POLARSSL_PEM_C
283 #ifdef POLARSSL_FS_IO
284 
285  FCT_TEST_BGN(x509_certificate_information_2)
286  {
287  x509_cert crt;
288  char buf[2000];
289  int res;
290 
291  memset( &crt, 0, sizeof( x509_cert ) );
292  memset( buf, 0, 2000 );
293 
294  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
295  res = x509parse_cert_info( buf, 2000, "", &crt );
296 
297  x509_free( &crt );
298 
299  fct_chk( res != -1 );
300  fct_chk( res != -2 );
301 
302  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 02\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=localhost\nissued on : 2011-02-12 14:44:06\nexpires on : 2021-02-12 14:44:06\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
303  }
304  FCT_TEST_END();
305 #endif /* POLARSSL_PEM_C */
306 #endif /* POLARSSL_FS_IO */
307 
308 #ifdef POLARSSL_PEM_C
309 #ifdef POLARSSL_FS_IO
310 
311  FCT_TEST_BGN(x509_certificate_information_3)
312  {
313  x509_cert crt;
314  char buf[2000];
315  int res;
316 
317  memset( &crt, 0, sizeof( x509_cert ) );
318  memset( buf, 0, 2000 );
319 
320  fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
321  res = x509parse_cert_info( buf, 2000, "", &crt );
322 
323  x509_free( &crt );
324 
325  fct_chk( res != -1 );
326  fct_chk( res != -2 );
327 
328  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 00\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on : 2011-02-12 14:44:00\nexpires on : 2021-02-12 14:44:00\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
329  }
330  FCT_TEST_END();
331 #endif /* POLARSSL_PEM_C */
332 #endif /* POLARSSL_FS_IO */
333 
334 #ifdef POLARSSL_PEM_C
335 #ifdef POLARSSL_FS_IO
336 
337  FCT_TEST_BGN(x509_certificate_information_md2_digest)
338  {
339  x509_cert crt;
340  char buf[2000];
341  int res;
342 
343  memset( &crt, 0, sizeof( x509_cert ) );
344  memset( buf, 0, 2000 );
345 
346  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md2.crt" ) == 0 );
347  res = x509parse_cert_info( buf, 2000, "", &crt );
348 
349  x509_free( &crt );
350 
351  fct_chk( res != -1 );
352  fct_chk( res != -2 );
353 
354  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on : 2009-07-12 10:56:59\nexpires on : 2011-07-12 10:56:59\nsigned using : RSA+MD2\nRSA key size : 2048 bits\n" ) == 0 );
355  }
356  FCT_TEST_END();
357 #endif /* POLARSSL_PEM_C */
358 #endif /* POLARSSL_FS_IO */
359 
360 #ifdef POLARSSL_PEM_C
361 #ifdef POLARSSL_FS_IO
362 
363  FCT_TEST_BGN(x509_certificate_information_md4_digest)
364  {
365  x509_cert crt;
366  char buf[2000];
367  int res;
368 
369  memset( &crt, 0, sizeof( x509_cert ) );
370  memset( buf, 0, 2000 );
371 
372  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 );
373  res = x509parse_cert_info( buf, 2000, "", &crt );
374 
375  x509_free( &crt );
376 
377  fct_chk( res != -1 );
378  fct_chk( res != -2 );
379 
380  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 05\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+MD4\nRSA key size : 2048 bits\n" ) == 0 );
381  }
382  FCT_TEST_END();
383 #endif /* POLARSSL_PEM_C */
384 #endif /* POLARSSL_FS_IO */
385 
386 #ifdef POLARSSL_PEM_C
387 #ifdef POLARSSL_FS_IO
388 
389  FCT_TEST_BGN(x509_certificate_information_md5_digest)
390  {
391  x509_cert crt;
392  char buf[2000];
393  int res;
394 
395  memset( &crt, 0, sizeof( x509_cert ) );
396  memset( buf, 0, 2000 );
397 
398  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 );
399  res = x509parse_cert_info( buf, 2000, "", &crt );
400 
401  x509_free( &crt );
402 
403  fct_chk( res != -1 );
404  fct_chk( res != -2 );
405 
406  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 06\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+MD5\nRSA key size : 2048 bits\n" ) == 0 );
407  }
408  FCT_TEST_END();
409 #endif /* POLARSSL_PEM_C */
410 #endif /* POLARSSL_FS_IO */
411 
412 #ifdef POLARSSL_PEM_C
413 #ifdef POLARSSL_FS_IO
414 
415  FCT_TEST_BGN(x509_certificate_information_sha1_digest)
416  {
417  x509_cert crt;
418  char buf[2000];
419  int res;
420 
421  memset( &crt, 0, sizeof( x509_cert ) );
422  memset( buf, 0, 2000 );
423 
424  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 );
425  res = x509parse_cert_info( buf, 2000, "", &crt );
426 
427  x509_free( &crt );
428 
429  fct_chk( res != -1 );
430  fct_chk( res != -2 );
431 
432  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 07\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
433  }
434  FCT_TEST_END();
435 #endif /* POLARSSL_PEM_C */
436 #endif /* POLARSSL_FS_IO */
437 
438 #ifdef POLARSSL_PEM_C
439 #ifdef POLARSSL_FS_IO
440 
441  FCT_TEST_BGN(x509_certificate_information_sha224_digest)
442  {
443  x509_cert crt;
444  char buf[2000];
445  int res;
446 
447  memset( &crt, 0, sizeof( x509_cert ) );
448  memset( buf, 0, 2000 );
449 
450  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 );
451  res = x509parse_cert_info( buf, 2000, "", &crt );
452 
453  x509_free( &crt );
454 
455  fct_chk( res != -1 );
456  fct_chk( res != -2 );
457 
458  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 08\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA224\nRSA key size : 2048 bits\n" ) == 0 );
459  }
460  FCT_TEST_END();
461 #endif /* POLARSSL_PEM_C */
462 #endif /* POLARSSL_FS_IO */
463 
464 #ifdef POLARSSL_PEM_C
465 #ifdef POLARSSL_FS_IO
466 
467  FCT_TEST_BGN(x509_certificate_information_sha256_digest)
468  {
469  x509_cert crt;
470  char buf[2000];
471  int res;
472 
473  memset( &crt, 0, sizeof( x509_cert ) );
474  memset( buf, 0, 2000 );
475 
476  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 );
477  res = x509parse_cert_info( buf, 2000, "", &crt );
478 
479  x509_free( &crt );
480 
481  fct_chk( res != -1 );
482  fct_chk( res != -2 );
483 
484  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA256\nRSA key size : 2048 bits\n" ) == 0 );
485  }
486  FCT_TEST_END();
487 #endif /* POLARSSL_PEM_C */
488 #endif /* POLARSSL_FS_IO */
489 
490 #ifdef POLARSSL_PEM_C
491 #ifdef POLARSSL_FS_IO
492 
493  FCT_TEST_BGN(x509_certificate_information_sha384_digest)
494  {
495  x509_cert crt;
496  char buf[2000];
497  int res;
498 
499  memset( &crt, 0, sizeof( x509_cert ) );
500  memset( buf, 0, 2000 );
501 
502  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 );
503  res = x509parse_cert_info( buf, 2000, "", &crt );
504 
505  x509_free( &crt );
506 
507  fct_chk( res != -1 );
508  fct_chk( res != -2 );
509 
510  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0A\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA384\nRSA key size : 2048 bits\n" ) == 0 );
511  }
512  FCT_TEST_END();
513 #endif /* POLARSSL_PEM_C */
514 #endif /* POLARSSL_FS_IO */
515 
516 #ifdef POLARSSL_PEM_C
517 #ifdef POLARSSL_FS_IO
518 
519  FCT_TEST_BGN(x509_certificate_information_sha512_digest)
520  {
521  x509_cert crt;
522  char buf[2000];
523  int res;
524 
525  memset( &crt, 0, sizeof( x509_cert ) );
526  memset( buf, 0, 2000 );
527 
528  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
529  res = x509parse_cert_info( buf, 2000, "", &crt );
530 
531  x509_free( &crt );
532 
533  fct_chk( res != -1 );
534  fct_chk( res != -2 );
535 
536  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0B\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA512\nRSA key size : 2048 bits\n" ) == 0 );
537  }
538  FCT_TEST_END();
539 #endif /* POLARSSL_PEM_C */
540 #endif /* POLARSSL_FS_IO */
541 
542 #ifdef POLARSSL_PEM_C
543 #ifdef POLARSSL_FS_IO
544 
545  FCT_TEST_BGN(x509_crl_information_1)
546  {
547  x509_crl crl;
548  char buf[2000];
549  int res;
550 
551  memset( &crl, 0, sizeof( x509_crl ) );
552  memset( buf, 0, 2000 );
553 
554  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
555  res = x509parse_crl_info( buf, 2000, "", &crl );
556 
557  x509_crl_free( &crl );
558 
559  fct_chk( res != -1 );
560  fct_chk( res != -2 );
561 
562  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-20 10:24:19\nnext update : 2011-02-20 11:24:19\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA1\n" ) == 0 );
563  }
564  FCT_TEST_END();
565 #endif /* POLARSSL_PEM_C */
566 #endif /* POLARSSL_FS_IO */
567 
568 #ifdef POLARSSL_PEM_C
569 #ifdef POLARSSL_FS_IO
570 
571  FCT_TEST_BGN(x509_crl_information_md2_digest)
572  {
573  x509_crl crl;
574  char buf[2000];
575  int res;
576 
577  memset( &crl, 0, sizeof( x509_crl ) );
578  memset( buf, 0, 2000 );
579 
580  fct_chk( x509parse_crlfile( &crl, "data_files/crl_md2.pem" ) == 0 );
581  res = x509parse_crl_info( buf, 2000, "", &crl );
582 
583  x509_crl_free( &crl );
584 
585  fct_chk( res != -1 );
586  fct_chk( res != -2 );
587 
588  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2009-07-19 19:56:37\nnext update : 2009-09-17 19:56:37\nRevoked certificates:\nserial number: 01 revocation date: 2009-02-09 21:12:36\nserial number: 03 revocation date: 2009-02-09 21:12:36\nsigned using : RSA+MD2\n" ) == 0 );
589  }
590  FCT_TEST_END();
591 #endif /* POLARSSL_PEM_C */
592 #endif /* POLARSSL_FS_IO */
593 
594 #ifdef POLARSSL_PEM_C
595 #ifdef POLARSSL_FS_IO
596 
597  FCT_TEST_BGN(x509_crl_information_md4_digest)
598  {
599  x509_crl crl;
600  char buf[2000];
601  int res;
602 
603  memset( &crl, 0, sizeof( x509_crl ) );
604  memset( buf, 0, 2000 );
605 
606  fct_chk( x509parse_crlfile( &crl, "data_files/crl_md4.pem" ) == 0 );
607  res = x509parse_crl_info( buf, 2000, "", &crl );
608 
609  x509_crl_free( &crl );
610 
611  fct_chk( res != -1 );
612  fct_chk( res != -2 );
613 
614  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+MD4\n" ) == 0 );
615  }
616  FCT_TEST_END();
617 #endif /* POLARSSL_PEM_C */
618 #endif /* POLARSSL_FS_IO */
619 
620 #ifdef POLARSSL_PEM_C
621 #ifdef POLARSSL_FS_IO
622 
623  FCT_TEST_BGN(x509_crl_information_md5_digest)
624  {
625  x509_crl crl;
626  char buf[2000];
627  int res;
628 
629  memset( &crl, 0, sizeof( x509_crl ) );
630  memset( buf, 0, 2000 );
631 
632  fct_chk( x509parse_crlfile( &crl, "data_files/crl_md5.pem" ) == 0 );
633  res = x509parse_crl_info( buf, 2000, "", &crl );
634 
635  x509_crl_free( &crl );
636 
637  fct_chk( res != -1 );
638  fct_chk( res != -2 );
639 
640  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+MD5\n" ) == 0 );
641  }
642  FCT_TEST_END();
643 #endif /* POLARSSL_PEM_C */
644 #endif /* POLARSSL_FS_IO */
645 
646 #ifdef POLARSSL_PEM_C
647 #ifdef POLARSSL_FS_IO
648 
649  FCT_TEST_BGN(x509_crl_information_sha1_digest)
650  {
651  x509_crl crl;
652  char buf[2000];
653  int res;
654 
655  memset( &crl, 0, sizeof( x509_crl ) );
656  memset( buf, 0, 2000 );
657 
658  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha1.pem" ) == 0 );
659  res = x509parse_crl_info( buf, 2000, "", &crl );
660 
661  x509_crl_free( &crl );
662 
663  fct_chk( res != -1 );
664  fct_chk( res != -2 );
665 
666  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA1\n" ) == 0 );
667  }
668  FCT_TEST_END();
669 #endif /* POLARSSL_PEM_C */
670 #endif /* POLARSSL_FS_IO */
671 
672 #ifdef POLARSSL_PEM_C
673 #ifdef POLARSSL_FS_IO
674 
675  FCT_TEST_BGN(x509_crl_information_sha224_digest)
676  {
677  x509_crl crl;
678  char buf[2000];
679  int res;
680 
681  memset( &crl, 0, sizeof( x509_crl ) );
682  memset( buf, 0, 2000 );
683 
684  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha224.pem" ) == 0 );
685  res = x509parse_crl_info( buf, 2000, "", &crl );
686 
687  x509_crl_free( &crl );
688 
689  fct_chk( res != -1 );
690  fct_chk( res != -2 );
691 
692  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA224\n" ) == 0 );
693  }
694  FCT_TEST_END();
695 #endif /* POLARSSL_PEM_C */
696 #endif /* POLARSSL_FS_IO */
697 
698 #ifdef POLARSSL_PEM_C
699 #ifdef POLARSSL_FS_IO
700 
701  FCT_TEST_BGN(x509_crl_information_sha256_digest)
702  {
703  x509_crl crl;
704  char buf[2000];
705  int res;
706 
707  memset( &crl, 0, sizeof( x509_crl ) );
708  memset( buf, 0, 2000 );
709 
710  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha256.pem" ) == 0 );
711  res = x509parse_crl_info( buf, 2000, "", &crl );
712 
713  x509_crl_free( &crl );
714 
715  fct_chk( res != -1 );
716  fct_chk( res != -2 );
717 
718  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA256\n" ) == 0 );
719  }
720  FCT_TEST_END();
721 #endif /* POLARSSL_PEM_C */
722 #endif /* POLARSSL_FS_IO */
723 
724 #ifdef POLARSSL_PEM_C
725 #ifdef POLARSSL_FS_IO
726 
727  FCT_TEST_BGN(x509_crl_information_sha384_digest)
728  {
729  x509_crl crl;
730  char buf[2000];
731  int res;
732 
733  memset( &crl, 0, sizeof( x509_crl ) );
734  memset( buf, 0, 2000 );
735 
736  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha384.pem" ) == 0 );
737  res = x509parse_crl_info( buf, 2000, "", &crl );
738 
739  x509_crl_free( &crl );
740 
741  fct_chk( res != -1 );
742  fct_chk( res != -2 );
743 
744  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA384\n" ) == 0 );
745  }
746  FCT_TEST_END();
747 #endif /* POLARSSL_PEM_C */
748 #endif /* POLARSSL_FS_IO */
749 
750 #ifdef POLARSSL_PEM_C
751 #ifdef POLARSSL_FS_IO
752 
753  FCT_TEST_BGN(x509_crl_information_sha512_digest)
754  {
755  x509_crl crl;
756  char buf[2000];
757  int res;
758 
759  memset( &crl, 0, sizeof( x509_crl ) );
760  memset( buf, 0, 2000 );
761 
762  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha512.pem" ) == 0 );
763  res = x509parse_crl_info( buf, 2000, "", &crl );
764 
765  x509_crl_free( &crl );
766 
767  fct_chk( res != -1 );
768  fct_chk( res != -2 );
769 
770  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA512\n" ) == 0 );
771  }
772  FCT_TEST_END();
773 #endif /* POLARSSL_PEM_C */
774 #endif /* POLARSSL_FS_IO */
775 
776 #ifdef POLARSSL_MD5_C
777 #ifdef POLARSSL_PEM_C
778 #ifdef POLARSSL_FS_IO
779 
780  FCT_TEST_BGN(x509_parse_key_1_no_password_when_required)
781  {
782  rsa_context rsa;
783  int res;
784 
785  memset( &rsa, 0, sizeof( rsa_context ) );
786 
787  res = x509parse_keyfile( &rsa, "data_files/test-ca.key", NULL );
788 
789  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_REQUIRED );
790 
791  if( res == 0 )
792  {
793  fct_chk( rsa_check_privkey( &rsa ) == 0 );
794  }
795 
796  rsa_free( &rsa );
797  }
798  FCT_TEST_END();
799 #endif /* POLARSSL_MD5_C */
800 #endif /* POLARSSL_PEM_C */
801 #endif /* POLARSSL_FS_IO */
802 
803 #ifdef POLARSSL_MD5_C
804 #ifdef POLARSSL_PEM_C
805 #ifdef POLARSSL_FS_IO
806 
807  FCT_TEST_BGN(x509_parse_key_2_correct_password)
808  {
809  rsa_context rsa;
810  int res;
811 
812  memset( &rsa, 0, sizeof( rsa_context ) );
813 
814  res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLTest" );
815 
816  fct_chk( res == 0 );
817 
818  if( res == 0 )
819  {
820  fct_chk( rsa_check_privkey( &rsa ) == 0 );
821  }
822 
823  rsa_free( &rsa );
824  }
825  FCT_TEST_END();
826 #endif /* POLARSSL_MD5_C */
827 #endif /* POLARSSL_PEM_C */
828 #endif /* POLARSSL_FS_IO */
829 
830 #ifdef POLARSSL_MD5_C
831 #ifdef POLARSSL_PEM_C
832 #ifdef POLARSSL_FS_IO
833 
834  FCT_TEST_BGN(x509_parse_key_3_wrong_password)
835  {
836  rsa_context rsa;
837  int res;
838 
839  memset( &rsa, 0, sizeof( rsa_context ) );
840 
841  res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLWRONG" );
842 
843  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_MISMATCH );
844 
845  if( res == 0 )
846  {
847  fct_chk( rsa_check_privkey( &rsa ) == 0 );
848  }
849 
850  rsa_free( &rsa );
851  }
852  FCT_TEST_END();
853 #endif /* POLARSSL_MD5_C */
854 #endif /* POLARSSL_PEM_C */
855 #endif /* POLARSSL_FS_IO */
856 
857 #ifdef POLARSSL_MD5_C
858 #ifdef POLARSSL_DES_C
859 #ifdef POLARSSL_PEM_C
860 #ifdef POLARSSL_FS_IO
861 
862  FCT_TEST_BGN(x509_parse_key_4_des_encrypted)
863  {
864  rsa_context rsa;
865  int res;
866 
867  memset( &rsa, 0, sizeof( rsa_context ) );
868 
869  res = x509parse_keyfile( &rsa, "data_files/keyfile.des", "testkey" );
870 
871  fct_chk( res == 0 );
872 
873  if( res == 0 )
874  {
875  fct_chk( rsa_check_privkey( &rsa ) == 0 );
876  }
877 
878  rsa_free( &rsa );
879  }
880  FCT_TEST_END();
881 #endif /* POLARSSL_MD5_C */
882 #endif /* POLARSSL_DES_C */
883 #endif /* POLARSSL_PEM_C */
884 #endif /* POLARSSL_FS_IO */
885 
886 #ifdef POLARSSL_MD5_C
887 #ifdef POLARSSL_DES_C
888 #ifdef POLARSSL_PEM_C
889 #ifdef POLARSSL_FS_IO
890 
891  FCT_TEST_BGN(x509_parse_key_5_3des_encrypted)
892  {
893  rsa_context rsa;
894  int res;
895 
896  memset( &rsa, 0, sizeof( rsa_context ) );
897 
898  res = x509parse_keyfile( &rsa, "data_files/keyfile.3des", "testkey" );
899 
900  fct_chk( res == 0 );
901 
902  if( res == 0 )
903  {
904  fct_chk( rsa_check_privkey( &rsa ) == 0 );
905  }
906 
907  rsa_free( &rsa );
908  }
909  FCT_TEST_END();
910 #endif /* POLARSSL_MD5_C */
911 #endif /* POLARSSL_DES_C */
912 #endif /* POLARSSL_PEM_C */
913 #endif /* POLARSSL_FS_IO */
914 
915 #ifdef POLARSSL_MD5_C
916 #ifdef POLARSSL_AES_C
917 #ifdef POLARSSL_PEM_C
918 #ifdef POLARSSL_FS_IO
919 
920  FCT_TEST_BGN(x509_parse_key_6_aes_128_encrypted)
921  {
922  rsa_context rsa;
923  int res;
924 
925  memset( &rsa, 0, sizeof( rsa_context ) );
926 
927  res = x509parse_keyfile( &rsa, "data_files/keyfile.aes128", "testkey" );
928 
929  fct_chk( res == 0 );
930 
931  if( res == 0 )
932  {
933  fct_chk( rsa_check_privkey( &rsa ) == 0 );
934  }
935 
936  rsa_free( &rsa );
937  }
938  FCT_TEST_END();
939 #endif /* POLARSSL_MD5_C */
940 #endif /* POLARSSL_AES_C */
941 #endif /* POLARSSL_PEM_C */
942 #endif /* POLARSSL_FS_IO */
943 
944 #ifdef POLARSSL_MD5_C
945 #ifdef POLARSSL_AES_C
946 #ifdef POLARSSL_PEM_C
947 #ifdef POLARSSL_FS_IO
948 
949  FCT_TEST_BGN(x509_parse_key_7_aes_192_encrypted)
950  {
951  rsa_context rsa;
952  int res;
953 
954  memset( &rsa, 0, sizeof( rsa_context ) );
955 
956  res = x509parse_keyfile( &rsa, "data_files/keyfile.aes192", "testkey" );
957 
958  fct_chk( res == 0 );
959 
960  if( res == 0 )
961  {
962  fct_chk( rsa_check_privkey( &rsa ) == 0 );
963  }
964 
965  rsa_free( &rsa );
966  }
967  FCT_TEST_END();
968 #endif /* POLARSSL_MD5_C */
969 #endif /* POLARSSL_AES_C */
970 #endif /* POLARSSL_PEM_C */
971 #endif /* POLARSSL_FS_IO */
972 
973 #ifdef POLARSSL_MD5_C
974 #ifdef POLARSSL_AES_C
975 #ifdef POLARSSL_PEM_C
976 #ifdef POLARSSL_FS_IO
977 
978  FCT_TEST_BGN(x509_parse_key_8_aes_256_encrypted)
979  {
980  rsa_context rsa;
981  int res;
982 
983  memset( &rsa, 0, sizeof( rsa_context ) );
984 
985  res = x509parse_keyfile( &rsa, "data_files/keyfile.aes256", "testkey" );
986 
987  fct_chk( res == 0 );
988 
989  if( res == 0 )
990  {
991  fct_chk( rsa_check_privkey( &rsa ) == 0 );
992  }
993 
994  rsa_free( &rsa );
995  }
996  FCT_TEST_END();
997 #endif /* POLARSSL_MD5_C */
998 #endif /* POLARSSL_AES_C */
999 #endif /* POLARSSL_PEM_C */
1000 #endif /* POLARSSL_FS_IO */
1001 
1002 #ifdef POLARSSL_MD5_C
1003 #ifdef POLARSSL_PEM_C
1004 #ifdef POLARSSL_FS_IO
1005 
1006  FCT_TEST_BGN(x509_parse_key_9_pkcs8_wrapped)
1007  {
1008  rsa_context rsa;
1009  int res;
1010 
1011  memset( &rsa, 0, sizeof( rsa_context ) );
1012 
1013  res = x509parse_keyfile( &rsa, "data_files/format_gen.key", "" );
1014 
1015  fct_chk( res == 0 );
1016 
1017  if( res == 0 )
1018  {
1019  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1020  }
1021 
1022  rsa_free( &rsa );
1023  }
1024  FCT_TEST_END();
1025 #endif /* POLARSSL_MD5_C */
1026 #endif /* POLARSSL_PEM_C */
1027 #endif /* POLARSSL_FS_IO */
1028 
1029 #ifdef POLARSSL_DES_C
1030 #ifdef POLARSSL_SHA1_C
1031 #ifdef POLARSSL_PEM_C
1032 #ifdef POLARSSL_FS_IO
1033 #ifdef POLARSSL_PKCS12_C
1034 
1035  FCT_TEST_BGN(x509_parse_key_10_pkcs8_encrypted_sha1_3des)
1036  {
1037  rsa_context rsa;
1038  int res;
1039 
1040  memset( &rsa, 0, sizeof( rsa_context ) );
1041 
1042  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_3des.key", "PolarSSLTest" );
1043 
1044  fct_chk( res == 0 );
1045 
1046  if( res == 0 )
1047  {
1048  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1049  }
1050 
1051  rsa_free( &rsa );
1052  }
1053  FCT_TEST_END();
1054 #endif /* POLARSSL_DES_C */
1055 #endif /* POLARSSL_SHA1_C */
1056 #endif /* POLARSSL_PEM_C */
1057 #endif /* POLARSSL_FS_IO */
1058 #endif /* POLARSSL_PKCS12_C */
1059 
1060 #ifdef POLARSSL_DES_C
1061 #ifdef POLARSSL_SHA1_C
1062 #ifdef POLARSSL_PEM_C
1063 #ifdef POLARSSL_FS_IO
1064 #ifdef POLARSSL_PKCS12_C
1065 
1066  FCT_TEST_BGN(x509_parse_key_101_pkcs8_encrypted_sha1_3des_wrong_pw)
1067  {
1068  rsa_context rsa;
1069  int res;
1070 
1071  memset( &rsa, 0, sizeof( rsa_context ) );
1072 
1073  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_3des.key", "PolarSSLTes" );
1074 
1075  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_MISMATCH );
1076 
1077  if( res == 0 )
1078  {
1079  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1080  }
1081 
1082  rsa_free( &rsa );
1083  }
1084  FCT_TEST_END();
1085 #endif /* POLARSSL_DES_C */
1086 #endif /* POLARSSL_SHA1_C */
1087 #endif /* POLARSSL_PEM_C */
1088 #endif /* POLARSSL_FS_IO */
1089 #endif /* POLARSSL_PKCS12_C */
1090 
1091 #ifdef POLARSSL_DES_C
1092 #ifdef POLARSSL_SHA1_C
1093 #ifdef POLARSSL_PEM_C
1094 #ifdef POLARSSL_FS_IO
1095 #ifdef POLARSSL_PKCS12_C
1096 
1097  FCT_TEST_BGN(x509_parse_key_102_pkcs8_encrypted_sha1_3des_no_pw)
1098  {
1099  rsa_context rsa;
1100  int res;
1101 
1102  memset( &rsa, 0, sizeof( rsa_context ) );
1103 
1104  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_3des.key", "" );
1105 
1106  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_REQUIRED );
1107 
1108  if( res == 0 )
1109  {
1110  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1111  }
1112 
1113  rsa_free( &rsa );
1114  }
1115  FCT_TEST_END();
1116 #endif /* POLARSSL_DES_C */
1117 #endif /* POLARSSL_SHA1_C */
1118 #endif /* POLARSSL_PEM_C */
1119 #endif /* POLARSSL_FS_IO */
1120 #endif /* POLARSSL_PKCS12_C */
1121 
1122 #ifdef POLARSSL_DES_C
1123 #ifdef POLARSSL_SHA1_C
1124 #ifdef POLARSSL_FS_IO
1125 #ifdef POLARSSL_PKCS12_C
1126 
1127  FCT_TEST_BGN(x509_parse_key_11_pkcs8_encrypted_sha1_3des_der)
1128  {
1129  rsa_context rsa;
1130  int res;
1131 
1132  memset( &rsa, 0, sizeof( rsa_context ) );
1133 
1134  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_3des.der", "PolarSSLTest" );
1135 
1136  fct_chk( res == 0 );
1137 
1138  if( res == 0 )
1139  {
1140  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1141  }
1142 
1143  rsa_free( &rsa );
1144  }
1145  FCT_TEST_END();
1146 #endif /* POLARSSL_DES_C */
1147 #endif /* POLARSSL_SHA1_C */
1148 #endif /* POLARSSL_FS_IO */
1149 #endif /* POLARSSL_PKCS12_C */
1150 
1151 #ifdef POLARSSL_DES_C
1152 #ifdef POLARSSL_SHA1_C
1153 #ifdef POLARSSL_PEM_C
1154 #ifdef POLARSSL_FS_IO
1155 #ifdef POLARSSL_PKCS12_C
1156 
1157  FCT_TEST_BGN(x509_parse_key_12_pkcs8_encrypted_sha1_2des)
1158  {
1159  rsa_context rsa;
1160  int res;
1161 
1162  memset( &rsa, 0, sizeof( rsa_context ) );
1163 
1164  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_2des.key", "PolarSSLTest" );
1165 
1166  fct_chk( res == 0 );
1167 
1168  if( res == 0 )
1169  {
1170  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1171  }
1172 
1173  rsa_free( &rsa );
1174  }
1175  FCT_TEST_END();
1176 #endif /* POLARSSL_DES_C */
1177 #endif /* POLARSSL_SHA1_C */
1178 #endif /* POLARSSL_PEM_C */
1179 #endif /* POLARSSL_FS_IO */
1180 #endif /* POLARSSL_PKCS12_C */
1181 
1182 #ifdef POLARSSL_DES_C
1183 #ifdef POLARSSL_SHA1_C
1184 #ifdef POLARSSL_PEM_C
1185 #ifdef POLARSSL_FS_IO
1186 #ifdef POLARSSL_PKCS12_C
1187 
1188  FCT_TEST_BGN(x509_parse_key_121_pkcs8_encrypted_sha1_2des_wrong_pw)
1189  {
1190  rsa_context rsa;
1191  int res;
1192 
1193  memset( &rsa, 0, sizeof( rsa_context ) );
1194 
1195  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_2des.key", "PolarSLTest" );
1196 
1197  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_MISMATCH );
1198 
1199  if( res == 0 )
1200  {
1201  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1202  }
1203 
1204  rsa_free( &rsa );
1205  }
1206  FCT_TEST_END();
1207 #endif /* POLARSSL_DES_C */
1208 #endif /* POLARSSL_SHA1_C */
1209 #endif /* POLARSSL_PEM_C */
1210 #endif /* POLARSSL_FS_IO */
1211 #endif /* POLARSSL_PKCS12_C */
1212 
1213 #ifdef POLARSSL_DES_C
1214 #ifdef POLARSSL_SHA1_C
1215 #ifdef POLARSSL_PEM_C
1216 #ifdef POLARSSL_FS_IO
1217 #ifdef POLARSSL_PKCS12_C
1218 
1219  FCT_TEST_BGN(x509_parse_key_122_pkcs8_encrypted_sha1_2des_no_pw)
1220  {
1221  rsa_context rsa;
1222  int res;
1223 
1224  memset( &rsa, 0, sizeof( rsa_context ) );
1225 
1226  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_2des.key", "" );
1227 
1228  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_REQUIRED );
1229 
1230  if( res == 0 )
1231  {
1232  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1233  }
1234 
1235  rsa_free( &rsa );
1236  }
1237  FCT_TEST_END();
1238 #endif /* POLARSSL_DES_C */
1239 #endif /* POLARSSL_SHA1_C */
1240 #endif /* POLARSSL_PEM_C */
1241 #endif /* POLARSSL_FS_IO */
1242 #endif /* POLARSSL_PKCS12_C */
1243 
1244 #ifdef POLARSSL_ARC4_C
1245 #ifdef POLARSSL_SHA1_C
1246 #ifdef POLARSSL_PEM_C
1247 #ifdef POLARSSL_FS_IO
1248 #ifdef POLARSSL_PKCS12_C
1249 
1250  FCT_TEST_BGN(x509_parse_key_13_pkcs8_encrypted_sha1_rc4_128)
1251  {
1252  rsa_context rsa;
1253  int res;
1254 
1255  memset( &rsa, 0, sizeof( rsa_context ) );
1256 
1257  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_rc4_128.key", "PolarSSLTest" );
1258 
1259  fct_chk( res == 0 );
1260 
1261  if( res == 0 )
1262  {
1263  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1264  }
1265 
1266  rsa_free( &rsa );
1267  }
1268  FCT_TEST_END();
1269 #endif /* POLARSSL_ARC4_C */
1270 #endif /* POLARSSL_SHA1_C */
1271 #endif /* POLARSSL_PEM_C */
1272 #endif /* POLARSSL_FS_IO */
1273 #endif /* POLARSSL_PKCS12_C */
1274 
1275 #ifdef POLARSSL_ARC4_C
1276 #ifdef POLARSSL_SHA1_C
1277 #ifdef POLARSSL_PEM_C
1278 #ifdef POLARSSL_FS_IO
1279 #ifdef POLARSSL_PKCS12_C
1280 
1281  FCT_TEST_BGN(x509_parse_key_131_pkcs8_encrypted_sha1_rc4_128_wrong_pw)
1282  {
1283  rsa_context rsa;
1284  int res;
1285 
1286  memset( &rsa, 0, sizeof( rsa_context ) );
1287 
1288  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_rc4_128.key", "PolarSSLTe" );
1289 
1290  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_MISMATCH );
1291 
1292  if( res == 0 )
1293  {
1294  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1295  }
1296 
1297  rsa_free( &rsa );
1298  }
1299  FCT_TEST_END();
1300 #endif /* POLARSSL_ARC4_C */
1301 #endif /* POLARSSL_SHA1_C */
1302 #endif /* POLARSSL_PEM_C */
1303 #endif /* POLARSSL_FS_IO */
1304 #endif /* POLARSSL_PKCS12_C */
1305 
1306 #ifdef POLARSSL_ARC4_C
1307 #ifdef POLARSSL_SHA1_C
1308 #ifdef POLARSSL_PEM_C
1309 #ifdef POLARSSL_FS_IO
1310 #ifdef POLARSSL_PKCS12_C
1311 
1312  FCT_TEST_BGN(x509_parse_key_132_pkcs8_encrypted_sha1_rc4_128_no_pw)
1313  {
1314  rsa_context rsa;
1315  int res;
1316 
1317  memset( &rsa, 0, sizeof( rsa_context ) );
1318 
1319  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbe_sha1_rc4_128.key", "" );
1320 
1321  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_REQUIRED );
1322 
1323  if( res == 0 )
1324  {
1325  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1326  }
1327 
1328  rsa_free( &rsa );
1329  }
1330  FCT_TEST_END();
1331 #endif /* POLARSSL_ARC4_C */
1332 #endif /* POLARSSL_SHA1_C */
1333 #endif /* POLARSSL_PEM_C */
1334 #endif /* POLARSSL_FS_IO */
1335 #endif /* POLARSSL_PKCS12_C */
1336 
1337 #ifdef POLARSSL_DES_C
1338 #ifdef POLARSSL_SHA1_C
1339 #ifdef POLARSSL_PEM_C
1340 #ifdef POLARSSL_FS_IO
1341 #ifdef POLARSSL_PKCS5_C
1342 
1343  FCT_TEST_BGN(x509_parse_key_14_pkcs8_encrypted_v2_pbdfk2_3des)
1344  {
1345  rsa_context rsa;
1346  int res;
1347 
1348  memset( &rsa, 0, sizeof( rsa_context ) );
1349 
1350  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_3des.key", "PolarSSLTest" );
1351 
1352  fct_chk( res == 0 );
1353 
1354  if( res == 0 )
1355  {
1356  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1357  }
1358 
1359  rsa_free( &rsa );
1360  }
1361  FCT_TEST_END();
1362 #endif /* POLARSSL_DES_C */
1363 #endif /* POLARSSL_SHA1_C */
1364 #endif /* POLARSSL_PEM_C */
1365 #endif /* POLARSSL_FS_IO */
1366 #endif /* POLARSSL_PKCS5_C */
1367 
1368 #ifdef POLARSSL_DES_C
1369 #ifdef POLARSSL_SHA1_C
1370 #ifdef POLARSSL_PEM_C
1371 #ifdef POLARSSL_FS_IO
1372 #ifdef POLARSSL_PKCS5_C
1373 
1374  FCT_TEST_BGN(x509_parse_key_15_pkcs8_encrypted_v2_pbdfk2_3des_wrong_pw)
1375  {
1376  rsa_context rsa;
1377  int res;
1378 
1379  memset( &rsa, 0, sizeof( rsa_context ) );
1380 
1381  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_3des.key", "PolarSSLTes" );
1382 
1383  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_MISMATCH );
1384 
1385  if( res == 0 )
1386  {
1387  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1388  }
1389 
1390  rsa_free( &rsa );
1391  }
1392  FCT_TEST_END();
1393 #endif /* POLARSSL_DES_C */
1394 #endif /* POLARSSL_SHA1_C */
1395 #endif /* POLARSSL_PEM_C */
1396 #endif /* POLARSSL_FS_IO */
1397 #endif /* POLARSSL_PKCS5_C */
1398 
1399 #ifdef POLARSSL_DES_C
1400 #ifdef POLARSSL_SHA1_C
1401 #ifdef POLARSSL_PEM_C
1402 #ifdef POLARSSL_FS_IO
1403 #ifdef POLARSSL_PKCS5_C
1404 
1405  FCT_TEST_BGN(x509_parse_key_16_pkcs8_encrypted_v2_pbdfk2_3des_no_pw)
1406  {
1407  rsa_context rsa;
1408  int res;
1409 
1410  memset( &rsa, 0, sizeof( rsa_context ) );
1411 
1412  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_3des.key", "" );
1413 
1414  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_REQUIRED );
1415 
1416  if( res == 0 )
1417  {
1418  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1419  }
1420 
1421  rsa_free( &rsa );
1422  }
1423  FCT_TEST_END();
1424 #endif /* POLARSSL_DES_C */
1425 #endif /* POLARSSL_SHA1_C */
1426 #endif /* POLARSSL_PEM_C */
1427 #endif /* POLARSSL_FS_IO */
1428 #endif /* POLARSSL_PKCS5_C */
1429 
1430 #ifdef POLARSSL_DES_C
1431 #ifdef POLARSSL_SHA1_C
1432 #ifdef POLARSSL_FS_IO
1433 #ifdef POLARSSL_PKCS5_C
1434 
1435  FCT_TEST_BGN(x509_parse_key_17_pkcs8_encrypted_v2_pbdfk2_3des_der)
1436  {
1437  rsa_context rsa;
1438  int res;
1439 
1440  memset( &rsa, 0, sizeof( rsa_context ) );
1441 
1442  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_3des.der", "PolarSSLTest" );
1443 
1444  fct_chk( res == 0 );
1445 
1446  if( res == 0 )
1447  {
1448  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1449  }
1450 
1451  rsa_free( &rsa );
1452  }
1453  FCT_TEST_END();
1454 #endif /* POLARSSL_DES_C */
1455 #endif /* POLARSSL_SHA1_C */
1456 #endif /* POLARSSL_FS_IO */
1457 #endif /* POLARSSL_PKCS5_C */
1458 
1459 #ifdef POLARSSL_DES_C
1460 #ifdef POLARSSL_SHA1_C
1461 #ifdef POLARSSL_FS_IO
1462 #ifdef POLARSSL_PKCS5_C
1463 
1464  FCT_TEST_BGN(x509_parse_key_18_pkcs8_encrypted_v2_pbdfk2_3des_der_wrong_pw)
1465  {
1466  rsa_context rsa;
1467  int res;
1468 
1469  memset( &rsa, 0, sizeof( rsa_context ) );
1470 
1471  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_3des.der", "PolarSSLTes" );
1472 
1473  fct_chk( res == POLARSSL_ERR_X509_PASSWORD_MISMATCH );
1474 
1475  if( res == 0 )
1476  {
1477  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1478  }
1479 
1480  rsa_free( &rsa );
1481  }
1482  FCT_TEST_END();
1483 #endif /* POLARSSL_DES_C */
1484 #endif /* POLARSSL_SHA1_C */
1485 #endif /* POLARSSL_FS_IO */
1486 #endif /* POLARSSL_PKCS5_C */
1487 
1488 #ifdef POLARSSL_DES_C
1489 #ifdef POLARSSL_SHA1_C
1490 #ifdef POLARSSL_FS_IO
1491 #ifdef POLARSSL_PKCS5_C
1492 
1493  FCT_TEST_BGN(x509_parse_key_19_pkcs8_encrypted_v2_pbdfk2_3des_der_no_pw)
1494  {
1495  rsa_context rsa;
1496  int res;
1497 
1498  memset( &rsa, 0, sizeof( rsa_context ) );
1499 
1500  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_3des.der", "" );
1501 
1502  fct_chk( res == POLARSSL_ERR_X509_KEY_INVALID_FORMAT );
1503 
1504  if( res == 0 )
1505  {
1506  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1507  }
1508 
1509  rsa_free( &rsa );
1510  }
1511  FCT_TEST_END();
1512 #endif /* POLARSSL_DES_C */
1513 #endif /* POLARSSL_SHA1_C */
1514 #endif /* POLARSSL_FS_IO */
1515 #endif /* POLARSSL_PKCS5_C */
1516 
1517 #ifdef POLARSSL_DES_C
1518 #ifdef POLARSSL_SHA1_C
1519 #ifdef POLARSSL_PEM_C
1520 #ifdef POLARSSL_FS_IO
1521 #ifdef POLARSSL_PKCS5_C
1522 
1523  FCT_TEST_BGN(x509_parse_key_20_pkcs8_encrypted_v2_pbdfk2_des)
1524  {
1525  rsa_context rsa;
1526  int res;
1527 
1528  memset( &rsa, 0, sizeof( rsa_context ) );
1529 
1530  res = x509parse_keyfile( &rsa, "data_files/pkcs8_pbes2_pbkdf2_des.key", "PolarSSLTest" );
1531 
1532  fct_chk( res == 0 );
1533 
1534  if( res == 0 )
1535  {
1536  fct_chk( rsa_check_privkey( &rsa ) == 0 );
1537  }
1538 
1539  rsa_free( &rsa );
1540  }
1541  FCT_TEST_END();
1542 #endif /* POLARSSL_DES_C */
1543 #endif /* POLARSSL_SHA1_C */
1544 #endif /* POLARSSL_PEM_C */
1545 #endif /* POLARSSL_FS_IO */
1546 #endif /* POLARSSL_PKCS5_C */
1547 
1548 #ifdef POLARSSL_MD5_C
1549 #ifdef POLARSSL_PEM_C
1550 #ifdef POLARSSL_FS_IO
1551 
1552  FCT_TEST_BGN(x509_parse_public_key_1_pkcs8_wrapped)
1553  {
1554  rsa_context rsa;
1555  int res;
1556 
1557  memset( &rsa, 0, sizeof( rsa_context ) );
1558 
1559  res = x509parse_public_keyfile( &rsa, "data_files/format_gen.pub" );
1560 
1561  fct_chk( res == 0 );
1562 
1563  if( res == 0 )
1564  {
1565  fct_chk( rsa_check_pubkey( &rsa ) == 0 );
1566  }
1567 
1568  rsa_free( &rsa );
1569  }
1570  FCT_TEST_END();
1571 #endif /* POLARSSL_MD5_C */
1572 #endif /* POLARSSL_PEM_C */
1573 #endif /* POLARSSL_FS_IO */
1574 
1575 #ifdef POLARSSL_PEM_C
1576 #ifdef POLARSSL_FS_IO
1577 
1578  FCT_TEST_BGN(x509_get_distinguished_name_1)
1579  {
1580  x509_cert crt;
1581  char buf[2000];
1582  int res;
1583 
1584  memset( &crt, 0, sizeof( x509_cert ) );
1585  memset( buf, 0, 2000 );
1586 
1587  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1588  res = x509parse_dn_gets( buf, 2000, &crt.subject );
1589 
1590  x509_free( &crt );
1591 
1592  fct_chk( res != -1 );
1593  fct_chk( res != -2 );
1594 
1595  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Server 1" ) == 0 );
1596  }
1597  FCT_TEST_END();
1598 #endif /* POLARSSL_PEM_C */
1599 #endif /* POLARSSL_FS_IO */
1600 
1601 #ifdef POLARSSL_PEM_C
1602 #ifdef POLARSSL_FS_IO
1603 
1604  FCT_TEST_BGN(x509_get_distinguished_name_2)
1605  {
1606  x509_cert crt;
1607  char buf[2000];
1608  int res;
1609 
1610  memset( &crt, 0, sizeof( x509_cert ) );
1611  memset( buf, 0, 2000 );
1612 
1613  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1614  res = x509parse_dn_gets( buf, 2000, &crt.issuer );
1615 
1616  x509_free( &crt );
1617 
1618  fct_chk( res != -1 );
1619  fct_chk( res != -2 );
1620 
1621  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 );
1622  }
1623  FCT_TEST_END();
1624 #endif /* POLARSSL_PEM_C */
1625 #endif /* POLARSSL_FS_IO */
1626 
1627 #ifdef POLARSSL_PEM_C
1628 #ifdef POLARSSL_FS_IO
1629 
1630  FCT_TEST_BGN(x509_get_distinguished_name_3)
1631  {
1632  x509_cert crt;
1633  char buf[2000];
1634  int res;
1635 
1636  memset( &crt, 0, sizeof( x509_cert ) );
1637  memset( buf, 0, 2000 );
1638 
1639  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1640  res = x509parse_dn_gets( buf, 2000, &crt.subject );
1641 
1642  x509_free( &crt );
1643 
1644  fct_chk( res != -1 );
1645  fct_chk( res != -2 );
1646 
1647  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=localhost" ) == 0 );
1648  }
1649  FCT_TEST_END();
1650 #endif /* POLARSSL_PEM_C */
1651 #endif /* POLARSSL_FS_IO */
1652 
1653 #ifdef POLARSSL_PEM_C
1654 #ifdef POLARSSL_FS_IO
1655 
1656  FCT_TEST_BGN(x509_get_distinguished_name_4)
1657  {
1658  x509_cert crt;
1659  char buf[2000];
1660  int res;
1661 
1662  memset( &crt, 0, sizeof( x509_cert ) );
1663  memset( buf, 0, 2000 );
1664 
1665  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1666  res = x509parse_dn_gets( buf, 2000, &crt.issuer );
1667 
1668  x509_free( &crt );
1669 
1670  fct_chk( res != -1 );
1671  fct_chk( res != -2 );
1672 
1673  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 );
1674  }
1675  FCT_TEST_END();
1676 #endif /* POLARSSL_PEM_C */
1677 #endif /* POLARSSL_FS_IO */
1678 
1679 #ifdef POLARSSL_PEM_C
1680 #ifdef POLARSSL_FS_IO
1681 
1682  FCT_TEST_BGN(x509_time_expired_1)
1683  {
1684  x509_cert crt;
1685 
1686  memset( &crt, 0, sizeof( x509_cert ) );
1687 
1688  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1689  fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
1690 
1691  x509_free( &crt );
1692  }
1693  FCT_TEST_END();
1694 #endif /* POLARSSL_PEM_C */
1695 #endif /* POLARSSL_FS_IO */
1696 
1697 #ifdef POLARSSL_PEM_C
1698 #ifdef POLARSSL_FS_IO
1699 
1700  FCT_TEST_BGN(x509_time_expired_2)
1701  {
1702  x509_cert crt;
1703 
1704  memset( &crt, 0, sizeof( x509_cert ) );
1705 
1706  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1707  fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
1708 
1709  x509_free( &crt );
1710  }
1711  FCT_TEST_END();
1712 #endif /* POLARSSL_PEM_C */
1713 #endif /* POLARSSL_FS_IO */
1714 
1715 #ifdef POLARSSL_PEM_C
1716 #ifdef POLARSSL_FS_IO
1717 
1718  FCT_TEST_BGN(x509_time_expired_3)
1719  {
1720  x509_cert crt;
1721 
1722  memset( &crt, 0, sizeof( x509_cert ) );
1723 
1724  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1725  fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
1726 
1727  x509_free( &crt );
1728  }
1729  FCT_TEST_END();
1730 #endif /* POLARSSL_PEM_C */
1731 #endif /* POLARSSL_FS_IO */
1732 
1733 #ifdef POLARSSL_PEM_C
1734 #ifdef POLARSSL_FS_IO
1735 
1736  FCT_TEST_BGN(x509_time_expired_4)
1737  {
1738  x509_cert crt;
1739 
1740  memset( &crt, 0, sizeof( x509_cert ) );
1741 
1742  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1743  fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
1744 
1745  x509_free( &crt );
1746  }
1747  FCT_TEST_END();
1748 #endif /* POLARSSL_PEM_C */
1749 #endif /* POLARSSL_FS_IO */
1750 
1751 #ifdef POLARSSL_PEM_C
1752 #ifdef POLARSSL_FS_IO
1753 
1754  FCT_TEST_BGN(x509_time_expired_5)
1755  {
1756  x509_cert crt;
1757 
1758  memset( &crt, 0, sizeof( x509_cert ) );
1759 
1760  fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
1761  fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
1762 
1763  x509_free( &crt );
1764  }
1765  FCT_TEST_END();
1766 #endif /* POLARSSL_PEM_C */
1767 #endif /* POLARSSL_FS_IO */
1768 
1769 #ifdef POLARSSL_PEM_C
1770 #ifdef POLARSSL_FS_IO
1771 
1772  FCT_TEST_BGN(x509_time_expired_6polarssl_fs_io)
1773  {
1774  x509_cert crt;
1775 
1776  memset( &crt, 0, sizeof( x509_cert ) );
1777 
1778  fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
1779  fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
1780 
1781  x509_free( &crt );
1782  }
1783  FCT_TEST_END();
1784 #endif /* POLARSSL_PEM_C */
1785 #endif /* POLARSSL_FS_IO */
1786 
1787 #ifdef POLARSSL_PEM_C
1788 #ifdef POLARSSL_FS_IO
1789 
1790  FCT_TEST_BGN(x509_certificate_verification_1_revoked_cert_expired_crl)
1791  {
1792  x509_cert crt;
1793  x509_cert ca;
1794  x509_crl crl;
1795  int flags = 0;
1796  int res;
1797 
1798  memset( &crt, 0, sizeof( x509_cert ) );
1799  memset( &ca, 0, sizeof( x509_cert ) );
1800  memset( &crl, 0, sizeof( x509_crl ) );
1801 
1802  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1803  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1804  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1805 
1806  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1807 
1808  x509_free( &crt );
1809  x509_free( &ca );
1810  x509_crl_free( &crl );
1811 
1812  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1813  fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) );
1814  }
1815  FCT_TEST_END();
1816 #endif /* POLARSSL_PEM_C */
1817 #endif /* POLARSSL_FS_IO */
1818 
1819 #ifdef POLARSSL_PEM_C
1820 #ifdef POLARSSL_FS_IO
1821 
1822  FCT_TEST_BGN(x509_certificate_verification_2_revoked_cert_expired_crl)
1823  {
1824  x509_cert crt;
1825  x509_cert ca;
1826  x509_crl crl;
1827  int flags = 0;
1828  int res;
1829 
1830  memset( &crt, 0, sizeof( x509_cert ) );
1831  memset( &ca, 0, sizeof( x509_cert ) );
1832  memset( &crl, 0, sizeof( x509_crl ) );
1833 
1834  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1835  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1836  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1837 
1838  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL );
1839 
1840  x509_free( &crt );
1841  x509_free( &ca );
1842  x509_crl_free( &crl );
1843 
1844  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1845  fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) );
1846  }
1847  FCT_TEST_END();
1848 #endif /* POLARSSL_PEM_C */
1849 #endif /* POLARSSL_FS_IO */
1850 
1851 #ifdef POLARSSL_PEM_C
1852 #ifdef POLARSSL_FS_IO
1853 
1854  FCT_TEST_BGN(x509_certificate_verification_3_revoked_cert_expired_crl_cn_mismatch)
1855  {
1856  x509_cert crt;
1857  x509_cert ca;
1858  x509_crl crl;
1859  int flags = 0;
1860  int res;
1861 
1862  memset( &crt, 0, sizeof( x509_cert ) );
1863  memset( &ca, 0, sizeof( x509_cert ) );
1864  memset( &crl, 0, sizeof( x509_crl ) );
1865 
1866  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1867  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1868  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1869 
1870  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL );
1871 
1872  x509_free( &crt );
1873  x509_free( &ca );
1874  x509_crl_free( &crl );
1875 
1876  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1877  fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH ) );
1878  }
1879  FCT_TEST_END();
1880 #endif /* POLARSSL_PEM_C */
1881 #endif /* POLARSSL_FS_IO */
1882 
1883 #ifdef POLARSSL_PEM_C
1884 #ifdef POLARSSL_FS_IO
1885 
1886  FCT_TEST_BGN(x509_certificate_verification_4_valid_cert_expired_crl)
1887  {
1888  x509_cert crt;
1889  x509_cert ca;
1890  x509_crl crl;
1891  int flags = 0;
1892  int res;
1893 
1894  memset( &crt, 0, sizeof( x509_cert ) );
1895  memset( &ca, 0, sizeof( x509_cert ) );
1896  memset( &crl, 0, sizeof( x509_crl ) );
1897 
1898  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1899  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1900  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1901 
1902  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1903 
1904  x509_free( &crt );
1905  x509_free( &ca );
1906  x509_crl_free( &crl );
1907 
1908  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1909  fct_chk( flags == ( BADCRL_EXPIRED ) );
1910  }
1911  FCT_TEST_END();
1912 #endif /* POLARSSL_PEM_C */
1913 #endif /* POLARSSL_FS_IO */
1914 
1915 #ifdef POLARSSL_PEM_C
1916 #ifdef POLARSSL_FS_IO
1917 
1918  FCT_TEST_BGN(x509_certificate_verification_5_revoked_cert)
1919  {
1920  x509_cert crt;
1921  x509_cert ca;
1922  x509_crl crl;
1923  int flags = 0;
1924  int res;
1925 
1926  memset( &crt, 0, sizeof( x509_cert ) );
1927  memset( &ca, 0, sizeof( x509_cert ) );
1928  memset( &crl, 0, sizeof( x509_crl ) );
1929 
1930  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1931  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1932  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1933 
1934  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1935 
1936  x509_free( &crt );
1937  x509_free( &ca );
1938  x509_crl_free( &crl );
1939 
1940  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1941  fct_chk( flags == ( BADCERT_REVOKED ) );
1942  }
1943  FCT_TEST_END();
1944 #endif /* POLARSSL_PEM_C */
1945 #endif /* POLARSSL_FS_IO */
1946 
1947 #ifdef POLARSSL_PEM_C
1948 #ifdef POLARSSL_FS_IO
1949 
1950  FCT_TEST_BGN(x509_certificate_verification_6_revoked_cert)
1951  {
1952  x509_cert crt;
1953  x509_cert ca;
1954  x509_crl crl;
1955  int flags = 0;
1956  int res;
1957 
1958  memset( &crt, 0, sizeof( x509_cert ) );
1959  memset( &ca, 0, sizeof( x509_cert ) );
1960  memset( &crl, 0, sizeof( x509_crl ) );
1961 
1962  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1963  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1964  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1965 
1966  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL );
1967 
1968  x509_free( &crt );
1969  x509_free( &ca );
1970  x509_crl_free( &crl );
1971 
1972  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1973  fct_chk( flags == ( BADCERT_REVOKED ) );
1974  }
1975  FCT_TEST_END();
1976 #endif /* POLARSSL_PEM_C */
1977 #endif /* POLARSSL_FS_IO */
1978 
1979 #ifdef POLARSSL_PEM_C
1980 #ifdef POLARSSL_FS_IO
1981 
1982  FCT_TEST_BGN(x509_certificate_verification_7_revoked_cert_cn_mismatch)
1983  {
1984  x509_cert crt;
1985  x509_cert ca;
1986  x509_crl crl;
1987  int flags = 0;
1988  int res;
1989 
1990  memset( &crt, 0, sizeof( x509_cert ) );
1991  memset( &ca, 0, sizeof( x509_cert ) );
1992  memset( &crl, 0, sizeof( x509_crl ) );
1993 
1994  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1995  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1996  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1997 
1998  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL );
1999 
2000  x509_free( &crt );
2001  x509_free( &ca );
2002  x509_crl_free( &crl );
2003 
2004  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2005  fct_chk( flags == ( BADCERT_REVOKED | BADCERT_CN_MISMATCH ) );
2006  }
2007  FCT_TEST_END();
2008 #endif /* POLARSSL_PEM_C */
2009 #endif /* POLARSSL_FS_IO */
2010 
2011 #ifdef POLARSSL_PEM_C
2012 #ifdef POLARSSL_FS_IO
2013 
2014  FCT_TEST_BGN(x509_certificate_verification_8_valid_cert)
2015  {
2016  x509_cert crt;
2017  x509_cert ca;
2018  x509_crl crl;
2019  int flags = 0;
2020  int res;
2021 
2022  memset( &crt, 0, sizeof( x509_cert ) );
2023  memset( &ca, 0, sizeof( x509_cert ) );
2024  memset( &crl, 0, sizeof( x509_crl ) );
2025 
2026  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
2027  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2028  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2029 
2030  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2031 
2032  x509_free( &crt );
2033  x509_free( &ca );
2034  x509_crl_free( &crl );
2035 
2036  fct_chk( res == ( 0 ) );
2037  fct_chk( flags == ( 0 ) );
2038  }
2039  FCT_TEST_END();
2040 #endif /* POLARSSL_PEM_C */
2041 #endif /* POLARSSL_FS_IO */
2042 
2043 #ifdef POLARSSL_PEM_C
2044 #ifdef POLARSSL_FS_IO
2045 
2046  FCT_TEST_BGN(x509_certificate_verification_9_not_trusted_cert)
2047  {
2048  x509_cert crt;
2049  x509_cert ca;
2050  x509_crl crl;
2051  int flags = 0;
2052  int res;
2053 
2054  memset( &crt, 0, sizeof( x509_cert ) );
2055  memset( &ca, 0, sizeof( x509_cert ) );
2056  memset( &crl, 0, sizeof( x509_crl ) );
2057 
2058  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
2059  fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
2060  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2061 
2062  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2063 
2064  x509_free( &crt );
2065  x509_free( &ca );
2066  x509_crl_free( &crl );
2067 
2068  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2069  fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
2070  }
2071  FCT_TEST_END();
2072 #endif /* POLARSSL_PEM_C */
2073 #endif /* POLARSSL_FS_IO */
2074 
2075 #ifdef POLARSSL_PEM_C
2076 #ifdef POLARSSL_FS_IO
2077 
2078  FCT_TEST_BGN(x509_certificate_verification_10_not_trusted_cert_expired_crl)
2079  {
2080  x509_cert crt;
2081  x509_cert ca;
2082  x509_crl crl;
2083  int flags = 0;
2084  int res;
2085 
2086  memset( &crt, 0, sizeof( x509_cert ) );
2087  memset( &ca, 0, sizeof( x509_cert ) );
2088  memset( &crl, 0, sizeof( x509_crl ) );
2089 
2090  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
2091  fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
2092  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
2093 
2094  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2095 
2096  x509_free( &crt );
2097  x509_free( &ca );
2098  x509_crl_free( &crl );
2099 
2100  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2101  fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
2102  }
2103  FCT_TEST_END();
2104 #endif /* POLARSSL_PEM_C */
2105 #endif /* POLARSSL_FS_IO */
2106 
2107 #ifdef POLARSSL_MD4_C
2108 #ifdef POLARSSL_PEM_C
2109 #ifdef POLARSSL_FS_IO
2110 
2111  FCT_TEST_BGN(x509_certificate_verification_12_valid_cert_md4_digest)
2112  {
2113  x509_cert crt;
2114  x509_cert ca;
2115  x509_crl crl;
2116  int flags = 0;
2117  int res;
2118 
2119  memset( &crt, 0, sizeof( x509_cert ) );
2120  memset( &ca, 0, sizeof( x509_cert ) );
2121  memset( &crl, 0, sizeof( x509_crl ) );
2122 
2123  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 );
2124  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2125  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2126 
2127  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2128 
2129  x509_free( &crt );
2130  x509_free( &ca );
2131  x509_crl_free( &crl );
2132 
2133  fct_chk( res == ( 0 ) );
2134  fct_chk( flags == ( 0 ) );
2135  }
2136  FCT_TEST_END();
2137 #endif /* POLARSSL_MD4_C */
2138 #endif /* POLARSSL_PEM_C */
2139 #endif /* POLARSSL_FS_IO */
2140 
2141 #ifdef POLARSSL_MD5_C
2142 #ifdef POLARSSL_PEM_C
2143 #ifdef POLARSSL_FS_IO
2144 
2145  FCT_TEST_BGN(x509_certificate_verification_13_valid_cert_md5_digest)
2146  {
2147  x509_cert crt;
2148  x509_cert ca;
2149  x509_crl crl;
2150  int flags = 0;
2151  int res;
2152 
2153  memset( &crt, 0, sizeof( x509_cert ) );
2154  memset( &ca, 0, sizeof( x509_cert ) );
2155  memset( &crl, 0, sizeof( x509_crl ) );
2156 
2157  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 );
2158  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2159  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2160 
2161  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2162 
2163  x509_free( &crt );
2164  x509_free( &ca );
2165  x509_crl_free( &crl );
2166 
2167  fct_chk( res == ( 0 ) );
2168  fct_chk( flags == ( 0 ) );
2169  }
2170  FCT_TEST_END();
2171 #endif /* POLARSSL_MD5_C */
2172 #endif /* POLARSSL_PEM_C */
2173 #endif /* POLARSSL_FS_IO */
2174 
2175 #ifdef POLARSSL_SHA1_C
2176 #ifdef POLARSSL_PEM_C
2177 #ifdef POLARSSL_FS_IO
2178 
2179  FCT_TEST_BGN(x509_certificate_verification_14_valid_cert_sha1_digest)
2180  {
2181  x509_cert crt;
2182  x509_cert ca;
2183  x509_crl crl;
2184  int flags = 0;
2185  int res;
2186 
2187  memset( &crt, 0, sizeof( x509_cert ) );
2188  memset( &ca, 0, sizeof( x509_cert ) );
2189  memset( &crl, 0, sizeof( x509_crl ) );
2190 
2191  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 );
2192  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2193  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2194 
2195  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2196 
2197  x509_free( &crt );
2198  x509_free( &ca );
2199  x509_crl_free( &crl );
2200 
2201  fct_chk( res == ( 0 ) );
2202  fct_chk( flags == ( 0 ) );
2203  }
2204  FCT_TEST_END();
2205 #endif /* POLARSSL_SHA1_C */
2206 #endif /* POLARSSL_PEM_C */
2207 #endif /* POLARSSL_FS_IO */
2208 
2209 #ifdef POLARSSL_SHA2_C
2210 #ifdef POLARSSL_PEM_C
2211 #ifdef POLARSSL_FS_IO
2212 
2213  FCT_TEST_BGN(x509_certificate_verification_15_valid_cert_sha224_digest)
2214  {
2215  x509_cert crt;
2216  x509_cert ca;
2217  x509_crl crl;
2218  int flags = 0;
2219  int res;
2220 
2221  memset( &crt, 0, sizeof( x509_cert ) );
2222  memset( &ca, 0, sizeof( x509_cert ) );
2223  memset( &crl, 0, sizeof( x509_crl ) );
2224 
2225  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 );
2226  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2227  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2228 
2229  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2230 
2231  x509_free( &crt );
2232  x509_free( &ca );
2233  x509_crl_free( &crl );
2234 
2235  fct_chk( res == ( 0 ) );
2236  fct_chk( flags == ( 0 ) );
2237  }
2238  FCT_TEST_END();
2239 #endif /* POLARSSL_SHA2_C */
2240 #endif /* POLARSSL_PEM_C */
2241 #endif /* POLARSSL_FS_IO */
2242 
2243 #ifdef POLARSSL_SHA2_C
2244 #ifdef POLARSSL_PEM_C
2245 #ifdef POLARSSL_FS_IO
2246 
2247  FCT_TEST_BGN(x509_certificate_verification_16_valid_cert_sha256_digest)
2248  {
2249  x509_cert crt;
2250  x509_cert ca;
2251  x509_crl crl;
2252  int flags = 0;
2253  int res;
2254 
2255  memset( &crt, 0, sizeof( x509_cert ) );
2256  memset( &ca, 0, sizeof( x509_cert ) );
2257  memset( &crl, 0, sizeof( x509_crl ) );
2258 
2259  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 );
2260  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2261  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2262 
2263  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2264 
2265  x509_free( &crt );
2266  x509_free( &ca );
2267  x509_crl_free( &crl );
2268 
2269  fct_chk( res == ( 0 ) );
2270  fct_chk( flags == ( 0 ) );
2271  }
2272  FCT_TEST_END();
2273 #endif /* POLARSSL_SHA2_C */
2274 #endif /* POLARSSL_PEM_C */
2275 #endif /* POLARSSL_FS_IO */
2276 
2277 #ifdef POLARSSL_SHA4_C
2278 #ifdef POLARSSL_PEM_C
2279 #ifdef POLARSSL_FS_IO
2280 
2281  FCT_TEST_BGN(x509_certificate_verification_17_valid_cert_sha384_digest)
2282  {
2283  x509_cert crt;
2284  x509_cert ca;
2285  x509_crl crl;
2286  int flags = 0;
2287  int res;
2288 
2289  memset( &crt, 0, sizeof( x509_cert ) );
2290  memset( &ca, 0, sizeof( x509_cert ) );
2291  memset( &crl, 0, sizeof( x509_crl ) );
2292 
2293  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 );
2294  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2295  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2296 
2297  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2298 
2299  x509_free( &crt );
2300  x509_free( &ca );
2301  x509_crl_free( &crl );
2302 
2303  fct_chk( res == ( 0 ) );
2304  fct_chk( flags == ( 0 ) );
2305  }
2306  FCT_TEST_END();
2307 #endif /* POLARSSL_SHA4_C */
2308 #endif /* POLARSSL_PEM_C */
2309 #endif /* POLARSSL_FS_IO */
2310 
2311 #ifdef POLARSSL_SHA4_C
2312 #ifdef POLARSSL_PEM_C
2313 #ifdef POLARSSL_FS_IO
2314 
2315  FCT_TEST_BGN(x509_certificate_verification_18_valid_cert_sha512_digest)
2316  {
2317  x509_cert crt;
2318  x509_cert ca;
2319  x509_crl crl;
2320  int flags = 0;
2321  int res;
2322 
2323  memset( &crt, 0, sizeof( x509_cert ) );
2324  memset( &ca, 0, sizeof( x509_cert ) );
2325  memset( &crl, 0, sizeof( x509_crl ) );
2326 
2327  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
2328  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2329  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2330 
2331  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
2332 
2333  x509_free( &crt );
2334  x509_free( &ca );
2335  x509_crl_free( &crl );
2336 
2337  fct_chk( res == ( 0 ) );
2338  fct_chk( flags == ( 0 ) );
2339  }
2340  FCT_TEST_END();
2341 #endif /* POLARSSL_SHA4_C */
2342 #endif /* POLARSSL_PEM_C */
2343 #endif /* POLARSSL_FS_IO */
2344 
2345 #ifdef POLARSSL_SHA4_C
2346 #ifdef POLARSSL_PEM_C
2347 #ifdef POLARSSL_FS_IO
2348 
2349  FCT_TEST_BGN(x509_certificate_verification_19_valid_cert_denying_callback)
2350  {
2351  x509_cert crt;
2352  x509_cert ca;
2353  x509_crl crl;
2354  int flags = 0;
2355  int res;
2356 
2357  memset( &crt, 0, sizeof( x509_cert ) );
2358  memset( &ca, 0, sizeof( x509_cert ) );
2359  memset( &crl, 0, sizeof( x509_crl ) );
2360 
2361  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
2362  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2363  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2364 
2365  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, verify_none, NULL );
2366 
2367  x509_free( &crt );
2368  x509_free( &ca );
2369  x509_crl_free( &crl );
2370 
2371  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2372  fct_chk( flags == ( BADCERT_OTHER ) );
2373  }
2374  FCT_TEST_END();
2375 #endif /* POLARSSL_SHA4_C */
2376 #endif /* POLARSSL_PEM_C */
2377 #endif /* POLARSSL_FS_IO */
2378 
2379 #ifdef POLARSSL_PEM_C
2380 #ifdef POLARSSL_FS_IO
2381 
2382  FCT_TEST_BGN(x509_certificate_verification_20_not_trusted_cert_allowing_callback)
2383  {
2384  x509_cert crt;
2385  x509_cert ca;
2386  x509_crl crl;
2387  int flags = 0;
2388  int res;
2389 
2390  memset( &crt, 0, sizeof( x509_cert ) );
2391  memset( &ca, 0, sizeof( x509_cert ) );
2392  memset( &crl, 0, sizeof( x509_crl ) );
2393 
2394  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
2395  fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
2396  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
2397 
2398  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, verify_all, NULL );
2399 
2400  x509_free( &crt );
2401  x509_free( &ca );
2402  x509_crl_free( &crl );
2403 
2404  fct_chk( res == ( 0 ) );
2405  fct_chk( flags == ( 0 ) );
2406  }
2407  FCT_TEST_END();
2408 #endif /* POLARSSL_PEM_C */
2409 #endif /* POLARSSL_FS_IO */
2410 
2411 #ifdef POLARSSL_PEM_C
2412 #ifdef POLARSSL_FS_IO
2413 
2414  FCT_TEST_BGN(x509_certificate_verification_21_domain_matching_wildcard_certificate)
2415  {
2416  x509_cert crt;
2417  x509_cert ca;
2418  x509_crl crl;
2419  int flags = 0;
2420  int res;
2421 
2422  memset( &crt, 0, sizeof( x509_cert ) );
2423  memset( &ca, 0, sizeof( x509_cert ) );
2424  memset( &crl, 0, sizeof( x509_crl ) );
2425 
2426  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_wildcard.crt" ) == 0 );
2427  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2428  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2429 
2430  res = x509parse_verify( &crt, &ca, &crl, "mail.example.com", &flags, NULL, NULL );
2431 
2432  x509_free( &crt );
2433  x509_free( &ca );
2434  x509_crl_free( &crl );
2435 
2436  fct_chk( res == ( 0 ) );
2437  fct_chk( flags == ( 0 ) );
2438  }
2439  FCT_TEST_END();
2440 #endif /* POLARSSL_PEM_C */
2441 #endif /* POLARSSL_FS_IO */
2442 
2443 #ifdef POLARSSL_PEM_C
2444 #ifdef POLARSSL_FS_IO
2445 
2446  FCT_TEST_BGN(x509_certificate_verification_22_domain_not_matching_wildcard_certificate)
2447  {
2448  x509_cert crt;
2449  x509_cert ca;
2450  x509_crl crl;
2451  int flags = 0;
2452  int res;
2453 
2454  memset( &crt, 0, sizeof( x509_cert ) );
2455  memset( &ca, 0, sizeof( x509_cert ) );
2456  memset( &crl, 0, sizeof( x509_crl ) );
2457 
2458  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_wildcard.crt" ) == 0 );
2459  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2460  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2461 
2462  res = x509parse_verify( &crt, &ca, &crl, "mail.example.net", &flags, NULL, NULL );
2463 
2464  x509_free( &crt );
2465  x509_free( &ca );
2466  x509_crl_free( &crl );
2467 
2468  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2469  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2470  }
2471  FCT_TEST_END();
2472 #endif /* POLARSSL_PEM_C */
2473 #endif /* POLARSSL_FS_IO */
2474 
2475 #ifdef POLARSSL_PEM_C
2476 #ifdef POLARSSL_FS_IO
2477 
2478  FCT_TEST_BGN(x509_certificate_verification_23_domain_not_matching_wildcard_certificate)
2479  {
2480  x509_cert crt;
2481  x509_cert ca;
2482  x509_crl crl;
2483  int flags = 0;
2484  int res;
2485 
2486  memset( &crt, 0, sizeof( x509_cert ) );
2487  memset( &ca, 0, sizeof( x509_cert ) );
2488  memset( &crl, 0, sizeof( x509_crl ) );
2489 
2490  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_wildcard.crt" ) == 0 );
2491  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2492  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2493 
2494  res = x509parse_verify( &crt, &ca, &crl, "example.com", &flags, NULL, NULL );
2495 
2496  x509_free( &crt );
2497  x509_free( &ca );
2498  x509_crl_free( &crl );
2499 
2500  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2501  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2502  }
2503  FCT_TEST_END();
2504 #endif /* POLARSSL_PEM_C */
2505 #endif /* POLARSSL_FS_IO */
2506 
2507 #ifdef POLARSSL_PEM_C
2508 #ifdef POLARSSL_FS_IO
2509 
2510  FCT_TEST_BGN(x509_certificate_verification_24_domain_matching_cn_of_multi_certificate)
2511  {
2512  x509_cert crt;
2513  x509_cert ca;
2514  x509_crl crl;
2515  int flags = 0;
2516  int res;
2517 
2518  memset( &crt, 0, sizeof( x509_cert ) );
2519  memset( &ca, 0, sizeof( x509_cert ) );
2520  memset( &crl, 0, sizeof( x509_crl ) );
2521 
2522  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2523  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2524  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2525 
2526  res = x509parse_verify( &crt, &ca, &crl, "www.example.com", &flags, NULL, NULL );
2527 
2528  x509_free( &crt );
2529  x509_free( &ca );
2530  x509_crl_free( &crl );
2531 
2532  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2533  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2534  }
2535  FCT_TEST_END();
2536 #endif /* POLARSSL_PEM_C */
2537 #endif /* POLARSSL_FS_IO */
2538 
2539 #ifdef POLARSSL_PEM_C
2540 #ifdef POLARSSL_FS_IO
2541 
2542  FCT_TEST_BGN(x509_certificate_verification_25_domain_matching_multi_certificate)
2543  {
2544  x509_cert crt;
2545  x509_cert ca;
2546  x509_crl crl;
2547  int flags = 0;
2548  int res;
2549 
2550  memset( &crt, 0, sizeof( x509_cert ) );
2551  memset( &ca, 0, sizeof( x509_cert ) );
2552  memset( &crl, 0, sizeof( x509_crl ) );
2553 
2554  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2555  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2556  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2557 
2558  res = x509parse_verify( &crt, &ca, &crl, "example.net", &flags, NULL, NULL );
2559 
2560  x509_free( &crt );
2561  x509_free( &ca );
2562  x509_crl_free( &crl );
2563 
2564  fct_chk( res == ( 0 ) );
2565  fct_chk( flags == ( 0 ) );
2566  }
2567  FCT_TEST_END();
2568 #endif /* POLARSSL_PEM_C */
2569 #endif /* POLARSSL_FS_IO */
2570 
2571 #ifdef POLARSSL_PEM_C
2572 #ifdef POLARSSL_FS_IO
2573 
2574  FCT_TEST_BGN(x509_certificate_verification_26_domain_not_matching_multi_certificate)
2575  {
2576  x509_cert crt;
2577  x509_cert ca;
2578  x509_crl crl;
2579  int flags = 0;
2580  int res;
2581 
2582  memset( &crt, 0, sizeof( x509_cert ) );
2583  memset( &ca, 0, sizeof( x509_cert ) );
2584  memset( &crl, 0, sizeof( x509_crl ) );
2585 
2586  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2587  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2588  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2589 
2590  res = x509parse_verify( &crt, &ca, &crl, "www.example.net", &flags, NULL, NULL );
2591 
2592  x509_free( &crt );
2593  x509_free( &ca );
2594  x509_crl_free( &crl );
2595 
2596  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2597  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2598  }
2599  FCT_TEST_END();
2600 #endif /* POLARSSL_PEM_C */
2601 #endif /* POLARSSL_FS_IO */
2602 
2603 #ifdef POLARSSL_PEM_C
2604 #ifdef POLARSSL_FS_IO
2605 
2606  FCT_TEST_BGN(x509_certificate_verification_27_domain_not_matching_multi_certificate)
2607  {
2608  x509_cert crt;
2609  x509_cert ca;
2610  x509_crl crl;
2611  int flags = 0;
2612  int res;
2613 
2614  memset( &crt, 0, sizeof( x509_cert ) );
2615  memset( &ca, 0, sizeof( x509_cert ) );
2616  memset( &crl, 0, sizeof( x509_crl ) );
2617 
2618  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2619  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2620  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2621 
2622  res = x509parse_verify( &crt, &ca, &crl, "xample.net", &flags, NULL, NULL );
2623 
2624  x509_free( &crt );
2625  x509_free( &ca );
2626  x509_crl_free( &crl );
2627 
2628  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2629  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2630  }
2631  FCT_TEST_END();
2632 #endif /* POLARSSL_PEM_C */
2633 #endif /* POLARSSL_FS_IO */
2634 
2635 #ifdef POLARSSL_PEM_C
2636 #ifdef POLARSSL_FS_IO
2637 
2638  FCT_TEST_BGN(x509_certificate_verification_27_domain_not_matching_multi_certificate)
2639  {
2640  x509_cert crt;
2641  x509_cert ca;
2642  x509_crl crl;
2643  int flags = 0;
2644  int res;
2645 
2646  memset( &crt, 0, sizeof( x509_cert ) );
2647  memset( &ca, 0, sizeof( x509_cert ) );
2648  memset( &crl, 0, sizeof( x509_crl ) );
2649 
2650  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2651  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2652  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2653 
2654  res = x509parse_verify( &crt, &ca, &crl, "bexample.net", &flags, NULL, NULL );
2655 
2656  x509_free( &crt );
2657  x509_free( &ca );
2658  x509_crl_free( &crl );
2659 
2660  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2661  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2662  }
2663  FCT_TEST_END();
2664 #endif /* POLARSSL_PEM_C */
2665 #endif /* POLARSSL_FS_IO */
2666 
2667 #ifdef POLARSSL_PEM_C
2668 #ifdef POLARSSL_FS_IO
2669 
2670  FCT_TEST_BGN(x509_certificate_verification_28_domain_not_matching_wildcard_in_multi_certificate)
2671  {
2672  x509_cert crt;
2673  x509_cert ca;
2674  x509_crl crl;
2675  int flags = 0;
2676  int res;
2677 
2678  memset( &crt, 0, sizeof( x509_cert ) );
2679  memset( &ca, 0, sizeof( x509_cert ) );
2680  memset( &crl, 0, sizeof( x509_crl ) );
2681 
2682  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2683  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2684  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2685 
2686  res = x509parse_verify( &crt, &ca, &crl, "example.org", &flags, NULL, NULL );
2687 
2688  x509_free( &crt );
2689  x509_free( &ca );
2690  x509_crl_free( &crl );
2691 
2692  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2693  fct_chk( flags == ( BADCERT_CN_MISMATCH ) );
2694  }
2695  FCT_TEST_END();
2696 #endif /* POLARSSL_PEM_C */
2697 #endif /* POLARSSL_FS_IO */
2698 
2699 #ifdef POLARSSL_PEM_C
2700 #ifdef POLARSSL_FS_IO
2701 
2702  FCT_TEST_BGN(x509_certificate_verification_29_domain_matching_wildcard_in_multi_certificate)
2703  {
2704  x509_cert crt;
2705  x509_cert ca;
2706  x509_crl crl;
2707  int flags = 0;
2708  int res;
2709 
2710  memset( &crt, 0, sizeof( x509_cert ) );
2711  memset( &ca, 0, sizeof( x509_cert ) );
2712  memset( &crl, 0, sizeof( x509_crl ) );
2713 
2714  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi.crt" ) == 0 );
2715  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2716  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2717 
2718  res = x509parse_verify( &crt, &ca, &crl, "mail.example.org", &flags, NULL, NULL );
2719 
2720  x509_free( &crt );
2721  x509_free( &ca );
2722  x509_crl_free( &crl );
2723 
2724  fct_chk( res == ( 0 ) );
2725  fct_chk( flags == ( 0 ) );
2726  }
2727  FCT_TEST_END();
2728 #endif /* POLARSSL_PEM_C */
2729 #endif /* POLARSSL_FS_IO */
2730 
2731 #ifdef POLARSSL_PEM_C
2732 #ifdef POLARSSL_FS_IO
2733 
2734  FCT_TEST_BGN(x509_certificate_verification_30_domain_matching_multi_certificate_without_cn)
2735  {
2736  x509_cert crt;
2737  x509_cert ca;
2738  x509_crl crl;
2739  int flags = 0;
2740  int res;
2741 
2742  memset( &crt, 0, sizeof( x509_cert ) );
2743  memset( &ca, 0, sizeof( x509_cert ) );
2744  memset( &crl, 0, sizeof( x509_crl ) );
2745 
2746  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi_nocn.crt" ) == 0 );
2747  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2748  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2749 
2750  res = x509parse_verify( &crt, &ca, &crl, "www.shotokan-braunschweig.de", &flags, NULL, NULL );
2751 
2752  x509_free( &crt );
2753  x509_free( &ca );
2754  x509_crl_free( &crl );
2755 
2756  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2757  fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
2758  }
2759  FCT_TEST_END();
2760 #endif /* POLARSSL_PEM_C */
2761 #endif /* POLARSSL_FS_IO */
2762 
2763 #ifdef POLARSSL_PEM_C
2764 #ifdef POLARSSL_FS_IO
2765 
2766  FCT_TEST_BGN(x509_certificate_verification_31_domain_not_matching_multi_certificate_without_cn)
2767  {
2768  x509_cert crt;
2769  x509_cert ca;
2770  x509_crl crl;
2771  int flags = 0;
2772  int res;
2773 
2774  memset( &crt, 0, sizeof( x509_cert ) );
2775  memset( &ca, 0, sizeof( x509_cert ) );
2776  memset( &crl, 0, sizeof( x509_crl ) );
2777 
2778  fct_chk( x509parse_crtfile( &crt, "data_files/cert_example_multi_nocn.crt" ) == 0 );
2779  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
2780  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
2781 
2782  res = x509parse_verify( &crt, &ca, &crl, "www.example.net", &flags, NULL, NULL );
2783 
2784  x509_free( &crt );
2785  x509_free( &ca );
2786  x509_crl_free( &crl );
2787 
2788  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
2789  fct_chk( flags == ( BADCERT_CN_MISMATCH + BADCERT_NOT_TRUSTED ) );
2790  }
2791  FCT_TEST_END();
2792 #endif /* POLARSSL_PEM_C */
2793 #endif /* POLARSSL_FS_IO */
2794 
2795 #ifdef POLARSSL_MD5_C
2796 #ifdef POLARSSL_PEM_C
2797 #ifdef POLARSSL_SELF_TEST
2798 
2799  FCT_TEST_BGN(x509_parse_selftest)
2800  {
2801  fct_chk( x509_self_test( 0 ) == 0 );
2802  }
2803  FCT_TEST_END();
2804 #endif /* POLARSSL_MD5_C */
2805 #endif /* POLARSSL_PEM_C */
2806 #endif /* POLARSSL_SELF_TEST */
2807 
2808 
2809  FCT_TEST_BGN(x509_certificate_asn1_incorrect_first_tag)
2810  {
2811  x509_cert crt;
2812  unsigned char buf[2000];
2813  unsigned char output[2000];
2814  int data_len, res;
2815 
2816  memset( &crt, 0, sizeof( x509_cert ) );
2817  memset( buf, 0, 2000 );
2818  memset( output, 0, 2000 );
2819 
2820  data_len = unhexify( buf, "" );
2821 
2822  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) );
2824  {
2825  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2826 
2827  fct_chk( res != -1 );
2828  fct_chk( res != -2 );
2829 
2830  fct_chk( strcmp( (char *) output, "" ) == 0 );
2831  }
2832 
2833  x509_free( &crt );
2834  }
2835  FCT_TEST_END();
2836 
2837 
2838  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_data_length_does_not_match)
2839  {
2840  x509_cert crt;
2841  unsigned char buf[2000];
2842  unsigned char output[2000];
2843  int data_len, res;
2844 
2845  memset( &crt, 0, sizeof( x509_cert ) );
2846  memset( buf, 0, 2000 );
2847  memset( output, 0, 2000 );
2848 
2849  data_len = unhexify( buf, "300000" );
2850 
2853  {
2854  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2855 
2856  fct_chk( res != -1 );
2857  fct_chk( res != -2 );
2858 
2859  fct_chk( strcmp( (char *) output, "" ) == 0 );
2860  }
2861 
2862  x509_free( &crt );
2863  }
2864  FCT_TEST_END();
2865 
2866 
2867  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_no_more_data)
2868  {
2869  x509_cert crt;
2870  unsigned char buf[2000];
2871  unsigned char output[2000];
2872  int data_len, res;
2873 
2874  memset( &crt, 0, sizeof( x509_cert ) );
2875  memset( buf, 0, 2000 );
2876  memset( output, 0, 2000 );
2877 
2878  data_len = unhexify( buf, "3000" );
2879 
2880  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2882  {
2883  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2884 
2885  fct_chk( res != -1 );
2886  fct_chk( res != -2 );
2887 
2888  fct_chk( strcmp( (char *) output, "" ) == 0 );
2889  }
2890 
2891  x509_free( &crt );
2892  }
2893  FCT_TEST_END();
2894 
2895 
2896  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incorrect)
2897  {
2898  x509_cert crt;
2899  unsigned char buf[2000];
2900  unsigned char output[2000];
2901  int data_len, res;
2902 
2903  memset( &crt, 0, sizeof( x509_cert ) );
2904  memset( buf, 0, 2000 );
2905  memset( output, 0, 2000 );
2906 
2907  data_len = unhexify( buf, "30023085" );
2908 
2911  {
2912  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2913 
2914  fct_chk( res != -1 );
2915  fct_chk( res != -2 );
2916 
2917  fct_chk( strcmp( (char *) output, "" ) == 0 );
2918  }
2919 
2920  x509_free( &crt );
2921  }
2922  FCT_TEST_END();
2923 
2924 
2925  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
2926  {
2927  x509_cert crt;
2928  unsigned char buf[2000];
2929  unsigned char output[2000];
2930  int data_len, res;
2931 
2932  memset( &crt, 0, sizeof( x509_cert ) );
2933  memset( buf, 0, 2000 );
2934  memset( output, 0, 2000 );
2935 
2936  data_len = unhexify( buf, "30023083" );
2937 
2938  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2940  {
2941  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2942 
2943  fct_chk( res != -1 );
2944  fct_chk( res != -2 );
2945 
2946  fct_chk( strcmp( (char *) output, "" ) == 0 );
2947  }
2948 
2949  x509_free( &crt );
2950  }
2951  FCT_TEST_END();
2952 
2953 
2954  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
2955  {
2956  x509_cert crt;
2957  unsigned char buf[2000];
2958  unsigned char output[2000];
2959  int data_len, res;
2960 
2961  memset( &crt, 0, sizeof( x509_cert ) );
2962  memset( buf, 0, 2000 );
2963  memset( output, 0, 2000 );
2964 
2965  data_len = unhexify( buf, "30023081" );
2966 
2967  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2969  {
2970  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2971 
2972  fct_chk( res != -1 );
2973  fct_chk( res != -2 );
2974 
2975  fct_chk( strcmp( (char *) output, "" ) == 0 );
2976  }
2977 
2978  x509_free( &crt );
2979  }
2980  FCT_TEST_END();
2981 
2982 
2983  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
2984  {
2985  x509_cert crt;
2986  unsigned char buf[2000];
2987  unsigned char output[2000];
2988  int data_len, res;
2989 
2990  memset( &crt, 0, sizeof( x509_cert ) );
2991  memset( buf, 0, 2000 );
2992  memset( output, 0, 2000 );
2993 
2994  data_len = unhexify( buf, "3003308200" );
2995 
2996  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2998  {
2999  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3000 
3001  fct_chk( res != -1 );
3002  fct_chk( res != -2 );
3003 
3004  fct_chk( strcmp( (char *) output, "" ) == 0 );
3005  }
3006 
3007  x509_free( &crt );
3008  }
3009  FCT_TEST_END();
3010 
3011 
3012  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_second_tag_no_tbscertificate)
3013  {
3014  x509_cert crt;
3015  unsigned char buf[2000];
3016  unsigned char output[2000];
3017  int data_len, res;
3018 
3019  memset( &crt, 0, sizeof( x509_cert ) );
3020  memset( buf, 0, 2000 );
3021  memset( output, 0, 2000 );
3022 
3023  data_len = unhexify( buf, "300100" );
3024 
3027  {
3028  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3029 
3030  fct_chk( res != -1 );
3031  fct_chk( res != -2 );
3032 
3033  fct_chk( strcmp( (char *) output, "" ) == 0 );
3034  }
3035 
3036  x509_free( &crt );
3037  }
3038  FCT_TEST_END();
3039 
3040 
3041  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_no_version_tag_serial_missing)
3042  {
3043  x509_cert crt;
3044  unsigned char buf[2000];
3045  unsigned char output[2000];
3046  int data_len, res;
3047 
3048  memset( &crt, 0, sizeof( x509_cert ) );
3049  memset( buf, 0, 2000 );
3050  memset( output, 0, 2000 );
3051 
3052  data_len = unhexify( buf, "3003300100" );
3053 
3056  {
3057  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3058 
3059  fct_chk( res != -1 );
3060  fct_chk( res != -2 );
3061 
3062  fct_chk( strcmp( (char *) output, "" ) == 0 );
3063  }
3064 
3065  x509_free( &crt );
3066  }
3067  FCT_TEST_END();
3068 
3069 
3070  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_version_tag)
3071  {
3072  x509_cert crt;
3073  unsigned char buf[2000];
3074  unsigned char output[2000];
3075  int data_len, res;
3076 
3077  memset( &crt, 0, sizeof( x509_cert ) );
3078  memset( buf, 0, 2000 );
3079  memset( output, 0, 2000 );
3080 
3081  data_len = unhexify( buf, "30053003a00101" );
3082 
3085  {
3086  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3087 
3088  fct_chk( res != -1 );
3089  fct_chk( res != -2 );
3090 
3091  fct_chk( strcmp( (char *) output, "" ) == 0 );
3092  }
3093 
3094  x509_free( &crt );
3095  }
3096  FCT_TEST_END();
3097 
3098 
3099  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_length)
3100  {
3101  x509_cert crt;
3102  unsigned char buf[2000];
3103  unsigned char output[2000];
3104  int data_len, res;
3105 
3106  memset( &crt, 0, sizeof( x509_cert ) );
3107  memset( buf, 0, 2000 );
3108  memset( output, 0, 2000 );
3109 
3110  data_len = unhexify( buf, "30053003a00102" );
3111 
3112  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3114  {
3115  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3116 
3117  fct_chk( res != -1 );
3118  fct_chk( res != -2 );
3119 
3120  fct_chk( strcmp( (char *) output, "" ) == 0 );
3121  }
3122 
3123  x509_free( &crt );
3124  }
3125  FCT_TEST_END();
3126 
3127 
3128  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_invalid_length)
3129  {
3130  x509_cert crt;
3131  unsigned char buf[2000];
3132  unsigned char output[2000];
3133  int data_len, res;
3134 
3135  memset( &crt, 0, sizeof( x509_cert ) );
3136  memset( buf, 0, 2000 );
3137  memset( output, 0, 2000 );
3138 
3139  data_len = unhexify( buf, "30163014a012021000000000000000000000000000000000" );
3140 
3143  {
3144  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3145 
3146  fct_chk( res != -1 );
3147  fct_chk( res != -2 );
3148 
3149  fct_chk( strcmp( (char *) output, "" ) == 0 );
3150  }
3151 
3152  x509_free( &crt );
3153  }
3154  FCT_TEST_END();
3155 
3156 
3157  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_serial)
3158  {
3159  x509_cert crt;
3160  unsigned char buf[2000];
3161  unsigned char output[2000];
3162  int data_len, res;
3163 
3164  memset( &crt, 0, sizeof( x509_cert ) );
3165  memset( buf, 0, 2000 );
3166  memset( output, 0, 2000 );
3167 
3168  data_len = unhexify( buf, "30073005a003020104" );
3169 
3170  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3172  {
3173  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3174 
3175  fct_chk( res != -1 );
3176  fct_chk( res != -2 );
3177 
3178  fct_chk( strcmp( (char *) output, "" ) == 0 );
3179  }
3180 
3181  x509_free( &crt );
3182  }
3183  FCT_TEST_END();
3184 
3185 
3186  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_length_version_tag)
3187  {
3188  x509_cert crt;
3189  unsigned char buf[2000];
3190  unsigned char output[2000];
3191  int data_len, res;
3192 
3193  memset( &crt, 0, sizeof( x509_cert ) );
3194  memset( buf, 0, 2000 );
3195  memset( output, 0, 2000 );
3196 
3197  data_len = unhexify( buf, "30083006a00402010400" );
3198 
3201  {
3202  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3203 
3204  fct_chk( res != -1 );
3205  fct_chk( res != -2 );
3206 
3207  fct_chk( strcmp( (char *) output, "" ) == 0 );
3208  }
3209 
3210  x509_free( &crt );
3211  }
3212  FCT_TEST_END();
3213 
3214 
3215  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_tag)
3216  {
3217  x509_cert crt;
3218  unsigned char buf[2000];
3219  unsigned char output[2000];
3220  int data_len, res;
3221 
3222  memset( &crt, 0, sizeof( x509_cert ) );
3223  memset( buf, 0, 2000 );
3224  memset( output, 0, 2000 );
3225 
3226  data_len = unhexify( buf, "30083006a00302010400" );
3227 
3230  {
3231  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3232 
3233  fct_chk( res != -1 );
3234  fct_chk( res != -2 );
3235 
3236  fct_chk( strcmp( (char *) output, "" ) == 0 );
3237  }
3238 
3239  x509_free( &crt );
3240  }
3241  FCT_TEST_END();
3242 
3243 
3244  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_length)
3245  {
3246  x509_cert crt;
3247  unsigned char buf[2000];
3248  unsigned char output[2000];
3249  int data_len, res;
3250 
3251  memset( &crt, 0, sizeof( x509_cert ) );
3252  memset( buf, 0, 2000 );
3253  memset( output, 0, 2000 );
3254 
3255  data_len = unhexify( buf, "30083006a00302010482" );
3256 
3257  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3259  {
3260  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3261 
3262  fct_chk( res != -1 );
3263  fct_chk( res != -2 );
3264 
3265  fct_chk( strcmp( (char *) output, "" ) == 0 );
3266  }
3267 
3268  x509_free( &crt );
3269  }
3270  FCT_TEST_END();
3271 
3272 
3273  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg)
3274  {
3275  x509_cert crt;
3276  unsigned char buf[2000];
3277  unsigned char output[2000];
3278  int data_len, res;
3279 
3280  memset( &crt, 0, sizeof( x509_cert ) );
3281  memset( buf, 0, 2000 );
3282  memset( output, 0, 2000 );
3283 
3284  data_len = unhexify( buf, "300d300ba0030201048204deadbeef" );
3285 
3286  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3288  {
3289  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3290 
3291  fct_chk( res != -1 );
3292  fct_chk( res != -2 );
3293 
3294  fct_chk( strcmp( (char *) output, "" ) == 0 );
3295  }
3296 
3297  x509_free( &crt );
3298  }
3299  FCT_TEST_END();
3300 
3301 
3302  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg_oid)
3303  {
3304  x509_cert crt;
3305  unsigned char buf[2000];
3306  unsigned char output[2000];
3307  int data_len, res;
3308 
3309  memset( &crt, 0, sizeof( x509_cert ) );
3310  memset( buf, 0, 2000 );
3311  memset( output, 0, 2000 );
3312 
3313  data_len = unhexify( buf, "300e300ca0030201048204deadbeef00" );
3314 
3315  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
3317  {
3318  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3319 
3320  fct_chk( res != -1 );
3321  fct_chk( res != -2 );
3322 
3323  fct_chk( strcmp( (char *) output, "" ) == 0 );
3324  }
3325 
3326  x509_free( &crt );
3327  }
3328  FCT_TEST_END();
3329 
3330 
3331  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_oid_no_data_in_sequence)
3332  {
3333  x509_cert crt;
3334  unsigned char buf[2000];
3335  unsigned char output[2000];
3336  int data_len, res;
3337 
3338  memset( &crt, 0, sizeof( x509_cert ) );
3339  memset( buf, 0, 2000 );
3340  memset( output, 0, 2000 );
3341 
3342  data_len = unhexify( buf, "300f300da0030201048204deadbeef3000" );
3343 
3344  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3346  {
3347  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3348 
3349  fct_chk( res != -1 );
3350  fct_chk( res != -2 );
3351 
3352  fct_chk( strcmp( (char *) output, "" ) == 0 );
3353  }
3354 
3355  x509_free( &crt );
3356  }
3357  FCT_TEST_END();
3358 
3359 
3360  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_with_params)
3361  {
3362  x509_cert crt;
3363  unsigned char buf[2000];
3364  unsigned char output[2000];
3365  int data_len, res;
3366 
3367  memset( &crt, 0, sizeof( x509_cert ) );
3368  memset( buf, 0, 2000 );
3369  memset( output, 0, 2000 );
3370 
3371  data_len = unhexify( buf, "30163014a0030201048204deadbeef30070604cafed00d01" );
3372 
3373  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
3375  {
3376  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3377 
3378  fct_chk( res != -1 );
3379  fct_chk( res != -2 );
3380 
3381  fct_chk( strcmp( (char *) output, "" ) == 0 );
3382  }
3383 
3384  x509_free( &crt );
3385  }
3386  FCT_TEST_END();
3387 
3388 
3389  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_no_params_unknown_version)
3390  {
3391  x509_cert crt;
3392  unsigned char buf[2000];
3393  unsigned char output[2000];
3394  int data_len, res;
3395 
3396  memset( &crt, 0, sizeof( x509_cert ) );
3397  memset( buf, 0, 2000 );
3398  memset( output, 0, 2000 );
3399 
3400  data_len = unhexify( buf, "30153013a0030201048204deadbeef30060604cafed00d" );
3401 
3402  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
3404  {
3405  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3406 
3407  fct_chk( res != -1 );
3408  fct_chk( res != -2 );
3409 
3410  fct_chk( strcmp( (char *) output, "" ) == 0 );
3411  }
3412 
3413  x509_free( &crt );
3414  }
3415  FCT_TEST_END();
3416 
3417 
3418  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_unknown_version)
3419  {
3420  x509_cert crt;
3421  unsigned char buf[2000];
3422  unsigned char output[2000];
3423  int data_len, res;
3424 
3425  memset( &crt, 0, sizeof( x509_cert ) );
3426  memset( buf, 0, 2000 );
3427  memset( output, 0, 2000 );
3428 
3429  data_len = unhexify( buf, "30173015a0030201048204deadbeef30080604cafed00d0500" );
3430 
3431  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
3433  {
3434  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3435 
3436  fct_chk( res != -1 );
3437  fct_chk( res != -2 );
3438 
3439  fct_chk( strcmp( (char *) output, "" ) == 0 );
3440  }
3441 
3442  x509_free( &crt );
3443  }
3444  FCT_TEST_END();
3445 
3446 
3447  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_length_mismatch)
3448  {
3449  x509_cert crt;
3450  unsigned char buf[2000];
3451  unsigned char output[2000];
3452  int data_len, res;
3453 
3454  memset( &crt, 0, sizeof( x509_cert ) );
3455  memset( buf, 0, 2000 );
3456  memset( output, 0, 2000 );
3457 
3458  data_len = unhexify( buf, "30183016a0030201048204deadbeef30090604cafed00d050000" );
3459 
3460  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
3462  {
3463  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3464 
3465  fct_chk( res != -1 );
3466  fct_chk( res != -2 );
3467 
3468  fct_chk( strcmp( (char *) output, "" ) == 0 );
3469  }
3470 
3471  x509_free( &crt );
3472  }
3473  FCT_TEST_END();
3474 
3475 
3476  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_alg_id)
3477  {
3478  x509_cert crt;
3479  unsigned char buf[2000];
3480  unsigned char output[2000];
3481  int data_len, res;
3482 
3483  memset( &crt, 0, sizeof( x509_cert ) );
3484  memset( buf, 0, 2000 );
3485  memset( output, 0, 2000 );
3486 
3487  data_len = unhexify( buf, "30173015a0030201028204deadbeef30080604cafed00d0500" );
3488 
3489  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
3491  {
3492  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3493 
3494  fct_chk( res != -1 );
3495  fct_chk( res != -2 );
3496 
3497  fct_chk( strcmp( (char *) output, "" ) == 0 );
3498  }
3499 
3500  x509_free( &crt );
3501  }
3502  FCT_TEST_END();
3503 
3504 
3505  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_specific_alg_id)
3506  {
3507  x509_cert crt;
3508  unsigned char buf[2000];
3509  unsigned char output[2000];
3510  int data_len, res;
3511 
3512  memset( &crt, 0, sizeof( x509_cert ) );
3513  memset( buf, 0, 2000 );
3514  memset( output, 0, 2000 );
3515 
3516  data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101020500" );
3517 
3518  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3520  {
3521  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3522 
3523  fct_chk( res != -1 );
3524  fct_chk( res != -2 );
3525 
3526  fct_chk( strcmp( (char *) output, "" ) == 0 );
3527  }
3528 
3529  x509_free( &crt );
3530  }
3531  FCT_TEST_END();
3532 
3533 
3534  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_specific_alg_id)
3535  {
3536  x509_cert crt;
3537  unsigned char buf[2000];
3538  unsigned char output[2000];
3539  int data_len, res;
3540 
3541  memset( &crt, 0, sizeof( x509_cert ) );
3542  memset( buf, 0, 2000 );
3543  memset( output, 0, 2000 );
3544 
3545  data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101010500" );
3546 
3547  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
3549  {
3550  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3551 
3552  fct_chk( res != -1 );
3553  fct_chk( res != -2 );
3554 
3555  fct_chk( strcmp( (char *) output, "" ) == 0 );
3556  }
3557 
3558  x509_free( &crt );
3559  }
3560  FCT_TEST_END();
3561 
3562 
3563  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_set_data)
3564  {
3565  x509_cert crt;
3566  unsigned char buf[2000];
3567  unsigned char output[2000];
3568  int data_len, res;
3569 
3570  memset( &crt, 0, sizeof( x509_cert ) );
3571  memset( buf, 0, 2000 );
3572  memset( output, 0, 2000 );
3573 
3574  data_len = unhexify( buf, "301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000" );
3575 
3576  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3578  {
3579  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3580 
3581  fct_chk( res != -1 );
3582  fct_chk( res != -2 );
3583 
3584  fct_chk( strcmp( (char *) output, "" ) == 0 );
3585  }
3586 
3587  x509_free( &crt );
3588  }
3589  FCT_TEST_END();
3590 
3591 
3592  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_seq_data)
3593  {
3594  x509_cert crt;
3595  unsigned char buf[2000];
3596  unsigned char output[2000];
3597  int data_len, res;
3598 
3599  memset( &crt, 0, sizeof( x509_cert ) );
3600  memset( buf, 0, 2000 );
3601  memset( output, 0, 2000 );
3602 
3603  data_len = unhexify( buf, "3020301ea0030201028204deadbeef300d06092a864886f70d010102050030023100" );
3604 
3605  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3607  {
3608  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3609 
3610  fct_chk( res != -1 );
3611  fct_chk( res != -2 );
3612 
3613  fct_chk( strcmp( (char *) output, "" ) == 0 );
3614  }
3615 
3616  x509_free( &crt );
3617  }
3618  FCT_TEST_END();
3619 
3620 
3621  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_set_data)
3622  {
3623  x509_cert crt;
3624  unsigned char buf[2000];
3625  unsigned char output[2000];
3626  int data_len, res;
3627 
3628  memset( &crt, 0, sizeof( x509_cert ) );
3629  memset( buf, 0, 2000 );
3630  memset( output, 0, 2000 );
3631 
3632  data_len = unhexify( buf, "30223020a0030201028204deadbeef300d06092a864886f70d0101020500300431023000" );
3633 
3634  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3636  {
3637  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3638 
3639  fct_chk( res != -1 );
3640  fct_chk( res != -2 );
3641 
3642  fct_chk( strcmp( (char *) output, "" ) == 0 );
3643  }
3644 
3645  x509_free( &crt );
3646  }
3647  FCT_TEST_END();
3648 
3649 
3650  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_two_inner_set_datas)
3651  {
3652  x509_cert crt;
3653  unsigned char buf[2000];
3654  unsigned char output[2000];
3655  int data_len, res;
3656 
3657  memset( &crt, 0, sizeof( x509_cert ) );
3658  memset( buf, 0, 2000 );
3659  memset( output, 0, 2000 );
3660 
3661  data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430003000" );
3662 
3663  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
3665  {
3666  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3667 
3668  fct_chk( res != -1 );
3669  fct_chk( res != -2 );
3670 
3671  fct_chk( strcmp( (char *) output, "" ) == 0 );
3672  }
3673 
3674  x509_free( &crt );
3675  }
3676  FCT_TEST_END();
3677 
3678 
3679  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_oid_data)
3680  {
3681  x509_cert crt;
3682  unsigned char buf[2000];
3683  unsigned char output[2000];
3684  int data_len, res;
3685 
3686  memset( &crt, 0, sizeof( x509_cert ) );
3687  memset( buf, 0, 2000 );
3688  memset( output, 0, 2000 );
3689 
3690  data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430020600" );
3691 
3692  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3694  {
3695  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3696 
3697  fct_chk( res != -1 );
3698  fct_chk( res != -2 );
3699 
3700  fct_chk( strcmp( (char *) output, "" ) == 0 );
3701  }
3702 
3703  x509_free( &crt );
3704  }
3705  FCT_TEST_END();
3706 
3707 
3708  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_invalid_tag)
3709  {
3710  x509_cert crt;
3711  unsigned char buf[2000];
3712  unsigned char output[2000];
3713  int data_len, res;
3714 
3715  memset( &crt, 0, sizeof( x509_cert ) );
3716  memset( buf, 0, 2000 );
3717  memset( output, 0, 2000 );
3718 
3719  data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600060454657374" );
3720 
3721  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
3723  {
3724  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3725 
3726  fct_chk( res != -1 );
3727  fct_chk( res != -2 );
3728 
3729  fct_chk( strcmp( (char *) output, "" ) == 0 );
3730  }
3731 
3732  x509_free( &crt );
3733  }
3734  FCT_TEST_END();
3735 
3736 
3737  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_string_data)
3738  {
3739  x509_cert crt;
3740  unsigned char buf[2000];
3741  unsigned char output[2000];
3742  int data_len, res;
3743 
3744  memset( &crt, 0, sizeof( x509_cert ) );
3745  memset( buf, 0, 2000 );
3746  memset( output, 0, 2000 );
3747 
3748  data_len = unhexify( buf, "30253023a0030201028204deadbeef300d06092a864886f70d0101020500300731053003060013" );
3749 
3750  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3752  {
3753  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3754 
3755  fct_chk( res != -1 );
3756  fct_chk( res != -2 );
3757 
3758  fct_chk( strcmp( (char *) output, "" ) == 0 );
3759  }
3760 
3761  x509_free( &crt );
3762  }
3763  FCT_TEST_END();
3764 
3765 
3766  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_full_following_string)
3767  {
3768  x509_cert crt;
3769  unsigned char buf[2000];
3770  unsigned char output[2000];
3771  int data_len, res;
3772 
3773  memset( &crt, 0, sizeof( x509_cert ) );
3774  memset( buf, 0, 2000 );
3775  memset( output, 0, 2000 );
3776 
3777  data_len = unhexify( buf, "302b3029a0030201028204deadbeef300d06092a864886f70d0101020500300d310b3009060013045465737400" );
3778 
3779  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
3781  {
3782  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3783 
3784  fct_chk( res != -1 );
3785  fct_chk( res != -2 );
3786 
3787  fct_chk( strcmp( (char *) output, "" ) == 0 );
3788  }
3789 
3790  x509_free( &crt );
3791  }
3792  FCT_TEST_END();
3793 
3794 
3795  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_issuer_no_validity)
3796  {
3797  x509_cert crt;
3798  unsigned char buf[2000];
3799  unsigned char output[2000];
3800  int data_len, res;
3801 
3802  memset( &crt, 0, sizeof( x509_cert ) );
3803  memset( buf, 0, 2000 );
3804  memset( output, 0, 2000 );
3805 
3806  data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374" );
3807 
3808  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3810  {
3811  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3812 
3813  fct_chk( res != -1 );
3814  fct_chk( res != -2 );
3815 
3816  fct_chk( strcmp( (char *) output, "" ) == 0 );
3817  }
3818 
3819  x509_free( &crt );
3820  }
3821  FCT_TEST_END();
3822 
3823 
3824  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_too_much_date_data)
3825  {
3826  x509_cert crt;
3827  unsigned char buf[2000];
3828  unsigned char output[2000];
3829  int data_len, res;
3830 
3831  memset( &crt, 0, sizeof( x509_cert ) );
3832  memset( buf, 0, 2000 );
3833  memset( output, 0, 2000 );
3834 
3835  data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301d170c303930313031303030303030170c30393132333132333539353900" );
3836 
3837  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
3839  {
3840  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3841 
3842  fct_chk( res != -1 );
3843  fct_chk( res != -2 );
3844 
3845  fct_chk( strcmp( (char *) output, "" ) == 0 );
3846  }
3847 
3848  x509_free( &crt );
3849  }
3850  FCT_TEST_END();
3851 
3852 
3853  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_from_date)
3854  {
3855  x509_cert crt;
3856  unsigned char buf[2000];
3857  unsigned char output[2000];
3858  int data_len, res;
3859 
3860  memset( &crt, 0, sizeof( x509_cert ) );
3861  memset( buf, 0, 2000 );
3862  memset( output, 0, 2000 );
3863 
3864  data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323300000000" );
3865 
3866  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) );
3868  {
3869  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3870 
3871  fct_chk( res != -1 );
3872  fct_chk( res != -2 );
3873 
3874  fct_chk( strcmp( (char *) output, "" ) == 0 );
3875  }
3876 
3877  x509_free( &crt );
3878  }
3879  FCT_TEST_END();
3880 
3881 
3882  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_to_date)
3883  {
3884  x509_cert crt;
3885  unsigned char buf[2000];
3886  unsigned char output[2000];
3887  int data_len, res;
3888 
3889  memset( &crt, 0, sizeof( x509_cert ) );
3890  memset( buf, 0, 2000 );
3891  memset( output, 0, 2000 );
3892 
3893  data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323300000000" );
3894 
3895  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) );
3897  {
3898  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3899 
3900  fct_chk( res != -1 );
3901  fct_chk( res != -2 );
3902 
3903  fct_chk( strcmp( (char *) output, "" ) == 0 );
3904  }
3905 
3906  x509_free( &crt );
3907  }
3908  FCT_TEST_END();
3909 
3910 
3911  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_validity_no_subject)
3912  {
3913  x509_cert crt;
3914  unsigned char buf[2000];
3915  unsigned char output[2000];
3916  int data_len, res;
3917 
3918  memset( &crt, 0, sizeof( x509_cert ) );
3919  memset( buf, 0, 2000 );
3920  memset( output, 0, 2000 );
3921 
3922  data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930" );
3923 
3924  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3926  {
3927  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3928 
3929  fct_chk( res != -1 );
3930  fct_chk( res != -2 );
3931 
3932  fct_chk( strcmp( (char *) output, "" ) == 0 );
3933  }
3934 
3935  x509_free( &crt );
3936  }
3937  FCT_TEST_END();
3938 
3939 
3940  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_no_pubkeyinfo)
3941  {
3942  x509_cert crt;
3943  unsigned char buf[2000];
3944  unsigned char output[2000];
3945  int data_len, res;
3946 
3947  memset( &crt, 0, sizeof( x509_cert ) );
3948  memset( buf, 0, 2000 );
3949  memset( output, 0, 2000 );
3950 
3951  data_len = unhexify( buf, "30563054a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374" );
3952 
3953  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3955  {
3956  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3957 
3958  fct_chk( res != -1 );
3959  fct_chk( res != -2 );
3960 
3961  fct_chk( strcmp( (char *) output, "" ) == 0 );
3962  }
3963 
3964  x509_free( &crt );
3965  }
3966  FCT_TEST_END();
3967 
3968 
3969  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_alg)
3970  {
3971  x509_cert crt;
3972  unsigned char buf[2000];
3973  unsigned char output[2000];
3974  int data_len, res;
3975 
3976  memset( &crt, 0, sizeof( x509_cert ) );
3977  memset( buf, 0, 2000 );
3978  memset( output, 0, 2000 );
3979 
3980  data_len = unhexify( buf, "30583056a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000" );
3981 
3982  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3984  {
3985  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3986 
3987  fct_chk( res != -1 );
3988  fct_chk( res != -2 );
3989 
3990  fct_chk( strcmp( (char *) output, "" ) == 0 );
3991  }
3992 
3993  x509_free( &crt );
3994  }
3995  FCT_TEST_END();
3996 
3997 
3998  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_unknown_pk_alg)
3999  {
4000  x509_cert crt;
4001  unsigned char buf[2000];
4002  unsigned char output[2000];
4003  int data_len, res;
4004 
4005  memset( &crt, 0, sizeof( x509_cert ) );
4006  memset( buf, 0, 2000 );
4007  memset( output, 0, 2000 );
4008 
4009  data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101000500" );
4010 
4011  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) );
4012  if( ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) == 0 )
4013  {
4014  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4015 
4016  fct_chk( res != -1 );
4017  fct_chk( res != -2 );
4018 
4019  fct_chk( strcmp( (char *) output, "" ) == 0 );
4020  }
4021 
4022  x509_free( &crt );
4023  }
4024  FCT_TEST_END();
4025 
4026 
4027  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring)
4028  {
4029  x509_cert crt;
4030  unsigned char buf[2000];
4031  unsigned char output[2000];
4032  int data_len, res;
4033 
4034  memset( &crt, 0, sizeof( x509_cert ) );
4035  memset( buf, 0, 2000 );
4036  memset( output, 0, 2000 );
4037 
4038  data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500" );
4039 
4040  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4042  {
4043  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4044 
4045  fct_chk( res != -1 );
4046  fct_chk( res != -2 );
4047 
4048  fct_chk( strcmp( (char *) output, "" ) == 0 );
4049  }
4050 
4051  x509_free( &crt );
4052  }
4053  FCT_TEST_END();
4054 
4055 
4056  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring_data)
4057  {
4058  x509_cert crt;
4059  unsigned char buf[2000];
4060  unsigned char output[2000];
4061  int data_len, res;
4062 
4063  memset( &crt, 0, sizeof( x509_cert ) );
4064  memset( buf, 0, 2000 );
4065  memset( output, 0, 2000 );
4066 
4067  data_len = unhexify( buf, "30693067a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300" );
4068 
4069  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4071  {
4072  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4073 
4074  fct_chk( res != -1 );
4075  fct_chk( res != -2 );
4076 
4077  fct_chk( strcmp( (char *) output, "" ) == 0 );
4078  }
4079 
4080  x509_free( &crt );
4081  }
4082  FCT_TEST_END();
4083 
4084 
4085  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_bitstring_start)
4086  {
4087  x509_cert crt;
4088  unsigned char buf[2000];
4089  unsigned char output[2000];
4090  int data_len, res;
4091 
4092  memset( &crt, 0, sizeof( x509_cert ) );
4093  memset( buf, 0, 2000 );
4094  memset( output, 0, 2000 );
4095 
4096  data_len = unhexify( buf, "306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101" );
4097 
4098  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ) );
4100  {
4101  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4102 
4103  fct_chk( res != -1 );
4104  fct_chk( res != -2 );
4105 
4106  fct_chk( strcmp( (char *) output, "" ) == 0 );
4107  }
4108 
4109  x509_free( &crt );
4110  }
4111  FCT_TEST_END();
4112 
4113 
4114  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_length)
4115  {
4116  x509_cert crt;
4117  unsigned char buf[2000];
4118  unsigned char output[2000];
4119  int data_len, res;
4120 
4121  memset( &crt, 0, sizeof( x509_cert ) );
4122  memset( buf, 0, 2000 );
4123  memset( output, 0, 2000 );
4124 
4125  data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000" );
4126 
4129  {
4130  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4131 
4132  fct_chk( res != -1 );
4133  fct_chk( res != -2 );
4134 
4135  fct_chk( strcmp( (char *) output, "" ) == 0 );
4136  }
4137 
4138  x509_free( &crt );
4139  }
4140  FCT_TEST_END();
4141 
4142 
4143  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_tag)
4144  {
4145  x509_cert crt;
4146  unsigned char buf[2000];
4147  unsigned char output[2000];
4148  int data_len, res;
4149 
4150  memset( &crt, 0, sizeof( x509_cert ) );
4151  memset( buf, 0, 2000 );
4152  memset( output, 0, 2000 );
4153 
4154  data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000" );
4155 
4158  {
4159  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4160 
4161  fct_chk( res != -1 );
4162  fct_chk( res != -2 );
4163 
4164  fct_chk( strcmp( (char *) output, "" ) == 0 );
4165  }
4166 
4167  x509_free( &crt );
4168  }
4169  FCT_TEST_END();
4170 
4171 
4172  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_mpi)
4173  {
4174  x509_cert crt;
4175  unsigned char buf[2000];
4176  unsigned char output[2000];
4177  int data_len, res;
4178 
4179  memset( &crt, 0, sizeof( x509_cert ) );
4180  memset( buf, 0, 2000 );
4181  memset( output, 0, 2000 );
4182 
4183  data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff" );
4184 
4187  {
4188  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4189 
4190  fct_chk( res != -1 );
4191  fct_chk( res != -2 );
4192 
4193  fct_chk( strcmp( (char *) output, "" ) == 0 );
4194  }
4195 
4196  x509_free( &crt );
4197  }
4198  FCT_TEST_END();
4199 
4200 
4201  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_total_length_mismatch)
4202  {
4203  x509_cert crt;
4204  unsigned char buf[2000];
4205  unsigned char output[2000];
4206  int data_len, res;
4207 
4208  memset( &crt, 0, sizeof( x509_cert ) );
4209  memset( buf, 0, 2000 );
4210  memset( output, 0, 2000 );
4211 
4212  data_len = unhexify( buf, "30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00" );
4213 
4216  {
4217  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4218 
4219  fct_chk( res != -1 );
4220  fct_chk( res != -2 );
4221 
4222  fct_chk( strcmp( (char *) output, "" ) == 0 );
4223  }
4224 
4225  x509_free( &crt );
4226  }
4227  FCT_TEST_END();
4228 
4229 
4230  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed)
4231  {
4232  x509_cert crt;
4233  unsigned char buf[2000];
4234  unsigned char output[2000];
4235  int data_len, res;
4236 
4237  memset( &crt, 0, sizeof( x509_cert ) );
4238  memset( buf, 0, 2000 );
4239  memset( output, 0, 2000 );
4240 
4241  data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff" );
4242 
4243  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
4244  if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
4245  {
4246  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4247 
4248  fct_chk( res != -1 );
4249  fct_chk( res != -2 );
4250 
4251  fct_chk( strcmp( (char *) output, "" ) == 0 );
4252  }
4253 
4254  x509_free( &crt );
4255  }
4256  FCT_TEST_END();
4257 
4258 
4259  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed_expanded_length_notation)
4260  {
4261  x509_cert crt;
4262  unsigned char buf[2000];
4263  unsigned char output[2000];
4264  int data_len, res;
4265 
4266  memset( &crt, 0, sizeof( x509_cert ) );
4267  memset( buf, 0, 2000 );
4268  memset( output, 0, 2000 );
4269 
4270  data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff" );
4271 
4272  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
4273  if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
4274  {
4275  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4276 
4277  fct_chk( res != -1 );
4278  fct_chk( res != -2 );
4279 
4280  fct_chk( strcmp( (char *) output, "" ) == 0 );
4281  }
4282 
4283  x509_free( &crt );
4284  }
4285  FCT_TEST_END();
4286 
4287 
4288  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_optional_uids_extensions_not_present)
4289  {
4290  x509_cert crt;
4291  unsigned char buf[2000];
4292  unsigned char output[2000];
4293  int data_len, res;
4294 
4295  memset( &crt, 0, sizeof( x509_cert ) );
4296  memset( buf, 0, 2000 );
4297  memset( output, 0, 2000 );
4298 
4299  data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" );
4300 
4301  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4303  {
4304  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4305 
4306  fct_chk( res != -1 );
4307  fct_chk( res != -2 );
4308 
4309  fct_chk( strcmp( (char *) output, "" ) == 0 );
4310  }
4311 
4312  x509_free( &crt );
4313  }
4314  FCT_TEST_END();
4315 
4316 
4317  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_issuerid_wrong_tag)
4318  {
4319  x509_cert crt;
4320  unsigned char buf[2000];
4321  unsigned char output[2000];
4322  int data_len, res;
4323 
4324  memset( &crt, 0, sizeof( x509_cert ) );
4325  memset( buf, 0, 2000 );
4326  memset( output, 0, 2000 );
4327 
4328  data_len = unhexify( buf, "308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00" );
4329 
4332  {
4333  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4334 
4335  fct_chk( res != -1 );
4336  fct_chk( res != -2 );
4337 
4338  fct_chk( strcmp( (char *) output, "" ) == 0 );
4339  }
4340 
4341  x509_free( &crt );
4342  }
4343  FCT_TEST_END();
4344 
4345 
4346  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_no_ext)
4347  {
4348  x509_cert crt;
4349  unsigned char buf[2000];
4350  unsigned char output[2000];
4351  int data_len, res;
4352 
4353  memset( &crt, 0, sizeof( x509_cert ) );
4354  memset( buf, 0, 2000 );
4355  memset( output, 0, 2000 );
4356 
4357  data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb" );
4358 
4359  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4361  {
4362  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4363 
4364  fct_chk( res != -1 );
4365  fct_chk( res != -2 );
4366 
4367  fct_chk( strcmp( (char *) output, "" ) == 0 );
4368  }
4369 
4370  x509_free( &crt );
4371  }
4372  FCT_TEST_END();
4373 
4374 
4375  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_invalid_length)
4376  {
4377  x509_cert crt;
4378  unsigned char buf[2000];
4379  unsigned char output[2000];
4380  int data_len, res;
4381 
4382  memset( &crt, 0, sizeof( x509_cert ) );
4383  memset( buf, 0, 2000 );
4384  memset( output, 0, 2000 );
4385 
4386  data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb" );
4387 
4388  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) );
4389  if( ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 )
4390  {
4391  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4392 
4393  fct_chk( res != -1 );
4394  fct_chk( res != -2 );
4395 
4396  fct_chk( strcmp( (char *) output, "" ) == 0 );
4397  }
4398 
4399  x509_free( &crt );
4400  }
4401  FCT_TEST_END();
4402 
4403 
4404  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_empty)
4405  {
4406  x509_cert crt;
4407  unsigned char buf[2000];
4408  unsigned char output[2000];
4409  int data_len, res;
4410 
4411  memset( &crt, 0, sizeof( x509_cert ) );
4412  memset( buf, 0, 2000 );
4413  memset( output, 0, 2000 );
4414 
4415  data_len = unhexify( buf, "30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300" );
4416 
4419  {
4420  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4421 
4422  fct_chk( res != -1 );
4423  fct_chk( res != -2 );
4424 
4425  fct_chk( strcmp( (char *) output, "" ) == 0 );
4426  }
4427 
4428  x509_free( &crt );
4429  }
4430  FCT_TEST_END();
4431 
4432 
4433  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_length_mismatch)
4434  {
4435  x509_cert crt;
4436  unsigned char buf[2000];
4437  unsigned char output[2000];
4438  int data_len, res;
4439 
4440  memset( &crt, 0, sizeof( x509_cert ) );
4441  memset( buf, 0, 2000 );
4442  memset( output, 0, 2000 );
4443 
4444  data_len = unhexify( buf, "30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000" );
4445 
4448  {
4449  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4450 
4451  fct_chk( res != -1 );
4452  fct_chk( res != -2 );
4453 
4454  fct_chk( strcmp( (char *) output, "" ) == 0 );
4455  }
4456 
4457  x509_free( &crt );
4458  }
4459  FCT_TEST_END();
4460 
4461 
4462  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid)
4463  {
4464  x509_cert crt;
4465  unsigned char buf[2000];
4466  unsigned char output[2000];
4467  int data_len, res;
4468 
4469  memset( &crt, 0, sizeof( x509_cert ) );
4470  memset( buf, 0, 2000 );
4471  memset( output, 0, 2000 );
4472 
4473  data_len = unhexify( buf, "30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000" );
4474 
4477  {
4478  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4479 
4480  fct_chk( res != -1 );
4481  fct_chk( res != -2 );
4482 
4483  fct_chk( strcmp( (char *) output, "" ) == 0 );
4484  }
4485 
4486  x509_free( &crt );
4487  }
4488  FCT_TEST_END();
4489 
4490 
4491  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid_tag)
4492  {
4493  x509_cert crt;
4494  unsigned char buf[2000];
4495  unsigned char output[2000];
4496  int data_len, res;
4497 
4498  memset( &crt, 0, sizeof( x509_cert ) );
4499  memset( buf, 0, 2000 );
4500  memset( output, 0, 2000 );
4501 
4502  data_len = unhexify( buf, "30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000" );
4503 
4506  {
4507  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4508 
4509  fct_chk( res != -1 );
4510  fct_chk( res != -2 );
4511 
4512  fct_chk( strcmp( (char *) output, "" ) == 0 );
4513  }
4514 
4515  x509_free( &crt );
4516  }
4517  FCT_TEST_END();
4518 
4519 
4520  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_bool_len_missing)
4521  {
4522  x509_cert crt;
4523  unsigned char buf[2000];
4524  unsigned char output[2000];
4525  int data_len, res;
4526 
4527  memset( &crt, 0, sizeof( x509_cert ) );
4528  memset( buf, 0, 2000 );
4529  memset( output, 0, 2000 );
4530 
4531  data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100" );
4532 
4535  {
4536  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4537 
4538  fct_chk( res != -1 );
4539  fct_chk( res != -2 );
4540 
4541  fct_chk( strcmp( (char *) output, "" ) == 0 );
4542  }
4543 
4544  x509_free( &crt );
4545  }
4546  FCT_TEST_END();
4547 
4548 
4549  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_data_missing)
4550  {
4551  x509_cert crt;
4552  unsigned char buf[2000];
4553  unsigned char output[2000];
4554  int data_len, res;
4555 
4556  memset( &crt, 0, sizeof( x509_cert ) );
4557  memset( buf, 0, 2000 );
4558  memset( output, 0, 2000 );
4559 
4560  data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100" );
4561 
4564  {
4565  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4566 
4567  fct_chk( res != -1 );
4568  fct_chk( res != -2 );
4569 
4570  fct_chk( strcmp( (char *) output, "" ) == 0 );
4571  }
4572 
4573  x509_free( &crt );
4574  }
4575  FCT_TEST_END();
4576 
4577 
4578  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_octet_present)
4579  {
4580  x509_cert crt;
4581  unsigned char buf[2000];
4582  unsigned char output[2000];
4583  int data_len, res;
4584 
4585  memset( &crt, 0, sizeof( x509_cert ) );
4586  memset( buf, 0, 2000 );
4587  memset( output, 0, 2000 );
4588 
4589  data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100" );
4590 
4593  {
4594  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4595 
4596  fct_chk( res != -1 );
4597  fct_chk( res != -2 );
4598 
4599  fct_chk( strcmp( (char *) output, "" ) == 0 );
4600  }
4601 
4602  x509_free( &crt );
4603  }
4604  FCT_TEST_END();
4605 
4606 
4607  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_data_missing)
4608  {
4609  x509_cert crt;
4610  unsigned char buf[2000];
4611  unsigned char output[2000];
4612  int data_len, res;
4613 
4614  memset( &crt, 0, sizeof( x509_cert ) );
4615  memset( buf, 0, 2000 );
4616  memset( output, 0, 2000 );
4617 
4618  data_len = unhexify( buf, "30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100" );
4619 
4622  {
4623  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4624 
4625  fct_chk( res != -1 );
4626  fct_chk( res != -2 );
4627 
4628  fct_chk( strcmp( (char *) output, "" ) == 0 );
4629  }
4630 
4631  x509_free( &crt );
4632  }
4633  FCT_TEST_END();
4634 
4635 
4636  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_pathlen)
4637  {
4638  x509_cert crt;
4639  unsigned char buf[2000];
4640  unsigned char output[2000];
4641  int data_len, res;
4642 
4643  memset( &crt, 0, sizeof( x509_cert ) );
4644  memset( buf, 0, 2000 );
4645  memset( output, 0, 2000 );
4646 
4647  data_len = unhexify( buf, "30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102" );
4648 
4651  {
4652  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4653 
4654  fct_chk( res != -1 );
4655  fct_chk( res != -2 );
4656 
4657  fct_chk( strcmp( (char *) output, "" ) == 0 );
4658  }
4659 
4660  x509_free( &crt );
4661  }
4662  FCT_TEST_END();
4663 
4664 
4665  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_len_mismatch)
4666  {
4667  x509_cert crt;
4668  unsigned char buf[2000];
4669  unsigned char output[2000];
4670  int data_len, res;
4671 
4672  memset( &crt, 0, sizeof( x509_cert ) );
4673  memset( buf, 0, 2000 );
4674  memset( output, 0, 2000 );
4675 
4676  data_len = unhexify( buf, "3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100" );
4677 
4680  {
4681  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4682 
4683  fct_chk( res != -1 );
4684  fct_chk( res != -2 );
4685 
4686  fct_chk( strcmp( (char *) output, "" ) == 0 );
4687  }
4688 
4689  x509_free( &crt );
4690  }
4691  FCT_TEST_END();
4692 
4693 
4694  FCT_TEST_BGN(x509_certificate_asn1_correct_pubkey_no_sig_alg)
4695  {
4696  x509_cert crt;
4697  unsigned char buf[2000];
4698  unsigned char output[2000];
4699  int data_len, res;
4700 
4701  memset( &crt, 0, sizeof( x509_cert ) );
4702  memset( buf, 0, 2000 );
4703  memset( output, 0, 2000 );
4704 
4705  data_len = unhexify( buf, "308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" );
4706 
4707  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4709  {
4710  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4711 
4712  fct_chk( res != -1 );
4713  fct_chk( res != -2 );
4714 
4715  fct_chk( strcmp( (char *) output, "" ) == 0 );
4716  }
4717 
4718  x509_free( &crt );
4719  }
4720  FCT_TEST_END();
4721 
4722 
4723  FCT_TEST_BGN(x509_certificate_asn1_sig_alg_mismatch)
4724  {
4725  x509_cert crt;
4726  unsigned char buf[2000];
4727  unsigned char output[2000];
4728  int data_len, res;
4729 
4730  memset( &crt, 0, sizeof( x509_cert ) );
4731  memset( buf, 0, 2000 );
4732  memset( output, 0, 2000 );
4733 
4734  data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500" );
4735 
4736  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) );
4738  {
4739  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4740 
4741  fct_chk( res != -1 );
4742  fct_chk( res != -2 );
4743 
4744  fct_chk( strcmp( (char *) output, "" ) == 0 );
4745  }
4746 
4747  x509_free( &crt );
4748  }
4749  FCT_TEST_END();
4750 
4751 
4752  FCT_TEST_BGN(x509_certificate_asn1_sig_alg_no_sig)
4753  {
4754  x509_cert crt;
4755  unsigned char buf[2000];
4756  unsigned char output[2000];
4757  int data_len, res;
4758 
4759  memset( &crt, 0, sizeof( x509_cert ) );
4760  memset( buf, 0, 2000 );
4761  memset( output, 0, 2000 );
4762 
4763  data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500" );
4764 
4767  {
4768  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4769 
4770  fct_chk( res != -1 );
4771  fct_chk( res != -2 );
4772 
4773  fct_chk( strcmp( (char *) output, "" ) == 0 );
4774  }
4775 
4776  x509_free( &crt );
4777  }
4778  FCT_TEST_END();
4779 
4780 
4781  FCT_TEST_BGN(x509_certificate_asn1_signature_invalid_sig_data)
4782  {
4783  x509_cert crt;
4784  unsigned char buf[2000];
4785  unsigned char output[2000];
4786  int data_len, res;
4787 
4788  memset( &crt, 0, sizeof( x509_cert ) );
4789  memset( buf, 0, 2000 );
4790  memset( output, 0, 2000 );
4791 
4792  data_len = unhexify( buf, "308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100" );
4793 
4794  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ) );
4796  {
4797  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4798 
4799  fct_chk( res != -1 );
4800  fct_chk( res != -2 );
4801 
4802  fct_chk( strcmp( (char *) output, "" ) == 0 );
4803  }
4804 
4805  x509_free( &crt );
4806  }
4807  FCT_TEST_END();
4808 
4809 
4810  FCT_TEST_BGN(x509_certificate_asn1_signature_data_left)
4811  {
4812  x509_cert crt;
4813  unsigned char buf[2000];
4814  unsigned char output[2000];
4815  int data_len, res;
4816 
4817  memset( &crt, 0, sizeof( x509_cert ) );
4818  memset( buf, 0, 2000 );
4819  memset( output, 0, 2000 );
4820 
4821  data_len = unhexify( buf, "308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00" );
4822 
4825  {
4826  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4827 
4828  fct_chk( res != -1 );
4829  fct_chk( res != -2 );
4830 
4831  fct_chk( strcmp( (char *) output, "" ) == 0 );
4832  }
4833 
4834  x509_free( &crt );
4835  }
4836  FCT_TEST_END();
4837 
4838 
4839  FCT_TEST_BGN(x509_certificate_asn1_correct)
4840  {
4841  x509_cert crt;
4842  unsigned char buf[2000];
4843  unsigned char output[2000];
4844  int data_len, res;
4845 
4846  memset( &crt, 0, sizeof( x509_cert ) );
4847  memset( buf, 0, 2000 );
4848  memset( output, 0, 2000 );
4849 
4850  data_len = unhexify( buf, "308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
4851 
4852  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
4853  if( ( 0 ) == 0 )
4854  {
4855  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4856 
4857  fct_chk( res != -1 );
4858  fct_chk( res != -2 );
4859 
4860  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ?\?=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
4861  }
4862 
4863  x509_free( &crt );
4864  }
4865  FCT_TEST_END();
4866 
4867 
4868  FCT_TEST_BGN(x509_certificate_asn1_generalizedtime_instead_of_utctime)
4869  {
4870  x509_cert crt;
4871  unsigned char buf[2000];
4872  unsigned char output[2000];
4873  int data_len, res;
4874 
4875  memset( &crt, 0, sizeof( x509_cert ) );
4876  memset( buf, 0, 2000 );
4877  memset( output, 0, 2000 );
4878 
4879  data_len = unhexify( buf, "308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
4880 
4881  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
4882  if( ( 0 ) == 0 )
4883  {
4884  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4885 
4886  fct_chk( res != -1 );
4887  fct_chk( res != -2 );
4888 
4889  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ?\?=Test\nsubject name : ?\?=Test\nissued on : 2010-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
4890  }
4891 
4892  x509_free( &crt );
4893  }
4894  FCT_TEST_END();
4895 
4896 
4897  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_cn)
4898  {
4899  x509_cert crt;
4900  unsigned char buf[2000];
4901  unsigned char output[2000];
4902  int data_len, res;
4903 
4904  memset( &crt, 0, sizeof( x509_cert ) );
4905  memset( buf, 0, 2000 );
4906  memset( output, 0, 2000 );
4907 
4908  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
4909 
4910  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
4911  if( ( 0 ) == 0 )
4912  {
4913  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4914 
4915  fct_chk( res != -1 );
4916  fct_chk( res != -2 );
4917 
4918  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : CN=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
4919  }
4920 
4921  x509_free( &crt );
4922  }
4923  FCT_TEST_END();
4924 
4925 
4926  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_c)
4927  {
4928  x509_cert crt;
4929  unsigned char buf[2000];
4930  unsigned char output[2000];
4931  int data_len, res;
4932 
4933  memset( &crt, 0, sizeof( x509_cert ) );
4934  memset( buf, 0, 2000 );
4935  memset( output, 0, 2000 );
4936 
4937  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
4938 
4939  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
4940  if( ( 0 ) == 0 )
4941  {
4942  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4943 
4944  fct_chk( res != -1 );
4945  fct_chk( res != -2 );
4946 
4947  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : C=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
4948  }
4949 
4950  x509_free( &crt );
4951  }
4952  FCT_TEST_END();
4953 
4954 
4955  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_l)
4956  {
4957  x509_cert crt;
4958  unsigned char buf[2000];
4959  unsigned char output[2000];
4960  int data_len, res;
4961 
4962  memset( &crt, 0, sizeof( x509_cert ) );
4963  memset( buf, 0, 2000 );
4964  memset( output, 0, 2000 );
4965 
4966  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
4967 
4968  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
4969  if( ( 0 ) == 0 )
4970  {
4971  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
4972 
4973  fct_chk( res != -1 );
4974  fct_chk( res != -2 );
4975 
4976  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : L=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
4977  }
4978 
4979  x509_free( &crt );
4980  }
4981  FCT_TEST_END();
4982 
4983 
4984  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_st)
4985  {
4986  x509_cert crt;
4987  unsigned char buf[2000];
4988  unsigned char output[2000];
4989  int data_len, res;
4990 
4991  memset( &crt, 0, sizeof( x509_cert ) );
4992  memset( buf, 0, 2000 );
4993  memset( output, 0, 2000 );
4994 
4995  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
4996 
4997  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
4998  if( ( 0 ) == 0 )
4999  {
5000  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
5001 
5002  fct_chk( res != -1 );
5003  fct_chk( res != -2 );
5004 
5005  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ST=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
5006  }
5007 
5008  x509_free( &crt );
5009  }
5010  FCT_TEST_END();
5011 
5012 
5013  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_o)
5014  {
5015  x509_cert crt;
5016  unsigned char buf[2000];
5017  unsigned char output[2000];
5018  int data_len, res;
5019 
5020  memset( &crt, 0, sizeof( x509_cert ) );
5021  memset( buf, 0, 2000 );
5022  memset( output, 0, 2000 );
5023 
5024  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
5025 
5026  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
5027  if( ( 0 ) == 0 )
5028  {
5029  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
5030 
5031  fct_chk( res != -1 );
5032  fct_chk( res != -2 );
5033 
5034  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : O=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
5035  }
5036 
5037  x509_free( &crt );
5038  }
5039  FCT_TEST_END();
5040 
5041 
5042  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_ou)
5043  {
5044  x509_cert crt;
5045  unsigned char buf[2000];
5046  unsigned char output[2000];
5047  int data_len, res;
5048 
5049  memset( &crt, 0, sizeof( x509_cert ) );
5050  memset( buf, 0, 2000 );
5051  memset( output, 0, 2000 );
5052 
5053  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
5054 
5055  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
5056  if( ( 0 ) == 0 )
5057  {
5058  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
5059 
5060  fct_chk( res != -1 );
5061  fct_chk( res != -2 );
5062 
5063  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : OU=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
5064  }
5065 
5066  x509_free( &crt );
5067  }
5068  FCT_TEST_END();
5069 
5070 
5071  FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_x520_part)
5072  {
5073  x509_cert crt;
5074  unsigned char buf[2000];
5075  unsigned char output[2000];
5076  int data_len, res;
5077 
5078  memset( &crt, 0, sizeof( x509_cert ) );
5079  memset( buf, 0, 2000 );
5080  memset( output, 0, 2000 );
5081 
5082  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
5083 
5084  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
5085  if( ( 0 ) == 0 )
5086  {
5087  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
5088 
5089  fct_chk( res != -1 );
5090  fct_chk( res != -2 );
5091 
5092  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : 0xDE=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
5093  }
5094 
5095  x509_free( &crt );
5096  }
5097  FCT_TEST_END();
5098 
5099 
5100  FCT_TEST_BGN(x509_certificate_asn1_name_with_pkcs9_email)
5101  {
5102  x509_cert crt;
5103  unsigned char buf[2000];
5104  unsigned char output[2000];
5105  int data_len, res;
5106 
5107  memset( &crt, 0, sizeof( x509_cert ) );
5108  memset( buf, 0, 2000 );
5109  memset( output, 0, 2000 );
5110 
5111  data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
5112 
5113  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
5114  if( ( 0 ) == 0 )
5115  {
5116  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
5117 
5118  fct_chk( res != -1 );
5119  fct_chk( res != -2 );
5120 
5121  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : emailAddress=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
5122  }
5123 
5124  x509_free( &crt );
5125  }
5126  FCT_TEST_END();
5127 
5128 
5129  FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_pkcs9_part)
5130  {
5131  x509_cert crt;
5132  unsigned char buf[2000];
5133  unsigned char output[2000];
5134  int data_len, res;
5135 
5136  memset( &crt, 0, sizeof( x509_cert ) );
5137  memset( buf, 0, 2000 );
5138  memset( output, 0, 2000 );
5139 
5140  data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
5141 
5142  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
5143  if( ( 0 ) == 0 )
5144  {
5145  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
5146 
5147  fct_chk( res != -1 );
5148  fct_chk( res != -2 );
5149 
5150  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : 0xAB=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
5151  }
5152 
5153  x509_free( &crt );
5154  }
5155  FCT_TEST_END();
5156 
5157 
5158  FCT_TEST_BGN(x509_crl_asn1_incorrect_first_tag)
5159  {
5160  x509_crl crl;
5161  unsigned char buf[2000];
5162  unsigned char output[2000];
5163  int data_len, res;
5164 
5165  memset( &crl, 0, sizeof( x509_crl ) );
5166  memset( buf, 0, 2000 );
5167  memset( output, 0, 2000 );
5168 
5169  data_len = unhexify( buf, "" );
5170 
5171  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) );
5173  {
5174  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5175 
5176  fct_chk( res != -1 );
5177  fct_chk( res != -2 );
5178 
5179  fct_chk( strcmp( (char *) output, "" ) == 0 );
5180  }
5181 
5182  x509_crl_free( &crl );
5183  }
5184  FCT_TEST_END();
5185 
5186 
5187  FCT_TEST_BGN(x509_crl_asn1_correct_first_tag_data_length_does_not_match)
5188  {
5189  x509_crl crl;
5190  unsigned char buf[2000];
5191  unsigned char output[2000];
5192  int data_len, res;
5193 
5194  memset( &crl, 0, sizeof( x509_crl ) );
5195  memset( buf, 0, 2000 );
5196  memset( output, 0, 2000 );
5197 
5198  data_len = unhexify( buf, "300000" );
5199 
5202  {
5203  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5204 
5205  fct_chk( res != -1 );
5206  fct_chk( res != -2 );
5207 
5208  fct_chk( strcmp( (char *) output, "" ) == 0 );
5209  }
5210 
5211  x509_crl_free( &crl );
5212  }
5213  FCT_TEST_END();
5214 
5215 
5216  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_tag_missing)
5217  {
5218  x509_crl crl;
5219  unsigned char buf[2000];
5220  unsigned char output[2000];
5221  int data_len, res;
5222 
5223  memset( &crl, 0, sizeof( x509_crl ) );
5224  memset( buf, 0, 2000 );
5225  memset( output, 0, 2000 );
5226 
5227  data_len = unhexify( buf, "3000" );
5228 
5229  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5231  {
5232  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5233 
5234  fct_chk( res != -1 );
5235  fct_chk( res != -2 );
5236 
5237  fct_chk( strcmp( (char *) output, "" ) == 0 );
5238  }
5239 
5240  x509_crl_free( &crl );
5241  }
5242  FCT_TEST_END();
5243 
5244 
5245  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_tag_len_missing)
5246  {
5247  x509_crl crl;
5248  unsigned char buf[2000];
5249  unsigned char output[2000];
5250  int data_len, res;
5251 
5252  memset( &crl, 0, sizeof( x509_crl ) );
5253  memset( buf, 0, 2000 );
5254  memset( output, 0, 2000 );
5255 
5256  data_len = unhexify( buf, "3003300102" );
5257 
5258  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5260  {
5261  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5262 
5263  fct_chk( res != -1 );
5264  fct_chk( res != -2 );
5265 
5266  fct_chk( strcmp( (char *) output, "" ) == 0 );
5267  }
5268 
5269  x509_crl_free( &crl );
5270  }
5271  FCT_TEST_END();
5272 
5273 
5274  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_correct_alg_missing)
5275  {
5276  x509_crl crl;
5277  unsigned char buf[2000];
5278  unsigned char output[2000];
5279  int data_len, res;
5280 
5281  memset( &crl, 0, sizeof( x509_crl ) );
5282  memset( buf, 0, 2000 );
5283  memset( output, 0, 2000 );
5284 
5285  data_len = unhexify( buf, "30053003020100" );
5286 
5287  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5289  {
5290  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5291 
5292  fct_chk( res != -1 );
5293  fct_chk( res != -2 );
5294 
5295  fct_chk( strcmp( (char *) output, "" ) == 0 );
5296  }
5297 
5298  x509_crl_free( &crl );
5299  }
5300  FCT_TEST_END();
5301 
5302 
5303  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_alg_correct_incorrect_version)
5304  {
5305  x509_crl crl;
5306  unsigned char buf[2000];
5307  unsigned char output[2000];
5308  int data_len, res;
5309 
5310  memset( &crl, 0, sizeof( x509_crl ) );
5311  memset( buf, 0, 2000 );
5312  memset( output, 0, 2000 );
5313 
5314  data_len = unhexify( buf, "300b3009020102300406000500" );
5315 
5316  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
5318  {
5319  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5320 
5321  fct_chk( res != -1 );
5322  fct_chk( res != -2 );
5323 
5324  fct_chk( strcmp( (char *) output, "" ) == 0 );
5325  }
5326 
5327  x509_crl_free( &crl );
5328  }
5329  FCT_TEST_END();
5330 
5331 
5332  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_version_sig_oid1_unknown)
5333  {
5334  x509_crl crl;
5335  unsigned char buf[2000];
5336  unsigned char output[2000];
5337  int data_len, res;
5338 
5339  memset( &crl, 0, sizeof( x509_crl ) );
5340  memset( buf, 0, 2000 );
5341  memset( output, 0, 2000 );
5342 
5343  data_len = unhexify( buf, "300b3009020100300406000500" );
5344 
5345  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
5347  {
5348  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5349 
5350  fct_chk( res != -1 );
5351  fct_chk( res != -2 );
5352 
5353  fct_chk( strcmp( (char *) output, "" ) == 0 );
5354  }
5355 
5356  x509_crl_free( &crl );
5357  }
5358  FCT_TEST_END();
5359 
5360 
5361  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_id_unknown)
5362  {
5363  x509_crl crl;
5364  unsigned char buf[2000];
5365  unsigned char output[2000];
5366  int data_len, res;
5367 
5368  memset( &crl, 0, sizeof( x509_crl ) );
5369  memset( buf, 0, 2000 );
5370  memset( output, 0, 2000 );
5371 
5372  data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010f0500" );
5373 
5374  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
5376  {
5377  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5378 
5379  fct_chk( res != -1 );
5380  fct_chk( res != -2 );
5381 
5382  fct_chk( strcmp( (char *) output, "" ) == 0 );
5383  }
5384 
5385  x509_crl_free( &crl );
5386  }
5387  FCT_TEST_END();
5388 
5389 
5390  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_correct_issuer_missing)
5391  {
5392  x509_crl crl;
5393  unsigned char buf[2000];
5394  unsigned char output[2000];
5395  int data_len, res;
5396 
5397  memset( &crl, 0, sizeof( x509_crl ) );
5398  memset( buf, 0, 2000 );
5399  memset( output, 0, 2000 );
5400 
5401  data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010e0500" );
5402 
5403  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5405  {
5406  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5407 
5408  fct_chk( res != -1 );
5409  fct_chk( res != -2 );
5410 
5411  fct_chk( strcmp( (char *) output, "" ) == 0 );
5412  }
5413 
5414  x509_crl_free( &crl );
5415  }
5416  FCT_TEST_END();
5417 
5418 
5419  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_issuer_set_missing)
5420  {
5421  x509_crl crl;
5422  unsigned char buf[2000];
5423  unsigned char output[2000];
5424  int data_len, res;
5425 
5426  memset( &crl, 0, sizeof( x509_crl ) );
5427  memset( buf, 0, 2000 );
5428  memset( output, 0, 2000 );
5429 
5430  data_len = unhexify( buf, "30163014020100300d06092a864886f70d01010e05003000" );
5431 
5432  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5434  {
5435  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5436 
5437  fct_chk( res != -1 );
5438  fct_chk( res != -2 );
5439 
5440  fct_chk( strcmp( (char *) output, "" ) == 0 );
5441  }
5442 
5443  x509_crl_free( &crl );
5444  }
5445  FCT_TEST_END();
5446 
5447 
5448  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_issuer_thisupdate_missing)
5449  {
5450  x509_crl crl;
5451  unsigned char buf[2000];
5452  unsigned char output[2000];
5453  int data_len, res;
5454 
5455  memset( &crl, 0, sizeof( x509_crl ) );
5456  memset( buf, 0, 2000 );
5457  memset( output, 0, 2000 );
5458 
5459  data_len = unhexify( buf, "30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344" );
5460 
5461  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5463  {
5464  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5465 
5466  fct_chk( res != -1 );
5467  fct_chk( res != -2 );
5468 
5469  fct_chk( strcmp( (char *) output, "" ) == 0 );
5470  }
5471 
5472  x509_crl_free( &crl );
5473  }
5474  FCT_TEST_END();
5475 
5476 
5477  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_thisupdate_nextupdate_missing_entries_length_missing)
5478  {
5479  x509_crl crl;
5480  unsigned char buf[2000];
5481  unsigned char output[2000];
5482  int data_len, res;
5483 
5484  memset( &crl, 0, sizeof( x509_crl ) );
5485  memset( buf, 0, 2000 );
5486  memset( output, 0, 2000 );
5487 
5488  data_len = unhexify( buf, "30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030" );
5489 
5490  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
5491  if( ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
5492  {
5493  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5494 
5495  fct_chk( res != -1 );
5496  fct_chk( res != -2 );
5497 
5498  fct_chk( strcmp( (char *) output, "" ) == 0 );
5499  }
5500 
5501  x509_crl_free( &crl );
5502  }
5503  FCT_TEST_END();
5504 
5505 
5506  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_invalid_sig_alg)
5507  {
5508  x509_crl crl;
5509  unsigned char buf[2000];
5510  unsigned char output[2000];
5511  int data_len, res;
5512 
5513  memset( &crl, 0, sizeof( x509_crl ) );
5514  memset( buf, 0, 2000 );
5515  memset( output, 0, 2000 );
5516 
5517  data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900" );
5518 
5519  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
5521  {
5522  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5523 
5524  fct_chk( res != -1 );
5525  fct_chk( res != -2 );
5526 
5527  fct_chk( strcmp( (char *) output, "" ) == 0 );
5528  }
5529 
5530  x509_crl_free( &crl );
5531  }
5532  FCT_TEST_END();
5533 
5534 
5535  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_date_in_entry_invalid)
5536  {
5537  x509_crl crl;
5538  unsigned char buf[2000];
5539  unsigned char output[2000];
5540  int data_len, res;
5541 
5542  memset( &crl, 0, sizeof( x509_crl ) );
5543  memset( buf, 0, 2000 );
5544  memset( output, 0, 2000 );
5545 
5546  data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900" );
5547 
5548  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
5550  {
5551  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5552 
5553  fct_chk( res != -1 );
5554  fct_chk( res != -2 );
5555 
5556  fct_chk( strcmp( (char *) output, "" ) == 0 );
5557  }
5558 
5559  x509_crl_free( &crl );
5560  }
5561  FCT_TEST_END();
5562 
5563 
5564  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_alg_present_sig_alg_does_not_match)
5565  {
5566  x509_crl crl;
5567  unsigned char buf[2000];
5568  unsigned char output[2000];
5569  int data_len, res;
5570 
5571  memset( &crl, 0, sizeof( x509_crl ) );
5572  memset( buf, 0, 2000 );
5573  memset( output, 0, 2000 );
5574 
5575  data_len = unhexify( buf, "30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500" );
5576 
5577  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) );
5579  {
5580  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5581 
5582  fct_chk( res != -1 );
5583  fct_chk( res != -2 );
5584 
5585  fct_chk( strcmp( (char *) output, "" ) == 0 );
5586  }
5587 
5588  x509_crl_free( &crl );
5589  }
5590  FCT_TEST_END();
5591 
5592 
5593  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present_len_mismatch)
5594  {
5595  x509_crl crl;
5596  unsigned char buf[2000];
5597  unsigned char output[2000];
5598  int data_len, res;
5599 
5600  memset( &crl, 0, sizeof( x509_crl ) );
5601  memset( buf, 0, 2000 );
5602  memset( output, 0, 2000 );
5603 
5604  data_len = unhexify( buf, "305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100" );
5605 
5608  {
5609  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5610 
5611  fct_chk( res != -1 );
5612  fct_chk( res != -2 );
5613 
5614  fct_chk( strcmp( (char *) output, "" ) == 0 );
5615  }
5616 
5617  x509_crl_free( &crl );
5618  }
5619  FCT_TEST_END();
5620 
5621 
5622  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present)
5623  {
5624  x509_crl crl;
5625  unsigned char buf[2000];
5626  unsigned char output[2000];
5627  int data_len, res;
5628 
5629  memset( &crl, 0, sizeof( x509_crl ) );
5630  memset( buf, 0, 2000 );
5631  memset( output, 0, 2000 );
5632 
5633  data_len = unhexify( buf, "305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001" );
5634 
5635  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) );
5636  if( ( 0 ) == 0 )
5637  {
5638  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5639 
5640  fct_chk( res != -1 );
5641  fct_chk( res != -2 );
5642 
5643  fct_chk( strcmp( (char *) output, "CRL version : 1\nissuer name : CN=ABCD\nthis update : 2009-01-01 00:00:00\nnext update : 0000-00-00 00:00:00\nRevoked certificates:\nserial number: AB:CD revocation date: 2008-12-31 23:59:59\nsigned using : RSA+SHA224\n" ) == 0 );
5644  }
5645 
5646  x509_crl_free( &crl );
5647  }
5648  FCT_TEST_END();
5649 
5650 
5651  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_no_entries)
5652  {
5653  x509_crl crl;
5654  unsigned char buf[2000];
5655  unsigned char output[2000];
5656  int data_len, res;
5657 
5658  memset( &crl, 0, sizeof( x509_crl ) );
5659  memset( buf, 0, 2000 );
5660  memset( output, 0, 2000 );
5661 
5662  data_len = unhexify( buf, "30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001" );
5663 
5664  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) );
5665  if( ( 0 ) == 0 )
5666  {
5667  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
5668 
5669  fct_chk( res != -1 );
5670  fct_chk( res != -2 );
5671 
5672  fct_chk( strcmp( (char *) output, "CRL version : 1\nissuer name : CN=ABCD\nthis update : 2009-01-01 00:00:00\nnext update : 0000-00-00 00:00:00\nRevoked certificates:\nsigned using : RSA+SHA224\n" ) == 0 );
5673  }
5674 
5675  x509_crl_free( &crl );
5676  }
5677  FCT_TEST_END();
5678 
5679 
5680  FCT_TEST_BGN(x509_key_asn1_incorrect_first_tag)
5681  {
5682  rsa_context rsa;
5683  unsigned char buf[2000];
5684  unsigned char output[2000];
5685  int data_len;
5686 
5687  memset( &rsa, 0, sizeof( rsa_context ) );
5688  memset( buf, 0, 2000 );
5689  memset( output, 0, 2000 );
5690 
5691  data_len = unhexify( buf, "" );
5692 
5693  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5695  {
5696  fct_chk( 1 );
5697  }
5698 
5699  rsa_free( &rsa );
5700  }
5701  FCT_TEST_END();
5702 
5703 
5704  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_incorrect_version_tag)
5705  {
5706  rsa_context rsa;
5707  unsigned char buf[2000];
5708  unsigned char output[2000];
5709  int data_len;
5710 
5711  memset( &rsa, 0, sizeof( rsa_context ) );
5712  memset( buf, 0, 2000 );
5713  memset( output, 0, 2000 );
5714 
5715  data_len = unhexify( buf, "300100" );
5716 
5717  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5719  {
5720  fct_chk( 1 );
5721  }
5722 
5723  rsa_free( &rsa );
5724  }
5725  FCT_TEST_END();
5726 
5727 
5728  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_version_tag_missing)
5729  {
5730  rsa_context rsa;
5731  unsigned char buf[2000];
5732  unsigned char output[2000];
5733  int data_len;
5734 
5735  memset( &rsa, 0, sizeof( rsa_context ) );
5736  memset( buf, 0, 2000 );
5737  memset( output, 0, 2000 );
5738 
5739  data_len = unhexify( buf, "3000" );
5740 
5741  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5743  {
5744  fct_chk( 1 );
5745  }
5746 
5747  rsa_free( &rsa );
5748  }
5749  FCT_TEST_END();
5750 
5751 
5752  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_invalid_version)
5753  {
5754  rsa_context rsa;
5755  unsigned char buf[2000];
5756  unsigned char output[2000];
5757  int data_len;
5758 
5759  memset( &rsa, 0, sizeof( rsa_context ) );
5760  memset( buf, 0, 2000 );
5761  memset( output, 0, 2000 );
5762 
5763  data_len = unhexify( buf, "3003020101" );
5764 
5765  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5767  {
5768  fct_chk( 1 );
5769  }
5770 
5771  rsa_free( &rsa );
5772  }
5773  FCT_TEST_END();
5774 
5775 
5776  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_correct_version_incorrect_tag)
5777  {
5778  rsa_context rsa;
5779  unsigned char buf[2000];
5780  unsigned char output[2000];
5781  int data_len;
5782 
5783  memset( &rsa, 0, sizeof( rsa_context ) );
5784  memset( buf, 0, 2000 );
5785  memset( output, 0, 2000 );
5786 
5787  data_len = unhexify( buf, "300402010000" );
5788 
5789  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5791  {
5792  fct_chk( 1 );
5793  }
5794 
5795  rsa_free( &rsa );
5796  }
5797  FCT_TEST_END();
5798 
5799 
5800  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_length_mismatch)
5801  {
5802  rsa_context rsa;
5803  unsigned char buf[2000];
5804  unsigned char output[2000];
5805  int data_len;
5806 
5807  memset( &rsa, 0, sizeof( rsa_context ) );
5808  memset( buf, 0, 2000 );
5809  memset( output, 0, 2000 );
5810 
5811  data_len = unhexify( buf, "301c02010002010102010102010102010102010102010102010102010100" );
5812 
5813  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5815  {
5816  fct_chk( 1 );
5817  }
5818 
5819  rsa_free( &rsa );
5820  }
5821  FCT_TEST_END();
5822 
5823 
5824  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_check_privkey_fails)
5825  {
5826  rsa_context rsa;
5827  unsigned char buf[2000];
5828  unsigned char output[2000];
5829  int data_len;
5830 
5831  memset( &rsa, 0, sizeof( rsa_context ) );
5832  memset( buf, 0, 2000 );
5833  memset( output, 0, 2000 );
5834 
5835  data_len = unhexify( buf, "301b020100020101020101020101020101020101020101020101020101" );
5836 
5837  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT ) );
5839  {
5840  fct_chk( 1 );
5841  }
5842 
5843  rsa_free( &rsa );
5844  }
5845  FCT_TEST_END();
5846 
5847  }
5848  FCT_SUITE_END();
5849 
5850 #endif /* POLARSSL_X509_PARSE_C */
5851 #endif /* POLARSSL_BIGNUM_C */
5852 
5853 }
5854 FCT_END();
5855