PolarSSL v1.2.8
test_suite_x509write.c
Go to the documentation of this file.
1 #include "fct.h"
2 #include <polarssl/config.h>
3 
4 #include <polarssl/x509write.h>
5 #include <polarssl/x509.h>
6 #include <polarssl/pem.h>
7 
8 #ifdef _MSC_VER
9 #include <basetsd.h>
10 typedef UINT32 uint32_t;
11 #else
12 #include <inttypes.h>
13 #endif
14 
15 /*
16  * 32-bit integer manipulation macros (big endian)
17  */
18 #ifndef GET_UINT32_BE
19 #define GET_UINT32_BE(n,b,i) \
20 { \
21  (n) = ( (uint32_t) (b)[(i) ] << 24 ) \
22  | ( (uint32_t) (b)[(i) + 1] << 16 ) \
23  | ( (uint32_t) (b)[(i) + 2] << 8 ) \
24  | ( (uint32_t) (b)[(i) + 3] ); \
25 }
26 #endif
27 
28 #ifndef PUT_UINT32_BE
29 #define PUT_UINT32_BE(n,b,i) \
30 { \
31  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
32  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
33  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
34  (b)[(i) + 3] = (unsigned char) ( (n) ); \
35 }
36 #endif
37 
38 int unhexify(unsigned char *obuf, const char *ibuf)
39 {
40  unsigned char c, c2;
41  int len = strlen(ibuf) / 2;
42  assert(!(strlen(ibuf) %1)); // must be even number of bytes
43 
44  while (*ibuf != 0)
45  {
46  c = *ibuf++;
47  if( c >= '0' && c <= '9' )
48  c -= '0';
49  else if( c >= 'a' && c <= 'f' )
50  c -= 'a' - 10;
51  else if( c >= 'A' && c <= 'F' )
52  c -= 'A' - 10;
53  else
54  assert( 0 );
55 
56  c2 = *ibuf++;
57  if( c2 >= '0' && c2 <= '9' )
58  c2 -= '0';
59  else if( c2 >= 'a' && c2 <= 'f' )
60  c2 -= 'a' - 10;
61  else if( c2 >= 'A' && c2 <= 'F' )
62  c2 -= 'A' - 10;
63  else
64  assert( 0 );
65 
66  *obuf++ = ( c << 4 ) | c2;
67  }
68 
69  return len;
70 }
71 
72 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
73 {
74  unsigned char l, h;
75 
76  while (len != 0)
77  {
78  h = (*ibuf) / 16;
79  l = (*ibuf) % 16;
80 
81  if( h < 10 )
82  *obuf++ = '0' + h;
83  else
84  *obuf++ = 'a' + h - 10;
85 
86  if( l < 10 )
87  *obuf++ = '0' + l;
88  else
89  *obuf++ = 'a' + l - 10;
90 
91  ++ibuf;
92  len--;
93  }
94 }
95 
105 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
106 {
107  size_t i;
108 
109  if( rng_state != NULL )
110  rng_state = NULL;
111 
112  for( i = 0; i < len; ++i )
113  output[i] = rand();
114 
115  return( 0 );
116 }
117 
123 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
124 {
125  if( rng_state != NULL )
126  rng_state = NULL;
127 
128  memset( output, 0, len );
129 
130  return( 0 );
131 }
132 
133 typedef struct
134 {
135  unsigned char *buf;
136  size_t length;
137 } rnd_buf_info;
138 
150 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
151 {
152  rnd_buf_info *info = (rnd_buf_info *) rng_state;
153  size_t use_len;
154 
155  if( rng_state == NULL )
156  return( rnd_std_rand( NULL, output, len ) );
157 
158  use_len = len;
159  if( len > info->length )
160  use_len = info->length;
161 
162  if( use_len )
163  {
164  memcpy( output, info->buf, use_len );
165  info->buf += use_len;
166  info->length -= use_len;
167  }
168 
169  if( len - use_len > 0 )
170  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
171 
172  return( 0 );
173 }
174 
182 typedef struct
183 {
184  uint32_t key[16];
185  uint32_t v0, v1;
187 
196 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
197 {
198  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
199  uint32_t i, *k, sum, delta=0x9E3779B9;
200  unsigned char result[4];
201 
202  if( rng_state == NULL )
203  return( rnd_std_rand( NULL, output, len ) );
204 
205  k = info->key;
206 
207  while( len > 0 )
208  {
209  size_t use_len = ( len > 4 ) ? 4 : len;
210  sum = 0;
211 
212  for( i = 0; i < 32; i++ )
213  {
214  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
215  sum += delta;
216  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
217  }
218 
219  PUT_UINT32_BE( info->v0, result, 0 );
220  memcpy( output, result, use_len );
221  len -= use_len;
222  }
223 
224  return( 0 );
225 }
226 
227 
229 {
230 #ifdef POLARSSL_X509_WRITE_C
231 #ifdef POLARSSL_BIGNUM_C
232 
233 
234  FCT_SUITE_BGN(test_suite_x509write)
235  {
236 #ifdef POLARSSL_SHA1_C
237 
238  FCT_TEST_BGN(certificate_request_check_server1_sha1)
239  {
240  rsa_context rsa;
241  pem_context pem;
242  x509_req_name req_name, *cur;
243  unsigned char *c;
244  unsigned char buf[4000];
245  unsigned char check_buf[4000];
246  int ret;
247  size_t olen = 2000;
248  FILE *f;
249 
250  cur = &req_name;
251 
252  memset( cur, 0, sizeof(x509_req_name) );
253  strcpy( cur->oid, OID_CN );
254  strcpy( cur->name, "PolarSSL Server 1" );
255  cur->next = malloc( sizeof(x509_req_name) );
256  cur = cur->next;
257 
258  memset( cur, 0, sizeof(x509_req_name) );
259  strcpy( cur->oid, OID_ORGANIZATION );
260  strcpy( cur->name, "PolarSSL" );
261  cur->next = malloc( sizeof(x509_req_name) );
262  cur = cur->next;
263 
264  memset( cur, 0, sizeof(x509_req_name) );
265  strcpy( cur->oid, OID_COUNTRY );
266  strcpy( cur->name, "NL" );
267 
268  memset( &rsa, 0, sizeof(rsa_context) );
269  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
270  fct_chk( ret == 0 );
271  if( ret != 0 )
272  return 0;
273 
274  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA1 );
275  fct_chk( ret >= 0 );
276 
277  c = buf + 3999 - ret;
278 
279  f = fopen( "data_files/server1.req.sha1", "r" );
280  fct_chk( f != NULL );
281  fread( check_buf, 1, 4000, f );
282  fclose( f );
283 
284  pem_init( &pem );
285  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
286 
287  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
288  fct_chk( pem.buflen == (size_t) ret );
289 
290  while( ( cur = req_name.next ) != NULL )
291  {
292  req_name.next = cur->next;
293  free( cur );
294  }
295 
296  rsa_free( &rsa );
297  pem_free( &pem );
298  }
299  FCT_TEST_END();
300 #endif /* POLARSSL_SHA1_C */
301 
302 #ifdef POLARSSL_SHA2_C
303 
304  FCT_TEST_BGN(certificate_request_check_server1_sha224)
305  {
306  rsa_context rsa;
307  pem_context pem;
308  x509_req_name req_name, *cur;
309  unsigned char *c;
310  unsigned char buf[4000];
311  unsigned char check_buf[4000];
312  int ret;
313  size_t olen = 2000;
314  FILE *f;
315 
316  cur = &req_name;
317 
318  memset( cur, 0, sizeof(x509_req_name) );
319  strcpy( cur->oid, OID_CN );
320  strcpy( cur->name, "PolarSSL Server 1" );
321  cur->next = malloc( sizeof(x509_req_name) );
322  cur = cur->next;
323 
324  memset( cur, 0, sizeof(x509_req_name) );
325  strcpy( cur->oid, OID_ORGANIZATION );
326  strcpy( cur->name, "PolarSSL" );
327  cur->next = malloc( sizeof(x509_req_name) );
328  cur = cur->next;
329 
330  memset( cur, 0, sizeof(x509_req_name) );
331  strcpy( cur->oid, OID_COUNTRY );
332  strcpy( cur->name, "NL" );
333 
334  memset( &rsa, 0, sizeof(rsa_context) );
335  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
336  fct_chk( ret == 0 );
337  if( ret != 0 )
338  return 0;
339 
340  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA224 );
341  fct_chk( ret >= 0 );
342 
343  c = buf + 3999 - ret;
344 
345  f = fopen( "data_files/server1.req.sha224", "r" );
346  fct_chk( f != NULL );
347  fread( check_buf, 1, 4000, f );
348  fclose( f );
349 
350  pem_init( &pem );
351  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
352 
353  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
354  fct_chk( pem.buflen == (size_t) ret );
355 
356  while( ( cur = req_name.next ) != NULL )
357  {
358  req_name.next = cur->next;
359  free( cur );
360  }
361 
362  rsa_free( &rsa );
363  pem_free( &pem );
364  }
365  FCT_TEST_END();
366 #endif /* POLARSSL_SHA2_C */
367 
368 #ifdef POLARSSL_SHA2_C
369 
370  FCT_TEST_BGN(certificate_request_check_server1_sha256)
371  {
372  rsa_context rsa;
373  pem_context pem;
374  x509_req_name req_name, *cur;
375  unsigned char *c;
376  unsigned char buf[4000];
377  unsigned char check_buf[4000];
378  int ret;
379  size_t olen = 2000;
380  FILE *f;
381 
382  cur = &req_name;
383 
384  memset( cur, 0, sizeof(x509_req_name) );
385  strcpy( cur->oid, OID_CN );
386  strcpy( cur->name, "PolarSSL Server 1" );
387  cur->next = malloc( sizeof(x509_req_name) );
388  cur = cur->next;
389 
390  memset( cur, 0, sizeof(x509_req_name) );
391  strcpy( cur->oid, OID_ORGANIZATION );
392  strcpy( cur->name, "PolarSSL" );
393  cur->next = malloc( sizeof(x509_req_name) );
394  cur = cur->next;
395 
396  memset( cur, 0, sizeof(x509_req_name) );
397  strcpy( cur->oid, OID_COUNTRY );
398  strcpy( cur->name, "NL" );
399 
400  memset( &rsa, 0, sizeof(rsa_context) );
401  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
402  fct_chk( ret == 0 );
403  if( ret != 0 )
404  return 0;
405 
406  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA256 );
407  fct_chk( ret >= 0 );
408 
409  c = buf + 3999 - ret;
410 
411  f = fopen( "data_files/server1.req.sha256", "r" );
412  fct_chk( f != NULL );
413  fread( check_buf, 1, 4000, f );
414  fclose( f );
415 
416  pem_init( &pem );
417  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
418 
419  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
420  fct_chk( pem.buflen == (size_t) ret );
421 
422  while( ( cur = req_name.next ) != NULL )
423  {
424  req_name.next = cur->next;
425  free( cur );
426  }
427 
428  rsa_free( &rsa );
429  pem_free( &pem );
430  }
431  FCT_TEST_END();
432 #endif /* POLARSSL_SHA2_C */
433 
434 #ifdef POLARSSL_SHA4_C
435 
436  FCT_TEST_BGN(certificate_request_check_server1_sha384)
437  {
438  rsa_context rsa;
439  pem_context pem;
440  x509_req_name req_name, *cur;
441  unsigned char *c;
442  unsigned char buf[4000];
443  unsigned char check_buf[4000];
444  int ret;
445  size_t olen = 2000;
446  FILE *f;
447 
448  cur = &req_name;
449 
450  memset( cur, 0, sizeof(x509_req_name) );
451  strcpy( cur->oid, OID_CN );
452  strcpy( cur->name, "PolarSSL Server 1" );
453  cur->next = malloc( sizeof(x509_req_name) );
454  cur = cur->next;
455 
456  memset( cur, 0, sizeof(x509_req_name) );
457  strcpy( cur->oid, OID_ORGANIZATION );
458  strcpy( cur->name, "PolarSSL" );
459  cur->next = malloc( sizeof(x509_req_name) );
460  cur = cur->next;
461 
462  memset( cur, 0, sizeof(x509_req_name) );
463  strcpy( cur->oid, OID_COUNTRY );
464  strcpy( cur->name, "NL" );
465 
466  memset( &rsa, 0, sizeof(rsa_context) );
467  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
468  fct_chk( ret == 0 );
469  if( ret != 0 )
470  return 0;
471 
472  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA384 );
473  fct_chk( ret >= 0 );
474 
475  c = buf + 3999 - ret;
476 
477  f = fopen( "data_files/server1.req.sha384", "r" );
478  fct_chk( f != NULL );
479  fread( check_buf, 1, 4000, f );
480  fclose( f );
481 
482  pem_init( &pem );
483  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
484 
485  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
486  fct_chk( pem.buflen == (size_t) ret );
487 
488  while( ( cur = req_name.next ) != NULL )
489  {
490  req_name.next = cur->next;
491  free( cur );
492  }
493 
494  rsa_free( &rsa );
495  pem_free( &pem );
496  }
497  FCT_TEST_END();
498 #endif /* POLARSSL_SHA4_C */
499 
500 #ifdef POLARSSL_SHA4_C
501 
502  FCT_TEST_BGN(certificate_request_check_server1_sha512)
503  {
504  rsa_context rsa;
505  pem_context pem;
506  x509_req_name req_name, *cur;
507  unsigned char *c;
508  unsigned char buf[4000];
509  unsigned char check_buf[4000];
510  int ret;
511  size_t olen = 2000;
512  FILE *f;
513 
514  cur = &req_name;
515 
516  memset( cur, 0, sizeof(x509_req_name) );
517  strcpy( cur->oid, OID_CN );
518  strcpy( cur->name, "PolarSSL Server 1" );
519  cur->next = malloc( sizeof(x509_req_name) );
520  cur = cur->next;
521 
522  memset( cur, 0, sizeof(x509_req_name) );
523  strcpy( cur->oid, OID_ORGANIZATION );
524  strcpy( cur->name, "PolarSSL" );
525  cur->next = malloc( sizeof(x509_req_name) );
526  cur = cur->next;
527 
528  memset( cur, 0, sizeof(x509_req_name) );
529  strcpy( cur->oid, OID_COUNTRY );
530  strcpy( cur->name, "NL" );
531 
532  memset( &rsa, 0, sizeof(rsa_context) );
533  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
534  fct_chk( ret == 0 );
535  if( ret != 0 )
536  return 0;
537 
538  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_SHA512 );
539  fct_chk( ret >= 0 );
540 
541  c = buf + 3999 - ret;
542 
543  f = fopen( "data_files/server1.req.sha512", "r" );
544  fct_chk( f != NULL );
545  fread( check_buf, 1, 4000, f );
546  fclose( f );
547 
548  pem_init( &pem );
549  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
550 
551  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
552  fct_chk( pem.buflen == (size_t) ret );
553 
554  while( ( cur = req_name.next ) != NULL )
555  {
556  req_name.next = cur->next;
557  free( cur );
558  }
559 
560  rsa_free( &rsa );
561  pem_free( &pem );
562  }
563  FCT_TEST_END();
564 #endif /* POLARSSL_SHA4_C */
565 
566 #ifdef POLARSSL_MD4_C
567 
568  FCT_TEST_BGN(certificate_request_check_server1_md4)
569  {
570  rsa_context rsa;
571  pem_context pem;
572  x509_req_name req_name, *cur;
573  unsigned char *c;
574  unsigned char buf[4000];
575  unsigned char check_buf[4000];
576  int ret;
577  size_t olen = 2000;
578  FILE *f;
579 
580  cur = &req_name;
581 
582  memset( cur, 0, sizeof(x509_req_name) );
583  strcpy( cur->oid, OID_CN );
584  strcpy( cur->name, "PolarSSL Server 1" );
585  cur->next = malloc( sizeof(x509_req_name) );
586  cur = cur->next;
587 
588  memset( cur, 0, sizeof(x509_req_name) );
589  strcpy( cur->oid, OID_ORGANIZATION );
590  strcpy( cur->name, "PolarSSL" );
591  cur->next = malloc( sizeof(x509_req_name) );
592  cur = cur->next;
593 
594  memset( cur, 0, sizeof(x509_req_name) );
595  strcpy( cur->oid, OID_COUNTRY );
596  strcpy( cur->name, "NL" );
597 
598  memset( &rsa, 0, sizeof(rsa_context) );
599  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
600  fct_chk( ret == 0 );
601  if( ret != 0 )
602  return 0;
603 
604  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_MD4 );
605  fct_chk( ret >= 0 );
606 
607  c = buf + 3999 - ret;
608 
609  f = fopen( "data_files/server1.req.md4", "r" );
610  fct_chk( f != NULL );
611  fread( check_buf, 1, 4000, f );
612  fclose( f );
613 
614  pem_init( &pem );
615  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
616 
617  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
618  fct_chk( pem.buflen == (size_t) ret );
619 
620  while( ( cur = req_name.next ) != NULL )
621  {
622  req_name.next = cur->next;
623  free( cur );
624  }
625 
626  rsa_free( &rsa );
627  pem_free( &pem );
628  }
629  FCT_TEST_END();
630 #endif /* POLARSSL_MD4_C */
631 
632 #ifdef POLARSSL_MD5_C
633 
634  FCT_TEST_BGN(certificate_request_check_server1_md5)
635  {
636  rsa_context rsa;
637  pem_context pem;
638  x509_req_name req_name, *cur;
639  unsigned char *c;
640  unsigned char buf[4000];
641  unsigned char check_buf[4000];
642  int ret;
643  size_t olen = 2000;
644  FILE *f;
645 
646  cur = &req_name;
647 
648  memset( cur, 0, sizeof(x509_req_name) );
649  strcpy( cur->oid, OID_CN );
650  strcpy( cur->name, "PolarSSL Server 1" );
651  cur->next = malloc( sizeof(x509_req_name) );
652  cur = cur->next;
653 
654  memset( cur, 0, sizeof(x509_req_name) );
655  strcpy( cur->oid, OID_ORGANIZATION );
656  strcpy( cur->name, "PolarSSL" );
657  cur->next = malloc( sizeof(x509_req_name) );
658  cur = cur->next;
659 
660  memset( cur, 0, sizeof(x509_req_name) );
661  strcpy( cur->oid, OID_COUNTRY );
662  strcpy( cur->name, "NL" );
663 
664  memset( &rsa, 0, sizeof(rsa_context) );
665  ret = x509parse_keyfile( &rsa, "data_files/server1.key", NULL );
666  fct_chk( ret == 0 );
667  if( ret != 0 )
668  return 0;
669 
670  ret = x509_write_cert_req( buf, 4000, &rsa, &req_name, SIG_RSA_MD5 );
671  fct_chk( ret >= 0 );
672 
673  c = buf + 3999 - ret;
674 
675  f = fopen( "data_files/server1.req.md5", "r" );
676  fct_chk( f != NULL );
677  fread( check_buf, 1, 4000, f );
678  fclose( f );
679 
680  pem_init( &pem );
681  pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );
682 
683  fct_chk( memcmp( c, pem.buf, pem.buflen ) == 0 );
684  fct_chk( pem.buflen == (size_t) ret );
685 
686  while( ( cur = req_name.next ) != NULL )
687  {
688  req_name.next = cur->next;
689  free( cur );
690  }
691 
692  rsa_free( &rsa );
693  pem_free( &pem );
694  }
695  FCT_TEST_END();
696 #endif /* POLARSSL_MD5_C */
697 
698  }
699  FCT_SUITE_END();
700 
701 #endif /* POLARSSL_X509_WRITE_C */
702 #endif /* POLARSSL_BIGNUM_C */
703 
704 }
705 FCT_END();
706