mbedtls/tests/suites/test_suite_x509write.function

551 lines
19 KiB
Text
Raw Normal View History

/* BEGIN_HEADER */
#include "mbedtls/bignum.h"
2015-03-09 18:05:11 +01:00
#include "mbedtls/x509_crt.h"
#include "mbedtls/x509_csr.h"
#include "mbedtls/pem.h"
#include "mbedtls/oid.h"
#include "mbedtls/rsa.h"
#include "hash_info.h"
#include "legacy_or_psa.h"
#if defined(MBEDTLS_RSA_C)
int mbedtls_rsa_decrypt_func( void *ctx, size_t *olen,
const unsigned char *input, unsigned char *output,
size_t output_max_len )
{
return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL,
olen, input, output, output_max_len ) );
}
int mbedtls_rsa_sign_func( void *ctx,
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
mbedtls_md_type_t md_alg, unsigned int hashlen,
const unsigned char *hash, unsigned char *sig )
{
return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng,
md_alg, hashlen, hash, sig ) );
}
size_t mbedtls_rsa_key_len_func( void *ctx )
{
return( ((const mbedtls_rsa_context *) ctx)->len );
}
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)
static int x509_crt_verifycsr( const unsigned char *buf, size_t buflen )
{
unsigned char hash[PSA_HASH_MAX_SIZE];
mbedtls_x509_csr csr;
int ret = 0;
mbedtls_x509_csr_init( &csr );
if( mbedtls_x509_csr_parse( &csr, buf, buflen ) != 0 )
{
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
goto cleanup;
}
psa_algorithm_t psa_alg = mbedtls_hash_info_psa_from_md( csr.sig_md );
size_t hash_size = 0;
psa_status_t status = psa_hash_compute( psa_alg, csr.cri.p, csr.cri.len,
hash, PSA_HASH_MAX_SIZE, &hash_size );
if( status != PSA_SUCCESS )
{
/* Note: this can't happen except after an internal error */
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
goto cleanup;
}
if( mbedtls_pk_verify_ext( csr.sig_pk, csr.sig_opts, &csr.pk,
csr.sig_md, hash, mbedtls_hash_info_get_size( csr.sig_md ),
csr.sig.p, csr.sig.len ) != 0 )
{
ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
goto cleanup;
}
cleanup:
mbedtls_x509_csr_free( &csr );
return( ret );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
/* END_HEADER */
/* BEGIN_DEPENDENCIES
* depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C
* END_DEPENDENCIES
*/
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
2017-05-30 15:23:15 +02:00
void x509_csr_check( char * key_file, char * cert_req_check_file, int md_type,
int key_usage, int set_key_usage, int cert_type,
int set_cert_type )
{
mbedtls_pk_context key;
mbedtls_x509write_csr req;
unsigned char buf[4096];
int ret;
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
unsigned char check_buf[4000];
FILE *f;
size_t olen = 0;
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
size_t pem_len = 0, buf_index;
int der_len = -1;
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
mbedtls_test_rnd_pseudo_info rnd_info;
memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
2013-09-11 22:48:40 +02:00
USE_PSA_INIT( );
mbedtls_pk_init( &key );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, md_type );
mbedtls_x509write_csr_set_key( &req, &key );
TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
if( set_key_usage != 0 )
TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
if( set_cert_type != 0 )
TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
2017-09-13 16:39:59 +02:00
ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ),
mbedtls_test_rnd_pseudo_rand, &rnd_info );
2013-09-15 20:03:26 +02:00
TEST_ASSERT( ret == 0 );
2013-09-15 20:03:26 +02:00
pem_len = strlen( (char *) buf );
for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
{
TEST_ASSERT( buf[buf_index] == 0 );
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
// When using PSA crypto, RNG isn't controllable, so cert_req_check_file can't be used
(void)cert_req_check_file;
buf[pem_len] = '\0';
TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 );
#else
f = fopen( cert_req_check_file, "r" );
TEST_ASSERT( f != NULL );
2013-09-15 20:03:26 +02:00
olen = fread( check_buf, 1, sizeof( check_buf ), f );
fclose( f );
2013-09-15 20:03:26 +02:00
TEST_ASSERT( olen >= pem_len - 1 );
TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
#endif /* MBEDTLS_USE_PSA_CRYPTO */
2013-01-03 11:33:48 +01:00
der_len = mbedtls_x509write_csr_der( &req, buf, sizeof( buf ),
mbedtls_test_rnd_pseudo_rand,
&rnd_info );
TEST_ASSERT( der_len >= 0 );
if( der_len == 0 )
goto exit;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
// When using PSA crypto, RNG isn't controllable, result length isn't
// deterministic over multiple runs, removing a single byte isn't enough to
// go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case
der_len /= 2;
#else
der_len -= 1;
#endif
ret = mbedtls_x509write_csr_der( &req, buf, (size_t)( der_len ),
mbedtls_test_rnd_pseudo_rand, &rnd_info );
TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
exit:
mbedtls_x509write_csr_free( &req );
mbedtls_pk_free( &key );
USE_PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
void x509_csr_check_opaque( char *key_file, int md_type, int key_usage,
int cert_type )
{
mbedtls_pk_context key;
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
psa_algorithm_t md_alg_psa, alg_psa;
mbedtls_x509write_csr req;
unsigned char buf[4096];
int ret;
size_t pem_len = 0;
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
mbedtls_test_rnd_pseudo_info rnd_info;
PSA_INIT( );
memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
md_alg_psa = mbedtls_hash_info_psa_from_md( (mbedtls_md_type_t) md_type );
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
2018-11-20 08:53:17 +01:00
mbedtls_pk_init( &key );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &key, key_file, NULL,
mbedtls_test_rnd_std_rand, NULL ) == 0 );
if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_ECKEY )
alg_psa = PSA_ALG_ECDSA( md_alg_psa );
else if( mbedtls_pk_get_type( &key ) == MBEDTLS_PK_RSA )
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN( md_alg_psa );
else
TEST_ASSUME( ! "PK key type not supported in this configuration" );
TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &key, &key_id, alg_psa,
PSA_KEY_USAGE_SIGN_HASH,
PSA_ALG_NONE ) == 0 );
mbedtls_x509write_csr_init( &req );
mbedtls_x509write_csr_set_md_alg( &req, md_type );
mbedtls_x509write_csr_set_key( &req, &key );
TEST_ASSERT( mbedtls_x509write_csr_set_subject_name( &req, subject_name ) == 0 );
if( key_usage != 0 )
TEST_ASSERT( mbedtls_x509write_csr_set_key_usage( &req, key_usage ) == 0 );
if( cert_type != 0 )
TEST_ASSERT( mbedtls_x509write_csr_set_ns_cert_type( &req, cert_type ) == 0 );
ret = mbedtls_x509write_csr_pem( &req, buf, sizeof( buf ) - 1,
mbedtls_test_rnd_pseudo_rand, &rnd_info );
TEST_ASSERT( ret == 0 );
pem_len = strlen( (char *) buf );
buf[pem_len] = '\0';
TEST_ASSERT( x509_crt_verifycsr( buf, pem_len + 1 ) == 0 );
exit:
mbedtls_x509write_csr_free( &req );
mbedtls_pk_free( &key );
psa_destroy_key( key_id );
PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_HAS_ALG_SHA_1_VIA_MD_OR_PSA_BASED_ON_USE_PSA */
void x509_crt_check( char *subject_key_file, char *subject_pwd,
char *subject_name, char *issuer_key_file,
char *issuer_pwd, char *issuer_name,
char *serial_str, char *not_before, char *not_after,
int md_type, int key_usage, int set_key_usage,
char *ext_key_usage,
int cert_type, int set_cert_type, int auth_ident,
int ver, char *cert_check_file, int pk_wrap, int is_ca,
char *cert_verify_file )
{
mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
mbedtls_pk_context *key = &issuer_key;
mbedtls_x509write_cert crt;
unsigned char buf[4096];
unsigned char check_buf[5000];
unsigned char *p, *end;
unsigned char tag, sz;
mbedtls_mpi serial;
int ret, before_tag, after_tag;
size_t olen = 0, pem_len = 0, buf_index = 0;
int der_len = -1;
FILE *f;
mbedtls_test_rnd_pseudo_info rnd_info;
#if defined(MBEDTLS_USE_PSA_CRYPTO)
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
#endif
mbedtls_pk_type_t issuer_key_type;
memset( &rnd_info, 0x2a, sizeof( mbedtls_test_rnd_pseudo_info ) );
mbedtls_mpi_init( &serial );
USE_PSA_INIT( );
mbedtls_pk_init( &subject_key );
mbedtls_pk_init( &issuer_key );
mbedtls_pk_init( &issuer_key_alt );
mbedtls_x509write_crt_init( &crt );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file,
subject_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 );
TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file,
issuer_pwd, mbedtls_test_rnd_std_rand, NULL ) == 0 );
issuer_key_type = mbedtls_pk_get_type( &issuer_key );
#if defined(MBEDTLS_RSA_C)
/* For RSA PK contexts, create a copy as an alternative RSA context. */
if( pk_wrap == 1 && issuer_key_type == MBEDTLS_PK_RSA )
{
TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt,
mbedtls_pk_rsa( issuer_key ),
mbedtls_rsa_decrypt_func,
mbedtls_rsa_sign_func,
mbedtls_rsa_key_len_func ) == 0 );
key = &issuer_key_alt;
}
#endif
#if defined(MBEDTLS_USE_PSA_CRYPTO)
/* For Opaque PK contexts, wrap key as an Opaque RSA context. */
if( pk_wrap == 2 )
{
psa_algorithm_t alg_psa, md_alg_psa;
md_alg_psa = mbedtls_hash_info_psa_from_md( (mbedtls_md_type_t) md_type );
TEST_ASSERT( md_alg_psa != MBEDTLS_MD_NONE );
if( mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_ECKEY )
alg_psa = PSA_ALG_ECDSA( md_alg_psa );
else if( mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA )
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN( md_alg_psa );
else
TEST_ASSUME( ! "PK key type not supported in this configuration" );
TEST_ASSERT( mbedtls_pk_wrap_as_opaque( &issuer_key, &key_id, alg_psa,
PSA_KEY_USAGE_SIGN_HASH,
PSA_ALG_NONE ) == 0 );
}
#endif /* MBEDTLS_USE_PSA_CRYPTO */
if( pk_wrap == 2 )
TEST_ASSERT( mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_OPAQUE );
TEST_ASSERT( mbedtls_test_read_mpi( &serial, serial_str ) == 0 );
if( ver != -1 )
mbedtls_x509write_crt_set_version( &crt, ver );
TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 );
TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before,
2017-09-13 16:39:59 +02:00
not_after ) == 0 );
mbedtls_x509write_crt_set_md_alg( &crt, md_type );
TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
mbedtls_x509write_crt_set_subject_key( &crt, &subject_key );
mbedtls_x509write_crt_set_issuer_key( &crt, key );
if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 )
{
/* For the CA case, a path length of -1 means unlimited. */
TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, is_ca,
(is_ca ? -1 : 0) ) == 0 );
TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
if( auth_ident )
TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
if( set_key_usage != 0 )
TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
if( set_cert_type != 0 )
TEST_ASSERT( mbedtls_x509write_crt_set_ns_cert_type( &crt, cert_type ) == 0 );
if( strcmp( ext_key_usage, "NULL" ) != 0 )
{
mbedtls_asn1_sequence exts[2];
memset( exts, 0, sizeof(exts) );
#define SET_OID(x, oid) \
do { \
x.len = MBEDTLS_OID_SIZE(oid); \
x.p = (unsigned char*)oid; \
x.tag = MBEDTLS_ASN1_OID; \
} while( 0 )
if( strcmp( ext_key_usage, "serverAuth" ) == 0 )
{
SET_OID( exts[0].buf, MBEDTLS_OID_SERVER_AUTH );
}
else if( strcmp( ext_key_usage, "codeSigning,timeStamping" ) == 0 )
{
SET_OID( exts[0].buf, MBEDTLS_OID_CODE_SIGNING );
exts[0].next = &exts[1];
SET_OID( exts[1].buf, MBEDTLS_OID_TIME_STAMPING );
}
TEST_ASSERT( mbedtls_x509write_crt_set_ext_key_usage( &crt, exts ) == 0 );
}
}
2017-09-13 16:39:59 +02:00
ret = mbedtls_x509write_crt_pem( &crt, buf, sizeof( buf ),
mbedtls_test_rnd_pseudo_rand, &rnd_info );
2013-09-15 20:03:26 +02:00
TEST_ASSERT( ret == 0 );
2013-09-15 20:03:26 +02:00
pem_len = strlen( (char *) buf );
// check that the rest of the buffer remains clear
for( buf_index = pem_len; buf_index < sizeof( buf ); ++buf_index )
{
TEST_ASSERT( buf[buf_index] == 0 );
}
if( issuer_key_type != MBEDTLS_PK_RSA )
{
mbedtls_x509_crt crt_parse, trusted;
uint32_t flags;
mbedtls_x509_crt_init( &crt_parse );
mbedtls_x509_crt_init( &trusted );
TEST_ASSERT( mbedtls_x509_crt_parse_file( &trusted,
cert_verify_file ) == 0 );
TEST_ASSERT( mbedtls_x509_crt_parse( &crt_parse,
buf, sizeof( buf ) ) == 0 );
ret = mbedtls_x509_crt_verify( &crt_parse, &trusted, NULL, NULL, &flags,
NULL, NULL );
mbedtls_x509_crt_free( &crt_parse );
mbedtls_x509_crt_free( &trusted );
TEST_EQUAL( flags, 0 );
TEST_EQUAL( ret, 0 );
}
else if( *cert_check_file != '\0' )
{
f = fopen( cert_check_file, "r" );
TEST_ASSERT( f != NULL );
olen = fread( check_buf, 1, sizeof( check_buf ), f );
fclose( f );
TEST_ASSERT( olen < sizeof( check_buf ) );
TEST_EQUAL( olen, pem_len );
TEST_ASSERT( olen >= pem_len - 1 );
TEST_ASSERT( memcmp( buf, check_buf, pem_len - 1 ) == 0 );
}
der_len = mbedtls_x509write_crt_der( &crt, buf, sizeof( buf ),
mbedtls_test_rnd_pseudo_rand,
&rnd_info );
TEST_ASSERT( der_len >= 0 );
if( der_len == 0 )
goto exit;
// Not testing against file, check date format
if( *cert_check_file == '\0' )
{
// UTC tag if before 2050, 2 digits less for year
if( not_before[0] == '2' && ( not_before[1] > '0' || not_before[2] > '4' ) )
{
before_tag = MBEDTLS_ASN1_GENERALIZED_TIME;
}
else
{
before_tag = MBEDTLS_ASN1_UTC_TIME;
not_before += 2;
}
if( not_after[0] == '2' && ( not_after[1] > '0' || not_after[2] > '4' ) )
{
after_tag = MBEDTLS_ASN1_GENERALIZED_TIME;
}
else
{
after_tag = MBEDTLS_ASN1_UTC_TIME;
not_after += 2;
}
end = buf + sizeof( buf );
for( p = end - der_len ; p < end ; )
{
tag = *p++;
sz = *p++;
if( tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME )
{
// Check correct tag and time written
TEST_ASSERT( before_tag == tag );
TEST_ASSERT( memcmp( p, not_before, sz - 1 ) == 0 );
p += sz;
tag = *p++;
sz = *p++;
TEST_ASSERT( after_tag == tag );
TEST_ASSERT( memcmp( p, not_after, sz - 1 ) == 0 );
break;
}
// Increment if long form ASN1 length
if( sz & 0x80 )
p += sz & 0x0F;
if( tag != ( MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) )
p += sz;
}
TEST_ASSERT( p < end );
}
#if defined(MBEDTLS_USE_PSA_CRYPTO)
// When using PSA crypto, RNG isn't controllable, result length isn't
// deterministic over multiple runs, removing a single byte isn't enough to
// go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case
if( issuer_key_type != MBEDTLS_PK_RSA )
der_len /= 2;
else
#endif
der_len -= 1;
ret = mbedtls_x509write_crt_der( &crt, buf, (size_t)( der_len ),
mbedtls_test_rnd_pseudo_rand, &rnd_info );
TEST_ASSERT( ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL );
exit:
mbedtls_x509write_crt_free( &crt );
mbedtls_pk_free( &issuer_key_alt );
mbedtls_pk_free( &subject_key );
mbedtls_pk_free( &issuer_key );
mbedtls_mpi_free( &serial );
#if defined(MBEDTLS_USE_PSA_CRYPTO)
psa_destroy_key( key_id );
#endif
USE_PSA_DONE( );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */
2017-05-30 15:23:15 +02:00
void mbedtls_x509_string_to_names( char * name, char * parsed_name, int result
)
{
int ret;
size_t len = 0;
mbedtls_asn1_named_data *names = NULL;
mbedtls_x509_name parsed, *parsed_cur, *parsed_prv;
unsigned char buf[1024], out[1024], *c;
memset( &parsed, 0, sizeof( parsed ) );
memset( out, 0, sizeof( out ) );
memset( buf, 0, sizeof( buf ) );
c = buf + sizeof( buf );
ret = mbedtls_x509_string_to_names( &names, name );
TEST_ASSERT( ret == result );
if( ret != 0 )
goto exit;
ret = mbedtls_x509_write_names( &c, buf, names );
TEST_ASSERT( ret > 0 );
TEST_ASSERT( mbedtls_asn1_get_tag( &c, buf + sizeof( buf ), &len,
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) == 0 );
TEST_ASSERT( mbedtls_x509_get_name( &c, buf + sizeof( buf ), &parsed ) == 0 );
ret = mbedtls_x509_dn_gets( (char *) out, sizeof( out ), &parsed );
TEST_ASSERT( ret > 0 );
TEST_ASSERT( strcmp( (char *) out, parsed_name ) == 0 );
exit:
mbedtls_asn1_free_named_data_list( &names );
parsed_cur = parsed.next;
while( parsed_cur != 0 )
{
parsed_prv = parsed_cur;
parsed_cur = parsed_cur->next;
mbedtls_free( parsed_prv );
}
}
/* END_CASE */