f2574206e5
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
752 lines
28 KiB
C
752 lines
28 KiB
C
/* BEGIN_HEADER */
|
|
#include "mbedtls/bignum.h"
|
|
#include "mbedtls/x509_crt.h"
|
|
#include "mbedtls/x509_csr.h"
|
|
#include "mbedtls/pem.h"
|
|
#include "mbedtls/oid.h"
|
|
#include "mbedtls/rsa.h"
|
|
#include "mbedtls/asn1write.h"
|
|
#include "mbedtls/pk.h"
|
|
#include "md_psa.h"
|
|
|
|
#if defined(MBEDTLS_RSA_C)
|
|
int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen,
|
|
const unsigned char *input, unsigned char *output,
|
|
size_t output_max_len)
|
|
{
|
|
return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL,
|
|
olen, input, output, output_max_len);
|
|
}
|
|
int mbedtls_rsa_sign_func(void *ctx,
|
|
int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
|
|
mbedtls_md_type_t md_alg, unsigned int hashlen,
|
|
const unsigned char *hash, unsigned char *sig)
|
|
{
|
|
return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng,
|
|
md_alg, hashlen, hash, sig);
|
|
}
|
|
size_t mbedtls_rsa_key_len_func(void *ctx)
|
|
{
|
|
return ((const mbedtls_rsa_context *) ctx)->len;
|
|
}
|
|
#endif /* MBEDTLS_RSA_C */
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO) && \
|
|
defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C)
|
|
static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen)
|
|
{
|
|
unsigned char hash[PSA_HASH_MAX_SIZE];
|
|
mbedtls_x509_csr csr;
|
|
int ret = 0;
|
|
|
|
mbedtls_x509_csr_init(&csr);
|
|
|
|
if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) {
|
|
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
|
goto cleanup;
|
|
}
|
|
|
|
psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type(csr.sig_md);
|
|
size_t hash_size = 0;
|
|
psa_status_t status = psa_hash_compute(psa_alg, csr.cri.p, csr.cri.len,
|
|
hash, PSA_HASH_MAX_SIZE, &hash_size);
|
|
|
|
if (status != PSA_SUCCESS) {
|
|
/* Note: this can't happen except after an internal error */
|
|
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
|
goto cleanup;
|
|
}
|
|
|
|
if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk,
|
|
csr.sig_md, hash, mbedtls_md_get_size_from_type(csr.sig_md),
|
|
csr.sig.p, csr.sig.len) != 0) {
|
|
ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;
|
|
goto cleanup;
|
|
}
|
|
|
|
cleanup:
|
|
|
|
mbedtls_x509_csr_free(&csr);
|
|
return ret;
|
|
}
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */
|
|
|
|
#if defined(MBEDTLS_X509_CSR_WRITE_C)
|
|
|
|
/*
|
|
* The size of this temporary buffer is given by the sequence of functions
|
|
* called hereinafter:
|
|
* - mbedtls_asn1_write_oid()
|
|
* - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value
|
|
* - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length
|
|
* - 1 byte for MBEDTLS_ASN1_OID tag
|
|
* - mbedtls_asn1_write_len()
|
|
* - 1 byte since we're dealing with sizes which are less than 0x80
|
|
* - mbedtls_asn1_write_tag()
|
|
* - 1 byte
|
|
*
|
|
* This length is fine as long as this function is called using the
|
|
* MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this
|
|
* buffer's length should be adjusted accordingly.
|
|
* Unfortunately there's no predefined max size for OIDs which can be used
|
|
* to set an overall upper boundary which is always guaranteed.
|
|
*/
|
|
#define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH 12
|
|
|
|
static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx,
|
|
const char *oid, size_t oid_len)
|
|
{
|
|
unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 };
|
|
unsigned char *p = buf + sizeof(buf);
|
|
int ret;
|
|
size_t len = 0;
|
|
|
|
/*
|
|
* Following functions fail anyway if the temporary buffer is not large,
|
|
* but we set an extra check here to emphasize a possible source of errors
|
|
*/
|
|
if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) {
|
|
return MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
|
}
|
|
|
|
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len));
|
|
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret));
|
|
MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf,
|
|
MBEDTLS_ASN1_CONSTRUCTED |
|
|
MBEDTLS_ASN1_SEQUENCE));
|
|
|
|
ret = mbedtls_x509write_csr_set_extension(ctx,
|
|
MBEDTLS_OID_EXTENDED_KEY_USAGE,
|
|
MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE),
|
|
0,
|
|
p,
|
|
len);
|
|
|
|
return ret;
|
|
}
|
|
#endif /* MBEDTLS_X509_CSR_WRITE_C */
|
|
|
|
/* Due to inconsistencies in the input size limits applied by different
|
|
* library functions, some write-parse tests may fail. */
|
|
#define MAY_FAIL_GET_NAME 0x0001
|
|
#define MAY_FAIL_DN_GETS 0x0002
|
|
|
|
/* END_HEADER */
|
|
|
|
/* BEGIN_DEPENDENCIES
|
|
* depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C
|
|
* END_DEPENDENCIES
|
|
*/
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */
|
|
void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type,
|
|
int key_usage, int set_key_usage, int cert_type,
|
|
int set_cert_type, int set_extension)
|
|
{
|
|
mbedtls_pk_context key;
|
|
mbedtls_x509write_csr req;
|
|
unsigned char buf[4096];
|
|
int ret;
|
|
#if !defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
unsigned char check_buf[4000];
|
|
FILE *f;
|
|
size_t olen = 0;
|
|
#endif /* !MBEDTLS_USE_PSA_CRYPTO */
|
|
size_t pem_len = 0, buf_index;
|
|
int der_len = -1;
|
|
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
|
|
mbedtls_test_rnd_pseudo_info rnd_info;
|
|
mbedtls_x509_san_list san_ip;
|
|
mbedtls_x509_san_list san_dns;
|
|
mbedtls_x509_san_list san_uri;
|
|
mbedtls_x509_san_list san_mail;
|
|
mbedtls_x509_san_list san_dn;
|
|
mbedtls_x509_san_list *san_list = NULL;
|
|
mbedtls_asn1_named_data *ext_san_dirname = NULL;
|
|
|
|
const char san_ip_name[] = { 0x7f, 0x00, 0x00, 0x01 }; // 127.0.0.1
|
|
const char *san_dns_name = "example.com";
|
|
const char *san_dn_name = "C=UK,O=Mbed TLS,CN=Mbed TLS directoryName SAN";
|
|
const char *san_mail_name = "mail@example.com";
|
|
const char *san_uri_name = "http://pki.example.com";
|
|
|
|
san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME;
|
|
san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name;
|
|
san_mail.node.san.unstructured_name.len = strlen(san_mail_name);
|
|
san_mail.next = NULL;
|
|
|
|
san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME;
|
|
san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name;
|
|
san_dns.node.san.unstructured_name.len = strlen(san_dns_name);
|
|
san_dns.next = &san_mail;
|
|
|
|
san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME;
|
|
TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname,
|
|
san_dn_name) == 0);
|
|
san_dn.node.san.directory_name = *ext_san_dirname;
|
|
san_dn.next = &san_dns;
|
|
|
|
san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
|
|
san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name;
|
|
san_ip.node.san.unstructured_name.len = sizeof(san_ip_name);
|
|
san_ip.next = &san_dn;
|
|
|
|
san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER;
|
|
san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name;
|
|
san_uri.node.san.unstructured_name.len = strlen(san_uri_name);
|
|
san_uri.next = &san_ip;
|
|
|
|
san_list = &san_uri;
|
|
|
|
memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
|
|
|
|
mbedtls_x509write_csr_init(&req);
|
|
mbedtls_pk_init(&key);
|
|
MD_OR_USE_PSA_INIT();
|
|
|
|
TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL,
|
|
mbedtls_test_rnd_std_rand, NULL) == 0);
|
|
|
|
mbedtls_x509write_csr_set_md_alg(&req, md_type);
|
|
mbedtls_x509write_csr_set_key(&req, &key);
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0);
|
|
if (set_key_usage != 0) {
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0);
|
|
}
|
|
if (set_cert_type != 0) {
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0);
|
|
}
|
|
if (set_extension != 0) {
|
|
TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH,
|
|
MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0);
|
|
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_subject_alternative_name(&req, san_list) == 0);
|
|
}
|
|
|
|
ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf),
|
|
mbedtls_test_rnd_pseudo_rand, &rnd_info);
|
|
TEST_ASSERT(ret == 0);
|
|
|
|
pem_len = strlen((char *) buf);
|
|
|
|
for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) {
|
|
TEST_ASSERT(buf[buf_index] == 0);
|
|
}
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
// When using PSA crypto, RNG isn't controllable, so cert_req_check_file can't be used
|
|
(void) cert_req_check_file;
|
|
buf[pem_len] = '\0';
|
|
TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0);
|
|
#else
|
|
f = fopen(cert_req_check_file, "r");
|
|
TEST_ASSERT(f != NULL);
|
|
olen = fread(check_buf, 1, sizeof(check_buf), f);
|
|
fclose(f);
|
|
|
|
TEST_ASSERT(olen >= pem_len - 1);
|
|
TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
|
|
der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf),
|
|
mbedtls_test_rnd_pseudo_rand,
|
|
&rnd_info);
|
|
TEST_ASSERT(der_len >= 0);
|
|
|
|
if (der_len == 0) {
|
|
goto exit;
|
|
}
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
// When using PSA crypto, RNG isn't controllable, result length isn't
|
|
// deterministic over multiple runs, removing a single byte isn't enough to
|
|
// go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case
|
|
der_len /= 2;
|
|
#else
|
|
der_len -= 1;
|
|
#endif
|
|
ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len),
|
|
mbedtls_test_rnd_pseudo_rand, &rnd_info);
|
|
TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
|
|
|
|
exit:
|
|
mbedtls_asn1_free_named_data_list(&ext_san_dirname);
|
|
mbedtls_x509write_csr_free(&req);
|
|
mbedtls_pk_free(&key);
|
|
MD_OR_USE_PSA_DONE();
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */
|
|
void x509_csr_check_opaque(char *key_file, int md_type, int key_usage,
|
|
int cert_type)
|
|
{
|
|
mbedtls_pk_context key;
|
|
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
|
|
psa_algorithm_t md_alg_psa, alg_psa;
|
|
mbedtls_x509write_csr req;
|
|
unsigned char buf[4096];
|
|
int ret;
|
|
size_t pem_len = 0;
|
|
const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";
|
|
mbedtls_test_rnd_pseudo_info rnd_info;
|
|
|
|
mbedtls_x509write_csr_init(&req);
|
|
MD_OR_USE_PSA_INIT();
|
|
|
|
memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
|
|
|
|
md_alg_psa = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) md_type);
|
|
TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE);
|
|
|
|
mbedtls_pk_init(&key);
|
|
TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL,
|
|
mbedtls_test_rnd_std_rand, NULL) == 0);
|
|
|
|
if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_ECKEY) {
|
|
alg_psa = PSA_ALG_ECDSA(md_alg_psa);
|
|
} else if (mbedtls_pk_get_type(&key) == MBEDTLS_PK_RSA) {
|
|
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(md_alg_psa);
|
|
} else {
|
|
TEST_ASSUME(!"PK key type not supported in this configuration");
|
|
}
|
|
|
|
TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&key, &key_id, alg_psa,
|
|
PSA_KEY_USAGE_SIGN_HASH,
|
|
PSA_ALG_NONE) == 0);
|
|
|
|
mbedtls_x509write_csr_set_md_alg(&req, md_type);
|
|
mbedtls_x509write_csr_set_key(&req, &key);
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0);
|
|
if (key_usage != 0) {
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0);
|
|
}
|
|
if (cert_type != 0) {
|
|
TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0);
|
|
}
|
|
|
|
ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1,
|
|
mbedtls_test_rnd_pseudo_rand, &rnd_info);
|
|
|
|
TEST_ASSERT(ret == 0);
|
|
|
|
pem_len = strlen((char *) buf);
|
|
buf[pem_len] = '\0';
|
|
TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0);
|
|
|
|
|
|
exit:
|
|
mbedtls_x509write_csr_free(&req);
|
|
mbedtls_pk_free(&key);
|
|
psa_destroy_key(key_id);
|
|
MD_OR_USE_PSA_DONE();
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_MD_CAN_SHA1 */
|
|
void x509_crt_check(char *subject_key_file, char *subject_pwd,
|
|
char *subject_name, char *issuer_key_file,
|
|
char *issuer_pwd, char *issuer_name,
|
|
data_t *serial_arg, char *not_before, char *not_after,
|
|
int md_type, int key_usage, int set_key_usage,
|
|
char *ext_key_usage,
|
|
int cert_type, int set_cert_type, int auth_ident,
|
|
int ver, char *cert_check_file, int pk_wrap, int is_ca,
|
|
char *cert_verify_file, int set_subjectAltNames)
|
|
{
|
|
mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
|
|
mbedtls_pk_context *key = &issuer_key;
|
|
|
|
mbedtls_x509write_cert crt;
|
|
unsigned char buf[4096];
|
|
unsigned char check_buf[5000];
|
|
unsigned char *p, *end;
|
|
unsigned char tag, sz;
|
|
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
|
mbedtls_mpi serial_mpi;
|
|
#endif
|
|
int ret, before_tag, after_tag;
|
|
size_t olen = 0, pem_len = 0, buf_index = 0;
|
|
int der_len = -1;
|
|
FILE *f;
|
|
mbedtls_test_rnd_pseudo_info rnd_info;
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT;
|
|
#endif
|
|
mbedtls_pk_type_t issuer_key_type;
|
|
mbedtls_x509_san_list san_ip;
|
|
mbedtls_x509_san_list san_dns;
|
|
mbedtls_x509_san_list san_uri;
|
|
mbedtls_x509_san_list san_mail;
|
|
mbedtls_x509_san_list san_dn;
|
|
mbedtls_asn1_named_data *ext_san_dirname = NULL;
|
|
const char san_ip_name[] = { 0x01, 0x02, 0x03, 0x04 };
|
|
const char *san_dns_name = "example.com";
|
|
const char *san_dn_name = "C=UK,O=Mbed TLS,CN=SubjectAltName test";
|
|
const char *san_mail_name = "mail@example.com";
|
|
const char *san_uri_name = "http://pki.example.com";
|
|
mbedtls_x509_san_list *san_list = NULL;
|
|
|
|
if (set_subjectAltNames) {
|
|
san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME;
|
|
san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name;
|
|
san_mail.node.san.unstructured_name.len = strlen(san_mail_name);
|
|
san_mail.next = NULL;
|
|
|
|
san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME;
|
|
san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name;
|
|
san_dns.node.san.unstructured_name.len = strlen(san_dns_name);
|
|
san_dns.next = &san_mail;
|
|
|
|
san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME;
|
|
TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname,
|
|
san_dn_name) == 0);
|
|
san_dn.node.san.directory_name = *ext_san_dirname;
|
|
san_dn.next = &san_dns;
|
|
|
|
san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS;
|
|
san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name;
|
|
san_ip.node.san.unstructured_name.len = sizeof(san_ip_name);
|
|
san_ip.next = &san_dn;
|
|
|
|
san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER;
|
|
san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name;
|
|
san_uri.node.san.unstructured_name.len = strlen(san_uri_name);
|
|
san_uri.next = &san_ip;
|
|
|
|
san_list = &san_uri;
|
|
}
|
|
|
|
memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info));
|
|
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
|
mbedtls_mpi_init(&serial_mpi);
|
|
#endif
|
|
|
|
mbedtls_pk_init(&subject_key);
|
|
mbedtls_pk_init(&issuer_key);
|
|
mbedtls_pk_init(&issuer_key_alt);
|
|
mbedtls_x509write_crt_init(&crt);
|
|
MD_OR_USE_PSA_INIT();
|
|
|
|
TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file,
|
|
subject_pwd, mbedtls_test_rnd_std_rand, NULL) == 0);
|
|
|
|
TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file,
|
|
issuer_pwd, mbedtls_test_rnd_std_rand, NULL) == 0);
|
|
|
|
issuer_key_type = mbedtls_pk_get_type(&issuer_key);
|
|
|
|
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
|
|
/* For RSA PK contexts, create a copy as an alternative RSA context. */
|
|
if (pk_wrap == 1 && issuer_key_type == MBEDTLS_PK_RSA) {
|
|
TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt,
|
|
mbedtls_pk_rsa(issuer_key),
|
|
mbedtls_rsa_decrypt_func,
|
|
mbedtls_rsa_sign_func,
|
|
mbedtls_rsa_key_len_func) == 0);
|
|
|
|
key = &issuer_key_alt;
|
|
}
|
|
#endif
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
/* For Opaque PK contexts, wrap key as an Opaque RSA context. */
|
|
if (pk_wrap == 2) {
|
|
psa_algorithm_t alg_psa, md_alg_psa;
|
|
|
|
md_alg_psa = mbedtls_md_psa_alg_from_type((mbedtls_md_type_t) md_type);
|
|
TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE);
|
|
|
|
if (mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_ECKEY) {
|
|
alg_psa = PSA_ALG_ECDSA(md_alg_psa);
|
|
} else if (mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_RSA) {
|
|
alg_psa = PSA_ALG_RSA_PKCS1V15_SIGN(md_alg_psa);
|
|
} else {
|
|
TEST_ASSUME(!"PK key type not supported in this configuration");
|
|
}
|
|
|
|
TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&issuer_key, &key_id, alg_psa,
|
|
PSA_KEY_USAGE_SIGN_HASH,
|
|
PSA_ALG_NONE) == 0);
|
|
}
|
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
|
|
|
if (pk_wrap == 2) {
|
|
TEST_ASSERT(mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_OPAQUE);
|
|
}
|
|
|
|
if (ver != -1) {
|
|
mbedtls_x509write_crt_set_version(&crt, ver);
|
|
}
|
|
|
|
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
|
TEST_ASSERT(mbedtls_mpi_read_binary(&serial_mpi, serial_arg->x,
|
|
serial_arg->len) == 0);
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial_mpi) == 0);
|
|
#else
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_serial_raw(&crt, serial_arg->x,
|
|
serial_arg->len) == 0);
|
|
#endif
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before,
|
|
not_after) == 0);
|
|
mbedtls_x509write_crt_set_md_alg(&crt, md_type);
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0);
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0);
|
|
mbedtls_x509write_crt_set_subject_key(&crt, &subject_key);
|
|
|
|
mbedtls_x509write_crt_set_issuer_key(&crt, key);
|
|
|
|
if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) {
|
|
/* For the CA case, a path length of -1 means unlimited. */
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca,
|
|
(is_ca ? -1 : 0)) == 0);
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0);
|
|
if (auth_ident) {
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0);
|
|
}
|
|
if (set_key_usage != 0) {
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0);
|
|
}
|
|
if (set_cert_type != 0) {
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0);
|
|
}
|
|
if (strcmp(ext_key_usage, "NULL") != 0) {
|
|
mbedtls_asn1_sequence exts[2];
|
|
memset(exts, 0, sizeof(exts));
|
|
|
|
#define SET_OID(x, oid) \
|
|
do { \
|
|
x.len = MBEDTLS_OID_SIZE(oid); \
|
|
x.p = (unsigned char *) oid; \
|
|
x.tag = MBEDTLS_ASN1_OID; \
|
|
} \
|
|
while (0)
|
|
|
|
if (strcmp(ext_key_usage, "serverAuth") == 0) {
|
|
SET_OID(exts[0].buf, MBEDTLS_OID_SERVER_AUTH);
|
|
} else if (strcmp(ext_key_usage, "codeSigning,timeStamping") == 0) {
|
|
SET_OID(exts[0].buf, MBEDTLS_OID_CODE_SIGNING);
|
|
exts[0].next = &exts[1];
|
|
SET_OID(exts[1].buf, MBEDTLS_OID_TIME_STAMPING);
|
|
}
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_ext_key_usage(&crt, exts) == 0);
|
|
}
|
|
}
|
|
|
|
if (set_subjectAltNames) {
|
|
TEST_ASSERT(mbedtls_x509write_crt_set_subject_alternative_name(&crt, san_list) == 0);
|
|
}
|
|
ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf),
|
|
mbedtls_test_rnd_pseudo_rand, &rnd_info);
|
|
TEST_ASSERT(ret == 0);
|
|
|
|
pem_len = strlen((char *) buf);
|
|
|
|
// check that the rest of the buffer remains clear
|
|
for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) {
|
|
TEST_ASSERT(buf[buf_index] == 0);
|
|
}
|
|
|
|
if (issuer_key_type != MBEDTLS_PK_RSA) {
|
|
mbedtls_x509_crt crt_parse, trusted;
|
|
uint32_t flags;
|
|
|
|
mbedtls_x509_crt_init(&crt_parse);
|
|
mbedtls_x509_crt_init(&trusted);
|
|
|
|
TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted,
|
|
cert_verify_file) == 0);
|
|
TEST_ASSERT(mbedtls_x509_crt_parse(&crt_parse,
|
|
buf, sizeof(buf)) == 0);
|
|
|
|
ret = mbedtls_x509_crt_verify(&crt_parse, &trusted, NULL, NULL, &flags,
|
|
NULL, NULL);
|
|
|
|
mbedtls_x509_crt_free(&crt_parse);
|
|
mbedtls_x509_crt_free(&trusted);
|
|
|
|
TEST_EQUAL(flags, 0);
|
|
TEST_EQUAL(ret, 0);
|
|
} else if (*cert_check_file != '\0') {
|
|
f = fopen(cert_check_file, "r");
|
|
TEST_ASSERT(f != NULL);
|
|
olen = fread(check_buf, 1, sizeof(check_buf), f);
|
|
fclose(f);
|
|
TEST_ASSERT(olen < sizeof(check_buf));
|
|
|
|
TEST_EQUAL(olen, pem_len);
|
|
TEST_ASSERT(olen >= pem_len - 1);
|
|
TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0);
|
|
}
|
|
|
|
der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf),
|
|
mbedtls_test_rnd_pseudo_rand,
|
|
&rnd_info);
|
|
TEST_ASSERT(der_len >= 0);
|
|
|
|
if (der_len == 0) {
|
|
goto exit;
|
|
}
|
|
|
|
// Not testing against file, check date format
|
|
if (*cert_check_file == '\0') {
|
|
// UTC tag if before 2050, 2 digits less for year
|
|
if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) {
|
|
before_tag = MBEDTLS_ASN1_GENERALIZED_TIME;
|
|
} else {
|
|
before_tag = MBEDTLS_ASN1_UTC_TIME;
|
|
not_before += 2;
|
|
}
|
|
if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) {
|
|
after_tag = MBEDTLS_ASN1_GENERALIZED_TIME;
|
|
} else {
|
|
after_tag = MBEDTLS_ASN1_UTC_TIME;
|
|
not_after += 2;
|
|
}
|
|
end = buf + sizeof(buf);
|
|
for (p = end - der_len; p < end;) {
|
|
tag = *p++;
|
|
sz = *p++;
|
|
if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) {
|
|
// Check correct tag and time written
|
|
TEST_ASSERT(before_tag == tag);
|
|
TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0);
|
|
p += sz;
|
|
tag = *p++;
|
|
sz = *p++;
|
|
TEST_ASSERT(after_tag == tag);
|
|
TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0);
|
|
break;
|
|
}
|
|
// Increment if long form ASN1 length
|
|
if (sz & 0x80) {
|
|
p += sz & 0x0F;
|
|
}
|
|
if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) {
|
|
p += sz;
|
|
}
|
|
}
|
|
TEST_ASSERT(p < end);
|
|
}
|
|
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
// When using PSA crypto, RNG isn't controllable, result length isn't
|
|
// deterministic over multiple runs, removing a single byte isn't enough to
|
|
// go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case
|
|
if (issuer_key_type != MBEDTLS_PK_RSA) {
|
|
der_len /= 2;
|
|
} else
|
|
#endif
|
|
der_len -= 1;
|
|
|
|
ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len),
|
|
mbedtls_test_rnd_pseudo_rand, &rnd_info);
|
|
TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL);
|
|
|
|
exit:
|
|
mbedtls_asn1_free_named_data_list(&ext_san_dirname);
|
|
mbedtls_x509write_crt_free(&crt);
|
|
mbedtls_pk_free(&issuer_key_alt);
|
|
mbedtls_pk_free(&subject_key);
|
|
mbedtls_pk_free(&issuer_key);
|
|
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
|
mbedtls_mpi_free(&serial_mpi);
|
|
#endif
|
|
#if defined(MBEDTLS_USE_PSA_CRYPTO)
|
|
psa_destroy_key(key_id);
|
|
#endif
|
|
MD_OR_USE_PSA_DONE();
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */
|
|
void x509_set_serial_check()
|
|
{
|
|
mbedtls_x509write_cert ctx;
|
|
uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1];
|
|
|
|
USE_PSA_INIT();
|
|
memset(invalid_serial, 0x01, sizeof(invalid_serial));
|
|
|
|
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
|
mbedtls_mpi serial_mpi;
|
|
|
|
mbedtls_mpi_init(&serial_mpi);
|
|
TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial,
|
|
sizeof(invalid_serial)), 0);
|
|
TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi),
|
|
MBEDTLS_ERR_X509_BAD_INPUT_DATA);
|
|
#endif
|
|
|
|
TEST_EQUAL(mbedtls_x509write_crt_set_serial_raw(&ctx, invalid_serial,
|
|
sizeof(invalid_serial)),
|
|
MBEDTLS_ERR_X509_BAD_INPUT_DATA);
|
|
|
|
exit:
|
|
#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C)
|
|
mbedtls_mpi_free(&serial_mpi);
|
|
#else
|
|
;
|
|
#endif
|
|
USE_PSA_DONE();
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */
|
|
void mbedtls_x509_string_to_names(char *name, char *parsed_name,
|
|
int result, int may_fail)
|
|
{
|
|
int ret;
|
|
size_t len = 0;
|
|
mbedtls_asn1_named_data *names = NULL;
|
|
mbedtls_x509_name parsed;
|
|
memset(&parsed, 0, sizeof(parsed));
|
|
mbedtls_x509_name *parsed_cur = NULL;
|
|
mbedtls_x509_name *parsed_prv = NULL;
|
|
unsigned char buf[1024] = { 0 };
|
|
unsigned char out[1024] = { 0 };
|
|
unsigned char *c = buf + sizeof(buf);
|
|
|
|
USE_PSA_INIT();
|
|
|
|
ret = mbedtls_x509_string_to_names(&names, name);
|
|
TEST_EQUAL(ret, result);
|
|
|
|
if (ret != 0) {
|
|
goto exit;
|
|
}
|
|
|
|
ret = mbedtls_x509_write_names(&c, buf, names);
|
|
TEST_LE_S(1, ret);
|
|
|
|
TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len,
|
|
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0);
|
|
ret = mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed);
|
|
if ((may_fail & MAY_FAIL_GET_NAME) && ret < 0) {
|
|
/* Validation inconsistency between mbedtls_x509_string_to_names() and
|
|
* mbedtls_x509_get_name(). Accept it for now. */
|
|
goto exit;
|
|
}
|
|
TEST_EQUAL(ret, 0);
|
|
|
|
ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed);
|
|
if ((may_fail & MAY_FAIL_DN_GETS) && ret < 0) {
|
|
/* Validation inconsistency between mbedtls_x509_string_to_names() and
|
|
* mbedtls_x509_dn_gets(). Accept it for now. */
|
|
goto exit;
|
|
}
|
|
TEST_LE_S(1, ret);
|
|
TEST_ASSERT(strcmp((char *) out, parsed_name) == 0);
|
|
|
|
exit:
|
|
mbedtls_asn1_free_named_data_list(&names);
|
|
|
|
parsed_cur = parsed.next;
|
|
while (parsed_cur != 0) {
|
|
parsed_prv = parsed_cur;
|
|
parsed_cur = parsed_cur->next;
|
|
mbedtls_free(parsed_prv);
|
|
}
|
|
USE_PSA_DONE();
|
|
}
|
|
/* END_CASE */
|