mbedtls/tests/suites/test_suite_x509parse.function
Paul Bakker c70b982056 OID functionality moved to a separate module.
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).

As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.

All OID definitions have been moved to oid.h
All OID matching code is in the OID module.

The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.

The SSL layer cleanup up as a result and adapted to use the MD layer.

The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.

The X509 writer cleaned up and adapted to use the MD layer.

Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00

269 lines
5.5 KiB
Text

BEGIN_HEADER
#include <polarssl/x509.h>
#include <polarssl/pem.h>
#include <polarssl/oid.h>
int verify_none( void *data, x509_cert *crt, int certificate_depth, int *flags )
{
((void) data);
((void) crt);
((void) certificate_depth);
*flags |= BADCERT_OTHER;
return 0;
}
int verify_all( void *data, x509_cert *crt, int certificate_depth, int *flags )
{
((void) data);
((void) crt);
((void) certificate_depth);
*flags = 0;
return 0;
}
END_HEADER
BEGIN_DEPENDENCIES
depends_on:POLARSSL_X509_PARSE_C:POLARSSL_BIGNUM_C
END_DEPENDENCIES
BEGIN_CASE
x509_cert_info:crt_file:result_str
{
x509_cert crt;
char buf[2000];
int res;
memset( &crt, 0, sizeof( x509_cert ) );
memset( buf, 0, 2000 );
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
res = x509parse_cert_info( buf, 2000, "", &crt );
x509_free( &crt );
TEST_ASSERT( res != -1 );
TEST_ASSERT( res != -2 );
TEST_ASSERT( strcmp( buf, {result_str} ) == 0 );
}
END_CASE
BEGIN_CASE
x509_crl_info:crl_file:result_str
{
x509_crl crl;
char buf[2000];
int res;
memset( &crl, 0, sizeof( x509_crl ) );
memset( buf, 0, 2000 );
TEST_ASSERT( x509parse_crlfile( &crl, {crl_file} ) == 0 );
res = x509parse_crl_info( buf, 2000, "", &crl );
x509_crl_free( &crl );
TEST_ASSERT( res != -1 );
TEST_ASSERT( res != -2 );
TEST_ASSERT( strcmp( buf, {result_str} ) == 0 );
}
END_CASE
BEGIN_CASE
x509_verify:crt_file:ca_file:crl_file:cn_name:result:flags:verify_callback
{
x509_cert crt;
x509_cert ca;
x509_crl crl;
int flags = 0;
int res;
memset( &crt, 0, sizeof( x509_cert ) );
memset( &ca, 0, sizeof( x509_cert ) );
memset( &crl, 0, sizeof( x509_crl ) );
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
TEST_ASSERT( x509parse_crtfile( &ca, {ca_file} ) == 0 );
TEST_ASSERT( x509parse_crlfile( &crl, {crl_file} ) == 0 );
res = x509parse_verify( &crt, &ca, &crl, {cn_name}, &flags, {verify_callback}, NULL );
x509_free( &crt );
x509_free( &ca );
x509_crl_free( &crl );
TEST_ASSERT( res == ( {result} ) );
TEST_ASSERT( flags == ( {flags} ) );
}
END_CASE
BEGIN_CASE
x509_dn_gets:crt_file:entity:result_str
{
x509_cert crt;
char buf[2000];
int res;
memset( &crt, 0, sizeof( x509_cert ) );
memset( buf, 0, 2000 );
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
res = x509parse_dn_gets( buf, 2000, &crt.{entity} );
x509_free( &crt );
TEST_ASSERT( res != -1 );
TEST_ASSERT( res != -2 );
TEST_ASSERT( strcmp( buf, {result_str} ) == 0 );
}
END_CASE
BEGIN_CASE
x509_time_expired:crt_file:entity:result
{
x509_cert crt;
memset( &crt, 0, sizeof( x509_cert ) );
TEST_ASSERT( x509parse_crtfile( &crt, {crt_file} ) == 0 );
TEST_ASSERT( x509parse_time_expired( &crt.{entity} ) == {result} );
x509_free( &crt );
}
END_CASE
BEGIN_CASE
x509parse_keyfile:key_file:password:result
{
rsa_context rsa;
int res;
memset( &rsa, 0, sizeof( rsa_context ) );
res = x509parse_keyfile( &rsa, {key_file}, {password} );
TEST_ASSERT( res == {result} );
if( res == 0 )
{
TEST_ASSERT( rsa_check_privkey( &rsa ) == 0 );
}
rsa_free( &rsa );
}
END_CASE
BEGIN_CASE
x509parse_public_keyfile:key_file:result
{
rsa_context rsa;
int res;
memset( &rsa, 0, sizeof( rsa_context ) );
res = x509parse_public_keyfile( &rsa, {key_file} );
TEST_ASSERT( res == {result} );
if( res == 0 )
{
TEST_ASSERT( rsa_check_pubkey( &rsa ) == 0 );
}
rsa_free( &rsa );
}
END_CASE
BEGIN_CASE
x509parse_crt:crt_data:result_str:result
{
x509_cert crt;
unsigned char buf[2000];
unsigned char output[2000];
int data_len, res;
memset( &crt, 0, sizeof( x509_cert ) );
memset( buf, 0, 2000 );
memset( output, 0, 2000 );
data_len = unhexify( buf, {crt_data} );
TEST_ASSERT( x509parse_crt( &crt, buf, data_len ) == ( {result} ) );
if( ( {result} ) == 0 )
{
res = x509parse_cert_info( (char *) output, 2000, "", &crt );
TEST_ASSERT( res != -1 );
TEST_ASSERT( res != -2 );
TEST_ASSERT( strcmp( (char *) output, {result_str} ) == 0 );
}
x509_free( &crt );
}
END_CASE
BEGIN_CASE
x509parse_crl:crl_data:result_str:result
{
x509_crl crl;
unsigned char buf[2000];
unsigned char output[2000];
int data_len, res;
memset( &crl, 0, sizeof( x509_crl ) );
memset( buf, 0, 2000 );
memset( output, 0, 2000 );
data_len = unhexify( buf, {crl_data} );
TEST_ASSERT( x509parse_crl( &crl, buf, data_len ) == ( {result} ) );
if( ( {result} ) == 0 )
{
res = x509parse_crl_info( (char *) output, 2000, "", &crl );
TEST_ASSERT( res != -1 );
TEST_ASSERT( res != -2 );
TEST_ASSERT( strcmp( (char *) output, {result_str} ) == 0 );
}
x509_crl_free( &crl );
}
END_CASE
BEGIN_CASE
x509parse_key:key_data:result_str:result
{
rsa_context rsa;
unsigned char buf[2000];
unsigned char output[2000];
int data_len;
memset( &rsa, 0, sizeof( rsa_context ) );
memset( buf, 0, 2000 );
memset( output, 0, 2000 );
data_len = unhexify( buf, {key_data} );
TEST_ASSERT( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( {result} ) );
if( ( {result} ) == 0 )
{
TEST_ASSERT( 1 );
}
rsa_free( &rsa );
}
END_CASE
BEGIN_CASE
x509_selftest:
{
TEST_ASSERT( x509_self_test( 0 ) == 0 );
}
END_CASE