PolarSSL v1.1.4
test_suite_x509parse.c
Go to the documentation of this file.
00001 #include "fct.h"
00002 
00003 #include <polarssl/x509.h>
00004 #include <polarssl/pem.h>
00005 
00006 int verify_none( void *data, x509_cert *crt, int certificate_depth, int preverify_ok )
00007 {
00008     ((void) data);
00009     ((void) crt);
00010     ((void) certificate_depth);
00011     ((void) preverify_ok);
00012 
00013     return 1;
00014 }
00015 
00016 int verify_all( void *data, x509_cert *crt, int certificate_depth, int preverify_ok )
00017 {
00018     ((void) data);
00019     ((void) crt);
00020     ((void) certificate_depth);
00021     ((void) preverify_ok);
00022 
00023     return 0;
00024 }
00025 
00026 
00027 #include <polarssl/config.h>
00028 
00029 #ifdef _MSC_VER
00030 #include <basetsd.h>
00031 typedef UINT32 uint32_t;
00032 #else
00033 #include <inttypes.h>
00034 #endif
00035 
00036 /*
00037  * 32-bit integer manipulation macros (big endian)
00038  */
00039 #ifndef GET_ULONG_BE
00040 #define GET_ULONG_BE(n,b,i)                             \
00041 {                                                       \
00042     (n) = ( (unsigned long) (b)[(i)    ] << 24 )        \
00043         | ( (unsigned long) (b)[(i) + 1] << 16 )        \
00044         | ( (unsigned long) (b)[(i) + 2] <<  8 )        \
00045         | ( (unsigned long) (b)[(i) + 3]       );       \
00046 }
00047 #endif
00048 
00049 #ifndef PUT_ULONG_BE
00050 #define PUT_ULONG_BE(n,b,i)                             \
00051 {                                                       \
00052     (b)[(i)    ] = (unsigned char) ( (n) >> 24 );       \
00053     (b)[(i) + 1] = (unsigned char) ( (n) >> 16 );       \
00054     (b)[(i) + 2] = (unsigned char) ( (n) >>  8 );       \
00055     (b)[(i) + 3] = (unsigned char) ( (n)       );       \
00056 }
00057 #endif
00058 
00059 int unhexify(unsigned char *obuf, const char *ibuf)
00060 {
00061     unsigned char c, c2;
00062     int len = strlen(ibuf) / 2;
00063     assert(!(strlen(ibuf) %1)); // must be even number of bytes
00064 
00065     while (*ibuf != 0)
00066     {
00067         c = *ibuf++;
00068         if( c >= '0' && c <= '9' )
00069             c -= '0';
00070         else if( c >= 'a' && c <= 'f' )
00071             c -= 'a' - 10;
00072         else if( c >= 'A' && c <= 'F' )
00073             c -= 'A' - 10;
00074         else
00075             assert( 0 );
00076 
00077         c2 = *ibuf++;
00078         if( c2 >= '0' && c2 <= '9' )
00079             c2 -= '0';
00080         else if( c2 >= 'a' && c2 <= 'f' )
00081             c2 -= 'a' - 10;
00082         else if( c2 >= 'A' && c2 <= 'F' )
00083             c2 -= 'A' - 10;
00084         else
00085             assert( 0 );
00086 
00087         *obuf++ = ( c << 4 ) | c2;
00088     }
00089 
00090     return len;
00091 }
00092 
00093 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
00094 {
00095     unsigned char l, h;
00096 
00097     while (len != 0)
00098     {
00099         h = (*ibuf) / 16;
00100         l = (*ibuf) % 16;
00101 
00102         if( h < 10 )
00103             *obuf++ = '0' + h;
00104         else
00105             *obuf++ = 'a' + h - 10;
00106 
00107         if( l < 10 )
00108             *obuf++ = '0' + l;
00109         else
00110             *obuf++ = 'a' + l - 10;
00111 
00112         ++ibuf;
00113         len--;
00114     }
00115 }
00116 
00126 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
00127 {
00128     size_t i;
00129 
00130     if( rng_state != NULL )
00131         rng_state  = NULL;
00132 
00133     for( i = 0; i < len; ++i )
00134         output[i] = rand();
00135 
00136     return( 0 );
00137 }
00138 
00144 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
00145 {
00146     if( rng_state != NULL )
00147         rng_state  = NULL;
00148 
00149     memset( output, 0, len );
00150 
00151     return( 0 );
00152 }
00153 
00154 typedef struct
00155 {
00156     unsigned char *buf;
00157     size_t length;
00158 } rnd_buf_info;
00159 
00171 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
00172 {
00173     rnd_buf_info *info = (rnd_buf_info *) rng_state;
00174     size_t use_len;
00175 
00176     if( rng_state == NULL )
00177         return( rnd_std_rand( NULL, output, len ) );
00178 
00179     use_len = len;
00180     if( len > info->length )
00181         use_len = info->length;
00182 
00183     if( use_len )
00184     {
00185         memcpy( output, info->buf, use_len );
00186         info->buf += use_len;
00187         info->length -= use_len;
00188     }
00189 
00190     if( len - use_len > 0 )
00191         return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
00192 
00193     return( 0 );
00194 }
00195 
00203 typedef struct
00204 {
00205     uint32_t key[16];
00206     uint32_t v0, v1;
00207 } rnd_pseudo_info;
00208 
00217 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
00218 {
00219     rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
00220     uint32_t i, *k, sum, delta=0x9E3779B9;
00221     unsigned char result[4];
00222 
00223     if( rng_state == NULL )
00224         return( rnd_std_rand( NULL, output, len ) );
00225 
00226     k = info->key;
00227 
00228     while( len > 0 )
00229     {
00230         size_t use_len = ( len > 4 ) ? 4 : len;
00231         sum = 0;
00232 
00233         for( i = 0; i < 32; i++ )
00234         {
00235             info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
00236             sum += delta;
00237             info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
00238         }
00239 
00240         PUT_ULONG_BE( info->v0, result, 0 );
00241         memcpy( output, result, use_len );
00242         len -= use_len;
00243     }
00244 
00245     return( 0 );
00246 }
00247 
00248 
00249 FCT_BGN()
00250 {
00251 #ifdef POLARSSL_X509_PARSE_C
00252 #ifdef POLARSSL_BIGNUM_C
00253 
00254 
00255     FCT_SUITE_BGN(test_suite_x509parse)
00256     {
00257 #ifdef POLARSSL_PEM_C
00258 #ifdef POLARSSL_FS_IO
00259 
00260         FCT_TEST_BGN(x509_certificate_information_1)
00261         {
00262             x509_cert   crt;
00263             char buf[2000];
00264             int res;
00265         
00266             memset( &crt, 0, sizeof( x509_cert ) );
00267             memset( buf, 0, 2000 );
00268         
00269             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
00270             res = x509parse_cert_info( buf, 2000, "", &crt );
00271         
00272             fct_chk( res != -1 );
00273             fct_chk( res != -2 );
00274         
00275             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 01\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued  on    : 2011-02-12 14:44:06\nexpires on    : 2021-02-12 14:44:06\nsigned using  : RSA+SHA1\nRSA key size  : 2048 bits\n" ) == 0 );
00276         }
00277         FCT_TEST_END();
00278 #endif /* POLARSSL_PEM_C */
00279 #endif /* POLARSSL_FS_IO */
00280 
00281 #ifdef POLARSSL_PEM_C
00282 #ifdef POLARSSL_FS_IO
00283 
00284         FCT_TEST_BGN(x509_certificate_information_2)
00285         {
00286             x509_cert   crt;
00287             char buf[2000];
00288             int res;
00289         
00290             memset( &crt, 0, sizeof( x509_cert ) );
00291             memset( buf, 0, 2000 );
00292         
00293             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
00294             res = x509parse_cert_info( buf, 2000, "", &crt );
00295         
00296             fct_chk( res != -1 );
00297             fct_chk( res != -2 );
00298         
00299             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 02\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=localhost\nissued  on    : 2011-02-12 14:44:06\nexpires on    : 2021-02-12 14:44:06\nsigned using  : RSA+SHA1\nRSA key size  : 2048 bits\n" ) == 0 );
00300         }
00301         FCT_TEST_END();
00302 #endif /* POLARSSL_PEM_C */
00303 #endif /* POLARSSL_FS_IO */
00304 
00305 #ifdef POLARSSL_PEM_C
00306 #ifdef POLARSSL_FS_IO
00307 
00308         FCT_TEST_BGN(x509_certificate_information_3)
00309         {
00310             x509_cert   crt;
00311             char buf[2000];
00312             int res;
00313         
00314             memset( &crt, 0, sizeof( x509_cert ) );
00315             memset( buf, 0, 2000 );
00316         
00317             fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
00318             res = x509parse_cert_info( buf, 2000, "", &crt );
00319         
00320             fct_chk( res != -1 );
00321             fct_chk( res != -2 );
00322         
00323             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 00\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued  on    : 2011-02-12 14:44:00\nexpires on    : 2021-02-12 14:44:00\nsigned using  : RSA+SHA1\nRSA key size  : 2048 bits\n" ) == 0 );
00324         }
00325         FCT_TEST_END();
00326 #endif /* POLARSSL_PEM_C */
00327 #endif /* POLARSSL_FS_IO */
00328 
00329 #ifdef POLARSSL_PEM_C
00330 #ifdef POLARSSL_FS_IO
00331 
00332         FCT_TEST_BGN(x509_certificate_information_md2_digest)
00333         {
00334             x509_cert   crt;
00335             char buf[2000];
00336             int res;
00337         
00338             memset( &crt, 0, sizeof( x509_cert ) );
00339             memset( buf, 0, 2000 );
00340         
00341             fct_chk( x509parse_crtfile( &crt, "data_files/cert_md2.crt" ) == 0 );
00342             res = x509parse_cert_info( buf, 2000, "", &crt );
00343         
00344             fct_chk( res != -1 );
00345             fct_chk( res != -2 );
00346         
00347             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued  on    : 2009-07-12 10:56:59\nexpires on    : 2011-07-12 10:56:59\nsigned using  : RSA+MD2\nRSA key size  : 2048 bits\n" ) == 0 );
00348         }
00349         FCT_TEST_END();
00350 #endif /* POLARSSL_PEM_C */
00351 #endif /* POLARSSL_FS_IO */
00352 
00353 #ifdef POLARSSL_PEM_C
00354 #ifdef POLARSSL_FS_IO
00355 
00356         FCT_TEST_BGN(x509_certificate_information_md4_digest)
00357         {
00358             x509_cert   crt;
00359             char buf[2000];
00360             int res;
00361         
00362             memset( &crt, 0, sizeof( x509_cert ) );
00363             memset( buf, 0, 2000 );
00364         
00365             fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 );
00366             res = x509parse_cert_info( buf, 2000, "", &crt );
00367         
00368             fct_chk( res != -1 );
00369             fct_chk( res != -2 );
00370         
00371             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 05\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+MD4\nRSA key size  : 2048 bits\n" ) == 0 );
00372         }
00373         FCT_TEST_END();
00374 #endif /* POLARSSL_PEM_C */
00375 #endif /* POLARSSL_FS_IO */
00376 
00377 #ifdef POLARSSL_PEM_C
00378 #ifdef POLARSSL_FS_IO
00379 
00380         FCT_TEST_BGN(x509_certificate_information_md5_digest)
00381         {
00382             x509_cert   crt;
00383             char buf[2000];
00384             int res;
00385         
00386             memset( &crt, 0, sizeof( x509_cert ) );
00387             memset( buf, 0, 2000 );
00388         
00389             fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 );
00390             res = x509parse_cert_info( buf, 2000, "", &crt );
00391         
00392             fct_chk( res != -1 );
00393             fct_chk( res != -2 );
00394         
00395             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 06\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+MD5\nRSA key size  : 2048 bits\n" ) == 0 );
00396         }
00397         FCT_TEST_END();
00398 #endif /* POLARSSL_PEM_C */
00399 #endif /* POLARSSL_FS_IO */
00400 
00401 #ifdef POLARSSL_PEM_C
00402 #ifdef POLARSSL_FS_IO
00403 
00404         FCT_TEST_BGN(x509_certificate_information_sha1_digest)
00405         {
00406             x509_cert   crt;
00407             char buf[2000];
00408             int res;
00409         
00410             memset( &crt, 0, sizeof( x509_cert ) );
00411             memset( buf, 0, 2000 );
00412         
00413             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 );
00414             res = x509parse_cert_info( buf, 2000, "", &crt );
00415         
00416             fct_chk( res != -1 );
00417             fct_chk( res != -2 );
00418         
00419             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 07\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+SHA1\nRSA key size  : 2048 bits\n" ) == 0 );
00420         }
00421         FCT_TEST_END();
00422 #endif /* POLARSSL_PEM_C */
00423 #endif /* POLARSSL_FS_IO */
00424 
00425 #ifdef POLARSSL_PEM_C
00426 #ifdef POLARSSL_FS_IO
00427 
00428         FCT_TEST_BGN(x509_certificate_information_sha224_digest)
00429         {
00430             x509_cert   crt;
00431             char buf[2000];
00432             int res;
00433         
00434             memset( &crt, 0, sizeof( x509_cert ) );
00435             memset( buf, 0, 2000 );
00436         
00437             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 );
00438             res = x509parse_cert_info( buf, 2000, "", &crt );
00439         
00440             fct_chk( res != -1 );
00441             fct_chk( res != -2 );
00442         
00443             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 08\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+SHA224\nRSA key size  : 2048 bits\n" ) == 0 );
00444         }
00445         FCT_TEST_END();
00446 #endif /* POLARSSL_PEM_C */
00447 #endif /* POLARSSL_FS_IO */
00448 
00449 #ifdef POLARSSL_PEM_C
00450 #ifdef POLARSSL_FS_IO
00451 
00452         FCT_TEST_BGN(x509_certificate_information_sha256_digest)
00453         {
00454             x509_cert   crt;
00455             char buf[2000];
00456             int res;
00457         
00458             memset( &crt, 0, sizeof( x509_cert ) );
00459             memset( buf, 0, 2000 );
00460         
00461             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 );
00462             res = x509parse_cert_info( buf, 2000, "", &crt );
00463         
00464             fct_chk( res != -1 );
00465             fct_chk( res != -2 );
00466         
00467             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+SHA256\nRSA key size  : 2048 bits\n" ) == 0 );
00468         }
00469         FCT_TEST_END();
00470 #endif /* POLARSSL_PEM_C */
00471 #endif /* POLARSSL_FS_IO */
00472 
00473 #ifdef POLARSSL_PEM_C
00474 #ifdef POLARSSL_FS_IO
00475 
00476         FCT_TEST_BGN(x509_certificate_information_sha384_digest)
00477         {
00478             x509_cert   crt;
00479             char buf[2000];
00480             int res;
00481         
00482             memset( &crt, 0, sizeof( x509_cert ) );
00483             memset( buf, 0, 2000 );
00484         
00485             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 );
00486             res = x509parse_cert_info( buf, 2000, "", &crt );
00487         
00488             fct_chk( res != -1 );
00489             fct_chk( res != -2 );
00490         
00491             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0A\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+SHA384\nRSA key size  : 2048 bits\n" ) == 0 );
00492         }
00493         FCT_TEST_END();
00494 #endif /* POLARSSL_PEM_C */
00495 #endif /* POLARSSL_FS_IO */
00496 
00497 #ifdef POLARSSL_PEM_C
00498 #ifdef POLARSSL_FS_IO
00499 
00500         FCT_TEST_BGN(x509_certificate_information_sha512_digest)
00501         {
00502             x509_cert   crt;
00503             char buf[2000];
00504             int res;
00505         
00506             memset( &crt, 0, sizeof( x509_cert ) );
00507             memset( buf, 0, 2000 );
00508         
00509             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
00510             res = x509parse_cert_info( buf, 2000, "", &crt );
00511         
00512             fct_chk( res != -1 );
00513             fct_chk( res != -2 );
00514         
00515             fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0B\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name  : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued  on    : 2011-02-12 14:44:07\nexpires on    : 2021-02-12 14:44:07\nsigned using  : RSA+SHA512\nRSA key size  : 2048 bits\n" ) == 0 );
00516         }
00517         FCT_TEST_END();
00518 #endif /* POLARSSL_PEM_C */
00519 #endif /* POLARSSL_FS_IO */
00520 
00521 #ifdef POLARSSL_PEM_C
00522 #ifdef POLARSSL_FS_IO
00523 
00524         FCT_TEST_BGN(x509_crl_information_1)
00525         {
00526             x509_crl   crl;
00527             char buf[2000];
00528             int res;
00529         
00530             memset( &crl, 0, sizeof( x509_crl ) );
00531             memset( buf, 0, 2000 );
00532         
00533             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
00534             res = x509parse_crl_info( buf, 2000, "", &crl );
00535         
00536             fct_chk( res != -1 );
00537             fct_chk( res != -2 );
00538         
00539             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-20 10:24:19\nnext update   : 2011-02-20 11:24:19\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+SHA1\n" ) == 0 );
00540         }
00541         FCT_TEST_END();
00542 #endif /* POLARSSL_PEM_C */
00543 #endif /* POLARSSL_FS_IO */
00544 
00545 #ifdef POLARSSL_PEM_C
00546 #ifdef POLARSSL_FS_IO
00547 
00548         FCT_TEST_BGN(x509_crl_information_md2_digest)
00549         {
00550             x509_crl   crl;
00551             char buf[2000];
00552             int res;
00553         
00554             memset( &crl, 0, sizeof( x509_crl ) );
00555             memset( buf, 0, 2000 );
00556         
00557             fct_chk( x509parse_crlfile( &crl, "data_files/crl_md2.pem" ) == 0 );
00558             res = x509parse_crl_info( buf, 2000, "", &crl );
00559         
00560             fct_chk( res != -1 );
00561             fct_chk( res != -2 );
00562         
00563             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2009-07-19 19:56:37\nnext update   : 2009-09-17 19:56:37\nRevoked certificates:\nserial number: 01 revocation date: 2009-02-09 21:12:36\nserial number: 03 revocation date: 2009-02-09 21:12:36\nsigned using  : RSA+MD2\n" ) == 0 );
00564         }
00565         FCT_TEST_END();
00566 #endif /* POLARSSL_PEM_C */
00567 #endif /* POLARSSL_FS_IO */
00568 
00569 #ifdef POLARSSL_PEM_C
00570 #ifdef POLARSSL_FS_IO
00571 
00572         FCT_TEST_BGN(x509_crl_information_md4_digest)
00573         {
00574             x509_crl   crl;
00575             char buf[2000];
00576             int res;
00577         
00578             memset( &crl, 0, sizeof( x509_crl ) );
00579             memset( buf, 0, 2000 );
00580         
00581             fct_chk( x509parse_crlfile( &crl, "data_files/crl_md4.pem" ) == 0 );
00582             res = x509parse_crl_info( buf, 2000, "", &crl );
00583         
00584             fct_chk( res != -1 );
00585             fct_chk( res != -2 );
00586         
00587             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+MD4\n" ) == 0 );
00588         }
00589         FCT_TEST_END();
00590 #endif /* POLARSSL_PEM_C */
00591 #endif /* POLARSSL_FS_IO */
00592 
00593 #ifdef POLARSSL_PEM_C
00594 #ifdef POLARSSL_FS_IO
00595 
00596         FCT_TEST_BGN(x509_crl_information_md5_digest)
00597         {
00598             x509_crl   crl;
00599             char buf[2000];
00600             int res;
00601         
00602             memset( &crl, 0, sizeof( x509_crl ) );
00603             memset( buf, 0, 2000 );
00604         
00605             fct_chk( x509parse_crlfile( &crl, "data_files/crl_md5.pem" ) == 0 );
00606             res = x509parse_crl_info( buf, 2000, "", &crl );
00607         
00608             fct_chk( res != -1 );
00609             fct_chk( res != -2 );
00610         
00611             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+MD5\n" ) == 0 );
00612         }
00613         FCT_TEST_END();
00614 #endif /* POLARSSL_PEM_C */
00615 #endif /* POLARSSL_FS_IO */
00616 
00617 #ifdef POLARSSL_PEM_C
00618 #ifdef POLARSSL_FS_IO
00619 
00620         FCT_TEST_BGN(x509_crl_information_sha1_digest)
00621         {
00622             x509_crl   crl;
00623             char buf[2000];
00624             int res;
00625         
00626             memset( &crl, 0, sizeof( x509_crl ) );
00627             memset( buf, 0, 2000 );
00628         
00629             fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha1.pem" ) == 0 );
00630             res = x509parse_crl_info( buf, 2000, "", &crl );
00631         
00632             fct_chk( res != -1 );
00633             fct_chk( res != -2 );
00634         
00635             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+SHA1\n" ) == 0 );
00636         }
00637         FCT_TEST_END();
00638 #endif /* POLARSSL_PEM_C */
00639 #endif /* POLARSSL_FS_IO */
00640 
00641 #ifdef POLARSSL_PEM_C
00642 #ifdef POLARSSL_FS_IO
00643 
00644         FCT_TEST_BGN(x509_crl_information_sha224_digest)
00645         {
00646             x509_crl   crl;
00647             char buf[2000];
00648             int res;
00649         
00650             memset( &crl, 0, sizeof( x509_crl ) );
00651             memset( buf, 0, 2000 );
00652         
00653             fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha224.pem" ) == 0 );
00654             res = x509parse_crl_info( buf, 2000, "", &crl );
00655         
00656             fct_chk( res != -1 );
00657             fct_chk( res != -2 );
00658         
00659             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+SHA224\n" ) == 0 );
00660         }
00661         FCT_TEST_END();
00662 #endif /* POLARSSL_PEM_C */
00663 #endif /* POLARSSL_FS_IO */
00664 
00665 #ifdef POLARSSL_PEM_C
00666 #ifdef POLARSSL_FS_IO
00667 
00668         FCT_TEST_BGN(x509_crl_information_sha256_digest)
00669         {
00670             x509_crl   crl;
00671             char buf[2000];
00672             int res;
00673         
00674             memset( &crl, 0, sizeof( x509_crl ) );
00675             memset( buf, 0, 2000 );
00676         
00677             fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha256.pem" ) == 0 );
00678             res = x509parse_crl_info( buf, 2000, "", &crl );
00679         
00680             fct_chk( res != -1 );
00681             fct_chk( res != -2 );
00682         
00683             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+SHA256\n" ) == 0 );
00684         }
00685         FCT_TEST_END();
00686 #endif /* POLARSSL_PEM_C */
00687 #endif /* POLARSSL_FS_IO */
00688 
00689 #ifdef POLARSSL_PEM_C
00690 #ifdef POLARSSL_FS_IO
00691 
00692         FCT_TEST_BGN(x509_crl_information_sha384_digest)
00693         {
00694             x509_crl   crl;
00695             char buf[2000];
00696             int res;
00697         
00698             memset( &crl, 0, sizeof( x509_crl ) );
00699             memset( buf, 0, 2000 );
00700         
00701             fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha384.pem" ) == 0 );
00702             res = x509parse_crl_info( buf, 2000, "", &crl );
00703         
00704             fct_chk( res != -1 );
00705             fct_chk( res != -2 );
00706         
00707             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+SHA384\n" ) == 0 );
00708         }
00709         FCT_TEST_END();
00710 #endif /* POLARSSL_PEM_C */
00711 #endif /* POLARSSL_FS_IO */
00712 
00713 #ifdef POLARSSL_PEM_C
00714 #ifdef POLARSSL_FS_IO
00715 
00716         FCT_TEST_BGN(x509_crl_information_sha512_digest)
00717         {
00718             x509_crl   crl;
00719             char buf[2000];
00720             int res;
00721         
00722             memset( &crl, 0, sizeof( x509_crl ) );
00723             memset( buf, 0, 2000 );
00724         
00725             fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha512.pem" ) == 0 );
00726             res = x509parse_crl_info( buf, 2000, "", &crl );
00727         
00728             fct_chk( res != -1 );
00729             fct_chk( res != -2 );
00730         
00731             fct_chk( strcmp( buf, "CRL version   : 1\nissuer name   : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update   : 2011-02-12 14:44:07\nnext update   : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using  : RSA+SHA512\n" ) == 0 );
00732         }
00733         FCT_TEST_END();
00734 #endif /* POLARSSL_PEM_C */
00735 #endif /* POLARSSL_FS_IO */
00736 
00737 #ifdef POLARSSL_MD5_C
00738 #ifdef POLARSSL_PEM_C
00739 #ifdef POLARSSL_FS_IO
00740 
00741         FCT_TEST_BGN(x509_parse_key_1_no_password_when_required)
00742         {
00743             rsa_context rsa;
00744             int res;
00745         
00746             memset( &rsa, 0, sizeof( rsa_context ) );
00747         
00748             res = x509parse_keyfile( &rsa, "data_files/test-ca.key", NULL );
00749         
00750             fct_chk( res == POLARSSL_ERR_PEM_PASSWORD_REQUIRED );
00751         
00752             if( res == 0 )
00753             {
00754                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00755             }
00756         }
00757         FCT_TEST_END();
00758 #endif /* POLARSSL_MD5_C */
00759 #endif /* POLARSSL_PEM_C */
00760 #endif /* POLARSSL_FS_IO */
00761 
00762 #ifdef POLARSSL_MD5_C
00763 #ifdef POLARSSL_PEM_C
00764 #ifdef POLARSSL_FS_IO
00765 
00766         FCT_TEST_BGN(x509_parse_key_2_correct_password)
00767         {
00768             rsa_context rsa;
00769             int res;
00770         
00771             memset( &rsa, 0, sizeof( rsa_context ) );
00772         
00773             res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLTest" );
00774         
00775             fct_chk( res == 0 );
00776         
00777             if( res == 0 )
00778             {
00779                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00780             }
00781         }
00782         FCT_TEST_END();
00783 #endif /* POLARSSL_MD5_C */
00784 #endif /* POLARSSL_PEM_C */
00785 #endif /* POLARSSL_FS_IO */
00786 
00787 #ifdef POLARSSL_MD5_C
00788 #ifdef POLARSSL_PEM_C
00789 #ifdef POLARSSL_FS_IO
00790 
00791         FCT_TEST_BGN(x509_parse_key_3_wrong_password)
00792         {
00793             rsa_context rsa;
00794             int res;
00795         
00796             memset( &rsa, 0, sizeof( rsa_context ) );
00797         
00798             res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLWRONG" );
00799         
00800             fct_chk( res == POLARSSL_ERR_PEM_PASSWORD_MISMATCH );
00801         
00802             if( res == 0 )
00803             {
00804                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00805             }
00806         }
00807         FCT_TEST_END();
00808 #endif /* POLARSSL_MD5_C */
00809 #endif /* POLARSSL_PEM_C */
00810 #endif /* POLARSSL_FS_IO */
00811 
00812 #ifdef POLARSSL_MD5_C
00813 #ifdef POLARSSL_DES_C
00814 #ifdef POLARSSL_PEM_C
00815 #ifdef POLARSSL_FS_IO
00816 
00817         FCT_TEST_BGN(x509_parse_key_4_des_encrypted)
00818         {
00819             rsa_context rsa;
00820             int res;
00821         
00822             memset( &rsa, 0, sizeof( rsa_context ) );
00823         
00824             res = x509parse_keyfile( &rsa, "data_files/keyfile.des", "testkey" );
00825         
00826             fct_chk( res == 0 );
00827         
00828             if( res == 0 )
00829             {
00830                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00831             }
00832         }
00833         FCT_TEST_END();
00834 #endif /* POLARSSL_MD5_C */
00835 #endif /* POLARSSL_DES_C */
00836 #endif /* POLARSSL_PEM_C */
00837 #endif /* POLARSSL_FS_IO */
00838 
00839 #ifdef POLARSSL_MD5_C
00840 #ifdef POLARSSL_DES_C
00841 #ifdef POLARSSL_PEM_C
00842 #ifdef POLARSSL_FS_IO
00843 
00844         FCT_TEST_BGN(x509_parse_key_5_3des_encrypted)
00845         {
00846             rsa_context rsa;
00847             int res;
00848         
00849             memset( &rsa, 0, sizeof( rsa_context ) );
00850         
00851             res = x509parse_keyfile( &rsa, "data_files/keyfile.3des", "testkey" );
00852         
00853             fct_chk( res == 0 );
00854         
00855             if( res == 0 )
00856             {
00857                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00858             }
00859         }
00860         FCT_TEST_END();
00861 #endif /* POLARSSL_MD5_C */
00862 #endif /* POLARSSL_DES_C */
00863 #endif /* POLARSSL_PEM_C */
00864 #endif /* POLARSSL_FS_IO */
00865 
00866 #ifdef POLARSSL_MD5_C
00867 #ifdef POLARSSL_AES_C
00868 #ifdef POLARSSL_PEM_C
00869 #ifdef POLARSSL_FS_IO
00870 
00871         FCT_TEST_BGN(x509_parse_key_6_aes_128_encrypted)
00872         {
00873             rsa_context rsa;
00874             int res;
00875         
00876             memset( &rsa, 0, sizeof( rsa_context ) );
00877         
00878             res = x509parse_keyfile( &rsa, "data_files/keyfile.aes128", "testkey" );
00879         
00880             fct_chk( res == 0 );
00881         
00882             if( res == 0 )
00883             {
00884                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00885             }
00886         }
00887         FCT_TEST_END();
00888 #endif /* POLARSSL_MD5_C */
00889 #endif /* POLARSSL_AES_C */
00890 #endif /* POLARSSL_PEM_C */
00891 #endif /* POLARSSL_FS_IO */
00892 
00893 #ifdef POLARSSL_MD5_C
00894 #ifdef POLARSSL_AES_C
00895 #ifdef POLARSSL_PEM_C
00896 #ifdef POLARSSL_FS_IO
00897 
00898         FCT_TEST_BGN(x509_parse_key_7_aes_192_encrypted)
00899         {
00900             rsa_context rsa;
00901             int res;
00902         
00903             memset( &rsa, 0, sizeof( rsa_context ) );
00904         
00905             res = x509parse_keyfile( &rsa, "data_files/keyfile.aes192", "testkey" );
00906         
00907             fct_chk( res == 0 );
00908         
00909             if( res == 0 )
00910             {
00911                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00912             }
00913         }
00914         FCT_TEST_END();
00915 #endif /* POLARSSL_MD5_C */
00916 #endif /* POLARSSL_AES_C */
00917 #endif /* POLARSSL_PEM_C */
00918 #endif /* POLARSSL_FS_IO */
00919 
00920 #ifdef POLARSSL_MD5_C
00921 #ifdef POLARSSL_AES_C
00922 #ifdef POLARSSL_PEM_C
00923 #ifdef POLARSSL_FS_IO
00924 
00925         FCT_TEST_BGN(x509_parse_key_8_aes_256_encrypted)
00926         {
00927             rsa_context rsa;
00928             int res;
00929         
00930             memset( &rsa, 0, sizeof( rsa_context ) );
00931         
00932             res = x509parse_keyfile( &rsa, "data_files/keyfile.aes256", "testkey" );
00933         
00934             fct_chk( res == 0 );
00935         
00936             if( res == 0 )
00937             {
00938                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00939             }
00940         }
00941         FCT_TEST_END();
00942 #endif /* POLARSSL_MD5_C */
00943 #endif /* POLARSSL_AES_C */
00944 #endif /* POLARSSL_PEM_C */
00945 #endif /* POLARSSL_FS_IO */
00946 
00947 #ifdef POLARSSL_MD5_C
00948 #ifdef POLARSSL_PEM_C
00949 #ifdef POLARSSL_FS_IO
00950 
00951         FCT_TEST_BGN(x509_parse_key_9_pkcs8_wrapped)
00952         {
00953             rsa_context rsa;
00954             int res;
00955         
00956             memset( &rsa, 0, sizeof( rsa_context ) );
00957         
00958             res = x509parse_keyfile( &rsa, "data_files/format_gen.key", "" );
00959         
00960             fct_chk( res == 0 );
00961         
00962             if( res == 0 )
00963             {
00964                 fct_chk( rsa_check_privkey( &rsa ) == 0 );
00965             }
00966         }
00967         FCT_TEST_END();
00968 #endif /* POLARSSL_MD5_C */
00969 #endif /* POLARSSL_PEM_C */
00970 #endif /* POLARSSL_FS_IO */
00971 
00972 #ifdef POLARSSL_MD5_C
00973 #ifdef POLARSSL_PEM_C
00974 #ifdef POLARSSL_FS_IO
00975 
00976         FCT_TEST_BGN(x509_parse_public_key_1_pkcs8_wrapped)
00977         {
00978             rsa_context rsa;
00979             int res;
00980         
00981             memset( &rsa, 0, sizeof( rsa_context ) );
00982         
00983             res = x509parse_public_keyfile( &rsa, "data_files/format_gen.pub" );
00984         
00985             fct_chk( res == 0 );
00986         
00987             if( res == 0 )
00988             {
00989                 fct_chk( rsa_check_pubkey( &rsa ) == 0 );
00990             }
00991         }
00992         FCT_TEST_END();
00993 #endif /* POLARSSL_MD5_C */
00994 #endif /* POLARSSL_PEM_C */
00995 #endif /* POLARSSL_FS_IO */
00996 
00997 #ifdef POLARSSL_PEM_C
00998 #ifdef POLARSSL_FS_IO
00999 
01000         FCT_TEST_BGN(x509_get_distinguished_name_1)
01001         {
01002             x509_cert   crt;
01003             char buf[2000];
01004             int res;
01005         
01006             memset( &crt, 0, sizeof( x509_cert ) );
01007             memset( buf, 0, 2000 );
01008         
01009             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01010             res =  x509parse_dn_gets( buf, 2000, &crt.subject );
01011         
01012             fct_chk( res != -1 );
01013             fct_chk( res != -2 );
01014         
01015             fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Server 1" ) == 0 );
01016         }
01017         FCT_TEST_END();
01018 #endif /* POLARSSL_PEM_C */
01019 #endif /* POLARSSL_FS_IO */
01020 
01021 #ifdef POLARSSL_PEM_C
01022 #ifdef POLARSSL_FS_IO
01023 
01024         FCT_TEST_BGN(x509_get_distinguished_name_2)
01025         {
01026             x509_cert   crt;
01027             char buf[2000];
01028             int res;
01029         
01030             memset( &crt, 0, sizeof( x509_cert ) );
01031             memset( buf, 0, 2000 );
01032         
01033             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01034             res =  x509parse_dn_gets( buf, 2000, &crt.issuer );
01035         
01036             fct_chk( res != -1 );
01037             fct_chk( res != -2 );
01038         
01039             fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 );
01040         }
01041         FCT_TEST_END();
01042 #endif /* POLARSSL_PEM_C */
01043 #endif /* POLARSSL_FS_IO */
01044 
01045 #ifdef POLARSSL_PEM_C
01046 #ifdef POLARSSL_FS_IO
01047 
01048         FCT_TEST_BGN(x509_get_distinguished_name_3)
01049         {
01050             x509_cert   crt;
01051             char buf[2000];
01052             int res;
01053         
01054             memset( &crt, 0, sizeof( x509_cert ) );
01055             memset( buf, 0, 2000 );
01056         
01057             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01058             res =  x509parse_dn_gets( buf, 2000, &crt.subject );
01059         
01060             fct_chk( res != -1 );
01061             fct_chk( res != -2 );
01062         
01063             fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=localhost" ) == 0 );
01064         }
01065         FCT_TEST_END();
01066 #endif /* POLARSSL_PEM_C */
01067 #endif /* POLARSSL_FS_IO */
01068 
01069 #ifdef POLARSSL_PEM_C
01070 #ifdef POLARSSL_FS_IO
01071 
01072         FCT_TEST_BGN(x509_get_distinguished_name_4)
01073         {
01074             x509_cert   crt;
01075             char buf[2000];
01076             int res;
01077         
01078             memset( &crt, 0, sizeof( x509_cert ) );
01079             memset( buf, 0, 2000 );
01080         
01081             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01082             res =  x509parse_dn_gets( buf, 2000, &crt.issuer );
01083         
01084             fct_chk( res != -1 );
01085             fct_chk( res != -2 );
01086         
01087             fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 );
01088         }
01089         FCT_TEST_END();
01090 #endif /* POLARSSL_PEM_C */
01091 #endif /* POLARSSL_FS_IO */
01092 
01093 #ifdef POLARSSL_PEM_C
01094 #ifdef POLARSSL_FS_IO
01095 
01096         FCT_TEST_BGN(x509_time_expired_1)
01097         {
01098             x509_cert   crt;
01099         
01100             memset( &crt, 0, sizeof( x509_cert ) );
01101         
01102             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01103             fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
01104         }
01105         FCT_TEST_END();
01106 #endif /* POLARSSL_PEM_C */
01107 #endif /* POLARSSL_FS_IO */
01108 
01109 #ifdef POLARSSL_PEM_C
01110 #ifdef POLARSSL_FS_IO
01111 
01112         FCT_TEST_BGN(x509_time_expired_2)
01113         {
01114             x509_cert   crt;
01115         
01116             memset( &crt, 0, sizeof( x509_cert ) );
01117         
01118             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01119             fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
01120         }
01121         FCT_TEST_END();
01122 #endif /* POLARSSL_PEM_C */
01123 #endif /* POLARSSL_FS_IO */
01124 
01125 #ifdef POLARSSL_PEM_C
01126 #ifdef POLARSSL_FS_IO
01127 
01128         FCT_TEST_BGN(x509_time_expired_3)
01129         {
01130             x509_cert   crt;
01131         
01132             memset( &crt, 0, sizeof( x509_cert ) );
01133         
01134             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01135             fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
01136         }
01137         FCT_TEST_END();
01138 #endif /* POLARSSL_PEM_C */
01139 #endif /* POLARSSL_FS_IO */
01140 
01141 #ifdef POLARSSL_PEM_C
01142 #ifdef POLARSSL_FS_IO
01143 
01144         FCT_TEST_BGN(x509_time_expired_4)
01145         {
01146             x509_cert   crt;
01147         
01148             memset( &crt, 0, sizeof( x509_cert ) );
01149         
01150             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01151             fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
01152         }
01153         FCT_TEST_END();
01154 #endif /* POLARSSL_PEM_C */
01155 #endif /* POLARSSL_FS_IO */
01156 
01157 #ifdef POLARSSL_PEM_C
01158 #ifdef POLARSSL_FS_IO
01159 
01160         FCT_TEST_BGN(x509_time_expired_5)
01161         {
01162             x509_cert   crt;
01163         
01164             memset( &crt, 0, sizeof( x509_cert ) );
01165         
01166             fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
01167             fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
01168         }
01169         FCT_TEST_END();
01170 #endif /* POLARSSL_PEM_C */
01171 #endif /* POLARSSL_FS_IO */
01172 
01173 #ifdef POLARSSL_PEM_C
01174 #ifdef POLARSSL_FS_IO
01175 
01176         FCT_TEST_BGN(x509_time_expired_6polarssl_fs_io)
01177         {
01178             x509_cert   crt;
01179         
01180             memset( &crt, 0, sizeof( x509_cert ) );
01181         
01182             fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
01183             fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
01184         }
01185         FCT_TEST_END();
01186 #endif /* POLARSSL_PEM_C */
01187 #endif /* POLARSSL_FS_IO */
01188 
01189 #ifdef POLARSSL_PEM_C
01190 #ifdef POLARSSL_FS_IO
01191 
01192         FCT_TEST_BGN(x509_certificate_verification_1_revoked_cert_expired_crl)
01193         {
01194             x509_cert   crt;
01195             x509_cert   ca;
01196             x509_crl    crl;
01197             int         flags = 0;
01198             int         res;
01199         
01200             memset( &crt, 0, sizeof( x509_cert ) );
01201             memset( &ca, 0, sizeof( x509_cert ) );
01202             memset( &crl, 0, sizeof( x509_crl ) );
01203         
01204             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01205             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01206             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
01207         
01208             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01209         
01210             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01211             fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) );
01212         }
01213         FCT_TEST_END();
01214 #endif /* POLARSSL_PEM_C */
01215 #endif /* POLARSSL_FS_IO */
01216 
01217 #ifdef POLARSSL_PEM_C
01218 #ifdef POLARSSL_FS_IO
01219 
01220         FCT_TEST_BGN(x509_certificate_verification_2_revoked_cert_expired_crl)
01221         {
01222             x509_cert   crt;
01223             x509_cert   ca;
01224             x509_crl    crl;
01225             int         flags = 0;
01226             int         res;
01227         
01228             memset( &crt, 0, sizeof( x509_cert ) );
01229             memset( &ca, 0, sizeof( x509_cert ) );
01230             memset( &crl, 0, sizeof( x509_crl ) );
01231         
01232             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01233             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01234             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
01235         
01236             res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL );
01237         
01238             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01239             fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) );
01240         }
01241         FCT_TEST_END();
01242 #endif /* POLARSSL_PEM_C */
01243 #endif /* POLARSSL_FS_IO */
01244 
01245 #ifdef POLARSSL_PEM_C
01246 #ifdef POLARSSL_FS_IO
01247 
01248         FCT_TEST_BGN(x509_certificate_verification_3_revoked_cert_expired_crl_cn_mismatch)
01249         {
01250             x509_cert   crt;
01251             x509_cert   ca;
01252             x509_crl    crl;
01253             int         flags = 0;
01254             int         res;
01255         
01256             memset( &crt, 0, sizeof( x509_cert ) );
01257             memset( &ca, 0, sizeof( x509_cert ) );
01258             memset( &crl, 0, sizeof( x509_crl ) );
01259         
01260             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01261             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01262             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
01263         
01264             res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL );
01265         
01266             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01267             fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH ) );
01268         }
01269         FCT_TEST_END();
01270 #endif /* POLARSSL_PEM_C */
01271 #endif /* POLARSSL_FS_IO */
01272 
01273 #ifdef POLARSSL_PEM_C
01274 #ifdef POLARSSL_FS_IO
01275 
01276         FCT_TEST_BGN(x509_certificate_verification_4_valid_cert_expired_crl)
01277         {
01278             x509_cert   crt;
01279             x509_cert   ca;
01280             x509_crl    crl;
01281             int         flags = 0;
01282             int         res;
01283         
01284             memset( &crt, 0, sizeof( x509_cert ) );
01285             memset( &ca, 0, sizeof( x509_cert ) );
01286             memset( &crl, 0, sizeof( x509_crl ) );
01287         
01288             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01289             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01290             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
01291         
01292             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01293         
01294             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01295             fct_chk( flags == ( BADCRL_EXPIRED ) );
01296         }
01297         FCT_TEST_END();
01298 #endif /* POLARSSL_PEM_C */
01299 #endif /* POLARSSL_FS_IO */
01300 
01301 #ifdef POLARSSL_PEM_C
01302 #ifdef POLARSSL_FS_IO
01303 
01304         FCT_TEST_BGN(x509_certificate_verification_5_revoked_cert)
01305         {
01306             x509_cert   crt;
01307             x509_cert   ca;
01308             x509_crl    crl;
01309             int         flags = 0;
01310             int         res;
01311         
01312             memset( &crt, 0, sizeof( x509_cert ) );
01313             memset( &ca, 0, sizeof( x509_cert ) );
01314             memset( &crl, 0, sizeof( x509_crl ) );
01315         
01316             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01317             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01318             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01319         
01320             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01321         
01322             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01323             fct_chk( flags == ( BADCERT_REVOKED ) );
01324         }
01325         FCT_TEST_END();
01326 #endif /* POLARSSL_PEM_C */
01327 #endif /* POLARSSL_FS_IO */
01328 
01329 #ifdef POLARSSL_PEM_C
01330 #ifdef POLARSSL_FS_IO
01331 
01332         FCT_TEST_BGN(x509_certificate_verification_6_revoked_cert)
01333         {
01334             x509_cert   crt;
01335             x509_cert   ca;
01336             x509_crl    crl;
01337             int         flags = 0;
01338             int         res;
01339         
01340             memset( &crt, 0, sizeof( x509_cert ) );
01341             memset( &ca, 0, sizeof( x509_cert ) );
01342             memset( &crl, 0, sizeof( x509_crl ) );
01343         
01344             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01345             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01346             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01347         
01348             res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL );
01349         
01350             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01351             fct_chk( flags == ( BADCERT_REVOKED ) );
01352         }
01353         FCT_TEST_END();
01354 #endif /* POLARSSL_PEM_C */
01355 #endif /* POLARSSL_FS_IO */
01356 
01357 #ifdef POLARSSL_PEM_C
01358 #ifdef POLARSSL_FS_IO
01359 
01360         FCT_TEST_BGN(x509_certificate_verification_7_revoked_cert_cn_mismatch)
01361         {
01362             x509_cert   crt;
01363             x509_cert   ca;
01364             x509_crl    crl;
01365             int         flags = 0;
01366             int         res;
01367         
01368             memset( &crt, 0, sizeof( x509_cert ) );
01369             memset( &ca, 0, sizeof( x509_cert ) );
01370             memset( &crl, 0, sizeof( x509_crl ) );
01371         
01372             fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
01373             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01374             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01375         
01376             res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL );
01377         
01378             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01379             fct_chk( flags == ( BADCERT_REVOKED | BADCERT_CN_MISMATCH ) );
01380         }
01381         FCT_TEST_END();
01382 #endif /* POLARSSL_PEM_C */
01383 #endif /* POLARSSL_FS_IO */
01384 
01385 #ifdef POLARSSL_PEM_C
01386 #ifdef POLARSSL_FS_IO
01387 
01388         FCT_TEST_BGN(x509_certificate_verification_8_valid_cert)
01389         {
01390             x509_cert   crt;
01391             x509_cert   ca;
01392             x509_crl    crl;
01393             int         flags = 0;
01394             int         res;
01395         
01396             memset( &crt, 0, sizeof( x509_cert ) );
01397             memset( &ca, 0, sizeof( x509_cert ) );
01398             memset( &crl, 0, sizeof( x509_crl ) );
01399         
01400             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01401             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01402             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01403         
01404             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01405         
01406             fct_chk( res == ( 0 ) );
01407             fct_chk( flags == ( 0 ) );
01408         }
01409         FCT_TEST_END();
01410 #endif /* POLARSSL_PEM_C */
01411 #endif /* POLARSSL_FS_IO */
01412 
01413 #ifdef POLARSSL_PEM_C
01414 #ifdef POLARSSL_FS_IO
01415 
01416         FCT_TEST_BGN(x509_certificate_verification_9_not_trusted_cert)
01417         {
01418             x509_cert   crt;
01419             x509_cert   ca;
01420             x509_crl    crl;
01421             int         flags = 0;
01422             int         res;
01423         
01424             memset( &crt, 0, sizeof( x509_cert ) );
01425             memset( &ca, 0, sizeof( x509_cert ) );
01426             memset( &crl, 0, sizeof( x509_crl ) );
01427         
01428             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01429             fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
01430             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01431         
01432             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01433         
01434             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01435             fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
01436         }
01437         FCT_TEST_END();
01438 #endif /* POLARSSL_PEM_C */
01439 #endif /* POLARSSL_FS_IO */
01440 
01441 #ifdef POLARSSL_PEM_C
01442 #ifdef POLARSSL_FS_IO
01443 
01444         FCT_TEST_BGN(x509_certificate_verification_10_not_trusted_cert_expired_crl)
01445         {
01446             x509_cert   crt;
01447             x509_cert   ca;
01448             x509_crl    crl;
01449             int         flags = 0;
01450             int         res;
01451         
01452             memset( &crt, 0, sizeof( x509_cert ) );
01453             memset( &ca, 0, sizeof( x509_cert ) );
01454             memset( &crl, 0, sizeof( x509_crl ) );
01455         
01456             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01457             fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
01458             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
01459         
01460             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01461         
01462             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01463             fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
01464         }
01465         FCT_TEST_END();
01466 #endif /* POLARSSL_PEM_C */
01467 #endif /* POLARSSL_FS_IO */
01468 
01469 #ifdef POLARSSL_MD4_C
01470 #ifdef POLARSSL_PEM_C
01471 #ifdef POLARSSL_FS_IO
01472 
01473         FCT_TEST_BGN(x509_certificate_verification_12_valid_cert_md4_digest)
01474         {
01475             x509_cert   crt;
01476             x509_cert   ca;
01477             x509_crl    crl;
01478             int         flags = 0;
01479             int         res;
01480         
01481             memset( &crt, 0, sizeof( x509_cert ) );
01482             memset( &ca, 0, sizeof( x509_cert ) );
01483             memset( &crl, 0, sizeof( x509_crl ) );
01484         
01485             fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 );
01486             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01487             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01488         
01489             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01490         
01491             fct_chk( res == ( 0 ) );
01492             fct_chk( flags == ( 0 ) );
01493         }
01494         FCT_TEST_END();
01495 #endif /* POLARSSL_MD4_C */
01496 #endif /* POLARSSL_PEM_C */
01497 #endif /* POLARSSL_FS_IO */
01498 
01499 #ifdef POLARSSL_MD5_C
01500 #ifdef POLARSSL_PEM_C
01501 #ifdef POLARSSL_FS_IO
01502 
01503         FCT_TEST_BGN(x509_certificate_verification_13_valid_cert_md5_digest)
01504         {
01505             x509_cert   crt;
01506             x509_cert   ca;
01507             x509_crl    crl;
01508             int         flags = 0;
01509             int         res;
01510         
01511             memset( &crt, 0, sizeof( x509_cert ) );
01512             memset( &ca, 0, sizeof( x509_cert ) );
01513             memset( &crl, 0, sizeof( x509_crl ) );
01514         
01515             fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 );
01516             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01517             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01518         
01519             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01520         
01521             fct_chk( res == ( 0 ) );
01522             fct_chk( flags == ( 0 ) );
01523         }
01524         FCT_TEST_END();
01525 #endif /* POLARSSL_MD5_C */
01526 #endif /* POLARSSL_PEM_C */
01527 #endif /* POLARSSL_FS_IO */
01528 
01529 #ifdef POLARSSL_SHA1_C
01530 #ifdef POLARSSL_PEM_C
01531 #ifdef POLARSSL_FS_IO
01532 
01533         FCT_TEST_BGN(x509_certificate_verification_14_valid_cert_sha1_digest)
01534         {
01535             x509_cert   crt;
01536             x509_cert   ca;
01537             x509_crl    crl;
01538             int         flags = 0;
01539             int         res;
01540         
01541             memset( &crt, 0, sizeof( x509_cert ) );
01542             memset( &ca, 0, sizeof( x509_cert ) );
01543             memset( &crl, 0, sizeof( x509_crl ) );
01544         
01545             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 );
01546             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01547             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01548         
01549             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01550         
01551             fct_chk( res == ( 0 ) );
01552             fct_chk( flags == ( 0 ) );
01553         }
01554         FCT_TEST_END();
01555 #endif /* POLARSSL_SHA1_C */
01556 #endif /* POLARSSL_PEM_C */
01557 #endif /* POLARSSL_FS_IO */
01558 
01559 #ifdef POLARSSL_SHA2_C
01560 #ifdef POLARSSL_PEM_C
01561 #ifdef POLARSSL_FS_IO
01562 
01563         FCT_TEST_BGN(x509_certificate_verification_15_valid_cert_sha224_digest)
01564         {
01565             x509_cert   crt;
01566             x509_cert   ca;
01567             x509_crl    crl;
01568             int         flags = 0;
01569             int         res;
01570         
01571             memset( &crt, 0, sizeof( x509_cert ) );
01572             memset( &ca, 0, sizeof( x509_cert ) );
01573             memset( &crl, 0, sizeof( x509_crl ) );
01574         
01575             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 );
01576             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01577             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01578         
01579             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01580         
01581             fct_chk( res == ( 0 ) );
01582             fct_chk( flags == ( 0 ) );
01583         }
01584         FCT_TEST_END();
01585 #endif /* POLARSSL_SHA2_C */
01586 #endif /* POLARSSL_PEM_C */
01587 #endif /* POLARSSL_FS_IO */
01588 
01589 #ifdef POLARSSL_SHA2_C
01590 #ifdef POLARSSL_PEM_C
01591 #ifdef POLARSSL_FS_IO
01592 
01593         FCT_TEST_BGN(x509_certificate_verification_16_valid_cert_sha256_digest)
01594         {
01595             x509_cert   crt;
01596             x509_cert   ca;
01597             x509_crl    crl;
01598             int         flags = 0;
01599             int         res;
01600         
01601             memset( &crt, 0, sizeof( x509_cert ) );
01602             memset( &ca, 0, sizeof( x509_cert ) );
01603             memset( &crl, 0, sizeof( x509_crl ) );
01604         
01605             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 );
01606             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01607             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01608         
01609             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01610         
01611             fct_chk( res == ( 0 ) );
01612             fct_chk( flags == ( 0 ) );
01613         }
01614         FCT_TEST_END();
01615 #endif /* POLARSSL_SHA2_C */
01616 #endif /* POLARSSL_PEM_C */
01617 #endif /* POLARSSL_FS_IO */
01618 
01619 #ifdef POLARSSL_SHA4_C
01620 #ifdef POLARSSL_PEM_C
01621 #ifdef POLARSSL_FS_IO
01622 
01623         FCT_TEST_BGN(x509_certificate_verification_17_valid_cert_sha384_digest)
01624         {
01625             x509_cert   crt;
01626             x509_cert   ca;
01627             x509_crl    crl;
01628             int         flags = 0;
01629             int         res;
01630         
01631             memset( &crt, 0, sizeof( x509_cert ) );
01632             memset( &ca, 0, sizeof( x509_cert ) );
01633             memset( &crl, 0, sizeof( x509_crl ) );
01634         
01635             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 );
01636             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01637             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01638         
01639             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01640         
01641             fct_chk( res == ( 0 ) );
01642             fct_chk( flags == ( 0 ) );
01643         }
01644         FCT_TEST_END();
01645 #endif /* POLARSSL_SHA4_C */
01646 #endif /* POLARSSL_PEM_C */
01647 #endif /* POLARSSL_FS_IO */
01648 
01649 #ifdef POLARSSL_SHA4_C
01650 #ifdef POLARSSL_PEM_C
01651 #ifdef POLARSSL_FS_IO
01652 
01653         FCT_TEST_BGN(x509_certificate_verification_18_valid_cert_sha512_digest)
01654         {
01655             x509_cert   crt;
01656             x509_cert   ca;
01657             x509_crl    crl;
01658             int         flags = 0;
01659             int         res;
01660         
01661             memset( &crt, 0, sizeof( x509_cert ) );
01662             memset( &ca, 0, sizeof( x509_cert ) );
01663             memset( &crl, 0, sizeof( x509_crl ) );
01664         
01665             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
01666             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01667             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01668         
01669             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
01670         
01671             fct_chk( res == ( 0 ) );
01672             fct_chk( flags == ( 0 ) );
01673         }
01674         FCT_TEST_END();
01675 #endif /* POLARSSL_SHA4_C */
01676 #endif /* POLARSSL_PEM_C */
01677 #endif /* POLARSSL_FS_IO */
01678 
01679 #ifdef POLARSSL_SHA4_C
01680 #ifdef POLARSSL_PEM_C
01681 #ifdef POLARSSL_FS_IO
01682 
01683         FCT_TEST_BGN(x509_certificate_verification_19_valid_cert_denying_callback)
01684         {
01685             x509_cert   crt;
01686             x509_cert   ca;
01687             x509_crl    crl;
01688             int         flags = 0;
01689             int         res;
01690         
01691             memset( &crt, 0, sizeof( x509_cert ) );
01692             memset( &ca, 0, sizeof( x509_cert ) );
01693             memset( &crl, 0, sizeof( x509_crl ) );
01694         
01695             fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
01696             fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
01697             fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
01698         
01699             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, &verify_none, NULL );
01700         
01701             fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
01702             fct_chk( flags == ( 0 ) );
01703         }
01704         FCT_TEST_END();
01705 #endif /* POLARSSL_SHA4_C */
01706 #endif /* POLARSSL_PEM_C */
01707 #endif /* POLARSSL_FS_IO */
01708 
01709 #ifdef POLARSSL_PEM_C
01710 #ifdef POLARSSL_FS_IO
01711 
01712         FCT_TEST_BGN(x509_certificate_verification_20_not_trusted_cert_allowing_callback)
01713         {
01714             x509_cert   crt;
01715             x509_cert   ca;
01716             x509_crl    crl;
01717             int         flags = 0;
01718             int         res;
01719         
01720             memset( &crt, 0, sizeof( x509_cert ) );
01721             memset( &ca, 0, sizeof( x509_cert ) );
01722             memset( &crl, 0, sizeof( x509_crl ) );
01723         
01724             fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
01725             fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
01726             fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
01727         
01728             res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, &verify_all, NULL );
01729         
01730             fct_chk( res == ( 0 ) );
01731             fct_chk( flags == ( 0 ) );
01732         }
01733         FCT_TEST_END();
01734 #endif /* POLARSSL_PEM_C */
01735 #endif /* POLARSSL_FS_IO */
01736 
01737 #ifdef POLARSSL_MD5_C
01738 #ifdef POLARSSL_PEM_C
01739 #ifdef POLARSSL_SELF_TEST
01740 
01741         FCT_TEST_BGN(x509_parse_selftest)
01742         {
01743             fct_chk( x509_self_test( 0 ) == 0 );
01744         }
01745         FCT_TEST_END();
01746 #endif /* POLARSSL_MD5_C */
01747 #endif /* POLARSSL_PEM_C */
01748 #endif /* POLARSSL_SELF_TEST */
01749 
01750 
01751         FCT_TEST_BGN(x509_certificate_asn1_incorrect_first_tag)
01752         {
01753             x509_cert   crt;
01754             unsigned char buf[2000];
01755             unsigned char output[2000];
01756             int data_len, res;
01757         
01758             memset( &crt, 0, sizeof( x509_cert ) );
01759             memset( buf, 0, 2000 );
01760             memset( output, 0, 2000 );
01761         
01762             data_len = unhexify( buf, "" );
01763         
01764             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) );
01765             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) == 0 )
01766             {
01767                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01768                 
01769                 fct_chk( res != -1 );
01770                 fct_chk( res != -2 );
01771         
01772                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01773             }
01774         }
01775         FCT_TEST_END();
01776 
01777 
01778         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_data_length_does_not_match)
01779         {
01780             x509_cert   crt;
01781             unsigned char buf[2000];
01782             unsigned char output[2000];
01783             int data_len, res;
01784         
01785             memset( &crt, 0, sizeof( x509_cert ) );
01786             memset( buf, 0, 2000 );
01787             memset( output, 0, 2000 );
01788         
01789             data_len = unhexify( buf, "300000" );
01790         
01791             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
01792             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
01793             {
01794                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01795                 
01796                 fct_chk( res != -1 );
01797                 fct_chk( res != -2 );
01798         
01799                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01800             }
01801         }
01802         FCT_TEST_END();
01803 
01804 
01805         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_no_more_data)
01806         {
01807             x509_cert   crt;
01808             unsigned char buf[2000];
01809             unsigned char output[2000];
01810             int data_len, res;
01811         
01812             memset( &crt, 0, sizeof( x509_cert ) );
01813             memset( buf, 0, 2000 );
01814             memset( output, 0, 2000 );
01815         
01816             data_len = unhexify( buf, "3000" );
01817         
01818             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
01819             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
01820             {
01821                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01822                 
01823                 fct_chk( res != -1 );
01824                 fct_chk( res != -2 );
01825         
01826                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01827             }
01828         }
01829         FCT_TEST_END();
01830 
01831 
01832         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incorrect)
01833         {
01834             x509_cert   crt;
01835             unsigned char buf[2000];
01836             unsigned char output[2000];
01837             int data_len, res;
01838         
01839             memset( &crt, 0, sizeof( x509_cert ) );
01840             memset( buf, 0, 2000 );
01841             memset( output, 0, 2000 );
01842         
01843             data_len = unhexify( buf, "30023085" );
01844         
01845             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH ) );
01846             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 )
01847             {
01848                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01849                 
01850                 fct_chk( res != -1 );
01851                 fct_chk( res != -2 );
01852         
01853                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01854             }
01855         }
01856         FCT_TEST_END();
01857 
01858 
01859         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
01860         {
01861             x509_cert   crt;
01862             unsigned char buf[2000];
01863             unsigned char output[2000];
01864             int data_len, res;
01865         
01866             memset( &crt, 0, sizeof( x509_cert ) );
01867             memset( buf, 0, 2000 );
01868             memset( output, 0, 2000 );
01869         
01870             data_len = unhexify( buf, "30023083" );
01871         
01872             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
01873             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
01874             {
01875                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01876                 
01877                 fct_chk( res != -1 );
01878                 fct_chk( res != -2 );
01879         
01880                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01881             }
01882         }
01883         FCT_TEST_END();
01884 
01885 
01886         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
01887         {
01888             x509_cert   crt;
01889             unsigned char buf[2000];
01890             unsigned char output[2000];
01891             int data_len, res;
01892         
01893             memset( &crt, 0, sizeof( x509_cert ) );
01894             memset( buf, 0, 2000 );
01895             memset( output, 0, 2000 );
01896         
01897             data_len = unhexify( buf, "30023081" );
01898         
01899             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
01900             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
01901             {
01902                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01903                 
01904                 fct_chk( res != -1 );
01905                 fct_chk( res != -2 );
01906         
01907                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01908             }
01909         }
01910         FCT_TEST_END();
01911 
01912 
01913         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
01914         {
01915             x509_cert   crt;
01916             unsigned char buf[2000];
01917             unsigned char output[2000];
01918             int data_len, res;
01919         
01920             memset( &crt, 0, sizeof( x509_cert ) );
01921             memset( buf, 0, 2000 );
01922             memset( output, 0, 2000 );
01923         
01924             data_len = unhexify( buf, "3003308200" );
01925         
01926             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
01927             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
01928             {
01929                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01930                 
01931                 fct_chk( res != -1 );
01932                 fct_chk( res != -2 );
01933         
01934                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01935             }
01936         }
01937         FCT_TEST_END();
01938 
01939 
01940         FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_second_tag_no_tbscertificate)
01941         {
01942             x509_cert   crt;
01943             unsigned char buf[2000];
01944             unsigned char output[2000];
01945             int data_len, res;
01946         
01947             memset( &crt, 0, sizeof( x509_cert ) );
01948             memset( buf, 0, 2000 );
01949             memset( output, 0, 2000 );
01950         
01951             data_len = unhexify( buf, "300100" );
01952         
01953             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
01954             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
01955             {
01956                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01957                 
01958                 fct_chk( res != -1 );
01959                 fct_chk( res != -2 );
01960         
01961                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01962             }
01963         }
01964         FCT_TEST_END();
01965 
01966 
01967         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_no_version_tag_serial_missing)
01968         {
01969             x509_cert   crt;
01970             unsigned char buf[2000];
01971             unsigned char output[2000];
01972             int data_len, res;
01973         
01974             memset( &crt, 0, sizeof( x509_cert ) );
01975             memset( buf, 0, 2000 );
01976             memset( output, 0, 2000 );
01977         
01978             data_len = unhexify( buf, "3003300100" );
01979         
01980             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
01981             if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
01982             {
01983                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
01984                 
01985                 fct_chk( res != -1 );
01986                 fct_chk( res != -2 );
01987         
01988                 fct_chk( strcmp( (char *) output, "" ) == 0 );
01989             }
01990         }
01991         FCT_TEST_END();
01992 
01993 
01994         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_version_tag)
01995         {
01996             x509_cert   crt;
01997             unsigned char buf[2000];
01998             unsigned char output[2000];
01999             int data_len, res;
02000         
02001             memset( &crt, 0, sizeof( x509_cert ) );
02002             memset( buf, 0, 2000 );
02003             memset( output, 0, 2000 );
02004         
02005             data_len = unhexify( buf, "30053003a00101" );
02006         
02007             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02008             if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02009             {
02010                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02011                 
02012                 fct_chk( res != -1 );
02013                 fct_chk( res != -2 );
02014         
02015                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02016             }
02017         }
02018         FCT_TEST_END();
02019 
02020 
02021         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_length)
02022         {
02023             x509_cert   crt;
02024             unsigned char buf[2000];
02025             unsigned char output[2000];
02026             int data_len, res;
02027         
02028             memset( &crt, 0, sizeof( x509_cert ) );
02029             memset( buf, 0, 2000 );
02030             memset( output, 0, 2000 );
02031         
02032             data_len = unhexify( buf, "30053003a00102" );
02033         
02034             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02035             if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02036             {
02037                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02038                 
02039                 fct_chk( res != -1 );
02040                 fct_chk( res != -2 );
02041         
02042                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02043             }
02044         }
02045         FCT_TEST_END();
02046 
02047 
02048         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_invalid_length)
02049         {
02050             x509_cert   crt;
02051             unsigned char buf[2000];
02052             unsigned char output[2000];
02053             int data_len, res;
02054         
02055             memset( &crt, 0, sizeof( x509_cert ) );
02056             memset( buf, 0, 2000 );
02057             memset( output, 0, 2000 );
02058         
02059             data_len = unhexify( buf, "30163014a012021000000000000000000000000000000000" );
02060         
02061             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH ) );
02062             if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 )
02063             {
02064                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02065                 
02066                 fct_chk( res != -1 );
02067                 fct_chk( res != -2 );
02068         
02069                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02070             }
02071         }
02072         FCT_TEST_END();
02073 
02074 
02075         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_serial)
02076         {
02077             x509_cert   crt;
02078             unsigned char buf[2000];
02079             unsigned char output[2000];
02080             int data_len, res;
02081         
02082             memset( &crt, 0, sizeof( x509_cert ) );
02083             memset( buf, 0, 2000 );
02084             memset( output, 0, 2000 );
02085         
02086             data_len = unhexify( buf, "30073005a003020104" );
02087         
02088             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA  ) );
02089             if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA  ) == 0 )
02090             {
02091                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02092                 
02093                 fct_chk( res != -1 );
02094                 fct_chk( res != -2 );
02095         
02096                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02097             }
02098         }
02099         FCT_TEST_END();
02100 
02101 
02102         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_length_version_tag)
02103         {
02104             x509_cert   crt;
02105             unsigned char buf[2000];
02106             unsigned char output[2000];
02107             int data_len, res;
02108         
02109             memset( &crt, 0, sizeof( x509_cert ) );
02110             memset( buf, 0, 2000 );
02111             memset( output, 0, 2000 );
02112         
02113             data_len = unhexify( buf, "30083006a00402010400" );
02114         
02115             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
02116             if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
02117             {
02118                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02119                 
02120                 fct_chk( res != -1 );
02121                 fct_chk( res != -2 );
02122         
02123                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02124             }
02125         }
02126         FCT_TEST_END();
02127 
02128 
02129         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_tag)
02130         {
02131             x509_cert   crt;
02132             unsigned char buf[2000];
02133             unsigned char output[2000];
02134             int data_len, res;
02135         
02136             memset( &crt, 0, sizeof( x509_cert ) );
02137             memset( buf, 0, 2000 );
02138             memset( output, 0, 2000 );
02139         
02140             data_len = unhexify( buf, "30083006a00302010400" );
02141         
02142             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02143             if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02144             {
02145                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02146                 
02147                 fct_chk( res != -1 );
02148                 fct_chk( res != -2 );
02149         
02150                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02151             }
02152         }
02153         FCT_TEST_END();
02154 
02155 
02156         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_length)
02157         {
02158             x509_cert   crt;
02159             unsigned char buf[2000];
02160             unsigned char output[2000];
02161             int data_len, res;
02162         
02163             memset( &crt, 0, sizeof( x509_cert ) );
02164             memset( buf, 0, 2000 );
02165             memset( output, 0, 2000 );
02166         
02167             data_len = unhexify( buf, "30083006a00302010482" );
02168         
02169             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02170             if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02171             {
02172                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02173                 
02174                 fct_chk( res != -1 );
02175                 fct_chk( res != -2 );
02176         
02177                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02178             }
02179         }
02180         FCT_TEST_END();
02181 
02182 
02183         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg)
02184         {
02185             x509_cert   crt;
02186             unsigned char buf[2000];
02187             unsigned char output[2000];
02188             int data_len, res;
02189         
02190             memset( &crt, 0, sizeof( x509_cert ) );
02191             memset( buf, 0, 2000 );
02192             memset( output, 0, 2000 );
02193         
02194             data_len = unhexify( buf, "300d300ba0030201048204deadbeef" );
02195         
02196             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02197             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02198             {
02199                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02200                 
02201                 fct_chk( res != -1 );
02202                 fct_chk( res != -2 );
02203         
02204                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02205             }
02206         }
02207         FCT_TEST_END();
02208 
02209 
02210         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg_oid)
02211         {
02212             x509_cert   crt;
02213             unsigned char buf[2000];
02214             unsigned char output[2000];
02215             int data_len, res;
02216         
02217             memset( &crt, 0, sizeof( x509_cert ) );
02218             memset( buf, 0, 2000 );
02219             memset( output, 0, 2000 );
02220         
02221             data_len = unhexify( buf, "300e300ca0030201048204deadbeef00" );
02222         
02223             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02224             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02225             {
02226                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02227                 
02228                 fct_chk( res != -1 );
02229                 fct_chk( res != -2 );
02230         
02231                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02232             }
02233         }
02234         FCT_TEST_END();
02235 
02236 
02237         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_oid_no_data_in_sequence)
02238         {
02239             x509_cert   crt;
02240             unsigned char buf[2000];
02241             unsigned char output[2000];
02242             int data_len, res;
02243         
02244             memset( &crt, 0, sizeof( x509_cert ) );
02245             memset( buf, 0, 2000 );
02246             memset( output, 0, 2000 );
02247         
02248             data_len = unhexify( buf, "300f300da0030201048204deadbeef3000" );
02249         
02250             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02251             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02252             {
02253                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02254                 
02255                 fct_chk( res != -1 );
02256                 fct_chk( res != -2 );
02257         
02258                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02259             }
02260         }
02261         FCT_TEST_END();
02262 
02263 
02264         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_with_params)
02265         {
02266             x509_cert   crt;
02267             unsigned char buf[2000];
02268             unsigned char output[2000];
02269             int data_len, res;
02270         
02271             memset( &crt, 0, sizeof( x509_cert ) );
02272             memset( buf, 0, 2000 );
02273             memset( output, 0, 2000 );
02274         
02275             data_len = unhexify( buf, "30163014a0030201048204deadbeef30070604cafed00d01" );
02276         
02277             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02278             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02279             {
02280                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02281                 
02282                 fct_chk( res != -1 );
02283                 fct_chk( res != -2 );
02284         
02285                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02286             }
02287         }
02288         FCT_TEST_END();
02289 
02290 
02291         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_no_params_unknown_version)
02292         {
02293             x509_cert   crt;
02294             unsigned char buf[2000];
02295             unsigned char output[2000];
02296             int data_len, res;
02297         
02298             memset( &crt, 0, sizeof( x509_cert ) );
02299             memset( buf, 0, 2000 );
02300             memset( output, 0, 2000 );
02301         
02302             data_len = unhexify( buf, "30153013a0030201048204deadbeef30060604cafed00d" );
02303         
02304             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
02305             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) == 0 )
02306             {
02307                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02308                 
02309                 fct_chk( res != -1 );
02310                 fct_chk( res != -2 );
02311         
02312                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02313             }
02314         }
02315         FCT_TEST_END();
02316 
02317 
02318         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_unknown_version)
02319         {
02320             x509_cert   crt;
02321             unsigned char buf[2000];
02322             unsigned char output[2000];
02323             int data_len, res;
02324         
02325             memset( &crt, 0, sizeof( x509_cert ) );
02326             memset( buf, 0, 2000 );
02327             memset( output, 0, 2000 );
02328         
02329             data_len = unhexify( buf, "30173015a0030201048204deadbeef30080604cafed00d0500" );
02330         
02331             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
02332             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) == 0 )
02333             {
02334                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02335                 
02336                 fct_chk( res != -1 );
02337                 fct_chk( res != -2 );
02338         
02339                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02340             }
02341         }
02342         FCT_TEST_END();
02343 
02344 
02345         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_length_mismatch)
02346         {
02347             x509_cert   crt;
02348             unsigned char buf[2000];
02349             unsigned char output[2000];
02350             int data_len, res;
02351         
02352             memset( &crt, 0, sizeof( x509_cert ) );
02353             memset( buf, 0, 2000 );
02354             memset( output, 0, 2000 );
02355         
02356             data_len = unhexify( buf, "30183016a0030201048204deadbeef30090604cafed00d050000" );
02357         
02358             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
02359             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
02360             {
02361                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02362                 
02363                 fct_chk( res != -1 );
02364                 fct_chk( res != -2 );
02365         
02366                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02367             }
02368         }
02369         FCT_TEST_END();
02370 
02371 
02372         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_alg_id)
02373         {
02374             x509_cert   crt;
02375             unsigned char buf[2000];
02376             unsigned char output[2000];
02377             int data_len, res;
02378         
02379             memset( &crt, 0, sizeof( x509_cert ) );
02380             memset( buf, 0, 2000 );
02381             memset( output, 0, 2000 );
02382         
02383             data_len = unhexify( buf, "30173015a0030201028204deadbeef30080604cafed00d0500" );
02384         
02385             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
02386             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 )
02387             {
02388                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02389                 
02390                 fct_chk( res != -1 );
02391                 fct_chk( res != -2 );
02392         
02393                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02394             }
02395         }
02396         FCT_TEST_END();
02397 
02398 
02399         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_specific_alg_id)
02400         {
02401             x509_cert   crt;
02402             unsigned char buf[2000];
02403             unsigned char output[2000];
02404             int data_len, res;
02405         
02406             memset( &crt, 0, sizeof( x509_cert ) );
02407             memset( buf, 0, 2000 );
02408             memset( output, 0, 2000 );
02409         
02410             data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101020500" );
02411         
02412             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02413             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02414             {
02415                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02416                 
02417                 fct_chk( res != -1 );
02418                 fct_chk( res != -2 );
02419         
02420                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02421             }
02422         }
02423         FCT_TEST_END();
02424 
02425 
02426         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_specific_alg_id)
02427         {
02428             x509_cert   crt;
02429             unsigned char buf[2000];
02430             unsigned char output[2000];
02431             int data_len, res;
02432         
02433             memset( &crt, 0, sizeof( x509_cert ) );
02434             memset( buf, 0, 2000 );
02435             memset( output, 0, 2000 );
02436         
02437             data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101010500" );
02438         
02439             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
02440             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 )
02441             {
02442                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02443                 
02444                 fct_chk( res != -1 );
02445                 fct_chk( res != -2 );
02446         
02447                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02448             }
02449         }
02450         FCT_TEST_END();
02451 
02452 
02453         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_set_data)
02454         {
02455             x509_cert   crt;
02456             unsigned char buf[2000];
02457             unsigned char output[2000];
02458             int data_len, res;
02459         
02460             memset( &crt, 0, sizeof( x509_cert ) );
02461             memset( buf, 0, 2000 );
02462             memset( output, 0, 2000 );
02463         
02464             data_len = unhexify( buf, "301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000" );
02465         
02466             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02467             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02468             {
02469                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02470                 
02471                 fct_chk( res != -1 );
02472                 fct_chk( res != -2 );
02473         
02474                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02475             }
02476         }
02477         FCT_TEST_END();
02478 
02479 
02480         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_seq_data)
02481         {
02482             x509_cert   crt;
02483             unsigned char buf[2000];
02484             unsigned char output[2000];
02485             int data_len, res;
02486         
02487             memset( &crt, 0, sizeof( x509_cert ) );
02488             memset( buf, 0, 2000 );
02489             memset( output, 0, 2000 );
02490         
02491             data_len = unhexify( buf, "3020301ea0030201028204deadbeef300d06092a864886f70d010102050030023100" );
02492         
02493             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02494             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02495             {
02496                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02497                 
02498                 fct_chk( res != -1 );
02499                 fct_chk( res != -2 );
02500         
02501                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02502             }
02503         }
02504         FCT_TEST_END();
02505 
02506 
02507         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_set_data)
02508         {
02509             x509_cert   crt;
02510             unsigned char buf[2000];
02511             unsigned char output[2000];
02512             int data_len, res;
02513         
02514             memset( &crt, 0, sizeof( x509_cert ) );
02515             memset( buf, 0, 2000 );
02516             memset( output, 0, 2000 );
02517         
02518             data_len = unhexify( buf, "30223020a0030201028204deadbeef300d06092a864886f70d0101020500300431023000" );
02519         
02520             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02521             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02522             {
02523                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02524                 
02525                 fct_chk( res != -1 );
02526                 fct_chk( res != -2 );
02527         
02528                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02529             }
02530         }
02531         FCT_TEST_END();
02532 
02533 
02534         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_two_inner_set_datas)
02535         {
02536             x509_cert   crt;
02537             unsigned char buf[2000];
02538             unsigned char output[2000];
02539             int data_len, res;
02540         
02541             memset( &crt, 0, sizeof( x509_cert ) );
02542             memset( buf, 0, 2000 );
02543             memset( output, 0, 2000 );
02544         
02545             data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430003000" );
02546         
02547             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02548             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02549             {
02550                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02551                 
02552                 fct_chk( res != -1 );
02553                 fct_chk( res != -2 );
02554         
02555                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02556             }
02557         }
02558         FCT_TEST_END();
02559 
02560 
02561         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_oid_data)
02562         {
02563             x509_cert   crt;
02564             unsigned char buf[2000];
02565             unsigned char output[2000];
02566             int data_len, res;
02567         
02568             memset( &crt, 0, sizeof( x509_cert ) );
02569             memset( buf, 0, 2000 );
02570             memset( output, 0, 2000 );
02571         
02572             data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430020600" );
02573         
02574             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02575             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02576             {
02577                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02578                 
02579                 fct_chk( res != -1 );
02580                 fct_chk( res != -2 );
02581         
02582                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02583             }
02584         }
02585         FCT_TEST_END();
02586 
02587 
02588         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_invalid_tag)
02589         {
02590             x509_cert   crt;
02591             unsigned char buf[2000];
02592             unsigned char output[2000];
02593             int data_len, res;
02594         
02595             memset( &crt, 0, sizeof( x509_cert ) );
02596             memset( buf, 0, 2000 );
02597             memset( output, 0, 2000 );
02598         
02599             data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600060454657374" );
02600         
02601             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02602             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02603             {
02604                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02605                 
02606                 fct_chk( res != -1 );
02607                 fct_chk( res != -2 );
02608         
02609                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02610             }
02611         }
02612         FCT_TEST_END();
02613 
02614 
02615         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_string_data)
02616         {
02617             x509_cert   crt;
02618             unsigned char buf[2000];
02619             unsigned char output[2000];
02620             int data_len, res;
02621         
02622             memset( &crt, 0, sizeof( x509_cert ) );
02623             memset( buf, 0, 2000 );
02624             memset( output, 0, 2000 );
02625         
02626             data_len = unhexify( buf, "30253023a0030201028204deadbeef300d06092a864886f70d0101020500300731053003060013" );
02627         
02628             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02629             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02630             {
02631                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02632                 
02633                 fct_chk( res != -1 );
02634                 fct_chk( res != -2 );
02635         
02636                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02637             }
02638         }
02639         FCT_TEST_END();
02640 
02641 
02642         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_full_following_string)
02643         {
02644             x509_cert   crt;
02645             unsigned char buf[2000];
02646             unsigned char output[2000];
02647             int data_len, res;
02648         
02649             memset( &crt, 0, sizeof( x509_cert ) );
02650             memset( buf, 0, 2000 );
02651             memset( output, 0, 2000 );
02652         
02653             data_len = unhexify( buf, "302b3029a0030201028204deadbeef300d06092a864886f70d0101020500300d310b3009060013045465737400" );
02654         
02655             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
02656             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
02657             {
02658                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02659                 
02660                 fct_chk( res != -1 );
02661                 fct_chk( res != -2 );
02662         
02663                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02664             }
02665         }
02666         FCT_TEST_END();
02667 
02668 
02669         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_issuer_no_validity)
02670         {
02671             x509_cert   crt;
02672             unsigned char buf[2000];
02673             unsigned char output[2000];
02674             int data_len, res;
02675         
02676             memset( &crt, 0, sizeof( x509_cert ) );
02677             memset( buf, 0, 2000 );
02678             memset( output, 0, 2000 );
02679         
02680             data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374" );
02681         
02682             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02683             if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02684             {
02685                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02686                 
02687                 fct_chk( res != -1 );
02688                 fct_chk( res != -2 );
02689         
02690                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02691             }
02692         }
02693         FCT_TEST_END();
02694 
02695 
02696         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_too_much_date_data)
02697         {
02698             x509_cert   crt;
02699             unsigned char buf[2000];
02700             unsigned char output[2000];
02701             int data_len, res;
02702         
02703             memset( &crt, 0, sizeof( x509_cert ) );
02704             memset( buf, 0, 2000 );
02705             memset( output, 0, 2000 );
02706         
02707             data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301d170c303930313031303030303030170c30393132333132333539353900" );
02708         
02709             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
02710             if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
02711             {
02712                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02713                 
02714                 fct_chk( res != -1 );
02715                 fct_chk( res != -2 );
02716         
02717                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02718             }
02719         }
02720         FCT_TEST_END();
02721 
02722 
02723         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_from_date)
02724         {
02725             x509_cert   crt;
02726             unsigned char buf[2000];
02727             unsigned char output[2000];
02728             int data_len, res;
02729         
02730             memset( &crt, 0, sizeof( x509_cert ) );
02731             memset( buf, 0, 2000 );
02732             memset( output, 0, 2000 );
02733         
02734             data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323300000000" );
02735         
02736             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) );
02737             if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) == 0 )
02738             {
02739                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02740                 
02741                 fct_chk( res != -1 );
02742                 fct_chk( res != -2 );
02743         
02744                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02745             }
02746         }
02747         FCT_TEST_END();
02748 
02749 
02750         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_to_date)
02751         {
02752             x509_cert   crt;
02753             unsigned char buf[2000];
02754             unsigned char output[2000];
02755             int data_len, res;
02756         
02757             memset( &crt, 0, sizeof( x509_cert ) );
02758             memset( buf, 0, 2000 );
02759             memset( output, 0, 2000 );
02760         
02761             data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323300000000" );
02762         
02763             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) );
02764             if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) == 0 )
02765             {
02766                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02767                 
02768                 fct_chk( res != -1 );
02769                 fct_chk( res != -2 );
02770         
02771                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02772             }
02773         }
02774         FCT_TEST_END();
02775 
02776 
02777         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_validity_no_subject)
02778         {
02779             x509_cert   crt;
02780             unsigned char buf[2000];
02781             unsigned char output[2000];
02782             int data_len, res;
02783         
02784             memset( &crt, 0, sizeof( x509_cert ) );
02785             memset( buf, 0, 2000 );
02786             memset( output, 0, 2000 );
02787         
02788             data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930" );
02789         
02790             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02791             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02792             {
02793                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02794                 
02795                 fct_chk( res != -1 );
02796                 fct_chk( res != -2 );
02797         
02798                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02799             }
02800         }
02801         FCT_TEST_END();
02802 
02803 
02804         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_no_pubkeyinfo)
02805         {
02806             x509_cert   crt;
02807             unsigned char buf[2000];
02808             unsigned char output[2000];
02809             int data_len, res;
02810         
02811             memset( &crt, 0, sizeof( x509_cert ) );
02812             memset( buf, 0, 2000 );
02813             memset( output, 0, 2000 );
02814         
02815             data_len = unhexify( buf, "30563054a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374" );
02816         
02817             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02818             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02819             {
02820                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02821                 
02822                 fct_chk( res != -1 );
02823                 fct_chk( res != -2 );
02824         
02825                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02826             }
02827         }
02828         FCT_TEST_END();
02829 
02830 
02831         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_alg)
02832         {
02833             x509_cert   crt;
02834             unsigned char buf[2000];
02835             unsigned char output[2000];
02836             int data_len, res;
02837         
02838             memset( &crt, 0, sizeof( x509_cert ) );
02839             memset( buf, 0, 2000 );
02840             memset( output, 0, 2000 );
02841         
02842             data_len = unhexify( buf, "30583056a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000" );
02843         
02844             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02845             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02846             {
02847                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02848                 
02849                 fct_chk( res != -1 );
02850                 fct_chk( res != -2 );
02851         
02852                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02853             }
02854         }
02855         FCT_TEST_END();
02856 
02857 
02858         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_unknown_pk_alg)
02859         {
02860             x509_cert   crt;
02861             unsigned char buf[2000];
02862             unsigned char output[2000];
02863             int data_len, res;
02864         
02865             memset( &crt, 0, sizeof( x509_cert ) );
02866             memset( buf, 0, 2000 );
02867             memset( output, 0, 2000 );
02868         
02869             data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101000500" );
02870         
02871             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) );
02872             if( ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) == 0 )
02873             {
02874                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02875                 
02876                 fct_chk( res != -1 );
02877                 fct_chk( res != -2 );
02878         
02879                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02880             }
02881         }
02882         FCT_TEST_END();
02883 
02884 
02885         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring)
02886         {
02887             x509_cert   crt;
02888             unsigned char buf[2000];
02889             unsigned char output[2000];
02890             int data_len, res;
02891         
02892             memset( &crt, 0, sizeof( x509_cert ) );
02893             memset( buf, 0, 2000 );
02894             memset( output, 0, 2000 );
02895         
02896             data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500" );
02897         
02898             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02899             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02900             {
02901                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02902                 
02903                 fct_chk( res != -1 );
02904                 fct_chk( res != -2 );
02905         
02906                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02907             }
02908         }
02909         FCT_TEST_END();
02910 
02911 
02912         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring_data)
02913         {
02914             x509_cert   crt;
02915             unsigned char buf[2000];
02916             unsigned char output[2000];
02917             int data_len, res;
02918         
02919             memset( &crt, 0, sizeof( x509_cert ) );
02920             memset( buf, 0, 2000 );
02921             memset( output, 0, 2000 );
02922         
02923             data_len = unhexify( buf, "30693067a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300" );
02924         
02925             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
02926             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
02927             {
02928                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02929                 
02930                 fct_chk( res != -1 );
02931                 fct_chk( res != -2 );
02932         
02933                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02934             }
02935         }
02936         FCT_TEST_END();
02937 
02938 
02939         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_bitstring_start)
02940         {
02941             x509_cert   crt;
02942             unsigned char buf[2000];
02943             unsigned char output[2000];
02944             int data_len, res;
02945         
02946             memset( &crt, 0, sizeof( x509_cert ) );
02947             memset( buf, 0, 2000 );
02948             memset( output, 0, 2000 );
02949         
02950             data_len = unhexify( buf, "306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101" );
02951         
02952             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ) );
02953             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ) == 0 )
02954             {
02955                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02956                 
02957                 fct_chk( res != -1 );
02958                 fct_chk( res != -2 );
02959         
02960                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02961             }
02962         }
02963         FCT_TEST_END();
02964 
02965 
02966         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_length)
02967         {
02968             x509_cert   crt;
02969             unsigned char buf[2000];
02970             unsigned char output[2000];
02971             int data_len, res;
02972         
02973             memset( &crt, 0, sizeof( x509_cert ) );
02974             memset( buf, 0, 2000 );
02975             memset( output, 0, 2000 );
02976         
02977             data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000" );
02978         
02979             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
02980             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
02981             {
02982                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
02983                 
02984                 fct_chk( res != -1 );
02985                 fct_chk( res != -2 );
02986         
02987                 fct_chk( strcmp( (char *) output, "" ) == 0 );
02988             }
02989         }
02990         FCT_TEST_END();
02991 
02992 
02993         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_tag)
02994         {
02995             x509_cert   crt;
02996             unsigned char buf[2000];
02997             unsigned char output[2000];
02998             int data_len, res;
02999         
03000             memset( &crt, 0, sizeof( x509_cert ) );
03001             memset( buf, 0, 2000 );
03002             memset( output, 0, 2000 );
03003         
03004             data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000" );
03005         
03006             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
03007             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
03008             {
03009                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03010                 
03011                 fct_chk( res != -1 );
03012                 fct_chk( res != -2 );
03013         
03014                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03015             }
03016         }
03017         FCT_TEST_END();
03018 
03019 
03020         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_mpi)
03021         {
03022             x509_cert   crt;
03023             unsigned char buf[2000];
03024             unsigned char output[2000];
03025             int data_len, res;
03026         
03027             memset( &crt, 0, sizeof( x509_cert ) );
03028             memset( buf, 0, 2000 );
03029             memset( output, 0, 2000 );
03030         
03031             data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff" );
03032         
03033             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
03034             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
03035             {
03036                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03037                 
03038                 fct_chk( res != -1 );
03039                 fct_chk( res != -2 );
03040         
03041                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03042             }
03043         }
03044         FCT_TEST_END();
03045 
03046 
03047         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_total_length_mismatch)
03048         {
03049             x509_cert   crt;
03050             unsigned char buf[2000];
03051             unsigned char output[2000];
03052             int data_len, res;
03053         
03054             memset( &crt, 0, sizeof( x509_cert ) );
03055             memset( buf, 0, 2000 );
03056             memset( output, 0, 2000 );
03057         
03058             data_len = unhexify( buf, "30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00" );
03059         
03060             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
03061             if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
03062             {
03063                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03064                 
03065                 fct_chk( res != -1 );
03066                 fct_chk( res != -2 );
03067         
03068                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03069             }
03070         }
03071         FCT_TEST_END();
03072 
03073 
03074         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed)
03075         {
03076             x509_cert   crt;
03077             unsigned char buf[2000];
03078             unsigned char output[2000];
03079             int data_len, res;
03080         
03081             memset( &crt, 0, sizeof( x509_cert ) );
03082             memset( buf, 0, 2000 );
03083             memset( output, 0, 2000 );
03084         
03085             data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff" );
03086         
03087             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
03088             if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
03089             {
03090                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03091                 
03092                 fct_chk( res != -1 );
03093                 fct_chk( res != -2 );
03094         
03095                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03096             }
03097         }
03098         FCT_TEST_END();
03099 
03100 
03101         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed_expanded_length_notation)
03102         {
03103             x509_cert   crt;
03104             unsigned char buf[2000];
03105             unsigned char output[2000];
03106             int data_len, res;
03107         
03108             memset( &crt, 0, sizeof( x509_cert ) );
03109             memset( buf, 0, 2000 );
03110             memset( output, 0, 2000 );
03111         
03112             data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff" );
03113         
03114             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
03115             if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
03116             {
03117                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03118                 
03119                 fct_chk( res != -1 );
03120                 fct_chk( res != -2 );
03121         
03122                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03123             }
03124         }
03125         FCT_TEST_END();
03126 
03127 
03128         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_optional_uids_extensions_not_present)
03129         {
03130             x509_cert   crt;
03131             unsigned char buf[2000];
03132             unsigned char output[2000];
03133             int data_len, res;
03134         
03135             memset( &crt, 0, sizeof( x509_cert ) );
03136             memset( buf, 0, 2000 );
03137             memset( output, 0, 2000 );
03138         
03139             data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" );
03140         
03141             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03142             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03143             {
03144                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03145                 
03146                 fct_chk( res != -1 );
03147                 fct_chk( res != -2 );
03148         
03149                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03150             }
03151         }
03152         FCT_TEST_END();
03153 
03154 
03155         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_issuerid_wrong_tag)
03156         {
03157             x509_cert   crt;
03158             unsigned char buf[2000];
03159             unsigned char output[2000];
03160             int data_len, res;
03161         
03162             memset( &crt, 0, sizeof( x509_cert ) );
03163             memset( buf, 0, 2000 );
03164             memset( output, 0, 2000 );
03165         
03166             data_len = unhexify( buf, "308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00" );
03167         
03168             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
03169             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
03170             {
03171                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03172                 
03173                 fct_chk( res != -1 );
03174                 fct_chk( res != -2 );
03175         
03176                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03177             }
03178         }
03179         FCT_TEST_END();
03180 
03181 
03182         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_no_ext)
03183         {
03184             x509_cert   crt;
03185             unsigned char buf[2000];
03186             unsigned char output[2000];
03187             int data_len, res;
03188         
03189             memset( &crt, 0, sizeof( x509_cert ) );
03190             memset( buf, 0, 2000 );
03191             memset( output, 0, 2000 );
03192         
03193             data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb" );
03194         
03195             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03196             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03197             {
03198                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03199                 
03200                 fct_chk( res != -1 );
03201                 fct_chk( res != -2 );
03202         
03203                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03204             }
03205         }
03206         FCT_TEST_END();
03207 
03208 
03209         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_invalid_length)
03210         {
03211             x509_cert   crt;
03212             unsigned char buf[2000];
03213             unsigned char output[2000];
03214             int data_len, res;
03215         
03216             memset( &crt, 0, sizeof( x509_cert ) );
03217             memset( buf, 0, 2000 );
03218             memset( output, 0, 2000 );
03219         
03220             data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb" );
03221         
03222             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) );
03223             if( ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 )
03224             {
03225                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03226                 
03227                 fct_chk( res != -1 );
03228                 fct_chk( res != -2 );
03229         
03230                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03231             }
03232         }
03233         FCT_TEST_END();
03234 
03235 
03236         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_empty)
03237         {
03238             x509_cert   crt;
03239             unsigned char buf[2000];
03240             unsigned char output[2000];
03241             int data_len, res;
03242         
03243             memset( &crt, 0, sizeof( x509_cert ) );
03244             memset( buf, 0, 2000 );
03245             memset( output, 0, 2000 );
03246         
03247             data_len = unhexify( buf, "30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300" );
03248         
03249             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03250             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03251             {
03252                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03253                 
03254                 fct_chk( res != -1 );
03255                 fct_chk( res != -2 );
03256         
03257                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03258             }
03259         }
03260         FCT_TEST_END();
03261 
03262 
03263         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_length_mismatch)
03264         {
03265             x509_cert   crt;
03266             unsigned char buf[2000];
03267             unsigned char output[2000];
03268             int data_len, res;
03269         
03270             memset( &crt, 0, sizeof( x509_cert ) );
03271             memset( buf, 0, 2000 );
03272             memset( output, 0, 2000 );
03273         
03274             data_len = unhexify( buf, "30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000" );
03275         
03276             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
03277             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
03278             {
03279                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03280                 
03281                 fct_chk( res != -1 );
03282                 fct_chk( res != -2 );
03283         
03284                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03285             }
03286         }
03287         FCT_TEST_END();
03288 
03289 
03290         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid)
03291         {
03292             x509_cert   crt;
03293             unsigned char buf[2000];
03294             unsigned char output[2000];
03295             int data_len, res;
03296         
03297             memset( &crt, 0, sizeof( x509_cert ) );
03298             memset( buf, 0, 2000 );
03299             memset( output, 0, 2000 );
03300         
03301             data_len = unhexify( buf, "30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000" );
03302         
03303             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03304             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03305             {
03306                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03307                 
03308                 fct_chk( res != -1 );
03309                 fct_chk( res != -2 );
03310         
03311                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03312             }
03313         }
03314         FCT_TEST_END();
03315 
03316 
03317         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid_tag)
03318         {
03319             x509_cert   crt;
03320             unsigned char buf[2000];
03321             unsigned char output[2000];
03322             int data_len, res;
03323         
03324             memset( &crt, 0, sizeof( x509_cert ) );
03325             memset( buf, 0, 2000 );
03326             memset( output, 0, 2000 );
03327         
03328             data_len = unhexify( buf, "30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000" );
03329         
03330             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
03331             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
03332             {
03333                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03334                 
03335                 fct_chk( res != -1 );
03336                 fct_chk( res != -2 );
03337         
03338                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03339             }
03340         }
03341         FCT_TEST_END();
03342 
03343 
03344         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_bool_len_missing)
03345         {
03346             x509_cert   crt;
03347             unsigned char buf[2000];
03348             unsigned char output[2000];
03349             int data_len, res;
03350         
03351             memset( &crt, 0, sizeof( x509_cert ) );
03352             memset( buf, 0, 2000 );
03353             memset( output, 0, 2000 );
03354         
03355             data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100" );
03356         
03357             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03358             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03359             {
03360                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03361                 
03362                 fct_chk( res != -1 );
03363                 fct_chk( res != -2 );
03364         
03365                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03366             }
03367         }
03368         FCT_TEST_END();
03369 
03370 
03371         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_data_missing)
03372         {
03373             x509_cert   crt;
03374             unsigned char buf[2000];
03375             unsigned char output[2000];
03376             int data_len, res;
03377         
03378             memset( &crt, 0, sizeof( x509_cert ) );
03379             memset( buf, 0, 2000 );
03380             memset( output, 0, 2000 );
03381         
03382             data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100" );
03383         
03384             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03385             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03386             {
03387                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03388                 
03389                 fct_chk( res != -1 );
03390                 fct_chk( res != -2 );
03391         
03392                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03393             }
03394         }
03395         FCT_TEST_END();
03396 
03397 
03398         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_octet_present)
03399         {
03400             x509_cert   crt;
03401             unsigned char buf[2000];
03402             unsigned char output[2000];
03403             int data_len, res;
03404         
03405             memset( &crt, 0, sizeof( x509_cert ) );
03406             memset( buf, 0, 2000 );
03407             memset( output, 0, 2000 );
03408         
03409             data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100" );
03410         
03411             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
03412             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
03413             {
03414                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03415                 
03416                 fct_chk( res != -1 );
03417                 fct_chk( res != -2 );
03418         
03419                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03420             }
03421         }
03422         FCT_TEST_END();
03423 
03424 
03425         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_data_missing)
03426         {
03427             x509_cert   crt;
03428             unsigned char buf[2000];
03429             unsigned char output[2000];
03430             int data_len, res;
03431         
03432             memset( &crt, 0, sizeof( x509_cert ) );
03433             memset( buf, 0, 2000 );
03434             memset( output, 0, 2000 );
03435         
03436             data_len = unhexify( buf, "30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100" );
03437         
03438             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
03439             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
03440             {
03441                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03442                 
03443                 fct_chk( res != -1 );
03444                 fct_chk( res != -2 );
03445         
03446                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03447             }
03448         }
03449         FCT_TEST_END();
03450 
03451 
03452         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_pathlen)
03453         {
03454             x509_cert   crt;
03455             unsigned char buf[2000];
03456             unsigned char output[2000];
03457             int data_len, res;
03458         
03459             memset( &crt, 0, sizeof( x509_cert ) );
03460             memset( buf, 0, 2000 );
03461             memset( output, 0, 2000 );
03462         
03463             data_len = unhexify( buf, "30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102" );
03464         
03465             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03466             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03467             {
03468                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03469                 
03470                 fct_chk( res != -1 );
03471                 fct_chk( res != -2 );
03472         
03473                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03474             }
03475         }
03476         FCT_TEST_END();
03477 
03478 
03479         FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_len_mismatch)
03480         {
03481             x509_cert   crt;
03482             unsigned char buf[2000];
03483             unsigned char output[2000];
03484             int data_len, res;
03485         
03486             memset( &crt, 0, sizeof( x509_cert ) );
03487             memset( buf, 0, 2000 );
03488             memset( output, 0, 2000 );
03489         
03490             data_len = unhexify( buf, "3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100" );
03491         
03492             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
03493             if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
03494             {
03495                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03496                 
03497                 fct_chk( res != -1 );
03498                 fct_chk( res != -2 );
03499         
03500                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03501             }
03502         }
03503         FCT_TEST_END();
03504 
03505 
03506         FCT_TEST_BGN(x509_certificate_asn1_correct_pubkey_no_sig_alg)
03507         {
03508             x509_cert   crt;
03509             unsigned char buf[2000];
03510             unsigned char output[2000];
03511             int data_len, res;
03512         
03513             memset( &crt, 0, sizeof( x509_cert ) );
03514             memset( buf, 0, 2000 );
03515             memset( output, 0, 2000 );
03516         
03517             data_len = unhexify( buf, "308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" );
03518         
03519             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03520             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03521             {
03522                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03523                 
03524                 fct_chk( res != -1 );
03525                 fct_chk( res != -2 );
03526         
03527                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03528             }
03529         }
03530         FCT_TEST_END();
03531 
03532 
03533         FCT_TEST_BGN(x509_certificate_asn1_sig_alg_mismatch)
03534         {
03535             x509_cert   crt;
03536             unsigned char buf[2000];
03537             unsigned char output[2000];
03538             int data_len, res;
03539         
03540             memset( &crt, 0, sizeof( x509_cert ) );
03541             memset( buf, 0, 2000 );
03542             memset( output, 0, 2000 );
03543         
03544             data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500" );
03545         
03546             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) );
03547             if( ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) == 0 )
03548             {
03549                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03550                 
03551                 fct_chk( res != -1 );
03552                 fct_chk( res != -2 );
03553         
03554                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03555             }
03556         }
03557         FCT_TEST_END();
03558 
03559 
03560         FCT_TEST_BGN(x509_certificate_asn1_sig_alg_no_sig)
03561         {
03562             x509_cert   crt;
03563             unsigned char buf[2000];
03564             unsigned char output[2000];
03565             int data_len, res;
03566         
03567             memset( &crt, 0, sizeof( x509_cert ) );
03568             memset( buf, 0, 2000 );
03569             memset( output, 0, 2000 );
03570         
03571             data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500" );
03572         
03573             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
03574             if( ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
03575             {
03576                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03577                 
03578                 fct_chk( res != -1 );
03579                 fct_chk( res != -2 );
03580         
03581                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03582             }
03583         }
03584         FCT_TEST_END();
03585 
03586 
03587         FCT_TEST_BGN(x509_certificate_asn1_signature_invalid_sig_data)
03588         {
03589             x509_cert   crt;
03590             unsigned char buf[2000];
03591             unsigned char output[2000];
03592             int data_len, res;
03593         
03594             memset( &crt, 0, sizeof( x509_cert ) );
03595             memset( buf, 0, 2000 );
03596             memset( output, 0, 2000 );
03597         
03598             data_len = unhexify( buf, "308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100" );
03599         
03600             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ) );
03601             if( ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ) == 0 )
03602             {
03603                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03604                 
03605                 fct_chk( res != -1 );
03606                 fct_chk( res != -2 );
03607         
03608                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03609             }
03610         }
03611         FCT_TEST_END();
03612 
03613 
03614         FCT_TEST_BGN(x509_certificate_asn1_signature_data_left)
03615         {
03616             x509_cert   crt;
03617             unsigned char buf[2000];
03618             unsigned char output[2000];
03619             int data_len, res;
03620         
03621             memset( &crt, 0, sizeof( x509_cert ) );
03622             memset( buf, 0, 2000 );
03623             memset( output, 0, 2000 );
03624         
03625             data_len = unhexify( buf, "308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00" );
03626         
03627             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
03628             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
03629             {
03630                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03631                 
03632                 fct_chk( res != -1 );
03633                 fct_chk( res != -2 );
03634         
03635                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03636             }
03637         }
03638         FCT_TEST_END();
03639 
03640 
03641         FCT_TEST_BGN(x509_certificate_asn1_correct)
03642         {
03643             x509_cert   crt;
03644             unsigned char buf[2000];
03645             unsigned char output[2000];
03646             int data_len, res;
03647         
03648             memset( &crt, 0, sizeof( x509_cert ) );
03649             memset( buf, 0, 2000 );
03650             memset( output, 0, 2000 );
03651         
03652             data_len = unhexify( buf, "308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03653         
03654             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03655             if( ( 0 ) == 0 )
03656             {
03657                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03658                 
03659                 fct_chk( res != -1 );
03660                 fct_chk( res != -2 );
03661         
03662                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : ?\?=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03663             }
03664         }
03665         FCT_TEST_END();
03666 
03667 
03668         FCT_TEST_BGN(x509_certificate_asn1_generalizedtime_instead_of_utctime)
03669         {
03670             x509_cert   crt;
03671             unsigned char buf[2000];
03672             unsigned char output[2000];
03673             int data_len, res;
03674         
03675             memset( &crt, 0, sizeof( x509_cert ) );
03676             memset( buf, 0, 2000 );
03677             memset( output, 0, 2000 );
03678         
03679             data_len = unhexify( buf, "308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03680         
03681             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03682             if( ( 0 ) == 0 )
03683             {
03684                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03685                 
03686                 fct_chk( res != -1 );
03687                 fct_chk( res != -2 );
03688         
03689                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : ?\?=Test\nsubject name  : ?\?=Test\nissued  on    : 2010-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03690             }
03691         }
03692         FCT_TEST_END();
03693 
03694 
03695         FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_cn)
03696         {
03697             x509_cert   crt;
03698             unsigned char buf[2000];
03699             unsigned char output[2000];
03700             int data_len, res;
03701         
03702             memset( &crt, 0, sizeof( x509_cert ) );
03703             memset( buf, 0, 2000 );
03704             memset( output, 0, 2000 );
03705         
03706             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03707         
03708             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03709             if( ( 0 ) == 0 )
03710             {
03711                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03712                 
03713                 fct_chk( res != -1 );
03714                 fct_chk( res != -2 );
03715         
03716                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : CN=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03717             }
03718         }
03719         FCT_TEST_END();
03720 
03721 
03722         FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_c)
03723         {
03724             x509_cert   crt;
03725             unsigned char buf[2000];
03726             unsigned char output[2000];
03727             int data_len, res;
03728         
03729             memset( &crt, 0, sizeof( x509_cert ) );
03730             memset( buf, 0, 2000 );
03731             memset( output, 0, 2000 );
03732         
03733             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03734         
03735             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03736             if( ( 0 ) == 0 )
03737             {
03738                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03739                 
03740                 fct_chk( res != -1 );
03741                 fct_chk( res != -2 );
03742         
03743                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : C=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03744             }
03745         }
03746         FCT_TEST_END();
03747 
03748 
03749         FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_l)
03750         {
03751             x509_cert   crt;
03752             unsigned char buf[2000];
03753             unsigned char output[2000];
03754             int data_len, res;
03755         
03756             memset( &crt, 0, sizeof( x509_cert ) );
03757             memset( buf, 0, 2000 );
03758             memset( output, 0, 2000 );
03759         
03760             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03761         
03762             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03763             if( ( 0 ) == 0 )
03764             {
03765                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03766                 
03767                 fct_chk( res != -1 );
03768                 fct_chk( res != -2 );
03769         
03770                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : L=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03771             }
03772         }
03773         FCT_TEST_END();
03774 
03775 
03776         FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_st)
03777         {
03778             x509_cert   crt;
03779             unsigned char buf[2000];
03780             unsigned char output[2000];
03781             int data_len, res;
03782         
03783             memset( &crt, 0, sizeof( x509_cert ) );
03784             memset( buf, 0, 2000 );
03785             memset( output, 0, 2000 );
03786         
03787             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03788         
03789             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03790             if( ( 0 ) == 0 )
03791             {
03792                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03793                 
03794                 fct_chk( res != -1 );
03795                 fct_chk( res != -2 );
03796         
03797                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : ST=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03798             }
03799         }
03800         FCT_TEST_END();
03801 
03802 
03803         FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_o)
03804         {
03805             x509_cert   crt;
03806             unsigned char buf[2000];
03807             unsigned char output[2000];
03808             int data_len, res;
03809         
03810             memset( &crt, 0, sizeof( x509_cert ) );
03811             memset( buf, 0, 2000 );
03812             memset( output, 0, 2000 );
03813         
03814             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03815         
03816             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03817             if( ( 0 ) == 0 )
03818             {
03819                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03820                 
03821                 fct_chk( res != -1 );
03822                 fct_chk( res != -2 );
03823         
03824                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : O=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03825             }
03826         }
03827         FCT_TEST_END();
03828 
03829 
03830         FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_ou)
03831         {
03832             x509_cert   crt;
03833             unsigned char buf[2000];
03834             unsigned char output[2000];
03835             int data_len, res;
03836         
03837             memset( &crt, 0, sizeof( x509_cert ) );
03838             memset( buf, 0, 2000 );
03839             memset( output, 0, 2000 );
03840         
03841             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03842         
03843             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03844             if( ( 0 ) == 0 )
03845             {
03846                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03847                 
03848                 fct_chk( res != -1 );
03849                 fct_chk( res != -2 );
03850         
03851                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : OU=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03852             }
03853         }
03854         FCT_TEST_END();
03855 
03856 
03857         FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_x520_part)
03858         {
03859             x509_cert   crt;
03860             unsigned char buf[2000];
03861             unsigned char output[2000];
03862             int data_len, res;
03863         
03864             memset( &crt, 0, sizeof( x509_cert ) );
03865             memset( buf, 0, 2000 );
03866             memset( output, 0, 2000 );
03867         
03868             data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03869         
03870             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03871             if( ( 0 ) == 0 )
03872             {
03873                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03874                 
03875                 fct_chk( res != -1 );
03876                 fct_chk( res != -2 );
03877         
03878                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : 0xDE=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03879             }
03880         }
03881         FCT_TEST_END();
03882 
03883 
03884         FCT_TEST_BGN(x509_certificate_asn1_name_with_pkcs9_email)
03885         {
03886             x509_cert   crt;
03887             unsigned char buf[2000];
03888             unsigned char output[2000];
03889             int data_len, res;
03890         
03891             memset( &crt, 0, sizeof( x509_cert ) );
03892             memset( buf, 0, 2000 );
03893             memset( output, 0, 2000 );
03894         
03895             data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03896         
03897             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03898             if( ( 0 ) == 0 )
03899             {
03900                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03901                 
03902                 fct_chk( res != -1 );
03903                 fct_chk( res != -2 );
03904         
03905                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : emailAddress=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03906             }
03907         }
03908         FCT_TEST_END();
03909 
03910 
03911         FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_pkcs9_part)
03912         {
03913             x509_cert   crt;
03914             unsigned char buf[2000];
03915             unsigned char output[2000];
03916             int data_len, res;
03917         
03918             memset( &crt, 0, sizeof( x509_cert ) );
03919             memset( buf, 0, 2000 );
03920             memset( output, 0, 2000 );
03921         
03922             data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
03923         
03924             fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
03925             if( ( 0 ) == 0 )
03926             {
03927                 res = x509parse_cert_info( (char *) output, 2000, "", &crt );
03928                 
03929                 fct_chk( res != -1 );
03930                 fct_chk( res != -2 );
03931         
03932                 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name   : 0xAB=Test\nsubject name  : ?\?=Test\nissued  on    : 2009-01-01 00:00:00\nexpires on    : 2009-12-31 23:59:59\nsigned using  : RSA+MD2\nRSA key size  : 128 bits\n" ) == 0 );
03933             }
03934         }
03935         FCT_TEST_END();
03936 
03937 
03938         FCT_TEST_BGN(x509_crl_asn1_incorrect_first_tag)
03939         {
03940             x509_crl   crl;
03941             unsigned char buf[2000];
03942             unsigned char output[2000];
03943             int data_len, res;
03944         
03945             memset( &crl, 0, sizeof( x509_crl ) );
03946             memset( buf, 0, 2000 );
03947             memset( output, 0, 2000 );
03948         
03949             data_len = unhexify( buf, "" );
03950         
03951             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) );
03952             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) == 0 )
03953             {
03954                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
03955                 
03956                 fct_chk( res != -1 );
03957                 fct_chk( res != -2 );
03958         
03959                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03960             }
03961         }
03962         FCT_TEST_END();
03963 
03964 
03965         FCT_TEST_BGN(x509_crl_asn1_correct_first_tag_data_length_does_not_match)
03966         {
03967             x509_crl   crl;
03968             unsigned char buf[2000];
03969             unsigned char output[2000];
03970             int data_len, res;
03971         
03972             memset( &crl, 0, sizeof( x509_crl ) );
03973             memset( buf, 0, 2000 );
03974             memset( output, 0, 2000 );
03975         
03976             data_len = unhexify( buf, "300000" );
03977         
03978             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
03979             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
03980             {
03981                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
03982                 
03983                 fct_chk( res != -1 );
03984                 fct_chk( res != -2 );
03985         
03986                 fct_chk( strcmp( (char *) output, "" ) == 0 );
03987             }
03988         }
03989         FCT_TEST_END();
03990 
03991 
03992         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_tag_missing)
03993         {
03994             x509_crl   crl;
03995             unsigned char buf[2000];
03996             unsigned char output[2000];
03997             int data_len, res;
03998         
03999             memset( &crl, 0, sizeof( x509_crl ) );
04000             memset( buf, 0, 2000 );
04001             memset( output, 0, 2000 );
04002         
04003             data_len = unhexify( buf, "3000" );
04004         
04005             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04006             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04007             {
04008                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04009                 
04010                 fct_chk( res != -1 );
04011                 fct_chk( res != -2 );
04012         
04013                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04014             }
04015         }
04016         FCT_TEST_END();
04017 
04018 
04019         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_tag_len_missing)
04020         {
04021             x509_crl   crl;
04022             unsigned char buf[2000];
04023             unsigned char output[2000];
04024             int data_len, res;
04025         
04026             memset( &crl, 0, sizeof( x509_crl ) );
04027             memset( buf, 0, 2000 );
04028             memset( output, 0, 2000 );
04029         
04030             data_len = unhexify( buf, "3003300102" );
04031         
04032             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04033             if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04034             {
04035                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04036                 
04037                 fct_chk( res != -1 );
04038                 fct_chk( res != -2 );
04039         
04040                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04041             }
04042         }
04043         FCT_TEST_END();
04044 
04045 
04046         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_correct_alg_missing)
04047         {
04048             x509_crl   crl;
04049             unsigned char buf[2000];
04050             unsigned char output[2000];
04051             int data_len, res;
04052         
04053             memset( &crl, 0, sizeof( x509_crl ) );
04054             memset( buf, 0, 2000 );
04055             memset( output, 0, 2000 );
04056         
04057             data_len = unhexify( buf, "30053003020100" );
04058         
04059             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04060             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04061             {
04062                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04063                 
04064                 fct_chk( res != -1 );
04065                 fct_chk( res != -2 );
04066         
04067                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04068             }
04069         }
04070         FCT_TEST_END();
04071 
04072 
04073         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_alg_correct_incorrect_version)
04074         {
04075             x509_crl   crl;
04076             unsigned char buf[2000];
04077             unsigned char output[2000];
04078             int data_len, res;
04079         
04080             memset( &crl, 0, sizeof( x509_crl ) );
04081             memset( buf, 0, 2000 );
04082             memset( output, 0, 2000 );
04083         
04084             data_len = unhexify( buf, "300b3009020102300406000500" );
04085         
04086             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
04087             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) == 0 )
04088             {
04089                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04090                 
04091                 fct_chk( res != -1 );
04092                 fct_chk( res != -2 );
04093         
04094                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04095             }
04096         }
04097         FCT_TEST_END();
04098 
04099 
04100         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_version_sig_oid1_unknown)
04101         {
04102             x509_crl   crl;
04103             unsigned char buf[2000];
04104             unsigned char output[2000];
04105             int data_len, res;
04106         
04107             memset( &crl, 0, sizeof( x509_crl ) );
04108             memset( buf, 0, 2000 );
04109             memset( output, 0, 2000 );
04110         
04111             data_len = unhexify( buf, "300b3009020100300406000500" );
04112         
04113             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
04114             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 )
04115             {
04116                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04117                 
04118                 fct_chk( res != -1 );
04119                 fct_chk( res != -2 );
04120         
04121                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04122             }
04123         }
04124         FCT_TEST_END();
04125 
04126 
04127         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_id_unknown)
04128         {
04129             x509_crl   crl;
04130             unsigned char buf[2000];
04131             unsigned char output[2000];
04132             int data_len, res;
04133         
04134             memset( &crl, 0, sizeof( x509_crl ) );
04135             memset( buf, 0, 2000 );
04136             memset( output, 0, 2000 );
04137         
04138             data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010f0500" );
04139         
04140             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
04141             if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 )
04142             {
04143                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04144                 
04145                 fct_chk( res != -1 );
04146                 fct_chk( res != -2 );
04147         
04148                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04149             }
04150         }
04151         FCT_TEST_END();
04152 
04153 
04154         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_correct_issuer_missing)
04155         {
04156             x509_crl   crl;
04157             unsigned char buf[2000];
04158             unsigned char output[2000];
04159             int data_len, res;
04160         
04161             memset( &crl, 0, sizeof( x509_crl ) );
04162             memset( buf, 0, 2000 );
04163             memset( output, 0, 2000 );
04164         
04165             data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010e0500" );
04166         
04167             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04168             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04169             {
04170                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04171                 
04172                 fct_chk( res != -1 );
04173                 fct_chk( res != -2 );
04174         
04175                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04176             }
04177         }
04178         FCT_TEST_END();
04179 
04180 
04181         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_issuer_set_missing)
04182         {
04183             x509_crl   crl;
04184             unsigned char buf[2000];
04185             unsigned char output[2000];
04186             int data_len, res;
04187         
04188             memset( &crl, 0, sizeof( x509_crl ) );
04189             memset( buf, 0, 2000 );
04190             memset( output, 0, 2000 );
04191         
04192             data_len = unhexify( buf, "30163014020100300d06092a864886f70d01010e05003000" );
04193         
04194             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04195             if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04196             {
04197                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04198                 
04199                 fct_chk( res != -1 );
04200                 fct_chk( res != -2 );
04201         
04202                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04203             }
04204         }
04205         FCT_TEST_END();
04206 
04207 
04208         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_issuer_thisupdate_missing)
04209         {
04210             x509_crl   crl;
04211             unsigned char buf[2000];
04212             unsigned char output[2000];
04213             int data_len, res;
04214         
04215             memset( &crl, 0, sizeof( x509_crl ) );
04216             memset( buf, 0, 2000 );
04217             memset( output, 0, 2000 );
04218         
04219             data_len = unhexify( buf, "30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344" );
04220         
04221             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04222             if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04223             {
04224                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04225                 
04226                 fct_chk( res != -1 );
04227                 fct_chk( res != -2 );
04228         
04229                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04230             }
04231         }
04232         FCT_TEST_END();
04233 
04234 
04235         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_thisupdate_nextupdate_missing_entries_length_missing)
04236         {
04237             x509_crl   crl;
04238             unsigned char buf[2000];
04239             unsigned char output[2000];
04240             int data_len, res;
04241         
04242             memset( &crl, 0, sizeof( x509_crl ) );
04243             memset( buf, 0, 2000 );
04244             memset( output, 0, 2000 );
04245         
04246             data_len = unhexify( buf, "30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030" );
04247         
04248             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04249             if( ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04250             {
04251                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04252                 
04253                 fct_chk( res != -1 );
04254                 fct_chk( res != -2 );
04255         
04256                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04257             }
04258         }
04259         FCT_TEST_END();
04260 
04261 
04262         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_invalid_sig_alg)
04263         {
04264             x509_crl   crl;
04265             unsigned char buf[2000];
04266             unsigned char output[2000];
04267             int data_len, res;
04268         
04269             memset( &crl, 0, sizeof( x509_crl ) );
04270             memset( buf, 0, 2000 );
04271             memset( output, 0, 2000 );
04272         
04273             data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900" );
04274         
04275             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
04276             if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
04277             {
04278                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04279                 
04280                 fct_chk( res != -1 );
04281                 fct_chk( res != -2 );
04282         
04283                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04284             }
04285         }
04286         FCT_TEST_END();
04287 
04288 
04289         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_date_in_entry_invalid)
04290         {
04291             x509_crl   crl;
04292             unsigned char buf[2000];
04293             unsigned char output[2000];
04294             int data_len, res;
04295         
04296             memset( &crl, 0, sizeof( x509_crl ) );
04297             memset( buf, 0, 2000 );
04298             memset( output, 0, 2000 );
04299         
04300             data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900" );
04301         
04302             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
04303             if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
04304             {
04305                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04306                 
04307                 fct_chk( res != -1 );
04308                 fct_chk( res != -2 );
04309         
04310                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04311             }
04312         }
04313         FCT_TEST_END();
04314 
04315 
04316         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_alg_present_sig_alg_does_not_match)
04317         {
04318             x509_crl   crl;
04319             unsigned char buf[2000];
04320             unsigned char output[2000];
04321             int data_len, res;
04322         
04323             memset( &crl, 0, sizeof( x509_crl ) );
04324             memset( buf, 0, 2000 );
04325             memset( output, 0, 2000 );
04326         
04327             data_len = unhexify( buf, "30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500" );
04328         
04329             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) );
04330             if( ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) == 0 )
04331             {
04332                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04333                 
04334                 fct_chk( res != -1 );
04335                 fct_chk( res != -2 );
04336         
04337                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04338             }
04339         }
04340         FCT_TEST_END();
04341 
04342 
04343         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present_len_mismatch)
04344         {
04345             x509_crl   crl;
04346             unsigned char buf[2000];
04347             unsigned char output[2000];
04348             int data_len, res;
04349         
04350             memset( &crl, 0, sizeof( x509_crl ) );
04351             memset( buf, 0, 2000 );
04352             memset( output, 0, 2000 );
04353         
04354             data_len = unhexify( buf, "305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100" );
04355         
04356             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
04357             if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
04358             {
04359                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04360                 
04361                 fct_chk( res != -1 );
04362                 fct_chk( res != -2 );
04363         
04364                 fct_chk( strcmp( (char *) output, "" ) == 0 );
04365             }
04366         }
04367         FCT_TEST_END();
04368 
04369 
04370         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present)
04371         {
04372             x509_crl   crl;
04373             unsigned char buf[2000];
04374             unsigned char output[2000];
04375             int data_len, res;
04376         
04377             memset( &crl, 0, sizeof( x509_crl ) );
04378             memset( buf, 0, 2000 );
04379             memset( output, 0, 2000 );
04380         
04381             data_len = unhexify( buf, "305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001" );
04382         
04383             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) );
04384             if( ( 0 ) == 0 )
04385             {
04386                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04387                 
04388                 fct_chk( res != -1 );
04389                 fct_chk( res != -2 );
04390         
04391                 fct_chk( strcmp( (char *) output, "CRL version   : 1\nissuer name   : CN=ABCD\nthis update   : 2009-01-01 00:00:00\nnext update   : 0000-00-00 00:00:00\nRevoked certificates:\nserial number: AB:CD revocation date: 2008-12-31 23:59:59\nsigned using  : RSA+SHA224\n" ) == 0 );
04392             }
04393         }
04394         FCT_TEST_END();
04395 
04396 
04397         FCT_TEST_BGN(x509_crl_asn1_tbscertlist_no_entries)
04398         {
04399             x509_crl   crl;
04400             unsigned char buf[2000];
04401             unsigned char output[2000];
04402             int data_len, res;
04403         
04404             memset( &crl, 0, sizeof( x509_crl ) );
04405             memset( buf, 0, 2000 );
04406             memset( output, 0, 2000 );
04407         
04408             data_len = unhexify( buf, "30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001" );
04409         
04410             fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) );
04411             if( ( 0 ) == 0 )
04412             {
04413                 res = x509parse_crl_info( (char *) output, 2000, "", &crl );
04414                 
04415                 fct_chk( res != -1 );
04416                 fct_chk( res != -2 );
04417         
04418                 fct_chk( strcmp( (char *) output, "CRL version   : 1\nissuer name   : CN=ABCD\nthis update   : 2009-01-01 00:00:00\nnext update   : 0000-00-00 00:00:00\nRevoked certificates:\nsigned using  : RSA+SHA224\n" ) == 0 );
04419             }
04420         }
04421         FCT_TEST_END();
04422 
04423 
04424         FCT_TEST_BGN(x509_key_asn1_incorrect_first_tag)
04425         {
04426             rsa_context   rsa;
04427             unsigned char buf[2000];
04428             unsigned char output[2000];
04429             int data_len;
04430         
04431             memset( &rsa, 0, sizeof( rsa_context ) );
04432             memset( buf, 0, 2000 );
04433             memset( output, 0, 2000 );
04434         
04435             data_len = unhexify( buf, "" );
04436         
04437             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04438         
04439             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04440             if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04441             {
04442                 fct_chk( 1 );
04443             }
04444         }
04445         FCT_TEST_END();
04446 
04447 
04448         FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_incorrect_version_tag)
04449         {
04450             rsa_context   rsa;
04451             unsigned char buf[2000];
04452             unsigned char output[2000];
04453             int data_len;
04454         
04455             memset( &rsa, 0, sizeof( rsa_context ) );
04456             memset( buf, 0, 2000 );
04457             memset( output, 0, 2000 );
04458         
04459             data_len = unhexify( buf, "300100" );
04460         
04461             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04462         
04463             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
04464             if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
04465             {
04466                 fct_chk( 1 );
04467             }
04468         }
04469         FCT_TEST_END();
04470 
04471 
04472         FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_version_tag_missing)
04473         {
04474             rsa_context   rsa;
04475             unsigned char buf[2000];
04476             unsigned char output[2000];
04477             int data_len;
04478         
04479             memset( &rsa, 0, sizeof( rsa_context ) );
04480             memset( buf, 0, 2000 );
04481             memset( output, 0, 2000 );
04482         
04483             data_len = unhexify( buf, "3000" );
04484         
04485             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04486         
04487             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
04488             if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
04489             {
04490                 fct_chk( 1 );
04491             }
04492         }
04493         FCT_TEST_END();
04494 
04495 
04496         FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_invalid_version)
04497         {
04498             rsa_context   rsa;
04499             unsigned char buf[2000];
04500             unsigned char output[2000];
04501             int data_len;
04502         
04503             memset( &rsa, 0, sizeof( rsa_context ) );
04504             memset( buf, 0, 2000 );
04505             memset( output, 0, 2000 );
04506         
04507             data_len = unhexify( buf, "3003020101" );
04508         
04509             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04510         
04511             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_VERSION ) );
04512             if( ( POLARSSL_ERR_X509_KEY_INVALID_VERSION ) == 0 )
04513             {
04514                 fct_chk( 1 );
04515             }
04516         }
04517         FCT_TEST_END();
04518 
04519 
04520         FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_correct_version_incorrect_tag)
04521         {
04522             rsa_context   rsa;
04523             unsigned char buf[2000];
04524             unsigned char output[2000];
04525             int data_len;
04526         
04527             memset( &rsa, 0, sizeof( rsa_context ) );
04528             memset( buf, 0, 2000 );
04529             memset( output, 0, 2000 );
04530         
04531             data_len = unhexify( buf, "300402010000" );
04532         
04533             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04534         
04535             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
04536             if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 )
04537             {
04538                 fct_chk( 1 );
04539             }
04540         }
04541         FCT_TEST_END();
04542 
04543 
04544         FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_length_mismatch)
04545         {
04546             rsa_context   rsa;
04547             unsigned char buf[2000];
04548             unsigned char output[2000];
04549             int data_len;
04550         
04551             memset( &rsa, 0, sizeof( rsa_context ) );
04552             memset( buf, 0, 2000 );
04553             memset( output, 0, 2000 );
04554         
04555             data_len = unhexify( buf, "301c02010002010102010102010102010102010102010102010102010100" );
04556         
04557             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04558         
04559             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
04560             if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 )
04561             {
04562                 fct_chk( 1 );
04563             }
04564         }
04565         FCT_TEST_END();
04566 
04567 
04568         FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_check_privkey_fails)
04569         {
04570             rsa_context   rsa;
04571             unsigned char buf[2000];
04572             unsigned char output[2000];
04573             int data_len;
04574         
04575             memset( &rsa, 0, sizeof( rsa_context ) );
04576             memset( buf, 0, 2000 );
04577             memset( output, 0, 2000 );
04578         
04579             data_len = unhexify( buf, "301b020100020101020101020101020101020101020101020101020101" );
04580         
04581             x509parse_key( &rsa, buf, data_len, NULL, 0 );
04582         
04583             fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
04584             if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
04585             {
04586                 fct_chk( 1 );
04587             }
04588         }
04589         FCT_TEST_END();
04590 
04591     }
04592     FCT_SUITE_END();
04593 
04594 #endif /* POLARSSL_X509_PARSE_C */
04595 #endif /* POLARSSL_BIGNUM_C */
04596 
04597 }
04598 FCT_END();
04599