PolarSSL v1.1.4
|
00001 #include "fct.h" 00002 00003 #include <polarssl/x509.h> 00004 #include <polarssl/pem.h> 00005 00006 int verify_none( void *data, x509_cert *crt, int certificate_depth, int preverify_ok ) 00007 { 00008 ((void) data); 00009 ((void) crt); 00010 ((void) certificate_depth); 00011 ((void) preverify_ok); 00012 00013 return 1; 00014 } 00015 00016 int verify_all( void *data, x509_cert *crt, int certificate_depth, int preverify_ok ) 00017 { 00018 ((void) data); 00019 ((void) crt); 00020 ((void) certificate_depth); 00021 ((void) preverify_ok); 00022 00023 return 0; 00024 } 00025 00026 00027 #include <polarssl/config.h> 00028 00029 #ifdef _MSC_VER 00030 #include <basetsd.h> 00031 typedef UINT32 uint32_t; 00032 #else 00033 #include <inttypes.h> 00034 #endif 00035 00036 /* 00037 * 32-bit integer manipulation macros (big endian) 00038 */ 00039 #ifndef GET_ULONG_BE 00040 #define GET_ULONG_BE(n,b,i) \ 00041 { \ 00042 (n) = ( (unsigned long) (b)[(i) ] << 24 ) \ 00043 | ( (unsigned long) (b)[(i) + 1] << 16 ) \ 00044 | ( (unsigned long) (b)[(i) + 2] << 8 ) \ 00045 | ( (unsigned long) (b)[(i) + 3] ); \ 00046 } 00047 #endif 00048 00049 #ifndef PUT_ULONG_BE 00050 #define PUT_ULONG_BE(n,b,i) \ 00051 { \ 00052 (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 00053 (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 00054 (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 00055 (b)[(i) + 3] = (unsigned char) ( (n) ); \ 00056 } 00057 #endif 00058 00059 int unhexify(unsigned char *obuf, const char *ibuf) 00060 { 00061 unsigned char c, c2; 00062 int len = strlen(ibuf) / 2; 00063 assert(!(strlen(ibuf) %1)); // must be even number of bytes 00064 00065 while (*ibuf != 0) 00066 { 00067 c = *ibuf++; 00068 if( c >= '0' && c <= '9' ) 00069 c -= '0'; 00070 else if( c >= 'a' && c <= 'f' ) 00071 c -= 'a' - 10; 00072 else if( c >= 'A' && c <= 'F' ) 00073 c -= 'A' - 10; 00074 else 00075 assert( 0 ); 00076 00077 c2 = *ibuf++; 00078 if( c2 >= '0' && c2 <= '9' ) 00079 c2 -= '0'; 00080 else if( c2 >= 'a' && c2 <= 'f' ) 00081 c2 -= 'a' - 10; 00082 else if( c2 >= 'A' && c2 <= 'F' ) 00083 c2 -= 'A' - 10; 00084 else 00085 assert( 0 ); 00086 00087 *obuf++ = ( c << 4 ) | c2; 00088 } 00089 00090 return len; 00091 } 00092 00093 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len) 00094 { 00095 unsigned char l, h; 00096 00097 while (len != 0) 00098 { 00099 h = (*ibuf) / 16; 00100 l = (*ibuf) % 16; 00101 00102 if( h < 10 ) 00103 *obuf++ = '0' + h; 00104 else 00105 *obuf++ = 'a' + h - 10; 00106 00107 if( l < 10 ) 00108 *obuf++ = '0' + l; 00109 else 00110 *obuf++ = 'a' + l - 10; 00111 00112 ++ibuf; 00113 len--; 00114 } 00115 } 00116 00126 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len ) 00127 { 00128 size_t i; 00129 00130 if( rng_state != NULL ) 00131 rng_state = NULL; 00132 00133 for( i = 0; i < len; ++i ) 00134 output[i] = rand(); 00135 00136 return( 0 ); 00137 } 00138 00144 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len ) 00145 { 00146 if( rng_state != NULL ) 00147 rng_state = NULL; 00148 00149 memset( output, 0, len ); 00150 00151 return( 0 ); 00152 } 00153 00154 typedef struct 00155 { 00156 unsigned char *buf; 00157 size_t length; 00158 } rnd_buf_info; 00159 00171 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len ) 00172 { 00173 rnd_buf_info *info = (rnd_buf_info *) rng_state; 00174 size_t use_len; 00175 00176 if( rng_state == NULL ) 00177 return( rnd_std_rand( NULL, output, len ) ); 00178 00179 use_len = len; 00180 if( len > info->length ) 00181 use_len = info->length; 00182 00183 if( use_len ) 00184 { 00185 memcpy( output, info->buf, use_len ); 00186 info->buf += use_len; 00187 info->length -= use_len; 00188 } 00189 00190 if( len - use_len > 0 ) 00191 return( rnd_std_rand( NULL, output + use_len, len - use_len ) ); 00192 00193 return( 0 ); 00194 } 00195 00203 typedef struct 00204 { 00205 uint32_t key[16]; 00206 uint32_t v0, v1; 00207 } rnd_pseudo_info; 00208 00217 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len ) 00218 { 00219 rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state; 00220 uint32_t i, *k, sum, delta=0x9E3779B9; 00221 unsigned char result[4]; 00222 00223 if( rng_state == NULL ) 00224 return( rnd_std_rand( NULL, output, len ) ); 00225 00226 k = info->key; 00227 00228 while( len > 0 ) 00229 { 00230 size_t use_len = ( len > 4 ) ? 4 : len; 00231 sum = 0; 00232 00233 for( i = 0; i < 32; i++ ) 00234 { 00235 info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]); 00236 sum += delta; 00237 info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]); 00238 } 00239 00240 PUT_ULONG_BE( info->v0, result, 0 ); 00241 memcpy( output, result, use_len ); 00242 len -= use_len; 00243 } 00244 00245 return( 0 ); 00246 } 00247 00248 00249 FCT_BGN() 00250 { 00251 #ifdef POLARSSL_X509_PARSE_C 00252 #ifdef POLARSSL_BIGNUM_C 00253 00254 00255 FCT_SUITE_BGN(test_suite_x509parse) 00256 { 00257 #ifdef POLARSSL_PEM_C 00258 #ifdef POLARSSL_FS_IO 00259 00260 FCT_TEST_BGN(x509_certificate_information_1) 00261 { 00262 x509_cert crt; 00263 char buf[2000]; 00264 int res; 00265 00266 memset( &crt, 0, sizeof( x509_cert ) ); 00267 memset( buf, 0, 2000 ); 00268 00269 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 00270 res = x509parse_cert_info( buf, 2000, "", &crt ); 00271 00272 fct_chk( res != -1 ); 00273 fct_chk( res != -2 ); 00274 00275 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 01\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on : 2011-02-12 14:44:06\nexpires on : 2021-02-12 14:44:06\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 ); 00276 } 00277 FCT_TEST_END(); 00278 #endif /* POLARSSL_PEM_C */ 00279 #endif /* POLARSSL_FS_IO */ 00280 00281 #ifdef POLARSSL_PEM_C 00282 #ifdef POLARSSL_FS_IO 00283 00284 FCT_TEST_BGN(x509_certificate_information_2) 00285 { 00286 x509_cert crt; 00287 char buf[2000]; 00288 int res; 00289 00290 memset( &crt, 0, sizeof( x509_cert ) ); 00291 memset( buf, 0, 2000 ); 00292 00293 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 00294 res = x509parse_cert_info( buf, 2000, "", &crt ); 00295 00296 fct_chk( res != -1 ); 00297 fct_chk( res != -2 ); 00298 00299 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 02\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=localhost\nissued on : 2011-02-12 14:44:06\nexpires on : 2021-02-12 14:44:06\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 ); 00300 } 00301 FCT_TEST_END(); 00302 #endif /* POLARSSL_PEM_C */ 00303 #endif /* POLARSSL_FS_IO */ 00304 00305 #ifdef POLARSSL_PEM_C 00306 #ifdef POLARSSL_FS_IO 00307 00308 FCT_TEST_BGN(x509_certificate_information_3) 00309 { 00310 x509_cert crt; 00311 char buf[2000]; 00312 int res; 00313 00314 memset( &crt, 0, sizeof( x509_cert ) ); 00315 memset( buf, 0, 2000 ); 00316 00317 fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 ); 00318 res = x509parse_cert_info( buf, 2000, "", &crt ); 00319 00320 fct_chk( res != -1 ); 00321 fct_chk( res != -2 ); 00322 00323 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 00\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on : 2011-02-12 14:44:00\nexpires on : 2021-02-12 14:44:00\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 ); 00324 } 00325 FCT_TEST_END(); 00326 #endif /* POLARSSL_PEM_C */ 00327 #endif /* POLARSSL_FS_IO */ 00328 00329 #ifdef POLARSSL_PEM_C 00330 #ifdef POLARSSL_FS_IO 00331 00332 FCT_TEST_BGN(x509_certificate_information_md2_digest) 00333 { 00334 x509_cert crt; 00335 char buf[2000]; 00336 int res; 00337 00338 memset( &crt, 0, sizeof( x509_cert ) ); 00339 memset( buf, 0, 2000 ); 00340 00341 fct_chk( x509parse_crtfile( &crt, "data_files/cert_md2.crt" ) == 0 ); 00342 res = x509parse_cert_info( buf, 2000, "", &crt ); 00343 00344 fct_chk( res != -1 ); 00345 fct_chk( res != -2 ); 00346 00347 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on : 2009-07-12 10:56:59\nexpires on : 2011-07-12 10:56:59\nsigned using : RSA+MD2\nRSA key size : 2048 bits\n" ) == 0 ); 00348 } 00349 FCT_TEST_END(); 00350 #endif /* POLARSSL_PEM_C */ 00351 #endif /* POLARSSL_FS_IO */ 00352 00353 #ifdef POLARSSL_PEM_C 00354 #ifdef POLARSSL_FS_IO 00355 00356 FCT_TEST_BGN(x509_certificate_information_md4_digest) 00357 { 00358 x509_cert crt; 00359 char buf[2000]; 00360 int res; 00361 00362 memset( &crt, 0, sizeof( x509_cert ) ); 00363 memset( buf, 0, 2000 ); 00364 00365 fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 ); 00366 res = x509parse_cert_info( buf, 2000, "", &crt ); 00367 00368 fct_chk( res != -1 ); 00369 fct_chk( res != -2 ); 00370 00371 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 05\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+MD4\nRSA key size : 2048 bits\n" ) == 0 ); 00372 } 00373 FCT_TEST_END(); 00374 #endif /* POLARSSL_PEM_C */ 00375 #endif /* POLARSSL_FS_IO */ 00376 00377 #ifdef POLARSSL_PEM_C 00378 #ifdef POLARSSL_FS_IO 00379 00380 FCT_TEST_BGN(x509_certificate_information_md5_digest) 00381 { 00382 x509_cert crt; 00383 char buf[2000]; 00384 int res; 00385 00386 memset( &crt, 0, sizeof( x509_cert ) ); 00387 memset( buf, 0, 2000 ); 00388 00389 fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 ); 00390 res = x509parse_cert_info( buf, 2000, "", &crt ); 00391 00392 fct_chk( res != -1 ); 00393 fct_chk( res != -2 ); 00394 00395 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 06\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+MD5\nRSA key size : 2048 bits\n" ) == 0 ); 00396 } 00397 FCT_TEST_END(); 00398 #endif /* POLARSSL_PEM_C */ 00399 #endif /* POLARSSL_FS_IO */ 00400 00401 #ifdef POLARSSL_PEM_C 00402 #ifdef POLARSSL_FS_IO 00403 00404 FCT_TEST_BGN(x509_certificate_information_sha1_digest) 00405 { 00406 x509_cert crt; 00407 char buf[2000]; 00408 int res; 00409 00410 memset( &crt, 0, sizeof( x509_cert ) ); 00411 memset( buf, 0, 2000 ); 00412 00413 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 ); 00414 res = x509parse_cert_info( buf, 2000, "", &crt ); 00415 00416 fct_chk( res != -1 ); 00417 fct_chk( res != -2 ); 00418 00419 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 07\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 ); 00420 } 00421 FCT_TEST_END(); 00422 #endif /* POLARSSL_PEM_C */ 00423 #endif /* POLARSSL_FS_IO */ 00424 00425 #ifdef POLARSSL_PEM_C 00426 #ifdef POLARSSL_FS_IO 00427 00428 FCT_TEST_BGN(x509_certificate_information_sha224_digest) 00429 { 00430 x509_cert crt; 00431 char buf[2000]; 00432 int res; 00433 00434 memset( &crt, 0, sizeof( x509_cert ) ); 00435 memset( buf, 0, 2000 ); 00436 00437 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 ); 00438 res = x509parse_cert_info( buf, 2000, "", &crt ); 00439 00440 fct_chk( res != -1 ); 00441 fct_chk( res != -2 ); 00442 00443 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 08\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA224\nRSA key size : 2048 bits\n" ) == 0 ); 00444 } 00445 FCT_TEST_END(); 00446 #endif /* POLARSSL_PEM_C */ 00447 #endif /* POLARSSL_FS_IO */ 00448 00449 #ifdef POLARSSL_PEM_C 00450 #ifdef POLARSSL_FS_IO 00451 00452 FCT_TEST_BGN(x509_certificate_information_sha256_digest) 00453 { 00454 x509_cert crt; 00455 char buf[2000]; 00456 int res; 00457 00458 memset( &crt, 0, sizeof( x509_cert ) ); 00459 memset( buf, 0, 2000 ); 00460 00461 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 ); 00462 res = x509parse_cert_info( buf, 2000, "", &crt ); 00463 00464 fct_chk( res != -1 ); 00465 fct_chk( res != -2 ); 00466 00467 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA256\nRSA key size : 2048 bits\n" ) == 0 ); 00468 } 00469 FCT_TEST_END(); 00470 #endif /* POLARSSL_PEM_C */ 00471 #endif /* POLARSSL_FS_IO */ 00472 00473 #ifdef POLARSSL_PEM_C 00474 #ifdef POLARSSL_FS_IO 00475 00476 FCT_TEST_BGN(x509_certificate_information_sha384_digest) 00477 { 00478 x509_cert crt; 00479 char buf[2000]; 00480 int res; 00481 00482 memset( &crt, 0, sizeof( x509_cert ) ); 00483 memset( buf, 0, 2000 ); 00484 00485 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 ); 00486 res = x509parse_cert_info( buf, 2000, "", &crt ); 00487 00488 fct_chk( res != -1 ); 00489 fct_chk( res != -2 ); 00490 00491 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0A\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA384\nRSA key size : 2048 bits\n" ) == 0 ); 00492 } 00493 FCT_TEST_END(); 00494 #endif /* POLARSSL_PEM_C */ 00495 #endif /* POLARSSL_FS_IO */ 00496 00497 #ifdef POLARSSL_PEM_C 00498 #ifdef POLARSSL_FS_IO 00499 00500 FCT_TEST_BGN(x509_certificate_information_sha512_digest) 00501 { 00502 x509_cert crt; 00503 char buf[2000]; 00504 int res; 00505 00506 memset( &crt, 0, sizeof( x509_cert ) ); 00507 memset( buf, 0, 2000 ); 00508 00509 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 ); 00510 res = x509parse_cert_info( buf, 2000, "", &crt ); 00511 00512 fct_chk( res != -1 ); 00513 fct_chk( res != -2 ); 00514 00515 fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0B\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA512\nRSA key size : 2048 bits\n" ) == 0 ); 00516 } 00517 FCT_TEST_END(); 00518 #endif /* POLARSSL_PEM_C */ 00519 #endif /* POLARSSL_FS_IO */ 00520 00521 #ifdef POLARSSL_PEM_C 00522 #ifdef POLARSSL_FS_IO 00523 00524 FCT_TEST_BGN(x509_crl_information_1) 00525 { 00526 x509_crl crl; 00527 char buf[2000]; 00528 int res; 00529 00530 memset( &crl, 0, sizeof( x509_crl ) ); 00531 memset( buf, 0, 2000 ); 00532 00533 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 00534 res = x509parse_crl_info( buf, 2000, "", &crl ); 00535 00536 fct_chk( res != -1 ); 00537 fct_chk( res != -2 ); 00538 00539 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-20 10:24:19\nnext update : 2011-02-20 11:24:19\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA1\n" ) == 0 ); 00540 } 00541 FCT_TEST_END(); 00542 #endif /* POLARSSL_PEM_C */ 00543 #endif /* POLARSSL_FS_IO */ 00544 00545 #ifdef POLARSSL_PEM_C 00546 #ifdef POLARSSL_FS_IO 00547 00548 FCT_TEST_BGN(x509_crl_information_md2_digest) 00549 { 00550 x509_crl crl; 00551 char buf[2000]; 00552 int res; 00553 00554 memset( &crl, 0, sizeof( x509_crl ) ); 00555 memset( buf, 0, 2000 ); 00556 00557 fct_chk( x509parse_crlfile( &crl, "data_files/crl_md2.pem" ) == 0 ); 00558 res = x509parse_crl_info( buf, 2000, "", &crl ); 00559 00560 fct_chk( res != -1 ); 00561 fct_chk( res != -2 ); 00562 00563 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2009-07-19 19:56:37\nnext update : 2009-09-17 19:56:37\nRevoked certificates:\nserial number: 01 revocation date: 2009-02-09 21:12:36\nserial number: 03 revocation date: 2009-02-09 21:12:36\nsigned using : RSA+MD2\n" ) == 0 ); 00564 } 00565 FCT_TEST_END(); 00566 #endif /* POLARSSL_PEM_C */ 00567 #endif /* POLARSSL_FS_IO */ 00568 00569 #ifdef POLARSSL_PEM_C 00570 #ifdef POLARSSL_FS_IO 00571 00572 FCT_TEST_BGN(x509_crl_information_md4_digest) 00573 { 00574 x509_crl crl; 00575 char buf[2000]; 00576 int res; 00577 00578 memset( &crl, 0, sizeof( x509_crl ) ); 00579 memset( buf, 0, 2000 ); 00580 00581 fct_chk( x509parse_crlfile( &crl, "data_files/crl_md4.pem" ) == 0 ); 00582 res = x509parse_crl_info( buf, 2000, "", &crl ); 00583 00584 fct_chk( res != -1 ); 00585 fct_chk( res != -2 ); 00586 00587 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+MD4\n" ) == 0 ); 00588 } 00589 FCT_TEST_END(); 00590 #endif /* POLARSSL_PEM_C */ 00591 #endif /* POLARSSL_FS_IO */ 00592 00593 #ifdef POLARSSL_PEM_C 00594 #ifdef POLARSSL_FS_IO 00595 00596 FCT_TEST_BGN(x509_crl_information_md5_digest) 00597 { 00598 x509_crl crl; 00599 char buf[2000]; 00600 int res; 00601 00602 memset( &crl, 0, sizeof( x509_crl ) ); 00603 memset( buf, 0, 2000 ); 00604 00605 fct_chk( x509parse_crlfile( &crl, "data_files/crl_md5.pem" ) == 0 ); 00606 res = x509parse_crl_info( buf, 2000, "", &crl ); 00607 00608 fct_chk( res != -1 ); 00609 fct_chk( res != -2 ); 00610 00611 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+MD5\n" ) == 0 ); 00612 } 00613 FCT_TEST_END(); 00614 #endif /* POLARSSL_PEM_C */ 00615 #endif /* POLARSSL_FS_IO */ 00616 00617 #ifdef POLARSSL_PEM_C 00618 #ifdef POLARSSL_FS_IO 00619 00620 FCT_TEST_BGN(x509_crl_information_sha1_digest) 00621 { 00622 x509_crl crl; 00623 char buf[2000]; 00624 int res; 00625 00626 memset( &crl, 0, sizeof( x509_crl ) ); 00627 memset( buf, 0, 2000 ); 00628 00629 fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha1.pem" ) == 0 ); 00630 res = x509parse_crl_info( buf, 2000, "", &crl ); 00631 00632 fct_chk( res != -1 ); 00633 fct_chk( res != -2 ); 00634 00635 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA1\n" ) == 0 ); 00636 } 00637 FCT_TEST_END(); 00638 #endif /* POLARSSL_PEM_C */ 00639 #endif /* POLARSSL_FS_IO */ 00640 00641 #ifdef POLARSSL_PEM_C 00642 #ifdef POLARSSL_FS_IO 00643 00644 FCT_TEST_BGN(x509_crl_information_sha224_digest) 00645 { 00646 x509_crl crl; 00647 char buf[2000]; 00648 int res; 00649 00650 memset( &crl, 0, sizeof( x509_crl ) ); 00651 memset( buf, 0, 2000 ); 00652 00653 fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha224.pem" ) == 0 ); 00654 res = x509parse_crl_info( buf, 2000, "", &crl ); 00655 00656 fct_chk( res != -1 ); 00657 fct_chk( res != -2 ); 00658 00659 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA224\n" ) == 0 ); 00660 } 00661 FCT_TEST_END(); 00662 #endif /* POLARSSL_PEM_C */ 00663 #endif /* POLARSSL_FS_IO */ 00664 00665 #ifdef POLARSSL_PEM_C 00666 #ifdef POLARSSL_FS_IO 00667 00668 FCT_TEST_BGN(x509_crl_information_sha256_digest) 00669 { 00670 x509_crl crl; 00671 char buf[2000]; 00672 int res; 00673 00674 memset( &crl, 0, sizeof( x509_crl ) ); 00675 memset( buf, 0, 2000 ); 00676 00677 fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha256.pem" ) == 0 ); 00678 res = x509parse_crl_info( buf, 2000, "", &crl ); 00679 00680 fct_chk( res != -1 ); 00681 fct_chk( res != -2 ); 00682 00683 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA256\n" ) == 0 ); 00684 } 00685 FCT_TEST_END(); 00686 #endif /* POLARSSL_PEM_C */ 00687 #endif /* POLARSSL_FS_IO */ 00688 00689 #ifdef POLARSSL_PEM_C 00690 #ifdef POLARSSL_FS_IO 00691 00692 FCT_TEST_BGN(x509_crl_information_sha384_digest) 00693 { 00694 x509_crl crl; 00695 char buf[2000]; 00696 int res; 00697 00698 memset( &crl, 0, sizeof( x509_crl ) ); 00699 memset( buf, 0, 2000 ); 00700 00701 fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha384.pem" ) == 0 ); 00702 res = x509parse_crl_info( buf, 2000, "", &crl ); 00703 00704 fct_chk( res != -1 ); 00705 fct_chk( res != -2 ); 00706 00707 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA384\n" ) == 0 ); 00708 } 00709 FCT_TEST_END(); 00710 #endif /* POLARSSL_PEM_C */ 00711 #endif /* POLARSSL_FS_IO */ 00712 00713 #ifdef POLARSSL_PEM_C 00714 #ifdef POLARSSL_FS_IO 00715 00716 FCT_TEST_BGN(x509_crl_information_sha512_digest) 00717 { 00718 x509_crl crl; 00719 char buf[2000]; 00720 int res; 00721 00722 memset( &crl, 0, sizeof( x509_crl ) ); 00723 memset( buf, 0, 2000 ); 00724 00725 fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha512.pem" ) == 0 ); 00726 res = x509parse_crl_info( buf, 2000, "", &crl ); 00727 00728 fct_chk( res != -1 ); 00729 fct_chk( res != -2 ); 00730 00731 fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA512\n" ) == 0 ); 00732 } 00733 FCT_TEST_END(); 00734 #endif /* POLARSSL_PEM_C */ 00735 #endif /* POLARSSL_FS_IO */ 00736 00737 #ifdef POLARSSL_MD5_C 00738 #ifdef POLARSSL_PEM_C 00739 #ifdef POLARSSL_FS_IO 00740 00741 FCT_TEST_BGN(x509_parse_key_1_no_password_when_required) 00742 { 00743 rsa_context rsa; 00744 int res; 00745 00746 memset( &rsa, 0, sizeof( rsa_context ) ); 00747 00748 res = x509parse_keyfile( &rsa, "data_files/test-ca.key", NULL ); 00749 00750 fct_chk( res == POLARSSL_ERR_PEM_PASSWORD_REQUIRED ); 00751 00752 if( res == 0 ) 00753 { 00754 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00755 } 00756 } 00757 FCT_TEST_END(); 00758 #endif /* POLARSSL_MD5_C */ 00759 #endif /* POLARSSL_PEM_C */ 00760 #endif /* POLARSSL_FS_IO */ 00761 00762 #ifdef POLARSSL_MD5_C 00763 #ifdef POLARSSL_PEM_C 00764 #ifdef POLARSSL_FS_IO 00765 00766 FCT_TEST_BGN(x509_parse_key_2_correct_password) 00767 { 00768 rsa_context rsa; 00769 int res; 00770 00771 memset( &rsa, 0, sizeof( rsa_context ) ); 00772 00773 res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLTest" ); 00774 00775 fct_chk( res == 0 ); 00776 00777 if( res == 0 ) 00778 { 00779 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00780 } 00781 } 00782 FCT_TEST_END(); 00783 #endif /* POLARSSL_MD5_C */ 00784 #endif /* POLARSSL_PEM_C */ 00785 #endif /* POLARSSL_FS_IO */ 00786 00787 #ifdef POLARSSL_MD5_C 00788 #ifdef POLARSSL_PEM_C 00789 #ifdef POLARSSL_FS_IO 00790 00791 FCT_TEST_BGN(x509_parse_key_3_wrong_password) 00792 { 00793 rsa_context rsa; 00794 int res; 00795 00796 memset( &rsa, 0, sizeof( rsa_context ) ); 00797 00798 res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLWRONG" ); 00799 00800 fct_chk( res == POLARSSL_ERR_PEM_PASSWORD_MISMATCH ); 00801 00802 if( res == 0 ) 00803 { 00804 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00805 } 00806 } 00807 FCT_TEST_END(); 00808 #endif /* POLARSSL_MD5_C */ 00809 #endif /* POLARSSL_PEM_C */ 00810 #endif /* POLARSSL_FS_IO */ 00811 00812 #ifdef POLARSSL_MD5_C 00813 #ifdef POLARSSL_DES_C 00814 #ifdef POLARSSL_PEM_C 00815 #ifdef POLARSSL_FS_IO 00816 00817 FCT_TEST_BGN(x509_parse_key_4_des_encrypted) 00818 { 00819 rsa_context rsa; 00820 int res; 00821 00822 memset( &rsa, 0, sizeof( rsa_context ) ); 00823 00824 res = x509parse_keyfile( &rsa, "data_files/keyfile.des", "testkey" ); 00825 00826 fct_chk( res == 0 ); 00827 00828 if( res == 0 ) 00829 { 00830 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00831 } 00832 } 00833 FCT_TEST_END(); 00834 #endif /* POLARSSL_MD5_C */ 00835 #endif /* POLARSSL_DES_C */ 00836 #endif /* POLARSSL_PEM_C */ 00837 #endif /* POLARSSL_FS_IO */ 00838 00839 #ifdef POLARSSL_MD5_C 00840 #ifdef POLARSSL_DES_C 00841 #ifdef POLARSSL_PEM_C 00842 #ifdef POLARSSL_FS_IO 00843 00844 FCT_TEST_BGN(x509_parse_key_5_3des_encrypted) 00845 { 00846 rsa_context rsa; 00847 int res; 00848 00849 memset( &rsa, 0, sizeof( rsa_context ) ); 00850 00851 res = x509parse_keyfile( &rsa, "data_files/keyfile.3des", "testkey" ); 00852 00853 fct_chk( res == 0 ); 00854 00855 if( res == 0 ) 00856 { 00857 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00858 } 00859 } 00860 FCT_TEST_END(); 00861 #endif /* POLARSSL_MD5_C */ 00862 #endif /* POLARSSL_DES_C */ 00863 #endif /* POLARSSL_PEM_C */ 00864 #endif /* POLARSSL_FS_IO */ 00865 00866 #ifdef POLARSSL_MD5_C 00867 #ifdef POLARSSL_AES_C 00868 #ifdef POLARSSL_PEM_C 00869 #ifdef POLARSSL_FS_IO 00870 00871 FCT_TEST_BGN(x509_parse_key_6_aes_128_encrypted) 00872 { 00873 rsa_context rsa; 00874 int res; 00875 00876 memset( &rsa, 0, sizeof( rsa_context ) ); 00877 00878 res = x509parse_keyfile( &rsa, "data_files/keyfile.aes128", "testkey" ); 00879 00880 fct_chk( res == 0 ); 00881 00882 if( res == 0 ) 00883 { 00884 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00885 } 00886 } 00887 FCT_TEST_END(); 00888 #endif /* POLARSSL_MD5_C */ 00889 #endif /* POLARSSL_AES_C */ 00890 #endif /* POLARSSL_PEM_C */ 00891 #endif /* POLARSSL_FS_IO */ 00892 00893 #ifdef POLARSSL_MD5_C 00894 #ifdef POLARSSL_AES_C 00895 #ifdef POLARSSL_PEM_C 00896 #ifdef POLARSSL_FS_IO 00897 00898 FCT_TEST_BGN(x509_parse_key_7_aes_192_encrypted) 00899 { 00900 rsa_context rsa; 00901 int res; 00902 00903 memset( &rsa, 0, sizeof( rsa_context ) ); 00904 00905 res = x509parse_keyfile( &rsa, "data_files/keyfile.aes192", "testkey" ); 00906 00907 fct_chk( res == 0 ); 00908 00909 if( res == 0 ) 00910 { 00911 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00912 } 00913 } 00914 FCT_TEST_END(); 00915 #endif /* POLARSSL_MD5_C */ 00916 #endif /* POLARSSL_AES_C */ 00917 #endif /* POLARSSL_PEM_C */ 00918 #endif /* POLARSSL_FS_IO */ 00919 00920 #ifdef POLARSSL_MD5_C 00921 #ifdef POLARSSL_AES_C 00922 #ifdef POLARSSL_PEM_C 00923 #ifdef POLARSSL_FS_IO 00924 00925 FCT_TEST_BGN(x509_parse_key_8_aes_256_encrypted) 00926 { 00927 rsa_context rsa; 00928 int res; 00929 00930 memset( &rsa, 0, sizeof( rsa_context ) ); 00931 00932 res = x509parse_keyfile( &rsa, "data_files/keyfile.aes256", "testkey" ); 00933 00934 fct_chk( res == 0 ); 00935 00936 if( res == 0 ) 00937 { 00938 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00939 } 00940 } 00941 FCT_TEST_END(); 00942 #endif /* POLARSSL_MD5_C */ 00943 #endif /* POLARSSL_AES_C */ 00944 #endif /* POLARSSL_PEM_C */ 00945 #endif /* POLARSSL_FS_IO */ 00946 00947 #ifdef POLARSSL_MD5_C 00948 #ifdef POLARSSL_PEM_C 00949 #ifdef POLARSSL_FS_IO 00950 00951 FCT_TEST_BGN(x509_parse_key_9_pkcs8_wrapped) 00952 { 00953 rsa_context rsa; 00954 int res; 00955 00956 memset( &rsa, 0, sizeof( rsa_context ) ); 00957 00958 res = x509parse_keyfile( &rsa, "data_files/format_gen.key", "" ); 00959 00960 fct_chk( res == 0 ); 00961 00962 if( res == 0 ) 00963 { 00964 fct_chk( rsa_check_privkey( &rsa ) == 0 ); 00965 } 00966 } 00967 FCT_TEST_END(); 00968 #endif /* POLARSSL_MD5_C */ 00969 #endif /* POLARSSL_PEM_C */ 00970 #endif /* POLARSSL_FS_IO */ 00971 00972 #ifdef POLARSSL_MD5_C 00973 #ifdef POLARSSL_PEM_C 00974 #ifdef POLARSSL_FS_IO 00975 00976 FCT_TEST_BGN(x509_parse_public_key_1_pkcs8_wrapped) 00977 { 00978 rsa_context rsa; 00979 int res; 00980 00981 memset( &rsa, 0, sizeof( rsa_context ) ); 00982 00983 res = x509parse_public_keyfile( &rsa, "data_files/format_gen.pub" ); 00984 00985 fct_chk( res == 0 ); 00986 00987 if( res == 0 ) 00988 { 00989 fct_chk( rsa_check_pubkey( &rsa ) == 0 ); 00990 } 00991 } 00992 FCT_TEST_END(); 00993 #endif /* POLARSSL_MD5_C */ 00994 #endif /* POLARSSL_PEM_C */ 00995 #endif /* POLARSSL_FS_IO */ 00996 00997 #ifdef POLARSSL_PEM_C 00998 #ifdef POLARSSL_FS_IO 00999 01000 FCT_TEST_BGN(x509_get_distinguished_name_1) 01001 { 01002 x509_cert crt; 01003 char buf[2000]; 01004 int res; 01005 01006 memset( &crt, 0, sizeof( x509_cert ) ); 01007 memset( buf, 0, 2000 ); 01008 01009 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01010 res = x509parse_dn_gets( buf, 2000, &crt.subject ); 01011 01012 fct_chk( res != -1 ); 01013 fct_chk( res != -2 ); 01014 01015 fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Server 1" ) == 0 ); 01016 } 01017 FCT_TEST_END(); 01018 #endif /* POLARSSL_PEM_C */ 01019 #endif /* POLARSSL_FS_IO */ 01020 01021 #ifdef POLARSSL_PEM_C 01022 #ifdef POLARSSL_FS_IO 01023 01024 FCT_TEST_BGN(x509_get_distinguished_name_2) 01025 { 01026 x509_cert crt; 01027 char buf[2000]; 01028 int res; 01029 01030 memset( &crt, 0, sizeof( x509_cert ) ); 01031 memset( buf, 0, 2000 ); 01032 01033 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01034 res = x509parse_dn_gets( buf, 2000, &crt.issuer ); 01035 01036 fct_chk( res != -1 ); 01037 fct_chk( res != -2 ); 01038 01039 fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 ); 01040 } 01041 FCT_TEST_END(); 01042 #endif /* POLARSSL_PEM_C */ 01043 #endif /* POLARSSL_FS_IO */ 01044 01045 #ifdef POLARSSL_PEM_C 01046 #ifdef POLARSSL_FS_IO 01047 01048 FCT_TEST_BGN(x509_get_distinguished_name_3) 01049 { 01050 x509_cert crt; 01051 char buf[2000]; 01052 int res; 01053 01054 memset( &crt, 0, sizeof( x509_cert ) ); 01055 memset( buf, 0, 2000 ); 01056 01057 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01058 res = x509parse_dn_gets( buf, 2000, &crt.subject ); 01059 01060 fct_chk( res != -1 ); 01061 fct_chk( res != -2 ); 01062 01063 fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=localhost" ) == 0 ); 01064 } 01065 FCT_TEST_END(); 01066 #endif /* POLARSSL_PEM_C */ 01067 #endif /* POLARSSL_FS_IO */ 01068 01069 #ifdef POLARSSL_PEM_C 01070 #ifdef POLARSSL_FS_IO 01071 01072 FCT_TEST_BGN(x509_get_distinguished_name_4) 01073 { 01074 x509_cert crt; 01075 char buf[2000]; 01076 int res; 01077 01078 memset( &crt, 0, sizeof( x509_cert ) ); 01079 memset( buf, 0, 2000 ); 01080 01081 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01082 res = x509parse_dn_gets( buf, 2000, &crt.issuer ); 01083 01084 fct_chk( res != -1 ); 01085 fct_chk( res != -2 ); 01086 01087 fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 ); 01088 } 01089 FCT_TEST_END(); 01090 #endif /* POLARSSL_PEM_C */ 01091 #endif /* POLARSSL_FS_IO */ 01092 01093 #ifdef POLARSSL_PEM_C 01094 #ifdef POLARSSL_FS_IO 01095 01096 FCT_TEST_BGN(x509_time_expired_1) 01097 { 01098 x509_cert crt; 01099 01100 memset( &crt, 0, sizeof( x509_cert ) ); 01101 01102 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01103 fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 ); 01104 } 01105 FCT_TEST_END(); 01106 #endif /* POLARSSL_PEM_C */ 01107 #endif /* POLARSSL_FS_IO */ 01108 01109 #ifdef POLARSSL_PEM_C 01110 #ifdef POLARSSL_FS_IO 01111 01112 FCT_TEST_BGN(x509_time_expired_2) 01113 { 01114 x509_cert crt; 01115 01116 memset( &crt, 0, sizeof( x509_cert ) ); 01117 01118 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01119 fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 ); 01120 } 01121 FCT_TEST_END(); 01122 #endif /* POLARSSL_PEM_C */ 01123 #endif /* POLARSSL_FS_IO */ 01124 01125 #ifdef POLARSSL_PEM_C 01126 #ifdef POLARSSL_FS_IO 01127 01128 FCT_TEST_BGN(x509_time_expired_3) 01129 { 01130 x509_cert crt; 01131 01132 memset( &crt, 0, sizeof( x509_cert ) ); 01133 01134 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01135 fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 ); 01136 } 01137 FCT_TEST_END(); 01138 #endif /* POLARSSL_PEM_C */ 01139 #endif /* POLARSSL_FS_IO */ 01140 01141 #ifdef POLARSSL_PEM_C 01142 #ifdef POLARSSL_FS_IO 01143 01144 FCT_TEST_BGN(x509_time_expired_4) 01145 { 01146 x509_cert crt; 01147 01148 memset( &crt, 0, sizeof( x509_cert ) ); 01149 01150 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01151 fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 ); 01152 } 01153 FCT_TEST_END(); 01154 #endif /* POLARSSL_PEM_C */ 01155 #endif /* POLARSSL_FS_IO */ 01156 01157 #ifdef POLARSSL_PEM_C 01158 #ifdef POLARSSL_FS_IO 01159 01160 FCT_TEST_BGN(x509_time_expired_5) 01161 { 01162 x509_cert crt; 01163 01164 memset( &crt, 0, sizeof( x509_cert ) ); 01165 01166 fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 ); 01167 fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 ); 01168 } 01169 FCT_TEST_END(); 01170 #endif /* POLARSSL_PEM_C */ 01171 #endif /* POLARSSL_FS_IO */ 01172 01173 #ifdef POLARSSL_PEM_C 01174 #ifdef POLARSSL_FS_IO 01175 01176 FCT_TEST_BGN(x509_time_expired_6polarssl_fs_io) 01177 { 01178 x509_cert crt; 01179 01180 memset( &crt, 0, sizeof( x509_cert ) ); 01181 01182 fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 ); 01183 fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 ); 01184 } 01185 FCT_TEST_END(); 01186 #endif /* POLARSSL_PEM_C */ 01187 #endif /* POLARSSL_FS_IO */ 01188 01189 #ifdef POLARSSL_PEM_C 01190 #ifdef POLARSSL_FS_IO 01191 01192 FCT_TEST_BGN(x509_certificate_verification_1_revoked_cert_expired_crl) 01193 { 01194 x509_cert crt; 01195 x509_cert ca; 01196 x509_crl crl; 01197 int flags = 0; 01198 int res; 01199 01200 memset( &crt, 0, sizeof( x509_cert ) ); 01201 memset( &ca, 0, sizeof( x509_cert ) ); 01202 memset( &crl, 0, sizeof( x509_crl ) ); 01203 01204 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01205 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01206 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 01207 01208 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01209 01210 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01211 fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) ); 01212 } 01213 FCT_TEST_END(); 01214 #endif /* POLARSSL_PEM_C */ 01215 #endif /* POLARSSL_FS_IO */ 01216 01217 #ifdef POLARSSL_PEM_C 01218 #ifdef POLARSSL_FS_IO 01219 01220 FCT_TEST_BGN(x509_certificate_verification_2_revoked_cert_expired_crl) 01221 { 01222 x509_cert crt; 01223 x509_cert ca; 01224 x509_crl crl; 01225 int flags = 0; 01226 int res; 01227 01228 memset( &crt, 0, sizeof( x509_cert ) ); 01229 memset( &ca, 0, sizeof( x509_cert ) ); 01230 memset( &crl, 0, sizeof( x509_crl ) ); 01231 01232 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01233 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01234 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 01235 01236 res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL ); 01237 01238 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01239 fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) ); 01240 } 01241 FCT_TEST_END(); 01242 #endif /* POLARSSL_PEM_C */ 01243 #endif /* POLARSSL_FS_IO */ 01244 01245 #ifdef POLARSSL_PEM_C 01246 #ifdef POLARSSL_FS_IO 01247 01248 FCT_TEST_BGN(x509_certificate_verification_3_revoked_cert_expired_crl_cn_mismatch) 01249 { 01250 x509_cert crt; 01251 x509_cert ca; 01252 x509_crl crl; 01253 int flags = 0; 01254 int res; 01255 01256 memset( &crt, 0, sizeof( x509_cert ) ); 01257 memset( &ca, 0, sizeof( x509_cert ) ); 01258 memset( &crl, 0, sizeof( x509_crl ) ); 01259 01260 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01261 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01262 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 01263 01264 res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL ); 01265 01266 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01267 fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH ) ); 01268 } 01269 FCT_TEST_END(); 01270 #endif /* POLARSSL_PEM_C */ 01271 #endif /* POLARSSL_FS_IO */ 01272 01273 #ifdef POLARSSL_PEM_C 01274 #ifdef POLARSSL_FS_IO 01275 01276 FCT_TEST_BGN(x509_certificate_verification_4_valid_cert_expired_crl) 01277 { 01278 x509_cert crt; 01279 x509_cert ca; 01280 x509_crl crl; 01281 int flags = 0; 01282 int res; 01283 01284 memset( &crt, 0, sizeof( x509_cert ) ); 01285 memset( &ca, 0, sizeof( x509_cert ) ); 01286 memset( &crl, 0, sizeof( x509_crl ) ); 01287 01288 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01289 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01290 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 01291 01292 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01293 01294 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01295 fct_chk( flags == ( BADCRL_EXPIRED ) ); 01296 } 01297 FCT_TEST_END(); 01298 #endif /* POLARSSL_PEM_C */ 01299 #endif /* POLARSSL_FS_IO */ 01300 01301 #ifdef POLARSSL_PEM_C 01302 #ifdef POLARSSL_FS_IO 01303 01304 FCT_TEST_BGN(x509_certificate_verification_5_revoked_cert) 01305 { 01306 x509_cert crt; 01307 x509_cert ca; 01308 x509_crl crl; 01309 int flags = 0; 01310 int res; 01311 01312 memset( &crt, 0, sizeof( x509_cert ) ); 01313 memset( &ca, 0, sizeof( x509_cert ) ); 01314 memset( &crl, 0, sizeof( x509_crl ) ); 01315 01316 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01317 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01318 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01319 01320 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01321 01322 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01323 fct_chk( flags == ( BADCERT_REVOKED ) ); 01324 } 01325 FCT_TEST_END(); 01326 #endif /* POLARSSL_PEM_C */ 01327 #endif /* POLARSSL_FS_IO */ 01328 01329 #ifdef POLARSSL_PEM_C 01330 #ifdef POLARSSL_FS_IO 01331 01332 FCT_TEST_BGN(x509_certificate_verification_6_revoked_cert) 01333 { 01334 x509_cert crt; 01335 x509_cert ca; 01336 x509_crl crl; 01337 int flags = 0; 01338 int res; 01339 01340 memset( &crt, 0, sizeof( x509_cert ) ); 01341 memset( &ca, 0, sizeof( x509_cert ) ); 01342 memset( &crl, 0, sizeof( x509_crl ) ); 01343 01344 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01345 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01346 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01347 01348 res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL ); 01349 01350 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01351 fct_chk( flags == ( BADCERT_REVOKED ) ); 01352 } 01353 FCT_TEST_END(); 01354 #endif /* POLARSSL_PEM_C */ 01355 #endif /* POLARSSL_FS_IO */ 01356 01357 #ifdef POLARSSL_PEM_C 01358 #ifdef POLARSSL_FS_IO 01359 01360 FCT_TEST_BGN(x509_certificate_verification_7_revoked_cert_cn_mismatch) 01361 { 01362 x509_cert crt; 01363 x509_cert ca; 01364 x509_crl crl; 01365 int flags = 0; 01366 int res; 01367 01368 memset( &crt, 0, sizeof( x509_cert ) ); 01369 memset( &ca, 0, sizeof( x509_cert ) ); 01370 memset( &crl, 0, sizeof( x509_crl ) ); 01371 01372 fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 ); 01373 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01374 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01375 01376 res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL ); 01377 01378 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01379 fct_chk( flags == ( BADCERT_REVOKED | BADCERT_CN_MISMATCH ) ); 01380 } 01381 FCT_TEST_END(); 01382 #endif /* POLARSSL_PEM_C */ 01383 #endif /* POLARSSL_FS_IO */ 01384 01385 #ifdef POLARSSL_PEM_C 01386 #ifdef POLARSSL_FS_IO 01387 01388 FCT_TEST_BGN(x509_certificate_verification_8_valid_cert) 01389 { 01390 x509_cert crt; 01391 x509_cert ca; 01392 x509_crl crl; 01393 int flags = 0; 01394 int res; 01395 01396 memset( &crt, 0, sizeof( x509_cert ) ); 01397 memset( &ca, 0, sizeof( x509_cert ) ); 01398 memset( &crl, 0, sizeof( x509_crl ) ); 01399 01400 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01401 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01402 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01403 01404 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01405 01406 fct_chk( res == ( 0 ) ); 01407 fct_chk( flags == ( 0 ) ); 01408 } 01409 FCT_TEST_END(); 01410 #endif /* POLARSSL_PEM_C */ 01411 #endif /* POLARSSL_FS_IO */ 01412 01413 #ifdef POLARSSL_PEM_C 01414 #ifdef POLARSSL_FS_IO 01415 01416 FCT_TEST_BGN(x509_certificate_verification_9_not_trusted_cert) 01417 { 01418 x509_cert crt; 01419 x509_cert ca; 01420 x509_crl crl; 01421 int flags = 0; 01422 int res; 01423 01424 memset( &crt, 0, sizeof( x509_cert ) ); 01425 memset( &ca, 0, sizeof( x509_cert ) ); 01426 memset( &crl, 0, sizeof( x509_crl ) ); 01427 01428 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01429 fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 ); 01430 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01431 01432 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01433 01434 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01435 fct_chk( flags == ( BADCERT_NOT_TRUSTED ) ); 01436 } 01437 FCT_TEST_END(); 01438 #endif /* POLARSSL_PEM_C */ 01439 #endif /* POLARSSL_FS_IO */ 01440 01441 #ifdef POLARSSL_PEM_C 01442 #ifdef POLARSSL_FS_IO 01443 01444 FCT_TEST_BGN(x509_certificate_verification_10_not_trusted_cert_expired_crl) 01445 { 01446 x509_cert crt; 01447 x509_cert ca; 01448 x509_crl crl; 01449 int flags = 0; 01450 int res; 01451 01452 memset( &crt, 0, sizeof( x509_cert ) ); 01453 memset( &ca, 0, sizeof( x509_cert ) ); 01454 memset( &crl, 0, sizeof( x509_crl ) ); 01455 01456 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01457 fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 ); 01458 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 01459 01460 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01461 01462 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01463 fct_chk( flags == ( BADCERT_NOT_TRUSTED ) ); 01464 } 01465 FCT_TEST_END(); 01466 #endif /* POLARSSL_PEM_C */ 01467 #endif /* POLARSSL_FS_IO */ 01468 01469 #ifdef POLARSSL_MD4_C 01470 #ifdef POLARSSL_PEM_C 01471 #ifdef POLARSSL_FS_IO 01472 01473 FCT_TEST_BGN(x509_certificate_verification_12_valid_cert_md4_digest) 01474 { 01475 x509_cert crt; 01476 x509_cert ca; 01477 x509_crl crl; 01478 int flags = 0; 01479 int res; 01480 01481 memset( &crt, 0, sizeof( x509_cert ) ); 01482 memset( &ca, 0, sizeof( x509_cert ) ); 01483 memset( &crl, 0, sizeof( x509_crl ) ); 01484 01485 fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 ); 01486 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01487 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01488 01489 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01490 01491 fct_chk( res == ( 0 ) ); 01492 fct_chk( flags == ( 0 ) ); 01493 } 01494 FCT_TEST_END(); 01495 #endif /* POLARSSL_MD4_C */ 01496 #endif /* POLARSSL_PEM_C */ 01497 #endif /* POLARSSL_FS_IO */ 01498 01499 #ifdef POLARSSL_MD5_C 01500 #ifdef POLARSSL_PEM_C 01501 #ifdef POLARSSL_FS_IO 01502 01503 FCT_TEST_BGN(x509_certificate_verification_13_valid_cert_md5_digest) 01504 { 01505 x509_cert crt; 01506 x509_cert ca; 01507 x509_crl crl; 01508 int flags = 0; 01509 int res; 01510 01511 memset( &crt, 0, sizeof( x509_cert ) ); 01512 memset( &ca, 0, sizeof( x509_cert ) ); 01513 memset( &crl, 0, sizeof( x509_crl ) ); 01514 01515 fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 ); 01516 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01517 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01518 01519 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01520 01521 fct_chk( res == ( 0 ) ); 01522 fct_chk( flags == ( 0 ) ); 01523 } 01524 FCT_TEST_END(); 01525 #endif /* POLARSSL_MD5_C */ 01526 #endif /* POLARSSL_PEM_C */ 01527 #endif /* POLARSSL_FS_IO */ 01528 01529 #ifdef POLARSSL_SHA1_C 01530 #ifdef POLARSSL_PEM_C 01531 #ifdef POLARSSL_FS_IO 01532 01533 FCT_TEST_BGN(x509_certificate_verification_14_valid_cert_sha1_digest) 01534 { 01535 x509_cert crt; 01536 x509_cert ca; 01537 x509_crl crl; 01538 int flags = 0; 01539 int res; 01540 01541 memset( &crt, 0, sizeof( x509_cert ) ); 01542 memset( &ca, 0, sizeof( x509_cert ) ); 01543 memset( &crl, 0, sizeof( x509_crl ) ); 01544 01545 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 ); 01546 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01547 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01548 01549 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01550 01551 fct_chk( res == ( 0 ) ); 01552 fct_chk( flags == ( 0 ) ); 01553 } 01554 FCT_TEST_END(); 01555 #endif /* POLARSSL_SHA1_C */ 01556 #endif /* POLARSSL_PEM_C */ 01557 #endif /* POLARSSL_FS_IO */ 01558 01559 #ifdef POLARSSL_SHA2_C 01560 #ifdef POLARSSL_PEM_C 01561 #ifdef POLARSSL_FS_IO 01562 01563 FCT_TEST_BGN(x509_certificate_verification_15_valid_cert_sha224_digest) 01564 { 01565 x509_cert crt; 01566 x509_cert ca; 01567 x509_crl crl; 01568 int flags = 0; 01569 int res; 01570 01571 memset( &crt, 0, sizeof( x509_cert ) ); 01572 memset( &ca, 0, sizeof( x509_cert ) ); 01573 memset( &crl, 0, sizeof( x509_crl ) ); 01574 01575 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 ); 01576 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01577 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01578 01579 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01580 01581 fct_chk( res == ( 0 ) ); 01582 fct_chk( flags == ( 0 ) ); 01583 } 01584 FCT_TEST_END(); 01585 #endif /* POLARSSL_SHA2_C */ 01586 #endif /* POLARSSL_PEM_C */ 01587 #endif /* POLARSSL_FS_IO */ 01588 01589 #ifdef POLARSSL_SHA2_C 01590 #ifdef POLARSSL_PEM_C 01591 #ifdef POLARSSL_FS_IO 01592 01593 FCT_TEST_BGN(x509_certificate_verification_16_valid_cert_sha256_digest) 01594 { 01595 x509_cert crt; 01596 x509_cert ca; 01597 x509_crl crl; 01598 int flags = 0; 01599 int res; 01600 01601 memset( &crt, 0, sizeof( x509_cert ) ); 01602 memset( &ca, 0, sizeof( x509_cert ) ); 01603 memset( &crl, 0, sizeof( x509_crl ) ); 01604 01605 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 ); 01606 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01607 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01608 01609 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01610 01611 fct_chk( res == ( 0 ) ); 01612 fct_chk( flags == ( 0 ) ); 01613 } 01614 FCT_TEST_END(); 01615 #endif /* POLARSSL_SHA2_C */ 01616 #endif /* POLARSSL_PEM_C */ 01617 #endif /* POLARSSL_FS_IO */ 01618 01619 #ifdef POLARSSL_SHA4_C 01620 #ifdef POLARSSL_PEM_C 01621 #ifdef POLARSSL_FS_IO 01622 01623 FCT_TEST_BGN(x509_certificate_verification_17_valid_cert_sha384_digest) 01624 { 01625 x509_cert crt; 01626 x509_cert ca; 01627 x509_crl crl; 01628 int flags = 0; 01629 int res; 01630 01631 memset( &crt, 0, sizeof( x509_cert ) ); 01632 memset( &ca, 0, sizeof( x509_cert ) ); 01633 memset( &crl, 0, sizeof( x509_crl ) ); 01634 01635 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 ); 01636 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01637 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01638 01639 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01640 01641 fct_chk( res == ( 0 ) ); 01642 fct_chk( flags == ( 0 ) ); 01643 } 01644 FCT_TEST_END(); 01645 #endif /* POLARSSL_SHA4_C */ 01646 #endif /* POLARSSL_PEM_C */ 01647 #endif /* POLARSSL_FS_IO */ 01648 01649 #ifdef POLARSSL_SHA4_C 01650 #ifdef POLARSSL_PEM_C 01651 #ifdef POLARSSL_FS_IO 01652 01653 FCT_TEST_BGN(x509_certificate_verification_18_valid_cert_sha512_digest) 01654 { 01655 x509_cert crt; 01656 x509_cert ca; 01657 x509_crl crl; 01658 int flags = 0; 01659 int res; 01660 01661 memset( &crt, 0, sizeof( x509_cert ) ); 01662 memset( &ca, 0, sizeof( x509_cert ) ); 01663 memset( &crl, 0, sizeof( x509_crl ) ); 01664 01665 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 ); 01666 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01667 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01668 01669 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL ); 01670 01671 fct_chk( res == ( 0 ) ); 01672 fct_chk( flags == ( 0 ) ); 01673 } 01674 FCT_TEST_END(); 01675 #endif /* POLARSSL_SHA4_C */ 01676 #endif /* POLARSSL_PEM_C */ 01677 #endif /* POLARSSL_FS_IO */ 01678 01679 #ifdef POLARSSL_SHA4_C 01680 #ifdef POLARSSL_PEM_C 01681 #ifdef POLARSSL_FS_IO 01682 01683 FCT_TEST_BGN(x509_certificate_verification_19_valid_cert_denying_callback) 01684 { 01685 x509_cert crt; 01686 x509_cert ca; 01687 x509_crl crl; 01688 int flags = 0; 01689 int res; 01690 01691 memset( &crt, 0, sizeof( x509_cert ) ); 01692 memset( &ca, 0, sizeof( x509_cert ) ); 01693 memset( &crl, 0, sizeof( x509_crl ) ); 01694 01695 fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 ); 01696 fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 ); 01697 fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 ); 01698 01699 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, &verify_none, NULL ); 01700 01701 fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) ); 01702 fct_chk( flags == ( 0 ) ); 01703 } 01704 FCT_TEST_END(); 01705 #endif /* POLARSSL_SHA4_C */ 01706 #endif /* POLARSSL_PEM_C */ 01707 #endif /* POLARSSL_FS_IO */ 01708 01709 #ifdef POLARSSL_PEM_C 01710 #ifdef POLARSSL_FS_IO 01711 01712 FCT_TEST_BGN(x509_certificate_verification_20_not_trusted_cert_allowing_callback) 01713 { 01714 x509_cert crt; 01715 x509_cert ca; 01716 x509_crl crl; 01717 int flags = 0; 01718 int res; 01719 01720 memset( &crt, 0, sizeof( x509_cert ) ); 01721 memset( &ca, 0, sizeof( x509_cert ) ); 01722 memset( &crl, 0, sizeof( x509_crl ) ); 01723 01724 fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 ); 01725 fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 ); 01726 fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 ); 01727 01728 res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, &verify_all, NULL ); 01729 01730 fct_chk( res == ( 0 ) ); 01731 fct_chk( flags == ( 0 ) ); 01732 } 01733 FCT_TEST_END(); 01734 #endif /* POLARSSL_PEM_C */ 01735 #endif /* POLARSSL_FS_IO */ 01736 01737 #ifdef POLARSSL_MD5_C 01738 #ifdef POLARSSL_PEM_C 01739 #ifdef POLARSSL_SELF_TEST 01740 01741 FCT_TEST_BGN(x509_parse_selftest) 01742 { 01743 fct_chk( x509_self_test( 0 ) == 0 ); 01744 } 01745 FCT_TEST_END(); 01746 #endif /* POLARSSL_MD5_C */ 01747 #endif /* POLARSSL_PEM_C */ 01748 #endif /* POLARSSL_SELF_TEST */ 01749 01750 01751 FCT_TEST_BGN(x509_certificate_asn1_incorrect_first_tag) 01752 { 01753 x509_cert crt; 01754 unsigned char buf[2000]; 01755 unsigned char output[2000]; 01756 int data_len, res; 01757 01758 memset( &crt, 0, sizeof( x509_cert ) ); 01759 memset( buf, 0, 2000 ); 01760 memset( output, 0, 2000 ); 01761 01762 data_len = unhexify( buf, "" ); 01763 01764 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) ); 01765 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) == 0 ) 01766 { 01767 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01768 01769 fct_chk( res != -1 ); 01770 fct_chk( res != -2 ); 01771 01772 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01773 } 01774 } 01775 FCT_TEST_END(); 01776 01777 01778 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_data_length_does_not_match) 01779 { 01780 x509_cert crt; 01781 unsigned char buf[2000]; 01782 unsigned char output[2000]; 01783 int data_len, res; 01784 01785 memset( &crt, 0, sizeof( x509_cert ) ); 01786 memset( buf, 0, 2000 ); 01787 memset( output, 0, 2000 ); 01788 01789 data_len = unhexify( buf, "300000" ); 01790 01791 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 01792 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 01793 { 01794 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01795 01796 fct_chk( res != -1 ); 01797 fct_chk( res != -2 ); 01798 01799 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01800 } 01801 } 01802 FCT_TEST_END(); 01803 01804 01805 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_no_more_data) 01806 { 01807 x509_cert crt; 01808 unsigned char buf[2000]; 01809 unsigned char output[2000]; 01810 int data_len, res; 01811 01812 memset( &crt, 0, sizeof( x509_cert ) ); 01813 memset( buf, 0, 2000 ); 01814 memset( output, 0, 2000 ); 01815 01816 data_len = unhexify( buf, "3000" ); 01817 01818 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 01819 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 01820 { 01821 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01822 01823 fct_chk( res != -1 ); 01824 fct_chk( res != -2 ); 01825 01826 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01827 } 01828 } 01829 FCT_TEST_END(); 01830 01831 01832 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incorrect) 01833 { 01834 x509_cert crt; 01835 unsigned char buf[2000]; 01836 unsigned char output[2000]; 01837 int data_len, res; 01838 01839 memset( &crt, 0, sizeof( x509_cert ) ); 01840 memset( buf, 0, 2000 ); 01841 memset( output, 0, 2000 ); 01842 01843 data_len = unhexify( buf, "30023085" ); 01844 01845 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH ) ); 01846 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 ) 01847 { 01848 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01849 01850 fct_chk( res != -1 ); 01851 fct_chk( res != -2 ); 01852 01853 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01854 } 01855 } 01856 FCT_TEST_END(); 01857 01858 01859 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete) 01860 { 01861 x509_cert crt; 01862 unsigned char buf[2000]; 01863 unsigned char output[2000]; 01864 int data_len, res; 01865 01866 memset( &crt, 0, sizeof( x509_cert ) ); 01867 memset( buf, 0, 2000 ); 01868 memset( output, 0, 2000 ); 01869 01870 data_len = unhexify( buf, "30023083" ); 01871 01872 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 01873 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 01874 { 01875 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01876 01877 fct_chk( res != -1 ); 01878 fct_chk( res != -2 ); 01879 01880 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01881 } 01882 } 01883 FCT_TEST_END(); 01884 01885 01886 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete) 01887 { 01888 x509_cert crt; 01889 unsigned char buf[2000]; 01890 unsigned char output[2000]; 01891 int data_len, res; 01892 01893 memset( &crt, 0, sizeof( x509_cert ) ); 01894 memset( buf, 0, 2000 ); 01895 memset( output, 0, 2000 ); 01896 01897 data_len = unhexify( buf, "30023081" ); 01898 01899 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 01900 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 01901 { 01902 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01903 01904 fct_chk( res != -1 ); 01905 fct_chk( res != -2 ); 01906 01907 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01908 } 01909 } 01910 FCT_TEST_END(); 01911 01912 01913 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete) 01914 { 01915 x509_cert crt; 01916 unsigned char buf[2000]; 01917 unsigned char output[2000]; 01918 int data_len, res; 01919 01920 memset( &crt, 0, sizeof( x509_cert ) ); 01921 memset( buf, 0, 2000 ); 01922 memset( output, 0, 2000 ); 01923 01924 data_len = unhexify( buf, "3003308200" ); 01925 01926 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 01927 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 01928 { 01929 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01930 01931 fct_chk( res != -1 ); 01932 fct_chk( res != -2 ); 01933 01934 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01935 } 01936 } 01937 FCT_TEST_END(); 01938 01939 01940 FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_second_tag_no_tbscertificate) 01941 { 01942 x509_cert crt; 01943 unsigned char buf[2000]; 01944 unsigned char output[2000]; 01945 int data_len, res; 01946 01947 memset( &crt, 0, sizeof( x509_cert ) ); 01948 memset( buf, 0, 2000 ); 01949 memset( output, 0, 2000 ); 01950 01951 data_len = unhexify( buf, "300100" ); 01952 01953 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 01954 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 01955 { 01956 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01957 01958 fct_chk( res != -1 ); 01959 fct_chk( res != -2 ); 01960 01961 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01962 } 01963 } 01964 FCT_TEST_END(); 01965 01966 01967 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_no_version_tag_serial_missing) 01968 { 01969 x509_cert crt; 01970 unsigned char buf[2000]; 01971 unsigned char output[2000]; 01972 int data_len, res; 01973 01974 memset( &crt, 0, sizeof( x509_cert ) ); 01975 memset( buf, 0, 2000 ); 01976 memset( output, 0, 2000 ); 01977 01978 data_len = unhexify( buf, "3003300100" ); 01979 01980 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 01981 if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 01982 { 01983 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 01984 01985 fct_chk( res != -1 ); 01986 fct_chk( res != -2 ); 01987 01988 fct_chk( strcmp( (char *) output, "" ) == 0 ); 01989 } 01990 } 01991 FCT_TEST_END(); 01992 01993 01994 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_version_tag) 01995 { 01996 x509_cert crt; 01997 unsigned char buf[2000]; 01998 unsigned char output[2000]; 01999 int data_len, res; 02000 02001 memset( &crt, 0, sizeof( x509_cert ) ); 02002 memset( buf, 0, 2000 ); 02003 memset( output, 0, 2000 ); 02004 02005 data_len = unhexify( buf, "30053003a00101" ); 02006 02007 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02008 if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02009 { 02010 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02011 02012 fct_chk( res != -1 ); 02013 fct_chk( res != -2 ); 02014 02015 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02016 } 02017 } 02018 FCT_TEST_END(); 02019 02020 02021 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_length) 02022 { 02023 x509_cert crt; 02024 unsigned char buf[2000]; 02025 unsigned char output[2000]; 02026 int data_len, res; 02027 02028 memset( &crt, 0, sizeof( x509_cert ) ); 02029 memset( buf, 0, 2000 ); 02030 memset( output, 0, 2000 ); 02031 02032 data_len = unhexify( buf, "30053003a00102" ); 02033 02034 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02035 if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02036 { 02037 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02038 02039 fct_chk( res != -1 ); 02040 fct_chk( res != -2 ); 02041 02042 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02043 } 02044 } 02045 FCT_TEST_END(); 02046 02047 02048 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_invalid_length) 02049 { 02050 x509_cert crt; 02051 unsigned char buf[2000]; 02052 unsigned char output[2000]; 02053 int data_len, res; 02054 02055 memset( &crt, 0, sizeof( x509_cert ) ); 02056 memset( buf, 0, 2000 ); 02057 memset( output, 0, 2000 ); 02058 02059 data_len = unhexify( buf, "30163014a012021000000000000000000000000000000000" ); 02060 02061 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH ) ); 02062 if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 ) 02063 { 02064 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02065 02066 fct_chk( res != -1 ); 02067 fct_chk( res != -2 ); 02068 02069 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02070 } 02071 } 02072 FCT_TEST_END(); 02073 02074 02075 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_serial) 02076 { 02077 x509_cert crt; 02078 unsigned char buf[2000]; 02079 unsigned char output[2000]; 02080 int data_len, res; 02081 02082 memset( &crt, 0, sizeof( x509_cert ) ); 02083 memset( buf, 0, 2000 ); 02084 memset( output, 0, 2000 ); 02085 02086 data_len = unhexify( buf, "30073005a003020104" ); 02087 02088 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02089 if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02090 { 02091 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02092 02093 fct_chk( res != -1 ); 02094 fct_chk( res != -2 ); 02095 02096 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02097 } 02098 } 02099 FCT_TEST_END(); 02100 02101 02102 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_length_version_tag) 02103 { 02104 x509_cert crt; 02105 unsigned char buf[2000]; 02106 unsigned char output[2000]; 02107 int data_len, res; 02108 02109 memset( &crt, 0, sizeof( x509_cert ) ); 02110 memset( buf, 0, 2000 ); 02111 memset( output, 0, 2000 ); 02112 02113 data_len = unhexify( buf, "30083006a00402010400" ); 02114 02115 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 02116 if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 02117 { 02118 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02119 02120 fct_chk( res != -1 ); 02121 fct_chk( res != -2 ); 02122 02123 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02124 } 02125 } 02126 FCT_TEST_END(); 02127 02128 02129 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_tag) 02130 { 02131 x509_cert crt; 02132 unsigned char buf[2000]; 02133 unsigned char output[2000]; 02134 int data_len, res; 02135 02136 memset( &crt, 0, sizeof( x509_cert ) ); 02137 memset( buf, 0, 2000 ); 02138 memset( output, 0, 2000 ); 02139 02140 data_len = unhexify( buf, "30083006a00302010400" ); 02141 02142 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02143 if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02144 { 02145 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02146 02147 fct_chk( res != -1 ); 02148 fct_chk( res != -2 ); 02149 02150 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02151 } 02152 } 02153 FCT_TEST_END(); 02154 02155 02156 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_length) 02157 { 02158 x509_cert crt; 02159 unsigned char buf[2000]; 02160 unsigned char output[2000]; 02161 int data_len, res; 02162 02163 memset( &crt, 0, sizeof( x509_cert ) ); 02164 memset( buf, 0, 2000 ); 02165 memset( output, 0, 2000 ); 02166 02167 data_len = unhexify( buf, "30083006a00302010482" ); 02168 02169 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02170 if( ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02171 { 02172 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02173 02174 fct_chk( res != -1 ); 02175 fct_chk( res != -2 ); 02176 02177 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02178 } 02179 } 02180 FCT_TEST_END(); 02181 02182 02183 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg) 02184 { 02185 x509_cert crt; 02186 unsigned char buf[2000]; 02187 unsigned char output[2000]; 02188 int data_len, res; 02189 02190 memset( &crt, 0, sizeof( x509_cert ) ); 02191 memset( buf, 0, 2000 ); 02192 memset( output, 0, 2000 ); 02193 02194 data_len = unhexify( buf, "300d300ba0030201048204deadbeef" ); 02195 02196 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02197 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02198 { 02199 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02200 02201 fct_chk( res != -1 ); 02202 fct_chk( res != -2 ); 02203 02204 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02205 } 02206 } 02207 FCT_TEST_END(); 02208 02209 02210 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg_oid) 02211 { 02212 x509_cert crt; 02213 unsigned char buf[2000]; 02214 unsigned char output[2000]; 02215 int data_len, res; 02216 02217 memset( &crt, 0, sizeof( x509_cert ) ); 02218 memset( buf, 0, 2000 ); 02219 memset( output, 0, 2000 ); 02220 02221 data_len = unhexify( buf, "300e300ca0030201048204deadbeef00" ); 02222 02223 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02224 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02225 { 02226 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02227 02228 fct_chk( res != -1 ); 02229 fct_chk( res != -2 ); 02230 02231 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02232 } 02233 } 02234 FCT_TEST_END(); 02235 02236 02237 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_oid_no_data_in_sequence) 02238 { 02239 x509_cert crt; 02240 unsigned char buf[2000]; 02241 unsigned char output[2000]; 02242 int data_len, res; 02243 02244 memset( &crt, 0, sizeof( x509_cert ) ); 02245 memset( buf, 0, 2000 ); 02246 memset( output, 0, 2000 ); 02247 02248 data_len = unhexify( buf, "300f300da0030201048204deadbeef3000" ); 02249 02250 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02251 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02252 { 02253 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02254 02255 fct_chk( res != -1 ); 02256 fct_chk( res != -2 ); 02257 02258 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02259 } 02260 } 02261 FCT_TEST_END(); 02262 02263 02264 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_with_params) 02265 { 02266 x509_cert crt; 02267 unsigned char buf[2000]; 02268 unsigned char output[2000]; 02269 int data_len, res; 02270 02271 memset( &crt, 0, sizeof( x509_cert ) ); 02272 memset( buf, 0, 2000 ); 02273 memset( output, 0, 2000 ); 02274 02275 data_len = unhexify( buf, "30163014a0030201048204deadbeef30070604cafed00d01" ); 02276 02277 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02278 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02279 { 02280 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02281 02282 fct_chk( res != -1 ); 02283 fct_chk( res != -2 ); 02284 02285 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02286 } 02287 } 02288 FCT_TEST_END(); 02289 02290 02291 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_no_params_unknown_version) 02292 { 02293 x509_cert crt; 02294 unsigned char buf[2000]; 02295 unsigned char output[2000]; 02296 int data_len, res; 02297 02298 memset( &crt, 0, sizeof( x509_cert ) ); 02299 memset( buf, 0, 2000 ); 02300 memset( output, 0, 2000 ); 02301 02302 data_len = unhexify( buf, "30153013a0030201048204deadbeef30060604cafed00d" ); 02303 02304 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) ); 02305 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) == 0 ) 02306 { 02307 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02308 02309 fct_chk( res != -1 ); 02310 fct_chk( res != -2 ); 02311 02312 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02313 } 02314 } 02315 FCT_TEST_END(); 02316 02317 02318 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_unknown_version) 02319 { 02320 x509_cert crt; 02321 unsigned char buf[2000]; 02322 unsigned char output[2000]; 02323 int data_len, res; 02324 02325 memset( &crt, 0, sizeof( x509_cert ) ); 02326 memset( buf, 0, 2000 ); 02327 memset( output, 0, 2000 ); 02328 02329 data_len = unhexify( buf, "30173015a0030201048204deadbeef30080604cafed00d0500" ); 02330 02331 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) ); 02332 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) == 0 ) 02333 { 02334 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02335 02336 fct_chk( res != -1 ); 02337 fct_chk( res != -2 ); 02338 02339 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02340 } 02341 } 02342 FCT_TEST_END(); 02343 02344 02345 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_length_mismatch) 02346 { 02347 x509_cert crt; 02348 unsigned char buf[2000]; 02349 unsigned char output[2000]; 02350 int data_len, res; 02351 02352 memset( &crt, 0, sizeof( x509_cert ) ); 02353 memset( buf, 0, 2000 ); 02354 memset( output, 0, 2000 ); 02355 02356 data_len = unhexify( buf, "30183016a0030201048204deadbeef30090604cafed00d050000" ); 02357 02358 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 02359 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 02360 { 02361 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02362 02363 fct_chk( res != -1 ); 02364 fct_chk( res != -2 ); 02365 02366 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02367 } 02368 } 02369 FCT_TEST_END(); 02370 02371 02372 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_alg_id) 02373 { 02374 x509_cert crt; 02375 unsigned char buf[2000]; 02376 unsigned char output[2000]; 02377 int data_len, res; 02378 02379 memset( &crt, 0, sizeof( x509_cert ) ); 02380 memset( buf, 0, 2000 ); 02381 memset( output, 0, 2000 ); 02382 02383 data_len = unhexify( buf, "30173015a0030201028204deadbeef30080604cafed00d0500" ); 02384 02385 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) ); 02386 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 ) 02387 { 02388 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02389 02390 fct_chk( res != -1 ); 02391 fct_chk( res != -2 ); 02392 02393 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02394 } 02395 } 02396 FCT_TEST_END(); 02397 02398 02399 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_specific_alg_id) 02400 { 02401 x509_cert crt; 02402 unsigned char buf[2000]; 02403 unsigned char output[2000]; 02404 int data_len, res; 02405 02406 memset( &crt, 0, sizeof( x509_cert ) ); 02407 memset( buf, 0, 2000 ); 02408 memset( output, 0, 2000 ); 02409 02410 data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101020500" ); 02411 02412 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02413 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02414 { 02415 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02416 02417 fct_chk( res != -1 ); 02418 fct_chk( res != -2 ); 02419 02420 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02421 } 02422 } 02423 FCT_TEST_END(); 02424 02425 02426 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_specific_alg_id) 02427 { 02428 x509_cert crt; 02429 unsigned char buf[2000]; 02430 unsigned char output[2000]; 02431 int data_len, res; 02432 02433 memset( &crt, 0, sizeof( x509_cert ) ); 02434 memset( buf, 0, 2000 ); 02435 memset( output, 0, 2000 ); 02436 02437 data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101010500" ); 02438 02439 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) ); 02440 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 ) 02441 { 02442 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02443 02444 fct_chk( res != -1 ); 02445 fct_chk( res != -2 ); 02446 02447 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02448 } 02449 } 02450 FCT_TEST_END(); 02451 02452 02453 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_set_data) 02454 { 02455 x509_cert crt; 02456 unsigned char buf[2000]; 02457 unsigned char output[2000]; 02458 int data_len, res; 02459 02460 memset( &crt, 0, sizeof( x509_cert ) ); 02461 memset( buf, 0, 2000 ); 02462 memset( output, 0, 2000 ); 02463 02464 data_len = unhexify( buf, "301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000" ); 02465 02466 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02467 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02468 { 02469 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02470 02471 fct_chk( res != -1 ); 02472 fct_chk( res != -2 ); 02473 02474 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02475 } 02476 } 02477 FCT_TEST_END(); 02478 02479 02480 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_seq_data) 02481 { 02482 x509_cert crt; 02483 unsigned char buf[2000]; 02484 unsigned char output[2000]; 02485 int data_len, res; 02486 02487 memset( &crt, 0, sizeof( x509_cert ) ); 02488 memset( buf, 0, 2000 ); 02489 memset( output, 0, 2000 ); 02490 02491 data_len = unhexify( buf, "3020301ea0030201028204deadbeef300d06092a864886f70d010102050030023100" ); 02492 02493 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02494 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02495 { 02496 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02497 02498 fct_chk( res != -1 ); 02499 fct_chk( res != -2 ); 02500 02501 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02502 } 02503 } 02504 FCT_TEST_END(); 02505 02506 02507 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_set_data) 02508 { 02509 x509_cert crt; 02510 unsigned char buf[2000]; 02511 unsigned char output[2000]; 02512 int data_len, res; 02513 02514 memset( &crt, 0, sizeof( x509_cert ) ); 02515 memset( buf, 0, 2000 ); 02516 memset( output, 0, 2000 ); 02517 02518 data_len = unhexify( buf, "30223020a0030201028204deadbeef300d06092a864886f70d0101020500300431023000" ); 02519 02520 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02521 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02522 { 02523 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02524 02525 fct_chk( res != -1 ); 02526 fct_chk( res != -2 ); 02527 02528 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02529 } 02530 } 02531 FCT_TEST_END(); 02532 02533 02534 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_two_inner_set_datas) 02535 { 02536 x509_cert crt; 02537 unsigned char buf[2000]; 02538 unsigned char output[2000]; 02539 int data_len, res; 02540 02541 memset( &crt, 0, sizeof( x509_cert ) ); 02542 memset( buf, 0, 2000 ); 02543 memset( output, 0, 2000 ); 02544 02545 data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430003000" ); 02546 02547 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02548 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02549 { 02550 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02551 02552 fct_chk( res != -1 ); 02553 fct_chk( res != -2 ); 02554 02555 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02556 } 02557 } 02558 FCT_TEST_END(); 02559 02560 02561 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_oid_data) 02562 { 02563 x509_cert crt; 02564 unsigned char buf[2000]; 02565 unsigned char output[2000]; 02566 int data_len, res; 02567 02568 memset( &crt, 0, sizeof( x509_cert ) ); 02569 memset( buf, 0, 2000 ); 02570 memset( output, 0, 2000 ); 02571 02572 data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430020600" ); 02573 02574 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02575 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02576 { 02577 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02578 02579 fct_chk( res != -1 ); 02580 fct_chk( res != -2 ); 02581 02582 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02583 } 02584 } 02585 FCT_TEST_END(); 02586 02587 02588 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_invalid_tag) 02589 { 02590 x509_cert crt; 02591 unsigned char buf[2000]; 02592 unsigned char output[2000]; 02593 int data_len, res; 02594 02595 memset( &crt, 0, sizeof( x509_cert ) ); 02596 memset( buf, 0, 2000 ); 02597 memset( output, 0, 2000 ); 02598 02599 data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600060454657374" ); 02600 02601 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02602 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02603 { 02604 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02605 02606 fct_chk( res != -1 ); 02607 fct_chk( res != -2 ); 02608 02609 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02610 } 02611 } 02612 FCT_TEST_END(); 02613 02614 02615 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_string_data) 02616 { 02617 x509_cert crt; 02618 unsigned char buf[2000]; 02619 unsigned char output[2000]; 02620 int data_len, res; 02621 02622 memset( &crt, 0, sizeof( x509_cert ) ); 02623 memset( buf, 0, 2000 ); 02624 memset( output, 0, 2000 ); 02625 02626 data_len = unhexify( buf, "30253023a0030201028204deadbeef300d06092a864886f70d0101020500300731053003060013" ); 02627 02628 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02629 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02630 { 02631 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02632 02633 fct_chk( res != -1 ); 02634 fct_chk( res != -2 ); 02635 02636 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02637 } 02638 } 02639 FCT_TEST_END(); 02640 02641 02642 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_full_following_string) 02643 { 02644 x509_cert crt; 02645 unsigned char buf[2000]; 02646 unsigned char output[2000]; 02647 int data_len, res; 02648 02649 memset( &crt, 0, sizeof( x509_cert ) ); 02650 memset( buf, 0, 2000 ); 02651 memset( output, 0, 2000 ); 02652 02653 data_len = unhexify( buf, "302b3029a0030201028204deadbeef300d06092a864886f70d0101020500300d310b3009060013045465737400" ); 02654 02655 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 02656 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 02657 { 02658 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02659 02660 fct_chk( res != -1 ); 02661 fct_chk( res != -2 ); 02662 02663 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02664 } 02665 } 02666 FCT_TEST_END(); 02667 02668 02669 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_issuer_no_validity) 02670 { 02671 x509_cert crt; 02672 unsigned char buf[2000]; 02673 unsigned char output[2000]; 02674 int data_len, res; 02675 02676 memset( &crt, 0, sizeof( x509_cert ) ); 02677 memset( buf, 0, 2000 ); 02678 memset( output, 0, 2000 ); 02679 02680 data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374" ); 02681 02682 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02683 if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02684 { 02685 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02686 02687 fct_chk( res != -1 ); 02688 fct_chk( res != -2 ); 02689 02690 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02691 } 02692 } 02693 FCT_TEST_END(); 02694 02695 02696 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_too_much_date_data) 02697 { 02698 x509_cert crt; 02699 unsigned char buf[2000]; 02700 unsigned char output[2000]; 02701 int data_len, res; 02702 02703 memset( &crt, 0, sizeof( x509_cert ) ); 02704 memset( buf, 0, 2000 ); 02705 memset( output, 0, 2000 ); 02706 02707 data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301d170c303930313031303030303030170c30393132333132333539353900" ); 02708 02709 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 02710 if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 02711 { 02712 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02713 02714 fct_chk( res != -1 ); 02715 fct_chk( res != -2 ); 02716 02717 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02718 } 02719 } 02720 FCT_TEST_END(); 02721 02722 02723 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_from_date) 02724 { 02725 x509_cert crt; 02726 unsigned char buf[2000]; 02727 unsigned char output[2000]; 02728 int data_len, res; 02729 02730 memset( &crt, 0, sizeof( x509_cert ) ); 02731 memset( buf, 0, 2000 ); 02732 memset( output, 0, 2000 ); 02733 02734 data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323300000000" ); 02735 02736 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) ); 02737 if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) == 0 ) 02738 { 02739 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02740 02741 fct_chk( res != -1 ); 02742 fct_chk( res != -2 ); 02743 02744 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02745 } 02746 } 02747 FCT_TEST_END(); 02748 02749 02750 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_to_date) 02751 { 02752 x509_cert crt; 02753 unsigned char buf[2000]; 02754 unsigned char output[2000]; 02755 int data_len, res; 02756 02757 memset( &crt, 0, sizeof( x509_cert ) ); 02758 memset( buf, 0, 2000 ); 02759 memset( output, 0, 2000 ); 02760 02761 data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323300000000" ); 02762 02763 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) ); 02764 if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) == 0 ) 02765 { 02766 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02767 02768 fct_chk( res != -1 ); 02769 fct_chk( res != -2 ); 02770 02771 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02772 } 02773 } 02774 FCT_TEST_END(); 02775 02776 02777 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_validity_no_subject) 02778 { 02779 x509_cert crt; 02780 unsigned char buf[2000]; 02781 unsigned char output[2000]; 02782 int data_len, res; 02783 02784 memset( &crt, 0, sizeof( x509_cert ) ); 02785 memset( buf, 0, 2000 ); 02786 memset( output, 0, 2000 ); 02787 02788 data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930" ); 02789 02790 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02791 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02792 { 02793 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02794 02795 fct_chk( res != -1 ); 02796 fct_chk( res != -2 ); 02797 02798 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02799 } 02800 } 02801 FCT_TEST_END(); 02802 02803 02804 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_no_pubkeyinfo) 02805 { 02806 x509_cert crt; 02807 unsigned char buf[2000]; 02808 unsigned char output[2000]; 02809 int data_len, res; 02810 02811 memset( &crt, 0, sizeof( x509_cert ) ); 02812 memset( buf, 0, 2000 ); 02813 memset( output, 0, 2000 ); 02814 02815 data_len = unhexify( buf, "30563054a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374" ); 02816 02817 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02818 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02819 { 02820 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02821 02822 fct_chk( res != -1 ); 02823 fct_chk( res != -2 ); 02824 02825 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02826 } 02827 } 02828 FCT_TEST_END(); 02829 02830 02831 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_alg) 02832 { 02833 x509_cert crt; 02834 unsigned char buf[2000]; 02835 unsigned char output[2000]; 02836 int data_len, res; 02837 02838 memset( &crt, 0, sizeof( x509_cert ) ); 02839 memset( buf, 0, 2000 ); 02840 memset( output, 0, 2000 ); 02841 02842 data_len = unhexify( buf, "30583056a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000" ); 02843 02844 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02845 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02846 { 02847 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02848 02849 fct_chk( res != -1 ); 02850 fct_chk( res != -2 ); 02851 02852 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02853 } 02854 } 02855 FCT_TEST_END(); 02856 02857 02858 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_unknown_pk_alg) 02859 { 02860 x509_cert crt; 02861 unsigned char buf[2000]; 02862 unsigned char output[2000]; 02863 int data_len, res; 02864 02865 memset( &crt, 0, sizeof( x509_cert ) ); 02866 memset( buf, 0, 2000 ); 02867 memset( output, 0, 2000 ); 02868 02869 data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101000500" ); 02870 02871 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) ); 02872 if( ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) == 0 ) 02873 { 02874 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02875 02876 fct_chk( res != -1 ); 02877 fct_chk( res != -2 ); 02878 02879 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02880 } 02881 } 02882 FCT_TEST_END(); 02883 02884 02885 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring) 02886 { 02887 x509_cert crt; 02888 unsigned char buf[2000]; 02889 unsigned char output[2000]; 02890 int data_len, res; 02891 02892 memset( &crt, 0, sizeof( x509_cert ) ); 02893 memset( buf, 0, 2000 ); 02894 memset( output, 0, 2000 ); 02895 02896 data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500" ); 02897 02898 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02899 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02900 { 02901 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02902 02903 fct_chk( res != -1 ); 02904 fct_chk( res != -2 ); 02905 02906 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02907 } 02908 } 02909 FCT_TEST_END(); 02910 02911 02912 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring_data) 02913 { 02914 x509_cert crt; 02915 unsigned char buf[2000]; 02916 unsigned char output[2000]; 02917 int data_len, res; 02918 02919 memset( &crt, 0, sizeof( x509_cert ) ); 02920 memset( buf, 0, 2000 ); 02921 memset( output, 0, 2000 ); 02922 02923 data_len = unhexify( buf, "30693067a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300" ); 02924 02925 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 02926 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 02927 { 02928 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02929 02930 fct_chk( res != -1 ); 02931 fct_chk( res != -2 ); 02932 02933 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02934 } 02935 } 02936 FCT_TEST_END(); 02937 02938 02939 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_bitstring_start) 02940 { 02941 x509_cert crt; 02942 unsigned char buf[2000]; 02943 unsigned char output[2000]; 02944 int data_len, res; 02945 02946 memset( &crt, 0, sizeof( x509_cert ) ); 02947 memset( buf, 0, 2000 ); 02948 memset( output, 0, 2000 ); 02949 02950 data_len = unhexify( buf, "306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101" ); 02951 02952 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ) ); 02953 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ) == 0 ) 02954 { 02955 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02956 02957 fct_chk( res != -1 ); 02958 fct_chk( res != -2 ); 02959 02960 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02961 } 02962 } 02963 FCT_TEST_END(); 02964 02965 02966 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_length) 02967 { 02968 x509_cert crt; 02969 unsigned char buf[2000]; 02970 unsigned char output[2000]; 02971 int data_len, res; 02972 02973 memset( &crt, 0, sizeof( x509_cert ) ); 02974 memset( buf, 0, 2000 ); 02975 memset( output, 0, 2000 ); 02976 02977 data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000" ); 02978 02979 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 02980 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 02981 { 02982 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 02983 02984 fct_chk( res != -1 ); 02985 fct_chk( res != -2 ); 02986 02987 fct_chk( strcmp( (char *) output, "" ) == 0 ); 02988 } 02989 } 02990 FCT_TEST_END(); 02991 02992 02993 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_tag) 02994 { 02995 x509_cert crt; 02996 unsigned char buf[2000]; 02997 unsigned char output[2000]; 02998 int data_len, res; 02999 03000 memset( &crt, 0, sizeof( x509_cert ) ); 03001 memset( buf, 0, 2000 ); 03002 memset( output, 0, 2000 ); 03003 03004 data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000" ); 03005 03006 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 03007 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 03008 { 03009 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03010 03011 fct_chk( res != -1 ); 03012 fct_chk( res != -2 ); 03013 03014 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03015 } 03016 } 03017 FCT_TEST_END(); 03018 03019 03020 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_mpi) 03021 { 03022 x509_cert crt; 03023 unsigned char buf[2000]; 03024 unsigned char output[2000]; 03025 int data_len, res; 03026 03027 memset( &crt, 0, sizeof( x509_cert ) ); 03028 memset( buf, 0, 2000 ); 03029 memset( output, 0, 2000 ); 03030 03031 data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff" ); 03032 03033 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 03034 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 03035 { 03036 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03037 03038 fct_chk( res != -1 ); 03039 fct_chk( res != -2 ); 03040 03041 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03042 } 03043 } 03044 FCT_TEST_END(); 03045 03046 03047 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_total_length_mismatch) 03048 { 03049 x509_cert crt; 03050 unsigned char buf[2000]; 03051 unsigned char output[2000]; 03052 int data_len, res; 03053 03054 memset( &crt, 0, sizeof( x509_cert ) ); 03055 memset( buf, 0, 2000 ); 03056 memset( output, 0, 2000 ); 03057 03058 data_len = unhexify( buf, "30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00" ); 03059 03060 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 03061 if( ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 03062 { 03063 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03064 03065 fct_chk( res != -1 ); 03066 fct_chk( res != -2 ); 03067 03068 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03069 } 03070 } 03071 FCT_TEST_END(); 03072 03073 03074 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed) 03075 { 03076 x509_cert crt; 03077 unsigned char buf[2000]; 03078 unsigned char output[2000]; 03079 int data_len, res; 03080 03081 memset( &crt, 0, sizeof( x509_cert ) ); 03082 memset( buf, 0, 2000 ); 03083 memset( output, 0, 2000 ); 03084 03085 data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff" ); 03086 03087 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) ); 03088 if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 ) 03089 { 03090 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03091 03092 fct_chk( res != -1 ); 03093 fct_chk( res != -2 ); 03094 03095 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03096 } 03097 } 03098 FCT_TEST_END(); 03099 03100 03101 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed_expanded_length_notation) 03102 { 03103 x509_cert crt; 03104 unsigned char buf[2000]; 03105 unsigned char output[2000]; 03106 int data_len, res; 03107 03108 memset( &crt, 0, sizeof( x509_cert ) ); 03109 memset( buf, 0, 2000 ); 03110 memset( output, 0, 2000 ); 03111 03112 data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff" ); 03113 03114 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) ); 03115 if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 ) 03116 { 03117 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03118 03119 fct_chk( res != -1 ); 03120 fct_chk( res != -2 ); 03121 03122 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03123 } 03124 } 03125 FCT_TEST_END(); 03126 03127 03128 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_optional_uids_extensions_not_present) 03129 { 03130 x509_cert crt; 03131 unsigned char buf[2000]; 03132 unsigned char output[2000]; 03133 int data_len, res; 03134 03135 memset( &crt, 0, sizeof( x509_cert ) ); 03136 memset( buf, 0, 2000 ); 03137 memset( output, 0, 2000 ); 03138 03139 data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" ); 03140 03141 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03142 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03143 { 03144 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03145 03146 fct_chk( res != -1 ); 03147 fct_chk( res != -2 ); 03148 03149 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03150 } 03151 } 03152 FCT_TEST_END(); 03153 03154 03155 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_issuerid_wrong_tag) 03156 { 03157 x509_cert crt; 03158 unsigned char buf[2000]; 03159 unsigned char output[2000]; 03160 int data_len, res; 03161 03162 memset( &crt, 0, sizeof( x509_cert ) ); 03163 memset( buf, 0, 2000 ); 03164 memset( output, 0, 2000 ); 03165 03166 data_len = unhexify( buf, "308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00" ); 03167 03168 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 03169 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 03170 { 03171 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03172 03173 fct_chk( res != -1 ); 03174 fct_chk( res != -2 ); 03175 03176 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03177 } 03178 } 03179 FCT_TEST_END(); 03180 03181 03182 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_no_ext) 03183 { 03184 x509_cert crt; 03185 unsigned char buf[2000]; 03186 unsigned char output[2000]; 03187 int data_len, res; 03188 03189 memset( &crt, 0, sizeof( x509_cert ) ); 03190 memset( buf, 0, 2000 ); 03191 memset( output, 0, 2000 ); 03192 03193 data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb" ); 03194 03195 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03196 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03197 { 03198 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03199 03200 fct_chk( res != -1 ); 03201 fct_chk( res != -2 ); 03202 03203 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03204 } 03205 } 03206 FCT_TEST_END(); 03207 03208 03209 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_invalid_length) 03210 { 03211 x509_cert crt; 03212 unsigned char buf[2000]; 03213 unsigned char output[2000]; 03214 int data_len, res; 03215 03216 memset( &crt, 0, sizeof( x509_cert ) ); 03217 memset( buf, 0, 2000 ); 03218 memset( output, 0, 2000 ); 03219 03220 data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb" ); 03221 03222 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) ); 03223 if( ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 ) 03224 { 03225 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03226 03227 fct_chk( res != -1 ); 03228 fct_chk( res != -2 ); 03229 03230 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03231 } 03232 } 03233 FCT_TEST_END(); 03234 03235 03236 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_empty) 03237 { 03238 x509_cert crt; 03239 unsigned char buf[2000]; 03240 unsigned char output[2000]; 03241 int data_len, res; 03242 03243 memset( &crt, 0, sizeof( x509_cert ) ); 03244 memset( buf, 0, 2000 ); 03245 memset( output, 0, 2000 ); 03246 03247 data_len = unhexify( buf, "30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300" ); 03248 03249 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03250 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03251 { 03252 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03253 03254 fct_chk( res != -1 ); 03255 fct_chk( res != -2 ); 03256 03257 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03258 } 03259 } 03260 FCT_TEST_END(); 03261 03262 03263 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_length_mismatch) 03264 { 03265 x509_cert crt; 03266 unsigned char buf[2000]; 03267 unsigned char output[2000]; 03268 int data_len, res; 03269 03270 memset( &crt, 0, sizeof( x509_cert ) ); 03271 memset( buf, 0, 2000 ); 03272 memset( output, 0, 2000 ); 03273 03274 data_len = unhexify( buf, "30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000" ); 03275 03276 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 03277 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 03278 { 03279 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03280 03281 fct_chk( res != -1 ); 03282 fct_chk( res != -2 ); 03283 03284 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03285 } 03286 } 03287 FCT_TEST_END(); 03288 03289 03290 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid) 03291 { 03292 x509_cert crt; 03293 unsigned char buf[2000]; 03294 unsigned char output[2000]; 03295 int data_len, res; 03296 03297 memset( &crt, 0, sizeof( x509_cert ) ); 03298 memset( buf, 0, 2000 ); 03299 memset( output, 0, 2000 ); 03300 03301 data_len = unhexify( buf, "30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000" ); 03302 03303 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03304 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03305 { 03306 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03307 03308 fct_chk( res != -1 ); 03309 fct_chk( res != -2 ); 03310 03311 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03312 } 03313 } 03314 FCT_TEST_END(); 03315 03316 03317 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid_tag) 03318 { 03319 x509_cert crt; 03320 unsigned char buf[2000]; 03321 unsigned char output[2000]; 03322 int data_len, res; 03323 03324 memset( &crt, 0, sizeof( x509_cert ) ); 03325 memset( buf, 0, 2000 ); 03326 memset( output, 0, 2000 ); 03327 03328 data_len = unhexify( buf, "30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000" ); 03329 03330 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 03331 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 03332 { 03333 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03334 03335 fct_chk( res != -1 ); 03336 fct_chk( res != -2 ); 03337 03338 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03339 } 03340 } 03341 FCT_TEST_END(); 03342 03343 03344 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_bool_len_missing) 03345 { 03346 x509_cert crt; 03347 unsigned char buf[2000]; 03348 unsigned char output[2000]; 03349 int data_len, res; 03350 03351 memset( &crt, 0, sizeof( x509_cert ) ); 03352 memset( buf, 0, 2000 ); 03353 memset( output, 0, 2000 ); 03354 03355 data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100" ); 03356 03357 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03358 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03359 { 03360 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03361 03362 fct_chk( res != -1 ); 03363 fct_chk( res != -2 ); 03364 03365 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03366 } 03367 } 03368 FCT_TEST_END(); 03369 03370 03371 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_data_missing) 03372 { 03373 x509_cert crt; 03374 unsigned char buf[2000]; 03375 unsigned char output[2000]; 03376 int data_len, res; 03377 03378 memset( &crt, 0, sizeof( x509_cert ) ); 03379 memset( buf, 0, 2000 ); 03380 memset( output, 0, 2000 ); 03381 03382 data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100" ); 03383 03384 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03385 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03386 { 03387 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03388 03389 fct_chk( res != -1 ); 03390 fct_chk( res != -2 ); 03391 03392 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03393 } 03394 } 03395 FCT_TEST_END(); 03396 03397 03398 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_octet_present) 03399 { 03400 x509_cert crt; 03401 unsigned char buf[2000]; 03402 unsigned char output[2000]; 03403 int data_len, res; 03404 03405 memset( &crt, 0, sizeof( x509_cert ) ); 03406 memset( buf, 0, 2000 ); 03407 memset( output, 0, 2000 ); 03408 03409 data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100" ); 03410 03411 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 03412 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 03413 { 03414 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03415 03416 fct_chk( res != -1 ); 03417 fct_chk( res != -2 ); 03418 03419 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03420 } 03421 } 03422 FCT_TEST_END(); 03423 03424 03425 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_data_missing) 03426 { 03427 x509_cert crt; 03428 unsigned char buf[2000]; 03429 unsigned char output[2000]; 03430 int data_len, res; 03431 03432 memset( &crt, 0, sizeof( x509_cert ) ); 03433 memset( buf, 0, 2000 ); 03434 memset( output, 0, 2000 ); 03435 03436 data_len = unhexify( buf, "30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100" ); 03437 03438 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 03439 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 03440 { 03441 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03442 03443 fct_chk( res != -1 ); 03444 fct_chk( res != -2 ); 03445 03446 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03447 } 03448 } 03449 FCT_TEST_END(); 03450 03451 03452 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_pathlen) 03453 { 03454 x509_cert crt; 03455 unsigned char buf[2000]; 03456 unsigned char output[2000]; 03457 int data_len, res; 03458 03459 memset( &crt, 0, sizeof( x509_cert ) ); 03460 memset( buf, 0, 2000 ); 03461 memset( output, 0, 2000 ); 03462 03463 data_len = unhexify( buf, "30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102" ); 03464 03465 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03466 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03467 { 03468 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03469 03470 fct_chk( res != -1 ); 03471 fct_chk( res != -2 ); 03472 03473 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03474 } 03475 } 03476 FCT_TEST_END(); 03477 03478 03479 FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_len_mismatch) 03480 { 03481 x509_cert crt; 03482 unsigned char buf[2000]; 03483 unsigned char output[2000]; 03484 int data_len, res; 03485 03486 memset( &crt, 0, sizeof( x509_cert ) ); 03487 memset( buf, 0, 2000 ); 03488 memset( output, 0, 2000 ); 03489 03490 data_len = unhexify( buf, "3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100" ); 03491 03492 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 03493 if( ( POLARSSL_ERR_X509_CERT_INVALID_EXTENSIONS + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 03494 { 03495 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03496 03497 fct_chk( res != -1 ); 03498 fct_chk( res != -2 ); 03499 03500 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03501 } 03502 } 03503 FCT_TEST_END(); 03504 03505 03506 FCT_TEST_BGN(x509_certificate_asn1_correct_pubkey_no_sig_alg) 03507 { 03508 x509_cert crt; 03509 unsigned char buf[2000]; 03510 unsigned char output[2000]; 03511 int data_len, res; 03512 03513 memset( &crt, 0, sizeof( x509_cert ) ); 03514 memset( buf, 0, 2000 ); 03515 memset( output, 0, 2000 ); 03516 03517 data_len = unhexify( buf, "308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" ); 03518 03519 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03520 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03521 { 03522 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03523 03524 fct_chk( res != -1 ); 03525 fct_chk( res != -2 ); 03526 03527 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03528 } 03529 } 03530 FCT_TEST_END(); 03531 03532 03533 FCT_TEST_BGN(x509_certificate_asn1_sig_alg_mismatch) 03534 { 03535 x509_cert crt; 03536 unsigned char buf[2000]; 03537 unsigned char output[2000]; 03538 int data_len, res; 03539 03540 memset( &crt, 0, sizeof( x509_cert ) ); 03541 memset( buf, 0, 2000 ); 03542 memset( output, 0, 2000 ); 03543 03544 data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500" ); 03545 03546 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) ); 03547 if( ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) == 0 ) 03548 { 03549 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03550 03551 fct_chk( res != -1 ); 03552 fct_chk( res != -2 ); 03553 03554 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03555 } 03556 } 03557 FCT_TEST_END(); 03558 03559 03560 FCT_TEST_BGN(x509_certificate_asn1_sig_alg_no_sig) 03561 { 03562 x509_cert crt; 03563 unsigned char buf[2000]; 03564 unsigned char output[2000]; 03565 int data_len, res; 03566 03567 memset( &crt, 0, sizeof( x509_cert ) ); 03568 memset( buf, 0, 2000 ); 03569 memset( output, 0, 2000 ); 03570 03571 data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500" ); 03572 03573 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 03574 if( ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 03575 { 03576 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03577 03578 fct_chk( res != -1 ); 03579 fct_chk( res != -2 ); 03580 03581 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03582 } 03583 } 03584 FCT_TEST_END(); 03585 03586 03587 FCT_TEST_BGN(x509_certificate_asn1_signature_invalid_sig_data) 03588 { 03589 x509_cert crt; 03590 unsigned char buf[2000]; 03591 unsigned char output[2000]; 03592 int data_len, res; 03593 03594 memset( &crt, 0, sizeof( x509_cert ) ); 03595 memset( buf, 0, 2000 ); 03596 memset( output, 0, 2000 ); 03597 03598 data_len = unhexify( buf, "308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100" ); 03599 03600 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ) ); 03601 if( ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ) == 0 ) 03602 { 03603 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03604 03605 fct_chk( res != -1 ); 03606 fct_chk( res != -2 ); 03607 03608 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03609 } 03610 } 03611 FCT_TEST_END(); 03612 03613 03614 FCT_TEST_BGN(x509_certificate_asn1_signature_data_left) 03615 { 03616 x509_cert crt; 03617 unsigned char buf[2000]; 03618 unsigned char output[2000]; 03619 int data_len, res; 03620 03621 memset( &crt, 0, sizeof( x509_cert ) ); 03622 memset( buf, 0, 2000 ); 03623 memset( output, 0, 2000 ); 03624 03625 data_len = unhexify( buf, "308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00" ); 03626 03627 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 03628 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 03629 { 03630 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03631 03632 fct_chk( res != -1 ); 03633 fct_chk( res != -2 ); 03634 03635 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03636 } 03637 } 03638 FCT_TEST_END(); 03639 03640 03641 FCT_TEST_BGN(x509_certificate_asn1_correct) 03642 { 03643 x509_cert crt; 03644 unsigned char buf[2000]; 03645 unsigned char output[2000]; 03646 int data_len, res; 03647 03648 memset( &crt, 0, sizeof( x509_cert ) ); 03649 memset( buf, 0, 2000 ); 03650 memset( output, 0, 2000 ); 03651 03652 data_len = unhexify( buf, "308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03653 03654 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03655 if( ( 0 ) == 0 ) 03656 { 03657 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03658 03659 fct_chk( res != -1 ); 03660 fct_chk( res != -2 ); 03661 03662 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ?\?=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03663 } 03664 } 03665 FCT_TEST_END(); 03666 03667 03668 FCT_TEST_BGN(x509_certificate_asn1_generalizedtime_instead_of_utctime) 03669 { 03670 x509_cert crt; 03671 unsigned char buf[2000]; 03672 unsigned char output[2000]; 03673 int data_len, res; 03674 03675 memset( &crt, 0, sizeof( x509_cert ) ); 03676 memset( buf, 0, 2000 ); 03677 memset( output, 0, 2000 ); 03678 03679 data_len = unhexify( buf, "308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03680 03681 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03682 if( ( 0 ) == 0 ) 03683 { 03684 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03685 03686 fct_chk( res != -1 ); 03687 fct_chk( res != -2 ); 03688 03689 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ?\?=Test\nsubject name : ?\?=Test\nissued on : 2010-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03690 } 03691 } 03692 FCT_TEST_END(); 03693 03694 03695 FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_cn) 03696 { 03697 x509_cert crt; 03698 unsigned char buf[2000]; 03699 unsigned char output[2000]; 03700 int data_len, res; 03701 03702 memset( &crt, 0, sizeof( x509_cert ) ); 03703 memset( buf, 0, 2000 ); 03704 memset( output, 0, 2000 ); 03705 03706 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03707 03708 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03709 if( ( 0 ) == 0 ) 03710 { 03711 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03712 03713 fct_chk( res != -1 ); 03714 fct_chk( res != -2 ); 03715 03716 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : CN=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03717 } 03718 } 03719 FCT_TEST_END(); 03720 03721 03722 FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_c) 03723 { 03724 x509_cert crt; 03725 unsigned char buf[2000]; 03726 unsigned char output[2000]; 03727 int data_len, res; 03728 03729 memset( &crt, 0, sizeof( x509_cert ) ); 03730 memset( buf, 0, 2000 ); 03731 memset( output, 0, 2000 ); 03732 03733 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03734 03735 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03736 if( ( 0 ) == 0 ) 03737 { 03738 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03739 03740 fct_chk( res != -1 ); 03741 fct_chk( res != -2 ); 03742 03743 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : C=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03744 } 03745 } 03746 FCT_TEST_END(); 03747 03748 03749 FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_l) 03750 { 03751 x509_cert crt; 03752 unsigned char buf[2000]; 03753 unsigned char output[2000]; 03754 int data_len, res; 03755 03756 memset( &crt, 0, sizeof( x509_cert ) ); 03757 memset( buf, 0, 2000 ); 03758 memset( output, 0, 2000 ); 03759 03760 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03761 03762 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03763 if( ( 0 ) == 0 ) 03764 { 03765 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03766 03767 fct_chk( res != -1 ); 03768 fct_chk( res != -2 ); 03769 03770 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : L=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03771 } 03772 } 03773 FCT_TEST_END(); 03774 03775 03776 FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_st) 03777 { 03778 x509_cert crt; 03779 unsigned char buf[2000]; 03780 unsigned char output[2000]; 03781 int data_len, res; 03782 03783 memset( &crt, 0, sizeof( x509_cert ) ); 03784 memset( buf, 0, 2000 ); 03785 memset( output, 0, 2000 ); 03786 03787 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03788 03789 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03790 if( ( 0 ) == 0 ) 03791 { 03792 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03793 03794 fct_chk( res != -1 ); 03795 fct_chk( res != -2 ); 03796 03797 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ST=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03798 } 03799 } 03800 FCT_TEST_END(); 03801 03802 03803 FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_o) 03804 { 03805 x509_cert crt; 03806 unsigned char buf[2000]; 03807 unsigned char output[2000]; 03808 int data_len, res; 03809 03810 memset( &crt, 0, sizeof( x509_cert ) ); 03811 memset( buf, 0, 2000 ); 03812 memset( output, 0, 2000 ); 03813 03814 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03815 03816 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03817 if( ( 0 ) == 0 ) 03818 { 03819 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03820 03821 fct_chk( res != -1 ); 03822 fct_chk( res != -2 ); 03823 03824 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : O=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03825 } 03826 } 03827 FCT_TEST_END(); 03828 03829 03830 FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_ou) 03831 { 03832 x509_cert crt; 03833 unsigned char buf[2000]; 03834 unsigned char output[2000]; 03835 int data_len, res; 03836 03837 memset( &crt, 0, sizeof( x509_cert ) ); 03838 memset( buf, 0, 2000 ); 03839 memset( output, 0, 2000 ); 03840 03841 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03842 03843 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03844 if( ( 0 ) == 0 ) 03845 { 03846 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03847 03848 fct_chk( res != -1 ); 03849 fct_chk( res != -2 ); 03850 03851 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : OU=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03852 } 03853 } 03854 FCT_TEST_END(); 03855 03856 03857 FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_x520_part) 03858 { 03859 x509_cert crt; 03860 unsigned char buf[2000]; 03861 unsigned char output[2000]; 03862 int data_len, res; 03863 03864 memset( &crt, 0, sizeof( x509_cert ) ); 03865 memset( buf, 0, 2000 ); 03866 memset( output, 0, 2000 ); 03867 03868 data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03869 03870 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03871 if( ( 0 ) == 0 ) 03872 { 03873 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03874 03875 fct_chk( res != -1 ); 03876 fct_chk( res != -2 ); 03877 03878 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : 0xDE=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03879 } 03880 } 03881 FCT_TEST_END(); 03882 03883 03884 FCT_TEST_BGN(x509_certificate_asn1_name_with_pkcs9_email) 03885 { 03886 x509_cert crt; 03887 unsigned char buf[2000]; 03888 unsigned char output[2000]; 03889 int data_len, res; 03890 03891 memset( &crt, 0, sizeof( x509_cert ) ); 03892 memset( buf, 0, 2000 ); 03893 memset( output, 0, 2000 ); 03894 03895 data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03896 03897 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03898 if( ( 0 ) == 0 ) 03899 { 03900 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03901 03902 fct_chk( res != -1 ); 03903 fct_chk( res != -2 ); 03904 03905 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : emailAddress=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03906 } 03907 } 03908 FCT_TEST_END(); 03909 03910 03911 FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_pkcs9_part) 03912 { 03913 x509_cert crt; 03914 unsigned char buf[2000]; 03915 unsigned char output[2000]; 03916 int data_len, res; 03917 03918 memset( &crt, 0, sizeof( x509_cert ) ); 03919 memset( buf, 0, 2000 ); 03920 memset( output, 0, 2000 ); 03921 03922 data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" ); 03923 03924 fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) ); 03925 if( ( 0 ) == 0 ) 03926 { 03927 res = x509parse_cert_info( (char *) output, 2000, "", &crt ); 03928 03929 fct_chk( res != -1 ); 03930 fct_chk( res != -2 ); 03931 03932 fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : 0xAB=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 ); 03933 } 03934 } 03935 FCT_TEST_END(); 03936 03937 03938 FCT_TEST_BGN(x509_crl_asn1_incorrect_first_tag) 03939 { 03940 x509_crl crl; 03941 unsigned char buf[2000]; 03942 unsigned char output[2000]; 03943 int data_len, res; 03944 03945 memset( &crl, 0, sizeof( x509_crl ) ); 03946 memset( buf, 0, 2000 ); 03947 memset( output, 0, 2000 ); 03948 03949 data_len = unhexify( buf, "" ); 03950 03951 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) ); 03952 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) == 0 ) 03953 { 03954 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 03955 03956 fct_chk( res != -1 ); 03957 fct_chk( res != -2 ); 03958 03959 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03960 } 03961 } 03962 FCT_TEST_END(); 03963 03964 03965 FCT_TEST_BGN(x509_crl_asn1_correct_first_tag_data_length_does_not_match) 03966 { 03967 x509_crl crl; 03968 unsigned char buf[2000]; 03969 unsigned char output[2000]; 03970 int data_len, res; 03971 03972 memset( &crl, 0, sizeof( x509_crl ) ); 03973 memset( buf, 0, 2000 ); 03974 memset( output, 0, 2000 ); 03975 03976 data_len = unhexify( buf, "300000" ); 03977 03978 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 03979 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 03980 { 03981 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 03982 03983 fct_chk( res != -1 ); 03984 fct_chk( res != -2 ); 03985 03986 fct_chk( strcmp( (char *) output, "" ) == 0 ); 03987 } 03988 } 03989 FCT_TEST_END(); 03990 03991 03992 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_tag_missing) 03993 { 03994 x509_crl crl; 03995 unsigned char buf[2000]; 03996 unsigned char output[2000]; 03997 int data_len, res; 03998 03999 memset( &crl, 0, sizeof( x509_crl ) ); 04000 memset( buf, 0, 2000 ); 04001 memset( output, 0, 2000 ); 04002 04003 data_len = unhexify( buf, "3000" ); 04004 04005 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04006 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04007 { 04008 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04009 04010 fct_chk( res != -1 ); 04011 fct_chk( res != -2 ); 04012 04013 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04014 } 04015 } 04016 FCT_TEST_END(); 04017 04018 04019 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_tag_len_missing) 04020 { 04021 x509_crl crl; 04022 unsigned char buf[2000]; 04023 unsigned char output[2000]; 04024 int data_len, res; 04025 04026 memset( &crl, 0, sizeof( x509_crl ) ); 04027 memset( buf, 0, 2000 ); 04028 memset( output, 0, 2000 ); 04029 04030 data_len = unhexify( buf, "3003300102" ); 04031 04032 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04033 if( ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04034 { 04035 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04036 04037 fct_chk( res != -1 ); 04038 fct_chk( res != -2 ); 04039 04040 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04041 } 04042 } 04043 FCT_TEST_END(); 04044 04045 04046 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_correct_alg_missing) 04047 { 04048 x509_crl crl; 04049 unsigned char buf[2000]; 04050 unsigned char output[2000]; 04051 int data_len, res; 04052 04053 memset( &crl, 0, sizeof( x509_crl ) ); 04054 memset( buf, 0, 2000 ); 04055 memset( output, 0, 2000 ); 04056 04057 data_len = unhexify( buf, "30053003020100" ); 04058 04059 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04060 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04061 { 04062 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04063 04064 fct_chk( res != -1 ); 04065 fct_chk( res != -2 ); 04066 04067 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04068 } 04069 } 04070 FCT_TEST_END(); 04071 04072 04073 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_alg_correct_incorrect_version) 04074 { 04075 x509_crl crl; 04076 unsigned char buf[2000]; 04077 unsigned char output[2000]; 04078 int data_len, res; 04079 04080 memset( &crl, 0, sizeof( x509_crl ) ); 04081 memset( buf, 0, 2000 ); 04082 memset( output, 0, 2000 ); 04083 04084 data_len = unhexify( buf, "300b3009020102300406000500" ); 04085 04086 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) ); 04087 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) == 0 ) 04088 { 04089 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04090 04091 fct_chk( res != -1 ); 04092 fct_chk( res != -2 ); 04093 04094 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04095 } 04096 } 04097 FCT_TEST_END(); 04098 04099 04100 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_version_sig_oid1_unknown) 04101 { 04102 x509_crl crl; 04103 unsigned char buf[2000]; 04104 unsigned char output[2000]; 04105 int data_len, res; 04106 04107 memset( &crl, 0, sizeof( x509_crl ) ); 04108 memset( buf, 0, 2000 ); 04109 memset( output, 0, 2000 ); 04110 04111 data_len = unhexify( buf, "300b3009020100300406000500" ); 04112 04113 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) ); 04114 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 ) 04115 { 04116 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04117 04118 fct_chk( res != -1 ); 04119 fct_chk( res != -2 ); 04120 04121 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04122 } 04123 } 04124 FCT_TEST_END(); 04125 04126 04127 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_id_unknown) 04128 { 04129 x509_crl crl; 04130 unsigned char buf[2000]; 04131 unsigned char output[2000]; 04132 int data_len, res; 04133 04134 memset( &crl, 0, sizeof( x509_crl ) ); 04135 memset( buf, 0, 2000 ); 04136 memset( output, 0, 2000 ); 04137 04138 data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010f0500" ); 04139 04140 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) ); 04141 if( ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) == 0 ) 04142 { 04143 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04144 04145 fct_chk( res != -1 ); 04146 fct_chk( res != -2 ); 04147 04148 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04149 } 04150 } 04151 FCT_TEST_END(); 04152 04153 04154 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_correct_issuer_missing) 04155 { 04156 x509_crl crl; 04157 unsigned char buf[2000]; 04158 unsigned char output[2000]; 04159 int data_len, res; 04160 04161 memset( &crl, 0, sizeof( x509_crl ) ); 04162 memset( buf, 0, 2000 ); 04163 memset( output, 0, 2000 ); 04164 04165 data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010e0500" ); 04166 04167 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04168 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04169 { 04170 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04171 04172 fct_chk( res != -1 ); 04173 fct_chk( res != -2 ); 04174 04175 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04176 } 04177 } 04178 FCT_TEST_END(); 04179 04180 04181 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_issuer_set_missing) 04182 { 04183 x509_crl crl; 04184 unsigned char buf[2000]; 04185 unsigned char output[2000]; 04186 int data_len, res; 04187 04188 memset( &crl, 0, sizeof( x509_crl ) ); 04189 memset( buf, 0, 2000 ); 04190 memset( output, 0, 2000 ); 04191 04192 data_len = unhexify( buf, "30163014020100300d06092a864886f70d01010e05003000" ); 04193 04194 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04195 if( ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04196 { 04197 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04198 04199 fct_chk( res != -1 ); 04200 fct_chk( res != -2 ); 04201 04202 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04203 } 04204 } 04205 FCT_TEST_END(); 04206 04207 04208 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_issuer_thisupdate_missing) 04209 { 04210 x509_crl crl; 04211 unsigned char buf[2000]; 04212 unsigned char output[2000]; 04213 int data_len, res; 04214 04215 memset( &crl, 0, sizeof( x509_crl ) ); 04216 memset( buf, 0, 2000 ); 04217 memset( output, 0, 2000 ); 04218 04219 data_len = unhexify( buf, "30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344" ); 04220 04221 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04222 if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04223 { 04224 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04225 04226 fct_chk( res != -1 ); 04227 fct_chk( res != -2 ); 04228 04229 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04230 } 04231 } 04232 FCT_TEST_END(); 04233 04234 04235 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_thisupdate_nextupdate_missing_entries_length_missing) 04236 { 04237 x509_crl crl; 04238 unsigned char buf[2000]; 04239 unsigned char output[2000]; 04240 int data_len, res; 04241 04242 memset( &crl, 0, sizeof( x509_crl ) ); 04243 memset( buf, 0, 2000 ); 04244 memset( output, 0, 2000 ); 04245 04246 data_len = unhexify( buf, "30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030" ); 04247 04248 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04249 if( ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04250 { 04251 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04252 04253 fct_chk( res != -1 ); 04254 fct_chk( res != -2 ); 04255 04256 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04257 } 04258 } 04259 FCT_TEST_END(); 04260 04261 04262 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_invalid_sig_alg) 04263 { 04264 x509_crl crl; 04265 unsigned char buf[2000]; 04266 unsigned char output[2000]; 04267 int data_len, res; 04268 04269 memset( &crl, 0, sizeof( x509_crl ) ); 04270 memset( buf, 0, 2000 ); 04271 memset( output, 0, 2000 ); 04272 04273 data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900" ); 04274 04275 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 04276 if( ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 04277 { 04278 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04279 04280 fct_chk( res != -1 ); 04281 fct_chk( res != -2 ); 04282 04283 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04284 } 04285 } 04286 FCT_TEST_END(); 04287 04288 04289 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_date_in_entry_invalid) 04290 { 04291 x509_crl crl; 04292 unsigned char buf[2000]; 04293 unsigned char output[2000]; 04294 int data_len, res; 04295 04296 memset( &crl, 0, sizeof( x509_crl ) ); 04297 memset( buf, 0, 2000 ); 04298 memset( output, 0, 2000 ); 04299 04300 data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900" ); 04301 04302 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 04303 if( ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 04304 { 04305 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04306 04307 fct_chk( res != -1 ); 04308 fct_chk( res != -2 ); 04309 04310 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04311 } 04312 } 04313 FCT_TEST_END(); 04314 04315 04316 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_alg_present_sig_alg_does_not_match) 04317 { 04318 x509_crl crl; 04319 unsigned char buf[2000]; 04320 unsigned char output[2000]; 04321 int data_len, res; 04322 04323 memset( &crl, 0, sizeof( x509_crl ) ); 04324 memset( buf, 0, 2000 ); 04325 memset( output, 0, 2000 ); 04326 04327 data_len = unhexify( buf, "30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500" ); 04328 04329 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) ); 04330 if( ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) == 0 ) 04331 { 04332 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04333 04334 fct_chk( res != -1 ); 04335 fct_chk( res != -2 ); 04336 04337 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04338 } 04339 } 04340 FCT_TEST_END(); 04341 04342 04343 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present_len_mismatch) 04344 { 04345 x509_crl crl; 04346 unsigned char buf[2000]; 04347 unsigned char output[2000]; 04348 int data_len, res; 04349 04350 memset( &crl, 0, sizeof( x509_crl ) ); 04351 memset( buf, 0, 2000 ); 04352 memset( output, 0, 2000 ); 04353 04354 data_len = unhexify( buf, "305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100" ); 04355 04356 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 04357 if( ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 04358 { 04359 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04360 04361 fct_chk( res != -1 ); 04362 fct_chk( res != -2 ); 04363 04364 fct_chk( strcmp( (char *) output, "" ) == 0 ); 04365 } 04366 } 04367 FCT_TEST_END(); 04368 04369 04370 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present) 04371 { 04372 x509_crl crl; 04373 unsigned char buf[2000]; 04374 unsigned char output[2000]; 04375 int data_len, res; 04376 04377 memset( &crl, 0, sizeof( x509_crl ) ); 04378 memset( buf, 0, 2000 ); 04379 memset( output, 0, 2000 ); 04380 04381 data_len = unhexify( buf, "305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001" ); 04382 04383 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) ); 04384 if( ( 0 ) == 0 ) 04385 { 04386 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04387 04388 fct_chk( res != -1 ); 04389 fct_chk( res != -2 ); 04390 04391 fct_chk( strcmp( (char *) output, "CRL version : 1\nissuer name : CN=ABCD\nthis update : 2009-01-01 00:00:00\nnext update : 0000-00-00 00:00:00\nRevoked certificates:\nserial number: AB:CD revocation date: 2008-12-31 23:59:59\nsigned using : RSA+SHA224\n" ) == 0 ); 04392 } 04393 } 04394 FCT_TEST_END(); 04395 04396 04397 FCT_TEST_BGN(x509_crl_asn1_tbscertlist_no_entries) 04398 { 04399 x509_crl crl; 04400 unsigned char buf[2000]; 04401 unsigned char output[2000]; 04402 int data_len, res; 04403 04404 memset( &crl, 0, sizeof( x509_crl ) ); 04405 memset( buf, 0, 2000 ); 04406 memset( output, 0, 2000 ); 04407 04408 data_len = unhexify( buf, "30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001" ); 04409 04410 fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) ); 04411 if( ( 0 ) == 0 ) 04412 { 04413 res = x509parse_crl_info( (char *) output, 2000, "", &crl ); 04414 04415 fct_chk( res != -1 ); 04416 fct_chk( res != -2 ); 04417 04418 fct_chk( strcmp( (char *) output, "CRL version : 1\nissuer name : CN=ABCD\nthis update : 2009-01-01 00:00:00\nnext update : 0000-00-00 00:00:00\nRevoked certificates:\nsigned using : RSA+SHA224\n" ) == 0 ); 04419 } 04420 } 04421 FCT_TEST_END(); 04422 04423 04424 FCT_TEST_BGN(x509_key_asn1_incorrect_first_tag) 04425 { 04426 rsa_context rsa; 04427 unsigned char buf[2000]; 04428 unsigned char output[2000]; 04429 int data_len; 04430 04431 memset( &rsa, 0, sizeof( rsa_context ) ); 04432 memset( buf, 0, 2000 ); 04433 memset( output, 0, 2000 ); 04434 04435 data_len = unhexify( buf, "" ); 04436 04437 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04438 04439 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04440 if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04441 { 04442 fct_chk( 1 ); 04443 } 04444 } 04445 FCT_TEST_END(); 04446 04447 04448 FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_incorrect_version_tag) 04449 { 04450 rsa_context rsa; 04451 unsigned char buf[2000]; 04452 unsigned char output[2000]; 04453 int data_len; 04454 04455 memset( &rsa, 0, sizeof( rsa_context ) ); 04456 memset( buf, 0, 2000 ); 04457 memset( output, 0, 2000 ); 04458 04459 data_len = unhexify( buf, "300100" ); 04460 04461 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04462 04463 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 04464 if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 04465 { 04466 fct_chk( 1 ); 04467 } 04468 } 04469 FCT_TEST_END(); 04470 04471 04472 FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_version_tag_missing) 04473 { 04474 rsa_context rsa; 04475 unsigned char buf[2000]; 04476 unsigned char output[2000]; 04477 int data_len; 04478 04479 memset( &rsa, 0, sizeof( rsa_context ) ); 04480 memset( buf, 0, 2000 ); 04481 memset( output, 0, 2000 ); 04482 04483 data_len = unhexify( buf, "3000" ); 04484 04485 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04486 04487 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) ); 04488 if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 ) 04489 { 04490 fct_chk( 1 ); 04491 } 04492 } 04493 FCT_TEST_END(); 04494 04495 04496 FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_invalid_version) 04497 { 04498 rsa_context rsa; 04499 unsigned char buf[2000]; 04500 unsigned char output[2000]; 04501 int data_len; 04502 04503 memset( &rsa, 0, sizeof( rsa_context ) ); 04504 memset( buf, 0, 2000 ); 04505 memset( output, 0, 2000 ); 04506 04507 data_len = unhexify( buf, "3003020101" ); 04508 04509 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04510 04511 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_VERSION ) ); 04512 if( ( POLARSSL_ERR_X509_KEY_INVALID_VERSION ) == 0 ) 04513 { 04514 fct_chk( 1 ); 04515 } 04516 } 04517 FCT_TEST_END(); 04518 04519 04520 FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_correct_version_incorrect_tag) 04521 { 04522 rsa_context rsa; 04523 unsigned char buf[2000]; 04524 unsigned char output[2000]; 04525 int data_len; 04526 04527 memset( &rsa, 0, sizeof( rsa_context ) ); 04528 memset( buf, 0, 2000 ); 04529 memset( output, 0, 2000 ); 04530 04531 data_len = unhexify( buf, "300402010000" ); 04532 04533 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04534 04535 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) ); 04536 if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) == 0 ) 04537 { 04538 fct_chk( 1 ); 04539 } 04540 } 04541 FCT_TEST_END(); 04542 04543 04544 FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_length_mismatch) 04545 { 04546 rsa_context rsa; 04547 unsigned char buf[2000]; 04548 unsigned char output[2000]; 04549 int data_len; 04550 04551 memset( &rsa, 0, sizeof( rsa_context ) ); 04552 memset( buf, 0, 2000 ); 04553 memset( output, 0, 2000 ); 04554 04555 data_len = unhexify( buf, "301c02010002010102010102010102010102010102010102010102010100" ); 04556 04557 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04558 04559 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) ); 04560 if( ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) == 0 ) 04561 { 04562 fct_chk( 1 ); 04563 } 04564 } 04565 FCT_TEST_END(); 04566 04567 04568 FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_check_privkey_fails) 04569 { 04570 rsa_context rsa; 04571 unsigned char buf[2000]; 04572 unsigned char output[2000]; 04573 int data_len; 04574 04575 memset( &rsa, 0, sizeof( rsa_context ) ); 04576 memset( buf, 0, 2000 ); 04577 memset( output, 0, 2000 ); 04578 04579 data_len = unhexify( buf, "301b020100020101020101020101020101020101020101020101020101" ); 04580 04581 x509parse_key( &rsa, buf, data_len, NULL, 0 ); 04582 04583 fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) ); 04584 if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 ) 04585 { 04586 fct_chk( 1 ); 04587 } 04588 } 04589 FCT_TEST_END(); 04590 04591 } 04592 FCT_SUITE_END(); 04593 04594 #endif /* POLARSSL_X509_PARSE_C */ 04595 #endif /* POLARSSL_BIGNUM_C */ 04596 04597 } 04598 FCT_END(); 04599