PolarSSL v1.1.4
test_suite_x509parse.c
Go to the documentation of this file.
1 #include "fct.h"
2 
3 #include <polarssl/x509.h>
4 #include <polarssl/pem.h>
5 
6 int verify_none( void *data, x509_cert *crt, int certificate_depth, int preverify_ok )
7 {
8  ((void) data);
9  ((void) crt);
10  ((void) certificate_depth);
11  ((void) preverify_ok);
12 
13  return 1;
14 }
15 
16 int verify_all( void *data, x509_cert *crt, int certificate_depth, int preverify_ok )
17 {
18  ((void) data);
19  ((void) crt);
20  ((void) certificate_depth);
21  ((void) preverify_ok);
22 
23  return 0;
24 }
25 
26 
27 #include <polarssl/config.h>
28 
29 #ifdef _MSC_VER
30 #include <basetsd.h>
31 typedef UINT32 uint32_t;
32 #else
33 #include <inttypes.h>
34 #endif
35 
36 /*
37  * 32-bit integer manipulation macros (big endian)
38  */
39 #ifndef GET_ULONG_BE
40 #define GET_ULONG_BE(n,b,i) \
41 { \
42  (n) = ( (unsigned long) (b)[(i) ] << 24 ) \
43  | ( (unsigned long) (b)[(i) + 1] << 16 ) \
44  | ( (unsigned long) (b)[(i) + 2] << 8 ) \
45  | ( (unsigned long) (b)[(i) + 3] ); \
46 }
47 #endif
48 
49 #ifndef PUT_ULONG_BE
50 #define PUT_ULONG_BE(n,b,i) \
51 { \
52  (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \
53  (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \
54  (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \
55  (b)[(i) + 3] = (unsigned char) ( (n) ); \
56 }
57 #endif
58 
59 int unhexify(unsigned char *obuf, const char *ibuf)
60 {
61  unsigned char c, c2;
62  int len = strlen(ibuf) / 2;
63  assert(!(strlen(ibuf) %1)); // must be even number of bytes
64 
65  while (*ibuf != 0)
66  {
67  c = *ibuf++;
68  if( c >= '0' && c <= '9' )
69  c -= '0';
70  else if( c >= 'a' && c <= 'f' )
71  c -= 'a' - 10;
72  else if( c >= 'A' && c <= 'F' )
73  c -= 'A' - 10;
74  else
75  assert( 0 );
76 
77  c2 = *ibuf++;
78  if( c2 >= '0' && c2 <= '9' )
79  c2 -= '0';
80  else if( c2 >= 'a' && c2 <= 'f' )
81  c2 -= 'a' - 10;
82  else if( c2 >= 'A' && c2 <= 'F' )
83  c2 -= 'A' - 10;
84  else
85  assert( 0 );
86 
87  *obuf++ = ( c << 4 ) | c2;
88  }
89 
90  return len;
91 }
92 
93 void hexify(unsigned char *obuf, const unsigned char *ibuf, int len)
94 {
95  unsigned char l, h;
96 
97  while (len != 0)
98  {
99  h = (*ibuf) / 16;
100  l = (*ibuf) % 16;
101 
102  if( h < 10 )
103  *obuf++ = '0' + h;
104  else
105  *obuf++ = 'a' + h - 10;
106 
107  if( l < 10 )
108  *obuf++ = '0' + l;
109  else
110  *obuf++ = 'a' + l - 10;
111 
112  ++ibuf;
113  len--;
114  }
115 }
116 
126 static int rnd_std_rand( void *rng_state, unsigned char *output, size_t len )
127 {
128  size_t i;
129 
130  if( rng_state != NULL )
131  rng_state = NULL;
132 
133  for( i = 0; i < len; ++i )
134  output[i] = rand();
135 
136  return( 0 );
137 }
138 
144 static int rnd_zero_rand( void *rng_state, unsigned char *output, size_t len )
145 {
146  if( rng_state != NULL )
147  rng_state = NULL;
148 
149  memset( output, 0, len );
150 
151  return( 0 );
152 }
153 
154 typedef struct
155 {
156  unsigned char *buf;
157  size_t length;
158 } rnd_buf_info;
159 
171 static int rnd_buffer_rand( void *rng_state, unsigned char *output, size_t len )
172 {
173  rnd_buf_info *info = (rnd_buf_info *) rng_state;
174  size_t use_len;
175 
176  if( rng_state == NULL )
177  return( rnd_std_rand( NULL, output, len ) );
178 
179  use_len = len;
180  if( len > info->length )
181  use_len = info->length;
182 
183  if( use_len )
184  {
185  memcpy( output, info->buf, use_len );
186  info->buf += use_len;
187  info->length -= use_len;
188  }
189 
190  if( len - use_len > 0 )
191  return( rnd_std_rand( NULL, output + use_len, len - use_len ) );
192 
193  return( 0 );
194 }
195 
203 typedef struct
204 {
205  uint32_t key[16];
206  uint32_t v0, v1;
208 
217 static int rnd_pseudo_rand( void *rng_state, unsigned char *output, size_t len )
218 {
219  rnd_pseudo_info *info = (rnd_pseudo_info *) rng_state;
220  uint32_t i, *k, sum, delta=0x9E3779B9;
221  unsigned char result[4];
222 
223  if( rng_state == NULL )
224  return( rnd_std_rand( NULL, output, len ) );
225 
226  k = info->key;
227 
228  while( len > 0 )
229  {
230  size_t use_len = ( len > 4 ) ? 4 : len;
231  sum = 0;
232 
233  for( i = 0; i < 32; i++ )
234  {
235  info->v0 += (((info->v1 << 4) ^ (info->v1 >> 5)) + info->v1) ^ (sum + k[sum & 3]);
236  sum += delta;
237  info->v1 += (((info->v0 << 4) ^ (info->v0 >> 5)) + info->v0) ^ (sum + k[(sum>>11) & 3]);
238  }
239 
240  PUT_ULONG_BE( info->v0, result, 0 );
241  memcpy( output, result, use_len );
242  len -= use_len;
243  }
244 
245  return( 0 );
246 }
247 
248 
250 {
251 #ifdef POLARSSL_X509_PARSE_C
252 #ifdef POLARSSL_BIGNUM_C
253 
254 
255  FCT_SUITE_BGN(test_suite_x509parse)
256  {
257 #ifdef POLARSSL_PEM_C
258 #ifdef POLARSSL_FS_IO
259 
260  FCT_TEST_BGN(x509_certificate_information_1)
261  {
262  x509_cert crt;
263  char buf[2000];
264  int res;
265 
266  memset( &crt, 0, sizeof( x509_cert ) );
267  memset( buf, 0, 2000 );
268 
269  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
270  res = x509parse_cert_info( buf, 2000, "", &crt );
271 
272  fct_chk( res != -1 );
273  fct_chk( res != -2 );
274 
275  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 01\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Server 1\nissued on : 2011-02-12 14:44:06\nexpires on : 2021-02-12 14:44:06\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
276  }
277  FCT_TEST_END();
278 #endif /* POLARSSL_PEM_C */
279 #endif /* POLARSSL_FS_IO */
280 
281 #ifdef POLARSSL_PEM_C
282 #ifdef POLARSSL_FS_IO
283 
284  FCT_TEST_BGN(x509_certificate_information_2)
285  {
286  x509_cert crt;
287  char buf[2000];
288  int res;
289 
290  memset( &crt, 0, sizeof( x509_cert ) );
291  memset( buf, 0, 2000 );
292 
293  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
294  res = x509parse_cert_info( buf, 2000, "", &crt );
295 
296  fct_chk( res != -1 );
297  fct_chk( res != -2 );
298 
299  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 02\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=localhost\nissued on : 2011-02-12 14:44:06\nexpires on : 2021-02-12 14:44:06\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
300  }
301  FCT_TEST_END();
302 #endif /* POLARSSL_PEM_C */
303 #endif /* POLARSSL_FS_IO */
304 
305 #ifdef POLARSSL_PEM_C
306 #ifdef POLARSSL_FS_IO
307 
308  FCT_TEST_BGN(x509_certificate_information_3)
309  {
310  x509_cert crt;
311  char buf[2000];
312  int res;
313 
314  memset( &crt, 0, sizeof( x509_cert ) );
315  memset( buf, 0, 2000 );
316 
317  fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
318  res = x509parse_cert_info( buf, 2000, "", &crt );
319 
320  fct_chk( res != -1 );
321  fct_chk( res != -2 );
322 
323  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 00\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nissued on : 2011-02-12 14:44:00\nexpires on : 2021-02-12 14:44:00\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
324  }
325  FCT_TEST_END();
326 #endif /* POLARSSL_PEM_C */
327 #endif /* POLARSSL_FS_IO */
328 
329 #ifdef POLARSSL_PEM_C
330 #ifdef POLARSSL_FS_IO
331 
332  FCT_TEST_BGN(x509_certificate_information_md2_digest)
333  {
334  x509_cert crt;
335  char buf[2000];
336  int res;
337 
338  memset( &crt, 0, sizeof( x509_cert ) );
339  memset( buf, 0, 2000 );
340 
341  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md2.crt" ) == 0 );
342  res = x509parse_cert_info( buf, 2000, "", &crt );
343 
344  fct_chk( res != -1 );
345  fct_chk( res != -2 );
346 
347  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD2\nissued on : 2009-07-12 10:56:59\nexpires on : 2011-07-12 10:56:59\nsigned using : RSA+MD2\nRSA key size : 2048 bits\n" ) == 0 );
348  }
349  FCT_TEST_END();
350 #endif /* POLARSSL_PEM_C */
351 #endif /* POLARSSL_FS_IO */
352 
353 #ifdef POLARSSL_PEM_C
354 #ifdef POLARSSL_FS_IO
355 
356  FCT_TEST_BGN(x509_certificate_information_md4_digest)
357  {
358  x509_cert crt;
359  char buf[2000];
360  int res;
361 
362  memset( &crt, 0, sizeof( x509_cert ) );
363  memset( buf, 0, 2000 );
364 
365  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 );
366  res = x509parse_cert_info( buf, 2000, "", &crt );
367 
368  fct_chk( res != -1 );
369  fct_chk( res != -2 );
370 
371  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 05\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD4\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+MD4\nRSA key size : 2048 bits\n" ) == 0 );
372  }
373  FCT_TEST_END();
374 #endif /* POLARSSL_PEM_C */
375 #endif /* POLARSSL_FS_IO */
376 
377 #ifdef POLARSSL_PEM_C
378 #ifdef POLARSSL_FS_IO
379 
380  FCT_TEST_BGN(x509_certificate_information_md5_digest)
381  {
382  x509_cert crt;
383  char buf[2000];
384  int res;
385 
386  memset( &crt, 0, sizeof( x509_cert ) );
387  memset( buf, 0, 2000 );
388 
389  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 );
390  res = x509parse_cert_info( buf, 2000, "", &crt );
391 
392  fct_chk( res != -1 );
393  fct_chk( res != -2 );
394 
395  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 06\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert MD5\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+MD5\nRSA key size : 2048 bits\n" ) == 0 );
396  }
397  FCT_TEST_END();
398 #endif /* POLARSSL_PEM_C */
399 #endif /* POLARSSL_FS_IO */
400 
401 #ifdef POLARSSL_PEM_C
402 #ifdef POLARSSL_FS_IO
403 
404  FCT_TEST_BGN(x509_certificate_information_sha1_digest)
405  {
406  x509_cert crt;
407  char buf[2000];
408  int res;
409 
410  memset( &crt, 0, sizeof( x509_cert ) );
411  memset( buf, 0, 2000 );
412 
413  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 );
414  res = x509parse_cert_info( buf, 2000, "", &crt );
415 
416  fct_chk( res != -1 );
417  fct_chk( res != -2 );
418 
419  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 07\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA1\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA1\nRSA key size : 2048 bits\n" ) == 0 );
420  }
421  FCT_TEST_END();
422 #endif /* POLARSSL_PEM_C */
423 #endif /* POLARSSL_FS_IO */
424 
425 #ifdef POLARSSL_PEM_C
426 #ifdef POLARSSL_FS_IO
427 
428  FCT_TEST_BGN(x509_certificate_information_sha224_digest)
429  {
430  x509_cert crt;
431  char buf[2000];
432  int res;
433 
434  memset( &crt, 0, sizeof( x509_cert ) );
435  memset( buf, 0, 2000 );
436 
437  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 );
438  res = x509parse_cert_info( buf, 2000, "", &crt );
439 
440  fct_chk( res != -1 );
441  fct_chk( res != -2 );
442 
443  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 08\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA224\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA224\nRSA key size : 2048 bits\n" ) == 0 );
444  }
445  FCT_TEST_END();
446 #endif /* POLARSSL_PEM_C */
447 #endif /* POLARSSL_FS_IO */
448 
449 #ifdef POLARSSL_PEM_C
450 #ifdef POLARSSL_FS_IO
451 
452  FCT_TEST_BGN(x509_certificate_information_sha256_digest)
453  {
454  x509_cert crt;
455  char buf[2000];
456  int res;
457 
458  memset( &crt, 0, sizeof( x509_cert ) );
459  memset( buf, 0, 2000 );
460 
461  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 );
462  res = x509parse_cert_info( buf, 2000, "", &crt );
463 
464  fct_chk( res != -1 );
465  fct_chk( res != -2 );
466 
467  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 09\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA256\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA256\nRSA key size : 2048 bits\n" ) == 0 );
468  }
469  FCT_TEST_END();
470 #endif /* POLARSSL_PEM_C */
471 #endif /* POLARSSL_FS_IO */
472 
473 #ifdef POLARSSL_PEM_C
474 #ifdef POLARSSL_FS_IO
475 
476  FCT_TEST_BGN(x509_certificate_information_sha384_digest)
477  {
478  x509_cert crt;
479  char buf[2000];
480  int res;
481 
482  memset( &crt, 0, sizeof( x509_cert ) );
483  memset( buf, 0, 2000 );
484 
485  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 );
486  res = x509parse_cert_info( buf, 2000, "", &crt );
487 
488  fct_chk( res != -1 );
489  fct_chk( res != -2 );
490 
491  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0A\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA384\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA384\nRSA key size : 2048 bits\n" ) == 0 );
492  }
493  FCT_TEST_END();
494 #endif /* POLARSSL_PEM_C */
495 #endif /* POLARSSL_FS_IO */
496 
497 #ifdef POLARSSL_PEM_C
498 #ifdef POLARSSL_FS_IO
499 
500  FCT_TEST_BGN(x509_certificate_information_sha512_digest)
501  {
502  x509_cert crt;
503  char buf[2000];
504  int res;
505 
506  memset( &crt, 0, sizeof( x509_cert ) );
507  memset( buf, 0, 2000 );
508 
509  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
510  res = x509parse_cert_info( buf, 2000, "", &crt );
511 
512  fct_chk( res != -1 );
513  fct_chk( res != -2 );
514 
515  fct_chk( strcmp( buf, "cert. version : 3\nserial number : 0B\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nsubject name : C=NL, O=PolarSSL, CN=PolarSSL Cert SHA512\nissued on : 2011-02-12 14:44:07\nexpires on : 2021-02-12 14:44:07\nsigned using : RSA+SHA512\nRSA key size : 2048 bits\n" ) == 0 );
516  }
517  FCT_TEST_END();
518 #endif /* POLARSSL_PEM_C */
519 #endif /* POLARSSL_FS_IO */
520 
521 #ifdef POLARSSL_PEM_C
522 #ifdef POLARSSL_FS_IO
523 
524  FCT_TEST_BGN(x509_crl_information_1)
525  {
526  x509_crl crl;
527  char buf[2000];
528  int res;
529 
530  memset( &crl, 0, sizeof( x509_crl ) );
531  memset( buf, 0, 2000 );
532 
533  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
534  res = x509parse_crl_info( buf, 2000, "", &crl );
535 
536  fct_chk( res != -1 );
537  fct_chk( res != -2 );
538 
539  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-20 10:24:19\nnext update : 2011-02-20 11:24:19\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA1\n" ) == 0 );
540  }
541  FCT_TEST_END();
542 #endif /* POLARSSL_PEM_C */
543 #endif /* POLARSSL_FS_IO */
544 
545 #ifdef POLARSSL_PEM_C
546 #ifdef POLARSSL_FS_IO
547 
548  FCT_TEST_BGN(x509_crl_information_md2_digest)
549  {
550  x509_crl crl;
551  char buf[2000];
552  int res;
553 
554  memset( &crl, 0, sizeof( x509_crl ) );
555  memset( buf, 0, 2000 );
556 
557  fct_chk( x509parse_crlfile( &crl, "data_files/crl_md2.pem" ) == 0 );
558  res = x509parse_crl_info( buf, 2000, "", &crl );
559 
560  fct_chk( res != -1 );
561  fct_chk( res != -2 );
562 
563  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2009-07-19 19:56:37\nnext update : 2009-09-17 19:56:37\nRevoked certificates:\nserial number: 01 revocation date: 2009-02-09 21:12:36\nserial number: 03 revocation date: 2009-02-09 21:12:36\nsigned using : RSA+MD2\n" ) == 0 );
564  }
565  FCT_TEST_END();
566 #endif /* POLARSSL_PEM_C */
567 #endif /* POLARSSL_FS_IO */
568 
569 #ifdef POLARSSL_PEM_C
570 #ifdef POLARSSL_FS_IO
571 
572  FCT_TEST_BGN(x509_crl_information_md4_digest)
573  {
574  x509_crl crl;
575  char buf[2000];
576  int res;
577 
578  memset( &crl, 0, sizeof( x509_crl ) );
579  memset( buf, 0, 2000 );
580 
581  fct_chk( x509parse_crlfile( &crl, "data_files/crl_md4.pem" ) == 0 );
582  res = x509parse_crl_info( buf, 2000, "", &crl );
583 
584  fct_chk( res != -1 );
585  fct_chk( res != -2 );
586 
587  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+MD4\n" ) == 0 );
588  }
589  FCT_TEST_END();
590 #endif /* POLARSSL_PEM_C */
591 #endif /* POLARSSL_FS_IO */
592 
593 #ifdef POLARSSL_PEM_C
594 #ifdef POLARSSL_FS_IO
595 
596  FCT_TEST_BGN(x509_crl_information_md5_digest)
597  {
598  x509_crl crl;
599  char buf[2000];
600  int res;
601 
602  memset( &crl, 0, sizeof( x509_crl ) );
603  memset( buf, 0, 2000 );
604 
605  fct_chk( x509parse_crlfile( &crl, "data_files/crl_md5.pem" ) == 0 );
606  res = x509parse_crl_info( buf, 2000, "", &crl );
607 
608  fct_chk( res != -1 );
609  fct_chk( res != -2 );
610 
611  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+MD5\n" ) == 0 );
612  }
613  FCT_TEST_END();
614 #endif /* POLARSSL_PEM_C */
615 #endif /* POLARSSL_FS_IO */
616 
617 #ifdef POLARSSL_PEM_C
618 #ifdef POLARSSL_FS_IO
619 
620  FCT_TEST_BGN(x509_crl_information_sha1_digest)
621  {
622  x509_crl crl;
623  char buf[2000];
624  int res;
625 
626  memset( &crl, 0, sizeof( x509_crl ) );
627  memset( buf, 0, 2000 );
628 
629  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha1.pem" ) == 0 );
630  res = x509parse_crl_info( buf, 2000, "", &crl );
631 
632  fct_chk( res != -1 );
633  fct_chk( res != -2 );
634 
635  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA1\n" ) == 0 );
636  }
637  FCT_TEST_END();
638 #endif /* POLARSSL_PEM_C */
639 #endif /* POLARSSL_FS_IO */
640 
641 #ifdef POLARSSL_PEM_C
642 #ifdef POLARSSL_FS_IO
643 
644  FCT_TEST_BGN(x509_crl_information_sha224_digest)
645  {
646  x509_crl crl;
647  char buf[2000];
648  int res;
649 
650  memset( &crl, 0, sizeof( x509_crl ) );
651  memset( buf, 0, 2000 );
652 
653  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha224.pem" ) == 0 );
654  res = x509parse_crl_info( buf, 2000, "", &crl );
655 
656  fct_chk( res != -1 );
657  fct_chk( res != -2 );
658 
659  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA224\n" ) == 0 );
660  }
661  FCT_TEST_END();
662 #endif /* POLARSSL_PEM_C */
663 #endif /* POLARSSL_FS_IO */
664 
665 #ifdef POLARSSL_PEM_C
666 #ifdef POLARSSL_FS_IO
667 
668  FCT_TEST_BGN(x509_crl_information_sha256_digest)
669  {
670  x509_crl crl;
671  char buf[2000];
672  int res;
673 
674  memset( &crl, 0, sizeof( x509_crl ) );
675  memset( buf, 0, 2000 );
676 
677  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha256.pem" ) == 0 );
678  res = x509parse_crl_info( buf, 2000, "", &crl );
679 
680  fct_chk( res != -1 );
681  fct_chk( res != -2 );
682 
683  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA256\n" ) == 0 );
684  }
685  FCT_TEST_END();
686 #endif /* POLARSSL_PEM_C */
687 #endif /* POLARSSL_FS_IO */
688 
689 #ifdef POLARSSL_PEM_C
690 #ifdef POLARSSL_FS_IO
691 
692  FCT_TEST_BGN(x509_crl_information_sha384_digest)
693  {
694  x509_crl crl;
695  char buf[2000];
696  int res;
697 
698  memset( &crl, 0, sizeof( x509_crl ) );
699  memset( buf, 0, 2000 );
700 
701  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha384.pem" ) == 0 );
702  res = x509parse_crl_info( buf, 2000, "", &crl );
703 
704  fct_chk( res != -1 );
705  fct_chk( res != -2 );
706 
707  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA384\n" ) == 0 );
708  }
709  FCT_TEST_END();
710 #endif /* POLARSSL_PEM_C */
711 #endif /* POLARSSL_FS_IO */
712 
713 #ifdef POLARSSL_PEM_C
714 #ifdef POLARSSL_FS_IO
715 
716  FCT_TEST_BGN(x509_crl_information_sha512_digest)
717  {
718  x509_crl crl;
719  char buf[2000];
720  int res;
721 
722  memset( &crl, 0, sizeof( x509_crl ) );
723  memset( buf, 0, 2000 );
724 
725  fct_chk( x509parse_crlfile( &crl, "data_files/crl_sha512.pem" ) == 0 );
726  res = x509parse_crl_info( buf, 2000, "", &crl );
727 
728  fct_chk( res != -1 );
729  fct_chk( res != -2 );
730 
731  fct_chk( strcmp( buf, "CRL version : 1\nissuer name : C=NL, O=PolarSSL, CN=PolarSSL Test CA\nthis update : 2011-02-12 14:44:07\nnext update : 2011-04-13 14:44:07\nRevoked certificates:\nserial number: 01 revocation date: 2011-02-12 14:44:07\nserial number: 03 revocation date: 2011-02-12 14:44:07\nsigned using : RSA+SHA512\n" ) == 0 );
732  }
733  FCT_TEST_END();
734 #endif /* POLARSSL_PEM_C */
735 #endif /* POLARSSL_FS_IO */
736 
737 #ifdef POLARSSL_MD5_C
738 #ifdef POLARSSL_PEM_C
739 #ifdef POLARSSL_FS_IO
740 
741  FCT_TEST_BGN(x509_parse_key_1_no_password_when_required)
742  {
743  rsa_context rsa;
744  int res;
745 
746  memset( &rsa, 0, sizeof( rsa_context ) );
747 
748  res = x509parse_keyfile( &rsa, "data_files/test-ca.key", NULL );
749 
750  fct_chk( res == POLARSSL_ERR_PEM_PASSWORD_REQUIRED );
751 
752  if( res == 0 )
753  {
754  fct_chk( rsa_check_privkey( &rsa ) == 0 );
755  }
756  }
757  FCT_TEST_END();
758 #endif /* POLARSSL_MD5_C */
759 #endif /* POLARSSL_PEM_C */
760 #endif /* POLARSSL_FS_IO */
761 
762 #ifdef POLARSSL_MD5_C
763 #ifdef POLARSSL_PEM_C
764 #ifdef POLARSSL_FS_IO
765 
766  FCT_TEST_BGN(x509_parse_key_2_correct_password)
767  {
768  rsa_context rsa;
769  int res;
770 
771  memset( &rsa, 0, sizeof( rsa_context ) );
772 
773  res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLTest" );
774 
775  fct_chk( res == 0 );
776 
777  if( res == 0 )
778  {
779  fct_chk( rsa_check_privkey( &rsa ) == 0 );
780  }
781  }
782  FCT_TEST_END();
783 #endif /* POLARSSL_MD5_C */
784 #endif /* POLARSSL_PEM_C */
785 #endif /* POLARSSL_FS_IO */
786 
787 #ifdef POLARSSL_MD5_C
788 #ifdef POLARSSL_PEM_C
789 #ifdef POLARSSL_FS_IO
790 
791  FCT_TEST_BGN(x509_parse_key_3_wrong_password)
792  {
793  rsa_context rsa;
794  int res;
795 
796  memset( &rsa, 0, sizeof( rsa_context ) );
797 
798  res = x509parse_keyfile( &rsa, "data_files/test-ca.key", "PolarSSLWRONG" );
799 
800  fct_chk( res == POLARSSL_ERR_PEM_PASSWORD_MISMATCH );
801 
802  if( res == 0 )
803  {
804  fct_chk( rsa_check_privkey( &rsa ) == 0 );
805  }
806  }
807  FCT_TEST_END();
808 #endif /* POLARSSL_MD5_C */
809 #endif /* POLARSSL_PEM_C */
810 #endif /* POLARSSL_FS_IO */
811 
812 #ifdef POLARSSL_MD5_C
813 #ifdef POLARSSL_DES_C
814 #ifdef POLARSSL_PEM_C
815 #ifdef POLARSSL_FS_IO
816 
817  FCT_TEST_BGN(x509_parse_key_4_des_encrypted)
818  {
819  rsa_context rsa;
820  int res;
821 
822  memset( &rsa, 0, sizeof( rsa_context ) );
823 
824  res = x509parse_keyfile( &rsa, "data_files/keyfile.des", "testkey" );
825 
826  fct_chk( res == 0 );
827 
828  if( res == 0 )
829  {
830  fct_chk( rsa_check_privkey( &rsa ) == 0 );
831  }
832  }
833  FCT_TEST_END();
834 #endif /* POLARSSL_MD5_C */
835 #endif /* POLARSSL_DES_C */
836 #endif /* POLARSSL_PEM_C */
837 #endif /* POLARSSL_FS_IO */
838 
839 #ifdef POLARSSL_MD5_C
840 #ifdef POLARSSL_DES_C
841 #ifdef POLARSSL_PEM_C
842 #ifdef POLARSSL_FS_IO
843 
844  FCT_TEST_BGN(x509_parse_key_5_3des_encrypted)
845  {
846  rsa_context rsa;
847  int res;
848 
849  memset( &rsa, 0, sizeof( rsa_context ) );
850 
851  res = x509parse_keyfile( &rsa, "data_files/keyfile.3des", "testkey" );
852 
853  fct_chk( res == 0 );
854 
855  if( res == 0 )
856  {
857  fct_chk( rsa_check_privkey( &rsa ) == 0 );
858  }
859  }
860  FCT_TEST_END();
861 #endif /* POLARSSL_MD5_C */
862 #endif /* POLARSSL_DES_C */
863 #endif /* POLARSSL_PEM_C */
864 #endif /* POLARSSL_FS_IO */
865 
866 #ifdef POLARSSL_MD5_C
867 #ifdef POLARSSL_AES_C
868 #ifdef POLARSSL_PEM_C
869 #ifdef POLARSSL_FS_IO
870 
871  FCT_TEST_BGN(x509_parse_key_6_aes_128_encrypted)
872  {
873  rsa_context rsa;
874  int res;
875 
876  memset( &rsa, 0, sizeof( rsa_context ) );
877 
878  res = x509parse_keyfile( &rsa, "data_files/keyfile.aes128", "testkey" );
879 
880  fct_chk( res == 0 );
881 
882  if( res == 0 )
883  {
884  fct_chk( rsa_check_privkey( &rsa ) == 0 );
885  }
886  }
887  FCT_TEST_END();
888 #endif /* POLARSSL_MD5_C */
889 #endif /* POLARSSL_AES_C */
890 #endif /* POLARSSL_PEM_C */
891 #endif /* POLARSSL_FS_IO */
892 
893 #ifdef POLARSSL_MD5_C
894 #ifdef POLARSSL_AES_C
895 #ifdef POLARSSL_PEM_C
896 #ifdef POLARSSL_FS_IO
897 
898  FCT_TEST_BGN(x509_parse_key_7_aes_192_encrypted)
899  {
900  rsa_context rsa;
901  int res;
902 
903  memset( &rsa, 0, sizeof( rsa_context ) );
904 
905  res = x509parse_keyfile( &rsa, "data_files/keyfile.aes192", "testkey" );
906 
907  fct_chk( res == 0 );
908 
909  if( res == 0 )
910  {
911  fct_chk( rsa_check_privkey( &rsa ) == 0 );
912  }
913  }
914  FCT_TEST_END();
915 #endif /* POLARSSL_MD5_C */
916 #endif /* POLARSSL_AES_C */
917 #endif /* POLARSSL_PEM_C */
918 #endif /* POLARSSL_FS_IO */
919 
920 #ifdef POLARSSL_MD5_C
921 #ifdef POLARSSL_AES_C
922 #ifdef POLARSSL_PEM_C
923 #ifdef POLARSSL_FS_IO
924 
925  FCT_TEST_BGN(x509_parse_key_8_aes_256_encrypted)
926  {
927  rsa_context rsa;
928  int res;
929 
930  memset( &rsa, 0, sizeof( rsa_context ) );
931 
932  res = x509parse_keyfile( &rsa, "data_files/keyfile.aes256", "testkey" );
933 
934  fct_chk( res == 0 );
935 
936  if( res == 0 )
937  {
938  fct_chk( rsa_check_privkey( &rsa ) == 0 );
939  }
940  }
941  FCT_TEST_END();
942 #endif /* POLARSSL_MD5_C */
943 #endif /* POLARSSL_AES_C */
944 #endif /* POLARSSL_PEM_C */
945 #endif /* POLARSSL_FS_IO */
946 
947 #ifdef POLARSSL_MD5_C
948 #ifdef POLARSSL_PEM_C
949 #ifdef POLARSSL_FS_IO
950 
951  FCT_TEST_BGN(x509_parse_key_9_pkcs8_wrapped)
952  {
953  rsa_context rsa;
954  int res;
955 
956  memset( &rsa, 0, sizeof( rsa_context ) );
957 
958  res = x509parse_keyfile( &rsa, "data_files/format_gen.key", "" );
959 
960  fct_chk( res == 0 );
961 
962  if( res == 0 )
963  {
964  fct_chk( rsa_check_privkey( &rsa ) == 0 );
965  }
966  }
967  FCT_TEST_END();
968 #endif /* POLARSSL_MD5_C */
969 #endif /* POLARSSL_PEM_C */
970 #endif /* POLARSSL_FS_IO */
971 
972 #ifdef POLARSSL_MD5_C
973 #ifdef POLARSSL_PEM_C
974 #ifdef POLARSSL_FS_IO
975 
976  FCT_TEST_BGN(x509_parse_public_key_1_pkcs8_wrapped)
977  {
978  rsa_context rsa;
979  int res;
980 
981  memset( &rsa, 0, sizeof( rsa_context ) );
982 
983  res = x509parse_public_keyfile( &rsa, "data_files/format_gen.pub" );
984 
985  fct_chk( res == 0 );
986 
987  if( res == 0 )
988  {
989  fct_chk( rsa_check_pubkey( &rsa ) == 0 );
990  }
991  }
992  FCT_TEST_END();
993 #endif /* POLARSSL_MD5_C */
994 #endif /* POLARSSL_PEM_C */
995 #endif /* POLARSSL_FS_IO */
996 
997 #ifdef POLARSSL_PEM_C
998 #ifdef POLARSSL_FS_IO
999 
1000  FCT_TEST_BGN(x509_get_distinguished_name_1)
1001  {
1002  x509_cert crt;
1003  char buf[2000];
1004  int res;
1005 
1006  memset( &crt, 0, sizeof( x509_cert ) );
1007  memset( buf, 0, 2000 );
1008 
1009  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1010  res = x509parse_dn_gets( buf, 2000, &crt.subject );
1011 
1012  fct_chk( res != -1 );
1013  fct_chk( res != -2 );
1014 
1015  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Server 1" ) == 0 );
1016  }
1017  FCT_TEST_END();
1018 #endif /* POLARSSL_PEM_C */
1019 #endif /* POLARSSL_FS_IO */
1020 
1021 #ifdef POLARSSL_PEM_C
1022 #ifdef POLARSSL_FS_IO
1023 
1024  FCT_TEST_BGN(x509_get_distinguished_name_2)
1025  {
1026  x509_cert crt;
1027  char buf[2000];
1028  int res;
1029 
1030  memset( &crt, 0, sizeof( x509_cert ) );
1031  memset( buf, 0, 2000 );
1032 
1033  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1034  res = x509parse_dn_gets( buf, 2000, &crt.issuer );
1035 
1036  fct_chk( res != -1 );
1037  fct_chk( res != -2 );
1038 
1039  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 );
1040  }
1041  FCT_TEST_END();
1042 #endif /* POLARSSL_PEM_C */
1043 #endif /* POLARSSL_FS_IO */
1044 
1045 #ifdef POLARSSL_PEM_C
1046 #ifdef POLARSSL_FS_IO
1047 
1048  FCT_TEST_BGN(x509_get_distinguished_name_3)
1049  {
1050  x509_cert crt;
1051  char buf[2000];
1052  int res;
1053 
1054  memset( &crt, 0, sizeof( x509_cert ) );
1055  memset( buf, 0, 2000 );
1056 
1057  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1058  res = x509parse_dn_gets( buf, 2000, &crt.subject );
1059 
1060  fct_chk( res != -1 );
1061  fct_chk( res != -2 );
1062 
1063  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=localhost" ) == 0 );
1064  }
1065  FCT_TEST_END();
1066 #endif /* POLARSSL_PEM_C */
1067 #endif /* POLARSSL_FS_IO */
1068 
1069 #ifdef POLARSSL_PEM_C
1070 #ifdef POLARSSL_FS_IO
1071 
1072  FCT_TEST_BGN(x509_get_distinguished_name_4)
1073  {
1074  x509_cert crt;
1075  char buf[2000];
1076  int res;
1077 
1078  memset( &crt, 0, sizeof( x509_cert ) );
1079  memset( buf, 0, 2000 );
1080 
1081  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1082  res = x509parse_dn_gets( buf, 2000, &crt.issuer );
1083 
1084  fct_chk( res != -1 );
1085  fct_chk( res != -2 );
1086 
1087  fct_chk( strcmp( buf, "C=NL, O=PolarSSL, CN=PolarSSL Test CA" ) == 0 );
1088  }
1089  FCT_TEST_END();
1090 #endif /* POLARSSL_PEM_C */
1091 #endif /* POLARSSL_FS_IO */
1092 
1093 #ifdef POLARSSL_PEM_C
1094 #ifdef POLARSSL_FS_IO
1095 
1096  FCT_TEST_BGN(x509_time_expired_1)
1097  {
1098  x509_cert crt;
1099 
1100  memset( &crt, 0, sizeof( x509_cert ) );
1101 
1102  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1103  fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
1104  }
1105  FCT_TEST_END();
1106 #endif /* POLARSSL_PEM_C */
1107 #endif /* POLARSSL_FS_IO */
1108 
1109 #ifdef POLARSSL_PEM_C
1110 #ifdef POLARSSL_FS_IO
1111 
1112  FCT_TEST_BGN(x509_time_expired_2)
1113  {
1114  x509_cert crt;
1115 
1116  memset( &crt, 0, sizeof( x509_cert ) );
1117 
1118  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1119  fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
1120  }
1121  FCT_TEST_END();
1122 #endif /* POLARSSL_PEM_C */
1123 #endif /* POLARSSL_FS_IO */
1124 
1125 #ifdef POLARSSL_PEM_C
1126 #ifdef POLARSSL_FS_IO
1127 
1128  FCT_TEST_BGN(x509_time_expired_3)
1129  {
1130  x509_cert crt;
1131 
1132  memset( &crt, 0, sizeof( x509_cert ) );
1133 
1134  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1135  fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
1136  }
1137  FCT_TEST_END();
1138 #endif /* POLARSSL_PEM_C */
1139 #endif /* POLARSSL_FS_IO */
1140 
1141 #ifdef POLARSSL_PEM_C
1142 #ifdef POLARSSL_FS_IO
1143 
1144  FCT_TEST_BGN(x509_time_expired_4)
1145  {
1146  x509_cert crt;
1147 
1148  memset( &crt, 0, sizeof( x509_cert ) );
1149 
1150  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1151  fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
1152  }
1153  FCT_TEST_END();
1154 #endif /* POLARSSL_PEM_C */
1155 #endif /* POLARSSL_FS_IO */
1156 
1157 #ifdef POLARSSL_PEM_C
1158 #ifdef POLARSSL_FS_IO
1159 
1160  FCT_TEST_BGN(x509_time_expired_5)
1161  {
1162  x509_cert crt;
1163 
1164  memset( &crt, 0, sizeof( x509_cert ) );
1165 
1166  fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
1167  fct_chk( x509parse_time_expired( &crt.valid_from ) == 1 );
1168  }
1169  FCT_TEST_END();
1170 #endif /* POLARSSL_PEM_C */
1171 #endif /* POLARSSL_FS_IO */
1172 
1173 #ifdef POLARSSL_PEM_C
1174 #ifdef POLARSSL_FS_IO
1175 
1176  FCT_TEST_BGN(x509_time_expired_6polarssl_fs_io)
1177  {
1178  x509_cert crt;
1179 
1180  memset( &crt, 0, sizeof( x509_cert ) );
1181 
1182  fct_chk( x509parse_crtfile( &crt, "data_files/test-ca.crt" ) == 0 );
1183  fct_chk( x509parse_time_expired( &crt.valid_to ) == 0 );
1184  }
1185  FCT_TEST_END();
1186 #endif /* POLARSSL_PEM_C */
1187 #endif /* POLARSSL_FS_IO */
1188 
1189 #ifdef POLARSSL_PEM_C
1190 #ifdef POLARSSL_FS_IO
1191 
1192  FCT_TEST_BGN(x509_certificate_verification_1_revoked_cert_expired_crl)
1193  {
1194  x509_cert crt;
1195  x509_cert ca;
1196  x509_crl crl;
1197  int flags = 0;
1198  int res;
1199 
1200  memset( &crt, 0, sizeof( x509_cert ) );
1201  memset( &ca, 0, sizeof( x509_cert ) );
1202  memset( &crl, 0, sizeof( x509_crl ) );
1203 
1204  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1205  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1206  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1207 
1208  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1209 
1210  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1211  fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) );
1212  }
1213  FCT_TEST_END();
1214 #endif /* POLARSSL_PEM_C */
1215 #endif /* POLARSSL_FS_IO */
1216 
1217 #ifdef POLARSSL_PEM_C
1218 #ifdef POLARSSL_FS_IO
1219 
1220  FCT_TEST_BGN(x509_certificate_verification_2_revoked_cert_expired_crl)
1221  {
1222  x509_cert crt;
1223  x509_cert ca;
1224  x509_crl crl;
1225  int flags = 0;
1226  int res;
1227 
1228  memset( &crt, 0, sizeof( x509_cert ) );
1229  memset( &ca, 0, sizeof( x509_cert ) );
1230  memset( &crl, 0, sizeof( x509_crl ) );
1231 
1232  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1233  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1234  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1235 
1236  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL );
1237 
1238  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1239  fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED ) );
1240  }
1241  FCT_TEST_END();
1242 #endif /* POLARSSL_PEM_C */
1243 #endif /* POLARSSL_FS_IO */
1244 
1245 #ifdef POLARSSL_PEM_C
1246 #ifdef POLARSSL_FS_IO
1247 
1248  FCT_TEST_BGN(x509_certificate_verification_3_revoked_cert_expired_crl_cn_mismatch)
1249  {
1250  x509_cert crt;
1251  x509_cert ca;
1252  x509_crl crl;
1253  int flags = 0;
1254  int res;
1255 
1256  memset( &crt, 0, sizeof( x509_cert ) );
1257  memset( &ca, 0, sizeof( x509_cert ) );
1258  memset( &crl, 0, sizeof( x509_crl ) );
1259 
1260  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1261  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1262  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1263 
1264  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL );
1265 
1266  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1267  fct_chk( flags == ( BADCERT_REVOKED | BADCRL_EXPIRED | BADCERT_CN_MISMATCH ) );
1268  }
1269  FCT_TEST_END();
1270 #endif /* POLARSSL_PEM_C */
1271 #endif /* POLARSSL_FS_IO */
1272 
1273 #ifdef POLARSSL_PEM_C
1274 #ifdef POLARSSL_FS_IO
1275 
1276  FCT_TEST_BGN(x509_certificate_verification_4_valid_cert_expired_crl)
1277  {
1278  x509_cert crt;
1279  x509_cert ca;
1280  x509_crl crl;
1281  int flags = 0;
1282  int res;
1283 
1284  memset( &crt, 0, sizeof( x509_cert ) );
1285  memset( &ca, 0, sizeof( x509_cert ) );
1286  memset( &crl, 0, sizeof( x509_crl ) );
1287 
1288  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1289  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1290  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1291 
1292  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1293 
1294  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1295  fct_chk( flags == ( BADCRL_EXPIRED ) );
1296  }
1297  FCT_TEST_END();
1298 #endif /* POLARSSL_PEM_C */
1299 #endif /* POLARSSL_FS_IO */
1300 
1301 #ifdef POLARSSL_PEM_C
1302 #ifdef POLARSSL_FS_IO
1303 
1304  FCT_TEST_BGN(x509_certificate_verification_5_revoked_cert)
1305  {
1306  x509_cert crt;
1307  x509_cert ca;
1308  x509_crl crl;
1309  int flags = 0;
1310  int res;
1311 
1312  memset( &crt, 0, sizeof( x509_cert ) );
1313  memset( &ca, 0, sizeof( x509_cert ) );
1314  memset( &crl, 0, sizeof( x509_crl ) );
1315 
1316  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1317  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1318  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1319 
1320  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1321 
1322  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1323  fct_chk( flags == ( BADCERT_REVOKED ) );
1324  }
1325  FCT_TEST_END();
1326 #endif /* POLARSSL_PEM_C */
1327 #endif /* POLARSSL_FS_IO */
1328 
1329 #ifdef POLARSSL_PEM_C
1330 #ifdef POLARSSL_FS_IO
1331 
1332  FCT_TEST_BGN(x509_certificate_verification_6_revoked_cert)
1333  {
1334  x509_cert crt;
1335  x509_cert ca;
1336  x509_crl crl;
1337  int flags = 0;
1338  int res;
1339 
1340  memset( &crt, 0, sizeof( x509_cert ) );
1341  memset( &ca, 0, sizeof( x509_cert ) );
1342  memset( &crl, 0, sizeof( x509_crl ) );
1343 
1344  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1345  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1346  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1347 
1348  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Server 1", &flags, NULL, NULL );
1349 
1350  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1351  fct_chk( flags == ( BADCERT_REVOKED ) );
1352  }
1353  FCT_TEST_END();
1354 #endif /* POLARSSL_PEM_C */
1355 #endif /* POLARSSL_FS_IO */
1356 
1357 #ifdef POLARSSL_PEM_C
1358 #ifdef POLARSSL_FS_IO
1359 
1360  FCT_TEST_BGN(x509_certificate_verification_7_revoked_cert_cn_mismatch)
1361  {
1362  x509_cert crt;
1363  x509_cert ca;
1364  x509_crl crl;
1365  int flags = 0;
1366  int res;
1367 
1368  memset( &crt, 0, sizeof( x509_cert ) );
1369  memset( &ca, 0, sizeof( x509_cert ) );
1370  memset( &crl, 0, sizeof( x509_crl ) );
1371 
1372  fct_chk( x509parse_crtfile( &crt, "data_files/server1.crt" ) == 0 );
1373  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1374  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1375 
1376  res = x509parse_verify( &crt, &ca, &crl, "PolarSSL Wrong CN", &flags, NULL, NULL );
1377 
1378  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1379  fct_chk( flags == ( BADCERT_REVOKED | BADCERT_CN_MISMATCH ) );
1380  }
1381  FCT_TEST_END();
1382 #endif /* POLARSSL_PEM_C */
1383 #endif /* POLARSSL_FS_IO */
1384 
1385 #ifdef POLARSSL_PEM_C
1386 #ifdef POLARSSL_FS_IO
1387 
1388  FCT_TEST_BGN(x509_certificate_verification_8_valid_cert)
1389  {
1390  x509_cert crt;
1391  x509_cert ca;
1392  x509_crl crl;
1393  int flags = 0;
1394  int res;
1395 
1396  memset( &crt, 0, sizeof( x509_cert ) );
1397  memset( &ca, 0, sizeof( x509_cert ) );
1398  memset( &crl, 0, sizeof( x509_crl ) );
1399 
1400  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1401  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1402  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1403 
1404  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1405 
1406  fct_chk( res == ( 0 ) );
1407  fct_chk( flags == ( 0 ) );
1408  }
1409  FCT_TEST_END();
1410 #endif /* POLARSSL_PEM_C */
1411 #endif /* POLARSSL_FS_IO */
1412 
1413 #ifdef POLARSSL_PEM_C
1414 #ifdef POLARSSL_FS_IO
1415 
1416  FCT_TEST_BGN(x509_certificate_verification_9_not_trusted_cert)
1417  {
1418  x509_cert crt;
1419  x509_cert ca;
1420  x509_crl crl;
1421  int flags = 0;
1422  int res;
1423 
1424  memset( &crt, 0, sizeof( x509_cert ) );
1425  memset( &ca, 0, sizeof( x509_cert ) );
1426  memset( &crl, 0, sizeof( x509_crl ) );
1427 
1428  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1429  fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
1430  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1431 
1432  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1433 
1434  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1435  fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
1436  }
1437  FCT_TEST_END();
1438 #endif /* POLARSSL_PEM_C */
1439 #endif /* POLARSSL_FS_IO */
1440 
1441 #ifdef POLARSSL_PEM_C
1442 #ifdef POLARSSL_FS_IO
1443 
1444  FCT_TEST_BGN(x509_certificate_verification_10_not_trusted_cert_expired_crl)
1445  {
1446  x509_cert crt;
1447  x509_cert ca;
1448  x509_crl crl;
1449  int flags = 0;
1450  int res;
1451 
1452  memset( &crt, 0, sizeof( x509_cert ) );
1453  memset( &ca, 0, sizeof( x509_cert ) );
1454  memset( &crl, 0, sizeof( x509_crl ) );
1455 
1456  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1457  fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
1458  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1459 
1460  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1461 
1462  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1463  fct_chk( flags == ( BADCERT_NOT_TRUSTED ) );
1464  }
1465  FCT_TEST_END();
1466 #endif /* POLARSSL_PEM_C */
1467 #endif /* POLARSSL_FS_IO */
1468 
1469 #ifdef POLARSSL_MD4_C
1470 #ifdef POLARSSL_PEM_C
1471 #ifdef POLARSSL_FS_IO
1472 
1473  FCT_TEST_BGN(x509_certificate_verification_12_valid_cert_md4_digest)
1474  {
1475  x509_cert crt;
1476  x509_cert ca;
1477  x509_crl crl;
1478  int flags = 0;
1479  int res;
1480 
1481  memset( &crt, 0, sizeof( x509_cert ) );
1482  memset( &ca, 0, sizeof( x509_cert ) );
1483  memset( &crl, 0, sizeof( x509_crl ) );
1484 
1485  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md4.crt" ) == 0 );
1486  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1487  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1488 
1489  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1490 
1491  fct_chk( res == ( 0 ) );
1492  fct_chk( flags == ( 0 ) );
1493  }
1494  FCT_TEST_END();
1495 #endif /* POLARSSL_MD4_C */
1496 #endif /* POLARSSL_PEM_C */
1497 #endif /* POLARSSL_FS_IO */
1498 
1499 #ifdef POLARSSL_MD5_C
1500 #ifdef POLARSSL_PEM_C
1501 #ifdef POLARSSL_FS_IO
1502 
1503  FCT_TEST_BGN(x509_certificate_verification_13_valid_cert_md5_digest)
1504  {
1505  x509_cert crt;
1506  x509_cert ca;
1507  x509_crl crl;
1508  int flags = 0;
1509  int res;
1510 
1511  memset( &crt, 0, sizeof( x509_cert ) );
1512  memset( &ca, 0, sizeof( x509_cert ) );
1513  memset( &crl, 0, sizeof( x509_crl ) );
1514 
1515  fct_chk( x509parse_crtfile( &crt, "data_files/cert_md5.crt" ) == 0 );
1516  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1517  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1518 
1519  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1520 
1521  fct_chk( res == ( 0 ) );
1522  fct_chk( flags == ( 0 ) );
1523  }
1524  FCT_TEST_END();
1525 #endif /* POLARSSL_MD5_C */
1526 #endif /* POLARSSL_PEM_C */
1527 #endif /* POLARSSL_FS_IO */
1528 
1529 #ifdef POLARSSL_SHA1_C
1530 #ifdef POLARSSL_PEM_C
1531 #ifdef POLARSSL_FS_IO
1532 
1533  FCT_TEST_BGN(x509_certificate_verification_14_valid_cert_sha1_digest)
1534  {
1535  x509_cert crt;
1536  x509_cert ca;
1537  x509_crl crl;
1538  int flags = 0;
1539  int res;
1540 
1541  memset( &crt, 0, sizeof( x509_cert ) );
1542  memset( &ca, 0, sizeof( x509_cert ) );
1543  memset( &crl, 0, sizeof( x509_crl ) );
1544 
1545  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha1.crt" ) == 0 );
1546  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1547  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1548 
1549  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1550 
1551  fct_chk( res == ( 0 ) );
1552  fct_chk( flags == ( 0 ) );
1553  }
1554  FCT_TEST_END();
1555 #endif /* POLARSSL_SHA1_C */
1556 #endif /* POLARSSL_PEM_C */
1557 #endif /* POLARSSL_FS_IO */
1558 
1559 #ifdef POLARSSL_SHA2_C
1560 #ifdef POLARSSL_PEM_C
1561 #ifdef POLARSSL_FS_IO
1562 
1563  FCT_TEST_BGN(x509_certificate_verification_15_valid_cert_sha224_digest)
1564  {
1565  x509_cert crt;
1566  x509_cert ca;
1567  x509_crl crl;
1568  int flags = 0;
1569  int res;
1570 
1571  memset( &crt, 0, sizeof( x509_cert ) );
1572  memset( &ca, 0, sizeof( x509_cert ) );
1573  memset( &crl, 0, sizeof( x509_crl ) );
1574 
1575  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha224.crt" ) == 0 );
1576  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1577  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1578 
1579  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1580 
1581  fct_chk( res == ( 0 ) );
1582  fct_chk( flags == ( 0 ) );
1583  }
1584  FCT_TEST_END();
1585 #endif /* POLARSSL_SHA2_C */
1586 #endif /* POLARSSL_PEM_C */
1587 #endif /* POLARSSL_FS_IO */
1588 
1589 #ifdef POLARSSL_SHA2_C
1590 #ifdef POLARSSL_PEM_C
1591 #ifdef POLARSSL_FS_IO
1592 
1593  FCT_TEST_BGN(x509_certificate_verification_16_valid_cert_sha256_digest)
1594  {
1595  x509_cert crt;
1596  x509_cert ca;
1597  x509_crl crl;
1598  int flags = 0;
1599  int res;
1600 
1601  memset( &crt, 0, sizeof( x509_cert ) );
1602  memset( &ca, 0, sizeof( x509_cert ) );
1603  memset( &crl, 0, sizeof( x509_crl ) );
1604 
1605  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha256.crt" ) == 0 );
1606  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1607  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1608 
1609  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1610 
1611  fct_chk( res == ( 0 ) );
1612  fct_chk( flags == ( 0 ) );
1613  }
1614  FCT_TEST_END();
1615 #endif /* POLARSSL_SHA2_C */
1616 #endif /* POLARSSL_PEM_C */
1617 #endif /* POLARSSL_FS_IO */
1618 
1619 #ifdef POLARSSL_SHA4_C
1620 #ifdef POLARSSL_PEM_C
1621 #ifdef POLARSSL_FS_IO
1622 
1623  FCT_TEST_BGN(x509_certificate_verification_17_valid_cert_sha384_digest)
1624  {
1625  x509_cert crt;
1626  x509_cert ca;
1627  x509_crl crl;
1628  int flags = 0;
1629  int res;
1630 
1631  memset( &crt, 0, sizeof( x509_cert ) );
1632  memset( &ca, 0, sizeof( x509_cert ) );
1633  memset( &crl, 0, sizeof( x509_crl ) );
1634 
1635  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha384.crt" ) == 0 );
1636  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1637  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1638 
1639  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1640 
1641  fct_chk( res == ( 0 ) );
1642  fct_chk( flags == ( 0 ) );
1643  }
1644  FCT_TEST_END();
1645 #endif /* POLARSSL_SHA4_C */
1646 #endif /* POLARSSL_PEM_C */
1647 #endif /* POLARSSL_FS_IO */
1648 
1649 #ifdef POLARSSL_SHA4_C
1650 #ifdef POLARSSL_PEM_C
1651 #ifdef POLARSSL_FS_IO
1652 
1653  FCT_TEST_BGN(x509_certificate_verification_18_valid_cert_sha512_digest)
1654  {
1655  x509_cert crt;
1656  x509_cert ca;
1657  x509_crl crl;
1658  int flags = 0;
1659  int res;
1660 
1661  memset( &crt, 0, sizeof( x509_cert ) );
1662  memset( &ca, 0, sizeof( x509_cert ) );
1663  memset( &crl, 0, sizeof( x509_crl ) );
1664 
1665  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
1666  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1667  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1668 
1669  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, NULL, NULL );
1670 
1671  fct_chk( res == ( 0 ) );
1672  fct_chk( flags == ( 0 ) );
1673  }
1674  FCT_TEST_END();
1675 #endif /* POLARSSL_SHA4_C */
1676 #endif /* POLARSSL_PEM_C */
1677 #endif /* POLARSSL_FS_IO */
1678 
1679 #ifdef POLARSSL_SHA4_C
1680 #ifdef POLARSSL_PEM_C
1681 #ifdef POLARSSL_FS_IO
1682 
1683  FCT_TEST_BGN(x509_certificate_verification_19_valid_cert_denying_callback)
1684  {
1685  x509_cert crt;
1686  x509_cert ca;
1687  x509_crl crl;
1688  int flags = 0;
1689  int res;
1690 
1691  memset( &crt, 0, sizeof( x509_cert ) );
1692  memset( &ca, 0, sizeof( x509_cert ) );
1693  memset( &crl, 0, sizeof( x509_crl ) );
1694 
1695  fct_chk( x509parse_crtfile( &crt, "data_files/cert_sha512.crt" ) == 0 );
1696  fct_chk( x509parse_crtfile( &ca, "data_files/test-ca.crt" ) == 0 );
1697  fct_chk( x509parse_crlfile( &crl, "data_files/crl.pem" ) == 0 );
1698 
1699  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, &verify_none, NULL );
1700 
1701  fct_chk( res == ( POLARSSL_ERR_X509_CERT_VERIFY_FAILED ) );
1702  fct_chk( flags == ( 0 ) );
1703  }
1704  FCT_TEST_END();
1705 #endif /* POLARSSL_SHA4_C */
1706 #endif /* POLARSSL_PEM_C */
1707 #endif /* POLARSSL_FS_IO */
1708 
1709 #ifdef POLARSSL_PEM_C
1710 #ifdef POLARSSL_FS_IO
1711 
1712  FCT_TEST_BGN(x509_certificate_verification_20_not_trusted_cert_allowing_callback)
1713  {
1714  x509_cert crt;
1715  x509_cert ca;
1716  x509_crl crl;
1717  int flags = 0;
1718  int res;
1719 
1720  memset( &crt, 0, sizeof( x509_cert ) );
1721  memset( &ca, 0, sizeof( x509_cert ) );
1722  memset( &crl, 0, sizeof( x509_crl ) );
1723 
1724  fct_chk( x509parse_crtfile( &crt, "data_files/server2.crt" ) == 0 );
1725  fct_chk( x509parse_crtfile( &ca, "data_files/server1.crt" ) == 0 );
1726  fct_chk( x509parse_crlfile( &crl, "data_files/crl_expired.pem" ) == 0 );
1727 
1728  res = x509parse_verify( &crt, &ca, &crl, NULL, &flags, &verify_all, NULL );
1729 
1730  fct_chk( res == ( 0 ) );
1731  fct_chk( flags == ( 0 ) );
1732  }
1733  FCT_TEST_END();
1734 #endif /* POLARSSL_PEM_C */
1735 #endif /* POLARSSL_FS_IO */
1736 
1737 #ifdef POLARSSL_MD5_C
1738 #ifdef POLARSSL_PEM_C
1739 #ifdef POLARSSL_SELF_TEST
1740 
1741  FCT_TEST_BGN(x509_parse_selftest)
1742  {
1743  fct_chk( x509_self_test( 0 ) == 0 );
1744  }
1745  FCT_TEST_END();
1746 #endif /* POLARSSL_MD5_C */
1747 #endif /* POLARSSL_PEM_C */
1748 #endif /* POLARSSL_SELF_TEST */
1749 
1750 
1751  FCT_TEST_BGN(x509_certificate_asn1_incorrect_first_tag)
1752  {
1753  x509_cert crt;
1754  unsigned char buf[2000];
1755  unsigned char output[2000];
1756  int data_len, res;
1757 
1758  memset( &crt, 0, sizeof( x509_cert ) );
1759  memset( buf, 0, 2000 );
1760  memset( output, 0, 2000 );
1761 
1762  data_len = unhexify( buf, "" );
1763 
1764  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) );
1766  {
1767  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1768 
1769  fct_chk( res != -1 );
1770  fct_chk( res != -2 );
1771 
1772  fct_chk( strcmp( (char *) output, "" ) == 0 );
1773  }
1774  }
1775  FCT_TEST_END();
1776 
1777 
1778  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_data_length_does_not_match)
1779  {
1780  x509_cert crt;
1781  unsigned char buf[2000];
1782  unsigned char output[2000];
1783  int data_len, res;
1784 
1785  memset( &crt, 0, sizeof( x509_cert ) );
1786  memset( buf, 0, 2000 );
1787  memset( output, 0, 2000 );
1788 
1789  data_len = unhexify( buf, "300000" );
1790 
1793  {
1794  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1795 
1796  fct_chk( res != -1 );
1797  fct_chk( res != -2 );
1798 
1799  fct_chk( strcmp( (char *) output, "" ) == 0 );
1800  }
1801  }
1802  FCT_TEST_END();
1803 
1804 
1805  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_no_more_data)
1806  {
1807  x509_cert crt;
1808  unsigned char buf[2000];
1809  unsigned char output[2000];
1810  int data_len, res;
1811 
1812  memset( &crt, 0, sizeof( x509_cert ) );
1813  memset( buf, 0, 2000 );
1814  memset( output, 0, 2000 );
1815 
1816  data_len = unhexify( buf, "3000" );
1817 
1818  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
1820  {
1821  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1822 
1823  fct_chk( res != -1 );
1824  fct_chk( res != -2 );
1825 
1826  fct_chk( strcmp( (char *) output, "" ) == 0 );
1827  }
1828  }
1829  FCT_TEST_END();
1830 
1831 
1832  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incorrect)
1833  {
1834  x509_cert crt;
1835  unsigned char buf[2000];
1836  unsigned char output[2000];
1837  int data_len, res;
1838 
1839  memset( &crt, 0, sizeof( x509_cert ) );
1840  memset( buf, 0, 2000 );
1841  memset( output, 0, 2000 );
1842 
1843  data_len = unhexify( buf, "30023085" );
1844 
1847  {
1848  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1849 
1850  fct_chk( res != -1 );
1851  fct_chk( res != -2 );
1852 
1853  fct_chk( strcmp( (char *) output, "" ) == 0 );
1854  }
1855  }
1856  FCT_TEST_END();
1857 
1858 
1859  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
1860  {
1861  x509_cert crt;
1862  unsigned char buf[2000];
1863  unsigned char output[2000];
1864  int data_len, res;
1865 
1866  memset( &crt, 0, sizeof( x509_cert ) );
1867  memset( buf, 0, 2000 );
1868  memset( output, 0, 2000 );
1869 
1870  data_len = unhexify( buf, "30023083" );
1871 
1872  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
1874  {
1875  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1876 
1877  fct_chk( res != -1 );
1878  fct_chk( res != -2 );
1879 
1880  fct_chk( strcmp( (char *) output, "" ) == 0 );
1881  }
1882  }
1883  FCT_TEST_END();
1884 
1885 
1886  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
1887  {
1888  x509_cert crt;
1889  unsigned char buf[2000];
1890  unsigned char output[2000];
1891  int data_len, res;
1892 
1893  memset( &crt, 0, sizeof( x509_cert ) );
1894  memset( buf, 0, 2000 );
1895  memset( output, 0, 2000 );
1896 
1897  data_len = unhexify( buf, "30023081" );
1898 
1899  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
1901  {
1902  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1903 
1904  fct_chk( res != -1 );
1905  fct_chk( res != -2 );
1906 
1907  fct_chk( strcmp( (char *) output, "" ) == 0 );
1908  }
1909  }
1910  FCT_TEST_END();
1911 
1912 
1913  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_length_data_incomplete)
1914  {
1915  x509_cert crt;
1916  unsigned char buf[2000];
1917  unsigned char output[2000];
1918  int data_len, res;
1919 
1920  memset( &crt, 0, sizeof( x509_cert ) );
1921  memset( buf, 0, 2000 );
1922  memset( output, 0, 2000 );
1923 
1924  data_len = unhexify( buf, "3003308200" );
1925 
1926  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
1928  {
1929  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1930 
1931  fct_chk( res != -1 );
1932  fct_chk( res != -2 );
1933 
1934  fct_chk( strcmp( (char *) output, "" ) == 0 );
1935  }
1936  }
1937  FCT_TEST_END();
1938 
1939 
1940  FCT_TEST_BGN(x509_certificate_asn1_correct_first_tag_second_tag_no_tbscertificate)
1941  {
1942  x509_cert crt;
1943  unsigned char buf[2000];
1944  unsigned char output[2000];
1945  int data_len, res;
1946 
1947  memset( &crt, 0, sizeof( x509_cert ) );
1948  memset( buf, 0, 2000 );
1949  memset( output, 0, 2000 );
1950 
1951  data_len = unhexify( buf, "300100" );
1952 
1955  {
1956  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1957 
1958  fct_chk( res != -1 );
1959  fct_chk( res != -2 );
1960 
1961  fct_chk( strcmp( (char *) output, "" ) == 0 );
1962  }
1963  }
1964  FCT_TEST_END();
1965 
1966 
1967  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_no_version_tag_serial_missing)
1968  {
1969  x509_cert crt;
1970  unsigned char buf[2000];
1971  unsigned char output[2000];
1972  int data_len, res;
1973 
1974  memset( &crt, 0, sizeof( x509_cert ) );
1975  memset( buf, 0, 2000 );
1976  memset( output, 0, 2000 );
1977 
1978  data_len = unhexify( buf, "3003300100" );
1979 
1982  {
1983  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
1984 
1985  fct_chk( res != -1 );
1986  fct_chk( res != -2 );
1987 
1988  fct_chk( strcmp( (char *) output, "" ) == 0 );
1989  }
1990  }
1991  FCT_TEST_END();
1992 
1993 
1994  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_version_tag)
1995  {
1996  x509_cert crt;
1997  unsigned char buf[2000];
1998  unsigned char output[2000];
1999  int data_len, res;
2000 
2001  memset( &crt, 0, sizeof( x509_cert ) );
2002  memset( buf, 0, 2000 );
2003  memset( output, 0, 2000 );
2004 
2005  data_len = unhexify( buf, "30053003a00101" );
2006 
2009  {
2010  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2011 
2012  fct_chk( res != -1 );
2013  fct_chk( res != -2 );
2014 
2015  fct_chk( strcmp( (char *) output, "" ) == 0 );
2016  }
2017  }
2018  FCT_TEST_END();
2019 
2020 
2021  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_length)
2022  {
2023  x509_cert crt;
2024  unsigned char buf[2000];
2025  unsigned char output[2000];
2026  int data_len, res;
2027 
2028  memset( &crt, 0, sizeof( x509_cert ) );
2029  memset( buf, 0, 2000 );
2030  memset( output, 0, 2000 );
2031 
2032  data_len = unhexify( buf, "30053003a00102" );
2033 
2034  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2036  {
2037  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2038 
2039  fct_chk( res != -1 );
2040  fct_chk( res != -2 );
2041 
2042  fct_chk( strcmp( (char *) output, "" ) == 0 );
2043  }
2044  }
2045  FCT_TEST_END();
2046 
2047 
2048  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_invalid_length)
2049  {
2050  x509_cert crt;
2051  unsigned char buf[2000];
2052  unsigned char output[2000];
2053  int data_len, res;
2054 
2055  memset( &crt, 0, sizeof( x509_cert ) );
2056  memset( buf, 0, 2000 );
2057  memset( output, 0, 2000 );
2058 
2059  data_len = unhexify( buf, "30163014a012021000000000000000000000000000000000" );
2060 
2063  {
2064  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2065 
2066  fct_chk( res != -1 );
2067  fct_chk( res != -2 );
2068 
2069  fct_chk( strcmp( (char *) output, "" ) == 0 );
2070  }
2071  }
2072  FCT_TEST_END();
2073 
2074 
2075  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_version_tag_no_serial)
2076  {
2077  x509_cert crt;
2078  unsigned char buf[2000];
2079  unsigned char output[2000];
2080  int data_len, res;
2081 
2082  memset( &crt, 0, sizeof( x509_cert ) );
2083  memset( buf, 0, 2000 );
2084  memset( output, 0, 2000 );
2085 
2086  data_len = unhexify( buf, "30073005a003020104" );
2087 
2088  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2090  {
2091  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2092 
2093  fct_chk( res != -1 );
2094  fct_chk( res != -2 );
2095 
2096  fct_chk( strcmp( (char *) output, "" ) == 0 );
2097  }
2098  }
2099  FCT_TEST_END();
2100 
2101 
2102  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_length_version_tag)
2103  {
2104  x509_cert crt;
2105  unsigned char buf[2000];
2106  unsigned char output[2000];
2107  int data_len, res;
2108 
2109  memset( &crt, 0, sizeof( x509_cert ) );
2110  memset( buf, 0, 2000 );
2111  memset( output, 0, 2000 );
2112 
2113  data_len = unhexify( buf, "30083006a00402010400" );
2114 
2117  {
2118  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2119 
2120  fct_chk( res != -1 );
2121  fct_chk( res != -2 );
2122 
2123  fct_chk( strcmp( (char *) output, "" ) == 0 );
2124  }
2125  }
2126  FCT_TEST_END();
2127 
2128 
2129  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_tag)
2130  {
2131  x509_cert crt;
2132  unsigned char buf[2000];
2133  unsigned char output[2000];
2134  int data_len, res;
2135 
2136  memset( &crt, 0, sizeof( x509_cert ) );
2137  memset( buf, 0, 2000 );
2138  memset( output, 0, 2000 );
2139 
2140  data_len = unhexify( buf, "30083006a00302010400" );
2141 
2144  {
2145  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2146 
2147  fct_chk( res != -1 );
2148  fct_chk( res != -2 );
2149 
2150  fct_chk( strcmp( (char *) output, "" ) == 0 );
2151  }
2152  }
2153  FCT_TEST_END();
2154 
2155 
2156  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_incorrect_serial_length)
2157  {
2158  x509_cert crt;
2159  unsigned char buf[2000];
2160  unsigned char output[2000];
2161  int data_len, res;
2162 
2163  memset( &crt, 0, sizeof( x509_cert ) );
2164  memset( buf, 0, 2000 );
2165  memset( output, 0, 2000 );
2166 
2167  data_len = unhexify( buf, "30083006a00302010482" );
2168 
2169  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SERIAL + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2171  {
2172  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2173 
2174  fct_chk( res != -1 );
2175  fct_chk( res != -2 );
2176 
2177  fct_chk( strcmp( (char *) output, "" ) == 0 );
2178  }
2179  }
2180  FCT_TEST_END();
2181 
2182 
2183  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg)
2184  {
2185  x509_cert crt;
2186  unsigned char buf[2000];
2187  unsigned char output[2000];
2188  int data_len, res;
2189 
2190  memset( &crt, 0, sizeof( x509_cert ) );
2191  memset( buf, 0, 2000 );
2192  memset( output, 0, 2000 );
2193 
2194  data_len = unhexify( buf, "300d300ba0030201048204deadbeef" );
2195 
2196  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2198  {
2199  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2200 
2201  fct_chk( res != -1 );
2202  fct_chk( res != -2 );
2203 
2204  fct_chk( strcmp( (char *) output, "" ) == 0 );
2205  }
2206  }
2207  FCT_TEST_END();
2208 
2209 
2210  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_serial_no_alg_oid)
2211  {
2212  x509_cert crt;
2213  unsigned char buf[2000];
2214  unsigned char output[2000];
2215  int data_len, res;
2216 
2217  memset( &crt, 0, sizeof( x509_cert ) );
2218  memset( buf, 0, 2000 );
2219  memset( output, 0, 2000 );
2220 
2221  data_len = unhexify( buf, "300e300ca0030201048204deadbeef00" );
2222 
2223  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
2225  {
2226  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2227 
2228  fct_chk( res != -1 );
2229  fct_chk( res != -2 );
2230 
2231  fct_chk( strcmp( (char *) output, "" ) == 0 );
2232  }
2233  }
2234  FCT_TEST_END();
2235 
2236 
2237  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_oid_no_data_in_sequence)
2238  {
2239  x509_cert crt;
2240  unsigned char buf[2000];
2241  unsigned char output[2000];
2242  int data_len, res;
2243 
2244  memset( &crt, 0, sizeof( x509_cert ) );
2245  memset( buf, 0, 2000 );
2246  memset( output, 0, 2000 );
2247 
2248  data_len = unhexify( buf, "300f300da0030201048204deadbeef3000" );
2249 
2250  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2252  {
2253  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2254 
2255  fct_chk( res != -1 );
2256  fct_chk( res != -2 );
2257 
2258  fct_chk( strcmp( (char *) output, "" ) == 0 );
2259  }
2260  }
2261  FCT_TEST_END();
2262 
2263 
2264  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_alg_with_params)
2265  {
2266  x509_cert crt;
2267  unsigned char buf[2000];
2268  unsigned char output[2000];
2269  int data_len, res;
2270 
2271  memset( &crt, 0, sizeof( x509_cert ) );
2272  memset( buf, 0, 2000 );
2273  memset( output, 0, 2000 );
2274 
2275  data_len = unhexify( buf, "30163014a0030201048204deadbeef30070604cafed00d01" );
2276 
2277  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
2279  {
2280  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2281 
2282  fct_chk( res != -1 );
2283  fct_chk( res != -2 );
2284 
2285  fct_chk( strcmp( (char *) output, "" ) == 0 );
2286  }
2287  }
2288  FCT_TEST_END();
2289 
2290 
2291  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_no_params_unknown_version)
2292  {
2293  x509_cert crt;
2294  unsigned char buf[2000];
2295  unsigned char output[2000];
2296  int data_len, res;
2297 
2298  memset( &crt, 0, sizeof( x509_cert ) );
2299  memset( buf, 0, 2000 );
2300  memset( output, 0, 2000 );
2301 
2302  data_len = unhexify( buf, "30153013a0030201048204deadbeef30060604cafed00d" );
2303 
2304  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
2306  {
2307  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2308 
2309  fct_chk( res != -1 );
2310  fct_chk( res != -2 );
2311 
2312  fct_chk( strcmp( (char *) output, "" ) == 0 );
2313  }
2314  }
2315  FCT_TEST_END();
2316 
2317 
2318  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_unknown_version)
2319  {
2320  x509_cert crt;
2321  unsigned char buf[2000];
2322  unsigned char output[2000];
2323  int data_len, res;
2324 
2325  memset( &crt, 0, sizeof( x509_cert ) );
2326  memset( buf, 0, 2000 );
2327  memset( output, 0, 2000 );
2328 
2329  data_len = unhexify( buf, "30173015a0030201048204deadbeef30080604cafed00d0500" );
2330 
2331  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
2333  {
2334  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2335 
2336  fct_chk( res != -1 );
2337  fct_chk( res != -2 );
2338 
2339  fct_chk( strcmp( (char *) output, "" ) == 0 );
2340  }
2341  }
2342  FCT_TEST_END();
2343 
2344 
2345  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_data_length_mismatch)
2346  {
2347  x509_cert crt;
2348  unsigned char buf[2000];
2349  unsigned char output[2000];
2350  int data_len, res;
2351 
2352  memset( &crt, 0, sizeof( x509_cert ) );
2353  memset( buf, 0, 2000 );
2354  memset( output, 0, 2000 );
2355 
2356  data_len = unhexify( buf, "30183016a0030201048204deadbeef30090604cafed00d050000" );
2357 
2358  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
2360  {
2361  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2362 
2363  fct_chk( res != -1 );
2364  fct_chk( res != -2 );
2365 
2366  fct_chk( strcmp( (char *) output, "" ) == 0 );
2367  }
2368  }
2369  FCT_TEST_END();
2370 
2371 
2372  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_alg_id)
2373  {
2374  x509_cert crt;
2375  unsigned char buf[2000];
2376  unsigned char output[2000];
2377  int data_len, res;
2378 
2379  memset( &crt, 0, sizeof( x509_cert ) );
2380  memset( buf, 0, 2000 );
2381  memset( output, 0, 2000 );
2382 
2383  data_len = unhexify( buf, "30173015a0030201028204deadbeef30080604cafed00d0500" );
2384 
2385  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
2387  {
2388  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2389 
2390  fct_chk( res != -1 );
2391  fct_chk( res != -2 );
2392 
2393  fct_chk( strcmp( (char *) output, "" ) == 0 );
2394  }
2395  }
2396  FCT_TEST_END();
2397 
2398 
2399  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_specific_alg_id)
2400  {
2401  x509_cert crt;
2402  unsigned char buf[2000];
2403  unsigned char output[2000];
2404  int data_len, res;
2405 
2406  memset( &crt, 0, sizeof( x509_cert ) );
2407  memset( buf, 0, 2000 );
2408  memset( output, 0, 2000 );
2409 
2410  data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101020500" );
2411 
2412  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2414  {
2415  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2416 
2417  fct_chk( res != -1 );
2418  fct_chk( res != -2 );
2419 
2420  fct_chk( strcmp( (char *) output, "" ) == 0 );
2421  }
2422  }
2423  FCT_TEST_END();
2424 
2425 
2426  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_correct_alg_unknown_specific_alg_id)
2427  {
2428  x509_cert crt;
2429  unsigned char buf[2000];
2430  unsigned char output[2000];
2431  int data_len, res;
2432 
2433  memset( &crt, 0, sizeof( x509_cert ) );
2434  memset( buf, 0, 2000 );
2435  memset( output, 0, 2000 );
2436 
2437  data_len = unhexify( buf, "301c301aa0030201028204deadbeef300d06092a864886f70d0101010500" );
2438 
2439  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
2441  {
2442  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2443 
2444  fct_chk( res != -1 );
2445  fct_chk( res != -2 );
2446 
2447  fct_chk( strcmp( (char *) output, "" ) == 0 );
2448  }
2449  }
2450  FCT_TEST_END();
2451 
2452 
2453  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_set_data)
2454  {
2455  x509_cert crt;
2456  unsigned char buf[2000];
2457  unsigned char output[2000];
2458  int data_len, res;
2459 
2460  memset( &crt, 0, sizeof( x509_cert ) );
2461  memset( buf, 0, 2000 );
2462  memset( output, 0, 2000 );
2463 
2464  data_len = unhexify( buf, "301e301ca0030201028204deadbeef300d06092a864886f70d01010205003000" );
2465 
2466  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2468  {
2469  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2470 
2471  fct_chk( res != -1 );
2472  fct_chk( res != -2 );
2473 
2474  fct_chk( strcmp( (char *) output, "" ) == 0 );
2475  }
2476  }
2477  FCT_TEST_END();
2478 
2479 
2480  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_seq_data)
2481  {
2482  x509_cert crt;
2483  unsigned char buf[2000];
2484  unsigned char output[2000];
2485  int data_len, res;
2486 
2487  memset( &crt, 0, sizeof( x509_cert ) );
2488  memset( buf, 0, 2000 );
2489  memset( output, 0, 2000 );
2490 
2491  data_len = unhexify( buf, "3020301ea0030201028204deadbeef300d06092a864886f70d010102050030023100" );
2492 
2493  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2495  {
2496  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2497 
2498  fct_chk( res != -1 );
2499  fct_chk( res != -2 );
2500 
2501  fct_chk( strcmp( (char *) output, "" ) == 0 );
2502  }
2503  }
2504  FCT_TEST_END();
2505 
2506 
2507  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_inner_set_data)
2508  {
2509  x509_cert crt;
2510  unsigned char buf[2000];
2511  unsigned char output[2000];
2512  int data_len, res;
2513 
2514  memset( &crt, 0, sizeof( x509_cert ) );
2515  memset( buf, 0, 2000 );
2516  memset( output, 0, 2000 );
2517 
2518  data_len = unhexify( buf, "30223020a0030201028204deadbeef300d06092a864886f70d0101020500300431023000" );
2519 
2520  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2522  {
2523  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2524 
2525  fct_chk( res != -1 );
2526  fct_chk( res != -2 );
2527 
2528  fct_chk( strcmp( (char *) output, "" ) == 0 );
2529  }
2530  }
2531  FCT_TEST_END();
2532 
2533 
2534  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_two_inner_set_datas)
2535  {
2536  x509_cert crt;
2537  unsigned char buf[2000];
2538  unsigned char output[2000];
2539  int data_len, res;
2540 
2541  memset( &crt, 0, sizeof( x509_cert ) );
2542  memset( buf, 0, 2000 );
2543  memset( output, 0, 2000 );
2544 
2545  data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430003000" );
2546 
2547  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
2549  {
2550  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2551 
2552  fct_chk( res != -1 );
2553  fct_chk( res != -2 );
2554 
2555  fct_chk( strcmp( (char *) output, "" ) == 0 );
2556  }
2557  }
2558  FCT_TEST_END();
2559 
2560 
2561  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_oid_data)
2562  {
2563  x509_cert crt;
2564  unsigned char buf[2000];
2565  unsigned char output[2000];
2566  int data_len, res;
2567 
2568  memset( &crt, 0, sizeof( x509_cert ) );
2569  memset( buf, 0, 2000 );
2570  memset( output, 0, 2000 );
2571 
2572  data_len = unhexify( buf, "30243022a0030201028204deadbeef300d06092a864886f70d01010205003006310430020600" );
2573 
2574  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2576  {
2577  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2578 
2579  fct_chk( res != -1 );
2580  fct_chk( res != -2 );
2581 
2582  fct_chk( strcmp( (char *) output, "" ) == 0 );
2583  }
2584  }
2585  FCT_TEST_END();
2586 
2587 
2588  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_invalid_tag)
2589  {
2590  x509_cert crt;
2591  unsigned char buf[2000];
2592  unsigned char output[2000];
2593  int data_len, res;
2594 
2595  memset( &crt, 0, sizeof( x509_cert ) );
2596  memset( buf, 0, 2000 );
2597  memset( output, 0, 2000 );
2598 
2599  data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600060454657374" );
2600 
2601  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
2603  {
2604  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2605 
2606  fct_chk( res != -1 );
2607  fct_chk( res != -2 );
2608 
2609  fct_chk( strcmp( (char *) output, "" ) == 0 );
2610  }
2611  }
2612  FCT_TEST_END();
2613 
2614 
2615  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_string_data)
2616  {
2617  x509_cert crt;
2618  unsigned char buf[2000];
2619  unsigned char output[2000];
2620  int data_len, res;
2621 
2622  memset( &crt, 0, sizeof( x509_cert ) );
2623  memset( buf, 0, 2000 );
2624  memset( output, 0, 2000 );
2625 
2626  data_len = unhexify( buf, "30253023a0030201028204deadbeef300d06092a864886f70d0101020500300731053003060013" );
2627 
2628  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2630  {
2631  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2632 
2633  fct_chk( res != -1 );
2634  fct_chk( res != -2 );
2635 
2636  fct_chk( strcmp( (char *) output, "" ) == 0 );
2637  }
2638  }
2639  FCT_TEST_END();
2640 
2641 
2642  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_issuer_no_full_following_string)
2643  {
2644  x509_cert crt;
2645  unsigned char buf[2000];
2646  unsigned char output[2000];
2647  int data_len, res;
2648 
2649  memset( &crt, 0, sizeof( x509_cert ) );
2650  memset( buf, 0, 2000 );
2651  memset( output, 0, 2000 );
2652 
2653  data_len = unhexify( buf, "302b3029a0030201028204deadbeef300d06092a864886f70d0101020500300d310b3009060013045465737400" );
2654 
2655  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
2657  {
2658  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2659 
2660  fct_chk( res != -1 );
2661  fct_chk( res != -2 );
2662 
2663  fct_chk( strcmp( (char *) output, "" ) == 0 );
2664  }
2665  }
2666  FCT_TEST_END();
2667 
2668 
2669  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_issuer_no_validity)
2670  {
2671  x509_cert crt;
2672  unsigned char buf[2000];
2673  unsigned char output[2000];
2674  int data_len, res;
2675 
2676  memset( &crt, 0, sizeof( x509_cert ) );
2677  memset( buf, 0, 2000 );
2678  memset( output, 0, 2000 );
2679 
2680  data_len = unhexify( buf, "302a3028a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374" );
2681 
2682  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2684  {
2685  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2686 
2687  fct_chk( res != -1 );
2688  fct_chk( res != -2 );
2689 
2690  fct_chk( strcmp( (char *) output, "" ) == 0 );
2691  }
2692  }
2693  FCT_TEST_END();
2694 
2695 
2696  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_too_much_date_data)
2697  {
2698  x509_cert crt;
2699  unsigned char buf[2000];
2700  unsigned char output[2000];
2701  int data_len, res;
2702 
2703  memset( &crt, 0, sizeof( x509_cert ) );
2704  memset( buf, 0, 2000 );
2705  memset( output, 0, 2000 );
2706 
2707  data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301d170c303930313031303030303030170c30393132333132333539353900" );
2708 
2709  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
2711  {
2712  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2713 
2714  fct_chk( res != -1 );
2715  fct_chk( res != -2 );
2716 
2717  fct_chk( strcmp( (char *) output, "" ) == 0 );
2718  }
2719  }
2720  FCT_TEST_END();
2721 
2722 
2723  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_from_date)
2724  {
2725  x509_cert crt;
2726  unsigned char buf[2000];
2727  unsigned char output[2000];
2728  int data_len, res;
2729 
2730  memset( &crt, 0, sizeof( x509_cert ) );
2731  memset( buf, 0, 2000 );
2732  memset( output, 0, 2000 );
2733 
2734  data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303000000000170c303931323331323300000000" );
2735 
2736  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) );
2738  {
2739  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2740 
2741  fct_chk( res != -1 );
2742  fct_chk( res != -2 );
2743 
2744  fct_chk( strcmp( (char *) output, "" ) == 0 );
2745  }
2746  }
2747  FCT_TEST_END();
2748 
2749 
2750  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_invalid_to_date)
2751  {
2752  x509_cert crt;
2753  unsigned char buf[2000];
2754  unsigned char output[2000];
2755  int data_len, res;
2756 
2757  memset( &crt, 0, sizeof( x509_cert ) );
2758  memset( buf, 0, 2000 );
2759  memset( output, 0, 2000 );
2760 
2761  data_len = unhexify( buf, "30483046a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323300000000" );
2762 
2763  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE ) );
2765  {
2766  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2767 
2768  fct_chk( res != -1 );
2769  fct_chk( res != -2 );
2770 
2771  fct_chk( strcmp( (char *) output, "" ) == 0 );
2772  }
2773  }
2774  FCT_TEST_END();
2775 
2776 
2777  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_validity_no_subject)
2778  {
2779  x509_cert crt;
2780  unsigned char buf[2000];
2781  unsigned char output[2000];
2782  int data_len, res;
2783 
2784  memset( &crt, 0, sizeof( x509_cert ) );
2785  memset( buf, 0, 2000 );
2786  memset( output, 0, 2000 );
2787 
2788  data_len = unhexify( buf, "30493047a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c30393132333132333539353930" );
2789 
2790  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2792  {
2793  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2794 
2795  fct_chk( res != -1 );
2796  fct_chk( res != -2 );
2797 
2798  fct_chk( strcmp( (char *) output, "" ) == 0 );
2799  }
2800  }
2801  FCT_TEST_END();
2802 
2803 
2804  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_no_pubkeyinfo)
2805  {
2806  x509_cert crt;
2807  unsigned char buf[2000];
2808  unsigned char output[2000];
2809  int data_len, res;
2810 
2811  memset( &crt, 0, sizeof( x509_cert ) );
2812  memset( buf, 0, 2000 );
2813  memset( output, 0, 2000 );
2814 
2815  data_len = unhexify( buf, "30563054a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374" );
2816 
2817  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2819  {
2820  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2821 
2822  fct_chk( res != -1 );
2823  fct_chk( res != -2 );
2824 
2825  fct_chk( strcmp( (char *) output, "" ) == 0 );
2826  }
2827  }
2828  FCT_TEST_END();
2829 
2830 
2831  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_alg)
2832  {
2833  x509_cert crt;
2834  unsigned char buf[2000];
2835  unsigned char output[2000];
2836  int data_len, res;
2837 
2838  memset( &crt, 0, sizeof( x509_cert ) );
2839  memset( buf, 0, 2000 );
2840  memset( output, 0, 2000 );
2841 
2842  data_len = unhexify( buf, "30583056a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743000" );
2843 
2844  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2846  {
2847  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2848 
2849  fct_chk( res != -1 );
2850  fct_chk( res != -2 );
2851 
2852  fct_chk( strcmp( (char *) output, "" ) == 0 );
2853  }
2854  }
2855  FCT_TEST_END();
2856 
2857 
2858  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_valid_subject_unknown_pk_alg)
2859  {
2860  x509_cert crt;
2861  unsigned char buf[2000];
2862  unsigned char output[2000];
2863  int data_len, res;
2864 
2865  memset( &crt, 0, sizeof( x509_cert ) );
2866  memset( buf, 0, 2000 );
2867  memset( output, 0, 2000 );
2868 
2869  data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101000500" );
2870 
2871  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) );
2872  if( ( POLARSSL_ERR_X509_UNKNOWN_PK_ALG ) == 0 )
2873  {
2874  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2875 
2876  fct_chk( res != -1 );
2877  fct_chk( res != -2 );
2878 
2879  fct_chk( strcmp( (char *) output, "" ) == 0 );
2880  }
2881  }
2882  FCT_TEST_END();
2883 
2884 
2885  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring)
2886  {
2887  x509_cert crt;
2888  unsigned char buf[2000];
2889  unsigned char output[2000];
2890  int data_len, res;
2891 
2892  memset( &crt, 0, sizeof( x509_cert ) );
2893  memset( buf, 0, 2000 );
2894  memset( output, 0, 2000 );
2895 
2896  data_len = unhexify( buf, "30673065a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374300f300d06092A864886F70D0101010500" );
2897 
2898  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2900  {
2901  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2902 
2903  fct_chk( res != -1 );
2904  fct_chk( res != -2 );
2905 
2906  fct_chk( strcmp( (char *) output, "" ) == 0 );
2907  }
2908  }
2909  FCT_TEST_END();
2910 
2911 
2912  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_no_bitstring_data)
2913  {
2914  x509_cert crt;
2915  unsigned char buf[2000];
2916  unsigned char output[2000];
2917  int data_len, res;
2918 
2919  memset( &crt, 0, sizeof( x509_cert ) );
2920  memset( buf, 0, 2000 );
2921  memset( output, 0, 2000 );
2922 
2923  data_len = unhexify( buf, "30693067a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743011300d06092A864886F70D01010105000300" );
2924 
2925  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
2927  {
2928  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2929 
2930  fct_chk( res != -1 );
2931  fct_chk( res != -2 );
2932 
2933  fct_chk( strcmp( (char *) output, "" ) == 0 );
2934  }
2935  }
2936  FCT_TEST_END();
2937 
2938 
2939  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_bitstring_start)
2940  {
2941  x509_cert crt;
2942  unsigned char buf[2000];
2943  unsigned char output[2000];
2944  int data_len, res;
2945 
2946  memset( &crt, 0, sizeof( x509_cert ) );
2947  memset( buf, 0, 2000 );
2948  memset( output, 0, 2000 );
2949 
2950  data_len = unhexify( buf, "306a3068a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743012300d06092A864886F70D0101010500030101" );
2951 
2952  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_PUBKEY ) );
2954  {
2955  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2956 
2957  fct_chk( res != -1 );
2958  fct_chk( res != -2 );
2959 
2960  fct_chk( strcmp( (char *) output, "" ) == 0 );
2961  }
2962  }
2963  FCT_TEST_END();
2964 
2965 
2966  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_length)
2967  {
2968  x509_cert crt;
2969  unsigned char buf[2000];
2970  unsigned char output[2000];
2971  int data_len, res;
2972 
2973  memset( &crt, 0, sizeof( x509_cert ) );
2974  memset( buf, 0, 2000 );
2975  memset( output, 0, 2000 );
2976 
2977  data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400300000" );
2978 
2981  {
2982  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
2983 
2984  fct_chk( res != -1 );
2985  fct_chk( res != -2 );
2986 
2987  fct_chk( strcmp( (char *) output, "" ) == 0 );
2988  }
2989  }
2990  FCT_TEST_END();
2991 
2992 
2993  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_internal_bitstring_tag)
2994  {
2995  x509_cert crt;
2996  unsigned char buf[2000];
2997  unsigned char output[2000];
2998  int data_len, res;
2999 
3000  memset( &crt, 0, sizeof( x509_cert ) );
3001  memset( buf, 0, 2000 );
3002  memset( output, 0, 2000 );
3003 
3004  data_len = unhexify( buf, "306d306ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a300806001304546573743015300d06092A864886F70D0101010500030400310000" );
3005 
3008  {
3009  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3010 
3011  fct_chk( res != -1 );
3012  fct_chk( res != -2 );
3013 
3014  fct_chk( strcmp( (char *) output, "" ) == 0 );
3015  }
3016  }
3017  FCT_TEST_END();
3018 
3019 
3020  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_invalid_mpi)
3021  {
3022  x509_cert crt;
3023  unsigned char buf[2000];
3024  unsigned char output[2000];
3025  int data_len, res;
3026 
3027  memset( &crt, 0, sizeof( x509_cert ) );
3028  memset( buf, 0, 2000 );
3029  memset( output, 0, 2000 );
3030 
3031  data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0302ffff" );
3032 
3035  {
3036  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3037 
3038  fct_chk( res != -1 );
3039  fct_chk( res != -2 );
3040 
3041  fct_chk( strcmp( (char *) output, "" ) == 0 );
3042  }
3043  }
3044  FCT_TEST_END();
3045 
3046 
3047  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_total_length_mismatch)
3048  {
3049  x509_cert crt;
3050  unsigned char buf[2000];
3051  unsigned char output[2000];
3052  int data_len, res;
3053 
3054  memset( &crt, 0, sizeof( x509_cert ) );
3055  memset( buf, 0, 2000 );
3056  memset( output, 0, 2000 );
3057 
3058  data_len = unhexify( buf, "30753073a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301d300d06092A864886F70D0101010500030b0030080202ffff0202ffff00" );
3059 
3062  {
3063  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3064 
3065  fct_chk( res != -1 );
3066  fct_chk( res != -2 );
3067 
3068  fct_chk( strcmp( (char *) output, "" ) == 0 );
3069  }
3070  }
3071  FCT_TEST_END();
3072 
3073 
3074  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed)
3075  {
3076  x509_cert crt;
3077  unsigned char buf[2000];
3078  unsigned char output[2000];
3079  int data_len, res;
3080 
3081  memset( &crt, 0, sizeof( x509_cert ) );
3082  memset( buf, 0, 2000 );
3083  memset( output, 0, 2000 );
3084 
3085  data_len = unhexify( buf, "30743072a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374301c300d06092A864886F70D0101010500030b0030080202ffff0202ffff" );
3086 
3087  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
3088  if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
3089  {
3090  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3091 
3092  fct_chk( res != -1 );
3093  fct_chk( res != -2 );
3094 
3095  fct_chk( strcmp( (char *) output, "" ) == 0 );
3096  }
3097  }
3098  FCT_TEST_END();
3099 
3100 
3101  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_pubkey_check_failed_expanded_length_notation)
3102  {
3103  x509_cert crt;
3104  unsigned char buf[2000];
3105  unsigned char output[2000];
3106  int data_len, res;
3107 
3108  memset( &crt, 0, sizeof( x509_cert ) );
3109  memset( buf, 0, 2000 );
3110  memset( output, 0, 2000 );
3111 
3112  data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210fffffffffffffffffffffffffffffffe0202ffff" );
3113 
3114  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
3115  if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
3116  {
3117  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3118 
3119  fct_chk( res != -1 );
3120  fct_chk( res != -2 );
3121 
3122  fct_chk( strcmp( (char *) output, "" ) == 0 );
3123  }
3124  }
3125  FCT_TEST_END();
3126 
3127 
3128  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_optional_uids_extensions_not_present)
3129  {
3130  x509_cert crt;
3131  unsigned char buf[2000];
3132  unsigned char output[2000];
3133  int data_len, res;
3134 
3135  memset( &crt, 0, sizeof( x509_cert ) );
3136  memset( buf, 0, 2000 );
3137  memset( output, 0, 2000 );
3138 
3139  data_len = unhexify( buf, "308183308180a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" );
3140 
3141  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3143  {
3144  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3145 
3146  fct_chk( res != -1 );
3147  fct_chk( res != -2 );
3148 
3149  fct_chk( strcmp( (char *) output, "" ) == 0 );
3150  }
3151  }
3152  FCT_TEST_END();
3153 
3154 
3155  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_issuerid_wrong_tag)
3156  {
3157  x509_cert crt;
3158  unsigned char buf[2000];
3159  unsigned char output[2000];
3160  int data_len, res;
3161 
3162  memset( &crt, 0, sizeof( x509_cert ) );
3163  memset( buf, 0, 2000 );
3164  memset( output, 0, 2000 );
3165 
3166  data_len = unhexify( buf, "308184308181a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff00" );
3167 
3170  {
3171  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3172 
3173  fct_chk( res != -1 );
3174  fct_chk( res != -2 );
3175 
3176  fct_chk( strcmp( (char *) output, "" ) == 0 );
3177  }
3178  }
3179  FCT_TEST_END();
3180 
3181 
3182  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_no_ext)
3183  {
3184  x509_cert crt;
3185  unsigned char buf[2000];
3186  unsigned char output[2000];
3187  int data_len, res;
3188 
3189  memset( &crt, 0, sizeof( x509_cert ) );
3190  memset( buf, 0, 2000 );
3191  memset( output, 0, 2000 );
3192 
3193  data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bb" );
3194 
3195  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3197  {
3198  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3199 
3200  fct_chk( res != -1 );
3201  fct_chk( res != -2 );
3202 
3203  fct_chk( strcmp( (char *) output, "" ) == 0 );
3204  }
3205  }
3206  FCT_TEST_END();
3207 
3208 
3209  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_uids_invalid_length)
3210  {
3211  x509_cert crt;
3212  unsigned char buf[2000];
3213  unsigned char output[2000];
3214  int data_len, res;
3215 
3216  memset( &crt, 0, sizeof( x509_cert ) );
3217  memset( buf, 0, 2000 );
3218  memset( output, 0, 2000 );
3219 
3220  data_len = unhexify( buf, "308189308186a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa185aaa201bb" );
3221 
3222  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) );
3223  if( ( POLARSSL_ERR_ASN1_INVALID_LENGTH ) == 0 )
3224  {
3225  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3226 
3227  fct_chk( res != -1 );
3228  fct_chk( res != -2 );
3229 
3230  fct_chk( strcmp( (char *) output, "" ) == 0 );
3231  }
3232  }
3233  FCT_TEST_END();
3234 
3235 
3236  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_empty)
3237  {
3238  x509_cert crt;
3239  unsigned char buf[2000];
3240  unsigned char output[2000];
3241  int data_len, res;
3242 
3243  memset( &crt, 0, sizeof( x509_cert ) );
3244  memset( buf, 0, 2000 );
3245  memset( output, 0, 2000 );
3246 
3247  data_len = unhexify( buf, "30818b308188a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba300" );
3248 
3251  {
3252  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3253 
3254  fct_chk( res != -1 );
3255  fct_chk( res != -2 );
3256 
3257  fct_chk( strcmp( (char *) output, "" ) == 0 );
3258  }
3259  }
3260  FCT_TEST_END();
3261 
3262 
3263  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_length_mismatch)
3264  {
3265  x509_cert crt;
3266  unsigned char buf[2000];
3267  unsigned char output[2000];
3268  int data_len, res;
3269 
3270  memset( &crt, 0, sizeof( x509_cert ) );
3271  memset( buf, 0, 2000 );
3272  memset( output, 0, 2000 );
3273 
3274  data_len = unhexify( buf, "30818e30818ba0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba303300000" );
3275 
3278  {
3279  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3280 
3281  fct_chk( res != -1 );
3282  fct_chk( res != -2 );
3283 
3284  fct_chk( strcmp( (char *) output, "" ) == 0 );
3285  }
3286  }
3287  FCT_TEST_END();
3288 
3289 
3290  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid)
3291  {
3292  x509_cert crt;
3293  unsigned char buf[2000];
3294  unsigned char output[2000];
3295  int data_len, res;
3296 
3297  memset( &crt, 0, sizeof( x509_cert ) );
3298  memset( buf, 0, 2000 );
3299  memset( output, 0, 2000 );
3300 
3301  data_len = unhexify( buf, "30818f30818ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30330023000" );
3302 
3305  {
3306  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3307 
3308  fct_chk( res != -1 );
3309  fct_chk( res != -2 );
3310 
3311  fct_chk( strcmp( (char *) output, "" ) == 0 );
3312  }
3313  }
3314  FCT_TEST_END();
3315 
3316 
3317  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_first_ext_invalid_tag)
3318  {
3319  x509_cert crt;
3320  unsigned char buf[2000];
3321  unsigned char output[2000];
3322  int data_len, res;
3323 
3324  memset( &crt, 0, sizeof( x509_cert ) );
3325  memset( buf, 0, 2000 );
3326  memset( output, 0, 2000 );
3327 
3328  data_len = unhexify( buf, "30819030818da0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba3043002310000" );
3329 
3332  {
3333  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3334 
3335  fct_chk( res != -1 );
3336  fct_chk( res != -2 );
3337 
3338  fct_chk( strcmp( (char *) output, "" ) == 0 );
3339  }
3340  }
3341  FCT_TEST_END();
3342 
3343 
3344  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_bool_len_missing)
3345  {
3346  x509_cert crt;
3347  unsigned char buf[2000];
3348  unsigned char output[2000];
3349  int data_len, res;
3350 
3351  memset( &crt, 0, sizeof( x509_cert ) );
3352  memset( buf, 0, 2000 );
3353  memset( output, 0, 2000 );
3354 
3355  data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30060603551d1301010100" );
3356 
3359  {
3360  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3361 
3362  fct_chk( res != -1 );
3363  fct_chk( res != -2 );
3364 
3365  fct_chk( strcmp( (char *) output, "" ) == 0 );
3366  }
3367  }
3368  FCT_TEST_END();
3369 
3370 
3371  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_data_missing)
3372  {
3373  x509_cert crt;
3374  unsigned char buf[2000];
3375  unsigned char output[2000];
3376  int data_len, res;
3377 
3378  memset( &crt, 0, sizeof( x509_cert ) );
3379  memset( buf, 0, 2000 );
3380  memset( output, 0, 2000 );
3381 
3382  data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30c300a30080603551d1301010100" );
3383 
3386  {
3387  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3388 
3389  fct_chk( res != -1 );
3390  fct_chk( res != -2 );
3391 
3392  fct_chk( strcmp( (char *) output, "" ) == 0 );
3393  }
3394  }
3395  FCT_TEST_END();
3396 
3397 
3398  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_octet_present)
3399  {
3400  x509_cert crt;
3401  unsigned char buf[2000];
3402  unsigned char output[2000];
3403  int data_len, res;
3404 
3405  memset( &crt, 0, sizeof( x509_cert ) );
3406  memset( buf, 0, 2000 );
3407  memset( output, 0, 2000 );
3408 
3409  data_len = unhexify( buf, "308198308195a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba30d300b30090603551d1301010100" );
3410 
3413  {
3414  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3415 
3416  fct_chk( res != -1 );
3417  fct_chk( res != -2 );
3418 
3419  fct_chk( strcmp( (char *) output, "" ) == 0 );
3420  }
3421  }
3422  FCT_TEST_END();
3423 
3424 
3425  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_data_missing)
3426  {
3427  x509_cert crt;
3428  unsigned char buf[2000];
3429  unsigned char output[2000];
3430  int data_len, res;
3431 
3432  memset( &crt, 0, sizeof( x509_cert ) );
3433  memset( buf, 0, 2000 );
3434  memset( output, 0, 2000 );
3435 
3436  data_len = unhexify( buf, "30819c308199a0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba311300f300d0603551d130101010403300100" );
3437 
3440  {
3441  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3442 
3443  fct_chk( res != -1 );
3444  fct_chk( res != -2 );
3445 
3446  fct_chk( strcmp( (char *) output, "" ) == 0 );
3447  }
3448  }
3449  FCT_TEST_END();
3450 
3451 
3452  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_no_pathlen)
3453  {
3454  x509_cert crt;
3455  unsigned char buf[2000];
3456  unsigned char output[2000];
3457  int data_len, res;
3458 
3459  memset( &crt, 0, sizeof( x509_cert ) );
3460  memset( buf, 0, 2000 );
3461  memset( output, 0, 2000 );
3462 
3463  data_len = unhexify( buf, "30819f30819ca0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba314301230100603551d130101010406300402010102" );
3464 
3467  {
3468  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3469 
3470  fct_chk( res != -1 );
3471  fct_chk( res != -2 );
3472 
3473  fct_chk( strcmp( (char *) output, "" ) == 0 );
3474  }
3475  }
3476  FCT_TEST_END();
3477 
3478 
3479  FCT_TEST_BGN(x509_certificate_asn1_tbscertificate_v3_ext_basiccontraint_tag_octet_len_mismatch)
3480  {
3481  x509_cert crt;
3482  unsigned char buf[2000];
3483  unsigned char output[2000];
3484  int data_len, res;
3485 
3486  memset( &crt, 0, sizeof( x509_cert ) );
3487  memset( buf, 0, 2000 );
3488  memset( output, 0, 2000 );
3489 
3490  data_len = unhexify( buf, "3081a230819fa0030201028204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffffa101aaa201bba317301530130603551d130101010409300702010102010100" );
3491 
3494  {
3495  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3496 
3497  fct_chk( res != -1 );
3498  fct_chk( res != -2 );
3499 
3500  fct_chk( strcmp( (char *) output, "" ) == 0 );
3501  }
3502  }
3503  FCT_TEST_END();
3504 
3505 
3506  FCT_TEST_BGN(x509_certificate_asn1_correct_pubkey_no_sig_alg)
3507  {
3508  x509_cert crt;
3509  unsigned char buf[2000];
3510  unsigned char output[2000];
3511  int data_len, res;
3512 
3513  memset( &crt, 0, sizeof( x509_cert ) );
3514  memset( buf, 0, 2000 );
3515  memset( output, 0, 2000 );
3516 
3517  data_len = unhexify( buf, "308183308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff" );
3518 
3519  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
3521  {
3522  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3523 
3524  fct_chk( res != -1 );
3525  fct_chk( res != -2 );
3526 
3527  fct_chk( strcmp( (char *) output, "" ) == 0 );
3528  }
3529  }
3530  FCT_TEST_END();
3531 
3532 
3533  FCT_TEST_BGN(x509_certificate_asn1_sig_alg_mismatch)
3534  {
3535  x509_cert crt;
3536  unsigned char buf[2000];
3537  unsigned char output[2000];
3538  int data_len, res;
3539 
3540  memset( &crt, 0, sizeof( x509_cert ) );
3541  memset( buf, 0, 2000 );
3542  memset( output, 0, 2000 );
3543 
3544  data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0102020500" );
3545 
3546  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) );
3548  {
3549  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3550 
3551  fct_chk( res != -1 );
3552  fct_chk( res != -2 );
3553 
3554  fct_chk( strcmp( (char *) output, "" ) == 0 );
3555  }
3556  }
3557  FCT_TEST_END();
3558 
3559 
3560  FCT_TEST_BGN(x509_certificate_asn1_sig_alg_no_sig)
3561  {
3562  x509_cert crt;
3563  unsigned char buf[2000];
3564  unsigned char output[2000];
3565  int data_len, res;
3566 
3567  memset( &crt, 0, sizeof( x509_cert ) );
3568  memset( buf, 0, 2000 );
3569  memset( output, 0, 2000 );
3570 
3571  data_len = unhexify( buf, "308192308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500" );
3572 
3575  {
3576  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3577 
3578  fct_chk( res != -1 );
3579  fct_chk( res != -2 );
3580 
3581  fct_chk( strcmp( (char *) output, "" ) == 0 );
3582  }
3583  }
3584  FCT_TEST_END();
3585 
3586 
3587  FCT_TEST_BGN(x509_certificate_asn1_signature_invalid_sig_data)
3588  {
3589  x509_cert crt;
3590  unsigned char buf[2000];
3591  unsigned char output[2000];
3592  int data_len, res;
3593 
3594  memset( &crt, 0, sizeof( x509_cert ) );
3595  memset( buf, 0, 2000 );
3596  memset( output, 0, 2000 );
3597 
3598  data_len = unhexify( buf, "308195308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030100" );
3599 
3600  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_SIGNATURE ) );
3602  {
3603  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3604 
3605  fct_chk( res != -1 );
3606  fct_chk( res != -2 );
3607 
3608  fct_chk( strcmp( (char *) output, "" ) == 0 );
3609  }
3610  }
3611  FCT_TEST_END();
3612 
3613 
3614  FCT_TEST_BGN(x509_certificate_asn1_signature_data_left)
3615  {
3616  x509_cert crt;
3617  unsigned char buf[2000];
3618  unsigned char output[2000];
3619  int data_len, res;
3620 
3621  memset( &crt, 0, sizeof( x509_cert ) );
3622  memset( buf, 0, 2000 );
3623  memset( output, 0, 2000 );
3624 
3625  data_len = unhexify( buf, "308197308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff00" );
3626 
3629  {
3630  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3631 
3632  fct_chk( res != -1 );
3633  fct_chk( res != -2 );
3634 
3635  fct_chk( strcmp( (char *) output, "" ) == 0 );
3636  }
3637  }
3638  FCT_TEST_END();
3639 
3640 
3641  FCT_TEST_BGN(x509_certificate_asn1_correct)
3642  {
3643  x509_cert crt;
3644  unsigned char buf[2000];
3645  unsigned char output[2000];
3646  int data_len, res;
3647 
3648  memset( &crt, 0, sizeof( x509_cert ) );
3649  memset( buf, 0, 2000 );
3650  memset( output, 0, 2000 );
3651 
3652  data_len = unhexify( buf, "308196308180a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3653 
3654  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3655  if( ( 0 ) == 0 )
3656  {
3657  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3658 
3659  fct_chk( res != -1 );
3660  fct_chk( res != -2 );
3661 
3662  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ?\?=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3663  }
3664  }
3665  FCT_TEST_END();
3666 
3667 
3668  FCT_TEST_BGN(x509_certificate_asn1_generalizedtime_instead_of_utctime)
3669  {
3670  x509_cert crt;
3671  unsigned char buf[2000];
3672  unsigned char output[2000];
3673  int data_len, res;
3674 
3675  memset( &crt, 0, sizeof( x509_cert ) );
3676  memset( buf, 0, 2000 );
3677  memset( output, 0, 2000 );
3678 
3679  data_len = unhexify( buf, "308198308182a0030201008204deadbeef300d06092a864886f70d0101020500300c310a30080600130454657374301e180e3230313030313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3680 
3681  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3682  if( ( 0 ) == 0 )
3683  {
3684  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3685 
3686  fct_chk( res != -1 );
3687  fct_chk( res != -2 );
3688 
3689  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ?\?=Test\nsubject name : ?\?=Test\nissued on : 2010-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3690  }
3691  }
3692  FCT_TEST_END();
3693 
3694 
3695  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_cn)
3696  {
3697  x509_cert crt;
3698  unsigned char buf[2000];
3699  unsigned char output[2000];
3700  int data_len, res;
3701 
3702  memset( &crt, 0, sizeof( x509_cert ) );
3703  memset( buf, 0, 2000 );
3704  memset( output, 0, 2000 );
3705 
3706  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550403130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3707 
3708  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3709  if( ( 0 ) == 0 )
3710  {
3711  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3712 
3713  fct_chk( res != -1 );
3714  fct_chk( res != -2 );
3715 
3716  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : CN=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3717  }
3718  }
3719  FCT_TEST_END();
3720 
3721 
3722  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_c)
3723  {
3724  x509_cert crt;
3725  unsigned char buf[2000];
3726  unsigned char output[2000];
3727  int data_len, res;
3728 
3729  memset( &crt, 0, sizeof( x509_cert ) );
3730  memset( buf, 0, 2000 );
3731  memset( output, 0, 2000 );
3732 
3733  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550406130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3734 
3735  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3736  if( ( 0 ) == 0 )
3737  {
3738  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3739 
3740  fct_chk( res != -1 );
3741  fct_chk( res != -2 );
3742 
3743  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : C=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3744  }
3745  }
3746  FCT_TEST_END();
3747 
3748 
3749  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_l)
3750  {
3751  x509_cert crt;
3752  unsigned char buf[2000];
3753  unsigned char output[2000];
3754  int data_len, res;
3755 
3756  memset( &crt, 0, sizeof( x509_cert ) );
3757  memset( buf, 0, 2000 );
3758  memset( output, 0, 2000 );
3759 
3760  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550407130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3761 
3762  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3763  if( ( 0 ) == 0 )
3764  {
3765  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3766 
3767  fct_chk( res != -1 );
3768  fct_chk( res != -2 );
3769 
3770  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : L=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3771  }
3772  }
3773  FCT_TEST_END();
3774 
3775 
3776  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_st)
3777  {
3778  x509_cert crt;
3779  unsigned char buf[2000];
3780  unsigned char output[2000];
3781  int data_len, res;
3782 
3783  memset( &crt, 0, sizeof( x509_cert ) );
3784  memset( buf, 0, 2000 );
3785  memset( output, 0, 2000 );
3786 
3787  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b0603550408130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3788 
3789  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3790  if( ( 0 ) == 0 )
3791  {
3792  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3793 
3794  fct_chk( res != -1 );
3795  fct_chk( res != -2 );
3796 
3797  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : ST=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3798  }
3799  }
3800  FCT_TEST_END();
3801 
3802 
3803  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_o)
3804  {
3805  x509_cert crt;
3806  unsigned char buf[2000];
3807  unsigned char output[2000];
3808  int data_len, res;
3809 
3810  memset( &crt, 0, sizeof( x509_cert ) );
3811  memset( buf, 0, 2000 );
3812  memset( output, 0, 2000 );
3813 
3814  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040a130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3815 
3816  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3817  if( ( 0 ) == 0 )
3818  {
3819  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3820 
3821  fct_chk( res != -1 );
3822  fct_chk( res != -2 );
3823 
3824  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : O=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3825  }
3826  }
3827  FCT_TEST_END();
3828 
3829 
3830  FCT_TEST_BGN(x509_certificate_asn1_name_with_x520_ou)
3831  {
3832  x509_cert crt;
3833  unsigned char buf[2000];
3834  unsigned char output[2000];
3835  int data_len, res;
3836 
3837  memset( &crt, 0, sizeof( x509_cert ) );
3838  memset( buf, 0, 2000 );
3839  memset( output, 0, 2000 );
3840 
3841  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b060355040b130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3842 
3843  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3844  if( ( 0 ) == 0 )
3845  {
3846  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3847 
3848  fct_chk( res != -1 );
3849  fct_chk( res != -2 );
3850 
3851  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : OU=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3852  }
3853  }
3854  FCT_TEST_END();
3855 
3856 
3857  FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_x520_part)
3858  {
3859  x509_cert crt;
3860  unsigned char buf[2000];
3861  unsigned char output[2000];
3862  int data_len, res;
3863 
3864  memset( &crt, 0, sizeof( x509_cert ) );
3865  memset( buf, 0, 2000 );
3866  memset( output, 0, 2000 );
3867 
3868  data_len = unhexify( buf, "308199308183a0030201008204deadbeef300d06092a864886f70d0101020500300f310d300b06035504de130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3869 
3870  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3871  if( ( 0 ) == 0 )
3872  {
3873  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3874 
3875  fct_chk( res != -1 );
3876  fct_chk( res != -2 );
3877 
3878  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : 0xDE=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3879  }
3880  }
3881  FCT_TEST_END();
3882 
3883 
3884  FCT_TEST_BGN(x509_certificate_asn1_name_with_pkcs9_email)
3885  {
3886  x509_cert crt;
3887  unsigned char buf[2000];
3888  unsigned char output[2000];
3889  int data_len, res;
3890 
3891  memset( &crt, 0, sizeof( x509_cert ) );
3892  memset( buf, 0, 2000 );
3893  memset( output, 0, 2000 );
3894 
3895  data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d010901130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3896 
3897  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3898  if( ( 0 ) == 0 )
3899  {
3900  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3901 
3902  fct_chk( res != -1 );
3903  fct_chk( res != -2 );
3904 
3905  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : emailAddress=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3906  }
3907  }
3908  FCT_TEST_END();
3909 
3910 
3911  FCT_TEST_BGN(x509_certificate_asn1_name_with_unknown_pkcs9_part)
3912  {
3913  x509_cert crt;
3914  unsigned char buf[2000];
3915  unsigned char output[2000];
3916  int data_len, res;
3917 
3918  memset( &crt, 0, sizeof( x509_cert ) );
3919  memset( buf, 0, 2000 );
3920  memset( output, 0, 2000 );
3921 
3922  data_len = unhexify( buf, "30819f308189a0030201008204deadbeef300d06092a864886f70d010102050030153113301106092a864886f70d0109ab130454657374301c170c303930313031303030303030170c303931323331323335393539300c310a30080600130454657374302a300d06092A864886F70D010101050003190030160210ffffffffffffffffffffffffffffffff0202ffff300d06092a864886f70d0101020500030200ff" );
3923 
3924  fct_chk( x509parse_crt( &crt, buf, data_len ) == ( 0 ) );
3925  if( ( 0 ) == 0 )
3926  {
3927  res = x509parse_cert_info( (char *) output, 2000, "", &crt );
3928 
3929  fct_chk( res != -1 );
3930  fct_chk( res != -2 );
3931 
3932  fct_chk( strcmp( (char *) output, "cert. version : 1\nserial number : DE:AD:BE:EF\nissuer name : 0xAB=Test\nsubject name : ?\?=Test\nissued on : 2009-01-01 00:00:00\nexpires on : 2009-12-31 23:59:59\nsigned using : RSA+MD2\nRSA key size : 128 bits\n" ) == 0 );
3933  }
3934  }
3935  FCT_TEST_END();
3936 
3937 
3938  FCT_TEST_BGN(x509_crl_asn1_incorrect_first_tag)
3939  {
3940  x509_crl crl;
3941  unsigned char buf[2000];
3942  unsigned char output[2000];
3943  int data_len, res;
3944 
3945  memset( &crl, 0, sizeof( x509_crl ) );
3946  memset( buf, 0, 2000 );
3947  memset( output, 0, 2000 );
3948 
3949  data_len = unhexify( buf, "" );
3950 
3951  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT ) );
3953  {
3954  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
3955 
3956  fct_chk( res != -1 );
3957  fct_chk( res != -2 );
3958 
3959  fct_chk( strcmp( (char *) output, "" ) == 0 );
3960  }
3961  }
3962  FCT_TEST_END();
3963 
3964 
3965  FCT_TEST_BGN(x509_crl_asn1_correct_first_tag_data_length_does_not_match)
3966  {
3967  x509_crl crl;
3968  unsigned char buf[2000];
3969  unsigned char output[2000];
3970  int data_len, res;
3971 
3972  memset( &crl, 0, sizeof( x509_crl ) );
3973  memset( buf, 0, 2000 );
3974  memset( output, 0, 2000 );
3975 
3976  data_len = unhexify( buf, "300000" );
3977 
3980  {
3981  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
3982 
3983  fct_chk( res != -1 );
3984  fct_chk( res != -2 );
3985 
3986  fct_chk( strcmp( (char *) output, "" ) == 0 );
3987  }
3988  }
3989  FCT_TEST_END();
3990 
3991 
3992  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_tag_missing)
3993  {
3994  x509_crl crl;
3995  unsigned char buf[2000];
3996  unsigned char output[2000];
3997  int data_len, res;
3998 
3999  memset( &crl, 0, sizeof( x509_crl ) );
4000  memset( buf, 0, 2000 );
4001  memset( output, 0, 2000 );
4002 
4003  data_len = unhexify( buf, "3000" );
4004 
4005  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4007  {
4008  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4009 
4010  fct_chk( res != -1 );
4011  fct_chk( res != -2 );
4012 
4013  fct_chk( strcmp( (char *) output, "" ) == 0 );
4014  }
4015  }
4016  FCT_TEST_END();
4017 
4018 
4019  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_tag_len_missing)
4020  {
4021  x509_crl crl;
4022  unsigned char buf[2000];
4023  unsigned char output[2000];
4024  int data_len, res;
4025 
4026  memset( &crl, 0, sizeof( x509_crl ) );
4027  memset( buf, 0, 2000 );
4028  memset( output, 0, 2000 );
4029 
4030  data_len = unhexify( buf, "3003300102" );
4031 
4032  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_VERSION + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4034  {
4035  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4036 
4037  fct_chk( res != -1 );
4038  fct_chk( res != -2 );
4039 
4040  fct_chk( strcmp( (char *) output, "" ) == 0 );
4041  }
4042  }
4043  FCT_TEST_END();
4044 
4045 
4046  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_version_correct_alg_missing)
4047  {
4048  x509_crl crl;
4049  unsigned char buf[2000];
4050  unsigned char output[2000];
4051  int data_len, res;
4052 
4053  memset( &crl, 0, sizeof( x509_crl ) );
4054  memset( buf, 0, 2000 );
4055  memset( output, 0, 2000 );
4056 
4057  data_len = unhexify( buf, "30053003020100" );
4058 
4059  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4061  {
4062  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4063 
4064  fct_chk( res != -1 );
4065  fct_chk( res != -2 );
4066 
4067  fct_chk( strcmp( (char *) output, "" ) == 0 );
4068  }
4069  }
4070  FCT_TEST_END();
4071 
4072 
4073  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_alg_correct_incorrect_version)
4074  {
4075  x509_crl crl;
4076  unsigned char buf[2000];
4077  unsigned char output[2000];
4078  int data_len, res;
4079 
4080  memset( &crl, 0, sizeof( x509_crl ) );
4081  memset( buf, 0, 2000 );
4082  memset( output, 0, 2000 );
4083 
4084  data_len = unhexify( buf, "300b3009020102300406000500" );
4085 
4086  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_VERSION ) );
4088  {
4089  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4090 
4091  fct_chk( res != -1 );
4092  fct_chk( res != -2 );
4093 
4094  fct_chk( strcmp( (char *) output, "" ) == 0 );
4095  }
4096  }
4097  FCT_TEST_END();
4098 
4099 
4100  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_version_sig_oid1_unknown)
4101  {
4102  x509_crl crl;
4103  unsigned char buf[2000];
4104  unsigned char output[2000];
4105  int data_len, res;
4106 
4107  memset( &crl, 0, sizeof( x509_crl ) );
4108  memset( buf, 0, 2000 );
4109  memset( output, 0, 2000 );
4110 
4111  data_len = unhexify( buf, "300b3009020100300406000500" );
4112 
4113  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
4115  {
4116  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4117 
4118  fct_chk( res != -1 );
4119  fct_chk( res != -2 );
4120 
4121  fct_chk( strcmp( (char *) output, "" ) == 0 );
4122  }
4123  }
4124  FCT_TEST_END();
4125 
4126 
4127  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_id_unknown)
4128  {
4129  x509_crl crl;
4130  unsigned char buf[2000];
4131  unsigned char output[2000];
4132  int data_len, res;
4133 
4134  memset( &crl, 0, sizeof( x509_crl ) );
4135  memset( buf, 0, 2000 );
4136  memset( output, 0, 2000 );
4137 
4138  data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010f0500" );
4139 
4140  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_UNKNOWN_SIG_ALG ) );
4142  {
4143  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4144 
4145  fct_chk( res != -1 );
4146  fct_chk( res != -2 );
4147 
4148  fct_chk( strcmp( (char *) output, "" ) == 0 );
4149  }
4150  }
4151  FCT_TEST_END();
4152 
4153 
4154  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_oid1_correct_issuer_missing)
4155  {
4156  x509_crl crl;
4157  unsigned char buf[2000];
4158  unsigned char output[2000];
4159  int data_len, res;
4160 
4161  memset( &crl, 0, sizeof( x509_crl ) );
4162  memset( buf, 0, 2000 );
4163  memset( output, 0, 2000 );
4164 
4165  data_len = unhexify( buf, "30143012020100300d06092a864886f70d01010e0500" );
4166 
4167  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4169  {
4170  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4171 
4172  fct_chk( res != -1 );
4173  fct_chk( res != -2 );
4174 
4175  fct_chk( strcmp( (char *) output, "" ) == 0 );
4176  }
4177  }
4178  FCT_TEST_END();
4179 
4180 
4181  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_issuer_set_missing)
4182  {
4183  x509_crl crl;
4184  unsigned char buf[2000];
4185  unsigned char output[2000];
4186  int data_len, res;
4187 
4188  memset( &crl, 0, sizeof( x509_crl ) );
4189  memset( buf, 0, 2000 );
4190  memset( output, 0, 2000 );
4191 
4192  data_len = unhexify( buf, "30163014020100300d06092a864886f70d01010e05003000" );
4193 
4194  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_NAME + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4196  {
4197  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4198 
4199  fct_chk( res != -1 );
4200  fct_chk( res != -2 );
4201 
4202  fct_chk( strcmp( (char *) output, "" ) == 0 );
4203  }
4204  }
4205  FCT_TEST_END();
4206 
4207 
4208  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_issuer_thisupdate_missing)
4209  {
4210  x509_crl crl;
4211  unsigned char buf[2000];
4212  unsigned char output[2000];
4213  int data_len, res;
4214 
4215  memset( &crl, 0, sizeof( x509_crl ) );
4216  memset( buf, 0, 2000 );
4217  memset( output, 0, 2000 );
4218 
4219  data_len = unhexify( buf, "30253023020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344" );
4220 
4221  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4223  {
4224  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4225 
4226  fct_chk( res != -1 );
4227  fct_chk( res != -2 );
4228 
4229  fct_chk( strcmp( (char *) output, "" ) == 0 );
4230  }
4231  }
4232  FCT_TEST_END();
4233 
4234 
4235  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_correct_thisupdate_nextupdate_missing_entries_length_missing)
4236  {
4237  x509_crl crl;
4238  unsigned char buf[2000];
4239  unsigned char output[2000];
4240  int data_len, res;
4241 
4242  memset( &crl, 0, sizeof( x509_crl ) );
4243  memset( buf, 0, 2000 );
4244  memset( output, 0, 2000 );
4245 
4246  data_len = unhexify( buf, "30343032020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c30393031303130303030303030" );
4247 
4248  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4249  if( ( POLARSSL_ERR_ASN1_OUT_OF_DATA ) == 0 )
4250  {
4251  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4252 
4253  fct_chk( res != -1 );
4254  fct_chk( res != -2 );
4255 
4256  fct_chk( strcmp( (char *) output, "" ) == 0 );
4257  }
4258  }
4259  FCT_TEST_END();
4260 
4261 
4262  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_invalid_sig_alg)
4263  {
4264  x509_crl crl;
4265  unsigned char buf[2000];
4266  unsigned char output[2000];
4267  int data_len, res;
4268 
4269  memset( &crl, 0, sizeof( x509_crl ) );
4270  memset( buf, 0, 2000 );
4271  memset( output, 0, 2000 );
4272 
4273  data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c30383132333132333539353900" );
4274 
4275  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_ALG + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
4277  {
4278  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4279 
4280  fct_chk( res != -1 );
4281  fct_chk( res != -2 );
4282 
4283  fct_chk( strcmp( (char *) output, "" ) == 0 );
4284  }
4285  }
4286  FCT_TEST_END();
4287 
4288 
4289  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_entries_present_date_in_entry_invalid)
4290  {
4291  x509_crl crl;
4292  unsigned char buf[2000];
4293  unsigned char output[2000];
4294  int data_len, res;
4295 
4296  memset( &crl, 0, sizeof( x509_crl ) );
4297  memset( buf, 0, 2000 );
4298  memset( output, 0, 2000 );
4299 
4300  data_len = unhexify( buf, "304a3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd190c30383132333132333539353900" );
4301 
4302  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_INVALID_DATE + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
4304  {
4305  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4306 
4307  fct_chk( res != -1 );
4308  fct_chk( res != -2 );
4309 
4310  fct_chk( strcmp( (char *) output, "" ) == 0 );
4311  }
4312  }
4313  FCT_TEST_END();
4314 
4315 
4316  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_alg_present_sig_alg_does_not_match)
4317  {
4318  x509_crl crl;
4319  unsigned char buf[2000];
4320  unsigned char output[2000];
4321  int data_len, res;
4322 
4323  memset( &crl, 0, sizeof( x509_crl ) );
4324  memset( buf, 0, 2000 );
4325  memset( output, 0, 2000 );
4326 
4327  data_len = unhexify( buf, "30583047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010d0500" );
4328 
4329  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( POLARSSL_ERR_X509_CERT_SIG_MISMATCH ) );
4331  {
4332  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4333 
4334  fct_chk( res != -1 );
4335  fct_chk( res != -2 );
4336 
4337  fct_chk( strcmp( (char *) output, "" ) == 0 );
4338  }
4339  }
4340  FCT_TEST_END();
4341 
4342 
4343  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present_len_mismatch)
4344  {
4345  x509_crl crl;
4346  unsigned char buf[2000];
4347  unsigned char output[2000];
4348  int data_len, res;
4349 
4350  memset( &crl, 0, sizeof( x509_crl ) );
4351  memset( buf, 0, 2000 );
4352  memset( output, 0, 2000 );
4353 
4354  data_len = unhexify( buf, "305d3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e05000302000100" );
4355 
4358  {
4359  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4360 
4361  fct_chk( res != -1 );
4362  fct_chk( res != -2 );
4363 
4364  fct_chk( strcmp( (char *) output, "" ) == 0 );
4365  }
4366  }
4367  FCT_TEST_END();
4368 
4369 
4370  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_sig_present)
4371  {
4372  x509_crl crl;
4373  unsigned char buf[2000];
4374  unsigned char output[2000];
4375  int data_len, res;
4376 
4377  memset( &crl, 0, sizeof( x509_crl ) );
4378  memset( buf, 0, 2000 );
4379  memset( output, 0, 2000 );
4380 
4381  data_len = unhexify( buf, "305c3047020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030301430128202abcd170c303831323331323335393539300d06092a864886f70d01010e050003020001" );
4382 
4383  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) );
4384  if( ( 0 ) == 0 )
4385  {
4386  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4387 
4388  fct_chk( res != -1 );
4389  fct_chk( res != -2 );
4390 
4391  fct_chk( strcmp( (char *) output, "CRL version : 1\nissuer name : CN=ABCD\nthis update : 2009-01-01 00:00:00\nnext update : 0000-00-00 00:00:00\nRevoked certificates:\nserial number: AB:CD revocation date: 2008-12-31 23:59:59\nsigned using : RSA+SHA224\n" ) == 0 );
4392  }
4393  }
4394  FCT_TEST_END();
4395 
4396 
4397  FCT_TEST_BGN(x509_crl_asn1_tbscertlist_no_entries)
4398  {
4399  x509_crl crl;
4400  unsigned char buf[2000];
4401  unsigned char output[2000];
4402  int data_len, res;
4403 
4404  memset( &crl, 0, sizeof( x509_crl ) );
4405  memset( buf, 0, 2000 );
4406  memset( output, 0, 2000 );
4407 
4408  data_len = unhexify( buf, "30463031020100300d06092a864886f70d01010e0500300f310d300b0603550403130441424344170c303930313031303030303030300d06092a864886f70d01010e050003020001" );
4409 
4410  fct_chk( x509parse_crl( &crl, buf, data_len ) == ( 0 ) );
4411  if( ( 0 ) == 0 )
4412  {
4413  res = x509parse_crl_info( (char *) output, 2000, "", &crl );
4414 
4415  fct_chk( res != -1 );
4416  fct_chk( res != -2 );
4417 
4418  fct_chk( strcmp( (char *) output, "CRL version : 1\nissuer name : CN=ABCD\nthis update : 2009-01-01 00:00:00\nnext update : 0000-00-00 00:00:00\nRevoked certificates:\nsigned using : RSA+SHA224\n" ) == 0 );
4419  }
4420  }
4421  FCT_TEST_END();
4422 
4423 
4424  FCT_TEST_BGN(x509_key_asn1_incorrect_first_tag)
4425  {
4426  rsa_context rsa;
4427  unsigned char buf[2000];
4428  unsigned char output[2000];
4429  int data_len;
4430 
4431  memset( &rsa, 0, sizeof( rsa_context ) );
4432  memset( buf, 0, 2000 );
4433  memset( output, 0, 2000 );
4434 
4435  data_len = unhexify( buf, "" );
4436 
4437  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4438 
4439  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4441  {
4442  fct_chk( 1 );
4443  }
4444  }
4445  FCT_TEST_END();
4446 
4447 
4448  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_incorrect_version_tag)
4449  {
4450  rsa_context rsa;
4451  unsigned char buf[2000];
4452  unsigned char output[2000];
4453  int data_len;
4454 
4455  memset( &rsa, 0, sizeof( rsa_context ) );
4456  memset( buf, 0, 2000 );
4457  memset( output, 0, 2000 );
4458 
4459  data_len = unhexify( buf, "300100" );
4460 
4461  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4462 
4463  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
4465  {
4466  fct_chk( 1 );
4467  }
4468  }
4469  FCT_TEST_END();
4470 
4471 
4472  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_version_tag_missing)
4473  {
4474  rsa_context rsa;
4475  unsigned char buf[2000];
4476  unsigned char output[2000];
4477  int data_len;
4478 
4479  memset( &rsa, 0, sizeof( rsa_context ) );
4480  memset( buf, 0, 2000 );
4481  memset( output, 0, 2000 );
4482 
4483  data_len = unhexify( buf, "3000" );
4484 
4485  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4486 
4487  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_OUT_OF_DATA ) );
4489  {
4490  fct_chk( 1 );
4491  }
4492  }
4493  FCT_TEST_END();
4494 
4495 
4496  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_invalid_version)
4497  {
4498  rsa_context rsa;
4499  unsigned char buf[2000];
4500  unsigned char output[2000];
4501  int data_len;
4502 
4503  memset( &rsa, 0, sizeof( rsa_context ) );
4504  memset( buf, 0, 2000 );
4505  memset( output, 0, 2000 );
4506 
4507  data_len = unhexify( buf, "3003020101" );
4508 
4509  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4510 
4511  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_VERSION ) );
4513  {
4514  fct_chk( 1 );
4515  }
4516  }
4517  FCT_TEST_END();
4518 
4519 
4520  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_correct_version_incorrect_tag)
4521  {
4522  rsa_context rsa;
4523  unsigned char buf[2000];
4524  unsigned char output[2000];
4525  int data_len;
4526 
4527  memset( &rsa, 0, sizeof( rsa_context ) );
4528  memset( buf, 0, 2000 );
4529  memset( output, 0, 2000 );
4530 
4531  data_len = unhexify( buf, "300402010000" );
4532 
4533  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4534 
4535  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_UNEXPECTED_TAG ) );
4537  {
4538  fct_chk( 1 );
4539  }
4540  }
4541  FCT_TEST_END();
4542 
4543 
4544  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_length_mismatch)
4545  {
4546  rsa_context rsa;
4547  unsigned char buf[2000];
4548  unsigned char output[2000];
4549  int data_len;
4550 
4551  memset( &rsa, 0, sizeof( rsa_context ) );
4552  memset( buf, 0, 2000 );
4553  memset( output, 0, 2000 );
4554 
4555  data_len = unhexify( buf, "301c02010002010102010102010102010102010102010102010102010100" );
4556 
4557  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4558 
4559  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + POLARSSL_ERR_ASN1_LENGTH_MISMATCH ) );
4561  {
4562  fct_chk( 1 );
4563  }
4564  }
4565  FCT_TEST_END();
4566 
4567 
4568  FCT_TEST_BGN(x509_key_asn1_rsaprivatekey_values_present_check_privkey_fails)
4569  {
4570  rsa_context rsa;
4571  unsigned char buf[2000];
4572  unsigned char output[2000];
4573  int data_len;
4574 
4575  memset( &rsa, 0, sizeof( rsa_context ) );
4576  memset( buf, 0, 2000 );
4577  memset( output, 0, 2000 );
4578 
4579  data_len = unhexify( buf, "301b020100020101020101020101020101020101020101020101020101" );
4580 
4581  x509parse_key( &rsa, buf, data_len, NULL, 0 );
4582 
4583  fct_chk( x509parse_key( &rsa, buf, data_len, NULL, 0 ) == ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) );
4584  if( ( POLARSSL_ERR_RSA_KEY_CHECK_FAILED ) == 0 )
4585  {
4586  fct_chk( 1 );
4587  }
4588  }
4589  FCT_TEST_END();
4590 
4591  }
4592  FCT_SUITE_END();
4593 
4594 #endif /* POLARSSL_X509_PARSE_C */
4595 #endif /* POLARSSL_BIGNUM_C */
4596 
4597 }
4598 FCT_END();
4599