commit 1bbc2fe986f6578bc55aea6a7657b986c2bbf718
author toth92g <toth92g@gmail.com> Fri Feb 12 16:11:17 2021 +0100
committer Przemek Stekiel <przemyslaw.stekiel@mobica.com> Mon Jan 02 20:27:31 2023 +0100
tree d090dd5219d05025a01a2c93b0047f4a77ea0d47
parent b4b0bb737d51ac34a91de269aad4432524be5794

Extracting SubjectKeyId and AuthorityKeyId in case of x509 V3 extensions. Updating mbedtls_x509_crt_free function to also free the new dynamic elements (issuer field of AuthorityKeyId).
A few tests are also added which test the feature with a correct certificate and multiple ones with erroneous ASN1 tags.

Signed-off-by: toth92g <toth92g@gmail.com>

tests/suites/test_suite_x509parse.function

diff --git a/tests/suites/test_suite_x509parse.function b/tests/suites/test_suite_x509parse.function
index 388d45e..bf66146 100644
--- a/tests/suites/test_suite_x509parse.function
+++ b/tests/suites/test_suite_x509parse.function
@@ -1402,3 +1402,90 @@
     ;;
 }
 /* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_CERTS_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C */
+void mbedtls_x509_crt_parse_subjectkeyid( char * crt_path, char *subjectKeyId, int subjectKeyIdLength, int retVal )
+{
+    mbedtls_x509_crt crt;
+    int i = 0;
+    int result = 0;
+
+    mbedtls_x509_crt_init( &crt );
+
+    TEST_ASSERT( (mbedtls_x509_crt_parse_file( &crt, crt_path )& 0xFFFF) == retVal );
+
+    if(retVal != 0)
+    {
+        while(i < subjectKeyIdLength)
+        {
+            result |= crt.subject_key_id.p[i] != subjectKeyId[i*2];
+            result |= crt.subject_key_id.p[i+1] != subjectKeyId[i*2+1];
+            i++;
+        }
+
+        TEST_ASSERT(result == 0);
+    }
+
+exit:
+    mbedtls_x509_crt_free( &crt );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_CERTS_C:MBEDTLS_SHA1_C:MBEDTLS_RSA_C */
+void mbedtls_x509_crt_parse_authoritykeyid( char * crt_path, char *authorityKeyId_keyId, int keyIdLength, char *authorityKeyId_issuer, char *authorityKeyId_serial, int serialLength , int retVal)
+{
+    mbedtls_x509_crt crt;
+    int i = 0;
+    int result = 0;
+    int bufferCounter = 0;
+    size_t issuerCounter = 0;
+
+    mbedtls_x509_crt_init( &crt );
+
+    TEST_ASSERT( (mbedtls_x509_crt_parse_file( &crt, crt_path )& 0xFFFF) == retVal );
+
+    if (retVal != 0)
+    {
+        /* KeyId test */
+        while(i < keyIdLength)
+        {
+            result |= crt.authority_key_id.keyIdentifier.p[i] != authorityKeyId_keyId[i*2];
+            result |= crt.authority_key_id.keyIdentifier.p[i+1] != authorityKeyId_keyId[i*2+1];
+            i++;
+        }
+
+        /* Issuer test */
+        mbedtls_x509_name* issuerPtr = &crt.authority_key_id.authorityCertIssuer;
+        while (issuerPtr != NULL)
+        {
+            for (issuerCounter = 0u; issuerCounter < issuerPtr->val.len; issuerCounter++)
+            {
+                result |= (authorityKeyId_issuer[bufferCounter++] != issuerPtr->val.p[issuerCounter]);
+            }
+            bufferCounter++; /* Skipping the slash */
+            issuerPtr = issuerPtr->next;
+        }
+
+        /* Serial test */
+        i = 0;
+        while(i < serialLength)
+        {
+            result |= crt.authority_key_id.authorityCertSerialNumber.p[i] != authorityKeyId_serial[i*2];
+            result |= crt.authority_key_id.authorityCertSerialNumber.p[i+1] != authorityKeyId_serial[i*2+1];
+            i++;
+        }
+
+        TEST_ASSERT(result == 0);
+    }
+
+exit:
+    mbedtls_x509_crt_free( &crt );
+}
+/* END_CASE */
+
+/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_SELF_TEST */
+void x509_selftest(  )
+{
+    TEST_ASSERT( mbedtls_x509_self_test( 1 ) == 0 );
+}
+/* END_CASE */