tests/suites/test_suite_x509write.function

/* BEGIN_HEADER */
#include <polarssl/x509write.h>
#include <polarssl/x509.h>
#include <polarssl/pem.h>
#include <polarssl/oid.h>
/* END_HEADER */

/* BEGIN_DEPENDENCIES
 * depends_on:POLARSSL_X509_WRITE_C:POLARSSL_BIGNUM_C
 * END_DEPENDENCIES
 */

/* BEGIN_CASE */
void x509_csr_check( char *key_file, int md_type,
                          char *cert_req_check_file )
{
    rsa_context rsa;
    pem_context pem;
    x509_csr req;
    unsigned char *c;
    unsigned char buf[4000];
    unsigned char check_buf[4000];
    int ret;
    size_t olen = 2000;
    FILE *f;
    char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1";

    memset( &rsa, 0, sizeof(rsa_context) );
    ret = x509parse_keyfile_rsa( &rsa, key_file, NULL );
    TEST_ASSERT( ret == 0 );
    if( ret != 0 )
        return;

    x509write_csr_init( &req );
    x509write_csr_set_md_alg( &req, md_type );
    x509write_csr_set_rsa_key( &req, &rsa );
    TEST_ASSERT( x509write_csr_set_subject_name( &req, subject_name ) == 0 );

    ret = x509write_csr_der( &req, buf, 4000 );
    TEST_ASSERT( ret >= 0 );

    c = buf + 3999 - ret;

    f = fopen( cert_req_check_file, "r" );
    TEST_ASSERT( f != NULL );
    fread( check_buf, 1, 4000, f );
    fclose( f );

    pem_init( &pem );
    pem_read_buffer( &pem, "-----BEGIN CERTIFICATE REQUEST-----", "-----END CERTIFICATE REQUEST-----", check_buf, NULL, 0, &olen );

    TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
    TEST_ASSERT( pem.buflen == (size_t) ret );

    x509write_csr_free( &req );
    rsa_free( &rsa );
    pem_free( &pem );
}
/* END_CASE */

/* BEGIN_CASE */
void x509_crt_check( char *subject_key_file, char *subject_pwd,
                     char *subject_name, char *issuer_key_file,
                     char *issuer_pwd, char *issuer_name,
                     char *serial_str, char *not_before, char *not_after,
                     int md_type, char *cert_check_file )
{
    rsa_context subject_rsa, issuer_rsa;
    pem_context pem;
    x509write_cert crt;
    unsigned char *c;
    unsigned char buf[4000];
    unsigned char check_buf[5000];
    mpi serial;
    int ret;
    size_t olen = 2000;
    FILE *f;

    mpi_init( &serial );
    rsa_init( &subject_rsa, RSA_PKCS_V15, 0 );
    rsa_init( &issuer_rsa, RSA_PKCS_V15, 0 );

    TEST_ASSERT( x509parse_keyfile_rsa( &subject_rsa, subject_key_file,
                                         subject_pwd ) == 0 );
    TEST_ASSERT( x509parse_keyfile_rsa( &issuer_rsa, issuer_key_file,
                                         issuer_pwd ) == 0 );
    TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );

    x509write_crt_init( &crt );
    x509write_crt_set_serial( &crt, &serial );
    TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
                                                   not_after ) == 0 );
    x509write_crt_set_md_alg( &crt, md_type );
    TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
    TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
    x509write_crt_set_subject_key( &crt, &subject_rsa );
    x509write_crt_set_issuer_key( &crt, &issuer_rsa );

    TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
    TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
    TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );

    ret = x509write_crt_der( &crt, buf, sizeof(buf) );
    TEST_ASSERT( ret >= 0 );

    c = buf + 3999 - ret;

    f = fopen( cert_check_file, "r" );
    TEST_ASSERT( f != NULL );
    TEST_ASSERT( fread( check_buf, 1, sizeof(check_buf), f ) < sizeof(check_buf) );
    fclose( f );

    pem_init( &pem );
    TEST_ASSERT( pem_read_buffer( &pem, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", check_buf, NULL, 0, &olen ) >= 0 );

    TEST_ASSERT( pem.buflen == (size_t) ret );
    TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );

    x509write_crt_free( &crt );
    rsa_free( &issuer_rsa );
    rsa_free( &subject_rsa );
    pem_free( &pem );
    mpi_free( &serial );
}
/* END_CASE */