TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 600bd30427a9d53b41c03e65f0816aa931669753 / . / tests / suites / test_suite_pkcs7.function
blob: d85a45561350a81320c7de1c192a742bcef5bec4 [file] [log] [blame]
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/bignum.h"
3#include "mbedtls/pkcs7.h"
4#include "mbedtls/x509.h"
5#include "mbedtls/x509_crt.h"
6#include "mbedtls/x509_crl.h"
7#include "mbedtls/oid.h"
8#include "sys/types.h"
9#include "sys/stat.h"
10/* END_HEADER */
11
12/* BEGIN_DEPENDENCIES
13 * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_FS_IO
14 * END_DEPENDENCIES
15 */
16
17/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
18void pkcs7_parse( char *pkcs7_file )
19{
20 unsigned char *pkcs7_buf = NULL;
21 size_t buflen;
22 int res;
23
24 mbedtls_pkcs7 pkcs7;
25
26 mbedtls_pkcs7_init( &pkcs7 );
27
28 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
29 TEST_ASSERT( res == 0 );
30
31 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]32 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]33
34exit:
35 mbedtls_free( pkcs7_buf );
36 mbedtls_pkcs7_free( &pkcs7 );
37}
38/* END_CASE */
39
40/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C*/
41void pkcs7_parse_without_cert( char *pkcs7_file )
42{
43 unsigned char *pkcs7_buf = NULL;
44 size_t buflen;
45 int res;
46
47 mbedtls_pkcs7 pkcs7;
48
49 mbedtls_pkcs7_init( &pkcs7 );
50
51 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
52 TEST_ASSERT( res == 0 );
53
54 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]55 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]56
57exit:
58 mbedtls_free( pkcs7_buf );
59 mbedtls_pkcs7_free( &pkcs7 );
60}
61/* END_CASE */
62
63/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
64void pkcs7_parse_multiple_signers( char *pkcs7_file )
65{
66 unsigned char *pkcs7_buf = NULL;
67 size_t buflen;
68 int res;
69
70 mbedtls_pkcs7 pkcs7;
71
72 mbedtls_pkcs7_init( &pkcs7 );
73
74 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
75 TEST_ASSERT( res == 0 );
76
77 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
78 TEST_ASSERT( res < 0 );
79
80 switch ( res ){
81 case MBEDTLS_ERR_PKCS7_INVALID_CERT:
82 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_CERT );
83 break;
84
85 case MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO:
86 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO );
87 break;
88 default:
89 TEST_ASSERT(0);
90 }
91
92exit:
93 mbedtls_free( pkcs7_buf );
94 mbedtls_pkcs7_free( &pkcs7 );
95}
96/* END_CASE */
97
98/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
99void pkcs7_parse_corrupted_cert( char *pkcs7_file )
100{
101 unsigned char *pkcs7_buf = NULL;
102 size_t buflen;
103 int res;
104
105 mbedtls_pkcs7 pkcs7;
106
107 mbedtls_pkcs7_init( &pkcs7 );
108
109 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
110 TEST_ASSERT( res == 0 );
111
112 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
113 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_CERT );
114
115exit:
116 mbedtls_free( pkcs7_buf );
117 mbedtls_pkcs7_free( &pkcs7 );
118}
119/* END_CASE */
120
121/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
122void pkcs7_parse_corrupted_signer_info( char *pkcs7_file )
123{
124 unsigned char *pkcs7_buf = NULL;
125 size_t buflen;
126 int res;
127
128 mbedtls_pkcs7 pkcs7;
129
130 mbedtls_pkcs7_init( &pkcs7 );
131
132 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
133 TEST_ASSERT( res == 0 );
134
135 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
136 TEST_ASSERT( res < 0 );
137
138exit:
139 mbedtls_free( pkcs7_buf );
140 mbedtls_pkcs7_free( &pkcs7 );
141}
142/* END_CASE */
143
144/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
145void pkcs7_parse_version( char *pkcs7_file )
146{
147 unsigned char *pkcs7_buf = NULL;
148 size_t buflen;
149 int res;
150
151 mbedtls_pkcs7 pkcs7;
152
153 mbedtls_pkcs7_init( &pkcs7 );
154
155 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
156 TEST_ASSERT( res == 0 );
157
158 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
159 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_VERSION );
160
161exit:
162 mbedtls_free( pkcs7_buf );
163 mbedtls_pkcs7_free( &pkcs7 );
164}
165/* END_CASE */
166
167/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
168void pkcs7_parse_content_oid( char *pkcs7_file )
169{
170 unsigned char *pkcs7_buf = NULL;
171 size_t buflen;
172 int res;
173 mbedtls_pkcs7 pkcs7;
174
175 mbedtls_pkcs7_init( &pkcs7 );
176
177 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen);
178 TEST_ASSERT( res == 0 );
179
180 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
181 TEST_ASSERT( res != 0 );
182 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE );
183exit:
184 mbedtls_free( pkcs7_buf );
185 mbedtls_pkcs7_free( &pkcs7 );
186}
187/* END_CASE */
188
189/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
190void pkcs7_verify( char *pkcs7_file, char *crt, char *filetobesigned )
191{
192 unsigned char *pkcs7_buf = NULL;
193 size_t buflen;
194 unsigned char *data = NULL;
195 struct stat st;
196 size_t datalen;
197 int res;
198 FILE *file;
199
200 mbedtls_pkcs7 pkcs7;
201 mbedtls_x509_crt x509;
202
203 mbedtls_pkcs7_init( &pkcs7 );
204 mbedtls_x509_crt_init( &x509 );
205
206 res = mbedtls_x509_crt_parse_file( &x509, crt );
207 TEST_ASSERT( res == 0 );
208
209 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
210 TEST_ASSERT( res == 0 );
211
212 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]213 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]214 mbedtls_free( pkcs7_buf );
215
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]216 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]217 TEST_ASSERT( res == 0 );
218
219 file = fopen( filetobesigned, "rb" );
220 TEST_ASSERT( file != NULL );
221
222 datalen = st.st_size;
223 data = mbedtls_calloc( datalen, 1 );
224 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
225 TEST_ASSERT( buflen == datalen);
226
227 fclose(file);
228
229 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
230 TEST_ASSERT( res == 0 );
231
232exit:
233 mbedtls_x509_crt_free( &x509 );
234 mbedtls_free( data );
235 mbedtls_pkcs7_free( &pkcs7 );
236}
237/* END_CASE */
238
239/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
240void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
241{
242 unsigned char *pkcs7_buf = NULL;
243 size_t buflen;
244 unsigned char *data = NULL;
245 unsigned char hash[32];
246 struct stat st;
247 size_t datalen;
248 int res;
249 FILE *file;
250 const mbedtls_md_info_t *md_info;
251 mbedtls_md_type_t md_alg;
252
253 mbedtls_pkcs7 pkcs7;
254 mbedtls_x509_crt x509;
255
256 mbedtls_pkcs7_init( &pkcs7 );
257 mbedtls_x509_crt_init( &x509 );
258
259 res = mbedtls_x509_crt_parse_file( &x509, crt );
260 TEST_ASSERT( res == 0 );
261
262 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
263 TEST_ASSERT( res == 0 );
264
265 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]266 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]267
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]268 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]269 TEST_ASSERT( res == 0 );
270
271 file = fopen( filetobesigned, "rb" );
272 TEST_ASSERT( file != NULL );
273
274 datalen = st.st_size;
275 data = mbedtls_calloc( datalen, 1 );
276 TEST_ASSERT( data != NULL);
277
278 buflen = fread( (void *)data , sizeof( unsigned char ), datalen, file );
279 TEST_ASSERT( buflen == datalen);
280 fclose( file );
281
282 res = mbedtls_oid_get_md_alg( &(pkcs7.signed_data.digest_alg_identifiers), &md_alg );
283 TEST_ASSERT( res == 0 );
284 TEST_ASSERT( md_alg == MBEDTLS_MD_SHA256 );
285
286 md_info = mbedtls_md_info_from_type( md_alg );
287
288 mbedtls_md( md_info, data, datalen, hash );
289
290 res = mbedtls_pkcs7_signed_hash_verify( &pkcs7, &x509, hash, sizeof(hash));
291 TEST_ASSERT( res == 0 );
292
293exit:
294 mbedtls_x509_crt_free( &x509 );
295 mbedtls_free( data );
296 mbedtls_pkcs7_free( &pkcs7 );
297 mbedtls_free( pkcs7_buf );
298}
299/* END_CASE */
300
301/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
302void pkcs7_verify_badcert( char *pkcs7_file, char *crt, char *filetobesigned )
303{
304 unsigned char *pkcs7_buf = NULL;
305 size_t buflen;
306 unsigned char *data = NULL;
307 struct stat st;
308 size_t datalen;
309 int res;
310 FILE *file;
311
312 mbedtls_pkcs7 pkcs7;
313 mbedtls_x509_crt x509;
314
315 mbedtls_pkcs7_init( &pkcs7 );
316 mbedtls_x509_crt_init( &x509 );
317
318 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
319 TEST_ASSERT( res == 0 );
320
321 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]322 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]323
324 res = mbedtls_x509_crt_parse_file( &x509, crt );
325 TEST_ASSERT( res == 0 );
326
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]327 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]328 TEST_ASSERT( res == 0 );
329
330 file = fopen( filetobesigned, "rb" );
331 TEST_ASSERT( file != NULL );
332
333 datalen = st.st_size;
334 data = mbedtls_calloc( datalen, 1 );
335 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
336 TEST_ASSERT( buflen == datalen);
337
338 fclose(file);
339
340 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
341 TEST_ASSERT( res != 0 );
342
343exit:
344 mbedtls_x509_crt_free( &x509 );
345 mbedtls_free( data );
346 mbedtls_pkcs7_free( &pkcs7 );
347 mbedtls_free( pkcs7_buf );
348}
349/* END_CASE */
350
351/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
352void pkcs7_verify_tampered_data( char *pkcs7_file, char *crt, char *filetobesigned )
353{
354 unsigned char *pkcs7_buf = NULL;
355 size_t buflen;
356 unsigned char *data = NULL;
357 struct stat st;
358 size_t datalen;
359 int res;
360 FILE *file;
361
362 mbedtls_pkcs7 pkcs7;
363 mbedtls_x509_crt x509;
364
365 mbedtls_pkcs7_init( &pkcs7 );
366 mbedtls_x509_crt_init( &x509 );
367
368 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
369 TEST_ASSERT( res == 0 );
370
371 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]372 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]373
374 res = mbedtls_x509_crt_parse_file( &x509, crt );
375 TEST_ASSERT( res == 0 );
376
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]377 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]378 TEST_ASSERT( res == 0 );
379
380 file = fopen( filetobesigned, "rb" );
381 TEST_ASSERT( file != NULL );
382
383 datalen = st.st_size;
384 data = mbedtls_calloc( datalen, 1 );
385 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
386 TEST_ASSERT( buflen == datalen);
387
388 fclose(file);
389
390 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
391 TEST_ASSERT( res != 0 );
392
393exit:
394 mbedtls_x509_crt_free( &x509 );
395 mbedtls_pkcs7_free( &pkcs7 );
396 mbedtls_free( data );
397 mbedtls_free( pkcs7_buf );
398}
399/* END_CASE */
400
401/* BEGIN_CASE */
402void pkcs7_parse_failure( char *pkcs7_file )
403{
404 unsigned char *pkcs7_buf = NULL;
405 size_t buflen;
406 int res;
407 mbedtls_pkcs7 pkcs7;
408
409 mbedtls_pkcs7_init( &pkcs7 );
410
411 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
412 TEST_ASSERT( res == 0 );
413
414 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
415 TEST_ASSERT( res != 0 );
416exit:
417 mbedtls_free( pkcs7_buf );
418 mbedtls_pkcs7_free( &pkcs7 );
419}
420/* END_CASE */