TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6671841d919beb38ba3d1abc08d93cce8af3314f / . / tests / suites / test_suite_pkcs7.function
blob: e2d76f36a9bb14e02c5412a3b1645ad1e88e324f [file] [log] [blame]
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/bignum.h"
3#include "mbedtls/pkcs7.h"
4#include "mbedtls/x509.h"
5#include "mbedtls/x509_crt.h"
6#include "mbedtls/x509_crl.h"
7#include "mbedtls/oid.h"
8#include "sys/types.h"
9#include "sys/stat.h"
10/* END_HEADER */
11
12/* BEGIN_DEPENDENCIES
13 * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_FS_IO
14 * END_DEPENDENCIES
15 */
16
17/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
18void pkcs7_parse( char *pkcs7_file )
19{
20 unsigned char *pkcs7_buf = NULL;
21 size_t buflen;
22 int res;
23
24 mbedtls_pkcs7 pkcs7;
25
26 mbedtls_pkcs7_init( &pkcs7 );
27
28 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
29 TEST_ASSERT( res == 0 );
30
31 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]32 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]33
34exit:
35 mbedtls_free( pkcs7_buf );
36 mbedtls_pkcs7_free( &pkcs7 );
37}
38/* END_CASE */
39
40/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C*/
41void pkcs7_parse_without_cert( char *pkcs7_file )
42{
43 unsigned char *pkcs7_buf = NULL;
44 size_t buflen;
45 int res;
46
47 mbedtls_pkcs7 pkcs7;
48
49 mbedtls_pkcs7_init( &pkcs7 );
50
51 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
52 TEST_ASSERT( res == 0 );
53
54 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]55 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]56
57exit:
58 mbedtls_free( pkcs7_buf );
59 mbedtls_pkcs7_free( &pkcs7 );
60}
61/* END_CASE */
62
63/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
64void pkcs7_parse_multiple_signers( char *pkcs7_file )
65{
66 unsigned char *pkcs7_buf = NULL;
67 size_t buflen;
68 int res;
69
70 mbedtls_pkcs7 pkcs7;
71
72 mbedtls_pkcs7_init( &pkcs7 );
73
74 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
75 TEST_ASSERT( res == 0 );
76
77 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
78 TEST_ASSERT( res < 0 );
79
80 switch ( res ){
81 case MBEDTLS_ERR_PKCS7_INVALID_CERT:
82 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_CERT );
83 break;
84
85 case MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO:
86 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO );
87 break;
88 default:
89 TEST_ASSERT(0);
90 }
91
92exit:
93 mbedtls_free( pkcs7_buf );
94 mbedtls_pkcs7_free( &pkcs7 );
95}
96/* END_CASE */
97
98/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
99void pkcs7_parse_corrupted_cert( char *pkcs7_file )
100{
101 unsigned char *pkcs7_buf = NULL;
102 size_t buflen;
103 int res;
104
105 mbedtls_pkcs7 pkcs7;
106
107 mbedtls_pkcs7_init( &pkcs7 );
108
109 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
110 TEST_ASSERT( res == 0 );
111
112 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
113 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_CERT );
114
115exit:
116 mbedtls_free( pkcs7_buf );
117 mbedtls_pkcs7_free( &pkcs7 );
118}
119/* END_CASE */
120
121/* BEGIN_CASE depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
122void pkcs7_parse_corrupted_signer_info( char *pkcs7_file )
123{
124 unsigned char *pkcs7_buf = NULL;
125 size_t buflen;
126 int res;
127
128 mbedtls_pkcs7 pkcs7;
129
130 mbedtls_pkcs7_init( &pkcs7 );
131
132 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
133 TEST_ASSERT( res == 0 );
134
135 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
136 TEST_ASSERT( res < 0 );
137
138exit:
139 mbedtls_free( pkcs7_buf );
140 mbedtls_pkcs7_free( &pkcs7 );
141}
142/* END_CASE */
143
144/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
145void pkcs7_parse_version( char *pkcs7_file )
146{
147 unsigned char *pkcs7_buf = NULL;
148 size_t buflen;
149 int res;
150
151 mbedtls_pkcs7 pkcs7;
152
153 mbedtls_pkcs7_init( &pkcs7 );
154
155 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
156 TEST_ASSERT( res == 0 );
157
158 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
159 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_VERSION );
160
161exit:
162 mbedtls_free( pkcs7_buf );
163 mbedtls_pkcs7_free( &pkcs7 );
164}
165/* END_CASE */
166
167/* BEGIN_CASE depends_on:MBEDTLS_SHA256_C */
168void pkcs7_parse_content_oid( char *pkcs7_file )
169{
170 unsigned char *pkcs7_buf = NULL;
171 size_t buflen;
172 int res;
173 mbedtls_pkcs7 pkcs7;
174
175 mbedtls_pkcs7_init( &pkcs7 );
176
177 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen);
178 TEST_ASSERT( res == 0 );
179
180 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
181 TEST_ASSERT( res != 0 );
182 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE );
183exit:
184 mbedtls_free( pkcs7_buf );
185 mbedtls_pkcs7_free( &pkcs7 );
186}
187/* END_CASE */
188
189/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
190void pkcs7_verify( char *pkcs7_file, char *crt, char *filetobesigned )
191{
192 unsigned char *pkcs7_buf = NULL;
193 size_t buflen;
194 unsigned char *data = NULL;
195 struct stat st;
196 size_t datalen;
197 int res;
198 FILE *file;
199
200 mbedtls_pkcs7 pkcs7;
201 mbedtls_x509_crt x509;
202
203 mbedtls_pkcs7_init( &pkcs7 );
204 mbedtls_x509_crt_init( &x509 );
205
206 res = mbedtls_x509_crt_parse_file( &x509, crt );
207 TEST_ASSERT( res == 0 );
208
209 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
210 TEST_ASSERT( res == 0 );
211
212 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]213 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]214 mbedtls_free( pkcs7_buf );
215
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]216 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]217 TEST_ASSERT( res == 0 );
218
219 file = fopen( filetobesigned, "rb" );
220 TEST_ASSERT( file != NULL );
221
222 datalen = st.st_size;
223 data = mbedtls_calloc( datalen, 1 );
224 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
225 TEST_ASSERT( buflen == datalen);
226
227 fclose(file);
228
229 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
230 TEST_ASSERT( res == 0 );
231
232exit:
233 mbedtls_x509_crt_free( &x509 );
234 mbedtls_free( data );
235 mbedtls_pkcs7_free( &pkcs7 );
236}
237/* END_CASE */
238
239/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
240void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
241{
242 unsigned char *pkcs7_buf = NULL;
243 size_t buflen;
244 unsigned char *data = NULL;
245 unsigned char hash[32];
246 struct stat st;
247 size_t datalen;
248 int res;
249 FILE *file;
250 const mbedtls_md_info_t *md_info;
251 mbedtls_md_type_t md_alg;
252
253 mbedtls_pkcs7 pkcs7;
254 mbedtls_x509_crt x509;
255
256 mbedtls_pkcs7_init( &pkcs7 );
257 mbedtls_x509_crt_init( &x509 );
258
259 res = mbedtls_x509_crt_parse_file( &x509, crt );
260 TEST_ASSERT( res == 0 );
261
262 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
263 TEST_ASSERT( res == 0 );
264
265 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]266 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]267
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]268 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]269 TEST_ASSERT( res == 0 );
270
271 file = fopen( filetobesigned, "rb" );
272 TEST_ASSERT( file != NULL );
273
274 datalen = st.st_size;
275 data = mbedtls_calloc( datalen, 1 );
276 TEST_ASSERT( data != NULL);
277
278 buflen = fread( (void *)data , sizeof( unsigned char ), datalen, file );
279 TEST_ASSERT( buflen == datalen);
280 fclose( file );
281
282 res = mbedtls_oid_get_md_alg( &(pkcs7.signed_data.digest_alg_identifiers), &md_alg );
283 TEST_ASSERT( res == 0 );
284 TEST_ASSERT( md_alg == MBEDTLS_MD_SHA256 );
285
286 md_info = mbedtls_md_info_from_type( md_alg );
287
Nick Child66718412022-02-22 17:19:59 -0600[diff] [blame^]288 res = mbedtls_md( md_info, data, datalen, hash );
289 TEST_ASSERT( res == 0 );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]290
Nick Child66718412022-02-22 17:19:59 -0600[diff] [blame^]291 res = mbedtls_pkcs7_signed_hash_verify( &pkcs7, &x509, hash, sizeof(hash) );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]292 TEST_ASSERT( res == 0 );
293
294exit:
295 mbedtls_x509_crt_free( &x509 );
296 mbedtls_free( data );
297 mbedtls_pkcs7_free( &pkcs7 );
298 mbedtls_free( pkcs7_buf );
299}
300/* END_CASE */
301
302/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
303void pkcs7_verify_badcert( char *pkcs7_file, char *crt, char *filetobesigned )
304{
305 unsigned char *pkcs7_buf = NULL;
306 size_t buflen;
307 unsigned char *data = NULL;
308 struct stat st;
309 size_t datalen;
310 int res;
311 FILE *file;
312
313 mbedtls_pkcs7 pkcs7;
314 mbedtls_x509_crt x509;
315
316 mbedtls_pkcs7_init( &pkcs7 );
317 mbedtls_x509_crt_init( &x509 );
318
319 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
320 TEST_ASSERT( res == 0 );
321
322 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]323 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]324
325 res = mbedtls_x509_crt_parse_file( &x509, crt );
326 TEST_ASSERT( res == 0 );
327
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]328 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]329 TEST_ASSERT( res == 0 );
330
331 file = fopen( filetobesigned, "rb" );
332 TEST_ASSERT( file != NULL );
333
334 datalen = st.st_size;
335 data = mbedtls_calloc( datalen, 1 );
336 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
337 TEST_ASSERT( buflen == datalen);
338
339 fclose(file);
340
341 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
342 TEST_ASSERT( res != 0 );
343
344exit:
345 mbedtls_x509_crt_free( &x509 );
346 mbedtls_free( data );
347 mbedtls_pkcs7_free( &pkcs7 );
348 mbedtls_free( pkcs7_buf );
349}
350/* END_CASE */
351
352/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_PEM_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
353void pkcs7_verify_tampered_data( char *pkcs7_file, char *crt, char *filetobesigned )
354{
355 unsigned char *pkcs7_buf = NULL;
356 size_t buflen;
357 unsigned char *data = NULL;
358 struct stat st;
359 size_t datalen;
360 int res;
361 FILE *file;
362
363 mbedtls_pkcs7 pkcs7;
364 mbedtls_x509_crt x509;
365
366 mbedtls_pkcs7_init( &pkcs7 );
367 mbedtls_x509_crt_init( &x509 );
368
369 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
370 TEST_ASSERT( res == 0 );
371
372 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]373 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]374
375 res = mbedtls_x509_crt_parse_file( &x509, crt );
376 TEST_ASSERT( res == 0 );
377
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]378 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]379 TEST_ASSERT( res == 0 );
380
381 file = fopen( filetobesigned, "rb" );
382 TEST_ASSERT( file != NULL );
383
384 datalen = st.st_size;
385 data = mbedtls_calloc( datalen, 1 );
386 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
387 TEST_ASSERT( buflen == datalen);
388
389 fclose(file);
390
391 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
392 TEST_ASSERT( res != 0 );
393
394exit:
395 mbedtls_x509_crt_free( &x509 );
396 mbedtls_pkcs7_free( &pkcs7 );
397 mbedtls_free( data );
398 mbedtls_free( pkcs7_buf );
399}
400/* END_CASE */
401
402/* BEGIN_CASE */
403void pkcs7_parse_failure( char *pkcs7_file )
404{
405 unsigned char *pkcs7_buf = NULL;
406 size_t buflen;
407 int res;
408 mbedtls_pkcs7 pkcs7;
409
410 mbedtls_pkcs7_init( &pkcs7 );
411
412 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
413 TEST_ASSERT( res == 0 );
414
415 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
416 TEST_ASSERT( res != 0 );
417exit:
418 mbedtls_free( pkcs7_buf );
419 mbedtls_pkcs7_free( &pkcs7 );
420}
421/* END_CASE */