TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 8a10f666923ee7e43cbfbc11243088bd7bb97e61 / . / tests / suites / test_suite_pkcs7.function
blob: 01edadb5ff37d1f364da32e5a825385675abffd8 [file] [log] [blame]
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/bignum.h"
3#include "mbedtls/pkcs7.h"
4#include "mbedtls/x509.h"
5#include "mbedtls/x509_crt.h"
6#include "mbedtls/x509_crl.h"
7#include "mbedtls/oid.h"
8#include "sys/types.h"
9#include "sys/stat.h"
10/* END_HEADER */
11
12/* BEGIN_DEPENDENCIES
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]13 * depends_on:MBEDTLS_PKCS7_C
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]14 * END_DEPENDENCIES
15 */
16
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]17/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]18void pkcs7_parse( char *pkcs7_file )
19{
20 unsigned char *pkcs7_buf = NULL;
21 size_t buflen;
22 int res;
23
24 mbedtls_pkcs7 pkcs7;
25
26 mbedtls_pkcs7_init( &pkcs7 );
27
28 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
29 TEST_ASSERT( res == 0 );
30
31 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]32 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]33
34exit:
35 mbedtls_free( pkcs7_buf );
36 mbedtls_pkcs7_free( &pkcs7 );
37}
38/* END_CASE */
39
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]40/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]41void pkcs7_parse_without_cert( char *pkcs7_file )
42{
43 unsigned char *pkcs7_buf = NULL;
44 size_t buflen;
45 int res;
46
47 mbedtls_pkcs7 pkcs7;
48
49 mbedtls_pkcs7_init( &pkcs7 );
50
51 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
52 TEST_ASSERT( res == 0 );
53
54 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]55 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]56
57exit:
58 mbedtls_free( pkcs7_buf );
59 mbedtls_pkcs7_free( &pkcs7 );
60}
61/* END_CASE */
62
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]63/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]64void pkcs7_parse_multiple_signers( char *pkcs7_file )
65{
66 unsigned char *pkcs7_buf = NULL;
67 size_t buflen;
68 int res;
69
70 mbedtls_pkcs7 pkcs7;
71
72 mbedtls_pkcs7_init( &pkcs7 );
73
74 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
75 TEST_ASSERT( res == 0 );
76
77 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
78 TEST_ASSERT( res < 0 );
79
80 switch ( res ){
81 case MBEDTLS_ERR_PKCS7_INVALID_CERT:
82 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_CERT );
83 break;
84
85 case MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO:
86 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_SIGNER_INFO );
87 break;
88 default:
89 TEST_ASSERT(0);
90 }
91
92exit:
93 mbedtls_free( pkcs7_buf );
94 mbedtls_pkcs7_free( &pkcs7 );
95}
96/* END_CASE */
97
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]98/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]99void pkcs7_parse_corrupted_cert( char *pkcs7_file )
100{
101 unsigned char *pkcs7_buf = NULL;
102 size_t buflen;
103 int res;
104
105 mbedtls_pkcs7 pkcs7;
106
107 mbedtls_pkcs7_init( &pkcs7 );
108
109 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
110 TEST_ASSERT( res == 0 );
111
112 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
113 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_CERT );
114
115exit:
116 mbedtls_free( pkcs7_buf );
117 mbedtls_pkcs7_free( &pkcs7 );
118}
119/* END_CASE */
120
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]121/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]122void pkcs7_parse_corrupted_signer_info( char *pkcs7_file )
123{
124 unsigned char *pkcs7_buf = NULL;
125 size_t buflen;
126 int res;
127
128 mbedtls_pkcs7 pkcs7;
129
130 mbedtls_pkcs7_init( &pkcs7 );
131
132 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
133 TEST_ASSERT( res == 0 );
134
135 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
136 TEST_ASSERT( res < 0 );
137
138exit:
139 mbedtls_free( pkcs7_buf );
140 mbedtls_pkcs7_free( &pkcs7 );
141}
142/* END_CASE */
143
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]144/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]145void pkcs7_parse_version( char *pkcs7_file )
146{
147 unsigned char *pkcs7_buf = NULL;
148 size_t buflen;
149 int res;
150
151 mbedtls_pkcs7 pkcs7;
152
153 mbedtls_pkcs7_init( &pkcs7 );
154
155 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
156 TEST_ASSERT( res == 0 );
157
158 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
159 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_INVALID_VERSION );
160
161exit:
162 mbedtls_free( pkcs7_buf );
163 mbedtls_pkcs7_free( &pkcs7 );
164}
165/* END_CASE */
166
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]167/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]168void pkcs7_parse_content_oid( char *pkcs7_file )
169{
170 unsigned char *pkcs7_buf = NULL;
171 size_t buflen;
172 int res;
173 mbedtls_pkcs7 pkcs7;
174
175 mbedtls_pkcs7_init( &pkcs7 );
176
177 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen);
178 TEST_ASSERT( res == 0 );
179
180 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
181 TEST_ASSERT( res != 0 );
182 TEST_ASSERT( res == MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE );
183exit:
184 mbedtls_free( pkcs7_buf );
185 mbedtls_pkcs7_free( &pkcs7 );
186}
187/* END_CASE */
188
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]189/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]190void pkcs7_verify( char *pkcs7_file, char *crt, char *filetobesigned )
191{
192 unsigned char *pkcs7_buf = NULL;
193 size_t buflen;
194 unsigned char *data = NULL;
195 struct stat st;
196 size_t datalen;
197 int res;
198 FILE *file;
199
200 mbedtls_pkcs7 pkcs7;
201 mbedtls_x509_crt x509;
202
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]203 USE_PSA_INIT();
204
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]205 mbedtls_pkcs7_init( &pkcs7 );
206 mbedtls_x509_crt_init( &x509 );
207
208 res = mbedtls_x509_crt_parse_file( &x509, crt );
209 TEST_ASSERT( res == 0 );
210
211 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
212 TEST_ASSERT( res == 0 );
213
214 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]215 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]216 mbedtls_free( pkcs7_buf );
217
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]218 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]219 TEST_ASSERT( res == 0 );
220
221 file = fopen( filetobesigned, "rb" );
222 TEST_ASSERT( file != NULL );
223
224 datalen = st.st_size;
225 data = mbedtls_calloc( datalen, 1 );
226 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
227 TEST_ASSERT( buflen == datalen);
228
229 fclose(file);
230
231 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
232 TEST_ASSERT( res == 0 );
233
234exit:
235 mbedtls_x509_crt_free( &x509 );
236 mbedtls_free( data );
237 mbedtls_pkcs7_free( &pkcs7 );
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]238 USE_PSA_DONE();
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]239}
240/* END_CASE */
241
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]242/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C:MBEDTLS_SHA256_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]243void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
244{
245 unsigned char *pkcs7_buf = NULL;
246 size_t buflen;
247 unsigned char *data = NULL;
248 unsigned char hash[32];
249 struct stat st;
250 size_t datalen;
251 int res;
252 FILE *file;
253 const mbedtls_md_info_t *md_info;
254 mbedtls_md_type_t md_alg;
255
256 mbedtls_pkcs7 pkcs7;
257 mbedtls_x509_crt x509;
258
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]259 USE_PSA_INIT();
260
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]261 mbedtls_pkcs7_init( &pkcs7 );
262 mbedtls_x509_crt_init( &x509 );
263
264 res = mbedtls_x509_crt_parse_file( &x509, crt );
265 TEST_ASSERT( res == 0 );
266
267 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
268 TEST_ASSERT( res == 0 );
269
270 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]271 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]272
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]273 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]274 TEST_ASSERT( res == 0 );
275
276 file = fopen( filetobesigned, "rb" );
277 TEST_ASSERT( file != NULL );
278
279 datalen = st.st_size;
280 data = mbedtls_calloc( datalen, 1 );
281 TEST_ASSERT( data != NULL);
282
283 buflen = fread( (void *)data , sizeof( unsigned char ), datalen, file );
284 TEST_ASSERT( buflen == datalen);
285 fclose( file );
286
287 res = mbedtls_oid_get_md_alg( &(pkcs7.signed_data.digest_alg_identifiers), &md_alg );
288 TEST_ASSERT( res == 0 );
289 TEST_ASSERT( md_alg == MBEDTLS_MD_SHA256 );
290
291 md_info = mbedtls_md_info_from_type( md_alg );
292
Nick Child66718412022-02-22 17:19:59 -0600[diff] [blame]293 res = mbedtls_md( md_info, data, datalen, hash );
294 TEST_ASSERT( res == 0 );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]295
Nick Child66718412022-02-22 17:19:59 -0600[diff] [blame]296 res = mbedtls_pkcs7_signed_hash_verify( &pkcs7, &x509, hash, sizeof(hash) );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]297 TEST_ASSERT( res == 0 );
298
299exit:
300 mbedtls_x509_crt_free( &x509 );
301 mbedtls_free( data );
302 mbedtls_pkcs7_free( &pkcs7 );
303 mbedtls_free( pkcs7_buf );
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]304 USE_PSA_DONE();
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]305}
306/* END_CASE */
307
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]308/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]309void pkcs7_verify_badcert( char *pkcs7_file, char *crt, char *filetobesigned )
310{
311 unsigned char *pkcs7_buf = NULL;
312 size_t buflen;
313 unsigned char *data = NULL;
314 struct stat st;
315 size_t datalen;
316 int res;
317 FILE *file;
318
319 mbedtls_pkcs7 pkcs7;
320 mbedtls_x509_crt x509;
321
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]322 USE_PSA_INIT();
323
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]324 mbedtls_pkcs7_init( &pkcs7 );
325 mbedtls_x509_crt_init( &x509 );
326
327 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
328 TEST_ASSERT( res == 0 );
329
330 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]331 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]332
333 res = mbedtls_x509_crt_parse_file( &x509, crt );
334 TEST_ASSERT( res == 0 );
335
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]336 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]337 TEST_ASSERT( res == 0 );
338
339 file = fopen( filetobesigned, "rb" );
340 TEST_ASSERT( file != NULL );
341
342 datalen = st.st_size;
343 data = mbedtls_calloc( datalen, 1 );
344 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
345 TEST_ASSERT( buflen == datalen);
346
347 fclose(file);
348
349 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
350 TEST_ASSERT( res != 0 );
351
352exit:
353 mbedtls_x509_crt_free( &x509 );
354 mbedtls_free( data );
355 mbedtls_pkcs7_free( &pkcs7 );
356 mbedtls_free( pkcs7_buf );
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]357 USE_PSA_DONE();
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]358}
359/* END_CASE */
360
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]361/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]362void pkcs7_verify_tampered_data( char *pkcs7_file, char *crt, char *filetobesigned )
363{
364 unsigned char *pkcs7_buf = NULL;
365 size_t buflen;
366 unsigned char *data = NULL;
367 struct stat st;
368 size_t datalen;
369 int res;
370 FILE *file;
371
372 mbedtls_pkcs7 pkcs7;
373 mbedtls_x509_crt x509;
374
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]375 USE_PSA_INIT();
376
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]377 mbedtls_pkcs7_init( &pkcs7 );
378 mbedtls_x509_crt_init( &x509 );
379
380 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
381 TEST_ASSERT( res == 0 );
382
383 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]384 TEST_ASSERT( res == MBEDTLS_PKCS7_SIGNED_DATA );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]385
386 res = mbedtls_x509_crt_parse_file( &x509, crt );
387 TEST_ASSERT( res == 0 );
388
Nayna Jain673a2262020-12-14 22:44:49 +0000[diff] [blame]389 res = stat( filetobesigned, &st );
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]390 TEST_ASSERT( res == 0 );
391
392 file = fopen( filetobesigned, "rb" );
393 TEST_ASSERT( file != NULL );
394
395 datalen = st.st_size;
396 data = mbedtls_calloc( datalen, 1 );
397 buflen = fread( ( void * )data , sizeof( unsigned char ), datalen, file );
398 TEST_ASSERT( buflen == datalen);
399
400 fclose(file);
401
402 res = mbedtls_pkcs7_signed_data_verify( &pkcs7, &x509, data, datalen );
403 TEST_ASSERT( res != 0 );
404
405exit:
406 mbedtls_x509_crt_free( &x509 );
407 mbedtls_pkcs7_free( &pkcs7 );
408 mbedtls_free( data );
409 mbedtls_free( pkcs7_buf );
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame^]410 USE_PSA_DONE();
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]411}
412/* END_CASE */
413
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]414/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]415void pkcs7_parse_failure( char *pkcs7_file )
416{
417 unsigned char *pkcs7_buf = NULL;
418 size_t buflen;
419 int res;
420 mbedtls_pkcs7 pkcs7;
421
422 mbedtls_pkcs7_init( &pkcs7 );
423
424 res = mbedtls_pk_load_file( pkcs7_file, &pkcs7_buf, &buflen );
425 TEST_ASSERT( res == 0 );
426
427 res = mbedtls_pkcs7_parse_der( &pkcs7, pkcs7_buf, buflen );
428 TEST_ASSERT( res != 0 );
429exit:
430 mbedtls_free( pkcs7_buf );
431 mbedtls_pkcs7_free( &pkcs7 );
432}
433/* END_CASE */