TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 6759eb2c5f26c50d39a3d90b3950d31dacfb2dad / . / tests / suites / test_suite_pkcs7.function
blob: 4fc416ae7d2df45d40f762da2733d560efbb72ec [file] [log] [blame]
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]1/* BEGIN_HEADER */
2#include "mbedtls/bignum.h"
3#include "mbedtls/pkcs7.h"
4#include "mbedtls/x509.h"
5#include "mbedtls/x509_crt.h"
6#include "mbedtls/x509_crl.h"
7#include "mbedtls/oid.h"
8#include "sys/types.h"
9#include "sys/stat.h"
10/* END_HEADER */
11
12/* BEGIN_DEPENDENCIES
Dave Rodgman2364aae2022-11-04 11:33:04 +0000[diff] [blame]13 * depends_on:MBEDTLS_PKCS7_C:MBEDTLS_RSA_C
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]14 * END_DEPENDENCIES
15 */
16
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]17/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]18void pkcs7_parse(char *pkcs7_file, int res_expect)
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]19{
20 unsigned char *pkcs7_buf = NULL;
21 size_t buflen;
22 int res;
23
24 mbedtls_pkcs7 pkcs7;
25
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]26 mbedtls_pkcs7_init(&pkcs7);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]27
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]28 res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen);
29 TEST_EQUAL(res, 0);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]30
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]31 res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen);
32 TEST_EQUAL(res, res_expect);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]33
34exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]35 mbedtls_free(pkcs7_buf);
36 mbedtls_pkcs7_free(&pkcs7);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]37}
38/* END_CASE */
39
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]40/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]41void pkcs7_verify(char *pkcs7_file, char *crt, char *filetobesigned, int do_hash_alg,
42 int res_expect)
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]43{
44 unsigned char *pkcs7_buf = NULL;
45 size_t buflen;
46 unsigned char *data = NULL;
47 unsigned char hash[32];
48 struct stat st;
49 size_t datalen;
50 int res;
51 FILE *file;
52 const mbedtls_md_info_t *md_info;
53 mbedtls_md_type_t md_alg;
54
55 mbedtls_pkcs7 pkcs7;
56 mbedtls_x509_crt x509;
57
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]58 mbedtls_pkcs7_init(&pkcs7);
59 mbedtls_x509_crt_init(&x509);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]60
Gilles Peskine391005c2022-11-27 21:32:37 +0100[diff] [blame]61 USE_PSA_INIT();
62
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]63 res = mbedtls_x509_crt_parse_file(&x509, crt);
64 TEST_EQUAL(res, 0);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]65
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]66 res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen);
67 TEST_EQUAL(res, 0);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]68
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]69 res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen);
70 TEST_EQUAL(res, MBEDTLS_PKCS7_SIGNED_DATA);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]71
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]72 res = stat(filetobesigned, &st);
73 TEST_EQUAL(res, 0);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]74
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]75 file = fopen(filetobesigned, "rb");
76 TEST_ASSERT(file != NULL);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]77
78 datalen = st.st_size;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]79 ASSERT_ALLOC(data, datalen);
80 TEST_ASSERT(data != NULL);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]81
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]82 buflen = fread((void *) data, sizeof(unsigned char), datalen, file);
83 TEST_EQUAL(buflen, datalen);
84 fclose(file);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]85
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]86 if (do_hash_alg) {
87 res = mbedtls_oid_get_md_alg(&pkcs7.signed_data.digest_alg_identifiers, &md_alg);
88 TEST_EQUAL(res, 0);
89 TEST_EQUAL(md_alg, (mbedtls_md_type_t) do_hash_alg);
90 md_info = mbedtls_md_info_from_type(md_alg);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]91
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]92 res = mbedtls_md(md_info, data, datalen, hash);
93 TEST_EQUAL(res, 0);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]94
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]95 res = mbedtls_pkcs7_signed_hash_verify(&pkcs7, &x509, hash, sizeof(hash));
96 } else {
97 res = mbedtls_pkcs7_signed_data_verify(&pkcs7, &x509, data, datalen);
Nick Child8a94de42022-09-14 10:51:51 -0500[diff] [blame]98 }
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]99 TEST_EQUAL(res, res_expect);
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]100
101exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]102 mbedtls_x509_crt_free(&x509);
103 mbedtls_free(data);
104 mbedtls_pkcs7_free(&pkcs7);
105 mbedtls_free(pkcs7_buf);
Nick Child8a10f662022-06-06 12:18:40 -0500[diff] [blame]106 USE_PSA_DONE();
Nayna Jainc9deb182020-11-16 19:03:12 +0000[diff] [blame]107}
108/* END_CASE */
109
Nick Child45525d32022-02-25 11:54:34 -0600[diff] [blame]110/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]111void pkcs7_verify_multiple_signers(char *pkcs7_file,
112 char *crt1,
113 char *crt2,
114 char *filetobesigned,
115 int do_hash_alg,
116 int res_expect)
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]117{
118 unsigned char *pkcs7_buf = NULL;
119 size_t buflen;
120 unsigned char *data = NULL;
121 unsigned char hash[32];
122 struct stat st;
123 size_t datalen;
124 int res;
125 FILE *file;
126 const mbedtls_md_info_t *md_info;
127 mbedtls_md_type_t md_alg;
128
129 mbedtls_pkcs7 pkcs7;
130 mbedtls_x509_crt x509_1;
131 mbedtls_x509_crt x509_2;
132
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]133 mbedtls_pkcs7_init(&pkcs7);
134 mbedtls_x509_crt_init(&x509_1);
135 mbedtls_x509_crt_init(&x509_2);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]136
Gilles Peskine391005c2022-11-27 21:32:37 +0100[diff] [blame]137 USE_PSA_INIT();
138
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]139 res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen);
140 TEST_EQUAL(res, 0);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]141
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]142 res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen);
143 TEST_EQUAL(res, MBEDTLS_PKCS7_SIGNED_DATA);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]144
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]145 TEST_EQUAL(pkcs7.signed_data.no_of_signers, 2);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]146
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]147 res = mbedtls_x509_crt_parse_file(&x509_1, crt1);
148 TEST_EQUAL(res, 0);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]149
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]150 res = mbedtls_x509_crt_parse_file(&x509_2, crt2);
151 TEST_EQUAL(res, 0);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]152
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]153 res = stat(filetobesigned, &st);
154 TEST_EQUAL(res, 0);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]155
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]156 file = fopen(filetobesigned, "rb");
157 TEST_ASSERT(file != NULL);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]158
159 datalen = st.st_size;
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]160 ASSERT_ALLOC(data, datalen);
161 buflen = fread((void *) data, sizeof(unsigned char), datalen, file);
162 TEST_EQUAL(buflen, datalen);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]163
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]164 fclose(file);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]165
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]166 if (do_hash_alg) {
167 res = mbedtls_oid_get_md_alg(&pkcs7.signed_data.digest_alg_identifiers, &md_alg);
168 TEST_EQUAL(res, 0);
169 TEST_EQUAL(md_alg, MBEDTLS_MD_SHA256);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]170
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]171 md_info = mbedtls_md_info_from_type(md_alg);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]172
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]173 res = mbedtls_md(md_info, data, datalen, hash);
174 TEST_EQUAL(res, 0);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]175
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]176 res = mbedtls_pkcs7_signed_hash_verify(&pkcs7, &x509_1, hash, sizeof(hash));
177 TEST_EQUAL(res, res_expect);
178 } else {
179 res = mbedtls_pkcs7_signed_data_verify(&pkcs7, &x509_1, data, datalen);
180 TEST_EQUAL(res, res_expect);
Nick Child8a94de42022-09-14 10:51:51 -0500[diff] [blame]181 }
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]182
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]183 res = mbedtls_pkcs7_signed_data_verify(&pkcs7, &x509_2, data, datalen);
184 TEST_EQUAL(res, res_expect);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]185
186exit:
Gilles Peskine449bd832023-01-11 14:50:10 +0100[diff] [blame]187 mbedtls_x509_crt_free(&x509_1);
188 mbedtls_x509_crt_free(&x509_2);
189 mbedtls_pkcs7_free(&pkcs7);
190 mbedtls_free(data);
191 mbedtls_free(pkcs7_buf);
Nick Child62b2d7e2022-07-14 16:24:59 -0500[diff] [blame]192 USE_PSA_DONE();
193}
194/* END_CASE */