First certificate writing test. Full server1.crt reconstruction

2024-11-24 17:28:08 +00:00 · 2013-09-08 15:58:15 +02:00 · 2013-09-08 15:58:15 +02:00 · 2397cf3ede
commit 2397cf3ede
parent 9c208aabc8
2 changed files with 70 additions and 0 deletions
--- a/tests/suites/test_suite_x509write.data
+++ b/tests/suites/test_suite_x509write.data
@ -25,3 +25,7 @@ x509_csr_check:"data_files/server1.key":POLARSSL_MD_MD4:"data_files/server1.req.
 Certificate Request check Server1 MD5
 depends_on:POLARSSL_MD5_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
 x509_csr_check:"data_files/server1.key":POLARSSL_MD_MD5:"data_files/server1.req.md5"
+
+Certificate write check Server1 SHA1
+depends_on:POLARSSL_SHA1_C:POLARSSL_RSA_C:POLARSSL_PKCS1_V15
+x509_crt_check:"data_files/server1.key":"":"C=NL,O=PolarSSL,CN=PolarSSL Server 1":"data_files/test-ca.key":"PolarSSLTest":"C=NL,O=PolarSSL,CN=PolarSSL Test CA":"1":"20110212144406":"20210212144406":POLARSSL_MD_SHA1:"data_files/server1.crt"
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@ -57,3 +57,69 @@ void x509_csr_check( char *key_file, int md_type,
    pem_free( &pem );
 }
 /* END_CASE */
+
+/* BEGIN_CASE */
+void x509_crt_check( char *subject_key_file, char *subject_pwd,
+                     char *subject_name, char *issuer_key_file,
+                     char *issuer_pwd, char *issuer_name,
+                     char *serial_str, char *not_before, char *not_after,
+                     int md_type, char *cert_check_file )
+{
+    rsa_context subject_rsa, issuer_rsa;
+    pem_context pem;
+    x509write_cert crt;
+    unsigned char *c;
+    unsigned char buf[4000];
+    unsigned char check_buf[5000];
+    mpi serial;
+    int ret;
+    size_t olen = 2000;
+    FILE *f;
+
+    mpi_init( &serial );
+    rsa_init( &subject_rsa, RSA_PKCS_V15, 0 );
+    rsa_init( &issuer_rsa, RSA_PKCS_V15, 0 );
+
+    TEST_ASSERT( x509parse_keyfile_rsa( &subject_rsa, subject_key_file,
+                                         subject_pwd ) == 0 );
+    TEST_ASSERT( x509parse_keyfile_rsa( &issuer_rsa, issuer_key_file,
+                                         issuer_pwd ) == 0 );
+    TEST_ASSERT( mpi_read_string( &serial, 10, serial_str ) == 0 );
+
+    x509write_crt_init( &crt );
+    x509write_crt_set_serial( &crt, &serial );
+    TEST_ASSERT( x509write_crt_set_validity( &crt, not_before,
+                                                   not_after ) == 0 );
+    x509write_crt_set_md_alg( &crt, md_type );
+    TEST_ASSERT( x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
+    TEST_ASSERT( x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
+    x509write_crt_set_subject_key( &crt, &subject_rsa );
+    x509write_crt_set_issuer_key( &crt, &issuer_rsa );
+
+    TEST_ASSERT( x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
+    TEST_ASSERT( x509write_crt_set_subject_key_identifier( &crt ) == 0 );
+    TEST_ASSERT( x509write_crt_set_authority_key_identifier( &crt ) == 0 );
+
+    ret = x509write_crt_der( &crt, buf, sizeof(buf) );
+    TEST_ASSERT( ret >= 0 );
+
+    c = buf + 3999 - ret;
+
+    f = fopen( cert_check_file, "r" );
+    TEST_ASSERT( f != NULL );
+    TEST_ASSERT( fread( check_buf, 1, sizeof(check_buf), f ) < sizeof(check_buf) );
+    fclose( f );
+
+    pem_init( &pem );
+    TEST_ASSERT( pem_read_buffer( &pem, "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----", check_buf, NULL, 0, &olen ) >= 0 );
+
+    TEST_ASSERT( pem.buflen == (size_t) ret );
+    TEST_ASSERT( memcmp( c, pem.buf, pem.buflen ) == 0 );
+
+    x509write_crt_free( &crt );
+    rsa_free( &issuer_rsa );
+    rsa_free( &subject_rsa );
+    pem_free( &pem );
+    mpi_free( &serial );
+}
+/* END_CASE */