x509aux.c revision 1.1.1.2
1/* 2 * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL licenses, (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * https://www.openssl.org/source/license.html 8 * or in the file LICENSE in the source distribution. 9 */ 10 11#include <stdio.h> 12#include <string.h> 13#include <errno.h> 14 15#include <openssl/x509.h> 16#include <openssl/pem.h> 17#include <openssl/conf.h> 18#include <openssl/err.h> 19#include "internal/nelem.h" 20#include "testutil.h" 21 22static int test_certs(int num) 23{ 24 int c; 25 char *name = 0; 26 char *header = 0; 27 unsigned char *data = 0; 28 long len; 29 typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long); 30 typedef int (*i2d_X509_t)(X509 *, unsigned char **); 31 int err = 0; 32 BIO *fp = BIO_new_file(test_get_argument(num), "r"); 33 34 if (!TEST_ptr(fp)) 35 return 0; 36 37 for (c = 0; !err && PEM_read_bio(fp, &name, &header, &data, &len); ++c) { 38 const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0); 39 40 d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509; 41 i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509; 42 X509 *cert = NULL; 43 const unsigned char *p = data; 44 unsigned char *buf = NULL; 45 unsigned char *bufp; 46 long enclen; 47 48 if (!trusted 49 && strcmp(name, PEM_STRING_X509) != 0 50 && strcmp(name, PEM_STRING_X509_OLD) != 0) { 51 TEST_error("unexpected PEM object: %s", name); 52 err = 1; 53 goto next; 54 } 55 cert = d2i(NULL, &p, len); 56 57 if (cert == NULL || (p - data) != len) { 58 TEST_error("error parsing input %s", name); 59 err = 1; 60 goto next; 61 } 62 63 /* Test traditional 2-pass encoding into caller allocated buffer */ 64 enclen = i2d(cert, NULL); 65 if (len != enclen) { 66 TEST_error("encoded length %ld of %s != input length %ld", 67 enclen, name, len); 68 err = 1; 69 goto next; 70 } 71 if ((buf = bufp = OPENSSL_malloc(len)) == NULL) { 72 TEST_perror("malloc"); 73 err = 1; 74 goto next; 75 } 76 enclen = i2d(cert, &bufp); 77 if (len != enclen) { 78 TEST_error("encoded length %ld of %s != input length %ld", 79 enclen, name, len); 80 err = 1; 81 goto next; 82 } 83 enclen = (long) (bufp - buf); 84 if (enclen != len) { 85 TEST_error("unexpected buffer position after encoding %s", name); 86 err = 1; 87 goto next; 88 } 89 if (memcmp(buf, data, len) != 0) { 90 TEST_error("encoded content of %s does not match input", name); 91 err = 1; 92 goto next; 93 } 94 OPENSSL_free(buf); 95 buf = NULL; 96 97 /* Test 1-pass encoding into library allocated buffer */ 98 enclen = i2d(cert, &buf); 99 if (len != enclen) { 100 TEST_error("encoded length %ld of %s != input length %ld", 101 enclen, name, len); 102 err = 1; 103 goto next; 104 } 105 if (memcmp(buf, data, len) != 0) { 106 TEST_error("encoded content of %s does not match input", name); 107 err = 1; 108 goto next; 109 } 110 111 if (trusted) { 112 /* Encode just the cert and compare with initial encoding */ 113 OPENSSL_free(buf); 114 buf = NULL; 115 116 /* Test 1-pass encoding into library allocated buffer */ 117 enclen = i2d(cert, &buf); 118 if (enclen > len) { 119 TEST_error("encoded length %ld of %s > input length %ld", 120 enclen, name, len); 121 err = 1; 122 goto next; 123 } 124 if (memcmp(buf, data, enclen) != 0) { 125 TEST_error("encoded cert content does not match input"); 126 err = 1; 127 goto next; 128 } 129 } 130 131 /* 132 * If any of these were null, PEM_read() would have failed. 133 */ 134 next: 135 X509_free(cert); 136 OPENSSL_free(buf); 137 OPENSSL_free(name); 138 OPENSSL_free(header); 139 OPENSSL_free(data); 140 } 141 BIO_free(fp); 142 143 if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) { 144 /* Reached end of PEM file */ 145 if (c > 0) { 146 ERR_clear_error(); 147 return 1; 148 } 149 } 150 151 /* Some other PEM read error */ 152 return 0; 153} 154 155int setup_tests(void) 156{ 157 size_t n = test_get_argument_count(); 158 159 if (n == 0) { 160 TEST_error("usage: %s certfile...", test_get_program_name()); 161 return 0; 162 } 163 164 ADD_ALL_TESTS(test_certs, (int)n); 165 return 1; 166} 167