1a8e1175bSopenharmony_ci/* BEGIN_HEADER */ 2a8e1175bSopenharmony_ci#include "mbedtls/bignum.h" 3a8e1175bSopenharmony_ci#include "mbedtls/x509.h" 4a8e1175bSopenharmony_ci#include "mbedtls/x509_crt.h" 5a8e1175bSopenharmony_ci#include "mbedtls/x509_crl.h" 6a8e1175bSopenharmony_ci#include "mbedtls/x509_csr.h" 7a8e1175bSopenharmony_ci#include "x509_internal.h" 8a8e1175bSopenharmony_ci#include "mbedtls/pem.h" 9a8e1175bSopenharmony_ci#include "mbedtls/oid.h" 10a8e1175bSopenharmony_ci#include "mbedtls/base64.h" 11a8e1175bSopenharmony_ci#include "mbedtls/error.h" 12a8e1175bSopenharmony_ci#include "mbedtls/pk.h" 13a8e1175bSopenharmony_ci#include "string.h" 14a8e1175bSopenharmony_ci 15a8e1175bSopenharmony_ci#if MBEDTLS_X509_MAX_INTERMEDIATE_CA > 19 16a8e1175bSopenharmony_ci#error "The value of MBEDTLS_X509_MAX_INTERMEDIATE_C is larger \ 17a8e1175bSopenharmony_ci than the current threshold 19. To test larger values, please \ 18a8e1175bSopenharmony_ci adapt the script tests/data_files/dir-max/long.sh." 19a8e1175bSopenharmony_ci#endif 20a8e1175bSopenharmony_ci 21a8e1175bSopenharmony_ci/* Test-only profile allowing all digests, PK algorithms, and curves. */ 22a8e1175bSopenharmony_ciconst mbedtls_x509_crt_profile profile_all = 23a8e1175bSopenharmony_ci{ 24a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any MD */ 25a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any PK alg */ 26a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any curve */ 27a8e1175bSopenharmony_ci 1024, 28a8e1175bSopenharmony_ci}; 29a8e1175bSopenharmony_ci 30a8e1175bSopenharmony_ci/* Profile for backward compatibility. Allows SHA-1, unlike the default 31a8e1175bSopenharmony_ci profile. */ 32a8e1175bSopenharmony_ciconst mbedtls_x509_crt_profile compat_profile = 33a8e1175bSopenharmony_ci{ 34a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA1) | 35a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_RIPEMD160) | 36a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA224) | 37a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | 38a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | 39a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 40a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any PK alg */ 41a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any curve */ 42a8e1175bSopenharmony_ci 1024, 43a8e1175bSopenharmony_ci}; 44a8e1175bSopenharmony_ci 45a8e1175bSopenharmony_ciconst mbedtls_x509_crt_profile profile_rsa3072 = 46a8e1175bSopenharmony_ci{ 47a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA256) | 48a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA384) | 49a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 50a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_PK_RSA), 51a8e1175bSopenharmony_ci 0, 52a8e1175bSopenharmony_ci 3072, 53a8e1175bSopenharmony_ci}; 54a8e1175bSopenharmony_ci 55a8e1175bSopenharmony_ciconst mbedtls_x509_crt_profile profile_sha512 = 56a8e1175bSopenharmony_ci{ 57a8e1175bSopenharmony_ci MBEDTLS_X509_ID_FLAG(MBEDTLS_MD_SHA512), 58a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any PK alg */ 59a8e1175bSopenharmony_ci 0xFFFFFFFF, /* Any curve */ 60a8e1175bSopenharmony_ci 1024, 61a8e1175bSopenharmony_ci}; 62a8e1175bSopenharmony_ci 63a8e1175bSopenharmony_ciint verify_none(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) 64a8e1175bSopenharmony_ci{ 65a8e1175bSopenharmony_ci ((void) data); 66a8e1175bSopenharmony_ci ((void) crt); 67a8e1175bSopenharmony_ci ((void) certificate_depth); 68a8e1175bSopenharmony_ci *flags |= MBEDTLS_X509_BADCERT_OTHER; 69a8e1175bSopenharmony_ci 70a8e1175bSopenharmony_ci return 0; 71a8e1175bSopenharmony_ci} 72a8e1175bSopenharmony_ci 73a8e1175bSopenharmony_ciint verify_all(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) 74a8e1175bSopenharmony_ci{ 75a8e1175bSopenharmony_ci ((void) data); 76a8e1175bSopenharmony_ci ((void) crt); 77a8e1175bSopenharmony_ci ((void) certificate_depth); 78a8e1175bSopenharmony_ci *flags = 0; 79a8e1175bSopenharmony_ci 80a8e1175bSopenharmony_ci return 0; 81a8e1175bSopenharmony_ci} 82a8e1175bSopenharmony_ci 83a8e1175bSopenharmony_ci#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 84a8e1175bSopenharmony_ciint ca_callback_fail(void *data, mbedtls_x509_crt const *child, mbedtls_x509_crt **candidates) 85a8e1175bSopenharmony_ci{ 86a8e1175bSopenharmony_ci ((void) data); 87a8e1175bSopenharmony_ci ((void) child); 88a8e1175bSopenharmony_ci ((void) candidates); 89a8e1175bSopenharmony_ci 90a8e1175bSopenharmony_ci return -1; 91a8e1175bSopenharmony_ci} 92a8e1175bSopenharmony_ci#if defined(MBEDTLS_X509_CRT_PARSE_C) 93a8e1175bSopenharmony_ciint ca_callback(void *data, mbedtls_x509_crt const *child, 94a8e1175bSopenharmony_ci mbedtls_x509_crt **candidates) 95a8e1175bSopenharmony_ci{ 96a8e1175bSopenharmony_ci int ret = 0; 97a8e1175bSopenharmony_ci mbedtls_x509_crt *ca = (mbedtls_x509_crt *) data; 98a8e1175bSopenharmony_ci mbedtls_x509_crt *first; 99a8e1175bSopenharmony_ci 100a8e1175bSopenharmony_ci /* This is a test-only implementation of the CA callback 101a8e1175bSopenharmony_ci * which always returns the entire list of trusted certificates. 102a8e1175bSopenharmony_ci * Production implementations managing a large number of CAs 103a8e1175bSopenharmony_ci * should use an efficient presentation and lookup for the 104a8e1175bSopenharmony_ci * set of trusted certificates (such as a hashtable) and only 105a8e1175bSopenharmony_ci * return those trusted certificates which satisfy basic 106a8e1175bSopenharmony_ci * parental checks, such as the matching of child `Issuer` 107a8e1175bSopenharmony_ci * and parent `Subject` field. */ 108a8e1175bSopenharmony_ci ((void) child); 109a8e1175bSopenharmony_ci 110a8e1175bSopenharmony_ci first = mbedtls_calloc(1, sizeof(mbedtls_x509_crt)); 111a8e1175bSopenharmony_ci if (first == NULL) { 112a8e1175bSopenharmony_ci ret = -1; 113a8e1175bSopenharmony_ci goto exit; 114a8e1175bSopenharmony_ci } 115a8e1175bSopenharmony_ci mbedtls_x509_crt_init(first); 116a8e1175bSopenharmony_ci 117a8e1175bSopenharmony_ci if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { 118a8e1175bSopenharmony_ci ret = -1; 119a8e1175bSopenharmony_ci goto exit; 120a8e1175bSopenharmony_ci } 121a8e1175bSopenharmony_ci 122a8e1175bSopenharmony_ci while (ca->next != NULL) { 123a8e1175bSopenharmony_ci ca = ca->next; 124a8e1175bSopenharmony_ci if (mbedtls_x509_crt_parse_der(first, ca->raw.p, ca->raw.len) != 0) { 125a8e1175bSopenharmony_ci ret = -1; 126a8e1175bSopenharmony_ci goto exit; 127a8e1175bSopenharmony_ci } 128a8e1175bSopenharmony_ci } 129a8e1175bSopenharmony_ci 130a8e1175bSopenharmony_ciexit: 131a8e1175bSopenharmony_ci 132a8e1175bSopenharmony_ci if (ret != 0) { 133a8e1175bSopenharmony_ci mbedtls_x509_crt_free(first); 134a8e1175bSopenharmony_ci mbedtls_free(first); 135a8e1175bSopenharmony_ci first = NULL; 136a8e1175bSopenharmony_ci } 137a8e1175bSopenharmony_ci 138a8e1175bSopenharmony_ci *candidates = first; 139a8e1175bSopenharmony_ci return ret; 140a8e1175bSopenharmony_ci} 141a8e1175bSopenharmony_ci#endif /* MBEDTLS_X509_CRT_PARSE_C */ 142a8e1175bSopenharmony_ci#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 143a8e1175bSopenharmony_ci 144a8e1175bSopenharmony_ciint verify_fatal(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) 145a8e1175bSopenharmony_ci{ 146a8e1175bSopenharmony_ci int *levels = (int *) data; 147a8e1175bSopenharmony_ci 148a8e1175bSopenharmony_ci ((void) crt); 149a8e1175bSopenharmony_ci ((void) certificate_depth); 150a8e1175bSopenharmony_ci 151a8e1175bSopenharmony_ci /* Simulate a fatal error in the callback */ 152a8e1175bSopenharmony_ci if (*levels & (1 << certificate_depth)) { 153a8e1175bSopenharmony_ci *flags |= (1 << certificate_depth); 154a8e1175bSopenharmony_ci return -1 - certificate_depth; 155a8e1175bSopenharmony_ci } 156a8e1175bSopenharmony_ci 157a8e1175bSopenharmony_ci return 0; 158a8e1175bSopenharmony_ci} 159a8e1175bSopenharmony_ci 160a8e1175bSopenharmony_ci/* strsep() not available on Windows */ 161a8e1175bSopenharmony_cichar *mystrsep(char **stringp, const char *delim) 162a8e1175bSopenharmony_ci{ 163a8e1175bSopenharmony_ci const char *p; 164a8e1175bSopenharmony_ci char *ret = *stringp; 165a8e1175bSopenharmony_ci 166a8e1175bSopenharmony_ci if (*stringp == NULL) { 167a8e1175bSopenharmony_ci return NULL; 168a8e1175bSopenharmony_ci } 169a8e1175bSopenharmony_ci 170a8e1175bSopenharmony_ci for (;; (*stringp)++) { 171a8e1175bSopenharmony_ci if (**stringp == '\0') { 172a8e1175bSopenharmony_ci *stringp = NULL; 173a8e1175bSopenharmony_ci goto done; 174a8e1175bSopenharmony_ci } 175a8e1175bSopenharmony_ci 176a8e1175bSopenharmony_ci for (p = delim; *p != '\0'; p++) { 177a8e1175bSopenharmony_ci if (**stringp == *p) { 178a8e1175bSopenharmony_ci **stringp = '\0'; 179a8e1175bSopenharmony_ci (*stringp)++; 180a8e1175bSopenharmony_ci goto done; 181a8e1175bSopenharmony_ci } 182a8e1175bSopenharmony_ci } 183a8e1175bSopenharmony_ci } 184a8e1175bSopenharmony_ci 185a8e1175bSopenharmony_cidone: 186a8e1175bSopenharmony_ci return ret; 187a8e1175bSopenharmony_ci} 188a8e1175bSopenharmony_ci 189a8e1175bSopenharmony_ci#if defined(MBEDTLS_X509_CRT_PARSE_C) 190a8e1175bSopenharmony_citypedef struct { 191a8e1175bSopenharmony_ci char buf[512]; 192a8e1175bSopenharmony_ci char *p; 193a8e1175bSopenharmony_ci} verify_print_context; 194a8e1175bSopenharmony_ci 195a8e1175bSopenharmony_civoid verify_print_init(verify_print_context *ctx) 196a8e1175bSopenharmony_ci{ 197a8e1175bSopenharmony_ci memset(ctx, 0, sizeof(verify_print_context)); 198a8e1175bSopenharmony_ci ctx->p = ctx->buf; 199a8e1175bSopenharmony_ci} 200a8e1175bSopenharmony_ci 201a8e1175bSopenharmony_ciint verify_print(void *data, mbedtls_x509_crt *crt, int certificate_depth, uint32_t *flags) 202a8e1175bSopenharmony_ci{ 203a8e1175bSopenharmony_ci int ret; 204a8e1175bSopenharmony_ci verify_print_context *ctx = (verify_print_context *) data; 205a8e1175bSopenharmony_ci char *p = ctx->p; 206a8e1175bSopenharmony_ci size_t n = ctx->buf + sizeof(ctx->buf) - ctx->p; 207a8e1175bSopenharmony_ci ((void) flags); 208a8e1175bSopenharmony_ci 209a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "depth %d - serial ", certificate_depth); 210a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 211a8e1175bSopenharmony_ci 212a8e1175bSopenharmony_ci ret = mbedtls_x509_serial_gets(p, n, &crt->serial); 213a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 214a8e1175bSopenharmony_ci 215a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, " - subject "); 216a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 217a8e1175bSopenharmony_ci 218a8e1175bSopenharmony_ci ret = mbedtls_x509_dn_gets(p, n, &crt->subject); 219a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 220a8e1175bSopenharmony_ci 221a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, " - flags 0x%08x\n", *flags); 222a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 223a8e1175bSopenharmony_ci 224a8e1175bSopenharmony_ci ctx->p = p; 225a8e1175bSopenharmony_ci 226a8e1175bSopenharmony_ci return 0; 227a8e1175bSopenharmony_ci} 228a8e1175bSopenharmony_ci 229a8e1175bSopenharmony_ciint verify_parse_san(mbedtls_x509_subject_alternative_name *san, 230a8e1175bSopenharmony_ci char **buf, size_t *size) 231a8e1175bSopenharmony_ci{ 232a8e1175bSopenharmony_ci int ret; 233a8e1175bSopenharmony_ci size_t i; 234a8e1175bSopenharmony_ci char *p = *buf; 235a8e1175bSopenharmony_ci size_t n = *size; 236a8e1175bSopenharmony_ci 237a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "type : %d", san->type); 238a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 239a8e1175bSopenharmony_ci 240a8e1175bSopenharmony_ci switch (san->type) { 241a8e1175bSopenharmony_ci case (MBEDTLS_X509_SAN_OTHER_NAME): 242a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "\notherName :"); 243a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 244a8e1175bSopenharmony_ci 245a8e1175bSopenharmony_ci if (MBEDTLS_OID_CMP(MBEDTLS_OID_ON_HW_MODULE_NAME, 246a8e1175bSopenharmony_ci &san->san.other_name.type_id) == 0) { 247a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, " hardware module name :"); 248a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 249a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, " hardware type : "); 250a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 251a8e1175bSopenharmony_ci 252a8e1175bSopenharmony_ci ret = mbedtls_oid_get_numeric_string(p, 253a8e1175bSopenharmony_ci n, 254a8e1175bSopenharmony_ci &san->san.other_name.value.hardware_module_name 255a8e1175bSopenharmony_ci .oid); 256a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 257a8e1175bSopenharmony_ci 258a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, ", hardware serial number : "); 259a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 260a8e1175bSopenharmony_ci 261a8e1175bSopenharmony_ci for (i = 0; i < san->san.other_name.value.hardware_module_name.val.len; i++) { 262a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, 263a8e1175bSopenharmony_ci n, 264a8e1175bSopenharmony_ci "%02X", 265a8e1175bSopenharmony_ci san->san.other_name.value.hardware_module_name.val.p[i]); 266a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 267a8e1175bSopenharmony_ci } 268a8e1175bSopenharmony_ci } 269a8e1175bSopenharmony_ci break;/* MBEDTLS_OID_ON_HW_MODULE_NAME */ 270a8e1175bSopenharmony_ci case (MBEDTLS_X509_SAN_DNS_NAME): 271a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "\ndNSName : "); 272a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 273a8e1175bSopenharmony_ci if (san->san.unstructured_name.len >= n) { 274a8e1175bSopenharmony_ci *p = '\0'; 275a8e1175bSopenharmony_ci return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; 276a8e1175bSopenharmony_ci } 277a8e1175bSopenharmony_ci n -= san->san.unstructured_name.len; 278a8e1175bSopenharmony_ci for (i = 0; i < san->san.unstructured_name.len; i++) { 279a8e1175bSopenharmony_ci *p++ = san->san.unstructured_name.p[i]; 280a8e1175bSopenharmony_ci } 281a8e1175bSopenharmony_ci break;/* MBEDTLS_X509_SAN_DNS_NAME */ 282a8e1175bSopenharmony_ci case (MBEDTLS_X509_SAN_RFC822_NAME): 283a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "\nrfc822Name : "); 284a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 285a8e1175bSopenharmony_ci if (san->san.unstructured_name.len >= n) { 286a8e1175bSopenharmony_ci *p = '\0'; 287a8e1175bSopenharmony_ci return MBEDTLS_ERR_X509_BUFFER_TOO_SMALL; 288a8e1175bSopenharmony_ci } 289a8e1175bSopenharmony_ci n -= san->san.unstructured_name.len; 290a8e1175bSopenharmony_ci for (i = 0; i < san->san.unstructured_name.len; i++) { 291a8e1175bSopenharmony_ci *p++ = san->san.unstructured_name.p[i]; 292a8e1175bSopenharmony_ci } 293a8e1175bSopenharmony_ci break;/* MBEDTLS_X509_SAN_RFC822_NAME */ 294a8e1175bSopenharmony_ci case (MBEDTLS_X509_SAN_DIRECTORY_NAME): 295a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "\ndirectoryName : "); 296a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 297a8e1175bSopenharmony_ci ret = mbedtls_x509_dn_gets(p, n, &san->san.directory_name); 298a8e1175bSopenharmony_ci if (ret < 0) { 299a8e1175bSopenharmony_ci return ret; 300a8e1175bSopenharmony_ci } 301a8e1175bSopenharmony_ci 302a8e1175bSopenharmony_ci p += ret; 303a8e1175bSopenharmony_ci n -= ret; 304a8e1175bSopenharmony_ci break;/* MBEDTLS_X509_SAN_DIRECTORY_NAME */ 305a8e1175bSopenharmony_ci default: 306a8e1175bSopenharmony_ci /* 307a8e1175bSopenharmony_ci * Should not happen. 308a8e1175bSopenharmony_ci */ 309a8e1175bSopenharmony_ci return -1; 310a8e1175bSopenharmony_ci } 311a8e1175bSopenharmony_ci ret = mbedtls_snprintf(p, n, "\n"); 312a8e1175bSopenharmony_ci MBEDTLS_X509_SAFE_SNPRINTF; 313a8e1175bSopenharmony_ci 314a8e1175bSopenharmony_ci *size = n; 315a8e1175bSopenharmony_ci *buf = p; 316a8e1175bSopenharmony_ci 317a8e1175bSopenharmony_ci return 0; 318a8e1175bSopenharmony_ci} 319a8e1175bSopenharmony_ci 320a8e1175bSopenharmony_ciint parse_crt_ext_cb(void *p_ctx, mbedtls_x509_crt const *crt, mbedtls_x509_buf const *oid, 321a8e1175bSopenharmony_ci int critical, const unsigned char *cp, const unsigned char *end) 322a8e1175bSopenharmony_ci{ 323a8e1175bSopenharmony_ci (void) crt; 324a8e1175bSopenharmony_ci (void) critical; 325a8e1175bSopenharmony_ci mbedtls_x509_buf *new_oid = (mbedtls_x509_buf *) p_ctx; 326a8e1175bSopenharmony_ci if (oid->tag == MBEDTLS_ASN1_OID && 327a8e1175bSopenharmony_ci MBEDTLS_OID_CMP(MBEDTLS_OID_CERTIFICATE_POLICIES, oid) == 0) { 328a8e1175bSopenharmony_ci /* Handle unknown certificate policy */ 329a8e1175bSopenharmony_ci int ret, parse_ret = 0; 330a8e1175bSopenharmony_ci size_t len; 331a8e1175bSopenharmony_ci unsigned char **p = (unsigned char **) &cp; 332a8e1175bSopenharmony_ci 333a8e1175bSopenharmony_ci /* Get main sequence tag */ 334a8e1175bSopenharmony_ci ret = mbedtls_asn1_get_tag(p, end, &len, 335a8e1175bSopenharmony_ci MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); 336a8e1175bSopenharmony_ci if (ret != 0) { 337a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); 338a8e1175bSopenharmony_ci } 339a8e1175bSopenharmony_ci 340a8e1175bSopenharmony_ci if (*p + len != end) { 341a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, 342a8e1175bSopenharmony_ci MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); 343a8e1175bSopenharmony_ci } 344a8e1175bSopenharmony_ci 345a8e1175bSopenharmony_ci /* 346a8e1175bSopenharmony_ci * Cannot be an empty sequence. 347a8e1175bSopenharmony_ci */ 348a8e1175bSopenharmony_ci if (len == 0) { 349a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, 350a8e1175bSopenharmony_ci MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); 351a8e1175bSopenharmony_ci } 352a8e1175bSopenharmony_ci 353a8e1175bSopenharmony_ci while (*p < end) { 354a8e1175bSopenharmony_ci const unsigned char *policy_end; 355a8e1175bSopenharmony_ci 356a8e1175bSopenharmony_ci /* 357a8e1175bSopenharmony_ci * Get the policy sequence 358a8e1175bSopenharmony_ci */ 359a8e1175bSopenharmony_ci if ((ret = mbedtls_asn1_get_tag(p, end, &len, 360a8e1175bSopenharmony_ci MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) != 361a8e1175bSopenharmony_ci 0) { 362a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); 363a8e1175bSopenharmony_ci } 364a8e1175bSopenharmony_ci 365a8e1175bSopenharmony_ci policy_end = *p + len; 366a8e1175bSopenharmony_ci 367a8e1175bSopenharmony_ci if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, 368a8e1175bSopenharmony_ci MBEDTLS_ASN1_OID)) != 0) { 369a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); 370a8e1175bSopenharmony_ci } 371a8e1175bSopenharmony_ci 372a8e1175bSopenharmony_ci /* 373a8e1175bSopenharmony_ci * Recognize exclusively the policy with OID 1 374a8e1175bSopenharmony_ci */ 375a8e1175bSopenharmony_ci if (len != 1 || *p[0] != 1) { 376a8e1175bSopenharmony_ci parse_ret = MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE; 377a8e1175bSopenharmony_ci } 378a8e1175bSopenharmony_ci 379a8e1175bSopenharmony_ci *p += len; 380a8e1175bSopenharmony_ci 381a8e1175bSopenharmony_ci /* 382a8e1175bSopenharmony_ci * If there is an optional qualifier, then *p < policy_end 383a8e1175bSopenharmony_ci * Check the Qualifier len to verify it doesn't exceed policy_end. 384a8e1175bSopenharmony_ci */ 385a8e1175bSopenharmony_ci if (*p < policy_end) { 386a8e1175bSopenharmony_ci if ((ret = mbedtls_asn1_get_tag(p, policy_end, &len, 387a8e1175bSopenharmony_ci MBEDTLS_ASN1_CONSTRUCTED | 388a8e1175bSopenharmony_ci MBEDTLS_ASN1_SEQUENCE)) != 0) { 389a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, ret); 390a8e1175bSopenharmony_ci } 391a8e1175bSopenharmony_ci /* 392a8e1175bSopenharmony_ci * Skip the optional policy qualifiers. 393a8e1175bSopenharmony_ci */ 394a8e1175bSopenharmony_ci *p += len; 395a8e1175bSopenharmony_ci } 396a8e1175bSopenharmony_ci 397a8e1175bSopenharmony_ci if (*p != policy_end) { 398a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, 399a8e1175bSopenharmony_ci MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); 400a8e1175bSopenharmony_ci } 401a8e1175bSopenharmony_ci } 402a8e1175bSopenharmony_ci 403a8e1175bSopenharmony_ci if (*p != end) { 404a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, 405a8e1175bSopenharmony_ci MBEDTLS_ERR_ASN1_LENGTH_MISMATCH); 406a8e1175bSopenharmony_ci } 407a8e1175bSopenharmony_ci 408a8e1175bSopenharmony_ci return parse_ret; 409a8e1175bSopenharmony_ci } else if (new_oid != NULL && new_oid->tag == oid->tag && new_oid->len == oid->len && 410a8e1175bSopenharmony_ci memcmp(new_oid->p, oid->p, oid->len) == 0) { 411a8e1175bSopenharmony_ci return 0; 412a8e1175bSopenharmony_ci } else { 413a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, 414a8e1175bSopenharmony_ci MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); 415a8e1175bSopenharmony_ci } 416a8e1175bSopenharmony_ci} 417a8e1175bSopenharmony_ci#endif /* MBEDTLS_X509_CRT_PARSE_C */ 418a8e1175bSopenharmony_ci 419a8e1175bSopenharmony_ci#if defined(MBEDTLS_X509_CSR_PARSE_C) 420a8e1175bSopenharmony_ciint parse_csr_ext_accept_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, 421a8e1175bSopenharmony_ci int critical, const unsigned char *cp, const unsigned char *end) 422a8e1175bSopenharmony_ci{ 423a8e1175bSopenharmony_ci (void) p_ctx; 424a8e1175bSopenharmony_ci (void) csr; 425a8e1175bSopenharmony_ci (void) oid; 426a8e1175bSopenharmony_ci (void) critical; 427a8e1175bSopenharmony_ci (void) cp; 428a8e1175bSopenharmony_ci (void) end; 429a8e1175bSopenharmony_ci 430a8e1175bSopenharmony_ci return 0; 431a8e1175bSopenharmony_ci} 432a8e1175bSopenharmony_ci 433a8e1175bSopenharmony_ciint parse_csr_ext_reject_cb(void *p_ctx, mbedtls_x509_csr const *csr, mbedtls_x509_buf const *oid, 434a8e1175bSopenharmony_ci int critical, const unsigned char *cp, const unsigned char *end) 435a8e1175bSopenharmony_ci{ 436a8e1175bSopenharmony_ci (void) p_ctx; 437a8e1175bSopenharmony_ci (void) csr; 438a8e1175bSopenharmony_ci (void) oid; 439a8e1175bSopenharmony_ci (void) critical; 440a8e1175bSopenharmony_ci (void) cp; 441a8e1175bSopenharmony_ci (void) end; 442a8e1175bSopenharmony_ci 443a8e1175bSopenharmony_ci return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_INVALID_EXTENSIONS, 444a8e1175bSopenharmony_ci MBEDTLS_ERR_ASN1_UNEXPECTED_TAG); 445a8e1175bSopenharmony_ci} 446a8e1175bSopenharmony_ci#endif /* MBEDTLS_X509_CSR_PARSE_C */ 447a8e1175bSopenharmony_ci/* END_HEADER */ 448a8e1175bSopenharmony_ci 449a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ 450a8e1175bSopenharmony_civoid x509_accessor_ext_types(int ext_type, int has_ext_type) 451a8e1175bSopenharmony_ci{ 452a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 453a8e1175bSopenharmony_ci int expected_result = ext_type & has_ext_type; 454a8e1175bSopenharmony_ci 455a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 456a8e1175bSopenharmony_ci USE_PSA_INIT(); 457a8e1175bSopenharmony_ci 458a8e1175bSopenharmony_ci crt.ext_types = ext_type; 459a8e1175bSopenharmony_ci 460a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_has_ext_type(&crt, has_ext_type), expected_result); 461a8e1175bSopenharmony_ci 462a8e1175bSopenharmony_ciexit: 463a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 464a8e1175bSopenharmony_ci USE_PSA_DONE(); 465a8e1175bSopenharmony_ci} 466a8e1175bSopenharmony_ci/* END_CASE */ 467a8e1175bSopenharmony_ci 468a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_TEST_HOOKS */ 469a8e1175bSopenharmony_civoid x509_crt_parse_cn_inet_pton(const char *cn, data_t *exp, int ref_ret) 470a8e1175bSopenharmony_ci{ 471a8e1175bSopenharmony_ci uint32_t addr[4]; 472a8e1175bSopenharmony_ci size_t addrlen = mbedtls_x509_crt_parse_cn_inet_pton(cn, addr); 473a8e1175bSopenharmony_ci TEST_EQUAL(addrlen, (size_t) ref_ret); 474a8e1175bSopenharmony_ci 475a8e1175bSopenharmony_ci if (addrlen) { 476a8e1175bSopenharmony_ci TEST_MEMORY_COMPARE(exp->x, exp->len, addr, addrlen); 477a8e1175bSopenharmony_ci } 478a8e1175bSopenharmony_ci} 479a8e1175bSopenharmony_ci/* END_CASE */ 480a8e1175bSopenharmony_ci 481a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 482a8e1175bSopenharmony_civoid x509_parse_san(char *crt_file, char *result_str, int parse_result) 483a8e1175bSopenharmony_ci{ 484a8e1175bSopenharmony_ci int ret; 485a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 486a8e1175bSopenharmony_ci mbedtls_x509_subject_alternative_name san; 487a8e1175bSopenharmony_ci mbedtls_x509_sequence *cur = NULL; 488a8e1175bSopenharmony_ci char buf[2000]; 489a8e1175bSopenharmony_ci char *p = buf; 490a8e1175bSopenharmony_ci size_t n = sizeof(buf); 491a8e1175bSopenharmony_ci 492a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 493a8e1175bSopenharmony_ci USE_PSA_INIT(); 494a8e1175bSopenharmony_ci memset(buf, 0, 2000); 495a8e1175bSopenharmony_ci 496a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), parse_result); 497a8e1175bSopenharmony_ci 498a8e1175bSopenharmony_ci if (parse_result != 0) { 499a8e1175bSopenharmony_ci goto exit; 500a8e1175bSopenharmony_ci } 501a8e1175bSopenharmony_ci if (crt.ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) { 502a8e1175bSopenharmony_ci cur = &crt.subject_alt_names; 503a8e1175bSopenharmony_ci while (cur != NULL) { 504a8e1175bSopenharmony_ci ret = mbedtls_x509_parse_subject_alt_name(&cur->buf, &san); 505a8e1175bSopenharmony_ci TEST_ASSERT(ret == 0 || ret == MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE); 506a8e1175bSopenharmony_ci /* 507a8e1175bSopenharmony_ci * If san type not supported, ignore. 508a8e1175bSopenharmony_ci */ 509a8e1175bSopenharmony_ci if (ret == 0) { 510a8e1175bSopenharmony_ci ret = verify_parse_san(&san, &p, &n); 511a8e1175bSopenharmony_ci mbedtls_x509_free_subject_alt_name(&san); 512a8e1175bSopenharmony_ci TEST_EQUAL(ret, 0); 513a8e1175bSopenharmony_ci } 514a8e1175bSopenharmony_ci cur = cur->next; 515a8e1175bSopenharmony_ci } 516a8e1175bSopenharmony_ci } 517a8e1175bSopenharmony_ci 518a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 519a8e1175bSopenharmony_ci 520a8e1175bSopenharmony_ciexit: 521a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 522a8e1175bSopenharmony_ci USE_PSA_DONE(); 523a8e1175bSopenharmony_ci} 524a8e1175bSopenharmony_ci/* END_CASE */ 525a8e1175bSopenharmony_ci 526a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:!MBEDTLS_X509_REMOVE_INFO:MBEDTLS_X509_CRT_PARSE_C */ 527a8e1175bSopenharmony_civoid x509_cert_info(char *crt_file, char *result_str) 528a8e1175bSopenharmony_ci{ 529a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 530a8e1175bSopenharmony_ci char buf[2000]; 531a8e1175bSopenharmony_ci int res; 532a8e1175bSopenharmony_ci 533a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 534a8e1175bSopenharmony_ci USE_PSA_INIT(); 535a8e1175bSopenharmony_ci memset(buf, 0, 2000); 536a8e1175bSopenharmony_ci 537a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 538a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info(buf, 2000, "", &crt); 539a8e1175bSopenharmony_ci 540a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 541a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 542a8e1175bSopenharmony_ci 543a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 544a8e1175bSopenharmony_ci 545a8e1175bSopenharmony_ciexit: 546a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 547a8e1175bSopenharmony_ci USE_PSA_DONE(); 548a8e1175bSopenharmony_ci} 549a8e1175bSopenharmony_ci/* END_CASE */ 550a8e1175bSopenharmony_ci 551a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 552a8e1175bSopenharmony_civoid mbedtls_x509_crl_info(char *crl_file, char *result_str) 553a8e1175bSopenharmony_ci{ 554a8e1175bSopenharmony_ci mbedtls_x509_crl crl; 555a8e1175bSopenharmony_ci char buf[2000]; 556a8e1175bSopenharmony_ci int res; 557a8e1175bSopenharmony_ci 558a8e1175bSopenharmony_ci mbedtls_x509_crl_init(&crl); 559a8e1175bSopenharmony_ci USE_PSA_INIT(); 560a8e1175bSopenharmony_ci memset(buf, 0, 2000); 561a8e1175bSopenharmony_ci 562a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0); 563a8e1175bSopenharmony_ci res = mbedtls_x509_crl_info(buf, 2000, "", &crl); 564a8e1175bSopenharmony_ci 565a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 566a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 567a8e1175bSopenharmony_ci 568a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 569a8e1175bSopenharmony_ci 570a8e1175bSopenharmony_ciexit: 571a8e1175bSopenharmony_ci mbedtls_x509_crl_free(&crl); 572a8e1175bSopenharmony_ci USE_PSA_DONE(); 573a8e1175bSopenharmony_ci} 574a8e1175bSopenharmony_ci/* END_CASE */ 575a8e1175bSopenharmony_ci 576a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRL_PARSE_C */ 577a8e1175bSopenharmony_civoid mbedtls_x509_crl_parse(char *crl_file, int result) 578a8e1175bSopenharmony_ci{ 579a8e1175bSopenharmony_ci mbedtls_x509_crl crl; 580a8e1175bSopenharmony_ci char buf[2000]; 581a8e1175bSopenharmony_ci 582a8e1175bSopenharmony_ci mbedtls_x509_crl_init(&crl); 583a8e1175bSopenharmony_ci USE_PSA_INIT(); 584a8e1175bSopenharmony_ci memset(buf, 0, 2000); 585a8e1175bSopenharmony_ci 586a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), result); 587a8e1175bSopenharmony_ci 588a8e1175bSopenharmony_ciexit: 589a8e1175bSopenharmony_ci mbedtls_x509_crl_free(&crl); 590a8e1175bSopenharmony_ci USE_PSA_DONE(); 591a8e1175bSopenharmony_ci} 592a8e1175bSopenharmony_ci/* END_CASE */ 593a8e1175bSopenharmony_ci 594a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 595a8e1175bSopenharmony_civoid mbedtls_x509_csr_info(char *csr_file, char *result_str) 596a8e1175bSopenharmony_ci{ 597a8e1175bSopenharmony_ci mbedtls_x509_csr csr; 598a8e1175bSopenharmony_ci char buf[2000]; 599a8e1175bSopenharmony_ci int res; 600a8e1175bSopenharmony_ci 601a8e1175bSopenharmony_ci mbedtls_x509_csr_init(&csr); 602a8e1175bSopenharmony_ci USE_PSA_INIT(); 603a8e1175bSopenharmony_ci memset(buf, 0, 2000); 604a8e1175bSopenharmony_ci 605a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_csr_parse_file(&csr, csr_file), 0); 606a8e1175bSopenharmony_ci res = mbedtls_x509_csr_info(buf, 2000, "", &csr); 607a8e1175bSopenharmony_ci 608a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 609a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 610a8e1175bSopenharmony_ci 611a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 612a8e1175bSopenharmony_ci 613a8e1175bSopenharmony_ciexit: 614a8e1175bSopenharmony_ci mbedtls_x509_csr_free(&csr); 615a8e1175bSopenharmony_ci USE_PSA_DONE(); 616a8e1175bSopenharmony_ci} 617a8e1175bSopenharmony_ci/* END_CASE */ 618a8e1175bSopenharmony_ci 619a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 620a8e1175bSopenharmony_civoid x509_verify_info(int flags, char *prefix, char *result_str) 621a8e1175bSopenharmony_ci{ 622a8e1175bSopenharmony_ci char buf[2000]; 623a8e1175bSopenharmony_ci int res; 624a8e1175bSopenharmony_ci 625a8e1175bSopenharmony_ci USE_PSA_INIT(); 626a8e1175bSopenharmony_ci memset(buf, 0, sizeof(buf)); 627a8e1175bSopenharmony_ci 628a8e1175bSopenharmony_ci res = mbedtls_x509_crt_verify_info(buf, sizeof(buf), prefix, flags); 629a8e1175bSopenharmony_ci 630a8e1175bSopenharmony_ci TEST_ASSERT(res >= 0); 631a8e1175bSopenharmony_ci 632a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 633a8e1175bSopenharmony_ci 634a8e1175bSopenharmony_ciexit: 635a8e1175bSopenharmony_ci USE_PSA_DONE(); 636a8e1175bSopenharmony_ci} 637a8e1175bSopenharmony_ci/* END_CASE */ 638a8e1175bSopenharmony_ci 639a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_ECP_RESTARTABLE:MBEDTLS_ECDSA_C */ 640a8e1175bSopenharmony_civoid x509_verify_restart(char *crt_file, char *ca_file, 641a8e1175bSopenharmony_ci int result, int flags_result, 642a8e1175bSopenharmony_ci int max_ops, int min_restart, int max_restart) 643a8e1175bSopenharmony_ci{ 644a8e1175bSopenharmony_ci int ret, cnt_restart; 645a8e1175bSopenharmony_ci mbedtls_x509_crt_restart_ctx rs_ctx; 646a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 647a8e1175bSopenharmony_ci mbedtls_x509_crt ca; 648a8e1175bSopenharmony_ci uint32_t flags = 0; 649a8e1175bSopenharmony_ci 650a8e1175bSopenharmony_ci /* 651a8e1175bSopenharmony_ci * See comments on ecp_test_vect_restart() for op count precision. 652a8e1175bSopenharmony_ci * 653a8e1175bSopenharmony_ci * For reference, with Mbed TLS 2.6 and default settings: 654a8e1175bSopenharmony_ci * - ecdsa_verify() for P-256: ~ 6700 655a8e1175bSopenharmony_ci * - ecdsa_verify() for P-384: ~ 18800 656a8e1175bSopenharmony_ci * - x509_verify() for server5 -> test-ca2: ~ 18800 657a8e1175bSopenharmony_ci * - x509_verify() for server10 -> int-ca3 -> int-ca2: ~ 25500 658a8e1175bSopenharmony_ci */ 659a8e1175bSopenharmony_ci mbedtls_x509_crt_restart_init(&rs_ctx); 660a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 661a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&ca); 662a8e1175bSopenharmony_ci MD_OR_USE_PSA_INIT(); 663a8e1175bSopenharmony_ci 664a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 665a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); 666a8e1175bSopenharmony_ci 667a8e1175bSopenharmony_ci mbedtls_ecp_set_max_ops(max_ops); 668a8e1175bSopenharmony_ci 669a8e1175bSopenharmony_ci cnt_restart = 0; 670a8e1175bSopenharmony_ci do { 671a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL, 672a8e1175bSopenharmony_ci &mbedtls_x509_crt_profile_default, NULL, &flags, 673a8e1175bSopenharmony_ci NULL, NULL, &rs_ctx); 674a8e1175bSopenharmony_ci } while (ret == MBEDTLS_ERR_ECP_IN_PROGRESS && ++cnt_restart); 675a8e1175bSopenharmony_ci 676a8e1175bSopenharmony_ci TEST_EQUAL(ret, result); 677a8e1175bSopenharmony_ci TEST_EQUAL(flags, (uint32_t) flags_result); 678a8e1175bSopenharmony_ci 679a8e1175bSopenharmony_ci TEST_ASSERT(cnt_restart >= min_restart); 680a8e1175bSopenharmony_ci TEST_ASSERT(cnt_restart <= max_restart); 681a8e1175bSopenharmony_ci 682a8e1175bSopenharmony_ci /* Do we leak memory when aborting? */ 683a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_verify_restartable(&crt, &ca, NULL, 684a8e1175bSopenharmony_ci &mbedtls_x509_crt_profile_default, NULL, &flags, 685a8e1175bSopenharmony_ci NULL, NULL, &rs_ctx); 686a8e1175bSopenharmony_ci TEST_ASSERT(ret == result || ret == MBEDTLS_ERR_ECP_IN_PROGRESS); 687a8e1175bSopenharmony_ci 688a8e1175bSopenharmony_ciexit: 689a8e1175bSopenharmony_ci mbedtls_x509_crt_restart_free(&rs_ctx); 690a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 691a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&ca); 692a8e1175bSopenharmony_ci MD_OR_USE_PSA_DONE(); 693a8e1175bSopenharmony_ci} 694a8e1175bSopenharmony_ci/* END_CASE */ 695a8e1175bSopenharmony_ci 696a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C */ 697a8e1175bSopenharmony_civoid x509_verify(char *crt_file, char *ca_file, char *crl_file, 698a8e1175bSopenharmony_ci char *cn_name_str, int result, int flags_result, 699a8e1175bSopenharmony_ci char *profile_str, 700a8e1175bSopenharmony_ci char *verify_callback) 701a8e1175bSopenharmony_ci{ 702a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 703a8e1175bSopenharmony_ci mbedtls_x509_crt ca; 704a8e1175bSopenharmony_ci mbedtls_x509_crl crl; 705a8e1175bSopenharmony_ci uint32_t flags = 0; 706a8e1175bSopenharmony_ci int res; 707a8e1175bSopenharmony_ci int (*f_vrfy)(void *, mbedtls_x509_crt *, int, uint32_t *) = NULL; 708a8e1175bSopenharmony_ci char *cn_name = NULL; 709a8e1175bSopenharmony_ci const mbedtls_x509_crt_profile *profile; 710a8e1175bSopenharmony_ci 711a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 712a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&ca); 713a8e1175bSopenharmony_ci mbedtls_x509_crl_init(&crl); 714a8e1175bSopenharmony_ci MD_OR_USE_PSA_INIT(); 715a8e1175bSopenharmony_ci 716a8e1175bSopenharmony_ci if (strcmp(cn_name_str, "NULL") != 0) { 717a8e1175bSopenharmony_ci cn_name = cn_name_str; 718a8e1175bSopenharmony_ci } 719a8e1175bSopenharmony_ci 720a8e1175bSopenharmony_ci if (strcmp(profile_str, "") == 0) { 721a8e1175bSopenharmony_ci profile = &mbedtls_x509_crt_profile_default; 722a8e1175bSopenharmony_ci } else if (strcmp(profile_str, "next") == 0) { 723a8e1175bSopenharmony_ci profile = &mbedtls_x509_crt_profile_next; 724a8e1175bSopenharmony_ci } else if (strcmp(profile_str, "suite_b") == 0) { 725a8e1175bSopenharmony_ci profile = &mbedtls_x509_crt_profile_suiteb; 726a8e1175bSopenharmony_ci } else if (strcmp(profile_str, "compat") == 0) { 727a8e1175bSopenharmony_ci profile = &compat_profile; 728a8e1175bSopenharmony_ci } else if (strcmp(profile_str, "all") == 0) { 729a8e1175bSopenharmony_ci profile = &profile_all; 730a8e1175bSopenharmony_ci } else { 731a8e1175bSopenharmony_ci TEST_FAIL("Unknown algorithm profile"); 732a8e1175bSopenharmony_ci } 733a8e1175bSopenharmony_ci 734a8e1175bSopenharmony_ci if (strcmp(verify_callback, "NULL") == 0) { 735a8e1175bSopenharmony_ci f_vrfy = NULL; 736a8e1175bSopenharmony_ci } else if (strcmp(verify_callback, "verify_none") == 0) { 737a8e1175bSopenharmony_ci f_vrfy = verify_none; 738a8e1175bSopenharmony_ci } else if (strcmp(verify_callback, "verify_all") == 0) { 739a8e1175bSopenharmony_ci f_vrfy = verify_all; 740a8e1175bSopenharmony_ci } else { 741a8e1175bSopenharmony_ci TEST_FAIL("No known verify callback selected"); 742a8e1175bSopenharmony_ci } 743a8e1175bSopenharmony_ci 744a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 745a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); 746a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crl_parse_file(&crl, crl_file), 0); 747a8e1175bSopenharmony_ci 748a8e1175bSopenharmony_ci res = mbedtls_x509_crt_verify_with_profile(&crt, 749a8e1175bSopenharmony_ci &ca, 750a8e1175bSopenharmony_ci &crl, 751a8e1175bSopenharmony_ci profile, 752a8e1175bSopenharmony_ci cn_name, 753a8e1175bSopenharmony_ci &flags, 754a8e1175bSopenharmony_ci f_vrfy, 755a8e1175bSopenharmony_ci NULL); 756a8e1175bSopenharmony_ci 757a8e1175bSopenharmony_ci TEST_EQUAL(res, result); 758a8e1175bSopenharmony_ci TEST_EQUAL(flags, (uint32_t) flags_result); 759a8e1175bSopenharmony_ci 760a8e1175bSopenharmony_ci#if defined(MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK) 761a8e1175bSopenharmony_ci /* CRLs aren't supported with CA callbacks, so skip the CA callback 762a8e1175bSopenharmony_ci * version of the test if CRLs are in use. */ 763a8e1175bSopenharmony_ci if (strcmp(crl_file, "") == 0) { 764a8e1175bSopenharmony_ci flags = 0; 765a8e1175bSopenharmony_ci 766a8e1175bSopenharmony_ci res = mbedtls_x509_crt_verify_with_ca_cb(&crt, 767a8e1175bSopenharmony_ci ca_callback, 768a8e1175bSopenharmony_ci &ca, 769a8e1175bSopenharmony_ci profile, 770a8e1175bSopenharmony_ci cn_name, 771a8e1175bSopenharmony_ci &flags, 772a8e1175bSopenharmony_ci f_vrfy, 773a8e1175bSopenharmony_ci NULL); 774a8e1175bSopenharmony_ci 775a8e1175bSopenharmony_ci TEST_EQUAL(res, result); 776a8e1175bSopenharmony_ci TEST_EQUAL(flags, (uint32_t) (flags_result)); 777a8e1175bSopenharmony_ci } 778a8e1175bSopenharmony_ci#endif /* MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 779a8e1175bSopenharmony_ciexit: 780a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 781a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&ca); 782a8e1175bSopenharmony_ci mbedtls_x509_crl_free(&crl); 783a8e1175bSopenharmony_ci MD_OR_USE_PSA_DONE(); 784a8e1175bSopenharmony_ci} 785a8e1175bSopenharmony_ci/* END_CASE */ 786a8e1175bSopenharmony_ci 787a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_CRL_PARSE_C:MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK */ 788a8e1175bSopenharmony_civoid x509_verify_ca_cb_failure(char *crt_file, char *ca_file, char *name, 789a8e1175bSopenharmony_ci int exp_ret) 790a8e1175bSopenharmony_ci{ 791a8e1175bSopenharmony_ci int ret; 792a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 793a8e1175bSopenharmony_ci mbedtls_x509_crt ca; 794a8e1175bSopenharmony_ci uint32_t flags = 0; 795a8e1175bSopenharmony_ci 796a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 797a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&ca); 798a8e1175bSopenharmony_ci USE_PSA_INIT(); 799a8e1175bSopenharmony_ci 800a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 801a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); 802a8e1175bSopenharmony_ci 803a8e1175bSopenharmony_ci if (strcmp(name, "NULL") == 0) { 804a8e1175bSopenharmony_ci name = NULL; 805a8e1175bSopenharmony_ci } 806a8e1175bSopenharmony_ci 807a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_verify_with_ca_cb(&crt, ca_callback_fail, &ca, 808a8e1175bSopenharmony_ci &compat_profile, name, &flags, 809a8e1175bSopenharmony_ci NULL, NULL); 810a8e1175bSopenharmony_ci 811a8e1175bSopenharmony_ci TEST_EQUAL(ret, exp_ret); 812a8e1175bSopenharmony_ci TEST_EQUAL(flags, (uint32_t) (-1)); 813a8e1175bSopenharmony_ciexit: 814a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 815a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&ca); 816a8e1175bSopenharmony_ci USE_PSA_DONE(); 817a8e1175bSopenharmony_ci} 818a8e1175bSopenharmony_ci/* END_CASE */ 819a8e1175bSopenharmony_ci 820a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 821a8e1175bSopenharmony_civoid x509_verify_callback(char *crt_file, char *ca_file, char *name, 822a8e1175bSopenharmony_ci int exp_ret, char *exp_vrfy_out) 823a8e1175bSopenharmony_ci{ 824a8e1175bSopenharmony_ci int ret; 825a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 826a8e1175bSopenharmony_ci mbedtls_x509_crt ca; 827a8e1175bSopenharmony_ci uint32_t flags = 0; 828a8e1175bSopenharmony_ci verify_print_context vrfy_ctx; 829a8e1175bSopenharmony_ci 830a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 831a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&ca); 832a8e1175bSopenharmony_ci MD_OR_USE_PSA_INIT(); 833a8e1175bSopenharmony_ci 834a8e1175bSopenharmony_ci verify_print_init(&vrfy_ctx); 835a8e1175bSopenharmony_ci 836a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 837a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&ca, ca_file), 0); 838a8e1175bSopenharmony_ci 839a8e1175bSopenharmony_ci if (strcmp(name, "NULL") == 0) { 840a8e1175bSopenharmony_ci name = NULL; 841a8e1175bSopenharmony_ci } 842a8e1175bSopenharmony_ci 843a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_verify_with_profile(&crt, &ca, NULL, 844a8e1175bSopenharmony_ci &compat_profile, 845a8e1175bSopenharmony_ci name, &flags, 846a8e1175bSopenharmony_ci verify_print, &vrfy_ctx); 847a8e1175bSopenharmony_ci 848a8e1175bSopenharmony_ci TEST_EQUAL(ret, exp_ret); 849a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(vrfy_ctx.buf, exp_vrfy_out), 0); 850a8e1175bSopenharmony_ci 851a8e1175bSopenharmony_ciexit: 852a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 853a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&ca); 854a8e1175bSopenharmony_ci MD_OR_USE_PSA_DONE(); 855a8e1175bSopenharmony_ci} 856a8e1175bSopenharmony_ci/* END_CASE */ 857a8e1175bSopenharmony_ci 858a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 859a8e1175bSopenharmony_civoid mbedtls_x509_dn_gets_subject_replace(char *crt_file, 860a8e1175bSopenharmony_ci char *new_subject_ou, 861a8e1175bSopenharmony_ci char *result_str, 862a8e1175bSopenharmony_ci int ret) 863a8e1175bSopenharmony_ci{ 864a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 865a8e1175bSopenharmony_ci char buf[2000]; 866a8e1175bSopenharmony_ci int res = 0; 867a8e1175bSopenharmony_ci 868a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 869a8e1175bSopenharmony_ci USE_PSA_INIT(); 870a8e1175bSopenharmony_ci 871a8e1175bSopenharmony_ci memset(buf, 0, 2000); 872a8e1175bSopenharmony_ci 873a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 874a8e1175bSopenharmony_ci crt.subject.next->val.p = (unsigned char *) new_subject_ou; 875a8e1175bSopenharmony_ci crt.subject.next->val.len = strlen(new_subject_ou); 876a8e1175bSopenharmony_ci 877a8e1175bSopenharmony_ci res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); 878a8e1175bSopenharmony_ci 879a8e1175bSopenharmony_ci if (ret != 0) { 880a8e1175bSopenharmony_ci TEST_EQUAL(res, ret); 881a8e1175bSopenharmony_ci } else { 882a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 883a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 884a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 885a8e1175bSopenharmony_ci } 886a8e1175bSopenharmony_ciexit: 887a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 888a8e1175bSopenharmony_ci USE_PSA_DONE(); 889a8e1175bSopenharmony_ci} 890a8e1175bSopenharmony_ci/* END_CASE */ 891a8e1175bSopenharmony_ci 892a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 893a8e1175bSopenharmony_civoid mbedtls_x509_dn_gets(char *crt_file, char *entity, char *result_str) 894a8e1175bSopenharmony_ci{ 895a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 896a8e1175bSopenharmony_ci char buf[2000]; 897a8e1175bSopenharmony_ci int res = 0; 898a8e1175bSopenharmony_ci 899a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 900a8e1175bSopenharmony_ci USE_PSA_INIT(); 901a8e1175bSopenharmony_ci 902a8e1175bSopenharmony_ci memset(buf, 0, 2000); 903a8e1175bSopenharmony_ci 904a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 905a8e1175bSopenharmony_ci if (strcmp(entity, "subject") == 0) { 906a8e1175bSopenharmony_ci res = mbedtls_x509_dn_gets(buf, 2000, &crt.subject); 907a8e1175bSopenharmony_ci } else if (strcmp(entity, "issuer") == 0) { 908a8e1175bSopenharmony_ci res = mbedtls_x509_dn_gets(buf, 2000, &crt.issuer); 909a8e1175bSopenharmony_ci } else { 910a8e1175bSopenharmony_ci TEST_FAIL("Unknown entity"); 911a8e1175bSopenharmony_ci } 912a8e1175bSopenharmony_ci 913a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 914a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 915a8e1175bSopenharmony_ci 916a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(buf, result_str), 0); 917a8e1175bSopenharmony_ci 918a8e1175bSopenharmony_ciexit: 919a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 920a8e1175bSopenharmony_ci USE_PSA_DONE(); 921a8e1175bSopenharmony_ci} 922a8e1175bSopenharmony_ci/* END_CASE */ 923a8e1175bSopenharmony_ci 924a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ 925a8e1175bSopenharmony_civoid mbedtls_x509_get_name(char *rdn_sequence, int exp_ret) 926a8e1175bSopenharmony_ci{ 927a8e1175bSopenharmony_ci unsigned char *name = NULL; 928a8e1175bSopenharmony_ci unsigned char *p; 929a8e1175bSopenharmony_ci size_t name_len; 930a8e1175bSopenharmony_ci mbedtls_x509_name head; 931a8e1175bSopenharmony_ci int ret; 932a8e1175bSopenharmony_ci 933a8e1175bSopenharmony_ci USE_PSA_INIT(); 934a8e1175bSopenharmony_ci memset(&head, 0, sizeof(head)); 935a8e1175bSopenharmony_ci 936a8e1175bSopenharmony_ci name = mbedtls_test_unhexify_alloc(rdn_sequence, &name_len); 937a8e1175bSopenharmony_ci p = name; 938a8e1175bSopenharmony_ci 939a8e1175bSopenharmony_ci ret = mbedtls_x509_get_name(&p, (name + name_len), &head); 940a8e1175bSopenharmony_ci if (ret == 0) { 941a8e1175bSopenharmony_ci mbedtls_asn1_free_named_data_list_shallow(head.next); 942a8e1175bSopenharmony_ci } 943a8e1175bSopenharmony_ci 944a8e1175bSopenharmony_ci TEST_EQUAL(ret, exp_ret); 945a8e1175bSopenharmony_ci 946a8e1175bSopenharmony_ciexit: 947a8e1175bSopenharmony_ci mbedtls_free(name); 948a8e1175bSopenharmony_ci USE_PSA_DONE(); 949a8e1175bSopenharmony_ci} 950a8e1175bSopenharmony_ci/* END_CASE */ 951a8e1175bSopenharmony_ci 952a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C:MBEDTLS_X509_CRT_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 953a8e1175bSopenharmony_civoid mbedtls_x509_dn_get_next(char *name_str, 954a8e1175bSopenharmony_ci int next_merged, 955a8e1175bSopenharmony_ci char *expected_oids, 956a8e1175bSopenharmony_ci int exp_count, 957a8e1175bSopenharmony_ci char *exp_dn_gets) 958a8e1175bSopenharmony_ci{ 959a8e1175bSopenharmony_ci int ret = 0, i; 960a8e1175bSopenharmony_ci size_t len = 0, out_size; 961a8e1175bSopenharmony_ci mbedtls_asn1_named_data *names = NULL; 962a8e1175bSopenharmony_ci mbedtls_x509_name parsed; 963a8e1175bSopenharmony_ci memset(&parsed, 0, sizeof(parsed)); 964a8e1175bSopenharmony_ci mbedtls_x509_name *parsed_cur; 965a8e1175bSopenharmony_ci // Size of buf is maximum required for test cases 966a8e1175bSopenharmony_ci unsigned char buf[80] = { 0 }; 967a8e1175bSopenharmony_ci unsigned char *out = NULL; 968a8e1175bSopenharmony_ci unsigned char *c = buf + sizeof(buf); 969a8e1175bSopenharmony_ci const char *short_name; 970a8e1175bSopenharmony_ci 971a8e1175bSopenharmony_ci USE_PSA_INIT(); 972a8e1175bSopenharmony_ci 973a8e1175bSopenharmony_ci // Additional size required for trailing space 974a8e1175bSopenharmony_ci out_size = strlen(expected_oids) + 2; 975a8e1175bSopenharmony_ci TEST_CALLOC(out, out_size); 976a8e1175bSopenharmony_ci 977a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_string_to_names(&names, name_str), 0); 978a8e1175bSopenharmony_ci 979a8e1175bSopenharmony_ci ret = mbedtls_x509_write_names(&c, buf, names); 980a8e1175bSopenharmony_ci TEST_LE_S(0, ret); 981a8e1175bSopenharmony_ci 982a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, 983a8e1175bSopenharmony_ci MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); 984a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed), 0); 985a8e1175bSopenharmony_ci 986a8e1175bSopenharmony_ci // Iterate over names and set next_merged nodes 987a8e1175bSopenharmony_ci parsed_cur = &parsed; 988a8e1175bSopenharmony_ci for (; next_merged != 0 && parsed_cur != NULL; next_merged = next_merged >> 1) { 989a8e1175bSopenharmony_ci parsed_cur->next_merged = next_merged & 0x01; 990a8e1175bSopenharmony_ci parsed_cur = parsed_cur->next; 991a8e1175bSopenharmony_ci } 992a8e1175bSopenharmony_ci 993a8e1175bSopenharmony_ci // Iterate over RDN nodes and print OID of first element to buffer 994a8e1175bSopenharmony_ci parsed_cur = &parsed; 995a8e1175bSopenharmony_ci len = 0; 996a8e1175bSopenharmony_ci for (i = 0; parsed_cur != NULL; i++) { 997a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_oid_get_attr_short_name(&parsed_cur->oid, 998a8e1175bSopenharmony_ci &short_name), 0); 999a8e1175bSopenharmony_ci len += mbedtls_snprintf((char *) out + len, out_size - len, "%s ", short_name); 1000a8e1175bSopenharmony_ci parsed_cur = mbedtls_x509_dn_get_next(parsed_cur); 1001a8e1175bSopenharmony_ci } 1002a8e1175bSopenharmony_ci out[len-1] = 0; 1003a8e1175bSopenharmony_ci 1004a8e1175bSopenharmony_ci TEST_EQUAL(exp_count, i); 1005a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) out, expected_oids), 0); 1006a8e1175bSopenharmony_ci mbedtls_free(out); 1007a8e1175bSopenharmony_ci out = NULL; 1008a8e1175bSopenharmony_ci 1009a8e1175bSopenharmony_ci out_size = strlen(exp_dn_gets) + 1; 1010a8e1175bSopenharmony_ci TEST_CALLOC(out, out_size); 1011a8e1175bSopenharmony_ci 1012a8e1175bSopenharmony_ci TEST_LE_S(0, mbedtls_x509_dn_gets((char *) out, out_size, &parsed)); 1013a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) out, exp_dn_gets), 0); 1014a8e1175bSopenharmony_ciexit: 1015a8e1175bSopenharmony_ci mbedtls_free(out); 1016a8e1175bSopenharmony_ci mbedtls_asn1_free_named_data_list(&names); 1017a8e1175bSopenharmony_ci mbedtls_asn1_free_named_data_list_shallow(parsed.next); 1018a8e1175bSopenharmony_ci USE_PSA_DONE(); 1019a8e1175bSopenharmony_ci} 1020a8e1175bSopenharmony_ci/* END_CASE */ 1021a8e1175bSopenharmony_ci 1022a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1023a8e1175bSopenharmony_civoid mbedtls_x509_time_is_past(char *crt_file, char *entity, int result) 1024a8e1175bSopenharmony_ci{ 1025a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1026a8e1175bSopenharmony_ci 1027a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1028a8e1175bSopenharmony_ci USE_PSA_INIT(); 1029a8e1175bSopenharmony_ci 1030a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 1031a8e1175bSopenharmony_ci 1032a8e1175bSopenharmony_ci if (strcmp(entity, "valid_from") == 0) { 1033a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_from), result); 1034a8e1175bSopenharmony_ci } else if (strcmp(entity, "valid_to") == 0) { 1035a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_time_is_past(&crt.valid_to), result); 1036a8e1175bSopenharmony_ci } else { 1037a8e1175bSopenharmony_ci TEST_FAIL("Unknown entity"); 1038a8e1175bSopenharmony_ci } 1039a8e1175bSopenharmony_ci 1040a8e1175bSopenharmony_ciexit: 1041a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1042a8e1175bSopenharmony_ci USE_PSA_DONE(); 1043a8e1175bSopenharmony_ci} 1044a8e1175bSopenharmony_ci/* END_CASE */ 1045a8e1175bSopenharmony_ci 1046a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1047a8e1175bSopenharmony_civoid mbedtls_x509_time_is_future(char *crt_file, char *entity, int result) 1048a8e1175bSopenharmony_ci{ 1049a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1050a8e1175bSopenharmony_ci 1051a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1052a8e1175bSopenharmony_ci USE_PSA_INIT(); 1053a8e1175bSopenharmony_ci 1054a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 1055a8e1175bSopenharmony_ci 1056a8e1175bSopenharmony_ci if (strcmp(entity, "valid_from") == 0) { 1057a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_from), result); 1058a8e1175bSopenharmony_ci } else if (strcmp(entity, "valid_to") == 0) { 1059a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_time_is_future(&crt.valid_to), result); 1060a8e1175bSopenharmony_ci } else { 1061a8e1175bSopenharmony_ci TEST_FAIL("Unknown entity"); 1062a8e1175bSopenharmony_ci } 1063a8e1175bSopenharmony_ci 1064a8e1175bSopenharmony_ciexit: 1065a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1066a8e1175bSopenharmony_ci USE_PSA_DONE(); 1067a8e1175bSopenharmony_ci} 1068a8e1175bSopenharmony_ci/* END_CASE */ 1069a8e1175bSopenharmony_ci 1070a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ 1071a8e1175bSopenharmony_civoid x509parse_crt_file(char *crt_file, int result) 1072a8e1175bSopenharmony_ci{ 1073a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1074a8e1175bSopenharmony_ci 1075a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1076a8e1175bSopenharmony_ci USE_PSA_INIT(); 1077a8e1175bSopenharmony_ci 1078a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), result); 1079a8e1175bSopenharmony_ci 1080a8e1175bSopenharmony_ciexit: 1081a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1082a8e1175bSopenharmony_ci USE_PSA_DONE(); 1083a8e1175bSopenharmony_ci} 1084a8e1175bSopenharmony_ci/* END_CASE */ 1085a8e1175bSopenharmony_ci 1086a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ 1087a8e1175bSopenharmony_civoid mbedtls_x509_get_ca_istrue(char *crt_file, int result) 1088a8e1175bSopenharmony_ci{ 1089a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1090a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1091a8e1175bSopenharmony_ci USE_PSA_INIT(); 1092a8e1175bSopenharmony_ci 1093a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 1094a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_get_ca_istrue(&crt), result); 1095a8e1175bSopenharmony_ciexit: 1096a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1097a8e1175bSopenharmony_ci USE_PSA_DONE(); 1098a8e1175bSopenharmony_ci} 1099a8e1175bSopenharmony_ci/* END_CASE */ 1100a8e1175bSopenharmony_ci 1101a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ 1102a8e1175bSopenharmony_civoid x509parse_crt(data_t *buf, char *result_str, int result) 1103a8e1175bSopenharmony_ci{ 1104a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1105a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1106a8e1175bSopenharmony_ci unsigned char output[2000] = { 0 }; 1107a8e1175bSopenharmony_ci int res; 1108a8e1175bSopenharmony_ci#else 1109a8e1175bSopenharmony_ci ((void) result_str); 1110a8e1175bSopenharmony_ci#endif 1111a8e1175bSopenharmony_ci 1112a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1113a8e1175bSopenharmony_ci USE_PSA_INIT(); 1114a8e1175bSopenharmony_ci 1115a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_der(&crt, buf->x, buf->len), result); 1116a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1117a8e1175bSopenharmony_ci if ((result) == 0) { 1118a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); 1119a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1120a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1121a8e1175bSopenharmony_ci 1122a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1123a8e1175bSopenharmony_ci } 1124a8e1175bSopenharmony_ci memset(output, 0, 2000); 1125a8e1175bSopenharmony_ci#endif 1126a8e1175bSopenharmony_ci 1127a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1128a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1129a8e1175bSopenharmony_ci 1130a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_der_nocopy(&crt, buf->x, buf->len), result); 1131a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1132a8e1175bSopenharmony_ci if ((result) == 0) { 1133a8e1175bSopenharmony_ci memset(output, 0, 2000); 1134a8e1175bSopenharmony_ci 1135a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); 1136a8e1175bSopenharmony_ci 1137a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1138a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1139a8e1175bSopenharmony_ci 1140a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1141a8e1175bSopenharmony_ci } 1142a8e1175bSopenharmony_ci memset(output, 0, 2000); 1143a8e1175bSopenharmony_ci#endif /* !MBEDTLS_X509_REMOVE_INFO */ 1144a8e1175bSopenharmony_ci 1145a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1146a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1147a8e1175bSopenharmony_ci 1148a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, NULL, NULL), 1149a8e1175bSopenharmony_ci result); 1150a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1151a8e1175bSopenharmony_ci if ((result) == 0) { 1152a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); 1153a8e1175bSopenharmony_ci 1154a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1155a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1156a8e1175bSopenharmony_ci 1157a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1158a8e1175bSopenharmony_ci } 1159a8e1175bSopenharmony_ci memset(output, 0, 2000); 1160a8e1175bSopenharmony_ci#endif /* !MBEDTLS_X509_REMOVE_INFO */ 1161a8e1175bSopenharmony_ci 1162a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1163a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1164a8e1175bSopenharmony_ci 1165a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, NULL, NULL), 1166a8e1175bSopenharmony_ci result); 1167a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1168a8e1175bSopenharmony_ci if ((result) == 0) { 1169a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); 1170a8e1175bSopenharmony_ci 1171a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1172a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1173a8e1175bSopenharmony_ci 1174a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1175a8e1175bSopenharmony_ci } 1176a8e1175bSopenharmony_ci#endif /* !MBEDTLS_X509_REMOVE_INFO */ 1177a8e1175bSopenharmony_ci 1178a8e1175bSopenharmony_ciexit: 1179a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1180a8e1175bSopenharmony_ci USE_PSA_DONE(); 1181a8e1175bSopenharmony_ci} 1182a8e1175bSopenharmony_ci/* END_CASE */ 1183a8e1175bSopenharmony_ci 1184a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C */ 1185a8e1175bSopenharmony_civoid x509parse_crt_cb(data_t *buf, char *result_str, int result) 1186a8e1175bSopenharmony_ci{ 1187a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1188a8e1175bSopenharmony_ci mbedtls_x509_buf oid; 1189a8e1175bSopenharmony_ci 1190a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1191a8e1175bSopenharmony_ci unsigned char output[2000] = { 0 }; 1192a8e1175bSopenharmony_ci int res; 1193a8e1175bSopenharmony_ci#else 1194a8e1175bSopenharmony_ci ((void) result_str); 1195a8e1175bSopenharmony_ci#endif 1196a8e1175bSopenharmony_ci 1197a8e1175bSopenharmony_ci oid.tag = MBEDTLS_ASN1_OID; 1198a8e1175bSopenharmony_ci oid.len = MBEDTLS_OID_SIZE(MBEDTLS_OID_PKIX "\x01\x1F"); 1199a8e1175bSopenharmony_ci oid.p = (unsigned char *) MBEDTLS_OID_PKIX "\x01\x1F"; 1200a8e1175bSopenharmony_ci 1201a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1202a8e1175bSopenharmony_ci USE_PSA_INIT(); 1203a8e1175bSopenharmony_ci 1204a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 0, parse_crt_ext_cb, 1205a8e1175bSopenharmony_ci &oid), result); 1206a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1207a8e1175bSopenharmony_ci if ((result) == 0) { 1208a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); 1209a8e1175bSopenharmony_ci 1210a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1211a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1212a8e1175bSopenharmony_ci 1213a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1214a8e1175bSopenharmony_ci } 1215a8e1175bSopenharmony_ci memset(output, 0, 2000); 1216a8e1175bSopenharmony_ci#endif /* !MBEDTLS_X509_REMOVE_INFO */ 1217a8e1175bSopenharmony_ci 1218a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1219a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1220a8e1175bSopenharmony_ci 1221a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_der_with_ext_cb(&crt, buf->x, buf->len, 1, parse_crt_ext_cb, 1222a8e1175bSopenharmony_ci &oid), (result)); 1223a8e1175bSopenharmony_ci#if !defined(MBEDTLS_X509_REMOVE_INFO) 1224a8e1175bSopenharmony_ci if ((result) == 0) { 1225a8e1175bSopenharmony_ci res = mbedtls_x509_crt_info((char *) output, 2000, "", &crt); 1226a8e1175bSopenharmony_ci 1227a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1228a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1229a8e1175bSopenharmony_ci 1230a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1231a8e1175bSopenharmony_ci } 1232a8e1175bSopenharmony_ci#endif /* !MBEDTLS_X509_REMOVE_INFO */ 1233a8e1175bSopenharmony_ci 1234a8e1175bSopenharmony_ciexit: 1235a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1236a8e1175bSopenharmony_ci USE_PSA_DONE(); 1237a8e1175bSopenharmony_ci} 1238a8e1175bSopenharmony_ci/* END_CASE */ 1239a8e1175bSopenharmony_ci 1240a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRL_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 1241a8e1175bSopenharmony_civoid x509parse_crl(data_t *buf, char *result_str, int result) 1242a8e1175bSopenharmony_ci{ 1243a8e1175bSopenharmony_ci mbedtls_x509_crl crl; 1244a8e1175bSopenharmony_ci unsigned char output[2000]; 1245a8e1175bSopenharmony_ci int res; 1246a8e1175bSopenharmony_ci 1247a8e1175bSopenharmony_ci mbedtls_x509_crl_init(&crl); 1248a8e1175bSopenharmony_ci USE_PSA_INIT(); 1249a8e1175bSopenharmony_ci 1250a8e1175bSopenharmony_ci memset(output, 0, 2000); 1251a8e1175bSopenharmony_ci 1252a8e1175bSopenharmony_ci 1253a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crl_parse(&crl, buf->x, buf->len), (result)); 1254a8e1175bSopenharmony_ci if ((result) == 0) { 1255a8e1175bSopenharmony_ci res = mbedtls_x509_crl_info((char *) output, 2000, "", &crl); 1256a8e1175bSopenharmony_ci 1257a8e1175bSopenharmony_ci TEST_ASSERT(res != -1); 1258a8e1175bSopenharmony_ci TEST_ASSERT(res != -2); 1259a8e1175bSopenharmony_ci 1260a8e1175bSopenharmony_ci TEST_EQUAL(strcmp((char *) output, result_str), 0); 1261a8e1175bSopenharmony_ci } 1262a8e1175bSopenharmony_ci 1263a8e1175bSopenharmony_ciexit: 1264a8e1175bSopenharmony_ci mbedtls_x509_crl_free(&crl); 1265a8e1175bSopenharmony_ci USE_PSA_DONE(); 1266a8e1175bSopenharmony_ci} 1267a8e1175bSopenharmony_ci/* END_CASE */ 1268a8e1175bSopenharmony_ci 1269a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 1270a8e1175bSopenharmony_civoid mbedtls_x509_csr_parse(data_t *csr_der, char *ref_out, int ref_ret) 1271a8e1175bSopenharmony_ci{ 1272a8e1175bSopenharmony_ci mbedtls_x509_csr csr; 1273a8e1175bSopenharmony_ci char my_out[1000]; 1274a8e1175bSopenharmony_ci int my_ret; 1275a8e1175bSopenharmony_ci 1276a8e1175bSopenharmony_ci mbedtls_x509_csr_init(&csr); 1277a8e1175bSopenharmony_ci USE_PSA_INIT(); 1278a8e1175bSopenharmony_ci 1279a8e1175bSopenharmony_ci memset(my_out, 0, sizeof(my_out)); 1280a8e1175bSopenharmony_ci 1281a8e1175bSopenharmony_ci my_ret = mbedtls_x509_csr_parse_der(&csr, csr_der->x, csr_der->len); 1282a8e1175bSopenharmony_ci TEST_EQUAL(my_ret, ref_ret); 1283a8e1175bSopenharmony_ci 1284a8e1175bSopenharmony_ci if (ref_ret == 0) { 1285a8e1175bSopenharmony_ci size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); 1286a8e1175bSopenharmony_ci TEST_EQUAL(my_out_len, strlen(ref_out)); 1287a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(my_out, ref_out), 0); 1288a8e1175bSopenharmony_ci } 1289a8e1175bSopenharmony_ci 1290a8e1175bSopenharmony_ciexit: 1291a8e1175bSopenharmony_ci mbedtls_x509_csr_free(&csr); 1292a8e1175bSopenharmony_ci USE_PSA_DONE(); 1293a8e1175bSopenharmony_ci} 1294a8e1175bSopenharmony_ci/* END_CASE */ 1295a8e1175bSopenharmony_ci 1296a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 1297a8e1175bSopenharmony_civoid mbedtls_x509_csr_parse_with_ext_cb(data_t *csr_der, char *ref_out, int ref_ret, int accept) 1298a8e1175bSopenharmony_ci{ 1299a8e1175bSopenharmony_ci mbedtls_x509_csr csr; 1300a8e1175bSopenharmony_ci char my_out[1000]; 1301a8e1175bSopenharmony_ci int my_ret; 1302a8e1175bSopenharmony_ci 1303a8e1175bSopenharmony_ci mbedtls_x509_csr_init(&csr); 1304a8e1175bSopenharmony_ci USE_PSA_INIT(); 1305a8e1175bSopenharmony_ci 1306a8e1175bSopenharmony_ci memset(my_out, 0, sizeof(my_out)); 1307a8e1175bSopenharmony_ci 1308a8e1175bSopenharmony_ci my_ret = mbedtls_x509_csr_parse_der_with_ext_cb(&csr, csr_der->x, csr_der->len, 1309a8e1175bSopenharmony_ci accept ? parse_csr_ext_accept_cb : 1310a8e1175bSopenharmony_ci parse_csr_ext_reject_cb, 1311a8e1175bSopenharmony_ci NULL); 1312a8e1175bSopenharmony_ci TEST_EQUAL(my_ret, ref_ret); 1313a8e1175bSopenharmony_ci 1314a8e1175bSopenharmony_ci if (ref_ret == 0) { 1315a8e1175bSopenharmony_ci size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); 1316a8e1175bSopenharmony_ci TEST_EQUAL(my_out_len, strlen(ref_out)); 1317a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(my_out, ref_out), 0); 1318a8e1175bSopenharmony_ci } 1319a8e1175bSopenharmony_ci 1320a8e1175bSopenharmony_ciexit: 1321a8e1175bSopenharmony_ci mbedtls_x509_csr_free(&csr); 1322a8e1175bSopenharmony_ci USE_PSA_DONE(); 1323a8e1175bSopenharmony_ci} 1324a8e1175bSopenharmony_ci/* END_CASE */ 1325a8e1175bSopenharmony_ci 1326a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CSR_PARSE_C:!MBEDTLS_X509_REMOVE_INFO */ 1327a8e1175bSopenharmony_civoid mbedtls_x509_csr_parse_file(char *csr_file, char *ref_out, int ref_ret) 1328a8e1175bSopenharmony_ci{ 1329a8e1175bSopenharmony_ci mbedtls_x509_csr csr; 1330a8e1175bSopenharmony_ci char my_out[1000]; 1331a8e1175bSopenharmony_ci int my_ret; 1332a8e1175bSopenharmony_ci 1333a8e1175bSopenharmony_ci mbedtls_x509_csr_init(&csr); 1334a8e1175bSopenharmony_ci USE_PSA_INIT(); 1335a8e1175bSopenharmony_ci 1336a8e1175bSopenharmony_ci memset(my_out, 0, sizeof(my_out)); 1337a8e1175bSopenharmony_ci 1338a8e1175bSopenharmony_ci my_ret = mbedtls_x509_csr_parse_file(&csr, csr_file); 1339a8e1175bSopenharmony_ci TEST_EQUAL(my_ret, ref_ret); 1340a8e1175bSopenharmony_ci 1341a8e1175bSopenharmony_ci if (ref_ret == 0) { 1342a8e1175bSopenharmony_ci size_t my_out_len = mbedtls_x509_csr_info(my_out, sizeof(my_out), "", &csr); 1343a8e1175bSopenharmony_ci TEST_EQUAL(my_out_len, strlen(ref_out)); 1344a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(my_out, ref_out), 0); 1345a8e1175bSopenharmony_ci } 1346a8e1175bSopenharmony_ci 1347a8e1175bSopenharmony_ciexit: 1348a8e1175bSopenharmony_ci mbedtls_x509_csr_free(&csr); 1349a8e1175bSopenharmony_ci USE_PSA_DONE(); 1350a8e1175bSopenharmony_ci} 1351a8e1175bSopenharmony_ci/* END_CASE */ 1352a8e1175bSopenharmony_ci 1353a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1354a8e1175bSopenharmony_civoid mbedtls_x509_crt_parse_file(char *crt_path, int ret, int nb_crt) 1355a8e1175bSopenharmony_ci{ 1356a8e1175bSopenharmony_ci mbedtls_x509_crt chain, *cur; 1357a8e1175bSopenharmony_ci int i; 1358a8e1175bSopenharmony_ci 1359a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&chain); 1360a8e1175bSopenharmony_ci USE_PSA_INIT(); 1361a8e1175bSopenharmony_ci 1362a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, crt_path), ret); 1363a8e1175bSopenharmony_ci 1364a8e1175bSopenharmony_ci /* Check how many certs we got */ 1365a8e1175bSopenharmony_ci for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { 1366a8e1175bSopenharmony_ci if (cur->raw.p != NULL) { 1367a8e1175bSopenharmony_ci i++; 1368a8e1175bSopenharmony_ci } 1369a8e1175bSopenharmony_ci } 1370a8e1175bSopenharmony_ci 1371a8e1175bSopenharmony_ci TEST_EQUAL(i, nb_crt); 1372a8e1175bSopenharmony_ci 1373a8e1175bSopenharmony_ciexit: 1374a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&chain); 1375a8e1175bSopenharmony_ci USE_PSA_DONE(); 1376a8e1175bSopenharmony_ci} 1377a8e1175bSopenharmony_ci/* END_CASE */ 1378a8e1175bSopenharmony_ci 1379a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1380a8e1175bSopenharmony_civoid mbedtls_x509_crt_parse_path(char *crt_path, int ret, int nb_crt) 1381a8e1175bSopenharmony_ci{ 1382a8e1175bSopenharmony_ci mbedtls_x509_crt chain, *cur; 1383a8e1175bSopenharmony_ci int i; 1384a8e1175bSopenharmony_ci 1385a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&chain); 1386a8e1175bSopenharmony_ci USE_PSA_INIT(); 1387a8e1175bSopenharmony_ci 1388a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_path(&chain, crt_path), ret); 1389a8e1175bSopenharmony_ci 1390a8e1175bSopenharmony_ci /* Check how many certs we got */ 1391a8e1175bSopenharmony_ci for (i = 0, cur = &chain; cur != NULL; cur = cur->next) { 1392a8e1175bSopenharmony_ci if (cur->raw.p != NULL) { 1393a8e1175bSopenharmony_ci i++; 1394a8e1175bSopenharmony_ci } 1395a8e1175bSopenharmony_ci } 1396a8e1175bSopenharmony_ci 1397a8e1175bSopenharmony_ci TEST_EQUAL(i, nb_crt); 1398a8e1175bSopenharmony_ci 1399a8e1175bSopenharmony_ciexit: 1400a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&chain); 1401a8e1175bSopenharmony_ci USE_PSA_DONE(); 1402a8e1175bSopenharmony_ci} 1403a8e1175bSopenharmony_ci/* END_CASE */ 1404a8e1175bSopenharmony_ci 1405a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1406a8e1175bSopenharmony_civoid mbedtls_x509_crt_verify_max(char *ca_file, char *chain_dir, int nb_int, 1407a8e1175bSopenharmony_ci int ret_chk, int flags_chk) 1408a8e1175bSopenharmony_ci{ 1409a8e1175bSopenharmony_ci char file_buf[128]; 1410a8e1175bSopenharmony_ci int ret; 1411a8e1175bSopenharmony_ci uint32_t flags; 1412a8e1175bSopenharmony_ci mbedtls_x509_crt trusted, chain; 1413a8e1175bSopenharmony_ci 1414a8e1175bSopenharmony_ci /* 1415a8e1175bSopenharmony_ci * We expect chain_dir to contain certificates 00.crt, 01.crt, etc. 1416a8e1175bSopenharmony_ci * with NN.crt signed by NN-1.crt 1417a8e1175bSopenharmony_ci */ 1418a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&trusted); 1419a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&chain); 1420a8e1175bSopenharmony_ci MD_OR_USE_PSA_INIT(); 1421a8e1175bSopenharmony_ci 1422a8e1175bSopenharmony_ci /* Load trusted root */ 1423a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, ca_file), 0); 1424a8e1175bSopenharmony_ci 1425a8e1175bSopenharmony_ci /* Load a chain with nb_int intermediates (from 01 to nb_int), 1426a8e1175bSopenharmony_ci * plus one "end-entity" cert (nb_int + 1) */ 1427a8e1175bSopenharmony_ci ret = mbedtls_snprintf(file_buf, sizeof(file_buf), "%s/c%02d.pem", chain_dir, 1428a8e1175bSopenharmony_ci nb_int + 1); 1429a8e1175bSopenharmony_ci TEST_ASSERT(ret > 0 && (size_t) ret < sizeof(file_buf)); 1430a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, file_buf), 0); 1431a8e1175bSopenharmony_ci 1432a8e1175bSopenharmony_ci /* Try to verify that chain */ 1433a8e1175bSopenharmony_ci ret = mbedtls_x509_crt_verify(&chain, &trusted, NULL, NULL, &flags, 1434a8e1175bSopenharmony_ci NULL, NULL); 1435a8e1175bSopenharmony_ci TEST_EQUAL(ret, ret_chk); 1436a8e1175bSopenharmony_ci TEST_EQUAL(flags, (uint32_t) flags_chk); 1437a8e1175bSopenharmony_ci 1438a8e1175bSopenharmony_ciexit: 1439a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&chain); 1440a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&trusted); 1441a8e1175bSopenharmony_ci MD_OR_USE_PSA_DONE(); 1442a8e1175bSopenharmony_ci} 1443a8e1175bSopenharmony_ci/* END_CASE */ 1444a8e1175bSopenharmony_ci 1445a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1446a8e1175bSopenharmony_civoid mbedtls_x509_crt_verify_chain(char *chain_paths, char *trusted_ca, 1447a8e1175bSopenharmony_ci int flags_result, int result, 1448a8e1175bSopenharmony_ci char *profile_name, int vrfy_fatal_lvls) 1449a8e1175bSopenharmony_ci{ 1450a8e1175bSopenharmony_ci char *act; 1451a8e1175bSopenharmony_ci uint32_t flags; 1452a8e1175bSopenharmony_ci int res; 1453a8e1175bSopenharmony_ci mbedtls_x509_crt trusted, chain; 1454a8e1175bSopenharmony_ci const mbedtls_x509_crt_profile *profile = NULL; 1455a8e1175bSopenharmony_ci 1456a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&chain); 1457a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&trusted); 1458a8e1175bSopenharmony_ci MD_OR_USE_PSA_INIT(); 1459a8e1175bSopenharmony_ci 1460a8e1175bSopenharmony_ci while ((act = mystrsep(&chain_paths, " ")) != NULL) { 1461a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&chain, act), 0); 1462a8e1175bSopenharmony_ci } 1463a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&trusted, trusted_ca), 0); 1464a8e1175bSopenharmony_ci 1465a8e1175bSopenharmony_ci if (strcmp(profile_name, "") == 0) { 1466a8e1175bSopenharmony_ci profile = &mbedtls_x509_crt_profile_default; 1467a8e1175bSopenharmony_ci } else if (strcmp(profile_name, "next") == 0) { 1468a8e1175bSopenharmony_ci profile = &mbedtls_x509_crt_profile_next; 1469a8e1175bSopenharmony_ci } else if (strcmp(profile_name, "suiteb") == 0) { 1470a8e1175bSopenharmony_ci profile = &mbedtls_x509_crt_profile_suiteb; 1471a8e1175bSopenharmony_ci } else if (strcmp(profile_name, "rsa3072") == 0) { 1472a8e1175bSopenharmony_ci profile = &profile_rsa3072; 1473a8e1175bSopenharmony_ci } else if (strcmp(profile_name, "sha512") == 0) { 1474a8e1175bSopenharmony_ci profile = &profile_sha512; 1475a8e1175bSopenharmony_ci } 1476a8e1175bSopenharmony_ci 1477a8e1175bSopenharmony_ci res = mbedtls_x509_crt_verify_with_profile(&chain, &trusted, NULL, profile, 1478a8e1175bSopenharmony_ci NULL, &flags, verify_fatal, &vrfy_fatal_lvls); 1479a8e1175bSopenharmony_ci 1480a8e1175bSopenharmony_ci TEST_EQUAL(res, (result)); 1481a8e1175bSopenharmony_ci TEST_EQUAL(flags, (uint32_t) (flags_result)); 1482a8e1175bSopenharmony_ci 1483a8e1175bSopenharmony_ciexit: 1484a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&trusted); 1485a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&chain); 1486a8e1175bSopenharmony_ci MD_OR_USE_PSA_DONE(); 1487a8e1175bSopenharmony_ci} 1488a8e1175bSopenharmony_ci/* END_CASE */ 1489a8e1175bSopenharmony_ci 1490a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C:!MBEDTLS_X509_REMOVE_INFO */ 1491a8e1175bSopenharmony_civoid x509_oid_desc(data_t *buf, char *ref_desc) 1492a8e1175bSopenharmony_ci{ 1493a8e1175bSopenharmony_ci mbedtls_x509_buf oid; 1494a8e1175bSopenharmony_ci const char *desc = NULL; 1495a8e1175bSopenharmony_ci int ret; 1496a8e1175bSopenharmony_ci 1497a8e1175bSopenharmony_ci USE_PSA_INIT(); 1498a8e1175bSopenharmony_ci 1499a8e1175bSopenharmony_ci oid.tag = MBEDTLS_ASN1_OID; 1500a8e1175bSopenharmony_ci oid.p = buf->x; 1501a8e1175bSopenharmony_ci oid.len = buf->len; 1502a8e1175bSopenharmony_ci 1503a8e1175bSopenharmony_ci ret = mbedtls_oid_get_extended_key_usage(&oid, &desc); 1504a8e1175bSopenharmony_ci 1505a8e1175bSopenharmony_ci if (strcmp(ref_desc, "notfound") == 0) { 1506a8e1175bSopenharmony_ci TEST_ASSERT(ret != 0); 1507a8e1175bSopenharmony_ci TEST_ASSERT(desc == NULL); 1508a8e1175bSopenharmony_ci } else { 1509a8e1175bSopenharmony_ci TEST_EQUAL(ret, 0); 1510a8e1175bSopenharmony_ci TEST_ASSERT(desc != NULL); 1511a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(desc, ref_desc), 0); 1512a8e1175bSopenharmony_ci } 1513a8e1175bSopenharmony_ci 1514a8e1175bSopenharmony_ciexit: 1515a8e1175bSopenharmony_ci USE_PSA_DONE(); 1516a8e1175bSopenharmony_ci} 1517a8e1175bSopenharmony_ci/* END_CASE */ 1518a8e1175bSopenharmony_ci 1519a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ 1520a8e1175bSopenharmony_civoid x509_oid_numstr(data_t *oid_buf, char *numstr, int blen, int ret) 1521a8e1175bSopenharmony_ci{ 1522a8e1175bSopenharmony_ci mbedtls_x509_buf oid; 1523a8e1175bSopenharmony_ci char num_buf[100]; 1524a8e1175bSopenharmony_ci 1525a8e1175bSopenharmony_ci USE_PSA_INIT(); 1526a8e1175bSopenharmony_ci 1527a8e1175bSopenharmony_ci memset(num_buf, 0x2a, sizeof(num_buf)); 1528a8e1175bSopenharmony_ci 1529a8e1175bSopenharmony_ci oid.tag = MBEDTLS_ASN1_OID; 1530a8e1175bSopenharmony_ci oid.p = oid_buf->x; 1531a8e1175bSopenharmony_ci oid.len = oid_buf->len; 1532a8e1175bSopenharmony_ci 1533a8e1175bSopenharmony_ci TEST_ASSERT((size_t) blen <= sizeof(num_buf)); 1534a8e1175bSopenharmony_ci 1535a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_oid_get_numeric_string(num_buf, blen, &oid), ret); 1536a8e1175bSopenharmony_ci 1537a8e1175bSopenharmony_ci if (ret >= 0) { 1538a8e1175bSopenharmony_ci TEST_EQUAL(num_buf[ret], 0); 1539a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(num_buf, numstr), 0); 1540a8e1175bSopenharmony_ci } 1541a8e1175bSopenharmony_ci 1542a8e1175bSopenharmony_ciexit: 1543a8e1175bSopenharmony_ci USE_PSA_DONE(); 1544a8e1175bSopenharmony_ci} 1545a8e1175bSopenharmony_ci/* END_CASE */ 1546a8e1175bSopenharmony_ci 1547a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1548a8e1175bSopenharmony_civoid x509_check_key_usage(char *crt_file, int usage, int ret) 1549a8e1175bSopenharmony_ci{ 1550a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1551a8e1175bSopenharmony_ci 1552a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1553a8e1175bSopenharmony_ci USE_PSA_INIT(); 1554a8e1175bSopenharmony_ci 1555a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 1556a8e1175bSopenharmony_ci 1557a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_check_key_usage(&crt, usage), ret); 1558a8e1175bSopenharmony_ci 1559a8e1175bSopenharmony_ciexit: 1560a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1561a8e1175bSopenharmony_ci USE_PSA_DONE(); 1562a8e1175bSopenharmony_ci} 1563a8e1175bSopenharmony_ci/* END_CASE */ 1564a8e1175bSopenharmony_ci 1565a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C */ 1566a8e1175bSopenharmony_civoid x509_check_extended_key_usage(char *crt_file, data_t *oid, int ret 1567a8e1175bSopenharmony_ci ) 1568a8e1175bSopenharmony_ci{ 1569a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1570a8e1175bSopenharmony_ci 1571a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1572a8e1175bSopenharmony_ci USE_PSA_INIT(); 1573a8e1175bSopenharmony_ci 1574a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, crt_file), 0); 1575a8e1175bSopenharmony_ci 1576a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_check_extended_key_usage(&crt, (const char *) oid->x, oid->len), 1577a8e1175bSopenharmony_ci ret); 1578a8e1175bSopenharmony_ci 1579a8e1175bSopenharmony_ciexit: 1580a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1581a8e1175bSopenharmony_ci USE_PSA_DONE(); 1582a8e1175bSopenharmony_ci} 1583a8e1175bSopenharmony_ci/* END_CASE */ 1584a8e1175bSopenharmony_ci 1585a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_USE_C */ 1586a8e1175bSopenharmony_civoid x509_get_time(int tag, char *time_str, int ret, int year, int mon, 1587a8e1175bSopenharmony_ci int day, int hour, int min, int sec) 1588a8e1175bSopenharmony_ci{ 1589a8e1175bSopenharmony_ci mbedtls_x509_time time; 1590a8e1175bSopenharmony_ci unsigned char buf[21]; 1591a8e1175bSopenharmony_ci unsigned char *start = buf; 1592a8e1175bSopenharmony_ci unsigned char *end = buf; 1593a8e1175bSopenharmony_ci 1594a8e1175bSopenharmony_ci USE_PSA_INIT(); 1595a8e1175bSopenharmony_ci memset(&time, 0x00, sizeof(time)); 1596a8e1175bSopenharmony_ci *end = (unsigned char) tag; end++; 1597a8e1175bSopenharmony_ci *end = strlen(time_str); 1598a8e1175bSopenharmony_ci TEST_ASSERT(*end < 20); 1599a8e1175bSopenharmony_ci end++; 1600a8e1175bSopenharmony_ci memcpy(end, time_str, (size_t) *(end - 1)); 1601a8e1175bSopenharmony_ci end += *(end - 1); 1602a8e1175bSopenharmony_ci 1603a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_get_time(&start, end, &time), ret); 1604a8e1175bSopenharmony_ci if (ret == 0) { 1605a8e1175bSopenharmony_ci TEST_EQUAL(year, time.year); 1606a8e1175bSopenharmony_ci TEST_EQUAL(mon, time.mon); 1607a8e1175bSopenharmony_ci TEST_EQUAL(day, time.day); 1608a8e1175bSopenharmony_ci TEST_EQUAL(hour, time.hour); 1609a8e1175bSopenharmony_ci TEST_EQUAL(min, time.min); 1610a8e1175bSopenharmony_ci TEST_EQUAL(sec, time.sec); 1611a8e1175bSopenharmony_ci } 1612a8e1175bSopenharmony_ciexit: 1613a8e1175bSopenharmony_ci USE_PSA_DONE(); 1614a8e1175bSopenharmony_ci} 1615a8e1175bSopenharmony_ci/* END_CASE */ 1616a8e1175bSopenharmony_ci 1617a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_X509_RSASSA_PSS_SUPPORT */ 1618a8e1175bSopenharmony_civoid x509_parse_rsassa_pss_params(data_t *params, int params_tag, 1619a8e1175bSopenharmony_ci int ref_msg_md, int ref_mgf_md, 1620a8e1175bSopenharmony_ci int ref_salt_len, int ref_ret) 1621a8e1175bSopenharmony_ci{ 1622a8e1175bSopenharmony_ci int my_ret; 1623a8e1175bSopenharmony_ci mbedtls_x509_buf buf; 1624a8e1175bSopenharmony_ci mbedtls_md_type_t my_msg_md, my_mgf_md; 1625a8e1175bSopenharmony_ci int my_salt_len; 1626a8e1175bSopenharmony_ci 1627a8e1175bSopenharmony_ci USE_PSA_INIT(); 1628a8e1175bSopenharmony_ci 1629a8e1175bSopenharmony_ci buf.p = params->x; 1630a8e1175bSopenharmony_ci buf.len = params->len; 1631a8e1175bSopenharmony_ci buf.tag = params_tag; 1632a8e1175bSopenharmony_ci 1633a8e1175bSopenharmony_ci my_ret = mbedtls_x509_get_rsassa_pss_params(&buf, &my_msg_md, &my_mgf_md, 1634a8e1175bSopenharmony_ci &my_salt_len); 1635a8e1175bSopenharmony_ci 1636a8e1175bSopenharmony_ci TEST_EQUAL(my_ret, ref_ret); 1637a8e1175bSopenharmony_ci 1638a8e1175bSopenharmony_ci if (ref_ret == 0) { 1639a8e1175bSopenharmony_ci TEST_EQUAL(my_msg_md, (mbedtls_md_type_t) ref_msg_md); 1640a8e1175bSopenharmony_ci TEST_EQUAL(my_mgf_md, (mbedtls_md_type_t) ref_mgf_md); 1641a8e1175bSopenharmony_ci TEST_EQUAL(my_salt_len, ref_salt_len); 1642a8e1175bSopenharmony_ci } 1643a8e1175bSopenharmony_ci 1644a8e1175bSopenharmony_ciexit: 1645a8e1175bSopenharmony_ci USE_PSA_DONE(); 1646a8e1175bSopenharmony_ci} 1647a8e1175bSopenharmony_ci/* END_CASE */ 1648a8e1175bSopenharmony_ci 1649a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ 1650a8e1175bSopenharmony_civoid x509_crt_parse_subjectkeyid(char *file, data_t *subjectKeyId, int ref_ret) 1651a8e1175bSopenharmony_ci{ 1652a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1653a8e1175bSopenharmony_ci 1654a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1655a8e1175bSopenharmony_ci 1656a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, file), ref_ret); 1657a8e1175bSopenharmony_ci 1658a8e1175bSopenharmony_ci if (ref_ret == 0) { 1659a8e1175bSopenharmony_ci TEST_EQUAL(crt.subject_key_id.tag, MBEDTLS_ASN1_OCTET_STRING); 1660a8e1175bSopenharmony_ci TEST_EQUAL(memcmp(crt.subject_key_id.p, subjectKeyId->x, subjectKeyId->len), 0); 1661a8e1175bSopenharmony_ci TEST_EQUAL(crt.subject_key_id.len, subjectKeyId->len); 1662a8e1175bSopenharmony_ci } else { 1663a8e1175bSopenharmony_ci TEST_EQUAL(crt.subject_key_id.tag, 0); 1664a8e1175bSopenharmony_ci TEST_EQUAL(crt.subject_key_id.len, 0); 1665a8e1175bSopenharmony_ci } 1666a8e1175bSopenharmony_ci 1667a8e1175bSopenharmony_ciexit: 1668a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1669a8e1175bSopenharmony_ci} 1670a8e1175bSopenharmony_ci/* END_CASE */ 1671a8e1175bSopenharmony_ci 1672a8e1175bSopenharmony_ci/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_FS_IO */ 1673a8e1175bSopenharmony_civoid x509_crt_parse_authoritykeyid(char *file, 1674a8e1175bSopenharmony_ci data_t *keyId, 1675a8e1175bSopenharmony_ci char *authorityKeyId_issuer, 1676a8e1175bSopenharmony_ci data_t *serial, 1677a8e1175bSopenharmony_ci int ref_ret) 1678a8e1175bSopenharmony_ci{ 1679a8e1175bSopenharmony_ci mbedtls_x509_crt crt; 1680a8e1175bSopenharmony_ci mbedtls_x509_subject_alternative_name san; 1681a8e1175bSopenharmony_ci char name_buf[128]; 1682a8e1175bSopenharmony_ci 1683a8e1175bSopenharmony_ci mbedtls_x509_crt_init(&crt); 1684a8e1175bSopenharmony_ci 1685a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_crt_parse_file(&crt, file), ref_ret); 1686a8e1175bSopenharmony_ci 1687a8e1175bSopenharmony_ci if (ref_ret == 0) { 1688a8e1175bSopenharmony_ci /* KeyId test */ 1689a8e1175bSopenharmony_ci if (keyId->len > 0) { 1690a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.keyIdentifier.tag, MBEDTLS_ASN1_OCTET_STRING); 1691a8e1175bSopenharmony_ci TEST_EQUAL(memcmp(crt.authority_key_id.keyIdentifier.p, keyId->x, keyId->len), 0); 1692a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.keyIdentifier.len, keyId->len); 1693a8e1175bSopenharmony_ci } else { 1694a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.keyIdentifier.tag, 0); 1695a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.keyIdentifier.len, 0); 1696a8e1175bSopenharmony_ci } 1697a8e1175bSopenharmony_ci 1698a8e1175bSopenharmony_ci 1699a8e1175bSopenharmony_ci /* Issuer test */ 1700a8e1175bSopenharmony_ci if (strlen(authorityKeyId_issuer) > 0) { 1701a8e1175bSopenharmony_ci mbedtls_x509_sequence *issuerPtr = &crt.authority_key_id.authorityCertIssuer; 1702a8e1175bSopenharmony_ci 1703a8e1175bSopenharmony_ci TEST_EQUAL(mbedtls_x509_parse_subject_alt_name(&issuerPtr->buf, &san), 0); 1704a8e1175bSopenharmony_ci 1705a8e1175bSopenharmony_ci TEST_ASSERT(mbedtls_x509_dn_gets(name_buf, sizeof(name_buf), 1706a8e1175bSopenharmony_ci &san.san.directory_name) 1707a8e1175bSopenharmony_ci > 0); 1708a8e1175bSopenharmony_ci TEST_EQUAL(strcmp(name_buf, authorityKeyId_issuer), 0); 1709a8e1175bSopenharmony_ci 1710a8e1175bSopenharmony_ci mbedtls_x509_free_subject_alt_name(&san); 1711a8e1175bSopenharmony_ci } 1712a8e1175bSopenharmony_ci 1713a8e1175bSopenharmony_ci /* Serial test */ 1714a8e1175bSopenharmony_ci if (serial->len > 0) { 1715a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.tag, 1716a8e1175bSopenharmony_ci MBEDTLS_ASN1_INTEGER); 1717a8e1175bSopenharmony_ci TEST_EQUAL(memcmp(crt.authority_key_id.authorityCertSerialNumber.p, 1718a8e1175bSopenharmony_ci serial->x, serial->len), 0); 1719a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.len, serial->len); 1720a8e1175bSopenharmony_ci } else { 1721a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.tag, 0); 1722a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.len, 0); 1723a8e1175bSopenharmony_ci } 1724a8e1175bSopenharmony_ci 1725a8e1175bSopenharmony_ci } else { 1726a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.keyIdentifier.tag, 0); 1727a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.keyIdentifier.len, 0); 1728a8e1175bSopenharmony_ci 1729a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.tag, 0); 1730a8e1175bSopenharmony_ci TEST_EQUAL(crt.authority_key_id.authorityCertSerialNumber.len, 0); 1731a8e1175bSopenharmony_ci } 1732a8e1175bSopenharmony_ci 1733a8e1175bSopenharmony_ciexit: 1734a8e1175bSopenharmony_ci mbedtls_x509_crt_free(&crt); 1735a8e1175bSopenharmony_ci} 1736a8e1175bSopenharmony_ci/* END_CASE */ 1737