1/* BEGIN_HEADER */ 2#include "mbedtls/bignum.h" 3#include "mbedtls/x509_crt.h" 4#include "mbedtls/x509_csr.h" 5#include "x509_internal.h" 6#include "mbedtls/pem.h" 7#include "mbedtls/oid.h" 8#include "mbedtls/rsa.h" 9#include "mbedtls/asn1write.h" 10#include "mbedtls/pk.h" 11#include "mbedtls/psa_util.h" 12 13#if defined(MBEDTLS_RSA_C) 14int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen, 15 const unsigned char *input, unsigned char *output, 16 size_t output_max_len) 17{ 18 return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL, 19 olen, input, output, output_max_len); 20} 21int mbedtls_rsa_sign_func(void *ctx, 22 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, 23 mbedtls_md_type_t md_alg, unsigned int hashlen, 24 const unsigned char *hash, unsigned char *sig) 25{ 26 return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng, 27 md_alg, hashlen, hash, sig); 28} 29size_t mbedtls_rsa_key_len_func(void *ctx) 30{ 31 return ((const mbedtls_rsa_context *) ctx)->len; 32} 33#endif /* MBEDTLS_RSA_C */ 34 35#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ 36 defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C) 37static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) 38{ 39 unsigned char hash[PSA_HASH_MAX_SIZE]; 40 mbedtls_x509_csr csr; 41 int ret = 0; 42 43 mbedtls_x509_csr_init(&csr); 44 45 if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) { 46 ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; 47 goto cleanup; 48 } 49 50 psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type(csr.sig_md); 51 size_t hash_size = 0; 52 psa_status_t status = psa_hash_compute(psa_alg, csr.cri.p, csr.cri.len, 53 hash, PSA_HASH_MAX_SIZE, &hash_size); 54 55 if (status != PSA_SUCCESS) { 56 /* Note: this can't happen except after an internal error */ 57 ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; 58 goto cleanup; 59 } 60 61 if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk, 62 csr.sig_md, hash, mbedtls_md_get_size_from_type(csr.sig_md), 63 csr.sig.p, csr.sig.len) != 0) { 64 ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; 65 goto cleanup; 66 } 67 68cleanup: 69 70 mbedtls_x509_csr_free(&csr); 71 return ret; 72} 73#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */ 74 75#if defined(MBEDTLS_X509_CSR_WRITE_C) 76 77/* 78 * The size of this temporary buffer is given by the sequence of functions 79 * called hereinafter: 80 * - mbedtls_asn1_write_oid() 81 * - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value 82 * - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length 83 * - 1 byte for MBEDTLS_ASN1_OID tag 84 * - mbedtls_asn1_write_len() 85 * - 1 byte since we're dealing with sizes which are less than 0x80 86 * - mbedtls_asn1_write_tag() 87 * - 1 byte 88 * 89 * This length is fine as long as this function is called using the 90 * MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this 91 * buffer's length should be adjusted accordingly. 92 * Unfortunately there's no predefined max size for OIDs which can be used 93 * to set an overall upper boundary which is always guaranteed. 94 */ 95#define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH 12 96 97static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, 98 const char *oid, size_t oid_len) 99{ 100 unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; 101 unsigned char *p = buf + sizeof(buf); 102 int ret; 103 size_t len = 0; 104 105 /* 106 * Following functions fail anyway if the temporary buffer is not large, 107 * but we set an extra check here to emphasize a possible source of errors 108 */ 109 if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) { 110 return MBEDTLS_ERR_X509_BAD_INPUT_DATA; 111 } 112 113 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len)); 114 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret)); 115 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, 116 MBEDTLS_ASN1_CONSTRUCTED | 117 MBEDTLS_ASN1_SEQUENCE)); 118 119 ret = mbedtls_x509write_csr_set_extension(ctx, 120 MBEDTLS_OID_EXTENDED_KEY_USAGE, 121 MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), 122 0, 123 p, 124 len); 125 126 return ret; 127} 128#endif /* MBEDTLS_X509_CSR_WRITE_C */ 129 130/* Due to inconsistencies in the input size limits applied by different 131 * library functions, some write-parse tests may fail. */ 132#define MAY_FAIL_GET_NAME 0x0001 133#define MAY_FAIL_DN_GETS 0x0002 134 135/* END_HEADER */ 136 137/* BEGIN_DEPENDENCIES 138 * depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C 139 * END_DEPENDENCIES 140 */ 141 142/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ 143void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, 144 int key_usage, int set_key_usage, int cert_type, 145 int set_cert_type, int set_extension) 146{ 147 mbedtls_pk_context key; 148 mbedtls_x509write_csr req; 149 unsigned char buf[4096]; 150 int ret; 151#if !defined(MBEDTLS_USE_PSA_CRYPTO) 152 unsigned char check_buf[4000]; 153 FILE *f; 154 size_t olen = 0; 155#endif /* !MBEDTLS_USE_PSA_CRYPTO */ 156 size_t pem_len = 0, buf_index; 157 int der_len = -1; 158 const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; 159 mbedtls_test_rnd_pseudo_info rnd_info; 160 mbedtls_x509_san_list san_ip; 161 mbedtls_x509_san_list san_dns; 162 mbedtls_x509_san_list san_uri; 163 mbedtls_x509_san_list san_mail; 164 mbedtls_x509_san_list san_dn; 165 mbedtls_x509_san_list *san_list = NULL; 166 mbedtls_asn1_named_data *ext_san_dirname = NULL; 167 168 const char san_ip_name[] = { 0x7f, 0x00, 0x00, 0x01 }; // 127.0.0.1 169 const char *san_dns_name = "example.com"; 170 const char *san_dn_name = "C=UK,O=Mbed TLS,CN=Mbed TLS directoryName SAN"; 171 const char *san_mail_name = "mail@example.com"; 172 const char *san_uri_name = "http://pki.example.com"; 173 174 san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME; 175 san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name; 176 san_mail.node.san.unstructured_name.len = strlen(san_mail_name); 177 san_mail.next = NULL; 178 179 san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME; 180 san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name; 181 san_dns.node.san.unstructured_name.len = strlen(san_dns_name); 182 san_dns.next = &san_mail; 183 184 san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; 185 TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname, 186 san_dn_name) == 0); 187 san_dn.node.san.directory_name = *ext_san_dirname; 188 san_dn.next = &san_dns; 189 190 san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS; 191 san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name; 192 san_ip.node.san.unstructured_name.len = sizeof(san_ip_name); 193 san_ip.next = &san_dn; 194 195 san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; 196 san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name; 197 san_uri.node.san.unstructured_name.len = strlen(san_uri_name); 198 san_uri.next = &san_ip; 199 200 san_list = &san_uri; 201 202 memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); 203 204 mbedtls_x509write_csr_init(&req); 205 mbedtls_pk_init(&key); 206 MD_OR_USE_PSA_INIT(); 207 208 TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, 209 mbedtls_test_rnd_std_rand, NULL) == 0); 210 211 mbedtls_x509write_csr_set_md_alg(&req, md_type); 212 mbedtls_x509write_csr_set_key(&req, &key); 213 TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); 214 if (set_key_usage != 0) { 215 TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); 216 } 217 if (set_cert_type != 0) { 218 TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); 219 } 220 if (set_extension != 0) { 221 TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH, 222 MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0); 223 224 TEST_ASSERT(mbedtls_x509write_csr_set_subject_alternative_name(&req, san_list) == 0); 225 } 226 227 ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf), 228 mbedtls_test_rnd_pseudo_rand, &rnd_info); 229 TEST_ASSERT(ret == 0); 230 231 pem_len = strlen((char *) buf); 232 233 for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { 234 TEST_ASSERT(buf[buf_index] == 0); 235 } 236 237#if defined(MBEDTLS_USE_PSA_CRYPTO) 238 // When using PSA crypto, RNG isn't controllable, so cert_req_check_file can't be used 239 (void) cert_req_check_file; 240 buf[pem_len] = '\0'; 241 TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); 242#else 243 f = fopen(cert_req_check_file, "r"); 244 TEST_ASSERT(f != NULL); 245 olen = fread(check_buf, 1, sizeof(check_buf), f); 246 fclose(f); 247 248 TEST_ASSERT(olen >= pem_len - 1); 249 TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); 250#endif /* MBEDTLS_USE_PSA_CRYPTO */ 251 252 der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf), 253 mbedtls_test_rnd_pseudo_rand, 254 &rnd_info); 255 TEST_ASSERT(der_len >= 0); 256 257 if (der_len == 0) { 258 goto exit; 259 } 260 261#if defined(MBEDTLS_USE_PSA_CRYPTO) 262 // When using PSA crypto, RNG isn't controllable, result length isn't 263 // deterministic over multiple runs, removing a single byte isn't enough to 264 // go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case 265 der_len /= 2; 266#else 267 der_len -= 1; 268#endif 269 ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len), 270 mbedtls_test_rnd_pseudo_rand, &rnd_info); 271 TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); 272 273exit: 274 mbedtls_asn1_free_named_data_list(&ext_san_dirname); 275 mbedtls_x509write_csr_free(&req); 276 mbedtls_pk_free(&key); 277 MD_OR_USE_PSA_DONE(); 278} 279/* END_CASE */ 280 281/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ 282void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, 283 int cert_type) 284{ 285 mbedtls_pk_context key; 286 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 287 psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; 288 mbedtls_x509write_csr req; 289 unsigned char buf[4096]; 290 int ret; 291 size_t pem_len = 0; 292 const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; 293 mbedtls_test_rnd_pseudo_info rnd_info; 294 295 mbedtls_x509write_csr_init(&req); 296 MD_OR_USE_PSA_INIT(); 297 298 memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); 299 300 mbedtls_pk_init(&key); 301 TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, 302 mbedtls_test_rnd_std_rand, NULL) == 0); 303 304 /* Turn the PK context into an opaque one. */ 305 TEST_EQUAL(mbedtls_pk_get_psa_attributes(&key, PSA_KEY_USAGE_SIGN_HASH, &key_attr), 0); 306 TEST_EQUAL(mbedtls_pk_import_into_psa(&key, &key_attr, &key_id), 0); 307 mbedtls_pk_free(&key); 308 mbedtls_pk_init(&key); 309 TEST_EQUAL(mbedtls_pk_setup_opaque(&key, key_id), 0); 310 311 mbedtls_x509write_csr_set_md_alg(&req, md_type); 312 mbedtls_x509write_csr_set_key(&req, &key); 313 TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); 314 if (key_usage != 0) { 315 TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); 316 } 317 if (cert_type != 0) { 318 TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); 319 } 320 321 ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1, 322 mbedtls_test_rnd_pseudo_rand, &rnd_info); 323 324 TEST_ASSERT(ret == 0); 325 326 pem_len = strlen((char *) buf); 327 buf[pem_len] = '\0'; 328 TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); 329 330 331exit: 332 mbedtls_x509write_csr_free(&req); 333 mbedtls_pk_free(&key); 334 psa_destroy_key(key_id); 335 MD_OR_USE_PSA_DONE(); 336} 337/* END_CASE */ 338 339/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_MD_CAN_SHA1 */ 340void x509_crt_check(char *subject_key_file, char *subject_pwd, 341 char *subject_name, char *issuer_key_file, 342 char *issuer_pwd, char *issuer_name, 343 data_t *serial_arg, char *not_before, char *not_after, 344 int md_type, int key_usage, int set_key_usage, 345 char *ext_key_usage, 346 int cert_type, int set_cert_type, int auth_ident, 347 int ver, char *cert_check_file, int pk_wrap, int is_ca, 348 char *cert_verify_file, int set_subjectAltNames) 349{ 350 mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; 351 mbedtls_pk_context *key = &issuer_key; 352 353 mbedtls_x509write_cert crt; 354 unsigned char buf[4096]; 355 unsigned char check_buf[5000]; 356 unsigned char *p, *end; 357 unsigned char tag, sz; 358#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 359 mbedtls_mpi serial_mpi; 360#endif 361 int ret, before_tag, after_tag; 362 size_t olen = 0, pem_len = 0, buf_index = 0; 363 int der_len = -1; 364 FILE *f; 365 mbedtls_test_rnd_pseudo_info rnd_info; 366#if defined(MBEDTLS_USE_PSA_CRYPTO) 367 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 368 psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; 369#endif 370 mbedtls_pk_type_t issuer_key_type; 371 mbedtls_x509_san_list san_ip; 372 mbedtls_x509_san_list san_dns; 373 mbedtls_x509_san_list san_uri; 374 mbedtls_x509_san_list san_mail; 375 mbedtls_x509_san_list san_dn; 376 mbedtls_asn1_named_data *ext_san_dirname = NULL; 377 const char san_ip_name[] = { 0x01, 0x02, 0x03, 0x04 }; 378 const char *san_dns_name = "example.com"; 379 const char *san_dn_name = "C=UK,O=Mbed TLS,CN=SubjectAltName test"; 380 const char *san_mail_name = "mail@example.com"; 381 const char *san_uri_name = "http://pki.example.com"; 382 mbedtls_x509_san_list *san_list = NULL; 383 384 if (set_subjectAltNames) { 385 san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME; 386 san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name; 387 san_mail.node.san.unstructured_name.len = strlen(san_mail_name); 388 san_mail.next = NULL; 389 390 san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME; 391 san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name; 392 san_dns.node.san.unstructured_name.len = strlen(san_dns_name); 393 san_dns.next = &san_mail; 394 395 san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; 396 TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname, 397 san_dn_name) == 0); 398 san_dn.node.san.directory_name = *ext_san_dirname; 399 san_dn.next = &san_dns; 400 401 san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS; 402 san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name; 403 san_ip.node.san.unstructured_name.len = sizeof(san_ip_name); 404 san_ip.next = &san_dn; 405 406 san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; 407 san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name; 408 san_uri.node.san.unstructured_name.len = strlen(san_uri_name); 409 san_uri.next = &san_ip; 410 411 san_list = &san_uri; 412 } 413 414 memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); 415#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 416 mbedtls_mpi_init(&serial_mpi); 417#endif 418 419 mbedtls_pk_init(&subject_key); 420 mbedtls_pk_init(&issuer_key); 421 mbedtls_pk_init(&issuer_key_alt); 422 mbedtls_x509write_crt_init(&crt); 423 MD_OR_USE_PSA_INIT(); 424 425 TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file, 426 subject_pwd, mbedtls_test_rnd_std_rand, NULL) == 0); 427 428 TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file, 429 issuer_pwd, mbedtls_test_rnd_std_rand, NULL) == 0); 430 431 issuer_key_type = mbedtls_pk_get_type(&issuer_key); 432 433#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 434 /* For RSA PK contexts, create a copy as an alternative RSA context. */ 435 if (pk_wrap == 1 && issuer_key_type == MBEDTLS_PK_RSA) { 436 TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt, 437 mbedtls_pk_rsa(issuer_key), 438 mbedtls_rsa_decrypt_func, 439 mbedtls_rsa_sign_func, 440 mbedtls_rsa_key_len_func) == 0); 441 442 key = &issuer_key_alt; 443 } 444#endif 445 446#if defined(MBEDTLS_USE_PSA_CRYPTO) 447 /* Turn the issuer PK context into an opaque one. */ 448 if (pk_wrap == 2) { 449 TEST_EQUAL(mbedtls_pk_get_psa_attributes(&issuer_key, PSA_KEY_USAGE_SIGN_HASH, 450 &key_attr), 0); 451 TEST_EQUAL(mbedtls_pk_import_into_psa(&issuer_key, &key_attr, &key_id), 0); 452 mbedtls_pk_free(&issuer_key); 453 mbedtls_pk_init(&issuer_key); 454 TEST_EQUAL(mbedtls_pk_setup_opaque(&issuer_key, key_id), 0); 455 } 456#endif /* MBEDTLS_USE_PSA_CRYPTO */ 457 458 if (pk_wrap == 2) { 459 TEST_ASSERT(mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_OPAQUE); 460 } 461 462 if (ver != -1) { 463 mbedtls_x509write_crt_set_version(&crt, ver); 464 } 465 466#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 467 TEST_ASSERT(mbedtls_mpi_read_binary(&serial_mpi, serial_arg->x, 468 serial_arg->len) == 0); 469 TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial_mpi) == 0); 470#else 471 TEST_ASSERT(mbedtls_x509write_crt_set_serial_raw(&crt, serial_arg->x, 472 serial_arg->len) == 0); 473#endif 474 TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before, 475 not_after) == 0); 476 mbedtls_x509write_crt_set_md_alg(&crt, md_type); 477 TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0); 478 TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0); 479 mbedtls_x509write_crt_set_subject_key(&crt, &subject_key); 480 481 mbedtls_x509write_crt_set_issuer_key(&crt, key); 482 483 if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) { 484 /* For the CA case, a path length of -1 means unlimited. */ 485 TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca, 486 (is_ca ? -1 : 0)) == 0); 487 TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0); 488 if (auth_ident) { 489 TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0); 490 } 491 if (set_key_usage != 0) { 492 TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0); 493 } 494 if (set_cert_type != 0) { 495 TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0); 496 } 497 if (strcmp(ext_key_usage, "NULL") != 0) { 498 mbedtls_asn1_sequence exts[2]; 499 memset(exts, 0, sizeof(exts)); 500 501#define SET_OID(x, oid) \ 502 do { \ 503 x.len = MBEDTLS_OID_SIZE(oid); \ 504 x.p = (unsigned char *) oid; \ 505 x.tag = MBEDTLS_ASN1_OID; \ 506 } \ 507 while (0) 508 509 if (strcmp(ext_key_usage, "serverAuth") == 0) { 510 SET_OID(exts[0].buf, MBEDTLS_OID_SERVER_AUTH); 511 } else if (strcmp(ext_key_usage, "codeSigning,timeStamping") == 0) { 512 SET_OID(exts[0].buf, MBEDTLS_OID_CODE_SIGNING); 513 exts[0].next = &exts[1]; 514 SET_OID(exts[1].buf, MBEDTLS_OID_TIME_STAMPING); 515 } 516 TEST_ASSERT(mbedtls_x509write_crt_set_ext_key_usage(&crt, exts) == 0); 517 } 518 } 519 520 if (set_subjectAltNames) { 521 TEST_ASSERT(mbedtls_x509write_crt_set_subject_alternative_name(&crt, san_list) == 0); 522 } 523 ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf), 524 mbedtls_test_rnd_pseudo_rand, &rnd_info); 525 TEST_ASSERT(ret == 0); 526 527 pem_len = strlen((char *) buf); 528 529 // check that the rest of the buffer remains clear 530 for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { 531 TEST_ASSERT(buf[buf_index] == 0); 532 } 533 534 if (issuer_key_type != MBEDTLS_PK_RSA) { 535 mbedtls_x509_crt crt_parse, trusted; 536 uint32_t flags; 537 538 mbedtls_x509_crt_init(&crt_parse); 539 mbedtls_x509_crt_init(&trusted); 540 541 TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted, 542 cert_verify_file) == 0); 543 TEST_ASSERT(mbedtls_x509_crt_parse(&crt_parse, 544 buf, sizeof(buf)) == 0); 545 546 ret = mbedtls_x509_crt_verify(&crt_parse, &trusted, NULL, NULL, &flags, 547 NULL, NULL); 548 549 mbedtls_x509_crt_free(&crt_parse); 550 mbedtls_x509_crt_free(&trusted); 551 552 TEST_EQUAL(flags, 0); 553 TEST_EQUAL(ret, 0); 554 } else if (*cert_check_file != '\0') { 555 f = fopen(cert_check_file, "r"); 556 TEST_ASSERT(f != NULL); 557 olen = fread(check_buf, 1, sizeof(check_buf), f); 558 fclose(f); 559 TEST_ASSERT(olen < sizeof(check_buf)); 560 561 TEST_EQUAL(olen, pem_len); 562 TEST_ASSERT(olen >= pem_len - 1); 563 TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); 564 } 565 566 der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf), 567 mbedtls_test_rnd_pseudo_rand, 568 &rnd_info); 569 TEST_ASSERT(der_len >= 0); 570 571 if (der_len == 0) { 572 goto exit; 573 } 574 575 // Not testing against file, check date format 576 if (*cert_check_file == '\0') { 577 // UTC tag if before 2050, 2 digits less for year 578 if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) { 579 before_tag = MBEDTLS_ASN1_GENERALIZED_TIME; 580 } else { 581 before_tag = MBEDTLS_ASN1_UTC_TIME; 582 not_before += 2; 583 } 584 if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) { 585 after_tag = MBEDTLS_ASN1_GENERALIZED_TIME; 586 } else { 587 after_tag = MBEDTLS_ASN1_UTC_TIME; 588 not_after += 2; 589 } 590 end = buf + sizeof(buf); 591 for (p = end - der_len; p < end;) { 592 tag = *p++; 593 sz = *p++; 594 if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) { 595 // Check correct tag and time written 596 TEST_ASSERT(before_tag == tag); 597 TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0); 598 p += sz; 599 tag = *p++; 600 sz = *p++; 601 TEST_ASSERT(after_tag == tag); 602 TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0); 603 break; 604 } 605 // Increment if long form ASN1 length 606 if (sz & 0x80) { 607 p += sz & 0x0F; 608 } 609 if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { 610 p += sz; 611 } 612 } 613 TEST_ASSERT(p < end); 614 } 615 616#if defined(MBEDTLS_USE_PSA_CRYPTO) 617 // When using PSA crypto, RNG isn't controllable, result length isn't 618 // deterministic over multiple runs, removing a single byte isn't enough to 619 // go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case 620 if (issuer_key_type != MBEDTLS_PK_RSA) { 621 der_len /= 2; 622 } else 623#endif 624 der_len -= 1; 625 626 ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len), 627 mbedtls_test_rnd_pseudo_rand, &rnd_info); 628 TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); 629 630exit: 631 mbedtls_asn1_free_named_data_list(&ext_san_dirname); 632 mbedtls_x509write_crt_free(&crt); 633 mbedtls_pk_free(&issuer_key_alt); 634 mbedtls_pk_free(&subject_key); 635 mbedtls_pk_free(&issuer_key); 636#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 637 mbedtls_mpi_free(&serial_mpi); 638#endif 639#if defined(MBEDTLS_USE_PSA_CRYPTO) 640 psa_destroy_key(key_id); 641#endif 642 MD_OR_USE_PSA_DONE(); 643} 644/* END_CASE */ 645 646/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */ 647void x509_set_serial_check() 648{ 649 mbedtls_x509write_cert ctx; 650 uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1]; 651 652#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 653 mbedtls_mpi serial_mpi; 654 mbedtls_mpi_init(&serial_mpi); 655#endif 656 657 USE_PSA_INIT(); 658 memset(invalid_serial, 0x01, sizeof(invalid_serial)); 659 660#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 661 TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial, 662 sizeof(invalid_serial)), 0); 663 TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi), 664 MBEDTLS_ERR_X509_BAD_INPUT_DATA); 665#endif 666 667 TEST_EQUAL(mbedtls_x509write_crt_set_serial_raw(&ctx, invalid_serial, 668 sizeof(invalid_serial)), 669 MBEDTLS_ERR_X509_BAD_INPUT_DATA); 670 671exit: 672#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 673 mbedtls_mpi_free(&serial_mpi); 674#else 675 ; 676#endif 677 USE_PSA_DONE(); 678} 679/* END_CASE */ 680 681/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ 682void mbedtls_x509_string_to_names(char *name, char *parsed_name, 683 int result, int may_fail) 684{ 685 int ret; 686 size_t len = 0; 687 mbedtls_asn1_named_data *names = NULL; 688 mbedtls_x509_name parsed; 689 memset(&parsed, 0, sizeof(parsed)); 690 mbedtls_x509_name *parsed_cur = NULL; 691 mbedtls_x509_name *parsed_prv = NULL; 692 unsigned char buf[1024] = { 0 }; 693 unsigned char out[1024] = { 0 }; 694 unsigned char *c = buf + sizeof(buf); 695 696 USE_PSA_INIT(); 697 698 ret = mbedtls_x509_string_to_names(&names, name); 699 TEST_EQUAL(ret, result); 700 701 if (ret != 0) { 702 goto exit; 703 } 704 705 ret = mbedtls_x509_write_names(&c, buf, names); 706 TEST_LE_S(1, ret); 707 708 TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, 709 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); 710 ret = mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed); 711 if ((may_fail & MAY_FAIL_GET_NAME) && ret < 0) { 712 /* Validation inconsistency between mbedtls_x509_string_to_names() and 713 * mbedtls_x509_get_name(). Accept it for now. */ 714 goto exit; 715 } 716 TEST_EQUAL(ret, 0); 717 718 ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); 719 if ((may_fail & MAY_FAIL_DN_GETS) && ret < 0) { 720 /* Validation inconsistency between mbedtls_x509_string_to_names() and 721 * mbedtls_x509_dn_gets(). Accept it for now. */ 722 goto exit; 723 } 724 TEST_LE_S(1, ret); 725 TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); 726 727exit: 728 mbedtls_asn1_free_named_data_list(&names); 729 730 parsed_cur = parsed.next; 731 while (parsed_cur != 0) { 732 parsed_prv = parsed_cur; 733 parsed_cur = parsed_cur->next; 734 mbedtls_free(parsed_prv); 735 } 736 USE_PSA_DONE(); 737} 738/* END_CASE */ 739 740/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */ 741void x509_set_extension_length_check() 742{ 743 int ret = 0; 744 745 mbedtls_x509write_csr ctx; 746 mbedtls_x509write_csr_init(&ctx); 747 748 unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; 749 unsigned char *p = buf + sizeof(buf); 750 751 ret = mbedtls_x509_set_extension(&(ctx.MBEDTLS_PRIVATE(extensions)), 752 MBEDTLS_OID_EXTENDED_KEY_USAGE, 753 MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), 754 0, 755 p, 756 SIZE_MAX); 757 TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret); 758} 759/* END_CASE */ 760