test/x509_acert_test.c

   1 /*
   2  * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <openssl/pem.h>
  11 #include <openssl/rsa.h>
  12 #include <openssl/x509_acert.h>
  13
  14 #include "testutil.h"
  15
  16 static int test_print_acert(int idx)
  17 {
  18     int ret = 0;
  19     const char *acert_file;
  20     X509_ACERT *acert = NULL;
  21     BIO *bp, *bout;
  22
  23     if (!TEST_ptr(acert_file = test_get_argument(idx)))
  24         return 0;
  25
  26     if (!TEST_ptr(bp = BIO_new_file(acert_file, "r")))
  27         return 0;
  28
  29     if (!TEST_ptr(bout = BIO_new_fp(stderr, BIO_NOCLOSE)))
  30         goto err;
  31
  32     if (!TEST_ptr(acert = PEM_read_bio_X509_ACERT(bp, NULL, NULL, NULL)))
  33         goto err;
  34
  35     if (!TEST_int_eq(X509_ACERT_print(bout, acert), 1)) {
  36         goto err;
  37     }
  38
  39     ret = 1;
  40
  41 err:
  42     BIO_free(bp);
  43     BIO_free(bout);
  44     X509_ACERT_free(acert);
  45     return ret;
  46 }
  47
  48 static int test_acert_sign(void)
  49 {
  50     int ret = 0;
  51     const char *acert_file;
  52     EVP_PKEY *pkey;
  53     BIO *bp = NULL;
  54     X509_ACERT *acert = NULL;
  55
  56     if (!TEST_ptr(acert_file = test_get_argument(0)))
  57         return 0;
  58
  59     if (!TEST_ptr(pkey = EVP_RSA_gen(2048)))
  60         return 0;
  61
  62     if (!TEST_ptr(bp = BIO_new_file(acert_file, "r")))
  63         goto err;
  64
  65     if (!TEST_ptr(acert = PEM_read_bio_X509_ACERT(bp, NULL, NULL, NULL)))
  66         goto err;
  67
  68     if (!TEST_int_gt(X509_ACERT_sign(acert, pkey, EVP_sha256()), 0) ||
  69         !TEST_int_eq(X509_ACERT_verify(acert, pkey), 1))
  70         goto err;
  71
  72     ret = 1;
  73
  74 err:
  75     BIO_free(bp);
  76     X509_ACERT_free(acert);
  77     EVP_PKEY_free(pkey);
  78     return ret;
  79 }
  80
  81 /* IetfAttrSyntax structure with one value */
  82 static const unsigned char attr_syntax_single[] = {
  83   0x30, 0x15, 0xa0, 0x09, 0x86, 0x07, 0x54, 0x65, 0x73, 0x74, 0x76, 0x61,
  84   0x6c, 0x30, 0x08, 0x0c, 0x06, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31
  85 };
  86
  87 /* IetfAttrSyntax structure with multiple values of the same type */
  88 static const unsigned char attr_syntax_multiple[] = {
  89   0x30, 0x1d, 0x30, 0x1b, 0x0c, 0x07, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x20,
  90   0x31, 0x0c, 0x07, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x20, 0x32, 0x0c, 0x07,
  91   0x67, 0x72, 0x6f, 0x75, 0x70, 0x20, 0x33
  92 };
  93
  94 /* IetfAttrSyntax structure with multiple values of different types */
  95 static const unsigned char attr_syntax_diff_type[] = {
  96   0x30, 0x11, 0x30, 0x0f, 0x04, 0x08, 0x64, 0x65, 0x61, 0x64, 0x63, 0x6f,
  97   0x64, 0x65, 0x0c, 0x03, 0x61, 0x61, 0x61
  98 };
  99
 100 /* IetfAttrSyntax structure with an invalid/unsupported value type */
 101 static const unsigned char attr_syntax_invalid_type[] = {
 102   0x30, 0x05, 0x30, 0x03, 0x02, 0x01, 0x0a
 103 };
 104
 105 #define ADD_TEST_DATA(x, valid) {x, sizeof(x), valid}
 106
 107 struct ietf_type_test_data {
 108     const unsigned char *data;
 109     size_t len;
 110     int valid;
 111 };
 112
 113 static const struct ietf_type_test_data ietf_syntax_tests[] = {
 114     ADD_TEST_DATA(attr_syntax_single, 1),
 115     ADD_TEST_DATA(attr_syntax_multiple, 1),
 116     ADD_TEST_DATA(attr_syntax_diff_type, 0),
 117     ADD_TEST_DATA(attr_syntax_invalid_type, 0),
 118 };
 119
 120 static int test_object_group_attr(int idx)
 121 {
 122     int ret = 0;
 123     OSSL_IETF_ATTR_SYNTAX *ias = NULL;
 124     BIO *bout = NULL;
 125     const unsigned char *p;
 126     const struct ietf_type_test_data *test = &ietf_syntax_tests[idx];
 127
 128     if (!TEST_ptr(bout = BIO_new_fp(stderr, BIO_NOCLOSE)))
 129         goto done;
 130
 131     p = test->data;
 132
 133     ias = d2i_OSSL_IETF_ATTR_SYNTAX(NULL, &p, test->len);
 134
 135     if ((test->valid && !TEST_ptr(ias))
 136             || (!test->valid && !TEST_ptr_null(ias)))
 137         goto done;
 138
 139     if (ias != NULL
 140             && !TEST_int_eq(OSSL_IETF_ATTR_SYNTAX_print(bout, ias, 4), 1)) {
 141         OSSL_IETF_ATTR_SYNTAX_free(ias);
 142         goto done;
 143     }
 144
 145     ret = 1;
 146
 147 done:
 148     OSSL_IETF_ATTR_SYNTAX_free(ias);
 149     BIO_free(bout);
 150     return ret;
 151 }
 152
 153 OPT_TEST_DECLARE_USAGE("[<attribute certs (PEM)>...]\n")
 154 int setup_tests(void)
 155 {
 156     int cnt;
 157
 158     if (!test_skip_common_options()) {
 159         TEST_error("Error parsing test options\n");
 160         return 0;
 161     }
 162
 163     cnt = test_get_argument_count();
 164     if (cnt < 1) {
 165         TEST_error("Must specify at least 1 attribute certificate file\n");
 166         return 0;
 167     }
 168
 169     ADD_ALL_TESTS(test_print_acert, cnt);
 170     ADD_TEST(test_acert_sign);
 171     ADD_ALL_TESTS(test_object_group_attr, OSSL_NELEM(ietf_syntax_tests));
 172
 173     return 1;
 174 }