[thirdparty/openssl.git] / test / x509aux.c

/*
 * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * https://www.openssl.org/source/license.html
 * or in the file LICENSE in the source distribution.
 */

#include <stdio.h>
#include <string.h>
#include <errno.h>

#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/conf.h>
#include <openssl/err.h>
#include "testutil.h"

static int test_certs(int num)
{
    int c;
    char *name = 0;
    char *header = 0;
    unsigned char *data = 0;
    long len;
    typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long);
    typedef int (*i2d_X509_t)(const X509 *, unsigned char **);
    int err = 0;
    BIO *fp = BIO_new_file(test_get_argument(num), "r");

    if (!TEST_ptr(fp))
        return 0;

    for (c = 0; !err && PEM_read_bio(fp, &name, &header, &data, &len); ++c) {
        const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0);
        d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509;
        i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509;
        X509 *cert = NULL;
        X509 *reuse = NULL;
        const unsigned char *p = data;
        unsigned char *buf = NULL;
        unsigned char *bufp;
        long enclen;

        if (!trusted
            && strcmp(name, PEM_STRING_X509) != 0
            && strcmp(name, PEM_STRING_X509_OLD) != 0) {
            TEST_error("unexpected PEM object: %s", name);
            err = 1;
            goto next;
        }
        cert = d2i(NULL, &p, len);

        if (cert == NULL || (p - data) != len) {
            TEST_error("error parsing input %s", name);
            err = 1;
            goto next;
        }

        /* Test traditional 2-pass encoding into caller allocated buffer */
        enclen = i2d(cert, NULL);
        if (len != enclen) {
            TEST_error("encoded length %ld of %s != input length %ld",
                       enclen, name, len);
            err = 1;
            goto next;
        }
        if ((buf = bufp = OPENSSL_malloc(len)) == NULL) {
            TEST_perror("malloc");
            err = 1;
            goto next;
        }
        enclen = i2d(cert, &bufp);
        if (len != enclen) {
            TEST_error("encoded length %ld of %s != input length %ld",
                       enclen, name, len);
            err = 1;
            goto next;
        }
        enclen = (long) (bufp - buf);
        if (enclen != len) {
            TEST_error("unexpected buffer position after encoding %s", name);
            err = 1;
            goto next;
        }
        if (memcmp(buf, data, len) != 0) {
            TEST_error("encoded content of %s does not match input", name);
            err = 1;
            goto next;
        }
        p = buf;
        reuse = d2i(NULL, &p, enclen);
        if (reuse == NULL) {
            TEST_error("second d2i call failed for %s", name);
            err = 1;
            goto next;
        }
        err = X509_cmp(reuse, cert);
        if (err != 0) {
            TEST_error("X509_cmp for %s resulted in %d", name, err);
            err = 1;
            goto next;
        }
        OPENSSL_free(buf);
        buf = NULL;

        /* Test 1-pass encoding into library allocated buffer */
        enclen = i2d(cert, &buf);
        if (len != enclen) {
            TEST_error("encoded length %ld of %s != input length %ld",
                       enclen, name, len);
            err = 1;
            goto next;
        }
        if (memcmp(buf, data, len) != 0) {
            TEST_error("encoded content of %s does not match input", name);
            err = 1;
            goto next;
        }

        if (trusted) {
            /* Encode just the cert and compare with initial encoding */
            OPENSSL_free(buf);
            buf = NULL;

            /* Test 1-pass encoding into library allocated buffer */
            enclen = i2d(cert, &buf);
            if (enclen > len) {
                TEST_error("encoded length %ld of %s > input length %ld",
                           enclen, name, len);
                err = 1;
                goto next;
            }
            if (memcmp(buf, data, enclen) != 0) {
                TEST_error("encoded cert content does not match input");
                err = 1;
                goto next;
            }
        }

        /*
         * If any of these were null, PEM_read() would have failed.
         */
    next:
        X509_free(cert);
        X509_free(reuse);
        OPENSSL_free(buf);
        OPENSSL_free(name);
        OPENSSL_free(header);
        OPENSSL_free(data);
    }
    BIO_free(fp);

    if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
        /* Reached end of PEM file */
        if (c > 0) {
            ERR_clear_error();
            return 1;
        }
    }

    /* Some other PEM read error */
    return 0;
}

OPT_TEST_DECLARE_USAGE("certfile...\n")

int setup_tests(void)
{
    size_t n;

    if (!test_skip_common_options()) {
        TEST_error("Error parsing test options\n");
        return 0;
    }

    n = test_get_argument_count();
    if (n == 0)
        return 0;

    ADD_ALL_TESTS(test_certs, (int)n);
    return 1;
}
Commit	Line	Data
fde2257f	1	/*
4333b89f	2	* Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
fde2257f	3	*
909f1a2e	4	* Licensed under the Apache License 2.0 (the "License");
fde2257f VD	5	* you may not use this file except in compliance with the License.
	6	* You may obtain a copy of the License at
	7	* https://www.openssl.org/source/license.html
	8	* or in the file LICENSE in the source distribution.
	9	*/
	10
	11	#include <stdio.h>
	12	#include <string.h>
	13	#include <errno.h>
	14
	15	#include <openssl/x509.h>
	16	#include <openssl/pem.h>
	17	#include <openssl/conf.h>
	18	#include <openssl/err.h>
e2a29ad6	19	#include "testutil.h"
fde2257f	20
f1e793cc	21	static int test_certs(int num)
fde2257f	22	{
4f58c6b9	23	int c;
fde2257f VD	24	char *name = 0;
	25	char *header = 0;
	26	unsigned char *data = 0;
	27	long len;
	28	typedef X509 (d2i_X509_t)(X509 , const unsigned char , long);
9fdcc21f	29	typedef int (i2d_X509_t)(const X509 , unsigned char **);
fde2257f	30	int err = 0;
ad887416	31	BIO *fp = BIO_new_file(test_get_argument(num), "r");
f1e793cc RS	32
	33	if (!TEST_ptr(fp))
	34	return 0;
fde2257f	35
4f58c6b9 P	36	for (c = 0; !err && PEM_read_bio(fp, &name, &header, &data, &len); ++c) {
4f58c6b9 P	37	const int trusted = (strcmp(name, PEM_STRING_X509_TRUSTED) == 0);
fde2257f VD	38	d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509;
	39	i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509;
	40	X509 *cert = NULL;
f2a04587	41	X509 *reuse = NULL;
8fe3127c	42	const unsigned char *p = data;
fde2257f VD	43	unsigned char *buf = NULL;
	44	unsigned char *bufp;
	45	long enclen;
	46
8fe3127c	47	if (!trusted
fde2257f	48	&& strcmp(name, PEM_STRING_X509) != 0
8fe3127c P	49	&& strcmp(name, PEM_STRING_X509_OLD) != 0) {
8fe3127c P	50	TEST_error("unexpected PEM object: %s", name);
fde2257f	51	err = 1;
8fe3127c	52	goto next;
fde2257f VD	53	}
	54	cert = d2i(NULL, &p, len);
	55
	56	if (cert == NULL \|\| (p - data) != len) {
8fe3127c	57	TEST_error("error parsing input %s", name);
fde2257f VD	58	err = 1;
	59	goto next;
	60	}
	61
	62	/* Test traditional 2-pass encoding into caller allocated buffer */
	63	enclen = i2d(cert, NULL);
	64	if (len != enclen) {
8fe3127c P	65	TEST_error("encoded length %ld of %s != input length %ld",
8fe3127c P	66	enclen, name, len);
fde2257f VD	67	err = 1;
	68	goto next;
	69	}
	70	if ((buf = bufp = OPENSSL_malloc(len)) == NULL) {
8fe3127c	71	TEST_perror("malloc");
fde2257f VD	72	err = 1;
	73	goto next;
	74	}
	75	enclen = i2d(cert, &bufp);
	76	if (len != enclen) {
8fe3127c P	77	TEST_error("encoded length %ld of %s != input length %ld",
8fe3127c P	78	enclen, name, len);
fde2257f VD	79	err = 1;
	80	goto next;
	81	}
	82	enclen = (long) (bufp - buf);
	83	if (enclen != len) {
8fe3127c	84	TEST_error("unexpected buffer position after encoding %s", name);
fde2257f VD	85	err = 1;
	86	goto next;
	87	}
	88	if (memcmp(buf, data, len) != 0) {
8fe3127c	89	TEST_error("encoded content of %s does not match input", name);
fde2257f VD	90	err = 1;
	91	goto next;
	92	}
53649022	93	p = buf;
f2a04587 DDO	94	reuse = d2i(NULL, &p, enclen);
	95	if (reuse == NULL) {
	96	TEST_error("second d2i call failed for %s", name);
	97	err = 1;
	98	goto next;
	99	}
	100	err = X509_cmp(reuse, cert);
	101	if (err != 0) {
	102	TEST_error("X509_cmp for %s resulted in %d", name, err);
53649022 BE	103	err = 1;
	104	goto next;
	105	}
fde2257f VD	106	OPENSSL_free(buf);
	107	buf = NULL;
	108
	109	/* Test 1-pass encoding into library allocated buffer */
	110	enclen = i2d(cert, &buf);
	111	if (len != enclen) {
8fe3127c P	112	TEST_error("encoded length %ld of %s != input length %ld",
8fe3127c P	113	enclen, name, len);
fde2257f VD	114	err = 1;
	115	goto next;
	116	}
	117	if (memcmp(buf, data, len) != 0) {
8fe3127c	118	TEST_error("encoded content of %s does not match input", name);
fde2257f VD	119	err = 1;
	120	goto next;
	121	}
	122
	123	if (trusted) {
	124	/* Encode just the cert and compare with initial encoding */
	125	OPENSSL_free(buf);
	126	buf = NULL;
	127
	128	/* Test 1-pass encoding into library allocated buffer */
	129	enclen = i2d(cert, &buf);
	130	if (enclen > len) {
8fe3127c P	131	TEST_error("encoded length %ld of %s > input length %ld",
8fe3127c P	132	enclen, name, len);
fde2257f VD	133	err = 1;
	134	goto next;
	135	}
	136	if (memcmp(buf, data, enclen) != 0) {
8fe3127c	137	TEST_error("encoded cert content does not match input");
fde2257f VD	138	err = 1;
	139	goto next;
	140	}
	141	}
	142
8fe3127c P	143	/*
	144	* If any of these were null, PEM_read() would have failed.
	145	*/
fde2257f VD	146	next:
fde2257f VD	147	X509_free(cert);
f2a04587	148	X509_free(reuse);
fde2257f	149	OPENSSL_free(buf);
8fe3127c P	150	OPENSSL_free(name);
	151	OPENSSL_free(header);
	152	OPENSSL_free(data);
fde2257f	153	}
f1e793cc	154	BIO_free(fp);
fde2257f VD	155
	156	if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
	157	/* Reached end of PEM file */
4f58c6b9	158	if (c > 0) {
fde2257f VD	159	ERR_clear_error();
	160	return 1;
	161	}
	162	}
	163
	164	/* Some other PEM read error */
fde2257f VD	165	return 0;
	166	}
	167
a43ce58f SL	168	OPT_TEST_DECLARE_USAGE("certfile...\n")
a43ce58f SL	169
ad887416	170	int setup_tests(void)
fde2257f	171	{
8d242823 MC	172	size_t n;
	173
	174	if (!test_skip_common_options()) {
	175	TEST_error("Error parsing test options\n");
	176	return 0;
	177	}
	178
	179	n = test_get_argument_count();
a43ce58f	180	if (n == 0)
f1e793cc	181	return 0;
f1e793cc	182
8263e6cb	183	ADD_ALL_TESTS(test_certs, (int)n);
ad887416	184	return 1;
fde2257f	185	}