]> git.ipfire.org Git - thirdparty/openssl.git/blob - test/x509_check_cert_pkey_test.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Make sure we use the libctx when creating an EVP_PKEY_CTX in libssl
[thirdparty/openssl.git] / test / x509_check_cert_pkey_test.c
1 /*
2 * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include <string.h>
12
13 #include <openssl/pem.h>
14 #include <openssl/x509.h>
15 #include "testutil.h"
16
17 /*
18 * c: path of a cert in PEM format
19 * k: path of a key in PEM format
20 * t: API type, "cert" for X509_ and "req" for X509_REQ_ APIs.
21 * e: expected, "ok" for success, "failed" for what should fail.
22 */
23 static const char *c;
24 static const char *k;
25 static const char *t;
26 static const char *e;
27
28 static int test_x509_check_cert_pkey(void)
29 {
30 BIO *bio = NULL;
31 X509 *x509 = NULL;
32 X509_REQ *x509_req = NULL;
33 EVP_PKEY *pkey = NULL;
34 int ret = 0, type = 0, expected = 0, result = 0;
35
36 /*
37 * we check them first thus if fails we don't need to do
38 * those PEM parsing operations.
39 */
40 if (strcmp(t, "cert") == 0) {
41 type = 1;
42 } else if (strcmp(t, "req") == 0) {
43 type = 2;
44 } else {
45 TEST_error("invalid 'type'");
46 goto failed;
47 }
48
49 if (strcmp(e, "ok") == 0) {
50 expected = 1;
51 } else if (strcmp(e, "failed") == 0) {
52 expected = 0;
53 } else {
54 TEST_error("invalid 'expected'");
55 goto failed;
56 }
57
58 /* process private key */
59 if (!TEST_ptr(bio = BIO_new_file(k, "r")))
60 goto failed;
61
62 if (!TEST_ptr(pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)))
63 goto failed;
64
65 BIO_free(bio);
66
67 /* process cert or cert request, use the same local var */
68 if (!TEST_ptr(bio = BIO_new_file(c, "r")))
69 goto failed;
70
71 switch (type) {
72 case 1:
73 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
74 if (x509 == NULL) {
75 TEST_error("read PEM x509 failed");
76 goto failed;
77 }
78
79 result = X509_check_private_key(x509, pkey);
80 break;
81 case 2:
82 x509_req = PEM_read_bio_X509_REQ(bio, NULL, NULL, NULL);
83 if (x509_req == NULL) {
84 TEST_error("read PEM x509 req failed");
85 goto failed;
86 }
87
88 result = X509_REQ_check_private_key(x509_req, pkey);
89 break;
90 default:
91 /* should never be here */
92 break;
93 }
94
95 if (!TEST_int_eq(result, expected)) {
96 TEST_error("check private key: expected: %d, got: %d", expected, result);
97 goto failed;
98 }
99
100 ret = 1;
101 failed:
102 BIO_free(bio);
103 X509_free(x509);
104 X509_REQ_free(x509_req);
105 EVP_PKEY_free(pkey);
106 return ret;
107 }
108
109 const OPTIONS *test_get_options(void)
110 {
111 enum { OPT_TEST_ENUM };
112 static const OPTIONS test_options[] = {
113 OPT_TEST_OPTIONS_WITH_EXTRA_USAGE("cert key type expected\n"),
114 { OPT_HELP_STR, 1, '-', "cert\tcertificate or CSR filename in PEM\n" },
115 { OPT_HELP_STR, 1, '-', "key\tprivate key filename in PEM\n" },
116 { OPT_HELP_STR, 1, '-', "type\t\tvalue must be 'cert' or 'req'\n" },
117 { OPT_HELP_STR, 1, '-', "expected\tthe expected return value, either 'ok' or 'failed'\n" },
118 { NULL }
119 };
120 return test_options;
121 }
122
123 int setup_tests(void)
124 {
125 if (!test_skip_common_options()) {
126 TEST_error("Error parsing test options\n");
127 return 0;
128 }
129
130 if (!TEST_ptr(c = test_get_argument(0))
131 || !TEST_ptr(k = test_get_argument(1))
132 || !TEST_ptr(t = test_get_argument(2))
133 || !TEST_ptr(e = test_get_argument(3))) {
134 return 0;
135 }
136
137 ADD_TEST(test_x509_check_cert_pkey);
138 return 1;
139 }
A mirror of the official openssl repository