]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Add crq_key_id self-test from David Marín Carreño.
authorSimon Josefsson <simon@josefsson.org>
Fri, 12 Dec 2008 11:30:38 +0000 (12:30 +0100)
committerSimon Josefsson <simon@josefsson.org>
Fri, 12 Dec 2008 11:30:38 +0000 (12:30 +0100)
NEWS
tests/Makefile.am
tests/crq_key_id.c [new file with mode: 0644]

diff --git a/NEWS b/NEWS
index 141b86167ee7fc1cff653cf3bf71a3570adfc312..e3cc02fdb219d6c66431343277d0f2fbf5b438e6 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,8 @@ Patch from David Marín Carreño <davefx@gmail.com> in
 
 ** gnutls: gnutls_x509_crq_print will now also print public key id.
 
+** tests: Add crq_key_id self-test of gnutls_x509_crq_get_key_id.
+
 ** API and ABI modifications:
 gnutls_x509_crq_get_key_id: ADDED.
 
index e11a1a774f22b5b7e4ca0d7292783dcf0650ad4f..7e0586ffa281f6bcce762038099eb2a6ec89174c 100644 (file)
@@ -51,7 +51,8 @@ libutils_la_SOURCES = utils.h utils.c
 
 ctests = simple gc set_pkcs12_cred certder mpi                         \
        certificate_set_x509_crl dn parse_ca moredn crypto_rng mini     \
-       finished hostname-check cve-2008-4989 pkcs12_s2k chainverify
+       finished hostname-check cve-2008-4989 pkcs12_s2k chainverify    \
+       crq_key_id
 
 if ENABLE_OPENSSL
 ctests +=  openssl
diff --git a/tests/crq_key_id.c b/tests/crq_key_id.c
new file mode 100644 (file)
index 0000000..d8661b6
--- /dev/null
@@ -0,0 +1,144 @@
+/*
+ * Copyright (C) 2008 Free Software Foundation
+ *
+ * Author: David Marín Carreño
+ *
+ * This file is part of GNUTLS.
+ *
+ * GNUTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GNUTLS; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
+void doit (void)
+{
+       gnutls_x509_privkey_t pkey;
+       gnutls_x509_crq_t crq;
+
+       size_t pkey_key_id_len;
+       unsigned char *pkey_key_id = NULL;
+
+       size_t crq_key_id_len;
+       unsigned char *crq_key_id = NULL;
+
+       gnutls_pk_algorithm_t algorithm;
+
+       int ret;
+
+       ret = gnutls_global_init ();
+       if (ret < 0)
+               fail ("gnutls_global_init: %d\n", ret);
+       
+
+       for (algorithm = GNUTLS_PK_RSA; algorithm <= GNUTLS_PK_DSA; algorithm ++) {
+
+               ret = gnutls_x509_crq_init (&crq);
+               if (ret < 0)
+                       fail ("gnutls_x509_crq_init: %d\n", ret);
+               
+               ret = gnutls_x509_privkey_init (&pkey);
+               if (ret < 0) {
+                       fail ("gnutls_x509_privkey_init: %d\n", ret);
+               }
+               
+               ret = gnutls_x509_privkey_generate (pkey, algorithm, 1024, 0);
+               if (ret < 0) {
+                       fail ("gnutls_x509_privkey_generate (rsa): %d\n", ret);
+               } else {
+                       success ("Key[%s] generation ok: %d\n", gnutls_pk_algorithm_get_name(algorithm), ret);
+               }
+       
+               pkey_key_id_len = 0;
+               ret = gnutls_x509_privkey_get_key_id (pkey, 0, pkey_key_id, &pkey_key_id_len);
+               if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+                       fail ("gnutls_x509_privkey_get_key_id incorrectly returns %d\n", ret);
+               }
+
+               pkey_key_id = malloc(sizeof(unsigned char) * pkey_key_id_len);
+               ret = gnutls_x509_privkey_get_key_id (pkey, 0, pkey_key_id, &pkey_key_id_len);
+               if (ret != GNUTLS_E_SUCCESS) {
+                       fail ("gnutls_x509_privkey_get_key_id incorrectly returns %d\n", ret);
+               }
+               
+               ret = gnutls_x509_crq_set_version (crq, 1);
+               if (ret < 0){
+                       fail ("gnutls_x509_crq_set_version: %d\n",ret);
+               }
+       
+               ret = gnutls_x509_crq_set_key (crq, pkey);
+               if (ret < 0){
+                       fail ("gnutls_x509_crq_set_key: %d\n",ret);
+               }
+
+               ret = gnutls_x509_crq_set_dn_by_oid (crq, GNUTLS_OID_X520_COMMON_NAME,
+                                                    0, "CN-Test", 7);
+               if (ret < 0){
+                       fail ("gnutls_x509_crq_set_dn_by_oid: %d\n",ret);
+               }
+               
+               ret = gnutls_x509_crq_sign(crq, pkey);
+               if (ret) {
+                       fail ("gnutls_x509_crq_sign: %d\n",ret);                
+               }
+               
+               crq_key_id_len = 0;
+               ret = gnutls_x509_crq_get_key_id (crq, 0, crq_key_id, &crq_key_id_len);
+               if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+                       fail ("gnutls_x509_crq_get_key_id incorrectly returns %d\n", ret);
+               }
+
+               crq_key_id = malloc(sizeof(unsigned char) * crq_key_id_len);
+               ret = gnutls_x509_crq_get_key_id (crq, 0, crq_key_id, &crq_key_id_len);
+               if (ret != GNUTLS_E_SUCCESS) {
+                       fail ("gnutls_x509_crq_get_key_id incorrectly returns %d\n", ret);
+               }
+
+               if (crq_key_id_len == pkey_key_id_len) {
+                       ret = memcmp (crq_key_id, pkey_key_id, crq_key_id_len);
+                       if (ret == 0) {
+                               success ("Key ids are identical. OK.\n");
+                       } else {
+                               fail ("Key ids differ incorrectly: %d\n", ret);
+                       }
+               } else {
+                       fail ("Key_id lengths differ incorrectly: %d - %d\n", crq_key_id_len, pkey_key_id_len);
+               }
+
+
+               if (pkey_key_id) {
+                       free (pkey_key_id);
+                       pkey_key_id = NULL;
+               }
+               
+               if (crq_key_id) {
+                       free (crq_key_id);
+                       crq_key_id = NULL;
+               }
+
+               gnutls_x509_crq_deinit (crq);
+               gnutls_x509_privkey_deinit (pkey);
+
+       }
+
+  gnutls_global_deinit ();
+
+}