1/* BEGIN_HEADER */ 2#include "mbedtls/bignum.h" 3#include "mbedtls/x509_crt.h" 4#include "mbedtls/x509_csr.h" 5#include "x509_internal.h" 6#include "mbedtls/pem.h" 7#include "mbedtls/oid.h" 8#include "mbedtls/rsa.h" 9#include "mbedtls/asn1write.h" 10#include "mbedtls/pk.h" 11#include "mbedtls/psa_util.h" 12 13#if defined(MBEDTLS_PEM_WRITE_C) && \ 14 defined(MBEDTLS_X509_CRT_WRITE_C) && \ 15 defined(MBEDTLS_X509_CRT_PARSE_C) && \ 16 defined(MBEDTLS_MD_CAN_SHA1) && \ 17 defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 18static int mbedtls_rsa_decrypt_func(void *ctx, size_t *olen, 19 const unsigned char *input, unsigned char *output, 20 size_t output_max_len) 21{ 22 return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL, 23 olen, input, output, output_max_len); 24} 25static int mbedtls_rsa_sign_func(void *ctx, 26 int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, 27 mbedtls_md_type_t md_alg, unsigned int hashlen, 28 const unsigned char *hash, unsigned char *sig) 29{ 30 return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng, 31 md_alg, hashlen, hash, sig); 32} 33static size_t mbedtls_rsa_key_len_func(void *ctx) 34{ 35 return ((const mbedtls_rsa_context *) ctx)->len; 36} 37#endif 38 39#if defined(MBEDTLS_USE_PSA_CRYPTO) && \ 40 defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C) 41static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) 42{ 43 unsigned char hash[PSA_HASH_MAX_SIZE]; 44 mbedtls_x509_csr csr; 45 int ret = 0; 46 47 mbedtls_x509_csr_init(&csr); 48 49 if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) { 50 ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; 51 goto cleanup; 52 } 53 54 psa_algorithm_t psa_alg = mbedtls_md_psa_alg_from_type(csr.sig_md); 55 size_t hash_size = 0; 56 psa_status_t status = psa_hash_compute(psa_alg, csr.cri.p, csr.cri.len, 57 hash, PSA_HASH_MAX_SIZE, &hash_size); 58 59 if (status != PSA_SUCCESS) { 60 /* Note: this can't happen except after an internal error */ 61 ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; 62 goto cleanup; 63 } 64 65 if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk, 66 csr.sig_md, hash, mbedtls_md_get_size_from_type(csr.sig_md), 67 csr.sig.p, csr.sig.len) != 0) { 68 ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; 69 goto cleanup; 70 } 71 72cleanup: 73 74 mbedtls_x509_csr_free(&csr); 75 return ret; 76} 77#endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */ 78 79#if defined(MBEDTLS_X509_CSR_WRITE_C) 80 81/* 82 * The size of this temporary buffer is given by the sequence of functions 83 * called hereinafter: 84 * - mbedtls_asn1_write_oid() 85 * - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value 86 * - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length 87 * - 1 byte for MBEDTLS_ASN1_OID tag 88 * - mbedtls_asn1_write_len() 89 * - 1 byte since we're dealing with sizes which are less than 0x80 90 * - mbedtls_asn1_write_tag() 91 * - 1 byte 92 * 93 * This length is fine as long as this function is called using the 94 * MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this 95 * buffer's length should be adjusted accordingly. 96 * Unfortunately there's no predefined max size for OIDs which can be used 97 * to set an overall upper boundary which is always guaranteed. 98 */ 99#define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH 12 100 101static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, 102 const char *oid, size_t oid_len) 103{ 104 unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; 105 unsigned char *p = buf + sizeof(buf); 106 int ret; 107 size_t len = 0; 108 109 /* 110 * Following functions fail anyway if the temporary buffer is not large, 111 * but we set an extra check here to emphasize a possible source of errors 112 */ 113 if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) { 114 return MBEDTLS_ERR_X509_BAD_INPUT_DATA; 115 } 116 117 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len)); 118 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret)); 119 MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, 120 MBEDTLS_ASN1_CONSTRUCTED | 121 MBEDTLS_ASN1_SEQUENCE)); 122 123 ret = mbedtls_x509write_csr_set_extension(ctx, 124 MBEDTLS_OID_EXTENDED_KEY_USAGE, 125 MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), 126 0, 127 p, 128 len); 129 130 return ret; 131} 132#endif /* MBEDTLS_X509_CSR_WRITE_C */ 133 134/* Due to inconsistencies in the input size limits applied by different 135 * library functions, some write-parse tests may fail. */ 136#define MAY_FAIL_GET_NAME 0x0001 137#define MAY_FAIL_DN_GETS 0x0002 138 139/* END_HEADER */ 140 141/* BEGIN_DEPENDENCIES 142 * depends_on:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C 143 * END_DEPENDENCIES 144 */ 145 146/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ 147void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, 148 int key_usage, int set_key_usage, int cert_type, 149 int set_cert_type, int set_extension) 150{ 151 mbedtls_pk_context key; 152 mbedtls_x509write_csr req; 153 unsigned char buf[4096]; 154 int ret; 155#if !defined(MBEDTLS_USE_PSA_CRYPTO) 156 unsigned char check_buf[4000]; 157 FILE *f; 158 size_t olen = 0; 159#endif /* !MBEDTLS_USE_PSA_CRYPTO */ 160 size_t pem_len = 0, buf_index; 161 int der_len = -1; 162 const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; 163 mbedtls_test_rnd_pseudo_info rnd_info; 164 mbedtls_x509_san_list san_ip; 165 mbedtls_x509_san_list san_dns; 166 mbedtls_x509_san_list san_uri; 167 mbedtls_x509_san_list san_mail; 168 mbedtls_x509_san_list san_dn; 169 mbedtls_x509_san_list *san_list = NULL; 170 mbedtls_asn1_named_data *ext_san_dirname = NULL; 171 172 const char san_ip_name[] = { 0x7f, 0x00, 0x00, 0x01 }; // 127.0.0.1 173 const char *san_dns_name = "example.com"; 174 const char *san_dn_name = "C=UK,O=Mbed TLS,CN=Mbed TLS directoryName SAN"; 175 const char *san_mail_name = "mail@example.com"; 176 const char *san_uri_name = "http://pki.example.com"; 177 178 san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME; 179 san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name; 180 san_mail.node.san.unstructured_name.len = strlen(san_mail_name); 181 san_mail.next = NULL; 182 183 san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME; 184 san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name; 185 san_dns.node.san.unstructured_name.len = strlen(san_dns_name); 186 san_dns.next = &san_mail; 187 188 san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; 189 TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname, 190 san_dn_name) == 0); 191 san_dn.node.san.directory_name = *ext_san_dirname; 192 san_dn.next = &san_dns; 193 194 san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS; 195 san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name; 196 san_ip.node.san.unstructured_name.len = sizeof(san_ip_name); 197 san_ip.next = &san_dn; 198 199 san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; 200 san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name; 201 san_uri.node.san.unstructured_name.len = strlen(san_uri_name); 202 san_uri.next = &san_ip; 203 204 san_list = &san_uri; 205 206 memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); 207 208 mbedtls_x509write_csr_init(&req); 209 mbedtls_pk_init(&key); 210 MD_OR_USE_PSA_INIT(); 211 212 TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, 213 mbedtls_test_rnd_std_rand, NULL) == 0); 214 215 mbedtls_x509write_csr_set_md_alg(&req, md_type); 216 mbedtls_x509write_csr_set_key(&req, &key); 217 TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); 218 if (set_key_usage != 0) { 219 TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); 220 } 221 if (set_cert_type != 0) { 222 TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); 223 } 224 if (set_extension != 0) { 225 TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH, 226 MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0); 227 228 TEST_ASSERT(mbedtls_x509write_csr_set_subject_alternative_name(&req, san_list) == 0); 229 } 230 231 ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf), 232 mbedtls_test_rnd_pseudo_rand, &rnd_info); 233 TEST_ASSERT(ret == 0); 234 235 pem_len = strlen((char *) buf); 236 237 for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { 238 TEST_ASSERT(buf[buf_index] == 0); 239 } 240 241#if defined(MBEDTLS_USE_PSA_CRYPTO) 242 // When using PSA crypto, RNG isn't controllable, so cert_req_check_file can't be used 243 (void) cert_req_check_file; 244 buf[pem_len] = '\0'; 245 TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); 246#else 247 f = fopen(cert_req_check_file, "r"); 248 TEST_ASSERT(f != NULL); 249 olen = fread(check_buf, 1, sizeof(check_buf), f); 250 fclose(f); 251 252 TEST_ASSERT(olen >= pem_len - 1); 253 TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); 254#endif /* MBEDTLS_USE_PSA_CRYPTO */ 255 256 der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf), 257 mbedtls_test_rnd_pseudo_rand, 258 &rnd_info); 259 TEST_ASSERT(der_len >= 0); 260 261 if (der_len == 0) { 262 goto exit; 263 } 264 265#if defined(MBEDTLS_USE_PSA_CRYPTO) 266 // When using PSA crypto, RNG isn't controllable, result length isn't 267 // deterministic over multiple runs, removing a single byte isn't enough to 268 // go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case 269 der_len /= 2; 270#else 271 der_len -= 1; 272#endif 273 ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len), 274 mbedtls_test_rnd_pseudo_rand, &rnd_info); 275 TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); 276 277exit: 278 mbedtls_asn1_free_named_data_list(&ext_san_dirname); 279 mbedtls_x509write_csr_free(&req); 280 mbedtls_pk_free(&key); 281 MD_OR_USE_PSA_DONE(); 282} 283/* END_CASE */ 284 285/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ 286void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, 287 int cert_type) 288{ 289 mbedtls_pk_context key; 290 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 291 psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; 292 mbedtls_x509write_csr req; 293 unsigned char buf[4096]; 294 int ret; 295 size_t pem_len = 0; 296 const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; 297 mbedtls_test_rnd_pseudo_info rnd_info; 298 299 mbedtls_x509write_csr_init(&req); 300 MD_OR_USE_PSA_INIT(); 301 302 memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); 303 304 mbedtls_pk_init(&key); 305 TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL, 306 mbedtls_test_rnd_std_rand, NULL) == 0); 307 308 /* Turn the PK context into an opaque one. */ 309 TEST_EQUAL(mbedtls_pk_get_psa_attributes(&key, PSA_KEY_USAGE_SIGN_HASH, &key_attr), 0); 310 TEST_EQUAL(mbedtls_pk_import_into_psa(&key, &key_attr, &key_id), 0); 311 mbedtls_pk_free(&key); 312 mbedtls_pk_init(&key); 313 TEST_EQUAL(mbedtls_pk_setup_opaque(&key, key_id), 0); 314 315 mbedtls_x509write_csr_set_md_alg(&req, md_type); 316 mbedtls_x509write_csr_set_key(&req, &key); 317 TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); 318 if (key_usage != 0) { 319 TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); 320 } 321 if (cert_type != 0) { 322 TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); 323 } 324 325 ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1, 326 mbedtls_test_rnd_pseudo_rand, &rnd_info); 327 328 TEST_ASSERT(ret == 0); 329 330 pem_len = strlen((char *) buf); 331 buf[pem_len] = '\0'; 332 TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); 333 334 335exit: 336 mbedtls_x509write_csr_free(&req); 337 mbedtls_pk_free(&key); 338 psa_destroy_key(key_id); 339 MD_OR_USE_PSA_DONE(); 340} 341/* END_CASE */ 342 343/* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_MD_CAN_SHA1 */ 344void x509_crt_check(char *subject_key_file, char *subject_pwd, 345 char *subject_name, char *issuer_key_file, 346 char *issuer_pwd, char *issuer_name, 347 data_t *serial_arg, char *not_before, char *not_after, 348 int md_type, int key_usage, int set_key_usage, 349 char *ext_key_usage, 350 int cert_type, int set_cert_type, int auth_ident, 351 int ver, char *cert_check_file, int pk_wrap, int is_ca, 352 char *cert_verify_file, int set_subjectAltNames) 353{ 354 mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; 355 mbedtls_pk_context *key = &issuer_key; 356 357 mbedtls_x509write_cert crt; 358 unsigned char buf[4096]; 359 unsigned char check_buf[5000]; 360 unsigned char *p, *end; 361 unsigned char tag, sz; 362#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 363 mbedtls_mpi serial_mpi; 364#endif 365 int ret, before_tag, after_tag; 366 size_t olen = 0, pem_len = 0, buf_index = 0; 367 int der_len = -1; 368 FILE *f; 369 mbedtls_test_rnd_pseudo_info rnd_info; 370#if defined(MBEDTLS_USE_PSA_CRYPTO) 371 mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; 372 psa_key_attributes_t key_attr = PSA_KEY_ATTRIBUTES_INIT; 373#endif 374 mbedtls_pk_type_t issuer_key_type; 375 mbedtls_x509_san_list san_ip; 376 mbedtls_x509_san_list san_dns; 377 mbedtls_x509_san_list san_uri; 378 mbedtls_x509_san_list san_mail; 379 mbedtls_x509_san_list san_dn; 380 mbedtls_asn1_named_data *ext_san_dirname = NULL; 381 const char san_ip_name[] = { 0x01, 0x02, 0x03, 0x04 }; 382 const char *san_dns_name = "example.com"; 383 const char *san_dn_name = "C=UK,O=Mbed TLS,CN=SubjectAltName test"; 384 const char *san_mail_name = "mail@example.com"; 385 const char *san_uri_name = "http://pki.example.com"; 386 mbedtls_x509_san_list *san_list = NULL; 387 388 if (set_subjectAltNames) { 389 san_mail.node.type = MBEDTLS_X509_SAN_RFC822_NAME; 390 san_mail.node.san.unstructured_name.p = (unsigned char *) san_mail_name; 391 san_mail.node.san.unstructured_name.len = strlen(san_mail_name); 392 san_mail.next = NULL; 393 394 san_dns.node.type = MBEDTLS_X509_SAN_DNS_NAME; 395 san_dns.node.san.unstructured_name.p = (unsigned char *) san_dns_name; 396 san_dns.node.san.unstructured_name.len = strlen(san_dns_name); 397 san_dns.next = &san_mail; 398 399 san_dn.node.type = MBEDTLS_X509_SAN_DIRECTORY_NAME; 400 TEST_ASSERT(mbedtls_x509_string_to_names(&ext_san_dirname, 401 san_dn_name) == 0); 402 san_dn.node.san.directory_name = *ext_san_dirname; 403 san_dn.next = &san_dns; 404 405 san_ip.node.type = MBEDTLS_X509_SAN_IP_ADDRESS; 406 san_ip.node.san.unstructured_name.p = (unsigned char *) san_ip_name; 407 san_ip.node.san.unstructured_name.len = sizeof(san_ip_name); 408 san_ip.next = &san_dn; 409 410 san_uri.node.type = MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER; 411 san_uri.node.san.unstructured_name.p = (unsigned char *) san_uri_name; 412 san_uri.node.san.unstructured_name.len = strlen(san_uri_name); 413 san_uri.next = &san_ip; 414 415 san_list = &san_uri; 416 } 417 418 memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); 419#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 420 mbedtls_mpi_init(&serial_mpi); 421#endif 422 423 mbedtls_pk_init(&subject_key); 424 mbedtls_pk_init(&issuer_key); 425 mbedtls_pk_init(&issuer_key_alt); 426 mbedtls_x509write_crt_init(&crt); 427 MD_OR_USE_PSA_INIT(); 428 429 TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file, 430 subject_pwd, mbedtls_test_rnd_std_rand, NULL) == 0); 431 432 TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file, 433 issuer_pwd, mbedtls_test_rnd_std_rand, NULL) == 0); 434 435 issuer_key_type = mbedtls_pk_get_type(&issuer_key); 436 437#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) 438 /* For RSA PK contexts, create a copy as an alternative RSA context. */ 439 if (pk_wrap == 1 && issuer_key_type == MBEDTLS_PK_RSA) { 440 TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt, 441 mbedtls_pk_rsa(issuer_key), 442 mbedtls_rsa_decrypt_func, 443 mbedtls_rsa_sign_func, 444 mbedtls_rsa_key_len_func) == 0); 445 446 key = &issuer_key_alt; 447 } 448#endif 449 450#if defined(MBEDTLS_USE_PSA_CRYPTO) 451 /* Turn the issuer PK context into an opaque one. */ 452 if (pk_wrap == 2) { 453 TEST_EQUAL(mbedtls_pk_get_psa_attributes(&issuer_key, PSA_KEY_USAGE_SIGN_HASH, 454 &key_attr), 0); 455 TEST_EQUAL(mbedtls_pk_import_into_psa(&issuer_key, &key_attr, &key_id), 0); 456 mbedtls_pk_free(&issuer_key); 457 mbedtls_pk_init(&issuer_key); 458 TEST_EQUAL(mbedtls_pk_setup_opaque(&issuer_key, key_id), 0); 459 } 460#endif /* MBEDTLS_USE_PSA_CRYPTO */ 461 462 if (pk_wrap == 2) { 463 TEST_ASSERT(mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_OPAQUE); 464 } 465 466 if (ver != -1) { 467 mbedtls_x509write_crt_set_version(&crt, ver); 468 } 469 470#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 471 TEST_ASSERT(mbedtls_mpi_read_binary(&serial_mpi, serial_arg->x, 472 serial_arg->len) == 0); 473 TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial_mpi) == 0); 474#else 475 TEST_ASSERT(mbedtls_x509write_crt_set_serial_raw(&crt, serial_arg->x, 476 serial_arg->len) == 0); 477#endif 478 TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before, 479 not_after) == 0); 480 mbedtls_x509write_crt_set_md_alg(&crt, md_type); 481 TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0); 482 TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0); 483 mbedtls_x509write_crt_set_subject_key(&crt, &subject_key); 484 485 mbedtls_x509write_crt_set_issuer_key(&crt, key); 486 487 if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) { 488 /* For the CA case, a path length of -1 means unlimited. */ 489 TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca, 490 (is_ca ? -1 : 0)) == 0); 491 TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0); 492 if (auth_ident) { 493 TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0); 494 } 495 if (set_key_usage != 0) { 496 TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0); 497 } 498 if (set_cert_type != 0) { 499 TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0); 500 } 501 if (strcmp(ext_key_usage, "NULL") != 0) { 502 mbedtls_asn1_sequence exts[2]; 503 memset(exts, 0, sizeof(exts)); 504 505#define SET_OID(x, oid) \ 506 do { \ 507 x.len = MBEDTLS_OID_SIZE(oid); \ 508 x.p = (unsigned char *) oid; \ 509 x.tag = MBEDTLS_ASN1_OID; \ 510 } \ 511 while (0) 512 513 if (strcmp(ext_key_usage, "serverAuth") == 0) { 514 SET_OID(exts[0].buf, MBEDTLS_OID_SERVER_AUTH); 515 } else if (strcmp(ext_key_usage, "codeSigning,timeStamping") == 0) { 516 SET_OID(exts[0].buf, MBEDTLS_OID_CODE_SIGNING); 517 exts[0].next = &exts[1]; 518 SET_OID(exts[1].buf, MBEDTLS_OID_TIME_STAMPING); 519 } 520 TEST_ASSERT(mbedtls_x509write_crt_set_ext_key_usage(&crt, exts) == 0); 521 } 522 } 523 524 if (set_subjectAltNames) { 525 TEST_ASSERT(mbedtls_x509write_crt_set_subject_alternative_name(&crt, san_list) == 0); 526 } 527 ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf), 528 mbedtls_test_rnd_pseudo_rand, &rnd_info); 529 TEST_ASSERT(ret == 0); 530 531 pem_len = strlen((char *) buf); 532 533 // check that the rest of the buffer remains clear 534 for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { 535 TEST_ASSERT(buf[buf_index] == 0); 536 } 537 538 if (issuer_key_type != MBEDTLS_PK_RSA) { 539 mbedtls_x509_crt crt_parse, trusted; 540 uint32_t flags; 541 542 mbedtls_x509_crt_init(&crt_parse); 543 mbedtls_x509_crt_init(&trusted); 544 545 TEST_ASSERT(mbedtls_x509_crt_parse_file(&trusted, 546 cert_verify_file) == 0); 547 TEST_ASSERT(mbedtls_x509_crt_parse(&crt_parse, 548 buf, sizeof(buf)) == 0); 549 550 ret = mbedtls_x509_crt_verify(&crt_parse, &trusted, NULL, NULL, &flags, 551 NULL, NULL); 552 553 mbedtls_x509_crt_free(&crt_parse); 554 mbedtls_x509_crt_free(&trusted); 555 556 TEST_EQUAL(flags, 0); 557 TEST_EQUAL(ret, 0); 558 } else if (*cert_check_file != '\0') { 559 f = fopen(cert_check_file, "r"); 560 TEST_ASSERT(f != NULL); 561 olen = fread(check_buf, 1, sizeof(check_buf), f); 562 fclose(f); 563 TEST_ASSERT(olen < sizeof(check_buf)); 564 565 TEST_EQUAL(olen, pem_len); 566 TEST_ASSERT(olen >= pem_len - 1); 567 TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); 568 } 569 570 der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf), 571 mbedtls_test_rnd_pseudo_rand, 572 &rnd_info); 573 TEST_ASSERT(der_len >= 0); 574 575 if (der_len == 0) { 576 goto exit; 577 } 578 579 // Not testing against file, check date format 580 if (*cert_check_file == '\0') { 581 // UTC tag if before 2050, 2 digits less for year 582 if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) { 583 before_tag = MBEDTLS_ASN1_GENERALIZED_TIME; 584 } else { 585 before_tag = MBEDTLS_ASN1_UTC_TIME; 586 not_before += 2; 587 } 588 if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) { 589 after_tag = MBEDTLS_ASN1_GENERALIZED_TIME; 590 } else { 591 after_tag = MBEDTLS_ASN1_UTC_TIME; 592 not_after += 2; 593 } 594 end = buf + sizeof(buf); 595 for (p = end - der_len; p < end;) { 596 tag = *p++; 597 sz = *p++; 598 if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) { 599 // Check correct tag and time written 600 TEST_ASSERT(before_tag == tag); 601 TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0); 602 p += sz; 603 tag = *p++; 604 sz = *p++; 605 TEST_ASSERT(after_tag == tag); 606 TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0); 607 break; 608 } 609 // Increment if long form ASN1 length 610 if (sz & 0x80) { 611 p += sz & 0x0F; 612 } 613 if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { 614 p += sz; 615 } 616 } 617 TEST_ASSERT(p < end); 618 } 619 620#if defined(MBEDTLS_USE_PSA_CRYPTO) 621 // When using PSA crypto, RNG isn't controllable, result length isn't 622 // deterministic over multiple runs, removing a single byte isn't enough to 623 // go into the MBEDTLS_ERR_ASN1_BUF_TOO_SMALL error case 624 if (issuer_key_type != MBEDTLS_PK_RSA) { 625 der_len /= 2; 626 } else 627#endif 628 der_len -= 1; 629 630 ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len), 631 mbedtls_test_rnd_pseudo_rand, &rnd_info); 632 TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); 633 634exit: 635 mbedtls_asn1_free_named_data_list(&ext_san_dirname); 636 mbedtls_x509write_crt_free(&crt); 637 mbedtls_pk_free(&issuer_key_alt); 638 mbedtls_pk_free(&subject_key); 639 mbedtls_pk_free(&issuer_key); 640#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 641 mbedtls_mpi_free(&serial_mpi); 642#endif 643#if defined(MBEDTLS_USE_PSA_CRYPTO) 644 psa_destroy_key(key_id); 645#endif 646 MD_OR_USE_PSA_DONE(); 647} 648/* END_CASE */ 649 650/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */ 651void x509_set_serial_check() 652{ 653 mbedtls_x509write_cert ctx; 654 uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1]; 655 656#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 657 mbedtls_mpi serial_mpi; 658 mbedtls_mpi_init(&serial_mpi); 659#endif 660 661 USE_PSA_INIT(); 662 memset(invalid_serial, 0x01, sizeof(invalid_serial)); 663 664#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 665 TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial, 666 sizeof(invalid_serial)), 0); 667 TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi), 668 MBEDTLS_ERR_X509_BAD_INPUT_DATA); 669#endif 670 671 TEST_EQUAL(mbedtls_x509write_crt_set_serial_raw(&ctx, invalid_serial, 672 sizeof(invalid_serial)), 673 MBEDTLS_ERR_X509_BAD_INPUT_DATA); 674 675exit: 676#if defined(MBEDTLS_TEST_DEPRECATED) && defined(MBEDTLS_BIGNUM_C) 677 mbedtls_mpi_free(&serial_mpi); 678#else 679 ; 680#endif 681 USE_PSA_DONE(); 682} 683/* END_CASE */ 684 685/* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ 686void mbedtls_x509_string_to_names(char *name, char *parsed_name, 687 int result, int may_fail) 688{ 689 int ret; 690 size_t len = 0; 691 mbedtls_asn1_named_data *names = NULL; 692 mbedtls_x509_name parsed; 693 memset(&parsed, 0, sizeof(parsed)); 694 mbedtls_x509_name *parsed_cur = NULL; 695 mbedtls_x509_name *parsed_prv = NULL; 696 unsigned char buf[1024] = { 0 }; 697 unsigned char out[1024] = { 0 }; 698 unsigned char *c = buf + sizeof(buf); 699 700 USE_PSA_INIT(); 701 702 ret = mbedtls_x509_string_to_names(&names, name); 703 TEST_EQUAL(ret, result); 704 705 if (ret != 0) { 706 goto exit; 707 } 708 709 ret = mbedtls_x509_write_names(&c, buf, names); 710 TEST_LE_S(1, ret); 711 712 TEST_EQUAL(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, 713 MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE), 0); 714 ret = mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed); 715 if ((may_fail & MAY_FAIL_GET_NAME) && ret < 0) { 716 /* Validation inconsistency between mbedtls_x509_string_to_names() and 717 * mbedtls_x509_get_name(). Accept it for now. */ 718 goto exit; 719 } 720 TEST_EQUAL(ret, 0); 721 722 ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); 723 if ((may_fail & MAY_FAIL_DN_GETS) && ret < 0) { 724 /* Validation inconsistency between mbedtls_x509_string_to_names() and 725 * mbedtls_x509_dn_gets(). Accept it for now. */ 726 goto exit; 727 } 728 TEST_LE_S(1, ret); 729 TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); 730 731exit: 732 mbedtls_asn1_free_named_data_list(&names); 733 734 parsed_cur = parsed.next; 735 while (parsed_cur != 0) { 736 parsed_prv = parsed_cur; 737 parsed_cur = parsed_cur->next; 738 mbedtls_free(parsed_prv); 739 } 740 USE_PSA_DONE(); 741} 742/* END_CASE */ 743 744/* BEGIN_CASE depends_on:MBEDTLS_X509_CSR_WRITE_C */ 745void x509_set_extension_length_check() 746{ 747 int ret = 0; 748 749 mbedtls_x509write_csr ctx; 750 mbedtls_x509write_csr_init(&ctx); 751 752 unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; 753 unsigned char *p = buf + sizeof(buf); 754 755 ret = mbedtls_x509_set_extension(&(ctx.MBEDTLS_PRIVATE(extensions)), 756 MBEDTLS_OID_EXTENDED_KEY_USAGE, 757 MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), 758 0, 759 p, 760 SIZE_MAX); 761 TEST_ASSERT(MBEDTLS_ERR_X509_BAD_INPUT_DATA == ret); 762} 763/* END_CASE */ 764
