| /* BEGIN_HEADER */ |
| #include "mbedtls/bignum.h" |
| #include "mbedtls/x509_crt.h" |
| #include "mbedtls/x509_csr.h" |
| #include "mbedtls/pem.h" |
| #include "mbedtls/oid.h" |
| #include "mbedtls/rsa.h" |
| #include "mbedtls/asn1write.h" |
| |
| #if defined(MBEDTLS_RSA_C) |
| int mbedtls_rsa_decrypt_func(void *ctx, int mode, size_t *olen, |
| const unsigned char *input, unsigned char *output, |
| size_t output_max_len) |
| { |
| return mbedtls_rsa_pkcs1_decrypt((mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen, |
| input, output, output_max_len); |
| } |
| int mbedtls_rsa_sign_func(void *ctx, |
| int (*f_rng)(void *, unsigned char *, size_t), void *p_rng, |
| int mode, mbedtls_md_type_t md_alg, unsigned int hashlen, |
| const unsigned char *hash, unsigned char *sig) |
| { |
| return mbedtls_rsa_pkcs1_sign((mbedtls_rsa_context *) ctx, f_rng, p_rng, mode, |
| md_alg, hashlen, hash, sig); |
| } |
| size_t mbedtls_rsa_key_len_func(void *ctx) |
| { |
| return ((const mbedtls_rsa_context *) ctx)->len; |
| } |
| #endif /* MBEDTLS_RSA_C */ |
| |
| #if defined(MBEDTLS_USE_PSA_CRYPTO) && \ |
| defined(MBEDTLS_PEM_WRITE_C) && defined(MBEDTLS_X509_CSR_WRITE_C) |
| static int x509_crt_verifycsr(const unsigned char *buf, size_t buflen) |
| { |
| unsigned char hash[MBEDTLS_MD_MAX_SIZE]; |
| const mbedtls_md_info_t *md_info; |
| mbedtls_x509_csr csr; |
| int ret = 0; |
| |
| mbedtls_x509_csr_init(&csr); |
| |
| if (mbedtls_x509_csr_parse(&csr, buf, buflen) != 0) { |
| ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; |
| goto cleanup; |
| } |
| |
| md_info = mbedtls_md_info_from_type(csr.sig_md); |
| if (mbedtls_md(md_info, csr.cri.p, csr.cri.len, hash) != 0) { |
| /* Note: this can't happen except after an internal error */ |
| ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA; |
| goto cleanup; |
| } |
| |
| if (mbedtls_pk_verify_ext(csr.sig_pk, csr.sig_opts, &csr.pk, |
| csr.sig_md, hash, mbedtls_md_get_size(md_info), |
| csr.sig.p, csr.sig.len) != 0) { |
| ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED; |
| goto cleanup; |
| } |
| |
| cleanup: |
| |
| mbedtls_x509_csr_free(&csr); |
| return ret; |
| } |
| #endif /* MBEDTLS_USE_PSA_CRYPTO && MBEDTLS_PEM_WRITE_C && MBEDTLS_X509_CSR_WRITE_C */ |
| |
| #if defined(MBEDTLS_X509_CSR_WRITE_C) |
| |
| /* |
| * The size of this temporary buffer is given by the sequence of functions |
| * called hereinafter: |
| * - mbedtls_asn1_write_oid() |
| * - 8 bytes for MBEDTLS_OID_EXTENDED_KEY_USAGE raw value |
| * - 1 byte for MBEDTLS_OID_EXTENDED_KEY_USAGE length |
| * - 1 byte for MBEDTLS_ASN1_OID tag |
| * - mbedtls_asn1_write_len() |
| * - 1 byte since we're dealing with sizes which are less than 0x80 |
| * - mbedtls_asn1_write_tag() |
| * - 1 byte |
| * |
| * This length is fine as long as this function is called using the |
| * MBEDTLS_OID_SERVER_AUTH OID. If this is changed in the future, then this |
| * buffer's length should be adjusted accordingly. |
| * Unfortunately there's no predefined max size for OIDs which can be used |
| * to set an overall upper boundary which is always guaranteed. |
| */ |
| #define EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH 12 |
| |
| static int csr_set_extended_key_usage(mbedtls_x509write_csr *ctx, |
| const char *oid, size_t oid_len) |
| { |
| unsigned char buf[EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH] = { 0 }; |
| unsigned char *p = buf + sizeof(buf); |
| int ret; |
| size_t len = 0; |
| |
| /* |
| * Following functions fail anyway if the temporary buffer is not large, |
| * but we set an extra check here to emphasize a possible source of errors |
| */ |
| if (oid_len > EXT_KEY_USAGE_TMP_BUF_MAX_LENGTH) { |
| return MBEDTLS_ERR_X509_BAD_INPUT_DATA; |
| } |
| |
| MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_oid(&p, buf, oid, oid_len)); |
| MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_len(&p, buf, ret)); |
| MBEDTLS_ASN1_CHK_ADD(len, mbedtls_asn1_write_tag(&p, buf, |
| MBEDTLS_ASN1_CONSTRUCTED | |
| MBEDTLS_ASN1_SEQUENCE)); |
| |
| ret = mbedtls_x509write_csr_set_extension(ctx, |
| MBEDTLS_OID_EXTENDED_KEY_USAGE, |
| MBEDTLS_OID_SIZE(MBEDTLS_OID_EXTENDED_KEY_USAGE), |
| p, |
| len); |
| |
| return ret; |
| } |
| #endif /* MBEDTLS_X509_CSR_WRITE_C */ |
| /* END_HEADER */ |
| |
| /* BEGIN_DEPENDENCIES |
| * depends_on:MBEDTLS_BIGNUM_C:MBEDTLS_FS_IO:MBEDTLS_PK_PARSE_C |
| * END_DEPENDENCIES |
| */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C */ |
| void x509_csr_check(char *key_file, char *cert_req_check_file, int md_type, |
| int key_usage, int set_key_usage, int cert_type, |
| int set_cert_type, int set_extension) |
| { |
| mbedtls_pk_context key; |
| mbedtls_x509write_csr req; |
| unsigned char buf[4096]; |
| unsigned char check_buf[4000]; |
| int ret; |
| size_t olen = 0, pem_len = 0, buf_index; |
| int der_len = -1; |
| FILE *f; |
| const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; |
| mbedtls_test_rnd_pseudo_info rnd_info; |
| |
| memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); |
| |
| mbedtls_x509write_csr_init(&req); |
| mbedtls_pk_init(&key); |
| USE_PSA_INIT(); |
| |
| TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); |
| |
| mbedtls_x509write_csr_set_md_alg(&req, md_type); |
| mbedtls_x509write_csr_set_key(&req, &key); |
| TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); |
| if (set_key_usage != 0) { |
| TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); |
| } |
| if (set_cert_type != 0) { |
| TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); |
| } |
| if (set_extension != 0) { |
| TEST_ASSERT(csr_set_extended_key_usage(&req, MBEDTLS_OID_SERVER_AUTH, |
| MBEDTLS_OID_SIZE(MBEDTLS_OID_SERVER_AUTH)) == 0); |
| } |
| |
| ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf), |
| mbedtls_test_rnd_pseudo_rand, &rnd_info); |
| TEST_ASSERT(ret == 0); |
| |
| pem_len = strlen((char *) buf); |
| |
| for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { |
| TEST_ASSERT(buf[buf_index] == 0); |
| } |
| |
| f = fopen(cert_req_check_file, "r"); |
| TEST_ASSERT(f != NULL); |
| olen = fread(check_buf, 1, sizeof(check_buf), f); |
| fclose(f); |
| |
| TEST_ASSERT(olen >= pem_len - 1); |
| TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); |
| |
| der_len = mbedtls_x509write_csr_der(&req, buf, sizeof(buf), |
| mbedtls_test_rnd_pseudo_rand, |
| &rnd_info); |
| TEST_ASSERT(der_len >= 0); |
| |
| if (der_len == 0) { |
| goto exit; |
| } |
| |
| ret = mbedtls_x509write_csr_der(&req, buf, (size_t) (der_len - 1), |
| mbedtls_test_rnd_pseudo_rand, &rnd_info); |
| TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); |
| |
| exit: |
| mbedtls_x509write_csr_free(&req); |
| mbedtls_pk_free(&key); |
| USE_PSA_DONE(); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CSR_WRITE_C:MBEDTLS_USE_PSA_CRYPTO */ |
| void x509_csr_check_opaque(char *key_file, int md_type, int key_usage, |
| int cert_type) |
| { |
| mbedtls_pk_context key; |
| mbedtls_svc_key_id_t key_id = MBEDTLS_SVC_KEY_ID_INIT; |
| psa_algorithm_t md_alg_psa; |
| mbedtls_x509write_csr req; |
| unsigned char buf[4096]; |
| int ret; |
| size_t pem_len = 0; |
| const char *subject_name = "C=NL,O=PolarSSL,CN=PolarSSL Server 1"; |
| mbedtls_test_rnd_pseudo_info rnd_info; |
| |
| memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); |
| |
| mbedtls_x509write_csr_init(&req); |
| |
| USE_PSA_INIT(); |
| |
| md_alg_psa = mbedtls_psa_translate_md((mbedtls_md_type_t) md_type); |
| TEST_ASSERT(md_alg_psa != MBEDTLS_MD_NONE); |
| |
| mbedtls_pk_init(&key); |
| TEST_ASSERT(mbedtls_pk_parse_keyfile(&key, key_file, NULL) == 0); |
| TEST_ASSERT(mbedtls_pk_wrap_as_opaque(&key, &key_id, md_alg_psa) == 0); |
| |
| mbedtls_x509write_csr_set_md_alg(&req, md_type); |
| mbedtls_x509write_csr_set_key(&req, &key); |
| TEST_ASSERT(mbedtls_x509write_csr_set_subject_name(&req, subject_name) == 0); |
| if (key_usage != 0) { |
| TEST_ASSERT(mbedtls_x509write_csr_set_key_usage(&req, key_usage) == 0); |
| } |
| if (cert_type != 0) { |
| TEST_ASSERT(mbedtls_x509write_csr_set_ns_cert_type(&req, cert_type) == 0); |
| } |
| |
| ret = mbedtls_x509write_csr_pem(&req, buf, sizeof(buf) - 1, |
| mbedtls_test_rnd_pseudo_rand, &rnd_info); |
| |
| TEST_ASSERT(ret == 0); |
| |
| pem_len = strlen((char *) buf); |
| buf[pem_len] = '\0'; |
| TEST_ASSERT(x509_crt_verifycsr(buf, pem_len + 1) == 0); |
| |
| exit: |
| mbedtls_x509write_csr_free(&req); |
| mbedtls_pk_free(&key); |
| psa_destroy_key(key_id); |
| USE_PSA_DONE(); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_PEM_WRITE_C:MBEDTLS_X509_CRT_WRITE_C:MBEDTLS_SHA1_C */ |
| void x509_crt_check(char *subject_key_file, char *subject_pwd, |
| char *subject_name, char *issuer_key_file, |
| char *issuer_pwd, char *issuer_name, |
| char *serial_str, char *not_before, char *not_after, |
| int md_type, int key_usage, int set_key_usage, |
| int cert_type, int set_cert_type, int auth_ident, |
| int ver, char *cert_check_file, int rsa_alt, int is_ca) |
| { |
| mbedtls_pk_context subject_key, issuer_key, issuer_key_alt; |
| mbedtls_pk_context *key = &issuer_key; |
| |
| mbedtls_x509write_cert crt; |
| unsigned char buf[4096]; |
| unsigned char check_buf[5000]; |
| unsigned char *p, *end; |
| unsigned char tag, sz; |
| mbedtls_mpi serial; |
| int ret, before_tag, after_tag; |
| size_t olen = 0, pem_len = 0, buf_index = 0; |
| int der_len = -1; |
| FILE *f; |
| mbedtls_test_rnd_pseudo_info rnd_info; |
| |
| memset(&rnd_info, 0x2a, sizeof(mbedtls_test_rnd_pseudo_info)); |
| mbedtls_mpi_init(&serial); |
| |
| mbedtls_pk_init(&subject_key); |
| mbedtls_pk_init(&issuer_key); |
| mbedtls_pk_init(&issuer_key_alt); |
| |
| mbedtls_x509write_crt_init(&crt); |
| USE_PSA_INIT(); |
| |
| TEST_ASSERT(mbedtls_pk_parse_keyfile(&subject_key, subject_key_file, |
| subject_pwd) == 0); |
| |
| TEST_ASSERT(mbedtls_pk_parse_keyfile(&issuer_key, issuer_key_file, |
| issuer_pwd) == 0); |
| |
| #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT) |
| /* For RSA PK contexts, create a copy as an alternative RSA context. */ |
| if (rsa_alt == 1 && mbedtls_pk_get_type(&issuer_key) == MBEDTLS_PK_RSA) { |
| TEST_ASSERT(mbedtls_pk_setup_rsa_alt(&issuer_key_alt, |
| mbedtls_pk_rsa(issuer_key), |
| mbedtls_rsa_decrypt_func, |
| mbedtls_rsa_sign_func, |
| mbedtls_rsa_key_len_func) == 0); |
| |
| key = &issuer_key_alt; |
| } |
| #else |
| (void) rsa_alt; |
| #endif |
| |
| TEST_ASSERT(mbedtls_test_read_mpi(&serial, serial_str) == 0); |
| |
| if (ver != -1) { |
| mbedtls_x509write_crt_set_version(&crt, ver); |
| } |
| |
| TEST_ASSERT(mbedtls_x509write_crt_set_serial(&crt, &serial) == 0); |
| TEST_ASSERT(mbedtls_x509write_crt_set_validity(&crt, not_before, |
| not_after) == 0); |
| mbedtls_x509write_crt_set_md_alg(&crt, md_type); |
| TEST_ASSERT(mbedtls_x509write_crt_set_issuer_name(&crt, issuer_name) == 0); |
| TEST_ASSERT(mbedtls_x509write_crt_set_subject_name(&crt, subject_name) == 0); |
| mbedtls_x509write_crt_set_subject_key(&crt, &subject_key); |
| |
| mbedtls_x509write_crt_set_issuer_key(&crt, key); |
| |
| if (crt.version >= MBEDTLS_X509_CRT_VERSION_3) { |
| /* For the CA case, a path length of -1 means unlimited. */ |
| TEST_ASSERT(mbedtls_x509write_crt_set_basic_constraints(&crt, is_ca, |
| (is_ca ? -1 : 0)) == 0); |
| TEST_ASSERT(mbedtls_x509write_crt_set_subject_key_identifier(&crt) == 0); |
| if (auth_ident) { |
| TEST_ASSERT(mbedtls_x509write_crt_set_authority_key_identifier(&crt) == 0); |
| } |
| if (set_key_usage != 0) { |
| TEST_ASSERT(mbedtls_x509write_crt_set_key_usage(&crt, key_usage) == 0); |
| } |
| if (set_cert_type != 0) { |
| TEST_ASSERT(mbedtls_x509write_crt_set_ns_cert_type(&crt, cert_type) == 0); |
| } |
| } |
| |
| ret = mbedtls_x509write_crt_pem(&crt, buf, sizeof(buf), |
| mbedtls_test_rnd_pseudo_rand, &rnd_info); |
| TEST_ASSERT(ret == 0); |
| |
| pem_len = strlen((char *) buf); |
| |
| // check that the rest of the buffer remains clear |
| for (buf_index = pem_len; buf_index < sizeof(buf); ++buf_index) { |
| TEST_ASSERT(buf[buf_index] == 0); |
| } |
| |
| if (*cert_check_file != '\0') { |
| f = fopen(cert_check_file, "r"); |
| TEST_ASSERT(f != NULL); |
| olen = fread(check_buf, 1, sizeof(check_buf), f); |
| fclose(f); |
| TEST_ASSERT(olen < sizeof(check_buf)); |
| TEST_ASSERT(olen >= pem_len - 1); |
| TEST_ASSERT(memcmp(buf, check_buf, pem_len - 1) == 0); |
| } |
| |
| der_len = mbedtls_x509write_crt_der(&crt, buf, sizeof(buf), |
| mbedtls_test_rnd_pseudo_rand, |
| &rnd_info); |
| TEST_ASSERT(der_len >= 0); |
| |
| if (der_len == 0) { |
| goto exit; |
| } |
| |
| // Not testing against file, check date format |
| if (*cert_check_file == '\0') { |
| // UTC tag if before 2050, 2 digits less for year |
| if (not_before[0] == '2' && (not_before[1] > '0' || not_before[2] > '4')) { |
| before_tag = MBEDTLS_ASN1_GENERALIZED_TIME; |
| } else { |
| before_tag = MBEDTLS_ASN1_UTC_TIME; |
| not_before += 2; |
| } |
| if (not_after[0] == '2' && (not_after[1] > '0' || not_after[2] > '4')) { |
| after_tag = MBEDTLS_ASN1_GENERALIZED_TIME; |
| } else { |
| after_tag = MBEDTLS_ASN1_UTC_TIME; |
| not_after += 2; |
| } |
| end = buf + sizeof(buf); |
| for (p = end - der_len; p < end;) { |
| tag = *p++; |
| sz = *p++; |
| if (tag == MBEDTLS_ASN1_UTC_TIME || tag == MBEDTLS_ASN1_GENERALIZED_TIME) { |
| // Check correct tag and time written |
| TEST_ASSERT(before_tag == tag); |
| TEST_ASSERT(memcmp(p, not_before, sz - 1) == 0); |
| p += sz; |
| tag = *p++; |
| sz = *p++; |
| TEST_ASSERT(after_tag == tag); |
| TEST_ASSERT(memcmp(p, not_after, sz - 1) == 0); |
| break; |
| } |
| // Increment if long form ASN1 length |
| if (sz & 0x80) { |
| p += sz & 0x0F; |
| } |
| if (tag != (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) { |
| p += sz; |
| } |
| } |
| TEST_ASSERT(p < end); |
| } |
| |
| ret = mbedtls_x509write_crt_der(&crt, buf, (size_t) (der_len - 1), |
| mbedtls_test_rnd_pseudo_rand, &rnd_info); |
| TEST_ASSERT(ret == MBEDTLS_ERR_ASN1_BUF_TOO_SMALL); |
| |
| exit: |
| mbedtls_x509write_crt_free(&crt); |
| mbedtls_pk_free(&issuer_key_alt); |
| mbedtls_pk_free(&subject_key); |
| mbedtls_pk_free(&issuer_key); |
| mbedtls_mpi_free(&serial); |
| USE_PSA_DONE(); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_WRITE_C */ |
| void x509_set_serial_check() |
| { |
| mbedtls_x509write_cert ctx; |
| mbedtls_mpi serial_mpi; |
| uint8_t invalid_serial[MBEDTLS_X509_RFC5280_MAX_SERIAL_LEN + 1]; |
| |
| USE_PSA_INIT(); |
| memset(invalid_serial, 0x01, sizeof(invalid_serial)); |
| |
| mbedtls_mpi_init(&serial_mpi); |
| TEST_EQUAL(mbedtls_mpi_read_binary(&serial_mpi, invalid_serial, |
| sizeof(invalid_serial)), 0); |
| TEST_EQUAL(mbedtls_x509write_crt_set_serial(&ctx, &serial_mpi), |
| MBEDTLS_ERR_X509_BAD_INPUT_DATA); |
| |
| exit: |
| mbedtls_mpi_free(&serial_mpi); |
| USE_PSA_DONE(); |
| } |
| /* END_CASE */ |
| |
| /* BEGIN_CASE depends_on:MBEDTLS_X509_CREATE_C:MBEDTLS_X509_USE_C */ |
| void mbedtls_x509_string_to_names(char *name, char *parsed_name, int result |
| ) |
| { |
| int ret; |
| size_t len = 0; |
| mbedtls_asn1_named_data *names = NULL; |
| mbedtls_x509_name parsed, *parsed_cur, *parsed_prv; |
| unsigned char buf[1024], out[1024], *c; |
| |
| USE_PSA_INIT(); |
| |
| memset(&parsed, 0, sizeof(parsed)); |
| memset(out, 0, sizeof(out)); |
| memset(buf, 0, sizeof(buf)); |
| c = buf + sizeof(buf); |
| |
| ret = mbedtls_x509_string_to_names(&names, name); |
| TEST_ASSERT(ret == result); |
| |
| if (ret != 0) { |
| goto exit; |
| } |
| |
| ret = mbedtls_x509_write_names(&c, buf, names); |
| TEST_ASSERT(ret > 0); |
| |
| TEST_ASSERT(mbedtls_asn1_get_tag(&c, buf + sizeof(buf), &len, |
| MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) == 0); |
| TEST_ASSERT(mbedtls_x509_get_name(&c, buf + sizeof(buf), &parsed) == 0); |
| |
| ret = mbedtls_x509_dn_gets((char *) out, sizeof(out), &parsed); |
| TEST_ASSERT(ret > 0); |
| |
| TEST_ASSERT(strcmp((char *) out, parsed_name) == 0); |
| |
| exit: |
| mbedtls_asn1_free_named_data_list(&names); |
| |
| parsed_cur = parsed.next; |
| while (parsed_cur != 0) { |
| parsed_prv = parsed_cur; |
| parsed_cur = parsed_cur->next; |
| mbedtls_free(parsed_prv); |
| } |
| USE_PSA_DONE(); |
| } |
| /* END_CASE */ |