blob: 74d2356078ed95d575e5c5670dd448dc15d1ce84 [file] [log] [blame]
Paul Bakker4593aea2009-02-09 22:32:35 +00001/*
2 * SSL certificate functionality tests
3 *
4 * Copyright (C) 2009 Paul Bakker <polarssl_maintainer at polarssl dot org>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#ifndef _CRT_SECURE_NO_DEPRECATE
22#define _CRT_SECURE_NO_DEPRECATE 1
23#endif
24
25#include <string.h>
26#include <stdio.h>
27
28#include "polarssl/certs.h"
29#include "polarssl/x509.h"
30
31#define MAX_CLIENT_CERTS 6
32
33char *client_certificates[MAX_CLIENT_CERTS] =
34{
35 "client1.crt",
36 "client2.crt",
37 "cert_sha224.crt",
38 "cert_sha256.crt",
39 "cert_sha384.crt",
40 "cert_sha512.crt"
41};
42
43int main( void )
44{
45 int ret, i;
46 x509_cert cacert, clicert;
47
48 /*
49 * 1.1. Load the trusted CA
50 */
51 printf( "\n . Loading the CA root certificate ..." );
52 fflush( stdout );
53
54 memset( &cacert, 0, sizeof( x509_cert ) );
55
56 /*
57 * Alternatively, you may load the CA certificates from a .pem or
58 * .crt file by calling x509parse_crtfile( &cacert, "myca.crt" ).
59 */
60 ret = x509parse_crtfile( &cacert, "ssl/test-ca/test-ca.crt" );
61 if( ret != 0 )
62 {
63 printf( " failed\n ! x509parse_crtfile returned %d\n\n", ret );
64 goto exit;
65 }
66
67 printf( " ok\n" );
68
69 for( i = 0; i < MAX_CLIENT_CERTS; i++ )
70 {
71 /*
72 * 1.2. Load own certificate and private key
73 */
74 char name[512];
75 snprintf(name, 512, "ssl/test-ca/%s", client_certificates[i]);
76
77 printf( " . Loading the client certificatei %s...", name );
78 fflush( stdout );
79
80 memset( &clicert, 0, sizeof( x509_cert ) );
81
82 ret = x509parse_crtfile( &clicert, name );
83 if( ret != 0 )
84 {
85 printf( " failed\n ! x509parse_crt returned %d\n\n", ret );
86 goto exit;
87 }
88
89 printf( " ok\n" );
90
91 /*
92 * 1.3. Verify certificate validity
93 */
94 printf( " . Verify the client certificate..." );
95 fflush( stdout );
96
97 int flags;
98
99 ret = x509parse_verify( &clicert, &cacert, NULL, &flags );
100 if( ret != 0 )
101 {
102 printf( " failed\n ! x509parse_verify returned %d\n\n", ret );
103 goto exit;
104 }
105
106 printf( " ok\n" );
107 }
108
109exit:
110 x509_free( &clicert );
111 x509_free( &cacert );
112
113#ifdef WIN32
114 printf( " + Press Enter to exit this program.\n" );
115 fflush( stdout ); getchar();
116#endif
117
118 return( ret );
119}