xref: /freebsd/crypto/openssl/test/x509_acert_test.c (revision f1c4c3daccbaf3820f0e2224de53df12fc952fcc) 
1 /*
2  * Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <openssl/pem.h>
11 #include <openssl/rsa.h>
12 #include <openssl/x509_acert.h>
13 
14 #include "testutil.h"
15 
16 static int test_print_acert(int idx)
17 {
18     int ret = 0;
19     const char *acert_file;
20     X509_ACERT *acert = NULL;
21     BIO *bp, *bout;
22 
23     if (!TEST_ptr(acert_file = test_get_argument(idx)))
24         return 0;
25 
26     if (!TEST_ptr(bp = BIO_new_file(acert_file, "r")))
27         return 0;
28 
29     if (!TEST_ptr(bout = BIO_new_fp(stderr, BIO_NOCLOSE)))
30         goto err;
31 
32     if (!TEST_ptr(acert = PEM_read_bio_X509_ACERT(bp, NULL, NULL, NULL)))
33         goto err;
34 
35     if (!TEST_int_eq(X509_ACERT_print(bout, acert), 1)) {
36         goto err;
37     }
38 
39     ret = 1;
40 
41 err:
42     BIO_free(bp);
43     BIO_free(bout);
44     X509_ACERT_free(acert);
45     return ret;
46 }
47 
48 static int test_acert_sign(void)
49 {
50     int ret = 0;
51     const char *acert_file;
52     EVP_PKEY *pkey;
53     BIO *bp = NULL;
54     X509_ACERT *acert = NULL;
55 
56     if (!TEST_ptr(acert_file = test_get_argument(0)))
57         return 0;
58 
59     if (!TEST_ptr(pkey = EVP_RSA_gen(2048)))
60         return 0;
61 
62     if (!TEST_ptr(bp = BIO_new_file(acert_file, "r")))
63         goto err;
64 
65     if (!TEST_ptr(acert = PEM_read_bio_X509_ACERT(bp, NULL, NULL, NULL)))
66         goto err;
67 
68     if (!TEST_int_gt(X509_ACERT_sign(acert, pkey, EVP_sha256()), 0) ||
69         !TEST_int_eq(X509_ACERT_verify(acert, pkey), 1))
70         goto err;
71 
72     ret = 1;
73 
74 err:
75     BIO_free(bp);
76     X509_ACERT_free(acert);
77     EVP_PKEY_free(pkey);
78     return ret;
79 }
80 
81 /* IetfAttrSyntax structure with one value */
82 static const unsigned char attr_syntax_single[] = {
83   0x30, 0x15, 0xa0, 0x09, 0x86, 0x07, 0x54, 0x65, 0x73, 0x74, 0x76, 0x61,
84   0x6c, 0x30, 0x08, 0x0c, 0x06, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x31
85 };
86 
87 /* IetfAttrSyntax structure with multiple values of the same type */
88 static const unsigned char attr_syntax_multiple[] = {
89   0x30, 0x1d, 0x30, 0x1b, 0x0c, 0x07, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x20,
90   0x31, 0x0c, 0x07, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x20, 0x32, 0x0c, 0x07,
91   0x67, 0x72, 0x6f, 0x75, 0x70, 0x20, 0x33
92 };
93 
94 /* IetfAttrSyntax structure with multiple values of different types */
95 static const unsigned char attr_syntax_diff_type[] = {
96   0x30, 0x11, 0x30, 0x0f, 0x04, 0x08, 0x64, 0x65, 0x61, 0x64, 0x63, 0x6f,
97   0x64, 0x65, 0x0c, 0x03, 0x61, 0x61, 0x61
98 };
99 
100 /* IetfAttrSyntax structure with an invalid/unsupported value type */
101 static const unsigned char attr_syntax_invalid_type[] = {
102   0x30, 0x05, 0x30, 0x03, 0x02, 0x01, 0x0a
103 };
104 
105 #define ADD_TEST_DATA(x, valid) {x, sizeof(x), valid}
106 
107 struct ietf_type_test_data {
108     const unsigned char *data;
109     size_t len;
110     int valid;
111 };
112 
113 static const struct ietf_type_test_data ietf_syntax_tests[] = {
114     ADD_TEST_DATA(attr_syntax_single, 1),
115     ADD_TEST_DATA(attr_syntax_multiple, 1),
116     ADD_TEST_DATA(attr_syntax_diff_type, 0),
117     ADD_TEST_DATA(attr_syntax_invalid_type, 0),
118 };
119 
120 static int test_object_group_attr(int idx)
121 {
122     int ret = 0;
123     OSSL_IETF_ATTR_SYNTAX *ias = NULL;
124     BIO *bout = NULL;
125     const unsigned char *p;
126     const struct ietf_type_test_data *test = &ietf_syntax_tests[idx];
127 
128     if (!TEST_ptr(bout = BIO_new_fp(stderr, BIO_NOCLOSE)))
129         goto done;
130 
131     p = test->data;
132 
133     ias = d2i_OSSL_IETF_ATTR_SYNTAX(NULL, &p, test->len);
134 
135     if ((test->valid && !TEST_ptr(ias))
136             || (!test->valid && !TEST_ptr_null(ias)))
137         goto done;
138 
139     if (ias != NULL
140             && !TEST_int_eq(OSSL_IETF_ATTR_SYNTAX_print(bout, ias, 4), 1)) {
141         OSSL_IETF_ATTR_SYNTAX_free(ias);
142         goto done;
143     }
144 
145     ret = 1;
146 
147 done:
148     OSSL_IETF_ATTR_SYNTAX_free(ias);
149     BIO_free(bout);
150     return ret;
151 }
152 
153 OPT_TEST_DECLARE_USAGE("[<attribute certs (PEM)>...]\n")
154 int setup_tests(void)
155 {
156     int cnt;
157 
158     if (!test_skip_common_options()) {
159         TEST_error("Error parsing test options\n");
160         return 0;
161     }
162 
163     cnt = test_get_argument_count();
164     if (cnt < 1) {
165         TEST_error("Must specify at least 1 attribute certificate file\n");
166         return 0;
167     }
168 
169     ADD_ALL_TESTS(test_print_acert, cnt);
170     ADD_TEST(test_acert_sign);
171     ADD_ALL_TESTS(test_object_group_attr, OSSL_NELEM(ietf_syntax_tests));
172 
173     return 1;
174 }
175