Extend tests/data_files/Makefile to include CRT's for CRT write test

2026-01-08 07:28:58 +01:00 · 2017-09-14 07:51:28 +01:00 · 2017-09-14 07:51:28 +01:00 · 418a62242b
commit 418a62242b
parent 6c13d37961
12 changed files with 265 additions and 13 deletions
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@ -3,6 +3,30 @@
 #include "mbedtls/x509_csr.h"
 #include "mbedtls/pem.h"
 #include "mbedtls/oid.h"
+#include "mbedtls/rsa.h"
+
+#if defined(MBEDTLS_RSA_C)
+int mbedtls_rsa_decrypt_func( void *ctx, int mode, size_t *olen,
+                       const unsigned char *input, unsigned char *output,
+                       size_t output_max_len )
+{
+    return( mbedtls_rsa_pkcs1_decrypt( (mbedtls_rsa_context *) ctx, NULL, NULL, mode, olen,
+                               input, output, output_max_len ) );
+}
+int mbedtls_rsa_sign_func( void *ctx,
+                   int (*f_rng)(void *, unsigned char *, size_t), void *p_rng,
+                   int mode, mbedtls_md_type_t md_alg, unsigned int hashlen,
+                   const unsigned char *hash, unsigned char *sig )
+{
+    return( mbedtls_rsa_pkcs1_sign( (mbedtls_rsa_context *) ctx, f_rng, p_rng, mode,
+                            md_alg, hashlen, hash, sig ) );
+}
+size_t mbedtls_rsa_key_len_func( void *ctx )
+{
+    return( ((const mbedtls_rsa_context *) ctx)->len );
+}
+#endif /* MBEDTLS_RSA_C */
+
 /* END_HEADER */

 /* BEGIN_DEPENDENCIES
@ -75,10 +99,12 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
                     char *subject_name, char *issuer_key_file,
                     char *issuer_pwd, char *issuer_name,
                     char *serial_str, char *not_before, char *not_after,
-                     int md_type, int key_usage, int cert_type, int ver,
-                     char *cert_check_file )
+                     int md_type, int key_usage, int cert_type, int auth_ident,
+                     int ver, char *cert_check_file, int rsa_alt )
 {
-    mbedtls_pk_context subject_key, issuer_key;
+    mbedtls_pk_context subject_key, issuer_key, issuer_key_alt;
+    mbedtls_pk_context *key = &issuer_key;
+
    mbedtls_x509write_cert crt;
    unsigned char buf[4096];
    unsigned char check_buf[5000];
@ -91,18 +117,36 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,

    memset( &rnd_info, 0x2a, sizeof( rnd_pseudo_info ) );
    mbedtls_mpi_init( &serial );
+
    mbedtls_pk_init( &subject_key );
-    mbedtls_pk_init( &issuer_key );
+    mbedtls_pk_init( &issuer_key  );
+    mbedtls_pk_init( &issuer_key_alt );
+
+    mbedtls_x509write_crt_init( &crt );

    TEST_ASSERT( mbedtls_pk_parse_keyfile( &subject_key, subject_key_file,
                                         subject_pwd ) == 0 );
+
    TEST_ASSERT( mbedtls_pk_parse_keyfile( &issuer_key, issuer_key_file,
                                         issuer_pwd ) == 0 );
+
+    /* For RSA PK contexts, create a copy as an alternative RSA context. */
+    if( rsa_alt == 1 && mbedtls_pk_get_type( &issuer_key ) == MBEDTLS_PK_RSA )
+    {
+        TEST_ASSERT( mbedtls_pk_setup_rsa_alt( &issuer_key_alt,
+                                            mbedtls_pk_rsa( issuer_key ),
+                                            mbedtls_rsa_decrypt_func,
+                                            mbedtls_rsa_sign_func,
+                                            mbedtls_rsa_key_len_func ) == 0 );
+
+        key = &issuer_key_alt;
+    }
+
    TEST_ASSERT( mbedtls_mpi_read_string( &serial, 10, serial_str ) == 0 );

-    mbedtls_x509write_crt_init( &crt );
    if( ver != -1 )
        mbedtls_x509write_crt_set_version( &crt, ver );
+
    TEST_ASSERT( mbedtls_x509write_crt_set_serial( &crt, &serial ) == 0 );
    TEST_ASSERT( mbedtls_x509write_crt_set_validity( &crt, not_before,
                                                   not_after ) == 0 );
@ -110,13 +154,15 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,
    TEST_ASSERT( mbedtls_x509write_crt_set_issuer_name( &crt, issuer_name ) == 0 );
    TEST_ASSERT( mbedtls_x509write_crt_set_subject_name( &crt, subject_name ) == 0 );
    mbedtls_x509write_crt_set_subject_key( &crt, &subject_key );
-    mbedtls_x509write_crt_set_issuer_key( &crt, &issuer_key );
+
+    mbedtls_x509write_crt_set_issuer_key( &crt, key );

    if( crt.version >= MBEDTLS_X509_CRT_VERSION_3 )
    {
        TEST_ASSERT( mbedtls_x509write_crt_set_basic_constraints( &crt, 0, 0 ) == 0 );
        TEST_ASSERT( mbedtls_x509write_crt_set_subject_key_identifier( &crt ) == 0 );
-        TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
+        if( auth_ident )
+            TEST_ASSERT( mbedtls_x509write_crt_set_authority_key_identifier( &crt ) == 0 );
        if( key_usage != 0 )
            TEST_ASSERT( mbedtls_x509write_crt_set_key_usage( &crt, key_usage ) == 0 );
        if( cert_type != 0 )
@ -151,8 +197,9 @@ void x509_crt_check( char *subject_key_file, char *subject_pwd,

 exit:
    mbedtls_x509write_crt_free( &crt );
-    mbedtls_pk_free( &issuer_key );
+    mbedtls_pk_free( &issuer_key_alt );
    mbedtls_pk_free( &subject_key );
+    mbedtls_pk_free( &issuer_key );
    mbedtls_mpi_free( &serial );
 }
 /* END_CASE */