pkcs12_api_test.c 6.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261
  1. /*
  2. * Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <string.h>
  11. #include <stdlib.h>
  12. #include "internal/nelem.h"
  13. #include <openssl/pkcs12.h>
  14. #include <openssl/x509.h>
  15. #include <openssl/x509v3.h>
  16. #include <openssl/pem.h>
  17. #include "testutil.h"
  18. #include "helpers/pkcs12.h"
  19. static OSSL_LIB_CTX *testctx = NULL;
  20. static OSSL_PROVIDER *nullprov = NULL;
  21. static OSSL_PROVIDER *deflprov = NULL;
  22. static int test_null_args(void)
  23. {
  24. return TEST_false(PKCS12_parse(NULL, NULL, NULL, NULL, NULL));
  25. }
  26. static PKCS12 *PKCS12_load(const char *fpath)
  27. {
  28. BIO *bio = NULL;
  29. PKCS12 *p12 = NULL;
  30. bio = BIO_new_file(fpath, "rb");
  31. if (!TEST_ptr(bio))
  32. goto err;
  33. p12 = PKCS12_init(NID_pkcs7_data);
  34. if (!TEST_ptr(p12))
  35. goto err;
  36. if (!TEST_true(p12 == d2i_PKCS12_bio(bio, &p12)))
  37. goto err;
  38. BIO_free(bio);
  39. return p12;
  40. err:
  41. BIO_free(bio);
  42. PKCS12_free(p12);
  43. return NULL;
  44. }
  45. static const char *in_file = NULL;
  46. static const char *in_pass = "";
  47. static int has_key = 0;
  48. static int has_cert = 0;
  49. static int has_ca = 0;
  50. static int pkcs12_parse_test(void)
  51. {
  52. int ret = 0;
  53. PKCS12 *p12 = NULL;
  54. EVP_PKEY *key = NULL;
  55. X509 *cert = NULL;
  56. STACK_OF(X509) *ca = NULL;
  57. if (in_file != NULL) {
  58. p12 = PKCS12_load(in_file);
  59. if (!TEST_ptr(p12))
  60. goto err;
  61. if (!TEST_true(PKCS12_parse(p12, in_pass, &key, &cert, &ca)))
  62. goto err;
  63. if ((has_key && !TEST_ptr(key)) || (!has_key && !TEST_ptr_null(key)))
  64. goto err;
  65. if ((has_cert && !TEST_ptr(cert)) || (!has_cert && !TEST_ptr_null(cert)))
  66. goto err;
  67. if ((has_ca && !TEST_ptr(ca)) || (!has_ca && !TEST_ptr_null(ca)))
  68. goto err;
  69. }
  70. ret = 1;
  71. err:
  72. PKCS12_free(p12);
  73. EVP_PKEY_free(key);
  74. X509_free(cert);
  75. OSSL_STACK_OF_X509_free(ca);
  76. return TEST_true(ret);
  77. }
  78. static int pkcs12_create_cb(PKCS12_SAFEBAG *bag, void *cbarg)
  79. {
  80. int cb_ret = *((int*)cbarg);
  81. return cb_ret;
  82. }
  83. static PKCS12 *pkcs12_create_ex2_setup(EVP_PKEY **key, X509 **cert, STACK_OF(X509) **ca)
  84. {
  85. PKCS12 *p12 = NULL;
  86. p12 = PKCS12_load("out6.p12");
  87. if (!TEST_ptr(p12))
  88. goto err;
  89. if (!TEST_true(PKCS12_parse(p12, "", key, cert, ca)))
  90. goto err;
  91. return p12;
  92. err:
  93. PKCS12_free(p12);
  94. return NULL;
  95. }
  96. static int pkcs12_create_ex2_test(int test)
  97. {
  98. int ret = 0, cb_ret = 0;
  99. PKCS12 *ptr = NULL, *p12 = NULL;
  100. EVP_PKEY *key = NULL;
  101. X509 *cert = NULL;
  102. STACK_OF(X509) *ca = NULL;
  103. p12 = pkcs12_create_ex2_setup(&key, &cert, &ca);
  104. if (!TEST_ptr(p12))
  105. goto err;
  106. if (test == 0) {
  107. /* Confirm PKCS12_create_ex2 returns NULL */
  108. ptr = PKCS12_create_ex2(NULL, NULL, NULL,
  109. NULL, NULL, NID_undef, NID_undef,
  110. 0, 0, 0,
  111. NULL, NULL,
  112. NULL, NULL);
  113. if (TEST_ptr(ptr))
  114. goto err;
  115. /* Can't proceed without a valid cert at least */
  116. if (!TEST_ptr(cert))
  117. goto err;
  118. /* Specified call back called - return success */
  119. cb_ret = 1;
  120. ptr = PKCS12_create_ex2(NULL, NULL, NULL,
  121. cert, NULL, NID_undef, NID_undef,
  122. 0, 0, 0,
  123. NULL, NULL,
  124. pkcs12_create_cb, (void*)&cb_ret);
  125. /* PKCS12 successfully created */
  126. if (!TEST_ptr(ptr))
  127. goto err;
  128. } else if (test == 1) {
  129. /* Specified call back called - return error*/
  130. cb_ret = -1;
  131. ptr = PKCS12_create_ex2(NULL, NULL, NULL,
  132. cert, NULL, NID_undef, NID_undef,
  133. 0, 0, 0,
  134. NULL, NULL,
  135. pkcs12_create_cb, (void*)&cb_ret);
  136. /* PKCS12 not created */
  137. if (TEST_ptr(ptr))
  138. goto err;
  139. } else if (test == 2) {
  140. /* Specified call back called - return failure */
  141. cb_ret = 0;
  142. ptr = PKCS12_create_ex2(NULL, NULL, NULL,
  143. cert, NULL, NID_undef, NID_undef,
  144. 0, 0, 0,
  145. NULL, NULL,
  146. pkcs12_create_cb, (void*)&cb_ret);
  147. /* PKCS12 successfully created */
  148. if (!TEST_ptr(ptr))
  149. goto err;
  150. }
  151. ret = 1;
  152. err:
  153. PKCS12_free(p12);
  154. PKCS12_free(ptr);
  155. EVP_PKEY_free(key);
  156. X509_free(cert);
  157. OSSL_STACK_OF_X509_free(ca);
  158. return TEST_true(ret);
  159. }
  160. typedef enum OPTION_choice {
  161. OPT_ERR = -1,
  162. OPT_EOF = 0,
  163. OPT_IN_FILE,
  164. OPT_IN_PASS,
  165. OPT_IN_HAS_KEY,
  166. OPT_IN_HAS_CERT,
  167. OPT_IN_HAS_CA,
  168. OPT_LEGACY,
  169. OPT_TEST_ENUM
  170. } OPTION_CHOICE;
  171. const OPTIONS *test_get_options(void)
  172. {
  173. static const OPTIONS options[] = {
  174. OPT_TEST_OPTIONS_DEFAULT_USAGE,
  175. { "in", OPT_IN_FILE, '<', "PKCS12 input file" },
  176. { "pass", OPT_IN_PASS, 's', "PKCS12 input file password" },
  177. { "has-key", OPT_IN_HAS_KEY, 'n', "Whether the input file does contain an user key" },
  178. { "has-cert", OPT_IN_HAS_CERT, 'n', "Whether the input file does contain an user certificate" },
  179. { "has-ca", OPT_IN_HAS_CA, 'n', "Whether the input file does contain other certificate" },
  180. { "legacy", OPT_LEGACY, '-', "Test the legacy APIs" },
  181. { NULL }
  182. };
  183. return options;
  184. }
  185. int setup_tests(void)
  186. {
  187. OPTION_CHOICE o;
  188. while ((o = opt_next()) != OPT_EOF) {
  189. switch (o) {
  190. case OPT_IN_FILE:
  191. in_file = opt_arg();
  192. break;
  193. case OPT_IN_PASS:
  194. in_pass = opt_arg();
  195. break;
  196. case OPT_LEGACY:
  197. break;
  198. case OPT_IN_HAS_KEY:
  199. has_key = opt_int_arg();
  200. break;
  201. case OPT_IN_HAS_CERT:
  202. has_cert = opt_int_arg();
  203. break;
  204. case OPT_IN_HAS_CA:
  205. has_ca = opt_int_arg();
  206. break;
  207. case OPT_TEST_CASES:
  208. break;
  209. default:
  210. return 0;
  211. }
  212. }
  213. deflprov = OSSL_PROVIDER_load(testctx, "default");
  214. if (!TEST_ptr(deflprov))
  215. return 0;
  216. ADD_TEST(test_null_args);
  217. ADD_TEST(pkcs12_parse_test);
  218. ADD_ALL_TESTS(pkcs12_create_ex2_test, 3);
  219. return 1;
  220. }
  221. void cleanup_tests(void)
  222. {
  223. OSSL_PROVIDER_unload(nullprov);
  224. OSSL_PROVIDER_unload(deflprov);
  225. OSSL_LIB_CTX_free(testctx);
  226. }