Начало Каталог Помощ
Вход
OWEALs
/
openssl
огледало от git://git.openssl.org/openssl.git
2
0
Разклонения 0
Файлове Задачи 1 Уики
ИН на ревизия: a3b54f0f5d
Клонове Маркери
openssl
/
test
/
x509aux.c

x509aux.c 6.0 KB
История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231 
  1. /*
    2. 

  2.  * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the OpenSSL licenses, (the "License");
    5. 

  5.  * you may not use this file except in compliance with the License.
    6. 

  6.  * You may obtain a copy of the License at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  * or in the file LICENSE in the source distribution.
    9. 

  9.  */
    10. 

  10. 

  11. #include <stdio.h>
    12. 

  12. #include <string.h>
    13. 

  13. #include <errno.h>
    14. 

  14. 

  15. #include <openssl/x509.h>
    16. 

  16. #include <openssl/pem.h>
    17. 

  17. #include <openssl/conf.h>
    18. 

  18. #include <openssl/err.h>
    19. 

  19. 

  20. #include "../e_os.h"
    21. 

  21. 

  22. static const char *progname;
    23. 

  23. 

  24. static void test_usage(void)
    25. 

  25. {
    26. 

  26.     fprintf(stderr, "usage: %s certfile\n", progname);
    27. 

  27. }
    28. 

  28. 

  29. static void print_errors(void)
    30. 

  30. {
    31. 

  31.     unsigned long err;
    32. 

  32.     char buffer[1024];
    33. 

  33.     const char *file;
    34. 

  34.     const char *data;
    35. 

  35.     int line;
    36. 

  36.     int flags;
    37. 

  37. 

  38.     while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
    39. 

  39.         ERR_error_string_n(err, buffer, sizeof(buffer));
    40. 

  40.         if (flags & ERR_TXT_STRING)
    41. 

  41.             fprintf(stderr, "Error: %s:%s:%d:%s\n", buffer, file, line, data);
    42. 

  42.         else
    43. 

  43.             fprintf(stderr, "Error: %s:%s:%d\n", buffer, file, line);
    44. 

  44.     }
    45. 

  45. }
    46. 

  46. 

  47. static int test_certs(BIO *fp)
    48. 

  48. {
    49. 

  49.     int count;
    50. 

  50.     char *name = 0;
    51. 

  51.     char *header = 0;
    52. 

  52.     unsigned char *data = 0;
    53. 

  53.     long len;
    54. 

  54.     typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long);
    55. 

  55.     typedef int (*i2d_X509_t)(X509 *, unsigned char **);
    56. 

  56.     int err = 0;
    57. 

  57. 

  58.     for (count = 0;
    59. 

  59.          !err && PEM_read_bio(fp, &name, &header, &data, &len);
    60. 

  60. 	 ++count) {
    61. 

  61.         int trusted = strcmp(name, PEM_STRING_X509_TRUSTED) == 0;
    62. 

  62.         d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509;
    63. 

  63.         i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509;
    64. 

  64.         X509 *cert = NULL;
    65. 

  65. 	const unsigned char *p = data;
    66. 

  66.         unsigned char *buf = NULL;
    67. 

  67.         unsigned char *bufp;
    68. 

  68.         long enclen;
    69. 

  69. 

  70. 	if (!trusted
    71. 

  71.             && strcmp(name, PEM_STRING_X509) != 0
    72. 

  72. 	    && strcmp(name, PEM_STRING_X509_OLD) != 0) {
    73. 

  73. 	    fprintf(stderr, "unexpected PEM object: %s\n", name);
    74. 

  74.             err = 1;
    75. 

  75. 	    goto next;
    76. 

  76.         }
    77. 

  77.         cert = d2i(NULL, &p, len);
    78. 

  78. 

  79.         if (cert == NULL || (p - data) != len) {
    80. 

  80. 	    fprintf(stderr, "error parsing input %s\n", name);
    81. 

  81.             err = 1;
    82. 

  82.             goto next;
    83. 

  83.         }
    84. 

  84. 

  85.         /* Test traditional 2-pass encoding into caller allocated buffer */
    86. 

  86.         enclen = i2d(cert, NULL);
    87. 

  87.         if (len != enclen) {
    88. 

  88. 	    fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
    89. 

  89.                     enclen, name, len);
    90. 

  90.             err = 1;
    91. 

  91.             goto next;
    92. 

  92.         }
    93. 

  93.         if ((buf = bufp = OPENSSL_malloc(len)) == NULL) {
    94. 

  94.             perror("malloc");
    95. 

  95.             err = 1;
    96. 

  96.             goto next;
    97. 

  97.         }
    98. 

  98.         enclen = i2d(cert, &bufp);
    99. 

  99.         if (len != enclen) {
    100. 

  100. 	    fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
    101. 

  101.                     enclen, name, len);
    102. 

  102.             err = 1;
    103. 

  103.             goto next;
    104. 

  104.         }
    105. 

  105.         enclen = (long) (bufp - buf);
    106. 

  106.         if (enclen != len) {
    107. 

  107. 	    fprintf(stderr, "unexpected buffer position after encoding %s\n",
    108. 

  108.                     name);
    109. 

  109.             err = 1;
    110. 

  110.             goto next;
    111. 

  111.         }
    112. 

  112.         if (memcmp(buf, data, len) != 0) {
    113. 

  113. 	    fprintf(stderr, "encoded content of %s does not match input\n",
    114. 

  114.                     name);
    115. 

  115.             err = 1;
    116. 

  116.             goto next;
    117. 

  117.         }
    118. 

  118.         OPENSSL_free(buf);
    119. 

  119.         buf = NULL;
    120. 

  120. 

  121.         /* Test 1-pass encoding into library allocated buffer */
    122. 

  122.         enclen = i2d(cert, &buf);
    123. 

  123.         if (len != enclen) {
    124. 

  124. 	    fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
    125. 

  125.                     enclen, name, len);
    126. 

  126.             err = 1;
    127. 

  127.             goto next;
    128. 

  128.         }
    129. 

  129.         if (memcmp(buf, data, len) != 0) {
    130. 

  130. 	    fprintf(stderr, "encoded content of %s does not match input\n",
    131. 

  131.                     name);
    132. 

  132.             err = 1;
    133. 

  133.             goto next;
    134. 

  134.         }
    135. 

  135. 

  136.         if (trusted) {
    137. 

  137.             /* Encode just the cert and compare with initial encoding */
    138. 

  138.             OPENSSL_free(buf);
    139. 

  139.             buf = NULL;
    140. 

  140. 

  141.             /* Test 1-pass encoding into library allocated buffer */
    142. 

  142.             enclen = i2d(cert, &buf);
    143. 

  143.             if (enclen > len) {
    144. 

  144.                 fprintf(stderr, "encoded length %ld of %s > input length %ld\n",
    145. 

  145.                         enclen, name, len);
    146. 

  146.                 err = 1;
    147. 

  147.                 goto next;
    148. 

  148.             }
    149. 

  149.             if (memcmp(buf, data, enclen) != 0) {
    150. 

  150.                 fprintf(stderr, "encoded cert content does not match input\n");
    151. 

  151.                 err = 1;
    152. 

  152.                 goto next;
    153. 

  153.             }
    154. 

  154.         }
    155. 

  155. 

  156. 	/*
    157. 

  157. 	 * If any of these were null, PEM_read() would have failed.
    158. 

  158. 	 */
    159. 

  159.     next:
    160. 

  160.         X509_free(cert);
    161. 

  161.         OPENSSL_free(buf);
    162. 

  162. 	OPENSSL_free(name);
    163. 

  163. 	OPENSSL_free(header);
    164. 

  164. 	OPENSSL_free(data);
    165. 

  165.     }
    166. 

  166. 

  167.     if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
    168. 

  168.         /* Reached end of PEM file */
    169. 

  169.         if (count > 0) {
    170. 

  170.             ERR_clear_error();
    171. 

  171.             return 1;
    172. 

  172.         }
    173. 

  173.     }
    174. 

  174. 

  175.     /* Some other PEM read error */
    176. 

  176.     print_errors();
    177. 

  177.     return 0;
    178. 

  178. }
    179. 

  179. 

  180. int main(int argc, char *argv[])
    181. 

  181. {
    182. 

  182.     BIO *bio_err;
    183. 

  183.     const char *p;
    184. 

  184.     int ret = 1;
    185. 

  185. 

  186.     progname = argv[0];
    187. 

  187.     if (argc < 2) {
    188. 

  188.         test_usage();
    189. 

  189.         EXIT(ret);
    190. 

  190.     }
    191. 

  191. 

  192.     bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
    193. 

  193. 

  194.     p = getenv("OPENSSL_DEBUG_MEMORY");
    195. 

  195.     if (p != NULL && strcmp(p, "on") == 0)
    196. 

  196.         CRYPTO_set_mem_debug(1);
    197. 

  197.     CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
    198. 

  198. 

  199.     argc--;
    200. 

  200.     argv++;
    201. 

  201. 

  202.     while (argc >= 1) {
    203. 

  203.         BIO *f = BIO_new_file(*argv, "r");
    204. 

  204.         int ok;
    205. 

  205. 

  206.         if (f == NULL) {
    207. 

  207.             fprintf(stderr, "%s: Error opening cert file: '%s': %s\n",
    208. 

  208.                     progname, *argv, strerror(errno));
    209. 

  209.             EXIT(ret);
    210. 

  210.         }
    211. 

  211.         ret = !(ok = test_certs(f));
    212. 

  212.         BIO_free(f);
    213. 

  213. 

  214.         if (!ok) {
    215. 

  215.             printf("%s ERROR\n", *argv);
    216. 

  216.             ret = 1;
    217. 

  217.             break;
    218. 

  218.         }
    219. 

  219.         printf("%s OK\n", *argv);
    220. 

  220. 

  221.         argc--;
    222. 

  222.         argv++;
    223. 

  223.     }
    224. 

  224. 

  225. #ifndef OPENSSL_NO_CRYPTO_MDEBUG
    226. 

  226.     if (CRYPTO_mem_leaks(bio_err) <= 0)
    227. 

  227.         ret = 1;
    228. 

  228. #endif
    229. 

  229.     BIO_free(bio_err);
    230. 

  230.     EXIT(ret);
    231. 

  231. }
    232.