|
@@ -38183,11 +38183,13 @@ static void test_wolfSSL_X509_CRL(void)
|
|
|
static void test_wolfSSL_d2i_X509_REQ(void)
|
|
|
{
|
|
|
#if defined(WOLFSSL_CERT_REQ) && (defined(OPENSSL_ALL) || defined(OPENSSL_EXTRA))
|
|
|
- /* ./certs/csr.signed.der and ./certs/csr.attr.der were
|
|
|
+ /* ./certs/csr.signed.der, ./certs/csr.ext.der, and ./certs/csr.attr.der were
|
|
|
* generated by libest
|
|
|
- * ./certs/csr.attr.der contains sample attributes */
|
|
|
+ * ./certs/csr.attr.der contains sample attributes
|
|
|
+ * ./certs/csr.ext.der contains sample extensions */
|
|
|
const char* csrFile = "./certs/csr.signed.der";
|
|
|
const char* csrPopFile = "./certs/csr.attr.der";
|
|
|
+ const char* csrExtFile = "./certs/csr.ext.der";
|
|
|
/* ./certs/csr.dsa.pem is generated using
|
|
|
* openssl req -newkey dsa:certs/dsaparams.pem \
|
|
|
* -keyout certs/csr.dsa.key.pem -keyform PEM -out certs/csr.dsa.pem \
|
|
@@ -38249,6 +38251,42 @@ static void test_wolfSSL_d2i_X509_REQ(void)
|
|
|
AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "2xIE+qqp/rhyTXP+");
|
|
|
#endif
|
|
|
|
|
|
+ X509_free(req);
|
|
|
+ BIO_free(bio);
|
|
|
+ EVP_PKEY_free(pub_key);
|
|
|
+ }
|
|
|
+ {
|
|
|
+#ifdef OPENSSL_ALL
|
|
|
+ X509_ATTRIBUTE* attr;
|
|
|
+ ASN1_TYPE *at;
|
|
|
+#endif
|
|
|
+ AssertNotNull(bio = BIO_new_file(csrExtFile, "rb"));
|
|
|
+ /* This CSR contains an Extension Request attribute so
|
|
|
+ * we test extension parsing in a CSR attribute here. */
|
|
|
+ AssertNotNull(d2i_X509_REQ_bio(bio, &req));
|
|
|
+
|
|
|
+ /*
|
|
|
+ * Extract the public key from the CSR
|
|
|
+ */
|
|
|
+ AssertNotNull(pub_key = X509_REQ_get_pubkey(req));
|
|
|
+
|
|
|
+ /*
|
|
|
+ * Verify the signature in the CSR
|
|
|
+ */
|
|
|
+ AssertIntEQ(X509_REQ_verify(req, pub_key), 1);
|
|
|
+
|
|
|
+#ifdef OPENSSL_ALL
|
|
|
+ /*
|
|
|
+ * Obtain the challenge password from the CSR
|
|
|
+ */
|
|
|
+ AssertIntEQ(X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1),
|
|
|
+ NID_pkcs9_challengePassword);
|
|
|
+ AssertNotNull(attr = X509_REQ_get_attr(req, NID_pkcs9_challengePassword));
|
|
|
+ AssertNotNull(at = X509_ATTRIBUTE_get0_type(attr, 0));
|
|
|
+ AssertNotNull(at->value.asn1_string);
|
|
|
+ AssertStrEQ((char*)ASN1_STRING_data(at->value.asn1_string), "IGCu/xNL4/0/wOgo");
|
|
|
+#endif
|
|
|
+
|
|
|
X509_free(req);
|
|
|
BIO_free(bio);
|
|
|
EVP_PKEY_free(pub_key);
|