tests/crq_apis.c

   1 /*
   2  * Copyright (C) 2008-2012 Free Software Foundation, Inc.
   3  *
   4  * Author: Simon Josefsson
   5  *
   6  * This file is part of GnuTLS.
   7  *
   8  * GnuTLS is free software; you can redistribute it and/or modify it
   9  * under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation; either version 3 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * GnuTLS is distributed in the hope that it will be useful, but
  14  * WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  16  * General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with GnuTLS; if not, write to the Free Software Foundation,
  20  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  21  */
  22
  23 #ifdef HAVE_CONFIG_H
  24 #include <config.h>
  25 #endif
  26
  27 #include <stdlib.h>
  28 #include <stdio.h>
  29 #include <string.h>
  30 #include <gnutls/gnutls.h>
  31 #include <gnutls/x509.h>
  32
  33 #include "utils.h"
  34
  35 static void tls_log_func(int level, const char *str)
  36 {
  37         fprintf(stderr, "%s |<%d>| %s", "crq_key_id", level, str);
  38 }
  39
  40 static unsigned char key_pem[] =
  41     "-----BEGIN RSA PRIVATE KEY-----\n"
  42     "MIICXAIBAAKBgQC7ZkP18sXXtozMxd/1iDuxyUtqDqGtIFBACIChT1yj0Phsz+Y8\n"
  43     "9+wEdhMXi2SJIlvA3VN8O+18BLuAuSi+jpvGjqClEsv1Vx6i57u3M0mf47tKrmpN\n"
  44     "aP/JEeIyjc49gAuNde/YAIGPKAQDoCKNYQQH+rY3fSEHSdIJYWmYkKNYqQIDAQAB\n"
  45     "AoGADpmARG5CQxS+AesNkGmpauepiCz1JBF/JwnyiX6vEzUh0Ypd39SZztwrDxvF\n"
  46     "PJjQaKVljml1zkJpIDVsqvHdyVdse8M+Qn6hw4x2p5rogdvhhIL1mdWo7jWeVJTF\n"
  47     "RKB7zLdMPs3ySdtcIQaF9nUAQ2KJEvldkO3m/bRJFEp54k0CQQDYy+RlTmwRD6hy\n"
  48     "7UtMjR0H3CSZJeQ8svMCxHLmOluG9H1UKk55ZBYfRTsXniqUkJBZ5wuV1L+pR9EK\n"
  49     "ca89a+1VAkEA3UmBelwEv2u9cAU1QjKjmwju1JgXbrjEohK+3B5y0ESEXPAwNQT9\n"
  50     "TrDM1m9AyxYTWLxX93dI5QwNFJtmbtjeBQJARSCWXhsoaDRG8QZrCSjBxfzTCqZD\n"
  51     "ZXtl807ymCipgJm60LiAt0JLr4LiucAsMZz6+j+quQbSakbFCACB8SLV1QJBAKZQ\n"
  52     "YKf+EPNtnmta/rRKKvySsi3GQZZN+Dt3q0r094XgeTsAqrqujVNfPhTMeP4qEVBX\n"
  53     "/iVX2cmMTSh3w3z8MaECQEp0XJWDVKOwcTW6Ajp9SowtmiZ3YDYo1LF9igb4iaLv\n"
  54     "sWZGfbnU3ryjvkb6YuFjgtzbZDZHWQCo8/cOtOBmPdk=\n"
  55     "-----END RSA PRIVATE KEY-----\n";
  56 const gnutls_datum_t key = { key_pem, sizeof(key_pem) };
  57
  58 void doit(void)
  59 {
  60         gnutls_x509_privkey_t pkey;
  61         gnutls_x509_crt_t crt;
  62         gnutls_x509_crq_t crq;
  63
  64         gnutls_datum_t out;
  65
  66         size_t s = 0;
  67
  68         char smallbuf[10];
  69
  70         int ret;
  71
  72         ret = global_init();
  73         if (ret < 0)
  74                 fail("global_init\n");
  75
  76         gnutls_global_set_log_function(tls_log_func);
  77         if (debug)
  78                 gnutls_global_set_log_level(4711);
  79
  80         ret = gnutls_x509_crq_init(&crq);
  81         if (ret != 0)
  82                 fail("gnutls_x509_crq_init\n");
  83
  84         ret = gnutls_x509_privkey_init(&pkey);
  85         if (ret != 0)
  86                 fail("gnutls_x509_privkey_init\n");
  87
  88         ret = gnutls_x509_crt_init(&crt);
  89         if (ret != 0)
  90                 fail("gnutls_x509_crt_init\n");
  91
  92         ret = gnutls_x509_privkey_import(pkey, &key, GNUTLS_X509_FMT_PEM);
  93         if (ret != 0)
  94                 fail("gnutls_x509_privkey_import\n");
  95
  96         ret = gnutls_x509_crq_set_version(crq, 0);
  97         if (ret != 0)
  98                 fail("gnutls_x509_crq_set_version\n");
  99
 100         ret = gnutls_x509_crq_set_key(crq, pkey);
 101         if (ret != 0)
 102                 fail("gnutls_x509_crq_set_key\n");
 103
 104         s = 0;
 105         ret = gnutls_x509_crq_get_extension_info(crq, 0, NULL, &s, NULL);
 106         if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
 107                 fail("gnutls_x509_crq_get_extension_info\n");
 108
 109         ret = gnutls_x509_crq_set_basic_constraints(crq, 0, 0);
 110         if (ret != 0)
 111                 fail("gnutls_x509_crq_set_basic_constraints %d\n", ret);
 112
 113         ret = gnutls_x509_crq_set_key_usage(crq, 0);
 114         if (ret != 0)
 115                 fail("gnutls_x509_crq_set_key_usage %d\n", ret);
 116
 117         ret = gnutls_x509_crq_get_challenge_password(crq, NULL, &s);
 118         if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
 119                 fail("%d: gnutls_x509_crq_get_challenge_password %d: %s\n",
 120                      __LINE__, ret, gnutls_strerror(ret));
 121
 122         ret = gnutls_x509_crq_set_challenge_password(crq, "foo");
 123         if (ret != 0)
 124                 fail("gnutls_x509_crq_set_challenge_password %d\n", ret);
 125
 126         s = 0;
 127         ret = gnutls_x509_crq_get_challenge_password(crq, NULL, &s);
 128         if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER || s != 4)
 129                 fail("%d: gnutls_x509_crq_get_challenge_password %d: %s (passlen: %d)\n", __LINE__, ret, gnutls_strerror(ret), (int) s);
 130
 131         s = 10;
 132         ret = gnutls_x509_crq_get_challenge_password(crq, smallbuf, &s);
 133         if (ret != 0 || s != 3 || strcmp(smallbuf, "foo") != 0)
 134                 fail("%d: gnutls_x509_crq_get_challenge_password3 %d/%d/%s\n", __LINE__, ret, (int) s, smallbuf);
 135
 136         s = 0;
 137         ret = gnutls_x509_crq_get_extension_info(crq, 0, NULL, &s, NULL);
 138         if (ret != 0)
 139                 fail("gnutls_x509_crq_get_extension_info2\n");
 140
 141         s = 0;
 142         ret = gnutls_x509_crq_get_extension_data(crq, 0, NULL, &s);
 143         if (ret != 0)
 144                 fail("gnutls_x509_crq_get_extension_data\n");
 145
 146         ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME,
 147                                                    "foo", 3, 1);
 148         if (ret != 0)
 149                 fail("gnutls_x509_crq_set_subject_alt_name\n");
 150
 151         ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME,
 152                                                    "bar", 3, 1);
 153         if (ret != 0)
 154                 fail("gnutls_x509_crq_set_subject_alt_name\n");
 155
 156         ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME,
 157                                                    "apa", 3, 0);
 158         if (ret != 0)
 159                 fail("gnutls_x509_crq_set_subject_alt_name\n");
 160
 161         ret = gnutls_x509_crq_set_subject_alt_name(crq, GNUTLS_SAN_DNSNAME,
 162                                                    "foo", 3, 1);
 163         if (ret != 0)
 164                 fail("gnutls_x509_crq_set_subject_alt_name\n");
 165
 166         s = 0;
 167         ret = gnutls_x509_crq_get_key_purpose_oid(crq, 0, NULL, &s, NULL);
 168         if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
 169                 fail("gnutls_x509_crq_get_key_purpose_oid %d\n", ret);
 170
 171         s = 0;
 172         ret =
 173             gnutls_x509_crq_set_key_purpose_oid(crq,
 174                                                 GNUTLS_KP_TLS_WWW_SERVER,
 175                                                 0);
 176         if (ret != 0)
 177                 fail("gnutls_x509_crq_set_key_purpose_oid %d\n", ret);
 178
 179         s = 0;
 180         ret = gnutls_x509_crq_get_key_purpose_oid(crq, 0, NULL, &s, NULL);
 181         if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
 182                 fail("gnutls_x509_crq_get_key_purpose_oid %d\n", ret);
 183
 184         s = 0;
 185         ret =
 186             gnutls_x509_crq_set_key_purpose_oid(crq,
 187                                                 GNUTLS_KP_TLS_WWW_CLIENT,
 188                                                 1);
 189         if (ret != 0)
 190                 fail("gnutls_x509_crq_set_key_purpose_oid2 %d\n", ret);
 191
 192         ret = gnutls_x509_crq_print(crq, GNUTLS_CRT_PRINT_FULL, &out);
 193         if (ret != 0)
 194                 fail("gnutls_x509_crq_print\n");
 195         if (debug)
 196                 printf("crq: %.*s\n", out.size, out.data);
 197         gnutls_free(out.data);
 198
 199         ret = gnutls_x509_crt_set_version(crt, 3);
 200         if (ret != 0)
 201                 fail("gnutls_x509_crt_set_version\n");
 202
 203         ret = gnutls_x509_crt_set_crq_extensions(crt, crq);
 204         if (ret != 0)
 205                 fail("gnutls_x509_crt_set_crq_extensions\n");
 206
 207         ret = gnutls_x509_crt_print(crt, GNUTLS_CRT_PRINT_FULL, &out);
 208         if (ret != 0)
 209                 fail("gnutls_x509_crt_print\n");
 210         if (debug)
 211                 printf("crt: %.*s\n", out.size, out.data);
 212         gnutls_free(out.data);
 213
 214         gnutls_x509_crq_deinit(crq);
 215         gnutls_x509_crt_deinit(crt);
 216         gnutls_x509_privkey_deinit(pkey);
 217
 218         gnutls_global_deinit();
 219 }