tests/x509_altname.c

   1 /*
   2  * Copyright (C) 2006, 2007, 2008, 2010 Free Software Foundation, Inc.
   3  * Author: Simon Josefsson, Howard Chu
   4  *
   5  * This file is part of GnuTLS.
   6  *
   7  * GnuTLS is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License as published by
   9  * the Free Software Foundation; either version 3 of the License, or
  10  * (at your option) any later version.
  11  *
  12  * GnuTLS is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  15  * General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with GnuTLS; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
  20  */
  21
  22 #ifdef HAVE_CONFIG_H
  23 #include "config.h"
  24 #endif
  25
  26 #include <stdio.h>
  27
  28 #include <gnutls/gnutls.h>
  29 #include <gnutls/x509.h>
  30 #include "utils.h"
  31
  32 static char pem[] =
  33   "-----BEGIN CERTIFICATE-----\n"
  34   "MIIE6zCCA9OgAwIBAgIBdjANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJTRTEf\n"
  35   "MB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEgMB4GA1UEAxMXU3RvY2to\n"
  36   "b2xtIFVuaXZlcnNpdHkgQ0EwHhcNMDYwMzIyMDkxNTI4WhcNMDcwMzIyMDkxNTI4\n"
  37   "WjBDMQswCQYDVQQGEwJTRTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRl\n"
  38   "dDETMBEGA1UEAxMKc2lwMS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC\n"
  39   "gYEArUzXTD36ZK7CwZJH/faUNTcdaqM7JyiZsfrO703d7cT/bJ3wKxT8trOOh/Ou\n"
  40   "WwgGFX2+r7ykun3aIUXUuD13Yle/yHqH/4g9vWX7UeFCBlSI0tAxnlqt0QqlPgSd\n"
  41   "GLHcoO4PPyjon9jj0A/zpJGZHiRUCooo63YqE9MYfr5HBfkCAwEAAaOCAl8wggJb\n"
  42   "MAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD\n"
  43   "VR0OBBYEFDpcXNHMLJ7fc/c72BtZseq4MDXFMH8GA1UdIwR4MHaAFJ4uMLo32VFE\n"
  44   "yZ2/GCHxvX7utYZIoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBV\n"
  45   "bml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kg\n"
  46   "UG9saWN5IENBggEQMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jYS5zdS5zZS8y\n"
  47   "MDA1LTEvY3JsLXYyLmNybDB5BgNVHSAEcjBwMG4GCCqFcCsCAQEBMGIwHwYIKwYB\n"
  48   "BQUHAgEWE2h0dHA6Ly9jYS5zdS5zZS9DUFMwPwYIKwYBBQUHAgIwMxoxTGltaXRl\n"
  49   "ZCBMaWFiaWxpdHksIHNlZSBodHRwOi8vd3d3LnN3dXBraS5zdS5zZS9DUDAkBgNV\n"
  50   "HRIEHTAbgQhjYUBzdS5zZYYPaHR0cDovL2NhLnN1LnNlMIG3BgNVHREEga8wgayC\n"
  51   "F2luY29taW5ncHJveHkuc2lwLnN1LnNlghhpbmNvbWluZ3Byb3h5MS5zaXAuc3Uu\n"
  52   "c2WCF291dGdvaW5ncHJveHkuc2lwLnN1LnNlghhvdXRnb2luZ3Byb3h5MS5zaXAu\n"
  53   "c3Uuc2WCDW91dC5zaXAuc3Uuc2WCE2FwcHNlcnZlci5zaXAuc3Uuc2WCFGFwcHNl\n"
  54   "cnZlcjEuc2lwLnN1LnNlggpzaXAxLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAR\n"
  55   "FYg7ytcph0E7WmvM44AN/8qru7tRX6aSFWrjLyVr/1Wk4prCK4y5JpfNw5dh9Z8f\n"
  56   "/gyFsr1iFsb6fS3nJTTd3fVlWRfcNCGIx5g8KuSb3u6f7VznkGOeiRMRESQc1G8B\n"
  57   "eh0zbdZS7BYO2g9EKlbGST5PwQnc4g9K7pqPyKSNVkzb60Nujg/+qYje7MCcN+ZR\n"
  58   "nUBo6U2NZ06/QEUFm+uUIhZ8IGM1gLehC7Q3G4+d4c38CDJxQnSPOgWiXuSvhhQm\n"
  59   "KDsbrKzRaeBRh5eEJbTkA8Dp0Emb0UrkRVhixeg97stxUcATAjdGljJ9MLnuHXnI\n"
  60   "7ihGdUfg5q/105vpsQpO\n" "-----END CERTIFICATE-----\n";
  61
  62 #define MAX_DATA_SIZE 1024
  63
  64 void
  65 doit (void)
  66 {
  67   int ret;
  68   gnutls_datum_t derCert = { pem, sizeof (pem) };
  69   gnutls_x509_crt_t cert;
  70   size_t data_len = MAX_DATA_SIZE;
  71   char data[MAX_DATA_SIZE];
  72   unsigned int critical = 0;
  73   int alt_name_count = 0;
  74
  75   ret = gnutls_global_init ();
  76   if (ret < 0)
  77     fail ("init %d\n", ret);
  78
  79   ret = gnutls_x509_crt_init (&cert);
  80   if (ret < 0)
  81     fail ("crt_init %d\n", ret);
  82
  83   ret = gnutls_x509_crt_import (cert, &derCert, GNUTLS_X509_FMT_PEM);
  84   if (ret < 0)
  85     fail ("crt_import %d\n", ret);
  86
  87   for (alt_name_count = 0;; ++alt_name_count)
  88     {
  89       ret =
  90         gnutls_x509_crt_get_issuer_alt_name (cert, alt_name_count, data,
  91                                              &data_len, &critical);
  92       if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
  93         break;
  94
  95       if (ret < 0)
  96         fail ("get_issuer_alt_name: %d\n", ret);
  97
  98       // TODO: print out / check results
  99       if (GNUTLS_SAN_URI == ret)
 100         {
 101           if (strcmp (data, "http://ca.su.se") != 0)
 102             {
 103               fail ("unexpected issuer GNUTLS_SAN_URI: %s\n", data);
 104             }
 105         }
 106       else if (GNUTLS_SAN_RFC822NAME == ret)
 107         {
 108           if (strcmp (data, "ca@su.se") != 0)
 109             {
 110               fail ("unexpected issuer GNUTLS_SAN_RFC822NAME: %s\n", data);
 111             }
 112         }
 113       else
 114         {
 115           fail ("unexpected alt name type: %d\n", ret);
 116         }
 117       data_len = MAX_DATA_SIZE;
 118     }
 119
 120   if (alt_name_count != 2)
 121     {
 122       fail ("unexpected number of alt names: %i\n", alt_name_count);
 123     }
 124
 125   if (debug)
 126     success ("done\n");
 127
 128   gnutls_x509_crt_deinit (cert);
 129   gnutls_global_deinit ();
 130 }