2 * Copyright (C) 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
4 * Author: David Marín Carreño
6 * This file is part of GnuTLS.
8 * GnuTLS is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * GnuTLS is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with GnuTLS; if not, write to the Free Software Foundation,
20 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
30 #include <gnutls/gnutls.h>
31 #include <gnutls/x509.h>
32 #include <gnutls/abstract.h>
37 tls_log_func (int level, const char *str)
39 fprintf (stderr, "%s |<%d>| %s", "crq_key_id", level, str);
45 gnutls_x509_privkey_t pkey;
46 gnutls_privkey_t abs_pkey;
47 gnutls_x509_crq_t crq;
49 size_t pkey_key_id_len;
50 unsigned char *pkey_key_id = NULL;
52 size_t crq_key_id_len;
53 unsigned char *crq_key_id = NULL;
55 gnutls_pk_algorithm_t algorithm;
59 ret = gnutls_global_init ();
61 fail ("gnutls_global_init: %d\n", ret);
63 gnutls_global_set_log_function (tls_log_func);
65 gnutls_global_set_log_level (4711);
67 for (algorithm = GNUTLS_PK_RSA; algorithm <= GNUTLS_PK_DSA; algorithm++)
69 ret = gnutls_x509_crq_init (&crq);
71 fail ("gnutls_x509_crq_init: %d\n", ret);
73 ret = gnutls_x509_privkey_init (&pkey);
76 fail ("gnutls_x509_privkey_init: %d\n", ret);
79 ret = gnutls_privkey_init (&abs_pkey);
82 fail ("gnutls_privkey_init: %d\n", ret);
85 ret = gnutls_x509_privkey_generate (pkey, algorithm, 1024, 0);
88 fail ("gnutls_x509_privkey_generate (rsa): %d\n", ret);
92 success ("Key[%s] generation ok: %d\n",
93 gnutls_pk_algorithm_get_name (algorithm), ret);
97 ret = gnutls_x509_privkey_get_key_id (pkey, 0, pkey_key_id,
99 if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
101 fail ("gnutls_x509_privkey_get_key_id incorrectly returns %d\n",
105 pkey_key_id = malloc (sizeof (unsigned char) * pkey_key_id_len);
106 ret = gnutls_x509_privkey_get_key_id (pkey, 0, pkey_key_id,
108 if (ret != GNUTLS_E_SUCCESS)
110 fail ("gnutls_x509_privkey_get_key_id incorrectly returns %d\n",
114 ret = gnutls_x509_crq_set_version (crq, 1);
117 fail ("gnutls_x509_crq_set_version: %d\n", ret);
120 ret = gnutls_x509_crq_set_key (crq, pkey);
123 fail ("gnutls_x509_crq_set_key: %d\n", ret);
126 ret = gnutls_x509_crq_set_dn_by_oid (crq, GNUTLS_OID_X520_COMMON_NAME,
130 fail ("gnutls_x509_crq_set_dn_by_oid: %d\n", ret);
133 ret = gnutls_privkey_import_x509( abs_pkey, pkey, 0);
136 fail ("gnutls_privkey_import_x509: %d\n", ret);
139 ret = gnutls_x509_crq_privkey_sign (crq, abs_pkey, GNUTLS_DIG_SHA1, 0);
142 fail ("gnutls_x509_crq_sign: %d\n", ret);
145 ret = gnutls_x509_crq_verify (crq, 0);
148 fail ("gnutls_x509_crq_verify: %d\n", ret);
152 ret = gnutls_x509_crq_get_key_id (crq, 0, crq_key_id, &crq_key_id_len);
153 if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
155 fail ("gnutls_x509_crq_get_key_id incorrectly returns %d\n", ret);
158 crq_key_id = malloc (sizeof (unsigned char) * crq_key_id_len);
159 ret = gnutls_x509_crq_get_key_id (crq, 0, crq_key_id, &crq_key_id_len);
160 if (ret != GNUTLS_E_SUCCESS)
162 fail ("gnutls_x509_crq_get_key_id incorrectly returns %d\n", ret);
165 if (crq_key_id_len == pkey_key_id_len)
167 ret = memcmp (crq_key_id, pkey_key_id, crq_key_id_len);
171 success ("Key ids are identical. OK.\n");
175 fail ("Key ids differ incorrectly: %d\n", ret);
180 fail ("Key_id lengths differ incorrectly: %d - %d\n",
181 (int) crq_key_id_len, (int) pkey_key_id_len);
197 gnutls_x509_crq_deinit (crq);
198 gnutls_x509_privkey_deinit (pkey);
199 gnutls_privkey_deinit (abs_pkey);
202 gnutls_global_deinit ();