1 /*
2 * Copyright 2014-2022 The GmSSL Project. All Rights Reserved.
3 *
4 * Licensed under the Apache License, Version 2.0 (the License); you may
5 * not use this file except in compliance with the License.
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 */
9
10
11 #include <stdio.h>
12 #include <string.h>
13 #include <stdlib.h>
14 #include <gmssl/oid.h>
15 #include <gmssl/x509_alg.h>
16 #include <gmssl/x509_oid.h>
17 #include <gmssl/x509_crl.h>
18 #include <gmssl/x509.h>
19 #include <gmssl/rand.h>
20 #include <gmssl/error.h>
21
22
test_x509_crl_reason(void)23 static int test_x509_crl_reason(void)
24 {
25 uint8_t buf[256];
26 uint8_t *p = buf;
27 const uint8_t *cp = buf;
28 size_t len = 0;
29 int reason;
30 int i;
31
32 for (i = 0; i < 11; i++) {
33 if (x509_crl_reason_to_der(i, &p, &len) != 1) {
34 error_print();
35 return -1;
36 }
37 format_bytes(stderr, 0, 4, "", buf, len);
38 }
39 for (i = 0; i < 11; i++) {
40 if (x509_crl_reason_from_der(&reason, &cp, &len) != 1
41 || asn1_check(reason == i) != 1) {
42 error_print();
43 return -1;
44 }
45 format_print(stderr, 0, 4, "%s (%d)\n", x509_crl_reason_name(reason), reason);
46 }
47 (void)asn1_length_is_zero(len);
48 printf("%s() ok\n", __FUNCTION__);
49 return 1;
50 }
51
test_x509_crl_entry_ext(void)52 static int test_x509_crl_entry_ext(void)
53 {
54 int exts[] = {
55 OID_ce_crl_reasons,
56 OID_ce_invalidity_date,
57 OID_ce_certificate_issuer,
58 };
59 uint8_t buf[256];
60 uint8_t *p = buf;
61 const uint8_t *cp = buf;
62 size_t len = 0;
63 int oid;
64 int i;
65
66 for (i = 0; i < sizeof(exts)/sizeof(exts[0]); i++) {
67 if (x509_crl_entry_ext_id_to_der(exts[i], &p, &len) != 1) {
68 error_print();
69 return -1;
70 }
71 format_bytes(stderr, 0, 4, "", buf, len);
72 }
73 for (i = 0; i < sizeof(exts)/sizeof(exts[0]); i++) {
74 if (x509_crl_entry_ext_id_from_der(&oid, &cp, &len) != 1
75 || asn1_check(oid == exts[i]) != 1) {
76 error_print();
77 return -1;
78 }
79 format_print(stderr, 0, 4, "%s\n", x509_crl_entry_ext_id_name(oid));
80 }
81 (void)asn1_length_is_zero(len);
82 printf("%s() ok\n", __FUNCTION__);
83 return 1;
84 }
85
test_x509_crl_entry_exts(void)86 static int test_x509_crl_entry_exts(void)
87 {
88 uint8_t exts[256];
89 size_t extslen = 0;
90 int reason = X509_cr_key_compromise;
91 time_t tv;
92 uint8_t issuer[256];
93 size_t issuer_len = 0;
94 int critical = 1;
95
96 uint8_t buf[512];
97 uint8_t *p = buf;
98 const uint8_t *cp = buf;
99 size_t len = 0;
100
101 time(&tv);
102 if (x509_crl_entry_exts_add_reason(exts, &extslen, sizeof(exts), critical, reason) != 1
103 || x509_crl_entry_exts_add_invalidity_date(exts, &extslen, sizeof(exts), critical, tv) != 1
104 || x509_crl_entry_exts_add_certificate_issuer(exts, &extslen, sizeof(exts), critical, issuer, issuer_len) != 1
105 || x509_crl_entry_exts_to_der(exts, extslen, &p, &len) != 1) {
106 error_print();
107 return -1;
108 }
109 x509_crl_entry_exts_print(stderr, 0, 0, "CRLEntryExtensions", exts, extslen);
110
111 printf("%s() ok\n", __FUNCTION__);
112 return 1;
113 }
114
test_x509_revoked_cert(void)115 static int test_x509_revoked_cert(void)
116 {
117 uint8_t serial[20] = { 0x01,0x02 };
118 time_t revoke_date;
119
120 uint8_t buf[512];
121 uint8_t *p = buf;
122 const uint8_t *cp = buf;
123 size_t len = 0;
124
125 const uint8_t *d;
126 size_t dlen;
127
128 time(&revoke_date);
129 if (x509_revoked_cert_to_der(serial, sizeof(serial), revoke_date, NULL, 0, &p, &len) != 1
130 || asn1_sequence_from_der(&d, &dlen, &cp, &len) != 1
131 || asn1_length_is_zero(len) != 1) {
132 error_print();
133 return -1;
134 }
135 x509_revoked_cert_print(stderr, 0, 0, "RevokedCertificate", d, dlen);
136
137 return 1;
138 }
139
140
main(void)141 int main(void)
142 {
143 if (test_x509_crl_reason() != 1) goto err;
144 if (test_x509_crl_entry_ext() != 1) goto err;
145 if (test_x509_crl_entry_exts() != 1) goto err;
146 if (test_x509_revoked_cert() != 1) goto err;
147 printf("%s all tests passed\n", __FILE__);
148 return 0;
149 err:
150 error_print();
151 return 1;
152 }
153