xref: /aosp_15_r20/external/mbedtls/tests/suites/test_suite_pkcs7.function (revision 62c56f9862f102b96d72393aff6076c951fb8148) 
1/* BEGIN_HEADER */
2#include "mbedtls/bignum.h"
3#include "mbedtls/pkcs7.h"
4#include "mbedtls/x509.h"
5#include "mbedtls/x509_crt.h"
6#include "mbedtls/x509_crl.h"
7#include "mbedtls/oid.h"
8#include "sys/types.h"
9#include "sys/stat.h"
10#include "mbedtls/rsa.h"
11#include "mbedtls/error.h"
12/* END_HEADER */
13
14/* BEGIN_DEPENDENCIES
15 * depends_on:MBEDTLS_PKCS7_C
16 * END_DEPENDENCIES
17 */
18/* BEGIN_SUITE_HELPERS */
19int pkcs7_parse_buffer(unsigned char *pkcs7_buf, int buflen)
20{
21    int res;
22    mbedtls_pkcs7 pkcs7;
23
24    mbedtls_pkcs7_init(&pkcs7);
25    res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen);
26    mbedtls_pkcs7_free(&pkcs7);
27    return res;
28}
29/* END_SUITE_HELPERS */
30
31/* BEGIN_CASE */
32void pkcs7_asn1_fail(data_t *pkcs7_buf)
33{
34    int res;
35    res = pkcs7_parse_buffer(pkcs7_buf->x, pkcs7_buf->len);
36    TEST_ASSERT(res != MBEDTLS_PKCS7_SIGNED_DATA);
37
38}
39/* END_CASE */
40
41/* BEGIN_CASE depends_on:MBEDTLS_FS_IO */
42void pkcs7_parse(char *pkcs7_file, int res_expect)
43{
44    unsigned char *pkcs7_buf = NULL;
45    size_t buflen;
46    int res;
47
48    res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen);
49    TEST_EQUAL(res, 0);
50
51    res = pkcs7_parse_buffer(pkcs7_buf, buflen);
52    TEST_EQUAL(res, res_expect);
53
54exit:
55    mbedtls_free(pkcs7_buf);
56}
57/* END_CASE */
58
59/* BEGIN_CASE depends_on:MBEDTLS_FS_IO:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_PKCS1_V15:MBEDTLS_RSA_C */
60void pkcs7_verify(char *pkcs7_file,
61                  char *crt_files,
62                  char *filetobesigned,
63                  int do_hash_alg,
64                  int res_expect)
65{
66    unsigned char *pkcs7_buf = NULL;
67    size_t buflen, i, k, cnt = 0, n_crts = 1;
68    unsigned char *data = NULL;
69    char **crt_files_arr = NULL;
70    unsigned char *hash = NULL;
71    struct stat st;
72    size_t datalen;
73    int res;
74    FILE *file;
75    const mbedtls_md_info_t *md_info;
76    mbedtls_pkcs7 pkcs7;
77    mbedtls_x509_crt **crts = NULL;
78
79    MD_OR_USE_PSA_INIT();
80
81    mbedtls_pkcs7_init(&pkcs7);
82
83    /* crt_files are space seprated list */
84    for (i = 0; i < strlen(crt_files); i++) {
85        if (crt_files[i] == ' ') {
86            n_crts++;
87        }
88    }
89
90    TEST_CALLOC(crts, n_crts);
91    TEST_CALLOC(crt_files_arr, n_crts);
92
93    for (i = 0; i < strlen(crt_files); i++) {
94        for (k = i; k < strlen(crt_files); k++) {
95            if (crt_files[k] == ' ') {
96                break;
97            }
98        }
99        TEST_CALLOC(crt_files_arr[cnt], (k-i)+1);
100        crt_files_arr[cnt][k-i] = '\0';
101        memcpy(crt_files_arr[cnt++], crt_files + i, k-i);
102        i = k;
103    }
104
105    for (i = 0; i < n_crts; i++) {
106        TEST_CALLOC(crts[i], 1);
107        mbedtls_x509_crt_init(crts[i]);
108    }
109
110    res = mbedtls_pk_load_file(pkcs7_file, &pkcs7_buf, &buflen);
111    TEST_EQUAL(res, 0);
112
113    res = mbedtls_pkcs7_parse_der(&pkcs7, pkcs7_buf, buflen);
114    TEST_EQUAL(res, MBEDTLS_PKCS7_SIGNED_DATA);
115
116    TEST_EQUAL(pkcs7.signed_data.no_of_signers, n_crts);
117
118    for (i = 0; i < n_crts; i++) {
119        res = mbedtls_x509_crt_parse_file(crts[i], crt_files_arr[i]);
120        TEST_EQUAL(res, 0);
121    }
122
123    res = stat(filetobesigned, &st);
124    TEST_EQUAL(res, 0);
125
126    file = fopen(filetobesigned, "rb");
127    TEST_ASSERT(file != NULL);
128
129    datalen = st.st_size;
130    /* Special-case for zero-length input so that data will be non-NULL */
131    TEST_CALLOC(data, datalen == 0 ? 1 : datalen);
132    buflen = fread((void *) data, sizeof(unsigned char), datalen, file);
133    TEST_EQUAL(buflen, datalen);
134
135    fclose(file);
136
137    if (do_hash_alg) {
138        md_info = mbedtls_md_info_from_type((mbedtls_md_type_t) do_hash_alg);
139        TEST_CALLOC(hash, mbedtls_md_get_size(md_info));
140        res = mbedtls_md(md_info, data, datalen, hash);
141        TEST_EQUAL(res, 0);
142
143        for (i = 0; i < n_crts; i++) {
144            res =
145                mbedtls_pkcs7_signed_hash_verify(&pkcs7, crts[i], hash,
146                                                 mbedtls_md_get_size(md_info));
147            TEST_EQUAL(res, res_expect);
148        }
149    } else {
150        for (i = 0; i < n_crts; i++) {
151            res = mbedtls_pkcs7_signed_data_verify(&pkcs7, crts[i], data, datalen);
152            TEST_EQUAL(res, res_expect);
153        }
154    }
155
156exit:
157    for (i = 0; i < n_crts; i++) {
158        mbedtls_x509_crt_free(crts[i]);
159        mbedtls_free(crts[i]);
160        mbedtls_free(crt_files_arr[i]);
161    }
162    mbedtls_free(hash);
163    mbedtls_pkcs7_free(&pkcs7);
164    mbedtls_free(crt_files_arr);
165    mbedtls_free(crts);
166    mbedtls_free(data);
167    mbedtls_free(pkcs7_buf);
168    MD_OR_USE_PSA_DONE();
169}
170/* END_CASE */
171