mirrors/FreeRDP
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[crypto,test] update to new cert/crypto API

Browse Source
This commit is contained in:
akallabeth 2023-02-03 12:05:30 +01:00 committed by akallabeth
parent 7cd597015a
commit d1ddf7a6c7
3 changed files with 74 additions and 523 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libfreerdp/crypto/test/CMakeLists.txt
View File

@ -7,7 +7,7 @@ set(${MODULE_PREFIX}_DRIVER ${MODULE_NAME}.c)
set(${MODULE_PREFIX}_TESTS set(${MODULE_PREFIX}_TESTS
TestKnownHosts.c TestKnownHosts.c
TestBase64.c TestBase64.c
Test_x509_cert_info.c) Test_x509_utils.c)
create_test_sourcelist(${MODULE_PREFIX}_SRCS create_test_sourcelist(${MODULE_PREFIX}_SRCS
${${MODULE_PREFIX}_DRIVER} ${${MODULE_PREFIX}_DRIVER}

539
libfreerdp/crypto/test/TestKnownHosts.c
View File

@ -21,7 +21,7 @@
#include <winpr/file.h> #include <winpr/file.h>
#include <winpr/sysinfo.h> #include <winpr/sysinfo.h>
#include <freerdp/crypto/certificate.h> #include <freerdp/crypto/certificate_store.h>
/* Some certificates copied from /usr/share/ca-certificates */ /* Some certificates copied from /usr/share/ca-certificates */
static const char pem1[] = "-----BEGIN CERTIFICATE-----\n" static const char pem1[] = "-----BEGIN CERTIFICATE-----\n"
@ -183,405 +183,6 @@ fail:
return rc; return rc;
} }
/* Test if host is found in current file. */
static BOOL test_known_hosts_host_found(rdpCertificateStore* store)
{
BOOL rc = FALSE;
rdpCertificateData* stored_data = NULL;
rdpCertificateData* data;
printf("%s\n", __FUNCTION__);
data = certificate_data_new("someurl", 3389);
if (!data)
{
fprintf(stderr, "Could not create certificate data!\n");
goto finish;
}
if (!certificate_data_set_subject(data, "subject") ||
!certificate_data_set_issuer(data, "issuer") ||
!certificate_data_set_fingerprint(data, "ff:11:22:dd"))
goto finish;
if (0 != certificate_store_contains_data(store, data))
{
fprintf(stderr, "Could not find data in v2 file!\n");
goto finish;
}
/* Test if we can read out the old fingerprint. */
stored_data = certificate_store_load_data(store, certificate_data_get_host(data),
certificate_data_get_port(data));
if (!stored_data)
{
fprintf(stderr, "Could not read old fingerprint!\n");
goto finish;
}
printf("Got %s, %s '%s'\n", certificate_data_get_subject(stored_data),
certificate_data_get_issuer(stored_data), certificate_data_get_fingerprint(stored_data));
rc = TRUE;
finish:
printf("certificate_data_free %d\n", rc);
certificate_data_free(data);
certificate_data_free(stored_data);
return rc;
}
/* Test if host not found in current file. */
static BOOL test_known_hosts_host_not_found(rdpCertificateStore* store)
{
BOOL rc = FALSE;
rdpCertificateData* stored_data = NULL;
rdpCertificateData* data;
printf("%s\n", __FUNCTION__);
data = certificate_data_new("somehost", 1234);
if (!data)
{
fprintf(stderr, "Could not create certificate data!\n");
goto finish;
}
if (!certificate_data_set_fingerprint(data, "ff:aa:bb:cc"))
goto finish;
if (0 == certificate_store_contains_data(store, data))
{
fprintf(stderr, "Invalid host found in v2 file!\n");
goto finish;
}
/* Test if we read out the old fingerprint fails. */
stored_data = certificate_store_load_data(store, certificate_data_get_host(data),
certificate_data_get_port(data));
if (stored_data)
{
fprintf(stderr, "Read out not existing old fingerprint succeeded?!\n");
goto finish;
}
rc = TRUE;
finish:
printf("certificate_data_free %d\n", rc);
certificate_data_free(data);
certificate_data_free(stored_data);
return rc;
}
/* Test host add current file. */
static BOOL test_known_hosts_host_add(rdpCertificateStore* store)
{
BOOL rc = FALSE;
rdpCertificateData* data;
printf("%s\n", __FUNCTION__);
data = certificate_data_new("somehost", 1234);
if (!data)
{
fprintf(stderr, "Could not create certificate data!\n");
goto finish;
}
if (!certificate_data_set_subject(data, "ff:aa:bb:cc") ||
!certificate_data_set_issuer(data, "ff:aa:bb:cc") ||
!certificate_data_set_fingerprint(data, "ff:aa:bb:cc"))
goto finish;
if (!certificate_store_save_data(store, data))
{
fprintf(stderr, "Could not add host to file!\n");
goto finish;
}
if (0 != certificate_store_contains_data(store, data))
{
fprintf(stderr, "Could not find host written in v2 file!\n");
goto finish;
}
rc = TRUE;
finish:
printf("certificate_data_free %d\n", rc);
certificate_data_free(data);
return rc;
}
/* Test host add NULL subject, issuer current file. */
static BOOL test_known_hosts_host_add_remove_null(rdpCertificateStore* store)
{
BOOL rc = FALSE;
rdpCertificateData* data;
printf("%s\n", __FUNCTION__);
data = certificate_data_new("somehost", 1234);
if (!data)
{
fprintf(stderr, "Could not create certificate data!\n");
goto finish;
}
if (!certificate_data_set_subject(data, NULL) || !certificate_data_set_issuer(data, NULL) ||
!certificate_data_set_fingerprint(data, "ff:aa:bb:cc"))
goto finish;
if (!certificate_store_save_data(store, data))
{
fprintf(stderr, "Could not add host to file!\n");
goto finish;
}
if (0 != certificate_store_contains_data(store, data))
{
fprintf(stderr, "Could not find host written in v2 file!\n");
goto finish;
}
if (!certificate_store_remove_data(store, data))
{
fprintf(stderr, "Could not remove host written in v2 file!\n");
goto finish;
}
rc = TRUE;
finish:
printf("certificate_data_free %d\n", rc);
certificate_data_free(data);
return rc;
}
/* Test host replace current file. */
static BOOL test_known_hosts_host_replace(rdpCertificateStore* store)
{
BOOL rc = FALSE;
rdpCertificateData* data;
printf("%s\n", __FUNCTION__);
data = certificate_data_new("somehost", 1234);
if (!data)
{
fprintf(stderr, "Could not create certificate data!\n");
goto finish;
}
if (!certificate_data_set_subject(data, "ff:aa:xx:cc") ||
!certificate_data_set_issuer(data, "ff:aa:bb:ee") ||
!certificate_data_set_fingerprint(data, "ff:aa:bb:dd:ee"))
goto finish;
if (!certificate_store_save_data(store, data))
{
fprintf(stderr, "Could not replace data!\n");
goto finish;
}
if (0 != certificate_store_contains_data(store, data))
{
fprintf(stderr, "Invalid host found in v2 file!\n");
goto finish;
}
rc = TRUE;
finish:
printf("certificate_data_free %d\n", rc);
certificate_data_free(data);
return rc;
}
/* Test host replace invalid entry in current file. */
static BOOL test_known_hosts_host_replace_invalid(rdpCertificateStore* store)
{
BOOL rc = FALSE;
rdpCertificateData* data;
printf("%s\n", __FUNCTION__);
data = certificate_data_new(NULL, 1234);
if (data)
{
fprintf(stderr, "Could create invalid certificate data!\n");
goto finish;
}
if (certificate_data_set_fingerprint(data, "ff:aa:bb:dd:ee"))
goto finish;
if (certificate_store_save_data(store, data))
{
fprintf(stderr, "Invalid return for replace invalid entry!\n");
goto finish;
}
if (0 == certificate_store_contains_data(store, data))
{
fprintf(stderr, "Invalid host found in v2 file!\n");
goto finish;
}
rc = TRUE;
finish:
printf("certificate_data_free %d\n", rc);
certificate_data_free(data);
return rc;
}
static BOOL test_known_hosts_file_emtpy_single(BOOL (*fkt)(rdpCertificateStore* store))
{
BOOL rc = FALSE;
rdpSettings* settings = NULL;
rdpCertificateStore* store = NULL;
char* currentFileV2 = NULL;
printf("%s", __FUNCTION__);
if (!fkt)
return FALSE;
if (!setup_config(&settings))
goto finish;
if (!freerdp_settings_set_bool(settings, FreeRDP_CertificateUseKnownHosts, TRUE))
goto finish;
currentFileV2 =
GetCombinedPath(freerdp_settings_get_string(settings, FreeRDP_ConfigPath), "known_hosts2");
if (!currentFileV2)
{
fprintf(stderr, "Could not get file path!\n");
goto finish;
}
printf("certificate_store_new\n");
store = certificate_store_new(settings);
if (!store)
{
fprintf(stderr, "Could not create certificate store!\n");
goto finish;
}
rc = fkt(store);
finish:
freerdp_settings_free(settings);
printf("certificate_store_free\n");
certificate_store_free(store);
DeleteFileA(currentFileV2);
free(currentFileV2);
return rc;
}
static BOOL test_known_hosts_file_empty(void)
{
BOOL rc = FALSE;
if (test_known_hosts_file_emtpy_single(test_known_hosts_host_found))
{
fprintf(stderr, "[%s] test_known_hosts_file_emtpy_single failed\n", __FUNCTION__);
goto finish;
}
if (!test_known_hosts_file_emtpy_single(test_known_hosts_host_not_found))
{
fprintf(stderr, "[%s] test_known_hosts_file_emtpy_single failed\n", __FUNCTION__);
goto finish;
}
if (!test_known_hosts_file_emtpy_single(test_known_hosts_host_add))
{
fprintf(stderr, "[%s] test_known_hosts_file_emtpy_single failed\n", __FUNCTION__);
goto finish;
}
if (!test_known_hosts_file_emtpy_single(test_known_hosts_host_add_remove_null))
{
fprintf(stderr, "[%s] test_known_hosts_file_emtpy_single failed\n", __FUNCTION__);
goto finish;
}
if (!test_known_hosts_file_emtpy_single(test_known_hosts_host_replace))
{
fprintf(stderr, "[%s] test_known_hosts_file_emtpy_single failed\n", __FUNCTION__);
goto finish;
}
if (!test_known_hosts_file_emtpy_single(test_known_hosts_host_replace_invalid))
{
fprintf(stderr, "[%s] test_known_hosts_file_emtpy_single failed\n", __FUNCTION__);
goto finish;
}
rc = TRUE;
finish:
return rc;
}
static BOOL test_known_hosts_file(void)
{
BOOL rc = FALSE;
rdpSettings* settings = NULL;
rdpCertificateStore* store = NULL;
char* currentFileV2 = NULL;
printf("%s", __FUNCTION__);
if (!setup_config(&settings))
goto finish;
if (!freerdp_settings_set_bool(settings, FreeRDP_CertificateUseKnownHosts, TRUE))
goto finish;
currentFileV2 =
GetCombinedPath(freerdp_settings_get_string(settings, FreeRDP_ConfigPath), "known_hosts2");
if (!currentFileV2)
{
fprintf(stderr, "Could not get file path!\n");
goto finish;
}
printf("certificate_store_new\n");
store = certificate_store_new(settings);
if (!store)
{
fprintf(stderr, "Could not create certificate store!\n");
goto finish;
}
if (prepare(currentFileV2))
goto finish;
if (!test_known_hosts_host_found(store))
goto finish;
if (!test_known_hosts_host_not_found(store))
goto finish;
if (!test_known_hosts_host_add(store))
goto finish;
if (!test_known_hosts_host_add_remove_null(store))
goto finish;
if (!test_known_hosts_host_replace(store))
goto finish;
if (!test_known_hosts_host_replace_invalid(store))
goto finish;
rc = TRUE;
finish:
freerdp_settings_free(settings);
printf("certificate_store_free\n");
certificate_store_free(store);
winpr_DeleteFile(currentFileV2);
free(currentFileV2);
return rc;
}
static BOOL equal(const char* a, const char* b) static BOOL equal(const char* a, const char* b)
{ {
if (!a && !b) if (!a && !b)
@ -595,46 +196,29 @@ static BOOL compare(const rdpCertificateData* data, const rdpCertificateData* st
{ {
if (!data || !stored) if (!data || !stored)
return FALSE; return FALSE;
if (!equal(certificate_data_get_subject(data), certificate_data_get_subject(stored))) if (!equal(freerdp_certificate_data_get_subject(data),
freerdp_certificate_data_get_subject(stored)))
return FALSE; return FALSE;
if (!equal(certificate_data_get_issuer(data), certificate_data_get_issuer(stored))) if (!equal(freerdp_certificate_data_get_issuer(data),
freerdp_certificate_data_get_issuer(stored)))
return FALSE; return FALSE;
if (!equal(certificate_data_get_fingerprint(data), certificate_data_get_fingerprint(stored))) if (!equal(freerdp_certificate_data_get_fingerprint(data),
freerdp_certificate_data_get_fingerprint(stored)))
return FALSE; return FALSE;
return TRUE; return TRUE;
} }
static BOOL pem_equal(const char* a, const char* b) static BOOL pem_equal(const char* a, const char* b)
{ {
BOOL rc = FALSE; return strcmp(a, b) == 0;
size_t sa = strlen(a);
size_t sb = strlen(b);
X509* x1 = crypto_cert_from_pem(a, sa, FALSE);
X509* x2 = crypto_cert_from_pem(b, sb, FALSE);
char* f1 = NULL;
char* f2 = NULL;
if (!x1 || !x2)
goto fail;
f1 = crypto_cert_fingerprint(x1);
f2 = crypto_cert_fingerprint(x1);
if (!f1 || !f2)
goto fail;
rc = strcmp(f1, f2) == 0;
fail:
free(f1);
free(f2);
X509_free(x1);
X509_free(x2);
return rc;
} }
static BOOL compare_ex(const rdpCertificateData* data, const rdpCertificateData* stored) static BOOL compare_ex(const rdpCertificateData* data, const rdpCertificateData* stored)
{ {
if (!compare(data, stored)) if (!compare(data, stored))
return FALSE; return FALSE;
if (!pem_equal(certificate_data_get_pem(data), certificate_data_get_pem(stored))) if (!pem_equal(freerdp_certificate_data_get_pem(data),
freerdp_certificate_data_get_pem(stored)))
return FALSE; return FALSE;
return TRUE; return TRUE;
@ -643,30 +227,30 @@ static BOOL compare_ex(const rdpCertificateData* data, const rdpCertificateData*
static BOOL test_get_data(rdpCertificateStore* store, const rdpCertificateData* data) static BOOL test_get_data(rdpCertificateStore* store, const rdpCertificateData* data)
{ {
BOOL res; BOOL res;
rdpCertificateData* stored = certificate_store_load_data(store, certificate_data_get_host(data), rdpCertificateData* stored = freerdp_certificate_store_load_data(
certificate_data_get_port(data)); store, freerdp_certificate_data_get_host(data), freerdp_certificate_data_get_port(data));
if (!stored) if (!stored)
return FALSE; return FALSE;
res = compare(data, stored); res = compare(data, stored);
certificate_data_free(stored); freerdp_certificate_data_free(stored);
return res; return res;
} }
static BOOL test_get_data_ex(rdpCertificateStore* store, const rdpCertificateData* data) static BOOL test_get_data_ex(rdpCertificateStore* store, const rdpCertificateData* data)
{ {
BOOL res; BOOL res;
rdpCertificateData* stored = certificate_store_load_data(store, certificate_data_get_host(data), rdpCertificateData* stored = freerdp_certificate_store_load_data(
certificate_data_get_port(data)); store, freerdp_certificate_data_get_host(data), freerdp_certificate_data_get_port(data));
if (!stored) if (!stored)
return FALSE; return FALSE;
res = compare_ex(data, stored); res = compare_ex(data, stored);
certificate_data_free(stored); freerdp_certificate_data_free(stored);
return res; return res;
} }
static BOOL test_certs_dir(BOOL useHostsFile) static BOOL test_certs_dir(void)
{ {
BOOL rc = FALSE; BOOL rc = FALSE;
rdpSettings* settings = NULL; rdpSettings* settings = NULL;
@ -676,41 +260,26 @@ static BOOL test_certs_dir(BOOL useHostsFile)
rdpCertificateData* data3 = NULL; rdpCertificateData* data3 = NULL;
rdpCertificateData* data4 = NULL; rdpCertificateData* data4 = NULL;
printf("%s %d\n", __FUNCTION__, useHostsFile); printf("%s\n", __FUNCTION__);
if (!setup_config(&settings)) if (!setup_config(&settings))
goto fail; goto fail;
/* Initialize certificate folder backend */
if (!freerdp_settings_set_bool(settings, FreeRDP_CertificateUseKnownHosts, useHostsFile)) printf("freerdp_certificate_store_new()\n");
goto fail; store = freerdp_certificate_store_new(settings);
printf("certificate_store_new()\n");
store = certificate_store_new(settings);
if (!store) if (!store)
goto fail; goto fail;
{ {
printf("certificate_data_new()\n"); printf("freerdp_certificate_data_new()\n");
data1 = certificate_data_new("somehost", 1234); data1 = freerdp_certificate_data_new_from_pem("somehost", 1234, pem1, strlen(pem1));
data2 = certificate_data_new("otherhost", 4321); data2 = freerdp_certificate_data_new_from_pem("otherhost", 4321, pem2, strlen(pem2));
data3 = certificate_data_new("otherhost4", 444); data3 = freerdp_certificate_data_new_from_pem("otherhost4", 444, pem3, strlen(pem3));
data4 = certificate_data_new("otherhost", 4321); data4 = freerdp_certificate_data_new_from_pem("otherhost", 4321, pem4, strlen(pem4));
if (!data1 || !data2 || !data3 || !data4) if (!data1 || !data2 || !data3 || !data4)
goto fail; goto fail;
printf("certificate_data_set_pem(1 [%" PRIuz "])\n", strlen(pem1));
if (!certificate_data_set_pem(data1, pem1))
goto fail;
printf("certificate_data_set_pem(2 [%" PRIuz "])\n", strlen(pem2));
if (!certificate_data_set_pem(data2, pem2))
goto fail;
printf("certificate_data_set_pem(3 [%" PRIuz "])\n", strlen(pem3));
if (!certificate_data_set_pem(data3, pem3))
goto fail;
printf("certificate_data_set_pem(4 [%" PRIuz "])\n", strlen(pem4));
if (!certificate_data_set_pem(data4, pem4))
goto fail;
/* Find non existing in empty store */ /* Find non existing in empty store */
printf("certificate_store_load_data on empty store\n"); printf("freerdp_certificate_store_load_data on empty store\n");
if (test_get_data(store, data1)) if (test_get_data(store, data1))
goto fail; goto fail;
if (test_get_data_ex(store, data1)) if (test_get_data_ex(store, data1))
@ -725,26 +294,26 @@ static BOOL test_certs_dir(BOOL useHostsFile)
goto fail; goto fail;
/* Add certificates */ /* Add certificates */
printf("certificate_store_save_data\n"); printf("freerdp_certificate_store_save_data\n");
if (!certificate_store_save_data(store, data1)) if (!freerdp_certificate_store_save_data(store, data1))
goto fail; goto fail;
if (!certificate_store_save_data(store, data2)) if (!freerdp_certificate_store_save_data(store, data2))
goto fail; goto fail;
/* Find non existing in non empty store */ /* Find non existing in non empty store */
printf("certificate_store_load_data on filled store, non existing value\n"); printf("freerdp_certificate_store_load_data on filled store, non existing value\n");
if (test_get_data(store, data3)) if (test_get_data(store, data3))
goto fail; goto fail;
if (test_get_data_ex(store, data3)) if (test_get_data_ex(store, data3))
goto fail; goto fail;
/* Add remaining certs */ /* Add remaining certs */
printf("certificate_store_save_data\n"); printf("freerdp_certificate_store_save_data\n");
if (!certificate_store_save_data(store, data3)) if (!freerdp_certificate_store_save_data(store, data3))
goto fail; goto fail;
/* Check existing can all be found */ /* Check existing can all be found */
printf("certificate_store_load_data on filled store, existing value\n"); printf("freerdp_certificate_store_load_data on filled store, existing value\n");
if (!test_get_data(store, data1)) if (!test_get_data(store, data1))
goto fail; goto fail;
if (!test_get_data_ex(store, data1)) if (!test_get_data_ex(store, data1))
@ -759,34 +328,34 @@ static BOOL test_certs_dir(BOOL useHostsFile)
goto fail; goto fail;
/* Modify existing entry */ /* Modify existing entry */
printf("certificate_store_save_data modify data\n"); printf("freerdp_certificate_store_save_data modify data\n");
if (!certificate_store_save_data(store, data4)) if (!freerdp_certificate_store_save_data(store, data4))
goto fail; goto fail;
/* Check new data is in store */ /* Check new data is in store */
printf("certificate_store_load_data check modified data can be loaded\n"); printf("freerdp_certificate_store_load_data check modified data can be loaded\n");
if (!test_get_data(store, data4)) if (!test_get_data(store, data4))
goto fail; goto fail;
if (!test_get_data_ex(store, data4)) if (!test_get_data_ex(store, data4))
goto fail; goto fail;
/* Check old data is no longer valid */ /* Check old data is no longer valid */
printf("certificate_store_load_data check original data no longer there\n"); printf("freerdp_certificate_store_load_data check original data no longer there\n");
if (test_get_data(store, data2)) if (test_get_data(store, data2))
goto fail; goto fail;
if (test_get_data_ex(store, data2)) if (test_get_data_ex(store, data2))
goto fail; goto fail;
/* Delete a cert */ /* Delete a cert */
printf("certificate_store_remove_data\n"); printf("freerdp_certificate_store_remove_data\n");
if (!certificate_store_remove_data(store, data3)) if (!freerdp_certificate_store_remove_data(store, data3))
goto fail; goto fail;
/* Delete non existing, should succeed */ /* Delete non existing, should succeed */
printf("certificate_store_remove_data missing value\n"); printf("freerdp_certificate_store_remove_data missing value\n");
if (!certificate_store_remove_data(store, data3)) if (!freerdp_certificate_store_remove_data(store, data3))
goto fail; goto fail;
printf("certificate_store_load_data on filled store, existing value\n"); printf("freerdp_certificate_store_load_data on filled store, existing value\n");
if (!test_get_data(store, data1)) if (!test_get_data(store, data1))
goto fail; goto fail;
if (!test_get_data_ex(store, data1)) if (!test_get_data_ex(store, data1))
@ -796,7 +365,7 @@ static BOOL test_certs_dir(BOOL useHostsFile)
if (!test_get_data_ex(store, data4)) if (!test_get_data_ex(store, data4))
goto fail; goto fail;
printf("certificate_store_load_data on filled store, removed value\n"); printf("freerdp_certificate_store_load_data on filled store, removed value\n");
if (test_get_data(store, data3)) if (test_get_data(store, data3))
goto fail; goto fail;
if (test_get_data_ex(store, data3)) if (test_get_data_ex(store, data3))
@ -805,12 +374,12 @@ static BOOL test_certs_dir(BOOL useHostsFile)
rc = TRUE; rc = TRUE;
fail: fail:
printf("certificate_data_free %d\n", rc); printf("freerdp_certificate_data_free %d\n", rc);
certificate_data_free(data1); freerdp_certificate_data_free(data1);
certificate_data_free(data2); freerdp_certificate_data_free(data2);
certificate_data_free(data3); freerdp_certificate_data_free(data3);
certificate_data_free(data4); freerdp_certificate_data_free(data4);
certificate_store_free(store); freerdp_certificate_store_free(store);
freerdp_settings_free(settings); freerdp_settings_free(settings);
return rc; return rc;
} }
@ -819,14 +388,8 @@ int TestKnownHosts(int argc, char* argv[])
{ {
WINPR_UNUSED(argc); WINPR_UNUSED(argc);
WINPR_UNUSED(argv); WINPR_UNUSED(argv);
if (!test_known_hosts_file_empty())
return -1;
if (!test_known_hosts_file()) if (!test_certs_dir())
return -1;
if (!test_certs_dir(FALSE))
return -1;
if (!test_certs_dir(TRUE))
return -1; return -1;
return 0; return 0;
} }

56
libfreerdp/crypto/test/Test_x509_cert_info.c → libfreerdp/crypto/test/Test_x509_utils.c
View File

@ -1,7 +1,7 @@
#include <winpr/file.h> #include <winpr/file.h>
#include <freerdp/crypto/crypto.h> #include "../x509_utils.h"
typedef char* (*get_field_pr)(X509*); typedef char* (*get_field_pr)(const X509*);
typedef struct typedef struct
{ {
enum enum
@ -14,10 +14,10 @@ typedef struct
const char* expected_result; const char* expected_result;
} certificate_test_t; } certificate_test_t;
static char* crypto_cert_subject_common_name_wo_length(X509* xcert) static char* x509_utils_subject_common_name_wo_length(const X509* xcert)
{ {
int length; size_t length = 0;
return crypto_cert_subject_common_name(xcert, &length); return x509_utils_get_common_name(xcert, &length);
} }
static char* certificate_path(void) static char* certificate_path(void)
@ -63,43 +63,33 @@ static char* certificate_path(void)
static const certificate_test_t certificate_tests[] = { static const certificate_test_t certificate_tests[] = {
{ ENABLED, "Certificate Common Name", crypto_cert_subject_common_name_wo_length, { ENABLED, "Certificate Common Name", x509_utils_subject_common_name_wo_length,
"TESTJEAN TESTMARTIN 9999999" }, "TESTJEAN TESTMARTIN 9999999" },
{ ENABLED, "Certificate subject", crypto_cert_subject, { ENABLED, "Certificate subject", x509_utils_get_subject,
"CN = TESTJEAN TESTMARTIN 9999999, C = FR, O = MINISTERE DES TESTS, OU = 0002 110014016, OU " "CN = TESTJEAN TESTMARTIN 9999999, C = FR, O = MINISTERE DES TESTS, OU = 0002 110014016, OU "
"= PERSONNES, UID = 9999999, GN = TESTJEAN, SN = TESTMARTIN" }, "= PERSONNES, UID = 9999999, GN = TESTJEAN, SN = TESTMARTIN" },
{ DISABLED, "Kerberos principal name", 0, "testjean.testmartin@kpn.test.example.com" }, { DISABLED, "Kerberos principal name", 0, "testjean.testmartin@kpn.test.example.com" },
{ ENABLED, "Certificate e-mail", crypto_cert_get_email, "testjean.testmartin@test.example.com" { ENABLED, "Certificate e-mail", x509_utils_get_email, "testjean.testmartin@test.example.com"
}, },
{ ENABLED, "Microsoft's Universal Principal Name", crypto_cert_get_upn, { ENABLED, "Microsoft's Universal Principal Name", x509_utils_get_upn,
"testjean.testmartin.9999999@upn.test.example.com" }, "testjean.testmartin.9999999@upn.test.example.com" },
{ ENABLED, "Certificate issuer", crypto_cert_issuer, { ENABLED, "Certificate issuer", x509_utils_get_issuer,
"CN = ADMINISTRATION CENTRALE DES TESTS, C = FR, O = MINISTERE DES TESTS, OU = 0002 " "CN = ADMINISTRATION CENTRALE DES TESTS, C = FR, O = MINISTERE DES TESTS, OU = 0002 "
"110014016" }, "110014016" },
}; };
static int TestCertificateFile(const char* certificate_path, static int TestCertificateFile(const char* certificate_path,
const certificate_test_t* ccertificate_tests, int count) const certificate_test_t* ccertificate_tests, size_t count)
{ {
X509* certificate;
FILE* certificate_file = winpr_fopen(certificate_path, "r");
int success = 0; int success = 0;
int i;
if (!certificate_file) X509* certificate = x509_utils_from_pem(certificate_path, strlen(certificate_path), TRUE);
{
printf("%s: failure: cannot open certificate file '%s'\n", __FUNCTION__, certificate_path);
return -1;
}
certificate = PEM_read_X509(certificate_file, 0, 0, 0);
fclose(certificate_file);
if (!certificate) if (!certificate)
{ {
@ -108,28 +98,27 @@ static int TestCertificateFile(const char* certificate_path,
goto fail; goto fail;
} }
for (i = 0; i < count; i++) for (size_t i = 0; i < count; i++)
{ {
const certificate_test_t* test = &ccertificate_tests[i];
char* result; char* result;
if (ccertificate_tests[i].status == DISABLED) if (test->status == DISABLED)
{ {
continue; continue;
} }
result = result = (test->get_field ? test->get_field(certificate) : 0);
(ccertificate_tests[i].get_field ? ccertificate_tests[i].get_field(certificate) : 0);
if (result) if (result)
{ {
printf("%s: crypto got %-40s -> \"%s\"\n", __FUNCTION__, printf("%s: crypto got %-40s -> \"%s\"\n", __FUNCTION__, test->field_description,
ccertificate_tests[i].field_description, result); result);
if (0 != strcmp(result, ccertificate_tests[i].expected_result)) if (0 != strcmp(result, test->expected_result))
{ {
printf("%s: failure: for %s, actual: \"%s\", expected \"%s\"\n", __FUNCTION__, printf("%s: failure: for %s, actual: \"%s\", expected \"%s\"\n", __FUNCTION__,
ccertificate_tests[i].field_description, result, test->field_description, result, test->expected_result);
ccertificate_tests[i].expected_result);
success = -1; success = -1;
} }
@ -137,8 +126,7 @@ static int TestCertificateFile(const char* certificate_path,
} }
else else
{ {
printf("%s: failure: cannot get %s\n", __FUNCTION__, printf("%s: failure: cannot get %s\n", __FUNCTION__, test->field_description);
ccertificate_tests[i].field_description);
} }
} }
@ -147,7 +135,7 @@ fail:
return success; return success;
} }
int Test_x509_cert_info(int argc, char* argv[]) int Test_x509_utils(int argc, char* argv[])
{ {
char* cert_path = certificate_path(); char* cert_path = certificate_path();
int ret; int ret;