1 /* $OpenBSD: x509_asn1.c,v 1.21 2023/12/13 05:57:37 tb Exp $ */
2 /*
3 * Copyright (c) 2023 Job Snijders <job@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18 /*
19 * This program tests whether the presence of "->enc.modified = 1;"
20 * in select X509 setter functions properly triggers invalidation of cached
21 * DER.
22 */
23
24 #include <err.h>
25 #include <stdio.h>
26 #include <string.h>
27
28 #include <openssl/evp.h>
29 #include <openssl/rsa.h>
30 #include <openssl/x509.h>
31
32 static void
x509_setup(unsigned char ** der,unsigned char ** der2,X509 ** x,long dersz,long * der2sz)33 x509_setup(unsigned char **der, unsigned char **der2, X509 **x,
34 long dersz, long *der2sz)
35 {
36 const unsigned char *cpder;
37
38 cpder = *der;
39 if ((*x = d2i_X509(NULL, &cpder, dersz)) == NULL)
40 errx(1, "d2i_X509");
41 if ((*der2sz = i2d_X509(*x, der2)) <= 0)
42 errx(1, "i2d_X509");
43 }
44
45 static void
x509_cleanup(X509 ** x,unsigned char ** der)46 x509_cleanup(X509 **x, unsigned char **der)
47 {
48 X509_free(*x);
49 *x = NULL;
50 free(*der);
51 *der = NULL;
52 }
53
54 static void
x509_set_integer(const char * descr,int (* f)(X509 *,ASN1_INTEGER *),X509 ** x,int i)55 x509_set_integer(const char *descr, int (*f)(X509 *, ASN1_INTEGER *), X509 **x,
56 int i)
57 {
58 ASN1_INTEGER *ai;
59
60 if ((ai = ASN1_INTEGER_new()) == NULL)
61 err(1, NULL);
62 if (!ASN1_INTEGER_set(ai, i))
63 errx(1, "ASN1_INTEGER_set");
64 if (!f(*x, ai))
65 errx(1, "%s: %s failed", __func__, descr);
66
67 ASN1_INTEGER_free(ai);
68 }
69
70 static void
x509_set_name(const char * descr,int (* f)(X509 *,X509_NAME *),X509 ** x,const unsigned char * n)71 x509_set_name(const char *descr, int (*f)(X509 *, X509_NAME *), X509 **x,
72 const unsigned char *n)
73 {
74 X509_NAME *xn;
75
76 if ((xn = X509_NAME_new()) == NULL)
77 err(1, NULL);
78 if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, n, -1, -1, 0))
79 errx(1, "X509_NAME_add_entry_by_txt");
80 if (!f(*x, xn))
81 errx(1, "%s: %s failed", __func__, descr);
82
83 X509_NAME_free(xn);
84 }
85
86 static void
x509_set_time(const char * descr,int (* f)(X509 *,const ASN1_TIME *),X509 ** x,int t)87 x509_set_time(const char *descr, int (*f)(X509 *, const ASN1_TIME *), X509 **x,
88 int t)
89 {
90 ASN1_TIME *at;
91
92 if ((at = X509_gmtime_adj(NULL, t)) == NULL)
93 errx(1, "X509_gmtime_adj");
94 if (!f(*x, at))
95 errx(1, "%s: %s failed", __func__, descr);
96
97 ASN1_TIME_free(at);
98 }
99
100 static int
x509_compare(char * f,X509 * a,const unsigned char * der,long dersz)101 x509_compare(char *f, X509 *a, const unsigned char *der, long dersz)
102 {
103 unsigned char *der_test = NULL;
104 long der_testsz;
105 int rc = 0;
106
107 if ((der_testsz = i2d_X509(a, &der_test)) <= 0)
108 errx(1, "i2d_X509");
109
110 if (dersz == der_testsz) {
111 if (memcmp(der, der_test, dersz) == 0) {
112 warnx("%s() stale version of encoding after i2d", f);
113 rc = 1;
114 } else
115 warnx("%s() OK", f);
116 } else
117 warnx("%s() OK", f);
118
119 free(der_test);
120 return rc;
121 }
122
123 static void
x509_crl_setup(unsigned char ** der,unsigned char ** der2,X509_CRL ** xc,long dersz,long * der2sz)124 x509_crl_setup(unsigned char **der, unsigned char **der2, X509_CRL **xc,
125 long dersz, long *der2sz)
126 {
127 const unsigned char *cpder;
128
129 cpder = *der;
130 if ((*xc = d2i_X509_CRL(NULL, &cpder, dersz)) == NULL)
131 errx(1, "d2i_X509");
132 if ((*der2sz = i2d_X509_CRL(*xc, der2)) <= 0)
133 errx(1, "i2d_X509");
134 }
135
136 static void
x509_crl_cleanup(X509_CRL ** xc,unsigned char ** der)137 x509_crl_cleanup(X509_CRL **xc, unsigned char **der)
138 {
139 X509_CRL_free(*xc);
140 *xc = NULL;
141 free(*der);
142 *der = NULL;
143 }
144
145 static void
x509_crl_set_name(const char * descr,int (* f)(X509_CRL *,X509_NAME *),X509_CRL ** xc,const unsigned char * n)146 x509_crl_set_name(const char *descr, int (*f)(X509_CRL *, X509_NAME *),
147 X509_CRL **xc, const unsigned char *n)
148 {
149 X509_NAME *xn;
150
151 if ((xn = X509_NAME_new()) == NULL)
152 err(1, NULL);
153 if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, n, -1, -1, 0))
154 errx(1, "X509_NAME_add_entry_by_txt");
155 if (!f(*xc, xn))
156 errx(1, "%s: %s failed", __func__, descr);
157
158 X509_NAME_free(xn);
159 }
160
161 static void
x509_crl_set_time(const char * descr,int (* f)(X509_CRL *,const ASN1_TIME *),X509_CRL ** xc,int t)162 x509_crl_set_time(const char *descr, int (*f)(X509_CRL *, const ASN1_TIME *),
163 X509_CRL **xc, int t)
164 {
165 ASN1_TIME *at;
166
167 if ((at = X509_gmtime_adj(NULL, t)) == NULL)
168 errx(1, "X509_gmtime_adj");
169 if (!f(*xc, at))
170 errx(1, "%s: %s failed", __func__, descr);
171
172 ASN1_TIME_free(at);
173 }
174
175 static int
x509_crl_compare(char * f,X509_CRL * ac,const unsigned char * der,long dersz)176 x509_crl_compare(char *f, X509_CRL *ac, const unsigned char *der, long dersz)
177 {
178 unsigned char *der_test = NULL;
179 long der_testsz;
180 int rc = 0;
181
182 if ((der_testsz = i2d_X509_CRL(ac, &der_test)) <= 0)
183 errx(1, "i2d_X509_CRL");
184
185 if (dersz == der_testsz) {
186 if (memcmp(der, der_test, dersz) == 0) {
187 warnx("%s() stale version of encoding after i2d", f);
188 rc = 1;
189 } else
190 warnx("%s() OK", f);
191 } else
192 warnx("%s() OK", f);
193
194 free(der_test);
195 return rc;
196 }
197
198 static int
test_x509_setters(void)199 test_x509_setters(void)
200 {
201 EVP_PKEY *pkey = NULL;
202 EVP_PKEY_CTX *pkey_ctx = NULL;
203 X509 *a, *x;
204 unsigned char *der = NULL, *der2 = NULL;
205 long dersz, der2sz;
206 int failed = 0;
207
208 if ((x = X509_new()) == NULL)
209 err(1, NULL);
210
211 if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
212 errx(1, "EVP_PKEY_CTX_new_id");
213 if (EVP_PKEY_keygen_init(pkey_ctx) != 1)
214 errx(1, "EVP_PKEY_keygen_init");
215 if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0)
216 errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits");
217 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
218 errx(1, "EVP_PKEY_keygen");
219 if (X509_set_pubkey(x, pkey) != 1)
220 errx(1, "X509_set_pubkey");
221
222 x509_set_integer("X509_set_serialNumber", X509_set_serialNumber, &x, 1);
223 x509_set_time("X509_set_notBefore", X509_set_notBefore, &x, 0);
224 x509_set_time("X509_set_notAfter", X509_set_notAfter, &x, 60);
225 x509_set_name("X509_set_issuer_name", X509_set_issuer_name, &x, "NL");
226 x509_set_name("X509_set_subject_name", X509_set_subject_name, &x, "BE");
227
228 /* one time creation of the original DER */
229 if (!X509_sign(x, pkey, EVP_sha256()))
230 errx(1, "X509_sign");
231 if ((dersz = i2d_X509(x, &der)) <= 0)
232 errx(1, "i2d_X509");
233
234 /* test X509_set_version */
235 x509_setup(&der, &der2, &a, dersz, &der2sz);
236 if (!X509_set_version(a, 2))
237 errx(1, "X509_set_version");
238 failed |= x509_compare("X509_set_version", a, der2, der2sz);
239 x509_cleanup(&a, &der2);
240
241 /* test X509_set_serialNumber */
242 x509_setup(&der, &der2, &a, dersz, &der2sz);
243 x509_set_integer("X509_set_serialNumber", X509_set_serialNumber, &a, 2);
244 failed |= x509_compare("X509_set_serialNumber", a, der2, der2sz);
245 x509_cleanup(&a, &der2);
246
247 /* test X509_set_issuer_name */
248 x509_setup(&der, &der2, &a, dersz, &der2sz);
249 x509_set_name("X509_set_issuer_name", X509_set_issuer_name, &a, "DE");
250 failed |= x509_compare("X509_set_issuer_name", a, der2, der2sz);
251 x509_cleanup(&a, &der2);
252
253 /* test X509_set_subject_name */
254 x509_setup(&der, &der2, &a, dersz, &der2sz);
255 x509_set_name("X509_set_subject_name", X509_set_subject_name, &a, "FR");
256 failed |= x509_compare("X509_set_subject_name", a, der2, der2sz);
257 x509_cleanup(&a, &der2);
258
259 /* test X509_set_notBefore */
260 x509_setup(&der, &der2, &a, dersz, &der2sz);
261 x509_set_time("X509_set_notBefore", X509_set_notBefore, &a, 120);
262 failed |= x509_compare("X509_set_notBefore", a, der2, der2sz);
263 x509_cleanup(&a, &der2);
264
265 /* test X509_set_notAfter */
266 x509_setup(&der, &der2, &a, dersz, &der2sz);
267 x509_set_time("X509_set_notAfter", X509_set_notAfter, &a, 180);
268 failed |= x509_compare("X509_set_notAfter", a, der2, der2sz);
269 x509_cleanup(&a, &der2);
270
271 /* test X509_set_pubkey */
272 x509_setup(&der, &der2, &a, dersz, &der2sz);
273 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
274 errx(1, "EVP_PKEY_keygen");
275 if (X509_set_pubkey(a, pkey) != 1)
276 errx(1, "X509_set_pubkey");
277 failed |= x509_compare("X509_set_pubkey", a, der2, der2sz);
278 x509_cleanup(&a, &der2);
279
280 EVP_PKEY_CTX_free(pkey_ctx);
281 EVP_PKEY_free(pkey);
282 X509_free(x);
283 free(der);
284
285 return failed;
286 }
287
288 static int
test_x509_crl_setters(void)289 test_x509_crl_setters(void)
290 {
291 EVP_PKEY *pkey = NULL;
292 EVP_PKEY_CTX *pkey_ctx = NULL;
293 X509_CRL *ac, *xc;
294 unsigned char *der = NULL, *der2 = NULL;
295 long dersz, der2sz;
296 int failed = 0;
297
298 if ((xc = X509_CRL_new()) == NULL)
299 err(1, NULL);
300
301 if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
302 errx(1, "EVP_PKEY_CTX_new_id");
303 if (EVP_PKEY_keygen_init(pkey_ctx) != 1)
304 errx(1, "EVP_PKEY_keygen_init");
305 if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0)
306 errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits");
307 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
308 errx(1, "EVP_PKEY_keygen");
309
310 x509_crl_set_time("X509_CRL_set_lastUpdate", X509_CRL_set_lastUpdate,
311 &xc, 0);
312 x509_crl_set_time("X509_CRL_set_nextUpdate", X509_CRL_set_nextUpdate,
313 &xc, 60);
314 x509_crl_set_name("X509_CRL_set_issuer_name", X509_CRL_set_issuer_name,
315 &xc, "NL");
316
317 /* one time creation of the original DER */
318 if (!X509_CRL_sign(xc, pkey, EVP_sha256()))
319 errx(1, "X509_CRL_sign");
320 if ((dersz = i2d_X509_CRL(xc, &der)) <= 0)
321 errx(1, "i2d_X509_CRL");
322
323 /* test X509_CRL_set_version */
324 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
325 if (!X509_CRL_set_version(ac, 1))
326 errx(1, "X509_CRL_set_version");
327 failed |= x509_crl_compare("X509_CRL_set_version", ac, der2, der2sz);
328 x509_crl_cleanup(&ac, &der2);
329
330 /* test X509_CRL_set_issuer_name */
331 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
332 x509_crl_set_name("X509_CRL_set_issuer_name", X509_CRL_set_issuer_name,
333 &ac, "DE");
334 failed |= x509_crl_compare("X509_CRL_set_issuer_name", ac, der2,
335 der2sz);
336 x509_crl_cleanup(&ac, &der2);
337
338 /* test X509_CRL_set_lastUpdate */
339 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
340 x509_crl_set_time("X509_CRL_set_lastUpdate", X509_CRL_set_lastUpdate,
341 &ac, 120);
342 failed |= x509_crl_compare("X509_CRL_set_lastUpdate", ac, der2, der2sz);
343 x509_crl_cleanup(&ac, &der2);
344
345 /* test X509_CRL_set_nextUpdate */
346 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
347 x509_crl_set_time("X509_CRL_set_nextUpdate", X509_CRL_set_nextUpdate,
348 &ac, 180);
349 failed |= x509_crl_compare("X509_CRL_set_nextUpdate", ac, der2, der2sz);
350 x509_crl_cleanup(&ac, &der2);
351
352 EVP_PKEY_free(pkey);
353 EVP_PKEY_CTX_free(pkey_ctx);
354 X509_CRL_free(xc);
355 free(der);
356
357 return failed;
358 }
359
360 static void
x509_req_setup(unsigned char ** der,unsigned char ** der2,X509_REQ ** xr,long dersz,long * der2sz)361 x509_req_setup(unsigned char **der, unsigned char **der2, X509_REQ **xr,
362 long dersz, long *der2sz)
363 {
364 const unsigned char *cpder;
365
366 cpder = *der;
367 if ((*xr = d2i_X509_REQ(NULL, &cpder, dersz)) == NULL)
368 errx(1, "d2i_X509");
369 if ((*der2sz = i2d_X509_REQ(*xr, der2)) <= 0)
370 errx(1, "i2d_X509");
371 }
372
373 static int
x509_req_compare(char * f,X509_REQ * xr,const unsigned char * der,long dersz)374 x509_req_compare(char *f, X509_REQ *xr, const unsigned char *der, long dersz)
375 {
376 unsigned char *der_test = NULL;
377 long der_testsz;
378 int rc = 0;
379
380 if ((der_testsz = i2d_X509_REQ(xr, &der_test)) <= 0)
381 errx(1, "i2d_X509_REQ");
382
383 if (dersz == der_testsz) {
384 if (memcmp(der, der_test, dersz) == 0) {
385 warnx("%s() stale version of encoding after i2d", f);
386 rc = 1;
387 } else
388 warnx("%s() OK", f);
389 } else
390 warnx("%s() OK", f);
391
392 free(der_test);
393 return rc;
394 }
395
396 static void
x509_req_cleanup(X509_REQ ** xr,unsigned char ** der)397 x509_req_cleanup(X509_REQ **xr, unsigned char **der)
398 {
399 X509_REQ_free(*xr);
400 *xr = NULL;
401 free(*der);
402 *der = NULL;
403 }
404
405 static int
test_x509_req_setters(void)406 test_x509_req_setters(void)
407 {
408 EVP_PKEY *pkey = NULL;
409 EVP_PKEY_CTX *pkey_ctx = NULL;
410 X509_REQ *ar = NULL, *xr = NULL;
411 unsigned char *der = NULL, *der2 = NULL;
412 X509_NAME *xn;
413 ASN1_OCTET_STRING *aos;
414 X509_EXTENSION *xe;
415 STACK_OF(X509_EXTENSION) *exts = NULL;
416 ASN1_OBJECT *coid;
417 X509_ATTRIBUTE *xa;
418 long dersz, der2sz;
419 int failed = 0;
420
421 if ((xr = X509_REQ_new()) == NULL)
422 err(1, NULL);
423
424 if (!X509_REQ_set_version(xr, 0))
425 errx(1, "X509_REQ_set_version");
426
427 if ((xn = X509_NAME_new()) == NULL)
428 err(1, NULL);
429 if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, "NL", -1, -1, 0))
430 errx(1, "X509_NAME_add_entry_by_txt");
431 if (!X509_REQ_set_subject_name(xr, xn))
432 errx(1, "X509_REQ_set_subject_name");
433
434 if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
435 errx(1, "EVP_PKEY_CTX_new_id");
436 if (EVP_PKEY_keygen_init(pkey_ctx) != 1)
437 errx(1, "EVP_PKEY_keygen_init");
438 if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0)
439 errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits");
440 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
441 errx(1, "EVP_PKEY_keygen");
442 if (!X509_REQ_set_pubkey(xr, pkey))
443 errx(1, "X509_REQ_set_pubkey");
444
445 if (!X509_REQ_sign(xr, pkey, EVP_sha256()))
446 errx(1, "X509_REQ_sign");
447 if ((dersz = i2d_X509_REQ(xr, &der)) <= 0)
448 errx(1, "i2d_X509_REQ");
449
450 /* test X509_REQ_add_extensions */
451 x509_req_setup(&der, &der2, &ar, dersz, &der2sz);
452 if ((aos = ASN1_OCTET_STRING_new()) == NULL)
453 err(1, NULL);
454 ASN1_OCTET_STRING_set(aos, (unsigned char *)"DNS: test.nl",
455 strlen("DNS: test.nl"));
456 if ((xe = X509_EXTENSION_new()) == NULL)
457 err(1, NULL);
458 if (!X509_EXTENSION_create_by_NID(&xe, NID_subject_alt_name, 0, aos))
459 errx(1, "X509_EXTENSION_create_by_NID");
460 if ((exts = sk_X509_EXTENSION_new_null()) == NULL)
461 errx(1, "sk_X509_EXTENSION_new_null");
462 sk_X509_EXTENSION_push(exts, xe);
463 if (!X509_REQ_add_extensions(ar, exts))
464 errx(1, "X509_REQ_add_extensions");
465 failed |= x509_req_compare("X509_REQ_add_extensions", ar, der2, der2sz);
466 x509_req_cleanup(&ar, &der2);
467
468 /* test X509_REQ_add1_attr */
469 x509_req_setup(&der, &der2, &ar, dersz, &der2sz);
470 if ((coid = OBJ_nid2obj(NID_pkcs7_data)) == NULL)
471 errx(1, "OBJ_nid2obj");
472 if ((xa = X509_ATTRIBUTE_create(NID_pkcs9_contentType, V_ASN1_OBJECT,
473 coid)) == NULL)
474 errx(1, "X509_ATTRIBUTE_create");
475 if (!X509_REQ_add1_attr(ar, xa))
476 errx(1, "X509_REQ_add1_attr");
477 failed |= x509_req_compare("X509_REQ_add1_attr", ar, der2, der2sz);
478 x509_req_cleanup(&ar, &der2);
479
480 ASN1_OBJECT_free(coid);
481 X509_NAME_free(xn);
482 ASN1_OCTET_STRING_free(aos);
483 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
484 X509_ATTRIBUTE_free(xa);
485 EVP_PKEY_free(pkey);
486 EVP_PKEY_CTX_free(pkey_ctx);
487 X509_REQ_free(xr);
488 free(der);
489
490 return failed;
491 }
492
493 static const struct testcase {
494 char *data;
495 int len;
496 int len_to_pass;
497 int encode_type;
498 int expected_result;
499 char *expected_string;
500 } testCases[] = {
501 /* should work */
502 {"fozzie", 6, 80, MBSTRING_ASC, 6, "fozzie"},
503 /* should work */
504 {"fozzie", 6, -1, MBSTRING_ASC, 6, ""},
505 /* should fail, truncation */
506 {"muppet", 6, 5, MBSTRING_ASC, -1, ""},
507 /* should fail, contains 0 byte */
508 {"g\0nzo", 5, 80, MBSTRING_ASC, -1, ""},
509 /* should fail, can't encode as utf-8 */
510 {"\x30\x00", 2, 80, V_ASN1_SEQUENCE, -1, ""},
511 };
512
513 #define NUM_TEST_CASES (sizeof(testCases) / sizeof(testCases[0]))
514
515 static int
test_x509_name_get(void)516 test_x509_name_get(void)
517 {
518 int failed = 0;
519 size_t i;
520
521 for (i = 0; i < NUM_TEST_CASES; i++) {
522 const struct testcase *test = testCases + i;
523 X509_NAME_ENTRY *entry = NULL;
524 X509_NAME *name = NULL;
525 char textbuf[80];
526 int result;
527
528 textbuf[0] = '\0';
529 if ((name = X509_NAME_new()) == NULL)
530 err(1, "X509_NAME_new");
531 if ((entry = X509_NAME_ENTRY_new()) == NULL)
532 err(1, "X509_NAME_ENTRY_new");
533 if (!X509_NAME_ENTRY_set_object(entry,
534 OBJ_nid2obj(NID_commonName)))
535 err(1, "X509_NAME_ENTRY_set_object");
536 if (!X509_NAME_ENTRY_set_data(entry, test->encode_type,
537 test->data, test->len))
538 err(1, "X509_NAME_ENTRY_set_data");
539 if (!X509_NAME_add_entry(name, entry, -1, 0))
540 err(1, "X509_NAME_add_entry");
541 if (test->len_to_pass == -1)
542 result = X509_NAME_get_text_by_NID(name, NID_commonName,
543 NULL, 0);
544 else
545 result = X509_NAME_get_text_by_NID(name, NID_commonName,
546 textbuf, test->len_to_pass);
547 if (result != test->expected_result) {
548 fprintf(stderr,
549 "Test %zu X509_GET_text_by_NID returned %d,"
550 "expected %d\n", i, result, test->expected_result);
551 failed++;
552 }
553 if (result != -1 &&
554 strcmp(test->expected_string, textbuf) != 0) {
555 fprintf(stderr,
556 "Test %zu, X509_GET_text_by_NID returned bytes do"
557 "not match \n", i);
558 failed++;
559 }
560 X509_NAME_ENTRY_free(entry);
561 X509_NAME_free(name);
562 }
563 return failed;
564 }
565
566 int
main(void)567 main(void)
568 {
569 int failed = 0;
570
571 failed |= test_x509_setters();
572 /* failed |= */ test_x509_crl_setters();
573 /* failed |= */ test_x509_req_setters();
574 failed |= test_x509_name_get();
575
576 OPENSSL_cleanup();
577
578 return failed;
579 }
580