xref: /openbsd-src/regress/lib/libcrypto/x509/x509_asn1.c (revision 43723609ebc35cae6b6407c0644cf078461f2bf6)
1 /* $OpenBSD: x509_asn1.c,v 1.21 2023/12/13 05:57:37 tb Exp $ */
2 /*
3  * Copyright (c) 2023 Job Snijders <job@openbsd.org>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 /*
19  * This program tests whether the presence of "->enc.modified = 1;"
20  * in select X509 setter functions properly triggers invalidation of cached
21  * DER.
22  */
23 
24 #include <err.h>
25 #include <stdio.h>
26 #include <string.h>
27 
28 #include <openssl/evp.h>
29 #include <openssl/rsa.h>
30 #include <openssl/x509.h>
31 
32 static void
x509_setup(unsigned char ** der,unsigned char ** der2,X509 ** x,long dersz,long * der2sz)33 x509_setup(unsigned char **der, unsigned char **der2, X509 **x,
34     long dersz, long *der2sz)
35 {
36 	const unsigned char *cpder;
37 
38 	cpder = *der;
39 	if ((*x = d2i_X509(NULL, &cpder, dersz)) == NULL)
40 		errx(1, "d2i_X509");
41 	if ((*der2sz = i2d_X509(*x, der2)) <= 0)
42 		errx(1, "i2d_X509");
43 }
44 
45 static void
x509_cleanup(X509 ** x,unsigned char ** der)46 x509_cleanup(X509 **x, unsigned char **der)
47 {
48 	X509_free(*x);
49 	*x = NULL;
50 	free(*der);
51 	*der = NULL;
52 }
53 
54 static void
x509_set_integer(const char * descr,int (* f)(X509 *,ASN1_INTEGER *),X509 ** x,int i)55 x509_set_integer(const char *descr, int (*f)(X509 *, ASN1_INTEGER *), X509 **x,
56     int i)
57 {
58 	ASN1_INTEGER *ai;
59 
60 	if ((ai = ASN1_INTEGER_new()) == NULL)
61 		err(1, NULL);
62 	if (!ASN1_INTEGER_set(ai, i))
63 		errx(1, "ASN1_INTEGER_set");
64 	if (!f(*x, ai))
65 		errx(1, "%s: %s failed", __func__, descr);
66 
67 	ASN1_INTEGER_free(ai);
68 }
69 
70 static void
x509_set_name(const char * descr,int (* f)(X509 *,X509_NAME *),X509 ** x,const unsigned char * n)71 x509_set_name(const char *descr, int (*f)(X509 *, X509_NAME *), X509 **x,
72     const unsigned char *n)
73 {
74 	X509_NAME *xn;
75 
76 	if ((xn = X509_NAME_new()) == NULL)
77 		err(1, NULL);
78 	if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, n, -1, -1, 0))
79 		errx(1, "X509_NAME_add_entry_by_txt");
80 	if (!f(*x, xn))
81 		errx(1, "%s: %s failed", __func__, descr);
82 
83 	X509_NAME_free(xn);
84 }
85 
86 static void
x509_set_time(const char * descr,int (* f)(X509 *,const ASN1_TIME *),X509 ** x,int t)87 x509_set_time(const char *descr, int (*f)(X509 *, const ASN1_TIME *), X509 **x,
88     int t)
89 {
90 	ASN1_TIME *at;
91 
92 	if ((at = X509_gmtime_adj(NULL, t)) == NULL)
93 		errx(1, "X509_gmtime_adj");
94 	if (!f(*x, at))
95 		errx(1, "%s: %s failed", __func__, descr);
96 
97 	ASN1_TIME_free(at);
98 }
99 
100 static int
x509_compare(char * f,X509 * a,const unsigned char * der,long dersz)101 x509_compare(char *f, X509 *a, const unsigned char *der, long dersz)
102 {
103 	unsigned char *der_test = NULL;
104 	long der_testsz;
105 	int rc = 0;
106 
107 	if ((der_testsz = i2d_X509(a, &der_test)) <= 0)
108 		errx(1, "i2d_X509");
109 
110 	if (dersz == der_testsz) {
111 		if (memcmp(der, der_test, dersz) == 0) {
112 			warnx("%s() stale version of encoding after i2d", f);
113 			rc = 1;
114 		} else
115 			warnx("%s() OK", f);
116 	} else
117 		warnx("%s() OK", f);
118 
119 	free(der_test);
120 	return rc;
121 }
122 
123 static void
x509_crl_setup(unsigned char ** der,unsigned char ** der2,X509_CRL ** xc,long dersz,long * der2sz)124 x509_crl_setup(unsigned char **der, unsigned char **der2, X509_CRL **xc,
125     long dersz, long *der2sz)
126 {
127 	const unsigned char *cpder;
128 
129 	cpder = *der;
130 	if ((*xc = d2i_X509_CRL(NULL, &cpder, dersz)) == NULL)
131 		errx(1, "d2i_X509");
132 	if ((*der2sz = i2d_X509_CRL(*xc, der2)) <= 0)
133 		errx(1, "i2d_X509");
134 }
135 
136 static void
x509_crl_cleanup(X509_CRL ** xc,unsigned char ** der)137 x509_crl_cleanup(X509_CRL **xc, unsigned char **der)
138 {
139 	X509_CRL_free(*xc);
140 	*xc = NULL;
141 	free(*der);
142 	*der = NULL;
143 }
144 
145 static void
x509_crl_set_name(const char * descr,int (* f)(X509_CRL *,X509_NAME *),X509_CRL ** xc,const unsigned char * n)146 x509_crl_set_name(const char *descr, int (*f)(X509_CRL *, X509_NAME *),
147     X509_CRL **xc, const unsigned char *n)
148 {
149 	X509_NAME *xn;
150 
151 	if ((xn = X509_NAME_new()) == NULL)
152 		err(1, NULL);
153 	if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, n, -1, -1, 0))
154 		errx(1, "X509_NAME_add_entry_by_txt");
155 	if (!f(*xc, xn))
156 		errx(1, "%s: %s failed", __func__, descr);
157 
158 	X509_NAME_free(xn);
159 }
160 
161 static void
x509_crl_set_time(const char * descr,int (* f)(X509_CRL *,const ASN1_TIME *),X509_CRL ** xc,int t)162 x509_crl_set_time(const char *descr, int (*f)(X509_CRL *, const ASN1_TIME *),
163     X509_CRL **xc, int t)
164 {
165 	ASN1_TIME *at;
166 
167 	if ((at = X509_gmtime_adj(NULL, t)) == NULL)
168 		errx(1, "X509_gmtime_adj");
169 	if (!f(*xc, at))
170 		errx(1, "%s: %s failed", __func__, descr);
171 
172 	ASN1_TIME_free(at);
173 }
174 
175 static int
x509_crl_compare(char * f,X509_CRL * ac,const unsigned char * der,long dersz)176 x509_crl_compare(char *f, X509_CRL *ac, const unsigned char *der, long dersz)
177 {
178 	unsigned char *der_test = NULL;
179 	long der_testsz;
180 	int rc = 0;
181 
182 	if ((der_testsz = i2d_X509_CRL(ac, &der_test)) <= 0)
183 		errx(1, "i2d_X509_CRL");
184 
185 	if (dersz == der_testsz) {
186 		if (memcmp(der, der_test, dersz) == 0) {
187 			warnx("%s() stale version of encoding after i2d", f);
188 			rc = 1;
189 		} else
190 			warnx("%s() OK", f);
191 	} else
192 		warnx("%s() OK", f);
193 
194 	free(der_test);
195 	return rc;
196 }
197 
198 static int
test_x509_setters(void)199 test_x509_setters(void)
200 {
201 	EVP_PKEY *pkey = NULL;
202 	EVP_PKEY_CTX *pkey_ctx = NULL;
203 	X509 *a, *x;
204 	unsigned char *der = NULL, *der2 = NULL;
205 	long dersz, der2sz;
206 	int failed = 0;
207 
208 	if ((x = X509_new()) == NULL)
209 		err(1, NULL);
210 
211 	if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
212 		errx(1, "EVP_PKEY_CTX_new_id");
213 	if (EVP_PKEY_keygen_init(pkey_ctx) != 1)
214 		errx(1, "EVP_PKEY_keygen_init");
215 	if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0)
216 		errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits");
217 	if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
218 		errx(1, "EVP_PKEY_keygen");
219 	if (X509_set_pubkey(x, pkey) != 1)
220 		errx(1, "X509_set_pubkey");
221 
222 	x509_set_integer("X509_set_serialNumber", X509_set_serialNumber, &x, 1);
223 	x509_set_time("X509_set_notBefore", X509_set_notBefore, &x, 0);
224 	x509_set_time("X509_set_notAfter", X509_set_notAfter, &x, 60);
225 	x509_set_name("X509_set_issuer_name", X509_set_issuer_name, &x, "NL");
226 	x509_set_name("X509_set_subject_name", X509_set_subject_name, &x, "BE");
227 
228 	/* one time creation of the original DER */
229 	if (!X509_sign(x, pkey, EVP_sha256()))
230 		errx(1, "X509_sign");
231 	if ((dersz = i2d_X509(x, &der)) <= 0)
232 		errx(1, "i2d_X509");
233 
234 	/* test X509_set_version */
235 	x509_setup(&der, &der2, &a, dersz, &der2sz);
236 	if (!X509_set_version(a, 2))
237 		errx(1, "X509_set_version");
238 	failed |= x509_compare("X509_set_version", a, der2, der2sz);
239 	x509_cleanup(&a, &der2);
240 
241 	/* test X509_set_serialNumber */
242 	x509_setup(&der, &der2, &a, dersz, &der2sz);
243 	x509_set_integer("X509_set_serialNumber", X509_set_serialNumber, &a, 2);
244 	failed |= x509_compare("X509_set_serialNumber", a, der2, der2sz);
245 	x509_cleanup(&a, &der2);
246 
247 	/* test X509_set_issuer_name */
248 	x509_setup(&der, &der2, &a, dersz, &der2sz);
249 	x509_set_name("X509_set_issuer_name", X509_set_issuer_name, &a, "DE");
250 	failed |= x509_compare("X509_set_issuer_name", a, der2, der2sz);
251 	x509_cleanup(&a, &der2);
252 
253 	/* test X509_set_subject_name */
254 	x509_setup(&der, &der2, &a, dersz, &der2sz);
255 	x509_set_name("X509_set_subject_name", X509_set_subject_name, &a, "FR");
256 	failed |= x509_compare("X509_set_subject_name", a, der2, der2sz);
257 	x509_cleanup(&a, &der2);
258 
259 	/* test X509_set_notBefore */
260 	x509_setup(&der, &der2, &a, dersz, &der2sz);
261 	x509_set_time("X509_set_notBefore", X509_set_notBefore, &a, 120);
262 	failed |= x509_compare("X509_set_notBefore", a, der2, der2sz);
263 	x509_cleanup(&a, &der2);
264 
265 	/* test X509_set_notAfter */
266 	x509_setup(&der, &der2, &a, dersz, &der2sz);
267 	x509_set_time("X509_set_notAfter", X509_set_notAfter, &a, 180);
268 	failed |= x509_compare("X509_set_notAfter", a, der2, der2sz);
269 	x509_cleanup(&a, &der2);
270 
271 	/* test X509_set_pubkey */
272 	x509_setup(&der, &der2, &a, dersz, &der2sz);
273 	if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
274 		errx(1, "EVP_PKEY_keygen");
275 	if (X509_set_pubkey(a, pkey) != 1)
276 		errx(1, "X509_set_pubkey");
277 	failed |= x509_compare("X509_set_pubkey", a, der2, der2sz);
278 	x509_cleanup(&a, &der2);
279 
280 	EVP_PKEY_CTX_free(pkey_ctx);
281 	EVP_PKEY_free(pkey);
282 	X509_free(x);
283 	free(der);
284 
285 	return failed;
286 }
287 
288 static int
test_x509_crl_setters(void)289 test_x509_crl_setters(void)
290 {
291 	EVP_PKEY *pkey = NULL;
292 	EVP_PKEY_CTX *pkey_ctx = NULL;
293 	X509_CRL *ac, *xc;
294 	unsigned char *der = NULL, *der2 = NULL;
295 	long dersz, der2sz;
296 	int failed = 0;
297 
298 	if ((xc = X509_CRL_new()) == NULL)
299 		err(1, NULL);
300 
301 	if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
302 		errx(1, "EVP_PKEY_CTX_new_id");
303 	if (EVP_PKEY_keygen_init(pkey_ctx) != 1)
304 		errx(1, "EVP_PKEY_keygen_init");
305 	if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0)
306 		errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits");
307 	if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
308 		errx(1, "EVP_PKEY_keygen");
309 
310 	x509_crl_set_time("X509_CRL_set_lastUpdate", X509_CRL_set_lastUpdate,
311 	    &xc, 0);
312 	x509_crl_set_time("X509_CRL_set_nextUpdate", X509_CRL_set_nextUpdate,
313 	    &xc, 60);
314 	x509_crl_set_name("X509_CRL_set_issuer_name", X509_CRL_set_issuer_name,
315 	    &xc, "NL");
316 
317 	/* one time creation of the original DER */
318 	if (!X509_CRL_sign(xc, pkey, EVP_sha256()))
319 		errx(1, "X509_CRL_sign");
320 	if ((dersz = i2d_X509_CRL(xc, &der)) <= 0)
321 		errx(1, "i2d_X509_CRL");
322 
323 	/* test X509_CRL_set_version */
324 	x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
325 	if (!X509_CRL_set_version(ac, 1))
326 		errx(1, "X509_CRL_set_version");
327 	failed |= x509_crl_compare("X509_CRL_set_version", ac, der2, der2sz);
328 	x509_crl_cleanup(&ac, &der2);
329 
330 	/* test X509_CRL_set_issuer_name */
331 	x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
332 	x509_crl_set_name("X509_CRL_set_issuer_name", X509_CRL_set_issuer_name,
333 	    &ac, "DE");
334 	failed |= x509_crl_compare("X509_CRL_set_issuer_name", ac, der2,
335 	    der2sz);
336 	x509_crl_cleanup(&ac, &der2);
337 
338 	/* test X509_CRL_set_lastUpdate */
339 	x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
340 	x509_crl_set_time("X509_CRL_set_lastUpdate", X509_CRL_set_lastUpdate,
341 	    &ac, 120);
342 	failed |= x509_crl_compare("X509_CRL_set_lastUpdate", ac, der2, der2sz);
343 	x509_crl_cleanup(&ac, &der2);
344 
345 	/* test X509_CRL_set_nextUpdate */
346 	x509_crl_setup(&der, &der2, &ac, dersz, &der2sz);
347 	x509_crl_set_time("X509_CRL_set_nextUpdate", X509_CRL_set_nextUpdate,
348 	    &ac, 180);
349 	failed |= x509_crl_compare("X509_CRL_set_nextUpdate", ac, der2, der2sz);
350 	x509_crl_cleanup(&ac, &der2);
351 
352 	EVP_PKEY_free(pkey);
353 	EVP_PKEY_CTX_free(pkey_ctx);
354 	X509_CRL_free(xc);
355 	free(der);
356 
357 	return failed;
358 }
359 
360 static void
x509_req_setup(unsigned char ** der,unsigned char ** der2,X509_REQ ** xr,long dersz,long * der2sz)361 x509_req_setup(unsigned char **der, unsigned char **der2, X509_REQ **xr,
362     long dersz, long *der2sz)
363 {
364 	const unsigned char *cpder;
365 
366 	cpder = *der;
367 	if ((*xr = d2i_X509_REQ(NULL, &cpder, dersz)) == NULL)
368 		errx(1, "d2i_X509");
369 	if ((*der2sz = i2d_X509_REQ(*xr, der2)) <= 0)
370 		errx(1, "i2d_X509");
371 }
372 
373 static int
x509_req_compare(char * f,X509_REQ * xr,const unsigned char * der,long dersz)374 x509_req_compare(char *f, X509_REQ *xr, const unsigned char *der, long dersz)
375 {
376 	unsigned char *der_test = NULL;
377 	long der_testsz;
378 	int rc = 0;
379 
380 	if ((der_testsz = i2d_X509_REQ(xr, &der_test)) <= 0)
381 		errx(1, "i2d_X509_REQ");
382 
383 	if (dersz == der_testsz) {
384 		if (memcmp(der, der_test, dersz) == 0) {
385 			warnx("%s() stale version of encoding after i2d", f);
386 			rc = 1;
387 		} else
388 			warnx("%s() OK", f);
389 	} else
390 		warnx("%s() OK", f);
391 
392 	free(der_test);
393 	return rc;
394 }
395 
396 static void
x509_req_cleanup(X509_REQ ** xr,unsigned char ** der)397 x509_req_cleanup(X509_REQ **xr, unsigned char **der)
398 {
399 	X509_REQ_free(*xr);
400 	*xr = NULL;
401 	free(*der);
402 	*der = NULL;
403 }
404 
405 static int
test_x509_req_setters(void)406 test_x509_req_setters(void)
407 {
408 	EVP_PKEY *pkey = NULL;
409 	EVP_PKEY_CTX *pkey_ctx = NULL;
410 	X509_REQ *ar = NULL, *xr = NULL;
411 	unsigned char *der = NULL, *der2 = NULL;
412 	X509_NAME *xn;
413 	ASN1_OCTET_STRING *aos;
414 	X509_EXTENSION *xe;
415 	STACK_OF(X509_EXTENSION) *exts = NULL;
416 	ASN1_OBJECT *coid;
417 	X509_ATTRIBUTE *xa;
418 	long dersz, der2sz;
419 	int failed = 0;
420 
421 	if ((xr = X509_REQ_new()) == NULL)
422 		err(1, NULL);
423 
424 	if (!X509_REQ_set_version(xr, 0))
425 		errx(1, "X509_REQ_set_version");
426 
427 	if ((xn = X509_NAME_new()) == NULL)
428 		err(1, NULL);
429 	if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, "NL", -1, -1, 0))
430 		errx(1, "X509_NAME_add_entry_by_txt");
431 	if (!X509_REQ_set_subject_name(xr, xn))
432 		errx(1, "X509_REQ_set_subject_name");
433 
434 	if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
435 		errx(1, "EVP_PKEY_CTX_new_id");
436 	if (EVP_PKEY_keygen_init(pkey_ctx) != 1)
437 		errx(1, "EVP_PKEY_keygen_init");
438 	if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0)
439 		errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits");
440 	if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0)
441 		errx(1, "EVP_PKEY_keygen");
442 	if (!X509_REQ_set_pubkey(xr, pkey))
443 		errx(1, "X509_REQ_set_pubkey");
444 
445 	if (!X509_REQ_sign(xr, pkey, EVP_sha256()))
446 		errx(1, "X509_REQ_sign");
447 	if ((dersz = i2d_X509_REQ(xr, &der)) <= 0)
448 		errx(1, "i2d_X509_REQ");
449 
450 	/* test X509_REQ_add_extensions */
451 	x509_req_setup(&der, &der2, &ar, dersz, &der2sz);
452 	if ((aos = ASN1_OCTET_STRING_new()) == NULL)
453 		err(1, NULL);
454 	ASN1_OCTET_STRING_set(aos, (unsigned char *)"DNS: test.nl",
455 	    strlen("DNS: test.nl"));
456 	if ((xe = X509_EXTENSION_new()) == NULL)
457 		err(1, NULL);
458 	if (!X509_EXTENSION_create_by_NID(&xe, NID_subject_alt_name, 0, aos))
459 		errx(1, "X509_EXTENSION_create_by_NID");
460 	if ((exts = sk_X509_EXTENSION_new_null()) == NULL)
461 		errx(1, "sk_X509_EXTENSION_new_null");
462 	sk_X509_EXTENSION_push(exts, xe);
463 	if (!X509_REQ_add_extensions(ar, exts))
464 		errx(1, "X509_REQ_add_extensions");
465 	failed |= x509_req_compare("X509_REQ_add_extensions", ar, der2, der2sz);
466 	x509_req_cleanup(&ar, &der2);
467 
468 	/* test X509_REQ_add1_attr */
469 	x509_req_setup(&der, &der2, &ar, dersz, &der2sz);
470 	if ((coid = OBJ_nid2obj(NID_pkcs7_data)) == NULL)
471 		errx(1, "OBJ_nid2obj");
472 	if ((xa = X509_ATTRIBUTE_create(NID_pkcs9_contentType, V_ASN1_OBJECT,
473 	    coid)) == NULL)
474 		errx(1, "X509_ATTRIBUTE_create");
475 	if (!X509_REQ_add1_attr(ar, xa))
476 		errx(1, "X509_REQ_add1_attr");
477 	failed |= x509_req_compare("X509_REQ_add1_attr", ar, der2, der2sz);
478 	x509_req_cleanup(&ar, &der2);
479 
480 	ASN1_OBJECT_free(coid);
481 	X509_NAME_free(xn);
482 	ASN1_OCTET_STRING_free(aos);
483 	sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
484 	X509_ATTRIBUTE_free(xa);
485 	EVP_PKEY_free(pkey);
486 	EVP_PKEY_CTX_free(pkey_ctx);
487 	X509_REQ_free(xr);
488 	free(der);
489 
490 	return failed;
491 }
492 
493 static const struct testcase {
494 	char *data;
495 	int len;
496 	int len_to_pass;
497 	int encode_type;
498 	int expected_result;
499 	char *expected_string;
500 } testCases[] = {
501 	/* should work */
502 	{"fozzie", 6, 80, MBSTRING_ASC, 6, "fozzie"},
503 	/* should work */
504 	{"fozzie", 6, -1, MBSTRING_ASC, 6, ""},
505 	/* should fail, truncation */
506 	{"muppet", 6, 5, MBSTRING_ASC, -1, ""},
507 	/* should fail, contains 0 byte */
508 	{"g\0nzo", 5, 80, MBSTRING_ASC, -1, ""},
509 	/* should fail, can't encode as utf-8 */
510 	{"\x30\x00", 2, 80, V_ASN1_SEQUENCE, -1, ""},
511 };
512 
513 #define NUM_TEST_CASES (sizeof(testCases) / sizeof(testCases[0]))
514 
515 static int
test_x509_name_get(void)516 test_x509_name_get(void)
517 {
518 	int failed = 0;
519 	size_t i;
520 
521 	for (i = 0; i < NUM_TEST_CASES; i++) {
522 		const struct testcase *test = testCases + i;
523 		X509_NAME_ENTRY *entry = NULL;
524 		X509_NAME *name = NULL;
525 		char textbuf[80];
526 		int result;
527 
528 		textbuf[0] = '\0';
529 		if ((name = X509_NAME_new()) == NULL)
530 			err(1, "X509_NAME_new");
531 		if ((entry = X509_NAME_ENTRY_new()) == NULL)
532 			err(1, "X509_NAME_ENTRY_new");
533 		if (!X509_NAME_ENTRY_set_object(entry,
534 		    OBJ_nid2obj(NID_commonName)))
535 			err(1, "X509_NAME_ENTRY_set_object");
536 		if (!X509_NAME_ENTRY_set_data(entry, test->encode_type,
537 		    test->data, test->len))
538 			err(1, "X509_NAME_ENTRY_set_data");
539 		if (!X509_NAME_add_entry(name, entry, -1, 0))
540 			err(1, "X509_NAME_add_entry");
541 		if (test->len_to_pass == -1)
542 			result = X509_NAME_get_text_by_NID(name, NID_commonName,
543 			    NULL, 0);
544 		else
545 			result = X509_NAME_get_text_by_NID(name, NID_commonName,
546 			    textbuf, test->len_to_pass);
547 		if (result != test->expected_result) {
548 			fprintf(stderr,
549 			    "Test %zu X509_GET_text_by_NID returned %d,"
550 			    "expected %d\n", i, result, test->expected_result);
551 			failed++;
552 		}
553 		if (result != -1 &&
554 		    strcmp(test->expected_string, textbuf) != 0) {
555 			fprintf(stderr,
556 			    "Test %zu, X509_GET_text_by_NID returned bytes do"
557 			    "not match \n", i);
558 			failed++;
559 		}
560 		X509_NAME_ENTRY_free(entry);
561 		X509_NAME_free(name);
562 	}
563 	return failed;
564 }
565 
566 int
main(void)567 main(void)
568 {
569 	int failed = 0;
570 
571 	failed |= test_x509_setters();
572 	/* failed |= */ test_x509_crl_setters();
573 	/* failed |= */ test_x509_req_setters();
574 	failed |= test_x509_name_get();
575 
576 	OPENSSL_cleanup();
577 
578 	return failed;
579 }
580