2 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL licenses, (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 * https://www.openssl.org/source/license.html
8 * or in the file LICENSE in the source distribution.
15 #include <openssl/x509.h>
16 #include <openssl/pem.h>
17 #include <openssl/conf.h>
18 #include <openssl/err.h>
22 static const char *progname;
24 static void test_usage(void)
26 fprintf(stderr, "usage: %s certfile\n", progname);
29 static void print_errors(void)
38 while ((err = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
39 ERR_error_string_n(err, buffer, sizeof(buffer));
40 if (flags & ERR_TXT_STRING)
41 fprintf(stderr, "Error: %s:%s:%d:%s\n", buffer, file, line, data);
43 fprintf(stderr, "Error: %s:%s:%d\n", buffer, file, line);
47 static int test_certs(BIO *fp)
52 unsigned char *data = 0;
54 typedef X509 *(*d2i_X509_t)(X509 **, const unsigned char **, long);
55 typedef int (*i2d_X509_t)(X509 *, unsigned char **);
59 !err && PEM_read_bio(fp, &name, &header, &data, &len);
61 int trusted = strcmp(name, PEM_STRING_X509_TRUSTED) == 0;
62 d2i_X509_t d2i = trusted ? d2i_X509_AUX : d2i_X509;
63 i2d_X509_t i2d = trusted ? i2d_X509_AUX : i2d_X509;
65 const unsigned char *p = data;
66 unsigned char *buf = NULL;
71 && strcmp(name, PEM_STRING_X509) != 0
72 && strcmp(name, PEM_STRING_X509_OLD) != 0) {
73 fprintf(stderr, "unexpected PEM object: %s\n", name);
77 cert = d2i(NULL, &p, len);
79 if (cert == NULL || (p - data) != len) {
80 fprintf(stderr, "error parsing input %s\n", name);
85 /* Test traditional 2-pass encoding into caller allocated buffer */
86 enclen = i2d(cert, NULL);
88 fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
93 if ((buf = bufp = OPENSSL_malloc(len)) == NULL) {
98 enclen = i2d(cert, &bufp);
100 fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
105 enclen = (long) (bufp - buf);
107 fprintf(stderr, "unexpected buffer position after encoding %s\n",
112 if (memcmp(buf, data, len) != 0) {
113 fprintf(stderr, "encoded content of %s does not match input\n",
121 /* Test 1-pass encoding into library allocated buffer */
122 enclen = i2d(cert, &buf);
124 fprintf(stderr, "encoded length %ld of %s != input length %ld\n",
129 if (memcmp(buf, data, len) != 0) {
130 fprintf(stderr, "encoded content of %s does not match input\n",
137 /* Encode just the cert and compare with initial encoding */
141 /* Test 1-pass encoding into library allocated buffer */
142 enclen = i2d(cert, &buf);
144 fprintf(stderr, "encoded length %ld of %s > input length %ld\n",
149 if (memcmp(buf, data, enclen) != 0) {
150 fprintf(stderr, "encoded cert content does not match input\n");
157 * If any of these were null, PEM_read() would have failed.
163 OPENSSL_free(header);
167 if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
168 /* Reached end of PEM file */
175 /* Some other PEM read error */
180 int main(int argc, char *argv[])
192 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
194 p = getenv("OPENSSL_DEBUG_MEMORY");
195 if (p != NULL && strcmp(p, "on") == 0)
196 CRYPTO_set_mem_debug(1);
197 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
203 BIO *f = BIO_new_file(*argv, "r");
207 fprintf(stderr, "%s: Error opening cert file: '%s': %s\n",
208 progname, *argv, strerror(errno));
211 ret = !(ok = test_certs(f));
215 printf("%s ERROR\n", *argv);
219 printf("%s OK\n", *argv);
225 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
226 if (CRYPTO_mem_leaks(bio_err) <= 0)