summaryrefslogtreecommitdiff
path: root/tests/pkcs12_simple.c
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2012-06-09 11:02:07 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2012-06-09 11:47:46 +0200
commit6c82bf34969ba76c19a8dbda1239d48e552e6bc1 (patch)
tree6f92b345028f9ea41aa5e57dc61f6837bf165125 /tests/pkcs12_simple.c
parent2576a9d933e4f29f69a7182faa9c4210eeec8fee (diff)
downloadgnutls-6c82bf34969ba76c19a8dbda1239d48e552e6bc1.tar.gz
Changed prototype for gnutls_pkcs12_simple_parse() to simplify chain building.
Diffstat (limited to 'tests/pkcs12_simple.c')
-rw-r--r--tests/pkcs12_simple.c121
1 files changed, 121 insertions, 0 deletions
diff --git a/tests/pkcs12_simple.c b/tests/pkcs12_simple.c
new file mode 100644
index 0000000000..ad17c0e413
--- /dev/null
+++ b/tests/pkcs12_simple.c
@@ -0,0 +1,121 @@
+/*
+ * Copyright (C) 2005-2012 Free Software Foundation, Inc.
+ *
+ * Author: Simon Josefsson
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GnuTLS; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdlib.h>
+#include <read-file.h>
+#include <gnutls/pkcs12.h>
+#include <gnutls/x509.h>
+#include "utils.h"
+
+void
+doit (void)
+{
+ const char *filename, *password = "1234";
+ gnutls_pkcs12_t pkcs12;
+ unsigned char* file_data;
+ size_t file_size;
+ gnutls_datum_t data;
+ gnutls_x509_crt_t * chain, * extras;
+ unsigned int chain_size, extras_size, i;
+ gnutls_x509_privkey_t pkey;
+ int ret;
+
+ ret = gnutls_global_init ();
+ if (ret < 0)
+ fail ("gnutls_global_init failed %d\n", ret);
+
+ ret = gnutls_pkcs12_init(&pkcs12);
+ if (ret < 0)
+ fail ("initialization failed: %s\n", gnutls_strerror(ret));
+
+ filename = getenv ("PKCS12_MANY_CERTS_FILE");
+
+ if (!filename)
+ filename = "pkcs12-decode/pkcs12_5certs.p12";
+
+ if (debug)
+ success ("Reading PKCS#12 blob from `%s' using password `%s'.\n",
+ filename, password);
+
+ file_data = (void*)read_binary_file( filename, &file_size);
+ if (file_data == NULL)
+ fail("cannot open file");
+
+ data.data = file_data;
+ data.size = file_size;
+ ret = gnutls_pkcs12_import(pkcs12, &data, GNUTLS_X509_FMT_DER, 0);
+ if (ret < 0)
+ fail ("pkcs12_import failed %d: %s\n", ret, gnutls_strerror (ret));
+
+ free(file_data);
+
+ if (debug)
+ success ("Read file OK\n");
+
+ ret = gnutls_pkcs12_simple_parse (pkcs12, password, &pkey, &chain, &chain_size,
+ &extras, &extras_size, NULL, 0);
+ if (ret < 0)
+ fail ("pkcs12_simple_parse failed %d: %s\n", ret, gnutls_strerror (ret));
+
+ if (chain_size != 1)
+ fail("chain size (%u) should have been 1\n", chain_size);
+
+ if (extras_size != 4)
+ fail("extras size (%u) should have been 4\n", extras_size);
+
+ if (debug)
+ {
+ char dn[512];
+ size_t dn_size;
+
+ dn_size = sizeof(dn);
+ ret = gnutls_x509_crt_get_dn(chain[0], dn, &dn_size);
+ if (ret < 0)
+ fail ("crt_get_dn failed %d: %s\n", ret, gnutls_strerror (ret));
+
+ success("dn: %s\n", dn);
+
+ dn_size = sizeof(dn);
+ ret = gnutls_x509_crt_get_issuer_dn(chain[0], dn, &dn_size);
+ if (ret < 0)
+ fail ("crt_get_dn failed %d: %s\n", ret, gnutls_strerror (ret));
+
+ success("issuer dn: %s\n", dn);
+ }
+
+ gnutls_pkcs12_deinit(pkcs12);
+ gnutls_x509_privkey_deinit(pkey);
+
+ for (i=0;i<chain_size;i++)
+ gnutls_x509_crt_deinit(chain[i]);
+ gnutls_free(chain);
+
+ for (i=0;i<extras_size;i++)
+ gnutls_x509_crt_deinit(extras[i]);
+ gnutls_free(extras);
+
+ gnutls_global_deinit ();
+}