Split two PKCS7 tests into two functions.

2014-01-16 16:29:33 -08:00
parent cf22e49117
commit eb2e987a29
1 changed files with 175 additions and 165 deletions
--- a/ctaocrypt/test/test.c
+++ b/ctaocrypt/test/test.c
@@ -178,7 +178,8 @@ int pbkdf2_test(void);
    int compress_test(void);
 #endif
 #ifdef HAVE_PKCS7
-    int pkcs7_test(void);
+    int pkcs7enveloped_test(void);
+    int pkcs7signed_test(void);
 #endif


@@ -465,10 +466,15 @@ void ctaocrypt_test(void* args)
 #endif

 #ifdef HAVE_PKCS7
-    if ( (ret = pkcs7_test()) != 0)
-        err_sys("PKCS7    test failed!\n", ret);
+    if ( (ret = pkcs7enveloped_test()) != 0)
+        err_sys("PKCS7enveloped test failed!\n", ret);
    else
-        printf( "PKCS7    test passed!\n");
+        printf( "PKCS7enveloped test passed!\n");
+
+    if ( (ret = pkcs7signed_test()) != 0)
+        err_sys("PKCS7signed    test failed!\n", ret);
+    else
+        printf( "PKCS7signed    test passed!\n");
 #endif

    ((func_args*)args)->return_code = ret;
@@ -4024,115 +4030,10 @@ int compress_test(void)

 #ifdef HAVE_PKCS7

-int pkcs7_test(void)
+int pkcs7enveloped_test(void)
 {
    int ret = 0;

-    /* Test the PKCS7 Signed-Data */
-    {
-        byte* cert;
-        byte out[2048];
-        char data[] = "Hello World";
-        word32 dataSz, outSz;
-        PKCS7 msg;
-        RNG rng;
-
-        word32 certSz;
-        FILE* file;
-        FILE* pkcs7File;
-
-        byte transIdOid[] =
-                   { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
-                     0x09, 0x07 };
-        byte messageTypeOid[] =
-                   { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
-                     0x09, 0x02 };
-        byte senderNonceOid[] =
-                   { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
-                     0x09, 0x05 };
-        byte pkiStatusOid[] =
-                   { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
-                     0x09, 0x03 };
-        byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
-        byte messageType[] = { 0x13, 2, '1', '9' };
-        byte senderNonce[34];
-        byte pkiStatus[] = { 0x13, 1, '0' };
-
-        PKCS7Attrib attribs[] =
-        {
-            { transIdOid, sizeof(transIdOid),
-                         transId, sizeof(transId) - 1 }, /* take off the null */
-            { messageTypeOid, sizeof(messageTypeOid),
-                         messageType, sizeof(messageType) },
-            { senderNonceOid, sizeof(senderNonceOid),
-                         senderNonce, sizeof(senderNonce) },
-            { pkiStatusOid, sizeof(pkiStatusOid),
-                         pkiStatus, sizeof(pkiStatus) }
-        };
-
-        dataSz = (word32) strlen(data);
-        outSz = sizeof(out);
-
-        cert = (byte*)malloc(FOURK_BUF);
-        if (cert == NULL)
-            return -40;
-
-        /* read in DER cert of recipient, into cert of size certSz */
-        file = fopen(clientCert, "rb");
-
-        if (!file)
-            err_sys("can't open ./certs/client-cert.der, "
-                    "Please run from CyaSSL home dir", -40);
-
-        certSz = (word32)fread(cert, 1, FOURK_BUF, file);
-        fclose(file);
-
-        ret = InitRng(&rng);
-        senderNonce[0] = 0x04;
-        senderNonce[1] = 0x20;
-        RNG_GenerateBlock(&rng, &senderNonce[2], 32);
-
-        PKCS7_InitWithCert(&msg, cert, certSz);
-        msg.content = (byte*)data;
-        msg.contentSz = dataSz;
-        msg.hashOID = SHAh;
-        msg.encryptOID = RSAk;
-        msg.signedAttribs = attribs;
-        msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
-        msg.rng = &rng;
-        {
-            Sha sha;
-            byte digest[SHA_DIGEST_SIZE];
-            int i,j;
-
-            transId[0] = 0x13;
-            transId[1] = SHA_DIGEST_SIZE * 2;
-
-            InitSha(&sha);
-            ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
-            ShaFinal(&sha, digest);
-
-            for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
-                snprintf((char*)&transId[j], 3, "%02x", digest[i]);
-            }
-        }
-        ret = PKCS7_EncodeSignedData(&msg, out, outSz);
-        if (ret < 0) {
-            printf("Pkcs7_encrypt failed\n");
-            return -42;
-        }
-        else
-            outSz = ret;
-
-        /* write PKCS#7 to output file for more testing */
-        pkcs7File = fopen("./pkcs7signedData.der", "wb");
-        if (!pkcs7File)
-            return -43;
-        ret = (int)fwrite(out, outSz, 1, pkcs7File);
-        fclose(pkcs7File);
-    }
-    /* Test the PKCS7 Enveloped-Data */
-    {
    int cipher = DES3b;
    int envelopedSz, decodedSz;
    PKCS7 pkcs7;
@@ -4213,7 +4114,116 @@ int pkcs7_test(void)

    free(cert);
    free(privKey);
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+int pkcs7signed_test(void)
+{
+    int ret = 0;
+
+    byte* cert;
+    byte out[2048];
+    char data[] = "Hello World";
+    word32 dataSz, outSz;
+    PKCS7 msg;
+    RNG rng;
+
+    word32 certSz;
+    FILE* file;
+    FILE* pkcs7File;
+
+    byte transIdOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x07 };
+    byte messageTypeOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x02 };
+    byte senderNonceOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x05 };
+    byte pkiStatusOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x03 };
+    byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
+    byte messageType[] = { 0x13, 2, '1', '9' };
+    byte senderNonce[34];
+    byte pkiStatus[] = { 0x13, 1, '0' };
+
+    PKCS7Attrib attribs[] =
+    {
+        { transIdOid, sizeof(transIdOid),
+                     transId, sizeof(transId) - 1 }, /* take off the null */
+        { messageTypeOid, sizeof(messageTypeOid),
+                     messageType, sizeof(messageType) },
+        { senderNonceOid, sizeof(senderNonceOid),
+                     senderNonce, sizeof(senderNonce) },
+        { pkiStatusOid, sizeof(pkiStatusOid),
+                     pkiStatus, sizeof(pkiStatus) }
+    };
+
+    dataSz = (word32) strlen(data);
+    outSz = sizeof(out);
+
+    cert = (byte*)malloc(FOURK_BUF);
+    if (cert == NULL)
+        return -207;
+
+    /* read in DER cert of recipient, into cert of size certSz */
+    file = fopen(clientCert, "rb");
+
+    if (!file)
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from CyaSSL home dir", -44);
+
+    certSz = (word32)fread(cert, 1, FOURK_BUF, file);
+    fclose(file);
+
+    ret = InitRng(&rng);
+    senderNonce[0] = 0x04;
+    senderNonce[1] = 0x20;
+    RNG_GenerateBlock(&rng, &senderNonce[2], 32);
+
+    PKCS7_InitWithCert(&msg, cert, certSz);
+    msg.content = (byte*)data;
+    msg.contentSz = dataSz;
+    msg.hashOID = SHAh;
+    msg.encryptOID = RSAk;
+    msg.signedAttribs = attribs;
+    msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
+    msg.rng = &rng;
+    {
+        Sha sha;
+        byte digest[SHA_DIGEST_SIZE];
+        int i,j;
+
+        transId[0] = 0x13;
+        transId[1] = SHA_DIGEST_SIZE * 2;
+
+        InitSha(&sha);
+        ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
+        ShaFinal(&sha, digest);
+
+        for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
+            snprintf((char*)&transId[j], 3, "%02x", digest[i]);
        }
+    }
+    ret = PKCS7_EncodeSignedData(&msg, out, outSz);
+    if (ret < 0) {
+        return -208;
+    }
+    else
+        outSz = ret;
+
+    /* write PKCS#7 to output file for more testing */
+    pkcs7File = fopen("./pkcs7signedData.der", "wb");
+    if (!pkcs7File)
+        return -209;
+    ret = (int)fwrite(out, outSz, 1, pkcs7File);
+    fclose(pkcs7File);

    if (ret > 0)
        return 0;