2 * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
13 #include <openssl/pem.h>
14 #include <openssl/x509.h>
18 * c: path of a cert in PEM format
19 * k: path of a key in PEM format
20 * t: API type, "cert" for X509_ and "req" for X509_REQ_ APIs.
21 * e: expected, "ok" for success, "failed" for what should fail.
23 static int test_x509_check_cert_pkey(const char *c, const char *k,
24 const char *t, const char *e)
28 X509_REQ *x509_req = NULL;
29 EVP_PKEY *pkey = NULL;
30 int ret = 0, type = 0, expected = 0, result = 0;
33 * we check them first thus if fails we don't need to do
34 * those PEM parsing operations.
36 if (strcmp(t, "cert") == 0) {
38 } else if (strcmp(t, "req") == 0) {
41 TEST_error("invalid 'type'");
45 if (strcmp(e, "ok") == 0) {
47 } else if (strcmp(e, "failed") == 0) {
50 TEST_error("invalid 'expected'");
54 /* process private key */
55 if (!TEST_ptr(bio = BIO_new_file(k, "r")))
58 if (!TEST_ptr(pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL)))
63 /* process cert or cert request, use the same local var */
64 if (!TEST_ptr(bio = BIO_new_file(c, "r")))
69 x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
71 TEST_error("read PEM x509 failed");
75 result = X509_check_private_key(x509, pkey);
78 x509_req = PEM_read_bio_X509_REQ(bio, NULL, NULL, NULL);
79 if (x509_req == NULL) {
80 TEST_error("read PEM x509 req failed");
84 result = X509_REQ_check_private_key(x509_req, pkey);
87 /* should never be here */
91 if (!TEST_int_eq(result, expected)) {
92 TEST_error("check private key: expected: %d, got: %d", expected, result);
100 X509_REQ_free(x509_req);
105 int test_main(int argc, char **argv)
107 if (!TEST_int_eq(argc, 5)) {
108 TEST_info("usage: x509_check_cert_pkey cert.pem|cert.req"
109 " key.pem cert|req <expected>");
113 return !test_x509_check_cert_pkey(argv[1], argv[2], argv[3], argv[4]);