1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21#ifndef TESTS_CRYPTO_TLS_X509_HELPERS_H
22#define TESTS_CRYPTO_TLS_X509_HELPERS_H
23
24#include <gnutls/gnutls.h>
25#include <gnutls/x509.h>
26#include <libtasn1.h>
27
28
29
30
31
32
33typedef struct QCryptoTLSTestCertReq QCryptoTLSTestCertReq;
34struct QCryptoTLSTestCertReq {
35 gnutls_x509_crt_t crt;
36
37 const char *filename;
38
39
40 const char *country;
41 const char *cn;
42 const char *altname1;
43 const char *altname2;
44 const char *ipaddr1;
45 const char *ipaddr2;
46
47
48 bool basicConstraintsEnable;
49 bool basicConstraintsCritical;
50 bool basicConstraintsIsCA;
51
52
53 bool keyUsageEnable;
54 bool keyUsageCritical;
55 int keyUsageValue;
56
57
58 bool keyPurposeEnable;
59 bool keyPurposeCritical;
60 const char *keyPurposeOID1;
61 const char *keyPurposeOID2;
62
63
64 int start_offset;
65
66 int expire_offset;
67};
68
69void test_tls_generate_cert(QCryptoTLSTestCertReq *req,
70 gnutls_x509_crt_t ca);
71void test_tls_write_cert_chain(const char *filename,
72 gnutls_x509_crt_t *certs,
73 size_t ncerts);
74void test_tls_discard_cert(QCryptoTLSTestCertReq *req);
75
76void test_tls_init(const char *keyfile);
77void test_tls_cleanup(const char *keyfile);
78
79# define TLS_CERT_REQ(varname, cavarname, \
80 country, commonname, \
81 altname1, altname2, \
82 ipaddr1, ipaddr2, \
83 basicconsenable, basicconscritical, basicconsca, \
84 keyusageenable, keyusagecritical, keyusagevalue, \
85 keypurposeenable, keypurposecritical, \
86 keypurposeoid1, keypurposeoid2, \
87 startoffset, endoffset) \
88 static QCryptoTLSTestCertReq varname = { \
89 NULL, WORKDIR #varname "-ctx.pem", \
90 country, commonname, altname1, altname2, \
91 ipaddr1, ipaddr2, \
92 basicconsenable, basicconscritical, basicconsca, \
93 keyusageenable, keyusagecritical, keyusagevalue, \
94 keypurposeenable, keypurposecritical, \
95 keypurposeoid1, keypurposeoid2, \
96 startoffset, endoffset \
97 }; \
98 test_tls_generate_cert(&varname, cavarname.crt)
99
100# define TLS_ROOT_REQ(varname, \
101 country, commonname, \
102 altname1, altname2, \
103 ipaddr1, ipaddr2, \
104 basicconsenable, basicconscritical, basicconsca, \
105 keyusageenable, keyusagecritical, keyusagevalue, \
106 keypurposeenable, keypurposecritical, \
107 keypurposeoid1, keypurposeoid2, \
108 startoffset, endoffset) \
109 static QCryptoTLSTestCertReq varname = { \
110 NULL, WORKDIR #varname "-ctx.pem", \
111 country, commonname, altname1, altname2, \
112 ipaddr1, ipaddr2, \
113 basicconsenable, basicconscritical, basicconsca, \
114 keyusageenable, keyusagecritical, keyusagevalue, \
115 keypurposeenable, keypurposecritical, \
116 keypurposeoid1, keypurposeoid2, \
117 startoffset, endoffset \
118 }; \
119 test_tls_generate_cert(&varname, NULL)
120
121extern const asn1_static_node pkix_asn1_tab[];
122
123#endif
124