1818 * along with this program; if not, write to the Free Software
1919 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
2020 */
21+ #ifndef WOLFSSL_USER_SETTINGS
2122#include <wolfssl/options.h>
23+ #endif
2224#include <wolfssl/wolfcrypt/settings.h>
2325#include <wolfssl/wolfcrypt/pkcs7.h>
2426#include <wolfssl/wolfcrypt/error-crypt.h>
2527#include <wolfssl/wolfcrypt/logging.h>
2628
2729#ifdef HAVE_PKCS7
2830
31+ static const char * pkcs7SignedDer = "signed.p7b" ; /* DER */
32+ static const char * pkcs7SignedPem = "signed.p7s" ; /* PEM */
33+
2934int main (int argc , char * * argv )
3035{
3136 int rc = 0 ;
3237 PKCS7 pkcs7 ;
3338 XFILE derFile ;
39+ byte * fileBuf = NULL ;
40+ word32 fileSz = 0 ;
3441 byte * derBuf = NULL ;
3542 word32 derSz = 0 ;
3643
@@ -41,47 +48,102 @@ int main(int argc, char** argv)
4148 wolfSSL_Debugging_ON ();
4249#endif
4350
44- /* load DER PKCS7 */
45- derFile = fopen ("signed.p7s" , "rb" );
51+ /* load PKCS7 */
52+ derFile = fopen (pkcs7SignedPem , "rb" );
4653 if (derFile ) {
4754 fseek (derFile , 0 , SEEK_END );
48- derSz = (int )ftell (derFile );
55+ fileSz = (int )ftell (derFile );
4956 rewind (derFile );
5057
51- derBuf = (byte * )XMALLOC (derSz , NULL , DYNAMIC_TYPE_TMP_BUFFER );
52- if (derBuf == NULL ) {
58+ fileBuf = (byte * )XMALLOC (fileSz , NULL , DYNAMIC_TYPE_TMP_BUFFER );
59+ derBuf = (byte * )XMALLOC (fileSz , NULL , DYNAMIC_TYPE_TMP_BUFFER );
60+ if (fileBuf == NULL || derBuf == NULL ) {
5361 rc = MEMORY_E ; goto exit ;
5462 }
63+ derSz = fileSz ;
5564
56- rc = (int )fread (derBuf , 1 , derSz , derFile );
65+ rc = (int )fread (fileBuf , 1 , fileSz , derFile );
5766 fclose (derFile );
5867
59- if (rc != derSz ) {
68+ if (rc != fileSz ) {
6069 printf ("Failed to read der file!\n" );
61- return -1 ;
70+ rc = -1 ;
71+ goto exit ;
6272 }
73+ rc = 0 ;
6374 }
6475
65- printf ("Der %d\n" , derSz );
66- WOLFSSL_BUFFER (derBuf , derSz );
76+ /* PKCS_Init captures/saves this, so make sure
77+ * isDynamic = 0 since it is on the stack */
78+ pkcs7 .isDynamic = 0 ;
6779
6880 /* Test verify */
6981 rc = wc_PKCS7_Init (& pkcs7 , NULL , INVALID_DEVID );
7082 if (rc != 0 ) goto exit ;
7183 rc = wc_PKCS7_InitWithCert (& pkcs7 , NULL , 0 );
7284 if (rc != 0 ) goto exit ;
85+
86+ /* convert PEM to DER */
87+ rc = wc_CertPemToDer (fileBuf , fileSz , derBuf , derSz , PKCS7_TYPE );
88+ if (rc < 0 ) {
89+ goto exit ;
90+ }
91+ derSz = rc ;
92+ rc = 0 ;
93+
94+ printf ("Der %d\n" , derSz );
95+ WOLFSSL_BUFFER (derBuf , derSz );
96+
7397 rc = wc_PKCS7_VerifySignedData (& pkcs7 , derBuf , derSz );
7498 if (rc != 0 ) goto exit ;
7599
76100 printf ("PKCS7 Verify Success\n" );
77101
102+ #ifdef WOLFSSL_DER_TO_PEM
103+ memset (fileBuf , 0 , fileSz );
104+ rc = wc_DerToPem (derBuf , derSz , fileBuf , fileSz , PKCS7_TYPE );
105+ if (rc <= 0 ) {
106+ printf ("DER to PEM failed: %d\n" , rc );
107+ goto exit ;
108+ }
109+ printf ("%s" , fileBuf );
110+ #endif
111+
112+ /* load PKCS7 */
113+ derFile = fopen (pkcs7SignedDer , "rb" );
114+ if (derFile ) {
115+ fseek (derFile , 0 , SEEK_END );
116+ fileSz = (int )ftell (derFile );
117+ rewind (derFile );
118+
119+ rc = (int )fread (fileBuf , 1 , fileSz , derFile );
120+ fclose (derFile );
121+
122+ if (rc != fileSz ) {
123+ printf ("Failed to read der file!\n" );
124+ rc = -1 ;
125+ goto exit ;
126+ }
127+ rc = 0 ;
128+ }
129+
130+ /* Verify DER output matches expected output */
131+ if (fileSz != derSz || memcmp (fileBuf , derBuf , derSz ) != 0 ) {
132+ fprintf (stderr , "DER output didn't match expected\n" );
133+ rc = -1 ;
134+ }
135+ else {
136+ printf ("DER output matches the original PEM\n" );
137+ }
138+
78139exit :
79140
80141 if (rc != 0 )
81142 printf ("RC=%d\n" , rc );
82143
83144 wc_PKCS7_Free (& pkcs7 );
84145 XFREE (derBuf , NULL , DYNAMIC_TYPE_TMP_BUFFER );
146+ XFREE (fileBuf , NULL , DYNAMIC_TYPE_TMP_BUFFER );
85147
86148 return rc ;
87149}
@@ -94,4 +156,4 @@ int main(int argc, char** argv)
94156 return 0 ;
95157}
96158
97- #endif
159+ #endif
0 commit comments