1 /* $OpenBSD: x509_asn1.c,v 1.20 2023/06/05 18:32:06 job Exp $ */ 2 /* 3 * Copyright (c) 2023 Job Snijders <job@openbsd.org> 4 * 5 * Permission to use, copy, modify, and distribute this software for any 6 * purpose with or without fee is hereby granted, provided that the above 7 * copyright notice and this permission notice appear in all copies. 8 * 9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 16 */ 17 18 /* 19 * This program tests whether the presence of "->enc.modified = 1;" 20 * in select X509 setter functions properly triggers invalidation of cached 21 * DER. 22 */ 23 24 #include <err.h> 25 #include <stdio.h> 26 #include <string.h> 27 28 #include <openssl/evp.h> 29 #include <openssl/rsa.h> 30 #include <openssl/x509.h> 31 32 static const struct fnnames { 33 char *name; 34 void (*fn); 35 } fnnames[] = { 36 { "X509_set_version", X509_set_version }, 37 { "X509_set_serialNumber", X509_set_serialNumber }, 38 { "X509_set_issuer_name", X509_set_issuer_name }, 39 { "X509_set_subject_name", X509_set_subject_name }, 40 { "X509_set_notBefore", X509_set_notBefore }, 41 { "X509_set_notAfter", X509_set_notAfter }, 42 { "X509_set_pubkey", X509_set_pubkey }, 43 { "X509_CRL_set_version", X509_CRL_set_version }, 44 { "X509_CRL_set_issuer_name", X509_CRL_set_issuer_name }, 45 { "X509_CRL_set_lastUpdate", X509_CRL_set_lastUpdate }, 46 { "X509_CRL_set_nextUpdate", X509_CRL_set_nextUpdate }, 47 { "X509_REQ_add_extensions", X509_REQ_add_extensions }, 48 { "X509_REQ_add1_attr", X509_REQ_add1_attr }, 49 { NULL, NULL } 50 }; 51 52 static void 53 lookup_and_err(void (*fn)) 54 { 55 int i; 56 57 for (i = 0; fnnames[i].name; i++) { 58 if (fnnames[i].fn == fn) 59 errx(1, "%s failed", fnnames[i].name); 60 } 61 } 62 63 static void 64 x509_setup(unsigned char **der, unsigned char **der2, X509 **x, 65 long dersz, long *der2sz) 66 { 67 const unsigned char *cpder; 68 69 cpder = *der; 70 if ((*x = d2i_X509(NULL, &cpder, dersz)) == NULL) 71 errx(1, "d2i_X509"); 72 if ((*der2sz = i2d_X509(*x, der2)) <= 0) 73 errx(1, "i2d_X509"); 74 } 75 76 static void 77 x509_cleanup(X509 **x, unsigned char **der) 78 { 79 X509_free(*x); 80 *x = NULL; 81 free(*der); 82 *der = NULL; 83 } 84 85 static void 86 x509_set_integer(int (*f)(X509 *, ASN1_INTEGER *), X509 **x, int i) 87 { 88 ASN1_INTEGER *ai; 89 90 if ((ai = ASN1_INTEGER_new()) == NULL) 91 err(1, NULL); 92 if (!ASN1_INTEGER_set(ai, i)) 93 errx(1, "ASN1_INTEGER_set"); 94 if (!f(*x, ai)) 95 lookup_and_err(f); 96 97 ASN1_INTEGER_free(ai); 98 } 99 100 static void 101 x509_set_name(int (*f)(X509 *, X509_NAME *), X509 **x, 102 const unsigned char *n) 103 { 104 X509_NAME *xn; 105 106 if ((xn = X509_NAME_new()) == NULL) 107 err(1, NULL); 108 if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, n, -1, -1, 0)) 109 errx(1, "X509_NAME_add_entry_by_txt"); 110 if (!f(*x, xn)) 111 lookup_and_err(f); 112 113 X509_NAME_free(xn); 114 } 115 116 static void 117 x509_set_time(int (*f)(X509 *, const ASN1_TIME *), X509 **x, int t) 118 { 119 ASN1_TIME *at; 120 121 if ((at = X509_gmtime_adj(NULL, t)) == NULL) 122 errx(1, "X509_gmtime_adj"); 123 if (!f(*x, at)) 124 lookup_and_err(f); 125 126 ASN1_TIME_free(at); 127 } 128 129 static int 130 x509_compare(char *f, X509 *a, const unsigned char *der, long dersz) 131 { 132 unsigned char *der_test = NULL; 133 long der_testsz; 134 int rc = 0; 135 136 if ((der_testsz = i2d_X509(a, &der_test)) <= 0) 137 errx(1, "i2d_X509"); 138 139 if (dersz == der_testsz) { 140 if (memcmp(der, der_test, dersz) == 0) { 141 warnx("%s() stale version of encoding after i2d", f); 142 rc = 1; 143 } else 144 warnx("%s() OK", f); 145 } else 146 warnx("%s() OK", f); 147 148 free(der_test); 149 return rc; 150 } 151 152 static void 153 x509_crl_setup(unsigned char **der, unsigned char **der2, X509_CRL **xc, 154 long dersz, long *der2sz) 155 { 156 const unsigned char *cpder; 157 158 cpder = *der; 159 if ((*xc = d2i_X509_CRL(NULL, &cpder, dersz)) == NULL) 160 errx(1, "d2i_X509"); 161 if ((*der2sz = i2d_X509_CRL(*xc, der2)) <= 0) 162 errx(1, "i2d_X509"); 163 } 164 165 static void 166 x509_crl_cleanup(X509_CRL **xc, unsigned char **der) 167 { 168 X509_CRL_free(*xc); 169 *xc = NULL; 170 free(*der); 171 *der = NULL; 172 } 173 174 static void 175 x509_crl_set_name(int (*f)(X509_CRL *, X509_NAME *), X509_CRL **xc, 176 const unsigned char *n) 177 { 178 X509_NAME *xn; 179 180 if ((xn = X509_NAME_new()) == NULL) 181 err(1, NULL); 182 if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, n, -1, -1, 0)) 183 errx(1, "X509_NAME_add_entry_by_txt"); 184 if (!f(*xc, xn)) 185 lookup_and_err(f); 186 187 X509_NAME_free(xn); 188 } 189 190 static void 191 x509_crl_set_time(int (*f)(X509_CRL *, const ASN1_TIME *), X509_CRL **xc, int t) 192 { 193 ASN1_TIME *at; 194 195 if ((at = X509_gmtime_adj(NULL, t)) == NULL) 196 errx(1, "X509_gmtime_adj"); 197 if (!f(*xc, at)) 198 lookup_and_err(f); 199 200 ASN1_TIME_free(at); 201 } 202 203 static int 204 x509_crl_compare(char *f, X509_CRL *ac, const unsigned char *der, long dersz) 205 { 206 unsigned char *der_test = NULL; 207 long der_testsz; 208 int rc = 0; 209 210 if ((der_testsz = i2d_X509_CRL(ac, &der_test)) <= 0) 211 errx(1, "i2d_X509_CRL"); 212 213 if (dersz == der_testsz) { 214 if (memcmp(der, der_test, dersz) == 0) { 215 warnx("%s() stale version of encoding after i2d", f); 216 rc = 1; 217 } else 218 warnx("%s() OK", f); 219 } else 220 warnx("%s() OK", f); 221 222 free(der_test); 223 return rc; 224 } 225 226 static int 227 test_x509_setters(void) 228 { 229 EVP_PKEY *pkey = NULL; 230 EVP_PKEY_CTX *pkey_ctx = NULL; 231 X509 *a, *x; 232 unsigned char *der = NULL, *der2 = NULL; 233 long dersz, der2sz; 234 int failed = 0; 235 236 if ((x = X509_new()) == NULL) 237 err(1, NULL); 238 239 if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL) 240 errx(1, "EVP_PKEY_CTX_new_id"); 241 if (EVP_PKEY_keygen_init(pkey_ctx) != 1) 242 errx(1, "EVP_PKEY_keygen_init"); 243 if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0) 244 errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits"); 245 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0) 246 errx(1, "EVP_PKEY_keygen"); 247 if (X509_set_pubkey(x, pkey) != 1) 248 errx(1, "X509_set_pubkey"); 249 250 x509_set_integer(X509_set_serialNumber, &x, 1); 251 x509_set_time(X509_set_notBefore, &x, 0); 252 x509_set_time(X509_set_notAfter, &x, 60); 253 x509_set_name(X509_set_issuer_name, &x, "NL"); 254 x509_set_name(X509_set_subject_name, &x, "BE"); 255 256 /* one time creation of the original DER */ 257 if (!X509_sign(x, pkey, EVP_sha256())) 258 errx(1, "X509_sign"); 259 if ((dersz = i2d_X509(x, &der)) <= 0) 260 errx(1, "i2d_X509"); 261 262 /* test X509_set_version */ 263 x509_setup(&der, &der2, &a, dersz, &der2sz); 264 if (!X509_set_version(a, 2)) 265 errx(1, "X509_set_version"); 266 failed |= x509_compare("X509_set_version", a, der2, der2sz); 267 x509_cleanup(&a, &der2); 268 269 /* test X509_set_serialNumber */ 270 x509_setup(&der, &der2, &a, dersz, &der2sz); 271 x509_set_integer(X509_set_serialNumber, &a, 2); 272 failed |= x509_compare("X509_set_serialNumber", a, der2, der2sz); 273 x509_cleanup(&a, &der2); 274 275 /* test X509_set_issuer_name */ 276 x509_setup(&der, &der2, &a, dersz, &der2sz); 277 x509_set_name(X509_set_issuer_name, &a, "DE"); 278 failed |= x509_compare("X509_set_issuer_name", a, der2, der2sz); 279 x509_cleanup(&a, &der2); 280 281 /* test X509_set_subject_name */ 282 x509_setup(&der, &der2, &a, dersz, &der2sz); 283 x509_set_name(X509_set_subject_name, &a, "FR"); 284 failed |= x509_compare("X509_set_subject_name", a, der2, der2sz); 285 x509_cleanup(&a, &der2); 286 287 /* test X509_set_notBefore */ 288 x509_setup(&der, &der2, &a, dersz, &der2sz); 289 x509_set_time(X509_set_notBefore, &a, 120); 290 failed |= x509_compare("X509_set_notBefore", a, der2, der2sz); 291 x509_cleanup(&a, &der2); 292 293 /* test X509_set_notAfter */ 294 x509_setup(&der, &der2, &a, dersz, &der2sz); 295 x509_set_time(X509_set_notAfter, &a, 180); 296 failed |= x509_compare("X509_set_notAfter", a, der2, der2sz); 297 x509_cleanup(&a, &der2); 298 299 /* test X509_set_pubkey */ 300 x509_setup(&der, &der2, &a, dersz, &der2sz); 301 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0) 302 errx(1, "EVP_PKEY_keygen"); 303 if (X509_set_pubkey(a, pkey) != 1) 304 errx(1, "X509_set_pubkey"); 305 failed |= x509_compare("X509_set_pubkey", a, der2, der2sz); 306 x509_cleanup(&a, &der2); 307 308 EVP_PKEY_CTX_free(pkey_ctx); 309 EVP_PKEY_free(pkey); 310 X509_free(x); 311 free(der); 312 313 return failed; 314 } 315 316 static int 317 test_x509_crl_setters(void) 318 { 319 EVP_PKEY *pkey = NULL; 320 EVP_PKEY_CTX *pkey_ctx = NULL; 321 X509_CRL *ac, *xc; 322 unsigned char *der = NULL, *der2 = NULL; 323 long dersz, der2sz; 324 int failed = 0; 325 326 if ((xc = X509_CRL_new()) == NULL) 327 err(1, NULL); 328 329 if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL) 330 errx(1, "EVP_PKEY_CTX_new_id"); 331 if (EVP_PKEY_keygen_init(pkey_ctx) != 1) 332 errx(1, "EVP_PKEY_keygen_init"); 333 if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0) 334 errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits"); 335 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0) 336 errx(1, "EVP_PKEY_keygen"); 337 338 x509_crl_set_time(X509_CRL_set_lastUpdate, &xc, 0); 339 x509_crl_set_time(X509_CRL_set_nextUpdate, &xc, 60); 340 x509_crl_set_name(X509_CRL_set_issuer_name, &xc, "NL"); 341 342 /* one time creation of the original DER */ 343 if (!X509_CRL_sign(xc, pkey, EVP_sha256())) 344 errx(1, "X509_CRL_sign"); 345 if ((dersz = i2d_X509_CRL(xc, &der)) <= 0) 346 errx(1, "i2d_X509_CRL"); 347 348 /* test X509_CRL_set_version */ 349 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz); 350 if (!X509_CRL_set_version(ac, 1)) 351 errx(1, "X509_CRL_set_version"); 352 failed |= x509_crl_compare("X509_CRL_set_version", ac, der2, der2sz); 353 x509_crl_cleanup(&ac, &der2); 354 355 /* test X509_CRL_set_issuer_name */ 356 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz); 357 x509_crl_set_name(X509_CRL_set_issuer_name, &ac, "DE"); 358 failed |= x509_crl_compare("X509_CRL_set_issuer_name", ac, der2, 359 der2sz); 360 x509_crl_cleanup(&ac, &der2); 361 362 /* test X509_CRL_set_lastUpdate */ 363 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz); 364 x509_crl_set_time(X509_CRL_set_lastUpdate, &ac, 120); 365 failed |= x509_crl_compare("X509_CRL_set_lastUpdate", ac, der2, der2sz); 366 x509_crl_cleanup(&ac, &der2); 367 368 /* test X509_CRL_set_nextUpdate */ 369 x509_crl_setup(&der, &der2, &ac, dersz, &der2sz); 370 x509_crl_set_time(X509_CRL_set_nextUpdate, &ac, 180); 371 failed |= x509_crl_compare("X509_CRL_set_nextUpdate", ac, der2, der2sz); 372 x509_crl_cleanup(&ac, &der2); 373 374 EVP_PKEY_free(pkey); 375 EVP_PKEY_CTX_free(pkey_ctx); 376 X509_CRL_free(xc); 377 free(der); 378 379 return failed; 380 } 381 382 static void 383 x509_req_setup(unsigned char **der, unsigned char **der2, X509_REQ **xr, 384 long dersz, long *der2sz) 385 { 386 const unsigned char *cpder; 387 388 cpder = *der; 389 if ((*xr = d2i_X509_REQ(NULL, &cpder, dersz)) == NULL) 390 errx(1, "d2i_X509"); 391 if ((*der2sz = i2d_X509_REQ(*xr, der2)) <= 0) 392 errx(1, "i2d_X509"); 393 } 394 395 static int 396 x509_req_compare(char *f, X509_REQ *xr, const unsigned char *der, long dersz) 397 { 398 unsigned char *der_test = NULL; 399 long der_testsz; 400 int rc = 0; 401 402 if ((der_testsz = i2d_X509_REQ(xr, &der_test)) <= 0) 403 errx(1, "i2d_X509_REQ"); 404 405 if (dersz == der_testsz) { 406 if (memcmp(der, der_test, dersz) == 0) { 407 warnx("%s() stale version of encoding after i2d", f); 408 rc = 1; 409 } else 410 warnx("%s() OK", f); 411 } else 412 warnx("%s() OK", f); 413 414 free(der_test); 415 return rc; 416 } 417 418 static void 419 x509_req_cleanup(X509_REQ **xr, unsigned char **der) 420 { 421 X509_REQ_free(*xr); 422 *xr = NULL; 423 free(*der); 424 *der = NULL; 425 } 426 427 static int 428 test_x509_req_setters(void) 429 { 430 EVP_PKEY *pkey = NULL; 431 EVP_PKEY_CTX *pkey_ctx = NULL; 432 X509_REQ *ar = NULL, *xr = NULL; 433 unsigned char *der = NULL, *der2 = NULL; 434 X509_NAME *xn; 435 ASN1_OCTET_STRING *aos; 436 X509_EXTENSION *xe; 437 STACK_OF(X509_EXTENSION) *exts = NULL; 438 ASN1_OBJECT *coid; 439 X509_ATTRIBUTE *xa; 440 long dersz, der2sz; 441 int failed = 0; 442 443 if ((xr = X509_REQ_new()) == NULL) 444 err(1, NULL); 445 446 if (!X509_REQ_set_version(xr, 0)) 447 errx(1, "X509_REQ_set_version"); 448 449 if ((xn = X509_NAME_new()) == NULL) 450 err(1, NULL); 451 if (!X509_NAME_add_entry_by_txt(xn, "C", MBSTRING_ASC, "NL", -1, -1, 0)) 452 errx(1, "X509_NAME_add_entry_by_txt"); 453 if (!X509_REQ_set_subject_name(xr, xn)) 454 errx(1, "X509_REQ_set_subject_name"); 455 456 if ((pkey_ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL) 457 errx(1, "EVP_PKEY_CTX_new_id"); 458 if (EVP_PKEY_keygen_init(pkey_ctx) != 1) 459 errx(1, "EVP_PKEY_keygen_init"); 460 if (EVP_PKEY_CTX_set_rsa_keygen_bits(pkey_ctx, 2048) <= 0) 461 errx(1, "EVP_PKEY_CTX_set_rsa_keygen_bits"); 462 if (EVP_PKEY_keygen(pkey_ctx, &pkey) <= 0) 463 errx(1, "EVP_PKEY_keygen"); 464 if (!X509_REQ_set_pubkey(xr, pkey)) 465 errx(1, "X509_REQ_set_pubkey"); 466 467 if (!X509_REQ_sign(xr, pkey, EVP_sha256())) 468 errx(1, "X509_REQ_sign"); 469 if ((dersz = i2d_X509_REQ(xr, &der)) <= 0) 470 errx(1, "i2d_X509_REQ"); 471 472 /* test X509_REQ_add_extensions */ 473 x509_req_setup(&der, &der2, &ar, dersz, &der2sz); 474 if ((aos = ASN1_OCTET_STRING_new()) == NULL) 475 err(1, NULL); 476 ASN1_OCTET_STRING_set(aos, (unsigned char *)"DNS: test.nl", 477 strlen("DNS: test.nl")); 478 if ((xe = X509_EXTENSION_new()) == NULL) 479 err(1, NULL); 480 if (!X509_EXTENSION_create_by_NID(&xe, NID_subject_alt_name, 0, aos)) 481 errx(1, "X509_EXTENSION_create_by_NID"); 482 if ((exts = sk_X509_EXTENSION_new_null()) == NULL) 483 errx(1, "sk_X509_EXTENSION_new_null"); 484 sk_X509_EXTENSION_push(exts, xe); 485 if (!X509_REQ_add_extensions(ar, exts)) 486 errx(1, "X509_REQ_add_extensions"); 487 failed |= x509_req_compare("X509_REQ_add_extensions", ar, der2, der2sz); 488 x509_req_cleanup(&ar, &der2); 489 490 /* test X509_REQ_add1_attr */ 491 x509_req_setup(&der, &der2, &ar, dersz, &der2sz); 492 if ((coid = OBJ_nid2obj(NID_pkcs7_data)) == NULL) 493 errx(1, "OBJ_nid2obj"); 494 if ((xa = X509_ATTRIBUTE_create(NID_pkcs9_contentType, V_ASN1_OBJECT, 495 coid)) == NULL) 496 errx(1, "X509_ATTRIBUTE_create"); 497 if (!X509_REQ_add1_attr(ar, xa)) 498 errx(1, "X509_REQ_add1_attr"); 499 failed |= x509_req_compare("X509_REQ_add1_attr", ar, der2, der2sz); 500 x509_req_cleanup(&ar, &der2); 501 502 ASN1_OBJECT_free(coid); 503 X509_NAME_free(xn); 504 ASN1_OCTET_STRING_free(aos); 505 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); 506 X509_ATTRIBUTE_free(xa); 507 EVP_PKEY_free(pkey); 508 EVP_PKEY_CTX_free(pkey_ctx); 509 X509_REQ_free(xr); 510 free(der); 511 512 return failed; 513 } 514 515 static const struct testcase { 516 char *data; 517 int len; 518 int len_to_pass; 519 int encode_type; 520 int expected_result; 521 char *expected_string; 522 } testCases[] = { 523 /* should work */ 524 {"fozzie", 6, 80, MBSTRING_ASC, 6, "fozzie"}, 525 /* should work */ 526 {"fozzie", 6, -1, MBSTRING_ASC, 6, ""}, 527 /* should fail, truncation */ 528 {"muppet", 6, 5, MBSTRING_ASC, -1, ""}, 529 /* should fail, contains 0 byte */ 530 {"g\0nzo", 5, 80, MBSTRING_ASC, -1, ""}, 531 /* should fail, can't encode as utf-8 */ 532 {"\x30\x00", 2, 80, V_ASN1_SEQUENCE, -1, ""}, 533 }; 534 535 #define NUM_TEST_CASES (sizeof(testCases) / sizeof(testCases[0])) 536 537 static int 538 test_x509_name_get(void) 539 { 540 int failed = 0; 541 size_t i; 542 543 for (i = 0; i < NUM_TEST_CASES; i++) { 544 const struct testcase *test = testCases + i; 545 X509_NAME_ENTRY *entry = NULL; 546 X509_NAME *name = NULL; 547 char textbuf[80]; 548 int result; 549 550 textbuf[0] = '\0'; 551 if ((name = X509_NAME_new()) == NULL) 552 err(1, "X509_NAME_new"); 553 if ((entry = X509_NAME_ENTRY_new()) == NULL) 554 err(1, "X509_NAME_ENTRY_new"); 555 if (!X509_NAME_ENTRY_set_object(entry, 556 OBJ_nid2obj(NID_commonName))) 557 err(1, "X509_NAME_ENTRY_set_object"); 558 if (!X509_NAME_ENTRY_set_data(entry, test->encode_type, 559 test->data, test->len)) 560 err(1, "X509_NAME_ENTRY_set_data"); 561 if (!X509_NAME_add_entry(name, entry, -1, 0)) 562 err(1, "X509_NAME_add_entry"); 563 if (test->len_to_pass == -1) 564 result = X509_NAME_get_text_by_NID(name, NID_commonName, 565 NULL, 0); 566 else 567 result = X509_NAME_get_text_by_NID(name, NID_commonName, 568 textbuf, test->len_to_pass); 569 if (result != test->expected_result) { 570 fprintf(stderr, 571 "Test %zu X509_GET_text_by_NID returned %d," 572 "expected %d\n", i, result, test->expected_result); 573 failed++; 574 } 575 if (result != -1 && 576 strcmp(test->expected_string, textbuf) != 0) { 577 fprintf(stderr, 578 "Test %zu, X509_GET_text_by_NID returned bytes do" 579 "not match \n", i); 580 failed++; 581 } 582 X509_NAME_ENTRY_free(entry); 583 X509_NAME_free(name); 584 } 585 return failed; 586 } 587 588 int 589 main(void) 590 { 591 int failed = 0; 592 593 failed |= test_x509_setters(); 594 /* failed |= */ test_x509_crl_setters(); 595 /* failed |= */ test_x509_req_setters(); 596 failed |= test_x509_name_get(); 597 598 OPENSSL_cleanup(); 599 600 return failed; 601 } 602