VirtualBox

source: vbox/trunk/src/VBox/Runtime/testcase/tstHttp.cpp@ 45339

最後變更 在這個檔案從45339是 45339,由 vboxsync 提交於 12 年 前

Runtime/http: check the digest of the downloaded certificates
  • 屬性 svn:eol-style 設為 native
  • 屬性 svn:keywords 設為 Author Date Id Revision
檔案大小: 7.9 KB
 
1/* $Id: tstHttp.cpp 45339 2013-04-04 14:54:50Z vboxsync $ */
2/** @file
3 * IPRT Testcase - Simple cURL testcase.
4 */
5
6/*
7 * Copyright (C) 2012-2013 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.alldomusa.eu.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * The contents of this file may alternatively be used under the terms
18 * of the Common Development and Distribution License Version 1.0
19 * (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20 * VirtualBox OSE distribution, in which case the provisions of the
21 * CDDL are applicable instead of those of the GPL.
22 *
23 * You may elect to license modified versions of this file under the
24 * terms and conditions of either the GPL or the CDDL or both.
25 */
26
27/*******************************************************************************
28* Header Files *
29*******************************************************************************/
30#include <iprt/err.h>
31#include <iprt/http.h>
32#include <iprt/mem.h>
33#include <iprt/file.h>
34#include <iprt/stream.h>
35#include <iprt/string.h>
36#include <iprt/initterm.h>
37
38#define CAFILE_NAME "tstHttp-tempcafile.crt"
39
40int main()
41{
42 unsigned cErrors = 0;
43
44 RTR3InitExeNoArguments(RTR3INIT_FLAGS_SUPLIB);
45
46 RTHTTP hHttp;
47 int rc = RTHttpCreate(&hHttp);
48 char *pszBuf = NULL;
49 PRTSTREAM CAFile = NULL;
50
51 // create certificate file
52 rc = RTStrmOpen(CAFILE_NAME, "w+b", &CAFile);
53
54 // fetch root CA certificate (new one, often avoided in cert chains by
55 // using an intermediate cert which is signed by old root)
56 if (RT_SUCCESS(rc))
57 rc = RTHttpGet(hHttp,
58 "http://www.verisign.com/repository/roots/root-certificates/PCA-3G5.pem",
59 &pszBuf);
60 if (RT_SUCCESS(rc) && pszBuf)
61 {
62 uint8_t *abSha1;
63 size_t cbSha1;
64 uint8_t *abSha512;
65 size_t cbSha512;
66 const uint8_t abSha1PCA3G5[] =
67 {
68 0x4e, 0xb6, 0xd5, 0x78, 0x49, 0x9b, 0x1c, 0xcf, 0x5f, 0x58,
69 0x1e, 0xad, 0x56, 0xbe, 0x3d, 0x9b, 0x67, 0x44, 0xa5, 0xe5
70 };
71 const uint8_t abSha512PCA3G5[] =
72 {
73 0xd4, 0xf8, 0x10, 0x54, 0x72, 0x77, 0x0a, 0x2d,
74 0xe3, 0x17, 0xb3, 0xcf, 0xed, 0x61, 0xae, 0x5c,
75 0x5d, 0x3e, 0xde, 0xa1, 0x41, 0x35, 0xb2, 0xdf,
76 0x60, 0xe2, 0x61, 0xfe, 0x3a, 0xc1, 0x66, 0xa3,
77 0x3c, 0x88, 0x54, 0x04, 0x4f, 0x1d, 0x13, 0x46,
78 0xe3, 0x8c, 0x06, 0x92, 0x9d, 0x70, 0x54, 0xc3,
79 0x44, 0xeb, 0x2c, 0x74, 0x25, 0x9e, 0x5d, 0xfb,
80 0xd2, 0x6b, 0xa8, 0x9a, 0xf0, 0xb3, 0x6a, 0x01
81 };
82 rc = RTHttpCertDigest(hHttp, pszBuf, strlen(pszBuf),
83 &abSha1, &cbSha1, &abSha512, &cbSha512);
84 if (RT_SUCCESS(rc))
85 {
86 if (cbSha1 != sizeof(abSha1PCA3G5))
87 {
88 RTPrintf("Wrong SHA1 digest size of PCA-3G5\n");
89 rc = VERR_INTERNAL_ERROR;
90 }
91 else if (memcmp(abSha1PCA3G5, abSha1, cbSha1))
92 {
93 RTPrintf("Wrong SHA1 digest for PCA-3G5:\n"
94 "Got: %.*Rhxs\n"
95 "Expected: %.*Rhxs\n",
96 cbSha1, abSha1, sizeof(abSha1PCA3G5), abSha1PCA3G5);
97 rc = VERR_INTERNAL_ERROR;
98 }
99 if (cbSha512 != sizeof(abSha512PCA3G5))
100 {
101 RTPrintf("Wrong SHA512 digest size of PCA-3G5\n");
102 rc = VERR_INTERNAL_ERROR;
103 }
104 else if (memcmp(abSha512PCA3G5, abSha512, cbSha512))
105 {
106 RTPrintf("Wrong SHA512 digest for PCA-3G5:\n"
107 "Got: %.*Rhxs\n"
108 "Expected: %.*Rhxs\n",
109 cbSha512, abSha512, sizeof(abSha512PCA3G5), abSha512PCA3G5);
110 rc = VERR_INTERNAL_ERROR;
111 }
112 RTMemFree(abSha1);
113 RTMemFree(abSha512);
114 if (RT_SUCCESS(rc))
115 rc = RTStrmWrite(CAFile, pszBuf, strlen(pszBuf));
116 if (RT_SUCCESS(rc))
117 rc = RTStrmWrite(CAFile, RTFILE_LINEFEED, strlen(RTFILE_LINEFEED));
118 }
119 }
120 if (pszBuf)
121 {
122 RTMemFree(pszBuf);
123 pszBuf = NULL;
124 }
125
126 // fetch root CA certificate (old one, but still very widely used)
127 if (RT_SUCCESS(rc))
128 rc = RTHttpGet(hHttp,
129 "http://www.verisign.com/repository/roots/root-certificates/PCA-3.pem",
130 &pszBuf);
131 if (RT_SUCCESS(rc) && pszBuf)
132 {
133 uint8_t *abSha1;
134 size_t cbSha1;
135 uint8_t *abSha512;
136 size_t cbSha512;
137 const uint8_t abSha1PCA3[] =
138 {
139 0xa1, 0xdb, 0x63, 0x93, 0x91, 0x6f, 0x17, 0xe4, 0x18, 0x55,
140 0x09, 0x40, 0x04, 0x15, 0xc7, 0x02, 0x40, 0xb0, 0xae, 0x6b
141 };
142 const uint8_t abSha512PCA3[] =
143 {
144 0xbb, 0xf7, 0x8a, 0x19, 0x9f, 0x37, 0xee, 0xa2,
145 0xce, 0xc8, 0xaf, 0xe3, 0xd6, 0x22, 0x54, 0x20,
146 0x74, 0x67, 0x6e, 0xa5, 0x19, 0xb7, 0x62, 0x1e,
147 0xc1, 0x2f, 0xd5, 0x08, 0xf4, 0x64, 0xc4, 0xc6,
148 0xbb, 0xc2, 0xf2, 0x35, 0xe7, 0xbe, 0x32, 0x0b,
149 0xde, 0xb2, 0xfc, 0x44, 0x92, 0x5b, 0x8b, 0x9b,
150 0x77, 0xa5, 0x40, 0x22, 0x18, 0x12, 0xcb, 0x3d,
151 0x0a, 0x67, 0x83, 0x87, 0xc5, 0x45, 0xc4, 0x99
152 };
153 rc = RTHttpCertDigest(hHttp, pszBuf, strlen(pszBuf),
154 &abSha1, &cbSha1, &abSha512, &cbSha512);
155 if (RT_SUCCESS(rc))
156 {
157 if (cbSha1 != sizeof(abSha1PCA3))
158 {
159 RTPrintf("Wrong SHA1 digest size of PCA-3\n");
160 rc = VERR_INTERNAL_ERROR;
161 }
162 else if (memcmp(abSha1PCA3, abSha1, cbSha1))
163 {
164 RTPrintf("Wrong SHA1 digest for PCA-3:\n"
165 "Got: %.*Rhxs\n"
166 "Expected: %.*Rhxs\n",
167 cbSha1, abSha1, sizeof(abSha1PCA3), abSha1PCA3);
168 rc = VERR_INTERNAL_ERROR;
169 }
170 if (cbSha512 != sizeof(abSha512PCA3))
171 {
172 RTPrintf("Wrong SHA512 digest size of PCA-3\n");
173 rc = VERR_INTERNAL_ERROR;
174 }
175 else if (memcmp(abSha512PCA3, abSha512, cbSha512))
176 {
177 RTPrintf("Wrong SHA512 digest for PCA-3:\n"
178 "Got: %.*Rhxs\n"
179 "Expected: %.*Rhxs\n",
180 cbSha512, abSha512, sizeof(abSha512PCA3), abSha512PCA3);
181 rc = VERR_INTERNAL_ERROR;
182 }
183 RTMemFree(abSha1);
184 RTMemFree(abSha512);
185 if (RT_SUCCESS(rc))
186 rc = RTStrmWrite(CAFile, pszBuf, strlen(pszBuf));
187 if (RT_SUCCESS(rc))
188 rc = RTStrmWrite(CAFile, RTFILE_LINEFEED, strlen(RTFILE_LINEFEED));
189 }
190 }
191 if (pszBuf)
192 {
193 RTMemFree(pszBuf);
194 pszBuf = NULL;
195 }
196
197 // close certificate file
198 if (CAFile)
199 {
200 RTStrmClose(CAFile);
201 CAFile = NULL;
202 }
203
204 if (RT_SUCCESS(rc))
205 rc = RTHttpSetCAFile(hHttp, CAFILE_NAME);
206
207 if (RT_SUCCESS(rc))
208 rc = RTHttpGet(hHttp,
209 "https://update.virtualbox.org/query.php?platform=LINUX_32BITS_UBUNTU_12_04&version=4.1.18",
210 &pszBuf);
211 RTHttpDestroy(hHttp);
212
213 if (RT_FAILURE(rc))
214 cErrors++;
215
216 if (RT_FAILURE(rc))
217 RTPrintf("Error code: %Rrc\n", rc);
218 else
219 RTPrintf("Success!\n");
220 RTPrintf("Got: %s\n", pszBuf);
221 RTMemFree(pszBuf);
222
223// RTFileDelete(CAFILE_NAME);
224
225 return !!cErrors;
226}
注意: 瀏覽 TracBrowser 來幫助您使用儲存庫瀏覽器

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette