diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-10-31 10:08:00 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-11-09 23:02:47 +0100 |
commit | 77f6de42a5beeec09599dfa5f9e5574725bd8cbf (patch) | |
tree | d342b75d90ff7281fda93e84069b37ff989c31fd | |
parent | 470ade2a99ec5bcfb1b191b175bc1943aa50f359 (diff) | |
download | gnutls-77f6de42a5beeec09599dfa5f9e5574725bd8cbf.tar.gz |
Added check with the invalid crq sent by Sean Burford
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | tests/cert-tests/Makefile.am | 8 | ||||
-rwxr-xr-x | tests/cert-tests/crq | 41 | ||||
-rw-r--r-- | tests/cert-tests/csr-invalid.der | bin | 0 -> 303 bytes |
4 files changed, 48 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac index badd4d02db..a591e98876 100644 --- a/configure.ac +++ b/configure.ac @@ -376,6 +376,7 @@ AC_ARG_ENABLE(non-suiteb-curves, if [ test "$enable_non_suiteb" = "yes" ];then AC_DEFINE([ENABLE_NON_SUITEB_CURVES], 1, [Enable all curves]) fi +AM_CONDITIONAL(ENABLE_NON_SUITEB_CURVES, test "$enable_non_suiteb" = "yes") AM_CONDITIONAL(ENABLE_SELF_CHECKS, test "$enable_self_checks" = "yes") if [ test "$enable_self_checks" = "yes" ];then diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 0d648f36d0..c1d165065a 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -27,12 +27,16 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \ template-overflow.tmpl template-overflow2.pem template-overflow2.tmpl \ template-date.tmpl template-date.pem template-dn-err.tmpl \ template-nc.tmpl template-nc.pem xmpp-othername.pem \ - suppressions.valgrind + suppressions.valgrind csr-invalid.der -dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane +dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane crq TESTS = pathlen aki pem-decoding +if ENABLE_NON_SUITEB_CURVES +TESTS += crq +endif + if !WINDOWS TESTS += template-test endif diff --git a/tests/cert-tests/crq b/tests/cert-tests/crq new file mode 100755 index 0000000000..6deb5a49a6 --- /dev/null +++ b/tests/cert-tests/crq @@ -0,0 +1,41 @@ +#!/bin/sh + +# Copyright (C) 2014 Red Hat, Inc. +# +# Author: Nikos Mavrogiannopoulos +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +#set -e + +srcdir=${srcdir:-.} +CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT} +DIFF=${DIFF:-diff} +if ! test -z "${VALGRIND}";then +VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" +fi + +$VALGRIND $CERTTOOL --inder --crq-info --infile $srcdir/crq-invalid.der >/dev/null 2>&1 +rc=$? + +# We're done. +if test "$rc" != "1"; then + echo "Invalid crq decoding failed" + exit $rc +fi + +exit 0 diff --git a/tests/cert-tests/csr-invalid.der b/tests/cert-tests/csr-invalid.der Binary files differnew file mode 100644 index 0000000000..fb1e744ce9 --- /dev/null +++ b/tests/cert-tests/csr-invalid.der |