summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2014-10-31 10:08:00 +0100
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2014-11-09 23:02:47 +0100
commit77f6de42a5beeec09599dfa5f9e5574725bd8cbf (patch)
treed342b75d90ff7281fda93e84069b37ff989c31fd
parent470ade2a99ec5bcfb1b191b175bc1943aa50f359 (diff)
downloadgnutls-77f6de42a5beeec09599dfa5f9e5574725bd8cbf.tar.gz
Added check with the invalid crq sent by Sean Burford
-rw-r--r--configure.ac1
-rw-r--r--tests/cert-tests/Makefile.am8
-rwxr-xr-xtests/cert-tests/crq41
-rw-r--r--tests/cert-tests/csr-invalid.derbin0 -> 303 bytes
4 files changed, 48 insertions, 2 deletions
diff --git a/configure.ac b/configure.ac
index badd4d02db..a591e98876 100644
--- a/configure.ac
+++ b/configure.ac
@@ -376,6 +376,7 @@ AC_ARG_ENABLE(non-suiteb-curves,
if [ test "$enable_non_suiteb" = "yes" ];then
AC_DEFINE([ENABLE_NON_SUITEB_CURVES], 1, [Enable all curves])
fi
+AM_CONDITIONAL(ENABLE_NON_SUITEB_CURVES, test "$enable_non_suiteb" = "yes")
AM_CONDITIONAL(ENABLE_SELF_CHECKS, test "$enable_self_checks" = "yes")
if [ test "$enable_self_checks" = "yes" ];then
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index 0d648f36d0..c1d165065a 100644
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -27,12 +27,16 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \
template-overflow.tmpl template-overflow2.pem template-overflow2.tmpl \
template-date.tmpl template-date.pem template-dn-err.tmpl \
template-nc.tmpl template-nc.pem xmpp-othername.pem \
- suppressions.valgrind
+ suppressions.valgrind csr-invalid.der
-dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane
+dist_check_SCRIPTS = pathlen aki template-test pem-decoding dane crq
TESTS = pathlen aki pem-decoding
+if ENABLE_NON_SUITEB_CURVES
+TESTS += crq
+endif
+
if !WINDOWS
TESTS += template-test
endif
diff --git a/tests/cert-tests/crq b/tests/cert-tests/crq
new file mode 100755
index 0000000000..6deb5a49a6
--- /dev/null
+++ b/tests/cert-tests/crq
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+# Copyright (C) 2014 Red Hat, Inc.
+#
+# Author: Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+#set -e
+
+srcdir=${srcdir:-.}
+CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
+DIFF=${DIFF:-diff}
+if ! test -z "${VALGRIND}";then
+VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
+fi
+
+$VALGRIND $CERTTOOL --inder --crq-info --infile $srcdir/crq-invalid.der >/dev/null 2>&1
+rc=$?
+
+# We're done.
+if test "$rc" != "1"; then
+ echo "Invalid crq decoding failed"
+ exit $rc
+fi
+
+exit 0
diff --git a/tests/cert-tests/csr-invalid.der b/tests/cert-tests/csr-invalid.der
new file mode 100644
index 0000000000..fb1e744ce9
--- /dev/null
+++ b/tests/cert-tests/csr-invalid.der
Binary files differ