diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-17 11:25:15 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-02-17 17:26:35 +0100 |
| commit | 157c9acfbee456c2eb796f39aafa1b85b0271313 (patch) | |
| tree | 618e46c38b39f5798eb73d64645f83bc0a8f131a | |
| parent | 35873d74bafca36c4cb5c9bf4b828c445d7d18e0 (diff) | |
| download | gnutls-157c9acfbee456c2eb796f39aafa1b85b0271313.tar.gz | |
tests: enhanced test suite to include invalid X509v3 cert
That certificate contains a GeneralizedTime with fractional
seconds.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | tests/cert-tests/Makefile.am | 2 | ||||
| -rwxr-xr-x | tests/cert-tests/cert-sanity | 6 | ||||
| -rw-r--r-- | tests/cert-tests/data/x509-v3-with-fractional-time.pem | 22 |
3 files changed, 29 insertions, 1 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index b53904e95c..3491a77a6f 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -63,7 +63,7 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem data/pkcs7-cat-ca.pem data/pkcs7-cat.p7 data/openssl.p7b data/openssl.p7b.out \ data/openssl-keyid.p7b data/openssl-keyid.p7b.out data/openssl.p12 \ data/openpgp-invalid1.pub data/openpgp-invalid2.pub data/openpgp-invalid3.pub \ - data/x509-v1-with-sid.pem data/x509-v1-with-iid.pem + data/x509-v1-with-sid.pem data/x509-v1-with-iid.pem data/x509-v3-with-fractional-time.pem dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \ pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \ diff --git a/tests/cert-tests/cert-sanity b/tests/cert-tests/cert-sanity index edcefe963c..15e13a122e 100755 --- a/tests/cert-tests/cert-sanity +++ b/tests/cert-tests/cert-sanity @@ -50,6 +50,12 @@ if test "${rc}" != 1; then exit 1 fi +${VALGRIND} "${CERTTOOL}" -i --infile "${srcdir}/data/x509-v3-with-fractional-time.pem" +rc=$? +if test "${rc}" != 1; then + echo "X509v3 certificate with fractional time was accepted" + exit 1 +fi exit 0 diff --git a/tests/cert-tests/data/x509-v3-with-fractional-time.pem b/tests/cert-tests/data/x509-v3-with-fractional-time.pem new file mode 100644 index 0000000000..42cf06f1f1 --- /dev/null +++ b/tests/cert-tests/data/x509-v3-with-fractional-time.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDpTCCAo2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmjELMAkGA1UEBhMCQ04x +EDAOBgNVBAgMB1NoYW5ueGkxDjAMBgNVBAcMBVhpJ2FuMQ8wDQYDVQQKDAZYaWRp +YW4xGzAZBgNVBAsMElNjaG9vbCBvZiBDb21wdXRlcjENMAsGA1UEAwwESUNUVDEs +MCoGCSqGSIb3DQEJARYdY2hlbmNodUBzdHVtYWlsLnhpZGlhbi5lZHUuY24wJBgR +MjAwODA4MDExMDMwMjYuNloYDzIwMjgwODAxMTAzMDI2WjCBijELMAkGA1UEBhMC +Q04xEDAOBgNVBAgMB1NoYW5ueGkxDjAMBgNVBAcMBVhpJ2FuMQ8wDQYDVQQKDAZY +aWRpYW4xCzAJBgNVBAsMAkNTMQ0wCwYDVQQDDARJQ1RUMSwwKgYJKoZIhvcNAQkB +Fh1jaGVuY2h1QHN0dW1haWwueGlkaWFuLmVkdS5jbjCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBANWYbvE9yJNx5lM+uUl7Tv3ZamqTDc0C4gY+VSrU/tjh +d12xaMqaJt42F3u7YQ8QzKOB7e6G/IGLCOIBbJ2smFWO31aSLMNgec6cCSGrkteQ +ehgnKEaLIw6qRjVds7JC0oPbu/Ns54s+ihWX/PqYl40fCEYnR5ONkLyRK4yXs+3T +XC8g4l0iDMLuBF2QmuXC7WlWVperL/1Mwssd3TWwY0BzoGTQxHn2dqoj8LEG99QG +5s6STl6zn6UO5GEK+O/5XqzUl7Kr0V1j9nNbiRr6OeJw4FoEZKu6NzTicJ5bdO42 +KpyP7jEQPzq1HKcYIvGqV66OQPxmyDCU4JmwpQ4EgzcCAwEAATANBgkqhkiG9w0B +AQsFAAOCAQEAVGVUuR7a8ws0x3ahCLISGdjaB6XgnbU6+sQlQbkc2xYIqYy5YKwu +Zuo7cNQD3EdDh0NKEvn9bkW+X4u5DdGt6dfQnv26rsJlO/7HRTKNCl1GL9R0vCsF +bGreIRDczMnUZZhKUtkvUtoy7v78XrmIZ1CLyhoHuDmkYYZa+QAW5ePmf6XYjn/O +P2LdEcL+rXocjs2av3mAbp+v1HEHmLTWSYcpWLNqI6/f/GamUCaNf0QyPI+kfLAD +M0utBSP8JixMxyTokmj4eD7LRuicdxLYfiWVoHrhbKVHjYkFQIV2sWOKqjG2TcoD +ITaPdJKK+bg6tr3jlIlFjdiHy/L+s0svvw== +-----END CERTIFICATE----- |