summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2014-04-03 20:47:39 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2014-04-03 20:48:24 +0200
commitf8eff0c22d26a06a119e0dd05b5c2ff5e4d27efe (patch)
tree8b66208c7be305cb8c9ec5c2325165ad920a5638
parented096d0b6968858213e93286cecf88ae7bb705af (diff)
downloadgnutls-f8eff0c22d26a06a119e0dd05b5c2ff5e4d27efe.tar.gz
Added self-test for PKCS #8 key conversion and reading
Diffstat
-rw-r--r--configure.ac2
-rw-r--r--tests/Makefile.am2
-rw-r--r--tests/key-tests/Makefile.am (renamed from tests/key-id/Makefile.am)5
-rw-r--r--tests/key-tests/README (renamed from tests/key-id/README)0
-rw-r--r--tests/key-tests/ca-gnutls-keyid.pem (renamed from tests/key-id/ca-gnutls-keyid.pem)0
-rw-r--r--tests/key-tests/ca-no-keyid.pem (renamed from tests/key-id/ca-no-keyid.pem)0
-rw-r--r--tests/key-tests/ca-weird-keyid.pem (renamed from tests/key-id/ca-weird-keyid.pem)0
-rw-r--r--tests/key-tests/key-ca-1234.p810
-rw-r--r--tests/key-tests/key-ca-empty.p810
-rw-r--r--tests/key-tests/key-ca-null.p810
-rw-r--r--tests/key-tests/key-ca.pem (renamed from tests/key-id/key-ca.pem)0
-rwxr-xr-xtests/key-tests/key-id (renamed from tests/key-id/key-id)0
-rw-r--r--tests/key-tests/key-user.pem (renamed from tests/key-id/key-user.pem)0
-rwxr-xr-xtests/key-tests/pkcs8111
14 files changed, 146 insertions, 4 deletions
diff --git a/configure.ac b/configure.ac
index e3bb3c900f..daa9bd9c6a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -742,7 +742,7 @@ AC_CONFIG_FILES([
tests/dtls/Makefile
tests/srp/Makefile
tests/ecdsa/Makefile
- tests/key-id/Makefile
+ tests/key-tests/Makefile
tests/openpgp-certs/Makefile
tests/pkcs1-padding/Makefile
tests/pkcs12-decode/Makefile
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 04bf44770f..2bb033156f 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -20,7 +20,7 @@
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \
- userid cert-tests key-id sha2 safe-renegotiation dsa scripts ecdsa \
+ userid cert-tests key-tests sha2 safe-renegotiation dsa scripts ecdsa \
slow dtls srp
if ENABLE_OPENPGP
diff --git a/tests/key-id/Makefile.am b/tests/key-tests/Makefile.am
index 8f20670b4e..ec0962cc2c 100644
--- a/tests/key-id/Makefile.am
+++ b/tests/key-tests/Makefile.am
@@ -20,11 +20,12 @@
# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
EXTRA_DIST = README key-ca.pem key-user.pem \
- ca-gnutls-keyid.pem ca-no-keyid.pem ca-weird-keyid.pem
+ ca-gnutls-keyid.pem ca-no-keyid.pem ca-weird-keyid.pem \
+ key-ca-1234.p8 key-ca-empty.p8 key-ca-null.p8
dist_check_SCRIPTS = key-id
-TESTS = key-id
+TESTS = key-id pkcs8
TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \
LC_ALL="C" \
diff --git a/tests/key-id/README b/tests/key-tests/README
index 9f1322791d..9f1322791d 100644
--- a/tests/key-id/README
+++ b/tests/key-tests/README
diff --git a/tests/key-id/ca-gnutls-keyid.pem b/tests/key-tests/ca-gnutls-keyid.pem
index fdb7520a48..fdb7520a48 100644
--- a/tests/key-id/ca-gnutls-keyid.pem
+++ b/tests/key-tests/ca-gnutls-keyid.pem
diff --git a/tests/key-id/ca-no-keyid.pem b/tests/key-tests/ca-no-keyid.pem
index 50675e420b..50675e420b 100644
--- a/tests/key-id/ca-no-keyid.pem
+++ b/tests/key-tests/ca-no-keyid.pem
diff --git a/tests/key-id/ca-weird-keyid.pem b/tests/key-tests/ca-weird-keyid.pem
index 6ecfef4231..6ecfef4231 100644
--- a/tests/key-id/ca-weird-keyid.pem
+++ b/tests/key-tests/ca-weird-keyid.pem
diff --git a/tests/key-tests/key-ca-1234.p8 b/tests/key-tests/key-ca-1234.p8
new file mode 100644
index 0000000000..dc6b1daf9a
--- /dev/null
+++ b/tests/key-tests/key-ca-1234.p8
@@ -0,0 +1,10 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBfDAcBgoqhkiG9w0BDAEBMA4ECPvbksad11k/AgIBYASCAVqpBTCoK88VT4i2
+SP14VJrMGLz/QfnwH0MYpfPqCfYKy7GF7mF0LOV4KIG98J0l14R0sgS7666CAxvV
+ByvdGafE77C2NdxoIzVwdC+wXISj8weztvOu8rkHizzouw0UYeoZgvcRg1TO1EUq
+CnFRf4Ksmo47n6Pkz0OsyNFqXZEgC0E5ymu8frQtTlV30UPgzSMiPbP1aK45H7uc
+7ccpXL+bZ1ycYyyVv1WLxHl8G65CUtEcDMMGSnSbSkId4EE2Obmwhy00FfvS4w8o
+BugeBJhFpF8TnyyChoBDzXKerpiY934zNhUuk3B3Ayz2JHLJ6tSCwvdMEKaLDLl5
+4iLxuVNPpavBlIvsq9zHELfVjuYV4ZPEv2eHzEzgyUgtGRdmuL1TvsM3kOG4Beo3
+/9MAiJDmvY3CuzkqfFqdeJd6VzO3Z66Cqydvy3NnlmfpQarE2+6qi7CcQ5tvhW/I
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/key-tests/key-ca-empty.p8 b/tests/key-tests/key-ca-empty.p8
new file mode 100644
index 0000000000..f86433fa65
--- /dev/null
+++ b/tests/key-tests/key-ca-empty.p8
@@ -0,0 +1,10 @@
+-----BEGIN PRIVATE KEY-----
+MIIBVgIBADANBgkqhkiG9w0BAQEFAASCAUAwggE8AgEAAkEAxpQGKKdRJDmxWgFU
+m1DUFwxN36xCAAflcjDciC2CFoDaI0eoRnzIiE8PatK0hpfblIeFNS9R5xwzfmsc
+AAcbuwIDAQABAkA/9SUWqu0jccGBb7REYgAtfDUIuX54bBKmeL5Ozfl8LWoRgKyN
+LADN425xXm6tedNOaxugc0iKDngyfBsvVKdhAiEAy12kK1sWKVx2J1gF6AJrcAyu
+TFB82yLyTV+6FhcRhmUCIQD5+SyPI0fK26dGOfBboQhE0JZ+LKd89aiJmFtg4Kpn
+nwIhAKQL+5xFs9DVlzIRnWIUYZpXgFprKuySeibUK4YaQbbJAiEAqdMq/qPNZngM
+EJ3UOawRXg8H7viPYUnUEoa7rfl0S6kCIQC2sU2pHtU6b2S36aNyx6dTMldpqsWd
+GiD8T2oCOC5T9Q==
+-----END PRIVATE KEY-----
diff --git a/tests/key-tests/key-ca-null.p8 b/tests/key-tests/key-ca-null.p8
new file mode 100644
index 0000000000..e58483e952
--- /dev/null
+++ b/tests/key-tests/key-ca-null.p8
@@ -0,0 +1,10 @@
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIBfDAcBgoqhkiG9w0BDAEBMA4ECOxO+XewS2/+AgIBBQSCAVqE1UFN8VmjMRbS
+BNL/J+bUCtOy/4i14m5MBzCTlPqx/Fs2ecD1VoaLJof0qO/v6YBhGEJeTi2v9Xld
+5mXzUBjCKC7ETdfWkUhzdX2rGc1pe9sMMpNFD3UK92QG5KUBFZ32MBdBmb/RGmNW
+Z3zM6JEZwkTP9drrZRyQSsCTkjRcRODsv6sS+ftWljDteeQaWFDQhxz+kKN7BDpa
+jxYLBoM330OB8wwa4NxPNa9GhtASpxgHuE0crViXh3rR30VF5HNcyQwT3jZW69CB
+szFuV2n53WowjhgkUAXx+EQCxlTREoIX7FxZofl/IVtZNkfzXTZ9MT3yZxW1EDkO
+B2RhEDbEEv1A4k073xmmFZMEP0lDgy+ufLFfDjJZoacq1lcWpySQBbIDCta3s1Tz
+GbPRkJGGAIVa8O+T6O++rcI7o/kRZMr9B3/hvOemFcWxx0RZzMP870x83xLBmcyM
+-----END ENCRYPTED PRIVATE KEY-----
diff --git a/tests/key-id/key-ca.pem b/tests/key-tests/key-ca.pem
index 88e775c78c..88e775c78c 100644
--- a/tests/key-id/key-ca.pem
+++ b/tests/key-tests/key-ca.pem
diff --git a/tests/key-id/key-id b/tests/key-tests/key-id
index 9bad211b26..9bad211b26 100755
--- a/tests/key-id/key-id
+++ b/tests/key-tests/key-id
diff --git a/tests/key-id/key-user.pem b/tests/key-tests/key-user.pem
index e375860987..e375860987 100644
--- a/tests/key-id/key-user.pem
+++ b/tests/key-tests/key-user.pem
diff --git a/tests/key-tests/pkcs8 b/tests/key-tests/pkcs8
new file mode 100755
index 0000000000..05f82c797b
--- /dev/null
+++ b/tests/key-tests/pkcs8
@@ -0,0 +1,111 @@
+#!/bin/sh
+
+# Copyright (C) 2014 Nikos Mavrogiannopoulos
+#
+# This file is part of GnuTLS.
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+srcdir=${srcdir:-.}
+CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT}
+GREP=${GREP:-grep}
+
+# check keys with password
+$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --password "1234" \
+ --outfile tmp-key-ca.p8 2>/dev/null
+
+$GREP "BEGIN ENCRYPTED PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in converting key to PKCS #8 with password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --password "1234" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading PKCS #8 key with password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-1234.p8 --password "1234" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading saved PKCS #8 key with password"
+ exit $rc
+fi
+
+#keys encrypted with empty password
+$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --password "" \
+ --outfile tmp-key-ca.p8 2>/dev/null
+
+$GREP "BEGIN PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in converting key to PKCS #8 with empty password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --password "" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading PKCS #8 key with empty password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-empty.p8 --password "" >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading saved PKCS #8 key with empty password"
+ exit $rc
+fi
+
+#keys encrypted with null password
+$CERTTOOL --to-p8 --load-privkey $srcdir/key-ca.pem --null-password \
+ --outfile tmp-key-ca.p8 2>/dev/null
+
+$GREP "BEGIN ENCRYPTED PRIVATE KEY" tmp-key-ca.p8 >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in converting key to PKCS #8 with null password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca.pem --null-password >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading PKCS #8 key with null password"
+ exit $rc
+fi
+
+$CERTTOOL -k --pkcs8 --infile $srcdir/key-ca-null.p8 --null-password >/dev/null 2>&1
+rc=$?
+# We're done.
+if test "$rc" != "0"; then
+ echo "Error in reading saved PKCS #8 key with null password"
+ exit $rc
+fi
+
+rm -f tmp-key-ca.p8
+
+exit 0
View Lorry Controller Status