tests: added check of GOST cert decoding/printing

This verifies whether our printing functions print the
OID on unknown/unsupported algorithms.

3 files changed, 65 insertions, 1 deletions

diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am
index 38c17217d5..d86458b824 100644
--- a/tests/cert-tests/Makefile.am
+++ b/tests/cert-tests/Makefile.am
@@ -39,7 +39,7 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \
 	template-othername-xmpp.tmpl template-othername-xmpp.pem template-krb5name.tmpl \
 	template-krb5name.pem template-krb5name-full.pem template-test-ecc.key \
 	template-rsa-sha3-256.pem template-rsa-sha3-512.pem template-ecdsa-sha3-256.pem \
-	template-ecdsa-sha3-512.pem name-constraints-ip2.pem chain-md5.pem
+	template-ecdsa-sha3-512.pem name-constraints-ip2.pem chain-md5.pem gost-cert.pem
 
 dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \
 	pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey
diff --git a/tests/cert-tests/gost-cert.pem b/tests/cert-tests/gost-cert.pem
new file mode 100644
index 0000000000..887702393d
--- /dev/null
+++ b/tests/cert-tests/gost-cert.pem
@@ -0,0 +1,46 @@
+X.509 Certificate Information:
+	Version: 3
+	Serial Number (hex): 011f
+	Issuer: C=RU,ST=Russia,L=Moscow,O=SuperPlat,OU=SuperPlat CA,CN=SuperPlat CA 01
+	Validity:
+		Not Before: Fri Aug 17 06:47:36 UTC 2012
+		Not After: Sat Aug 17 06:47:36 UTC 2013
+	Subject: C=RU,ST=Russia,L=Moscow,O=SuperPlat,OU=SuperPlat Terminals,CN=SuperTerm0000001
+	Subject Public Key Algorithm: 1.2.643.2.2.19
+	Extensions:
+		Basic Constraints (not critical):
+			Certificate Authority (CA): FALSE
+		Unknown extension 2.16.840.1.113730.1.13 (not critical):
+			ASCII: ..OpenSSL Generated Certificate
+			Hexdump: 161d4f70656e53534c2047656e657261746564204365727469666963617465
+		Subject Key Identifier (not critical):
+			43fe227895724f4e3a74f264e4fd0b800c082e03
+		Authority Key Identifier (not critical):
+			9875a3b785c1641b23344d9bfbae0c2a256b44eb
+	Signature Algorithm: 1.2.643.2.2.3
+	Signature:
+		8f:37:24:fd:be:f0:37:d9:f3:1a:5c:31:5e:33:ef:35
+		61:93:07:03:3d:4d:e8:2c:1b:39:a2:6c:d4:2f:85:35
+		b2:43:1d:ed:b5:15:45:c7:10:38:41:28:68:29:62:20
+		e6:92:8a:64:34:87:b8:b9:9f:ab:c8:04:6d:26:55:99
+Other Information:
+	SHA1 fingerprint:
+		621f34c4fdd7e93f9b8f18224ba0bcd1c63a4771
+	SHA256 fingerprint:
+		ac6ecf4e7a876edf3e61f538d6061353c2015bfbdf60370492f7404d7f09e13a
+
+-----BEGIN CERTIFICATE-----
+MIICXjCCAgugAwIBAgICAR8wCgYGKoUDAgIDBQAwdDELMAkGA1UEBhMCUlUxDzAN
+BgNVBAgMBlJ1c3NpYTEPMA0GA1UEBwwGTW9zY293MRIwEAYDVQQKDAlTdXBlclBs
+YXQxFTATBgNVBAsMDFN1cGVyUGxhdCBDQTEYMBYGA1UEAwwPU3VwZXJQbGF0IENB
+IDAxMB4XDTEyMDgxNzA2NDczNloXDTEzMDgxNzA2NDczNlowfDELMAkGA1UEBhMC
+UlUxDzANBgNVBAgMBlJ1c3NpYTEPMA0GA1UEBwwGTW9zY293MRIwEAYDVQQKDAlT
+dXBlclBsYXQxHDAaBgNVBAsME1N1cGVyUGxhdCBUZXJtaW5hbHMxGTAXBgNVBAMM
+EFN1cGVyVGVybTAwMDAwMDEwYzAcBgYqhQMCAhMwEgYHKoUDAgIjAQYHKoUDAgIe
+AQNDAARA69rbaWL2GSV1NVaWMSrWRX8d/frrwbVjJerPQKjyNeDYZxgSjTTp3dck
+6fQLx2OjQsu6n+vdyBPQex/iwbJBV6N7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
+AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEP+
+IniVck9OOnTyZOT9C4AMCC4DMB8GA1UdIwQYMBaAFJh1o7eFwWQbIzRNm/uuDCol
+a0TrMAoGBiqFAwICAwUAA0EAjzck/b7wN9nzGlwxXjPvNWGTBwM9TegsGzmibNQv
+hTWyQx3ttRVFxxA4QShoKWIg5pKKZDSHuLmfq8gEbSZVmQ==
+-----END CERTIFICATE-----
diff --git a/tests/cert-tests/pem-decoding b/tests/cert-tests/pem-decoding
index 1087b8b8ef..a539f45af6 100755
--- a/tests/cert-tests/pem-decoding
+++ b/tests/cert-tests/pem-decoding
@@ -113,6 +113,24 @@ if test "${rc}" != "0"; then
 	exit ${rc}
 fi
 
+
+#check whether the cert with GOST parameters is decoded as expected
+${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/gost-cert.pem" >tmp-pem.pem
+rc=$?
+
+if test "${rc}" != "0"; then
+	echo "GOST cert decoding failed 1"
+	exit ${rc}
+fi
+
+${DIFF} tmp-pem.pem gost-cert.pem || ${DIFF} --strip-trailing-cr tmp-pem.pem gost-cert.pem
+rc=$?
+
+if test "${rc}" != "0"; then
+	echo "GOST cert decoding failed 2"
+	exit ${rc}
+fi
+
 rm -f tmp-pem.pem tmp1 tmp2
 
 exit 0