diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-04-13 11:05:19 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-04-13 11:31:33 +0200 |
commit | 5a0be1037990b304519e8df5ae5946369f6cc75f (patch) | |
tree | 94c100f92bf7ccae4f76b5cc8a18277bd5805d19 /tests/cert-tests | |
parent | b5820d619593272daf4223c788f6e17af5079295 (diff) | |
download | gnutls-5a0be1037990b304519e8df5ae5946369f6cc75f.tar.gz |
tests: added check of GOST cert decoding/printing
This verifies whether our printing functions print the
OID on unknown/unsupported algorithms.
Diffstat (limited to 'tests/cert-tests')
-rw-r--r-- | tests/cert-tests/Makefile.am | 2 | ||||
-rw-r--r-- | tests/cert-tests/gost-cert.pem | 46 | ||||
-rwxr-xr-x | tests/cert-tests/pem-decoding | 18 |
3 files changed, 65 insertions, 1 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index 38c17217d5..d86458b824 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -39,7 +39,7 @@ EXTRA_DIST = ca-no-pathlen.pem no-ca-or-pathlen.pem aki-cert.pem \ template-othername-xmpp.tmpl template-othername-xmpp.pem template-krb5name.tmpl \ template-krb5name.pem template-krb5name-full.pem template-test-ecc.key \ template-rsa-sha3-256.pem template-rsa-sha3-512.pem template-ecdsa-sha3-256.pem \ - template-ecdsa-sha3-512.pem name-constraints-ip2.pem chain-md5.pem + template-ecdsa-sha3-512.pem name-constraints-ip2.pem chain-md5.pem gost-cert.pem dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \ pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey diff --git a/tests/cert-tests/gost-cert.pem b/tests/cert-tests/gost-cert.pem new file mode 100644 index 0000000000..887702393d --- /dev/null +++ b/tests/cert-tests/gost-cert.pem @@ -0,0 +1,46 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 011f + Issuer: C=RU,ST=Russia,L=Moscow,O=SuperPlat,OU=SuperPlat CA,CN=SuperPlat CA 01 + Validity: + Not Before: Fri Aug 17 06:47:36 UTC 2012 + Not After: Sat Aug 17 06:47:36 UTC 2013 + Subject: C=RU,ST=Russia,L=Moscow,O=SuperPlat,OU=SuperPlat Terminals,CN=SuperTerm0000001 + Subject Public Key Algorithm: 1.2.643.2.2.19 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): FALSE + Unknown extension 2.16.840.1.113730.1.13 (not critical): + ASCII: ..OpenSSL Generated Certificate + Hexdump: 161d4f70656e53534c2047656e657261746564204365727469666963617465 + Subject Key Identifier (not critical): + 43fe227895724f4e3a74f264e4fd0b800c082e03 + Authority Key Identifier (not critical): + 9875a3b785c1641b23344d9bfbae0c2a256b44eb + Signature Algorithm: 1.2.643.2.2.3 + Signature: + 8f:37:24:fd:be:f0:37:d9:f3:1a:5c:31:5e:33:ef:35 + 61:93:07:03:3d:4d:e8:2c:1b:39:a2:6c:d4:2f:85:35 + b2:43:1d:ed:b5:15:45:c7:10:38:41:28:68:29:62:20 + e6:92:8a:64:34:87:b8:b9:9f:ab:c8:04:6d:26:55:99 +Other Information: + SHA1 fingerprint: + 621f34c4fdd7e93f9b8f18224ba0bcd1c63a4771 + SHA256 fingerprint: + ac6ecf4e7a876edf3e61f538d6061353c2015bfbdf60370492f7404d7f09e13a + +-----BEGIN CERTIFICATE----- +MIICXjCCAgugAwIBAgICAR8wCgYGKoUDAgIDBQAwdDELMAkGA1UEBhMCUlUxDzAN +BgNVBAgMBlJ1c3NpYTEPMA0GA1UEBwwGTW9zY293MRIwEAYDVQQKDAlTdXBlclBs +YXQxFTATBgNVBAsMDFN1cGVyUGxhdCBDQTEYMBYGA1UEAwwPU3VwZXJQbGF0IENB +IDAxMB4XDTEyMDgxNzA2NDczNloXDTEzMDgxNzA2NDczNlowfDELMAkGA1UEBhMC +UlUxDzANBgNVBAgMBlJ1c3NpYTEPMA0GA1UEBwwGTW9zY293MRIwEAYDVQQKDAlT +dXBlclBsYXQxHDAaBgNVBAsME1N1cGVyUGxhdCBUZXJtaW5hbHMxGTAXBgNVBAMM +EFN1cGVyVGVybTAwMDAwMDEwYzAcBgYqhQMCAhMwEgYHKoUDAgIjAQYHKoUDAgIe +AQNDAARA69rbaWL2GSV1NVaWMSrWRX8d/frrwbVjJerPQKjyNeDYZxgSjTTp3dck +6fQLx2OjQsu6n+vdyBPQex/iwbJBV6N7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC +AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFEP+ +IniVck9OOnTyZOT9C4AMCC4DMB8GA1UdIwQYMBaAFJh1o7eFwWQbIzRNm/uuDCol +a0TrMAoGBiqFAwICAwUAA0EAjzck/b7wN9nzGlwxXjPvNWGTBwM9TegsGzmibNQv +hTWyQx3ttRVFxxA4QShoKWIg5pKKZDSHuLmfq8gEbSZVmQ== +-----END CERTIFICATE----- diff --git a/tests/cert-tests/pem-decoding b/tests/cert-tests/pem-decoding index 1087b8b8ef..a539f45af6 100755 --- a/tests/cert-tests/pem-decoding +++ b/tests/cert-tests/pem-decoding @@ -113,6 +113,24 @@ if test "${rc}" != "0"; then exit ${rc} fi + +#check whether the cert with GOST parameters is decoded as expected +${VALGRIND} "${CERTTOOL}" --certificate-info --infile "${srcdir}/gost-cert.pem" >tmp-pem.pem +rc=$? + +if test "${rc}" != "0"; then + echo "GOST cert decoding failed 1" + exit ${rc} +fi + +${DIFF} tmp-pem.pem gost-cert.pem || ${DIFF} --strip-trailing-cr tmp-pem.pem gost-cert.pem +rc=$? + +if test "${rc}" != "0"; then + echo "GOST cert decoding failed 2" + exit ${rc} +fi + rm -f tmp-pem.pem tmp1 tmp2 exit 0 |