diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-11-08 22:14:07 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-11-08 22:17:10 +0100 |
| commit | 76c93d23c073ef8b885503b7d28a31ffe2add6d8 (patch) | |
| tree | 1dd2d22a197bc40c5330e516969a7cb1ae9bc96f /tests/ocsp.c | |
| parent | 559a144f6bbcbb611453f82e655dd7438c14d1a7 (diff) | |
| download | gnutls-76c93d23c073ef8b885503b7d28a31ffe2add6d8.tar.gz | |
reindented code
Diffstat (limited to 'tests/ocsp.c')
| -rw-r--r-- | tests/ocsp.c | 2503 |
1 files changed, 1189 insertions, 1314 deletions
diff --git a/tests/ocsp.c b/tests/ocsp.c index 9354897382..7269d9364e 100644 --- a/tests/ocsp.c +++ b/tests/ocsp.c @@ -33,28 +33,27 @@ #include "utils.h" -static time_t mytime (time_t * t) +static time_t mytime(time_t * t) { - time_t then = 1332548220; + time_t then = 1332548220; - if (t) - *t = then; + if (t) + *t = then; - return then; + return then; } /* sample request */ -static void -tls_log_func (int level, const char *str) +static void tls_log_func(int level, const char *str) { - fprintf (stderr, "|<%d>| %s", level, str); + fprintf(stderr, "|<%d>| %s", level, str); } #define REQ1 "\x30\x67\x30\x65\x30\x3e\x30\x3c\x30\x3a\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\x13\x9d\xa0\x9e\xf4\x32\xab\x8f\xe2\x89\x56\x67\xfa\xd0\xd4\xe3\x35\x86\x71\xb9\x04\x14\x5d\xa7\xdd\x70\x06\x51\x32\x7e\xe7\xb6\x6d\xb3\xb5\xe5\xe0\x60\xea\x2e\x4d\xef\x02\x01\x1d\xa2\x23\x30\x21\x30\x1f\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x02\x04\x12\x04\x10\x35\xc5\xe3\x50\xc3\xcf\x04\x33\xcc\x9e\x06\x3a\x9a\x18\x80\xcc" static const gnutls_datum_t req1 = - { (unsigned char *) REQ1, sizeof (REQ1) - 1 }; + { (unsigned char *) REQ1, sizeof(REQ1) - 1 }; #define REQ1INFO \ "OCSP Request Information:\n" \ @@ -79,7 +78,7 @@ static const gnutls_datum_t req1 = #define RESP1 "\x30\x03\x0a\x01\x01" static const gnutls_datum_t resp1 = - { (unsigned char*) RESP1, sizeof (RESP1) - 1 }; + { (unsigned char *) RESP1, sizeof(RESP1) - 1 }; #define RESP1INFO \ "OCSP Response Information:\n" \ @@ -126,1352 +125,1228 @@ static const gnutls_datum_t resp1 = /* cut */ static const gnutls_datum_t resp2 = - { (unsigned char*) RESP2, sizeof (RESP2) - 1 }; + { (unsigned char *) RESP2, sizeof(RESP2) - 1 }; static unsigned char issuer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" - "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" - "b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE\n" - "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u\n" - "Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y\n" - "X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f\n" - "FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc\n" - "4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/\n" - "7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5\n" - "gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr\n" - "K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG\n" - "A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j\n" - "BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw\n" - "FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv\n" - "b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in\n" - "Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n\n" - "1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y\n" - "vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si\n" - "7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa\n" - "Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w=\n" - "-----END CERTIFICATE-----\n"; -const gnutls_datum_t issuer_data = { issuer_pem, sizeof (issuer_pem) }; + "-----BEGIN CERTIFICATE-----\n" + "MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" + "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" + "b290IENBMB4XDTA0MDkxMDEwMDExOFoXDTE5MDkwNzEwMDExOFowRTELMAkGA1UE\n" + "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMTEnN0cm9u\n" + "Z1N3YW4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL/y\n" + "X2LqPVZuWLPIeknK86xhz6ljd3NNhC2z+P1uoCP3sBMuZiZQEjFzhnKcbXxCeo2f\n" + "FnvhOOjrrisSuVkzuu82oxXD3fIkzuS7m9V4E10EZzgmKWIf+WuNRfbgAuUINmLc\n" + "4YGAXBQLPyzpP4Ou48hhz/YQo58Bics6PHy5v34qCVROIXDvqhj91P8g+pS+F21/\n" + "7P+CH2jRcVIEHZtG8M/PweTPQ95dPzpYd2Ov6SZ/U7EWmbMmT8VcUYn1aChxFmy5\n" + "gweVBWlkH6MP+1DeE0/tL5c87xo5KCeGK8Tdqpe7sBRC4pPEEHDQciTUvkeuJ1Pr\n" + "K+1LwdqRxo7HgMRiDw8CAwEAAaOBsjCBrzASBgNVHRMBAf8ECDAGAQH/AgEBMAsG\n" + "A1UdDwQEAwIBBjAdBgNVHQ4EFgQUXafdcAZRMn7ntm2zteXgYOouTe8wbQYDVR0j\n" + "BGYwZIAUXafdcAZRMn7ntm2zteXgYOouTe+hSaRHMEUxCzAJBgNVBAYTAkNIMRkw\n" + "FwYDVQQKExBMaW51eCBzdHJvbmdTd2FuMRswGQYDVQQDExJzdHJvbmdTd2FuIFJv\n" + "b3QgQ0GCAQAwDQYJKoZIhvcNAQELBQADggEBACOSmqEBtBLR9aV3UyCI8gmzR5in\n" + "Lte9aUXXS+qis6F2h2Stf4sN+Nl6Gj7REC6SpfEH4wWdwiUL5J0CJhyoOjQuDl3n\n" + "1Dw3dE4/zqMZdyDKEYTU75TmvusNJBdGsLkrf7EATAjoi/nrTOYPPhSUZvPp/D+Y\n" + "vORJ9Ej51GXlK1nwEB5iA8+tDYniNQn6BD1MEgIejzK+fbiy7braZB1kqhoEr2Si\n" + "7luBSnU912sw494E88a2EWbmMvg2TVHPNzCpVkpNk7kifCiwmw9VldkqYy9y/lCa\n" + "Epyp7lTfKw7cbD04Vk8QJW782L6Csuxkl346b17wmOqn8AZips3tFsuAY3w=\n" + "-----END CERTIFICATE-----\n"; +const gnutls_datum_t issuer_data = { issuer_pem, sizeof(issuer_pem) }; static unsigned char subject_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEIjCCAwqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" - "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" - "b290IENBMB4XDTA5MDgyNzEwNDQ1MVoXDTE0MDgyNjEwNDQ1MVowWjELMAkGA1UE\n" - "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh\n" - "cmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcN\n" - "AQEBBQADggEPADCCAQoCggEBANBdWU+BF7x4lyo+xHnr4UAOU89yQQuT5vdPoXzx\n" - "6kRPsjYAuuktgXR+SaLkQHw/YRgDPSKj5nzmmlOQf/rWRr+8O2q+C92aUICmkNvZ\n" - "Gamo5w2WlOMZ6T5dk2Hv+QM6xT/GzWyVr1dMYu/7tywD1Bw7aW/HqkRESDu6q95V\n" - "Wu+Lzg6XlxCNEez0YsZrN/fC6BL2qzKAqMBbIHFW8OOnh+nEY4IF5AzkZnFrw12G\n" - "I72Z882pw97lyKwZhSz/GMQFBJx+rnNdw5P1IJwTlG5PUdoDCte/Mcr1iiA+zOov\n" - "x55x1GoGxduoXWU5egrf1MtalRf9Pc8Xr4q3WEKTAmsZrVECAwEAAaOCAQYwggEC\n" - "MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQfoamI2WSMtaCiVGQ5\n" - "tPI9dF1ufDBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTEL\n" - "MAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMT\n" - "EnN0cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRjYXJvbEBzdHJvbmdz\n" - "d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u\n" - "b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQC8pqX3KrSzKeul\n" - "GdzydAV4hGwYB3WiB02oJ2nh5MJBu7J0Kn4IVkvLUHSSZhSRxx55tQZfdYqtXVS7\n" - "ZuyG+6rV7sb595SIRwfkLAdjbvv0yZIl4xx8j50K3yMR+9aXW1NSGPEkb8BjBUMr\n" - "F2kjGTOqomo8OIzyI369z9kJrtEhnS37nHcdpewZC1wHcWfJ6wd9wxmz2dVXmgVQ\n" - "L2BjXd/BcpLFaIC4h7jMXQ5FURjnU7K9xSa4T8PpR6FrQhOcIYBXAp94GiM8JqmK\n" - "ZBGUpeP+3cy4i3DV18Kyr64Q4XZlzhZClNE43sgMqiX88dc3znpDzT7T51j+d+9k\n" - "Rf5Z0GOR\n" - "-----END CERTIFICATE-----\n"; -const gnutls_datum_t subject_data = { subject_pem, sizeof (subject_pem) }; + "-----BEGIN CERTIFICATE-----\n" + "MIIEIjCCAwqgAwIBAgIBHTANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n" + "MBcGA1UEChMQTGludXggc3Ryb25nU3dhbjEbMBkGA1UEAxMSc3Ryb25nU3dhbiBS\n" + "b290IENBMB4XDTA5MDgyNzEwNDQ1MVoXDTE0MDgyNjEwNDQ1MVowWjELMAkGA1UE\n" + "BhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xETAPBgNVBAsTCFJlc2Vh\n" + "cmNoMR0wGwYDVQQDFBRjYXJvbEBzdHJvbmdzd2FuLm9yZzCCASIwDQYJKoZIhvcN\n" + "AQEBBQADggEPADCCAQoCggEBANBdWU+BF7x4lyo+xHnr4UAOU89yQQuT5vdPoXzx\n" + "6kRPsjYAuuktgXR+SaLkQHw/YRgDPSKj5nzmmlOQf/rWRr+8O2q+C92aUICmkNvZ\n" + "Gamo5w2WlOMZ6T5dk2Hv+QM6xT/GzWyVr1dMYu/7tywD1Bw7aW/HqkRESDu6q95V\n" + "Wu+Lzg6XlxCNEez0YsZrN/fC6BL2qzKAqMBbIHFW8OOnh+nEY4IF5AzkZnFrw12G\n" + "I72Z882pw97lyKwZhSz/GMQFBJx+rnNdw5P1IJwTlG5PUdoDCte/Mcr1iiA+zOov\n" + "x55x1GoGxduoXWU5egrf1MtalRf9Pc8Xr4q3WEKTAmsZrVECAwEAAaOCAQYwggEC\n" + "MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgOoMB0GA1UdDgQWBBQfoamI2WSMtaCiVGQ5\n" + "tPI9dF1ufDBtBgNVHSMEZjBkgBRdp91wBlEyfue2bbO15eBg6i5N76FJpEcwRTEL\n" + "MAkGA1UEBhMCQ0gxGTAXBgNVBAoTEExpbnV4IHN0cm9uZ1N3YW4xGzAZBgNVBAMT\n" + "EnN0cm9uZ1N3YW4gUm9vdCBDQYIBADAfBgNVHREEGDAWgRRjYXJvbEBzdHJvbmdz\n" + "d2FuLm9yZzA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnN0cm9uZ3N3YW4u\n" + "b3JnL3N0cm9uZ3N3YW4uY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQC8pqX3KrSzKeul\n" + "GdzydAV4hGwYB3WiB02oJ2nh5MJBu7J0Kn4IVkvLUHSSZhSRxx55tQZfdYqtXVS7\n" + "ZuyG+6rV7sb595SIRwfkLAdjbvv0yZIl4xx8j50K3yMR+9aXW1NSGPEkb8BjBUMr\n" + "F2kjGTOqomo8OIzyI369z9kJrtEhnS37nHcdpewZC1wHcWfJ6wd9wxmz2dVXmgVQ\n" + "L2BjXd/BcpLFaIC4h7jMXQ5FURjnU7K9xSa4T8PpR6FrQhOcIYBXAp94GiM8JqmK\n" + "ZBGUpeP+3cy4i3DV18Kyr64Q4XZlzhZClNE43sgMqiX88dc3znpDzT7T51j+d+9k\n" + "Rf5Z0GOR\n" "-----END CERTIFICATE-----\n"; +const gnutls_datum_t subject_data = { subject_pem, sizeof(subject_pem) }; /* For testing verify functions. */ #define BLOG_RESP "\x30\x82\x06\xF8\x0A\x01\x00\xA0\x82\x06\xF1\x30\x82\x06\xED\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x06\xDE\x30\x82\x06\xDA\x30\x82\x01\x25\xA1\x7E\x30\x7C\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x41\x55\x31\x0C\x30\x0A\x06\x03\x55\x04\x08\x13\x03\x4E\x53\x57\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x13\x06\x53\x79\x64\x6E\x65\x79\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x53\x65\x72\x76\x65\x72\x20\x41\x64\x6D\x69\x6E\x69\x73\x74\x72\x61\x74\x69\x6F\x6E\x31\x18\x30\x16\x06\x03\x55\x04\x03\x13\x0F\x6F\x63\x73\x70\x2E\x63\x61\x63\x65\x72\x74\x2E\x6F\x72\x67\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x33\x30\x38\x35\x30\x34\x32\x5A\x30\x66\x30\x64\x30\x3C\x30\x09\x06\x05\x2B\x0E\x03\x02\x1A\x05\x00\x04\x14\xF2\x2A\x62\x16\x93\xA6\xDA\x5A\xD0\xB9\x8D\x3A\x13\x5E\x35\xD1\xEB\x18\x36\x61\x04\x14\x75\xA8\x71\x60\x4C\x88\x13\xF0\x78\xD9\x89\x77\xB5\x6D\xC5\x89\xDF\xBC\xB1\x7A\x02\x03\x00\xBC\xE0\x80\x00\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x33\x30\x37\x32\x30\x34\x39\x5A\xA0\x11\x18\x0F\x32\x30\x31\x32\x30\x31\x31\x35\x30\x38\x35\x30\x34\x32\x5A\xA1\x2A\x30\x28\x30\x26\x06\x09\x2B\x06\x01\x05\x05\x07\x30\x01\x02\x04\x19\x04\x17\x73\x69\xD2\xC5\x6F\xC7\x7E\x2E\xB0\x2F\xCC\xC3\xE2\x80\xD6\x2A\xCE\xD3\xDE\x8F\x27\x1B\xB2\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x3E\x50\x9D\xE9\xA2\xE0\xCA\x33\x88\x9B\x28\x7E\xE7\xA4\xAF\xDA\xBB\x75\x2D\xD9\x66\xA6\xD5\xFA\x17\x56\xC0\x3B\xDD\x74\xB6\x7E\x42\x2C\x28\xD0\x73\x91\x54\x69\xFA\xCF\xD8\xC7\x74\x1C\x5D\xBC\x8E\xCD\xE3\x0E\xD5\x3F\x80\x71\x9C\x95\x53\xC4\xD1\x95\x63\x5D\x72\xCE\xCC\x77\x9D\x7C\xAD\x47\x3F\x34\xDA\x90\x80\xC5\x15\xE1\x2B\xEE\x98\x57\xA3\xA7\x9F\xA2\xC3\xF5\x5E\xF7\x13\x26\x52\xDA\x09\x38\x5B\x18\x91\x07\x38\xCF\x09\xDA\x08\xED\x80\x4F\x26\x3A\xB9\xBE\xF6\xED\x65\x3F\xB1\x3A\x6D\xA3\x87\x22\xA3\x2A\xA5\x99\xCC\x06\xF3\x5A\xD5\x34\xFB\x9E\x32\x28\xC3\x3E\xF4\xAF\x33\x02\xCF\x6A\x74\x73\x17\x24\x17\x41\x0D\x7E\x86\x79\x83\x34\xE8\x82\x0A\x0D\x21\xED\xCB\x3B\xB7\x31\x64\xC9\xB6\x1E\xC7\x0C\x75\xCE\xBA\xB7\xDC\xB2\x67\x96\x2B\xAD\xBF\x86\x22\x81\x54\x66\xBA\x68\x89\xD7\x7E\x35\x60\x93\xEC\x6B\xD8\x59\x23\xA0\xD0\x95\x55\x8F\x93\x52\x48\x4E\x48\xCB\x92\xE9\x67\x71\x60\x07\xC9\xA3\x3B\xAC\xD1\xEA\x5B\x71\xDB\xC1\x94\x79\x85\x55\x8C\x03\x61\x9E\xC7\xD6\x32\x40\xFA\xDD\xF6\xC9\xF8\xE0\xFF\x4D\xAC\x54\xED\x61\xFE\xB2\xA0\x82\x04\x99\x30\x82\x04\x95\x30\x82\x04\x91\x30\x82\x02\x79\xA0\x03\x02\x01\x02\x02\x03\x00\xDC\xA6\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x30\x54\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x43\x41\x63\x65\x72\x74\x2E\x6F\x72\x67\x31\x1C\x30\x1A\x06\x03\x55\x04\x03\x13\x13\x43\x41\x63\x65\x72\x74\x20\x43\x6C\x61\x73\x73\x20\x33\x20\x52\x6F\x6F\x74\x30\x1E\x17\x0D\x31\x31\x30\x38\x32\x33\x30\x30\x30\x38\x33\x37\x5A\x17\x0D\x31\x33\x30\x38\x32\x32\x30\x30\x30\x38\x33\x37\x5A\x30\x7C\x31\x0B\x30\x09\x06\x03\x55\x04\x06\x13\x02\x41\x55\x31\x0C\x30\x0A\x06\x03\x55\x04\x08\x13\x03\x4E\x53\x57\x31\x0F\x30\x0D\x06\x03\x55\x04\x07\x13\x06\x53\x79\x64\x6E\x65\x79\x31\x14\x30\x12\x06\x03\x55\x04\x0A\x13\x0B\x43\x41\x63\x65\x72\x74\x20\x49\x6E\x63\x2E\x31\x1E\x30\x1C\x06\x03\x55\x04\x0B\x13\x15\x53\x65\x72\x76\x65\x72\x20\x41\x64\x6D\x69\x6E\x69\x73\x74\x72\x61\x74\x69\x6F\x6E\x31\x18\x30\x16\x06\x03\x55\x04\x03\x13\x0F\x6F\x63\x73\x70\x2E\x63\x61\x63\x65\x72\x74\x2E\x6F\x72\x67\x30\x82\x01\x22\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x01\x05\x00\x03\x82\x01\x0F\x00\x30\x82\x01\x0A\x02\x82\x01\x01\x00\x9C\xC6\xD4\x6F\xE4\x23\xC7\xC3\x70\x4B\x75\x1F\xE4\xFC\xAE\xF6\x62\xC4\x60\xA1\xD6\xCF\xF9\x47\x40\x38\xD9\xAF\x06\xF5\xB3\x87\x09\xBA\x07\xC8\x7A\x3B\xE3\x3A\xE2\xC1\x6B\xDB\x0E\x9B\x7B\xB4\x98\x04\x40\x88\xC8\xE4\x20\x34\x9D\x5F\x94\xAE\x0C\xA0\x05\xA1\x74\x10\x3F\x1F\x93\x6D\xC5\xA0\xCE\x29\xB0\x2A\x03\x6E\xED\x3B\xD1\x9A\x7A\xF7\x0F\xA7\xB7\x39\xD7\xC3\xB4\xDE\x15\x67\x94\xF2\xEF\xB0\xDD\x5F\xE3\xC9\xD8\xD2\x34\x0E\x5D\x44\xDF\xBF\x99\xD8\x5E\x60\xF4\x39\x24\x8A\xFD\x5D\xC8\x46\x8D\x0A\xB1\x60\x7A\x4F\xD5\x27\x30\x60\x9E\x13\x06\xF8\x3A\xAA\xB3\xBB\x33\x34\x6F\x84\x81\x7E\x5C\xCC\x12\x89\xF2\xFE\x6E\x93\x83\xFA\x8B\xEE\xAB\x36\x4C\xB6\x40\xA9\xEE\xFB\xF8\x16\x5A\x55\xD1\x64\x0D\x49\xDA\x04\xDE\xD1\xC8\xCA\xEE\x5F\x24\xB1\x79\x78\xB3\x9A\x88\x13\xDD\x68\x51\x39\xE9\x68\x31\xAF\xD7\xF8\x4D\x35\x6D\x60\x58\x04\x42\xBB\x55\x92\x18\xF6\x98\x01\xA5\x74\x3B\xBC\x36\xDB\x20\x68\x18\xB8\x85\xD4\x8B\x6D\x30\x87\x4D\xD6\x33\x2D\x7A\x54\x36\x1D\x57\x42\x14\x5C\x7A\x62\x74\xD5\x1E\x2B\xD5\xBF\x04\xF3\xFF\xEC\x03\xC1\x02\x03\x01\x00\x01\xA3\x44\x30\x42\x30\x0C\x06\x03\x55\x1D\x13\x01\x01\xFF\x04\x02\x30\x00\x30\x27\x06\x03\x55\x1D\x25\x04\x20\x30\x1E\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x02\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x01\x06\x08\x2B\x06\x01\x05\x05\x07\x03\x09\x30\x09\x06\x03\x55\x1D\x11\x04\x02\x30\x00\x30\x0D\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x01\x05\x05\x00\x03\x82\x02\x01\x00\x50\xDD\x63\xB7\x1A\x6F\x91\x4C\xE8\x7F\x82\x1A\x27\x04\x81\x05\xBB\xA6\x69\xAC\x41\x7B\x62\xFC\x4B\x08\xDC\x60\xCF\xB2\x5A\xF1\xB4\xB5\x27\x69\x6B\x12\xE4\x07\xC8\x16\xCE\x3B\x42\xCC\x02\x90\x66\x0E\x79\xB8\x6C\x4B\x90\x00\xC5\x66\x64\x92\x2B\x2B\x48\x0E\x84\xC2\x6D\xBF\xA5\xDE\x16\xE3\xBD\x19\xF5\x5C\x93\xA1\x86\x7F\xD9\x89\x78\x6A\x3F\x83\xF0\xAA\xF8\xEA\x1D\xA4\x13\xF7\x2A\x15\x4C\x51\x9C\xC4\xB0\xBE\x58\x66\xCF\x4C\x6C\x3D\x31\xE5\xF9\x54\x21\xCD\xA1\x30\x01\x6A\xB3\x1A\x48\x85\x34\x93\xB8\xF9\x15\x19\x48\x34\x8D\x73\xE7\x03\x50\xAF\xDE\x50\xC7\x62\xAF\x25\x22\x2B\xF6\xE8\x37\x2E\xE4\x71\xA9\x5C\x26\xEA\x79\xCB\x04\x29\x73\x6B\x8F\xDF\x1F\x5C\x41\x52\xC0\x36\xAA\xD7\x7D\x8E\x44\x54\x98\x06\x4C\x63\xA6\x0B\x01\x94\x5D\x0C\x5C\xD4\xCF\xCB\x0B\x7B\x2D\x56\xCC\xBF\x97\x7F\x15\x24\x1D\xBA\xEA\xB7\x97\xB0\x32\xAD\xFC\xEA\x6D\x94\x39\x7A\xE3\x25\x54\xFC\x4A\xF5\x3D\xBD\x2E\xD5\x31\x07\x49\x24\xCC\x92\x69\x0E\x79\xB9\xDF\xDB\x36\xBF\x04\x44\x15\xD0\x46\x99\x8C\xD2\x4C\x94\x38\x0E\x10\x64\x13\xAB\xD9\x1B\x54\x02\x31\x56\x20\xEE\x69\x95\xDF\x39\xBB\xE9\xA7\x6D\xC3\x23\x86\x0B\xD6\x34\x40\x37\xC3\xD4\x41\xA8\x2E\x71\x1D\x6E\x5B\xD7\xC5\x9F\x2A\xE6\x02\x80\xAE\x0A\x28\x69\x63\x4B\x89\x2E\xBD\x4F\x42\x58\xFB\x86\x9A\xA2\x18\xDC\xC6\x32\xC1\x46\xBA\x28\xD2\x8B\xCE\x56\x63\x04\x80\x51\x51\x39\x00\x3B\x00\xB9\x5F\x67\xFA\x90\x1E\xDA\x76\xB5\x31\xA5\xBD\x11\xD2\x5F\xDA\x5D\xD5\xF7\xEE\xAB\xC0\x62\x74\x60\x47\x32\x42\xFD\xB2\x2E\x04\x3A\x2E\xF2\xC8\xB3\x41\xA3\xBD\xFE\x94\x5F\xEF\x6E\xD7\x92\x7C\x1D\x04\xF0\xC6\x53\x8E\x46\xDC\x30\x3A\x35\x5F\x1A\x4B\xEA\x3B\x00\x8B\x97\xB5\xB9\xCE\x71\x6E\x5C\xD5\xA0\x0B\xB1\x33\x08\x89\x61\x23\xCF\x97\x9F\x8F\x9A\x50\xB5\xEC\xCE\x40\x8D\x82\x95\x8B\x79\x26\x66\xF3\xF4\x70\xD8\xEE\x58\xDD\x75\x29\xD5\x6A\x91\x51\x7A\x17\xBC\x4F\xD4\xA3\x45\x7B\x84\xE7\xBE\x69\x53\xC1\xE2\x5C\xC8\x45\xA0\x3A\xEC\xDF\x8A\x1E\xC1\x18\x84\x8B\x7A\x4E\x4E\x9E\x3A\x26\xFE\x5D\x22\xD4\xC5\x14\xBE\xEE\x06\xEB\x05\x4A\x66\xC9\xA4\xB3\x68\x04\xB0\x5D\x25\x54\xB3\x05\xED\x41\xF0\x65\x69\x6D\xA5\x4E\xB7\x97\xD8\xD8\xF5" static const gnutls_datum_t blog_resp = - { (unsigned char*) BLOG_RESP, sizeof (BLOG_RESP) - 1 }; + { (unsigned char *) BLOG_RESP, sizeof(BLOG_RESP) - 1 }; static unsigned char blog_cert_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIE8DCCAtigAwIBAgIDALzgMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" - "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" - "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTAxMTE2MjI1MjMzWhcNMTIxMTE1\n" - "MjI1MjMzWjAdMRswGQYDVQQDExJibG9nLmpvc2Vmc3Nvbi5vcmcwggEiMA0GCSqG\n" - "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBKA6bm/Kip0i00vU+BOmUF2MBDTwps41c\n" - "xKN5bDn7usWZj8loi6BHRPE2WzCVPnPRD1FJXBc4rXL8zZWrCRe1b4A+l8NjPN2o\n" - "uUgJvYLXYQ2hXkvxlPBQPKNOudaOAVsahpyxk6g6Z3mskOfqPhxvjutHvMC4fOsJ\n" - "1+FstMzvg5SpDd4uYM9m0UK8pbEUSuwW+fxyWqhciSi7kJtdrD6bwx3ub3t9GFkM\n" - "9uTzImIslTq19w8AHQsTICNnmNwfUGF5XMUIuxun0HlFt2KUP5G3Qg9Cd18wZFql\n" - "RQJvLA3nbVFtmN3M3yKXnGSsEn38ZJvC+UxFuSfYJN9UwgoG6gwhAgMBAAGjggEA\n" - "MIH9MAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMB\n" - "BglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0PBAQDAgWgMDMGCCsGAQUFBwEB\n" - "BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wdQYDVR0R\n" - "BG4wbIISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJsb2cuam9z\n" - "ZWZzc29uLm9yZ4ISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJs\n" - "b2cuam9zZWZzc29uLm9yZzANBgkqhkiG9w0BAQUFAAOCAgEACQX0KziT81G0XJ4C\n" - "SlVumGN0KcVPDjtiUYskMpUvyLF951Q4Uuih0Aa9c0LynyZq8yqr6sW5OTmnRfSU\n" - "DuUK5IH+IPq5PU7qteQSIy+63yjMQ+1wye1zfCWI+MyaS54AOn6uZObsr4grq41i\n" - "sTwnX8OF/z15dQBjDR18WoehsnbuMz3Ld7+w5UcVWRGDzTyZ7JrYisEywQ7TXcoK\n" - "1IlhD1TqwFucH7lIr4mPWNjL7Nw0sw11HN0Syt9H3upcq6lqyEI0ygfNZ9cdxvmX\n" - "WqOBxxLc6G/87G4nGW4jw3WrCX7LqSmChlR3SbEC1UhWpaQMQ+mOU5+vXon7blRV\n" - "zGJ/1wK8mKu3fKw9rm5TQ1xfJuRABbzsD3BrrUaHlREQQ+i6SCPVFGer6oeAaxyv\n" - "so0NCbmBQkcpmUUl0COIR/Lh/YT78PjIEfxaUnUlaZXvCbKPKP2cM8LY7ltEaTgJ\n" - "4W6sZi3QNFySzd4sz7J/YhY/jGjqku7TfpN/GOheW8AzKTBlm3WLps1YXys4TKrB\n" - "0RStfaPfRJI1PeSlrWl6+kQu/5O8WA8NK0JZ/0Jc4d5LNrtUXo4VU9XCthrxLkgL\n" - "3XWgZKFrqJd1UeJJ7OvkRYfI1c5i4oAP5ksuF0SHTpqnXE8K39kUnUx3B+ItJlZP\n" - "VXTFhXRc06QwYqYXuYSAmj7/GJk=\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIE8DCCAtigAwIBAgIDALzgMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" + "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" + "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTAxMTE2MjI1MjMzWhcNMTIxMTE1\n" + "MjI1MjMzWjAdMRswGQYDVQQDExJibG9nLmpvc2Vmc3Nvbi5vcmcwggEiMA0GCSqG\n" + "SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBKA6bm/Kip0i00vU+BOmUF2MBDTwps41c\n" + "xKN5bDn7usWZj8loi6BHRPE2WzCVPnPRD1FJXBc4rXL8zZWrCRe1b4A+l8NjPN2o\n" + "uUgJvYLXYQ2hXkvxlPBQPKNOudaOAVsahpyxk6g6Z3mskOfqPhxvjutHvMC4fOsJ\n" + "1+FstMzvg5SpDd4uYM9m0UK8pbEUSuwW+fxyWqhciSi7kJtdrD6bwx3ub3t9GFkM\n" + "9uTzImIslTq19w8AHQsTICNnmNwfUGF5XMUIuxun0HlFt2KUP5G3Qg9Cd18wZFql\n" + "RQJvLA3nbVFtmN3M3yKXnGSsEn38ZJvC+UxFuSfYJN9UwgoG6gwhAgMBAAGjggEA\n" + "MIH9MAwGA1UdEwEB/wQCMAAwNAYDVR0lBC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMB\n" + "BglghkgBhvhCBAEGCisGAQQBgjcKAwMwCwYDVR0PBAQDAgWgMDMGCCsGAQUFBwEB\n" + "BCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2FjZXJ0Lm9yZy8wdQYDVR0R\n" + "BG4wbIISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJsb2cuam9z\n" + "ZWZzc29uLm9yZ4ISYmxvZy5qb3NlZnNzb24ub3JnoCAGCCsGAQUFBwgFoBQMEmJs\n" + "b2cuam9zZWZzc29uLm9yZzANBgkqhkiG9w0BAQUFAAOCAgEACQX0KziT81G0XJ4C\n" + "SlVumGN0KcVPDjtiUYskMpUvyLF951Q4Uuih0Aa9c0LynyZq8yqr6sW5OTmnRfSU\n" + "DuUK5IH+IPq5PU7qteQSIy+63yjMQ+1wye1zfCWI+MyaS54AOn6uZObsr4grq41i\n" + "sTwnX8OF/z15dQBjDR18WoehsnbuMz3Ld7+w5UcVWRGDzTyZ7JrYisEywQ7TXcoK\n" + "1IlhD1TqwFucH7lIr4mPWNjL7Nw0sw11HN0Syt9H3upcq6lqyEI0ygfNZ9cdxvmX\n" + "WqOBxxLc6G/87G4nGW4jw3WrCX7LqSmChlR3SbEC1UhWpaQMQ+mOU5+vXon7blRV\n" + "zGJ/1wK8mKu3fKw9rm5TQ1xfJuRABbzsD3BrrUaHlREQQ+i6SCPVFGer6oeAaxyv\n" + "so0NCbmBQkcpmUUl0COIR/Lh/YT78PjIEfxaUnUlaZXvCbKPKP2cM8LY7ltEaTgJ\n" + "4W6sZi3QNFySzd4sz7J/YhY/jGjqku7TfpN/GOheW8AzKTBlm3WLps1YXys4TKrB\n" + "0RStfaPfRJI1PeSlrWl6+kQu/5O8WA8NK0JZ/0Jc4d5LNrtUXo4VU9XCthrxLkgL\n" + "3XWgZKFrqJd1UeJJ7OvkRYfI1c5i4oAP5ksuF0SHTpqnXE8K39kUnUx3B+ItJlZP\n" + "VXTFhXRc06QwYqYXuYSAmj7/GJk=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t blog_cert_data = { blog_cert_pem, - sizeof (blog_cert_pem) }; + sizeof(blog_cert_pem) +}; static unsigned char blog_issuer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv\n" - "b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ\n" - "Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y\n" - "dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU\n" - "MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0\n" - "Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN\n" - "AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a\n" - "iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1\n" - "aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C\n" - "jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia\n" - "pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0\n" - "FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt\n" - "XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL\n" - "oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6\n" - "R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp\n" - "rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/\n" - "LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA\n" - "BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow\n" - "gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV\n" - "BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG\n" - "A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS\n" - "c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH\n" - "AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr\n" - "BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB\n" - "MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y\n" - "Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj\n" - "ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5\n" - "b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D\n" - "QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc\n" - "7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH\n" - "Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4\n" - "D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3\n" - "VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a\n" - "lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW\n" - "Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt\n" - "hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz\n" - "0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn\n" - "ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT\n" - "d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60\n" - "4GGSt/M3mMS+lqO3ig==\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv\n" + "b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ\n" + "Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y\n" + "dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU\n" + "MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0\n" + "Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN\n" + "AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a\n" + "iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1\n" + "aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C\n" + "jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia\n" + "pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0\n" + "FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt\n" + "XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL\n" + "oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6\n" + "R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp\n" + "rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/\n" + "LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA\n" + "BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow\n" + "gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV\n" + "BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG\n" + "A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS\n" + "c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH\n" + "AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr\n" + "BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB\n" + "MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y\n" + "Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj\n" + "ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5\n" + "b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D\n" + "QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc\n" + "7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH\n" + "Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4\n" + "D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3\n" + "VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a\n" + "lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW\n" + "Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt\n" + "hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz\n" + "0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn\n" + "ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT\n" + "d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60\n" + "4GGSt/M3mMS+lqO3ig==\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t blog_issuer_data = { blog_issuer_pem, - sizeof (blog_issuer_pem) }; + sizeof(blog_issuer_pem) +}; static unsigned char blog_signer_pem[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIEkTCCAnmgAwIBAgIDANymMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" - "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" - "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTEwODIzMDAwODM3WhcNMTMwODIy\n" - "MDAwODM3WjB8MQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT\n" - "eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVTZXJ2ZXIgQWRt\n" - "aW5pc3RyYXRpb24xGDAWBgNVBAMTD29jc3AuY2FjZXJ0Lm9yZzCCASIwDQYJKoZI\n" - "hvcNAQEBBQADggEPADCCAQoCggEBAJzG1G/kI8fDcEt1H+T8rvZixGCh1s/5R0A4\n" - "2a8G9bOHCboHyHo74zriwWvbDpt7tJgEQIjI5CA0nV+UrgygBaF0ED8fk23FoM4p\n" - "sCoDbu070Zp69w+ntznXw7TeFWeU8u+w3V/jydjSNA5dRN+/mdheYPQ5JIr9XchG\n" - "jQqxYHpP1ScwYJ4TBvg6qrO7MzRvhIF+XMwSifL+bpOD+ovuqzZMtkCp7vv4FlpV\n" - "0WQNSdoE3tHIyu5fJLF5eLOaiBPdaFE56Wgxr9f4TTVtYFgEQrtVkhj2mAGldDu8\n" - "NtsgaBi4hdSLbTCHTdYzLXpUNh1XQhRcemJ01R4r1b8E8//sA8ECAwEAAaNEMEIw\n" - "DAYDVR0TAQH/BAIwADAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsG\n" - "AQUFBwMJMAkGA1UdEQQCMAAwDQYJKoZIhvcNAQEFBQADggIBAFDdY7cab5FM6H+C\n" - "GicEgQW7pmmsQXti/EsI3GDPslrxtLUnaWsS5AfIFs47QswCkGYOebhsS5AAxWZk\n" - "kisrSA6Ewm2/pd4W470Z9VyToYZ/2Yl4aj+D8Kr46h2kE/cqFUxRnMSwvlhmz0xs\n" - "PTHl+VQhzaEwAWqzGkiFNJO4+RUZSDSNc+cDUK/eUMdiryUiK/boNy7kcalcJup5\n" - "ywQpc2uP3x9cQVLANqrXfY5EVJgGTGOmCwGUXQxc1M/LC3stVsy/l38VJB266reX\n" - "sDKt/OptlDl64yVU/Er1Pb0u1TEHSSTMkmkOebnf2za/BEQV0EaZjNJMlDgOEGQT\n" - "q9kbVAIxViDuaZXfObvpp23DI4YL1jRAN8PUQagucR1uW9fFnyrmAoCuCihpY0uJ\n" - "Lr1PQlj7hpqiGNzGMsFGuijSi85WYwSAUVE5ADsAuV9n+pAe2na1MaW9EdJf2l3V\n" - "9+6rwGJ0YEcyQv2yLgQ6LvLIs0Gjvf6UX+9u15J8HQTwxlOORtwwOjVfGkvqOwCL\n" - "l7W5znFuXNWgC7EzCIlhI8+Xn4+aULXszkCNgpWLeSZm8/Rw2O5Y3XUp1WqRUXoX\n" - "vE/Uo0V7hOe+aVPB4lzIRaA67N+KHsEYhIt6Tk6eOib+XSLUxRS+7gbrBUpmyaSz\n" - "aASwXSVUswXtQfBlaW2lTreX2Nj1\n" - "-----END CERTIFICATE-----\n"; + "-----BEGIN CERTIFICATE-----\n" + "MIIEkTCCAnmgAwIBAgIDANymMA0GCSqGSIb3DQEBBQUAMFQxFDASBgNVBAoTC0NB\n" + "Y2VydCBJbmMuMR4wHAYDVQQLExVodHRwOi8vd3d3LkNBY2VydC5vcmcxHDAaBgNV\n" + "BAMTE0NBY2VydCBDbGFzcyAzIFJvb3QwHhcNMTEwODIzMDAwODM3WhcNMTMwODIy\n" + "MDAwODM3WjB8MQswCQYDVQQGEwJBVTEMMAoGA1UECBMDTlNXMQ8wDQYDVQQHEwZT\n" + "eWRuZXkxFDASBgNVBAoTC0NBY2VydCBJbmMuMR4wHAYDVQQLExVTZXJ2ZXIgQWRt\n" + "aW5pc3RyYXRpb24xGDAWBgNVBAMTD29jc3AuY2FjZXJ0Lm9yZzCCASIwDQYJKoZI\n" + "hvcNAQEBBQADggEPADCCAQoCggEBAJzG1G/kI8fDcEt1H+T8rvZixGCh1s/5R0A4\n" + "2a8G9bOHCboHyHo74zriwWvbDpt7tJgEQIjI5CA0nV+UrgygBaF0ED8fk23FoM4p\n" + "sCoDbu070Zp69w+ntznXw7TeFWeU8u+w3V/jydjSNA5dRN+/mdheYPQ5JIr9XchG\n" + "jQqxYHpP1ScwYJ4TBvg6qrO7MzRvhIF+XMwSifL+bpOD+ovuqzZMtkCp7vv4FlpV\n" + "0WQNSdoE3tHIyu5fJLF5eLOaiBPdaFE56Wgxr9f4TTVtYFgEQrtVkhj2mAGldDu8\n" + "NtsgaBi4hdSLbTCHTdYzLXpUNh1XQhRcemJ01R4r1b8E8//sA8ECAwEAAaNEMEIw\n" + "DAYDVR0TAQH/BAIwADAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsG\n" + "AQUFBwMJMAkGA1UdEQQCMAAwDQYJKoZIhvcNAQEFBQADggIBAFDdY7cab5FM6H+C\n" + "GicEgQW7pmmsQXti/EsI3GDPslrxtLUnaWsS5AfIFs47QswCkGYOebhsS5AAxWZk\n" + "kisrSA6Ewm2/pd4W470Z9VyToYZ/2Yl4aj+D8Kr46h2kE/cqFUxRnMSwvlhmz0xs\n" + "PTHl+VQhzaEwAWqzGkiFNJO4+RUZSDSNc+cDUK/eUMdiryUiK/boNy7kcalcJup5\n" + "ywQpc2uP3x9cQVLANqrXfY5EVJgGTGOmCwGUXQxc1M/LC3stVsy/l38VJB266reX\n" + "sDKt/OptlDl64yVU/Er1Pb0u1TEHSSTMkmkOebnf2za/BEQV0EaZjNJMlDgOEGQT\n" + "q9kbVAIxViDuaZXfObvpp23DI4YL1jRAN8PUQagucR1uW9fFnyrmAoCuCihpY0uJ\n" + "Lr1PQlj7hpqiGNzGMsFGuijSi85WYwSAUVE5ADsAuV9n+pAe2na1MaW9EdJf2l3V\n" + "9+6rwGJ0YEcyQv2yLgQ6LvLIs0Gjvf6UX+9u15J8HQTwxlOORtwwOjVfGkvqOwCL\n" + "l7W5znFuXNWgC7EzCIlhI8+Xn4+aULXszkCNgpWLeSZm8/Rw2O5Y3XUp1WqRUXoX\n" + "vE/Uo0V7hOe+aVPB4lzIRaA67N+KHsEYhIt6Tk6eOib+XSLUxRS+7gbrBUpmyaSz\n" + "aASwXSVUswXtQfBlaW2lTreX2Nj1\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t blog_signer_data = { blog_signer_pem, - sizeof (blog_signer_pem) }; + sizeof(blog_signer_pem) +}; -static void -ocsp_invalid_calls (void) +static void ocsp_invalid_calls(void) { - gnutls_ocsp_req_t req; - gnutls_ocsp_resp_t resp; - gnutls_datum_t dat; - char c = 42; - void *p = &c; - int rc; - - rc = gnutls_ocsp_req_init (&req); - if (rc != GNUTLS_E_SUCCESS) - { - fail ("gnutls_ocsp_req_init alloc\n"); - exit (1); - } - rc = gnutls_ocsp_resp_init (&resp); - if (rc != GNUTLS_E_SUCCESS) - { - fail ("gnutls_ocsp_resp_init alloc\n"); - exit (1); - } - - gnutls_ocsp_req_deinit (NULL); - gnutls_ocsp_resp_deinit (NULL); - - rc = gnutls_ocsp_req_import (NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_import NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_import (NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_import NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_import (req, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_import NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_import (NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_import NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_import (NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_import NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_import (resp, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_import NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_export (NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_export NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_export (NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_export NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_export (req, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_export NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_export (NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_export NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_export (NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_export NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_export (resp, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_export NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_version (NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_get_version NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_cert_id (NULL, 0, NULL, NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_get_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_cert_id (req, 0, NULL, NULL, NULL, NULL); - if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - { - fail ("gnutls_ocsp_req_get_cert_id empty\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (NULL, 0, NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, 0, NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, p, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, NULL, p, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, NULL, NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, p, p, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, p, NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, NULL, p, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert (NULL, 0, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert (req, 0, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - - rc = gnutls_ocsp_req_add_cert (req, 0, p, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_add_cert (req, 0, NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_add_cert_id NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_extension (NULL, 0, NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_get_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_extension (req, 0, NULL, NULL, NULL); - if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - { - fail ("gnutls_ocsp_req_get_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_extension (req, 0, p, p, p); - if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) - { - fail ("gnutls_ocsp_req_get_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_set_extension (NULL, NULL, 0, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_set_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_set_extension (req, NULL, 0, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_set_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_set_extension (req, p, 0, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_set_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_set_extension (req, NULL, 0, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_set_extension NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_nonce (NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_get_nonce NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_get_nonce (NULL, NULL, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_get_nonce NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_set_nonce (NULL, 0, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_set_nonce NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_set_nonce (req, 0, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_set_nonce NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_req_randomize_nonce (NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_req_randomize_nonce NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_get_status (NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_get_status NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_get_status (resp); - if (rc != GNUTLS_E_ASN1_VALUE_NOT_FOUND) - { - fail ("gnutls_ocsp_resp_get_status %d\n", rc); - exit (1); - } - - rc = gnutls_ocsp_resp_get_response (NULL, NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_get_response NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_get_response (NULL, p, p); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_get_response NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_get_response (resp, NULL, NULL); - if (rc != GNUTLS_E_SUCCESS) - { - fail ("gnutls_ocsp_resp_get_response %d\n", rc); - exit (1); - } - - rc = gnutls_ocsp_resp_get_version (NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_get_version NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_get_version (resp); - if (rc != 1) - { - fail ("gnutls_ocsp_resp_get_version ret %d\n", rc); - exit (1); - } - - rc = gnutls_ocsp_resp_get_responder (NULL, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_get_responder NULL\n"); - exit (1); - } - - rc = gnutls_ocsp_resp_get_responder (resp, NULL); - if (rc != GNUTLS_E_INVALID_REQUEST) - { - fail ("gnutls_ocsp_resp_get_responder 2nd %d\n", rc); - exit (1); - } - - rc = gnutls_ocsp_resp_get_responder (resp, &dat); - if (rc != GNUTLS_E_SUCCESS || dat.size != 0) - { - fail ("gnutls_ocsp_resp_get_responder %d\n", rc); - exit (1); - } - - gnutls_free (dat.data); - - gnutls_ocsp_req_deinit (req); - gnutls_ocsp_resp_deinit (resp); + gnutls_ocsp_req_t req; + gnutls_ocsp_resp_t resp; + gnutls_datum_t dat; + char c = 42; + void *p = &c; + int rc; + + rc = gnutls_ocsp_req_init(&req); + if (rc != GNUTLS_E_SUCCESS) { + fail("gnutls_ocsp_req_init alloc\n"); + exit(1); + } + rc = gnutls_ocsp_resp_init(&resp); + if (rc != GNUTLS_E_SUCCESS) { + fail("gnutls_ocsp_resp_init alloc\n"); + exit(1); + } + + gnutls_ocsp_req_deinit(NULL); + gnutls_ocsp_resp_deinit(NULL); + + rc = gnutls_ocsp_req_import(NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_import NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_import(NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_import NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_import(req, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_import NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_import(NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_import NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_import(NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_import NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_import(resp, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_import NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_export(NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_export NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_export(NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_export NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_export(req, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_export NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_export(NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_export NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_export(NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_export NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_export(resp, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_export NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_version(NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_get_version NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_cert_id(NULL, 0, NULL, NULL, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_get_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_cert_id(req, 0, NULL, NULL, NULL, NULL); + if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { + fail("gnutls_ocsp_req_get_cert_id empty\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(NULL, 0, NULL, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, 0, NULL, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, NULL, NULL, + NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, p, NULL, + NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, NULL, p, + NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, NULL, NULL, + p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, p, p, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, p, NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, NULL, p, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert(NULL, 0, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert(req, 0, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + + rc = gnutls_ocsp_req_add_cert(req, 0, p, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_add_cert(req, 0, NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_add_cert_id NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_extension(NULL, 0, NULL, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_get_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_extension(req, 0, NULL, NULL, NULL); + if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { + fail("gnutls_ocsp_req_get_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_extension(req, 0, p, p, p); + if (rc != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) { + fail("gnutls_ocsp_req_get_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_set_extension(NULL, NULL, 0, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_set_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_set_extension(req, NULL, 0, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_set_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_set_extension(req, p, 0, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_set_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_set_extension(req, NULL, 0, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_set_extension NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_nonce(NULL, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_get_nonce NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_get_nonce(NULL, NULL, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_get_nonce NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_set_nonce(NULL, 0, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_set_nonce NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_set_nonce(req, 0, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_set_nonce NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_req_randomize_nonce(NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_req_randomize_nonce NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_get_status(NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_get_status NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_get_status(resp); + if (rc != GNUTLS_E_ASN1_VALUE_NOT_FOUND) { + fail("gnutls_ocsp_resp_get_status %d\n", rc); + exit(1); + } + + rc = gnutls_ocsp_resp_get_response(NULL, NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_get_response NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_get_response(NULL, p, p); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_get_response NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_get_response(resp, NULL, NULL); + if (rc != GNUTLS_E_SUCCESS) { + fail("gnutls_ocsp_resp_get_response %d\n", rc); + exit(1); + } + + rc = gnutls_ocsp_resp_get_version(NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_get_version NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_get_version(resp); + if (rc != 1) { + fail("gnutls_ocsp_resp_get_version ret %d\n", rc); + exit(1); + } + + rc = gnutls_ocsp_resp_get_responder(NULL, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_get_responder NULL\n"); + exit(1); + } + + rc = gnutls_ocsp_resp_get_responder(resp, NULL); + if (rc != GNUTLS_E_INVALID_REQUEST) { + fail("gnutls_ocsp_resp_get_responder 2nd %d\n", rc); + exit(1); + } + + rc = gnutls_ocsp_resp_get_responder(resp, &dat); + if (rc != GNUTLS_E_SUCCESS || dat.size != 0) { + fail("gnutls_ocsp_resp_get_responder %d\n", rc); + exit(1); + } + + gnutls_free(dat.data); + + gnutls_ocsp_req_deinit(req); + gnutls_ocsp_resp_deinit(resp); } /* import a request, query some fields and print and export it */ -static void -req_parse (void) +static void req_parse(void) { - gnutls_ocsp_req_t req; - int ret; - gnutls_datum_t d; - - /* init request */ - - ret = gnutls_ocsp_req_init (&req); - if (ret != 0) - { - fail ("gnutls_ocsp_req_init\n"); - exit (1); - } - - /* import ocsp request */ - - ret = gnutls_ocsp_req_import (req, &req1); - if (ret != 0) - { - fail ("gnutls_ocsp_req_import %d\n", ret); - exit (1); - } - - /* simple version query */ - - ret = gnutls_ocsp_req_get_version (req); - if (ret != 1) - { - fail ("gnutls_ocsp_req_get_version %d\n", ret); - exit (1); - } - - /* check nonce */ - { - gnutls_datum_t expect = - { (unsigned char*) REQ1NONCE + 2, sizeof (REQ1NONCE) - 3 }; - gnutls_datum_t got; - unsigned int critical; - - ret = gnutls_ocsp_req_get_nonce (req, &critical, &got); - if (ret != 0) - { - fail ("gnutls_ocsp_req_get_nonce %d\n", ret); - exit (1); - } - - if (critical != 0) - { - fail ("unexpected critical %d\n", critical); - exit (1); - } - - if (expect.size != got.size || - memcmp (expect.data, got.data, got.size) != 0) - { - fail ("ocsp request nonce memcmp failed\n"); - exit (1); - } - - gnutls_free (got.data); - } - - /* print request */ - - ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_req_print\n"); - exit (1); - } - - if (strlen (REQ1INFO) != d.size - 1 || - memcmp (REQ1INFO, d.data, strlen (REQ1INFO)) != 0) - { - printf ("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen (REQ1INFO), REQ1INFO, (int) d.size - 1, - (int) d.size, d.data); - fail ("ocsp request print failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* test export */ - ret = gnutls_ocsp_req_export (req, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_req_export %d\n", ret); - exit (1); - } - - /* compare against earlier imported bytes */ - - if (req1.size != d.size || - memcmp (req1.data, d.data, d.size) != 0) - { - fail ("ocsp request export memcmp failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* test setting nonce */ - { - gnutls_datum_t n1 = { (unsigned char *) "foo", 3 }; - gnutls_datum_t n2 = { (unsigned char *) "foobar", 6 }; - gnutls_datum_t got; - unsigned critical; - - ret = gnutls_ocsp_req_set_nonce (req, 0, &n1); - if (ret != 0) - { - fail ("gnutls_ocsp_req_set_nonce %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_req_get_nonce (req, &critical, &got); - if (ret != 0) - { - fail ("gnutls_ocsp_req_get_nonce %d\n", ret); - exit (1); - } - - if (critical != 0) - { - fail ("unexpected critical %d\n", critical); - exit (1); - } - - if (n1.size != got.size || - memcmp (n1.data, got.data, got.size) != 0) - { - fail ("ocsp request parse nonce memcmp failed\n"); - exit (1); - } - - gnutls_free (got.data); - - /* set another time */ - - ret = gnutls_ocsp_req_set_nonce (req, 1, &n2); - if (ret != 0) - { - fail ("gnutls_ocsp_req_set_nonce %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_req_get_nonce (req, &critical, &got); - if (ret != 0) - { - fail ("gnutls_ocsp_req_get_nonce %d\n", ret); - exit (1); - } - - if (critical != 1) - { - fail ("unexpected critical %d\n", critical); - exit (1); - } - - if (n2.size != got.size || - memcmp (n2.data, got.data, got.size) != 0) - { - fail ("ocsp request parse2 nonce memcmp failed\n"); - exit (1); - } - - gnutls_free (got.data); - - /* randomize nonce */ - - ret = gnutls_ocsp_req_randomize_nonce (req); - if (ret != 0) - { - fail ("gnutls_ocsp_req_randomize_nonce %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_req_get_nonce (req, &critical, &n1); - if (ret != 0) - { - fail ("gnutls_ocsp_req_get_nonce %d\n", ret); - exit (1); - } - - if (critical != 0) - { - fail ("unexpected random critical %d\n", critical); - exit (1); - } - - ret = gnutls_ocsp_req_randomize_nonce (req); - if (ret != 0) - { - fail ("gnutls_ocsp_req_randomize_nonce %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_req_get_nonce (req, &critical, &n2); - if (ret != 0) - { - fail ("gnutls_ocsp_req_get_nonce %d\n", ret); - exit (1); - } - - if (critical != 0) - { - fail ("unexpected random critical %d\n", critical); - exit (1); - } - - if (n2.size == got.size && memcmp (n1.data, n2.data, n1.size) == 0) - { - fail ("ocsp request random nonce memcmp failed\n"); - exit (1); - } - - gnutls_free (n1.data); - gnutls_free (n2.data); - } - - /* cleanup */ - - gnutls_ocsp_req_deinit (req); + gnutls_ocsp_req_t req; + int ret; + gnutls_datum_t d; + + /* init request */ + + ret = gnutls_ocsp_req_init(&req); + if (ret != 0) { + fail("gnutls_ocsp_req_init\n"); + exit(1); + } + + /* import ocsp request */ + + ret = gnutls_ocsp_req_import(req, &req1); + if (ret != 0) { + fail("gnutls_ocsp_req_import %d\n", ret); + exit(1); + } + + /* simple version query */ + + ret = gnutls_ocsp_req_get_version(req); + if (ret != 1) { + fail("gnutls_ocsp_req_get_version %d\n", ret); + exit(1); + } + + /* check nonce */ + { + gnutls_datum_t expect = + { (unsigned char *) REQ1NONCE + 2, + sizeof(REQ1NONCE) - 3 }; + gnutls_datum_t got; + unsigned int critical; + + ret = gnutls_ocsp_req_get_nonce(req, &critical, &got); + if (ret != 0) { + fail("gnutls_ocsp_req_get_nonce %d\n", ret); + exit(1); + } + + if (critical != 0) { + fail("unexpected critical %d\n", critical); + exit(1); + } + + if (expect.size != got.size || + memcmp(expect.data, got.data, got.size) != 0) { + fail("ocsp request nonce memcmp failed\n"); + exit(1); + } + + gnutls_free(got.data); + } + + /* print request */ + + ret = gnutls_ocsp_req_print(req, GNUTLS_OCSP_PRINT_FULL, &d); + if (ret != 0) { + fail("gnutls_ocsp_req_print\n"); + exit(1); + } + + if (strlen(REQ1INFO) != d.size - 1 || + memcmp(REQ1INFO, d.data, strlen(REQ1INFO)) != 0) { + printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", + strlen(REQ1INFO), REQ1INFO, (int) d.size - 1, + (int) d.size, d.data); + fail("ocsp request print failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* test export */ + ret = gnutls_ocsp_req_export(req, &d); + if (ret != 0) { + fail("gnutls_ocsp_req_export %d\n", ret); + exit(1); + } + + /* compare against earlier imported bytes */ + + if (req1.size != d.size || memcmp(req1.data, d.data, d.size) != 0) { + fail("ocsp request export memcmp failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* test setting nonce */ + { + gnutls_datum_t n1 = { (unsigned char *) "foo", 3 }; + gnutls_datum_t n2 = { (unsigned char *) "foobar", 6 }; + gnutls_datum_t got; + unsigned critical; + + ret = gnutls_ocsp_req_set_nonce(req, 0, &n1); + if (ret != 0) { + fail("gnutls_ocsp_req_set_nonce %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_req_get_nonce(req, &critical, &got); + if (ret != 0) { + fail("gnutls_ocsp_req_get_nonce %d\n", ret); + exit(1); + } + + if (critical != 0) { + fail("unexpected critical %d\n", critical); + exit(1); + } + + if (n1.size != got.size || + memcmp(n1.data, got.data, got.size) != 0) { + fail("ocsp request parse nonce memcmp failed\n"); + exit(1); + } + + gnutls_free(got.data); + + /* set another time */ + + ret = gnutls_ocsp_req_set_nonce(req, 1, &n2); + if (ret != 0) { + fail("gnutls_ocsp_req_set_nonce %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_req_get_nonce(req, &critical, &got); + if (ret != 0) { + fail("gnutls_ocsp_req_get_nonce %d\n", ret); + exit(1); + } + + if (critical != 1) { + fail("unexpected critical %d\n", critical); + exit(1); + } + + if (n2.size != got.size || + memcmp(n2.data, got.data, got.size) != 0) { + fail("ocsp request parse2 nonce memcmp failed\n"); + exit(1); + } + + gnutls_free(got.data); + + /* randomize nonce */ + + ret = gnutls_ocsp_req_randomize_nonce(req); + if (ret != 0) { + fail("gnutls_ocsp_req_randomize_nonce %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_req_get_nonce(req, &critical, &n1); + if (ret != 0) { + fail("gnutls_ocsp_req_get_nonce %d\n", ret); + exit(1); + } + + if (critical != 0) { + fail("unexpected random critical %d\n", critical); + exit(1); + } + + ret = gnutls_ocsp_req_randomize_nonce(req); + if (ret != 0) { + fail("gnutls_ocsp_req_randomize_nonce %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_req_get_nonce(req, &critical, &n2); + if (ret != 0) { + fail("gnutls_ocsp_req_get_nonce %d\n", ret); + exit(1); + } + + if (critical != 0) { + fail("unexpected random critical %d\n", critical); + exit(1); + } + + if (n2.size == got.size + && memcmp(n1.data, n2.data, n1.size) == 0) { + fail("ocsp request random nonce memcmp failed\n"); + exit(1); + } + + gnutls_free(n1.data); + gnutls_free(n2.data); + } + + /* cleanup */ + + gnutls_ocsp_req_deinit(req); } /* check that creating a request (using low-level add_cert_id) ends up with same DER as above. */ -static void -req_addcert_id (void) +static void req_addcert_id(void) { - gnutls_ocsp_req_t req; - int ret; - gnutls_datum_t d; - - /* init request */ - - ret = gnutls_ocsp_req_init (&req); - if (ret != 0) - { - fail ("gnutls_ocsp_req_init\n"); - exit (1); - } - - /* add ocsp request nonce */ - - { - gnutls_datum_t nonce = - { (unsigned char*) REQ1NONCE, sizeof (REQ1NONCE) - 1 }; - - ret = gnutls_ocsp_req_set_extension (req, "1.3.6.1.5.5.7.48.1.2", - 0, &nonce); - if (ret != 0) - { - fail ("gnutls_ocsp_req_set_extension %d\n", ret); - exit (1); - } - } - - /* add cert_id */ - { - gnutls_datum_t issuer_name_hash = - { (unsigned char*) REQ1INH, sizeof (REQ1INH) - 1 }; - gnutls_datum_t issuer_key_hash = - { (unsigned char*) REQ1IKH, sizeof (REQ1IKH) - 1 }; - gnutls_datum_t serial_number = - { (unsigned char*) REQ1SN, sizeof (REQ1SN) - 1 }; - - ret = gnutls_ocsp_req_add_cert_id (req, GNUTLS_DIG_SHA1, - &issuer_name_hash, - &issuer_key_hash, - &serial_number); - if (ret != 0) - { - fail ("gnutls_ocsp_add_cert_id %d\n", ret); - exit (1); - } - } - - /* print request */ - - ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_req_print\n"); - exit (1); - } - - if (strlen (REQ1INFO) != d.size - 1 || - memcmp (REQ1INFO, d.data, strlen (REQ1INFO)) != 0) - { - printf ("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen (REQ1INFO), REQ1INFO, (int) d.size - 1, - (int) d.size, d.data); - fail ("ocsp request print failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* test export */ - ret = gnutls_ocsp_req_export (req, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_req_export %d\n", ret); - exit (1); - } - - /* compare against earlier imported bytes */ - - if (req1.size != d.size || - memcmp (req1.data, d.data, d.size) != 0) - { - fail ("ocsp request export memcmp failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* cleanup */ - - gnutls_ocsp_req_deinit (req); + gnutls_ocsp_req_t req; + int ret; + gnutls_datum_t d; + + /* init request */ + + ret = gnutls_ocsp_req_init(&req); + if (ret != 0) { + fail("gnutls_ocsp_req_init\n"); + exit(1); + } + + /* add ocsp request nonce */ + + { + gnutls_datum_t nonce = + { (unsigned char *) REQ1NONCE, sizeof(REQ1NONCE) - 1 }; + + ret = + gnutls_ocsp_req_set_extension(req, + "1.3.6.1.5.5.7.48.1.2", + 0, &nonce); + if (ret != 0) { + fail("gnutls_ocsp_req_set_extension %d\n", ret); + exit(1); + } + } + + /* add cert_id */ + { + gnutls_datum_t issuer_name_hash = + { (unsigned char *) REQ1INH, sizeof(REQ1INH) - 1 }; + gnutls_datum_t issuer_key_hash = + { (unsigned char *) REQ1IKH, sizeof(REQ1IKH) - 1 }; + gnutls_datum_t serial_number = + { (unsigned char *) REQ1SN, sizeof(REQ1SN) - 1 }; + + ret = gnutls_ocsp_req_add_cert_id(req, GNUTLS_DIG_SHA1, + &issuer_name_hash, + &issuer_key_hash, + &serial_number); + if (ret != 0) { + fail("gnutls_ocsp_add_cert_id %d\n", ret); + exit(1); + } + } + + /* print request */ + + ret = gnutls_ocsp_req_print(req, GNUTLS_OCSP_PRINT_FULL, &d); + if (ret != 0) { + fail("gnutls_ocsp_req_print\n"); + exit(1); + } + + if (strlen(REQ1INFO) != d.size - 1 || + memcmp(REQ1INFO, d.data, strlen(REQ1INFO)) != 0) { + printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", + strlen(REQ1INFO), REQ1INFO, (int) d.size - 1, + (int) d.size, d.data); + fail("ocsp request print failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* test export */ + ret = gnutls_ocsp_req_export(req, &d); + if (ret != 0) { + fail("gnutls_ocsp_req_export %d\n", ret); + exit(1); + } + + /* compare against earlier imported bytes */ + + if (req1.size != d.size || memcmp(req1.data, d.data, d.size) != 0) { + fail("ocsp request export memcmp failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* cleanup */ + + gnutls_ocsp_req_deinit(req); } /* check that creating a request (using high-level add_cert) ends up with same DER as above. */ -static void -req_addcert (void) +static void req_addcert(void) { - gnutls_ocsp_req_t req; - int ret; - gnutls_datum_t d; - - /* init request */ - - ret = gnutls_ocsp_req_init (&req); - if (ret != 0) - { - fail ("gnutls_ocsp_req_init\n"); - exit (1); - } - - /* add ocsp request nonce */ - - { - gnutls_datum_t nonce = - { (unsigned char*) REQ1NONCE, sizeof (REQ1NONCE) - 1 }; - - ret = gnutls_ocsp_req_set_extension (req, "1.3.6.1.5.5.7.48.1.2", - 0, &nonce); - if (ret != 0) - { - fail ("gnutls_ocsp_req_set_extension %d\n", ret); - exit (1); - } - } - - /* add cert_id */ - { - gnutls_x509_crt_t issuer = NULL, subject = NULL; - - ret = gnutls_x509_crt_init (&issuer); - if (ret < 0) - { - fail ("gnutls_x509_crt_init (issuer) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_init (&subject); - if (ret < 0) - { - fail ("gnutls_x509_crt_init (subject) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_import (issuer, &issuer_data, GNUTLS_X509_FMT_PEM); - if (ret < 0) - { - fail ("gnutls_x509_crt_import (issuer) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_import (subject, &subject_data, GNUTLS_X509_FMT_PEM); - if (ret < 0) - { - fail ("gnutls_x509_crt_import (subject) %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_req_add_cert (req, GNUTLS_DIG_SHA1, - issuer, subject); - if (ret != 0) - { - fail ("gnutls_ocsp_add_cert %d\n", ret); - exit (1); - } - - gnutls_x509_crt_deinit (subject); - gnutls_x509_crt_deinit (issuer); - } - - /* print request */ - - ret = gnutls_ocsp_req_print (req, GNUTLS_OCSP_PRINT_FULL, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_req_print\n"); - exit (1); - } - - if (strlen (REQ1INFO) != d.size - 1 || - memcmp (REQ1INFO, d.data, strlen (REQ1INFO)) != 0) - { - printf ("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen (REQ1INFO), REQ1INFO, (int) d.size - 1, - (int) d.size, d.data); - fail ("ocsp request print failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* test export */ - ret = gnutls_ocsp_req_export (req, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_req_export %d\n", ret); - exit (1); - } - - /* compare against earlier imported bytes */ - - if (req1.size != d.size || - memcmp (req1.data, d.data, d.size) != 0) - { - fail ("ocsp request export memcmp failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* cleanup */ - - gnutls_ocsp_req_deinit (req); + gnutls_ocsp_req_t req; + int ret; + gnutls_datum_t d; + + /* init request */ + + ret = gnutls_ocsp_req_init(&req); + if (ret != 0) { + fail("gnutls_ocsp_req_init\n"); + exit(1); + } + + /* add ocsp request nonce */ + + { + gnutls_datum_t nonce = + { (unsigned char *) REQ1NONCE, sizeof(REQ1NONCE) - 1 }; + + ret = + gnutls_ocsp_req_set_extension(req, + "1.3.6.1.5.5.7.48.1.2", + 0, &nonce); + if (ret != 0) { + fail("gnutls_ocsp_req_set_extension %d\n", ret); + exit(1); + } + } + + /* add cert_id */ + { + gnutls_x509_crt_t issuer = NULL, subject = NULL; + + ret = gnutls_x509_crt_init(&issuer); + if (ret < 0) { + fail("gnutls_x509_crt_init (issuer) %d\n", ret); + exit(1); + } + + ret = gnutls_x509_crt_init(&subject); + if (ret < 0) { + fail("gnutls_x509_crt_init (subject) %d\n", ret); + exit(1); + } + + ret = + gnutls_x509_crt_import(issuer, &issuer_data, + GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fail("gnutls_x509_crt_import (issuer) %d\n", ret); + exit(1); + } + + ret = + gnutls_x509_crt_import(subject, &subject_data, + GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fail("gnutls_x509_crt_import (subject) %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_req_add_cert(req, GNUTLS_DIG_SHA1, + issuer, subject); + if (ret != 0) { + fail("gnutls_ocsp_add_cert %d\n", ret); + exit(1); + } + + gnutls_x509_crt_deinit(subject); + gnutls_x509_crt_deinit(issuer); + } + + /* print request */ + + ret = gnutls_ocsp_req_print(req, GNUTLS_OCSP_PRINT_FULL, &d); + if (ret != 0) { + fail("gnutls_ocsp_req_print\n"); + exit(1); + } + + if (strlen(REQ1INFO) != d.size - 1 || + memcmp(REQ1INFO, d.data, strlen(REQ1INFO)) != 0) { + printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", + strlen(REQ1INFO), REQ1INFO, (int) d.size - 1, + (int) d.size, d.data); + fail("ocsp request print failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* test export */ + ret = gnutls_ocsp_req_export(req, &d); + if (ret != 0) { + fail("gnutls_ocsp_req_export %d\n", ret); + exit(1); + } + + /* compare against earlier imported bytes */ + + if (req1.size != d.size || memcmp(req1.data, d.data, d.size) != 0) { + fail("ocsp request export memcmp failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* cleanup */ + + gnutls_ocsp_req_deinit(req); } -static void -resp_import (void) +static void resp_import(void) { - gnutls_ocsp_resp_t resp; - int ret; - gnutls_datum_t d; - - /* init response */ - - ret = gnutls_ocsp_resp_init (&resp); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_init\n"); - exit (1); - } - - /* import ocsp response */ - - ret = gnutls_ocsp_resp_import (resp, &resp1); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_import %d\n", ret); - exit (1); - } - - /* print response */ - - ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_FULL, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_print\n"); - exit (1); - } - - if (strlen (RESP1INFO) != d.size - 1 || - memcmp (RESP1INFO, d.data, strlen (RESP1INFO)) != 0) - { - printf ("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen (RESP1INFO), RESP1INFO, (int) d.size - 1, - (int) d.size, d.data); - fail ("ocsp response print failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* import ocsp response */ - - ret = gnutls_ocsp_resp_import (resp, &resp2); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_import %d\n", ret); - exit (1); - } - - /* print response */ - - ret = gnutls_ocsp_resp_print (resp, GNUTLS_OCSP_PRINT_FULL, &d); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_print\n"); - exit (1); - } - - if (memcmp (RESP2INFO, d.data, strlen (RESP2INFO)) != 0) - { - printf ("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", - strlen (RESP2INFO), RESP2INFO, (int) d.size - 1, - (int) d.size, d.data); - fail ("ocsp response print failed\n"); - exit (1); - } - gnutls_free (d.data); - - /* cleanup */ - - gnutls_ocsp_resp_deinit (resp); + gnutls_ocsp_resp_t resp; + int ret; + gnutls_datum_t d; + + /* init response */ + + ret = gnutls_ocsp_resp_init(&resp); + if (ret != 0) { + fail("gnutls_ocsp_resp_init\n"); + exit(1); + } + + /* import ocsp response */ + + ret = gnutls_ocsp_resp_import(resp, &resp1); + if (ret != 0) { + fail("gnutls_ocsp_resp_import %d\n", ret); + exit(1); + } + + /* print response */ + + ret = gnutls_ocsp_resp_print(resp, GNUTLS_OCSP_PRINT_FULL, &d); + if (ret != 0) { + fail("gnutls_ocsp_resp_print\n"); + exit(1); + } + + if (strlen(RESP1INFO) != d.size - 1 || + memcmp(RESP1INFO, d.data, strlen(RESP1INFO)) != 0) { + printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", + strlen(RESP1INFO), RESP1INFO, (int) d.size - 1, + (int) d.size, d.data); + fail("ocsp response print failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* import ocsp response */ + + ret = gnutls_ocsp_resp_import(resp, &resp2); + if (ret != 0) { + fail("gnutls_ocsp_resp_import %d\n", ret); + exit(1); + } + + /* print response */ + + ret = gnutls_ocsp_resp_print(resp, GNUTLS_OCSP_PRINT_FULL, &d); + if (ret != 0) { + fail("gnutls_ocsp_resp_print\n"); + exit(1); + } + + if (memcmp(RESP2INFO, d.data, strlen(RESP2INFO)) != 0) { + printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n", + strlen(RESP2INFO), RESP2INFO, (int) d.size - 1, + (int) d.size, d.data); + fail("ocsp response print failed\n"); + exit(1); + } + gnutls_free(d.data); + + /* cleanup */ + + gnutls_ocsp_resp_deinit(resp); } -static void -resp_verify (void) +static void resp_verify(void) { - gnutls_ocsp_resp_t resp; - int ret; - gnutls_x509_crt_t cert = NULL, issuer = NULL, signer = NULL; - gnutls_x509_trust_list_t list; - unsigned verify; - - /* init response */ - - ret = gnutls_ocsp_resp_init (&resp); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_init\n"); - exit (1); - } - - /* import ocsp response */ - - ret = gnutls_ocsp_resp_import (resp, &blog_resp); - if (ret != 0) - { - fail ("gnutls_ocsp_resp_import %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_init (&cert); - if (ret < 0) - { - fail ("gnutls_x509_crt_init (cert) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_init (&issuer); - if (ret < 0) - { - fail ("gnutls_x509_crt_init (issuer) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_init (&signer); - if (ret < 0) - { - fail ("gnutls_x509_crt_init (signer) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_import (cert, &blog_cert_data, GNUTLS_X509_FMT_PEM); - if (ret < 0) - { - fail ("gnutls_x509_crt_import (cert) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_import (issuer, &blog_issuer_data, GNUTLS_X509_FMT_PEM); - if (ret < 0) - { - fail ("gnutls_x509_crt_import (issuer) %d\n", ret); - exit (1); - } - - ret = gnutls_x509_crt_import (signer, &blog_signer_data, GNUTLS_X509_FMT_PEM); - if (ret < 0) - { - fail ("gnutls_x509_crt_import (signer) %d\n", ret); - exit (1); - } - - /* check direct verify with signer (should succeed) */ - - ret = gnutls_ocsp_resp_verify_direct (resp, signer, &verify, 0); - if (ret < 0) - { - fail ("gnutls_ocsp_resp_verify_direct (signer) %d\n", ret); - exit (1); - } - - if (verify != 0) - { - fail ("gnutls_ocsp_resp_verify_direct %d\n", verify); - exit (1); - } - - /* check direct verify with cert (should fail) */ - - ret = gnutls_ocsp_resp_verify_direct (resp, cert, &verify, 0); - if (ret < 0) - { - fail ("gnutls_ocsp_resp_verify_direct (cert) %d\n", ret); - exit (1); - } - - if (verify != GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER) - { - fail ("gnutls_ocsp_resp_verify_direct3 %d\n", verify); - exit (1); - } - - /* check trust verify with issuer (should succeed) */ - - ret = gnutls_x509_trust_list_init (&list, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_init %d\n", ret); - exit (1); - } - - ret = gnutls_x509_trust_list_add_cas (list, &issuer, 1, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_add_cas %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0); - if (ret < 0) - { - fail ("gnutls_ocsp_resp_verify (issuer) %d\n", ret); - exit (1); - } - - if (verify != 0) - { - fail ("gnutls_ocsp_resp_verify %d\n", verify); - exit (1); - } - - gnutls_x509_trust_list_deinit (list, 0); - - /* check trust verify with signer (should succeed) */ - - ret = gnutls_x509_trust_list_init (&list, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_init %d\n", ret); - exit (1); - } - - ret = gnutls_x509_trust_list_add_cas (list, &signer, 1, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_add_cas %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0); - if (ret < 0) - { - fail ("gnutls_ocsp_resp_verify (issuer) %d\n", ret); - exit (1); - } - - if (verify != 0) - { - fail ("gnutls_ocsp_resp_verify %d\n", verify); - exit (1); - } - - gnutls_x509_trust_list_deinit (list, 0); - - /* check trust verify with cert (should fail) */ - - ret = gnutls_x509_trust_list_init (&list, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_init %d\n", ret); - exit (1); - } - - ret = gnutls_x509_trust_list_add_cas (list, &cert, 1, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_add_cas %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0); - if (ret < 0) - { - fail ("gnutls_ocsp_resp_verify (issuer) %d\n", ret); - exit (1); - } - - if (verify != GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER) - { - fail ("gnutls_ocsp_resp_verify %d\n", verify); - exit (1); - } - - gnutls_x509_trust_list_deinit (list, 0); - - /* check trust verify with all certs (should succeed) */ - - ret = gnutls_x509_trust_list_init (&list, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_init %d\n", ret); - exit (1); - } - - ret = gnutls_x509_trust_list_add_cas (list, &cert, 1, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_add_cas %d\n", ret); - exit (1); - } - - ret = gnutls_x509_trust_list_add_cas (list, &issuer, 1, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_add_cas %d\n", ret); - exit (1); - } - - ret = gnutls_x509_trust_list_add_cas (list, &signer, 1, 0); - if (ret < 0) - { - fail ("gnutls_x509_trust_list_add_cas %d\n", ret); - exit (1); - } - - ret = gnutls_ocsp_resp_verify (resp, list, &verify, 0); - if (ret < 0) - { - fail ("gnutls_ocsp_resp_verify (issuer) %d\n", ret); - exit (1); - } - - if (verify != 0) - { - fail ("gnutls_ocsp_resp_verify %d\n", verify); - exit (1); - } - - gnutls_x509_trust_list_deinit (list, 0); - - /* cleanup */ - - gnutls_ocsp_resp_deinit (resp); - gnutls_x509_crt_deinit (cert); - gnutls_x509_crt_deinit (issuer); - gnutls_x509_crt_deinit (signer); + gnutls_ocsp_resp_t resp; + int ret; + gnutls_x509_crt_t cert = NULL, issuer = NULL, signer = NULL; + gnutls_x509_trust_list_t list; + unsigned verify; + + /* init response */ + + ret = gnutls_ocsp_resp_init(&resp); + if (ret != 0) { + fail("gnutls_ocsp_resp_init\n"); + exit(1); + } + + /* import ocsp response */ + + ret = gnutls_ocsp_resp_import(resp, &blog_resp); + if (ret != 0) { + fail("gnutls_ocsp_resp_import %d\n", ret); + exit(1); + } + + ret = gnutls_x509_crt_init(&cert); + if (ret < 0) { + fail("gnutls_x509_crt_init (cert) %d\n", ret); + exit(1); + } + + ret = gnutls_x509_crt_init(&issuer); + if (ret < 0) { + fail("gnutls_x509_crt_init (issuer) %d\n", ret); + exit(1); + } + + ret = gnutls_x509_crt_init(&signer); + if (ret < 0) { + fail("gnutls_x509_crt_init (signer) %d\n", ret); + exit(1); + } + + ret = + gnutls_x509_crt_import(cert, &blog_cert_data, + GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fail("gnutls_x509_crt_import (cert) %d\n", ret); + exit(1); + } + + ret = + gnutls_x509_crt_import(issuer, &blog_issuer_data, + GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fail("gnutls_x509_crt_import (issuer) %d\n", ret); + exit(1); + } + + ret = + gnutls_x509_crt_import(signer, &blog_signer_data, + GNUTLS_X509_FMT_PEM); + if (ret < 0) { + fail("gnutls_x509_crt_import (signer) %d\n", ret); + exit(1); + } + + /* check direct verify with signer (should succeed) */ + + ret = gnutls_ocsp_resp_verify_direct(resp, signer, &verify, 0); + if (ret < 0) { + fail("gnutls_ocsp_resp_verify_direct (signer) %d\n", ret); + exit(1); + } + + if (verify != 0) { + fail("gnutls_ocsp_resp_verify_direct %d\n", verify); + exit(1); + } + + /* check direct verify with cert (should fail) */ + + ret = gnutls_ocsp_resp_verify_direct(resp, cert, &verify, 0); + if (ret < 0) { + fail("gnutls_ocsp_resp_verify_direct (cert) %d\n", ret); + exit(1); + } + + if (verify != GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER) { + fail("gnutls_ocsp_resp_verify_direct3 %d\n", verify); + exit(1); + } + + /* check trust verify with issuer (should succeed) */ + + ret = gnutls_x509_trust_list_init(&list, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_init %d\n", ret); + exit(1); + } + + ret = gnutls_x509_trust_list_add_cas(list, &issuer, 1, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_add_cas %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_resp_verify(resp, list, &verify, 0); + if (ret < 0) { + fail("gnutls_ocsp_resp_verify (issuer) %d\n", ret); + exit(1); + } + + if (verify != 0) { + fail("gnutls_ocsp_resp_verify %d\n", verify); + exit(1); + } + + gnutls_x509_trust_list_deinit(list, 0); + + /* check trust verify with signer (should succeed) */ + + ret = gnutls_x509_trust_list_init(&list, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_init %d\n", ret); + exit(1); + } + + ret = gnutls_x509_trust_list_add_cas(list, &signer, 1, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_add_cas %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_resp_verify(resp, list, &verify, 0); + if (ret < 0) { + fail("gnutls_ocsp_resp_verify (issuer) %d\n", ret); + exit(1); + } + + if (verify != 0) { + fail("gnutls_ocsp_resp_verify %d\n", verify); + exit(1); + } + + gnutls_x509_trust_list_deinit(list, 0); + + /* check trust verify with cert (should fail) */ + + ret = gnutls_x509_trust_list_init(&list, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_init %d\n", ret); + exit(1); + } + + ret = gnutls_x509_trust_list_add_cas(list, &cert, 1, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_add_cas %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_resp_verify(resp, list, &verify, 0); + if (ret < 0) { + fail("gnutls_ocsp_resp_verify (issuer) %d\n", ret); + exit(1); + } + + if (verify != GNUTLS_OCSP_VERIFY_UNTRUSTED_SIGNER) { + fail("gnutls_ocsp_resp_verify %d\n", verify); + exit(1); + } + + gnutls_x509_trust_list_deinit(list, 0); + + /* check trust verify with all certs (should succeed) */ + + ret = gnutls_x509_trust_list_init(&list, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_init %d\n", ret); + exit(1); + } + + ret = gnutls_x509_trust_list_add_cas(list, &cert, 1, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_add_cas %d\n", ret); + exit(1); + } + + ret = gnutls_x509_trust_list_add_cas(list, &issuer, 1, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_add_cas %d\n", ret); + exit(1); + } + + ret = gnutls_x509_trust_list_add_cas(list, &signer, 1, 0); + if (ret < 0) { + fail("gnutls_x509_trust_list_add_cas %d\n", ret); + exit(1); + } + + ret = gnutls_ocsp_resp_verify(resp, list, &verify, 0); + if (ret < 0) { + fail("gnutls_ocsp_resp_verify (issuer) %d\n", ret); + exit(1); + } + + if (verify != 0) { + fail("gnutls_ocsp_resp_verify %d\n", verify); + exit(1); + } + + gnutls_x509_trust_list_deinit(list, 0); + + /* cleanup */ + + gnutls_ocsp_resp_deinit(resp); + gnutls_x509_crt_deinit(cert); + gnutls_x509_crt_deinit(issuer); + gnutls_x509_crt_deinit(signer); } -void -doit (void) +void doit(void) { - int ret; - - ret = global_init (); - if (ret < 0) - { - fail ("global_init\n"); - exit (1); - } - - gnutls_global_set_time_function (mytime); - gnutls_global_set_log_function (tls_log_func); - if (debug) - gnutls_global_set_log_level (99); - - ocsp_invalid_calls (); - req_parse (); - resp_import (); - req_addcert_id (); - req_addcert (); - resp_verify (); - - /* we're done */ - - gnutls_global_deinit (); + int ret; + + ret = global_init(); + if (ret < 0) { + fail("global_init\n"); + exit(1); + } + + gnutls_global_set_time_function(mytime); + gnutls_global_set_log_function(tls_log_func); + if (debug) + gnutls_global_set_log_level(99); + + ocsp_invalid_calls(); + req_parse(); + resp_import(); + req_addcert_id(); + req_addcert(); + resp_verify(); + + /* we're done */ + + gnutls_global_deinit(); } |