tests: Added tests on the invalid OCSP response

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-09-04 10:05:30 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-09-04 10:05:30 +0200
commit: 0183331d42adcfc885b6889346a1db60de442b02 (patch)
tree: b2ae06a9d08b3e8cfc350d58f95250b3ee7ab48a /tests/ocsp.c
parent: e24fcd89673af5c72dd2570aafbcabac1f35a753 (diff)
download: gnutls-0183331d42adcfc885b6889346a1db60de442b02.tar.gz
1 files changed, 59 insertions, 2 deletions
diff --git a/tests/ocsp.c b/tests/ocsp.c
index 7269d9364e..cf1089d18b 100644
--- a/tests/ocsp.c
+++ b/tests/ocsp.c
@@ -127,6 +127,28 @@ static const gnutls_datum_t resp1 =
 static const gnutls_datum_t resp2 =
     { (unsigned char *) RESP2, sizeof(RESP2) - 1 };
 
+#define RESP3 "\x30\x82\x01\xd3\x0a\x01\x00\xa0\x82\x01\xcc\x30\x82\x01\xc8\x06\x09\x2b\x06\x01\x05\x05\x07\x30\x01\x01\x04\x82\x01\xb9\x30\x82\x01\xb5\x30\x81\x9e\xa2\x16\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\x30\x73\x30\x71\x30\x49\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14\xed\x48\xad\xdd\xcb\x7b\x00\xe2\x0e\x84\x2a\xa9\xb4\x09\xf1\xac\x30\x34\xcf\x96\x04\x14\x50\xea\x73\x89\xdb\x29\xfb\x10\x8f\x9e\xe5\x01\x20\xd4\xde\x79\x99\x48\x83\xf7\x02\x10\x02\x01\x48\x91\x5d\xfd\x5e\xb6\xe0\x02\x90\xa9\x67\xb0\xe4\x64\x80\x00\x18\x0f\x32\x30\x31\x34\x30\x39\x30\x34\x30\x35\x34\x39\x30\x30\x5a\xa0\x11\x18\x0f\x32\x30\x31\x34\x30\x39\x31\x31\x30\x36\x30\x34\x30\x30\x5a\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x05\x05\x00\x03\x82\x01\x01\x00\x6e\x5e\x5e\x81\xff\x3f\x4d\xc7\x53\xc7\x1b\xf3\xd3\x1d\xdc\x9a\xc7\xce\x77\x2c\x67\x56\x13\x98\x91\x02\x01\x76\xdc\x48\xb2\x1f\x9b\x17\xea\xbf\x2c\x0a\xf5\x1d\x98\x90\x3c\x5f\x55\xc2\xff\x4b\x9a\xbc\xa6\x83\x9e\xab\x2b\xeb\x9d\x01\xea\x3b\x5f\xbe\x03\x29\x70\x63\x2a\xa4\x1d\xa8\xab\x69\xb2\x64\xba\x5d\x73\x91\x5c\x92\xf3\x69\xd4\xc9\x39\x9c\x7c\x7d\xa2\x47\x92\xc2\x56\xfe\xa1\x0d\x4a\x69\xff\xda\x48\xc5\x5e\xd8\xab\x39\x88\x6a\x06\xfa\x07\x57\xd6\x48\xb5\xce\xc9\x5f\xa5\x96\xfe\x37\x18\x5e\x7f\x35\x51\xc1\x9e\x79\x5a\x26\xba\x67\x67\x38\x2a\x80\x75\x42\x99\x68\x3e\xec\x2f\x7e\x2d\xa1\xa6\xbe\x9f\x01\x51\x22\x88\x3a\xc9\x9c\xed\x51\xef\x21\x66\x7e\xa9\xd0\x3f\x13\x9c\xbb\xd2\x94\x14\x6f\x4b\xd9\xc4\xf5\x2c\xf5\x7d\x07\x68\xf3\x51\xac\xda\xc2\x09\x66\xa9\x3d\xed\xad\x02\x4d\x9c\x11\x29\x1a\x54\xfb\x1e\x7e\x36\xf4\xbb\x0d\x08\x8c\x6a\x42\x08\x10\x29\x08\x7c\x56\x0b\x18\x47\xff\x87\x11\xfd\xb2\xfb\xc9\x22\x7f\xe3\x1f\x7b\xf9\x98\xaa\x3a\x32\xb6\x2f\x02\xba\xb6\xc1\xdc\xc3\x5d\xb5\x4b\xae\x5d\x29\x6a\x31\xde\xcd"
+
+#define RESP3INFO "OCSP Response Information:\n" \
+"	Response Status: Successful\n" \
+"	Response Type: Basic OCSP Response\n" \
+"	Version: 1\n" \
+"	Responder ID: \n" \
+"	Produced At: Thu Sep 04 05:49:00 UTC 2014\n" \
+"	Responses:\n" \
+"		Certificate ID:\n" \
+"			Hash Algorithm: SHA1\n" \
+"			Issuer Name Hash: ed48adddcb7b00e20e842aa9b409f1ac3034cf96\n" \
+"			Issuer Key Hash: 50ea7389db29fb108f9ee50120d4de79994883f7\n" \
+"			Serial Number: 020148915dfd5eb6e00290a967b0e464\n" \
+"		Certificate Status: good\n" \
+"		This Update: Thu Sep 04 05:49:00 UTC 2014\n" \
+"		Next Update: Thu Sep 11 06:04:00 UTC 2014\n" \
+"	Extensions:\n"
+
+static const gnutls_datum_t resp3 =
+    { (unsigned char *) RESP3, sizeof(RESP3) - 1 };
+
 static unsigned char issuer_pem[] =
     "-----BEGIN CERTIFICATE-----\n"
     "MIIDuDCCAqCgAwIBAgIBADANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJDSDEZ\n"
@@ -1052,7 +1074,7 @@ static void resp_import(void)
 
 	ret = gnutls_ocsp_resp_import(resp, &resp1);
 	if (ret != 0) {
-		fail("gnutls_ocsp_resp_import %d\n", ret);
+		fail("gnutls_ocsp_resp_import[%d]: %s\n", __LINE__, gnutls_strerror(ret));
 		exit(1);
 	}
 
@@ -1078,7 +1100,7 @@ static void resp_import(void)
 
 	ret = gnutls_ocsp_resp_import(resp, &resp2);
 	if (ret != 0) {
-		fail("gnutls_ocsp_resp_import %d\n", ret);
+		fail("gnutls_ocsp_resp_import[%d]: %s\n", __LINE__, gnutls_strerror(ret));
 		exit(1);
 	}
 
@@ -1102,6 +1124,41 @@ static void resp_import(void)
 	/* cleanup */
 
 	gnutls_ocsp_resp_deinit(resp);
+
+	/* import ocsp response 3*/
+
+	ret = gnutls_ocsp_resp_init(&resp);
+	if (ret != 0) {
+		fail("gnutls_ocsp_resp_init\n");
+		exit(1);
+	}
+
+	ret = gnutls_ocsp_resp_import(resp, &resp3);
+	if (ret != 0) {
+		fail("gnutls_ocsp_resp_import[%d]: %s\n", __LINE__, gnutls_strerror(ret));
+		exit(1);
+	}
+
+	/* print response */
+
+	ret = gnutls_ocsp_resp_print(resp, GNUTLS_OCSP_PRINT_FULL, &d);
+	if (ret != 0) {
+		fail("gnutls_ocsp_resp_print 3\n");
+		exit(1);
+	}
+
+	if (memcmp(RESP3INFO, d.data, strlen(RESP3INFO)) != 0) {
+		printf("expected (len %ld):\n%s\ngot (len %d):\n%.*s\n",
+		       strlen(RESP3INFO), RESP3INFO, (int) d.size - 1,
+		       (int) d.size, d.data);
+		fail("ocsp response 3 print failed\n");
+		exit(1);
+	}
+	gnutls_free(d.data);
+
+	/* cleanup */
+
+	gnutls_ocsp_resp_deinit(resp);
 }
 
 static void resp_verify(void)
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-09-04 10:05:30 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-09-04 10:05:30 +0200
commit	0183331d42adcfc885b6889346a1db60de442b02 (patch)
tree	b2ae06a9d08b3e8cfc350d58f95250b3ee7ab48a /tests/ocsp.c
parent	e24fcd89673af5c72dd2570aafbcabac1f35a753 (diff)
download	gnutls-0183331d42adcfc885b6889346a1db60de442b02.tar.gz