diff options
-rw-r--r-- | tests/cert-tests/Makefile.am | 2 | ||||
-rwxr-xr-x | tests/cert-tests/crq | 50 | ||||
-rw-r--r-- | tests/cert-tests/data/template-long-dns-crq.pem | 61 |
3 files changed, 112 insertions, 1 deletions
diff --git a/tests/cert-tests/Makefile.am b/tests/cert-tests/Makefile.am index e163f6a5d6..2578559402 100644 --- a/tests/cert-tests/Makefile.am +++ b/tests/cert-tests/Makefile.am @@ -65,7 +65,7 @@ EXTRA_DIST = data/ca-no-pathlen.pem data/no-ca-or-pathlen.pem data/aki-cert.pem data/openpgp-invalid1.pub data/openpgp-invalid2.pub data/openpgp-invalid3.pub \ data/x509-v1-with-sid.pem data/x509-v1-with-iid.pem data/x509-v3-with-fractional-time.pem \ data/openpgp-invalid5.pub data/openpgp-invalid6.pub templates/template-long-dns.tmpl \ - data/long-dns.pem + data/long-dns.pem data/template-long-dns-crq.pem dist_check_SCRIPTS = pathlen aki certtool invalid-sig email \ pkcs7 pkcs7-broken-sigs privkey-import name-constraints certtool-long-cn crl provable-privkey \ diff --git a/tests/cert-tests/crq b/tests/cert-tests/crq index 41973c9f83..68a445a72f 100755 --- a/tests/cert-tests/crq +++ b/tests/cert-tests/crq @@ -34,6 +34,7 @@ if ! test -z "${VALGRIND}"; then VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15" fi +TMPFILE=crq.$$.tmp OUTFILE=out.$$.tmp OUTFILE2=out2.$$.tmp @@ -85,4 +86,53 @@ fi rm -f "${OUTFILE}" "${OUTFILE2}" + +# Test interactive CRQ creation with very long input +cat >$TMPFILE <<__EOF__ +super-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-long.com + + + + + + + +super-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-long.com + + + + + + + + +N +Y +Y +N +N +N +N +N +N +__EOF__ + +setsid \ +datefudge -s "2007-04-22" \ + "${CERTTOOL}" -q \ + --load-privkey "${srcdir}/data/template-test.key" \ + --outfile "${OUTFILE}" <$TMPFILE 2>/dev/null + +${DIFF} "${srcdir}/data/template-long-dns-crq.pem" "${OUTFILE}" >/dev/null 2>&1 +rc=$? + +# We're done. +if test "${rc}" != "0"; then + echo "Certificate request generation with long DNS failed" + echo $OUTFILE + exit ${rc} +fi + +rm -f "${OUTFILE}" "${OUTFILE2}" "${TMPFILE}" + exit 0 diff --git a/tests/cert-tests/data/template-long-dns-crq.pem b/tests/cert-tests/data/template-long-dns-crq.pem new file mode 100644 index 0000000000..bef0c425f4 --- /dev/null +++ b/tests/cert-tests/data/template-long-dns-crq.pem @@ -0,0 +1,61 @@ +PKCS #10 Certificate Request Information: + Version: 1 + Subject: CN=super-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-long.com + Subject Public Key Algorithm: RSA + Algorithm Security Level: Low (1024 bits) + Modulus (bits 1024): + 00:a5:c6:ce:75:43:84:bf:64:9e:02:27:13:f1:03:59 + f7:79:2d:92:ed:7c:2f:50:a4:03:f1:2d:79:b9:86:8b + 05:7e:3a:bb:44:aa:af:84:cf:13:98:1e:1c:4a:38:f7 + 33:2d:7a:9f:72:d4:6b:6d:26:b0:31:37:70:10:fb:42 + e9:d8:9d:18:65:7e:19:49:fc:05:96:04:68:83:1e:77 + 86:bf:ed:f5:e5:12:3b:13:fe:33:18:9c:1a:7a:1d:69 + af:47:02:60:7a:1f:b9:e8:cf:db:c8:34:30:51:96:3d + 8c:96:5c:00:bc:61:de:08:0f:b1:36:21:7f:a9:00:e3 + 05 + Exponent (bits 24): + 01:00:01 + Signature Algorithm: RSA-SHA256 + Attributes: + Extensions: + Subject Alternative Name (not critical): + DNSname: super-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-very-long.com + Basic Constraints (critical): + Certificate Authority (CA): FALSE + Key Purpose (critical): + Time stamping. + Ipsec IKE. + Key Usage (critical): + Digital signature. + Key encipherment. +Other Information: + Public Key ID: + sha1:5d40adf0ce9440958b7e99941d925422ca72365f + sha256:472f7ef457b70a57a585094b285fdaef7ad72553495701ecd4f2a6dcb477b50e + Public Key PIN: + pin-sha256:Ry9+9Fe3ClelhQlLKF/a73rXJVNJVwHs1PKm3LR3tQ4= + +Self signature: verified + +-----BEGIN NEW CERTIFICATE REQUEST----- +MIIDmDCCAwECAQAwgf0xgfowgfcGA1UEAxOB73N1cGVyLXZlcnktdmVyeS12ZXJ5 +LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZl +cnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnkt +dmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVy +eS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12 +ZXJ5LXZlcnktdmVyeS12ZXJ5LWxvbmcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN +ADCBiQKBgQClxs51Q4S/ZJ4CJxPxA1n3eS2S7XwvUKQD8S15uYaLBX46u0Sqr4TP +E5geHEo49zMtep9y1GttJrAxN3AQ+0Lp2J0YZX4ZSfwFlgRogx53hr/t9eUSOxP+ +MxicGnodaa9HAmB6H7noz9vINDBRlj2MllwAvGHeCA+xNiF/qQDjBQIDAQABoIIB +WDCCAVQGCSqGSIb3DQEJDjGCAUUwggFBMIH9BgNVHREEgfUwgfKCge9zdXBlci12 +ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5 +LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZl +cnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnkt +dmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVy +eS12ZXJ5LXZlcnktdmVyeS12ZXJ5LXZlcnktdmVyeS1sb25nLmNvbTAMBgNVHRMB +Af8EAjAAMCAGA1UdJQEB/wQWMBQGCCsGAQUFBwMIBggrBgEFBQcDETAPBgNVHQ8B +Af8EBQMDB6AAMA0GCSqGSIb3DQEBCwUAA4GBAAvOg5LbxJz4p0WZIRSqUJt73TO6 +9uJwZrvhknWoOcAAKQC77eQ/oKqXuma1OX9TDzgUrBw7IIGcsR8Gi47ix9rAkhuR +orrwaKg3zc0NnO105jy37AX28m+9yF3rXBsfkKepzU7KQU9Nco4Y6WGYoJb/Vbzt +G+/JZg2ixgPsm/1b +-----END NEW CERTIFICATE REQUEST----- |