From c539c9b293acf1cb47666a8682383e3befa034cf Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 23 Nov 2016 08:44:59 +0100 Subject: tests: updated crt_apis to include setting UTF-8 SAN --- tests/crt_apis.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 54 insertions(+), 1 deletion(-) diff --git a/tests/crt_apis.c b/tests/crt_apis.c index c31d593cfb..8b8ebbea9b 100644 --- a/tests/crt_apis.c +++ b/tests/crt_apis.c @@ -31,16 +31,46 @@ #include #include #include +#include #include "utils.h" #include "cert-common.h" +static unsigned char saved_crt_pem[] = + "-----BEGIN CERTIFICATE-----\n" + "MIICSzCCAbSgAwIBAgIDChEAMA0GCSqGSIb3DQEBCwUAMCsxDjAMBgNVBAMTBW5p\n" + "a29zMRkwFwYDVQQKExBub25lIHRvLCBtZW50aW9uMCAXDTA4MDMzMTIyMDAwMFoY\n" + "Dzk5OTkxMjMxMjM1OTU5WjArMQ4wDAYDVQQDEwVuaWtvczEZMBcGA1UEChMQbm9u\n" + "ZSB0bywgbWVudGlvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu2ZD9fLF\n" + "17aMzMXf9Yg7sclLag6hrSBQQAiAoU9co9D4bM/mPPfsBHYTF4tkiSJbwN1TfDvt\n" + "fAS7gLkovo6bxo6gpRLL9Vceoue7tzNJn+O7Sq5qTWj/yRHiMo3OPYALjXXv2ACB\n" + "jygEA6AijWEEB/q2N30hB0nSCWFpmJCjWKkCAwEAAaN7MHkwDAYDVR0TAQH/BAIw\n" + "ADAPBgNVHQ8BAf8EBQMDB4AAMDYGA1UdEQQvMC2CA2FwYYIReG4tLW14YWE0YXM2\n" + "ZC5jb22BE3Rlc3RAeG4tLWt4YXdoay5vcmcwIAYDVR0lAQH/BBYwFAYIKwYBBQUH\n" + "AwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4GBACul+Ucf1gADG6diSZA7hOPG\n" + "4g1hngzNWP1uObfICizlo791+KGrbIh9aIntcE1GYWHUP25SUKDaQD9n5f92Jm7U\n" + "EVAMxrp6c9b5GAH9818KL6aYuvgWlAeofW5t3sFrdzeEIVXrQsZWiSKtiC89JFG9\n" + "a7c3rdNqKrfzkop8NIgc\n" + "-----END CERTIFICATE-----\n"; + +const gnutls_datum_t saved_crt = { saved_crt_pem, sizeof(saved_crt_pem)-1 }; + static void tls_log_func(int level, const char *str) { fprintf(stderr, "|<%d>| %s", level, str); } +static time_t mytime(time_t * t) +{ + time_t then = 1207000800; + + if (t) + *t = then; + + return then; +} + void doit(void) { gnutls_x509_privkey_t pkey; @@ -55,6 +85,7 @@ void doit(void) if (ret < 0) fail("global_init\n"); + gnutls_global_set_time_function(mytime); gnutls_global_set_log_function(tls_log_func); if (debug) gnutls_global_set_log_level(4711); @@ -93,7 +124,7 @@ void doit(void) if (ret != 0) fail("error\n"); - ret = gnutls_x509_crt_set_activation_time(crt, time(0)); + ret = gnutls_x509_crt_set_activation_time(crt, mytime(0)); if (ret != 0) fail("error\n"); @@ -126,6 +157,12 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); + ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_RFC822NAME, + "ινβάλιντ@bar.org", strlen("ινβάλιντ@bar.org"), 1); + if (ret != GNUTLS_E_INVALID_UTF8_EMAIL) + fail("gnutls_x509_crt_set_subject_alt_name\n"); + + ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_IPADDRESS, "\xc1\x5c\x96\x3", 4, 1); if (ret != 0) @@ -141,6 +178,16 @@ void doit(void) if (ret != 0) fail("gnutls_x509_crt_set_subject_alt_name\n"); + ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_DNSNAME, + "απαλό.com", strlen("απαλό.com"), 1); + if (ret != 0) + fail("gnutls_x509_crt_set_subject_alt_name\n"); + + ret = gnutls_x509_crt_set_subject_alt_name(crt, GNUTLS_SAN_RFC822NAME, + "test@νίκο.org", strlen("test@νίκο.org"), 1); + if (ret != 0) + fail("gnutls_x509_crt_set_subject_alt_name\n"); + s = 0; ret = gnutls_x509_crt_get_key_purpose_oid(crt, 0, NULL, &s, NULL); if (ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) @@ -226,6 +273,12 @@ void doit(void) if (ret != 0) { fail("equality test failed\n"); } + assert(gnutls_x509_crt_export2(crt, GNUTLS_X509_FMT_PEM, &out) >= 0); + + assert(out.size == saved_crt.size); + assert(memcmp(out.data, saved_crt.data, out.size)==0); + + gnutls_free(out.data); gnutls_x509_crt_deinit(crt); gnutls_x509_crt_deinit(crt2); -- cgit v1.2.1